IBM Hardware Management Console Instruction Manual
Power Systems
Installing and configuring the
Hardware Management Console
Power Systems
Installing and configuring the
Hardware Management Console
Note
Before using this information and the product it supports, read the information in “Safety notices” on page vii, “Notices”
on page 83, the IBM Systems Safety Notices manual, G229-9054, and the IBM Environmental Notices and User Guide, Z125–5823.
This edition applies to IBM Hardware Management Console Version 7 Release 7.7.0 Maintenance Level 0 and to all
subsequent releases and modifications until otherwise indicated in new editions.
© Copyright IBM Corporation 2013.
US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract
with IBM Corp.
Contents
Safety notices ................................vii
Installing and configuring the Hardware Management Console ............1
Installation and configuration tasks ............................1
Installing and configuring a new HMC with a new server ...................1
Updating and upgrading your HMC code ........................1
Migrating HMC Version 6 code to HMC Version 7 code ....................2
Adding a second HMC to an existing installation ......................2
HMC network connections .............................3
Types of HMC network connections .........................3
Private and open networks in the HMC environment...................5
HMC as a DHCP server ............................5
Deciding which connectivity method to use for the call-home server...............5
Using Internet SSL to connect to remote support .....................7
Choosing an Internet Protocol ...........................7
Internet SSL address lists .............................7
Using a virtual private network to connect to remote support .................8
VPN server address list..............................8
Using the telephone and modems to connect to remote support ................9
Using multiple call-home servers ..........................9
Choosing network settings on the HMC ..........................9
HMC network connections .............................10
Types of HMC network connections .........................10
Private and open networks in the HMC environment ..................11
HMC as a DHCP server ............................12
Deciding which connectivity method to use for the call-home server ..............12
Using Internet SSL to connect to remote support .....................13
Choosing an Internet Protocol ...........................14
Internet SSL address lists .............................14
Using a virtual private network to connect to remote support ................14
VPN server address list .............................15
Using the telephone and modems to connect to remote support ................15
Using multiple call-home servers ..........................16
Preparing for HMC configuration ............................16
Preinstallation configuration worksheet for the HMC .....................16
Setting up the HMC ................................23
Cabling your stand-alone HMC............................23
Installing the 7310-CR4 HMC into a rack ........................24
Completing a parts inventory ...........................25
Determining the location .............................26
Marking the location without using a rack-mounting template ...............27
Installing the slide rails into the rack .........................27
Installing the HMC on the slide rails .........................31
Installing the cable-management arm .........................33
Cabling your rack-mounted HMC ..........................34
Installing the 7042-CR5, 7042-CR6, and 7042-CR7 into a rack ..................35
Installing the monitor and keyboard ..........................41
Completing a parts inventory ...........................42
Marking the location without using a rack-mounting template ................43
Installing the monitor and keyboard into a rack .....................43
Installing the console switch (optional) ........................47
Configuring the HMC ................................49
Configuring the HMC by using the fast path through the Guided Setup wizard ...........49
Configuring the HMC by using the HMC menus ......................49
Starting the HMC ...............................50
© Copyright IBM Corp. 2013 iii
Changing the date and time ............................50
Configuring the HMC network types .........................50
Configuring HMC settings to use an open network to connect to the managed system .......51
Configuring HMC settings to use a private network to connect to the managed system .......51
Configuring HMC settings to use an open network to connect to logical partitions ........51
Configuring HMC settings to use an open network to connect to remote users ..........52
Configuring HMC call-home server settings .....................52
Identifying the Ethernet port defined as eth0 .....................53
Determining the interface name for an Ethernet adapter.................54
Setting the media speed ............................54
Selecting a private or open network ........................54
Configuring the HMC as a DHCP server ......................55
Setting the IPv4 address ............................55
Setting the IPv6 address ............................56
Using only IPv6 addresses ...........................56
Changing HMC firewall settings ..........................56
Enabling remote restricted shell access .......................57
Enabling remote web access ...........................57
Configuring a routing entry as the default gateway ....................57
Configuring domain name services .........................57
Configuring domain suffixes............................57
Configuring the HMC so that it uses LDAP remote authentication ...............58
Configuring the HMC so that it uses Key Distribution Center servers for Kerberos remote authentication . . 58
