Skip to main content

Setup NetBooting with Unraid Docker and Firewalla

First we are going to setup NetBoot.xyz in a docker container.  This is done for me using the wonderful Unraid container made by LSIO, however, this can also be done with the following docker compose file

---
version: "2.1"
services:
  netbootxyz:
    image: lscr.io/linuxserver/netbootxyz:latest
    container_name: netbootxyz
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Etc/UTC
      - MENU_VERSION=1.9.9 #optional
      - PORT_RANGE=30000:30010 #optional
      - SUBFOLDER=/ #optional
    volumes:
      - /path/to/config:/config
      - /path/to/assets:/assets #optional
    ports:
      - 3000:3000
      - 69:69/udp
      - 8080:80 #optional
    restart: unless-stopped

I needed to adjust some of the ports so they weren't interacting with my previously installed items, but that is all.  After that is started, netboot.xyz is up and running.  If you want to see the configuration, go to the IP:3000.  The only thing that I changed at that point was to upgrade the menu's to the latest.

Now it is time to setup the DHCP server to give out the TFTP server where it can be booted from.  This is where you can find a lot of router setups, however, Firewalla is not included in this listing.

https://docs.linuxserver.io/images/docker-netbootxyz/

To setup Firewalla to allow the computers to netboot, we have to do 2 things.  The first thing to do is to get SSH access to your device to add a file.

  • Tap on the top right gears button.
  • Tap on "Advanced".
  • Tap on "Configurations".
  • Tap on "SSH Console".
  • Tap on the "*****".
  • If it's the first time you using SSH, please tap on "Reset Password" before you start. 
  • Tap on "Reveal Password". 
  • A list of networks will be shown on the UI. (Gold/Purple only)

Now to SSH into the device itself use the following command.

ssh pi@x.x.x.x

where x.x.x.x is your Firewalla IP address.  This will prompt you for a password, which the above procedure will give you.  Next we will want to create the follow file in ~/.router/config/dhcp/conf/pxe.conf  

# next-server X.X.X.X
# filename "netboot.xyz.kpxe"
dhcp-option=66,X.X.X.X
dhcp-option=tag:br0,67,netboot.xyz.kpxe
# dhcp-option-force=tag:br0,66,"X.X.X.X"
dhcp-boot=tag:br0,netboot.xyz.kpxe,tftp,X.X.X.X

Please add in your X.X.X.X where that is the IP address of your netboot.xyz installation.

Please note that firewalla only has "vi" installed by default, so this is a small reminder on how to use it.

cd ~/.router/config/dhcp/conf/
vi pxe.conf
i   ( press for insert mode )
paste in the code from above
press the escape key ( to exit insert mode )
:wq ( type this in to "write" and "quit")

At this point, it seems like this will work, however there is more settings in the firewalla app to make.  

  • Open the App, get to the home network, and tap Network
  • Press the Lan that has your DHCP server on it
  • Tap Edit in the top right
  • Scroll down and click on the Add DHCP Option button
  • Option code 66, option value is the IP of your netboot.xyz installation
  • Option code 67, option value is netboot.xyz.kpxe

The above will allow computer that don't use a UEFI bios to netboot.  However, if we want to get UEFI computers booting using netboot, we have to make a couple changes.  I haven't found a change that allows both UEFI and non-UEFI computers to boot at the same time.   To make the change, edit the file on the firewalla device to the file below.

# next-server X.X.X.X
# filename "netboot.xyz.kpxe"
dhcp-option=66,X.X.X.X
dhcp-option=tag:br0,67,netboot.xyz.efi
# dhcp-option-force=tag:br0,66,"X.X.X.X"
dhcp-boot=tag:br0,netboot.xyz.efi,tftp,X.X.X.X

and also in your option 67 on the firewalla app.

 

This should allow your computers to net boot and not have to worry about those pesky install disks ever again.

Back to top