PXE on Synology14 Sep 2016
As my home network grows more and more complex, I need to find something to make it even more complex. Yes, why not setting up a PXE server? I actually have and may have more Linux boxes to install.
While there are many articles talking about setting up PXE on Synolgoy NAS, none of them can fit my requirement, that is using the most complicated way.
Well I’m lying. I actually want the most simple and flexible approach, which is using Cobbler.
The Synolgoy NAS I have runs on x86, which means it has the capability to run Docker properly, and the good news is there are a few existing Cobbler Docker images on Docker hub. But unfortunatley none of them is properly made.
Then this article
is quite helpful except that it doesn’t work, at least not very much. The problem is
tftp server simply cannot work without specifying
--net host when creating the container.
--net host, Docker will use
docker-proxy to do NAT to
containers, and the way tftp server works is similar to the active mode ftp server, which
means it initiates connection from an ephemeral port toward the client and of course this
won’t work under NAT.
OK. I start from that article to make my own customization, so here it is: docker-cobbler.
Dockerfile is pretty straight forward, installing
cobbler validateks), exposing related port. Since systemd refuses to
work on my NAS (lower version of Docker, maybe?), I need to start
So, now the problem is how about tftp server. Fortunately I can run it on my NAS directly by following the official document.
I create a shared folder as
TFTP root folder, but it’s not necessary and it’s up to you.
But that folder should be mapped to a cobbler container volume in order for cobbler
to access, for example
./build.sh will create the image, and
./start.sh will start a container using the image.
But before that, let’s talk about networking. Did I mention I have a pfSense firewall at home?
pfSense manages DHCP for my home network, so first all I need to configure
next server and
Default BIOS file name.
next server points to my NAS where tftp is running.
I assign a virtual IP address to pfSense and port forward that to my NAS, so that I can use that IP address to access exported ports from the container.
Note that there is a “black hole” that doesn’t exist in my home network to handle all the
other ports, otherwise accessing the virutal IP will bring you to pfSense. You can of course
create firewall rules to further block everything else. As a side note, pfSense does NAT first
and then firewall. In the above screenshots,
192.168.17.4 leads us to cobbler.
Since I don’t use cobbler to manage anything, in
settings file I disable everything.
It is very important to set
server: 192.168.17.4 because this is how cobbler can be accessed
by client, and this IP is used to generate files under
pxelinux.cfg. Super super important!
That is pretty much everything, hopefully.