iPXE is an enhanced version of the Pre-boot eXecution Environment (PXE), which is an open standard for network booting.

iPXE netboot provides:

• IPv4 and IPv6 protocols

• FTP/HTTP/TFTP boot image download

• Embedded scripts into the image

• Stateless and stateful address auto-configuration (SLAAC) using Dynamic Host Configuration Protocol Version 4 (DHCPv4) and/or DHCPv6, boot URI, and parameters for DHCPv6 options depending on the IPv6 router advertisement.

Network bootloaders support booting from a network-based source. The bootloaders boot an image located on an HTTP, FTP, or TFTP server. A network boot source is detected automatically by using an iPXE-like solution.

iPXE enables network boot for a device that is offline. The following are the three types of boot modes:

• iPXE Timeout—Boots through iPXE network boot. Configures a timeout in seconds for iPXE network boot by using the IPXE_TIMEOUT rommon variable. Use the boot ipxe timeout command to configure iPXE timeout. When the timeout expires, device boot is activated.

• iPXE Forever—Boots through iPXE network boot. The device sends DHCP requests forever, when the boot ipxe forever command is configured. This is an iPXE-only boot (which means that the bootloader will not fall back to a device boot or a command prompt, because it will send DHCP requests forever until it receives a valid DHCP response.)

• Device—Boots using the local device BOOT line configured on it. When device boot is configured, the configured IPXE_TIMEOUT rommon variable is ignored. You can activate device boot as specified below:

  • If BOOTMODE=ipxe-forever, device boot is not activated without user intervention (this is possible only if ENABLE_BREAK=yes).

  • If BOOTMODE=ipxe-timeout, device boot is activated when the specified IPXE_TIMEOUT variable (in seconds) has elapsed.

  • If BOOTMODE=device, device boot is activated. This is the default active mode.

  • Device boot can also be activated through the CLI.

  Note	Device boot is the default boot mode.

Note

Manual boot is another term used in this document. Manual boot is a flag that determines whether to do a rommon reload or not. When the device is in rommon mode, you have to manually issue the boot command. If manual boot is set to YES, the rommon or device prompt is activated. If manual boot is set to NO, the autoboot variable is executed; this means that the value set in the BOOT variable is followed.

The following section describes how an iPXE bootloader works:

1. Bootloader sends a DHCP discover message, and when the server replies, the Bootloader sends a DHCP request.

2. The DHCP response includes the IP address and boot file name. The boot file name indicates that the boot image is to be retrieved from a TFTP server (tftp://server/filename), FTP server (ftp://userid:password@server/filename), or an HTTP server (http://server/filename).

3. Bootloader downloads and boots the image from the network source.

4. If no DHCP response is received, the bootloader keeps sending DHCP requests forever or for a specified period of time, based on the boot mode configured. When a timeout occurs, the bootloader reverts to a device-based boot. The device sends DHCP requests forever only if the configured boot mode is ipxe-forever . If the ipxe-timeout boot mode command is configured, DHCP requests are sent for the specified amount of time, and when the timeout expires, device boot mode is activated.

Note	Because the current iPXE implementation works only via the management port (GigabitEthernet0/0), DHCP requests sent through the front panel ports are not supported.

When using a static network configuration to network boot, ROMMON uses the following environment variables (and all of them are required):

• BOOT—URLs separated by semicolon (;) to boot from.

• IP_ADDRESS—Statically assigned IP address of a device.

• DEFAULT_GATEWAY—Default gateway of the device.

• IP_SUBNET_MASK—IPv4 or IPv6 prefix information.

  IPv4—Subnet mask of the device in the format WWW.XXX.YYY.ZZZ eg. 255.255.255.0.

  IPv6—Subnet prefix length of the device in the format NNN eg. 64 or 112.

