Re: Boot prompt for Intel AMT
On Wed, Mar 07, 2007 at 09:07:46AM +0200, Danny Braniss wrote: On Mar 6, 2007, at 1:04 PM, Jack Vogel wrote: It scares me to have something like SOL on an ethernet that's connected to the public wires. ah, you don't believe in firewalls, i see :-) I don't trust firewalls for something that can -- and should -- be done at layer 1. -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networkinghttp://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB | ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Boot prompt for Intel AMT
Danny Braniss wrote: It scares me to have something like SOL on an ethernet that's connected to the public wires. ah, you don't believe in firewalls, i see :-) Firewalls are sometimes just the crunchy shell around the soft, chewy centre. You need defense in depth ... Regards, Jan. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Boot prompt for Intel AMT
I hope some people will understand what i am talking about, because the technology, i think, is not very popular, but can come VERY handy. Intel AMT Serial over LAN (SOL, why is it called 'over LAN' if it is really 'OVER IP'?) allows to boot into BIOS of a remote machine and even, as seen in their demo, can be used to control MS DOS prompt. well because it isnt using IP, besides SOIP is uninspiring :) Wait.. how so? I was sure that the whose SOL (IPMI) protocal is running over IP and i can REMOTELY (e.g. from anoth planet with IP connection) access the machine in the data center. If i can do such thing, then it DOES run over IP eventually. Isn't it? Anyway, nobody said anothing about getting freebsd boot prompt over SOL. My guess, that this is THE MOST usefull usage of SOL for remote upgrades. I understand that this is not as simple as sending data to UART. THis is must be done explicitely in the boot loader, i thinks. But why no do it? -- Regards, Artem ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Boot prompt for Intel AMT
Artem Kuchin wrote: I hope some people will understand what i am talking about, because the technology, i think, is not very popular, but can come VERY handy. Intel AMT Serial over LAN (SOL, why is it called 'over LAN' if it is really 'OVER IP'?) allows to boot into BIOS of a remote machine and even, as seen in their demo, can be used to control MS DOS prompt. well because it isnt using IP, besides SOIP is uninspiring :) Wait.. how so? I was sure that the whose SOL (IPMI) protocal is running over IP and i can REMOTELY (e.g. from anoth planet with IP connection) access the machine in the data center. If i can do such thing, then it DOES run over IP eventually. Isn't it? Anyway, nobody said anothing about getting freebsd boot prompt over SOL. My guess, that this is THE MOST usefull usage of SOL for remote upgrades. I understand that this is not as simple as sending data to UART. THis is must be done explicitely in the boot loader, i thinks. But why no do it? We have a number of Dell PowerEdge 2950's that we boot using the built in SOL, which does run over IP as we use it across a routed VPN backbone (server in the data center, console in the office). We have found that the IPMI serial port is connected to the system as COM2, which we select in the bios configuration. We then set device.hints so that the freebsd console is set to use the same port. We use the open source ipmitool to access the ipmi controller, and serial port, on the system. Tom ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Boot prompt for Intel AMT
Artem Kuchin wrote: I hope some people will understand what i am talking about, because the technology, i think, is not very popular, but can come VERY handy. Intel AMT Serial over LAN (SOL, why is it called 'over LAN' if it is really 'OVER IP'?) allows to boot into BIOS of a remote machine and even, as seen in their demo, can be used to control MS DOS prompt. well because it isnt using IP, besides SOIP is uninspiring :) Wait.. how so? I was sure that the whose SOL (IPMI) protocal is running over IP and i can REMOTELY (e.g. from anoth planet with IP connection) access the machine in the data center. If i can do such thing, then it DOES run over IP eventually. Isn't it? Anyway, nobody said anothing about getting freebsd boot prompt over SOL. My guess, that this is THE MOST usefull usage of SOL for remote upgrades. I understand that this is not as simple as sending data to UART. THis is must be done explicitely in the boot loader, i thinks. But why no do it? We have a number of Dell PowerEdge 2950's that we boot using the built in SOL, which does run over IP as we use it across a routed VPN backbone (server in the data center, console in the office). We have found that the IPMI serial port is connected to the system as COM2, which we select in the bios configuration. We then set device.hints so that the freebsd console is set to use the same port. We use the open source ipmitool to access the ipmi controller, and serial port, on the system. Aha! This is something already. When our system boot it says: Mar 5 23:59:04 aaa kernel: sio0: configured irq 4 not in bitmap of probed irqs 0 Mar 5 23:59:04 aaa kernel: sio0: port may not be enabled Mar 5 23:59:04 aaa kernel: sio0: 16550A-compatible COM port port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0 Mar 5 23:59:04 aaa kernel: sio0: type 16550A Mar 5 23:59:04 aaa kernel: sio1: configured irq 3 not in bitmap of probed irqs 0 Mar 5 23:59:04 aaa kernel: sio1: port may not be enabled My guess is that sio0 is the real port and sio1 is the IPMI port of Intel AMT. But what does this message really say? What must i do to enable the port? The other question, do i need to include device ipmi in the kernel config? And how do i tell the boot loader to redirect its output to serial port? Sorry, working with freebsd for 10 years now but never touched this issue. -- Regads, Artem ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Boot prompt for Intel AMT
