EPICS Home EPICS Controls Argonne National Laboratory

Experimental Physics and
Industrial Control System

Format page
for printing


Search Tech-talk
1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  <20212022  2023  2024  Index 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  <20212022  2023  2024 
<== Date ==> <== Thread ==>
Subject: Re: IOC in Docker not responding to caget from another host
From: "Paduan Donadio, Marcio via Tech-talk" <tech-talk at aps.anl.gov>
To: Lucas Russo <lerwys at gmail.com>
Cc: EPICS tech-talk <tech-talk at aps.anl.gov>
Date: Thu, 28 Oct 2021 22:59:18 +0000

Hi, Lucas.

 

I’ve removed the server IP and server name from my paste below but thrust me they are right.

 

This is what I have here:

 

$ ifconfig eno1

eno1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500

        inet <server IP>  netmask 255.255.252.0  broadcast 134.79.219.255

(…)

 

$ sudo iptables -L -t nat

Chain PREROUTING (policy ACCEPT)

target     prot opt source               destination

DOCKER     all  --  anywhere             anywhere             ADDRTYPE match dst-type LOCAL

DNAT       udp  --  anywhere             <server name>  udp dpt:5064 to:134.79.219.255

 

Seems identical to your case. With tcpdump listening to traffic on port 5064 what do you see? Do you see the external packets reaching the host and then being broadcast following the iptables rule?

 

Did you try to run an EPICS client locally before using caget outside the host?

 

Thank you,

 

Márcio

 

From: Lucas Russo <lerwys at gmail.com>
Date: Thursday, October 28, 2021 at 5:59 AM
To: "Paduan Donadio, Marcio" <marcio at slac.stanford.edu>
Cc: EPICS tech-talk <tech-talk at aps.anl.gov>
Subject: Re: IOC in Docker not responding to caget from another host

 

Hi Marcio,

 

One suggestion I have is checking if the iptables rules are indeed applied.

 

I have the following in my test machine:

 

lerwys@lerwys-dig:~$ sudo iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination        
DOCKER     all  --  anywhere             anywhere             ADDRTYPE match dst-type LOCAL
DNAT       udp  --  anywhere             lerwys-dig           udp dpt:5064 to:172.17.255.255

 

172.17.0.1/16 is my docker network

 

Regards,

 

Lucas

 

On Thu, Oct 28, 2021 at 3:56 AM Florian Feldbauer via Tech-talk <tech-talk at aps.anl.gov> wrote:

Hey Marcio,

 

one think that comes to my mind: If you run the IOCs in containers with network mode host there might be multiple caRepeaters now listening on the same IP address and ports as each IOC might start its own caRepeater within its container.

 

If you start multiple IOC on the same host without containers there will be only one instance of the caRepeater process.

 

I'm not sure if this might cause your problem.

 

Best regards,
Florian

 

On 10/28/21 4:54 AM, Paduan Donadio, Marcio via Tech-talk wrote:

This is the scenario:

 

In HostA I have one container running an IOC and another container with caget/caput installed. Both containers have these env variables defined:

 

EPICS_CA_ADDR_LIST=127.255.255.255

EPICS_CA_REPEATER_PORT=5065

EPICS_CA_SERVER_PORT=5064

 

I can caget in one container and receive data from the IOC. When both are in the same host it works well. With tcpdump I can see the traffic between the two containers, using localhost to communicate.

 

The containers are running with network host mode.

 

Now I want to run caget in HostB that is in a different network. In HostB I've defined:

 

EPICS_CA_ADDR_LIST=134.79.219.255

EPICS_CA_REPEATER_PORT=5065
EPICS_CA_SERVER_PORT=5064

 

With tcpdump in HostA, I can see that 5 caget requests arrive from HostB to HostA, but the IOC doesn't seem to be aware of the packages. I understand that the IOC responds to broadcast requests coming from any of the interfaces by default. Is that right?

 


Any clues? If you need more data, I'm happy to add them to this thread.

 

Thank you,

 

Márcio Paduan Donadio | Control Systems Engineer

Advanced Control Systems Department

SLAC National Accelerator Laboratory | Menlo Park, CA

p: 650.926.5007 | w: slac.stanford.edu

 
-- 
Ruhr-Universität Bochum
AG der Experimentalphysik I
Dr. Florian Feldbauer
NB 2/131 / Fach 125
Universitätsstr. 150
D-44801 Bochum
 
Office: NB 2/134
Phone:  (+49)234 / 32-23563
Fax:    (+49)234 / 32-14170
https://paluma.ruhr-uni-bochum.de
Replies:
Re: IOC in Docker not responding to caget from another host Hu, Yong via Tech-talk
Re: IOC in Docker not responding to caget from another host Michael Davidsaver via Tech-talk
References:
IOC in Docker not responding to caget from another host Paduan Donadio, Marcio via Tech-talk
Re: IOC in Docker not responding to caget from another host Florian Feldbauer via Tech-talk
Re: IOC in Docker not responding to caget from another host Lucas Russo via Tech-talk
Navigate by Date:
Prev: Re: IOC in Docker not responding to caget from another host Paduan Donadio, Marcio via Tech-talk
Next: Re: IOC in Docker not responding to caget from another host Hu, Yong via Tech-talk
Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  <20212022  2023  2024 
Navigate by Thread:
Prev: Re: IOC in Docker not responding to caget from another host Lucas Russo via Tech-talk
Next: Re: IOC in Docker not responding to caget from another host Hu, Yong via Tech-talk
Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  <20212022  2023  2024 
ANJ, 28 Oct 2021 Valid HTML 4.01! · Home · News · About · Base · Modules · Extensions · Distributions · Download ·
· Search · EPICS V4 · IRMIS · Talk · Bugs · Documents · Links · Licensing ·