Configuring the HMC so that it can contact service and support ...............59
Configuring the HMC so that it can connect to service and support using the call-home setup wizard . . 59
Configuring the local console to report errors to service and support .............59
Choosing existing call-home servers to connect to service and support for this HMC ........62
Verifying that your connection to service and support is working ..............62
Authorizing users to view collected system data ....................63
Transmitting service information .........................63
Setting passwords for the managed system .......................63
Updating your server password .........................63
Updating your Advanced System Management (ASM) general password ............63
Resetting the Advanced System Management (ASM) administrator password ..........64
Testing the connection between the HMC and the managed system ..............64
Postconfiguration steps ...............................64
Backing up critical HMC data ............................64
Backing up the entire HMC hard disk drive to a remote system .................65
Updating, upgrading, and migrating your HMC machine code ..................66
Determining your HMC machine code version and release ..................66
Obtaining and applying machine code updates for the HMC with an Internet connection ........67
Step 1. Ensure that you have an Internet connection ....................67
Step 2. View the existing HMC machine code level ....................67
Step 3. View the available HMC machine code levels ...................67
Step 4. Apply the HMC machine code update ......................67
Step 5. Verify that the HMC machine code update installed successfully .............68
Obtaining and applying machine code updates for the HMC using DVD or an FTP server ........68
Step 1. View the existing HMC machine code level ....................68
Step 2. View the available HMC machine code levels ...................68
Step 3. Obtain the HMC machine code update......................68
Step 4. Apply the HMC machine code update ......................69
Step 5. Verify that the HMC machine code update installed successfully .............69
Upgrading your HMC software ...........................69
Step 1. Obtain the upgrade ............................70
Step 2. View the existing HMC machine code level ....................70
Step 3. Back up the managed system's profile data ....................70
Step 4. Back up HMC data ............................70
Step 5. Record the current HMC configuration information .................71
Step 6. Record remote command status ........................71
Step 7. Save upgrade data ............................71
Step 8. Upgrade the HMC software .........................72
iv Power Systems: Installing and configuring the Hardware Management Console
Step 9. Verify that the HMC machine code upgrade installed successfully ............72
Migrating the machine code on an HMC from Version 6 to Version 7 ...............73
Ensure you have met the minimum requirements.....................73
Step 1. Obtain the upgrade ............................73
Step 2. View the existing HMC machine code level ....................73
Step 3. Back up the managed system's profile data ....................73
Step 4. Back up critical console information.......................74
Step 5. Record the current HMC configuration information .................74
Step 6. Record remote command status ........................75
Step 7. Save upgrade data ............................75
Step 8. Upgrade the HMC software from Version 6 to Version 7 ................75
Step 9. Verify that the HMC machine code upgrade installed successfully ............76
Step 10. Obtain an update package .........................76
Step 11. Reschedule operations for this HMC ......................76
Upgrading HMC from remote location using network upgrade images ..............77
HMC port locations ................................77
Notices ...................................83
Trademarks ...................................84
Electronic emission notices ..............................84
Class A Notices .................................84
Class B Notices .................................88
Terms and conditions ................................91
Contents v
vi Power Systems: Installing and configuring the Hardware Management Console
Safety notices
Safety notices may be printed throughout this guide:
vDANGER notices call attention to a situation that is potentially lethal or extremely hazardous to
people.
vCAUTION notices call attention to a situation that is potentially hazardous to people because of some
existing condition.
vAttention notices call attention to the possibility of damage to a program, device, system, or data.
World Trade safety information
Several countries require the safety information contained in product publications to be presented in their
national languages. If this requirement applies to your country, safety information documentation is
included in the publications package (such as in printed documentation, on DVD, or as part of the
product) shipped with the product. The documentation contains the safety information in your national
language with references to the U.S. English source. Before using a U.S. English publication to install,
operate, or service this product, you must first become familiar with the related safety information
documentation. You should also refer to the safety information documentation any time you do not
clearly understand any safety information in the U.S. English publications.
Replacement or additional copies of safety information documentation can be obtained by calling the IBM
Hotline at 1-800-300-8751.
German safety information
Das Produkt ist nicht für den Einsatz an Bildschirmarbeitsplätzen im Sinne§2der
Bildschirmarbeitsverordnung geeignet.
Laser safety information
IBM®servers can use I/O cards or features that are fiber-optic based and that utilize lasers or LEDs.
Laser compliance
IBM servers may be installed inside or outside of an IT equipment rack.
© Copyright IBM Corp. 2013 vii
DANGER
When working on or around the system, observe the following precautions:
Electrical voltage and current from power, telephone, and communication cables are hazardous. To
avoid a shock hazard:
vConnect power to this unit only with the IBM provided power cord. Do not use the IBM
provided power cord for any other product.
vDo not open or service any power supply assembly.
vDo not connect or disconnect any cables or perform installation, maintenance, or reconfiguration
of this product during an electrical storm.
vThe product might be equipped with multiple power cords. To remove all hazardous voltages,
disconnect all power cords.
vConnect all power cords to a properly wired and grounded electrical outlet. Ensure that the outlet
supplies proper voltage and phase rotation according to the system rating plate.
vConnect any equipment that will be attached to this product to properly wired outlets.
vWhen possible, use one hand only to connect or disconnect signal cables.
vNever turn on any equipment when there is evidence of fire, water, or structural damage.
vDisconnect the attached power cords, telecommunications systems, networks, and modems before
you open the device covers, unless instructed otherwise in the installation and configuration
procedures.
vConnect and disconnect cables as described in the following procedures when installing, moving,
or opening covers on this product or attached devices.
To Disconnect:
1. Turn off everything (unless instructed otherwise).
2. Remove the power cords from the outlets.
3. Remove the signal cables from the connectors.
4. Remove all cables from the devices.
To Connect:
1. Turn off everything (unless instructed otherwise).
2. Attach all cables to the devices.
3. Attach the signal cables to the connectors.
4. Attach the power cords to the outlets.
5. Turn on the devices.
(D005)
DANGER
viii Power Systems: Installing and configuring the Hardware Management Console
Observe the following precautions when working on or around your IT rack system:
vHeavy equipment–personal injury or equipment damage might result if mishandled.
vAlways lower the leveling pads on the rack cabinet.
vAlways install stabilizer brackets on the rack cabinet.
vTo avoid hazardous conditions due to uneven mechanical loading, always install the heaviest
devices in the bottom of the rack cabinet. Always install servers and optional devices starting
from the bottom of the rack cabinet.
vRack-mounted devices are not to be used as shelves or work spaces. Do not place objects on top
of rack-mounted devices.
vEach rack cabinet might have more than one power cord. Be sure to disconnect all power cords in
the rack cabinet when directed to disconnect power during servicing.
vConnect all devices installed in a rack cabinet to power devices installed in the same rack
cabinet. Do not plug a power cord from a device installed in one rack cabinet into a power
device installed in a different rack cabinet.
vAn electrical outlet that is not correctly wired could place hazardous voltage on the metal parts of
the system or the devices that attach to the system. It is the responsibility of the customer to
ensure that the outlet is correctly wired and grounded to prevent an electrical shock.
CAUTION
vDo not install a unit in a rack where the internal rack ambient temperatures will exceed the
manufacturer's recommended ambient temperature for all your rack-mounted devices.
vDo not install a unit in a rack where the air flow is compromised. Ensure that air flow is not
blocked or reduced on any side, front, or back of a unit used for air flow through the unit.
vConsideration should be given to the connection of the equipment to the supply circuit so that
overloading of the circuits does not compromise the supply wiring or overcurrent protection. To
provide the correct power connection to a rack, refer to the rating labels located on the
equipment in the rack to determine the total power requirement of the supply circuit.
v(For sliding drawers.) Do not pull out or install any drawer or feature if the rack stabilizer brackets
are not attached to the rack. Do not pull out more than one drawer at a time. The rack might
become unstable if you pull out more than one drawer at a time.
v(For fixed drawers.) This drawer is a fixed drawer and must not be moved for servicing unless
specified by the manufacturer. Attempting to move the drawer partially or completely out of the
rack might cause the rack to become unstable or cause the drawer to fall out of the rack.
(R001)
Safety notices ix
CAUTION:
Removing components from the upper positions in the rack cabinet improves rack stability during
relocation. Follow these general guidelines whenever you relocate a populated rack cabinet within a
room or building:
vReduce the weight of the rack cabinet by removing equipment starting at the top of the rack
cabinet. When possible, restore the rack cabinet to the configuration of the rack cabinet as you
received it. If this configuration is not known, you must observe the following precautions:
– Remove all devices in the 32U position and above.
