#ILO 2 FIRMWARE IPMI BUGS HOW TO#
It’s split into two sections: how to see what a running motherboard’s IPMI is doing, and how to dig into IPMI firmware images to see how the sausage is being made. This blog post is a distillation of what we discovered about the particulars of interacting with and dissecting IPMI software. While we were messing around with our boards and thinking up ways to expose IPMI remotely, we had a lot of fun poking around our IPMI firmware images and inspecting running IPMI on our boards. Having these options available aids our support team, and providing those capabilities to our customers means that they can self-service in more situations, which is a win-win all around. We could also trigger a reboot remotely through the web interface if needed, or access it remotely to do things like mount and boot from a rescue ISO. For one, if one of our on-premise appliances had some sort of issue that caused it to lose internet access from the OS, having access to IPMI would be a godsend for troubleshooting any potential issues. To that end, we saw a lot of advantages to having IPMI web interface available remotely for our customers. Here at Datto, we strive to ensure every part of our product is safe, secure, and easily manageable. It’s available on basically every server-grade motherboard you can buy these days. In short, IPMI is a powerful tool in the operations arsenal that can help make remote management of large numbers of servers extremely simple and removes the need to run physical crash carts around on your datacenter floors. As a further convenience, the vendor may provide a web or BIOS/UEFI-based management console so that the IPMI can be configured and managed without needing custom tools. The IPMI standard even includes a wire protocol called "Remote Management Control Protocol", which is used for programmatic management on the LAN. You can power-cycle all your servers safely, check out consoles at will, collect detailed sensor information and more, all from the comfort of your computer chair and without having to get up and pull boxes out of cabs. From the perspective of the datacenter administrator, who has to manage hundreds or thousands of computers, IPMI provides some pretty sweet advantages. All of these controllers communicate via the Intelligent Platform Management Bus (IPMB), which is basically souped-up I2C. It consists of a main controller called the Baseboard Management Controller (BMC) that handles all the heavy lifting, assisted by other sub-controllers distributed amongst the various modules and parts of the motherboard that are referred to as "satellite controllers". Basically, it’s a built-in back door to your server, one that’s explicitly designed into the board and that people want to be there. Dell calls theirs DRAC or iDRAC, HP has ILO, and so on. Nowadays, basically every vendor supports it or has something like it.
![ilo 2 firmware ipmi bugs ilo 2 firmware ipmi bugs](http://4.bp.blogspot.com/-XsqMM6pq6VE/VBiHvYDHCqI/AAAAAAAAN0E/gald053Jgts/s1600/Zrzut%2Bekranu%2B2014-09-16%2Bo%2B20.41.56.png)
It’s a standard for datacenter and server administrators to enable out of band management of their servers that was first standardized in 1998.
![ilo 2 firmware ipmi bugs ilo 2 firmware ipmi bugs](https://hewlettpackard.github.io/python-redfish-utility/images/timezone2-833eba2b.png)
IPMI stands for Intelligent Platform Management Interface.
![ilo 2 firmware ipmi bugs ilo 2 firmware ipmi bugs](https://i1.wp.com/vmspot.com/wp-content/uploads/2015/03/Boot-to-USB-Drive-Key.jpg)
That’s your server’s IPMI interface, and it can do a lot. Have you ever looked at the backplane of a server? You know, the kind that’s meant to go into a rack in a datacenter? They’ll usually have more than one ethernet port, but oddly, a lot of the time one of those ethernet ports is gonna be off to the side, over with the USB ports instead of with the other ones.