Dell EMC PowerSwitch S5200-ON Series BMC User Guide March 2021 March 2021 Rev.
Copyright © 2018 - 2021 Dell Inc. or its subsidiaries. All rights reserved. Dell, EMC, and other trademarks are trademarks of Dell Inc. or its subsidiaries. Other trademarks may be trademarks of their respective owners.
Contents Chapter 1: About this guide........................................................................................................... 4 Information symbols............................................................................................................................................................ 4 Document revision history.................................................................................................................................................
1 About this guide This guide provides information for using the Dell EMC baseboard management controller (BMC). CAUTION: To avoid electrostatic discharge (ESD) damage, wear grounding wrist straps when handling this equipment. NOTE: Only trained and qualified personnel can install this equipment. Read this guide before you install and power on this equipment. This equipment contains two power cables. Disconnect both power cables before servicing.
Document revision history Table 1. Revision history Revision Date Description A00 2018-09 Initial release A01 2019-03 Updated to include the S5224F-ON and S5212F-ON platforms. A02 2021-02 Removed broken link. Updated document to current IDD standards. Added language note. Updated the Default configuration restore section. Added the ipmi commands section. A03 2021-03 Fixed incorrect link.
2 Hardware and software support For the most current BMC update information, see the S5200-ON Series Release Notes. For more information about the intelligent platform management interface (IPMI), see the IPMI resources that is hosted by Intel at https://www.intel.com/content/www/us/en/servers/ipmi/ipmi-technical-resources.html. NOTE: The BMC out-of-band (OOB) network or LAN is not enabled for Trade Agreement Act-qualified (TAA) switches. The BMC OOB is enabled for non-TAA-qualified switches.
3 Configuration methods The diagnostic operating software (DIAG OS) running on the local processor has ipmitool installed by default. You can use the ipmitool both at the switch and remotely. Accessing BMC from the host does not require user name or password. The general syntax for using ipmitool is: NOTE: -I and -H are optional.
INTER_5.0V_volt | INTER_3.3V_volt | FPGA_1.0V_volt | FPGA_1.2V_volt | FPGA_1.8V_volt | FPGA_3.3V_volt | BMC_2.5V_volt | BMC_1.15V_volt | BMC_1.2V_volt | SWITCH_6.8V_volt| SWITCH_3.3V_volt| SWITCH_1.8V_volt| USB_5.0V_volt | NPU_1.2V_volt | NPU_VDDCORE_volt| NPU_VDDANLG_volt| BMC boot | SEL_sensor | 4.900 3.300 0.990 1.190 1.780 3.200 2.400 1.150 1.210 7.000 3.300 1.790 4.900 1.190 0.800 0.
To access BMC over a LAN, use the following ipmitool command: ipmitool [-c|-h|-v|-V] -I lanplus -H [-p ] [-U ] [-L ] [-a|-E|-P|-f ] [-o ] [-O ] [-C ] [-Y|[-K|- ] [-y ] [-e ] [-N ] [-R ] If needed, you can download ipmitool from the htps://sourceforge.net/ projects/ipmitool website. The commands to install ipmitool on Ubuntu or Fedora versions are as follows: 1.
bakgw macaddr Set backup gateway MAC address password Set session password for this channel snmp Set SNMP public community string user Enable default user for this channel access Enable or disable access to this channel alert Enable or disable PEF alerting for this channel arp respond Enable or disable BMC ARP responding arp generate Enable or disable BMC gratuitous ARP generation arp interval Set gratuitous ARP genera
To override the date and time that is used in the system event log (SEL) log, use the following command: root@dellemc-diag-os:~# ipmitool sel time get 08/01/2018 15:10:46 root@dellemc-diag-os:~# ipmitool sel time set usage: sel time set "mm/dd/yyyy hh:mm:ss" root@dellemc-diag-os:~# For ipmiutil/iseltime, download and install the binaries and documentation from https://ipmiutil.sourceforge.net. Also, various Linux distributions have binary packages prebuilt and available for download.
33 34 35 36 37 38 39 40 | | | | | | | | disabled, disabled, disabled, disabled, disabled, disabled, disabled, disabled, configurable configurable configurable configurable configurable configurable configurable configurable For more information, see the IPMI Specification v2.0 chapter 17.7 Event Filter Table and chapter 30.3 Set PEF Configuration Parameters Command. Alert policies and destinations For more information, see the IPMI Specification v2.0 chapter 17.11 Alert Policy Table and chapter 30.
