What Does PXE Mean?
Also known as: Preboot Execution Environment, PXE boot, network boot
This page mentions older exam versions. See the Current Exam Context and Legacy Exam Context sections below for the updated mapping.
On This Page
Quick Definition
The Preboot eXecution Environment (PXE) is a standardized client-server interface that enables a computer to boot and load an operating system or other software from a network server, rather than from a local hard drive, SSD, or removable media. It operates by having the computer's network interface card (NIC) with a PXE-enabled BIOS or UEFI firmware send a DHCP broadcast request to obtain an IP address and the location of a boot server. The boot server then delivers a Network Bootstrap Program (NBP) over TFTP, which the client executes to begin the OS installation or diagnostic process. PXE exists primarily to streamline large-scale deployments, diskless workstation setups, and remote troubleshooting, eliminating the need for physical media or manual intervention on each machine. It is a core technology in enterprise environments for automated OS provisioning and system recovery.
Must Know for Exams
CompTIA Network+ (N10-008/009) tests PXE in several distinct ways. First, candidates must know that PXE is a network boot method that allows a computer to boot without local storage—this is a direct exam objective under 'Network Operations' and 'Infrastructure'. Second, the exam expects you to understand the role of DHCP in PXE: specifically, that the client uses DHCP to obtain an IP address and the location of the boot server (TFTP server address via Option 66 and boot filename via Option 67).
Third, you must know that TFTP is the protocol used to transfer the initial boot image—not FTP, HTTP, or SMB. Fourth, Network+ questions often ask about the OSI layer where PXE operates: it uses DHCP (Layer 7/Application) and TFTP (Layer 7), but the underlying IP and MAC addressing involve Layers 3 and 2. Fifth, the exam may present a scenario where a PXE boot fails, and you must identify the cause—common issues include a misconfigured DHCP scope, a missing or incorrect boot file on the TFTP server, or a firewall blocking TFTP (UDP port 69).
Additionally, A+ (220-1101) covers PXE as a boot method in the context of BIOS/UEFI settings and troubleshooting boot failures.
Simple Meaning
Imagine you walk into a hotel and you have no luggage with you—no clothes, no toiletries, nothing. Instead, you go to the front desk, and they give you a room key and tell you that everything you need (clothes, toiletries, a phone charger) will be delivered to your room from a central storage. You don't have to carry anything; it all comes to you over the hotel's service network.
PXE works similarly: your computer has no operating system on its hard drive, but when it turns on, it asks the network 'Where can I get an OS?' The network server responds with the necessary files, and the computer boots up using those files streamed over the network. It's like ordering room service for your computer's brain—the OS arrives over the network instead of being stored locally.
Full Technical Definition
PXE is defined by the Intel Wired for Management (WfM) specification and is standardized as part of the UEFI specification. It operates primarily at the Application Layer (Layer 7) of the OSI model, but it relies on protocols at the Network (Layer 3) and Data Link (Layer 2) layers. The core protocols involved are DHCP (Dynamic Host Configuration Protocol) and TFTP (Trivial File Transfer Protocol).
The PXE client firmware in the NIC or motherboard sends a DHCPDISCOVER packet with a special option (Option 60 – Vendor Class Identifier) set to 'PXEClient'. The DHCP server (or a proxy DHCP server) responds with a DHCPOFFER that includes Option 66 (TFTP server address) and Option 67 (boot filename). The client then downloads the Network Bootstrap Program (NBP) via TFTP from the specified server.
The NBP is a small executable (e.g., pxelinux.0 for Linux, bootmgfw.efi for Windows) that continues the boot process, often by downloading a full OS image or initiating a deployment task sequence.
Alternatives to PXE include booting from local media (USB, DVD), iSCSI boot (where the OS is on a remote disk accessed via iSCSI), and HTTP boot (a newer UEFI standard that uses HTTP instead of TFTP for faster transfers). PXE is less secure than some alternatives because it lacks built-in authentication, which is why it is often used within isolated management VLANs.
Real-Life Example
A university IT department needs to deploy Windows 11 to 200 new lab computers. Instead of inserting a USB drive into each machine, they set up a PXE server running Windows Deployment Services (WDS). Each new computer is connected to the lab network and configured in BIOS to boot from the network (PXE).
When a computer is powered on, it sends a DHCP request. The campus DHCP server assigns an IP address and provides the WDS server's address. The client then downloads a small boot image via TFTP.
This boot image launches a Windows Preinstallation Environment (WinPE) that connects to the WDS server, downloads the full Windows 11 image, and begins the automated installation. The IT staff can trigger installations remotely, and each computer completes the process without any manual interaction. After installation, the computers reboot into the new OS.
The entire lab is ready in a few hours instead of days.
Why This Term Matters
PXE is a critical skill for IT professionals because it enables scalable, automated OS deployment and system recovery. In enterprise environments, manually installing operating systems on hundreds or thousands of machines is impractical. PXE eliminates the need for physical media, reduces human error, and speeds up provisioning.
