IPMI

There are currently 3 IPMI revisions (with details taken from http://www.ecst.csuchico.edu/~dranch/LINUX/IPMI/ipmi-on-linux.html):

    • IPMI v1.0 - Autonomous access, logging and control. IPMI messaging command sets, sensor data records and event messages. Access through system interfaces like memory mapped IO, I2C bus etc.

    • IPMI v1.5 - Ability to send IPMI messages to BMC over LAN, LAN alerting. No SOL as part of the standard's specification but some vendor specific SOL implementations.

    • IPMI v2.0 - Serial Over LAN enabling console redirection, access control, enhanced authentication, packet encryption using RCMP+, SMbus interface.

IPMI version 2.0 is desirable as it allows you to use SOL to get a remote console on the server as though it were local in cases where the operating system locks up and SSH or (heaven forbid) telnet access are not available due to the operating system being inoperable. v2.0 also allows you to encrypt the contents of the IPMI packets sent to remote systems and so protects the BMC passwords and your commands on the network. IPMI v1.5 still allows to you to power the system on and off and view sensor output, but does not support packet encryption (and therefore sends your BMC password over the network in plain text) and does not support SOL in any standardised way. Both 2.0 and 1.5 are in common usage and are both still sold on new servers.

Dell IPMI Setup

To setup an IPMI LAN interface, administrators may use the IPMI server management configuration utility. This utility--which is not component of IPMItool--is built into eighth-generation Dell PowerEdge? systems and can be started during system boot by pressing Ctrl+E when prompted. The following settings should be configured:

    • Ensure that "IPMI Over LAN" is set to "On"

    • If not using DHCP, supply an appropriate IP address, subnet, and gateway.

    • Ensure that "VLAN Enable" is set to "Off"

    • Ensure that "Administrator Account" is set to "Enable" and specify an adminstrator account and password.

More information can be found here: http://www.dell.com/downloads/global/power/ps4q04-20040204-Murphy.pdf

IPMI on Ubuntu 8.10

Two packages offer IPMI support in Ubuntu:

    • openipmi - officially supported starting with ubuntu 8.10

    • ipmitool - not officially supported

      • sudo aptitude install openipmi

      • sudo aptitude install ipmitool

Once installed, the following files may help you configure and personalize your ipmitools package install:

    • /usr/share/ipmitool/ipmi.init.basic

    • /usr/share/doc/ipmitool/README.gz

To uncompress the .gz file and view it:

sudo gunzip /usr/share/doc/ipmitool/README.gz

sudo gedit /usr/share/doc/ipmitool/README

Enabling the IMPI on boot up by adding 3 lines below to the /etc/modules

ipmi_msghandler

ipmi_devintf

ipmi_si

IPMI Tools

The IPMItool package supports two interfaces types: a local area netowork (LAN) interface and a keyboard controller style (KCS) interface. The LAN interface provides a session based, authenticated means of interacting with the BMC over the network; the KCS interface provides an unauthenticated local interface to the BMC:

    • IPMI LAN interface: The IPMI LAN interface is associated with a BMC channel that is designed to be always available--it can be used even when the system is powered down, or when the OS is hung or inactive (as long as power is present at the chassis). This interface is sometimes implemented using a separate LAN controller, but it may also share a LAN controller with the system. In shared configurations, the IPMI messages are isolated from the system messages within the controller; that is, the User Datagram Protocol (UDP) packets destined for the MBC's Remote Management and Control Protocol (RMCP) port are directed to the MBC by the hardware. The command to access the IPMI Over LAN is:

      • ipmitool -I lanplus -H 192.168.10.123 -U ipmiadmin -a chassis power status

        • -I lanplus : Run the command over the LAN with encryption for IPMI 2.0 hosts. You can use -I lan to send commands over the lan for 1.5 hosts as they don't support the encryption used by lanplus. 2.0 hosts can also use -I lan but why would you want to when 2.0 hosts can use encryption.

        • -H 192.168.10.123 : -H means host followed by an IP address or hostname.

        • -U ipmiadmin : -U specifies a user, followed by the username set up on the BMC, this is not a local or remote OS user.

        • -a : prompt for password. You can also possible to supply the password as an environment variable instead of using -a, but I guess this is less secure.

        • chassis power status : as per the local command dissection.

        • NOTE: ipmitool -I lan command must be run remotely from another server since the eth0 can't be listening and responding at the same time for IMPI.

    • IPMI KCS interface: The IPMI KDS interface, referred to as the open interface, is the systems management software (SMS) interface provided by the MBC on the host. It is available to software that is running on the local (active) host system. By default, this interface is a byte-aligned pair of I/O port at address 0xca2, unless other information is provided in the systems management BIOS (SMBIOS) tables. SMBIOS table entries that describe an IPMI KCS interface have a type 38 entry (0x26). Linux provides the dmidecode utility program to display the SMBIOS tables.

      • ipmitool -I open commands

ipmitool lan set 1 ipaddr xx.xx.xx.xx

ipmitool lan set 1 defgw ipaddr xx.xx.xx.xx