Sun Integrated Lights Out Manager 2.0 User’s Guide Table Of ContentsPrevious ChapterNext ChapterBook Index

C H A P T E R  8
Configure ILOM Communication Settings

Advanced ILOM communication settings include network, serial port, and web configuration.

This chapter includes the following sections:


Note - Syntax examples in this chapter use the target starting with /SP/, which could be interchanged with the target starting with /CMM/ depending on your Sun server platform. Subtargets are common across all Sun server platforms.

Manage ILOM Network Settings Using the CLI

This section describes how to configure the network settings for ILOM using the ILOM command-line interface (CLI).

About Network Settings

Network settings have two sets of properties: pending and active. The active settings are currently in use by ILOM. These settings are read-only. If you want to change settings, enter the updated settings as the pending settings (pendingipaddress or pendingipgateway), then set the commitpending property to true. This prevents accidental disconnections for both port and network settings.


Note - Ensure that the same IP address is always assigned to ILOM by either assigning a static IP address to your ILOM after initial setup, or configuring your DHCP server to always assign the same IP address to ILOM. This enables ILOM to be easily located on the network.


procedure icon  View Network Settings Using the CLI

1. Log in to the ILOM CLI as an Administrator or Operator.

2. At the command prompt, type:

--> show /SP/network


procedure icon  Configure Network Settings Using the CLI

Use the set command to change properties and values for network settings.

1. Log in to the ILOM CLI as an Administrator.

2. At the command prompt, type:

--> set /SP/network

Targets, Properties, and Values

The following target, properties, and values are valid for ILOM network settings.


TABLE 8-1 ILOM Network Target, Properties, and Values

Target

Property

Value

Default

/SP/network

ipaddress

ipdiscovery

ipgateway

ipnetmask

macaddress

These read-only values are updated by the system

 

MAC address of ILOM

 

 

commitpending

pendingipaddress

pendingipdiscovery

pendingipgateway

pendingipnetmask

true|(none)

<ipaddress|none>

dhcp|static

<ipaddress|none>

<ipdotteddecimal>

(none)

none

dhcp

none

255.255.255.255


Example

To change the IP address for ILOM, type: 

-> set /SP/network pendingipaddress=nnn.nn.nn.nn commitpending=true

Note - Changing the IP address will disconnect your active session if you are connected to ILOM over a network.

To change the network settings from DHCP to static assigned settings, type: 

-> set /SP/network pendingipdiscovery=static pendingipaddress=nnn.nn.nn.nn pendingipgateway=nnn.nn.nn.nn pendingipnetmask=nnn.nn.nn.nn commitpending=true

Note - Settings take effect as soon you set commitpending to true.

Serial Port Settings

The serial port provides access to the ILOM web interface, the command-line interface (CLI), and the system console stream using serial port redirection.


Note - Normally, the host serial console settings match ILOM’s default settings (9600 baud, 8N1 [eight data bits, no parity, one stop bit], no flow control).


procedure icon  View Serial Port Settings Using the CLI

1. Log in to the ILOM CLI as an Administrator or Operator.

2. At the command prompt:

-> show /SP/serial/external

-> show /SP/serial/host


Note - The /SP/serial/host target is supported only on x64-based systems. SPARC-based servers implement a virtual console and not a physical console.


procedure icon  Configure Serial Port Settings Using the CLI

Use the set command to change properties and values for serial port settings. Port settings have two sets of properties: pending and active. The active settings are the settings currently in use by the ILOM. These settings are read-only. If you want to change settings, enter the updated settings as the pending settings, then set the commitpending property to true. This prevents accidental disconnections for both port and network settings.

1. Log in to the ILOM CLI as an Administrator or Operator.

2. At the command prompt type:

-> set target [propertyname=value]

Targets, Properties, and Values

The following targets, properties, and values are valid for ILOM serial ports.


