In IPv6 the boot path is always given as a URL in DHCPv6 option 59 So we need to run a DHCPv6 service for this
dhcpd6.conf:
option dhcp6.bootfile-url code 59 = string;
option dhcp6.client-arch-type code 61 = array of unsigned integer 16;
# match arch to send correct booturl https://ipxe.org/cfg/platform#notes
if exists dhcp6.client-arch-type and
option dhcp6.client-arch-type = 00:07 {
option dhcp6.bootfile-url "tftp://[2001:db8::69]/snponly.efi";
}
subnet6 2001:db8::/64 {
range6 2001:db8::ff00/120;
}
Unfortunatly UEFI does not recognize the options without also getting a rang(?)
Debug DHCP server: dhcpd -6 -d -f brInt -cf /etc/dhcp/dhcpd6.conf
Run the server and try booting but also check whats on the wire with: tcpdump -vni brInt port 547
tcpdump isn't verry good at expanding this data and only show that options exist, but not contents: (opt_59)
Let's grab the actuall contents as well to verify what is sent: tcpdump -vni brInt -A port 547
No boot here, lets also grab TFTP transfers: tcpdump -vni brInt -A port 547 or port 69
There are requests, but not transfers...
Lets check that we have a tftp server running (this actually took a good while to figure out)
ss -lnu
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 0.0.0.0:69 0.0.0.0:*We do, at port 69, but only on IPv4, that explains it,
After some resarch, it turns out that atftp dont have any IPv6 support, lets switch to a different server.
/etc/init.d/atftp stop; emerge -c atftp; emerge -vk tftp-hpa
Modify /etc/conf.d/in.tftpd to set INTFTPD_PATH and add --secure
Also update service start and start the service
rc-update del atftp
rc-update add in.tftpd
/etc/init.d/in.tftpd startOk thats better
ss -lnu
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 0.0.0.0:69 0.0.0.0:*
UNCONN 0 0 *:69 *:*/etc/radvd.conf does require:
interface brInt
{
AdvOtherConfigFlag on;
};
Some takebacks from this:
tcpdumpdon't know much about DHCPv6- Use
-Ato check packet contents whentcpdumpfails decoding - Verify that services are actually listening on IPv6
There is a few things we can do to clean this up, and also improvements in conditional logic.
option dhcp6.user-class code 15 = string;
option dhcp6.bootfile-url code 59 = string;
option dhcp6.client-arch-type code 61 = array of unsigned integer 16;
option dhcp6.name-servers 2001:db8::53, 2001:db8::54;
# Requires AdvOtherConfigFlag on; in radvd
class "arch07" {
match if exists dhcp6.client-arch-type and option dhcp6.client-arch-type = 00:07;
log(info, concat("Arch ", option dhcp6.client-arch-type));
}
class "ipxe" {
match if exists dhcp6.user-class and substring(option dhcp6.user-class, 2, 4) = "iPXE";
log(info, concat("user-class ", option dhcp6.user-class));
}
if exists dhcp6.user-class and
substring(option dhcp6.user-class, 2, 4) = "iPXE" {
option dhcp6.bootfile-url "http://pxe.caspeco.se/embed.ipxe";
}
# match arch to send correct booturl https://ipxe.org/cfg/platform#notes
else if exists dhcp6.client-arch-type and
option dhcp6.client-arch-type = 00:07 {
option dhcp6.bootfile-url "tftp://[2001:db8::69]/snponly.efi";
}
subnet6 2001:db8::/64 {
range6 2001:db8::ff00/120;
allow members of "arch07";
}
Instead of using user-class feature flags should be used instead.
Unfortunately autoexec.ipxe does not seem to work with this setup