Skip to content

Instantly share code, notes, and snippets.

@amdervis

amdervis/readme.md

Created March 19, 2025 14:40
Show Gist options
  • Save amdervis/1780e9d49433b047aaba800ee149b64f to your computer and use it in GitHub Desktop.
Save amdervis/1780e9d49433b047aaba800ee149b64f to your computer and use it in GitHub Desktop.
Download ZIP
PXE Boot Server Setup (Centos 9 Stream)
Raw
readme.md

PXE Boot Server Setup for Debian 12 Installation

Overview

This document describes how to set up a PXE (Preboot Execution Environment) boot server on CentOS 9 to allow network-based installation of Debian 12. The server uses DHCP to assign IP addresses, TFTP to provide boot files, and HTTP to serve installation files.

System Requirements

  • A CentOS 9 server with at least 10GB of free disk space
  • A network where you can control DHCP (either by using a dedicated network or configuring your existing network)
  • Client machines that support PXE boot or UEFI network boot

Network Configuration

This setup assumes the following network configuration:

  • Router: 192.168.0.69
  • PXE Server: 192.168.0.100
  • DHCP Range: 192.168.0.110 - 192.168.0.200

Installation Steps

1. Install Required Packages

sudo dnf install dhcp-server tftp-server tftp syslinux httpd wget

2. Configure Network Settings

Set a static IP for your PXE server:

# Replace 'ens33' with your network interface name
sudo nmcli connection modify ens33 ipv4.addresses 192.168.0.100/24 ipv4.gateway 192.168.0.69 ipv4.dns "8.8.8.8 8.8.4.4" ipv4.method manual
sudo nmcli connection down ens33 && sudo nmcli connection up ens33

3. Configure DHCP Server

Create the DHCP configuration file:

sudo vi /etc/dhcp/dhcpd.conf

Add the following configuration:

option space pxelinux;
option pxelinux.magic code 208 = string;
option pxelinux.configfile code 209 = text;
option pxelinux.pathprefix code 210 = text;
option pxelinux.reboottime code 211 = unsigned integer 32;
option architecture-type code 93 = unsigned integer 16;

default-lease-time 600;
max-lease-time 7200;
authoritative;

subnet 192.168.0.0 netmask 255.255.255.0 {
  range 192.168.0.110 192.168.0.200;
  option routers 192.168.0.69;
  option domain-name-servers 8.8.8.8, 8.8.4.4;
  option broadcast-address 192.168.0.255;
  
  class "pxeclients" {
    match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
    next-server 192.168.0.100;
    filename "ipxe.efi";
  }
}

Start and enable the DHCP service:

sudo systemctl enable --now dhcpd

4. Configure TFTP Server

Create a systemd override for the TFTP service:

sudo mkdir -p /etc/systemd/system/tftp.service.d
sudo vi /etc/systemd/system/tftp.service.d/override.conf

Add the following content:

[Service]
ExecStart=
ExecStart=/usr/sbin/in.tftpd -s /var/lib/tftpboot

Create the TFTP boot directory and set permissions:

sudo mkdir -p /var/lib/tftpboot
sudo chmod -R 755 /var/lib/tftpboot
sudo chown -R nobody:nobody /var/lib/tftpboot

Enable and start the TFTP service:

sudo systemctl daemon-reload
sudo systemctl enable --now tftp.socket

5. Set Up iPXE Boot Files

Download the iPXE boot file:

cd /tmp
wget https://boot.ipxe.org/ipxe.efi
sudo cp ipxe.efi /var/lib/tftpboot/

Create the iPXE script:

sudo vi /var/lib/tftpboot/autoexec.ipxe

Add the following content:

#!ipxe
dhcp
kernel http://192.168.0.100/debian12/debian-installer/amd64/linux
initrd http://192.168.0.100/debian12/debian-installer/amd64/initrd.gz
boot

6. Set Up HTTP Server for Debian Installation Files

Enable and start the HTTP server:

sudo systemctl enable --now httpd

Create a directory for Debian installation files:

sudo mkdir -p /var/www/html/debian12

Download and extract Debian installation files:

cd /tmp
wget https://deb.debian.org/debian/dists/bookworm/main/installer-amd64/current/images/netboot/netboot.tar.gz
tar -xzf netboot.tar.gz
sudo cp -r debian-installer/* /var/www/html/debian12/

7. Configure Firewall

Allow necessary services through the firewall:

sudo firewall-cmd --permanent --add-service=dhcp
sudo firewall-cmd --permanent --add-service=tftp
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --reload

8. Disable SELinux (If Needed)

If you encounter permission issues, you might need to modify SELinux settings:

sudo setenforce 0  # Temporarily disable SELinux

For a permanent change, edit /etc/selinux/config and set SELINUX=permissive.

Testing the Setup

  1. Ensure all services are running:

    sudo systemctl status dhcpd tftp.socket httpd

  2. On a client machine, configure it to boot from the network through BIOS/UEFI settings.

  3. Connect the client machine to the same network as your PXE server.

  4. Boot the client machine and watch it receive an IP address, download the boot files, and start the Debian installer.

Troubleshooting

  • No DHCP response: Check if your router's DHCP server is disabled and if your PXE server's DHCP service is running.
  • TFTP errors: Verify file permissions in /var/lib/tftpboot and check if the TFTP service is running.
  • HTTP server issues: Ensure the Apache server is running and files are accessible.
  • iPXE boot failure: Verify that the autoexec.ipxe script is correct and that the paths to kernel and initrd files are valid.

Additional Resources

  • DHCP logs: sudo journalctl -u dhcpd
  • TFTP logs: sudo journalctl -u tftp
  • HTTP logs: sudo journalctl -u httpd
  • Monitor network traffic: sudo tcpdump -i any port 67 or port 68 or port 69 -n
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment