ipmitool

Ipmitool is can performs a series of common IPMI server management functions to allow administrators to perform management functions without a learning curve. It can gather FRU inventory data, SEL firmware log, sensors, watchdog, power control, health, monitoring, and has an SOL console.

The IPMI Specification provides a standard way to do both simple and complex server management functions. Everything from remote reset/power-off to sending an SNMP alert from a sensor event even if the OS is down. Being able to perform these tasks in Baseboard Management Controller (BMC) firmware allows OS-independent management. What many administrators and integrators need, however, is a set of utilities and/or sample code to perform these functions within their enterprise management subsystem without a learning curve.

The program lets you manage Intelligent Platform Management Interface (IPMI) functions of either the local system, via a kernel device driver, or a remote system, using IPMI V1.5 and IPMI v2.0. These functions include printing FRU information, LAN configuration, sensor readings, and remote chassis power control.

IPMI management of a local system interface requires a compatible IPMI kernel driver to be installed and configured. On Linux this driver is called OpenIPMI and it is included in standard distributions. On Solaris this driver is called BMC and is inclued in Solaris 10. Management of a remote station requires the IPMI-over-LAN interface to be enabled and configured. Depending on the particular requirements of each system it may be possible to enable the LAN interface using ipmitool over the system interface.

ipmitool [-c|-h|-v|-V] -I open <command>

ipmitool [-c|-h|-v|-V] -I lan -H <hostname>
	 [-p <port>] 
	 [-U <username>] 
	 [-A <authtype>] 
	 [-L <privlvl>] 
	 [-a|-E|-P|-f <password>] 
	 [-o <oemtype>] >
	 < command> 

ipmitool [-c|-h|-v|-V] -I lanplus -H <hostname>
	 [-p <port>] 
	 [-U <username>] 
	 [-L <privlvl>]  
	 [-a|-E|-P|-f <password>] 
	 [-o <oemtype>] 
	 [-C <ciphersuite>] 
	 < command> 

Commands are hierarchical. For example issuing “ipmitool sel help” will show all available SEL

Commands:

• raw Send a RAW IPMI request and print response
• i2c Send an I2C Master Write-Read command and print response
• spd Print SPD info from remote I2C device
• lan Configure LAN Channels
• chassis Get chassis status and set power state
• power Shortcut to chassis power commands
• event Send pre-defined events to MC
• mc Management Controller status and global enables
• sdr Print Sensor Data Repository entries and readings
• sensor Print detailed sensor information
• fru Print built-in FRU and scan SDR for FRU locators
• gendev Read/Write Device associated with Generic Device locators sdr
• sel Print System Event Log (SEL)
• pef Configure Platform Event Filtering (PEF)
• sol Configure and connect IPMIv2.0 Serial-over-LAN
• tsol Configure and connect with Tyan IPMIv1.5 Serial-over-LAN
• isol Configure IPMIv1.5 Serial-over-LAN
• user Configure Management Controller users
• channel Configure Management Controller channels
• session Print session information
• sunoem OEM Commands for Sun servers
• kontronoem OEM Commands for Kontron devices
• picmg Run a PICMG/ATCA extended cmd
• fwum Update IPMC using Kontron OEM Firmware Update Manager
• firewall Configure Firmware Firewall
• delloem OEM Commands for Dell systems
• shell Launch interactive IPMI shell
• exec Run list of commands from file
• set Set runtime variable for shell and exec
• hpm Update HPM components using PICMG HPM.1 file
• ekanalyzer run FRU-Ekeying analyzer using FRU files

OPTIONS

-a

Prompt for the remote server password.

-A <authtype>

Specify an authentication type to use during IPMIv1.5 lan session activation. Supported types are NONE, PASSWORD, MD5, or OEM.

-c

Present output in CSV (comma separated variable) format. This is not available with all commands.

-C <ciphersuite>

The remote server authentication, integrity, and encryption algorithms to use for IPMIv2 lanplus connections. See table 22-19 in the IPMIv2 specification. The default is 3 which specifies RAKP-HMAC-SHA1 authentication, HMAC-SHA1-96 integrity, and AES-CBC-128 encryption algorightms.

-E

The remote server password is specified by the environment variable IPMI_PASSWORD.

-f <password_file>

Specifies a file containing the remote server password. If this option is absent, or if password_file is empty, the password will default to NULL.

-h

Get basic usage help from the command line.

-H <address>

Remote server address, can be IP address or hostname. This option is required for lan and lanplus interfaces.

-I <interface>

Selects IPMI interface to use. Supported interfaces that are compiled in are visible in the usage help output.

-L <privlvl>

Force session privilege level. Can be CALLBACK, USER, OPERATOR, ADMIN. Default is ADMIN.

-m <local_address>

Set the local IPMB address. The default is 0x20 and there should be no need to change it for normal operation.

-o <oemtype>

Select OEM type to support. This usually involves minor hacks in place in the code to work around quirks in various BMCs from various manufacturers. Use -o list to see a list of current supported OEM types.

-p <port>

Remote server UDP port to connect to. Default is 623.

-P <password>

Remote server password is specified on the command line. If supported it will be obscured in the process list. Note! Specifying the password as a command line option is not recommended.

-t <target_address>

Bridge IPMI requests to the remote target address.

-U <username>

Remote server username, default is NULL user.

-v

Increase verbose output level. This option may be specified multiple times to increase the level of debug output. If given three times you will get hexdumps of all incoming and outgoing packets.

-V

Display version information.

If no password method is specified then ipmitool will prompt the user for a password. If no password is entered at the prompt, the remote server password will default to NULL.

SECURITY

There are several security issues be be considered before enabling the IPMI LAN interface. A remote station has the ability to control a system's power state as well as being able to gather certain platform information. To reduce vulnerability it is strongly advised that the IPMI LAN interface only be enabled in 'trusted' environments where system security is not an issue or where there is a dedicated secure 'management network'.

Further it is strongly advised that you should not enable IPMI for remote access without setting a password, and that that password should not be the same as any other password on that system.

When an IPMI password is changed on a remote machine with the IPMIv1.5 lan interface the new password is sent across the network as clear text. This could be observed and then used to attack the remote system. It is thus recommended that IPMI password management only be done over IPMIv2.0 lanplus interface or the system interface on the local station.

For IPMI v1.5, the maximum password length is 16 characters. Passwords longer than 16 characters will be truncated.

For IPMI v2.0, the maximum password length is 20 characters; longer passwords are truncated.

COMMANDS

help This can be used to get command-line help on ipmitool commands. It may also be placed at the end of commands to get option usage help for particular subcommand. For example:

ipmitool help

Commands: raw Send a RAW IPMI request and print

response ... ... ...

ipmitool chassis help Chassis Commands: status, power, identify, policy, restart_cause, poh, bootdev

ipmitool chassis power help
chassis power Commands: status, on, off, cycle, reset, diag, soft
bmc|mc

reset <warm|cold> Instructs the BMC to perform a warm or cold reset.

info Displays information about the BMC hardware, including device revision, firmware revision, IPMI version supported, manufacturer ID, and information on additional device support.

getenables Displays a list of the currently enabled options for the BMC.

setenables <option>=[on|off]

Enables or disables the given option. This command is only supported over the system interface according to the IPMI specification. Currently supported values for option include:

recv_msg_intr

Receive Message Queue Interrupt

event_msg_intr Event Message Buffer Full Interrupt event_msg

Event Message Buffer

system_event_log

System Event Logging

oem0

OEM-Defined option #0

oem1

OEM-Defined option #1

oem2

OEM-Defined option #2

channel

authcap <channel number> <max priv>

Displays information about the authentication capabilities of the selected channel at the specified privilege level.

Possible privilege levels are:

1 Callback level

2 User level

3 Operator level

4 Administrator level

5 OEM Proprietary level

info [channel number]

Displays information about the selected channel. If no channel is given it will display information about the currently used channel:

ipmitool channel info

Channel 0xf info:

Channel Medium Type : System Interface

Channel Protocol Type : KCS

Session Support : session-less

Active Session Count : 0

Protocol Vendor ID : 7154

getaccess <channel number> [userid]

Configure the given userid as the default on the given channel number. When the given channel is subsequently used, the user is identified implicitly by the given userid.

setaccess <channel number> <userid>

[callin=on|off] [ipmi=on|off] [link=on|off] [privilege=level]

Configure user access information on the given channel for the given userid.

getciphers <all | supported> <ipmi | sol> [channel]

Displays the list of cipher suites supported for the given application (ipmi or sol) on the given channel.

chassis

status

Displays information regarding the high-level status of the system chassis and main power subsystem.

poh

This command will return the Power-On Hours counter.

identify <interval>

Control the front panel identify light. Default is 15. Use 0 to turn off.

restart_cause

Query the chassis for the cause of the last system restart.

policy

Set the chassis power policy in the event power failure.

list

Return supported policies.

always-on

Turn on when power is restored.

previous

Returned to previous state when power is restored.

always-off

Stay off after power is restored.

power

Performs a chassis control command to view and change the power state.

status

Show current chassis power status.

