[Solved] How can I provide a different DHCP CIDR for IPMI and server?


#1

I’d like to assign IPMI ip from internal network ips and assign public ip to server’s nic when commision/deploy, how can I achieve that?


#2

MAAS should already support this today, assuming your IPMI network and your public network are on separate networks or VLANs.

The only issue you might encounter is the need to set which interface to use as the default gateway on the deployed machine, in case it’s ambiguous. (If your management network doesn’t have a default gateway, it should “just work”.) To do that, you can use the set_default_gateway API (you’ll have to search for it on that page, as I can’t link to it directly).

As an aside, we’re looking at a way to solve this in MAAS 2.6+ by using source-specific routing, so that only traffic sourced from the management interface will use its gateway. But this solution may not be able to support images less recent than Ubuntu 18.04 “bionic”.


#3

Thank you.
currently I have IPMI and public work in the same vlan, use shared port
In such case, I guess there is no way to distinguish between them?


#4

Often there is a BIOS setting that allows you to assign a 802.1q VID (VLAN ID) in order to separate your management plane from your data plane. This usually allows for better network security, since you can apply access control at the VLAN level if necessary. I suppose if it’s a shared port, that diminishes the benefit. (unless you can route all the traffic from the management VLAN to the management card) But since DHCP is a broadcast-based discovery protocol, having two VLANs configured would allow you to run DHCP on both VLANs (with MAAS, too, if you want) without any headaches.

You could potentially also support this scenario by pre-adding each BMC MAC as a device, so that it would get a proper static IP on the management network. In MAAS you would then enable DHCP on the VLAN, assign both subnets to the VLAN, but not configure any dynamic ranges on the BMC subnet. I haven’t tested this, so if you try it, let us know how it goes!


#5

I did a little test, static config works for us, but it’s a hassle to provision BMC by hand and manually add node to maas.

To simplify the process, we decide to assign internal ip cidr only, and configure public ip by hand when deploy.