Artem Kuchin wrote: Artem Kuchin wrote: snip/ We have a number of Dell PowerEdge 2950's that we boot using the built in SOL, which does run over IP as we use it across a routed VPN backbone (server in the data center, console in the office). We have found that the IPMI serial port is connected to the system as COM2, which we select in the bios configuration. We then set device.hints so that the freebsd console is set to use the same port. We use the open source ipmitool to access the ipmi controller, and serial port, on the system. Aha! This is something already. When our system boot it says: Mar 5 23:59:04 aaa kernel: sio0: configured irq 4 not in bitmap of probed irqs 0 Mar 5 23:59:04 aaa kernel: sio0: port may not be enabled Mar 5 23:59:04 aaa kernel: sio0: 16550A-compatible COM port port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0 Mar 5 23:59:04 aaa kernel: sio0: type 16550A Mar 5 23:59:04 aaa kernel: sio1: configured irq 3 not in bitmap of probed irqs 0 Mar 5 23:59:04 aaa kernel: sio1: port may not be enabled My guess is that sio0 is the real port and sio1 is the IPMI port of Intel AMT. But what does this message really say? What must i do to enable the port? The other question, do i need to include device ipmi in the kernel config? And how do i tell the boot loader to redirect its output to serial port? Sorry, working with freebsd for 10 years now but never touched this issue. This is the dmesg from our servers (sio1 is the ipmi SOL port): sio0: 16550A-compatible COM port port 0x3f8-0x3ff irq 4 on acpi0 sio0: type 16550A sio1: 16550A-compatible COM port port 0x2f8-0x2ff irq 3 flags 0x10 on acpi0 sio1: type 16550A, console As far as I know it is not required to have ipmi in the kernel (we dont have it in our kernels) to use the SOL port. This page should help you setup the serial console: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/serialconsole-setup.html Tom ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Boot prompt for Intel AMT (serial port redirection on Intel AMT)
- Original Message - From: Tom Judge [EMAIL PROTECTED] To: Artem Kuchin [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; Jack Vogel [EMAIL PROTECTED] Sent: Tuesday, March 06, 2007 2:04 PM Subject: Re: Boot prompt for Intel AMT Artem Kuchin wrote: Artem Kuchin wrote: snip/ We have a number of Dell PowerEdge 2950's that we boot using the built in SOL, which does run over IP as we use it across a routed VPN backbone (server in the data center, console in the office). We have found that the IPMI serial port is connected to the system as COM2, which we select in the bios configuration. We then set device.hints so that the freebsd console is set to use the same port. We use the open source ipmitool to access the ipmi controller, and serial port, on the system. Aha! This is something already. When our system boot it says: Mar 5 23:59:04 aaa kernel: sio0: configured irq 4 not in bitmap of probed irqs 0 Mar 5 23:59:04 aaa kernel: sio0: port may not be enabled Mar 5 23:59:04 aaa kernel: sio0: 16550A-compatible COM port port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0 Mar 5 23:59:04 aaa kernel: sio0: type 16550A Mar 5 23:59:04 aaa kernel: sio1: configured irq 3 not in bitmap of probed irqs 0 Mar 5 23:59:04 aaa kernel: sio1: port may not be enabled My guess is that sio0 is the real port and sio1 is the IPMI port of Intel AMT. But what does this message really say? What must i do to enable the port? The other question, do i need to include device ipmi in the kernel config? And how do i tell the boot loader to redirect its output to serial port? Sorry, working with freebsd for 10 years now but never touched this issue. This is the dmesg from our servers (sio1 is the ipmi SOL port): sio0: 16550A-compatible COM port port 0x3f8-0x3ff irq 4 on acpi0 sio0: type 16550A sio1: 16550A-compatible COM port port 0x2f8-0x2ff irq 3 flags 0x10 on acpi0 sio1: type 16550A, console As far as I know it is not required to have ipmi in the kernel (we dont have it in our kernels) to use the SOL port. This page should help you setup the serial console: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/serialconsole-setup.html Hmm. i am stuck now. I have setup everything as described but still see nothing in SOL terminal when system boots (still can see BIOS). I can turn on video redirection to serial port COM1 in the BIOS and then i can see boot prompt and boot menu, but i cannot do anything there because keyboard is not working at all. Now i have the floowing questions: 1) What port is redirected over SOL in intel ? It is not COM1. 2) Can it do serial redirection at all? 3) Did anybody ever managed to set this thing up on Intel Server with AMT? My server is ENtry level SE7230ONH1-E -- Regards Artem ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Boot prompt for Intel AMT