When manual boot is disabled, the bootloader determines whether to execute a device boot or a network boot based on the configured value of the rommon iPXE variable. Irrespective of whether manual boot is enabled or disabled, the bootloader uses the BOOTMODE variable to determine whether to do a device boot or a network boot. Manual boot means that the user has configured the boot manual switch command. When manual boot is disabled, and when the device reloads, the boot process starts automatically.

When iPXE is disabled, the contents of the existing BOOT variable are used to determine how to boot the device. The BOOT variable may contain a network-based uniform resource identifier (URI) (for example, http://, ftp://, tftp://), and a network boot is initiated; however DHCP is not used to get the network image path. The static network configuration is taken from the IP_ADDRESS, DEFAULT_GATEWAY, and IP_SUBNET_MASK variables. The BOOT variable may also contain a device filesystem-based path, in which case, a device filesystem-based boot is initiated.

The DHCP server used for booting can identify a device through the Product ID (PID) (available in DHCP Option 60), chassis serial number (available in DHCP option 61), or the MAC address of the device. The show inventory and show switch commands also display these values on the device.

The following is sample output from the show inventory command:

Device# show inventory

NAME:“c38xx Stack”, DESCR:“c38xx Stack”
PID:WS-3850-12X-48U-L, VID:V01 ,  SN: F0C1911V01A

NAME:“Switch 1”, DESCR:“WS-C3850-12X48U-L”
PID:WS-C3850-12X48U-L, VID:V01 , SN:F0C1911V01A 

NAME:”Switch1 -Power Supply B”, DESCR:“Switch1 -Power Supply B”
PID:PWR-C1-1100WAC, VID:V01, SN:LIT1847146Q

Device# show switch 

Switch/Stack Mac Address : 046c.9d01.7d80 - Local Mac Address
Mac persistency wait time: Indefinite
                                             H/W   Current
Switch#   Role    Mac Address     Priority Version  State 
-------------------------------------------------------------------------------------
 1       Member   046c.9d1e.1a00     1              Ready                
 2       Standby  046c.9d01.7d80     1              Ready                
*3       Active   f8b7.e24e.9a00     1      P2B     Ready     

The following rommon variables should be configured for iPXE:

• BOOTMODE = ipxe-forever | ipxe-timeout | device

• IPXE_TIMEOUT = seconds

This illustration displays how IPv6 iPXE network boot works on a Cisco device:

The four elements in the above illustration are described below:

• IPv6 Booting Device—The device that is booting through iPXE boot.

• Supporting Device—A Cisco device that is configured with an IPv6 address to generate Router Advertisement (RA) messages.

  Note	In this illustration, the IPv6 booting device, the supporting device, and the DHCP server are on the same subnet. However; if the supporting device and the DHCP server are on different subnets, then there must be a relay agent in the network.

• DHCP server—Any DHCP server.

• Web server—Any web server.

This section describes the IPv6 iPXE boot process:

1. The device sends a router solicitation Internet Control Message Protocol IPv6 (ICMPv6) type 133 packet to the IPv6 device on the local subnet.

2. The IPv6 device on the local subnet replies with a router advertisement (RA) message, ICMPv6 type 134 packet. The device that sent the router solicitation message, gets the default router and prefix information for Stateless Address AutoConfiguration (SLAAC) address completion from the RA packet.

3. The device sends a DHCPv6 solicit message to the multicast group address of ff02::1:2 for all DHCP agents.

   The following sample displays the fields in a DHCPv6 solicit packet during iPXE boot:

   
   DHCPv6 
    Message type: Solicit (1)
    Transaction ID: 0x36f5f1
    Client Identifier
    Vendor Class
    Identity Association for Non-Temporary Address
    Option Request
    User Class
    Vendor-specific Information
   
   

   The DHCPv6 solicit message contains the following information:

   • DHCP Unique Identifier (DUID)—Identifies the client. iPXE supports DUID-EN. EN stands for Enterprise Number, and this DUID is based on the vendor-assigned unique identifier.

