Windows iSCSI diskless boot

The writing of this post was preceded by gathering information in parts and smoking for many hours both Russian and English resources on the Internet in search of relatively simple ways to implement diskless PC loading.

A prerequisite for the study of this issue was the presence in the network of a computer with a failed disk drive. It was necessary to run on this PC a “full-fledged” 64-bit Windows 7 operating system without using a Linux server, restricting itself to only the systems available on the local Windows network. The software products provided in this post are distributed free of charge and can work both on server and user versions of Windows.

We will talk about the wonderful iSCSI technology, and how we can use it to boot over the local network in order to save on the cost of buying new disk equipment. I will try to describe the entire configuration process in the most accessible language for both novice administrators and unenlightened users.

To understand what is happening, let's define a little terminology:
  • iSCSI (Internet Small Computer System Interface) - a protocol that is based on TCP / IP and is designed to establish the interaction and management of storage systems, servers and clients;
  • iSCSI Target: (iSCSI Target) - a program or hardware controller (HBA) that emulates a disk and performs iSCSI requests;
  • iSCSI Initiator: (iSCSI Initiator) - a client program or hardware controller that interacts with iSCSI Target;
  • IQN: (iSCSI Qualified Name) - unique identifier (name) of iSCSI Target or iSCSI Initiator;
  • LUN: (Logical Unit Number) - address of the block device in the range 0-127;
  • DHCP (Dynamic Host Configuration Protocol - Dynamic Host Configuration Protocol) is a network protocol that allows computers to automatically obtain the IP address and other parameters necessary for working on a TCP / IP network;
  • TFTP (Trivial File Transfer Protocol - Simple File Transfer Protocol) is used primarily for bootstrap diskless workstations.


Modern operating systems Windows 7, Windows Server 2008 and everything older are able to connect directly to iSCSI target. The only problem is how to initialize the remote block device when you turn on the PC.

Recall that almost all modern network cards can boot using PXE technology. But with iSCSI, mostly only expensive server network cards, for example Intel , are friends . However, there are at least two open source projects gPXE and iPXE that allow iSCSI devices to connect when booting a PC. The latter, by the way, is fork of the first, with a slightly modified error output system and additional options.

There are many ways to boot through gPXE and iPXE. In this post, we will consider booting using iPXE and connecting the necessary scripts for it during the download process.

The bottom line is that when you start the computer, the network card receives the necessary settings through the DHCP server and loads PXELINUX. Next, the PXELINUX bootloader connects the necessary script and loads iPXE, which, in turn, acts as the iSCSI initiator and transfers control to the disk. Until the block device is initialized, file transfer over the network is provided by TFTP.
Why are we downloading PXELINUX?
Some may ask - why download PXELINUX? First, through PXELINUX, the iPXE bootloader receives the necessary script to initialize the desired iSCSI target. Secondly, so that you can build a convenient menu with a choice of different download options. Thirdly, if there are several diskless workstations on the network, then each PC must be connected to its “own” iSCSI disk and not have access to the “foreign” drives, which means that they need to be separated somehow, for example, via MAC -addresses. For these purposes, a two-stage download using PXELINUX will be used.

But first things first. We start by installing and configuring the necessary software in the Windows system to implement DHCP, TFTP and iSCSI Target. To do this, I used the free Tftpd32 and StarWind Virtual SAN software products . The Tftpd32 program is used both as a DHCP server and as a TFTP server, well, and StarWind Virtual SAN will accordingly be used as an iSCSI target. You can download the program data on the developers website, the links of which are indicated in their names. To download the StarWind Virtual SAN program, you will need to select the Free version of the program on the website and go through the registration process, indicating the corporate mailing address. A license key and a link to download the program itself will come to the mailing address you specify.

Configuring Tftpd32

This program is quite simple and intuitive, so I’ll just give screenshots of my settings:

On the “GLOBAL” tab, I have checked TFTP Server, Syslog Server and DHCP Server services. On the TFTP tab, in the Base Directory field, a dot is indicated, which means that the folder where the Tftpd32 program itself is installed will be used as the root directory. On the DHCP tab, in the Boot File field, the name of the downloaded file is indicated, which we will consider further in the PXELINUX settings. No settings are required on the SYSLOG tab.

ISCSI target. Configuring StarWind Virtual SAN

During installation, the program does not ask for any settings; the only one can additionally start installing the .NET Framework 4, if it is not already installed on the system. After installation, the program starts its services and is immediately ready to work. The StarWind Management Console shortcut for management is created on the desktop.

Open the StarWind Management Console, click the Add Server button and create a new server with the IP address The default server with the IP address can be deleted.
Next, select the server we created and click on the Add Target link. In the window that appears, we can indicate our IQN name for the target by activating the Target Name checkbox. In particular, I pointed out iqn.2014-11.home: win7-64bit.
Next, select the Target we created and click on the Add Device link.
In the window that appears, select Hard Disk Device, then select Virtual Disk, specify the location and volume of the created disk, set the volume and caching parameters, and create a disk device by clicking the Create button.

As a result, we get a configured and ready to work iSCSI Target, which has the following form:

If necessary, we can create the necessary number of iSCSI Target-s and connect the necessary number of iSCSI disks to each of them. And also ensure the security of access to iSCSI Target using CHAP authentication of clients by clicking on the Add Permission link.


PXELINUX is included with syslinux. Therefore, we go to the site , click on the Download link and download the zip archive with a set of syslinux loaders. Open the downloaded archive file and unpack the pxelinux.0 files from the core directory and menu.c32 from the com32 / menu directory. The pxelinux.0 file is the bootloader that is transferred to the client PC by the DHCP server, and the menu.c32 file is responsible for building the boot menu. The unpacked files are placed in the folder where the Tftpd32 program is installed (where the path to the Base Directory field in the TFTP settings indicates).

In the Tftpd32 program folder, create the pxelinux.cfg subfolder, and in it we create a default file with the following contents:
default menu.c32
gfxmenu / erdpxe
prompt 0

MENU TITLE Boot Menu (select the OS to boot)
MENU AUTOBOOT Windows 7 64bit in # seconds

LABEL Windows 7 64bit
INITRD win7.ipxe

I think it is unnecessary to write a detailed comment on this file, we will consider only the last two lines:
KERNEL IPXE.KRN - indicates the core of the iPXE to be downloaded.
INITRD win7.ipxe - points to a script file with iPXE parameters.

The specified PXELINUX settings are enough to use the default configuration and you can proceed to further configure iPXE, so I decided to remove the rest of the text under the spoiler.
Create a separate boot menu for each PC
If there are several diskless workstations on the network, and you want each PC to have access only to its “own” iSCSI disk and not have access to “foreign” disks, then we will need to create several files with a boot menu for each PC.

Upon receipt of the configuration file from the TFTP server, the client searches for a suitable one in the following order:
pxelinux.cfg / 01-88-99-aa-bb-cc-dd
pxelinux.cfg / C0A800FE
pxelinux.cfg / C0A800F
pxelinux.cfg / C0A800
pxelinux. cfg / C0A80
pxelinux.cfg / C0A8
pxelinux.cfg / C0A
pxelinux.cfg / C0
pxelinux.cfg / C
And if there is nothing suitable -
pxelinux.cfg / default

Here pxelinux.cfg is the folder with the configuration files itself.
01-88-99-aa-bb-cc-dd - file with the name MAC address of the client, lowercase, separated by a dash, with the prefix 01-.

Accordingly, for each diskless workstation we need to write “our” boot menu and place in the pxelinux.cfg folder with the file name 01-mac-address of the client, in lower case. The contents of these files may differ, for example, only in the last line INITRD win7.ipxe .

ISCSI initiator. IPXE Setup

So, then go to and download the iPXE bootloader iso image. From the downloaded iso image, extract the IPXE.KRN file and save it in the Tftpd32 program folder.

In the same folder, create a win7.ipxe file with the following contents:
#! Ipxe
dhcp net0
set keep-san 1
sanboot iscsi: :::: iqn.2014-11.home: win7-64bit

The dhcp net0 line of this script indicates that it is necessary to obtain settings through a DHCP server on the network.

The set keep-san 1 line indicates that the connection to the iSCSI Target must be preserved even if the download from this device failed (this parameter is necessary when you need to install the operating system from CD / DVD drives).

If client CHAP authentication is configured in iSCSI Target, you need to uncomment the #login line, which will display a form for entering a login and password.

The last line directly connects the specified iSCSI Target, initializes the remote drive and transfers the process of further loading to this device. The connection syntax will be iscsi: <IP iSCSI target> :::::.
Adding additional items to the boot menu
If we want to add another item to the boot menu, for example, to boot Windws 8.1, we create a new Target in StarWind Virtual SAN with the IQN of the iqn.2014-11.home target: windows8.1, add a new iSCSI disk device to it and then in the pxelinux.cfg / default file we add for example the following lines:
LABEL Windows 8.1
INITRD win8.1.ipxe

Well, then we create a win8.1.ipxe file with the following contents:
#! ipxe
dhcp net0
set keep- san 1
sanboot iscsi: :::: iqn.2014-11.home: windows8.1

Install Windows 7

Before starting the installation of Windows 7 on a diskless station, open its BIOS and configure the polling procedure for bootable devices as follows:
1) Hard Disk
2) Network
3) CD / DVD
4) other devices

If a PC has an installed hard drive, then during Windows installation It is advisable to turn off so that the computer does not try to boot from it.

Next, place the Windows 7 installation disc in the CD / DVD drive and reboot the computer.

First of all, we should see the launch of the download through PXE. If this does not happen, then go back to the BIOS and allow the computer to boot through the network adapter.

Next, the PXELINUX boot menu appears on the screen. If this does not happen, we check whether the Tftpd32 program is running on another computer, whether it is configured correctly and whether firewalls, antiviruses, or other programs block its operation.

After selecting the desired item in the PXELINUX boot menu, we should see the iPXE launch.
During initialization of iPXE, the following inscriptions should
flash : Registered as BIOS drive 0x80
Booting from BIOS drive 0x80
This means that the PC successfully connected to the iSCSi disk.

