{
    "mode": "man",
    "parameter": "ipmi_lan",
    "section": "5",
    "url": "https://www.chedong.com/phpMan.php/man/ipmi_lan/5/json",
    "generated": "2026-05-30T07:08:18Z",
    "synopsis": "",
    "sections": {
        "NAME": {
            "content": "ipmi/lan.conf - IPMI LAN Interface config file\n\n",
            "subsections": []
        },
        "SYNOPSIS": {
            "content": "",
            "subsections": [
                {
                    "name": "/etc/ipmi/lan.conf",
                    "content": ""
                }
            ]
        },
        "DESCRIPTION": {
            "content": "The ipmisim and ipmilan commands are configured using this configuration file.\n\n",
            "subsections": []
        },
        "CONFIGURATION ITEMS": {
            "content": "The following fields are used in many commands:\n\nboolean May be \"true\", \"false\", \"on\" or \"off\".\n\npriv An IPMI privilege level.  This may be \"callback\", \"user\", \"operator\", or \"admin\".\n\nauth  An  IPMI  authorization type.  This may be \"none\" for no authentication, \"straight\" for\nstraight, in-the-clear password authentication, \"md2\" for use MD2 message digest  authentica‐\ntion, or \"md5\" for using MD5 message digest authentication.\n\n",
            "subsections": []
        },
        "FILE STRUCTURE": {
            "content": "Blank lines and lines starting with `#' are ignored.\n\n\nThe following commands are allowed the configuration file:\n\n\nname \"name\"\nSet a name for the BMC.  This will control other things, like the default value of the\nipmisim startup command file and the place where persistent data is stored.\n\n\nuser usernum enabled username password max-priv max-session\nusernum specifies the user number for the user.  Note that user number 0  is  invalid,\nand  user  number  1 is the special \"anonymous\" user, whose username is ignored.  This\nvalue may be up to 63, the maximum possible IPMI user.  If you want anonymous  access,\nyou must have a user number 1.\n\nenabled is a boolean that specified whether the user is enabled or not.\n\nusername specifies the name of the user, specified as a name.\n\npassword specifies the password of the user, specified as a name.\n\nmax-priv specifies the maximum privilege level allowed for the user.\n\nmax.sessions specifies the maximum number of session the user may open.\n\n\nstartcmd \"cmd\"\nspecifies  a command to execute when a power on is requested.  This lets a virtual ma‐\nchine be started that can then connect back to the simulator.  The simulator does man‐\nagement  of  the process here, and the power on state of the process depends on if the\nprocess exists or not.  If a poweroff is requested, if the process is connected  to  a\nVM  serial interface, a graceful shutdown is first requested.  If the process does not\nterminate in a specified amount of time, a  SIGTERM  is  sent  to  the  process.   The\nSIGTERM  is sent immediately if there is no connection.  If the process doesn't go way\nin another specified amount of time, a SIGKILL is sent.\n\n\nstartnowtrue|false\nIf true, start the startcmd at the startup of the simulator.  Otherwise wait  until  a\npoweron is issued.\n\n\npoweroffwait seconds\nspecifies  the  amount of time to wait for the startcmd to do a graceful shutdown on a\npowerdown request.  The simulator will send a request to the target, wait this  amount\nof  time,  and then do a SIGTERM kill on the process.  If this is zero, a SIGTERM will\nnot be done (nor will a SIGKILL).  Note that if the simulator does not have a  connec‐\ntion  to  the  VM, the graceful shutdown is skipped and a SIGTERM is done immediately.\nDefault time is 60 seconds.\n\n\nkillwait seconds\nspecifies the amount of time to wait for SIGTERM to kill the process.  If the  process\ndoes  not  terminate  in  this  period of time, send a SIGKILL kill.  If this is zero,\ndon't send the SIGKILL.  Default time is 20 seconds.\n\n\nconsole address port\nspecifies that a console port be opened at the given address and port.  You can telnet\nto  the console and execute emulation commands.  Note that this is a pretty huge secu‐\nrity hole, it should only be used for debugging in a captive environment.\n\n\nserial channel addr port [option [option [...]]]\nchannel specifies the channel number or type.  This may be kcs, smic, or bt or it  may\nbe 15.  Currently, only the system interface channel (channel 15) is supported for se‐\nrial interfaces, if the others are specified it is channel 15 and the given  interface\nis reported in channel configuration commands.\n\naddr specifies the IP address to listen on for connections.\n\nport specifies the port to listen on for connections.\n\nValid options are:\n\ncodec name specifies which codec to use on the serial port.  Valid options are: Termi‐‐\nnalMode, Direct, RadisysAscii, and VM.  The first three are  implementations  of  IPMI\nserial interfaces on certain systems and might be used for simulations of that system.\nThe VM is probably the most interesting; it is designed to be used with a virtual  ma‐\nchine like qemu.\n\noem  name  specified implementation of some OEM custom commands and options on the in‐\nterface.  Valid options oare PigeonPoint and Radisys.\n\nattn c1[,c2[...]]  specifies a list of characters, separated by commas, to use as  the\nattention  character on the interface.  Generally the default is correct.  The charac‐\nters are specified as decimal, octal, or hex digits in C style.\n\nipmb addr specifies the IPMI address of the interface.  The default, 0x20, is  usually\ncorrect, but when emulating ATCA systems this might be required.\n\n\nsol device defaultbaud [history=size[,backupfile=filename]] [historyfru=frunum]\n\nAllow  a  Serial Over LAN (SOL) connection to the given device.  