Ubuntu
maas package

Whitelist MAC addresses for PXE boot.

Asked by Neil Byrne

Hi,

How do we only offer PXE boot to certain MAC addresses?

I think this might come under DHCP snippets but unsure of the correct way to do this.

TIA

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu maas Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Bernard Stafford (bernard010) said (last edit ): 		#1

https://maas.io/docs/about-maas-networks#heading--about-pxe-booting
https://maas.io/docs/how-to-set-up-networks
https://maas.io/docs/how-to-connect-maas-networks
Notice their is a dropdown box for UI/CLI and Snap or Packages by version numbers.
https://maas.io/docs

Revision history for this message
Neil Byrne (nbyrne) said : 		#2

The docs don't mention anyway to whitelist MAC addresses, unless am missing it?

Revision history for this message
Bernard Stafford (bernard010) said (last edit ): 		#3

https://maas.io/docs/about-dhcp#heading--about-dora
Look at the network diagram.
https://discourse.maas.io/t/maas-networks/6680#heading--About-MAAS-DHCP-snippets#heading--About-MAAS-DHCP-snippets

https://discourse.maas.io/
These are the MAAS professionals
They will need to know what version of maas - snap or package
Ubuntu 1 login

Revision history for this message
Neil Byrne (nbyrne) said : 		#4

I don't think I explained my question correctly.

We have DHCP up and running and can PXE boot servers, we want to be able to control which servers are allowed to PXE boot.

There's multiple servers on the same network, they can not be on separate VLANs / separate networks. We don't want a random server rebooting and picking up the PXE boot.

I'll try the discord link you posted if this can't be answered here.

Thanks,

Revision history for this message
Manfred Hampl (m-hampl) said : 		#5

My opinion on that matter is that this has to be prevented either by the DHCP server (not granting an IP address to a foreign server) or by the server that delivers the boot files.

Have you looked at DHCP configuration options, maybe this helps:
https://manpages.ubuntu.com/manpages/focal/en/man5/dhcpd.conf.5.html#allow%20and%20deny%20within%20pool%20declarations

Revision history for this message
Bernard Stafford (bernard010) said (last edit ): 		#6

"Once deployed, there are a couple of minor state changes you can effect without releasing the machine:

    You can lock a machine, if desired, to provide a little extra insurance that it won’t accidentally be changed by you – or anyone."
https://maas.io/docs/about-machines

   " If you add a machine manually, MAAS will automatically commission it. There are also ways to turn off this automatic commissioning, should you desire to do so."
Configuring a computer to boot over PXE is done via its BIOS.
https://maas.io/docs/about-machines#heading--about-adding-machines

Revision history for this message
Neil Byrne (nbyrne) said : 		#7

Thanks Manfred, that could be an option to explore.

Can you help with this problem?

Provide an answer of your own, or ask Neil Byrne for more information if necessary.

To post a message you must log in.