Then we will see a boot error through the iSCSi disk, after which the computer will go on to poll the next boot device and start installing Windows 7 from the CD / DVD drive. At the same time, the connection to the iSCSi disk will remain active - the set keep-san 1 line specified in the script is responsible for this.
For those who do not start installing Windows from a CD / DVD drive
The BIOS of some computers, after an unsuccessful attempt to boot from iPXE, stops the startup process. Accordingly, further loading of the Windows installer from the CD / DVD drive does not occur. This behavior has been seen, for example, on Hewlett-Packard laptops. In such cases, loading using gPXE saves. To do this:
1) open the page of the site ,
2) in the Choose an output format field, select the PXE bootstrap item loader keep [Keep PXE stack method 1] (.kpxe),
3) in the bottom field of the Embedded Script, enter three lines of our script:
dhcp net0
set keep-san 1
sanboot iscsi: :::: iqn.2014-11 .home: win7-64bit
4) save the gPXE bootloader in the Tftpd32 program folder and write the name of the file on the DHCP server in the Boot File field;
5) install Windows and back write the name of the pxelinux.0 file on the DHCP server in the Boot File field.

During the installation of Windows, at the stage of choosing a disk device, we should see the iSCSi drive we have connected. If the iSCSi disk is not listed, then the Windows installer could not automatically connect the necessary drivers for the network card. In this case, download the necessary network card drivers from the developer's site and connect them to the Windows installer. After that, iSCSi disk should appear in the list.
If you receive a message about the impossibility of installing Windows on the selected drive
Sometimes at the stage of choosing a disk device, you may receive a message about the impossibility of installing Windows on the selected disk and a request to check whether the controller of this disk is included in the BIOS.

In this case, first check the BIOS for polling boot devices in the BIOS. The hard disk should be in the first position, even if the disk drive is not physically installed on the computer.
If the problem persists, then try turning on / off the SATA controller in the BIOS, changing the IDE, ACHI mode of its operation, or connecting a real disk during installation, but install it on an iSCSI disk.

After selecting the disk device, Windows 7 installation will begin. No further difficulties should arise. After installation, we get a "full-fledged" Windows 7 operating system running on an iSCSI disk.

Install Windows (alternative method)

I don’t know how, but I personally don’t find it convenient for every Windows installation image to burn a DVD disc.
I’m more used to unzipping the contents of the installation disc and starting the installation of Windows from the hard drive. In addition, the operating system installs faster from the hard drive.

Let me give you an example using the standard bootmgr bootloader available in any Windows installation distribution.
This method is also suitable for installing Windows from local hard drives.

In short, we create a small “active” partition on the iSCSI disk, copy the contents of the Windows installation disk there, and then configure MBR to boot from the Windows installer disk. Details under the spoiler.

Alternative Windows installation method
So, on the working Windows system, open Control Panel - Administrative Tools - iSCSI Initiator.
The "Properties: iSCSI Initiator" window appears.

Go to the “Discovery” tab and click on the “Discover portal ...” button.
In the window that opens, enter the IP address of our iSCSI target - and click OK.
Next, go back to the “Target objects” tab and see all targets with IQNs.
Select the desired target in the list and click the "Connect" button.
Another window will open requiring our confirmation, where we also click OK.
If in the window that opens, check the box “Add this connection to the list of preferred end objects”, then the specified target will automatically connect to the system at each boot.

Open the “Computer Management” snap-in and go to the “Disk Management” tab. Here we will see that another disk device has appeared in our system. We create the “Main partition” on this disk, specifying the disk size slightly larger than the size of our installation image. Next, format it for the NTFS file system, connect any drive letter and make the partition “active”.

Open the required image of the installation disk with UltraISO or WinRar and unpack the contents of the image to the disk partition created in the previous paragraph. It is important that after unpacking, at least 100 MB of free space is left on the disk (350 MB of free space is recommended for Windows 8). If there is not enough free space, then we expand the selected section in the Disk Management snap-in.

Then we download the BOOTICE program from the Internet and run it (I will not provide links, you can find it yourself without difficulty).
In the program, select the drive we need from the drop-down list. In my case, HD6:

Next, click the “Process MBR” button and the following window will open:

In this window, select the last item “Windows NT 5.x / 6.x MBR” and click the “Install / Config” button.
The MBR will be configured on the disk, loading the standard bootmgr bootloader from the active partition of the disk.

Then you can boot onto a diskless PC from this iSCSI-drive and immediately install the WIndows OS.
Windows installation starts automatically.

But consider another point. If we want to make this partition hidden from users and inaccessible to the operating system, then run the command line as administrator and type the following commands:

List disk
Sel disk x (instead of x we ​​substitute the number of the desired disk, a list of which the previous command displays)
Sel part 1 (if necessary, you can see the list of partitions with the List part command)
Set id = 27

After that, this disk partition will become technological and hidden. For this section, it is no longer possible to assign a drive letter and mount it to a working system, but Windows is installed from this section without problems.
It will turn out something like a recovery partition)

I hope this article will be useful to you. Good luck to all!

References to the literature:

Also popular now: