UEFI HTTP chainloading

Version 2.5 of the UEFI specification introduces the UEFI HTTP Boot feature. You can use the basic UEFI HTTP Boot client to chainload iPXE from an HTTP server, eliminating the need for a separate TFTP server in your boot infrastructure.

The simple UEFI HTTP Boot client will download and boot iPXE. You can then use any of iPXE's more advanced features such as HTTPS, Digest authentication, POST requests, scripts, menus, customisable code signing etc. to download and boot your operating system.

UEFI HTTP chainloading provides a way to load iPXE on systems which do not have iPXE present as part of the UEFI firmware. If your system already provides iPXE as part of the UEFI firmware, then you do not need to use UEFI HTTP chainloading.

Configuring the DHCP server

A chain

You must configure your DHCP server to check for a UEFI HTTP Boot client, and to provide the string HTTPClient as the vendor class identifier, and an HTTP URI as the boot filename. If you are using ISC dhcpd then you need to edit /etc/dhcpd.conf to contain

  if option client-architecture = encode-int ( 16, 16 ) {
     option vendor-class-identifier "HTTPClient";
     filename "http://my.web.server/ipxe.efi";
  } else {
     filename "http://my.web.server/script.ipxe";
  }

where my.web.server is the DNS name (or IP address) of your web server.

Configuring the web server

Place your iPXE binary (e.g. ipxe.efi) on your web server, along with an iPXE script containing the commands needed to boot your operating system. For example, to boot a system comprising a Linux kernel and initial ramdisk, your script could contain

  #!ipxe
  kernel http://my.web.server/boot/vmlinuz initrd=initrd.img
  initrd http://my.web.server/boot/initrd.img
  boot

Booting

Boot your UEFI system and select UEFI HTTP Boot. You should see it download ipxe.efi via HTTP and start running iPXE:

  Booting from EFI Network
  Station IP address is 192.168.0.10
  URI: http://squirrel/images/ipxe.efi
  
  iPXE initialising devices...ok
  iPXE 1.0.0+ (33d4b) -- Open Source Network Boot Firmware -- http://ipxe.org
  Features: DNS HTTP TFTP EFI Menu
  
  net0: 52:54:00:12:34:56 using 82540em on PCI00:03.0 (Ethernet) [open]
    [Link:up, TX:0 TXE:0 RX:0 RXE:0]
  Configuring (net0 52:54:00:12:34:56)... ok

Congratulations on successfully using UEFI HTTP chainloading!

Success

Advanced topics

Building OVMF

You can build an OVMF image (for virtual machines such as qemu and kvm) which supports UEFI HTTP Boot. You will need to edit the build description file OvmfPkg/OvmfPkgX64.dsc to enable the option

  DEFINE HTTP_BOOT_ENABLE        = TRUE

For OVMF (or any other firmware built from upstream EDK2), the UEFI HTTP Boot option will show up as EFI Network 1 within the boot selection menu.

appnote/uefihttp.txt ยท Last modified: 2021/01/26 21:15 by mcb30
Recent changes RSS feed CC Attribution-Share Alike 4.0 International Driven by DokuWiki
All uses of this content must include an attribution to the iPXE project and the URL https://ipxe.org
References to "iPXE" may not be altered or removed.