PXE Server With TFTP

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

today I'm going to talk about Network booting a computer okay and that's what I'm doing with this one here there's no hard drive or USB stick nor anything on this computer it's just booting off the network so while that's booting up I'll just go through what I'm going to talk about mainly what I'm going to look at is packet captures of course because that's where you see everything that's going on since it's a network boot it makes sense to have a look at the network so as that's burning up it's just grabbing its images from the server which it's finished now and now it's just continuing its boot up with those images so I'm going to use this as a demo and I've got the laptop here to do packet captures so we'll dive into this now ok I've just turned the computer on and at the moment it has nothing set up it's got no hard drive inside it has no USB drive with an operating system on and the networks not ready to serve an operating system so you may have seen this before if you've tried to boot a computer without the hard drive in it may have resorted to looking on the network for one now this is failed because as you can see it's just looking for a TFTP server to try and get some files so did its DHCP got an IP address but it's pretty much stuck now so it's going to time out from this TFTP and just get stuck in a loop basically okay there's the timeout and we're back to square one so it can't find an operating system so that's where we are ok so what do we know so far well we know we've got an IP address from a DHCP server and we know it tried to get an operating system from a TFTP server and we know it failed ok so logically thinking you might say ok well why don't we set up a TFTP option in the DHCP server now I know there's a TFTP option option 66 where you can set up a TFTP server but first of all I'm going to actually pack a capture that process there and have a look what happens just there I mean that's what we saw on the screen but I want to see what happened on the network all right so here we go again I've got Wireshark running doing it after here and you can see right there it's doing its DHCP as its reporting now here for the TFTP where you can see in the capture is every one of those dots is an attempt for it to grab a file which it's failing but can also see the IP address that it's going for now it's looking for the operating system from TFTP on server 1 & 2 1 6 8 1.25 for now there's no TFTP server there that's just what the gateway happened to be so that seems to be what is trying but it's going to fail ok a few guys and that's it okay so that's what happened on the network now here's the DHCP discovered the first packet that came out of this computer when I turned it on now what it was doing was looking for a DHCP server that's why it broadcasted out there and it gave gave some information out and one of them is this globally unique identifier okay so it gave out this number here which we'll come back to in a minute but one of the other things these these options here the DHCP options one of them is the request now it wants a whole lot of things okay it wants the broadcast address it wants yeah domain name server all the normal stuff you'd want but it also asks some extra things one of them being the TFTP server name now that might lead you to think that as soon as we put a server name in there we'll be right if you look at the response that came from the DHCP server we didn't we didn't give it any TFTP server I did give it a file name though so if we go back here you'll see that it requested a boot file name okay it wants option 67 which is boot file name the server has that it gave an option 67 and said oh yeah here you go there's the boot file name pick C Linux dot zero okay but we're still struggling with this TFTP because there's no TFTP there even though the client wanted it so if I have a look on the DHCP server which is pfsense you can see that the DHCP you have all these options and you can add a specific option you can see I've added option 67 which is text which was the filename okay that's why it received that filename when it asked for it but I don't have options 66 for TFTP so I could add that or it's got a little shortcut here because it's a commonly used one so if I put in the actual TFTP server value there and save that we might be okay but are we okay so now I'll try that again I'm doing a packet capture again to have a have another look of course so here we go same as before DHCP first up and TFTP okay it's still struggling though now I know I just said the TFTP server as an option but it's not working it's the same as before it's just bouncing around and if I have a look at the packet capture coming in you can see its destination is still the default gateway address not the one but one address that I gave it you can see it's trying to access it right file though but it's not going to find it there okay and it fails just like before so what went wrong okay so I'll have a look at that DHCP exchange this time now the discover will be the same but let's have a look at the response that we got now as we knew before we've got the file name it's happy with that we've now got option 66 we've got the TFTP server name which is telling it one on two ones who take up one but one but it was still trying to access it from one on to one six eight dot one dot two five four and that's why it's failing because that's not the TFTP server service at 1.1 so what went wrong okay so even though it got a TFTP server IP address in option 66 in the response from the DHCP server it pretty much ignored that and tried to go 2.25 for anyway okay that's because even though it's looking to use TFTP to download its operating system it doesn't get it from that option 66 so I can remove that and I'll do that now and I'll show you what has to be done for it to get the the operating system okay so back on the DHCP server I'm gonna get rid of that TFTP option okay because we don't need that down here in Network booting I am going to enable that and give it the option there and the server which is in fact at 1.1 is actually called next server okay so I'll save that and have another go okay just hit the power button and there's no DHCP option 66 but we do have a next server option so I'll see what happens okay it's found it and it's doing stuff okay so what just happened okay if I have a look at the DHCP response this time we'll look for option 66 it's not there okay we didn't need that TFTP option 66 because as we know it didn't use it but what it does use is way up the top here this address here next server IP address okay that's what it looks for just before these options come into it really you've got next server IP address 1.1 and that's where it went to ok so it started looking for TFTP at 1 & 2 1 6 8 1 2 1 and it kept downloading it got all the files now if we have an even closer look at these files let's have a look the files that it's actually looking for we'll just filter that ok there the files that are requested now it didn't get all of them but it requested them so you can see the first one pixie Linux that's the one we told it in the DHCP server to start with so did that got us next one now you can see here there's a directory and then this here now you may recall at the start that was that globally unique identifier which comes up now what that would do is if that file existed here it would go to that one meaning that there's something specific to this Hardware and it would have loaded that but there wasn't so try the next one which is MAC address and try the next one which is hex for the IP address and it gets less fussy until you finally carry ok there's nothing specific just do the default and that's what I've got on the server is default so it downloaded that one and and the rest and it just went from there I'll show you the files that are on the TFTP server and as you can see that the same files obviously that it grabbed from tear cheapy when we looked in Wireshark you can see this one's a directory so if if I have a look at that you can see there's just a file called default and if you remember to grab that file called default because there was nothing more specific but if you rename that to the MAC address or the globally unique identifier it'll it'll download that instead so you can be more specific if you want okay I've just sounded this up again so as you know it does DHCP initially and then TFTP to get the first couple of files which we've looked at and that's doing that there and it's done that now and what happens now the guy who made slacks he set it up so it moves to HTTP for the rest of it because if you've used TFTP before you'll know it's not real good for big data transfers so it's done the transfer via HTTP of the operating system so I could pull that network cable out now but I'm going to use it for doing things and it just continues from there so as I said this operating system is slack's okay I used it years ago it's pretty good I'll just get back into it now so this runs in RAM it's nice and quick and now can load off a network so try that out and if you get stuck with TFTP just think it's not the TFTP option it's the boot flag next server TFTP so have fun [Music] throwing large amounts of data so on me

Info

Channel: Tall Paul Tech

Views: 96,817

Rating: undefined out of 5

Keywords: PXE, TFTP, Slax, Diskless, Network boot, DHCP, DHCP options

Id: OuhFbr6gt44

Channel Id: undefined

Length: 10min 22sec (622 seconds)

Published: Thu Oct 31 2019