Configuring Network-Related Settings

This chapter includes the following sections:

Server NIC Configuration

Server NICs

NIC Mode

The NIC mode setting determines which ports can reach the Cisco IMC. The following network mode options are available, depending on your platform:

  • Dedicated—The management port is used to access the Cisco IMC.
  • Shared LOM—Any LOM (LAN On Motherboard) port can be used to access the Cisco IMC.
  • Shared LOM 10G—Any 10G LOM port can be used to access the Cisco IMC. This option is only available for some servers.
  • Cisco Card—Any port on the adapter card can be used to access the Cisco IMC. The Cisco adapter card has to be installed in a slot with Network Communications Services Interface protocol (NCSI) support.
  • Shared LOM Extended—Any LOM port or adapter card port can be used to access the Cisco IMC. The Cisco adapter card has to be installed in a slot with NCSI support.

NIC Redundancy

The following NIC redundancy options are available, depending on the selected NIC mode and your platform:

  • none—Each port associated with the configured NIC mode operates independently. The ports do not fail over if there is a problem.
  • active-active—If supported, all ports associated with the configured NIC mode operate simultaneously. This increases throughput and provides multiple paths to the Cisco IMC.
  • active-standby—If a port associated with the configured NIC mode fails, traffic will fail over to one of the other ports associated with the NIC mode.

    Note

    If you choose this option, make sure that all ports associated with the configured NIC mode are connected to the same subnet to ensure that traffic is secure regardless of which port is used.

The available redundancy modes vary depending on the selected network mode and your platform. For the available modes, see the Hardware Installation Guide (HIG) for the type of server you are using. The C-Series HIGs are available at the following URL: http:/​/​www.cisco.com/​en/​US/​products/​ps10493/​prod_​installation_​guides_​list.html

Configuring Server NICs

Configure a server NIC when you want to set the NIC mode and NIC redundancy.

Before You Begin

You must log in as a user with admin privileges to configure the NIC.

Procedure
Step 1   In the Navigation pane, click the Admin tab.
Step 2   On the Admin tab, click Network.
Step 3   In the Network pane, click the Network Settings tab.
Step 4   In the NIC Properties area, update the following properties:
Name Description Cisco IMC

NIC Mode drop-down list

The ports that can be used to access the Cisco IMC. This can be one of the following:

  • Dedicated—The management port is used to access the Cisco IMC.
  • Shared LOM—Any LOM (LAN On Motherboard) port can be used to access the Cisco IMC.
  • Shared LOM 10G—Any 10G LOM port can be used to access the Cisco IMC. This option is only available for some servers.
  • Cisco Card—Any port on the adapter card can be used to access the Cisco IMC. The Cisco adapter card has to be installed in a slot with Network Communications Services Interface protocol (NCSI) support.
  • Shared LOM Extended—Any LOM port or adapter card port can be used to access the Cisco IMC. The Cisco adapter card has to be installed in a slot with NCSI support.
Note   

If you choose any of the shared LOM options, make sure that all host ports belong to the same subnet.

NIC Redundancy drop-down list

The available NIC redundancy options depend on the selected NIC mode and the model of the server that you are using. If you do not see a particular option, is not available for the selected mode or server model.

This can be one of the following:

  • none—Each port associated with the configured NIC mode operates independently. The ports do not fail over if there is a problem.
  • active-active—If supported, all ports associated with the configured NIC mode operate simultaneously. This increases throughput and provides multiple paths to the Cisco IMC.
  • active-standby—If a port associated with the configured NIC mode fails, traffic will fail over to one of the other ports associated with the NIC mode.
    Note   

    If you choose this option, make sure that all ports associated with the configured NIC mode are connected to the same subnet to ensure that traffic is secure regardless of which port is used.

MAC Address field

The MAC address of the Cisco IMC network interface selected in the NIC Mode field.

Step 5   Click Save Changes.

