From Brandon's Tinkerings
Jump to: navigation, search


PXE (Preboot Execution Environment) Booting, or just Network booting in general is very interesting, at least to me, and a few others. As I believe it was Marty Connor in this awesome video "gPXE: Modern FOSS Network Booting" said that some people get really excited over booting machines over networks (including the Internet!) while others... not so much.

Well, I'm one of those people who gets really excited over the idea of booting machines over a network, and I can't really put my finger on why, it's just awesome to me.

So, I wanted to document the netboot setups that I use at my home, and my work. This entry consists of my home network. My work one, I'll put in another entry (as it's significantly different in it's programming, but does the same functions), and link here.

Now, network booting isn't for everyone, and it doesn't fit every situation, so your mileage will vary greatly.

My home network consists of iPXE, PHP scripting, and separate utilities. All of this is detailed below... so lets begin!

What does this page assume?

  • You have a working network
  • You control your DHCP Server
  • You have control of your DNS server
  • You have a working webserver
  • Basic understanding of PHP
  • Have a basic understand of whats involved with PXE Booting, even if it's skimming over the Wikipedia page
  • Have a machine that is capable of picking the network card to boot from, via PXE (On most Dell systems, you need to go into the BIOS, Integrated Peripherals, and mark the NIC as "On W/ PXE", not just "On", or "On W/ ImageServer"

My Environment

  • Linux, Distro: Gentoo (~AMD64 "Unstable")
  • Apache 2.4.3
  • PHP 5.4.7
  • tftp-hpa 5.2
  • iPXE (current GIT master)
  • Misc Utilities like Drive Fitness Test, SeaTools, Memtest, etc.

The Basic Process

-- My Setup

  1. Computer powers on, and selects the NIC to boot from, either via interaction, or it being the first device
  2. The native PXE Stack (iPXE (flashed onto the ROM/BIOS), Intel, Broadom, Realtek, etc) brings up the network card, does a DHCP Request, while also requesting, at least, options 66 and 67
  3. DHCP Server responds with an IP, and the two options
  4. The PXE Stack then tried to contact the server provided in option 66, to retrieve the file specified in option 67, which in this case is iPXE (for non-iPXE clients), over TFTP
  5. iPXE then unloads the native PXE stack (to a degree), and takes over, issuing it's own DHCP Request, again requesting, among other options, 66 and 67
  6. The DHCP Server responds with (typically) the same IP address, but now detects that the client is iPXE, and passes a different option 67.
  7. iPXE then boots to the URL passed in option 67 this time (via HTTP), and that script then directs it what to do.



  • This information can be placed globally, specific subnets, or individual filename/next-server can be placed on host definitions
  • Relevant sections of my ISC DHCP config:
  1. if exists user-class {
  2.     if option user-class = "iPXE" {
  3.         filename "";
  4.     }
  5. } else {
  6.         filename "ipxe.pxe";
  7. }
  8. next-server;
  • This if statement breaks the "infinite loop"
  • The filename listed on line 3 is for when iPXE does the DHCP request
  • The filename listed on line 6 is for when a non-iPXE client does a DHCP request, to get it to use iPXE
  • The next-server on line 8 is the TFTP server that the non-iPXE clients will grab the above file from
  • You can also use some iPXE specific DHCP options to gain more control over iPXE


  • This file is built from the iPXE source, running "make bin/ipxe.pxe", then copying the bin/ipxe.pxe file to your TFTP server's root directory
  • More information on the extensions can be found here on the Etherboot website
  • As stated in the website linked above, pxe unloads the stack, which then means ipxe relies on it's own drivers for the network card. If you to keep the driver loaded, you may want to consider using .kpxe or .kkpxe


  • This is placed in /etc/apache2/vhosts.d, to configure the vhost
  • This configures your virtual host ( from above), to point to where you want to store your files. I choose to keep mine in the TFTP root, under the "netboot" folder, so everything related to the netboot is contained in that folder.
  1. <VirtualHost>
  2.         ServerName
  3.         DocumentRoot    "/tftp/netboot/"
  4.         <Directory "/tftp/netboot">
  5.             Options Indexes FollowSymLinks
  6.             AllowOverride All
  7.             Require all granted
  8.         </Directory>
  9. </VirtualHost>


