文档中心
Network Management Guide
更新时间: 2025/10/15
在Gitcode上查看源码

1. BMC Network Management Introduction

The main responsibility of bmc_network is IPv4/IPv6 configuration, ensuring normal BMC network communication from two perspectives:

  1. Configuring external IP addresses: Users can connect to the BMC via the management IP address configured on the BMC.
  2. Configuring internal IP addresses: These are primarily used for network communication between the management board and the BMC, or between multiple BMCs within the same chassis.

Networking example

The eth0.702 (702 is the VLAN ID) network port device belongs to the internal network port group on the 171.31.1.x subnet.

eth0.701, eth2, and eth3 belong to the external network port group on the xx.xx.16.x subnet. External IP addresses switch among these three network port devices.

2. BMC Network Management Basics

2.1 Common Terms

Dedicated Network Port

Network device of the BMC, which usually corresponds to eth2 in the environment.

NC-SI Network Port

A Network Controller Sideband Interface (NC-SI) network port refers to a network device connected directly to the BMC through an NC-SI cable. All network ports except the dedicated port can be considered as NC-SI network ports. NC-SI network ports include PCIe, LOM, and OCP types. For example, eth0 in the DA123C environment is a PCIe network port.

VLAN

Virtual Local Area Networks (VLANs) are created by logically separating one physical LAN into multiple broadcast domains. Each VLAN functions as a separate broadcast domain, with devices in the same VLAN able to directly communicate with one another, while those in different VLANs cannot. As a result, broadcast packets are confined within a single VLAN.

2.2 Common Protocols

IPv4 and IPv6

ARP

LLDP

ICMP

DHCP

3. BMC Network Management Design

3.1 Common Classes

IPv4

This class primarily carries IPv4 information for external network ports, including the IP address, subnet mask, default gateway, address acquisition mode (DHCP or Static), backup IP address (activated in DHCP mode), and backup subnet mask. It also provides modification interfaces for these properties. (See 4. Common BMC Network Interfaces for details.)

PropertyDescription
IpModeIPv4 network mode, which can be DHCP or Static
IpAddrIP address
BackupIpAddrBackup IPv4 Address
SubnetMaskIPv4 subnet mask
BackupSubnetMaskBackup IPv4 subnet mask
DefaultGatewayDefault IPv4 gateway
EthNameName of the external network port device, such as eth0.701 (701 indicates a VLAN)

IPv6

This class primarily carries IPv6 information for external network ports, including the IP address, prefix length, default gateway, and address acquisition mode (DHCPv6 or Static). It also provides modification interfaces for these properties (see 4. Common BMC Network Interfaces for interface usage).

PropertyDescription
IpModeIPv6 network mode, which can be DHCPv6 or Static
IpAddrIP address
PrefixLengthLength of the IPv6 prefix
ScopeLink,Global
DefaultGatewayDefault IPv6 gateway

EthernetInterfaces

This class primarily carries most of the information for external network ports.

PropertyDescription
EthNameName of the external network port device, such as eth0.701 (701 indicates a VLAN)
NetModeFixed network port mode/adaptive mode (selecting the external network port based on the NIC priority)
MacExternal MAC address of the BMC
IpVersionIPv4/IPv6 enabling status
PortIdID of the currently activated network port, corresponding to Id of MgmtPort
NcsiEnableNC-SI enabling status
VLANEnableNC-SI VLAN enabling status
VLANIdNC-SI VLAN ID
LinkLocalAddressIPv6 link-local address

MgmtPort

This class primarily carries physical NIC information.

PropertyDescription
IdUnique identifier (PortId in EthernetInterfaces refers to this). Currently, the dedicated port is fixed at 1, and others start from 2 and are returned to the network adapter.
EthIdAssociated eth device ID. The value 2 indicates eth2.
DeviceIdNIC device information. Currently, the value is 1, which is not critical.
DevicePortIdPort number on the NIC (one NIC has multiple ports), such as port1 or port2.
SilkscreenNIC silkscreen, such as Mgmt or Port1.
AdaptiveFlagWhether the port participates in adaptive mode.
LinkStatusLink status: Disconnected, Connected (updated by bmc_network for dedicated ports and by the network adapter for NC-SI ports).
TypeNIC type (PCIe, Dedicated, OCP, LOM, and more).
VLANEnabledWhen Id is 1, this represents the VLAN information for the dedicated port. When Id is not 1, this indicates the VLAN information for the NC-SI port.
VLANIdVLAN ID
PriorityPriority for adaptive mode.

LldpConfig

This class primarily carries LLDP-related configurations.