– Ensure that the heaviest devices are installed in the bottom of the rack cabinet.
– Ensure that there are no empty U-levels between devices installed in the rack cabinet below the
32U level.
vIf the rack cabinet you are relocating is part of a suite of rack cabinets, detach the rack cabinet from
the suite.
vInspect the route that you plan to take to eliminate potential hazards.
vVerify that the route that you choose can support the weight of the loaded rack cabinet. Refer to the
documentation that comes with your rack cabinet for the weight of a loaded rack cabinet.
vVerify that all door openings are at least 760 x 230 mm (30 x 80 in.).
vEnsure that all devices, shelves, drawers, doors, and cables are secure.
vEnsure that the four leveling pads are raised to their highest position.
vEnsure that there is no stabilizer bracket installed on the rack cabinet during movement.
vDo not use a ramp inclined at more than 10 degrees.
vWhen the rack cabinet is in the new location, complete the following steps:
– Lower the four leveling pads.
– Install stabilizer brackets on the rack cabinet.
– If you removed any devices from the rack cabinet, repopulate the rack cabinet from the lowest
position to the highest position.
vIf a long-distance relocation is required, restore the rack cabinet to the configuration of the rack
cabinet as you received it. Pack the rack cabinet in the original packaging material, or equivalent.
Also lower the leveling pads to raise the casters off of the pallet and bolt the rack cabinet to the
pallet.
(R002)
(L001)
(L002)
xPower Systems: Installing and configuring the Hardware Management Console
(L003)
or
All lasers are certified in the U.S. to conform to the requirements of DHHS 21 CFR Subchapter J for class
1 laser products. Outside the U.S., they are certified to be in compliance with IEC 60825 as a class 1 laser
product. Consult the label on each part for laser certification numbers and approval information.
CAUTION:
This product might contain one or more of the following devices: CD-ROM drive, DVD-ROM drive,
DVD-RAM drive, or laser module, which are Class 1 laser products. Note the following information:
vDo not remove the covers. Removing the covers of the laser product could result in exposure to
hazardous laser radiation. There are no serviceable parts inside the device.
vUse of the controls or adjustments or performance of procedures other than those specified herein
might result in hazardous radiation exposure.
(C026)
Safety notices xi
CAUTION:
Data processing environments can contain equipment transmitting on system links with laser modules
that operate at greater than Class 1 power levels. For this reason, never look into the end of an optical
fiber cable or open receptacle. (C027)
CAUTION:
This product contains a Class 1M laser. Do not view directly with optical instruments. (C028)
CAUTION:
Some laser products contain an embedded Class 3A or Class 3B laser diode. Note the following
information: laser radiation when open. Do not stare into the beam, do not view directly with optical
instruments, and avoid direct exposure to the beam. (C030)
CAUTION:
The battery contains lithium. To avoid possible explosion, do not burn or charge the battery.
Do Not:
v___ Throw or immerse into water
v___ Heat to more than 100°C (212°F)
v___ Repair or disassemble
Exchange only with the IBM-approved part. Recycle or discard the battery as instructed by local
regulations. In the United States, IBM has a process for the collection of this battery. For information,
call 1-800-426-4333. Have the IBM part number for the battery unit available when you call. (C003)
Power and cabling information for NEBS (Network Equipment-Building System)
GR-1089-CORE
The following comments apply to the IBM servers that have been designated as conforming to NEBS
(Network Equipment-Building System) GR-1089-CORE:
The equipment is suitable for installation in the following:
vNetwork telecommunications facilities
vLocations where the NEC (National Electrical Code) applies
The intrabuilding ports of this equipment are suitable for connection to intrabuilding or unexposed
wiring or cabling only. The intrabuilding ports of this equipment must not be metallically connected to the
interfaces that connect to the OSP (outside plant) or its wiring. These interfaces are designed for use as
intrabuilding interfaces only (Type 2 or Type 4 ports as described in GR-1089-CORE) and require isolation
from the exposed OSP cabling. The addition of primary protectors is not sufficient protection to connect
these interfaces metallically to OSP wiring.
Note: All Ethernet cables must be shielded and grounded at both ends.
The ac-powered system does not require the use of an external surge protection device (SPD).
