Configure ILOM Communication Settings Using SNMP

C H A P T E R 3

Topics
Description	Links
Review the prerequisites	Before You Begin
Configure network settings	Assign Host Name and System Identifier View and Configure Network Settings View and Configure Serial Port Settings View and Configure HTTP and HTTPS Settings Configure IP Addresses
Configure Secure Shell settings	View the Current Key and Key Length Enable and Disable SSH Generate a New SSH Key Restart the SSH Server

Related Topics
For ILOM	Section	Guide
Concepts	ILOM Network Configurations and Log In Requirements	Oracle Integrated Lights Out Manager (ILOM) 3.0 Concepts Guide (820-6410)
CLI	Configuring ILOM Communication Settings	Oracle Integrated Lights Out Manager (ILOM) 3.0 CLI Procedures Guide (820-6412)
Web Interface	Configuring ILOM Communication Settings	Oracle Integrated Lights Out Manager (ILOM) 3.0 Web Interface Procedures Guide (820-6411)
The ILOM 3.0 Documentation Collection is available at: `http://docs.sun.com/app/docs/prod/int.lights.mgr30#hic`

Before You Begin

Prior to performing the procedures in this chapter, you must ensure that the following requirements are met.

To execute the snmpset command, you need to use an SNMP v1 or v2c community or SNMP v3 user with read/write (rw) privileges.

Before you can use the snmpgets commands described in this guide, you should verify that the correct properties for SNMP are enabled in ILOM. For more details, see Enabling SNMP on Managed Server Using the CLI.

Before you can use SNMP to view and configure ILOM settings, you must configure SNMP. For more information, see Configuring Network Settings.

For examples of SNMP commands, see SNMP Command Examples.

Note - The example SNMP commands presented in this chapter are based on the Net-SNMP sample applications and, therefore, will only work as presented if you have Net-SNMP and the Net-SNMP sample applications installed.

Configuring Network Settings

Topics
Description	Links
Configure network settings	Assign Host Name and System Identifier View and Configure Network Settings View and Configure Serial Port Settings View and Configure HTTP and HTTPS Settings Configure IP Addresses

Before You Begin

You can use the get and set commands to view and configure host name and system identifier MIB object settings. For a description of the MIB objects used in this procedure, see Host Name and System Identifier MIB Objects.

This section describes how to configure the network parameters for ILOM using the SNMP interface. If you are using the Net-SNMP sample applications, you can use the snmpget and snmpset commands to view and configure network settings.

Assign Host Name and System Identifier

1. Log in to a host that has an SNMP tool and the ILOM MIBs installed. For example, type:

ssh username@snmp_manager_ipaddress

Password: password

2. To get the host name, type:

% snmpget -v2c -cprivate SNMP_agent_ipaddress ilomCtrlHostName.0
SUN-ILOM-CONTROL-MIB::ilomCtrlHostName.0 = STRING: wgs97-218

3. To set the host name, type:

% snmpset -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlHostName.0 s wgs97-200
SUN-ILOM-CONTROL-MIB::ilomCtrlHostName.0 = STRING: wgs97-200

4. To get the system identifier, type:

% snmpget -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlSystemIdentifier.0
SUN-ILOM-CONTROL-MIB::ilomCtrlSystemIdentifier.0 = STRING: none

5. To set the system identifier, type:

% snmpset -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlSystemIdentifier.0 s wgs97-200
SUN-ILOM-CONTROL-MIB::ilomCtrlSystemIdentifier.0 = STRING: wgs97-200

Host Name and System Identifier MIB Objects

The following MIB objects, values, and types are valid for host name and system identifier.

TABLE 3-1 Valid MIB Objects, Values, and Types for Host Name and System Identifier Settings
MIB Object	Description	Allowed Values	Type	Default
`ilomCtrlHost Name`	The host name for ILOM.	hostname (Size: 0 to 255)	String	None
`ilomCtrlSystem Identifier`	The identifier that is sent out on the varbind for all traps that ILOM generated. This string is often the host name of the server that is associated with ILOM.	systemidentifier (Size: 0 to 255)	String	None

View and Configure Network Settings

Note - For a description of the MIB objects used in this procedure, see Network Settings MIB Objects and the SUN-ILOM-CONTROL-MIB.