The following output using the ipmitool lan alert print command shows the configuration was successful: root@dellemc-diag-os:~# ipmitool lan alert print 1 1 Alert Destination : 1 Alert Acknowledge : Unacknowledged Destination Type : PET Trap Retry Interval : 0 Number of Retries : 0 Alert Gateway : Default Alert IP Address : 10.11.227.105 Alert MAC Address : 00:00:00:00:00:00 Alert policy setup To setup the alert policy, you must use the ipmitool raw command.
There are 10 entries for a user list. 1. Add a new user by modifying one of the empty entries in the user list using the following: $ ./ipmitool -H xx.xx.xxx.xx -I lanplus -U admin -P admin user set name 3 $ ./ipmitool -H xx.xx.xxx.xx -I lanplus -U admin -P admin user set password 3 Password for user 3: Password for user 3: Set User Password command successful (user 3) Step 1 creates a user with no access. 2. Set the privilege level for the user in Step 1 using the following: $ ./ipmitool -H xx.xx.
Product Asset Tag : D4SSG02 FRU Device Description : FRU_PSU1 (ID 1) Unknown FRU header version 0x00 FRU Device Description Board Mfg Date Board Mfg Board Product Board Serial Board Part Number : : : : : : FRU_PSU2 (ID 2) Fri Jan 12 18:47:00 2018 DELL PWR SPLY,495W,RDNT,DELTA CNDED0081G01GL 0GRTNKA02 FRU Device Description : FRU_FAN1 (ID 3) Unknown FRU header version 0x00 FRU Device Description Board Mfg Date Board Mfg Board Product Board Serial Board Part Number Product Manufacturer Product Name Produ
■ Fh-NO ACCESS ● Request data byte (4)—User Session Limit. Optional—Sets how many simultaneous sessions are activated with the username associated with the user. If not supported, the username activates as many simultaneous sessions as the implementation supports. If an attempt is made to set a non-zero value, a CCh "invalid data field" error returns. ○ [7:4]-Reserved ○ [3:0]-User simultaneous session limit. 1=based. oh=only limited by the implementations support for simultaneous sessions.
Firewall To set a firewall, use the set firewall configuration command. Use parameters 0–3 to add the iptables rules and 4–7 to remove the iptables rules.
Table 3. Firewall parameters (continued) Parameter # Parameter data ● ● ● ● 1 = UDP 2 = both TCP and UDP Data 2:3—port number [2:3]—MX byte first. Port number blocked or unblocked based on the state. Add the Pv4 port number range rule 3 Data 1:—Protocol TCP/UDP ● 0 = TCP ● 1 = UDP ● 2 = both TCP and UDP ● Data 2:5—port range ● [2:3]—Port number from the ports blocked or unblocked based on the state. ● [4:5]—Port number till ports are blocked or unblocked based on the state.
Table 3. Firewall parameters (continued) Parameter # Parameter data Flush IPv4 and IPv6 iptable 8 Flush all the rules set using iptables and ip6tables. Drop all 9 Add iptables rules to block IPv4 and IPv6 traffic to the BMC. The state selector is not used. ● Data1: Protocol ● Bit 7:2—Reserved ● Bit 1—IPv6 ● Bit 0—IPv4 Remove drop all rule 10 Remove iptables rules to block IPv4 and IPv6 traffic to the BMC. The state selector is not used.
Table 3. Firewall parameters (continued) Parameter # Parameter data ● LS-byte first if little endian system. Two-byte data required to form year. Add the IPv4 port number with timeout rule 13 Data 1—Protocol TCP and UDP ● 0 = TCP ● 1 = UDP ● 2 = both TCP and UDP ● Data 2:3—port number ● [2:3]—Port number from the ports blocked or unblocked based on the state. ● Date 4:9—Start time ● [4:5]—Year ● LS-byte first if little endian system. Two-byte data required to form year.
