archive.org
`
`
`
`DECLARATION OF NATHANIEL E FRANK-WHITE
`
`
`1. I am a Records Request Processor at the Internet Archive. I make this declaration
`of my own personal knowledge.
`
`
`2. The Internet Archive is a website that provides access to a digital library of Internet
`sites and other cultural artifacts in digital form. Like a paper library, we provide
`free access to researchers, historians, scholars, and the general public. The Internet
`Archive has partnered with and receives support from various institutions,
`including the Library of Congress.
`
`
`3. The Internet Archive has created a service known as the Wayback Machine. The
`Wayback Machine makes it possible to browse more than 450 billion pages stored
`in the Internet Archive's web archive. Visitors to the Wayback Machine can search
`archives by URL (i.e., a website address). If archived records for a URL are
`available, the visitor will be presented with a display of available dates. The visitor
`may select one of those dates, and begin browsing an archived version of the Web.
`Links on archived files in the Wayback Machine point to other archived files
`(whether HTML pages or other file types), if any are found for the URL indicated
`by a given link. For instance, the Wayback Machine is designed such that when a
`visitor clicks on a hyperlink on an archived page that points to another URL, the
`visitor will be served the archived file found for the hyperlink’s URL with the
`closest available date to the initial file containing the hyperlink.
`
`
`4. The archived data made viewable and browseable by the Wayback Machine is
`obtained by use of web archiving software that automatically stores copies of files
`available via the Internet, each file preserved as it existed at a particular point in
`time.
`
`
`5. The Internet Archive assigns a URL on its site to the archived files in the format
`http://web.archive.org/web/[Year in yyyy][Month in mm][Day in dd][Time code in
`hh:mm:ss]/[Archived URL] aka an “extended URL”. Thus, the extended URL
`http://web.archive.org/web/19970126045828/http://www.archive.org/ would be the
`URL for the record of the Internet Archive home page HTML file
`(http://www.archive.org/) archived on January 26, 1997 at 4:58 a.m. and 28
`seconds (1997/01/26 at 04:58:28). The date indicated by an extended URL applies
`to a preserved instance of a file for a given URL, but not necessarily to any other
`files linked therein. Thus, in the case of a page constituted by a primary HTML file
`and other separate files (e.g., files with images, audio, multimedia, design
`elements, or other embedded content) linked within that primary HTML file, the
`primary HTML file and the other files will each have their own respective extended
`URLs and may not have been archived on the same dates.
`
`6. Attached hereto as Exhibit A are true and accurate copies of screenshots of the
`Internet Archive's records of the archived files for the URLs and the dates specified
`in the attached coversheet of each printout.
`
`Lenovo
`Ex. 1039 - Page 1
`
`

`

` archive.org
`
`
`
`
`
`
`
`
`
`
`
`7. Attached hereto as Exhibit B are true and accurate copies of the Internet Archive's
`records of the archived files for the URLs and the dates specified in the attached
`coversheet of each file.
`
`8. I declare under penalty of perjury that the foregoing is true and correct.
`
`
`
`
`DATE: ________________________
`
`
`________________________
`Nathaniel E Frank-White
`
`December 12, 2022
`
`Lenovo
`Ex. 1039 - Page 2
`
`

`

`
`
`
`
`
`EXHIBIT A
`
`EXHIBIT A
`
`Lenovo
`
`Ex. 1039 - Page 3
`
`Lenovo
`Ex. 1039 - Page 3
`
`

`

`https://web.archive.org/web/20031009145023/http:/developer.intel.com/design/servers/IPMI/
`
`Lenovo
`Ex. 1039 - Page 4
`
`

