- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- ProLiant Servers (ML,DL,SL)
- >
- iLO discovery
ProLiant Servers (ML,DL,SL)
1753523
Members
7828
Online
108795
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-14-2007 07:43 PM
тАО01-14-2007 07:43 PM
Hi,
I was just wondering if there are any standard approaches of doing iLO discovery.
Some times I saw people doing manual discovery, involving user input of
information and stuff like that, which could be erroneous. I am looking for
a standard approach, something like an SNMP discovery, where the manager
discovers SNMP devices (even if the exact IP address not known, using ping
sweep, seed IP etc)
I am interested in getting only minimal information from the iLO like its IP
address, it's server identity say for exampl MAC addresses, server IP etc.
Also, lets assume that the iLO is setup with static IP addresses. I know
something can be done, if the ILO is setup with DHCP, then the DHCP server can
tweak to get some information out of iLO.
Appreciate your inputs on this.
Thanks
Tejo
I was just wondering if there are any standard approaches of doing iLO discovery.
Some times I saw people doing manual discovery, involving user input of
information and stuff like that, which could be erroneous. I am looking for
a standard approach, something like an SNMP discovery, where the manager
discovers SNMP devices (even if the exact IP address not known, using ping
sweep, seed IP etc)
I am interested in getting only minimal information from the iLO like its IP
address, it's server identity say for exampl MAC addresses, server IP etc.
Also, lets assume that the iLO is setup with static IP addresses. I know
something can be done, if the ILO is setup with DHCP, then the DHCP server can
tweak to get some information out of iLO.
Appreciate your inputs on this.
Thanks
Tejo
Solved! Go to Solution.
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-15-2007 03:03 AM
тАО01-15-2007 03:03 AM
Solution
Hi Tejo,
You could look at using a tool such as nmap from http://www.insecure.org to scan your network.
This will allow you to scan network segments quickly and can identify the services on the devices that it finds.
For example you could scan a whole subnet with a command such as:
# nmap -v -A 192.168.0.0/24
Running it against a machine which I know has an iLO card on it gives me this output:
# nmap -A 192.168.0.1
Starting Nmap 4.03 ( http://www.insecure.org/nmap/ ) at 2007-01-15 15:57 GMT
Interesting ports on iloabcdefghij.domain.com (192.168.0.1):
(The 1671 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE VERSION
22/tcp open ssh mpSSH 0.0.1 (protocol 2.0)
80/tcp open http Compaq Integrated Lights-Out http config
443/tcp open ssl OpenSSL
Device type: remote management
Running: HP embedded
OS details: HP Integrated Lights Out remote configuration Board
Service Info: Device: remote management
Nmap finished: 1 IP address (1 host up) scanned in 12.292 seconds
If you're looking to automate something, then the output from nmap can also be redirected into various file formats which can then be searched easily.
Hope this helps,
Regards,
Rob
You could look at using a tool such as nmap from http://www.insecure.org to scan your network.
This will allow you to scan network segments quickly and can identify the services on the devices that it finds.
For example you could scan a whole subnet with a command such as:
# nmap -v -A 192.168.0.0/24
Running it against a machine which I know has an iLO card on it gives me this output:
# nmap -A 192.168.0.1
Starting Nmap 4.03 ( http://www.insecure.org/nmap/ ) at 2007-01-15 15:57 GMT
Interesting ports on iloabcdefghij.domain.com (192.168.0.1):
(The 1671 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE VERSION
22/tcp open ssh mpSSH 0.0.1 (protocol 2.0)
80/tcp open http Compaq Integrated Lights-Out http config
443/tcp open ssl OpenSSL
Device type: remote management
Running: HP embedded
OS details: HP Integrated Lights Out remote configuration Board
Service Info: Device: remote management
Nmap finished: 1 IP address (1 host up) scanned in 12.292 seconds
If you're looking to automate something, then the output from nmap can also be redirected into various file formats which can then be searched easily.
Hope this helps,
Regards,
Rob
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-15-2007 11:56 AM
тАО01-15-2007 11:56 AM
Re: iLO discovery
Hi Rob,
Appreciate the detailed response and including the actual command and output.
1)
Yes, this seems to solve the problem.
Just curious, is "nmap" an acceptable application to use in a production
network (due to security/whatever reasons). I see that "nmap" now
comes with most Linux distributions and also observed "nmap" being used as
a diagnostic/security analysis tool. Just curious, if no such issues I would
like to move ahead with "nmap"
Also, I assume that lights out mgmt boards from other vendors will also give
some such sort of output, so that we can categorize appropriately.
I haven't tried with other vendors, but will be trying soon.
2)
My other important concern is to get some information in the discovery process,
which will identify the server to which the iLO is associated. For example, mac
address, IP address or something of the server.
I agree "nmap" itself will not help in getting such kind of Info.
I am looking at any CLI commands, SNMP variable information, whatever that will
help in making an association between the iLO and the Server.
Lets say we have discovered an iLO with iP1, whose server has a nic1 with mac
address m1. Is it anyway possible to determine that this iLO (with ip1) is on
server with m1.