on

Power up chassis.

off

Power down chassis into soft off (S4/S5 state). WARNING: This command does not initiate a clean shutdown of the operating system prior to powering down the system.

cycle

Provides a power off interval of at least 1 second. No action should occur if chassis power is in S4/S5 state, but it is recommended to check power state first and only issue a power cycle command if the system power is on or in lower sleep state than S4/S5.

reset

This command will perform a hard reset.

diag

Pulse a diagnostic interrupt (NMI) directly to the processor(s).

soft

Initiate a soft-shutdown of OS via ACPI. This can be done in a number of ways, commonly by simulating an overtemperture or by simulating a power button press. It is necessary for there to be Operating System support for ACPI and some sort of daemon watching for events for this soft power to work.

bootdev <device>

Request the system to boot from an alternate boot device on next reboot.

Currently supported values for <device> are:

pxe

Force PXE boot

disk

Force boot from BIOS default boot device

safe

Force boot from BIOS default boot device, request Safe Mode

diag

Force boot from diagnostic partition

cdrom

Force boot from CD/DVD

bios

Force boot into BIOS setup

event

<predefined event number>

Send a pre-defined event to the System Event Log. The following events are included as a means to test the functionality of the System Event Log component of the BMC (an entry will be added each time the event n command is executed).

Currently supported values for n are:

1 Temperature: Upper Critical: Going High

2 Voltage Threshold: Lower Critical: Going Low

3 Memory: Correctable ECC Error Detected

NOTE: These pre-defined events will likely not produce "accurate" SEL records for a particular system because they will not be correctly tied to a valid sensor number, but they are sufficient to verify correct operation of the SEL.

file <filename>

Event log records specified in filename will be added to the System Event Log.

The format of each line in the file is as follows:

<{EvM Revision} {Sensor Type} {Sensor Num} {Event Dir/Type} {Event Data 0} {Event Data 1} {Event Data 2}>COMMENT

Note: The Event Dir/Type field is encoded with the event direction as the high bit (bit 7) and the event type as the low 7 bits.

e.g.:

0x4 0x2 0x60 0x1 0x52 0x0 0x0 # Voltage threshold: Lower Critical: Going Low

exec <filename>

Execute ipmitool commands from filename. Each line is a complete command. The syntax of the commands are defined by the COMMANDS section in this manpage. Each line may have an optional comment at the end of the line, delimited with a ‘#’ symbol.

e.g., a command file with two lines:

sdr list # get a list of sdr records

sel list # get a list of sel records

fru

print

This command will read all Field Replaceable Unit (FRU) inventory data and extract such information as serial number, part number, asset tags, and short strings describing the chassis, board, or product.

i2c <i2caddr> <read bytes> [<write data>]

This will allow you to execute raw I2C commands with the Master Write-Read IPMI command.

isol

setup <baud rate>

Setup baud rate for IPMI v1.5 Serial-over-LAN.

lan

print <channel>

Print the current configuration for the given channel.

set <channel> <parameter>

Set the given parameter on the given channel. Valid parameters are:

ipaddr <x.x.x.x>

Set the IP address for this channel.

netmask <x.x.x.x>

Set the netmask for this channel.

macaddr <xx:xx:xx:xx:xx:xx>

Set the MAC address for this channel.

defgw ipaddr <x.x.x.x>

Set the default gateway IP address.

defgw macaddr <xx:xx:xx:xx:xx:xx>

Set the default gateway MAC address.

bakgw ipaddr <x.x.x.x>

Set the backup gateway IP address.

bakgw macaddr <xx:xx:xx:xx:xx:xx>

Set the backup gateway MAC address.

password <pass>

Set the null user password.

snmp <community string>

Set the SNMP community string.

user

Enable user access mode for userid 1 (issue the ‘user’ command to display information about userids for a given channel).

access <on|off>

Set LAN channel access mode.

ipsrc <source>

Set the IP address source:

none unspecified

static manually configured static IP address

dhcp address obtained by BMC running DHCP

bios address loaded by BIOS or system software

arp respond <on|off>

Set BMC generated ARP responses.

arp generate <on|off>

Set BMC generated gratuitous ARPs.

arp interval <seconds>

Set BMC generated gratuitous ARP interval.

auth <level,…> <type,…>

Set the valid authtypes for a given auth level.

Levels: callback, user, operator, admin

Types: none, md2, md5, password, oem

cipher_privs <privlist>

Correlates cipher suite numbers with the maximum privilege level that is allowed to use it. In this way, cipher suites can restricted to users with a given privilege level, so that, for example, administrators are required to use a stronger cipher suite than normal users.