`

`
`
` Go]AUG
`
`ivteaner anewiye_[http:/developerintel.com/designiservers/IPMI/
`
`
`=e OO
`<
`>
`Ho
`UAUBSCHMTACHINE
`127 captures
`BALE Aboutthis capture
`Li ih stds titel i eouttodilh
`ue |
`mots
`|_2002
`VineetMc oT ey
`ret
`Sra
`ee SACRe oto So
`
`Ceaea et
`
`Nee
`
`
`
`Intelligent Platform
`ManagementInterface “
`Newrevision available (updated on 10/1/03):
`+
`IPMI v2.0 DRAFTspecifications for Adopters Review
`This documentpresents proposals for new "Serial Over LAN" and "RMCP+"(Remote
`Management Control Protocol+) extensions to the IPMI v1.5 specifications.
`
`Addenda, Errata, and Clarifications documentrevision 4 for IPMI v1.5 rev 1.1
`
`specification
`This
`revisionlists the cumulative addenda,errata,andclarifications againstthe rev.
`1.1 release of the IPMI v1.5 specification. This errata adds two items, E268 and E291,
`that were missingin the errata 3 document but werepresentin the associated 9/12/03
`markup.
`IPMIv1.5 rev 1.1 specification markupforerrata revision 4
`This is a version of the IPMIv1.5 rev 1.1 specifications with revisions marked perthe
`Addenda,Errata, and Clarifications documentrevision 4. This replaces the 9/12/03
`markup that accompanied errata 3. The previous markup missedincluding the
`optional5th byte for the Get Chassis Status commandthat waspart of errata E317.
`Recent Updates (updated on 5/02/03):
`
`Includes IPMIv1.0 and IPMI v1.5 automated conformancetests, IPMI v1.6 CMDTOOL
`for manual |PMIv1.5 testing, support for PCI* card based IPMB and SMBustesting,
`and support for IPMI v1.5 new interfaces including LAN, Serial and SMBus.ICTS 5.05
`is the latest update and adds new functional andinterface protocol tests for |PMI 1.5
`andincludes somebugfixes as well.
`
`ICMB Specification V1.0 Document Revision 1.3 4/2/03
`ICMBv1.0 Revision 1.3 adds new commandsfor supporting Group Chassis Control
`capabilities. Group Chassis Controlprovides a mechanism to enable power, reset,
`and diagnosticinterrupt control of multiple chassis usinga single broadcast command
`on the ICMB.
`
`IPMI v1.5 Reference Driver for |A-64 and IA-32 under Windows* .NET/2000 OS
`IPMI1.5 referencedriver implementation for IA-64 and IA-32 under Windows*
`.NET/2000 OSavailable to IPMI adopters only.
`IPMv1.5 Revision 1.1 2/20/02
`Intel Corporation, Hewlett Packard Company, NEC Corporation, and Dell Computer
`Corporation are pleased to announcethe availability of revision 1.1 oftheIntelligent
`Platform ManagementInterface (IPM) v1.5 specifications. This updateof the IPMI
`v1.5 specification incorporates important errata and addendathat address issues
`discoveredin the original revision 1.0 release of the specification. A companion
`addenda and errata document(revision 5,below) separately lists the errata and
`addenda that have heenincluded.
`
`To receive notification of website updates and upcoming industry events, please send us
`your email address and nameusing the feedback form.
`Intel Corporation, Hewlett Packard Company, NEC Corporation, and Dell Computer
`Corporation are pleased to announce theavailability of version 1.5 ofthe Intelligent Platform
`ManagementInterface (IPMI) specifications. IPMI defines commoninterfacesto "intelligent"
`hardware used to monitor a server's physical health characteristics, such as temperature,
`voltage,fans, powersupplies and chassis. These capabilities provide information that
`enables system management,recovery, and assettracking which help drive downthe total
`cost of ownership (TCO). The new interfacesin IPMIv1.5facilitate the managementof rack-
`mounted Internet servers and systemsin remote environmentoverserial, modem and LAN
`connections. A supersetof version 1.0, IPMIv1.5also includes new capabilities to
`automatically alert [T managersof system errors and enable immediate system recovery.
`These new capabilities combined with the remote managementfunctionality allow IT
`managers to managetheir servers and systems,regardlessof system health, powerstate or
`supported communication media. The specifications interoperability guidelines will enable
`server OEMsto quickly bring new server hardware with these advancedcapabilities to
`marketefficiently and cost effectively. See IPMI v1.5 and IPMIv1.0 press announcements for
`additionalinformation.
`Contributors Agreement:
`Before contributing feedback to the IPMspecifications, a Contributors Agreement must be
`signed.All feedback will be carefully tracked, evaluated and incorporated as appropriate
`howeverthere is no guaranteethat feedbackwill be included in the future releasesof the
`specifications. Pleasefollow the steps below:
`
`1. Downloadand print the Contributors Agreement.
`2. Sign the Contributors Agreement
`3. Fax Contributors Agreementto (please include your email address):
`Intel Corporation
`Attn: IPMIInitiative
`Fax: (503) 712-1428
`4. Awebsite address will be sent to you via email immediately upon receiving your
`signed Contributors Agreement.From this website youwill be able to provide your
`feedback.
`Adopters Agreement:
`Before implementing the IPMI, IPMB or ICMBspecifications. a royalty-free reciprocal patent
`license must be signed. Pleasefollowthe steps below to sign the IPMI Adopters Agreement:
`
`1. Download and print 2 copies of the Adopters Agreement.
`2. Sign both copiesand send to:
`Intel Corporation
`JF5-301
`
`5200 N.E.
`Elam Young Parkway
`Hillsboro, OR 97124-6497
`Attn: Fadi Zuhayri
`Include mailing address. One copywill be sentback for your records.
`3.
`For general questions and comments submit your feedbackhere.
`THESE SPECIFICATIONS ARE PROVIDED"AS |S" WITH NO WARRANTIES,andsubject
`to change withoutnotice.
`
` 2022
`
`ervrrd
`ere nay
`oer
`Coe
`Coeoe
`Coen
`| R&DAnitiatives
`
`Intel® Server Procucis
`
`Intel® Solution Services:
`IntelTes
`Documentation Canter
`
`‘* Specifications
`* Develover
`© License Agreements
`© Indu
`
`back to top
`eeu aesae
`
`Selebene
`
`Lenovo
`
`Ex. 1039 - Page 5
`
`Lenovo
`Ex. 1039 - Page 5
`
`

