Mox netboot requirements of DHCP

Folks, I have a Turris Omnia and now a Mox too, and after applying today’s security updates to the Omnia, I saw the Turris MOX network boot package and installed it. I then tried setting up the Mox.

The mox does not have an SD card, so I plugged it straight into the Omnia via ethernet, per the netboot docs. I do have the “managed devices” side-bar in Foris, and I have content there, but the Mox never appears.

I have a USB stick in the Omnia so do have a /srv/ and I realized that the problem might be that I use a different (pre-existing) ISC dhcpd install on my network for DHCP, with the Omnia’s set to disabled for br-lan. So I added DHCP items for the mox MAC, filename "turris-netboot/mox"; and next-server pointing to the Omnia.

The mox appears on the network on the correct IP, so DHCP itself is working, but I see nothing appear in the Foris menus.

I’ve spent a while trying to pick through the dnsmasq/etc setup on the Omnia and can’t figure out what’s supposed to be happening, so can’t figure out what configuration I need to provide to get the pairing up and working.

Anyone have any pointers to help me out here please?

1 Like

Apart from DHCP (you don’t need any extra options apart from giving it IP and maybe IP of the server) you also have to have tftp server enabled and running on top of /srv/tftp

MOX reads what to boot pxelinux.cfg/default-arm-mvebu-turris_mox where is also full cmdline that is needed and after pairing, it fetches specific signed image from turris-netboot directory.

Hi Miska,

That file is empty; so if turris-netboot is the second stage, what should I be telling the mox to boot from, please? Use syslinux PXE booting?

root@turris:/srv/tftp# ls -ld pxelinux.cfg/default-arm-mvebu-turris_mox 
-rw-r--r--    1 turris-n root             0 Jun 19 20:52 pxelinux.cfg/default-arm-mvebu-turris_mox
root@turris:/srv/tftp# netstat -anlp | grep :69
udp        0      0 0.0.0.0:69              0.0.0.0:*                           5131/dnsmasq
udp        0      0 :::69                   :::*                                5131/dnsmasq
root@turris:/srv/tftp# grep tftp /var/etc/dnsmasq.conf 
enable-tftp
tftp-root=/srv/tftp

Thanks for your help with this. :slight_smile:

1 Like

Hi PhilPennock, miska

I had the same problem - default-arm-mvebu-turris_mox was empty and similar situation, custom configuration for TFTP and /srv is symlink to SSD.

I read this script https://gitlab.labs.nic.cz/turris/turris-netboot/blob/master/manage.sh (regen part).
I tried run netboot-manager regen, but without success.
The script check key ~/.ssh/reg_key.pub and if it does not exist, tries to create it. In my case, key wasn’t created (I don’t known why, but time is expensive for experiments). I created the key manually by ssh-keygen -t ed25519 -f ~/.ssh/reg_key -N "" -C "registration_key. After, I tried to re-run netboot-manager regen, but default-arm-mvebu-turris_mox was stay empty. I removed it and re-runed netboot-manager regen. Change! Script “said”: can’t create /srv/tftp/pxelinux.cfg/default-arm-mvebu-turris_mox: Permission denied.

Steps for help (for my case):

  1. check permission on /srv/tftp/pxelinux.cfg/ - I set 777
  2. remove default-arm-mvebu-turris_mox
  3. run netboot-manager regen
  4. check size of default-arm-mvebu-turris_mox
    4.1 if is empty, try to generate registration key and go back to step 2
    4.2 if is empty, I don’t known why :frowning:
  5. turn on your MOX and wait for some seconds
  6. run netboot-manager list-incoming
    5.1 if you see serial number, you’r win :slight_smile:
    5.2. run netboot-manager accept <serial>

Question for miska:

  • Before MOX I use TFTP for booting “rescue OS” with “incompatible” configuration
  • What’s right access/owner for /srv/tftp/pxelinux.cfg and /srv/tftp/turris-netboot?

My English is bad, I known :slight_smile:

1 Like

Thank you. Without your contribution, I wouldn’t have solved the netboot. I had also set TFTP for booting (old article in the Turris documentation). FYI simply shutting down, deleting the settings does not solve nothing (NFS)?