  • This is the file that the iPXE client first grabs to see what it needs to do
  1. <?php 
  2.         echo "#!ipxe\n";
  3.         echo "chain http://".$_SERVER['SERVER_NAME']."/boot.php?MAC=\${netX/mac}";
  4. ?>
  • So this is an extremely simple file, as you can tell. It's purpose is to pass the MAC address of the booting network card off to the boot.php script. So this references the same server name (pulls it in from the PHP variables), and then uses the ${netX/mac} iPXE variable to pull the MAC of the active network card, via GET (Variables in the URL).


  • This is the big guy, so I'm going to do some inline comments to explain it
  1. <?php
  2. 	// First, check the MAC, if not present, exit; no use continuing as we can assume the netboot isn't correct
  3.  	if (isset($_GET['MAC'])) {
  4. 		$mac = $_GET['MAC'];
  5. 	} else {
  6. 		exit();
  7. 	}
  9. 	header ( "Content-type: text/plain" );
  11. 	// Figure out which protocol we're using
  12. 	if (isset($_SERVER['HTTPS'])) {
  13. 		$serverproto = "https://";
  14. 	} else {
  15. 		$serverproto = "http://";
  16. 	}
  18. 	// If we're running a non-standard port, include it. Otherwise, assume defaults.
  19. 	if ( ($_SERVER['SERVER_PORT'] != "80") && ($_SERVER['SERVER_PORT'] != "443")) {
  20. 		$servername = "$_SERVER[SERVER_NAME]:$_SERVER[SERVER_PORT]";
  21. 	} else {
  22. 		$servername = $_SERVER['SERVER_NAME'];
  23.  	}


  • The above has some inline comments that should explain most of it. In my case, if there is no MAC, just quit, as it didn't run through preboot.php first, therefore is not correct
  • The rest of it is used to make the script portable. This allows you to use http/https, and also run on non-standard ports, and it can change at runtime. Perfect example of this is internal versus external booting, in reference to say your home network


  1. switch ($mac) {
  2. 		case "00:0c:29:xx:xx:xx":
  3. 		case "00:e0:b8:xx:xx:xx":
  4. 			// Testing VM
  5. 			ipxemenu();
  6. 			break;
  7. 		case "bc:ae:c5:xx:xx:xx":
  8. 			echo "#!ipxe\n";
  9. 			// Atom - Living Room Frontend
  10. 			echo "kernel $serverproto$servername/bzImage-Atom ip=dhcp root=/dev/nfs nfsroot=,nfsvers=3,tcp,hard,intr,nolock vga=0x317 quiet\n"; 
  11. 			// splash=silent,theme:MythTV quiet console=tty1\n";
  12. 			// echo "initrd $serverproto$servername/fe1-initrd.img\n";
  13. 			break;
  14. 		case "00:10:18:xx:xx:xx":
  15. 			echo "#!ipxe\n";
  16. 			// Athlon 64 HDFE - Bedroom Frontend
  17. 			echo "kernel $serverproto$servername/bzImage-A64 ip=dhcp root=/dev/nfs nfsroot=,nfsvers=3,tcp,hard,intr,nolock vga=0x317\n";
  18. 			//splash=silent,theme:MythTV quiet console=tty1\n";
  19. 			//echo "initrd $serverproto$servername/fe1-initrd.img\n";
  20. 			break;
  21. 		default:
  22. 			ipxemenu();
  23. 			break;
  24. 	}


  • This is where the fun begins!
  • First, it searches to see if there are special per-MAC instructions to do. In the above example, the first two MACs run the ipxemenu() function, that I was using for testing, from when I was switching away from a vesamenu
  • The next two are two different MythTV Frontends I have in our apartment. These netboot to a NFSRoot, so you can see how to have iPXE directly load Linux over HTTP
  • Then if all else fails (usual), run the ipxemenu() function to present the iPXE menu. (Here I use to have stuff to chain to pxelinux.0, and load a vesamenu up, but I recently switched to iPXE's menu. For pxelinux integration, see my work menu)