Common Properties Configuration

Overview to Common Properties Configuration

Hostname

The Dynamic Host Configuration Protocol (DHCP) enhancement is available with the addition of the hostname to the DHCP packet, which can either be interpreted or displayed at the DHCP server side. The hostname is now added in the options field of the DHCP packet, and sent in the DHCP DISCOVER packet which was initially sent to the DHCP server.

The default hostname of the server is changed from ucs-c2XX to CXXX-YYYYYY, where XXX is the model number and YYYYYY is the serial number of the server. This unique string acts as a client identifier, and helps you track and map the IP addresses leased out to the Cisco IMC from the DHCP server. The default serial number is provided by the manufacturer as a sticker or label on the server which helps you physically identify the server.

Dynamic DNS

Dynamic DNS (DDNS) is used to add or update the resource records on DNS server from Cisco IMC. You can enable Dynamic DNS using either web UI or CLI. When you enable DDNS option, the DDNS service records the current hostname, domain name and the management IP and updates the resource records in DNS server from the Cisco IMC.


Note

The DDNS server deletes the prior resource records (if any) and adds the new resource records in DNS server if any one of the following DNS configuration is changed:

  • Hostname
  • Domain name in the LDAP settings
  • When DDNS and DHCP are enabled, if the DHCP gets new IP or DNS IP or domain name due to change in network or a subnet.
  • When DHCP is disabled and if you set the static IP using CLI or web UI.
  • When dns-use-dhcp is enabled.
Dynamic DNS Update Domain— You can specify the domain. The domain could be either main domain or any sub-domain. This domain name will be appended to the hostname of the Cisco IMC for DDNS update.

Configuring Common Properties

Use common properties to describe your server.

Before You Begin

You must log in as a user with admin privileges to configure common properties.

Procedure
Step 1   In the Navigation pane, click the Admin tab.
Step 2   On the Admin tab, click Network.
Step 3   In the Network pane, click the Network Settings tab.
Step 4   In the Common Properties area, update the following properties:
  1. In the Hostname field, enter the name of the host.

    By default, the hostname appears in CXXX-YYYYYY format, where XXX is the model number and YYYYYY is the serial number of the server.

    Note   

    If DHCP is enabled, then the DHCP DISCOVER packet sent out will also carry the Cisco IMC hostname in it.

  2. Check the Dynamic DNS check-box.
  3. In the Dynamic DNS Update Domain field, enter the domain name.
Step 5   Click Save Changes.

Configuring IPv4

Before You Begin

You must log in as a user with admin privileges to configure IPv4.

Procedure
Step 1   In the Navigation pane, click the Admin tab.
Step 2   On the Admin tab, click Network.
Step 3   In the Network pane, click the Network Settings tab.
Step 4   In the IPv4 Properties area, update the following properties:
Name Description

Enable IPv4 check box

If checked, IPv4 is enabled.

Use DHCP check box

If checked, the Cisco IMC uses DHCP.

IP Address field

The IP address for the Cisco IMC.

Subnet Mask field

The subnet mask for the IP address.

Gateway field

The gateway for the IP address.

Obtain DNS Server Addresses from DHCP check box

If checked, the Cisco IMC retrieves the DNS server addresses from DHCP.

Preferred DNS Server field

The IP address of the primary DNS server.

Alternate DNS Server field

The IP address of the secondary DNS server.

Step 5   Click Save Changes.

Configuring IPv6

Before You Begin

You must log in as a user with admin privileges to configure IPv6.

Procedure
Step 1   In the Navigation pane, click the Admin tab.
Step 2   On the Admin tab, click Network.
Step 3   In the Network pane, click the Network Settings tab.
Step 4   In the IPv6 Properties area, update the following properties:
Name Description

Enable IPv6 check box

If checked, IPv6 is enabled.

Use DHCP check box

If checked, the Cisco IMC uses DHCP.

Note   

Only stateful DHCP is supported.

IP Address field

The IPv6 address for the Cisco IMC.

