Demystifying Serial Tunneling

Post your example source code and application notes to share with others
Post Reply
acal
Posts: 2
Joined: Fri Aug 25, 2017 1:32 am

Demystifying Serial Tunneling

Post by acal »

##From August 2017 Newsletter - See this post on webpage here ##
Sign-up for our monthly newsletter here**

In this article, we’ll explain Serial Tunneling and how this powerful capability uses Ethernet to connect two or more separated serial end-points. We’ll also introduce you to our products that are designed to easily deliver this capability and get you burnin’ some proverbial rubber with minimal effort.

Suppose you find that you have a serial CCTV camera installed above a cash register that used to be controlled and recorded from a unit with a mating COM port in a control room 50-feet away. However, your organization’s operations have recently changed and that control room has just moved to a new facility on the other side of the continent. You may think you’re in a pickle but with Serial Tunneling, you’re sound.

A serial tunnel enables two or more serial devices or serial end-points to communicate over a network or internet connection to bi-directionally transfer serial data. The serial end-points can be in the same building or a LAN, or even in different countries connected through the internet. Specialized Serial-to-Ethernet (S2E) servers interface with the serial end-points and provide a transparent Ethernet protocol “wrapper” about the serial data stream. Data can then be transferred to and from the S2E servers’ Ethernet ports. Serial tunneling typically uses TCP, but UDP is also supported. Even better -- SSL/TLS encryption is also supported when using TCP. This added security can be especially important when your serial tunnel includes a POS credit card reader or something of that sort.

When using a NetBurner S2E server, the respective end-point devices do not need to “know” anything about the tunnel or use a special tunneling protocol. The serial tunnel will be completely transparent to them as they humbly continue to use standard serial communications protocols. So, in other words, there is no reconfiguration of your serial device as the native RS-232, RS-422 and RS-485 protocols are all supported. Additionally, the NetBurner NANO54415 and SB70LC also supports I2C.

Image
Figure 1: A conceptual diagram of how serial tunneling works using NetBurner Serial to Ethernet Servers and Devices.

Turnkey Serial Tunneling is a capability offered by the NetBurner platforms listed below:

* CB34EX
* NANO54415
* PK70EX-232
* PK70EX-485
* PK70EX-MMS
* SB70LC
* SB700EX
* SB800EX

The SBL2e based Serial-to-Ethernet server can also provide serial tunneling but the default factory application running on the devices is slightly different and requires additional configuration. Find those details here.

### Additional Features

NetBurner Serial-to-Ethernet Server devices offer Serial Tunneling, but that’s only one of many excellent features. Checkout our detailed S2E product comparison table to see a full list of features and peripherals. Here’s just a few highlights:

* UDP for serial transfers instead of TCP
* Custom serial baud rates
* Password management
* HTTPS
* SSH Server
* Certificate management
* Embedded Processing and RTOS
* Analog and Digital I/O
* Flash and microSD Card support

### Device Configuration Overview

As mentioned earlier serial tunneling typically uses TCP, but UDP is also supported. SSL/TLS encryption is also supported when using TCP.

When using TCP, the Serial-to-Ethernet application can be configured to act as a TCP Server or a TCP Client. A serial tunnel requires one of each.

* TCP Server mode (default): The S2E will wait for an incoming TCP connection. Once a connection has been made, serial and network data can flow in both directions.
* TCP Client mode: The S2E creates an outgoing TCP connection to a TCP server. The connection can be established at power-up, which keeps a TCP connection active at all times. Or, a TCP connection can be made only when serial data is available (i.e. serial data is received by the S2E serial port).

To enable serial tunneling we’ll need to do the following and will walk you through the process in the section below:

* Configure one S2E as a Server, and the other as a Client. An analogy would be a telephone call in which one device (the Client) needs to “call” the other device who is listening for the call (the Server).
* Specify the device name or IP Address of the Server in the Client configuration.

### TCP Server Configuration for Incoming Connections

The TCP Server is the first of the two devices that must be configured. Use your web browser to access the web server of the S2E device that will be the Server. If the IP address is not known, run the NetBurner IPSetup utility to determine the IP address and type the IP address into the URL field of your web browser, or click on the IPSetup Launch Webpage button. In this example, we will use serial Port 1 as the data port, and leave serial Port 0 as the debug/status port.

