From owner-freebsd-stable@FreeBSD.ORG Mon Mar 17 08:52:41 2008 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F3DCB106564A for ; Mon, 17 Mar 2008 08:52:40 +0000 (UTC) (envelope-from jdc@parodius.com) Received: from mx01.sc1.parodius.com (mx01.sc1.parodius.com [72.20.106.3]) by mx1.freebsd.org (Postfix) with ESMTP id CBB8F8FC1C for ; Mon, 17 Mar 2008 08:52:40 +0000 (UTC) (envelope-from jdc@parodius.com) Received: by mx01.sc1.parodius.com (Postfix, from userid 1000) id CEF801CC060; Mon, 17 Mar 2008 01:52:40 -0700 (PDT) Date: Mon, 17 Mar 2008 01:52:40 -0700 From: Jeremy Chadwick To: Johan =?iso-8859-1?Q?Str=F6m?= Message-ID: <20080317085240.GA40391@eos.sc1.parodius.com> References: <89A232E0-CB36-4EE0-B66D-DCA4AB6F20DD@stromnet.se> <47D85B27.1000006@osoft.us> <47D86A01.8070500@osoft.us> <20080316073616.GQ87650@evil.alameda.net> <7FA8F29C-8D96-49E7-A927-8482F0ADBED1@stromnet.se> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <7FA8F29C-8D96-49E7-A927-8482F0ADBED1@stromnet.se> User-Agent: Mutt/1.5.17 (2007-11-01) Cc: freebsd-stable@freebsd.org, ulf@Alameda.net Subject: Re: HP ProLiant DL360 G5 success stories? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2008 08:52:41 -0000 On Mon, Mar 17, 2008 at 08:33:20AM +0100, Johan Ström wrote: > On Mar 16, 2008, at 8:36 AM, Ulf Zimmermann wrote: > >> On Wed, Mar 12, 2008 at 06:40:49PM -0500, Joe Koberg wrote: >>> Johan Str?m wrote: >>>> But.. >>>> http://bizsupport.austin.hp.com/bc/docs/support/SupportManual/c00553302/c00553302.pdf >>>> seems >>>> to tell me that in basic mode I can only access BIOS (pre-OS) using the >>>> Remote Console feature, and that after POST I have to have the advanced >>>> licensed option? >>>> >>> >>> I don't do the purchasing and we get all Advanced iLO, so I will take >>> your word for it. The older generations supported text console (i have >>> a 360G2 that does so). We use the HP Management agents under Windows >>> for all SNMP reporting so I can't comment on the reporting method under >>> other OS's. >> >> iLO2 ActiveX based remote console (Integrated KVM) can still do >> text only console without license but it doesn't work too well IMHO. >> The Java based console is the same, text will work out license but >> graphics >> mode and that includes certain VESA text modes. >> >> Standard iLO gives the graphical console and virtual media. On Blade >> servers >> the graphical access and virtual media is included. And the Advanced >> license >> gives extra stuff like integration into AD for authentication afik. > > How about SSH mode? SSH and view textmode at boot (serial rdr in bios too?) > and console @ serial in fbsd (bootloader and on). Does that work good or > "not to well" either? I have to chime in here. Who cares if it has SSH support? iLO, LOM, and serial console should all be done over a *private network*, and should NOT be hooked up to a publicly-accessible network or given public IPs. I cannot stress how important this is. DO NOT put stuff like this on the public Internet: you will regret it. The advantage to iLO is that it's the equivalent of KVM-over-IP, supporting virtual media too (read: an ISO image on your laptop/local client machine being used as a CD on the server itself, thus you can install whatever OS you want, etc.). You get NATIVE VGA CONSOLE remotely on the machine -- there is no "serial console", and that's always best. I've seen it in action, and it's *awesome*. Said iLO capability usually works over a series of TCP or UDP ports, somtimes even supporting HTTP (on the iLO module itself!) which means if its on a private network, you can tunnel to it using SSH or similar utilities via another box in the co-lo. Then simply access 127.0.0.1:whatever in the ActiveX, Java, or native Win32/Linux client and voila -- you have the machines' native VGA console in front of you, with no issues relating to serial console. No more "ohhh, the bootup configuration uses 9600bps, but our serial console servers are configured to use 115200bps... but the disk isn't booting so it's still using 9600bps at that stage, now I HAVE to go to the datacenter" scenarios. I do not trust IPMI based on stories I have heard from Yahoo! SAs, talking about how every implementation is different (so much for a "standard"), and how the number of bugs in Supermicro's IPMI implementation are absurd. Supposedly Intel and others have done a better job with it, but I lost all interest in it once I found that there was no real "standard". Besides, anything that "piggybacks" on top of an existing LAN port (even some iLO implementations do this!) is worth avoiding. I do not want to deal with a single NIC emitting two separate MAC addresses -- and that's what happens. It's sometimes referred to as "ASF" as well. Serial console is a major hassle -- and that comment is coming from someone who has quite a bit of experience with it, and relies on it on a daily basis. It's very disappointing that iLO-like capabilities have not become standard in PC hardware these days. Instead, there's a "market" for it, when there should be none. It's a necessity in this day and age. The only company to have done it right on x86 from the get-go seems to be Compaq/HP. Rant over. -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |