Thursday, November 23, 2017

Very specific IPMI VLAN problem (Shared vs dedicated port)

So I have a Supermicro board with a dedicated IPMI port, however it also has an option to share IPMI with one of the LAN ports. On that machine is also a virtual pfSense box.

Now when I put the IPMI port in shared mode and assign it to a VLAN, let's say VLAN 2, and give it an IP of 10.0.2.5, I can only access IPMI management it if I also put the machine I am accessing it from into VLAN 2. However when I set the IPMI to use the dedicated port with the same VLAN and IP setting as before, I can access it from anywhere just fine.

My best guess is that IPMI has something wonky about it that is messing with VLANs on layer 2, considering how in the past Supermicro didn't even support VLAN tagging on IPMI. Did anybody ever encounter anything like this? Any insight you can give me?

I know this is a very specific and unusual problem, and you might say it's not actually a problem since I can always use the dedicated port, but if I have the option to use less switch port's I'd take it. And yes, I am aware of the security implications of using IPMI in shared mode and how the OS on that machine can listen in.



No comments:

Post a Comment