### TCP Server Network Device IP Settings

The first section of the S2E server’s hosted webpage specifies the settings for the device’s IP address, mask, gateway and DNS server. The S2E TCP Client must always know the IP address of the S2E TCP Server (this device), so the “Address Mode” must be set to “Static IP”, and the corresponding values for the IP address, mask, gateway and DNS server have been entered. These values can also be entered using the IPSetup utility. When connecting through the internet, rather than LAN, it is important to make sure that you can provide the S2E server with a static IP address. Please check with your ISP if you are unsure.

Image
Figure 2: Configuring the Server device. Must enable Static IP Address Mode and assign Static Settings.

### TCP Configuration Web Page

Configuration for both devices, the TCP server and client, is done through the TCP configuration web page shown below. Next, we will go through the settings for each. Note this is a screenshot from the SB70LC model which also has I2C.

Image
Figure 3: TCP Configuration and settings page. This must be performed for the Server and Client devices, respectively.

### TCP Server Settings: Listen for Incoming Connections

The first step is to configure the S2E server device to listen for an incoming network connection. The following settings are in the Listen for Incoming Connections section of the configuration web page. In this example, we will be using the S2E device’s serial Port 1 for the serial tunnel. In the screen shot below we will be listening on TCP network port number 4545\. If no data is being transferred we disconnect after 60 seconds (user defined field). If a new connection comes in after 30 seconds (user defined field) and there is an existing connection, the server will close the existing connection and allow the new one.

The timers are important because when a TCP connection is open if no data is being transmitted and a client does not close the TCP connection the result is a half open socket. This means the TCP server still thinks the connection is valid and keeps the socket open, preventing a new connection from being accepted on the same port number (in this case 4545). However, if data was being transmitted, then a socket error would occur and the socket would be closed. This can occur, for example, when the client power cord gets accidentally disconnected.

The override timeout is nice because as soon as the client is back online a connection will be made immediately. NetBurner provides these utilities out-of-the-box.

Image
Figure 4: TCP Server Settings - configure server to listen for incoming connections.

### TCP Client Network Device IP Settings

Now that you have the Server configured it’s time to setup the Client. Use your web browser to access the S2E device that will be the Client. If the IP address is not known, run the NetBurner _IPSetup_ utility to determine the IP address and type the IP address into the URL field of your web browser, or click on the IPSetup Launch Webpage button.

The first section of this webpage specifies the settings for the device’s IP address, mask, gateway and DNS server. The S2E TCP Client must always know the static IP address of the S2E TCP Server, but the IP address of the Client does not need to be fixed – a dynamic IP address is perfectly acceptable for the Client. In this example, the client uses “Dynamic IP (DHCP)” via the “Address Mode” dropdown as shown below.

Image
Figure 5: TCP Client Network Device IP Settings - Client device can be set to either Static IP or Dynamic IP Address Mode.

### TCP Client Settings: Make Outgoing Connections

Once the server is configured to listen for an incoming connection, the next step is to configure the Client device to make an outgoing connection to the Server. This is done on the TCP configuration page of the Client device. In this case we will use device Port 1 and uncheck the “Listen for incoming network connections” checkbox. The following three timeout settings in that section are not applicable to the Client. In “When to begin making outgoing tcp connections:” dropdown, you can select whether outgoing connections can be made at power-up for a permanent connection or connections can only be made when serial data is available. The next two fields specify the IP address of the server and the port number it is listening on. We use the same Server TCP network port and IP address details as in the prior Server configuration steps.

Image
Figure 6: TCP Client Settings - outgoing connections

### Custom Packetization

NetBurner S2E devices also have custom serial packetization options such as accumulating data bytes before sending and sending on receipt of a termination character. These options can be used for the server, client, or both. For example, if you’re serial device sends out information in 32-byte messages you can enable packetization to accumulate that many. As a safety and to stay in sync, there is also a timeout value to do a send if the number of bytes are not received in time. Alternatively, if your serial messages end with a specific termination byte such as a line feed (13) you can set that value as the trigger to transmit the message.

Image
Figure 7: Optional custom packetization settings. Checkboxes for Port 1 and Port 2, respectively.

### Security: Use SSL (TLS) Instead of TCP

This is a highly valuable feature especially when transmitting sensitive data, contols or signals. Selecting this checkbox on both the Client and Server will enable SSL/TLS encryption. Both Server and Client need to have the checkbox enabled.

Image
Figure 8: Options to enable SSL. Checkboxes are for Port 1, Port 2, and I2C, respectively.

That concludes this article on Serial Tunneling and we hope we lifted the fog a bit on this topic and how to get this great capability working for you.
Post Reply