Boot Service Discovery Protocol

BSDP (Boot Service Discovery Protocol)

Family:

Operation area:

Start of Macs over
Rechnernetzwerkweke instead
of hard disk or CD / DVD ;
Administration of different system
images for different Macs

Ports:

67 / UDP (request, BOOTP )
68 / UDP (response)

BSDP in the TCP / IP protocol stack :
application	BSDP
transport	UDP
Internet	IP ( IPv4 , IPv6 )
Network access	Ethernet	Token bus	Token ring	FDDI	...

The Boot Service Discovery Protocol ( BSDP ) is a standard-compliant extension of DHCP developed by Apple with special options that enable a more detailed description of the bootable images (system images) available in the network . Certain DHCP options are used for this, namely the “vendor specific information” option (no. 43, also “vendor encapsulated options”) and the “vendor class identifier” option (no. 60). According to the DHCP standard, both options are intended for manufacturer-specific messages , thus also for BSDP. Apparently three versions of BSDP currently exist , but version 1.0 is preferred. What all versions have in common is that it is possible, for example, to keep several bootable images on a server , from which a selection can be made on the client . The reference implementation of BSDP can be found in Darwin's BOOTP server , which is also included in Mac OS X Server and is part of the advertised “NetBoot” there.

description

Content of Vendor Class

With DHCP server and DHCP client, the vendor class option contains “AAPLBSDPC” ( ASCII- coded) to indicate BSDP capability; the client also describes - separated by “/” - its architecture (“ ppc ” or “ i386 ”) and again separated by “/” a system ID . For example, sends an iMac with Intel - architecture as a vendor class:

AAPLBSDPC/i386/iMac4,1

Content of the Vendor Encapsulated Options

The rest of the communication takes place via the vendor encapsulated option, whereby one or more messages are strung together to form a message. Every single such message is structured as follows:

Byte position	content
0	Type of message
1	Length n of the message
to n – 2	message

The following table describes the possible message types; the data types of messages are, if it is integer are values without sign (unsigned) and as big-endian to interpret.

value	meaning	Data type of the message itself
1	News class	8 bit int 0x00 : none 0x01: LIST 0x02: SELECT 0x03: error
2	BSDP version used	16 bit int 0x0000: version 0.0 0x0100: version 1.0 0x0101: version 1.1
3	Server ID	IP address of the server, 1 byte each for a component: `c0 a8 64 01`corresponds to 192.168.100.1
4th	Server priority	16 bit int
5	Port for reply	16 bit int
6th	"Boot image list path"	String
7th	ID of the standard boot image	32 bit int (If you compare this with the Apple specification for the number of possible IDs, you find that a maximum of 65535 IDs can be assigned. This corresponds to just 16 bits, although 32 bits have been reserved. However, the IDs compared so far were higher 16 bits equal `1000 0001 0000 0000`(0x8100), which indicates that this area contains additional information, possibly about the type and version of the operating system to be booted.)
8th	ID of the selected boot image	32 bit int
9	List of boot images	?
10	"Netboot 1.0 firmware"	?
11	Filter list for image attribute	?
128	"Shadow mount path"	String ( url ) It is possible to specify a share that can be reached in the network, to which the data required for a successful start is then written. If this option is not specified and no storage medium can be used locally, the Mac OS X boot process is aborted. Mac OS X officially only supports AFP as a "shadow mount path" , but apparently the use of NFS was once considered - this only works after a modification of the system's start-up files.
129	"Shadow file path"	String (url)
130	"Machine name" (name of the system to be booted?)	String

example

To illustrate the structure of a vendor encapsulated option, consider the following example:

0000 01 01 02 08 04 81 00 07 e5 82 0a 4e 65 74 42 6f 6f ........ ..NetBoo
0010 74 30 30 31           t001

The first part here is 01 01 02, the type of this first message part is therefore “message class”, the data is one byte long and the content says that the entire package will represent a “SELECT” message. The result 08 04 81 00 07 e5says that the boot image with the ID 2164262885 was selected. Finally, it says 82 0a 4e 65 74 42 6f 6f 74 30 30 31that a string with 0x0a = 10 characters, namely "NetBoot001" specifies the name of the system to be booted.

source

own communication recordings, monitored with Wireshark

Web links

Communication recordings from math.ohio-state.edu

Source code of the Darwin BOOTP server ( gzip ; 272 kB)

Documentation for the Boot Service Discovery Protocol ( MS Word ; 488 kB)

Individual evidence

↑ opensource.apple.com ( page no longer available , search in web archives ) Info: The link was automatically marked as defective. Please check the link according to the instructions and then remove this notice. ( gzip ; 272 kB)@1@ 2

↑ apple.com ( Memento of the original from May 10, 2007 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice.

↑ docs.info.apple.com

[1] source.apple.com ( page no longer available , search in web archives ) Info: The link was automatically marked as defective. Please check the link according to the instructions and then remove this notice. ( gzip ; 272 kB)@1@ 2

[2] .com ( Memento of the original from May 10, 2007 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. @1@ 2

[3] s.info.apple.com