1. Log in to a host that has an SNMP tool and the ILOM MIBs installed. For example, type:

ssh username@snmp_manager_ipaddress

Password: password

2. To determine the name of the network target and the current network settings, type:

% snmpwalk -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlNetwork

This command displays the following information:

SUN-ILOM-CONTROL-MIB::ilomCtrlNetworkMacAddress."SP/network" = STRING: 00:14:4F:0E:23:B8
SUN-ILOM-CONTROL-MIB::ilomCtrlNetworkIpDiscovery."SP/network" = INTEGER: static(1)
SUN-ILOM-CONTROL-MIB::ilomCtrlNetworkIpAddress."SP/network" = IpAddress: ipaddress
SUN-ILOM-CONTROL-MIB::ilomCtrlNetworkIpGateway."SP/network" = IpAddress: ipaddress
SUN-ILOM-CONTROL-MIB::ilomCtrlNetworkIpNetmask."SP/network" = IpAddress: ipaddress
SUN-ILOM-CONTROL-MIB::ilomCtrlNetworkPendingIpDiscovery."SP/network" = INTEGER: static(1)
SUN-ILOM-CONTROL-MIB::ilomCtrlNetworkPendingIpAddress."SP/network" = IpAddress: ipaddress
SUN-ILOM-CONTROL-MIB::ilomCtrlNetworkPendingIpGateway."SP/network" = IpAddress: ipaddress
SUN-ILOM-CONTROL-MIB::ilomCtrlNetworkPendingIpNetmask."SP/network" = IpAddress: ipaddress
SUN-ILOM-CONTROL-MIB::ilomCtrlNetworkCommitPending."SP/network" = INTEGER: false(2)

The network target name as shown above is “SP/network.”

3. To view the current network IP address for network target named “/SP/network”, type:

% snmpget -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlNetworkIpAddress.”/SP/network”

4. To specify a new network IP address, type:

% snmpset -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlNetworkPendingIpAddress.”/SP/network” s 10.300.10.15

5. To put the new network IP address into effect, type:

% snmpset -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlNetworkCommitPending.”/SP/network” i 1

6. Refer to the following SNMP commands for other examples:

To view the MAC address of the out-of-band management interface (where applicable), type:

% snmpget -mALL -v2c -cprivate SNMP_agent_ipaddress ilomCtrlNetworkOutOfBandMacAddress.0

To view the MAC address of the sideband management interface (where applicable), type:

% snmpget -mALL -v2c -cprivate SNMP_agent_ipaddress ilomCtrlNetworkSidebandMacAddress.0

To view the pending management port for the given target, type:

% snmpget -mALL -v2c -cprivate SNMP_agent_ipaddress ilomCtrlNetworkPendingManagementPort.TARGET_INTERFACE

To set the pending management port for the given target, type:

% snmpset -mALL -v2c -cprivate SNMP_agent_ipaddress ilomCtrlNetworkPendingManagementPort.TARGET_INTERFACE s ‘pendingmanagementport’

Note - This property setting does not take effect until the ilomCtrlNetworkCommitPending property is set to true for the given row.

To view the current management port for the given target, type:

% snmpget -mALL -v2c -cprivate SNMP_agent_ipaddress ilomCtrlNetworkgManagementPort.0

To set the current management port for the given target, type:

% snmpset -mALL -v2c -cprivate SNMP_agent_ipaddress ilomCtrlNetworkManagementPort.0 s ‘managementport’

To view the address of the DHCP server for this row, type:

% snmpget -mALL -v2c -cprivate SNMP_agent_ipaddress ilomCtrlNetworkDHCPServerAddr.0

To view whether the network state row is enabled, type:

% snmpget -mALL -v2c -cprivate SNMP_agent_ipaddress ilomCtrlNetworkState.0

To set the network state row to enabled, type:

% snmpset -mALL -v2c -cprivate SNMP_agent_ipaddress ilomCtrlNetworkState.0 i 1

Network Settings MIB Objects

The following MIB objects, values, and types are valid for network settings.