I hope it is clear. This will help in server management using the iLO commands.
Appreciate your time on this
Thanks
Tejo
Appreciate the detailed response and including the actual command and output.
1)
Yes, this seems to solve the problem.
Just curious, is "nmap" an acceptable application to use in a production
network (due to security/whatever reasons). I see that "nmap" now
comes with most Linux distributions and also observed "nmap" being used as
a diagnostic/security analysis tool. Just curious, if no such issues I would
like to move ahead with "nmap"
Also, I assume that lights out mgmt boards from other vendors will also give
some such sort of output, so that we can categorize appropriately.
I haven't tried with other vendors, but will be trying soon.
2)
My other important concern is to get some information in the discovery process,
which will identify the server to which the iLO is associated. For example, mac
address, IP address or something of the server.
I agree "nmap" itself will not help in getting such kind of Info.
I am looking at any CLI commands, SNMP variable information, whatever that will
help in making an association between the iLO and the Server.
Lets say we have discovered an iLO with iP1, whose server has a nic1 with mac
address m1. Is it anyway possible to determine that this iLO (with ip1) is on
server with m1.
I hope it is clear. This will help in server management using the iLO commands.
Appreciate your time on this
Thanks
Tejo
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-15-2007 09:13 PM
тАО01-15-2007 09:13 PM
Re: iLO discovery
Hi Tejo,
To answer your questions...
1) I would feel fine using nmap in production environments. As you say, the fact that it is now included in many Linux distros adds to its credibility.
To quote the man page: "While Nmap is commonly used for security audits, many systems and network administrators find it useful for routine tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime."
I suspect some security departments may be wary due to the software's potential use as a hacking tool. However a fundamental aspect of security is to understand those tools which hackers are using against you. nmap is likely to be being used against your public facing hosts every minute of every day. Your much better identifying problems yourself before any bad guys do...
If you are paranoid, you could ensure that all of your iLO cards are on a separate network or VLAN. I tend to do this anyway to keep things neat. For example I know that any devices starting 192.168.3.x are on my management VLAN...
2) The server name is normally reported when you first connect to the iLO CLI:
User:Administrator logged-in to ILOABCDEFGHIJ.domain.com(192.168.0.1)
iLO 1.84 pass9 at 14:48:45 May 05 2006
Server Name: SERVER01
Server Power: Off
hpiLO->
However you need to have loaded the OS iLO agents on the server to get this information - which are included in the ProLiant Support Pack.
On a machine without the PSP installed, you get:
Server Name: host is unnamed
You could also look further into using some of the DMTF SMASH CLP Commands.
For example you can get the server name (serial number) like this...:
hpiLO->
hpiLO-> cd system1
status=0
status_tag=COMMAND COMPLETED
/system1
hpiLO-> show
status=0
status_tag=COMMAND COMPLETED
/system1
Targets
firmware
bootconfig1
log1
led1
console1
oemhp_vsp1
cpu1
cpu2
memory1
memory2
memory3
memory4
slot1
slot2
powerreg_data
Properties
name=ProLiant DL360 G3
number=K02NMHQ44U
enabledstate=enabled
oemhp_powerreg=auto
Verbs
cd version exit show reset start stop
hpiLO->
Hope this helps,
Regards,
Rob
To answer your questions...
1) I would feel fine using nmap in production environments. As you say, the fact that it is now included in many Linux distros adds to its credibility.
To quote the man page: "While Nmap is commonly used for security audits, many systems and network administrators find it useful for routine tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime."
I suspect some security departments may be wary due to the software's potential use as a hacking tool. However a fundamental aspect of security is to understand those tools which hackers are using against you. nmap is likely to be being used against your public facing hosts every minute of every day. Your much better identifying problems yourself before any bad guys do...
If you are paranoid, you could ensure that all of your iLO cards are on a separate network or VLAN. I tend to do this anyway to keep things neat. For example I know that any devices starting 192.168.3.x are on my management VLAN...
2) The server name is normally reported when you first connect to the iLO CLI:
User:Administrator logged-in to ILOABCDEFGHIJ.domain.com(192.168.0.1)
iLO 1.84 pass9 at 14:48:45 May 05 2006
Server Name: SERVER01
Server Power: Off
hpiLO->
However you need to have loaded the OS iLO agents on the server to get this information - which are included in the ProLiant Support Pack.
On a machine without the PSP installed, you get:
Server Name: host is unnamed
You could also look further into using some of the DMTF SMASH CLP Commands.
For example you can get the server name (serial number) like this...:
hpiLO->
hpiLO-> cd system1
status=0
status_tag=COMMAND COMPLETED
/system1
hpiLO-> show
status=0
status_tag=COMMAND COMPLETED
/system1
Targets
firmware
bootconfig1
log1
led1
console1
oemhp_vsp1
cpu1
cpu2
memory1
memory2
memory3
memory4
slot1
slot2
powerreg_data
Properties
name=ProLiant DL360 G3
number=K02NMHQ44U
enabledstate=enabled
oemhp_powerreg=auto
Verbs
cd version exit show reset start stop
hpiLO->
Hope this helps,
Regards,
Rob
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP