BinaryData Posted December 13, 2016 Share Posted December 13, 2016 I'm not sure if I've posted about this before, my apologies if I have. I'm working on a script to allow the Deployment Team I work with, to set IP Address information faster using the RACAdmin tool from Dell. I'm trying to figure out a way to configure the iDRAC remotely, even if I have to plug a single cable into a switch, it still makes it easier trying to power cycle servers. My networking knowledge is very limited, I know enough to get around, but I don't know enough about Enterprise switches, such as Nexus6001s, FEXs 2248, 2232, etc... I have a script to run without the networking portion, it's just obnoxious to run because it requires me to plug a cable into a device one at a time, and change my local adapter to the default information. I have thought about a USBx.0 to Ethernet adapter, and leaving that adapter with the default IP info for Dell. I wasn't sure which category this would fall under, it's networking and scripting. Default iDRAC Information should be IP: 192.168.0.120 SN: 255.255.255.0 GW: 192.168.0.1 I can double check the next time I do the configurations. My goal is to be able to have myself or the Systems Engineer run a script with the IPs, Subnet, and Gateway information in a csv with a column for Serial Numbers. It'd match the S/N with the systems S/N, set the information, and anything else I'd need set, such as users and passwords. Link to comment Share on other sites More sharing options...
DaveLegg Developer Posted December 13, 2016 Developer Share Posted December 13, 2016 So... What's the question? Link to comment Share on other sites More sharing options...
+BudMan MVC Posted December 13, 2016 MVC Share Posted December 13, 2016 So I am confused.. That is the idracs default config? And you want to change it to what? I would assume all of your idracs are on some infrastructure vlan that all the idracs of all the different servers are on? How would you change that remotely if you can not get to it? So the idrac is connected to a switch, this switch port would be in a vlan. If the idracs info does not match the network of that vlan. Then there really is no way to get to it remotely.. These idracs should all be configured before they are connected to the network. If your saying this idrac is connected to a switch, and that switch port is in say vlan 100, as long as your on vlan 100 you could connect to the IP of the drac if you put yourself on that same layer 3 network from anywhere else on the network as long as your on the same layer 2 vlan. where you could have a problem is if there are multiple idracs on the same layer 2 vlan with that same default IP of 192.168.0.120/24 then your going to have issues.. So you have this for example You have a switching environment.. And your vlan that idracs are suppose to be connected to lets call it vlan 100, with the network is suppose to be 10.0.0/24 but some idiot connected this box idrac to the idrac network before configuring it. So its still got its default 192.168.0.120 address. now you want to get to that IP and change it? is this your question?? If that is your question as long as your connected to this same idrac vlan somewhere else on the network and you give yourself a 192.168.0/24 IP then you should be able to get to the 192.168.0.120 address. Where your problem could be if there are multiple boxes all connected with the default idrac IP.. Now you would not know which one your talking to, other than by mac - do you know the mac addresses of the different boxes? if not when you try can connect to 192.168.0.120 you would arp and first one to answer would be the one you would connect too. You could always create a static arp entry on your computer your using to configure these devices to talk to a specific 1 if you know what its mac address is? You have to understand the difference between layer 2 and layer 3.. Which I know you have a problem with vlans are layer 2!!! On top of this WIRE you create you can run whatever layer 3 network you want. So just because the layer 3 that is suppose to be on this wire (vlan) is suppose to be 10.0.0/24 doesn't mean you can not talk to devices on the wire with a different layer 3 network.. Your connected to the same wire when your on the same vlan. You just have to set your device to be on the same layer 3 as the device on the same wire is on. Is this your question?? Or is the question on how to write the script? Can you change these idrac IP via cli? Like telnet or ssh to its IP? If so you connect your host to the same vlan, with say the 192.168.0.50 address (nothing else on this network can have that IP) then connect to some idrac that is on this same vlan with the wrong IP. Change its IP to be on the correct network, ie 10.0.0/24 in my example. Guess you could know what IP to change it to based on the mac your connecting too. I am making a lot of assumptions here to what your question is But to be honest the correct fix is to set the idrac to the correct ip and network before its even connected to anything. It should never be connected to a production network with its default IP. Am I close to what your asking? If not going to need more details of what your asking to do exactly?? Link to comment Share on other sites More sharing options...
BinaryData Posted December 13, 2016 Author Share Posted December 13, 2016 1 hour ago, DaveLegg said: So... What's the question? Haha. I submitted too soon. The question is, how would one go about setting up the network side, would you use a vlan to set the information? Link to comment Share on other sites More sharing options...
