Mox netboot requirements of DHCP

Folks, I have a Turris Omnia and now a Mox too, and after applying today’s security updates to the Omnia, I saw the Turris MOX network boot package and installed it. I then tried setting up the Mox.

The mox does not have an SD card, so I plugged it straight into the Omnia via ethernet, per the netboot docs. I do have the “managed devices” side-bar in Foris, and I have content there, but the Mox never appears.

I have a USB stick in the Omnia so do have a /srv/ and I realized that the problem might be that I use a different (pre-existing) ISC dhcpd install on my network for DHCP, with the Omnia’s set to disabled for br-lan. So I added DHCP items for the mox MAC, filename "turris-netboot/mox"; and next-server pointing to the Omnia.

The mox appears on the network on the correct IP, so DHCP itself is working, but I see nothing appear in the Foris menus.

I’ve spent a while trying to pick through the dnsmasq/etc setup on the Omnia and can’t figure out what’s supposed to be happening, so can’t figure out what configuration I need to provide to get the pairing up and working.

Anyone have any pointers to help me out here please?

Apart from DHCP (you don’t need any extra options apart from giving it IP and maybe IP of the server) you also have to have tftp server enabled and running on top of /srv/tftp

MOX reads what to boot pxelinux.cfg/default-arm-mvebu-turris_mox where is also full cmdline that is needed and after pairing, it fetches specific signed image from turris-netboot directory.

Hi Miska,

That file is empty; so if turris-netboot is the second stage, what should I be telling the mox to boot from, please? Use syslinux PXE booting?

root@turris:/srv/tftp# ls -ld pxelinux.cfg/default-arm-mvebu-turris_mox 
-rw-r--r--    1 turris-n root             0 Jun 19 20:52 pxelinux.cfg/default-arm-mvebu-turris_mox
root@turris:/srv/tftp# netstat -anlp | grep :69
udp        0      0 0.0.0.0:69              0.0.0.0:*                           5131/dnsmasq
udp        0      0 :::69                   :::*                                5131/dnsmasq
root@turris:/srv/tftp# grep tftp /var/etc/dnsmasq.conf 
enable-tftp
tftp-root=/srv/tftp

Thanks for your help with this. :slight_smile:

1 Like

Hi PhilPennock, miska

I had the same problem - default-arm-mvebu-turris_mox was empty and similar situation, custom configuration for TFTP and /srv is symlink to SSD.

I read this script https://gitlab.labs.nic.cz/turris/turris-netboot/blob/master/manage.sh (regen part).
I tried run netboot-manager regen, but without success.
The script check key ~/.ssh/reg_key.pub and if it does not exist, tries to create it. In my case, key wasn’t created (I don’t known why, but time is expensive for experiments). I created the key manually by ssh-keygen -t ed25519 -f ~/.ssh/reg_key -N "" -C "registration_key. After, I tried to re-run netboot-manager regen, but default-arm-mvebu-turris_mox was stay empty. I removed it and re-runed netboot-manager regen. Change! Script “said”: can’t create /srv/tftp/pxelinux.cfg/default-arm-mvebu-turris_mox: Permission denied.

Steps for help (for my case):

  1. check permission on /srv/tftp/pxelinux.cfg/ - I set 777
  2. remove default-arm-mvebu-turris_mox
  3. run netboot-manager regen
  4. check size of default-arm-mvebu-turris_mox
    4.1 if is empty, try to generate registration key and go back to step 2
    4.2 if is empty, I don’t known why :frowning:
  5. turn on your MOX and wait for some seconds
  6. run netboot-manager list-incoming
    5.1 if you see serial number, you’r win :slight_smile:
    5.2. run netboot-manager accept <serial>

Question for miska:

  • Before MOX I use TFTP for booting “rescue OS” with “incompatible” configuration
  • What’s right access/owner for /srv/tftp/pxelinux.cfg and /srv/tftp/turris-netboot?

My English is bad, I known :slight_smile:

1 Like

Thank you. Without your contribution, I wouldn’t have solved the netboot. I had also set TFTP for booting (old article in the Turris documentation). FYI simply shutting down, deleting the settings does not solve nothing (NFS)?

Although the information with permissions may have fallen.
I think that at least someone from Turris team could write note in the official documentation that this article is outdated. After all, someone probably bought Omnia plus Mox as an AP.

Edit: Don’t misunderstand me. It is not meant as a criticism of Turris team. But I think it’s better to write two sentences here and there. And save some time on support for individual users, but that’s another topic.

@Jarkko_Haapalainen
except that I have one for this purpose: https://youtu.be/z2PFftWR-WA

How do you know that it is working as access point?