DankNanky

joined 1 year ago
[–] DankNanky@alien.top 1 points 1 year ago (1 children)

In my personal use, my OOB simply sit on a segmented VLAN that does not share any routing overlay or address space with my DC. It’s on a seperate VLAN to mitigate STP, DHCP overlap etc.

The use of OOB and iDRAC is to remotely administer your server/hypervisor should there be a problem (and sometimes also serves to help patch and firmware update kit). It doesn’t need to necessarily be internet facing, and I would discourage publicly exposing SSH to your hypervisor wherever possible.

In corporate environments, there are other methods to connect to the iDRAC (assuming all network isn’t down). You could use a VPN to connect to the corporate network, a jump box (via Azure Virtual Desktop or AWS Workspace) to name a few I’ve used.

https://docs.extrahop.com/9.4/configure-i-drac/

https://1gbits.com/blog/understanding-idrac-port/