FS#63371 - [archiso] UEFI PXE booting the netinstall image fails with IPv6
Attached to Project:
Release Engineering
Opened by Martin Rys (C0rn3j) - Monday, 05 August 2019, 08:38 GMT
Last edited by David Runge (dvzrv) - Friday, 18 February 2022, 19:23 GMT
Opened by Martin Rys (C0rn3j) - Monday, 05 August 2019, 08:38 GMT
Last edited by David Runge (dvzrv) - Friday, 18 February 2022, 19:23 GMT
|
Details
Using dnsmasq as a secondary DHCP with the following
config:
https://gitlab.com/C0rn3j/configs/blob/98fd1bdc5d496646d3c117603f3b41dfc0704e17/pxe/dnsmasq.conf
This seems to be because iPXE is trying to use internal IPv6 to contact DNS and failing (see screenshots) I've attached a wireshark trace, where 192.168.1.1 is the default gateway, .2 is the DHCP server, .10 is the host where PXE server(.178) and the VM(.221) I'm trying to PXE boot on reside. Issue described far more eloquently by mcb30 from #ipxe: --- I see from the trace that you have DHCPv6 configured to hand out an fd00::/8 "unique local" address and an IPv6 DNS server address This is most likely the problem: iPXE will prefer IPv6 if given the choice, but the ULA is not globally routable and so will not be usable for communication with your IPv6 DNS server address iPXE should probably be modified to assume that ULAs are globally routable, since the most common use case seems to be for environments that try to effectively replicate IPv4 NAT behaviour (instead of just using a global IPv6 range) --- |
This task depends upon
Closed by David Runge (dvzrv)
Friday, 18 February 2022, 19:23 GMT
Reason for closing: Won't fix
Additional comments about closing: This is a mixture of issues with local router hardware and the way ipxe is configured.
If you can think of further actions to mitigate this in the context of mkinitcpio-archiso, please open a ticket at https://gitlab.archlinux.org/mkinitcpio/ mkinitcpio-archiso/-/issues
Friday, 18 February 2022, 19:23 GMT
Reason for closing: Won't fix
Additional comments about closing: This is a mixture of issues with local router hardware and the way ipxe is configured.
If you can think of further actions to mitigate this in the context of mkinitcpio-archiso, please open a ticket at https://gitlab.archlinux.org/mkinitcpio/ mkinitcpio-archiso/-/issues
Can you please try with something based on archiso v44?
I understood your above comment as you building your own image. Maybe I misunderstood? Is this at all about archiso?
The clients could successfully load the PXE images from dnsmasq configured as a DHCP proxy server. (Only via the pxe-service option, the single-file dhcp-boot option apparently does not work when running as a DHCP proxy server). Configuring net0 was successful, but when trying to download https://ipxe.archlinux.org/releng/netboot/archlinux.ipxe, the network was unreachable.
The ipxe command 'ifconf' attempts to configure both a IPv4 and a IPv6 address on the network interface.
In my case, both succeeded - but even though I don't have an external IPv6 address, iPXE only uses IPv6 when it has a local address, and inevitably fails.
My first solution was to modify ipxe-netboot from the AUR. I removed the line "echo '#define NET_PROTO_IPV6' >> config/local/general.h" from the prepare() section - this disables IPv6 support.
It worked.
Then I found out I can disable ULA (Unique local addresses) on my router. Now I can use the 'stock' images.
I'm honestly not yet sure how this can be fixed satisfactory. I know that our deployment for IPXE also lacks and I hope this will be improved in the coming weeks.
If you have any specific suggestions on how to fix this, please let me know!
[1] https://wiki.ubuntu.com/UEFI/SecureBoot/PXE-IPv6#DHCPv6_.28isc-dhcp-server.29