Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManageriDRAC Service Module 4.x
41424344454647484950
IPv6 communication between iSM and iDRAC over
OS-BMC Passthru
Starting iSM 3.4, iSM supports both IPv4 and IPv6 modes of communication. Once you install iSM, iSM service attempts to
connect to iDRAC using IPv4 link-local address. If there is no IP address on the Host USBNIC interface, iSM tries to configure
IPv4 address on the Host side. This USBNIC interface configuration on the Host OS from iSM is done only once. iSM remains
disconnected from iDRAC if there is any subsequent scenario of incomplete configuration of USBNIC on the Host OS. In case
the connection fails even after configuring IPv4 address, iSM tries to connect to iDRAC using IPv6.
NOTE: This feature is supported only on Linux operating systems.
NOTE: If IPv6 network stack is disabled on the Host OS, then iSM retries to communicate with iDRAC using IPv4.
If either of the protocols are disabled, then iSM will not try to connect to iDRAC using the disabled protocol.
NOTE: If the iDRAC firmware version does not support IPv6 on USBNIC, the connection between iSM and iDRAC is
established using IPv4.
Respective audit messages are logged by iSM indicating the protocol version using which iSM connected with iDRAC.
NOTE: When iDRAC USBNIC is already configured with only IPv6 address on the Host OS and then iSM is installed on the
Host, then iSM communication with iDRAC will start using IPv4 protocol.
Unsupported features with IPv6 protocol
The features that are not supported when iSM is configured with IPv6 protocol and IPv4 configuration is not available on the
USBNIC interface are:
InBand iDRAC Access
InBand SNMP Get
idrac.local and drac.local
Auto-update of iSM
Enhanced security between iSM and iDRAC
communication using TLS protocol
Starting iSM 3.4, the data communication between iSM and iDRAC happens through TLS protected USBNIC INET sockets. This
ensures protection of all the data that transports from iDRAC to iSM over USBNIC. iSM and iDRAC use self-signed certificates
to control Authentication. The self-signed certificates have 10 years of validity. Fresh self-signed certificates are generated
while installing iSM every time. Reinstall or upgrade iSM if the certificates expire.
NOTE:
iSM reinstall (repair) does not work on Linux operating systems. It is mandatory to uninstall and then install iSM on
Linux operating systems.
NOTE: When iSM's TLS (client) certificate expires, then communication between iSM and iDRAC fails and an OS audit log
is generated indicating the same. This requires you to reinstall iSM on the Host OS.
Both iDRAC and the Host TLS versions should be 1.1 or above. Communication between iSM and iDRAC fails if the TLS protocol
version negotiation fails. If iSM with TLS capability is installed on an iDRAC firmware which does not support TLS
communication over USBNIC, it will work with the non-TLS channel as in the older versions of iSM.
NOTE:
If iSM is installed or upgraded to version 3.4.0 or later before iDRAC is upgraded to version 3.30.30.30 or later, then
iSM should be uninstalled and re-installed to establish new TLS certificate.
NOTE: iSM with TLS capability is supported on iDRAC firmware versions 3.30.30.30 and above.
NOTE: iSM without TLS capability does not function on a TLS-capable version of iDRAC firmware. For example: iSM 3.3 or
older which are not TLS-capable is not supported on iDRAC firmware 3.30.30.30 and later.
NOTE: If iSM 3.3.0 is installed on iDRAC 3.30.30.30 firmware, multiple events with ISM0050 are observed in LCLog.
iDRAC Service Module monitoring features 41