`

`
`
`
`
`
`EXHIBIT B
`
`EXHIBIT B
`
`Lenovo
`
`Ex. 1039 - Page 6
`
`Lenovo
`Ex. 1039 - Page 6
`
`

`

`https://web.archive.org/web/20030610155215/http://support.intel.com/idf/us/spr2003/presentations/S03US
`OSAS41_OS.pdf
`
`Lenovo
`Ex. 1039 - Page 7
`
`

`

`Advances in Intelligent Platform
`Management
`
`Tom Slaight
`Server Management Architect
`Enterprise Platforms Group
`Intel Corporation
`
`Lenovo
`Ex. 1039 - Page 8
`
`

`

`Agenda
`
`(cid:121) IPMI Update
`(cid:121) New system directions for IPMI
`(cid:121) New components for IPMI
`(cid:121) IPMI future directions
`(cid:121) Summary
`
`Itanium® is a trademark or registered trademark of Intel Corporation or its subsidiaries in the United States or
`other countries.”
`
`2
`
`Lenovo
`Ex. 1039 - Page 9
`
`

`

`Introduction
`
`(cid:121) Audience:
`Architects, Technical Managers, Firmware
`Leads, and Hardware Designers
`– Involved in architecture, component selection,
`debug, test, or design of server baseboard and
`peripheral management subsystems
`(cid:121) Focus: IPMI-based implementations
`– Hardware and software components
`
`Directions and Technology Preview
`Directions and Technology Preview
`
`3
`
`Lenovo
`Ex. 1039 - Page 10
`
`

`

`IPMI
`IPMI
`Intelligent
`Intelligent
`Platform
`Platform
`Management
`Management
`Interface
`Interface
`
`• Defines a standardized,
`• Defines a standardized,
`abstracted, message-based
`abstracted, message-based
`interface to intelligent platform
`interface to intelligent platform
`management hardware
`management hardware
`• Defines standardized records for
`• Defines standardized records for
`describing platform management
`describing platform management
`devices and their characteristics
`devices and their characteristics
`
`Promoters:
`
`Adopters: Over 138 and growing
`
`developer.intel.com/design/servers/ipmihttp://http://developer.intel.com/design/servers/ipmi
`
`
`
`
`4
`
`Lenovo
`Ex. 1039 - Page 11
`
`

`

`Initiative News
`
`U pdated Errata, IC M B specifications, and
`U pdated Errata, IC M B specifications, and
`U pdated Errata, IC M B specifications, and
`C onfor m ance Test S uite
`C onfor m ance Test S uite
`C onfor m ance Test S uite
`
`developer.intel.com/design/servers/ipmi
`developer.intel.com/design/servers/ipmi
`developer.intel.com/design/servers/ipmi
`
`* Other names and brands may be claimed as the property of others.
`5
`
`Lenovo
`Ex. 1039 - Page 12
`
`

`

`Agenda
`
`(cid:121) IPMI Update
`(cid:121) New system directions for IPMI
`(cid:121) New components for IPMI
`(cid:121) IPMI future directions
`(cid:121) Summary
`
`6
`
`Lenovo
`Ex. 1039 - Page 13
`
`

`

`New System Directions for IPMI
`(cid:121) Modular Systems
`– Advanced TCA &
`General Modular
`(cid:121) Low Cost Systems
`– Low cost BMCs
`– Add-in BMCs
`(cid:121) Group Managed Systems
`– IPMI for Group Chassis Control
`
`IPMI grows to enable competitive
`IPMI grows to enable competitive
`features across server classes
`features across server classes
`
`7
`
`Lenovo
`Ex. 1039 - Page 14
`
`