   • DHCP and DHCPv6 Options

4. If the DHCPv6 server is configured, it responds with a DHCPv6 advertise packet that contains the 128 Bit IPv6 address, the boot file Uniform Resource Identifier (URI), the Domain Name System (DNS) server and domain search list, and the client and server IDs. The client ID contains the DUID of the client (In this illustration, the IPv6 Booting Device), and the Server ID contains the DUID of the DHCPv6 server.

5. The client then sends a DHCPv6 request packet to the multicast group address ff02::1:2, requesting for advertised parameters.

6. The server responds with a unicast DHCPv6 reply to the Link Local (FE80::) IPv6 address of the client. The following sample displays the fields in a DHCPv6 reply packet:

   
   DHCPv6
    Message type: Reply (7)
    Transaction ID: 0x790950
    Identity Association for Non-Temporary Address
    Client Identifier
    Server Identifier
    DNS recursive name server
    Boot File URL
    Domain Search List
   
   

7. The device then sends an HTTP GET request to the web server.

8. If the requested image is available at the specified path, the web server responds with an OK for the HTTP GET request.

9. The TCP image transfer copies the image, and the device boots up.

The DHCP client uses the following order-of-precedence to decide which IPv6 address to use in rommon mode:

1. DHCP Server-assigned address

2. Stateless Address Auto-Configuration (SLAAC) address

3. Link-local address

4. Site-local address

The device uses the DHCP server-assigned address to boot an image. If the DHCPv6 server fails to assign an address, the device tries to use the SLAAC address. If both the DHCP server-assigned address and the SLAAC address are not available, the device uses the link-local address. However, the remote FTP/HTTP/TFTP servers must be on the same local subnet as that of the device for the image copy to succeed.

If the first three addresses are not available, the device uses the automatically generated site-local address.

The following ROMMON variables are supported in Cisco IOS XE 17.8.1:

• BAUD: Changes the device console BAUD rate to one of the Cisco standard baud rate; such as 1200, 2400, 4800, 9600, 19200, 38400, 57600, and 115200). Any invalid value will be rejected. If the BAUD variable is not set, the default will be 9600. The corresponding CLI command is

• ENABLE_BREAK: Enables a rommon break. The default value is NO.

• MANUAL_BOOT: If manual boot is set to 1, the rommon or device prompt is activated. If manual boot is set to 0, the device is reloaded; but rommon mode is not activated.

• SWITCH_IGNORE_STARTUP_CFG: If the value is 1, it causes the device to ignore the startup configuration. If the value is not set, the value is treated as zero. This is a read-only variable, and can only be modified by IOS.

iPXE boot supports the following DHCPv4 and DHCPv6 options in rommon mode.

Note	Catalyst 9000 Series Switches support DHCP Option 60, Option 77, DHCPv6 Options 1, Option 15, and Option 16. DHCP Option 61 is only supported on Catalyst 9350 Series Switches.

• DHCP Option 60—Vendor Class Identifier. This option is populated with the value of the ROMMON environment variable MODEL_NUM.

• DHCP Option 61—Client Identifier. This option is populated with the value of theROMMON environment variable SYSTEM_SERIAL_NUM.

  Note	This option is not supported on Catalyst 9400 Series Switches.

• DHCP Option 77—User Class Option. This option is added to a DHCP Discover packet, and contains the value equal to the string iPXE. This option helps to isolate iPXE DHCP clients looking for an image to boot from a DHCP server.

  The following is sample DHCPv4 configuration from the ISC DHCP Server that displays the use of Option 77. The if condition in this sample implies that if Option 77 exists, and is equal to the string iPXE, then advertise the Boot File URI for the image.

  
  host Switch2 {
       fixed-address 192.168.1.20 ;
       hardware ethernet CC:D8:C1:85:6F:11 ;
             #user-class = length of string + ASCII code for iPXE
       if exists user-class and option user-class = 04:68:50:58:45 {
           filename "http://192.168.1.146/test-image.bin"
       }
  }
    

• DHCPv6 Option 1—Client Identifier Option. This option is populated with the value of the ROMMON environment variable SYSTEM_SERIAL_NUM as specified in RFC 3315. The recommended format for the ROMMON environment variable is MAC_ADDR.

