IPMI

or, Engineering from the Depths of Hell

Ah, anything to save a buck. Including, cheaper ways to remotely access your gear. IPMI is able to handle machine resets, power on/off, and even some basic monitoring of the health of the machine. This sounds great! Except, it is like getting married and you find out about the dark secrets of the inlaws after you’ve already tied the knot.

These are the quirks on a recent batch of gear I’ve ran across. (I can’t mention names, sorry.)

  1. IPMI is not configurable in the bios with a keyboard. That’d be too easy.
  2. IPMI is configurable via DOS. Well, that’s something, I guess.
  3. IPMI requires an IP address. By default, it’ll DHCP for one. That’s cool. If your DHCP server is not responding, it’ll just use the last known IP. That’s not cool, if you changed networks, or it never had one. Now, the IPMI server is sending out arp requests for an address it should not own.
  4. If you want to plan what IP is owned by what IPMI gear, you better have your DHCP server set up in advance. Depending on your vendor and quantity, maybe this is ok. Or.. Not.
  5. Conflicting IP’s suck, if the address IPMI is spewing arp for, happens to be owned by someone else.
  6. Wrong IP’s suck, since.. well, you probably can’t reach them, in order to do things like power cycle the box remotely.
  7. Speaking of suck, what is with this gratuitous arp crap, sending out a grat arp once a second? On small networks, I guess, most people would never notice. On larger networks, having every box you have sending out arp, your core network infrastructure is gonna get pissy. By pissy, I mean, fall to its knees and commit sepuku.
  8. Boxes with power but off, still arp. You plugged me in - you fool!
  9. IPMI is remotely reprogrammable. Cool. If you can reach it. If it hasn’t already destroyed your network. If it has an IP you expect.

On a related note, hey, that visit to DC I took recently was fun!

[permalink] · Blog ·