On 3/6/07, Artem Kuchin [EMAIL PROTECTED] wrote: I hope some people will understand what i am talking about, because the technology, i think, is not very popular, but can come VERY handy. Intel AMT Serial over LAN (SOL, why is it called 'over LAN' if it is really 'OVER IP'?) allows to boot into BIOS of a remote machine and even, as seen in their demo, can be used to control MS DOS prompt. well because it isnt using IP, besides SOIP is uninspiring :) Wait.. how so? I was sure that the whose SOL (IPMI) protocal is running over IP and i can REMOTELY (e.g. from anoth planet with IP connection) access the machine in the data center. If i can do such thing, then it DOES run over IP eventually. Isn't it? Yes, my bad, I spoke too quickly, it does use IP, sorry, I still find SOL much more descriptive of what I think about the whole apparatus however :) Jack ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Boot prompt for Intel AMT
On Mar 6, 2007, at 1:04 PM, Jack Vogel wrote: Yes, my bad, I spoke too quickly, it does use IP, sorry, I still find SOL much more descriptive of what I think about the whole apparatus however :) :-) Personally, I really like the Sun ILOM processors, even though they do boot an embedded linux, and the command set is, shall we say, confusing... It scares me to have something like SOL on an ethernet that's connected to the public wires.
Re: Boot prompt for Intel AMT
On 3/6/07, Vivek Khera [EMAIL PROTECTED] wrote: On Mar 6, 2007, at 1:04 PM, Jack Vogel wrote: Yes, my bad, I spoke too quickly, it does use IP, sorry, I still find SOL much more descriptive of what I think about the whole apparatus however :) :-) Personally, I really like the Sun ILOM processors, even though they do boot an embedded linux, and the command set is, shall we say, confusing... It scares me to have something like SOL on an ethernet that's connected to the public wires. Yes, this was a concern while i was at IBM as well, they were talking about configurations that would have the 'management' net seperated out from the public. That seems very expensive on infrastructure to me. Course when you have server farms with thousands of systems I suppose its complicated anyway. Jack ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Boot prompt for Intel AMT
On Tue, 06 Mar 2007 13:09:14 -0800 Jack Vogel [EMAIL PROTECTED] wrote: Yes, this was a concern while i was at IBM as well, they were talking about configurations that would have the 'management' net seperated out from the public. That seems very expensive on infrastructure to me. Course when you have server farms with thousands of systems I suppose its complicated anyway. If your infrastructure supports VLANs (and which one doesn't today) it's not so complicated. The company I work for have a separate management network. -- Regards, Torfinn Ingolfsen also an (ex) IBM'er ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Boot prompt for Intel AMT
On Mar 6, 2007, at 1:04 PM, Jack Vogel wrote: Yes, my bad, I spoke too quickly, it does use IP, sorry, I still find SOL much more descriptive of what I think about the whole apparatus however :) :-) Personally, I really like the Sun ILOM processors, even though they do boot an embedded linux, and the command set is, shall we say, confusing... It scares me to have something like SOL on an ethernet that's connected to the public wires. ah, you don't believe in firewalls, i see :-) danny ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Boot prompt for Intel AMT
Hello! I hope some people will understand what i am talking about, because the technology, i think, is not very popular, but can come VERY handy. Intel AMT Serial over LAN (SOL, why is it called 'over LAN' if it is really 'OVER IP'?) allows to boot into BIOS of a remote machine and even, as seen in their demo, can be used to control MS DOS prompt. However, i tried it and did not see any boot prompt over SOL connection. As i understand it does not use bios for input/output and therefore data is not sent/received over SOL connection. Thisis a pitty because of boot prompt would work over SOL then remote source upgrade would be much plainless and less risky than now. For example, i could just book old kernel if something goes wrong. Is there a way to make boot prompt work over SOL? The othe question, is there such technology for Supermicro mainboards? -- Regards, Artem ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Boot prompt for Intel AMT
