Network - BMC as a Router

vNIC	virtual NIC over USB created by BMC FW, says AMI MegaRAC
<==>	ip forward and iptables

BMC Setup

Basic Configuration

nicip() { i=`ip a s dev $1 | grep "inet "`; i=${i/*inet }; echo ${i%% *}; }
bwan=eth0 # bmc wan to network
blan=usb0 # bmc lan to host
bwanip=`nicip $bwan` # bmc wan ip/prefix
blanip=`nicip $blan` # bmc lan ip/prefix
hosti=`{ i=${blanip%/*}; [ ${i##*.} = 1 ] && j=2 || j=1; echo ${i%.*}.$j; }` # referred host ip

Routing Option - Simple, implicit rules (ephemeral ports) unsupported

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o $bwan -j MASQUERADE

Routing Option - Full, works for tftp

bwani0=<ip in same $bwanip domain> # 2nd bmc wan ip, assigned manually
echo 1 > /proc/sys/net/ipv4/ip_forward
ip a a $bwani0/${bwanip#*/} dev $bwan
iptables -t nat -A POSTROUTING -j SNAT -s $hosti --to $bwani0
iptables -t nat -A PREROUTING -j DNAT -d $bwani0 --to $hosti

# optional domain check

ipa2d() { i=${1%/*} n=; for j in 24 16 8 0; do n=$((n+${i%%.*}*2**j)); i=${i#*.}; done; echo $n; }
msk2d() { echo $((2**32-2**(32-${1#*/}))); }
dom2d() { echo $((`ipa2d $1` & `msk2d $1`)); }
[ `dom2d $bwanip` = `dom2d $bwani0/${bwanip#*/}` ] || echo different domain

# optional function to convert prefix to address

prefix2addr() {
 n=${1#*/} s=
 for i in 0 1 2 3; do d=8; [ $n -lt 8 ] && d=$n; s=$s$((256-2**(8-d))).; n=$((n-d)); done
 echo ${s%.}
}
prefix2addr $blanip

Host Setup

Generic Configuration (values are environment and requirement dependent)

name	value	notes
nic	eth0	NIC name in UEFI, could be different in OS
ip	169.254.0.1	host IP address, refer to $hosti in BMC
prefix	16	host subnet mask in prefix notation, refer to ${blanip#*/}in BMC
netmask	255.255.0.0	host subnet mask in address notation, refer to prefix2addr $blanip
gateway	169.254.0.17	host gateway address, refer to ${blanip%/*} in BMC
dns	8.8.8.8	Google DNS

U-Boot

setenv ethact eth0
setenv ipaddr 169.254.0.1
setenv gatewapip 169.254.0.17
setenv netmask 255.255.0.0
setenv dnsip 8.8.8.8

UEFI Shell

ifconfig -s eth0 static 169.254.0.1 255.255.0.0 169.254.0.17 dns 8.8.8.8

UEFI Grub2 (requires cdc_ether supported)

net_add_dns 8.8.8.8
net_add_route default 0.0.0.0/0 gw 169.254.0.17
net_add_addr eth0 efinet0 169.254.0.1

Linux based OS

nic=`ls /sys/bus/usb/drivers/cdc_ether/*/net` # host nic to bmc

: ' # may be required in Redhat based distros
sudo nmcli con down $nic >&/dev/null # get rid of NetworkManager control
sudo systemctl stop NetworkManager
sudo systemctl stop firewalld # get rid of firewall control
'
sudo ip addr add 169.254.0.1/16 dev $nic
sudo ip link set $nic up
sudo ip route add default via 169.254.0.17
sudo sh -c "echo nameserver 8.8.8.8 >> /etc/resolv.conf"

---