  1. function ipxemenu() {
  2. 		echo "#!ipxe\n";
  3. 		echo ":menustart\n";
  4. 		echo "menu iPXE Boot Menu\n";
  5. 		echo "item --gap --	Diagnostics\n";
  6. 		echo "item memtest	Memtest86+\n";
  7. 		echo "item dft		Drive Fitness Test\n";
  8. 		echo "item spinrite	Spinrite\n";
  9. 		echo "item hdt		Hardware Detection Tool\n";
  10. 		echo "item b57		b57 Diags\n";
  11. 		echo "item qwipe	Quick Wipe\n";
  12. 		echo "item --gap --	Internet Boots\n";
  13. 		echo "item ipxedemo	iPXE Demo Boot\n";
  14. 		echo "item ritboot clone of\n";
  15. 		echo "item --gap --	Live Systems\n";
  16. 		echo "item gparted	GParted\n";
  17. 		echo "item smartos	SmartOS\n";
  18. 		echo "item --gap --	WinPE\n";
  19. 		echo "item peboot	Windows PEBoot via SANBoot\n";
  20. 		echo "item wimboot	Windows PEBoot via WIMBoot\n";
  21. 		echo "item --gap --	Installers\n";
  22. 		echo "item esxi5	ESXi 5.1 Installer\n";
  23. 		echo "item esxi5sl	ESXi 5.0 Installer via PXELinux\n";
  24. 		echo "item freedos	FreeDOS 1.1\n";
  25. 		echo "item vesamenu	Vesamenu\n";
  26. 		echo "item win7pro64	Windows 7 Professional AMD64 Install\n";
  27. 		echo "item --gap -- 	Other PXE Systems\n";
  28. 		echo "item wds		Windows Deployment Services\n";
  29. 		echo "item shell 	iPXE Shell\n";
  30. 		echo "item sanhook	Sanhook test on FreeNAS\n";
  31. 		echo "choose os && goto \${os}\n";
  32. 		echo ":shell\n";
  33. 		echo "shell\n";
  34. 		win7pro64();
  35. 		esxi5sl();
  36. 		sanhook();
  37. 		qwipe();
  38. 		b57();
  39. 		freedos();
  40. 		smartos();
  41. 		gparted();
  42. 		wds();
  43. 		hdt();
  44. 		memtest();
  45. 		ipxedemo();
  46. 		ritboot();
  47. 		dft();
  48. 		spinrite();
  49. 		sanbootpe();
  50. 		wimbootpe();
  51. 		vesamenu();
  52. 		esxi5();
  53. 		echo ":end\n";
  54. 	}


  • This is the function that creates the main iPXE menu
  • You can check the full syntax from the link above, but it's fairly simple
  • This creates the menu that is seen when the client is booted. It looks something like this:

Ipxemenu1.png Ipxemenu2.png

  • Once the menu is created, it calls the different functions to include the goto markers, otherwise the menu will fail is that option is selected. I choose to do it this way, with the intention of eventually adding options where the menu can be dynamic depending on the machine
  • I also added a :end goto marker, at the end, as I found pxelinux needed this to boot, otherwise it continued on through this menu (i.e. booting the option that was placed after it)
  • Most of the below, you can find really good documentation on the iPXE website. However, I will note anything special as needed


