Citrix PVS: UEFI Boot of Targets

If you wish to perform UEFI boot of Targets that are provisioned using Citrix PVS, below are the settings (mainly DHCP) that you need to apply. Majority of the info below was taken from this Citrix PowerPoint presentation.

If using Boot Device Management file (BDM):
With BDM, DHCP options are not needed since everything is in the BDM file. You will need to re-create the BDM file however and check the checkbox ‘Target device is UEFI firmware’.

If using either PXE or TFP to point Target devices to PVS servers:
– You need to specify either DHCP Option 11 or 17. Option 17 is only needed if you are not using port 6910 (which is standard) as the beginning of the PVS Streaming service ports on your PVS servers. For Option 11 you should add the IP address of each PVS server that will provide vDisk streaming (if you are using multiple NICs on your PVS server, specify the IP of the Streaming NIC).

– Option 17 only allows a single value, so in order to get redundancy between multiple PVS servers when using this Option you will need to
1. Specify a FQDN (not IP) as Option 17
2. Enable DHCP Option 6 (DNS server(s) to use)
3. Enable DHCP Option 15 (DNS domain name)
4. Configure Round Robin on the FQDN in step 1 on your DNS servers. It might be possible to load balance this on Netscaler instead, but that is not something I have tried.

The correct syntax for Option 17 is ”pvs:[MyPVSServer.domain.com]:17:6911” (without quotes), where 6911 is the custom PVS Streaming start port being used.

If using PXE to point Target devices to PVS servers:
– You will need to specify Option 60, as usual.

– With Citrix PVS, there is a feature called BOOTPTAB which allows you to specify, for example, that Target Device with MAC address X should be sent the Bootstrap file Y. The GUI for configuring this can be found at ”C:\Program Files\Citrix\Provisioning Services\bpedit.exe”. This feature allows us to support both Legacy and UEFI Targets in a PXE boot Setup (requires PVS 7.7 or higher). If you are using TFTP, then BOOTPTAB cannot be used since the name of the BOOTSTRAP to download will instead be extracted from Option 67.

If using TFTP to point Target devices to PVS servers:
– You need to specify DHCP Option 66, as usual (IP of your TFTP load balancer. If you only have a single PVS server, specify the IP of the PVS server)

– You also need to specify Option 67 (file name of the Bootstrap file that should be downloaded to booting PVS Targets from the TFTP servers). In normal Legacy boot setups, the value is ARDBP32.bin, but for UEFI this should be either PVSNBPX64.efi (for Targets running x64 Operating Systems) or PVSNBPX32.efi (for Targets running X86 Operating Systems).

– If you wish to support both Legacy and UEFI boot Targets in your TFTP setup, you will need to create an isolated DHCP scope for Legacy targets and an isolated DHCP scope for UEFI targets (or for example use BDM instead for Legacy devices) and then have Option 67 be different for each DHCP scope.

– A thing to note is that if you have only UEFI target devices in your setup, any IP address(es) specified for the ARDBP32.BIN file in below screenshot become irrelevant since the ARDPB32.BIN file will not be used in the boot process (the IPs or FQDN specified in Option 11 or 17 will instead dictate which PVS server a Target will stream the vDisk from).

Some additional notes:
– The reason why Option 11 or 17 is needed, instead of regular Option 67, is because the UEFI BOOTSTRAP files PVSNBPX64.efi/PVSNBPX32.efi cannot be edited, unlike the ARDBP32.bin file. And one purpose of the ARDBP32.bin file is to deliver to the booting Target device the IP of the PVS Server it should stream the vDisk from. Since the UEFI files cannot be edited to include the PVS server IPs, the PVS Server IPs must be delivered in some other way, hence Option 11 and 17.

– The ‘Secure Boot’ functionality of UEFI is only supported if the PVS Targets are physical devices. For VMs, the ‘Secure Boot’ feature must be disabled (it is enabled by default for Gen2 VMs on Hyper-V, for example)

– XenServer does not support UEFI boot of VMs hosted on it (as of XS 7.1). Hyper-V supports it but it requires that you use Gen2 VMs and Synthetic NICs on the VMs, and only x64 operating systems on the VMs. VMWare ESX 5.0 and higher support UEFI target boot.

– Citrix PVS 7.7 added support for TFTP/PXE booting of UEFI devices, while PVS 7.9 added support for BDM boot of UEFI devices.

– The boot menu on devices that allows you to choose a specific vDisk, for example, is not available with UEFI boot. A maintenance version of the vDisk will be chosen over a test or production version by default.

If you have any questions or comments about above, feel free to either comment here or email me at Rasmus.Kindberg@xenit.se.

Disclaimer: All information on this blog is offered "as is" with no warranty. It is strongly recommended that you verify all information and validate all scripts in isolated test environments before using them in production environments.