PropertyDescription
EnabledWhether to enable the LLDP service, which is disabled by default. Set true to enable.
WorkModeLLDP working mode. Currently, only the Tx mode is supported.
TxDelaySecondsLLDP Tx delay.
TxIntervalSecondsLLDP Tx interval.
TxHoldLLDP Tx hold time.
LLDPSupportWhether to support the LLDP function. LLDP is not supported by default, preventing its service and routine test from starting.
LLDPParseEnabledWhether to support the LLDP parsing function. LLDP parsing is not supported by default.
LLDPOverNCSIEnabledWhether to support LLDP over NC-SI. LLDP Over NC-SI is not supported by default, preventing LLDP from parsing packets sent by NC-SI.
LLDPGetPortDescEnabledWhether to support LLDP port description acquisition. This function is not supported by default, preventing the Port Desc field from being parsed.

LLDPInfo

This class primarily carries information related to LLDP packet parsing.

PropertyDescription
PortNamePort number parsed from the packet
PortDescPort description parsed from the packet
SystemDescSwitch model parsed from the packet
OrgSpecOrganization model parsed from the packet
ManagementIPManagement address parsed from the packet
SlotIdU position number corresponding to the cabinet port, defaulting to 0

Assembly

This class primarily carries information related to LLDP packet parsing.

PropertyDescription
HostNameHost name
SystemGUIDSystem-wide unique identifier, which can be modified by users
DomainNameDomain Name
UUIDDevice-wide unique identifier, which can only be generated by the IPMI and cannot be modified
ManagementIPManagement address parsed from the packet
FQDNFully qualified domain name (FQDN) in format of host_name.domain_name

Group

This class currently primarily persists the MAC address of external network ports.

PropertyDescription
GroupIdFixed as EthGroup0
EthNameExternal network port name, such as eth2 and eth0
EthIdExternal network port ID, such as 2 and 0
MacExternal network port MAC address, defaulting to 20:22:01:75:BC:60

EthMac

This class primarily carries network port hardware-related configurations.

PropertyDescription
GroupIdNetwork port group ID, such as EthGroup0 and MaintEthGroup
EthNameNetwork port name, such as eth2 and eth0
EthIdExternal network port ID, such as 2 and 0
MacNetwork port MAC address
MacUseEnabledWhether to enable the MAC address, with only one enabled for a network port group
SpeedDuplexEnableWhether to enable the auto-negotiation mode of the network port
SpeedSettingNetwork port speed: 0 for N/A, 1 for 10 Mbit/s, 2 for 100 Mbit/s, and 3 for 1,000 Mbit/s
DuplexSettingNetwork port working mode: 0 for N/A, 1 for half-duplex, and 2 for full-duplex

HeartBeat

This class primarily carries internal network heartbeat configuration.

PropertyDescription
NameName of the entity monitoring the heartbeat, such as IRMHeartBeat
StatusCurrent heartbeat status, such as Lost

EthGroup

This class primarily carries configurations for internal networks, multiple external network ports, and maintenance network ports.

PropertyDescription
GroupIdNetwork port group ID, which is unique
NameNetwork port group name, such as InnerEthGroup, MaintEthGroup, or VethGroup
OutTypeType of network port group, including 1 (internal), 2 (external), 3 (veth), 4 (internal network for local maintenance of the Atlas compute node), 5 (external network for local maintenance of the Atlas compute node), 6 (floating IP network of the SMM), 7 (internal network for the peer SMM), 8 (dedicated network port for local O&M), 9 (internal network for cabinet management), and 10 (internal network of the cabinet node)
ActiveEthIdIndex of the currently activated network port, such as 2 for eth2
InnerNetWorkInternal subnet, which is not used
VLANIdVLAN ID corresponding to the activated network port in this group
VLANEnabledWhether to enable the VLAN corresponding to the activated network port in this group
EthAliasAlias of the activated network port. If there is an alias, the maximum value is 254 (255 indicates that there is no alias), for example, eth2:0.
InnerNetWorkInternal subnet, such as 172.31.1.0
IpAddrIPv4 address
BaseIpAddrBase IPv4 address, compared with IpAddr, which is used to determine if the internal IP address is generated based on the slot number
SubnetMaskIPv4 subnet mask
DefaultGatewayIPv4 gateway
Ipv6AddrIPv6 address
PrefixLengthIPv6 prefix length
Ipv6DefaultGatewayIPv6 gateway
IpPolicyIP address generation policy: 0 for default IP address basis and 1 for slot and base IP address basis
StatusWhether the IP address is in the working state
IpModeIPv4 mode, which can be Static or DHCP
Ipv6ModeIPv6 mode, which can be Static or DHCPv6
IpVersionIP protocol type, including IPv4, IPv6, and IPv4AndIPv6
AssociatedPortTypeNetwork port type associated with the group
ChannelLAN channel number corresponding to the network port

Relationships Between Classes

3.2 bmc_network External Network Initialization Process

3.3 bmc_network Internal Network Initialization Process

3.4 DHCP Task Process

4. Common BMC Network Interfaces

4.1 IPMI Interfaces

The following lists raw IPMI commands for IPv4 with simple descriptions.