  1. 	function win7pro64() {
  2. 		global $servername,$serverproto;
  3. 		echo ":win7pro64\n";
  4. 		echo "kernel $serverproto$servername/wimboot\n";
  5. 		echo "initrd $serverproto$servername/win7instadk/bootmgr bootmgr\n";
  6. 		echo "initrd $serverproto$servername/win7instadk/Fonts/segmono_boot.ttf segmono_boot.ttf\n";
  7. 		echo "initrd $serverproto$servername/win7instadk/Fonts/segoe_slboot.ttf segoe_slboot.ttf\n";
  8. 		echo "initrd $serverproto$servername/win7instadk/Fonts/wgl4_boot.ttf wgl4_boot.ttf\n";
  9. 		echo "initrd $serverproto$servername/win7instadk/Fonts/kor_boot.ttf kor_boot.ttf\n";
  10. 		echo "initrd $serverproto$servername/win7instadk/Fonts/wgl4_boot.ttf wgl4_boot.ttf\n";
  11. 		echo "initrd $serverproto$servername/win7instadk/BCD BCD\n";
  12. 		echo "initrd $serverproto$servername/win7instadk/boot.sdi boot.sdi\n";
  13. 		echo "initrd $serverproto$servername/win7instadk/boot.wim boot.wim\n";
  14. 		echo "boot\n";	
  15. 	}


  • This uses wimboot to boot the WIM file for Windows PE Environments. This particular one was created with the Windows ADK (WinPE 4.0), and has a script to mount a SMB Share that contains the Windows 7 installer. This will be detailed in another entry, and linked here at that time


  1. 	function sanhook() {
  2. 		echo ":sanhook\n";
  3. 		echo "sanhook\n";
  4. 		echo "sleep 5\n";
  5. 		echo "goto menustart\n";
  6. 	}
  7. 	function esxi5sl() {
  8. 		global $servername,$serverproto;
  9. 		echo ":esxi5sl\n";
  10. 		echo "set 210:string $serverproto$servername/esxi5/\n";
  11. 		echo "set 209:string isolinux.cfg\n";
  12. 		echo "chain $serverproto$servername/pxelinux.0\n";
  13. 		echo "goto end\n";
  14. 	}


  • This boots the ESXi installer via Syslinux (pxelinux/mboot). I found this way currently works.
  • This will be documented as other files, below.


  1. 	function qwipe() {
  2. 		global $servername,$serverproto;
  3. 		echo ":qwipe\n";
  4. 		echo "sanboot --drive 0x00 --no-describe $serverproto$servername/wipe2.img\n";
  5. 		echo "goto menustart\n";
  6. 	}
  7. 	function b57() {
  8. 		global $servername,$serverproto;
  9. 		echo ":b57\n";
  10. 		echo "sanboot --drive 0xa0 --no-describe $serverproto$servername/B57udiag-15.23.iso\n";
  11. 		echo "goto menustart\n";
  12. 	}
  13. 	function freedos() {
  14. 		global $servername,$serverproto;
  15. 		echo ":freedos\n";
  16. 		echo "sanboot --drive 0xa0 --no-describe $serverproto$servername/fd11src.iso\n";
  17. 		echo "goto menustart\n";
  18. 	}
  19. 	function smartos() {
  20. 		echo ":smartos\n";
  21. 		echo "kernel smartos/platform/i86pc/kernel/amd64/unix -B console=text,standalone=true,noimport=true,root_shadow='\$5\$2HOHRnK3\$NvLlm.1KQBbB0WjoP7xcIwGnllhzp2HnT.mDO7DpxYA'\n";
  22. 		echo "module smartos/platform/i86pc/amd64/boot_archive\n";
  23. 		echo "boot\n";
  24. 		echo "sleep 10\n";
  25. 	}
  26. 	function wds() {
  27. 		echo ":wds\n";
  28. 		echo "set wdsserver:ipv4\n";
  29. 		echo "set net0/next-server \${wdsserver}\n";
  30. 		echo "chain tftp://\${wdsserver}/\n";
  31. 		echo "sleep 10\n";
  32. 		echo "goto  menustart\n";
  33. 	}


  • This one a lot of people may be interested in. This will chain to a Windows Deployment Services.
  • Things to note here, the looks at the next-server in the dhcp packets for where to talk to, well, this may not actually be your windows server, it is not in my case. This sets the next-server to the WDS Server, then chains to it, so that it boots properly.
  • Also note the hex in the tftp URL. This is needed, as it's a Windows TFTP Server, so it's actually in the path of boot\x86\
  • TODO? Use iPXE arch detection to boot 64bit?


  1. 	function gparted() {
  2. 		global $servername,$serverproto;
  3. 		echo ":gparted\n";
  4. 		echo "kernel $serverproto$servername/gparted/live/vmlinuz boot=live config union=aufs noswap noprompt fetch=$serverproto$servername/gparted/live/filesystem.squashfs\n"; 
  5. 		echo "initrd $serverproto$servername/gparted/live/initrd.img\n";
  6. 		echo "boot\n";
  7. 		echo "sleep 10\n";
  8. 		echo "goto menustart\n";
  9. 	}
  10. 	function hdt() {
  11. 		global $servername,$serverproto;
  12. 		echo ":hdt\n";
  13. 		echo "sanboot --no-describe --drive 0x00 $serverproto$servername/hdt-0.5.0.img\n";
  14. 		echo "goto menustart\n";
  15. 	}
  16. 	function spinrite() {
  17. 		global $servername,$serverproto;
  18. 		echo ":spinrite\n";
  19. 		echo "sanboot --drive 0xa1 --no-describe $serverproto$servername/spinrite.iso\n";
  20. 		echo "goto menustart\n";
  21. 	}
  22. 	function ipxedemo() {
  23. 		echo ":ipxedemo\n";
  24. 		echo "chain\n";
  25. 	}
  26. 	function ritboot() {
  27. 		echo ":ritboot\n";
  28. 		echo "set 209:string pxelinux.cfg/default\n";
  29. 		echo "set 210:string\n";
  30. 		echo "chain\n";
  31. 		echo "goto :menustart\n";
  32. 	}
  33. 	function dft() {
  34. 		global $servername,$serverproto;
  35. 		echo ":dft\n";
  36. 		echo "sanboot --drive 0x00 $serverproto$servername/dft32_v416_b00_install.IMG\n";
  37. 	}
  39. 	function memtest() {
  40. 		global $servername,$serverproto;
  41. 		echo ":memtest\n";
  42. 		echo "chain $serverproto$servername/memtest.0\n";
  43. 	}



  1. 	function sanbootpe() {
  2. 		global $servername,$serverproto;
  3. 		echo ":peboot\n";
  4. 		echo "set keep-san 1\n";
  5. 		echo "sanboot  --drive 0x81 $serverproto$servername/PEBoot-07_08_11.iso\n";
  6. 	}
  7. 	function wimbootpe() {
  8. 		global $servername,$serverproto;
  9. 		echo ":wimboot\n";
  10. 		echo "kernel $serverproto$servername/wimboot\n";
  11. 		echo "initrd $serverproto$servername/winpe/Boot/bootmgr.exe bootmgr.exe\n";
  12. 		echo "initrd $serverproto$servername/winpe/Boot/BCD BCD\n";
  13. 		echo "initrd $serverproto$servername/winpe/Boot/boot.sdi boot.sdi\n";
  14. 		echo "initrd $serverproto$servername/winpe/Boot/boot.wim boot.wim\n";
  15. 		echo "boot\n";	
  16. 	}


  • wimboot is a much better way of booting WinPE via iPXE. It's extremely quick, and saves memory!


  1. 	function vesamenu() {
  2. 		global $servername,$serverproto;
  3. 		echo ":vesamenu\n";
  4. 		echo "set 210:string $serverproto$servername/\n";
  5. 		echo "set 209:string mainmenu.gpxe\n";
  6. 		echo "chain \${210:string}pxelinux.0\n";
  7. 	}
  8. 	function esxi5() {
  9. 		global $servername,$serverproto;
  10. 		echo ":esxi5\n";
  11. 		echo "chain $serverproto$servername/esxi51/esxi51.ipxe\n";
  12. 		echo "goto end\n";
  13. 	}
  14. ?>


  • Chains to an ipxe config in the esxi51 directory, to load the ESXi installer.



