HPE Community
ProLiant Servers (ML,DL,SL)
1767465 Members
4232 Online
108962 Solutions
New Discussion юеВ

ILO 5 TCP Socket limitation

 
RalphOV
Occasional Contributor

тАО04-23-2024 06:49 AM - last edited on тАО05-08-2024 04:03 AM by

тАО04-23-2024 06:49 AM - last edited on тАО05-08-2024 04:03 AM by

ILO 5 TCP Socket limitation

Hi,
I have an issue where my ILO keeps losing connection randomely, After troubleshooting with HPE the problem came from my enterprise security scanner.
HPE told me the limitation is around 200, more and glitches and disconnection will occur, when that happens we get alerts.

Since the security team wonтАЩt budge to help, I'm looking for a workaround.
Is there a way to increase that limit or to force close the open port or better yet, is there a way to schedule a reboot of an ILO?

Thank you,

0 Kudos
Reply
7 REPLIES 7
support_s
System Recommended

тАО04-23-2024 07:50 AM

тАО04-23-2024 07:50 AM

Query: ILO 5 TCP Socket limitation

System recommended content:

1. HPE iLO 5 Troubleshooting Guide | iLO TCP/IP communication fails

2. HPE iLO 6 Troubleshooting Guide | iLO TCP/IP communication fails

 

Please click on "Thumbs Up/Kudo" icon to give a "Kudo".

 

Thank you for being a HPE valuable community member.


Accept or Kudo

0 Kudos
Reply
BunnyPon
Frequent Advisor

тАО04-25-2024 02:15 AM

тАО04-25-2024 02:15 AM

Re: Query: ILO 5 TCP Socket limitation

I am sorry, that answer has nothing what so ever to do with his problem.

I can't Cat Today.
0 Kudos
Reply
Rama2
HPE Pro

тАО05-05-2024 08:04 PM

тАО05-05-2024 08:04 PM

Re: Query: ILO 5 TCP Socket limitation

Since ILO keeps losing connection randomly. Need to know what limitation you are referring to as '200'. Since it's specific to the environment, we need to conduct extensive analysis. Hence, I recommend you to raise a support ticket with HPE.


I'm an HPE employee.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo
0 Kudos
Reply
RalphOV
Occasional Contributor

тАО05-06-2024 06:19 AM

тАО05-06-2024 06:19 AM

Re: Query: ILO 5 TCP Socket limitation

Hi,
I did open a ticket, that's why I know about the limitation.. ILO 5 have a limitation of 200 tcp socket, passed that threshold random disconect can and will appen.
Since HPE pointed the problem to our security scan they close the case and my security team won't budge, that's why i'm looking for a workaround here.

Thank you,

0 Kudos
Reply
BunnyPon
Frequent Advisor

тАО05-06-2024 08:12 AM

тАО05-06-2024 08:12 AM

Re: Query: ILO 5 TCP Socket limitation

At this point, to use the technical term, you are screwed.

Choices are, firewall out your security wonks,  everytime something breaks because of them open a trouble ticket until they get so upset at your wasting their time they do something, go over their heads to management and point out they are breaking stuff, considering alternative employment may not be possible.

ILO5 is only this cute toy chip on the M/B, I'm impressed it can cope with 200 at all, especially if it's that redfish rubbish.

What are they doing, port scanning? You might be able to change the ports, or add a static route to make them unable to connect. \\^^// (May not be recommended if management don't love you to bits.)

I can't Cat Today.
0 Kudos
Reply
Rama2
HPE Pro

тАО05-06-2024 06:08 PM

тАО05-06-2024 06:08 PM

Re: Query: ILO 5 TCP Socket limitation

The TCP sockets limitation refers to the maximum number of concurrent TCP connections that a system can handle.

The limitation you mentioned about TCP sockets is as per design. ILO seems to have been reached because of security scans in the environment being run against the iLO's.

No possible workaround available from the ILO side. Maybe you can try to slow the scan down so that the number of sockets is not exceeded





I'm an HPE employee.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Accept or Kudo
Reply
RalphOV
Occasional Contributor

тАО05-07-2024 09:03 AM

тАО05-07-2024 09:03 AM

Re: Query: ILO 5 TCP Socket limitation

Not easy to go over the security teams nowadays, they are God likes in our company since it's a financial institute.
That is why I was first looking for a work around here, either a way to increase the limitation or a way to schedule reboot the ILO once a week.

But there are not options for scheduling periodique reboot of an ILO, but maybe someone has a workaround to schedule the reboot.

It would be a practical feature and can't be that hard to implement.

 

 

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.