Make Your Own Plug ‘N Play Zone Using Ubuntu Linux! 03/12/08
One of the things I dislike is reinstalling any operating system over, and over, and over again. After a while it becomes boring and inconvenient when you’ve a hot idea you want to try out. One of the things I enjoy doing (and I’ve posted several ideas or projects), is to try out new ways, ideas or Linux packages. Often this means starting from a clean system or I have to reinstall because I made mistakes and trashed an existing system. The point? Well, for one it’s a great learning environment for me, it helps my friends who have switched or considering a switch and it gives me information I can share for free in this blog – And that helps everyone!
Today is not any different, actually I’m pretty excited about this post!!! Here’s the scenario:
1) I wanted an easy way for friends to migrate to Linux (I’m using Ubuntu).
2) Personally, I needed a way that Ubuntu could install itself while I go do something else.
Side note: During today’s project, I realized that this would be a great feature for a school, a computer lab, a computer hobby group and even a business or laptop repair shop. If any of you use this idea, please let me know as I’d love to see!
The idea? I created my very own “Ubuntu Linux Plug ‘N Play Zone”!
It’s a simple 3-step method.
Users plug their laptop into one of the two ports pictured above and boot off the network. Go away, come back later and it’s all done. Voilà
Also you can see that they have the option for a Gutsy install (7.10) and soon (I’ve not set that up yet, probably over the weekend) a Hardy install (8.04). The picture above is how I’ll leave the “Zone” for now. (I didn’t want to write on the wall so put an old plastic sign over the plug and wrote on the plastic with a marker. Easy to enhance and change later). How is this done? Ahhh… Not as hard as one might think… Grasshopper.
For this to work properly, we need a DHCP server on a separate network (subnet). We also need a TFTP server and of course client laptops (or PC’s) that can netboot. (Netboot is when the BIOS is configured to boot of the network card). Last year I posted “30 Dollars, 30 Minutes, 1 Nice Fileserver” and that’s the unit I wiped clean and used for this project. We can begin by installing Gutsy (7.10) on the system.
Note: Look further down to the IP addresses. Make note and ensure that your server is using a static IP address within your subnet. The first time I did this I messed up and used the wrong address.
After this, here are the steps I took:
Note: Instead of typing “sudo” all the time, we can “sudo su” (become root) and then don’t have to keep using the sudo command.
The first thing we need to do is grab some packages:
apt-get install dnsmasq atftpd atftp
“Dnsmasq is a lightweight, easy to configure DNS forwarder and DHCP server. It is designed to provide DNS and, optionally, DHCP, to a small network. It can serve the names of local machines which are not in the global DNS. The DHCP server integrates with the DNS server and allows machines with DHCP-allocated addresses to appear in the DNS with names configured either in each host or in a central configuration file. Dnsmasq supports static and dynamic DHCP leases and BOOTP/TFTP for network booting of diskless machines.” Source: http://www.thekelleys.org.uk/dnsmasq/doc.html
“A TFTP server. By default it is started by inetd on most sytems, but may run as a stand alone daemon. This server is multi-threaded and supports all options described in RFC2347.” Source: http://www.math.ucla.edu/computing/docindex/atftp-man-2.html
“A client/server implementation of the TFTP protocol that implements RFCs 1350, 2090, 2347, 2348, and 2349. The server is multi-threaded and the client presents a friendly interface using libreadline. The current server implementation lacks IPv6 support.” Source: http://freshmeat.net/projects/atftp/
Because the first port is Gutsy (7.10) we need to get the netboot files for it. It’s easy to get via wget like this…
Create a directory if it’s not already there:
Use wget to download the tarball into /source
Note: For Hardy (8.04) the command is “wget http://archive.ubuntu.com/ubuntu/dists/hardy/main/installer-i386/current/images/netboot/netboot.tar.gz”. But remember, to do this with Hardy (or any other Linux platform), make sure the port is being served by another Dnsmasq on another subnet. If not, then the laptop might get the wrong version of Linux installed.
tar -zxf netboot.tar.gz && chown -R nobody:nobody
The chown directive is saying “Change the ownership of everything recursively to Nobody”.
Now we need to set up the DHCP/DNS configuration (for Dnsmasq). The following information is needed by us:
1) What IP address range to give laptops being plugged into the “Zone”
2) The default gateway (That usually your router, the point for external access to the Internet).
3) The IP address of the server (that’s going to provide Linux to the laptops).
4) The DNS address (should be the same as the server’s address).
After a few tries and a bit of Googling, I found the correct way to do this. (I was putting the wrong numbers in first time around. It was a simply, easy mistake to fix).
Note: The small (cheap) router I used for this defaults to the 192 network, so I just left it at the default. You can change it to match your own subnet!
Here is what the line correspond to:
dhcp-option=6 is the DNS address.
dhcp-option=3 is the default gateway address
dhcp-boot=pxelinux.0 is the IP address of the server
dhcp-range is the pool of IP addresses being leased out to laptops connecting. (Only a very few available as I only have one port per subnet). The 6h means to lease outthe IP addresses for 6 hours.
Now that I finally had the correct addresses configured I can restart like this:
invoke-rc.d dnsmasq restart
After it’s successfully restarted, make sure the firewall is not blocking. (I didn’t check that and it took me a while and a bit of Googling to find the fix). If your firewall is interfering, you can modify this script to your needs:
# flush all chains
#delete the chains
# set the default policy for each of the pre-defined chains and pipe to /dev/null
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -t mangle -F 2>/dev/null
iptables -t mangle -X 2>/dev/null
iptables -t nat -F 2>/dev/null
iptables -t nat -X 2>/dev/null
Original script and idea from http://townx.org/simple_firewall_for_ubuntu_using_iptables via Creative Commons Attribution-Share Alike 3.0 License.
As you can see from the above link, we can further create a customized start/stop feature. After a lot of Googling, I found there are a ton of iptables resources out there!
Now set your laptop (or PC) BIOS to enable booting off the network (PXE). If it works your good to go and your Plug ‘N Play Zone is live!
If there is trouble, try the following:
1) Check your /var/log/syslog for issues.
2) Is dnsmasq even listening? (I learned that network boots use bootp through port 67). Is port 67 working? Use this comand:
netstat -nulp | grep '67.*dnsmasq
The response should show udp port 67
Side note: Netstat command are here: http://www.computerhope.com/unix/unetstat.htm
3) What about iptables, are they really turned off?
iptables -L -t nat
iptables -L -t mangle
The first command says “list the active rules”. The second says “list the nat (Network Address Translation) tables and the third says “list the mangle tables”.
Side note: To learn more about iptables and”mangle” read here: http://www.informit.com/articles/article.aspx?p=19626
4) Is atftpd listening on a port? (It’s supposed to be on port 69):
netstat -nulp | grep atftpd
Again, the response should show a udp port and it should be 69.
This was a fun exciting project. Hopefully some of you can use this information to help you. I hope so. As I mentioned, this would be great for schools, a computer lab or lab projects, a computer hobby group and even a business or laptop repair shop. Either way, please let me know.
It’s really cool to just plug and go in the plug and play zone!
Update 1: There’s a follow up to this post here: Ubuntu Linux Plug ‘N Play Zone Revisited, where we examine some of the automated installation features via PXELinux and the use of a preseed file to automate the installed environment. That post really helps to round out this hands-on project as a whole. Check it out!
Update 2: This post has been featured issue #14 of Full Circle Magazine (The FREE Independent Magazine (and podcast) for the Ubuntu Linux Community)! You can take a look at that issue here: http://fullcirclemagazine.org/2008/06/26/issue-14-is-out/