Thanks to the dual Ethernet interface, SBC Lynx allows to implement non-trivial network configurations. As an example of this flexibility, this article shows how to configure SBC Lynx to implement a Linux-powered router that manages data packet forwarding between two different LANs. This task can be performed in parallel with the other application-specific activities (typically field bus communications, monitoring, control etc.). This solution allows to reduce significantly overall infrastructure costs in many industrial environments where Ethernet networking is popular nowadays.
*192.168.0.209:80 <-> 192.168.11.241:80
*192.168.0.209:8080 <-> 192.168.11.239:80
[1] For simplicity, secondary interface has been implemented with an USB/Ethernet adapter (MOSCHIP 7830/7832/7730 usb-NET adapter) connected to USB port. For a real-world production environment, it is recommended the use of both iMX6UL Ethernet MAC controllers. To do that, a plugin board connected to the one piece connector (J45/J52) can be used. For more details please refer to [mailto:sales@dave.eu sales department].
==Implementation==
To enable routing functionality, the well known [https://www.netfilter.org/ netfilter/iptables packet filtering framework] has been added to the software provided along with [[AXEL_ULite_and_SBC_Lynx_Embedded_Linux_Kit_(XUELK )|XUELK]] by default.
The following steps describe how to set up and configure netfilter to implement the desired routing policy.
Before proceeding on port forwarding rules setting, the forwarding capability must be enabled on both <code>eth0</code> and <code>eth1</code> interfaces:
The LOG output is appended on <code>/var/log/messages</code> file. Please note that the size of this log file in XUELK is limited to ''265kB''. When the limit size is reached the log file is backed up on ''<code>/var/log/messages.0'' </code> and a new empty log file is started.
There are various logging options. The two used in this example are the most common:
<code>iptables</code> init script is used to make rules persistent in order to load them automatically on boot.
The init script must be saved in the target's root file system as <code>/etc/init.d/iptables</code>. From SBC Lynx the following commands can be used to create and edit the file:
Install the <code>iptables</code> init script by simply issuing this command:
<pre>
update-rc.d iptables defaults
</pre>
To save the current <code>iptables</code> rules and make them persistent type this command:
<pre>
root@sbc-lynx:~# /etc/init.d/iptables save
Saving iptables rules
</pre>
At the next boot the saved <code>iptables</code> rules will be automatically loaded.
----
Please note that <code>sysctl</code> settings (e.g. the ones used to enable packet forwarding) are not persistent across reboots. To apply sysctl settings at boot time automatically, just add them to [http://linux.die.net/man/5/sysctl.conf <code>/etc/sysctl.conf</code>] as <code>token = value</code>:
<pre>
root@sbc-lynx:~# tail /etc/sysctl.conf
#net.ipv6.conf.all.accept_source_route = 0
#
# Log Martian Packets
#net.ipv4.conf.all.log_martians = 1
#
#kernel.shmmax = 141762560
net.ipv4.conf.eth0.forwarding=1
net.ipv4.conf.eth1.forwarding=1
</pre>
sysctl.conf settings are applied with init script during network configuration (see <code>/etc/init.d/networking</code>)
To check sysctl.conf syntax user can apply those settings also manually with the following command: