IPMI Basics

From Thomas-Krenn-Wiki
Jump to: navigation, search

In this article, we will describe the functional approach and various usage options for IPMI (Intelligent Platform Management Interface). IPMI is a series of specifications that provide standardized interfaces to the so-called “platform management” services. In this context, the term “Platform Management” refers to monitoring hardware (system temperatures, fans, power supplies and so forth), their control (booting and shutting down the server) and the documentation (logging) of “out-of-range” states. IPMI was developed by Intel, Hewlett Packard, NEC and Dell.

We have taken the following information from the comprehensive IPMI 2.0 specification.[1]

Primary IPMI Features

The primary IPMI features include:

  • Monitoring (supervision of the hardware)
  • Recovery Control (Recover/Restart the server)
  • Logging (protocol „out-of-range“ states for the hardware)
  • Inventory (list of hardware inventory)

IPMI provides these four functions independently from the server’s CPU, BIOS and operating system. The platform management features are also available when the server has been shutdown (as long as at least one server power supply has power).

IPMI is best used in combination with a system management package. IPMI is an interface specification related to the hardware level, which has been designed to be “management software neutral”.

IPMI Components

Among others, IPMI is composed of the following components:


(also compare: IPMI 2.0 specification [1], Section 1.7.3, Figure 1-2)

Baseboard Management Controller (BMC)

A micro-controller (BMC) is the heart of the IPMI architecture. The tasks of the BMC includes:

  • interfacing between the system management software and the hardware being used (through which the BMC has been connected using IPMB and ICMB)
  • monitoring independently
  • logging events independently
  • controlling recovery

Intelligent Platform Management Bus (IPMB)

IPMI allows for the extension of the BMC by additional Management Controllers (MCs) through the application of the IPMB standard.

IPMB is an I²C based serial bus, which makes connection with various boards inside of one chassis possible. It is used for communication to and between the management controllers (MCs). Additional MCs are often designated Satellite Controllers.

Intelligent Chassis Management Bus (ICMB)

ICMB provides a standardized interface for communication and control between chasses.

IPMI Memory Areas

IPMI stores information into the System Event Log (SEL), Sensor Data Record (SDR) Repository and the Field Replaceable Units (FRUs).

System Event Log (SEL)

The BMC contains a central, non-volatile System Event Log (SEL). Because this SEL is managed by the BMC, it can be accessed even after a CPU failure on the server, such as through IPMI LAN access for example.

A series of IPMI commands permits reading and deleting the SEL. Since the memory for the SEL is limited, it must be periodically checked and deleted, so that additional events can be documented. The following two articles provide additional information regarding this:

Sensor Data Record (SDR) Repository

Sensor Data Records are records that contain information about the type and number of sensors. A sensor data record therefore describes a specific sensor.

The sensor data records are stored in a central, non-volatile storage area, which is managed by the BMC. This storage area is called the Sensor Data Record Repository (SDR Repository).

You will find additional information about IPMI sensors in the IPMI Sensors in detail article.

Field Replaceable Unit (FRU) Information

IPMI supports the storage of Field Replaceable Unit (FRU) information for various modules in the system. The FRU data contains information like serial numbers, part numbers, models and inventory numbers (sometimes called “asset tags”).

Communication Interfaces

IPMI allows IPMI messaging through the following interfaces:

  • system interfaces (local access)
  • serial (or modem) interface (access through a serial port or a modem)
  • LAN interface
  • (ICMB and PCI Management Bus)

System Interfaces

IPMI defines several system interfaces for local access from the system software to the BMC. There are several interfaces for supporting the widest array of micro-+controllers. The system interfaces can be accessed through IO or memory-mapped access.

The IPMI system interfaces are:

  • keyboard controller style (KCS)
  • system management interface chip (SMIC)
  • block transfer (BT)
  • SMBus system interface (SSIF)

Serial/Modem Interface

The serial, or modem, interface specification defines how IPMI messages can be transmitted to and from the BMC through direct serial, or external modem, connections.

Three Connection Modes are supported for this:

  • basic mode
  • PPP mode
  • terminal mode

LAN Interface

The LAN interface specifications define how IPMI messages can be transmitted to and from the BMC in Remote Management Control Protocol (RMCP) UDP datagrams (UDP target port 623 for asf-rmcp) encapsulated. This functionality is also called “IPMI-over-LAN”. IPMI also defines LAN-specific configuration settings, somewhat like those for IP addresses.

RMCP originated from the Distributed Management Task Force (DMTF). This packet format is also used for the DMTF Alert Standard Forum (ASF) specification in addition to IPMI.

An additional packet format (RCMP+) has also been defined in IPMI 2.0. RMCP+ supports encrypted data transmission in addition to various extensions for authentication.


Payloads are a feature for transmitting yet more data through an RMCP+ IPMI session in addition to IPMI messages. One example for such additional type of data is serial-over-LAN (SOL).

