Unified Extensible Firmware Interface (UEFI) pre-boot environments
Citrix Virtual Apps and Desktops supports Unified Extensible Firmware Interface (UEFI) hardware technology on all virtualization environments. Citrix Provisioning supports streaming of only UEFI based targets.
UEFI is a complete replacement for BIOS and requires a new bootstrap. One bootstrap file for 64-bit systems is available.
When configuring UEFI, install the OS disk in a VM configured to use UEFI boot. Once you install the OS disk, Windows automatically configures the boot disk to use the GUID partition table (GPT) file system.
Limitation
UEFI target boot menu supports a maximum of nine entries.
Secure boot in UEFI
Citrix Provisioning supports Secure Boot in UEFI on these platforms:
- Physical machines with UEFI firmware and the Secure Boot option.
- Hyper-V 2016 and later VMs that use the Microsoft UEFI Certificate Authority template in the Secure Boot setting. Hyper-V 2012 R2 is not supported.
- ESX version 6.7 or later, and 7.0 update 3.
- Nutanix AHV 6.5 LTS or later.
- XenServer 8.0
- Guest UEFI boot and secure boot are supported on Citrix 8.1 Hypervisors. See the XenServer documentation for more information.
Network topology
When booting targets over the network, the Citrix Provisioning PXE server provides the simplest setup because the PXE protocol supports multiple architectures. The Citrix Provisioning PXE Server recognizes the architecture flag embedded in DHCP, then discovers and returns the appropriate bootstrap file name. If you want to support network boot of both legacy BIOS and UEFI targets on the same broadcast network, then you must enable the Citrix Provisioning PXE Service and remove any DHCP options related to specifying the bootfile from the regular DHCP setup.
If DHCP option 67 is chosen, there are two topology options:
- On a single segment, use DHCP reservations to specify the bootstrap file name (option 67) for every target device. This process is feasible for smaller environments but quickly scales out of hand for enterprise environments. Use this option if you want to support both legacy BIOS and UEFI on the same segment.
- Divide the environment into multiple segments, isolating the legacy devices from the UEFI devices. For each segment, configure a DHCP scope with the appropriate option 67 set.
Configuring bootstraps
The UEFI bootstrap does not have embedded settings. DHCP options are therefore used to configure the UEFI bootstrap.
Remember:
Citrix Provisioning supports only UEFI network booting.
DHCP option 11 – RLP server
Option 11 allows you to specify multiple IPv4 addresses. Use this option to specify the addresses of the streaming NICs on the provisioning server. You can specify more than four addresses. The UEFI bootstrap reads all addresses, picks a random address from the list, and connects to that address. If the connection fails, then UEFI bootstrap tries the remaining addresses in a round-robin manner.
Note:
Option 17 takes precedence over option 11.
DHCP option 17 – root path
The root path option can be used to provide a single DNS FQDN, IPv4, or IPv6 address to connect to the targets. When using IPv6 streaming, this option is mandatory. Multiple login servers can be implemented by creating a DNS alias that translates to the list of up to 32 login servers.
pvs:[Address]: 17:6910
pvs – Required identifier
Address – IPv4, IPv6 or DNS FQDN referencing the streaming NIC on one or more PVS servers
17 – Protocol identifier for UDP (can be omitted if the default login port is used)
port – Logon port (not required if the default port of 6910 is used)
<!--NeedCopy-->
Examples:
pvs:[server.corp.com]:17:6910
pvs:[server.corp.com]
pvs:[192.168.1.1]
Pvs:[192.168.1.1]:17:6910
pvs:[fc02::2bfa:5e30:3631:fef4]
<!--NeedCopy-->