The format of privlist is as follows. Each character represents a privilege level and the character position identifies the cipher suite number. For example, the first character represents cipher suite 1 (cipher suite 0 is reserved), the second represents cipher suite 2, and so on. privlist must be 15 characters in length.

Characters used in privlist and their associated privilege levels are:

X Cipher Suite Unused

c CALLBACK

u USER

o OPERATOR

a ADMIN

O OEM

So, to set the maximum privilege for cipher suite 1 to USER and suite 2 to ADMIN, issue the following command:

ipmitool -I interface lan set channel cipher_privs uaXXXXXXXXXXXXX

pef

info

This command will query the BMC and print information about the PEF supported features.

status

This command prints the current PEF status (the last SEL entry processed by the BMC, etc).

policy

This command lists the PEF policy table entries. Each policy entry describes an alert destination. A policy set is a collection of table entries. PEF alert actions reference policy sets.

list

This command lists the PEF table entries. Each PEF entry relates a sensor event to an action. When PEF is active, each platform event causes the BMC to scan this table for entries matching the event, and possible actions to be taken. Actions are performed in priority order (higher criticality first).

raw <netfn> <cmd> [data]

This will allow you to execute raw IPMI commands. For example to query the POH counter with a raw command:

ipmitool -v raw 0x0 0xf

RAW REQ (netfn=0x0 cmd=0xf data_len=0)

RAW RSP (5 bytes)

3c 72 0c 00 00

sdr

info

This command will query the BMC for SDR information.

list [all|full|compact|event|mcloc|fru|generic]

This command will read the Sensor Data Records (SDR) and extract sensor information of a given type, then query each sensor and print its name, reading, and status.

Valid types are:

all

All SDR records (Sensor and Locator)

full

Full Sensor Record

compact

Compact Sensor Record

event

Event-Only Sensor Record

mcloc

Management Controller Locator Record

fru

FRU Locator Record

generic

Generic SDR records

entity <id>[.<instance>]

Displays all sensors associated with an entity. Get a list of valid entity ids on the target system by issuing the ‘sdr list’ command with the verbose option (‘-v’). A list of all entity ids can be found in the IPMI specifications.

dump <file>

Dumps raw SDR data to a file.

sel

NOTE: SEL entry-times are displayed as ‘Pre-Init Time-stamp’ if the SEL clock needs to be set. Ensure that the SEL clock is accurate by invoking the ‘sel time get’ and ‘sel time set <time string>’ commands.

info

This command will query the BMC for information about the System Event Log (SEL) and its contents.

clear

This command will clear the contents of the SEL. It cannot be undone so be careful.

list

When this command is invoked without arguments, the entire contents of the SEL are displayed.

<count>|first <count>

Displays the first count (least-recent) entries in the SEL. If count is zero, all entries are displayed.

last <count>

Displays the last count (most-recent) entries in the SEL. If count is zero, all entries are displayed.

delete <number>

Delete a single event.

time

get

Displays the SEL clock's current time.

set <time string>

Sets the SEL clock. Future SEL entries will use the time set by this command. <time string> is of the form "MM/DD/YYYY HH:MM:SS". Note that hours are in 24-hour form. It is recommended that the SEL be cleared before setting the time.

sensor

list

Lists sensors and thresholds in a wide table format.

get <id> … [<id>]

Prints information for sensors specified by name.

thresh <id> <threshold> <setting>

This allows you to set a particular sensor threshold value. The sensor is specified by name.

Valid thresholds are:

unr Upper Non-Recoverable

ucr Upper Critical

unc Upper Non-Critical

lnc Lower Non-Critical

lcr Lower Critical

lnr Lower Non-Recoverable

session

info <active | all | id 0xnnnnnnnn | handle 0xnn>

Get information about the specified session(s). You may identify sessions by their id, by their handle number, by their active status, or by using the keyword ‘all’ to specify all sessions.

sol

info [<channel number>]

Retrieve information about the Serial-Over-LAN configuration on the specified channel. If no channel is given, it will display SOL configuration data for the currently used channel.

set <parameter> <value> [channel]

Configure parameters for Serial Over Lan. If no channel is given, it will display SOL configuration data for the currently used channel. Configuration parameter updates are automatically guarded with the updates to the set-in-progress parameter.

