Netbooting Mac Links from Head Page:
[NB-OS-X-]
[Problems]
[Analysis]
[Mimicry-]
[A-How-To]
[Security]

Webspace Sponsored by:


What is the problem? The problem that prompted me to examine this for solutions is described by Apple on their web site as of the time of this writing for the Mac OS X Net-Booting servers.

  1. Only one Mac OS X Net-Booting Server may exist on a subnet at a time.
  2. The sample G3 server you can buy from apple (referenced on their web site) running Mac OS X with 4 ethernet interface for this kind of purpose) is capable of servicing 24 Net Booting Macintoshes.

Though net-booting a Macintosh that does client sided computing is a very good idea, and even better since many popular mainstream titles are supported as opposed to system like NCD's NC, and the Sun Microsystems Sun Ray. It *could* be more scalable if you could have a centralized DHCP Server hand out information for hundreds of machines on a single subnet to connect to multiple different netBooting Mac OS X server that have had their BootP disabled, or if their Mac OS X NetBooting BootP server had the ability to ignore requests from clients other than the ones specified by the Mac OS X Server's System Administrator.

Too bad that only one machine is allowed per subnet...

Why is it that only one machine is used per subnet? A brief review of the technical information on Apple's Website suggests a reason.

  1. The Server will give out Net-Booting information to any Net-Booting Macintosh that requests it. (Allowance to offer net booting service to any unknown client that asks for it.)
  2. BootP, TFTP, and AFPFS/IP are the protocols that are referenced. Of these, BootP is the only one that is limited by a Subnet. A BootP request is usually limited to one subnet, and stopped at routers.

I can tell you now, that it appears that the BootP issue appears to be the only problem limiting the inclusion of multiple NetBooting servers onthe same subnet!

    Some solutions that might work?
  1. If it were possible to tell the Server "I only want to you to serve to machines with these Hardware Addresses." then there would be no problem. you could populate many clients on the same subnet, and not need to worry about a random server talking to your clients.

  2. If it were possible to have the bootp information sent from a centralized campus DHCP server, then that would solve the problem, since you can turn off the BootP service on the NetBoot Manager while leaving the rest of the boot manager (TFTP, and AFPFS/IP) running.
  3. Another solution includes buying lots of Layer 3 switches and having servers located in labs, and then enabling blocking of bootp requests from leaving local lab networks, or coming into the local lab networks.
  4. Another solution includes using 2 or more ethernet interfaces on the server, and putting one ethernet interface on the campus network in the lab, and the rest of the ethernet interfaces onto a switch or hub that only serves the lab and only turning on NetBoot on the interface(s) that serve the lab, but this will run contrary to the Network administration of most campuses, since it places a router (since the Mac OS X server would be acting as one) in a lab setting, and is yet another networking device to maintain. (Presently Mac OS X does not do NAT or IP Masquerading with the software provided in the server.) This is one of the solutions suggested by Apple on their site.
  5. Another solution is to create a separate subnet for each lab by locating a router for each lab and locate the Mac OS X Server in this lab on that subnet, but this is a gross use of IP addresses: 1 for Network ID (bits off) 1 for broadcast (bits on), anther for an interface that is "wasted" on the router interface to the campus network.This is one of the solutions suggested by Apple on their site.
  6. Do you have other suggestions for ways to deal with this? Drop me a line to add the idea. Let me know if it is OK to include your e-mail address and name on the site to give you credit.

    [Designed for use with LYNX!]

