Configure your DHCP server to use the EFI boot images packaged with GRUB. (If you do not have a DHCP server installed, refer to the DHCP Servers chapter in the Fedora System Administrators Guide.)
A sample configuration in /etc/dhcp/dhcpd.conf might look like:
option space PXE;
option PXE.mtftp-ip code 1 = ip-address;
option PXE.mtftp-cport code 2 = unsigned integer 16;
option PXE.mtftp-sport code 3 = unsigned integer 16;
option PXE.mtftp-tmout code 4 = unsigned integer 8;
option PXE.mtftp-delay code 5 = unsigned integer 8;
option arch code 93 = unsigned integer 16; # RFC4578
subnet 10.0.0.0 netmask 255.255.255.0 {
option routers 10.0.0.254;
range 10.0.0.2 10.0.0.253;
class "pxeclients" {
match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
next-server 10.0.0.1;
if option arch = 00:06 {
filename "pxelinux/bootia32.efi";
} else if option arch = 00:07 {
filename "pxelinux/bootx64.efi";
} else {
filename "pxelinux/pxelinux.0";
}
}
host example-ia32 {
hardware ethernet XX:YY:ZZ:11:22:33;
fixed-address 10.0.0.2;
}
}
Configuring a DHCP server for IPv6 differs slightly. Crucially, the filename option must be replaced with a bootfile-url string. Both identify the boot file that the PXE tftp process should download, but each is specific to the version of the IP protocol being used. bootfile-url specifies an IPv6 network location for the boot file.
A sample configuration in /etc/dhcp/dhcpd6.conf might look like:
default-lease-time 2592000;
preferred-lifetime 604800;
option dhcp-renewal-time 3600;
option dhcp-rebinding-time 7200;
option dhcp6.name-servers 3ffe:501:ffff:100:200:ff:fe00:3f3e;
option dhcp6.domain-search "test.example.com","example.com";
option dhcp6.info-refresh-time 21600;
dhcpv6-lease-file-name "/var/lib/dhcpd/dhcpd6.leases";
subnet6 3ffe:501:ffff:100::/64 {
range6 3ffe:501:ffff:100::10 3ffe:501:ffff:100::;
range6 3ffe:501:ffff:100:: temporary;
prefix6 3ffe:501:ffff:100:: 3ffe:501:ffff:111:: /64;
option dhcp6.bootfile-url "tftp://[3ffe:501:ffff:100::1]/grubx64.efi";
option dhcp6.name-servers 3ffe:501:ffff:100::1;
}
In a Secure Boot environment, the configuration file must specify that the shim utility be downloaded rather than the GRUB image. No other file can be downloaded via tftp in Secure Boot mode. shim is specified using the filename option in IPv4 configurations and the bootfile-url option in IPv6 configurations.
Once the shim utility is downloaded and validated, it will automatically download the GRUB image. This image must be named either grub.efi or grubx64.efi and be available at the same location as shim and be accessible by tftp.
The shim-signed package is available in the Fedora yum repository. For more information on Secure Boot, refer to the Fedora UEFI Secure Boot Guide.
Add a config file to this directory. The file should either be named efidefault or named after the IP address. For example, if your machine's IP address is 10.0.0.1, the filename would be 0A000001.
A sample config file at /var/lib/tftpboot/pxelinux/pxelinux.cfg/efidefault might look like:
default=0
timeout=1
hiddenmenu
title Fedora
root (nd)
kernel vmlinuz
initrd initrd.img inst.repo=nfs:10.0.0.1:/path/to/tree