Setting the External IPv4 Address

Request:

bash
ipmitool -H xx.xx.16.97 -I lanplus -p 623 -U <username> -P <password> -C 17 raw 0x0c 0x01 0x01 0x03 0x4c 0x4c 0x10 0x61

The last four bytes represent the hexadecimal IP address. For example, the command above sets the IP address to xx.xx.16.97.

Response:

If no error is reported, the operation is successful.

Note:

  1. If only IPv6 is enabled, the IPv4 address cannot be set.
  2. If the current mode is DHCP, it will change to Static mode after configuration.
  3. Passing all zeros for the IP address clears the IPv4 address (the subnet mask and gateway are also cleared).

Querying the External IPv4 Address

Request:

bash
ipmitool -H xx.xx.16.203 -I lanplus -p 623 -U <username> -P <password> -C 17 raw 0x0c 0x02 0x01 0x03 0x00 0x00

Response:

text
11 4c 4c 10 cb

The first byte returned is always 11, followed by 4 bytes representing the hexadecimal IP address.

Setting the External IPv4 Subnet Mask

Request:

bash
ipmitool -H xx.xx.19.54 -I lanplus -p 623 -U <username> -P <password> -C 17 raw 0x0c 0x01 0x01 0x06 0xff 0xff 0xff 0x00

The last four bytes represent the hexadecimal subnet mask. For example, the command above sets the subnet mask to 255.255.255.0.

Response:

If no error is reported, the operation is successful.

Note:

  1. If only IPv6 is enabled, the IPv4 subnet mask cannot be set.
  2. Passing all zeros for the subnet mask clears the IPv4 subnet mask (the gateway is also cleared).

Querying the External IPv4 Subnet Mask

Request:

bash
ipmitool -H xx.xx.16.203 -I lanplus -p 623 -U <username> -P <password> -C 17 raw 0x0c 0x02 0x01 0x06 0x00 0x00

Response:

text
11 ff ff ff 00

The first byte returned is always 11, followed by 4 bytes representing the hexadecimal subnet mask.

Setting the External IPv4 Gateway

Request:

bash
ipmitool -H xx.xx.19.54 -I lanplus -p 623 -U <username> -P <password> -C 17 raw 0x0c 0x01 0x01 0x0c 0x4c 0x4c 0x10 0x01

Response:

If no error is reported, the operation is successful.

Note:

  1. If only IPv6 is enabled, the IPv4 gateway cannot be set.
  2. If the configured gateway is not in the same subnet as the current IP address, the operation fails.
  3. Passing all zeros for the gateway clears the IPv4 gateway.

Querying the External IPv4 Gateway

Request:

bash
ipmitool -H xx.xx.16.203 -I lanplus -p 623 -U <username> -P <password> -C 17 raw 0x0c 0x02 0x01 0x0c 0x00 0x00

Response:

text
11 4c 4c 10 01

The first byte returned is always 11, followed by 4 bytes representing the hexadecimal gateway.

Setting the External IPv4 Mode

Request:

bash
ipmitool -H xx.xx.16.203 -I lanplus -p 623 -U <username> -P <password> -C 17 raw 0x0c 0x01 0x01 0x04 0x02

The last byte represents the mode: 0x01 (Static) or 0x02 (DHCP).

Response:

If no error is reported, the operation is successful.

Note:

  1. If only IPv6 is enabled, the IPv4 mode cannot be set.

Querying the External IPv4 Mode

Request:

bash
ipmitool -H xx.xx.16.203 -I lanplus -p 623 -U <username> -P <password> -C 17 raw 0x0c 0x02 0x01 0x04 0x00 0x00

Response:

text
11 01

The first byte returned is always 11. The second byte indicates the mode: 0x01 (Static) or 0x02 (DHCP).

4.2 RPC Interfaces

IPv4

Ipv4SetIpAddr

Callback function: set_ipv4_addr

Function: Sets the IPv4 address, passing only the IP address and subnet mask.

Prerequisites:

  1. The input IPv4 address is valid.
  2. The input subnet mask is valid.
  3. ip_version supports IPv4.
  4. No subnet conflicts exist with the internal network or maintenance IP addresses.

