Setting up PXE Server

Red Hat 8.0 PXE server, etc. on PL2500

Red Hat 8.0 – default custom install

First let’s set up date and time as I like accurate logs:

vi /etc/ntp.conf
vi /etc/ntp/step-tickers

chkconfig –level 2345 ntpd on
service ntpd start
ntpq -np
ntpq -p

Disable ipchains and iptables, pick one of the following two methods:

Slow Method:
chkconfig –del ipchains
chkconfig –del iptables

Fast Method:
for X in ipchains iptables; do chkconfig –del $X; done

Let’s set our boot parameters (memory in our case)
vi /boot/grub/grub.conf
Add to the kernel line:
mem=exactmap mem=640@0 mem=255M@1M

Let’s setup /etc/modules.conf to load preferred drivers (e100 vs. eepro100)
vi /etc/modules.conf

Let’s set up our hostname and network configuration

We want 2 NICs, one for the pxe network and one to connect us upstream (in our case, directly upstream is deadnet, which connects to corpnet, which connects to the internet).

We will have static ip addresses on both network cards, but all this will work as well if our upstream NIC had a DHCP address as well.

see hostname.html to set up the hostname

netconfig, set up eth1, mv /etc/sysconfig/network-scripts/ifcfg-eth0 to ifcfg-eth1, change the “device=eth0” to “device=eth1” in ifcfg-eth1, then set up eth0 using netconfig.

When prompted for the gateway, if you are using static address on the outside NIC, then put the upstream gateway (in our case the deadnet gateway of — if using a dhcp address for the outside NIC, then just leave GW blank. When prompted for the DNS, we can put private (pxe network) NIC as the DNS server since we will be setting up DNS on this box too.

Make a copy of /etc/resolv.conf: cp -a /tmp/resolv.conf /tmp
service network stop
killall dhclient
rmmod eepro100
service network start

Let’s temporarily fix up our /etc/resolv.conf:
cat /tmp/resolv.conf | grep nameserver >> /etc/resolv.conf

Let’s install the necessary packages, we’ll get our packages through NFS:

mkdir /mnt/nfs
mount /mnt/nfs
cd /mnt/nfs/rh80/i386/RedHat/RPMS
Install the following packages
And install these development packages:

Install gShield:
mkdir /etc/firewalls
cp -a /mnt/nfs/gShield/gShield-2.8.tgz /etc/firewalls
cd /etc/firewalls
tar -xzvf – gShield-2.8.tgz
cd /etc
ln -s firewalls/gShield-2.8 firewall
cd /etc/init.d
ln -s ../../firewall/gShield.rc firewall
vi firewall
Add near the top:
# chkconfig: 2345 99 01
# description: gShield firewall service

Set up gShield:

Set up interfaces
time servers ==>
DMZ yes
Open up ftp, http, https, pop, imap, imap-ssl
yes to bind, zone transfer, local-bind
open up ssh, nfs, ntp


Set up the DMZ
for X in `seq 128 254`; do echo 172.32.0.$X; done >> DMZ/dmz_hosts

modprobe ip_conntrack_ftp
modprobe ip_conntrack_irc
modprobe ip_nat_ftp

Uncomment any private networks that may hit your outside interface, such as

Install, setup, and start the firewall service:
chkconfig –add firewall
chkconfig –level 2345 firewall on
service firewall start

Download and install syslinux-2.02.tar.bz2 (
(Red Hat 8.0 comes with syslinux-1.75 which is broken, you should use version 2.00 or later)
wget -m -nH –cut-dirs=5
tar xvfj syslinux-2.02.tar.bz2
cd syslinux-2.02
export LANG=C
make clean install
mkdir -p /tftpboot/pxelinux.cfg
cp -a /usr/lib/syslinux/pxelinux.0 /tftpboot/
strings /tftpboot/pxelinux.0 | grep PXELINUX
strings should reveal the version number and date for pxelinux as follows:
PXELINUX 2.02 2003-02-13
Now mount up a bootnet.img floppy and copy in syslinux.cfg, vmlinuz, and initrd.img
mount /mnt/floppy
cp -a /mnt/floppy/syslinux.cfg /tftpboot/pxelinux.cfg/default
cp -a /mnt/floppy/vmlinuz /tftpboot
cp -a /mnt/floppy/initrd.img /tftpboot

Setting up DHCP

cp -a /usr/share/doc/dhcp-3.0pl1/dhcpd.conf.sample /etc/dhcpd.conf

Here’s a diff between the sample dhcpd.conf file and my new one — this shows the changes I had to make.

--- /usr/share/doc/dhcp-3.0pl1/dhcpd.conf.sample	2002-08-28 12:26:22.000000000 -0500
+++ /etc/dhcpd.conf	2003-03-04 08:54:53.000000000 -0600
@@ -1,24 +1,33 @@
 ddns-update-style interim;
 ignore client-updates;

-subnet netmask {
+allow booting;
+allow bootp;
+subnet netmask {
+subnet netmask {

 # --- default gateway
-	option routers;
-	option subnet-mask;
+	option routers;
+	option subnet-mask;

-	option nis-domain		"";
-	option domain-name		"";
-	option domain-name-servers;
+	option nis-domain		"";
+	option domain-name		"";
+	option domain-name-servers;
+	# PXE-specific configuration directives
+	next-server;
+	filename "pxelinux.0";

-	option time-offset		-18000;	# Eastern Standard Time
-#	option ntp-servers;
+	option time-offset		-21600;	# Central Standard Time
+	option ntp-servers;
 #	option netbios-name-servers;
 # --- Selects point-to-point node (default is hybrid). Don't change this unless
 # -- you understand Netbios very well
 #	option netbios-node-type 2;