On 3/5/07, Artem Kuchin [EMAIL PROTECTED] wrote: Hello! I hope some people will understand what i am talking about, because the technology, i think, is not very popular, but can come VERY handy. Intel AMT Serial over LAN (SOL, why is it called 'over LAN' if it is really 'OVER IP'?) allows to boot into BIOS of a remote machine and even, as seen in their demo, can be used to control MS DOS prompt. well because it isnt using IP, besides SOIP is uninspiring :) However, i tried it and did not see any boot prompt over SOL connection. As i understand it does not use bios for input/output and therefore data is not sent/received over SOL connection. Thisis a pitty because of boot prompt would work over SOL then remote source upgrade would be much plainless and less risky than now. For example, i could just book old kernel if something goes wrong. Is there a way to make boot prompt work over SOL? The othe question, is there such technology for Supermicro mainboards? It doesnt work the way you think it works, its not just some serial port that spits ASCII characters, rather I believe it requires you to speak IPMI to it. Of course, if you happen to have an IBM Bladecenter, then it does just look like a serial port on the blade, but you still have to deal with the management controller stuff on the incoming side. After you deal with all this stuff for a while you will LONG for the good old days of a simple UART :) Cheers, Jack ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Boot prompt for Intel AMT
Artem Kuchin wrote: I hope some people will understand what i am talking about, because the technology, i think, is not very popular, but can come VERY handy. ... The othe question, is there such technology for Supermicro mainboards? You might want to checkout the IPMI modules from Supermicro. Steve This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it. In the event of misdirection, illegible or incomplete transmission please telephone +44 845 868 1337 or return the E.mail to [EMAIL PROTECTED] ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Boot prompt for Intel AMT
On Tue, Mar 06, 2007 at 12:15:04AM +0300, Artem Kuchin wrote: The othe question, is there such technology for Supermicro mainboards? Yes, Supermicro makes IPMI add-on cards (they require IPMI capability on the mainboard, however). Be warned about these cards, however. A friend of mine at Yahoo! has encountered a major BIOS/IPMI oversight, where in the case that the IPMI event log becomes full, the system BIOS upon boot will _require_ someone hit F1 to continue on the console, until the IPMI history is cleared. Ultimately this requires someone to go to the datacenter and manually hit F1 on the console, clear the IPMI log, and let the machine boot up. Wonderful oversight. Yes, there are IPMI management utilities for some OSes, but many of them are closed-source, only work on certain versions of the OS, or for the open-source ones do not let you control/monitor as much as you would under the native utility from the vendor. Now it seems more and more problems are coming to light with vendor IPMI implementations (Broadcom's pseudo-iLO causes ARP storms because there is no dedicated NIC for iLO and the NIC technically has two MAC addresses, Supermicro's IPMI and the event log problem, yadda yadda.) Seems to me the only vendors who got this right were 1) HP/Compaq with their true iLO/iLO2, and 2) Sun. -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networkinghttp://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB | ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Boot prompt for Intel AMT
On Mon, 5 Mar 2007, Jeremy Chadwick wrote: On Tue, Mar 06, 2007 at 12:15:04AM +0300, Artem Kuchin wrote: The othe question, is there such technology for Supermicro mainboards? Yes, Supermicro makes IPMI add-on cards (they require IPMI capability on the mainboard, however). Be warned about these cards, however. A friend of mine at Yahoo! has encountered a major BIOS/IPMI oversight, where in the case that the IPMI event log becomes full, the system BIOS upon boot will _require_ someone hit F1 to continue on the console, until the IPMI history is cleared. Ultimately this requires someone to go to the datacenter and manually hit F1 on the console, clear the IPMI log, and let the machine boot up. Wonderful oversight. I might also add that we tried that on a few Supermicro boxes and found the whole mess to be not as reliable as you'd like an OOB management tool to be. The java client is spotty at best, really wants to be run in Windows, and basically falls apart when doing simple console redirection in the client. Never really saw it work well. Now it seems more and more problems are coming to light with vendor IPMI implementations (Broadcom's pseudo-iLO causes ARP storms because there is no dedicated NIC for iLO and the NIC technically has two MAC addresses, Supermicro's IPMI and the event log problem, yadda yadda.) Yeah, I was a little disappointed in this - when I read about IPMI I thought that it was something of a standard and that I'd be able to pick and choose clients that run natively on FreeBSD or OS-X. That does not seem to be the case at all. Seems to me the only vendors who got this right were 1) HP/Compaq with their true iLO/iLO2, and 2) Sun. Which is a shame as the Supermicro cards were sub-$100... Charles -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networkinghttp://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB | ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]