`

`IPMI v1.5 Architecture
`Remote
`LAN
`MODEM
`Mgmt. Card
`/ Serial
`
`ICMB
`
`Bridge
`Bridge
`Controller
`Controller
`
`Aux. IPMB
`IPMB (I2C)
`
`Satellite
`Satellite
`Mgmt.
`Mgmt.
`Controller
`Controller
`
`I2C / SMBus
`
`FRU SEEPROM
`FRU SEEPROM
`Chassis
`Chassis
`
`NV Store
`SDR,
`SDR,
`SEL,
`SEL,
`FRUFRU
`
`sensors
`& control
`circuitry
`
`“side-
`band”
`RS-232
`Baseboard
`SMBus/PCI Mgmt. Bus Baseboard
`Mgmt.
`Mgmt.
`Controller
`Controller
`I2C/SMBus
`(BMC)
`(BMC)
`SENSORs
`& control
`circuitry
`
`MgmtMgmt
`Netwk
`Netwk
`CtrlrCtrlr
`PCI
`
`Baseboard
`Baseboard
`
`System Interface
`System Interface
`System Bus
`
`IPMI Messages
`8
`
`Lenovo
`Ex. 1039 - Page 15
`
`

`

`Modular Systems
`IPMI Architecture
`compute
`compute
`compute
`compute
`node
`node
`node
`node
`Sys I/F
`Sys I/F
`BMC
`BMC
`Satellite
`Satellite
`Controller
`Controller
`
`Remote Mgmt
`Console
`System
`
`LANLAN
`
`i/o node
`i/o node
`
`Satellite
`Controller
`
`mgmt
`mgmt
`module
`module
`Mgmt.
`Module
`Processor
`BP I/F
`
`Backplane Mgmt Bus
`
`chassis
`chassis
`IPMI Messages
`
`FAN FAN
`
`Satellite
`Controller
`
`temp
`PS
`
`PS
`
`More info in OSAS135: “Using IPMI Platform
`More info in OSAS135: “Using IPMI Platform
`Management In Modular Computer Systems”
`Management In Modular Computer Systems”
`9
`
`Lenovo
`Ex. 1039 - Page 16
`
`

`

`Modular Systems
`IPMI Spec Extensions
`(cid:121) Entity information
`extensions to identify node
`location in a given chassis
`(cid:121) Options to coordinate
`Node/FRU removal and
`replacement
`(cid:121) Management Bus ‘failover’
`status
`– Supports redundant
`management bus
`connections
`
`10
`
`Lenovo
`Ex. 1039 - Page 17
`
`

`

`Low-cost systems
`Baseline ‘mini’ BMCs
`(cid:121) IPMI Conformant ‘Baseline’ BMC
`– Covers mandatory IPMI BMC features
`(cid:121) ‘Turnkey’ firmware with limited
`customization and chassis support
`– “NVRAM” configurable to motherboard
`sensors
`– Minimized support for IPMI options
`– E.g. May be ‘LAN only’
`– May have limited options such as # of Users
`(cid:121) Small, low pin-count packaging…
`
`11
`
`Lenovo
`Ex. 1039 - Page 18
`
`

`

`Low-cost Systems
`SSIF - SMBus System Interface
`SSIF
`LAN ‘side-
`band’
`IPMI system I/F
`LAN
`
`power,
`power,
`reset
`reset
`
`South
`South
`Bridge
`Bridge
`System Bus
`
`SMBus
`
`SMBAlert
`
`sensor
`polling
`bus
`
`BMCBMC
`SMBus
`
`System
`System
`Monitor
`Monitor
`FRUFRU
`
`12
`
`SMBus
`
`SMBAlert
`
`LANLAN
`82551
`82551
`PCI
`
`Sensor
`Sensor
`Connections
`Connections
`
`Lenovo
`Ex. 1039 - Page 19
`
`

`

`Low-cost Systems
`SSIF - SMBus System Interface
`(cid:121) Provides BMC system interface access via SMBus
`– Low pin count
`– Relies on controller-specific SMBus drivers
`(cid:121) BMC accessed as SMBus Slave device
`– Requests delivered using ‘Block Write’ protocol
`– Responses retrieved using ‘Block Read’ protocol
`– SMBAlert signal status change/message available
`– ‘Get Status’ command allows interface status to be
`polled
`– Includes ability to write/read more than 32 data bytes
`using two SMBus transactions
`(cid:121) New ‘Reserve Device’ command
`– Optional command directs BMC to suspend access to
`specified device for xx milliseconds
`– Resolves access to ‘shared’ SMBus devices
`
`13
`
`Lenovo
`Ex. 1039 - Page 20
`
`

`

`Low-cost Systems
`SSIF - Message Formats
`Write_Message:
`Sends encapsulated IPMI message data to controller
`Format: Slave Addr | 0b, CMD=Write_Msg, Length,
`Message Data, CHECKSUM
`Read_Message:
`Retrieves encapsulated IPMI message data from controller
`Format: Slave Addr | 0b, CMD=Read_Msg, Slave Addr | 1b,
`Length, Message Data, CHECKSUM
`Get_Status:
`Indicates message data available for reading, or error/busy status
`of interfaces
`Format: Slave Addr | 0b, CMD=Get_Status, Slave Addr | 1b,
`Length, Message Data, CHECKSUM
`
`14
`
`Lenovo
`Ex. 1039 - Page 21
`
`