TABLE 3-2 Valid MIB Objects, Values, and Types for Network Settings
MIB Object	Description	Allowed Values	Type	Default
`ilomCtrlNetworkTarget`	This is the nomenclature name for a target that has a configurable network. On some systems, there are multiple targets that have networks. On a rackmount stand-alone server, this table will contain only one row for the network configuration of the service processor, which has a nomenclature name of ’/SP’. On blade systems, this table will contain multiple rows. There will be a row for each blade’s service processor. For example, a blade’s service processor nomenclature takes the form of ’/CH/BL0/SP’, ’/CH/BL1/SP’ and so on. Note - This object is not accessible.	network_target_name	String	None
`ilomCtrlNetworkMacAddress`	Indicates the MAC address of the service processor. Note - This object is read-only.	MAC_address	String	None
`ilomCtrlNetworkIPDiscovery`	Indicates whether the current target is configured to have static IP settings or whether these settings are retrieved dynamically from DHCP. Note - This object is read-only.	`Static(1), Dynamic(2)`	Integer	None
`ilomCtrlNetworkIpAddress`	Indicates the current IP address for the given target. Note - This object is read-only.	ipaddress	String	None
`ilomCtrlNetworkIpGateway`	Indicates the current IP gateway for the given target. Note - This object is read-only.	ip_gateway	String	None
`ilomCtrlNetworkIpNetmask`	Indicates the current IP netmask for the given target. Note - This object is read-only.	ip_netmask	String	None
`ilomCtrlNetworkPendingIp Discovery`	This object is used to set the pending value for the mode of IP discovery for the given target. The possible values are `static(1)` or `dynamic(2)`. Static values can be specified by setting the other pending properties in this table: `ilomCtrlNetworkPendingIp-Address`, `ilomCtrlNetworkPendingIp-Gateway`, and `ilomCtrlNetworkPendingIpNetmask`. If dynamic is specified, the other pending properties should not be set. This setting does not take effect until the `ilomCtrlNetworkCommitPending` property is set to `true` for the given row.	`static(1), dynamic(2)`	Integer	None
`ilomCtrlNetworkPendingIp Address`	This object is used to set the pending IP address for the given target. This setting does not take effect until the `ilomCtrlNetworkCommitPending` property is set to `true` for the given row.	pending_ip_address	String	None
`ilomCtrlNetworkPendingIp Gateway`	This object is used to set the pending IP gateway for the given target. This setting does not take effect until the `ilomCtrlNetworkCommitPending` object is set to `true` for the given row.	pending_ip_gateway	String	None
`ilomCtrlNetworkPendingIp Netmask`	This object is used to set the pending IP netmask for the given target. This setting does not take effect until the `ilomCtrlNetworkCommitPending` object is set to `true` for the given row.	pending_ip_netmask	String	None
`ilomCtrlNetworkCommitPending`	This object is used to commit pending settings for the given row. Settings this object to `true(1)` will cause the network to be reconfigured according to the values specified in the other pending settings.	`true(1),` `false(2)`	Integer	None

View and Configure Serial Port Settings

Note - You can use the get and set commands to view and configure serial port settings. For a description of the MIB objects used in this procedure, see Serial Port Settings MIB Objects.

1. Log in to a host that has an SNMP tool and the ILOM MIBs installed. For example, type:

ssh username@snmp_manager_ipaddress

Password: password

2. To determine whether the service processor has an internal serial port that is configurable, type:

% snmpget -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlSerialInternalPortPresent.0

3. To set the baud rate of the internal port to 9600, type:

% snmpset -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlSerialInternalPortBaudRate.0 i 1

Serial Port Settings MIB Objects

The following MIB objects, values, and types are valid for serial port settings.

TABLE 3-3 Valid MIB Objects, Values, and Types for Serial Port Settings
MIB Object	Description	Allowed Values	Type	Default
`ilomCtrlSerial Internal PortPresent`	Indicates whether the given device has an internal serial port that is configurable. Note - This object is read-only.	`true(1), false(2)`	Integer	None
`ilomCtrlSerial InternalPort BaudRate`	Specifies the current baud rate setting for the internal serial port. This object is only readable or settable if `ilomCtrlSerialInternal-PortPresent` is `true`.	`baud9600(1), baud19200(2), baud38400(3), baud57600(4), baud115200(5)`	Integer	None
`ilomCtrlSerial ExternalPort Present`	Indicates whether the given device has an external serial port that is configurable. Note - This object is read-only.	`true(1), false(2)`	Integer	None
`ilomCtrlSerial ExternalPort BaudRate`	Specifies the current baud rate setting for the external serial port. This object is only readable or settable if `ilomCtrlSerialExternalPort-Present` is `true`.	`baud9600(1), baud19200(2), baud38400(3), baud57600(4), baud115200(5)`	Integer	None
`ilomCtrlSerial ExternalPort FlowControl`	Specifies the current flow control setting for the external serial port. This object is only readable or settable if `ilomCtrlSerialExternalPort-Present` is `true`.	`unknown(1), hardware(2), software(3), none(4)`	Integer	None

View and Configure HTTP and HTTPS Settings

Note - You can use the get and set commands to view and configure HTTP or HTTPS web access. For a description of the MIB objects used in this procedure, see HTTP and HTTPS Settings MIB Objects.

1. Log in to a host that has an SNMP tool and the ILOM MIBs installed. For example, type:

ssh username@snmp_manager_ipaddress

Password: password

2. Refer to the following SNMP commands for examples:

To get the HTTP state, type:

% snmpget -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlHttpEnabled.0

To enable HTTP, type:

% snmpset -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlHttpEnabled.0 i 1

To set the HTTP port number, type:

% snmpset -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlHttpPortNumber.0 i 80

To configure HTTP to redirect HTTP connections to HTTPS, type:

% snmpset -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlHttpSecureRedirect.0 i 1

HTTP and HTTPS Settings MIB Objects

The following MIB objects, values, and types are valid for HTTP and HTTPS settings.

TABLE 3-4 Valid MIB Objects, Values, and Types for HTTP and HTTPS Settings
MIB Object	Description	Allowed Values	Type	Default
HTTP
`ilomCtrlHttp Enabled`	Specifies whether the embedded web server should be running and listening on the HTTP port.	`true(1), false(2)`	Integer	None
`ilomCtrlHttp PortNumber`	Specifies the port number that the embedded web server should listen on for HTTP requests.	Range: 0..65535	Integer	None
`ilomCtrlHttp SecureRedirect`	Specifies whether the embedded web server should redirect HTTP connections to HTTPS.	`true(1), false(2)`	Integer	Enabled
HTTPS
`ilomCtrlHttps Enabled`	Specifies whether the embedded web server should be running and listening on the HTTPS port.	`true(1), false(2)`	Integer	True
`ilomCtrlHttps PortNumber`	Specifies the port number that the embedded web server should listen on for HTTPS requests.	Range: 0..65535	Integer	None

Configure IP Addresses

Note - You can use get and set commands to edit existing IP addresses in ILOM. For a description of the MIB objects used in this procedure, see Valid MIB Objects for IP Addresses.

1. Log in to a host that has an SNMP tool and the ILOM MIBs installed. For example, type:

ssh username@snmp_manager_ipaddress

Password: password

2. To get a network IP address, type:

% snmpget -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlNetworkIpAddress.0

3. To set a network IP address, type:

% snmpset -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlNetworkPendingIpAddress.0 s ipaddress
ilomCtrlNetworkCommitPending.0 i 1

Valid MIB Objects for IP Addresses

The following MIB objects, properties, values, and types are valid for IP addresses.

TABLE 3-5 Valid MIB Objects, Properties, Values, and Types for IP Addresses
MIB Object	Description	Allowed Values	Type	Default
`ilomCtrlNetworkTarget`	This is the nomenclature name for a target that has a configurable network. On some systems, there are multiple targets that have networks. On a rackmount stand-alone server, this table will contain only one row for the network configuration of the service processor, which has a nomenclature name of ’/SP’. On blade systems, this table contains multiple rows. There will be a row for ’/SC’ which allows for configuration of the network settings. In addition, there are rows for each blade’s service processor. For example, a blade’s service processor nomenclature takes the form of ’/CH/BL0/SP’, ’/CH/BL1/SP’ and so on. This allows for the configuration of the service processors from the CMM. Note - This MIB object is not accessible.	target	String	none
`ilomCtrlNetworkMacAddress`	The MAC address of the service processor or system controller. Note - This object is read-only.	MAC_ address	String	none
`ilomCtrlNetworkIpDiscovery`	Indicates whether the current target is configured to have static IP settings or whether these settings are retrieved dynamically from DHCP. Note - This object is read-only.	`static(1), dynamic(2)`	Integer	none
`ilomCtrlNetworkIpAddress`	Indicates the current IP address for the given target. Note - This object is read-only.	ip_address	String	none
`ilomCtrlNetworkIpGateway`	Indicates the current IP gateway for the given target. Note - This object is read-only.	ip_gateway	String	none
`ilomCtrlNetworkIpNetmask`	Indicates the current IP netmask for the given target. Note - This object is read-only.	ip_netmask	String	none
`ilomCtrlNetworkPending IpAddress`	This object is used to set the pending IP address for the given target. This property does not take effect until the `ilomCtrlNetworkCommitPending` property is set to `true` for the given row.	pending_ipaddress	String	None
`ilomCtrlNetworkPending IpGateway`	This object is used to set the pending IP gateway for the given target. This setting does not take effect until the `ilomCtrlNetworkCommitPending` property is set to `true` for the given row.	pending_ip_gateway	String	None
`ilomCtrlNetworkPending IpDiscovery`	This object is used to set the pending value for the mode of IP discovery for the given target. The possible values are `static(1)` or `dynamic(2)`. Static values can be specified by setting the other pending properties in this table: `ilomCtrlNetworkPendingIp Address, ilomCtrlNetworkPendingIp Gateway,`and`ilomCtrlNetworkPendingIp Netmask`. If dynamic is specified, the other pending properties should not be set. This property does not take effect until the `ilomCtrlNetworkCommitPending` MIB object is set to `true` for the given row.	`static(1), dynamic(2)`	Integer	None
`ilomCtrlNetworkPendingIpNetmask`	This object is used to set the pending IP netmask for the given target. This property does not take effect until the `ilomCtrlNetworkCommitPending` property is set to `true` for the given row.	pending_ip_ netmask	String	none
`ilomCtrlNetworkCommitPending`	This object is used to commit pending properties for the given row. Setting this property to `true(1)` will cause the network to be reconfigured according to the values specified in the other pending properties.	`true(1), false(2)`	Integer	None

Configuring Secure Shell Settings

Topics
Description	Links
Configure Secure Shell settings	View the Current Key and Key Length Enable and Disable SSH Generate a New SSH Key Restart the SSH Server

View the Current Key and Key Length

Note - You can use get commands to view current key and key length information. For a description of the MIB objects used in this procedure, see RSA and DSA Current Key and Key Length MIB Objects.

1. Log in to a host that has an SNMP tool and the ILOM MIBs installed. For example, type:

ssh username@snmp_manager_ipaddress

Password: password

2. Refer to the following SNMP command examples:

For RSA keys, to view the current key and key length, type the following:

% snmpget -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlSshRsaKeyFingerprint.0
% snmpget -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlSshRsaKeyLength.0

For DSA keys, to view the current key and key length, type the following:

% snmpget -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlSshDsaKeyFingerprint.0
% snmpget -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlSshDsaKeyLength.0

RSA and DSA Current Key and Key Length MIB Objects

You use the following MIB objects to view key information.

TABLE 3-6 Valid MIB Objects, Values, and Types for the Key Settings
MIB Object	Description	Allowed Values	Type	Default
`ilomCtrlSshRsaKey Fingerprint`	The fingerprint of the RSA key used for the SSH protocol.	Size: 0..255	String	None
`ilomCtrlSshRsaKey Length`	The length of the RSA key used for the SSH protocol.	Range: 0..65535	Integer	None
`ilomCtrlSshDsaKey Fingerprint`	The fingerprint of the DSA key used for the SSH protocol.	Size: 0..255	String	None
`ilomCtrlSshDsaKey Length`	The length of the DSA key used for the SSH protocol.	Range: 0..65535	Integer	None

Enable and Disable SSH

Note - You can use the set command enable and disable SSH. For a description of the MIB objects used in this procedure, see SSH Enabled MIB Object.

1. Log in to a host that has an SNMP tool and the ILOM MIBs installed. For example, type:

ssh username@snmp_manager_ipaddress

Password: password

2. To enable or disable SSH, type the following command to set the ilomCtrlSshEnabled MIB object to 1 (enabled) or 2 (disabled):

% snmpset -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlSshEnabled.0 i 1|2

SSH Enabled MIB Object

Use the following MIB object to enable or disable SSH.

TABLE 3-7 Valid MIB Object, Value, and Type for SSH Enabled Settings
MIB Object	Description	Allowed Values	Type	Default
`ilomCtrlSsh Enabled`	Specifies whether or not the SSH is enabled.	`true(1), false(2)`	Integer	Enabled

Generate a New SSH Key

Note - You can use the set command to generate a new SSH key. For a description of the MIB objects used in this procedure, see SSH Key MIB Objects.

1. Log in to a host that has an SNMP tool and the ILOM MIBs installed. For example, type:

ssh username@snmp_manager_ipaddress

Password: password

2. To set the SSH key type to RSA, type:

% snmpset -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlSshGenerateNewKeyType.0 i 2

3. To generate a new RSA key, type:

% snmpset -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlSshGenerateNewKeyAction.0 i 1

Note - The fingerprint and key will look different. The new key will take effect immediately for new connections.

SSH Key MIB Objects

The following MIB objects, values, and types are valid for generating SSH keys.

TABLE 3-8 Valid MIB Objects, Values, and Types for Generating SSH Keys
MIB Object	Description	Allowed Values	Type	Default
`ilomCtrlSsh GenerateNewKey Action`	This MIB object is used to initiate a new public key generation.	`true(1), false(2)`	Integer	None
`ilomCtrlSsh GenerateNewKey Type`	This MIB object is used to specify the type of SSH key to generate.	`none(1), rsa(2), dsa(3)`	Integer	None

Restart the SSH Server

Note - For a description of the MIB object used in this procedure, see Restart SSH MIB Object. Restarting SSH will end any existing SSH connections.A new key will not take effect until the SSH server is restarted. You can use the set command to restart SSH.

1. Log in to a host that has an SNMP tool and the ILOM MIBs installed. For example, type:

ssh username@snmp_manager_ipaddress

Password: password

2. To restart the SSH server, type:

% snmpset -v2c -cprivate -mALL SNMP_agent_ipaddress ilomCtrlSshRestartSshAction.0 i 1

Restart SSH MIB Object

The following MIB object, value, and type are valid for restarting SSH.

TABLE 3-9 Valid MIB Object, Value, and Type for Restarting SSH
MIB Object	Description	Allowed Values	Type	Default
`ilomCtrlSshRestartSshdAction`	This object is used to initiate an SSHD restart.	`true(1), false(2)`	Integer	None