Get the lowest-cost and the best server colocation service in the business. Learn more.
Information Technology News.

HP warns customers of defective firmware on its G2 to G7 series servers

Share on Twitter.

Install your server in Sun Hosting's modern colocation center in Montreal. Get all the details by clicking here.

Do it right this time. Click here and we will take good care of you!

Click here to order our special clearance dedicated servers.

Get the most reliable SMTP service for your business. You wished you got it sooner!

April 25, 2014

Earlier today, HP has warned its customers that one of its firmware updates can accidentally crash the network interface cards (NICs) in 100 Series ProLiant Server models. The Service Pack for ProLiant 2014.02.0 can potentially kill HP Broadcom-based network adapters in G2 to G7 series servers, HP said.

A machine relying on a dead NIC is not much use at all and may very well require a motherboard swap to fix if the slain silicon is a built-in component. The affected adapters range from PCIe cards to integrated controllers.

HP's online support centre admitted that applying the firmware upgrade on some vulnerable systems could have a disastrous effect, rendering the server useless in communicating with the outside world.

"On certain HP ProLiant servers, certain HP Broadcom-based network adapters listed may become non-operational when they are updated with the Comprehensive Configuration Management firmware Version 7.8.21 using our firmware smart component, HP Smart Update Manager or the HP Service Pack for ProLiant 2014.2.0," HP warned.

It also added that, in extreme cases, such a network adapter may require a hardware replacement to fully recover the NIC.

System admins who download and install the patch on a vulnerable machine will shortly discover that the server cannot detect its own network adapter, which will be an issue to fix correctly, especially when trying to subsequently load in the replacement firmware.

For some admins, the warning HP tacked onto the service pack's web page came too late in the day-- the firmware was released on April 18, giving unsuspecting IT departments plenty of time to crash the affected servers.

Richard Brain, technical director at security firm ProCheckup says that he was advised by HP to swap out a bug-hit motherboard-- the network adapter is embedded on it, but this was not a cheap nor a quick solution to the problem.

"To replace a server motherboard in a G2 to G7 series Proliant machine takes the best part of half a day," he said, pointing out the fans, the fan tray, the drives and drive bays, power controllers, PCIe cards, CPUs, and memory, and so on must be removed.

An HP spokeswoman told us that upon becoming aware of the issue, "HP removed the components causing the failure", but didn't give any technical details of the screwup.

She said that customers that completed the firmware update on the at-risk systems should contact HP for remediation as "in this case the components causing the failure many need to be removed".

"HP expects that, due to the nature of the issue, some customers could experience this problem," she said, adding that it is confident the response team handles problems quickly and efficiently.

HP added that it's still trying to work out how many customers are at risk with this problem, and will issue an update by April 30.

In other IT news

AuDA wants to introduce DNSSEC into the Australian domain name space, signing the .au domain in its production environment as the first step in a 4-month testing program.

.au Domain Administration Ltd (auDA) is the governing authority and industry self-regulatory body for the .au domain segment in Australia.

DNSSEC has been possible for years, but has been held back by industry inertia. Under DNSSEC, a DNS (domain name system) record is signed, allowing resolvers to authenticate the relationship between domain names and IP addresses where they are hosted.

But the slowly evolving rollout has gathered some small momentum in response to the increasing use of DNS as an attack vector (for example, via redirections).

In 2013, Google began validating DNSSEC records in its public DNS resolvers. The issue for the typical system admin is that DNSSEC is needed all the way up the chain, from their own site back to the root zone, meaning that the AuDA rollout is a vital step in the deployment of the protocol for .au domains.

AuDA explains that it has taken a cautious approach over the last 1 1/2 year because the protocol introduces a new level of risk for registry operators. DNSSEC requires the inclusion of cryptographic keys in the DNS and at times frequent editing of a zone file. This level of interaction and the complexity of cryptographic keys largely increase the risk of error during a zone change or update.

A DNS error made to a signed zone can cause a zone to appear offline or bogus to validating resolvers, the organisation writes.

Right now, the body says, the signed .au zone is simply experimental. Over the next four months, the group plans to use the signed domain to finish testing its own processes for supporting signed domains, including production load tests, testing signing events, and helping second-level domain owners add their own signed records into the .au zone.

The plan is that on August 28, 2014, AuDA will submit its record to IANA, and DNSSEC will then be available for .au domain owners.

In other IT news

The OpenPOWER Consortium was formed by IBM a year ago, at a time when Big Blue and other IT companies were seeing their hardware divisions cut down by a serious drop in spending from enterprise clients.

The drop in sales was also attributed to low-cost servers that could still be customized by low-cost manufacturers in Asia.

Also, Intel's x86 architecture continued to dominate the market in both typical servers and high-performance computing, putting alternate architecture providers like Oracle, IBM and, to a lesser extent HP, in a very tough position.

So the question is, how should IBM keep its POWER chips alive and guarantee them a larger market in a changing world? Big Blue's answer to this weird situation was OpenPOWER, which seeks to do for its chip architecture what British company ARM's licensing model did for its eponymous chips, causing them to become the fundamental technology to the vast majority of the world's phones and tablets.

IBM is seeking with OpenPOWER to do to 'hyperscale' servers what ARM did to phones, and in doing so create itself a huge stream of low-margin revenue that it can rely upon in years to come.

And although no one has said it so far, a helpful side effect is that this may cut down Intel's large business in huge data centers.

IBM's hope is that by licensing the innards of its POWER chips to companies like Google, Canonical, Nvidia, Tyan and Suzhou PowerCore Technology, it may be able to create new markets for the chip beyond Big Blue's traditional mainframes and high-end enterprise systems.

The OpenPOWER Consortium is, in many ways, where the guerrilla development approach of open source meets the expensive, complex world of chip hardware.

IBM and its partners are betting that the architecture is good enough to meet their expectations. Giving the enthusiastic mood that existed throughout the press conference, it was only natural that Intel would point out some of the possible drawbacks of the technology.

"The OpenPOWER Foundation may hope to someday create an open solution, but it also faces a complex multi-year effort to establish an ecosystem around the design, manufacturing and software," an Intel spokesperson said.

"Most data centers today run on Intel and we are not slowing down. Businesses recognize the value and there is a large and growing x86 ecosystem (established over many years) that isn't going away. Creating an ecosystem is not an easy feat and could take several years and a significant investment of time and money in porting architectures," he added.

By comparison, Intel competitor ARM was much more upbeat about the whole matter. "Across the server market, even within non-volume servers, users are ready to move beyond the 'one size fits all' approach for servers and OpenPOWER is further validation of this as well as the ARM business model," an ARM spokesperson said.

"Server customers are demanding choice and differentiation which is why ARM and its partners are already well underway with our work to move the volume server market beyond the limitations associated with a proprietary architecture."

With OpenPOWER's 26 partners ranging from equipment makers to rich potential customers like Google, the scheme has a chance of working. Maybe ARM has a new potential partner in its plan to pull Intel's chips out of the biggest data centers? We shall see.

Source: Hewlett-Packard.

Get the most dependable SMTP server for your company. You will congratulate yourself!

Share on Twitter.

Need to know more about the cloud? Sign up for your free Cloud Hosting White Paper.

IT News Archives | Site Search | Advertise on IT Direction | Contact | Home

All logos, trade marks or service marks on this site are the property of their respective owners.

Sponsored by Sure Mail™, Avantex and
by Montreal Server Colocation.

       © IT Direction. All rights reserved.