NIC Mode Installation
The following sections detail the procedure for installing BlueField software when the BlueField networking platform (DPU or SuperNIC) is running in NIC mode.
NIC mode is the default mode for BlueField SuperNICs, while BlueField DPUs are shipped with DPU mode as their default. To switch between the modes, see NVIDIA BlueField Modes of Operation. To check which mode your BlueField is currently running:
Using RedFish on the 1GbE interface, refer to NVIDIA BlueField BMC Software Documentation
From the host server, refer to "Enabling NIC Mode on BlueField-3 from Linux"
From the host server's UEFI BIOS menu, refer to "Configuring NIC Mode on BlueField-3 from Host BIOS HII UEFI Menu"
In the out-of-box state of the BlueField the host is assumed to be trusted. Later in this procedure, after performing BFB Bundle update, a step is provided to disable the host RShim which the user may perform to protect the BlueField from potential security threats from the host.
Upgrade the BlueField firmware components (i.e., ATF, UEFI, NIC-firmware, BlueField BMC firmware) and the BSP using the BFB image.
Make sure to download the latest bf-fwbundle image (BFB file) available from the DOCA-Host and BlueField Bundle Runtime Downloads.
This can be performed using one of the following methods:
From the host x86, which should be considered as trusted during this maintenance window, follow the installation procedure here.
If a DPU BMC connected to the ToR switch over 1GbE is available, follow the installation procedure here.
To change the UEFI password, add the current UEFI password under parameter UEFI_PASSWORD and define the new UEFI password under NEW_UEFI_PASSWORD inside the bf.cfg configuration file.
To change the BMC root password, add the current BMC root password under parameter BMC_PASSWORD and define the new BMC root password under NEW_BMC_PASSWORD inside the bf.cfg configuration file.
Unless it is explicitly desired for the host to be trusted, make sure to disable the host RShim to protect the BlueField from potential security threats from the host by running the following NC-SI command from the host BMC:
Set RShim State Command Format
Byte/Bit |
31:24 |
23:16 |
15:8 |
7:0 |
0...15 |
NC-SI Header (OEM Command) |
|||
16:19 |
NVIDIA Manufacture ID (IANA) = 0x8119 |
|||
20:23 |
Command rev=0x00 |
MLNX Cmd ID= 0x12 |
Parameter=0x1B |
Reserved |
24:27 |
Reserved |
Host_RT_Access_State |
||
28:31 |
Checksum 31:0 |
Set RShim State Command Parameters
Field |
Bytes |
Offset in NC-SI Command |
Description |
Host_RT_Access_State |
1 |
27 |
RShim state:
|