1,364 Posts served
5,674 Conversations started
- Academia
- Atom
- Bit Stories
- Cool Software
- Customer Support
- Events
- Financial Software Industry
- Gaming
- Graphics
- Intel SW Partner Program
- Intel® Software Network 2.0
- Manageability
- Mobility
- Multicore
- Open Source
- Social Media & Virtual Worlds
- Software Engineering
- Threading Building Blocks
- Virtualization
- What If Software
- XML Software
The difference between IDE-R and PXE
By Ylian Saint-hilaire (Intel) (79 posts) on July 21, 2007 at 10:59 am
Of all of the Intel AMT features, probably the most powerful one is IDE redirect (IDE-R). It allows a management console to remotely mount a CDROM and Floppy disk drive on an Intel AMT computer and cause a remote boot on the remote drives. In worst cases, an administrative console can resort to IDE-R to remotely boot a recovery OS and attempt to fix a computer remotely. Another form of remote boot has been used a long time before IDE-R, its called Pre-boot Execution Environment (PXE). In this blog, I want to cover the differences between these two remote boot methods.
• First, PXE is a BIOS technology and IDE-R is an Intel AMT technology. Since PXE is done in BIOS, it has access to the entire system RAM and loads the entire disk image from a remote TFTP server before booting. Intel AMT not having access to the entire system RAM can't pre-load the entire disk image, so it forwards each disk request to the console, the console must then answer back each disk request. So this first big difference is that PXE may be slower at first, but faster later and does not need a permanent connection to the server.
• Second, IDE-R is console initiated, PXE is client initiated. In PXE, you set the BIOS to boot off a remote drive by setting the PXE boot in the normal boot order along with other drives. With IDE-R, there is no such setting in the BIOS. IDE-R must be initiated and later stopped from an administrative console. PXE is generally used for diskless workstations, and IDE-R used by administrators to remotely fixing problems.
• Third, IDE-R is routable, PXE is not. When the BIOS boots using PXE, it makes a DHCP request to get an IP address and within the DHCP response, it also gets the TFTP location where to get the boot image. Because PXE gets it's instructions from DHCP, each DHCP server on each subnet must support PXE. With IDE-R, if a console can contact Intel AMT, even across many subnets, it can use IDE-R and boot any recovery image that is needed. No peculiar DHCP infrastructure required.
• Forth, when Intel AMT is setup in TLS mode, IDE-R is more secure than PXE. Since all communications with Intel AMT are secured using TLS including IDE-R, the entire process and the boot image itself is encrypted and secured. In the case of PXE, none of the DHCP of TFTP protocols are secured, and are probably ok only for single subnet use.
Because IDE-R is routable and more secure, it's been suggested that it could be used as a replacement to PXE in some cases. Problem is, IDE-R needs a constant connection and is console initiated. It's possible for a console to subscribe to events from Intel AMT, detect a reboot and immediately create an IDE-R sessions and cause another reboot. In that case, it would turn IDE-R into a somewhat client initiated process, but the double boot would look a bit flaky.
Ylian
Categories: Manageability
Comments (6) 
By Arvind Kumar on July 24th, 2007 at 10:28 pm
Ylian, good analysis. One more thing that I would point out is that IDE-R is not just limited to boot, but can also be used to download patches etc. when OS is up and running. Such cases may occur when OS networking got corrupted or disabled while patch need to be downloaded and applied.
By Ylian Saint-hilaire on July 25th, 2007 at 9:38 am
Ha, you are correct. Once you start an IDE-R session, the new floppy and CDROM will not show up Microsoft Windows until you re-scan the plug and play devices. In Intel AMT Outpost, I have a command called "HWRESCAN" to do that. It will cause the drives to show up and you can use them for get patches & install new software.
By Mark Chang on August 2nd, 2007 at 3:12 pm
Ylian, just want to clarify one question. So far, the examples you mentioned had been using floppy or CD ROM on local AMT system. However, the comparison between IDE-R and PXE is really a network boot capability. My impression is the IDE-R is capable for network image boot also. Is this correct? I didn't that selection in your IDE-R tutorial video. So, how to do it?
By Ylian Saint-hilaire on August 6th, 2007 at 9:29 am
Intel AMT IDE-R only supports remote Floppy and CDROM (not DVD) and both must be remoted, not just one or the other. Of course, you can then instruct the system to boot on ether one. This is a limitation of IDE-R. In ther case of PXE, you boot an OS image that is rigth loaded to RAM, so in that case too, there probably is a size limitation.
By Intel® Software Network Blogs » Blog Archive » ASF vs. Intel AMT part 2 - Technology differences on September 21st, 2007 at 4:15 am
[...] can read Arvind's discussion on the drawbacks of PXE, and Ylian's thorough technology comparison. Also, there's an interesting comparison by Altiris of the two technologies here (notice how many [...]
By River on August 28th, 2008 at 5:39 pm
I have a great appreciation for the author of this article and I get to know about IDER technology now. Many Thanks~