IPMI / Redfish
IPMI and its modern successor Redfish run on the BMC's out-of-band management network — independent of the data plane. The animation shows a dashed sideband wire above an irrelevant in-band data wire. Distinctive trait: the OOB nature encoded in wire style, not chip color.
Animation
frame 0
Engineering pitfalls
BMC default credentials still in production
Many BMCs ship with `admin/admin` or `root/calvin`. Change them at first boot; never let a BMC reach a routable subnet with defaults.
IPMI v1.5 cipher 0 — auth bypass
IPMI 1.5 cipher 0 allows authentication-free remote access (CVE-2013-4783). Disable cipher 0 explicitly on every BMC.
Redfish API exposed to data-plane subnet
Redfish runs on HTTPS, but if the BMC interface is bridged to the production VLAN, every workload can poke at server power state. Use a dedicated mgmt VLAN.
References
Primary sources
- DMTF DSP0266 — Redfish Scalable Platforms Management API Specification.
- Intel — IPMI 2.0 Specification.
- DMTF DSP0270 — Redfish Host Interface Specification.