`

`Low-cost systems
`Multi-level BMC Options
`RS-232
`LPC
`
`FullFull
`BMCBMC
`
`chassis
`chassis
`sensors
`sensors
`
`power, reset
`power, reset
`
`SMBus
`South
`South
`Bridge
`Bridge
`SMBAlert
`System Bus
`
`Acts as ‘Satellite
`Controller’ to ‘Full’ BMC
`
`SMBus
`SMBAlert
`PCI
`
`sensor
`sensor
`connections
`connections
`
`Baseline
`Baseline
`BMCBMC
`SMBus
`System
`System
`Monitor
`Monitor
`FRUFRU
`Low Cost Options enable IPMI
`Low Cost Options enable IPMI
`for all Server classes
`for all Server classes
`15
`
`LAN
`
`LANLAN
`82551
`82551
`
`Lenovo
`Ex. 1039 - Page 22
`
`

`

`Group Managed Systems
`ICMB Group Chassis Control
`(cid:121) Chassis Control single broadcast
`– power on/off, reset, diagnostic interrupt
`(cid:121) Group-specific operation enables, e.g.
`– “Group 1” enabled for power-on, -off, reset
`– “Group 2” enabled for power-on only
`(cid:121) Enables Power/reset sequencing
`(cid:121) Enables ‘one button’ power on
`– e.g. pressing power button on compute
`chassis automatically powers up
`associated peripheral chassis
`(cid:121) Enables ‘service lockouts’
`– e.g. powering down a chassis blocked until
`all ‘controlling members’ have requested
`same power state
`
`16
`
`Lenovo
`Ex. 1039 - Page 23
`
`

`

`Group Management Systems
`ICMB Group Chassis Control
`
`Host
`H1
`
`Host
`H2
`
`Chassis A
`Group 10
`Control Members: H1, H2
`Capabilities: Pwr off
`
`Group 12:
`Members: H1
`Capabilities: Pwr on/off, reset
`
`Chassis A
`Group 10
`Control Members: H1, H2
`Capabilities: Pwr off
`
`ICMB
`
`(cid:121) Up to 255 different control groups per ICMB
`(cid:121) Each chassis can belong to up to 4 control groups
`(cid:121) A single ‘Group Chassis Control’ command can be targeted to
`4 different control groups
`(cid:121) Each group has up to 16 ‘controlling members’
`(cid:121) Members can ‘request’ or ‘force’ the control state
`
`17
`
`Lenovo
`Ex. 1039 - Page 24
`
`

`

`Agenda
`
`(cid:121) IPMI Update
`(cid:121) New system directions for IPMI
`(cid:121) New components for IPMI
`(cid:121) IPMI future directions
`(cid:121) Summary
`
`18
`
`Lenovo
`Ex. 1039 - Page 25
`
`

`

`Components
`National Semiconductor “Mini” BMC
`(cid:121) PC87431M* - Targets IPMI LAN remote mgmt.
`– supports monitoring by local mgmt. s/w via SMBus
`– configurable sensor polling
`(cid:121) Internal FLASH, RAM, NVRAM
`– up to 512 bytes NV available for OEM use
`(cid:121) Authenticated IPMI LAN support for:
`– System reset, SMI/NMI, and power control
`– settable ‘Boot Options’
`– FRU, System Event Log, and SDR access
`– Sensor access
`– Alerting via IPMI/PET SNMP Traps
`(cid:121) Platform Event Filtering
`– configurable actions on events
`– power control, reset, fault light, NMI/SMI, and alert
`
`* Other names and brands may be claimed as the property of others.
`19
`
`Lenovo
`Ex. 1039 - Page 26
`
`

`

`Components
`IPMI Software
`IPMI Web Site
`(cid:121) Reference drivers
`– for Itanium™ Architecture and IA-32 under
`Windows* .NET/2000 and Linux
`(cid:121) IPMI Conformance Test Suite
`– Serves as both validation and development tool
`
`developer.intel.com/design/servers/ipmi
`developer.intel.com/design/servers/ipmi
`
`* Other names and brands may be claimed as the property of others.
`20
`
`Lenovo
`Ex. 1039 - Page 27
`
`

