ArticlesRocky Linux

PXE Boot Installation of Rocky Linux Using Lorax, dnsmasq, and TFTP

Introduction

This article outlines the steps required to configure a PXE boot environment for Rocky Linux using Lorax to generate boot image and the Rocky Linux DVD image for creating the BaseOS and AppStream repositories.

This guide uses httpd for serving the installation tree, dnsmasq to provide DHCP and TFTP, and lorax to generate EFI bootable installation media.

This setup enables automated network-based Rocky Linux installations over a local network.

Problem

Users often need to deploy Rocky Linux at scale without manually installing each system.

Manual DVD-based installation is not feasible in large environments or headless setups.

There is a need to set up a PXE boot environment that supports UEFI systems and provides the Rocky Linux installer via network boot.

Symptoms

Client machines are unable to PXE boot due to missing or misconfigured TFTP, HTTP, or DHCP services.

A boot fails with errors such as "no DHCP response", "file not found via TFTP", or "missing installation source".

UEFI systems may hang or drop to a shell if the GRUB configuration or bootloader path is incorrect.

Resolution

Prerequisites

  • root access or sudo privileges.

  • A Rocky Linux DVD ISO.

  • Two machines, one as the PXE host and one as the PXE client directly connected to each other / on a segmented network and doesn't have DHCP servers running.

  • A working Internet connection.

Initial setup

  • Install these required packages:
sudo dnf install -y lorax httpd tftp-server dnsmasq
  • Enable the httpd and tftp services:
sudo systemctl enable --now httpd
sudo systemctl enable --now tftp
  • Download the Rocky Linux 10 DVD ISO (Rocky Linux 10 is the example used throughout this article):
wget https://download.rockylinux.org/pub/rocky/10/isos/x86_64/Rocky-10.0-x86_64-dvd1.iso
  • Mount the ISO and copy its contents:
mkdir /mnt/dvd
sudo mount -o loop ~/Rocky-10.0-x86_64-dvd1.iso /mnt/dvd
sudo mkdir -p /var/www/html/rocky10-dvd
sudo cp -av /mnt/dvd/. /var/www/html/rocky10-dvd/

Boot image generation

  • Generate the Rocky Linux 10 boot image:
sudo lorax --product "RockyLinux" --version "10" --release "10" --source "https://download.rockylinux.org/pub/rocky/10/BaseOS/x86_64/os/" --source "https://download.rockylinux.org/pub/rocky/10/AppStream/x86_64/os/" --isfinal --logfile lorax.log --buildarch x86_64 --volid "RL10_LIVENET" /tmp/lorax-out
  • Copy the PXE boot files:
sudo mkdir -p /var/lib/tftpboot/rocky10
sudo cp /tmp/lorax-out/images/pxeboot/{vmlinuz,initrd.img} /var/lib/tftpboot/rocky10/
  • Copy the installer stage 2 files:
sudo cp -r /tmp/lorax-out/images/ /var/www/html/rocky10/
  • Mount the EFI boot image:
mkdir /tmp/efiboot
sudo mount -o loop /tmp/lorax-out/images/efiboot.img /tmp/efiboot
  • Copy UEFI boot files:
sudo mkdir -p /var/lib/tftpboot/rocky10/EFI/BOOT
sudo cp -av /tmp/efiboot/EFI/BOOT/* /var/lib/tftpboot/rocky10/EFI/BOOT/

Grub configuration

  • Configure GRUB:
cat << "EOF" | sudo tee /var/lib/tftpboot/rocky10/EFI/BOOT/grub.cfg
menuentry 'Rocky Linux 10 Install (PXE Boot)' {
    linuxefi /rocky10/vmlinuz inst.stage2=http://192.168.1.150/rocky10 inst.repo=http://192.168.1.150/rocky10-dvd
    initrdefi /rocky10/initrd.img
}
EOF
  • Configure dnsmasq for PXE boot:
cat << "EOF" | sudo tee /etc/dnsmasq.conf
interface=enp2s0
bind-interfaces
domain-needed
bogus-priv
log-dhcp
dhcp-range=192.168.1.2,192.168.1.249,12h
dhcp-boot=rocky10/EFI/BOOT/grubx64.efi
enable-tftp
tftp-root=/var/lib/tftpboot
EOF
  • Restart services:
sudo systemctl restart dnsmasq
sudo systemctl restart httpd
  • Allow services through the firewall:
sudo firewall-cmd --add-service=tftp --permanent
sudo firewall-cmd --add-service=http --permanent
sudo firewall-cmd --add-service=dns --permanent
sudo firewall-cmd --add-service=dhcp --permanent
sudo firewall-cmd --reload
  • Disable SELinux:
sudo setenforce 0
sudo sed -i 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config

Root cause

PXE boot environments require coordination between DHCP, TFTP, and HTTP services.

Incorrect or missing files, misconfigured GRUB boot paths, or firewall/SELinux restrictions can prevent PXE booting from succeeding.

Without properly generated and served installer images and boot files, UEFI systems cannot retrieve necessary components to launch the installer.

Notes

This guide is written for UEFI PXE clients only.

Legacy BIOS support would require additional configuration changes to use pxelinux.0 or GRUB BIOS equivalents.

Ensure that the interface= line in dnsmasq.conf matches your actual network interface name.

Network clients must be on the same subnet as the PXE server.

References & related articles

Creating a Custom Rocky Linux ISO