The dc-powered system employs an isolated DC return (DC-I) design. The DC battery return terminal
shall not be connected to the chassis or frame ground.
xii Power Systems: Installing and configuring the Hardware Management Console
Installing and configuring the Hardware Management Console
Describes how to install the HMC hardware, connect it to your managed system, and configure it for use.
You can perform these tasks yourself, or contact a service provider to perform these tasks for you. You
might be charged a fee by the service provider for this service.
Installation and configuration tasks
Learn about the tasks associated with different HMC installation and configuration tasks.
This section describes, at a high level, the tasks you must perform when you install and configure your
HMC. There are different ways you can install and configure your HMC. Find the situation that best
matches the task you want to perform.
Note: If you are managing POWER7®processor-based servers, the HMC must be at Version 7.7.2 or later.
For more information, see “Determining your HMC machine code version and release” on page 66.
Installing and configuring a new HMC with a new server
Learn more about the high-level tasks you must perform when installing and configuring a new HMC
with a new server.
Table 1. Tasks you need to perform when installing and configuring a new HMC with a new server
Task Where to find related information
1. Gather information and complete the Preinstallation
Configuration Worksheet.
“Preinstallation configuration worksheet for the HMC”
on page 16
“Preparing for HMC configuration” on page 16
2. Unpack the hardware.
3. Cable the HMC hardware. “Cabling your stand-alone HMC” on page 23
“Cabling your rack-mounted HMC” on page 34
4. Power on the HMC by pressing the power button.
5. Log in and launch the HMC web application.
6. Access the Guided setup wizard or use the HMC
menus to configure the HMC.
“Configuring the HMC by using the fast path through
the Guided Setup wizard” on page 49
“Configuring the HMC by using the HMC menus” on
page 49
7. Attach the server to the HMC.
Updating and upgrading your HMC code
Learn more about the high-level tasks you must perform when you update and upgrade your HMC code.
If you have an existing HMC and want to update or upgrade your HMC code, you must complete the
following high-level tasks:
© Copyright IBM Corp. 2013 1
Table 2. Tasks you need to perform when updating or upgrading HMC code
Task Where to find related information
1. Obtain the upgrade. “Upgrading your HMC software” on page 69
2. View the existing HMC machine code level.
3. Back up the managed system’s profile data.
4. Back up HMC data.
5. Record the current HMC configuration information.
6. Record remote command status.
7. Save upgrade data.
8. Upgrade the HMC software.
9. Verify that the HMC machine code upgrade installed
successfully
Migrating HMC Version 6 code to HMC Version 7 code
Learn more about the high-level tasks you must perform when you migrate from an HMC Version 6 to
an HMC Version 7.
If you have an existing HMC and want to migrate from Version 6 to Version 7, you must complete the
following high-level tasks:
Table 3. Tasks you need to perform when migrating an HMC Version 6 to an HMC Version 7
Task Where to find related information
1. Ensure your HMC hardware supports HMC Version 7
code.
2. Ensure that your HMC code level is 6.12 or higher. If
not, you must upgrade your existing HMC code.
“Determining your HMC machine code version and
release” on page 66
“Upgrading your HMC software” on page 69
3. Upgrade your HMC to Version 7. “Upgrading your HMC software” on page 69
4. Optional: upgrade your managed system's firmware
level to the highest available level.
2
5. If you have a second HMC, perform steps 1-4 for that
HMC.
Adding a second HMC to an existing installation
Learn more about the high-level tasks you must perform when adding a second HMC to your managed
system.
If you have an existing HMC and managed system and want to add a second HMC to this configuration,
do the following:
Table 4. Tasks you need to perform when adding a second HMC to an existing installation
Task Where to find related information
1. Ensure your HMC hardware supports HMC Version 7
code.
2. Gather information and complete the Preinstallation
Configuration Worksheet.
“Preinstallation configuration worksheet for the HMC”
on page 16
3. Unpack the hardware.
2Power Systems: Installing and configuring the Hardware Management Console
Table 4. Tasks you need to perform when adding a second HMC to an existing installation (continued)
Task Where to find related information
4. Cable the HMC hardware. “Cabling your stand-alone HMC” on page 23
“Cabling your rack-mounted HMC” on page 34
5. Power on the HMC by pressing the power button.
6. Log in to the HMC.
7. The HMC code levels must match. Change the code
on one of the HMCs to match the code on the other.