  • I made a quick and simple file that loads the installer immediately, instead of hitting the default boot menu
  • In addition to the above, you also need to make some other modifications (that link also contains the other part of the instructions to get it all setup -- basic instructions to get the installer to PXE boot)
  1. DEFAULT install
  2. LABEL install
  3.   KERNEL mboot.c32
  4.   APPEND -c boot.cfg


  1. #!ipxe
  2. imgfree
  3. kernel tboot runweasel
  4. module b.b00
  5. module k.b00
  6. module chardevs
  7. module a.b00
  8. module user.b00
  9. module s.v00
  10. module ata_pata.v00
  11. module ata_pata.v01
  12. module ata_pata.v02
  13. module ata_pata.v03
  14. module ata_pata.v04
  15. module ata_pata.v05
  16. module ata_pata.v06
  17. module ata_pata.v07
  18. module block_cc.v00
  19. module ehci_ehc.v00
  20. module weaselin.t00
  21. module esx_dvfi.v00
  22. module xlibs.v00
  23. module ima_qla4.v00
  24. module ipmi_ipm.v00
  25. module ipmi_ipm.v01
  26. module ipmi_ipm.v02
  27. module misc_cni.v00
  28. module misc_dri.v00
  29. module net_be2n.v00
  30. module net_bnx2.v00
  31. module net_bnx2.v01
  32. module net_cnic.v00
  33. module net_e100.v00
  34. module net_e100.v01
  35. module net_enic.v00
  36. module net_forc.v00
  37. module net_igb.v00
  38. module net_ixgb.v00
  39. module net_nx_n.v00
  40. module net_r816.v00
  41. module net_r816.v01
  42. module net_s2io.v00
  43. module net_sky2.v00
  44. module net_tg3.v00
  45. module net_vmxn.v00
  46. module ohci_usb.v00
  47. module sata_ahc.v00
  48. module sata_ata.v00
  49. module sata_sat.v00
  50. module sata_sat.v01
  51. module sata_sat.v02
  52. module sata_sat.v03
  53. module sata_sat.v04
  54. module scsi_aac.v00
  55. module scsi_adp.v00
  56. module scsi_aic.v00 
  57. module scsi_bnx.v00
  58. module scsi_fni.v00
  59. module scsi_hps.v00
  60. module scsi_ips.v00
  61. module scsi_lpf.v00
  62. module scsi_meg.v00
  63. module scsi_meg.v01
  64. module scsi_meg.v02
  65. module scsi_mpt.v00
  66. module scsi_mpt.v01
  67. module scsi_mpt.v02
  68. module scsi_qla.v00
  69. module scsi_qla.v01
  70. module scsi_rst.v00
  71. module uhci_usb.v00
  72. module tools.t00
  73. module xorg.v00
  74. module imgdb.tgz
  75. module imgpayld.tgz
  76. boot

Resources Used


These files may end up on my github at some point. If/when they do, I'll note it here.

iPXE is EXTREMELY powerful, especially with the embedded scripting. There is so much that can be done, it's hard to go into details, just because what you can do is so vast! A perfect example of this is Robin's iPXE menu linked to above. He does some awesome stuff!

I'm always looking to expand the netboot. Be adding diag utils, playing around with new options, or just plain tweaking it. In the above boot.php, a few of the things I want to tweak, is instead of referencing the name all the time, have it pull the PHP server variable. This way if you have a different hostname internal/external, as long as you set it once (say in a script, or via DHCP), it will always reference that server.

One thing to note with iPXE, is you can also embed the scripts into it. In my work netboot (coming soon!), I embed pxelinux.0 and a small script. This will be explained more in that post, but one thing to note, is you can embed a script that does DHCP, then chains to your server at home. As long as you have external access to that box, and flash the resulting iPXE to a USB drive, or CD, you can boot any machine anywhere in the world.

For contacting myself (for complaints/improvements/suggestions), or others who use iPXE, there is the IRC channel,, #ipxe. I'm pretty much always in there as Sedorox. The developers also hang out there, and other users too, who do all sorts of fun network booting things. Come visit!

Hopefully this helps someone better understand iPXE and netbooting, or at the very least, serves as an example on what you can do.