`

`Components
`IPMI Software
`OSA Technologies
`(cid:121) Management Applications for IPMI
`– “Remote Console” applications
`and IPMI Drivers
`(cid:121) Firmware engineering also available
`– SDKs for popular BMCs
`– Supports IPMI v1.5 and
`out-of-band access (serial, LAN)
`(cid:121) IDF LAB Thursday
`“Exploring Remote Manageability Building Blocks
`for Next Generation Servers and Devices”
`
`IPMI components improve TTM
`IPMI components improve TTM
`and reduce design cost
`and reduce design cost
`
`21
`
`Lenovo
`Ex. 1039 - Page 28
`
`

`

`Agenda
`
`(cid:121) IPMI Update
`(cid:121) New system directions for IPMI
`(cid:121) New components for IPMI
`(cid:121) IPMI future directions
`(cid:121) Summary
`
`22
`
`Lenovo
`Ex. 1039 - Page 29
`
`

`

`IPMI Future Directions
`Technology Transitions
`2003
`Q2
`Q3
`
`Technology
`
`Q1
`
`2004
`Q2
`Q3
`
`Q1
`
`Q4
`
`Q4
`
`Full BMC w/dedicated LAN
`Full BMC w/dedicated LAN
`Full BMC + “sideband” LAN
`Full BMC + “sideband” LAN
`
`
`
`
`band LANBladeBlade--focused focused BMCsBMCs + side+ side--band LAN
`
`
`
`
`
`Full BMCs
`
`Blade BMCs
`
`Baseline BMCs
`
`Add-on BMCs
`
`Integrated BMCs
`
`
`
`
`
`band LANBaseline BMC + sideBaseline BMC + side--band LAN
`
`Full Full BMCBMC ‘add‘add--on’Option
`on’Option
`BMC + ??? combined
`BMC + ??? combined
`
`IPMI
`
`1.51.5
`
`“2.0”
`“2.0”
`review draft
`review draft
`
`“2.0”
`“2.0”
`
`Update next IDF
`Update next IDF
`
`23
`
`Lenovo
`Ex. 1039 - Page 30
`
`

`

`IPMI Future Directions
`IPMI ‘2.0’ Proposals
`(cid:121) Serial redirection over LAN
`(cid:121) Terminal mode extensions (improved ‘CLI’)
`(cid:121) ASF Alignment
`– Common authentication protocols
`– Smoothes ASF to IPMI transition between desktop and
`sub-entry server systems
`(cid:121) Modular (blade) support
`– blade/chassis relationship, blade power mgmt., etc.
`– AdvancedTCA support (formerly 'CompactPCI')
`(cid:121) IPMI over Web
`– enabling technology for IPMI over Web (may be post 2.0)
`
`IPMI continues to evolve
`IPMI continues to evolve
`valuable new capabilities
`valuable new capabilities
`
`24
`
`Lenovo
`Ex. 1039 - Page 31
`
`

`

`Agenda
`
`(cid:121) IPMI Update
`(cid:121) New system directions for IPMI
`(cid:121) New components for IPMI
`(cid:121) IPMI future directions
`(cid:121) Summary
`
`25
`
`Lenovo
`Ex. 1039 - Page 32
`
`

`

`Summary
`
`(cid:121) IPMI grows to enable competitive features
`across server classes
`(cid:121) Third party components improve TTM and
`reduce design cost
`(cid:121) IPMI continues to evolve valuable new
`capabilities
`
`developer.intel.com/design/servers/ipmi
`developer.intel.com/design/servers/ipmi
`
`26
`
`Lenovo
`Ex. 1039 - Page 33
`
`

`

`Glossary
`
`BMC
`FRU
`
`ICMB
`
`IPMB
`
`IPMI
`
`OOB
`
`PEF
`
`Baseboard Management Controller.
`Field Replaceable Unit. A field replaceable component such as a
`board, module, fan, power supply, etc.
`Intelligent Chassis Management Bus. The ICMB provides a
`dedicated management bus that enables delivering IPMI messages
`and alerts between multiple host and peripheral chassis.
`Intelligent Platform Management Bus. Name for the architecture,
`protocol, and implementation of a special bus that interconnects the
`baseboard and chassis electronics and provides a communications
`media for system platform management information.
`Intelligent Platform Management Interface. IPMI defines a common,
`abstracted, and self-descriptive interface for platform management
`hardware that monitors server characteristics such as temperature,
`voltage, fans, power supplies, and chassis.
`Out-of-Band. System platform management access that does not
`involve going through the OS or other software running on the main
`processors of the managed system.
`Platform Event Filtering. A feature in IPMI that enables the BMC to
`generate a selectable action (e.g. power on/off, reset, send Alert,
`etc.) when a configurable event occurs on the management system.
`
`27
`
`Lenovo
`Ex. 1039 - Page 34
`
`

