Preboot Execution Environment
||This article includes a list of references, but its sources remain unclear because it has insufficient inline citations. (May 2012)|
The Preboot eXecution Environment (PXE, also known as Pre-Execution Environment; sometimes pronounced "pixie") is an environment to boot computers using a network interface independently of data storage devices (like hard disks) or installed operating systems.
PXE was introduced as part of the Wired for Management framework by Intel and is described in the specification (version 2.1) published by Intel and Systemsoft on September 20, 1999. It makes use of several network protocols like Internet Protocol (IPv4), User Datagram Protocol (UDP), Dynamic Host Configuration Protocol (DHCP) and Trivial File Transfer Protocol (TFTP) and of concepts like Globally Unique Identifier (GUID), Universally Unique Identifier (UUID) and Universal Network Device Interface and extends the firmware of the PXE client (the computer to be bootstrapped via PXE) with a set of predefined Application Programming Interfaces (APIs).
The firmware on the client tries to locate a PXE redirection service on the network (Proxy DHCP) in order to receive information about available PXE boot servers. After parsing the answer, the firmware will ask an appropriate boot server for the file path of a network bootstrap program (NBP), download it into the computer's random-access memory (RAM) using TFTP, possibly verify it, and finally execute it. If only one NBP is used among all PXE clients it could be specified using BOOTP without any need of a proxy DHCP, but a TFTP boot server is still required.
PXE was designed to be applicable to many system architectures. The 2.1 version of the specification assigns architecture identifiers to six system types, including IA-64 and DEC Alpha. However, the specification only completely covers IA-32. Intel included PXE in the EFI for IA-64, creating a de facto standard with the implementation.
The PXE protocol is approximately a combination of DHCP and TFTP, albeit with subtle modifications to both. DHCP is used to locate the appropriate boot server or servers, with TFTP used to download the initial bootstrap program and additional files.
To initiate a PXE bootstrap session the PXE firmware broadcasts a DHCPDISCOVER packet extended with PXE-specific options (extended DHCPDISCOVER) to port 67/UDP (DHCP server port). The PXE options identify the firmware as capable of PXE, but they will be ignored by standard DHCP servers. If the firmware receives DHCPOFFERs from such servers, it may configure itself by requesting one of the offered configurations.
Proxy DHCP 
If a PXE redirection service (Proxy DHCP) receives an extended DHCPDISCOVER, it replies with an extended DHCPOFFER to the client's port 68/UDP (DHCP client port).
An extended DHCPOFFER contains mainly:
- a PXE Discovery Control field to recommend multicasting, broadcasting, or unicasting to contact PXE boot servers
- a list of IP addresses of each available PXE Boot Server Type
- a PXE Boot Menu with each entry representing a PXE Boot Server Type
- a PXE Boot Prompt telling the user to press a certain key to see the boot menu
- a timeout to launch the first boot menu entry if it expires
The Proxy DHCP service may also run on the same host as the standard DHCP service. Since two services cannot share port 67/UDP, the Proxy DHCP runs on port 4011/UDP and expects the extended DHCPDISCOVER packets from PXE Clients to be DHCPREQUESTs. The standard DHCP service has to send a special combination of PXE options in its DHCPOFFER, so the PXE client knows to look for a Proxy DHCP on the same host, port 4011/UDP.
Boot server contact 
To contact a PXE Boot Server the booting system must have an IP address (perhaps from a DHCP server).
It multicasts or unicasts a DHCPREQUEST packet extended with PXE-specific options (extended DHCPREQUEST) to port 4011/UDP or broadcasts it to port 67/UDP. This packet contains the PXE Boot Server type and the PXE Boot Layer, allowing multiple boot server types to run from one daemon. The extended DHCPREQUEST may be a DHCPINFORM.
A PXE Boot Server receiving an extended DHCPREQUEST configured for the requested type and client architecture responds with an extended DHCPACK including:
- the complete file path to download the NBP via TFTP.
- PXE Boot Server type and PXE Boot Layer it answered
- the multicast TFTP configuration, if MTFTP as described in the PXE specification should be used.
The booting system accepts information from only one extended DHCPOFFER.
To get the file path of this credentials file another exchange of extended DHCPREQUEST and extended DHCPACK is required.
Network bootstrap program 
After receiving the requested extended DHCPACK, the Network Bootstrap Program is uploaded into RAM and after it is verified or if verification is not required, the NBP will be executed. It has access to the APIs of the PXE firmware extension (Pre-boot, UDP, TFTP, Universal Network Device Interface (UNDI)). Its functions or tasks are not described in the PXE specification.
The PXE Client/Server Protocol was designed so:
- it can be used in the same network as an existing DHCP environment without interference
- it can be integrated completely into standard DHCP services
- it can be easily extended at the most important points without a call for papers
- every service (DHCP, Proxy DHCP, Boot Server) can be implemented standalone or in any combination of them.
Additionally the PXE firmware extension was designed as an Option ROM for the IA-32 BIOS so a personal computer (PC) can be made PXE-capable by installing a NIC that provides a PXE Option ROM. This procedure also applies to the newer AMD64 processor standard for PC.
The design goal of utilizing existing DHCP and TFTP servers cannot be achieved in a strictly conforming implementation. Some aspects of the PXE protocol require that the DHCP and TFTP servers be modified and communicate. One specific example is using multicast, where DHCP packets provide the multicast group information rather than an opening RFC-2090 multicast TFTP exchange. The impact of this is minimal as the most common PXE client implementation (written by Intel and provided at no cost as a linkable IA32 binary module) interoperates with a combination of isolated DHCP and unicast TFTP servers.
See also 
- Netboot (Netboot)
- Wake-on-LAN (WOL)
- iPXE - open source PXE implementation supporting additional standard protocols such as HTTP, iSCSI, and more
- Remote Initial Program Load (RIPL)
- System Deployment Image (SDI)
- Windows Deployment Services - a PXE-based deployment solution for Microsoft Windows
- diskless nodes - Diskless Computers
- cobbler (software)
- El Torito (CD-ROM standard)
Specifications, RFCs and other documents about PXE:
- PXE specification - The Preboot Execution Environment specification v2.1 published by Intel & Systemsoft.
- BIS specification - The Boot Integrity Services specification v1.0 published by Intel.
- Remote Boot Protocol Draft - draft of the PXE Client/Server Protocol included in the PXE specification.
- OSDev Wiki - Pre-Boot API described.
- "Preboot Execution Environment (PXE) Specification" (PDF). Retrieved 2009-02-18.
- "Preboot Execution Environment (PXE) Specification - Version 2.1" (PDF). Intel Corporation. 1999-09-20. Section "2.2.3 Proxy DHCP". Retrieved 2012-10-02.
- "Boot Integrity Services Application Programming Interface" (PDF). Retrieved 2009-02-18.
- PXE error codes - A catalogue of PXE error codes
- How-to: PXE install Windows, PXE install non-Windows using the "free" Serva automated PXE-Server.
- PXE setup instructions from the centos wiki
- Set up a Debian network boot server
- ERPXE Project - A complete open source PXE solution featuring a broad range of recovery tools and various OS installations.