What is boot file in PXE booting?

So, I'm learning the peinciple(or mechanism exactly) of PXE booting over the network, what I understand is:

  1. Client contact the DHCP server by broadcasting the DISCOVER msg with 2 key options(66 and 67 for requesting the TFTP server IP address and the boot file name) and other options.

  2. DHCP get the DISCOVER msg and send a OFFER msg to the client with some parameters required by the client.

  3. Client request the boot file(or startup file?) from the TFTP server.

So, what is boot file(or startup file?), and how does the client machine use it?

3 Answers

The boot file is executable code. After the PXE downloads the boot file using TFTP protocol into memory, the downloaded binary is executed and it can then continue the booting process, as it can use more sophisticated protocols to download more sophisticated code for execution.

1

The format is platform-dependent, but usually it's very similar to a regular bootloader that you would find in the MBR or in the EFI System Partition.

  • For legacy PC BIOS, the specification is here:

    Preboot Execution Environment (PXE) Specification 2.1 (Intel, 1999)

    The format is specified in section 4.5.4 – similar to local BIOS-mode bootloaders, they're raw executables which run in 16-bit real mode:

    Network bootstrap programs (NBPs) are binary images that will be downloaded by the BC runtime to 0:7C00h. The BC runtime will then make a far call to 0:7C00h after pushing a 32-bit far pointer to the !PXE structure onto the stack.

  • For PCs running UEFI firmware, PXE is part of the main UEFI specification:

    Unified Extensible Firmware Interface (UEFI) Specification 2.8

    As mentioned in section 13.3.4.5, the boot image for UEFI systems is a regular .efi executable, the same as local bootloaders.

    See also this page for more information.

  • For other devices and platforms (e.g. routers with netboot support) it is just whatever the manufacturer provides. (For example, Mikrotik has a dedicated Netinstall tool for hosting PXE for its own devices.)

See also this page for examples on configuring PXE boot (dual UEFI+BIOS) for a few Linux distributions, most often using pxelinux as the loader.

1

From the PXE (Preboot eXecution Environment) Wikipedia page, the next step for the client PC after getting PXE server IP from DHCP server:

The client next transfers the NBP into its own random-access memory (RAM) using TFTP, possibly verifies it (i.e. UEFI Secure Boot), and finally boots from it. NBPs are just the first link in the boot chain process and they generally request via TFTP a small set of complementary files in order to get running a minimalistic OS executive (i.e. WindowsPE, or a basic Linux kernel+initrd). The small OS executive loads its own network drivers and TCP/IP stack. At this point, the remaining instructions required to boot or install a full OS are provided not over TFTP, but using a robust transfer protocol (such as HTTP, CIFS, or NFS).

1

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

You Might Also Like