Valid parameters and values are:

set-in-progress

set-complete set-in-progress commit-write

enabled

true false

force-encryption

true false

force-authentication

true false

privilege-level

user operator admin oem

character-accumulate-level

Decimal number given in 5 milliseconds increments

character-send-threshold

Decimal number

retry-count

Decimal number. 0 indicates no retries after packet is transmitted.

retry-interval

Decimal number in 10 millisend increments. 0 indicates that retries should be sent back to back.

non-volatile-bit-rate

serial, 19.2, 38.4, 57.6, 115.2. Setting this value to serial indicates that the BMC should use the setting used by the IPMI over serial channel.

volatile-bit-rate

serial, 19.2, 38.4, 57.6, 115.2. Setting this value to serial indiates that the BMC should use the setting used by the IPMI over serial channel.

activate

Causes ipmitool to enter Serial Over LAN mode, and is only available when using the lanplus interface. An RMCP+ connection is made to the BMC, the terminal is set to raw mode, and user input is sent to the serial console on the remote server. On exit,the the SOL payload mode is deactivated and the terminal is reset to its original settings.

Special escape sequences are provided to control the SOL session:

~. Terminate connection

~^Z Suspend ipmitool

~B Send break

~~ Send the escape character by typing it twice

~? Print the supported escape sequences

deactivate

Deactivates Serial Over LAN mode on the BMC. Exiting Serial Over LAN mode should automatically cause this command to be sent to the BMC, but in the case of an unintentional exit from SOL mode, this command may be necessary to reset the state of the BMC.

user

summary

Displays a summary of userid information, including maximum number of userids, the number of enabled users, and the number of fixed names defined.

list

Displays a list of user information for all defined userids.

set

name <userid> <username>

Sets the username associated with the given userid.

password <userid> [<password>]

Sets the password for the given userid. If no password is given, the password is cleared (set to the NULL password). Be careful when removing passwords from administrator-level accounts.

disable <userid>

Disables access to the BMC by the given userid.

enable <userid>

Enables access to the BMC by the given userid.

test <userid> <16|20> [<password>]

Determine whether a password has been stored as 16 or 20 bytes.

NOTE: To determine on which channel the LAN interface is located, issue the ‘channel info channel’ command.

OPEN INTERFACE

The ipmitool open interface utilizes the OpenIPMI kernel device driver. This driver is present in all modern 2.4 and all 2.6 kernels and it should be present in recent Linux distribution kernels. There are also IPMI driver kernel patches for different kernel versions available from the OpenIPMI homepage.

The required kernel modules is different for 2.4 and 2.6 kernels. The following kernel modules must be loaded on a 2.4-based kernel in order for ipmitool to work:

ipmi_msghandler

Incoming and outgoing message handler for IPMI interfaces.

ipmi_kcs_drv

An IPMI Keyboard Controler Style (KCS) interface driver for the message handler.

ipmi_devintf

Linux character device interface for the message handler.

The following kernel modules must be loaded on a 2.6-based kernel in order for ipmitool to work:

ipmi_msghandler

Incoming and outgoing message handler for IPMI interfaces.

ipmi_si

An IPMI system interface driver for the message handler. This module supports various IPMI system interfaces such as KCS, BT, SMIC, and even SMBus in 2.6 kernels.

ipmi_devintf

Linux character device interface for the message handler.

Once the required modules are loaded there will be a dynamic character device entry that must exist at /dev/ipmi0. For systems that use devfs or udev this will appear at /dev/ipmi/0.

To create the device node first determine what dynamic major number it was assigned by the kernel by looking in /proc/devices and checking for the ipmidev entry. Usually if this is the first dynamic device it will be major number 254 and the minor number for the first system interface is 0 so you would create the device entry with:

mknod /dev/ipmi0 c 254 0

ipmitool includes some sample initialization scripts that can perform this task automatically at start-up.

In order to have ipmitool use the OpenIPMI device interface you can specifiy it on the command line:

ipmitool -I open <command>

BMC INTERFACE

The ipmitool bmc interface utilizes the bmc device driver as provided by Solaris 10 and higher. In order to force ipmitool to make use of this interface you can specify it on the command line: <pp> ipmitool -I bmc <command>

The following files are associated with the bmc driver:

/platform/i86pc/kernel/drv/bmc

32-bit ELF kernel module for the bmc driver.

/platform/i86pc/kernel/drv/amd64/bmc

64-bit ELF kernel module for the bmc driver.

/dev/bmc

Character device node used to communicate with the bmc driver.

LIPMI INTERFACE

The ipmitool lipmi interface uses the Solaris 9 IPMI kernel device driver. It has been superceeded by the bmc interface on Solaris 10. You can tell ipmitool to use this interface by specifying it on the command line.

ipmitool -I lipmi <expression>

LAN INTERFACE

The ipmitool lan interface communicates with the BMC over an Ethernet LAN connection using UDP under IPv4. UDP datagrams are formatted to contain IPMI request/response messages with a IPMI session headers and RMCP headers.

