Creating a "PXE-Box"


EDIT: I meant to publish this close to a year ago. Due to an unfortunate chain of events, I was unable to get it finished, and I Don't remember exactly where I left off. I cannot promise the following tutorial will work 100% out of the box as-is, but it WILL get you up and running pretty quickly with a bit of google-fu!

Recently I was met with a challenge at work in which I had to solve relativly quickly. We are using a propriatary software which uses PXE and then talks to a server located on an ESXi host. At first, I had tried to boot the systems all off of one PXE server: Epic Failure. There was not enough bandwidth on the 1Gbit/sec link to actually boot more than 15-20 machines at a time (without it taking almost 7-8 minutes for all of them to download the image as it's a 300MB PXE Image). Enter: PXE Box.


The PXE Box is very simple in design. It runs a PXE server, DHCP, has VLAN trunking configured, and most importantly IP Fowarding Enabled. Each box is able to boot approx 20 machines per Gigabit Interface. Additionally the interfaces are treated as Layer 2 on a bridged interface (br0). (this can be changed however by adding addtional brX interfaces.)


1.) PXE Box should have 512MB of RAM or more.
2.) PXE Box should have a processor of around 700Mhz or faster
2.) ISO Image burned to CD / USB to install Debian.
3.) Sufficent Gigabit NICs for PXE side and "Uplink" side. I am using Intel Pro 1000 NICs.
4.) A copy of your PXE Boot image
5.) A switch that supports VLAN Tagging


In order for this to work, you need to install Debian. If you have not done so, Follow This Guide
Once you have Debian Installed you need to install the following packages:
1.) vlan
2.) bridge-utils
3.) tftpd-hpa
4.) isc-dhcp-server

You can install them by running the following as root
apt-get install vlan bridge-utils tftpd-hpa isc-dhcp-server

Enable IP forwarding

Make the following change in "/etc/sysctl.conf"
net.ipv4.ip_forward = 1

and now reboot


# PXE Box Network Interface Configuration
# Ryan Abbott
# July 23 2012
# Revision 3.0

# Define Loopback Config
auto lo
iface lo inet loopback


# Configure VLAN Trunk on Eth1 #
allow-hotplug eth1
iface eth1 inet manual
allow-hotplug eth1.201
iface eth1.201 inet manual

# Set Eth2 as the Management SSH port for remote config
allow-hotplug eth2
iface eth2 inet dhcp

# Configure Switchports Gig1 and Gig2 #

#This configuration bridges the VLANs

iface eth3 inet manual
iface eth4 inet manual

# Bring up the VLAN bridge
auto br0
allow-hotplug br0
iface br0 inet static
bridge_ports eth3 eth4 eth1.201
bridge_stp off

tftpd-hpa config

# /etc/default/tftpd-hpa

isc-dhcp-server config

#Sample isc-dhcp-server config file
subnet netmask {
option routers;
option broadcast-address;

default-lease-time 600;
max-lease-time 7200;
Now all you need to do is plug ETH1 into a trunk port on your switch with the VLAN 201. all clients will be able to get out to the internet, with the ability of booting via PXE using as their default gateway (which routes out to the default gateway set above, Set this gateway if it is different.) Also, ETH3 and ETH4 are your PXE side of the router. plug in one (or two) switches, and connect your devices to these ports. they will assign a DHCP address, and then pass the local PXE address to those devices. ETH2 is to be used for SSH or Daisy-Chain purposes if needed.