Channel Model

IPMI uses a channel model for direct communications between a communication interface and the BMC. Thereby, each channel has its own properties and its own configuration:

  • a unique channel number
  • the type of communication interface (such as LAN interface)
  • users and passwords (Users are therefore not created for the entire BMC, but rather always individually for a channel. Thus, a user with the name admin can be assigned various passwords for various channels.)
  • individually supported authentication modes (such as MD5)
  • an individually configurable Channel Privilege Limit
  • IMPI messaging and alerting can be also be activated or deactivated individually for each channel

Channel Numbers

Each channel has an individualized channel number. Only the channel numbers for the primary IPMB (channel number 0) and the system interface (channel number 0x0F or 15) are pre-defined. The remaining channel numbers depend upon the respective implementations.

Channel Number Type and protocol Description
0 Primary IPMB Channel 0 has been reserved for communication with the primary IPMB.
1-11 (1-Bh) Specific to the implementation These channels can be used for various types of communications channels. The respectively available channels depend on the specific IPMI implementation for a specific server system. Often, Channel 1 is used as the LAN channel (some servers like the Intel SR2500 also have additional LAN channels).
12-13 (Ch-Dh) - Reserved.
14 (Eh) Current interface This interface is used for identifying the channel currently in use. A program can issue the IPMI Get Channel Info IPMI command on this channel in order to discover the channel through communication is currently being transmitted.
15 (Fh) System interface This channel is used for the system interface.


A channel may be session-based or session-less. In this, a session fulfils the following two purposes:

  • a session provides a framework for user authentication
  • a session makes processing of several IPMI messaging streams possible on a single channel

LAN and serial/modem channels are examples of session-based channels, while the system interface and IPMB channels are examples of session-less channels.

Channel Privilege Levels

Channels can be configured so that they can be used with a specific maximum privilege level. The various privilege levels are:

Privilege level Description
Callback This is the lowest privilege level. It permits the initiation of a callback.
User Only IPMI begin commands will be allowed. They are primarily commands for reading and requesting about status information (sensors). Other functions (like changes to the BMC configuration, writing data to the BMC, and executing reset, power-on and power-off procedures) are not possible here.
Operator All BMC commands are allowed except for those for changing the out-of-band interfaces. Deactivating channels or changing user access privileges are not possible at the operator privilege level.
Administrator All BMC commands are allowed.

Note: If a channel (such as a LAN channel) does offer the ability to make changes at the administrator privilege level in principle, individual users on that channel will still be given lesser privileges (User Privilege Limit). The LAN channel itself can therefore be configured with Administrator as the Channel Privilege Limit. Then for example, two users (one with Administrator as the User Privilege Limit and one with User as the User Privilege Limit) can be setup correspondingly.

Serial Over LAN (SOL)

Serial-over-LAN (SOL) indicates the redirection of data traffic to a based board’s (motherboard’s) serial port through an IPMI session. To an extent, this makes access to the BIOS interface possible (if serial redirection has been configured), as well as access to bootloaders like Grub or even to a Linux command console (if a serial console has been configured there).

SOL has been defined as a payload type in IPMI v2.0 (RMCP+).

You will find a specific example of how SOL can be configured and used in the IPMI Serial over LAN (SOL) article.

Changes to IPMI

The IPMI specification has been continuously expanded since version 1.0. The most important additions are listed here:

Changes in IPMI v1.5

The following changes are listed in Section 5.1 of the IPMI 2.0 specification[1]:

  • Serial/Modem Messaging and Alerting
  • Serial Port Sharing
  • Boot Options
  • LAN Messaging and Alerting
  • Extended BMC Messaging ‘Channel Model’
  • Additional Sensor and Event Types
  • Platform Event Filtering (PEF)
  • Alert Policies

Changes in IPMI v2.0

The following changes are listed in Section 1.6 of the IPMI 2.0 specification[1]:

  • Enhanced Authentication (addition for IPMI-over-IP: RMCP+)
  • VLAN Support
  • Serial Over LAN (SOL, has been defined as a custom payload type in the new payload feature of RMCP+.)
  • Payloads (RMCP+ makes transferring data other than IMPI messages possible through IPMI-over-IP sessions. This includes standardized payload types as specified for SOL or other OEM-specific “value-added” payload types.)
  • Encryption Support (IPMI messages and other payload types that can be transmitted by means of RMCP+ can be encrypted.)
  • Extended User Login Options
  • Firmware Firewall
  • SMBus System Interface (SSIF is a new option for the hardware interface, which allows local access to the BMC through the SMBus host controller. SSIF should help support lower-cost BMC implementations.)


  1. 1.0 1.1 1.2 1.3 IPMI v2.0 rev. 1.0 specification markup for IPMI v2.0/v1.5 errata revision 4

Additional Information

Foto Werner Fischer.jpg

Author: Werner Fischer

Werner Fischer, working in the Web Operations & Knowledge Transfer team at Thomas-Krenn, completed his studies of Computer and Media Security at FH Hagenberg in Austria. He is a regular speaker at many conferences like LinuxTag, OSMC, OSDC, LinuxCon, and author for various IT magazines. In his spare time he enjoys playing the piano and training for a good result at the annual Linz marathon relay.

Related articles

Overview of Software Utilities for IPMI
Supermicro Motherboards hide IPMI Sensors