Table 3. Firewall parameters (continued) Parameter # Parameter data Remove the IPv4 address with timeout rule 15 Data 1:4—IP address ● MS-byte first. The IPv4 address type blocked or unblocked based on the state. ● Date 5:10—Start time ● [5:6]—Year ● LS-byte first if little endian system. Two-byte data required to form year. ● 7—month ● 8—date ● 9—hour ● 10—minute ● Date 11-16—stop time ● [11:12]—Year ● LS-byte first if little endian system. Two-byte data required to form year.
Table 3. Firewall parameters (continued) Parameter # Parameter data ● ● ● ● ● ● ● ● ● ● ● 6—month 7—date 8—hour 9—minute Date 10-15—stop time [10:11]—Year LS-byte first if little endian system. Two-byte data required to form year. 12—month 13—date 14—hour 15—minute Remove the IPv4 port number range with timeout rule 18 Data 1:—Protocol TCP and UPD ● 0 = TCP ● 1 = UDP ● 2 = both TCP and UDP ● Data 2:5—port number ● [2:3]—Port number from the ports blocked or unblocked based on the state.
Table 3. Firewall parameters (continued) Parameter # Parameter data ● ● ● ● ● ● ● ● 7—minute Date 8:13—Stop time [8:9]—Year LS-byte first if little endian system. Two-byte data required to form year. 10—month 11—date 12—hour 13—minute Remove drop all Ipv4 or IPv6 with timeout rule 20 Add iptables rules to block IPv4 and IPv6 traffic to the BMC. The state selector is not used.
Table 3. Firewall parameters (continued) Parameter # Parameter data Add IPv6 address range with timeout rule 22 Data 1:16—IPv6 address range ● [1:16]—Port number from the ports blocked or unblocked based on the state. ● [17:32]—Port number till the ports blocked or unblocked based on the state. ● Date 33:38—Start time ● [33:34]—Year ● LS-byte first if little endian system. Two-byte data required to form year.
Table 3. Firewall parameters (continued) Parameter # Parameter data ● ● ● ● ● ● ● ● ● ● ● 35—month 36—date 37—hour 38—minute Date 39:44—stop time [39:40]—Year LS-byte first if little endian system. Two-byte data required to form year. 41—month 42—date 43—hour 44—minute Add the IPv6 port number with timeout rule 25 Data 1—Protocol TCP and UDP ● 0 = TCP ● 1 = UDP ● 2 = both TCP and UDP ● Data 2:3—port number ● [2:3]—Port number from the ports blocked or unblocked based on the state.
Table 3. Firewall parameters (continued) Parameter # Parameter data ● Date 12-17—stop time ● [12:13]—Year ● LS-byte first if little endian system. Two-byte data required to form year. ● 14—month ● 15—date ● 16—hour ● 17—minute Remove the IPv6 port number with timeout rule 27 Data 1—Protocol TCP and UDP ● 0 = TCP ● 1 = UDP ● 2 = both TCP and UDP ● Data 2:3—port number ● [2:3]—Port number from the ports blocked or unblocked based on the state.
Table 3. Firewall parameters (continued) Parameter # Parameter data ● LS-byte first if little endian system. Two-byte data required to form year. ● 14—month ● 15—date ● 16—hour ● 17—minute Add the IPv6 address rule 29 Data 1:16—IPv6 address. ● MS-byte first. This is an IPv6 address that is blocked or unblocked based on state. Add the IPv6 address range rule 30 Data 1:16—IPv6 address range ● [1:16]—Starting IP address from which IPs are blocked or unblocked based on the state. ● [17.
Table 3. Firewall parameters (continued) Parameter # Parameter data ● [2:3]—Port number from the ports blocked or unblocked based on the state. Remove the IPv6 port number range rule 36 Data 1—Protocol TCP and UDP ● 0 = TCP ● 1 = UDP ● 2 = both TCP and UDP ● Data 2:5—port number ● [2:3]—Port number from the ports blocked or unblocked based on the state. ● [4:5]—Port number till the ports are blocked or u nblocked based on the state.
● Netfn—0x32 ● Command—0x68 Audit log configuration ● Request data byte 1—Cmd ○ [7:2] Reserved ○ [1:0] 01h–Audit log ● Request data byte 1—Status ○ [7:2] Reserved ○ [1:0] 01h–Disabled ○ 01h–Enable local ● Response data byte 1—00h-success ○ CCh=invalid data field ○ FFh=unspecified error ● Response data byte 1—Cmd ○ [7:2] Reserved ○ [1:0] 00h–system log ● Response data byte 2—Status ○ [7:2] Reserved ○ [1:0] 01h–Disabled ○ 01h–Enable local ● Response data byte 3-70 for REMOTE (68 bytes) or 3-7 for LOCAL (5 by
● Command—0x66 ● Response byte 1—Completion code Default settings The following tables list the default settings after a switch restore. Table 4.