TABLE 8-2 Valid Targets, Properties, and Values for ILOM Serial Ports

Target

Property

Value

Default

/SP/serial/external

commitpending

flowcontrol

pendingspeed

speed

true|(none)

none

<decimal>

9600

(none)

none

9600

9600

/SP/serial/host

commitpending

pendingspeed

speed

true|(none)

<decimal>

9600

(none)

(none)

9600


Example

To change the speed (baud rate) for the host serial port from 9600 to 57600, type: 

-> set /SP/serial/host pendingspeed=57600 commitpending=true

-> set /SP/serial/external pendingspeed=57600 commitpending=true

Note - On x64-based systems, the speed of the host serial port must match the speed setting for serial port 0, COM1, or /dev/ttys0 on the host operating system for ILOM to communicate properly with the host.


procedure icon  Enable HTTP or HTTPS Web Access Using the CLI

ILOM supports both HTTP or HTTPS connections. ILOM enables you to automatically redirect HTTP access to HTTPS. ILOM also enables you to set the HTTP and HTTPS ports.

1. Log in to the ILOM CLI as a an Administrator.

2. At the command prompt, type:

-> set /SP/services/http

The properties are located in /SP/services/http and /SP/services/https.

Targets, Properties, and Values

The following shows the valid targets, properties, and values for HTTP andHTTP


TABLE 8-3 Valid Targets, Properties, and Values for HTTP and HTTPS

Target

Property

Value

Default

/SP/services/http

secureredirect

enabled|
disabled

enabled

 

servicestate

enabled|
disabled

disabled

 

port

<portnum>

80

/SP/services/https

servicestate

enabled|
disabled

enabled

 

port

<portnum>

443


The following lists the possible settings HTTP, HTTPS, and automatic redirect.


TABLE 8-4 Possible Settings for HTTP, HTTPS, and Automatic Redirect

Desired State

Target

Property

Value

Enable HTTP only

/SP/services/http

secureredirect

disabled

 

/SP/services/http

servicestate

enabled

 

/SP/services/https

servicestate

disabled

Enable HTTP and HTTPS

/SP/services/http

secureredirect

disabled

 

/SP/services/http

servicestate

enabled

 

/SP/services/https

servicestate

enabled

Enable HTTPS only

/SP/services/http

secureredirect

disabled

 

/SP/services/http

servicestate

disabled

 

/SP/services/https

servicestate

enabled

Automatically redirect HTTP to HTTPS

/SP/services/http

secureredirect

enabled

 

/SP/services/http

servicestate

disabled

 

/SP/services/https

servicestate

enabled


Configure Secure Shell Settings

Secure Shell (SSH) is the standard protocol used to access a secure remote connection to the ILOM command-line interface (CLI). Using SSH ensures that all management interactions with ILOM are encrypted and secure. Both ends of the server connection are authenticated using digital keys, and passwords are protected by encryption. The ILOM connection is protected by RSA and DSA key encryption.


procedure icon  Establish a Secure Remote Connection to Run CLI Commands

single-step bullet  You will need to establish a secure connection from a remote SSH client to the server SP. To establish a secure connection, type the following:

ssh -l username server_ip_address

Password: ********

The default prompt appears (->) and the system is ready for you to run the CLI commands to establish network settings.


procedure icon  View the Current Key Using the CLI

The need to view keys constitutes advanced configuration; most of the time, you will not need to view keys. You can either view the whole public key, or the abbreviated fingerprint of the key.


Note - All of the properties below /SP/services/ssh/keys/rsa|dsa are read only

single-step bullet  To view the RSA key, type: 


-> show /SP/services/ssh/keys/rsa
    For example:
/SP/services/ssh/keys/rsa
    Targets:
       Properties:
          fingerprint = ca:c0:05:ff:b7:75:15:a0:30:df:1b:a1:76:bd:fe:e5
          length = 1024
           publickey
AAAAB3NzaC1yc2EAAAABIwAAAIEAthvlqgXbPIxN4OEvkukKupdFPr8GDaOsKGg
BESVlnny4nX8yd8JC/hrw3qDHmXIZ8JAFwoLQgjtZCbEsgpn9nNIMb6nSfu6Y1t
TtUZXSGFBZ48ROmU0SqqfR3i3bgDUR0siphlpgV6Yu0Zd1h3549wQ+RWk3vxqHQ
Ffzhv9c=
      Commands:
          cd
          show

single-step bullet  To view the DSA key, type: 


-> show /SP/services/ssh/keys/dsa
For example:
 /SP/services/ssh/keys/dsa
     Targets:
 
     Properties:
        fingerprint = 6a:90:c7:37:89:e6:73:23:45:ff:d6:8e:e7:57:2a:60
        length = 1024
        publickey =
AAAAB3NzaC1kc3MAAACBAInrYecNH86imBbUqE+3FoUfm/fei2ZZtQzqrMx5zBm
bHFIaFdRQKeoQ7gqjc9jQbO7ajLxwk2vZzkg3ntnmqHz/hwHvdho2KaolBtAFGc
fLIdzGVxi4I3phVb6anmTlbqI2AILAa7JvQ8dEGbyATYR9A/pf5VTac/TQ70O/J
AAAAFQCIUavkex7wtEhC0CH3s25ON0I3CwAAAIBNfHUop6ZN7i46ZuQOKhD7Mkj
gdHy+8MTBkupVfXqfRE9Zw9yrBZCNsoD8XEeIeyP+puO5k5dJvkzqSqrTVoAXyY
qewyZMFE7stutugw/XEmyjq+XqBWaiOAQskdiMVnHa3MSg8PKJyWP8eIMxD3rIu
PTzkV632uBxzwSwfAQAAAIAtA8/3odDJUprnxLgHTowc8ksGBj/wJDgPfpGGJHB
B1FDBMhSsRbwh6Z+s/gAf1f+S67HJBTUPsVSMz+czmamc1oZeOazT4+zeNG6uCl
u/5/JmJSdkguc1FcoxtBFqfO/fKjyR0ecWaU7L4kjvWoSsydHJ0pMHasEecEBEr
lg==
 
     Commands:
         cd
         show


procedure icon  Enable or Disable SSH Using the CLI

single-step bullet  If you do not want to provide access over the network, or if you do not want to use SSH, type the following:

-> set /SP/services/ssh state=enabled | disabled


procedure icon  Enable or Disable SSH Using the Web Interface

1. Log in to ILOM as an Administrator.

2. Select Configuration --> System Management Access --> SSH Server.

3. From the SSH Server drop-down list, select Enabled or Disabled.

FIGURE 8-1 SSH Server Settings Page


Graphic showing SSH Server Settings Page


procedure icon  Generate a New Key Using the CLI

1. Set the key type by typing the following:

-> set /SP/services/ssh generate_new_key_type=dsa | rsa

2. Set the action to true.

-> set /SP/services/ssh generate_new_key_action=true

The fingerprint and key will look different.


procedure icon  Generate a New Key Using the Web Interface

1. Log in to ILOM as an Administrator.

2. Select Configuration --> System Management Access --> SSH Server.

3. Select RSA by clicking the Generate RSA Key button, or select DSA by clicking the Generate DSA Key button.

Confirm or cancel your selection by clicking OK or Cancel when you are prompted.

FIGURE 8-2 Confirmation Dialog


Graphic showing Confirmation dialog

[

procedure icon  Restart the SSH Server Using the CLI

A new key will not take effect until the SSH server is restarted.


Note - Restarting will end any existing SSH connections.

single-step bullet  To restart the SSH server, type the following:

-> set /SP/services/ssh restart_sshd_action=true


procedure icon  Restart the SSH Server Using the Web Interface

A new key will not take effect until the SSH server is restarted.


Note - Restarting will end any existing SSH connections.

1. Log in to ILOM as an Administrator.

2. Select Configuration --> System Management Access --> SSH Server.

3. From the SSH Server drop-down list, select Restart SSH Server.

Manage ILOM Network Settings Using the Web Interface

This section describes how to configure the network parameters for ILOM using the ILOM web interface.

ILOM automatically configures its IP settings using the Dynamic Host Configuration Protocol (DHCP). If your network does not support this protocol, you need to set the parameters manually.


procedure icon  View Network Settings Using the Web Interface

1. Log in to ILOM as Administrator or Operator to open the ILOM web interface.

2. Select Configuration --> Network.

From the Network Settings page, you can view MAC addresses and configure network addresses for the server’s Chassis Monitoring Modules and service processors.


Note - DHCP is the default mode, but you can manually configure each IP address, Netmask, and Gateway.


procedure icon  Configure Network Settings Using the Web Interface

1. Log in to ILOM as an Administrator to open the ILOM web interface.

2. Select Configuration --> Network.

The Network Settings page appears.

FIGURE 8-3 Network Settings Page


Graphic showing Network Settings page

3. Complete the information in the Network Settings page.

Use the descriptions in the following table when completing the information.


TABLE 8-5 Network Settings Page Fields

Item

Description

MAC Address

The ILOM’s media access control (MAC) address is set at the factory. The MAC address is a hardware address that is unique to each networked device. ILOM’s MAC address is provided on a label on the server or CMM, on the Customer Information Sheet included on the ship kit, and in the BIOS Setup screen.

Obtain an IP Address Automatically (use DHCP)

Click the radio button to have the DHCP obtain an IP address.

IP Address

Type ILOM’s IP address. The IP address is a unique name that identifies the system on a TCP/IP network.

Subnet Mask

Type the subnet mask of the network on which ILOM resides.

Gateway

Type ILOM’s gateway access address.


4. Click Save for your settings to take effect.

Settings are considered pending until you click Save. Changing the IP address will end your ILOM session.

You are prompted to close your web browser.

5. Log back in to ILOM using the new IP address.


Note - If you changed the network settings, you may need to log back in with a new browser session.


procedure icon  Display Serial Port Settings Using the Web Interface

1. Log in to the ILOM web interface as an Administrator or Operator.

2. Select Configuration --> Serial Port.

The Serial Port Settings page appears.

FIGURE 8-4 Serial Port Settings Page


Graphic showing Serial Port Settings page

3. View the baud rate for the external serial port.


procedure icon  Configure Serial Port Settings Using the Web Interface

This section describes how to configure the ILOM serial port. The default settings are 9600 baud and no flow control.

1. Log in to ILOM as an Administrator to open the ILOM web interface.

2. Select Configuration --> Serial Port.

The Serial Port Settings page appears.

3. Select the baud rate for the internal serial port from the Internal Serial Port Baud Rate drop-down list.

This setting must match the setting for serial port 0, COM1 or /dev/ttyS0 on the host operating system.

The baud rate value must match the speed that was specified for the BIOS serial redirection feature (default is 9600 baud) and the speed used for the boot loader and operating system configuration.

To connect to the system console using ILOM, ILOM must be set to its default settings (9600 baud, 8N1 [eight data bits, no parity, one stop bit], no flow control).

4. Select the baud rate for the external serial port from the External Serial Port Baud Rate drop-down list.

This setting must match the baud rate on the RJ-45 serial port on the Sun server.

5. Click Save for your changes to take effect, or click Cancel to return to the previous settings.


procedure icon  Enable HTTP or HTTPS Web Access Using the Web Interface

This section describes how to view and modify web server settings.

ILOM provides the option to control access to the web interface. There are four choices:

HTTPS is enabled by default.

1. Log in to ILOM as an Administrator to open the ILOM web interface.

2. Select Configuration --> System Management Access --> Web Server.

The Web Server Settings page appears.

FIGURE 8-5 Web Server Settings Page


Graphic showing Web Server Settings page.

3. Select the HTTP or HTTPS web server.

The HTTPS web server is enabled by default.


Note - If you disable HTTP or select Redirect HTTP Connection to HTTPS, and then disable HTTPS, you will be unable to access the ILOM web interface. To restore access, use the CLI /SP/services/http or /SP/services/https commands, as described in Enable HTTP or HTTPS Web Access Using the CLI.

4. Assign an HTTP or HTTPS port number.

5. Click Save for your settings to take effect.



Sun Integrated Lights Out Manager 2.0 User’s Guide 820-1188-12 Table Of ContentsPrevious ChapterNext ChapterBook Index

Copyright © 2008 Sun Microsystems, Inc. All Rights Reserved.