1. Field of the Invention
The present invention is generally related to the configuration and management of network connected computer systems and, in particular, to a server appliance that is automatically network adaptive to an otherwise unknown connected network and, further, is configurable securely over the network without requiring prior local configuration of the server.
2. Description of the Related Art
Although network connectivity has grown substantially both in the number of connected users and the scope of information that is available through public and private networks, fundamental configuration and reconfiguration problem remain. That is, in conventional networking systems, significant initial and ongoing maintenance is required to manage the individual network connection of each computer system with a particular network. This is conventionally true, whether the computer system is in a small network environment or just one of hundreds or more servers in a data-center facility.
The management of individual network connections represents a significant cost to users, to network computer providers, and to the network service providers. Until a computer system is properly configured and attached to the network, remote diagnostics and other centrally administrable configuration tests cannot be run. Conversely, an incorrectly configured computer system can significantly impair if not halt the functioning of an otherwise normally operating network. Thus, where the computer system user is not immediately familiar with the network connectively initialization process or is uninterested in performing the process themselves, an on-site service technician is required to configure land initialize the network connection. Such one-on-one service, though. conventionally required, is both costly and time-inefficient.
Conventional computer communications networks in current public and private use are typically based on the transmission control protocol/internet protocol (TCP/IP) defined stack or a similarly stacked set of networking protocols. In general, above the physical transmission protocol layers in these conventional network stacks, each connected computer system is required to be uniquely identified for all data exchange transactions over the network. This requirement for uniqueness appears in different forms at different levels within the stocks. In conventional TCP/IP-based systems, a unique physical ethernet address is used to permanently identify each network interface card (NIC) adapter. These media access control (MAC) addresses are typically hard coded to the network adapter. Although some provision exists for soft-coding changes to the assigned MAC address of an adapter, the MAC address is conventionally considered as being fixed for a specific network adapter.
Conversely, the IP layer of a TCP/IP stack is soft-assigned an IP address that is at least intended to be unique. The IP address is either statically assigned through an initial configuration procedure performed locally to the computer system or dynamically assigned through the operation of a conventional pull-protocol, such as the dynamic host configuration protocol (DHCP). Since using a static IP assignment is incompatible with using DHCP, a computer system must be specifically pre-configured individually with either a static IP address or as a DHCP client before any meaningful interoperation with a connected network is possible.
A DHCP client relies on a remote DHCP server to dynamically provide a unique IP address to the client. The DHCP client utilizes the IP broadcast capabilities of the TCP/IP stack to discover the existence of any DHCP server on the locally connected network. A direct, or pull-type, request to a specific DHCP server is then made by the DHCP client. This request is for a unique and unqualified IP address. Some additional data, within the narrow confines of the DHCP protocol and to the extent preconfigured into the DHCP server, such as the IP address of a domain name server (DNS), may also be provided. Conventionally, the IP address and the additional data are dynamically stored and used without modification by the DHCP client system.
IP address ranges have been established to define different classes of networks. Network masks (netmasks) are used to further partition networks with the purpose of establishing identified local network segments. The IP stack conventionally supports a network routing table that identifies gateways on the local network segment that can be used as the nomitive destination for data packets intended for remote network segments. Gateway computer systems use this mechanism to screen out and ignore data packets intended for network segments different from their own or that comply with a route pre-established in the gateway routing table. This selectivity is required to prevent all of the gateway connected network segments from being flooded.
A direct consequence, however, is that a computer system must be installed with a static or DHCP provided dynamic IP address that is compatible with the directly connected network segment in order for the computer system to work within that network environment. If the IP address is not compatible, other locally connected computer systems will simply be unable to communicate with the incompatible network computer system.
Consequently, there is a clear need for some system and method of enabling a network computer system to be initially configured and subsequently reconfigured without requiring some on-site and site-specific configuration to be performed before the computer system can be connected to and managed from a network.
Thus, a general purpose of the present invention is to provide an efficient method and system for enabling the initial configuration and subsequent reconfiguration of a network connected computer system, such as a server appliance, to be performed remotely through the network.
This is achieved in the present invention by providing a server appliance capable of self-adaptively configuring to the operating parameters of a communications network to enable further remote configuration exclusively via the communications network. The server appliance includes a host computer system including a network interface controller and an operating system, executable by the host computer system, that is configurable by a defined set of network values for transmitting and receiving data packets through the network interface controller without network configuration conflicts. A control program, executable by the host computer system in conjunction with the operating system, determines, on initial start-up and specifically with respect to the communications network, an initial set of network values to configure the operating system. The control program is subsequently responsive to a first broadcast data packet containing network configuration parameters that are used to determine and apply a second set of network values to configure the operating system, which are then applied as the operating configuration of the operating system with respect to the network.
An advantage of the present invention is that, independent of the configuration of any other clients and servers connected to a network, a network server appliance can be initially connected to the network and immediately become configurable entirely through the network. No local terminal device, whether provided as a built-in display and keypad or connectable through a serial port, is required to enter any initial network configuration values.
Another advantage of the present invention is that server appliances and other network computer systems constructed to embody the present invention have significantly lowered direct and indirect costs. The initial self-configuration capability provided by the present invention removes the hardware cost of any integrated local terminal and port connectivity for a mobile terminal as well as the cost of providing on-site configuration support, whether through a technician visit or other technical support mechanisms.
A further advantage of the present invention is that the determination and configuration of all initial network settings can be established through the network connection. The network settings are not limited to DHCP managed values, which conventionally include only TCP/IP settings, but can include other network related settings to establish machine identity and security domain protections.
Still another advantage of the present invention is that reinitialization of the network settings may be performed anytime a conflict with any other client or server on the network is detected during the power-on initialization of the present invention. This allows systems implementing the present invention to be added and changed between existing networks without conflicting with the network settings of any other clients or servers connected to the network.
Yet another advantage of the present invention is that server appliances constructed according to the present invention are digitally serialized and, further, may be digitally signed, to ensure uniqueness of systems otherwise identically constructed. The digital signing of the serialization ensures that unauthorized construction of otherwise identical system is detectable.
Still another advantage of the present invention is that remote communications with a configuration client application are encrypted to limit exposure of the configuration information to examination and potential spoofing even though transmitted as part of broadcast data packets. An authentication mechanism may also be utilized to ensure that communications of network configuration parameters only occur between the configuration client application and network appliance.
A yet further advantage of the present invention is that, pending the acceptability of a network settings configuration by the configuration client application, static ARP routes may be installed by the server appliance and configuration client computer system to enable non-broadcast communications, thereby avoiding broadcast loading of the network, as well as security issue with the repeated broadcast of configuration information.