• DHCPv6 Option 15—User Class Option. This option is the IPv6 User Class option in a DHCPv6 solicit message, and is populated with the string, iPXE. The following sample shows Option 15 defined in the ISC DHCP server:

  
  option dhcp6.user-class code 15 = string ;
  

  The following is a sample DHCP Server configuration that uses the DHCPv6 Option 15:

  
  #Client-specific parameters
  host switch1 {
       #assigning a fixed IPv6 address
       fixed-address6 2001:DB8::CAFE ; 
       #Client DUID in hexadecimal format contains: DUID-type"2" + "EN=9" + "Chassis serial number"
       host-identifier option dhcp6.client-id       00:02:00:00:00:09:46:4F:43:31:38:33:
  31:58:31:41:53;
      #User class 00:04:69:50:58:45 is len 4 + "iPXE"
      if option dhcp6.user-class = 00:04:69:50:58:45 {
         option dhcp6.bootfile-url "http://[2001:DB8::461/platform-pxe/edi46/test-image.bin";
      }
  }
  

• DHCPv6 Option 16—Vendor Class Option. Contains the device product ID (PID). The PID can be determined from the output of the show inventory command or from the MODEL_NUM rommon variable. Option 16 is not a default option in the ISC DHCP Server and can be defined as follows:

  
  option dhcp6.vendor-class-data code 16 = string;
  
  

  The following sample configuration illustrates the use of DHCPv6 Option 16:

  
  # Source: dhcpd6ConfigPD
  
  host host1-ipxe6-auto-host1 {
       fixed-address6 2001:DB8::1234;
       host-identifier option dhcp6.client-id 00:02:00:00:00:09:46:4F:
       43:31:38:33:31:58:31:41:53;
       if option dhcp6.vendor-class-data = 00:00:00:09:00:0E:57:53:2D:
       43:33:38:35:30:2D:32:34:50:2D:4D {
       option dhcp6.bootfile-url "http://[2001:DB8::46]/platform-pxe/host1/17jan-polaris.bin";
  
  
  

  The table below describes the significant fields shown in the display.

  Table 2. Sample Output Field Descriptions

  Field	Description
  dhcp6.client-id	DHCP Unique Identifier (DUID) to identify the client.
  dhcp6.user-class	DHCPv6 Option 15, the User Class option
  dhcp6.vendor-class-data	DHCPv6 Option 16, the Vendor Class option that contains the switch Product ID (PID).
  dhcp6.bootfile-url	DHCPv6 Option 6 to request for the Boot File URI

There are three types of DHCPv6 Identifiers (DUIDs) defined by RFC 3315; these are:

• DUID-LLT—DUID Link Layer address plus time, this is the link layer address of the network interface connected to the DHCP device plus the time stamp at which it is generated.

• DUID-EN—EN stands for Enterprise Number, this DUID is based on vendor-assigned unique ID.

• DUID-LL—DUID formed using the Link Layer address of any network interface that is permanently connected to the DHCP (client/server) device.

Cisco devices that support this feature use the DUID-EN (DUID Type 2) to identify the DHCP client (that is the device in the DHCPv6 Solicit packet). Catalyst 9000 Series Switches support not only DUID-EN, but also DUID-LL (DUID Type 3). DUID-EN is the preferred type; however, if switches are unable to create it, then DUID-LL is constructed and used.

This section provides troubleshooting tips.

• When iPXE boot is enabled on power up, the device first attempts to send a DHCPv6 Solicit message, followed by a DHCPv4 Discover message. If boot mode is ipxe-forever the device keeps iterating between the two forever.

• If the boot-mode is iPXE timeout, the device first sends a DHCPv6 Solicit message, and then a DHCPv4 Discover message, and the device falls back to device boot after the timeout expires.

• To interrupt iPXE boot, send a serial break to the console.

  When using a UNIX telnet client, type CTRL-] and then send break. When you are using a different TELNET client, or you are directly attached to a serial port, sending a break may be triggered by a different keystroke or command.

• If the DHCP server responds with an image, but the DNS server cannot resolve the hostname, enable DNS debugs.

  Note	We recommend the use of ISC DHCP server. This feature has not been verified on IOS DHCP.

• To test the HTTP server connectivity, use HTTP copy to copy a small sample file from your HTTP server to your device. For example, at the rommon prompt, enter copy http://192.168.1.1/test null: (the flash is normally locked and you need to use the null device for testing) or http://[2001:db8::99]/test.

• When manual boot is enabled, and boot mode is ipxe-timeout, the device will not automatically boot on power up. Issue the boot command in rommon mode. To automate the boot process on power up, disable manual boot.

• Use the net6-show command to display the current IPv6 parameters, including IPv6 addresses and the default router in rommon mode

  Note	On Catalyst 9000 Series Switches, use the net-show show command.

• Use the net-dhcp or the net6-dhcp commands based on your configuration, The net-dhcp command is a test command for DHCPv4 and the net6-dhcp command is for DHCPv6.

  Note	On Catalyst 9000 Series Switches, use the net-dhcp -6 command for DHCPv6.

• Use the dig command to resolve names.

  Note	On Catalyst 9000 Series Switches, use the dns-lookup commmand to resolve names.

• Enable HTTP debug logs to view the HTTP response code from the web server.

• If Stateless Address Auto-Configuration (SLAAC) addresses are not generated, there is no router that is providing IPv6 RA messages. iPXE boot for IPv6 can still work but only with link or site-local addresses.

This section provides troubleshooting tips.

• When iPXE boot is enabled on power up, the device first attempts to send a DHCPv6 Solicit message, followed by a DHCPv4 Discover message. If boot mode is ipxe-forever the device keeps iterating between the two forever.

• If the boot-mode is iPXE timeout, the device first sends a DHCPv6 Solicit message, and then a DHCPv4 Discover message, and the device falls back to device boot after the timeout expires.

• To interrupt iPXE boot, send a serial break to the console.

  When using a UNIX telnet client, type CTRL-] and then send break. When you are using a different TELNET client, or you are directly attached to a serial port, sending a break may be triggered by a different keystroke or command.

• If the DHCP server responds with an image, but the DNS server cannot resolve the hostname, enable DNS debugs.

  Note	We recommend the use of ISC DHCP server. This feature has not been verified on IOS DHCP.

• To test the HTTP server connectivity, use HTTP copy to copy a small sample file from your HTTP server to your device. For example, at the rommon prompt, enter copy http://192.168.1.1/test null: (the flash is normally locked and you need to use the null device for testing) or http://[2001:db8::99]/test.

• When manual boot is enabled, and boot mode is ipxe-timeout, the device will not automatically boot on power up. Issue the boot command in rommon mode. To automate the boot process on power up, disable manual boot.

• Use the net6-show command to display the current IPv6 parameters, including IPv6 addresses and the default router in rommon mode

  Note	On Catalyst 9000 Series Switches, use the net-show show command.

• Use the net-dhcp or the net6-dhcp commands based on your configuration, The net-dhcp command is a test command for DHCPv4 and the net6-dhcp command is for DHCPv6.

  Note	On Catalyst 9000 Series Switches, use the net-dhcp -6 command for DHCPv6.

• Use the dig command to resolve names.

  Note	On Catalyst 9000 Series Switches, use the dns-lookup commmand to resolve names.

• Enable HTTP debug logs to view the HTTP response code from the web server.

• If Stateless Address Auto-Configuration (SLAAC) addresses are not generated, there is no router that is providing IPv6 RA messages. iPXE boot for IPv6 can still work but only with link or site-local addresses.