Gateway NAT use locking up OS
From: David Varley (David.Varley_at_cborn.com)
Date: 02/28/05
- Next message: Michael--J: "Configuring IPSec"
- Previous message: Dean Ramsier: "Re: Locking a dll -- dont allow loading"
- Next in thread: John Spaith [MS]: "Re: Gateway NAT use locking up OS"
- Reply: John Spaith [MS]: "Re: Gateway NAT use locking up OS"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 1 Mar 2005 09:49:31 +1100
I have a Kontron ThinkIO with Kontron CE 4.2 BSP (modified CEPC) Industrial
Controller, which has been working successfully for some time. The device
has 2 Ethernet ports, and I've added the gateway components (NAT, ICS, UPNP
+ IGD, firewall, DHCP allocator, etc). the private interface is set up as
192.168.0.1, and on that side is a Rockwell L34 PLC, statically assigned at
192.168.0.2. I've configured port forwarding, so that from the public
interface port 8080 TCP forwards to internal 192.168.0.2:80, also the
EthernetIP port 44818 (TCP and UCP) are forwarded to the internal PLC.
This works, such that when I point my external web browser at port 8080 on
the public interface (DHCP allocated at 192.168.221.58), it brings up the
startup page of the PLC's http interface. However thats all I see, the CE OS
immediately locks up. I don't get ant diagnostic debug messages on the
serial port, and don't know what's happening. The lockup also happens when I
connect a laptop to the hub on the private side. It get DHCP allocation, and
I can ping devices on the public side (NAT translation works), but if I
tracert I get 3 hits on the CE interface (192.168.0.1), then one from the
device on the public side (eg 192.168.221.4) and then CE locks up again.
I suspect something in NAT if forwarding to itself in a tight loop, but I
can't diagnose with the debugger, as the BSP doesn't support KITL over
serial, or VMINI with the two Ethernet interfaces in use, as far as I can
ascertain.
Does anyone have any suggestions here, have I missed something?
One other clue, early on in bootup the CE box actually sends two DHCP
packets (the second an offer) with a source address of 192.168.0.1 out over
the 192.168.221.58 public interface, which should never happen...
Thanks for any assistance,
David
- Next message: Michael--J: "Configuring IPSec"
- Previous message: Dean Ramsier: "Re: Locking a dll -- dont allow loading"
- Next in thread: John Spaith [MS]: "Re: Gateway NAT use locking up OS"
- Reply: John Spaith [MS]: "Re: Gateway NAT use locking up OS"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
|
