Embedded Ethernet and Corporate LAN

We have an embedded system, that has a SMSC 91C111 Ethernet Chip, ARM Processor, and Windows CE 3.0. Our system works great when not exposed to a
"Corporate Ethernet" environment. When we put our system on a DSL line, it works great. We get massive buffer overflows on a typical LAN network. I have been looking for others who have embedded products, that have similar experiences. Does anyone develop embedded products, that go onto LAN environments? What did you do to reduce "House Keeping" signals (DHCP OFFERS, ARP REQUESTS, DNS, NETBIOS BROADCASTS)?
Sorry if this is the incorrect group for this question, but found it on embedded.com website.
Thank you
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Hi,
One thing to try is stick your board behind a firewall, and open then ports that you really need.
I work as a SCADA programmer and a customer tried to save abit of money by using the normal network for communications between the SCADA nodes and about 45 PLC's, the SCADA didn't have any problems with this but the PLC's did (very slow communications, lost packets etc). At night the communication worked fairly well (10-20 records per second/PLC), but during the day the transfer rate dropped to about 1 record per second/PLC.
We solved the problem in the end by using a "cheap" firewall that only allowed data through that was comming from the SCADA nodes. After this change we saw about 10 records per second/PLC during the day and night time.
If you only have one device to protect, you could use a NAT gateway or if the switch you are connected to is managable enable TCP/IP port filtering for the port where your device is connected
Regards Ian Dobson
Home of the Atmel based UDP mobile web cam controller http://www.planet-ian.com All mails scanned with av-filter.pl (F-Prot / perl)

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

ARM
products,
LAN
it
Ian,
Did you have to put a firewall at each node, or just at the SCADA end?
Thanks,
Joe
--
Mini ITX and other computer goodies:
www.brokenacres.rite2u.com
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
TECH_NEWS wrote:

This sounds like a typical networing issue. My feeling is that WinCE may be be a bit under designed. I haven't dealt with CE since version on, and certainly not with networking.
Take a look for hard coded MTU buffer sizes. It may be that packets on your network are bigger than the standard size. If so, Wince may not be dynamically allocting the correct size. Depending on the network implementation on wince, it may be a setting or something you'll need to recompile.
It may also be a buffer pool issue where packets are being recieved faster than they are handled thus depleating the buffer pool.
Good luck.
P.S. Have you looked at NetBSD? They have a good implementation for the ARM procs.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
TECH_NEWS wrote:

This sounds like a typical networing issue. My feeling is that WinCE may be be a bit under designed. I haven't dealt with CE since version on, and certainly not with networking.
Take a look for hard coded MTU buffer sizes. It may be that packets on your network are bigger than the standard size. If so, Wince may not be dynamically allocting the correct size. Depending on the network implementation on wince, it may be a setting or something you'll need to recompile.
It may also be a buffer pool issue where packets are being recieved faster than they are handled thus depleating the buffer pool.
Good luck.
P.S. Have you looked at NetBSD? They have a good implementation for the ARM procs
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
The Buffer pool issue seems to seems to be the problem We put a simple NAT router in front of our divice, thinking that will fix the problem...We did a packet trace, and found ARP, and NBNS (netbios) information. We use standard PORT 80 WEB traffic, to communicate to and from a web server.
Looking for a device that filters ARP, and NETBIOS traffic. WE use the Netgear RP614 and LINKSYS BEFSR41, with Multicast Filtering on. Is there additional packet filtering we need...and if so, what type of device should we use?
Thanks for everyone's help.
Eric

to
be
your
ARM
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
EFH77 wrote:

Not having wince, you may want to look around for built-in firewall software or increase the number of buffers, or both. I doubt that you could ever expose the device to an operating network and trust that it will be free of traffic.
You could put the device on its own network segment separated by any sort of router. 192.168.254.123 or something.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Hi Joe,
We installed a software firewall on the SCADA system and a NAT gateway between the PLC's and the rest of the network. The NAT router actually worked as a simple filter only letting packets for specific ports/ip addresses through.
The SCADA was configured to connect to the IP address of the router, with different ports, one each for the the PLC. The router was configured to forward each of the ports to different PLC's.
Open network PLC network SCADA------------NAT ROUTER-------PLC1 -------PLC2 -------PLC3 Regards Ian Dobson
Home of the Atmel based UDP mobile web cam http://www.planet-ian.com All mails scanned with av-filter.pl (F-Prot / perl)

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Polytechforum.com is a website by engineers for engineers. It is not affiliated with any of manufacturers or vendors discussed here. All logos and trade names are the property of their respective owners.