CLI Configuration Guide for Cisco UCS E-Series Servers, Release 2.x
Configuring Network-Related Settings
Downloads: This chapterpdf (PDF - 1.31MB) The complete bookPDF (PDF - 3.57MB) | The complete bookePub (ePub - 491.0KB) | Feedback

Configuring Network-Related Settings

Configuring Network-Related Settings

This chapter includes the following sections:

CIMC NIC Configuration

CIMC NICs

Two NIC modes are available for connection to the CIMC.

NIC Mode

The CIMC network settings determine which ports can reach the CIMC. The following network mode options are available, depending on your platform:

  • Dedicated—A connection to the CIMC is available through the management Ethernet port or ports.
  • Shared LOM—A connection to the CIMC is available through the LAN On Motherboard (LOM) Ethernet host ports and through the router's PCIe and MGF interfaces.

    Note


    In shared LOM mode, all host ports must belong to the same subnet.

NIC Redundancy for E-Series Servers

The CIMC network redundancy settings determine how NIC redundancy is handled:

  • None—Redundancy is not available.
  • Active-Standby—One port fails over to the other.

The available redundancy modes vary depending on the selected network mode and your platform.

Configuring CIMC NICs

Use this procedure to set the NIC mode and NIC redundancy.

Before You Begin

You must log in as a user with admin privileges to configure the NIC.

Procedure
     Command or ActionPurpose
    Step 1Server# scope cimc  

    Enters CIMC command mode.

     
    Step 2Server /cimc # scope network  

    Enters CIMC network command mode.

     
    Step 3Server /cimc/network # set mode {dedicated | shared_lom}  

    Sets the NIC mode to one of the following:

    • dedicated—The management Ethernet port is used to access the CIMC.
    • shared LOM mode—The LAN On Motherboard (LOM) Ethernet host ports are used to access the CIMC.
      Note   

      In shared LOM mode, all host ports must belong to the same subnet.

     
    Step 4Server /cimc/network # set redundancy {none | active-standby}  

    Sets the NIC redundancy mode, which can be one of the following:

    • none—The LOM Ethernet ports operate independently and do not fail over if there is a problem.
    • active-standby—If one LOM Ethernet port fails, traffic fails over to another LOM port.
     
    Step 5Server /cimc/network # set interface {console | ge1}  

    Sets the NIC interface to one of the following:

    • console—Internal interface, which is used to connect the router’s PCIe interface to the E-Series Server .
    • ge1—Internal interface, which is used to access the CIMC over a high-speed backplane switch.
     
    Step 6Server /cimc/network # commit  

    Commits the transaction to the system configuration.

    Note   

    The available NIC mode and NIC redundancy mode options may vary depending on your platform. If you select a mode not supported by your server, an error message displays when you save your changes.

     

    This example configures the CIMC network interface:

    Server# scope cimc
    Server /cimc # scope network
    Server /cimc/network # set mode shared_lom
    Server /cimc/network *# commit
    Server /cimc/network # 
            
    

    Configuring Common Properties

    Use common properties to describe your server.

    Before You Begin

    You must log in as a user with admin privileges to configure common properties.

    Procedure
       Command or ActionPurpose
      Step 1Server# scope cimc  

      Enters CIMC command mode.

       
      Step 2Server /cimc # scope network  

      Enters CIMC network command mode.

       
      Step 3Server /cimc/network # set hostname host-name  

      Specifies the name of the host.

       
      Step 4Server /cimc/network # commit  

      Commits the transaction to the system configuration.

       

      This example configures the common properties:

      Server# scope cimc
      Server /cimc # scope network
      Server /cimc/network # set hostname Server
      Server /cimc/network *# commit
      Server /cimc/network #   
            
      

      Configuring IPv4

      Before You Begin

      You must log in as a user with admin privileges to configure IPv4 network settings.

      Procedure
         Command or ActionPurpose
        Step 1Server# scope cimc  

        Enters CIMC command mode.

         
        Step 2Server /cimc # scope network  

        Enters CIMC network command mode.

         
        Step 3Server /cimc/network # set dhcp-enabled {yes | no}  
        Selects whether the CIMC uses DHCP.
        Note   

        If DHCP is enabled, we recommend that the DHCP server be configured to reserve a single IP address for the CIMC. If the CIMC is reachable through multiple ports on the server, the single IP address must be reserved for the full range of MAC addresses of those ports.

         
        Step 4Server /cimc/network # set v4-addr ipv4-address  

        Specifies the IP address for the CIMC.

         
        Step 5Server /cimc/network # set v4-netmask ipv4-netmask  

        Specifies the subnet mask for the IP address.

         
        Step 6Server /cimc/network # set v4-gateway gateway-ipv4-address  

        Specifies the gateway for the IP address.

         
        Step 7Server /cimc/network # set dns-use-dhcp {yes | no}  

        Selects whether the CIMC retrieves the DNS server addresses from DHCP.

         
        Step 8Server /cimc/network # set preferred-dns-server dns1-ipv4-address  

        Specifies the IP address of the primary DNS server.

         
        Step 9Server /cimc/network # set alternate-dns-server dns2-ipv4-address  

        Specifies the IP address of the secondary DNS server.

         
        Step 10Server /cimc/network # commit  

        Commits the transaction to the system configuration.

         
        Step 11Server /cimc/network # show [detail]  

        (Optional) Displays the IPv4 network settings.