`

`Glossary
`
`SAF
`
`Service Availability Forum. Standards body consisting of Telco
`platform and software vendors that is defining RAS standards
`including UCMI
`SAF-HPI Server Availability Forum - Hardware Platform Interface. Name for a
`set of APIs and structures for representing and accessing platform
`management hardware.
`SAF-TE SCSI Accessed Fault-Tolerant Enclosures. SAF-TE provides a
`mechanism that enables RAID fault information to be sent to the
`hot-swap backplane via SCSI.
`Sensor Data Record. SDRs provide the information that tells
`management software what sensors, events, management
`controllers, and FRU information is available from a given IPMI
`implementation.
`System Event Log. A non-volatile storage area and associated
`interfaces for storing system platform event information for later
`retrieval.
`
`SDR
`
`SEL
`
`28
`
`Lenovo
`Ex. 1039 - Page 35
`
`

`

`https://web.archive.org/web/20000903054648/http://www.unixcircle.com/ipf/ipf-howto.pdf
`
`Lenovo
`Ex. 1039 - Page 36
`
`

`

`IP Filter Based Firewalls HOWTO
`
`Brendan Conoboy <synk@swcp.com>
`Erik Fichtner <emf@obfuscation.org>
`
`Mon Aug 28 23:41:36 EDT 2000
`
`Abstract: This document is intended to introduce a new user to the IP Filter firewalling package
`and, at the same time, teach the user some basic fundamentals of good firewall design.
`
`1. Introduction
`IP Filter is a great little firewall package. It does just about everything other free firewalls (ipfwadm,
`ipchains, ipfw) do, but it’s also portable and does neat stuff the others don’t. This document is intended to
`make some cohesive sense of the sparse documentation presently available for ipfilter. Some prior familiar-
`ity with packet filtering will be useful, however too much familiarity may make this document a waste of
`your time. For greater understanding of firewalls, the authors reccomend reading Building Internet Fire-
`walls, Chapman & Zwicky, O’Reilly and Associates; and TCP/IP Illustrated, Volume 1, Stevens, Addison-
`Wesley.
`
`1.1. Disclaimer
`The authors of this document are not responsible for any damages incurred due to actions taken based
`on this document. This document is meant as an introduction to building a firewall based on IP-Filter. If
`you do not feel comfortable taking responsibility for your own actions, you should stop reading this docu-
`ment and hire a qualified security professional to install your firewall for you.
`
`1.2. Copyright
`Unless otherwise stated, HOWTO documents are copyrighted by their respective authors. HOWTO
`documents may be reproduced and distributed in whole or in part, in any medium physical or electronic, as
`long as this copyright notice is retained on all copies. Commercial redistribution is allowed and encour-
`aged; however, the authors would like to be notified of any such distributions.
`All translations, derivative works, or aggregate works incorporating any HOWTO documents must be
`covered under this copyright notice. That is, you may not produce a derivative work from a HOWTO and
`
`Lenovo
`Ex. 1039 - Page 37
`
`

`

`-2-
`
`impose additional restrictions on its distribution. Exceptions to these rules may be granted under certain
`conditions; please contact the HOWTO coordinator.
`In short, we wish to promote dissemination of this information through as many channels as possible.
`However, we do wish to retain copyright on the HOWTO documents, and would like to be notified of any
`plans to redistribute the HOWTOs.
`
`1.3. Where to obtain the important pieces
`The official IPF homepage is at: <http://coombs.anu.edu.au/˜avalon/ip-filter.html>
`The most up-to-date version of this document can be found at: <http://www.obfuscation.org/ipf/>
`
`2. Basic Firewalling
`This section is designed to familiarize you with ipfilter’s syntax, and firewall theory in general. The
`features discussed here are features you’ll find in any good firewall package. This section will give you a
`good foundation to make reading and understanding the advanced section very easy. It must be emphasized
`that this section alone is not enough to build a good firewall, and that the advanced section really is required
`reading for anybody who wants to build an effective security system.
`
`2.1. Config File Dynamics, Order and Precedence
`IPF (IP Filter) has a config file (as opposed to say, running some command again and again for each
`new rule). The config file drips with Unix: There’s one rule per line, the "#" mark denotes a comment, and
`you can have a rule and a comment on the same line. Extraneous whitespace is allowed, and is encouraged
`to keep the rules readable.
`
`2.2. Basic Rule Processing
`The rules are processed from top to bottom, each one appended after another. This quite simply
`means that if the entirety of your config file is:
`
`block in all
`pass in all
`The computer sees it as:
`
`block in all
`pass in all
`Which is to say that when a packet comes in, the first thing IPF applies is:
`
`block in all
`Should IPF deem it necessary to move on to the next rule, it would then apply the second rule:
`
`pass in all
`At this point, you might want to ask yourself "would IPF move on to the second rule?" If you’re
`familiar with ipfwadm or ipfw, you probably won’t ask yourself this. Shortly after, you will become bewil-
`dered at the weird way packets are always getting denied or passed when they shouldn’t. Many packet fil-
`ters stop comparing packets to rulesets the moment the first match is made; IPF is not one of them.
`Unlike the other packet filters, IPF keeps a flag on whether or not it’s going to pass the packet.
`Unless you interrupt the flow, IPF will go through the entire ruleset, making its decision on whether or not
`to pass or drop the packet based on the last matching rule. The scene: IP Filter’s on duty. It’s been been
`scheduled a slice of CPU time. It has a checkpoint clipboard that reads:
`
`Lenovo
`Ex. 1039 - Page 38
`
`