This will be over in‐\nterface 1 for the MC.\n\ndevice is the full path to the device name.  It can  also  be  in  the  form  \"tcp:ad‐\ndress:port\"  or \"telnet:address:port\" to do connections over tcp (without or with tel‐\nnet processing).  This is useful for providing SOL access to qemu ports.\n\ndefaultbaud sets the initial default baud rate to use.  This is overriden by the per‐\nsistent SOL settings.\n\nhistory creates a history device on SOL interface 2.  The size is the size of the buf‐\nfer.  Data from the device is stored in the history buffer all the  time.   Connecting\nto  SOL interface 2 will cause the full history buffer to be dumped.  If backupfile is\nspecified, then the history is made persistent.  However, it is  only  stored  when  a\ncatchable  signal or normal shutdown is done, so a poweroff or fatal signal will cause\nthe data to be lost.\n\nhistoryfru makes the history available via the given FRU number on the MC.\n\nNote that if the connection fails to come up, the simulator will continue  to  try  to\nconnect.  This way you can fix UDP serial ports or qemu sessions and it will automati‐\ncally reconnect.\n\n\nloadlib \"module\" [\"options\"]\n\nLoad the given shared object into the program.\n\nmodule is the full path to the module.  It must be in quotes.\n\noptions is an optional string in quotes that passes options to the module.   The  con‐\ntents of the string are not specified, the module defines that.\n\nThe module may have a number of functions that are called:\n\nipmisimmoduleprintversion(sysdatat  *sys, char *options) is called when ipmisim\nis started with the version print option.  This way the versions of all loaded modules\nmay  be  printed.   The module should print it's version.  You must provide this func‐\ntion.\n\nipmisimmoduleinit(sysdatat *sys, char *options) is called after the configuration\nfile  is  read and before any other initialization is done.  The module should do most\nof its initialization here.  You must provide this function.\n\nipmisimmodulepostinit(sysdatat *sys) is called after ipmisim has finished  ini‐\ntializing.  This function is optional.\n\n\nsys parameter is used for most functions interfacing to the main ipmisim code, like logging,\ntimers, and a few of the MC calls.  The contents are opaque to the module.\n\n\n\nstartlan channel\nStarts a LAN configuration area.  This specifies the settings for a LAN connection us‐\ning the given channel.  This may be specified more than once in a file to support mul‐\ntiple LAN connections.  Commands following this, up to endlan, are  LAN-specific  com‐\nmands listed below.  channel specifies the channel to set the LAN configuration for.\n\n",
            "subsections": []
        },
        "LAN CONFIGURATION COMMANDS": {
            "content": "The following commands are only valid inside a startlen area.\n\n\naddr IP-address [UDP-port]\nIP-address  specifies  the  IP address to use for an IP port. Up to 4 addresses may be\nspecified.  If no address is specified, it defaults to one port at 0.0.0.0 (for  every\naddress on the machine) at port 623.\n\nUDP-port  specifies  an  optional  port to listen on. It defaults to 623 (the standard\nport).\n\n\nPEFalerting boolean\nTurn PEF alerting on or off (not currently supported).\n\n\npermsgauth boolean\nTurn per-message authentication on or off.\n\n\nprivlimit priv\nThe maximum privilege allowed on this interface.\n\n\nallowedauthscallback [auth [auth [...]]]\nauth specifies allowed authorization levels for the callback  privilege  level.   Only\nthe  levels  specified  on this line are allowed for the authorization level.  If this\nline is not present, callback authorization cannot be used.\n\n\nallowedauthsuser [auth [auth [...]]]\nauth specifies allowed authorization levels for the user privilege  level.   Only  the\nlevels  specified  on this line are allowed for the authorization level.  If this line\nis not present, user authorization cannot be used.\n\n\nallowedauthsoperator [auth [auth [...]]]\nauth specifies allowed authorization levels for the operator  privilege  level.   Only\nthe  levels  specified  on this line are allowed for the authorization level.  If this\nline is not present, operator authorization cannot be used.\n\n\nallowedauthsadmin [auth [auth [...]]]\nauth specifies allowed authorization levels for the admin privilege level.   Only  the\nlevels  specified  on this line are allowed for the authorization level.  If this line\nis not present, user authorization cannot be used.\n\n\nguid name\nAllows the 16-byte GUID for the IPMI LAN connection to be specified.  If this  is  not\nspecified, then the GUID command is not supported.\n\n",
            "subsections": []
        },
        "FILES": {
            "content": "/etc/ipmilan.conf\n\n",
            "subsections": []
        },
        "SEE ALSO": {
            "content": "ipmilan(8),ipmisim(1)\n\n",
            "subsections": []
        },
        "KNOWN PROBLEMS": {
            "content": "IPMI is unnecessarily complicated.\n\n",
            "subsections": []
        },
        "AUTHOR": {
            "content": "Corey Minyard <cminyard@mvista.com>\n\n\n\nOpenIPMI                                      06/26/12                                   ipmilan(5)",
            "subsections": []
        }
    },
    "summary": "ipmi/lan.conf - IPMI LAN Interface config file",
    "flags": [],
    "examples": [],
    "see_also": [
        {
            "name": "ipmilan",
            "section": "8",
            "url": "https://www.chedong.com/phpMan.php/man/ipmilan/8/json"
        },
        {
            "name": "ipmisim",
            "section": "1",
            "url": "https://www.chedong.com/phpMan.php/man/ipmisim/1/json"
        }
    ]
}