Bug #3421
closeddhcpv6 server Netboot/next-server causes dhcpv6 not to start, and reports an error message.
100%
Description
Attempting to get uEFI boots working across ipv6.
I'm attempting to do this with a private ipv6 range (no native connectivity available, not wanting to use broker).
I am using fde1:a880:1e86:2cf8/64 as randomly assigned by some page in the internet
(I see in the draft 2.1 book, you recommend fc00::/7)
(I should also mention, I'm still a ipv6 n00b, however have established HE.net tunnels for others).
On lan interface in dhcpv6 server, I check the box to enable network booting., enter the ip address of my host.
"fde1:a880:1e86:2cf8::12" for reference. pfsense is "fde1:a880:1e86:2cf8::1". and specify my filename "efi/bootmgfw.efi"
for this instance.
and Save.
Dhcp does not respond to requests/RA assigns temporary addresses. Looking at System logs get the following:
"php: /services_dhcpv6.php: The command '/usr/local/sbin/dhcpd 6 -user dhcpd -group _dhcp -chroot /var/dhcpd -cf /etc/dhcpdv6.conf -pf /var/run/dhcpdv6.pid em0' returned exit code '1', the output was 'Internet Systems Consortium DHCP Server 4.2.5-P1 Copyright 2004-2013 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ /etc/dhcpdv6.conf line 20: semicolon expected. next-server fde1: ^ /etc/dhcpdv6.conf line 20: expecting a parameter or declaration next-server fde1:a880:1e86:2cf8::12; ^ Configuration file errors encountered - exiting If you did not get this software from ftp.isc.org, please get the latest from ftp.isc.org and install that before requesting help. If you did get this software from ftp.isc.org and have not yet read the README, please read it before requesting help. If you intend to request help from the dhcp-server@isc"
Okay, I know I may need to wrap the address in [] brackets. Click save, pfsense spits out the following header:
"The following input errors were detected:
A valid IPv6 address must be specified for the network boot server."
googling around, I'm not confident next-server is even a valid option for ipv6? it looks like the replacement is:
option boot-file-url "tftp://[fde1:a880:1e86:2cf8::12]/efi/bootmgfw.efi"
for 2.1.1 at the very least, I believe network booting should be removed, since it appears broken (I didn't try manually editing the dhcpv6.conf to add [] brackets around the ip to see if that would be supported), although I'd appreciate if it could be confirmed that option boot-file-url is the correct way to go, and have it implemented. It seems like it would be a minor patch.
P.S. Assuming it's not too late / nor planned. Could a small blurb be added to the 2.1 book regarding setting up ipv6 "private" (fc00::) networks? I followed the suggestions for the HE.net tunnel referencing setting up the Lan Interface / DHCPv6/RA, but even a paragraph stating that is what I should have done, would make me more confident about how I have things setup.
If you're interested in my use case:
I love network booting. It's my thing. I allow pfsense to manage my dhcp, and as such I can't set the client architecture to specify different boot files for different architectures. I've been setting static hosts for each machine I wanted to boot uEFI, but that is error prone. I figured I could (ab)use ipv6 and set the boot file there for uEFI since we aren't using ipv6 for anything else at this time.