IPMI-over-LAN uses version 1 of the Remote Management Control Protocol (RMCP) to support pre-OS and OS-absent management. RMCP is a request-response protocol delivered using UDP datagrams to port 623.

The LAN interface is an authenticatiod multi-session connection; messages delivered to the BMC can (and should) be authenticated with a challenge/response protocol with either straight password/key or MD5 message-digest algorithm. ipmitool will attempt to connect with administrator privilege level as this is required to perform chassis power functions.

You can tell ipmitool to use the lan interface with the -I lan option:

ipmitool -I lan -H <hostname> [-U <username>] [-P <password>] <command>

A hostname must be given on the command line in order to use the lan interface with ipmitool. The password field is optional; if you do not provide a password on the command line, ipmitool will attempt to connect without authentication. If you specify a password it will use MD5 authentication if supported by the BMC and straight password/key otherwise, unless overridden with a command line option.

LANPLUS INTERFACE

Like the lan interface, the lanplus interface communicates with the BMC over an Ethernet LAN connection using UDP under IPv4. The difference is that the lanplus interface uses the RMCP+ protocol as described in the IMPI v2.0 specification. RMCP+ allows for improved authentication and data integrity checks, as well as encryption and the ability to carry multiple types of payloads. Generic Serial Over LAN support requires RMCP+, so the ipmitool sol activate command requires the use of the lanplus interface.

RMCP+ session establishment uses a symmetric challenge-response protocol called RAKP (Remote Authenticated Key-Exchange Protocol) which allows the negotiation of many options. ipmitool does not yet allow the user to specify the value of every option, defaulting to the most obvious settings marked as required in the v2.0 specification. Authentication and integrity HMACS are produced with SHA1, and encryption is performed with AES-CBC-128. Role-level logins are not yet supported.

ipmitool must be linked with the OpenSSL library in order to perform the encryption functions and support the lanplus interface. If the required packages are not found it will not be compiled in and supported.

You can tell ipmitool to use the lanplus interface with the -I lanplus option:

ipmitool -I lanplus -H <hostname> [-U <username>] [-P <password>] <command>

A hostname must be given on the command line in order to use the lan interface with ipmitool. With the exception of the -A and -C options the rest of the command line options are identical to those available for the lan interface.

The -C option allows you specify the authentication, integrity, and encryption algorithms to use for for lanplus session based on the cipher suite ID found in the IPMIv2.0 specification in table 22-19. The default cipher suite is 3 which specifies RAKP-HMAC-SHA1 authentication, HMAC-SHA1-96 integrity, and AES-CBC-128 encryption algorightms.

EXAMPLES

Example 1: Listing remote sensors

> ipmitool -I lan -H 1.2.3.4 -f passfile sdr list

Baseboard 1.25V | 1.24 Volts | ok

Baseboard 2.5V | 2.49 Volts | ok

Baseboard 3.3V | 3.32 Volts | ok

Example 2: Displaying status of a remote sensor

> ipmitool -I lan -H 1.2.3.4 -f passfile sensor get "Baseboard 1.25V"

Locating sensor record…

Sensor ID : Baseboard 1.25V (0x10)

Sensor Type (Analog) : Voltage

Sensor Reading : 1.245 (+/- 0.039) Volts

Status : ok

Lower Non-Recoverable : na

Lower Critical : 1.078

Lower Non-Critical : 1.107

Upper Non-Critical : 1.382

Upper Critical : 1.431

Upper Non-Recoverable : na

Example 3: Displaying the power status of a remote chassis

> ipmitool -I lan -H 1.2.3.4 -f passfile chassis power status

Chassis Power is on

Example 4: Controlling the power on a remote chassis

> ipmitool -I lan -H 1.2.3.4 -f passfile chassis power on

Chassis Power Control: Up/On

AUTHOR

Duncan Laurie <[email protected]>

SEE ALSO

IPMItool Homepage

http://ipmitool.sourceforge.net

Intelligent Platform Management Interface Specification

http://www.intel.com/design/servers/ipmi

OpenIPMI Homepage

http://openipmi.sourceforge.net

NEWS CONTENTS

• 201014 : IPMItool ( IPMItool, )
• 201014 : ipmitool Cheatsheet and Configuring DRAC from ipmitool ( ipmitool Cheatsheet and Configuring DRAC from ipmitool, )

Old News ;-)

IPMItool

May 2, 2013 | nutanix \

to get the current IPaddress:

ESXi#/ipmitool lan print 1

~ # /ipmitool lan print 1| egrep "IP Address|Subnet|Gateway IP|VLAN"

