Experimental Physics and
Industrial Control System

Made some headway, seems like my understanding works.  I was able to open multiple shells and export variables so that the IOC would get server port 5064, the ca gateway would get 5068 for server and 5064 for client and then my caget would use 5068 for CA requests.  I would like to keep my IOCs using 5064 as the default UDP port.  Is there a way then to make the ca gateway use specific env variables similar to how the IOC has envSet in the iocboot?  I wasn’t sure if I could do something like CONFIG_ENV with ca gateway.  I am planning with Phoebus to use the ini file to specify the port to use.

 

 

Just to clarify some, how do you handle when you set CAS_SERVER_PORT to something different than CA_SERVER_PORT on the same machine when using CA-GATEWAY.

 

When I set CAS_SERVER_PORT=5068 for example, the gateway server binds to it but also all IOCs will bind to this server port.  Which seems like any client will try to  talk to both the gateway and the IOCs if I set CA_SERVER_PORT to say 5068.  If I change it to 5064 they wont communicate properly, since the IOCs will be bound to 5068.

 

Is there a way to make sure that the IOCs all bind to say 5064 and the ca gateway binds to 5068? This seems more simple if I have clients coming from a different subnet and use the gateway to jump the subnet since port 5064 can be used but with different IPs on the gateway setup. But feels like I am missing something when I try to do it on the same machine.  If I am misunderstanding how the networking works any clarification would be helpful. 

 

Thanks

Adam

 

 

Hey All,

 

I am trying to make sure I understand how the CA Gateway networking setup works for running all pieces on the same PC(VM).  Below is my ENV variables list that I setup, I am just using the basic access list and pv list examples (although I did have a question about the access/pvlist)

 

export EPICS_CA_AUTO_ADDR_LIST=NO

export EPICS_CA_ADDR_LIST=localhost

export EPICS_CA_MAX_ARRAY_BYTES=800000

export EPICS_CAS_INTF_ADDR_LIST=localhost

export EPICS_CA_SERVER_PORT=5064

export EPICS_CAS_SERVER_PORT=5065

 

My understanding is that the CAS port is listening for requests from a client (in this case Phoebus).  I also am running Ralphs script to handle multiple IOCs on the same PC so UDP packets sent to 5064 are being echoed out on all ports (I think I need to block whichever port the CAS Server Port in this NAT Rule to stop looping).  Below is how I think the setup is supposed to work but I am unsure as I havnt been successful yet.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Access/PV List files question: 

 

I am using the example files and for the access file the DEFAULT is where all requests go that aren’t listed as UAG or HAG?

 

ASG(DEFAULT) {

   RULE(1,READ)

}

 

For the Pvlist, the first 3 regex is this covering any PV name basically?  Does the next regex like Beam:.* then subset out from All to only Allowing the Beam 1 user to access these particular ones?

 

EVALUATION ORDER ALLOW, DENY

 

[0-9].*          ALLOW

[a-z].*          ALLOW

[A-Z].*          ALLOW

 

Beam:.*          ALLOW Beam 1

PS.*             ALLOW PowerSupply 1

gateway:.*Flag   ALLOW GatewayAdmin

test.*           DENY

ps\([0-9]\)      ALIAS PSCurrent\1.ai PowerSupply 1