    [Simple Network Analysis for Mac OS X Net Boot Server]
    [Protocols:]
    [--TCP/IP--]
    [-DHCP/BOOTP-]
    [----TFTP----]
    [--AFP/FS/IP--]
    [Authenticate-]
    [Link-Info:]
    [--Linux---]
    [ DHCP v 2.0 ]
    [RelatedLinks]
    [Netatalk+asun]
    [AppleMac-OS-X]
    [Some-RFCs:]
    [IP-RFC:791]
    [ICMP-RFC:792]
    [TCP--RFC:792]
    [UDP---RFC:768]
    [DHCP-Vend.Ext]
    [Some-RFCs:]
    [BootP-:OLD]
    [BootP-N:1533]
    [BootPEx:1542]
    [SNTP-RFC:2030]
    [ResrvdIP:1918]

    Main Links From Head Page:
    [NB-OS-X-]
    [Problems]
    [Analysis]
    [Mimicry-]
    [A-How-To]
    [Security]

    Comments and/or suggestions?: Email me at: dugan@passwall.com(Realize that I am very busy, and may not have time to respond to all E-mail messages. If you include NETBOOT MACNC (all Caps) as beginning it is more likely to get my attention... ;-)
    DISCLAIMER:With the understandings for the use of a tool comes the responsibility in knowing how to use it without causing damage or harm. A tool can be used for good or evil, and you are responsible for your choice and the consequences of that choice in the use of any tool at your disposal.
    I do not claim this to be free of bugs or defects, and you use this at your own risk.
    I take no responsibility for any user's actions or inactions in following or not following any part or whole of any suggestions found on this page. If any user finds a loss of data, destruction of hardware, Alien Cattle mutilations, sightings of Elvis (ghost or body), loss of sanity, loss of insanity, worldly possessions, or non-worldly possessions as a result of following in part, or in whole any of the preceding or proceeding information, they assume any risks or responsibilities in whole for their decision(s). So, if you break something with one of your decisions that was in part or whole derived from information on this page, do not blame me or find me responsible or accountable for it in any way.
    There should be no charge requested from me to you for this information, and so if you decide that you want any money back for deciding later that you did not really want this information after all, you will need to take that up with the person that charged you money. I will not offer you any compensation for your purchase since I was never compensated by you.`
    It should be restated that *you* take all of the risks, and assume all of the responsibility for following, in part or in whole any information obtained from this document. I do not care if your dog continuously barks at you, or the sky becomes too blue, or nuclear war breaks out as a result of you following any of this information. It will all be your fault since you assume all of the risks, so neeener, neeener-neeeener. :-P
    (C)1999,2000,2001,2002,2003,2004 By Michael Egan extended to all works not explicitly credited to other people within these documents. Permission to duplicate content on these pages not explicitly credited to others is granted so long as you give me credit for the work I have contributed and links are provided to refer to this original site if it is still available. I cannot extend permission to you to re-re-publish quoted words from people who have submitted solutions, posed questions or added clarification. If you wish to use their content, you should contact each person for permission to re-re-publish their included comments. (I have retained their permission, but never asked to extend it for others.)
    (C)1999,2000,2001,2002,2003,2004 By respective noted authors/admins for included questions or answers. Permission to publish their comments granted to me for this website. I cannot grant permission for you to duplicate their work as I am not in control of any copyrights they may retain. (I expect, most would be fine with allowing their content to be republished, but I cannot speak for them.)
    Apple Computers is a registered trademark of Apple computers.
    Macintosh OS X, Macintosh OS 8, Mac OS X, Mac OS 8, Mac OS 9 All refer to Operating Systems created and controlled by Apple Computers. (No disk image files for net booting, or other proprietary programs legally controlled by Apple are available for download from this collection of pages made by me. No links are knowingly created on these pages that direct users to other pages that offer copyrighted software being distributed illegally. If you find a link on pages with this diclaimer that take you to a site that offers software that is illegally offered, feel free to let me know so that I may update my links to not include them.)
    Other mentioned systems and products may be owned, patented, copyrighted, trademarked, or in some way legally controlled by their respective owners.
    This information is provided with intent to inform users of protocols, procedures used in Net Booting a Macintosh Client, and solutions to the problems defined in this document.
    If you have complaint about content provided, and wish to have trademark, copyright, patent, or other legal information explicitly provided here where a product you produce is listed, or have other complaints about this that may be legal, let me know before calling your lawyer: I am flexible.