-	range dynamic-bootp;
+	range dynamic-bootp;
 	default-lease-time 21600;
 	max-lease-time 43200;

Here’s my dhcpd.conf:

ddns-update-style interim;
ignore client-updates;

allow booting;
allow bootp;

subnet netmask {
subnet netmask {

# --- default gateway
	option routers;
	option subnet-mask;

	option nis-domain		"";
	option domain-name		"";
	option domain-name-servers;

	# PXE-specific configuration directives
	filename "pxelinux.0";

	option time-offset		-21600;	# Central Standard Time
	option ntp-servers;
#	option netbios-name-servers;
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
#	option netbios-node-type 2;

	range dynamic-bootp;
	default-lease-time 21600;
	max-lease-time 43200;

	# we want the nameserver to appear at a fixed address
	host ns {
		hardware ethernet 12:34:56:78:AB:CD;

Make sure /var/lib/dhcp/dhcpd.leases exists
touch /var/lib/dhcp/dhcpd.leases

Before starting dhcpd, make sure there are no other dhcpd servers operating on that network card you will be starting it on. In our example we got a HUB that had no other network connections on it and we called it our PXE HUB. Now if we want to pxe install, we just plug that machine into this PXE HUB and away we go.

Then start the dhcpd server
service dhcpd start

At this point you’re ready to go. Just do a couple of steps as follows. Later you can tweak your pxe system as you like, complete with kickstarts, etc.

Turn on tftp:
vi /etc/xinetd.d/tftp
change disable=yes to become disable=no
save and exit tftp
service xinetd restart

then cd to /tftpboot/pxelinux.cfg
and copy or link your syslinux.cfg from your bootnet floppy to an appropriate entry. You could use “default” which would catch any machine that pxe booted — but that has the possibility of wiping a box if you have the boot order wrong on that system, etc. etc. The better method is to calculate the ip address of that system into hex — better yet, give it a fixed ip address in your dhcp configuration file. For example translated to hex is AC3000FF — so I have my rh80-syslinux.cfg and I do a “ln -s rh80-syslinux.cfg AC3000FF” and I can now boot that box that has that ip address and it will pick up this syslinux.cfg file.

Setting up DNS

for now, see named.html

Setting up ETHERBOOT

I already had my server configured for pxe as mentioned above.
– tftp server
– dhcp server
– – global: next-server;
– – global: filename "pxelinux.0";
I got pxelinux.0 from the latest syslinux package 2.02 (1.75 is broke – overwrites certain memory segments and therefore hangs the boot).

I downloaded the disk ROM for my NIC from ROM-O-MATIC (, choose your NIC, then choose Floppy Bootable ROM Image (.lzdsk)) and pushed it to floppy.

I made the etherboot.img ( by the command:

mknbi-linux –append="ks=<ks source> ramdisk_size=12000" vmlinuz images/pxeboot/initrd.img > etherboot.img

and the ks info (ks=…) in the above command came from my syslinux.cfg file:

mknbi-linux –append="ks=nfs: ramdisk_size=12000" vmlinuz images/pxeboot/initrd.img > etherboot.img

I added a fixed address entry for this machine in my dhcpd.conf file:

host 00508bea8000 {
hardware ethernet 00:50:8b:ea:80:00;
filename "etherboot.img";

then with etherboot.img in the /tftpboot directory and the downloaded ROM from ROM-O-MATIC on a floppy, I booted the floppy and all went without problems.

I suppose I could even copy that ROM out to the hard drive boot sector when I’m done testing to get it to boot back to the network and do the next install. — Yes, I just tested this. I can dd out the ROM to the MBR of the hard drive rather than to floppy and the system will etherboot – WARNING: The partition table for the hard drive is contained in the MBR too, so doing this will erase the partition information for your hard drive and you will loose the data on the hard drive (mbr.html. Of course in my case at this point I am no longer concerned with the data on the hard drive, nor the partitioning – I will be etherbooting so I can land the next image on the hard drive using kickstart.

Michael says you should be able to make a CD-Rom out of this by doing the following:
1) Make a fullsized image since mkisofs needs it:

dd if= conv=sync of=cdimage.img bs=1440k

2) Burn a bootable CD:

mkdir bootcd/
cp cdimage.img bootcd/
mkisofs -b cdimage.img -c bootcat bootcd/ |cdrecord -dev 0,0,0 -v -eject –
(you will need to put the right cdrecord options in)

3) Boot CD

Booting a disk image:

add in the memdisk support

You’ve already built and installed memdisk support it when you built syslinux 2.00 in the above steps. Now you just need to copy memdisk to the /tftboot directory.

cp -a /usr/lib/syslinux/memdisk /tftpboot/

and add an approprite entry into a syslinux.cfg file in /tftpboot/pxelinux.cfg:

label dos
    kernel memdisk
    append initrd=dosboot.img

Also you can give the memdisk command from the pxe boot: prompt:

memdisk initrd=diskimg.img

For more details see:

Booting to the local hard drive:

label localboot
     localboot 0

Actually it makes a lot of sense in certain environments to have the machines default to pxe boot as their primary boot order. So in my environment I’m changing the following:


The reason for this is that I am constantly loading up different versions of software for testing — this could easily be some sort of clustering software that needs to be reimaged for different job tasks, etc. Then if a machine goes offline, it is a matter of just making an entry back at the pxe server to change from “local boot” to “load RH80”, then i just power cycle the server. Then once the install begins, I switch that entry back at the pxe server back to “local boot”. This is a whole lot faster than going to the server, power cycling, waiting for the F12 to specify that I want to pxe boot, etc. etc. I’m just saying that for certain environments it does make sence and cuts out on a lot of down time, by setting the pxe boot as the first boot choice, and then controlling what happens back at the pxe server.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.