NachoTech: How to find all the iLO’s on your network

How to find all the iLO’s on your network

Mar.17, 2009 in Linux, System Administration, scripting

Have you ever forgotten an IP address for an iLO on your network? Do you ever wonder “What’s my iLO IP Address?” Maybe you’re using DHCP, and you’ve added a new server to your network, but you don’t know the IP address of its iLO (and you’re not using dynamic dns – so the iLO ‘toe-tag’ name can’t be used as an alias).

Here is a handy script I wrote to search a local network (using nmap) to find all the iLO’s (HP Integrated Lights-Out adapters). It gives you a list of all the iLO’s found, including their firmware version and server hardware type. It’s a good tool to use when a new iLO firmware version comes out and you need to know which servers need to be updated.This script is written for Linux, but it could be easily modified for other operating systems, as long as the requisite tools are available.

The script works to find all versions of iLO (version 1 and 2), but obviously the iLO’s must be connected to the Ethernet network. Also, this script relies on having Virtual Media enabled at the default tcp port number of 17988 — if this has been changed by the server administrator, then you can modify the script to find iLO’s using the other port number.

Prerequisites

As I mentioned before, you first need Linux to use this script. Then you’ll need tr, sed, expr, curl and nmap. The odd balls are curl and nmap – these may not be installed on your system by default.

findilos Script Source Code (download here: findilos.tar)

#!/bin/bash
#
# findilos - Search a local network segment for iLOs
#            The iLO is the Integrated Lights-Out management processor
#            used on HP ProLiant and BladeSystem servers
#
scriptversion="1.0"
#
# Author: iggy@nachotech.com
#
# Website: http://blog.nachotech.com
#
# Requires: tr sed expr curl nmap
#
# Tested with: Nmap 4.20, curl 7.17.1, RHEL4
#
# Note: Discovery of an iLO is dependent upon the Virtual Media port
#       being set to the default of 17988.  If this has been changed
#       by the iLO administrator, then this script will NOT find it.
#
#       Also, if the iLO XML Reply Data Return has been Disabled by
#       the iLO administrator, this script will not be able to
#       gather any information about the server.  It will still be
#       discovered, but all you will see is its IP address.
#
 
# GLOBAL VARIABLES
 
scriptname="findilos"
iloips="/tmp/tmpilos.$$"
iloxml="/tmp/tmpiloxml.$$"
ilohwvers="/tmp/tmpilohwvers.$$"
 
declare -i ilosfound=0
 
# FUNCTIONS
 
function parseiloxml {
  fgrep "$1" $iloxml > /dev/null 2>&1
  if [ $? -ne 0 ]
  then
    # tag not found in xml output, return empty string
    parsedstring="N/A"
  else
    # tag was found - now we parse it from the output
    tempstring=$( cat $iloxml | tr -d -c [:print:] | sed "s/^.*<$1>//" | sed "s/<.$1.*//")
    # trim off leading and trailing whitespace
    parsedstring=`expr match "$tempstring" '[ \t]*\(.*[^ \t]\)[ \t]*$'`
  fi
}
 
function is_installed {
  which $1 > /dev/null 2>&1
  if [ $? -ne 0 ]
  then
    printf "\nERROR: %s not installed.\n\n" $1
    exit 255
  fi
}
 
# MAIN
 
# check for tools that we depend upon
 
is_installed tr
is_installed sed
is_installed expr
is_installed curl
is_installed nmap
 
# check syntax - should have 1 and only 1 parameter on cmdline
 
if [ $# -ne 1 ]; then
  printf "%s %s ( http://blog.nachotech.com/ )\n" $scriptname $scriptversion
  printf "Usage: %s {target network specification}\n" $scriptname
  printf "TARGET NETWORK SPECIFICATION:\n"
  printf "  Can pass hostnames, IP addresses, networks, etc.\n"
  printf "  Ex: server1.company.com, company.com/24, 192.168.0.1/16, 10.0.0-255.1-254\n"
  printf "EXAMPLE:\n"
  printf "  %s 16.32.64.0/22\n" $scriptname
  exit 255
fi
 
iprange=$1
 
# prepare lookup file for iLO hardware versions
 
cat > $ilohwvers << EOF
iLO-1 shows hw version ASIC:  2
iLO-2 shows hw version ASIC:  7
i-iLO shows hw version T0
EOF
 
#
# scan a range of IP addresses looking for an
# open tcp port 17988 (the iLO virtual media port)
#
 
printf "Scanning..."
 
nmap -n -P0 -sS -p 17988 -oG - $iprange | fgrep /open/ | awk '{print $2}' > $iloips
 
printf "\n\n"
 
#
# open and read the list of IP addresses one at a time
#
 
exec 3< $iloips
 
echo "--------------- ------ -------- ------------ -------------------------"
echo "iLO IP Address  iLO HW iLO FW   Server S/N   Server Model"
echo "--------------- ------ -------- ------------ -------------------------"
 
while read iloip <&3 ; do
  ilosfound=$ilosfound+1
  #
  # attempt to read the xmldata from iLO, no password required
  #
  curl --proxy "" --fail --silent --max-time 3 http://$iloip/xmldata?item=All > $iloxml
 
  #
  # parse out the Server model (server product name)
  # from the XML output
  #
 
  parseiloxml SPN;  servermodel=$parsedstring
  parseiloxml SBSN; sernum=$parsedstring
  parseiloxml PN;   ilotype=$parsedstring
  parseiloxml FWRI; ilofirmware=$parsedstring
  parseiloxml HWRI; ilohardware=$parsedstring
 
  ilohwver=$(grep "$ilohardware" $ilohwvers|awk '{print $1}')
  if [ "$ilohwver" == "" ]; then
    ilohwver="N/A"
  fi
 
  if [ "$sernum" == "" ]; then
    sernum="N/A"
  fi
 
  printf "%-15s %-6s %-8s %-12s %s\n" $iloip "$ilohwver" "$ilofirmware" "$sernum" "$servermodel"
 
done
 
printf "\n%d iLOs found on network target %s.\n\n" $ilosfound $iprange
 
rm -f $iloips $iloxml $ilohwvers
 
exit 0

Running the findilos script

Here’s the easy part – running the script. The only command line parameter used is a specification of the network that you want to search. Use the same network specification format used by nmap — the script is just passing it through to nmap:

Example: running findilos on a local network

# findilos 10.10.11.0/24
Scanning...
 
--------------- ------ -------- ------------ -------------------------
iLO IP Address  iLO HW iLO FW   Server S/N   Server Model
--------------- ------ -------- ------------ -------------------------
10.10.11.1      iLO-2  1.29     UTR21402MP   ProLiant BL460c G1
10.10.11.6      iLO-2  1.70     2UY24106BX   ProLiant BL460c G1
10.10.11.8      iLO-2  1.70     2UY24106BT   ProLiant BL460c G1
10.10.11.9      iLO-2  1.70     2UY25201R5   ProLiant BL460c G1
10.10.11.13     iLO-2  1.60     2UY24106BJ   ProLiant BL460c G1
10.10.11.15     iLO-2  1.70     2UY25201RE   ProLiant BL460c G1
10.10.11.27     iLO-2  1.70     T01BPT917B   ProLiant BL460c G1
 
7 iLOs found on network target 10.10.11.0/24.

I am looking for feedback on the script. Please let me know if it works for you or if you have any suggestions on how to make it better.

Tags: blades, BladeSystem, iLO, Linux, script

12 Comments on “How to find all the iLO’s on your network”

tpcool
April 3rd, 2009 at 12:29 am
Hi,

You hit the nail. This is what I was exactly looking for, couple of months back. Right now I am not working on that task though.

I think the most unique feature of this script is to report not just the iLO IP, but also it’s server serial number and model of the server.

Couldn’t ask for more. This will definitely be a very helpful tool for server admins.

We had some concerns with usage of nmap in the product, especially when it goes to customer.

However, if you are the admin, and if iLOs are in a private network, which usually is, go for this script.

