From owner-freebsd-stable@FreeBSD.ORG Mon Mar 17 11:16:18 2008 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 62891106566B for ; Mon, 17 Mar 2008 11:16:18 +0000 (UTC) (envelope-from johan@stromnet.se) Received: from core.stromnet.se (core.stromnet.se [83.218.84.131]) by mx1.freebsd.org (Postfix) with ESMTP id A0AA18FC1C for ; Mon, 17 Mar 2008 11:16:17 +0000 (UTC) (envelope-from johan@stromnet.se) Received: from localhost (core.stromnet.se [83.218.84.131]) by core.stromnet.se (Postfix) with ESMTP id DA6CDD4640C; Mon, 17 Mar 2008 12:15:48 +0100 (CET) X-Virus-Scanned: amavisd-new at stromnet.se Received: from core.stromnet.se ([83.218.84.131]) by localhost (core.stromnet.se [83.218.84.135]) (amavisd-new, port 10024) with ESMTP id vHj1fpc19FYz; Mon, 17 Mar 2008 12:15:42 +0100 (CET) Received: from johan-mp.stromnet.se (90-224-172-102-no129.tbcn.telia.com [90.224.172.102]) by core.stromnet.se (Postfix) with ESMTP id AEF06D46405; Mon, 17 Mar 2008 12:15:42 +0100 (CET) Message-Id: <7982C43A-4252-46EC-9FA1-5AE78CFD88B0@stromnet.se> From: =?ISO-8859-1?Q?Johan_Str=F6m?= To: Jeremy Chadwick In-Reply-To: <20080317085240.GA40391@eos.sc1.parodius.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed; delsp=yes Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Apple Message framework v919.2) Date: Mon, 17 Mar 2008 12:16:10 +0100 References: <89A232E0-CB36-4EE0-B66D-DCA4AB6F20DD@stromnet.se> <47D85B27.1000006@osoft.us> <47D86A01.8070500@osoft.us> <20080316073616.GQ87650@evil.alameda.net> <7FA8F29C-8D96-49E7-A927-8482F0ADBED1@stromnet.se> <20080317085240.GA40391@eos.sc1.parodius.com> X-Mailer: Apple Mail (2.919.2) Cc: freebsd-stable@freebsd.org Subject: Re: HP ProLiant DL360 G5 success stories? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Mar 2008 11:16:18 -0000 On Mar 17, 2008, at 9:52 AM, Jeremy Chadwick wrote: > On Mon, Mar 17, 2008 at 08:33:20AM +0100, Johan Str=F6m wrote: >> On Mar 16, 2008, at 8:36 AM, Ulf Zimmermann wrote: >> >>> On Wed, Mar 12, 2008 at 06:40:49PM -0500, Joe Koberg wrote: >>>> Johan Str?m wrote: >>>>> But.. >>>>> = http://bizsupport.austin.hp.com/bc/docs/support/SupportManual/c00553302/c0= 0553302.pdf >>>>> seems >>>>> to tell me that in basic mode I can only access BIOS (pre-OS) =20 >>>>> using the >>>>> Remote Console feature, and that after POST I have to have the =20 >>>>> advanced >>>>> licensed option? >>>>> >>>> >>>> I don't do the purchasing and we get all Advanced iLO, so I will =20= >>>> take >>>> your word for it. The older generations supported text console =20 >>>> (i have >>>> a 360G2 that does so). We use the HP Management agents under =20 >>>> Windows >>>> for all SNMP reporting so I can't comment on the reporting method =20= >>>> under >>>> other OS's. >>> >>> iLO2 ActiveX based remote console (Integrated KVM) can still do >>> text only console without license but it doesn't work too well IMHO. >>> The Java based console is the same, text will work out license but >>> graphics >>> mode and that includes certain VESA text modes. >>> >>> Standard iLO gives the graphical console and virtual media. On Blade >>> servers >>> the graphical access and virtual media is included. And the Advanced >>> license >>> gives extra stuff like integration into AD for authentication afik. >> >> How about SSH mode? SSH and view textmode at boot (serial rdr in =20 >> bios too?) >> and console @ serial in fbsd (bootloader and on). Does that work =20 >> good or >> "not to well" either? > > I have to chime in here. > > Who cares if it has SSH support? iLO, LOM, and serial console should > all be done over a *private network*, and should NOT be hooked up to a > publicly-accessible network or given public IPs. I cannot stress how > important this is. DO NOT put stuff like this on the public Internet: > you will regret it. > > > The advantage to iLO is that it's the equivalent of KVM-over-IP, > supporting virtual media too (read: an ISO image on your laptop/local > client machine being used as a CD on the server itself, thus you can > install whatever OS you want, etc.). You get NATIVE VGA CONSOLE > remotely on the machine -- there is no "serial console", and that's > always best. I've seen it in action, and it's *awesome*. For advanced license yes. Thats another $400 or so (which might not be =20= very much money for big corps but for me and my one server =20 installation its more..) > > > Said iLO capability usually works over a series of TCP or UDP ports, > somtimes even supporting HTTP (on the iLO module itself!) which =20 > means if > its on a private network, you can tunnel to it using SSH or similar > utilities via another box in the co-lo. Then simply access > 127.0.0.1:whatever in the ActiveX, Java, or native Win32/Linux client > and voila -- you have the machines' native VGA console in front of =20 > you, > with no issues relating to serial console. No more "ohhh, the bootup > configuration uses 9600bps, but our serial console servers are > configured to use 115200bps... but the disk isn't booting so it's =20 > still > using 9600bps at that stage, now I HAVE to go to the datacenter" > scenarios. Yep, there are some downsides with serial console. But if it works, =20 i'd rather use a normal ssh client in my terminal together with the =20 virtual serial port than sitting in a web browser. But i'll guess I'm =20= going to evaluate the serial port option when I get the box, and if it =20= isnt working to good i'll just have to throw up the money and get the =20= advanced license (even if i'd rather use that money on more "fun" =20 things..) > > > I do not trust IPMI based on stories I have heard from Yahoo! SAs, > talking about how every implementation is different (so much for a > "standard"), and how the number of bugs in Supermicro's IPMI > implementation are absurd. Supposedly Intel and others have done a > better job with it, but I lost all interest in it once I found that > there was no real "standard". Besides, anything that "piggybacks" on > top of an existing LAN port (even some iLO implementations do this!) =20= > is > worth avoiding. I do not want to deal with a single NIC emitting two > separate MAC addresses -- and that's what happens. It's sometimes > referred to as "ASF" as well. I've got a supermicro ipmi card now and.. I'm afraid I cannot describe =20= it with better words than "crappy toy".. Constant IPMI card restarts/=20 crashes, the serial consol java browser applet stopping responding, =20 firmware upgrades that b0rks the card totally etc... -- Johan=