         

        This example configures and displays the IPv4 network settings:

        Server# scope cimc
        Server /cimc # scope network
        Server /cimc/network # set dhcp-enabled no
        Server /cimc/network *# set v4-addr 10.20.30.11
        Server /cimc/network *# set v4-netmask 255.255.248.0
        Server /cimc/network *# set v4-gateway 10.20.30.1
        Server /cimc/network *# set dns-use-dhcp-enabled no
        Server /cimc/network *# set preferred-dns-server 192.168.30.31
        Server /cimc/network *# set alternate-dns-server 192.168.30.32
        Server /cimc/network *# commit
        Server /cimc/network # show detail
        Network Setting:
            IPv4 Address: 10.20.30.11
            IPv4 Netmask: 255.255.248.0
            IPv4 Gateway: 10.20.30.1
            DHCP Enabled: no
            Obtain DNS Server by DHCP: no
            Preferred DNS: 192.168.30.31
            Alternate DNS: 192.168.30.32
            VLAN Enabled: no
            VLAN ID: 1
            VLAN Priority: 0
            Hostname: Server
            MAC Address: 01:23:45:67:89:AB
            NIC Mode: dedicated
            NIC Redundancy: none 
        
        Server /cimc/network #
        

        Configuring the Server VLAN

        Before You Begin

        You must be logged in as admin to configure the server VLAN.

        Procedure
           Command or ActionPurpose
          Step 1Server# scope cimc  

          Enters CIMC command mode.

           
          Step 2Server /cimc # scope network  

          Enters CIMC network command mode.

           
          Step 3Server /cimc/network # set vlan-enabled {yes | no}  

          Selects whether the CIMC is connected to a VLAN.

           
          Step 4Server /cimc/network # set vlan-id id  

          Specifies the VLAN number.

           
          Step 5Server /cimc/network # set vlan-priority priority  

          Specifies the priority of this system on the VLAN.

           
          Step 6Server /cimc/network # commit  

          Commits the transaction to the system configuration.

           
          Step 7Server /cimc/network # show [detail]  

          (Optional) Displays the network settings.

           

          This example configures the server VLAN:

          Server# scope cimc
          Server /cimc # scope network
          Server /cimc/network # set vlan-enabled yes
          Server /cimc/network *# set vlan-id 10
          Server /cimc/network *# set vlan-priority 32
          Server /cimc/network *# commit
          Server /cimc/network # show detail
          Network Setting:
              IPv4 Address: 10.20.30.11
              IPv4 Netmask: 255.255.248.0
              IPv4 Gateway: 10.20.30.1
              DHCP Enabled: yes
              Obtain DNS Server by DHCP: no
              Preferred DNS: 192.168.30.31
              Alternate DNS: 192.168.30.32
              VLAN Enabled: yes
              VLAN ID: 10
              VLAN Priority: 32
              Hostname: Server
              MAC Address: 01:23:45:67:89:AB
              NIC Mode: dedicated
              NIC Redundancy: none      
          
          Server /cimc/network #   
          

          Network Security Configuration

          Network Security

          The CIMC uses IP blocking as network security. IP blocking prevents the connection between a server or website and certain IP addresses or ranges of addresses. IP blocking effectively bans undesired connections from those computers to a website, mail server, or other Internet servers.

          IP banning is commonly used to protect against denial of service (DoS) attacks. The CIMC bans IP addresses by setting up an IP blocking fail count.

          Configuring Network Security

          Configure network security if you want to set up an IP blocking fail count.

          Before You Begin

          You must log in as a user with admin privileges to configure network security.

          Procedure
             Command or ActionPurpose
            Step 1Server# scope cimc  

            Enters CIMC command mode.

             
            Step 2Server /cimc # scope network  

            Enters CIMC network command mode.

             
            Step 3Server /cimc/network # scope ipblocking  

            Enters IP blocking command mode.

             
            Step 4Server /cimc/network/ipblocking # set enabled {yes | no}  

            Enables or disables IP blocking.

             
            Step 5Server /cimc/network/ipblocking # set fail-count fail-count  

            Sets the number of times a user can attempt to log in unsuccessfully before the system locks that user out for a specified length of time.

            The number of unsuccessful login attempts must occur within the time frame specified in the IP Blocking Fail Window field.

            Enter an integer between 3 and 10.

             
            Step 6Server /cimc/network/ipblocking # set fail-window fail-seconds  

            Sets the length of time, in seconds, in which the unsuccessful login attempts must occur in order for the user to be locked out.

            Enter an integer between 60 and 120.

             
            Step 7Server /cimc/network/ipblocking # set penalty-time penalty-seconds  

            Sets the number of seconds the user remains locked out if they exceed the maximum number of login attempts within the specified time window.

            Enter an integer between 300 and 900.

             
            Step 8Server /cimc/network/ipblocking # commit  

            Commits the transaction to the system configuration.

             

            This example configures IP blocking:

            Server# scope cimc
            Server /cimc # scope network
            Server /cimc/network # scope ipblocking
            Server /cimc/network/ipblocking # set enabled yes
            Server /cimc/network/ipblocking *# set fail-count 5
            Server /cimc/network/ipblocking *# set fail-window 90
            Server /cimc/network/ipblocking *# set penalty-time 600
            Server /cimc/network/ipblocking *# commit
            Server /cimc/network/ipblocking #