BinaryData Posted December 13, 2016 Author Share Posted December 13, 2016 1 hour ago, BudMan said: So I am confused.. That is the idracs default config? And you want to change it to what? I would assume all of your idracs are on some infrastructure vlan that all the idracs of all the different servers are on? How would you change that remotely if you can not get to it? So the idrac is connected to a switch, this switch port would be in a vlan. If the idracs info does not match the network of that vlan. Then there really is no way to get to it remotely.. These idracs should all be configured before they are connected to the network. If your saying this idrac is connected to a switch, and that switch port is in say vlan 100, as long as your on vlan 100 you could connect to the IP of the drac if you put yourself on that same layer 3 network from anywhere else on the network as long as your on the same layer 2 vlan. where you could have a problem is if there are multiple idracs on the same layer 2 vlan with that same default IP of 192.168.0.120/24 then your going to have issues.. So you have this for example You have a switching environment.. And your vlan that idracs are suppose to be connected to lets call it vlan 100, with the network is suppose to be 10.0.0/24 but some idiot connected this box idrac to the idrac network before configuring it. So its still got its default 192.168.0.120 address. now you want to get to that IP and change it? is this your question?? If that is your question as long as your connected to this same idrac vlan somewhere else on the network and you give yourself a 192.168.0/24 IP then you should be able to get to the 192.168.0.120 address. Where your problem could be if there are multiple boxes all connected with the default idrac IP.. Now you would not know which one your talking to, other than by mac - do you know the mac addresses of the different boxes? if not when you try can connect to 192.168.0.120 you would arp and first one to answer would be the one you would connect too. You could always create a static arp entry on your computer your using to configure these devices to talk to a specific 1 if you know what its mac address is? You have to understand the difference between layer 2 and layer 3.. Which I know you have a problem with vlans are layer 2!!! On top of this WIRE you create you can run whatever layer 3 network you want. So just because the layer 3 that is suppose to be on this wire (vlan) is suppose to be 10.0.0/24 doesn't mean you can not talk to devices on the wire with a different layer 3 network.. Your connected to the same wire when your on the same vlan. You just have to set your device to be on the same layer 3 as the device on the same wire is on. Is this your question?? Or is the question on how to write the script? Can you change these idrac IP via cli? Like telnet or ssh to its IP? If so you connect your host to the same vlan, with say the 192.168.0.50 address (nothing else on this network can have that IP) then connect to some idrac that is on this same vlan with the wrong IP. Change its IP to be on the correct network, ie 10.0.0/24 in my example. Guess you could know what IP to change it to based on the mac your connecting too. I am making a lot of assumptions here to what your question is But to be honest the correct fix is to set the idrac to the correct ip and network before its even connected to anything. It should never be connected to a production network with its default IP. Am I close to what your asking? If not going to need more details of what your asking to do exactly?? Well... What I'm hoping to do is; Use my laptop connected to vlan 100 (for instance) with the 192.168.0.1 - 253 range. I want to be able to run a script that has a csv file attached that has the new ip, subnet, and gw in it. The script will connect to the first server, doesn't matter which one, grab the serial number, compare it to the csv. IF it matches, it'll set the new ip 10.x.x.1 (For instance), 255.255.255.0, and 10.x.x.253 for GW. After that, it'll clear the ARP tables, and re-run the script until it runs out of matches. My question is; how can I get my laptop (Which has access to everything in the Data Halls), to talk to these servers which have no IPs set, other than the default. I've thought about using a VM with the ip scheme attached to it, unless I can use my current laptop IP to do all this work. I'm not sure how to go about doing this, network wise. So, I'm asking on clarification. We have Layer 3 switches connected to a variety of switches. I was hoping to have one vlan that I could set for these hosts, set the IPs, and then remove the 100 VLAN, and assign the production vlan to it, 101 for example. Is there a maximum number of vlans a Cisco switch can have? We have Network Extreme, Brocade, Dell, EMC, etc.. But primarily NE/Cisco are for our iDRAC / ESXi Management connections. Link to comment Share on other sites More sharing options...
sc302 Veteran Posted December 13, 2016 Veteran Share Posted December 13, 2016 drac will look for dhcp first then default the ip second (from memory). You are right to setup its own vlan for it and configure as needed...absolutely setup a reservation for it so you know and try to use friendly names/dns to help identify. Stokkolm 1 Share Link to comment Share on other sites More sharing options...
Stokkolm Posted December 13, 2016 Share Posted December 13, 2016 (edited) 29 minutes ago, sc302 said: drac will look for dhcp first then default the ip second (from memory). You are right to setup its own vlan for it and configure as needed...absolutely setup a reservation for it so you know and try to use friendly names/dns to help identify. What he said. All you need is a spreadsheet with the MAC addresses for the iDRAC's and you can setup DHCP reservations for them prior to connecting them to the network. Then you just connect them and they have the correct IP address (assuming the port you connect to is on the correct VLAN of course). Link to comment Share on other sites More sharing options...
BinaryData Posted December 14, 2016 Author Share Posted December 14, 2016 Spoke with our Senior Network Engineer, and he said it wouldn't work because we'd have to put that vlan on EVERY switch. We've got a lot of different test bed clusters that don't interconnect with our deployment server. However our one test bed cluster, it'd work on, and they already do that. They grab MACs and do reservations. Oh well, just trying to make my job easier and faster. Link to comment Share on other sites More sharing options...
sc302 Veteran Posted December 14, 2016 Veteran Share Posted December 14, 2016 Yea and? You script it you use a utility to do it. Lots of ways to hit every switch 1000s of them in a few seconds. Link to comment Share on other sites More sharing options...
+BudMan MVC Posted December 14, 2016 MVC Share Posted December 14, 2016 7 hours ago, BinaryData said: But primarily NE/Cisco are for our iDRAC / ESXi Management connections. Huh?? So these are already connected to your network?? But they are not using them? Then why connect them? I am with sc302, pretty sure these things would default to using dhcp, and then if fail use that IP vs APIPA (169.254) I just don't get what your trying to do exactly.. Either they are not deployed, or they are not setup.. Why would you deploy a server that has idrac with the idrac not used? Or if they are connected to a "deployment" network before they get put into production why would it not be connected to a vlan you could access and setup it via static? Why would you have to console in? Link to comment Share on other sites More sharing options...
Recommended Posts