g+
g+ Communities
Argonne National Laboratory

Experimental Physics and
Industrial Control System

1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  <20122013  2014  Index 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  <20122013  2014 
<== Date ==> <== Thread ==>

Subject: Re: Question on configuring soft IOC server ports
From: "Kasemir, Kay" <kasemirk@ornl.gov>
To: Ralph Lange <Ralph.Lange@gmx.de>, Mark Rivers <rivers@cars.uchicago.edu>
Cc: "tech-talk@aps.anl.gov" <tech-talk@aps.anl.gov>
Date: Mon, 17 Sep 2012 09:30:01 -0400
Hi:

>On 14.09.2012 23:41, Mark Rivers wrote:
>> Hi Ralph,
>>
>> Thanks for the reply.
>>
>>> That way you do not need to set
>>> EPICS_CA_ADDR_LIST for all your other IOCs inside the beamline network
>>> (to have them see all the non-standard soft IOCs).
>> I'm not sure I understand that comment.  Why would my IOCs on the
>>beamline network have a problem seeing the non-standard soft IOCs?  The
>>other IOCs are just channel access clients with respect to the soft
>>IOCs, and channel access clients on the beamline network have no problem
>>connecting to the soft IOCs.  They just do a broadcast on the network
>>and they find all IOCs, including soft IOCs with non-standard ports.

For what it's worth, you do indeed need broadcasts.
Our situation was: On some server, we run multiple soft IOCs, and we want
to see them all.

First IOC grabs UDP and TCP 5064. Clients search via broadcast to UDP port
5064 -> Fine.

Second IOC also binds to UDP 5064 but has to pick some other TCP port. As
long as clients broadcast to UDP port 5064, they'll find channels on the
IOC, which then replies: Talk to me on TCP <whatever> -> Fine.

Problems started when we added a firewall.

Put IOCs on known TCP ports so that you can open those via the firewall.
That means you set the TCP _and_ the UDP port. So the address list now
becomes "ip-of-ioc1:port-of-ioc1 ip-of-ioc2:port-of-ioc2 ..". Not
practical. Need to restart all clients when IOCs are added/removed.
--> Need a CA gateway, so address list is just
"ip-of-gateway:port-of-gateway".

Now how can the CA gateway find all IOCs? We have the CA gateway running
on the same host as the IOCs, so you'd think simply "localhost" would
work, but it doesn't. If all your IOCs are running on some host, and they
all use UDP 5064 to listen to name searches, putting "ip-of-that-host"
into  your CA gateway address list will typically only reach the IOC that
was started last. To reach them all, you need to use a broadcast address.
That's a quirk in most network kernels; can only reach multiple programs
that bound to a UDP port when sending a broadcast to that port. This has
caused firewall issues for us: Want to stop broadcasts at the firewall,
but need to use broadcasts within the same host for the gateway on there
to reach the IOCs on there.
It works fine when your IOC server is on two networks: A "local" net for
the IOCs, where you allow broadcasts. And a "public" net for the rest. The
CA gateway serves to the public net, and uses broadcasts on the local net
to locate the IOCs.

Thanks,
-Kay 



References:
Re: Question on configuring soft IOC server ports Ralph Lange

Navigate by Date:
Prev: Re: How to profile an EPICS application on Linux John A. Priller
Next: Re: waveform changes using subArray Hinko Kocevar
Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  <20122013  2014 
Navigate by Thread:
Prev: Re: Question on configuring soft IOC server ports Ralph Lange
Next: Re: Question on configuring soft IOC server ports Andrew Johnson
Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  <20122013  2014 
ANJ, 18 Nov 2013 Valid HTML 4.01! · Home · News · About · Base · Modules · Extensions · Distributions · Download ·
· EPICSv4 · IRMIS · Talk · Bugs · Documents · Links · Licensing ·