Understanding PXE is essential for roles in system administration, desktop support, and network engineering. Troubleshooting PXE failures—such as DHCP misconfigurations, TFTP timeouts, or incorrect boot file paths—is a common real-world task. Mastery of PXE also demonstrates competence in network boot protocols, DHCP options, and TFTP operations, which are frequently tested on CompTIA Network+ and A+ exams.
For career growth, knowing PXE is a foundational skill for modern IT operations.
How It Appears in Exam Questions
Exam questions about PXE typically follow a few patterns. One common pattern: 'A technician needs to deploy an OS to 50 computers without physical media. Which technology should they use?'
The correct answer is PXE, but wrong answers include 'USB boot', 'DVD boot', or 'iSCSI boot'—the key is that PXE is specifically for network-based boot without local storage. Another pattern: 'Which protocol is used by PXE to download the initial boot image?' The correct answer is TFTP, but candidates often pick FTP or HTTP.
Remember: PXE uses TFTP (UDP 69). A third pattern: 'A computer fails to PXE boot. The DHCP server is working. What is the most likely issue?' Wrong answers include 'DNS resolution failure' or 'HTTP timeout'—the correct answer is often 'The TFTP server is unreachable or the boot file is missing.'
A fourth pattern: 'At which OSI layer does PXE primarily operate?' The correct answer is Layer 7 (Application), but some choose Layer 3 because of IP addressing. The trick is that PXE uses application-layer protocols (DHCP, TFTP).
Practise PXE Questions
Test your understanding with exam-style practice questions.
Example Scenario
1. A new, unconfigured laptop is connected to the corporate network via Ethernet. 2. The laptop's BIOS is set to 'Network Boot' as the first boot option. 3. When powered on, the laptop's PXE firmware sends a DHCPDISCOVER packet with a special tag identifying itself as a PXE client.
4. The corporate DHCP server responds with an IP address and also provides the IP address of the PXE boot server (Option 66) and the name of the boot file (Option 67), e.g., 'bootmgfw.
efi'. 5. The laptop then uses TFTP to download 'bootmgfw.efi' from the boot server. 6. The laptop executes the downloaded boot file, which launches a minimal OS environment (WinPE).
7. WinPE connects to a deployment server (e.g., SCCM) and downloads the full Windows 10 image. 8. The installation proceeds automatically, and after completion, the laptop reboots into the new OS.
Common Mistakes
PXE uses FTP to transfer the boot image.
PXE uses TFTP (Trivial File Transfer Protocol), not FTP. TFTP is simpler and uses UDP port 69, while FTP uses TCP ports 20/21. TFTP is chosen for its low overhead and simplicity in the pre-boot environment.
PXE = TFTP, not FTP. Remember: 'T' in TFTP stands for Trivial, and PXE uses trivial transfers.
PXE requires a hard drive to store the boot image.
PXE is specifically designed to boot without local storage. The boot image is loaded into RAM and executed. The whole point of PXE is to eliminate the need for a local disk.
PXE = No local storage needed. The boot image lives in RAM.
PXE works over Wi-Fi by default.
PXE is designed for wired Ethernet connections. While some UEFI implementations support wireless PXE, it is not standard and rarely used. The exam assumes PXE uses a wired NIC.
PXE = Wired only. Think 'Ethernet cable required.'
Exam Trap — Don't Get Fooled
{"trap":"The most dangerous misconception is that PXE uses HTTP or FTP to download the boot image. Many candidates choose 'HTTP' because it's familiar, but PXE uses TFTP.","why_learners_choose_it":"Learners see 'download' and think of common protocols like HTTP or FTP.
They don't realize that in the pre-boot environment, a lightweight protocol like TFTP is used because it doesn't require a full OS stack.","how_to_avoid_it":"Memorize: PXE boot image transfer = TFTP (UDP 69). If you see HTTP, FTP, or SMB as options for the initial boot file download, eliminate them immediately.
Only TFTP is correct."
Commonly Confused With
iSCSI boot boots from a remote disk over a storage network using the iSCSI protocol, while PXE boots from a network server using DHCP and TFTP to load a small boot image. iSCSI requires a dedicated storage target; PXE does not.
PXE is like ordering a pizza (boot image) from a restaurant; iSCSI is like having a full kitchen (disk) in a truck that you connect to.
HTTP boot is a newer UEFI standard that uses HTTP instead of TFTP to download the boot image, offering faster speeds and better security. PXE traditionally uses TFTP. Both are network boot methods, but HTTP boot is more modern.
PXE uses a bicycle courier (TFTP) to deliver a small package; HTTP boot uses a delivery truck (HTTP) to carry larger loads faster.
Step-by-Step Breakdown
Step 1 — Client Initialization
The client computer powers on and the PXE firmware in the NIC or motherboard initializes. It broadcasts a DHCPDISCOVER packet with Option 60 set to 'PXEClient' to indicate it wants a PXE boot.
