I've set up a closed subnetwork for interfacing the vacuum hardware (Acromags and serial devices) with the new controls machine (c1vac; 192.168.113.72). The controls machine has two Ethernet interfaces, one which faces outward into the martian network and another which faces the internal subnetwork, 192.168.114.xxx. The second network interface was configured via the following procedure.
1. Add the following lines to /etc/network/interfaces:
allow-hotplug eth1
iface eth1 inet static
address 192.168.114.9
netmask 255.255.255.0
2. Restart the networking services:
$sudo /etc/init.d/networking restart
3. Enable DNS lookup on the martian network by adding the following lines to /etc/resolv.conf:
search martian
nameserver 192.168.113.104
4. Enable IP forwarding from eth1 to eth0:
$sudo echo 1 > /proc/sys/net/ipv4/ip_forward
5. Configure IP tables to allow outgoing connections, while keeping the LAN invisible from outside the gateway (c1vac):
$sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
$sudo iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
$sudo iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
6. Finally, because the EPICS 3.14 server binds to all network interfaces, client applications running on c1vac now see two instances of the EPICS server---one at the outward-facing address and one at the LAN address. To resolve this ambiguity, two additional enviroment variables must be set that specify to local clients which server address to use. Add the following lines to /home/controls/.bashrc:
EPICS_CA_AUTO_ADDR_LIST=NO
EPICS_CA_ADDR_LIST=192.168.113.72
A list of IP addresses so far assigned on the subnetwork follows.
| Device |
IP Address |
| Acromag XT1111a |
192.168.114.1 |
| Acromag XT1111b |
192.168.114.2 |
| Acromag XT1111c |
192.168.114.3 |
| Acromag XT1111d |
192.168.114.4 |
| Acromag XT1111e |
192.168.114.5 |
| Acromag XT1121a |
192.168.114.6 |
| Acromag XT1121b |
192.168.114.7 |
| Perle IOLAN SDS16 |
192.168.114.8 |
| c1vac |
192.168.114.9 |
|