1. Technical Field
The present invention relates in general to the field of computers, and in particular to multiple blade servers housed in a server chassis. Still more particularly, the present invention relates to a method and system for filtering, through an Ethernet switch, responses from Dynamic Host Configuration Protocol (DHCP) servers to a blade server's network boot request, such that responses to the network boot request are only accepted from trusted DHCP servers.
2. Description of the Related Art
Server blade computers offer high-density server boards (blades) in a single chassis (blade chassis). Server blades are servers that often are under at least partial control of a primary server, having a relationship similar to that of a server/client. Thus, as shown in FIG. 1, a blade chassis 102, having multiple server blades 103, is connected to a network 106, which also connects to multiple clients 104.
One of the server blades 103 may utilize a network boot protocol known as Pre-boot Execution Environment (PXE). PXE allows server blade 103 to request an Internet Protocol (IP) address from the DHCP server 108, and to obtain the IP address of a PXE boot program server, from PXE boot server network 110, that can provide a boot image that can be used to load a new operating system (OS), flash a Basic Input/Output System (BIOS) memory, or even erase data on a local hard disk. Management server network 108, typically comprised of Dynamic Host Configuration Protocol (DHCP) servers, and PXE boot server network 110, are connected to blade chassis 102 via network 106.
To download a boot program, server blade 103 broadcasts a request to network 108. One or more of the DHCP servers in network 108 respond back to server blade 103 with a dynamic IP address along with lease information and a list of PXE Boot S servers from network 110 that can download a boot program to server blade 103. If responses from multiple DHCP servers from network 108 are put on network 106, then server blade 103 typically responds to the first request response to arrive a server blade 103.
A network boot of server blade 103 as described is not secure, since the broadcasted boot request can result in a response from any DHCP or PXE server connected to network 106, including an unauthorized DHCP server attempting to tamper with the network. For example, an unauthorized DHCP server could direct server blade 103 to an unauthorized PXE boot server, which could result in possible undesired operation such as exposures to operational security and/or destroying data on a local fixed disk drive. What is needed, therefore, is a method and system for preventing booting from unauthorized DHCP/PXE servers.