wiki

OpenBSD is a beautiful system, even more after using it for ten years. Today, I had lot of hard drive to clean (e.g. drop all data and encrypt them). Unfortunately, I was not at my place and did not have enough stuff to do it quickly. So, a good solution, because I alway have my laptop with me, is to set a small OpenBSD installation server. Here a small ascii map:

    ________      ________     ________     _________
   (        )    |        |   |        |   |         |
  ( internet )---| router |---| laptop |---| desktop |
   (________)    |________|   |________|   |_________|
                             /            /
                       [wifi]   [ethernet]
  
  wifi(iwm0): 192.168.1.1/24
  ethernet(em0): 172.16.1.1/24

# Get the last OpenBSD set

Since the 65 release, you can now use sysupgrade(8) (opens new window) to get automatically sources, all these files will be stored in /home/_sysupgrade but, not all are retrieve for my configuration, you will also need pxeboot(8/amd64) (opens new window) file to set correctly your tftpd server.

# get the release (current) and don't automatically reboot
sysupgrade -sn

# now get pxeboot
ftp https://ftp.eu.openbsd.org/pub/OpenBSD/snapshot/amd64/pxeboot /home/_sysupgrade

# Laptop state

I assume your wireless interface is well configured. In my case, iwm0 interface is set with 192.168.1.X/24 and the default gateway is 192.168.1.1. Next, we need to ensure em0 (opens new window) is configured as well and ensure you can forward packets.

# configure em0 with 172.16.1.1 address
ifconfig em0 alias 172.16.1.1/24 up

# configure ip forwarding
sysctl net.inet.ip.forwarding=1

# Configure dhcpd

dhcpd(8) (opens new window) will be used to give an available ip address to all others devices. In this particular case... It will be only a laptop. The file to configure is stored in /etc and called dhcpd.conf(5) (opens new window):

subnet 172.16.1.1 netmask 255.255.255.0 {
    range 172.16.1.32 172.16.1.64;
    option domain-name-servers 1.1.1.1;
    option routers 172.16.1.1;
    next-server 172.16.1.1;
    filename "pxeboot";
}

You can enable and start it.

rcctl enable dhcpd
rcctl start dhcpd

# Configure tftpd

tftpd(8) (opens new window) will be used (and only) for the boot phase. I think you will don't really need it afterward, so, you can execute it in standalone.

tftpd -d -l 172.16.1.1 /home/_sysupgrade

If you want to keep your configuration after, you can enable it with rcctl(8) (opens new window):

rcctl enable tftpd
rcctl set tftpd flags "-l 172.16.1.1 /home/_sysupgrade"

# Configure Packet Filter

I assume (pf(4))[https://man.openbsd.org/pf] is configured with the default configuration (you can also read the documentation about (pf.conf(5))[https://man.openbsd.org/pf.conf] if it is not the case). We put a new anchor named nat, this one will contain our NAT rule, but, we don't need to edit the configuration file after, so, when your laptop will reboot, the anchor will be not there anymore.

# create a backup
cp -rp /etc/pf.conf /etc/pf.conf.old

# add a new anchor named nat in your configuration
echo "anchor nat" >> /etc/pf.conf

# test it
pfctl -nf /etc/pf.conf

# load it
pfctl -f /etc/pf.conf

# add your new anchor
echo "pass out on iwm0 inet from (em0) to any nat-to (iwm0)" | pfctl -a nat -f -

# Boot and Install OpenBSD

Okay, you can plug a cable between the two computers. In my cast, the desktop one is a lenovo T510. Press F12 button at startup and use the network boot option. A prompt will appear:

> /bsd.rd

You can enjoy your OpenBSD installation. As usual.

# Resources

  • https://www.openbsd.org/faq/faq6.html#PXE