Alexander Dupuy <[email protected]> wrote: > I wrote: > >> As for the IPMI firewall - what is that? > > > > Tim Small replied: > > I looked into it a while ago, but it didn't fit my needs, and I > > can't remember much about it, unfortunately... > > > > http://www.intel.com/design/servers/ipmi/spec.htm > > From what I can tell, the IPMI "firewall" seems to be functional > access control, where you can specify that certain operations are > allowed or disallowed for sessions coming via particular channels > (local/lan/serial) - but I don't see how that would apply to non-IPMI > network access like ICMP echo requests, which is what I used to > generate those weird ICMP host unreachables. > > I'm starting to wonder if there is not some external thing causing > the problem I'm seeing - I could see how possibly a switch that > remembered just one MAC address per port or something and sent > traffic for the BMC to the MAC address for the host could cause this > ICMP host unreachable to be generated by a host that sees a packet > with its own MAC address, but a different IP address, especially if > IP forwarding is disabled. But I have never heard of such a bizarre > sort of switch like that before, so it still seems like an outside > possibility.
Silly question : Are you trying to reach the IPMI IP address from the OS of the same physical server? That's something I've never been able to get working with IPMI or DRACs configured as "shared" : They only answer/work from "remote" hosts. Matthias _______________________________________________ Linux-PowerEdge mailing list [email protected] https://lists.us.dell.com/mailman/listinfo/linux-poweredge Please read the FAQ at http://lists.us.dell.com/faq
