The final target for an OpenBSD install on the net4521 is a CompactFlash card. However during development it would be inefficient to continually update the image, plus CF has a limited number of writes per sector. A better solution is to boot over the network.
The network boot sequence is documented in diskless(8) which is a good starting point. However the process described there is geared towards booting Unix servers, booting on Intel machines is potentially a bit different:
From that point the system boots as usual.
i386 compatible PCs have a very primitive firmware, the BIOS, which usually doesn't support advanced features like network booting. However Intel developed a proprietary booting solution called PXE. Some network cards come with a PXE loader in ROM and those cards can boot an operating system from the network. Naturally, the Soekris also supports PXE and so will load the boot loader from the network
Since version 3.5 OpenBSD has come with a PXE boot loader called pxeboot. Prior to that you needed a third party boot loader like grub, an older version of this page describes how to use it.
In order to find an operating system's boot loader the PXE loader consults a DHCP server. The DHCP server must be configured to not only give out an IP address but also the boot loader. This is done simply by adding a "filename" option to dhcpd.conf:
shared-network WIRED-NET {
option domain-name-servers 192.168.1.1;
subnet 192.168.1.0 netmask 255.255.255.0 {
option routers 192.168.1.1;
filename "pxeboot";
range 192.168.1.100 192.168.1.254;
}
The PXE loader will retrieve the specified filename via TFTP and execute it.
The server that served up the DHCP response also needs to be running TFTP so that the "pxeboot" file can be download and later the kernel as well. It is possible to offload this task to another server with the dhcpd.conf next-server option but in this example one server will handle the entire boot process. The TFTP server should be chroot'd to a directory with the boot loader and the OpenBSD kernel:
ls -al /home/tftp
-rwxr-xr-x 1 root wheel 939090 Jan 5 16:44 bsd.gz
-rw-r--r-- 1 root wheel 71 Jan 4 20:08 menu.lst
-rw-r--r-- 1 root wheel 127040 Jan 5 02:06 pxeboot
drwxr-xr-x 1 root wheel 127040 Jan 5 02:06 etc
Now when the PXE loader executes it will download and launch pxeboot which will look for a file named 'etc/boot.conf' on the same TFTP server. This is a standard boot.conf configuration file:
set tty com0
boot bsd.gz
The GENERIC kernel does not support diskless booting, for that you need the DISKLESS configuration which will load the root and swap filesystems from NFS. The following extra kernel options are also useful:
option PCCOMCONSOLE
option CONSPEED=19200
When a *BSD diskless kernel is booted it consults:
OpenBSD is quite secure upon default install. The following steps will open the system up to many new attacks via TFTP, RPC, NFS, and likely others. It would be wise to make sure the server is inaccessible outside of the local network during this vulnerable phase.
00:01:02:03:04:05 bootclient
192.168.1.1 server
192.168.1.100 bootclient
bootclient root=192.168.1.1:/export/root \
swap=192.168.1.1:/export/swap
/export -maproot=root -alldirs bootclient
/usr -ro bootclient
/export contains a swap file and a root filesystem
ls -al /export
drwxr-xr-x 8 root wheel 512 Jan 5 14:00 root
-rw-r--r-- 1 root wheel 16777216 Jan 5 16:45 swap
After completing the configuration it is time to load all of the daemons. Starting them from the command line makes sense since this is a temporary configuration for bootstrapping. Order matters because some daemons depend on services provide by others ala RPC.
# rarpd <interface>
# portmap
# rpc.bootparamd
# mountd
# nfsd -t -u
At this point the target machine can be started. The PXE loader should load pxeboot and the OpenBSD kernel will be downloaded and executed. If the root filesystem is set up properly then a diskless OpenBSD system should soon be up and running.
Next: CompactFlash Installation