Blade ICE BMD00098 Secure Management Network, Secure Shell SSH, Trunk Group Configuration Tips

BLADE OS 5.1 Release Notes

Secure Management Network

The following GbESM attributes are reserved to provide secure management access to and from the IBM management module:

Internal management—

￿MGT1 (port 15) and MGT2 (port 16)

￿VLAN 4095

￿IP interface 128

￿Gateway 4

￿STG 128

For more information about remotely managing the GbESM through the external ports, see “Accessing the Switch” in the BLADEOS 5.1 Application Guide.

Note – The external uplink ports (EXTx) cannot be members of management VLANs.

Secure Shell (SSH)

Because SSH key generation is CPU intensive, the GbESM attempts to avoid unnecessary key generation. The process generates three server keys:

1.One key is generated to replace the current server key, if used.

2.A second key is generated as a spare, in case the current server key is used and the specified interval expires.

3.A third key is generated for use at the next reboot.

Therefore, if you never login via SSH, you will only see two key generation events. You may see all three events directly following a reboot. If you want to witness the key generation after the specified interval has expired, then you must login via SSH at least once during each expiration interval.

Trunk Group Configuration Tips

Please be aware of the following information when you configure trunk groups:

￿Always configure trunk groups first on both ends, before you physically connect the links.

￿Configure all ports in a trunk group to the same speed (you cannot aggregate 1Gb ports with 10GBASE-SFP+ ports).