Note: The DHCP client will be stopped if this interface is used in DHCP mode, and the static address mode will be used.

Function implementation:

  1. Modify resource tree and database information.
  2. Record operation logs.
  3. Set the IPv4 address and subnet mask through a socket (core implementation).
  4. Update iptables rules in the network address translation (NAT) table for the external network.
  5. Emit signals for IPv4 address and subnet mask changes.
  6. Clear alias network ports.
  7. Modify iptables rules when the IP address changes.
  8. Broadcast ARP packets.

Ipv4SetDefaultGateway

Callback function: set_ipv4_gateway

Function: Sets the IPv4 gateway independently.

Prerequisites:

  1. The input gateway address is valid.
  2. ip_version supports IPv4.
  3. The current gateway and the IP address to be set are in the same subnet.

Function implementation:

  1. Modify resource tree and database information (DefaultGateway).
  2. Record operation logs.
  3. Set the IPv4 address through a socket (core implementation).
  4. Emit signals for IPv4 gateway changes.
  5. Broadcast ARP packets.

Ipv4SetIpMaskGateway

Callback function: set_ipv4_mask_gateway

Function: Sets the IPv4 address, passing the IP address, subnet mask, and gateway.

Prerequisites:

  1. The input parameters are valid.
  2. The subnets are the same.
  3. The IP address does not conflict with other IP addresses.

Note: The DHCP client will be stopped if this interface is used in DHCP mode, and the static address mode will be used.

Function implementation:

  1. Modify the database and resource tree.
  2. Record operation logs.
  3. Set the IPv4 address, subnet mask, and default gateway through a socket (core implementation).
  4. Update iptables rules in the NAT table for the external network.
  5. Modify iptables rules when the IP address changes.
  6. Emit signals for IPv4 information changes.
  7. Clear alias network ports.
  8. Broadcast ARP packets.

Ipv4SetDedicatedMaintIpMask

Callback function: set_dedicated_maint_ipv4_mask

Function: Sets the IPv4 address and subnet mask for dedicated port O&M.

Prerequisites:

  1. The input parameters are valid.
  2. The subnets are the same.
  3. The IP address does not conflict with other IP addresses.

Function implementation:

  1. Update the dedicated O&M network:
    • Set the IPv4 address and subnet mask of the O&M network port through a socket (core implementation).
    • Set route_localnet to 1 to ensure services like Web and SSH function normally.
    • Update iptables rules in the NAT table for the O&M network.
    • After the O&M network port is configured, ARP address resolution points to the maintenance IP address. Therefore, the external network port needs to actively send ARP packets to trigger address learning for the external IP address.
  2. Record operation logs.

IPv6

Ipv6SetIpAddr

Callback function: set_ipv6_addr

Function: Sets the IPv6 address, passing only the IP address and prefix length. ipv6_addr must be in the shortest string format, such as fe80::.

Prerequisites:

  1. The IPv6 address is valid.
  2. The prefix length is valid (the maximum prefix length is 128 bits).
  3. ip_version supports IPv6.

Note:

  1. If the passed prefix length is 0, the default value of 64 is used.
  2. Disable the DHCPv6 service first if the DHCP mode is used.

Function implementation:

  1. Record operation logs.
  2. Modify the database and resource tree.
  3. Delete the previous IPv6 information through a socket.
  4. Set new IPv6 information through a socket (core implementation).
  5. Emit signals for IPv6 address and prefix length changes.
  6. Send NA packets.
  7. Modify ip6tables rules when the IPv6 address changes.

Ipv6SetDefaultGateway

Callback function: set_ipv6_gateway

Function: Sets the IPv6 gateway independently.

Prerequisites:

  1. The gateway is valid.
  2. The gateway to be set is in the same subnet as the current IP address.
  3. ip_version supports IPv6.

Function implementation:

  1. Record operation logs.
  2. Modify resource tree and database information (DefaultGateway).
  3. Delete the previous IPv6 gateway through a socket.
  4. Set a new IPv6 gateway through a socket (core implementation).
  5. Emit signals for IPv6 gateway changes.

Ipv6SetIpv6PrefixGateway

Callback function: set_ipv6_prefix_gateway

Function: Sets the IPv6 address, passing the IP address, prefix length, and gateway.

Prerequisites:

  1. In Redfish scenarios, configuration is required if either IpAddr or PrefixLength is valid.
  2. The IP address, prefix length, and gateway are valid.
  3. The gateway to be set is in the same subnet as the current IP address.
  4. ip_version supports IPv6.

