CLI Configuration Guide for Cisco UCS E-Series Servers Integrated Management Controller, Release 1.0

Book Contents

Find Matches in This Book

Available Languages

Download Options

Book Title

CLI Configuration Guide for Cisco UCS E-Series Servers Integrated Management Controller, Release 1.0

Chapter Title

Configuring Network-Related Settings

PDF - Complete Book (2.15 MB) PDF - This Chapter (492.0 KB)
View with Adobe Reader on a variety of devices

Results

Updated:: February 5, 2018

Chapter: Configuring Network-Related Settings

CIMC NIC Configuration
- CIMC NICs
- Configuring CIMC NICs
Configuring Common Properties
Configuring IPv4
Configuring the Server VLAN
Network Security Configuration
- Network Security
- Configuring Network Security

Configuring Network-Related Settings

This chapter includes the following sections:

CIMC NIC Configuration
Configuring Common Properties
Configuring IPv4
Configuring the Server VLAN
Network Security Configuration

CIMC NIC Configuration

CIMC NICs

Two NIC modes are available for connection to the CIMC.

NIC Mode

The CIMC network settings determine which ports can reach the CIMC. The following network mode options are available, depending on your platform:

Dedicated—A connection to the CIMC is available through the management Ethernet port or ports.
Shared LOM—A connection to the CIMC is available through the LAN On Motherboard (LOM) Ethernet host ports and through the router's PCIe and MGF interfaces.

Note

In shared LOM mode, all host ports must belong to the same subnet.

NIC Redundancy

The CIMC network redundancy settings determine how NIC redundancy is handled:

None—Redundancy is not available.
Active-Standby—One port fails over to the other.

The available redundancy modes vary depending on the selected network mode and your platform.

Configuring CIMC NICs

Use this procedure to set the NIC mode and NIC redundancy.

Before You Begin

You must log in as a user with admin privileges to configure the NIC.

Procedure

Command or Action

Purpose

Step 1

Server# scope cimc

Enters the CIMC command mode.

Step 2

Server /cimc # scope network

Enters the CIMC network command mode.

Step 3

Server /cimc/network # set mode {dedicated | shared_lom}

Sets the NIC mode to one of the following:

Dedicated—The management Ethernet port is used to access the CIMC.

Shared LOM—The LAN On Motherboard (LOM) Ethernet host ports are used to access the CIMC.

Note

If you select Shared LOM, make sure that all host ports belong to the same subnet.

Step 4

Server /cimc/network # set redundancy {none | active-standby}

Sets the NIC redundancy mode when the NIC mode is Shared LOM. The redundancy mode can be one of the following:

none—The LOM Ethernet ports operate independently and do not fail over if there is a problem.
active-standby—If one LOM Ethernet port fails, traffic fails over to another LOM port.

Step 5

Server /cimc/network # set interface {console | ge1 | ge2 | ge3 | ge1-ge2 | ge1-ge3 | ge2-ge3 | ge1-ge2-ge3}

Sets the NIC interface to one of the following:

console—Internal interface, which is used to connect the router’s PCIe interface to the E-Series Server.
ge1—Internal interface, which is used to access CIMC over a high-speed backplane switch.
ge2—External interface, which can be used as a primary interface or as a backup interface.
ge3—External interface, which can be used as a primary interface or as a backup interface.
ge1-ge2—Failover between the GE1 and GE2 interfaces (active-standby only).
ge1-ge3—Failover between the GE1 and GE3 interfaces (active-standby only).
ge2-ge3—Failover between the GE2 and GE3 interfaces (active-standby only).
ge1-ge2-ge3—Failover between the GE1, GE2, and GE3 interfaces (active-standby only).

Note

All interface options that involve the GE3 interface are applicable for double-wide E-Series Servers only.

Step 6

Server /cimc/network # commit

Commits the transaction to the system configuration.

Note

The available NIC mode and NIC redundancy mode options may vary depending on your platform. If you select a mode not supported by your server, an error message displays when you save your changes.