4 Host power control The following are host power control commands: ● ● ● ● Power Off—the ipmitool powers off Power On—the ipmitool powers on Power Cycle—the ipmitool power cycles Hard Reset—the ipmitool power resets Host power control 31
5 Firmware update To update the firmware from a remote machine, use the BMC LAN interface. You can also update the firmware in the local host OS using the USB interface. The USB interface is between the BMC and the microprocessor. When using the USB, the BMC simulates a virtual USB device, then Yafuflash sends the image to the BMC via the USB bus. Typically the update process completes in five minutes. For more information about Yafuflash, see the S5200-ON Series Release Notes. Table 5.
6 Access system health sensors To check sensor information, use the following command: root@dellemc-diag-os:~# ipmitool sensor list To change the sensor threshold, see the IPMI Specification v2.0 chapter 35.8 Set Sensor Thresholds Command. ● Request data byte 1—Sensor number, FFH=reserved ● Request data byte 2— ○ [7:6] - reserved.
FAN3_prsnt | FAN4_prsnt | FAN1_Rear_stat | FAN2_Rear_stat | FAN3_Rear_stat | FAN4_Rear_stat | FAN1_Front_stat | FAN2_Front_stat | FAN3_Front_stat | FAN4_Front_stat | INTER_5.0V_volt | INTER_3.3V_volt | FPGA_1.0V_volt | FPGA_1.2V_volt | FPGA_1.8V_volt | FPGA_3.3V_volt | BMC_2.5V_volt | BMC_1.15V_volt | BMC_1.2V_volt | SWITCH_6.8V_volt| SWITCH_3.3V_volt| SWITCH_1.8V_volt| USB_5.0V_volt | NPU_1.2V_volt | NPU_VDDCORE_volt| NPU_VDDANLG_volt| BMC boot | SEL_sensor | 34 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 4.
7 IPMI commands NOTE: All commands are subject to change as the ipmi commands evolve over time.
● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● 36 ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi ipmi mc watchdog off mc selftest mc getenables mc getenabled
● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ipmi sol payload [channel][userid] ipmi sol activate [][instance=] ipmi sol deactivate [instance=] ipmi sol looptest [[[]]] ipmi user summary [] ipmi user list [] ipmi user set name ipmi user set password [<16|20>] ipmi user disable ipmi user enab
8 ipmiutil package NOTE: All commands are subject to change as the ipmiutil package evolves over time. For more information about the IPMI utility, use cases, and the newest list of subcommands, see the IPMI website that is hosted by Intel at https:// www.intel.com/content/www/us/en/servers/ipmi/ipmi-technical-resources.html. ● ipmiutil—a metacommand to invoke each of the following functions: ○ ipmiutil alarms (ialarms)—show and set the front panel alarms, including light emitting diodes (LEDs) and relays.
9 Access FRU data To check field replacement unit (FRU) data, use the following command: root@dellemc-diag-os:~# ipmitool fru print For more FRU information, see the IPMI Specification v2.0 chapter 34.2 Read FRU Data Command. ● Request data 1—FRU device ID. FFh=reserved ● Request data 2—FRU inventory offset to read, LS byte ● Request data 3—FRU inventory offset to read, LS byte ○ Offset is in bytes or words-per-device. Access type returned in the Get FRU Inventory Area Info command output.
Board Part Number : 07R5RFX01FRU Device Description : FAN4_fru (ID 6) Board Mfg Date : Mon Jan 1 00:00:00 1996 Board Serial : CN07R5RFCES0084N0082 Board Part Number : 07R5RFX01 40 Access FRU data
10 Dell EMC support The Dell EMC support site provides documents and tools to help you use Dell EMC equipment and mitigate network outages. Through the support site you can obtain technical information, access software upgrades and patches, download available management software, and manage your open cases. The Dell EMC support site provides integrated, secure access to these services. To access the Dell EMC support site, go to www.dell.com/support/.