Note   

Only global unicast addresses are supported.

Prefix Length field

The prefix length for the IPv6 address. Enter a value within the range 1 to 127. The default value is 64.

Gateway field

The gateway for the IPv6 address.

Note   

Only global unicast addresses are supported.

Obtain DNS Server Addresses from DHCP check box

If checked, the Cisco IMC retrieves the DNS server addresses from DHCP.

Note   

You can use this option only when the Use DHCP option is enabled.

Preferred DNS Server field

The IPv6 address of the primary DNS server.

Alternate DNS Server field

The IPv6 address of the secondary DNS server.

Link Local Address field

The link local address for the IPv6 address.

Step 5   Click Save Changes.

Connecting to a VLAN

Before You Begin

You must be logged in as admin to connect to a VLAN.

Procedure
Step 1   In the Navigation pane, click the Admin tab.
Step 2   On the Admin tab, click Network.
Step 3   In the Network pane, click the Network Settings tab.
Step 4   In the VLAN Properties area, update the following properties:
Name Description

Enable VLAN check box

If checked, the Cisco IMC is connected to a virtual LAN.

Note   

You can configure a VLAN or a port profile, but you cannot use both. If you want to use a port profile, make sure this check box is not checked.

VLAN ID field

The VLAN ID.

Priority field

The priority of this system on the VLAN.

Step 5   Click Save Changes.

Connecting to a Port Profile


Note

You can configure a port profile or a VLAN, but you cannot use both. If you want to use a port profile, make sure the Enable VLAN check box in the VLAN Properties area is not checked.
Before You Begin

You must be logged in as admin to connect to a port profile.

Procedure
Step 1   In the Navigation pane, click the Admin tab.
Step 2   On the Admin tab, click Network.
Step 3   In the Network pane, click the Network Settings tab.
Step 4   In the Port Profile area, update the following properties:
Name Description

Port Profile field

The port profile that Cisco IMC uses to configure the management interface, the virtual Ethernet, and the VIF on supported adapter cards such as the Cisco UCS VIC1225 Virtual Interface Card.

Enter up to 80 alphanumeric characters. You cannot use spaces or other special characters except for - (hyphen) and _ (underscore). In addition, the port profile name cannot begin with a hyphen.

Note   

The port profile must be defined on the switch to which this server is connected.

Step 5   Click Save Changes.

Configuring Interface Properties

Overview to Network Interface Configuration

This support is added to configure network speed and duplex mode for the Cisco IMC management port. Auto negotiate mode and duplex mode can be set for dedicated mode only. When auto negotiate mode is enabled the settings for duplex is ignored by the system and the network speed is set to either 1000 Mbps or 100 Mbps as per the speed configured on the switch. When auto negotiate mode is disabled, you can set the duplex to either Full or Half, a default speed of 100 Mbps is set, and the duplex retains its previous value.

When you reset Cisco IMC to factory defaults, Shared LOM Extended mode is configured to Full duplex mode with 100 Mbps speed, and auto negotiate mode is disabled. You can enable auto negotiate mode when you change the settings to Dedicated mode.

Configuring Interface Properties

The settings on the switch must match with the Cisco IMC settings to avoid any speed or duplex mismatch.

Procedure
Step 1   Log in to Cisco IMC Web UI.
Step 2   In the Navigation pane, click the Admin tab.
Step 3   On the Admin tab, click Network.
Step 4   In the Network pane, click the Network Settings tab.
Step 5   In the NIC Properties area, select Dedicated mode from the NIC Mode drop down list. NIC mode must be in dedicated to set any network configuration like net speed and duplex.
Step 6   In the Port Properties area:
  • If you check the Auto Negotiate check box, the setting for duplex will be ignored by the system. The Cisco IMC retains the speed at which the switch is configured.
  • If you uncheck the Auto Negotiate check box, you can set duplex. Else, a default speed of 100 Mbps will be applied, and duplex will retain its previous value.
By default, the duplex mode is set to Full.
Step 7   Click Save Changes.

Network Security Configuration

Network Security

The Cisco IMC uses IP blocking as network security. IP blocking prevents the connection between a server or website and certain IP addresses or ranges of addresses. IP blocking effectively bans undesired connections from those computers to a website, mail server, or other Internet servers.

IP banning is commonly used to protect against denial of service (DoS) attacks. Cisco IMC bans IP addresses by setting up an IP blocking fail count.

Configuring Network Security

Configure network security if you want to set up an IP blocking fail count.

Before You Begin

You must log in as a user with admin privileges to configure network security.

Procedure
Step 1   In the Navigation pane, click the Admin tab.
Step 2   On the Admin tab, click Network.
Step 3   In the Network pane, click the Network Security tab.
Step 4   In the IP Blocking Properties area, update the following properties:
Name Description

Enable IP Blocking check box

Check this box to enable IP blocking.

IP Blocking Fail Count field

The number of times a user can attempt to log in unsuccessfully before the system locks that user out for a specified length of time.

The number of unsuccessful login attempts must occur within the time frame specified in the IP Blocking Fail Window field.

Enter an integer between 3 and 10.

IP Blocking Fail Window field

The length of time, in seconds, in which the unsuccessful login attempts must occur in order for the user to be locked out.

Enter an integer between 60 and 120.

IP Blocking Penalty Time field

The number of seconds the user remains locked out if they exceed the maximum number of login attempts within the specified time window.

Enter an integer between 300 and 900.
Step 5   Click Save Changes.

Network Time Protocol Settings

Network Time Protocol Service Setting

By default, when Cisco IMC is reset, it synchronizes the time with the host. With the introduction of the NTP service, you can configure Cisco IMC to synchronize the time with an NTP server. The NTP server does not run in Cisco IMC by default. You must enable and configure the NTP service by specifying the IP/DNS address of at least one server or a maximum of four servers that function as NTP servers or time source servers. When you enable the NTP service, Cisco IMC synchronizes the time with the configured NTP server. The NTP service can be modified only through Cisco IMC.


Note

To enable the NTP service, it is preferable to specify the IP address of a server rather than the DNS address.

Configuring Network Time Protocol Settings

Configuring NTP disables the IPMI Set SEL time command.

Before You Begin

You must log in with admin privileges to perform this task.

Procedure
Step 1   In the Navigation pane, click the Admin tab.
Step 2   On the Admin tab, click Network.
Step 3   In the Network pane, click the NTP Settings tab.
Step 4   In the NTP Settings area, update the following properties:
Name Description

Enable NTP

Check this box to enable the NTP service.

Server 1

The IP/DNS address of one of the four servers that act as an NTP server or the time source server.

Server 2

The IP/DNS address of one of the four servers that act as an NTP server or the time source server.

Server 3

The IP/DNS address of one of the four servers that act as an NTP server or the time source server.

Server 4

The IP/DNS address of one of the four servers that act as an NTP server or the time source server.

Step 5   Click Save Changes.

Pinging an IP Address from the Web UI

Effective with this release, you can ping an IP address from the Cisco IMC web UI using a Ping button available on the toolbar. This would help validate the network connectivity to the IP address available in Cisco IMC. You can ping an IPv4, IPv6 or a host IP address using this button.

Before You Begin

You must log in with user or admin privileges to perform this task.

Procedure
Step 1   In the toolbar above the work pane, click the Ping icon.
Step 2   In the Ping Details dialog box, update the following fields:
Name Description

Hostname/IP Address column

Hostname or IP address you want to reach out to.

Number of Retries column

The maximum number of retries allowed to ping the IP address. The default value is 3. The valid range is from 1 to 10.

Timeout column

The maximum response time for a pinging activity. The default value is 10 seconds. The valid range is from 1 to 20 seconds.

Ping Status area

Displays results of the pinging activity.

Step 3   Click Ping.