Thanks for the lovely script

-Tejo

iggy
April 3rd, 2009 at 12:49 am
Hi Tejo!

You are welcome, and thank you very much for the comment! Yes, it makes a lot of information available, and recently I found another source of ‘hidden’ information freely available from iLO and hopefully will get some extra time to extend this script.

Cheers,
Iggy

venkateshvr
April 20th, 2009 at 1:18 pm
Hi,

Could please some one can help us to get the iLO Card IP Address information using the VBScript for Windows 2003 server.

iggy
April 20th, 2009 at 2:17 pm
Hello Venkatesh.

Can you explain in a little more detail what you need? Do you want to use VBScript to scan your network for iLO’s like this script does? I suppose this script could be ported to Windows – which has curl and nmap available.

If you just have a single Windows server and you want to see iLo’s settings — then just install HP’s iLO driver and HPONCFG tools and query the settings that way.

Cheers,
Iggy

super1435
July 3rd, 2009 at 6:07 pm
Hi,

I am interested in performing same functionality on Windows server environment. i.e. finding all iLO’s on my network. does any one know how to do it?

Rufus
December 21st, 2009 at 10:39 am
HP has a Windows tool to find/update multiple iLO modules, but it doesn’t show as much info. It’s called the Lights-Out Migration Utility.

Bill
January 19th, 2010 at 5:33 pm
This looks great and will save me some time, but would it be possible to add the ilo name and serial number? I am currently try to match up servers with cabinet of licenses to see how many more we need to order to get compliant.

Thanks

sepeck
January 22nd, 2010 at 2:11 pm
A PowerShell based version can be found here
http://www.blkmtn.org/PowerShell-Find_iLO_on_a_subnet

Rod
February 27th, 2010 at 10:07 pm
Just want to say thank you, now I’ll see if I can spend sometime to use this to populate OCSinventory.

Adrián
March 5th, 2010 at 8:24 am
Very good script.

As you appear like a expertise on iLO, I will ask you a question, is it possible to use an iLO card to access another iLO card of other server?

I am looking for a good stonith system and iLO could be a good option, but no if I shold use a switch between servers

iggy
March 5th, 2010 at 9:15 am
It sounds like you’re asking if you can just plug two server’s iLO ports together with a single CAT5 cable.

I don’t think that the Ethernet Link will come up, and even if it did, that’s not going to be a useful configuration. The only way to control an iLO is either externally using a network connection to it, or with the iLO tools that can run on the server’s operating system. Also, there’s no way to pass along commands from one iLO to another.

I think the only way to use iLO for STONITH (Shoot The Other Node In The Head) is with an external switch of some kind. You know that HP makes a 5-port Ethernet Switch (Gigabit Ethernet IIRC) that is on a PCI card — perhaps you could install one of these inside one of the servers (so you don’t have to have a rackmount server of some type).

In that case, when one of the servers has to STONITH, then you can issue the commands using SSH to the other system’s iLO to force power off.

Kylie Batt
April 21st, 2010 at 3:28 pm
Бесподобная тема, мне очень нравится …

……

Enjoy our Nachos.

Welcome to NachoTech. Hopefully you will find something interesting and helpful here. Please browse and make comments on things you find useful. Everybody likes Nachos!

Best Articles
Categories
- BladeSystem
- iLO
- iPhone
- Linux
- Macintosh OS X
- Operations
- ProLiant
- scripting
- System Administration
- Telcel
- Uncategorized
- wordpress
Meta
- Register
- Log in
- Valid XHTML
- WordPress

Archives
Tag Cloud
3G Add new tag blades BladeSystem bug firewall hack health HP HP BladeSystem hp proliant iLO iPhone Linux script serial console shell stickies Telcel terminal wordpress
Help Animals

NachoTech Blog

Tech tidbits that have crunch!

How to find all the iLO’s on your network

12 Comments on “How to find all the iLO’s on your network”

Leave a Reply

Enjoy our Nachos.

Best Articles

Categories

Meta

Archives

Tag Cloud

Help Animals