[Dnsmasq-discuss] ProxyDHCP mode is broken for serving ipxe.efi to UEFI pxe clents

Michael Kuron michael-lists at physcip.uni-stuttgart.de
Sun May 15 09:03:06 BST 2016 

Hi Simon,

thanks, it’s working fine for me now. Before releasing 2.76, it would be good if more people could test this on actual hardware.
Also, there’s one more item that needs to go into the release notes: we now redirect all clients to port 4011, including the BIOS clients. This is a change in behavior over the previous release, where the option 43 menu was sent on port 68. This could potentially break things for some very old and broken PXE implementations. It’s unlikely, since the port 4011 stuff has always been part of the PXE spec, but possible. I don’t think it’s really necessary, but I have included a patch below that restricts the port 4011 redirect to CSA >= 6. With that patch, the PXE behavior for BIOS clients is exactly what it was in older releases.

Michael


--- a/src/rfc2131.c
+++ b/src/rfc2131.c
@@ -882,8 +882,13 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
 		  
 		  clear_packet(mess, end);
 		  
-		  /* Redirect the client to port 4011 */
-		  mess->siaddr = tmp->local;
+		  /* Redirect EFI clients to port 4011 */
+		  int redirect4011 = 0;
+		  if (pxearch >= 6)
+		  {
+		      redirect4011 = 1;
+		      mess->siaddr = tmp->local;
+		  }
 		  /* Returns true if only one matching service is available. On port 4011, 
 		     it also inserts the boot file and server name. */
 		  workaround = pxe_uefi_workaround(pxearch, tagif_netid, mess, tmp->local, now, pxe);
@@ -906,7 +911,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
 		  option_put(mess, end, OPTION_SERVER_IDENTIFIER, INADDRSZ, htonl(tmp->local.s_addr));
 		  pxe_misc(mess, end, uuid);
 		  prune_vendor_opts(tagif_netid);
-		  if (pxe && !workaround)
+		  if ((pxe && !workaround) || !redirect4011)
 		    do_encap_opts(pxe_opts(pxearch, tagif_netid, tmp->local, now), OPTION_VENDOR_CLASS_OPT, DHOPT_VENDOR_MATCH, mess, end, 0);
 	    
 		  log_packet("PXE", NULL, emac, emac_len, iface_name, ignore ? "proxy-ignored" : "proxy", NULL, mess->xid);

More information about the Dnsmasq-discuss mailing list