By default, our IPMIs are protected behind our proxy, this is done for increased security and confidentiality.
For our resellers, we also offer direct access to the IPMIs on our servers.
Step 1 - Requesting direct IPMI access
If you want direct access to your IPMIs, you can request this by creating a ticket, requesting direct IPMI IP access.
After reviewing your request, we will deliver a transport network, in this example we are using:
Step 2 - Setting up direct IPMI access
To set up your direct IPMI access, you can use the following commands on your machine.
In the examples, we have used the example transport network from step 1, you will have to replace this with your specific details, which we will provide. The example assumes bond0 is the primary interface on the server on which you would like direct access to the IPMIs.
The commands will not make the configuration persistent. In order to make the configuration persistent, it should be configured in the configuration files of your operating system.
# 1. Adding transport network to interface bond0 ip addr add 10.3.255.2/30 dev bond0 # 2. Adding route for IPMIs in DEL ip route add 10.3.0.0/20 via 10.3.255.1 # 3. Adding route for IPMIs in OUM ip route add 10.4.0.0/20 via 10.3.255.1 # 4. setting up iptables to NAT outbound connections towards IPMIs with the interface IP iptables -t nat -A POSTROUTING -d 10.3.0.0/20,10.4.0.0/20 -o bond0 -j SNAT --to-source 10.3.255.2
In the example we are assuming bond0 is the interface on which the transport network should be configured.
- Add the IP address for the transport network on your local interface
- Add the route for the IPMIs in Delft
- Add the routes for the IPMIs in Oudemeer
- Set up Source Nat using iptables, as all communications to the IPMIs will have to be done from your allocated transport IP address.
In the example, the provided transport network is: 10.3.255.0/30, this network has 4 ip addresses which will be allocated as following:
The allocation will always be the same: NovoServe will take the first usable IP address, the second usable IP address is reserved for the customer.
Step 3 - Using your direct IPMI access
After completing step 2, your machine will be able to communicate directly with the IPMIs of your machines. Now you can set up your software which requires access to the IPMIs, you can also set up a VPN on your server, so you can connect directly to the IPMIs from your computer.
Connections to our IPMIs are monitored. Any malicious activities will result in direct IPMI access being removed.