This example configures the CIMC network interface:

Server# scope cimc
Server /cimc # scope network
Server /cimc/network # set mode dedicated
Server /cimc/network *# commit
Server /cimc/network #

Configuring Common Properties

Use common properties to describe your server.

Before You Begin

You must log in as a user with admin privileges to configure common properties.

Procedure

	Command or Action	Purpose
Step 1	Server# scope cimc	Enters the CIMC command mode.
Step 2	Server /cimc # scope network	Enters the CIMC network command mode.
Step 3	Server /cimc/network # set hostname host-name	Specifies the name of the host.
Step 4	Server /cimc/network # commit	Commits the transaction to the system configuration.

This example configures the common properties:

Server# scope cimc
Server /cimc # scope network
Server /cimc/network # set hostname Server
Server /cimc/network *# commit
Server /cimc/network #

Configuring IPv4

Before You Begin

You must log in as a user with admin privileges to configure IPv4 network settings.

Procedure

Command or Action

Purpose

Step 1

Server# scope cimc

Enters the CIMC command mode.

Step 2

Server /cimc # scope network

Enters the CIMC network command mode.

Step 3

Server /cimc/network # set dhcp-enabled {yes | no}

Selects whether the CIMC uses DHCP.

Note

If DHCP is enabled, we recommend that the DHCP server be configured to reserve a single IP address for the CIMC. If the CIMC is reachable through multiple ports on the server, the single IP address must be reserved for the full range of MAC addresses of those ports.

Step 4

Server /cimc/network # set v4-addr ipv4-address

Specifies the IP address for the CIMC.

Step 5

Server /cimc/network # set v4-netmask ipv4-netmask

Specifies the subnet mask for the IP address.

Step 6

Server /cimc/network # set v4-gateway gateway-ipv4-address

Specifies the gateway for the IP address.

Step 7

Server /cimc/network # set dns-use-dhcp {yes | no}

Selects whether the CIMC retrieves the DNS server addresses from DHCP.

Step 8

Server /cimc/network # set preferred-dns-server dns1-ipv4-address

Specifies the IP address of the primary DNS server.

Step 9

Server /cimc/network # set alternate-dns-server dns2-ipv4-address

Specifies the IP address of the secondary DNS server.

Step 10

Server /cimc/network # commit

Commits the transaction to the system configuration.

Step 11

Server /cimc/network # show [detail]

(Optional) Displays the IPv4 network settings.

This example configures and displays the IPv4 network settings:

Server# scope cimc
Server /cimc # scope network
Server /cimc/network # set dhcp-enabled no
Server /cimc/network *# set v4-addr 10.20.30.11
Server /cimc/network *# set v4-netmask 255.255.248.0
Server /cimc/network *# set v4-gateway 10.20.30.1
Server /cimc/network *# set dns-use-dhcp-enabled no
Server /cimc/network *# set preferred-dns-server 192.168.30.31
Server /cimc/network *# set alternate-dns-server 192.168.30.32
Server /cimc/network *# commit
Server /cimc/network # show detail
Network Setting:
    IPv4 Address: 10.20.30.11
    IPv4 Netmask: 255.255.248.0
    IPv4 Gateway: 10.20.30.1
    DHCP Enabled: no
    Obtain DNS Server by DHCP: no
    Preferred DNS: 192.168.30.31
    Alternate DNS: 192.168.30.32
    VLAN Enabled: no
    VLAN ID: 1
    VLAN Priority: 0
    Hostname: Server
    MAC Address: 01:23:45:67:89:AB
    NIC Mode: dedicated
    NIC Redundancy: none 

Server /cimc/network #

Configuring the Server VLAN

Before You Begin

You must be logged in as admin to configure the server VLAN.

Procedure

	Command or Action	Purpose
Step 1	Server# scope cimc	Enters the CIMC command mode.
Step 2	Server /cimc # scope network	Enters the CIMC network command mode.
Step 3	Server /cimc/network # set vlan-enabled {yes \| no}	Selects whether the CIMC is connected to a VLAN.
Step 4	Server /cimc/network # set vlan-id id	Specifies the VLAN number.
Step 5	Server /cimc/network # set vlan-priority priority	Specifies the priority of this system on the VLAN.
Step 6	Server /cimc/network # commit	Commits the transaction to the system configuration.
Step 7	Server /cimc/network # show [detail]	(Optional) Displays the network settings.

This example configures the server VLAN:

Server# scope cimc
Server /cimc # scope network
Server /cimc/network # set vlan-enabled yes
Server /cimc/network *# set vlan-id 10
Server /cimc/network *# set vlan-priority 32
Server /cimc/network *# commit
Server /cimc/network # show detail
Network Setting:
    IPv4 Address: 10.20.30.11
    IPv4 Netmask: 255.255.248.0
    IPv4 Gateway: 10.20.30.1
    DHCP Enabled: yes
    Obtain DNS Server by DHCP: no
    Preferred DNS: 192.168.30.31
    Alternate DNS: 192.168.30.32
    VLAN Enabled: yes
    VLAN ID: 10
    VLAN Priority: 32
    Hostname: Server
    MAC Address: 01:23:45:67:89:AB
    NIC Mode: dedicated
    NIC Redundancy: none      

Server /cimc/network #

Network Security Configuration

Network Security

The CIMC uses IP blocking as network security. IP blocking prevents the connection between a server or website and certain IP addresses or ranges of addresses. IP blocking effectively bans undesired connections from those computers to a website, mail server, or other Internet servers.

IP banning is commonly used to protect against denial of service (DoS) attacks. CIMC bans IP addresses by setting up an IP blocking fail count.

Configuring Network Security

Configure network security if you want to set up an IP blocking fail count.

Before You Begin

You must log in as a user with admin privileges to configure network security.

Procedure

	Command or Action	Purpose
Step 1	Server# scope cimc	Enters the CIMC command mode.
Step 2	Server /cimc # scope network	Enters the CIMC network command mode.
Step 3	Server /cimc/network # scope ipblocking	Enters the IP blocking command mode.
Step 4	Server /cimc/network/ipblocking # set enabled {yes \| no}	Enables or disables IP blocking.
Step 5	Server /cimc/network/ipblocking # set fail-count fail-count	Sets the number of times a user can attempt to log in unsuccessfully before the system locks that user out for a specified length of time. The number of unsuccessful login attempts must occur within the time frame specified in the IP Blocking Fail Window field. Enter an integer between 3 and 10.
Step 6	Server /cimc/network/ipblocking # set fail-window fail-seconds	Sets the length of time, in seconds, in which the unsuccessful login attempts must occur in order for the user to be locked out. Enter an integer between 60 and 120.
Step 7	Server /cimc/network/ipblocking # set penalty-time penalty-seconds	Sets the number of seconds the user remains locked out if they exceed the maximum number of login attempts within the specified time window. Enter an integer between 300 and 900.
Step 8	Server /cimc/network/ipblocking # commit	Commits the transaction to the system configuration.

This example configures IP blocking:

Server# scope cimc
Server /cimc # scope network
Server /cimc/network # scope ipblocking
Server /cimc/network/ipblocking # set enabled yes
Server /cimc/network/ipblocking *# set fail-count 5
Server /cimc/network/ipblocking *# set fail-window 90
Server /cimc/network/ipblocking *# set penalty-time 600
Server /cimc/network/ipblocking *# commit
Server /cimc/network/ipblocking #

Was this Document Helpful?

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)

CLI Configuration Guide for Cisco UCS E-Series Servers Integrated Management Controller, Release 1.0

Results

Chapter: Configuring Network-Related Settings

Configuring Network-Related Settings

CIMC NICs

NIC Mode

NIC Redundancy

Configuring CIMC NICs

Configuring Common Properties

Configuring IPv4

Configuring the Server VLAN

Network Security

Configuring Network Security

Was this Document Helpful?

Contact Cisco

Related Support Community Discussions

Share