Introduction
This document describes how to install DHCP, DNS and PXE network services on a debian squeeze.
For this tutorial I use a machine that has two network interfaces:
eth0: 10.34.132.149/255.255.254.0 (WAN interface)
eth1: 172.20.30.1/255.255.255.0 (LAN interface)
To install a PXE server, you will need the following components:
DHCP Server
TFTP Server
NFS/FTP/HTTPD server (to store installing files)
Note: DHCP Server will listen only on eth1.
In this tutorial I will use apache2 server.
Install required packages
apt-get install tftpd-hpa syslinux dhcp3-server bind9 dnsutils
Configure DHCP Server
vim /etc/dhcp/dhcpd.conf
ddns-update-style ad-hoc;
log-facility syslog;
option domain-name "test.org";
option domain-name-servers 172.20.30.1;
option subnet-mask 255.255.255.0;
subnet 172.20.30.0 netmask 255.255.255.0 {
authoritative;
range 172.20.30.10 172.20.30.90; # ip range
option routers 172.20.30.1; # gateway for clients
######
# in case want to deny clients that are not configured in dhcpd uncomment the following line
######
#deny unknown-clients;
allow booting;
allow bootp;
next-server 172.20.30.1; # tftpd server's IP
filename "pxelinux.0";
######
# sample of a client that has mac address reserved on dhcp
######
#host guest1 {
# hardware ethernet 00:0C:29:14:DA:AD;
# fixed-address 172.20.30.15;
#}
######
}
Force DHCP Server to listen only on eth1
vim /etc/default/isc-dhcp-server
:%s/INTERFACES=""/INTERFACES="eth1"/g
:wq
Configure TFTP Server. Change the root directory on startup from /srv/tftp to /tftpboot
vim /etc/default/tftpd-hpa
:%s/\/srv\/tftp/\/tftpboot/g
:wq
Setup TFTP Server network boot files
mkdir -p /tftpboot
chmod 777 /tftpboot
cp -v /usr/lib/syslinux/pxelinux.0 /tftpboot
cp -v /usr/lib/syslinux/menu.c32 /tftpboot
cp -v /usr/lib/syslinux/memdisk /tftpboot
cp -v /usr/lib/syslinux/mboot.c32 /tftpboot
cp -v /usr/lib/syslinux/chain.c32 /tftpboot
mkdir /tftpboot/pxelinux.cfg
Create PXE menu file
vim /tftpboot/pxelinux.cfg/default
default menu.c32
prompt 0
timeout 300
MENU TITLE test.org PXE Menu
LABEL centos6.3_i386
MENU LABEL CentOS 6.3 i386
KERNEL /netboot/centos/6.3/i386/vmlinuz
APPEND console=tty0 console=ttyS0,9600N1 initrd=/netboot/centos/6.3/i386/initrd.img ks=http://172.20.30.1/netboot/centos/6.3/i386/centos6.3-ks.cfg ksdevice=link
Share the internet connection with clients
vim /etc/sysctl.conf
:%s/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1
:wq
Apply the settings:
sysctl -p
Share internet connection using iptables:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Configure bind9
echo "include \"/etc/bind/bind.keys\"; ">> /etc/bind/named.conf
vim /etc/bind/named.conf.options
options {
directory "/var/cache/bind";
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { none; };
forwarders { 8.8.8.8; 8.8.4.4; };
listen-on port 53 { any; };
allow-query { any; };
allow-query-cache { any; };
};
Add the following lines at the end of the named.conf.default-zones
vim /etc/bind/named.conf.default-zones
zone "test.org" {
type master;
file "/etc/bind/test.org";
};
zone "30.20.172.in-addr.arpa" {
type master;
file "/etc/bind/30.20.172.in-addr.arpa";
};
vim /etc/bind/test.org
$ORIGIN test.org.
$TTL 1H
test.org. IN SOA ns.test.org. root.test.org. (
2012062600 ; serial
12H ; refresh
2H ; retry
1W ; expiry
2D ) ; minimum
test.org. IN NS ns.test.org.
ns.test.org. IN A 172.20.30.1
www10 IN A 172.20.30.10
www11 IN A 172.20.30.11
www12 IN A 172.20.30.12
www13 IN A 172.20.30.13
www14 IN A 172.20.30.14
www15 IN A 172.20.30.15
vim /etc/bind/30.20.172.in-addr.arpa
$ORIGIN 30.20.172.in-addr.arpa.
$TTL 2D
@ IN SOA ns.test.org. root.test.org. (
2012062600 ; serial
12H ; refresh
2H ; retry
1W ; expiry
2D ) ; minimum
@ IN NS ns.test.org.
1 IN PTR ns.test.org.
10 IN PTR www10.test.org.
11 IN PTR www11.test.org.
12 IN PTR www12.test.org.
13 IN PTR www13.test.org.
14 IN PTR www14.test.org.
15 IN PTR www15.test.org.
Let's use our DNS server
echo "search test.org" > /etc/resolv.conf
echo "nameserver 127.0.0.1" >> /etc/resolv.conf