Petr Tesarik's Linux blog

View the Project on GitHub ptesarik/

11 June 2021

openSUSE/SLE Network Install on Raspberry Pi 4

by Petr Tesařík

Prepare Your Raspberry Pi

Network boot is disabled in the default (factory) configuration of your Raspberry Pi 4. To allow booting from the network, the EEPROM bootloader configuration must be changed. To do this, prepare a “recovery” SD card:

The Easy Way

Note that BOOT_ORDER is set to 0xf21, i.e. it will attemp the microSD card first, and only if that fails, it will boot from network. Read the next section if you need more control.

The Hard Way

At this point, your Raspberry Pi is ready to boot over Ethernet. You can remove the microSD card now, unless you are going to install the operating system on it, of course.

Server Overview

Depending on your existing infrastructure, you may want to use up to three separate systems:

  1. DHCP server
  2. TFTP server
  3. HTTP or FTP server

This guide assumes that they are three different hosts in a private network:

  1. dhcp (
  2. tftp (
  3. inst (

It is perfectly fine to run any two or all of these services on a single host. Adjust the following instructions accordingly.

DHCP Server Configuration

This guide assumes that you already have a working DHCP server in your network, it can properly configure IPv4 hosts, and you only want to add the Raspberry Pi network boot extras.

The DHCP server is queried multiple times during boot: first by the EEPROM bootloader, and then a couple of times by U-Boot. There are two ways to configure the DHCP server.

Without the Pseudo-PXE Option

Given the network setup described above, set up your DHCP server to send:

With dnsmasq, all these options can be configured on a single line:


With the Pseudo-PXE Option

If you do not want to hardcode the IP address of tftp in your DHCP configuration, you probably have to use the pseudo-PXE option. Let your DHCP server send:

Add these options for dnsmasq:

pxe-service=x86PC,"Raspberry Pi Boot",32768,tftp

Client Tagging

If your DHCP server serves other clients besides Raspberry Pis, then you probably want to send the above options only to Raspberry Pi 4 clients. They can be recognized by their MAC address. For example, put this into your dnsmasq configuration file:


And then prepend “tag:rpi4,” (including the comma) to all the other option values.

Installation Files

Download the installation ISO. This guide refers to the online ISO, but you can download and use the full ISO instead, e.g. if your Raspberry Pi has no connection to the public Internet, or if you plan to install more than one.

The installation image is a hybrid image, and it contains two partitions. Both are needed, but loop-mounting the installation image file will let you access only the ISO9660 filesystem. Instead, set up a partitioned loopback device on the tftp server:

losetup --show -fP SLE-15-SP2-Online-aarch64-GM-Media1.iso

Now mount the EFI partition:

mount -r /dev/loop0p1 /mnt

Change to the TFTP root directory:

cd /srv/tftpboot

If this TFTP server is used only for Raspberry Pi installations, you can copy the Raspberry Pi firmware (start4.elf), all firmware-related files and the EFI binaries into the TFTP root:

cp -r /mnt/* .

You may prefer to put these files into a per-product subdirectory and create a symbolic link to the serial number of your Raspberry Pi, e.g.:

cp -r /mnt SLE-15-SP2-aarch64
ln -s SLE-15-SP2-aarch64 af04b2da

If you choose this arrangement, make sure the product subdirectory is also included in your boot file name (DHCP option 67).

You can unmount the EFI partition now:

umount /mnt

Next, copy additional GRUB files, the installation kernel and initial ramdisk from the second ISO image partition:

mount -r /dev/loop0p2 /mnt
cp -r /mnt/boot .
umount /mnt

The loop device is no longer needed on tftp, so clean it up:

losetup -d /dev/loop0

Finally, make data on the ISO9660 partition available to your HTTP server on inst. For example:

cd /srv/www/htdocs
mkdir SLE-15-SP2-aarch64
mount -o loop,ro /path/to/SLE-15-SP2-Online-aarch64-GM-Media1.iso SLE-15-SP2-aarch64

It is usually a good idea to edit EFI/BOOT/grub.cfg on the tftp server and set up the installation source, so you do not have to enter it manually in the installer. Find the menuentry for Installation and add your options to the linux command. For example, the following line would set up a serial console, get the installation media via HTTP from inst and allow to start the installation over SSH:

linux /boot/aarch64/linux console=ttyS0,115200 install=http://inst/SLE-15-SP2-aarch64 ssh=1 sshpassword=foobar123

Starting the Installation

You can now power on your Raspberry Pi and wait until the installation system is ready.

Well, almost ready.

The Raspberry Pi does not have a hardware clock, and the installation system does not use NTP. As a result, the system clock is not set correctly, which may cause trouble with TLS connections (e.g. to the SUSE Customer Center). Set the system clock manually before starting the installation (assuming your Raspberry Pi 4 is known in your network under the host name rpi4):

ssh root@rpi4 "date --set=@$( date +%s)"
tags: guide - raspberry - rpi4 - dhcp - tftp - install