Note:

  1. In Redfish scenarios, an error will be reported if the IPv6 address is invalid.
  2. Disable the DHCPv6 service first if the DHCP mode is used.
  3. If the passed prefix length is 0, the default value of 64 is used.

Function implementation:

  1. Record operation logs.
  2. Modify resource tree and database information.
  3. Delete the previous IPv6 gateway through a socket.
  4. Set a new IPv6 gateway through a socket (core implementation).
  5. Delete the previous IPv6 information through a socket.
  6. Set new IPv6 information through a socket (core implementation).
  7. Emit signals for IPv6 address, prefix length, and gateway changes.
  8. Send NA packets.
  9. Modify ip6tables rules when the IPv6 address changes.

Ethernet

EthernetInterfacesGetAllPort

Callback function: get_all_port

Function implementation:

Traverse slot.Port and return all port information:

  • Id
  • EthId
  • DeviceId
  • DevicePortId
  • Silkscreen
  • Type
  • AdaptiveFlag
  • LinkStatus
  • Mac

EthernetInterfacesSetNetworkConfig

Callback function: set_network_config

Function: Sets network configuration.

Input parameters: NetMode, PortId, VLANEnable, and VLANId

Prerequisites:

  1. The network configuration does not conflict with the internal VLAN.
  2. The port ID is valid.
  3. In adaptive mode, the port remains unchanged from the previous one, and interface parameters are not accepted.
  4. If only vlan_id is modified while VLANEnable is false, the network is not restarted.

Function implementation:

  1. NetMode includes the adaptive mode and fixed network port mode.
  2. Update database and resource tree information.
  3. Switch the network port and restart the network, updating multi-IP address configurations for the external network port.
  4. Restart the network if the VLAN information of the NC-SI network port changes.

EthernetInterfacesAddMgmtPort

Callback function: add_mgmt_port

Function: Adds a management port.

Note:

  1. If portId is not 0, the existing port is updated. Otherwise, a port with the specified portId is registered.
  2. A value of 0 indicates a new registration, and a portId must be automatically generated.
  3. Modification of the dedicated network port is not supported.

Function implementation:

  1. Add a resource tree object.

EthernetInterfacesDeleteMgmtPort

Callback function: delete_mgmt_port

Function: Deletes a management port.

Note:

  1. When portId is 255, all NC-SI network ports are deleted.
  2. Dedicated network ports cannot be deleted.

Function implementation:

  1. Delete the resource tree object.

EthernetInterfacesSetVLANConfig

Callback function: rpc_set_vlan

Function: Sets the VLAN.

Prerequisites:

  1. The network configuration does not conflict with the internal VLAN.
  2. The vlan_id is within the range of 1 to 4094.

Function implementation:

  1. Set vlan_id based on portType. Currently, only two types are supported: 0 for NCSI and 1 for Dedicated.
  2. Determine whether the current model supports VLAN configuration for the dedicated network port. If not, return a failure message directly.

HeartBeatBeat

Callback function: heart_beat:beat

Function: Provides heartbeats.

EthernetInterfacesNetworkFailover

Callback function: network_failover

Function: Updates the network failover status.

Note: When the LAN switch (LSW) switches ports, ARP packets and NA packets are actively sent.

iptables

EthernetInterfacesAddIptablesRule

Callback function: add_iptables_rule

Input parameters: interface_name and ip_addr

Note:

  1. Operation logs are not recorded when this RPC method is called internally between SSDP components.
  2. The input parameter validation includes checks for special characters.

Function implementation:

  1. Implement the function using iptables commands of the OS.

EthernetInterfacesAddIp6tablesRule

Callback function: add_ip6tables_rule

Input parameters: interface_name and ipv6_addr

Note:

  1. Operation logs are not recorded when this RPC method is called internally between SSDP components.
  2. The input parameter validation includes checks for special characters.

Function implementation:

  1. Implement the function using ip6tables commands of the OS.

NatConfigAddNatRule

Callback function: add_nat_rule

Function: Adds an address mapping rule.

Input parameters: service_name and reg_params

Note:

  1. Currently, only one forwarding rule with a specified IP address can be added for a network port type.
  2. Based on the forwarding rules of all running services, a rule for forwarding from ps.Address to an internal address is added. Currently, only IPv4 addresses are supported.

Function implementation:

  1. add_multi_nat_rules or add_single_nat_rule
  2. Implement the function using iptables commands of the OS.

NatConfigUpdateNatRule

Callback function: update_nat_rule

Function: Updates an address mapping rule.

Input parameters: service_name and reg_params

Function implementation:

  1. update_multi_nat_rules or update_single_nat_rule
  2. Implement the function using iptables commands of the OS.
  3. If the network port is unavailable, set route_localnet to 0.