`

`-3-
`
`block in all
`pass in all
`A packet comes in the interface and it’s time to go to work. It takes a look at the packet, it takes a look at
`the first rule:
`
`block in all
`"So far I think I will block this packet" says IPF. It takes a look at the second rule:
`
`pass in all
`"So far I think I will pass this packet" says IPF. It takes a look at a third rule. There is no third rule, so it
`goes with what its last motivation was, to pass the packet onward.
`It’s a good time to point out that even if the ruleset had been
`
`block in all
`block in all
`block in all
`block in all
`pass in all
`that the packet would still have gone through. There is no cumulative effect. The last matching rule always
`takes precedence.
`
`2.3. Controlling Rule Processing
`If you have experience with other packet filters, you may find this layout to be confusing, and you
`may be speculating that there are problems with portability with other filters and speed of rule matching.
`Imagine if you had 100 rules and most of the applicable ones were the first 10. There would be a terrible
`overhead for every packet coming in to go through 100 rules every time. Fortunately, there is a simple
`keyword you can add to any rule that makes it take action at that match. That keyword is quick.
`Here’s a modified copy of the original ruleset using the quick keyword:
`
`block in quick all
`pass in
`all
`In this case, IPF looks at the first rule:
`
`block in quick all
`The packet matches and the search is over. The packet is expunged without a peep. There are no notices,
`no logs, no memorial service. Cake will not be served. So what about the next rule?
`
`pass in
`all
`This rule is never encountered. It could just as easily not be in the config file at all. The sweeping
`match of all and the terminal keyword quick from the previous rule make certain that no rules are fol-
`lowed afterward.
`Having half a config file laid to waste is rarely a desirable state. On the other hand, IPF is here to
`block packets and as configured, it’s doing a very good job. Nonetheless, IPF is also here to let some pack-
`ets through, so a change to the ruleset to make this possible is called for.
`
`2.4. Basic filtering by IP address
`IPF will match packets on many criteria. The one that we most commonly think of is the IP address.
`There are some blocks of address space from which we should never get traffic. One such block is from
`the unroutable networks, 192.168.0.0/16 (/16 is the CIDR notation for a netmask. You may be more famil-
`iar with the dotted decimal format, 255.255.0.0. IPF accepts both). If you wanted to block 192.168.0.0/16,
`this is one way to do it:
`
`block in quick from 192.168.0.0/16 to any
`pass in
`all
`Now we hav e a less stringent ruleset that actually does something for us. Lets imagine a packet comes in
`from 1.2.3.4. The first rule is applied:
`
`Lenovo
`Ex. 1039 - Page 39
`
`

`

`-4-
`
`block in quick from 192.168.0.0/16 to any
`The packet is from 1.2.3.4, not 192.168.*.*, so there is no match. The second rule is applied:
`
`pass in
`all
`The packet from 1.2.3.4 is definitely a part of all, so the packet is sent to whatever it’s destination hap-
`pened to be.
`On the other hand, suppose we have a packet that comes in from 192.168.1.2. The first rule is
`applied:
`
`block in quick from 192.168.0.0/16 to any
`There’s a match, the packet is dropped, and that’s the end. Again, it doesn’t move to the second rule
`because the first rule matches and contains the quick keyword.
`At this point you can build a fairly extensive set of definitive addresses which are passed or blocked.
`Since we’ve already started blocking private address space from entering our firewall, lets take care of the
`rest of it:
`
`block in quick from 192.168.0.0/16 to any
`block in quick from 172.16.0.0/12 to any
`block in quick from 10.0.0.0/8 to any
`pass in
`all
`The first three address blocks are the unroutable IP space.†
`
`2.5. Controlling Your Interfaces
`It seems very frequent that companies have internal networks before they want a link to the outside
`world. In fact, it’s probably reasonable to say that’s the main reason people consider firewalls in the first
`place. The machine that bridges the outside world to the inside world and vice