Project

General

Profile

Feature #11659

Support for UEFI HTTP Boot option in dhcpd config

Added by Ben Breard 2 months ago. Updated 2 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
DHCP (IPv4)
Target version:
Start date:
03/10/2021
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Default

Description

PXE had an epic run, but it's deprecation has been planned by major silicon vendors and UEFI HTTPS boot is the replacement. The pfsense UI and dhcpd config only need to be modified slightly to enable support along side the existing PXE options - as that's likely to continue to be used for the next few years.

We essentially need a stanza in the dhcp config to match HTTPClient (60) and pass (67) filename of the NBP via http/https. So it's similar to PXE except there's no dependency on TFTP and can work with things like secure boot and leverage certificates loaded in the firmware. Looks like a user has previously played with this but I can't find an issue filed for it. https://forum.netgate.com/topic/131851/how-to-configure-dhcp-for-httpclient

class "httpclients" {
option vendor-class-identifier "HTTPClient";
match if substring (option vendor-class-identifier, 0, 10) = "HTTPClient";
filename "http://mywebserverip/boot/grub/x86_64-efi/core.efi";
}

for reference:
UEFI HTTPS boot background info: https://edk2-docs.gitbook.io/getting-started-with-uefi-https-boot-on-edk-ii/introduction
Suse's "how to" docs: https://en.opensuse.org/UEFI_HTTPBoot_Server_Setup

History

#1 Updated by Jim Pingle 2 months ago

  • Priority changed from Very High to Normal
  • Target version set to Future

#2 Updated by Nathan Revo 2 months ago

I would liek to see this feature introduced as I am running into issues with iPXE on my systems and I need to boot images too large for regular PXE.

Also available in: Atom PDF