ibdiagnet InfiniBand Fabric Diagnostic Tool User Manual v2.21
NVIDIA Docs Hub  NVIDIA Networking  Networking Software  Management Software  ibdiagnet InfiniBand Fabric Diagnostic Tool User Manual v2.21  Security Keys

On This Page

Security Keys

Security Keys

When any security keys should be used with ibdiagnet, it can use option security keys to provide path to all security files that should be used:

Parameter

Description

--security_keys <path to key file>

Specifies the path to the directory with the key files.

(guid2lid, guid2mkey, neighbors, guid2vskey, guid2cckey, guid2_m2n_key, guid2pmkey).

File names

Type

File names

Management Key (MKEY)

guid2lid

guid2mkey

neighbors

guid2vskey

VendorSpecific Key (VS Key)

guid2vskey

CongestionControl Key (CC Key)

guid2cckey

Manager2Node Key (M2N Key)

guid2_m2n_key

Performance Management Key (VS Key)

guid2pmkey


Management Key (MKEY)

When MKEY protection is enabled by the Subnet Manager on the fabric devices, the following command options should be used in ibdiagnet:

Parameter

Description

--m_key <m_key>

Specifies constant MKey for the fabric. The MKey value should be specified when a single MKEY is shared by all InfiniBand devices.

The mkey value can be obtained from the opensm.conf file (m_key parameter).

Example of guid2mkey/guid2cckey/guid2vskey file:

0x0002c9000000001e 0x0000000000000111

0x0002c9000000002a 0x0000000000000222

0x0002c90000000026 0x0000000000000333

0x0002c90000000006 0x0000000000000444

Example of guid2lid file:

0x0002c9000000004b 0x0027 0x0027

0x0002c9000000002a 0x001a 0x001b

0x0002c90000000006 0x0004 0x0005

0x0002c90000000047 0x000e 0x000e

Example of neighbours file:

0x0002c9000000004d:4 0x0002c9000000000e:1

0x0002c9000000004b:1 0x0002c9000000002e:1

0x0002c90000000049:2 0x0002c90000000022:1

0x0002c90000000006:1 0x0002c9000000004d:2

Example:

ibdiagnet --mkey 0x00ff

ibdiagnet --security_keys /var/cache/opensm/

ibdiagnet --security_keys /tmp/opensm_mkey_files/

VendorSpecific Key (VS Key)

When VendorSpecific keys are generated and provisioned by the Subnet Manager, VendorSpecific keys should be sent in VendorSpecific MADs per endport.

Parameter

Description

--vs_key <vs_key>

Specifies constant vs_key.

VendorSpecific Key parameter value format: 0x<hex_value>

Example of guid2vskey FILE:

0x0000000000000111 0x0000000000000001

0x0000000000000222 0x2

0x0000000000000333 0x0000000003

0x0000000000000444 0x0000000000000004

Example:

ibdiagnet --vs_key 0x0000000000000123

ibdiagnet --vs_key 0x123

CongestionControl Key (CC Key)

When CongestionControl keys are generated and provisioned by the Subnet Manager, CongestionControl keys should be sent in CongestionControl (CC) MADs perend port.

Parameter

Description

--cc_key <cc_key>

Specifies constant cc_key.

CC Key parameter value format: 0x<hex_value>

Example of guid2cckey FILE:

0x0000000000000111 0x0000000000000001

0x0000000000000222 0x2

0x0000000000000333 0x0000000003

0x0000000000000444 0x0000000000000004

Example:

ibdiagnet --cc_key 0x0000000000000123

ibdiagnet --cc_key 0x123

Manager2Node Key (M2N Key)

When Manager2Node keys are generated and provisioned by the Subnet Manager, Manager2Node keys should be sent in M2N (pFRN) MADs per node.

Parameter

Description

--m2n_key <m2n_key>

Specifies constant m2n_key for the fabric.

M2N Key parameter value format: 0x<hex_value>

Example of guid2_m2n_key FILE:

0x0000000000000111 0x0000000000000001

0x0000000000000222 0x2

0x0000000000000333 0x0000000003

0x0000000000000444 0x0000000000000004

Examples:

ibdiagnet --m2n_key 0x0000000000000123

ibdiagnet --m2n_key 0x123

Performance Management Key (VS Key)

When PerformanceManagement keys are generated and provisioned by the Subnet Manager, PerformanceManagement keys should be sent in PerformanceManagement MADs per endport.

Parameter

Description

--pm_key <vs_key>

Specifies constant pm_key.

PerformanceManagement Key parameter value format: 0x<hex_value>

--pm_key_file <path_to_pm_key_file>

Specifies the path to pm_key_file: guid2pm_key.

The guid2pm_key file includes pair of values GUID and key in the following format:

0x<guid_hex_value> 0x<pm_key_hex_value>

(Deprecated, see --security_keys).

Example of guid2pmkey FILE:

0x0000000000000111 0x0000000000000001

0x0000000000000222 0x2

0x0000000000000333 0x0000000003

0x0000000000000444 0x0000000000000004

Example:

ibdiagnet --vs_key 0x0000000000000123

ibdiagnet --vs_key 0x123

Aggregation Management Key (AMKey)

Aggregation Management Key (AM key) is sent in SHARP Management MADs to the Aggregation nodes. (default 0). Aggregation management key is configured in SHARP Aggregation Manager configuration file.

Parameter

Description

--am_key <am_key>

Specifies constant am_key.

AM Key parameter value format: 0x<hex_value>

--am_key_file <path_to_am_key_file>

Specifies the path to am_key_file: guid2am_key.

The guid2am_key file includes pair of values GUID and key in the following format:

0x<guid_hex_value> 0x<am_key_hex_value>

Example of guid2amkey file:

0x0000000000000111 0x0000000000000001

0x0000000000000222 0x2

0x0000000000000333 0x0000000003

0x0000000000000444 0x0000000000000004

Example:

ibdiagnet --am_key 0x0000000000000123

ibdiagnet --am_key 0x123

ibdiagnet --am_key_file /tmp/guid2am_key

ibdiagnet --am_key_file /tmp/am_keys
© Copyright 2025, NVIDIA. Last updated on Feb 10, 2025.
content here