[OpenIndiana-discuss] Can we abandon wanboot?
James Carlson
carlsonj at workingcode.com
Thu Aug 7 13:14:39 UTC 2014
On 08/06/14 16:24, Gary Mills wrote:
> Does illumos really need wanboot? It's used only to perform one type
> of a network boot on SPARC machines. There are actually several
> different types. `boot net:rarp' is the traditional one. It requires
> a RARP server and downloads the inetboot executable from a TFTP
> server. `boot net:dhcp' is newer, requiring a DHCP server instead.
> According to the boot man page, it also downloads the inetboot
> executable if the DHCP server provides a file name.
Note that a normal DHCP PXE boot uses TFTP as well. The only difference
is how the server and file name are constructed -- by defaults with
RARP, or by explicit configuration options with DHCP. The rest of the
boot sequence is essentially the same.
I'm pretty sure that there were x86 wanboot machines available as well
from Sun, but you had to have a special BIOS for it.
It also requires a special HTTP server, because (as I recall) the server
constructs the image to send on the fly.
> As you can probably tell by now, I'd like to abandon the wanboot
> portion of the openssl build on the SPARC platform. Doing this will
> make the x86 and SPARC builds almost identical. Before I do this,
> I want to consult the illumos developers. What should we do?
I say ditch it. It was of marginal use when Sun was alive, very
complicated to use, seldom (if ever) seen in the wild, and I see no
point at all to it now.
The original idea was to avoid the insecurity of TFTP for organizations
that cared about such things. To make it reasonably secure, you'd need
to sign every image, because DHCP itself isn't secure. But most places
I've seen don't normally boot-load their Solaris machines on production
networks anyway. If they reinstall, it's done as part of the deployment
process.
I'd expect that if you were doing the same thing today, you would
probably want to look into whatever the Linux folks are doing now --
iPXE, coreboot, or whatever it is.
--
James Carlson 42.703N 71.076W <carlsonj at workingcode.com>
More information about the openindiana-discuss
mailing list