IP Address Source : Static Address

IP Address : 112.18.12.167

Subnet Mask : 255.255.254.0

Default Gateway IP : 112.18.12.1

Backup Gateway IP : 0.0.0.0

802.1q VLAN ID : Disabled

802.1q VLAN Priority : 0

~ # /ipmitool lan set 1 ipsrc static

~ # /ipmitool lan set 1 netmask 255.255.248.0

Setting LAN Subnet Mask to 255.255.248.0

~ # /ipmitool lan set 1 ipaddr 101.23.40.47

~ # /ipmitool lan set 1 defgw ipaddr 101.23.40.1

Locator LED :

/ipmitool chassis identify force

Set the locator LED off

/ipmitool chassis identify 0

Set the locator LED upto 255 seconds

/ipmitool chassis identify 255

SEL events:

/ipmitool sel list

/ipmitool -v sel list ( more verbose)

sensor readings

/ipmitool sensor list

Reset the BMC:

/ipmitool mc reset cold

/ipmitool raw 0x06 0x02

To find the serial number of the system:

/ipmitool fru list

To reset the server

/ipmitool chassis power off/off/cycle/reset

/ipmitool chassis power diag -to send NMI to ESXi(server) - to create purple screen of death or bsod in MS

IPMI policy when the power is restored:

~ # /ipmitool chassis policy

chassis policy <state>

list : return supported policies

always-on : turn on when power is restored

previous : return to previous state when power is restored

always-off : stay off after power is restored

IPMI network connectivity:

ipmitool –H <target node IPMI IP> –U admin –P admin raw 0x0c 0x01 0x01 0xff 0x01 : Dedicate-NIC

ipmitool –H <target node IPMI IP> –U admin –P admin raw 0x0c 0x01 0x01 0xff 0x00 : Shared-NIC

Command change ipmi port from "Dedicated port" to "Shared port"

Remote

#ipmitool –H <target node ipmi IP> –U admin –P admin raw 0x0c 0x01 0x01 0xff 0 0 00

IPMI Power supply commands

/ipmitool -v sdr type "Power Supply"

~ # /ipmitool raw 0x06 0x52 0x07 0x70 0x01 0x0c - top power supply good

01

~ # /ipmitool raw 0x06 0x52 0x07 0x72 0x01 0x0c -bottom power supply bad.

00

ipmitool Cheatsheet and Configuring DRAC from ipmitool

1) List of helpful ipmitool commands:

• Check BMC Firmware Revision:

#ipmitool -I open bmc info | grep -A3 "Firmware Revision"

• Check SEL log:

#ipmitool sel

• List SEL log:

#ipmitool sel list

• Check which node you are in [For Dell Cloud edge]:

#ipmitool raw 0x34 0x11

• Reset BMC/DRAC to default:

#ipmitool mc reset cold

2) Configure DRAC from ipmitool

• Set BMC/DRAC static IP

#ipmitool lan set 1 ipsrc static

• Set BMC/DRAC IP Address

#ipmitool lan set 1 ipaddr <ip add of bmc>

• Set BMC/DRAC Subnet Mask

#ipmitool lan set 1 netmask <netmask addr>

• Set BMC/DRAC Default Gateway

#ipmitool lan set 1 defgw ipaddr <ip add>

• Change the NIC settings to dedicated

#ipmitool raw 0x30 0x24 2

• Change the NIC settings to shared

#ipmitool raw 0x30 0x24 0

• Check the NIC settings

#ipmitool raw 0x30 0x25

[Output of 00 means shared and 02 means dedicated]

• Restart the BMC/DRAC

#ipmitool mc reset warm

Recommended Links

ipmitool(1) - Linux man page

DRAC reset

nutanix IPMItool

ipmitool Cheatsheet and Configuring DRAC from ipmitool

• copy at IPMI & IPMItool Cheatsheet - Gagan oN D nEt

Manage ILO with ipmitool The adventures of MykoSpark!