Although the information with permissions may have fallen.
I think that at least someone from Turris team could write note in the official documentation that this article is outdated. After all, someone probably bought Omnia plus Mox as an AP.

Edit: Don’t misunderstand me. It is not meant as a criticism of Turris team. But I think it’s better to write two sentences here and there. And save some time on support for individual users, but that’s another topic.

@Jarkko_Haapalainen
except that I have one for this purpose: https://youtu.be/z2PFftWR-WA

How do you know that it is working as access point?

Hi,

I have a Turris Omnia without wifi. I also have a Turris MOX which is - hopefully correctly - paired with Turris Omnia. I would like to use the MOX as wifi-AP, thus I tried to adjust the content of /etc/config/netboot according to the documentation. However, the wifi is not working correctly.

Any help is highly appreciated.

Cheers,
Lutz

  1. Because this option is not documented in the documentation, I guess you may have to set up Wi-Fi manually? I don’t have the energy to experiment with turning off Wi-Fi on Omnia… My recommendation is to switch to the RC branch to update to 3.11.6 (How to switch to RC and other branches): https://doc.turris.cz/doc/en/howto/release_candidate#how_to_switch_to_rc_and_other_branches. Because it works out of the box. In case you do not have MOX paired after update, factory reset MOX: https://doc.turris.cz/doc/en/howto/mox_rescue_modes. Pair MOX in Firefox. Then configure Wi-Fi According to the advanced documentation here: https://doc.turris.cz/doc/en/howto/mox_network_boot#advance_configuration. After releasing the 3.11.6 version you can switch back to the stable branch: https://doc.turris.cz/doc/en/howto/release_candidate#how_to_switch_back_to_stable.

  2. Just in case the problem is elsewhere: No wifi in mox A with MIMO module

  3. If the solution doesn’t work. Ask @miska on Monday.

Hi Perry,

Thanks for your quick reply. Currently, I have a running solution with an AP based on MerlinWRT (RT-AC87U). However, it would be nice to switch to a solution based on Turris solely. The pairing works for LAN connections (I have a MOX-C module besides the MOX-A module with wifi). All in all I guess I should wait for the stable relaease of 3.11.6.

Cheers, Lutz

Hi Lutz, finally it works and the setup is simple. I had set it in 3.11.6 RC5 and it’s stable.
ch., P.

Having received my MOX last week I finally managed to get Netboot working.

The DHCP needed to be on the TO not my Pihole (next job is to redirect from pihole the PXE).

After switching dhcp back to the TO I then got the permission error which was resolved by 777 on the config file.

Seems to be a lot of grief to get something that should be working out of the box, but it seems to be there now.

I’ve not got any further than the exclamation mark next to the registered MOX and spinning waiting wheels next to the devices and channels on the wifi setup page, any pointers would be appreciated…

OK - netboot works when the DHCP is on the TO, but when the DHCP is on my pi-hole (running on a LXC on the TO) with
dhcp-option=66,“192.168.1.1”
dhcp-boot=pxelinux.0,1.192.168.1

No netboot. Am I missing something?

Of course the sharp eyed viewers will have spotted the obvious mistake in my config setting above.

Correct text should be (the IP in the boot line was wrong!):

dhcp-option=66,“192.168.1.1”
dhcp-boot=pxelinux.0,192.168.1.1

I can now see the device come in as Incoming, I can accept it and then it transfers the image and boots up to a heartbeat led on the MOX but the state in the managed devices screen shows an exclamation mark “!” - nothing in the documentation on this. Plus the device seems inaccessible on any of the DHCP IP addresses I see assigned to it in the syslog on the TO controlling router.

My current assumption is that I need to generate a token on the remote device and upload to remove the “!” but if I can not get the IP address then this is hard to achieve!

Comments and suggestions welcome ? :slight_smile:

Edit to add:

OK - from other forum posts (specifically this one MOX: how to netboot? )

It appears clear that netboot provides a ‘dumb’ device which extends your WiFi using the ethernet cable and SSID names on your controlling router and no web based presence. So my MOX is now netbooting and also extending the wifi from the TO router.