freeipmi-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Freeipmi-devel] BMC and RSH/NIS conflict

From: Albert Chu
Subject: Re: [Freeipmi-devel] BMC and RSH/NIS conflict
Date: Fri, 30 Apr 2004 09:36:07 -0700 
This may not be feasible for most institutions, but at LLNL, we gave the
BMCs a different IP address than the NIC.  Solves the problem AB
mentions plus a handful of setup/management annoyances.

Al

--
Albert Chu
address@hidden
Lawrence Livermore National Laboratory

----- Original Message -----
From: Anand Babu <address@hidden>
Date: Thursday, April 29, 2004 4:02 pm
Subject: [Freeipmi-devel] BMC and RSH/NIS conflict

> Remote-shell (rsh) and NIS connections to user-datagram-protocol (UDP)
> port 623 and 664 will time out on the network interface used by the
> BMC if LAN management is enabled on that interface.
> 
> To avoid timeouts, configure your services to block the use of UDP
> ports 623 and 664, or use an alternate network interface for that
> traffic.
> 
> Secure connections to BMC port 664 is not enabled on most BMC
> implementations by default.
> 
> Thanks to Anand Manian (GE Power Systems) for reporting this problem.
> =====================================================================
> Solution: RESERVE RMCP PORTS THROUGH INETD
> Some one please try this solution and report its correctness or
> recommend a better solution:
> 
> Under Debian GNU/Linux:
> 
> Append the following to /etc/services:
> # BMC IPMI/RMCP services
> rmcp    623/udp         # Aux Bus Shunt (Primary RMCP Port)
> rmcp    623/tcp         # Aux Bus Shunt (Primary RMCP Port)
> rmcps   664/udp         # Secure Aux Bus (Secondary RMCP Port)
> rmcps   664/tcp         # Secure Aux Bus (Secondary RMCP Port)
> 
> Append the following to /etc/inetd.conf
> # BMC IPMI/RMCP services
> rmcp    dgram   udp     wait    root    /bin/true
> rmcp    stream  tcp     nowait  root    /bin/true
> rmcps   dgram   udp     wait    root    /bin/true
> rmcps   stream  tcp     nowait  root    /bin/true
> =====================================================================
> 
> Redhat GNU/Linux users may have to configure xinetd service instead.
> 
> -- 
> Anand Babu
> Free as in Freedom <www.gnu.org>
> 
> 
> _______________________________________________
> Freeipmi-devel mailing list
> address@hidden
> http://mail.nongnu.org/mailman/listinfo/freeipmi-devel
>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]