Etc

Society

Groupthink : Two Party System as Polyarchy : Corruption of Regulators : Bureaucracies : Understanding Micromanagers and Control Freaks : Toxic Managers :   Harvard Mafia : Diplomatic Communication : Surviving a Bad Performance Review : Insufficient Retirement Funds as Immanent Problem of Neoliberal Regime : PseudoScience : Who Rules America : Neoliberalism  : The Iron Law of Oligarchy : Libertarian Philosophy

Quotes

War and Peace : Skeptical Finance : John Kenneth Galbraith :Talleyrand : Oscar Wilde : Otto Von Bismarck : Keynes : George Carlin : Skeptics : Propaganda  : SE quotes : Language Design and Programming Quotes : Random IT-related quotes :  Somerset Maugham : Marcus Aurelius : Kurt Vonnegut : Eric Hoffer : Winston Churchill : Napoleon Bonaparte : Ambrose Bierce :  Bernard Shaw : Mark Twain Quotes

Bulletin:

Vol 25, No.12 (December, 2013) Rational Fools vs. Efficient Crooks The efficient markets hypothesis : Political Skeptic Bulletin, 2013 : Unemployment Bulletin, 2010 :  Vol 23, No.10 (October, 2011) An observation about corporate security departments : Slightly Skeptical Euromaydan Chronicles, June 2014 : Greenspan legacy bulletin, 2008 : Vol 25, No.10 (October, 2013) Cryptolocker Trojan (Win32/Crilock.A) : Vol 25, No.08 (August, 2013) Cloud providers as intelligence collection hubs : Financial Humor Bulletin, 2010 : Inequality Bulletin, 2009 : Financial Humor Bulletin, 2008 : Copyleft Problems Bulletin, 2004 : Financial Humor Bulletin, 2011 : Energy Bulletin, 2010 : Malware Protection Bulletin, 2010 : Vol 26, No.1 (January, 2013) Object-Oriented Cult : Political Skeptic Bulletin, 2011 : Vol 23, No.11 (November, 2011) Softpanorama classification of sysadmin horror stories : Vol 25, No.05 (May, 2013) Corporate bullshit as a communication method  : Vol 25, No.06 (June, 2013) A Note on the Relationship of Brooks Law and Conway Law

History:

Fifty glorious years (1950-2000): the triumph of the US computer engineering : Donald Knuth : TAoCP and its Influence of Computer Science : Richard Stallman : Linus Torvalds  : Larry Wall  : John K. Ousterhout : CTSS : Multix OS Unix History : Unix shell history : VI editor : History of pipes concept : Solaris : MS DOS :  Programming Languages History : PL/1 : Simula 67 : C : History of GCC development :  Scripting Languages : Perl history   : OS History : Mail : DNS : SSH : CPU Instruction Sets : SPARC systems 1987-2006 : Norton Commander : Norton Utilities : Norton Ghost : Frontpage history : Malware Defense History : GNU Screen : OSS early history

Classic books:

The Peter Principle : Parkinson Law : 1984 : The Mythical Man-Month :  How to Solve It by George Polya : The Art of Computer Programming : The Elements of Programming Style : The Unix Hater’s Handbook : The Jargon file : The True Believer : Programming Pearls : The Good Soldier Svejk : The Power Elite

Most popular humor pages:

Manifest of the Softpanorama IT Slacker Society : Ten Commandments of the IT Slackers Society : Computer Humor Collection : BSD Logo Story : The Cuckoo's Egg : IT Slang : C++ Humor : ARE YOU A BBS ADDICT? : The Perl Purity Test : Object oriented programmers of all nations : Financial Humor : Financial Humor Bulletin, 2008 : Financial Humor Bulletin, 2010 : The Most Comprehensive Collection of Editor-related Humor : Programming Language Humor : Goldman Sachs related humor : Greenspan humor : C Humor : Scripting Humor : Real Programmers Humor : Web Humor : GPL-related Humor : OFM Humor : Politically Incorrect Humor : IDS Humor : "Linux Sucks" Humor : Russian Musical Humor : Best Russian Programmer Humor : Microsoft plans to buy Catholic Church : Richard Stallman Related Humor : Admin Humor : Perl-related Humor : Linus Torvalds Related humor : PseudoScience Related Humor : Networking Humor : Shell Humor : Financial Humor Bulletin, 2011 : Financial Humor Bulletin, 2012 : Financial Humor Bulletin, 2013 : Java Humor : Software Engineering Humor : Sun Solaris Related Humor : Education Humor : IBM Humor : Assembler-related Humor : VIM Humor : Computer Viruses Humor : Bright tomorrow is rescheduled to a day after tomorrow : Classic Computer Humor

The Last but not Least Technology is dominated by two types of people: those who understand what they do not manage and those who manage what they do not understand ~Archibald Putt. Ph.D

The statements, views and opinions presented on this web page are those of the author (or referenced source) and are not endorsed by, nor do they necessarily reflect, the opinions of the Softpanorama society. We do not warrant the correctness of the information provided or its fitness for any purpose. The site uses AdSense so you need to be aware of Google privacy policy. You you do not want to be tracked by Google please disable Javascript for this site. This site is perfectly usable without Javascript.

Last modified: March 29, 2020