“Determining your HMC machine code version and
release” on page 66
“Upgrading your HMC software” on page 69
8. Access the Guided setup wizard or use the HMC
menus to configure the HMC.
“Configuring the HMC by using the HMC menus” on
page 49
9. Configure this HMC for service using the Call-Home
Setup Wizard.
“Configuring the HMC so that it can contact service and
support” on page 59
10. Attach the server to the HMC.
HMC network connections
You can use different types of network connections to connect your HMC to managed systems. For more
information about how to configure the HMC to connect to a network, see “Configuring the HMC” on
page 49. For more information about using the HMC on a network, see the following:
Types of HMC network connections
Learn how to use the HMC remote management and service functions using your network.
The HMC supports the following types of logical communications:
HMC to managed system
Used to perform most of the hardware management functions, in which HMC issues control
function requests through the service processor of the managed system. The connection between
the HMC and the service processor is sometimes referred to as the service network. This
connection is required for managed system management.
HMC to logical partition
Used to collect platform-related information (hardware error events, hardware inventory) from
the operating systems running in the logical partitions, as well as to coordinate certain platform
activities (dynamic LPAR, concurrent repair) with those operating systems. If you want to use
service and error notification features, you must create this connection.
HMC to remote users
Provides remote users with access to HMC functions. Remote users can access the HMC in the
following ways:
vBy using Secure Socket Shell (SSH) to access the HMC command line functions remotely
HMC to service and support
Used to transmit data, such as hardware error reports, inventory data, and microcode updates, to
and from your service provider. You can use this communications path to make automatic service
calls.
Your HMC can support up to four separate physical Ethernet interfaces, depending on the model. The
stand-alone version of the HMC supports only three HMC interfaces, using one integrated Ethernet
adapter and up to two plug-in adapters. Use each of these interfaces in the following ways:
Installing and configuring the Hardware Management Console 3
vEven though the network interfaces into the service processors are encrypted for the Secure Sockets
Layer (SSL) Protocol and password-protected, having a separate dedicated network can provide a
higher level of security for these interfaces.
vAn open network interface would typically be used for the network connection between the HMC and
the logical partitions on the managed systems, for the HMC-to-logical partition communications. You
can also use this open network interface to manage the HMC remotely.
vOptionally, you can use a third interface to connect to logical partitions and manage the HMC
remotely. This interface can also be used as a separate HMC connection to different groups of logical
partitions. For example, you might want to have an administrative LAN that is separate from the LAN
on which all the usual business transactions are running. Remote administrators could access HMCs
and other managed units using this method. Sometimes the logical partitions are in different network
security domains, perhaps behind a firewall, and you might want to have different HMC network
connections into each of those two domains.
Web browser requirements for HMC
The Hardware Management Console (HMC) is supported by Microsoft Internet Explorer (IE) version 6.0
and 7.0, Firefox version 1.5.0.7 and 2.0.
If your browser is configured to use an Internet proxy, a local IP addresses should be included in the
exception list. Consult your network administrator for more information on the exception list. If you still
need to use the proxy to get to the HMC, enable Use HTTP 1.1 through proxy connections under the
Advanced tab in your Internet Options window.
Note: For Firefox version 2.0, ensure that you enable the JavaScript options to raise or lower windows
and move or resize existing windows. This feature allows you to switch easily between HMC tasks.
Perform the steps to enable the Javascript options:
1. Select Tools and Click Options
2. Select Content and Click Advanced
3. Select Move or resize existing windows and Raise or lower windows
4. Click OK
Session cookies need to be enabled in order for ASMI to work when connected to HMC remotely. The
asm proxy code saves session information and uses it. Follow the steps to enable the session cookies.
Enabling session cookies in Internet Explorer.
1. Select Tools and Click Internet Options
2. Select Privacy and Click Advanced
3. Ensure that the Always allow session cookies is checked. If not, select the Override automatic cookie
handling and select Always allow session cookies.
4. Select Prompt under First-party Cookies and Third-party Cookies
5. Click OK.
Enabling session cookies in Firefox.
1. Select Tools and click Options
2. Click Cookies
3. Select Allow sites to set cookies.
4. Select Exceptions and add HMC.
5. Click OK.
4Power Systems: Installing and configuring the Hardware Management Console
Private and open networks in the HMC environment:
The HMC can be configured to use open and private networks. Private networks allow the use of a
selected range of nonroutable IP-addresses. A public, or "open" network describes a network connection
between the HMC to any logical partitions and to other systems on your regular network.
Private networks
The only devices on the HMC private network are the HMC itself and each of the managed systems to
which that HMC is connected. The HMC is connected to each managed system's FSP (Flexible Service
Processor).
On most systems, the FSP provides two Ethernet ports labeled HMC1 and HMC2. This allows you to
connect up to two HMCs.
Some systems have a dual-FSP option. In this situation, the second FSP acts as a "redundant" backup. The
basic setup requirements for a system with two FSPs are essentially the same as those without a second
FSP. The HMC must be connected to each FSP, so additional network hardware is required (for example,
a LAN switch or hub) when there is more than one FSP or there are multiple managed systems.
Note: Each FSP port on the managed system must be connected to only one HMC.
Public networks
The open network can be connected to a firewall or router for connecting to the Internet. Connecting to
the Internet allows the HMC to "call home" when there are any hardware errors that need to be reported.
The HMC itself provides its own firewall on each of its network interfaces. A basic firewall is
automatically configured when you run the HMC Guided Setup wizard, but you customize your firewall
settings after the initial HMC installation and configuration.
HMC as a DHCP server:
You can use the HMC as a Dynamic Host Configuration Protocol (DHCP) server.
Note: If you are using IPv6, the discovery process must be done manually. For IPv6, there is no
automatic discovery.
Deciding which connectivity method to use for the call-home server
Learn more about the connectivity options you have when you use the call-home server.
You can configure the HMC to send hardware service related information to IBM by using a LAN-based
Internet connection, or a dial-up connection over a modem.
You have two communication choices when configuring the LAN based Internet connection. The first
choice is to use standard Secure Sockets Layer (SSL). The SSL communication can be enabled to connect
to the Internet through your proxy server. SSL connectivity is more likely to be compliant with corporate
security guidelines. Your second option is to use a VPN connection.
Note: If your open network interface connection uses only Internet Protocol Version 6 (IPv6), you cannot
use Internet VPN to connect to support. For more information about the Protocols used, see “Choosing
an Internet Protocol” on page 7.
The advantages to using an Internet connection can include:
vSignificantly faster transmission speed
vReduced customer expense (for example, the cost of a dedicated analog telephone line)
Installing and configuring the Hardware Management Console 5
vGreater reliability
The following security characteristics are in effect, regardless of the connectivity method chosen:
vRemote Support Facility requests are always initiated from the HMC to IBM. An inbound connection is
never initiated from the IBM Service Support System.
vAll data transferred between the HMC and the IBM Service Support System are encrypted using a
high-grade encryption. Depending upon the connectivity method chosen, it is encrypted using either
SSL or IPSec Encapsulating Security Payload (ESP).
vWhen initializing the encrypted connection the HMC authenticates the target destination as that of the
IBM Service Support System.
Data sent to the IBM Service Support System consists solely of information about hardware problems and
configuration. No application or customer data is transmitted to IBM.
Using an indirect Internet connection with a proxy server
If your installation requires the HMC to be on a private network, you may be able to connect indirectly
to the Internet using an SSL proxy, which can forward requests to the Internet. One of the other potential
advantages of using an SSL proxy is that the proxy may support logging and audit facilities.
To forward SSL sockets, the proxy server must support the basic proxy header functions (as described in
RFC 2616) and the CONNECT method. Optionally, basic proxy authentication (RFC 2617) may be
configured so that the HMC authenticates before attempting to forward sockets through the proxy server.
For the HMC to communicate successfully, the client's proxy server must allow connections to port 443.
You can configure your proxy server to limit the specific IP addresses to which the HMC can connect. See
“Internet SSL address lists” on page 7 for a list of IP addresses.
Using a direct Internet SSL connection
If your HMC can be connected to the Internet, and the external firewall can be set up to allow established
TCP packets to flow outbound to the destinations described in “Internet SSL address lists” on page 7, you
can use a direct Internet connection.
6Power Systems: Installing and configuring the Hardware Management Console
Table of contents
Other IBM Music Mixer manuals