Step 2 — DHCP Offer with PXE Options
A DHCP server (or proxy DHCP) responds with a DHCPOFFER that includes the client's IP address, subnet mask, and importantly, Option 66 (TFTP server IP) and Option 67 (boot file name).
Step 3 — Download Bootstrap Program
The client uses TFTP to download the Network Bootstrap Program (NBP) from the specified TFTP server. The NBP is a small executable file (e.g., pxelinux.0 or bootmgfw.efi).
Step 4 — Execute Bootstrap Program
The client executes the NBP in memory. This program may display a boot menu or automatically proceed to download a full OS image or initiate a deployment task.
Step 5 — OS Installation or Boot
The NBP downloads the full OS image (often via TFTP, HTTP, or SMB) and begins the installation or boots into a live environment. The client completes the process and reboots into the new OS.
Practical Mini-Lesson
PXE (Preboot eXecution Environment) is a fundamental technology for network-based booting. At its core, PXE allows a computer to start up and load an operating system or utility from a server on the network, without needing a local hard drive or USB stick. This is achieved through a combination of DHCP and TFTP.
The process begins when the client's PXE firmware (embedded in the NIC or motherboard) sends a DHCP request with a vendor-specific option (Option 60) identifying itself as a PXE client. A standard DHCP server can respond with IP configuration, but for PXE to work, the DHCP server must also provide Option 66 (TFTP server address) and Option 67 (boot file name). Alternatively, a proxy DHCP server can be used.
The client then downloads a small Network Bootstrap Program (NBP) via TFTP over UDP port 69. The NBP is a lightweight executable that continues the boot process, often by loading a more complete environment like Windows PE or a Linux live system. PXE is commonly compared to other boot methods: USB boot requires physical media, iSCSI boot requires a dedicated storage network, and HTTP boot (UEFI) is a newer standard that uses HTTP for faster transfers.
PXE's main advantage is its simplicity and widespread support in enterprise deployment tools like Microsoft SCCM, WDS, and Linux PXE servers. However, PXE has security limitations—it does not authenticate the server or client, so it should be used in trusted networks or isolated VLANs. The key takeaway for exams: PXE = DHCP + TFTP + NBP.
Memorize the protocols and their roles.
Memory Tip
Think 'PXE = Pizza Xpress Delivery' — Your computer (hungry) orders a pizza (OS) over the phone (DHCP) and the delivery guy (TFTP) brings it to your door (NIC). The pizza arrives hot and ready to eat (boot). Remember: DHCP for address, TFTP for the boot file.
Covered in These Exams
Current Exam Context
Current exam versions that test this topic — use these objectives when studying.
220-1101CompTIA A+ Core 1 →N10-009CompTIA Network+ →Legacy Exam Context
Older materials may mention these exam versions, but learners should use the current objectives for their target exam.
N10-008N10-009(current version)Related Glossary Terms
AH (Authentication Header) is an IPsec protocol that provides connectionless integrity, data origin authentication, and anti-replay protection for IP packets.
AH (Authentication Header) is an IPsec protocol that provides connectionless integrity, data origin authentication, and anti-replay protection for IP packets.
An AP (Access Point) bridges wireless clients to a wired network, acting as a central transceiver and controller for Wi-Fi communications.
An API is a set of rules that allows software applications to communicate and exchange data with each other.
BCP is a proactive process that creates a framework to ensure critical business functions continue during and after a disruptive event.
BNC (Bayonet Neill-Concelman Connector) is a miniature coaxial connector used for terminating coaxial cables in networking, video, and RF applications.
Frequently Asked Questions
Does PXE work over Wi-Fi?
Standard PXE is designed for wired Ethernet. While some UEFI implementations support wireless PXE, it is not common and is not tested on Network+. For exams, assume PXE requires a wired connection.
What is the difference between PXE and network boot?
Network boot is a general term for booting from a network. PXE is a specific standard for network boot. All PXE is network boot, but not all network boot is PXE (e.g., HTTP boot is network boot but not PXE).
Can PXE be used to boot Linux?
Yes. Linux PXE boot typically uses pxelinux.0 as the NBP, which then loads a kernel and initrd via TFTP or HTTP. Many Linux distributions support PXE installation.
What port does TFTP use in PXE?
TFTP uses UDP port 69. This is a common exam question. Firewalls must allow UDP 69 for PXE to work.
Why is PXE considered insecure?
PXE has no built-in authentication or encryption. Any device on the network can request a boot image, and a rogue server could serve malicious software. This is why PXE is often restricted to management VLANs.
Summary
(1) PXE is a network boot protocol that allows a computer to boot an OS from a server over the network, without local storage. (2) It uses DHCP to obtain an IP address and the boot server location, and TFTP to download the initial boot image (NBP). (3) The most important exam fact: PXE relies on DHCP Options 66 and 67, and uses TFTP (UDP 69) — not FTP or HTTP — for file transfer.