DCB PR-6606 User manual
PR-6606
Packet Replicator
User’s Guide
Copyright 2018 Data Comm for Business, All rights reserved. Revised Fe 2, 2018
Firmware Version 2.x
Certications
FCC Statement
This device complies with the limits for a Class A digital device, pursuant to Part 15 of the FCC rules.
This equipment has een tested and found to comply with the limits for a Class A digital device pursuant to
Part 15 of the FCC Rules. These limits are designed to provide reasona le protection against harmful
interference when the equipment is operated in a commercial environment. This equipment generates, uses,
and can radiate radio frequency energy and if not installed and used in accordance with the instruction
manual may cause harmful interference to radio communications.
Operation of this equipment in a residential area is likely to cause harmful interference, in which case the
user will e required to correct the interference at the user's own expense.
RoHS
Some models of this product are availa le in RoHS versions.
Copyright 2018 Data Comm for Business, Inc. All rights reserved.
TABLE OF CONTENTS
Certifications...............................................................i
FCC Statement.........................................................i
RoHS.......................................................................i
Chapter 1
Introduction................................................................4
PR-6606 Applications..................................................4
Features........................................................................5
Other Protocols.........................................................5
DHCP Protocol..........................................................5
Extensive Packet Selection Rules..............................5
Upgradea le Firmware..............................................5
Security Features......................................................5
On- oard Tools..........................................................5
Installation Location..................................................5
Package Contents.........................................................5
Software Requirements..........................................6
PR-6606 Hardware......................................................7
Introduction...........................................................7
Configuration .......................................................7
Rear Panel LED Indicators ....................................7
Rear Panel USB Connectors..................................7
Rear Panel RS-232 Connector...............................7
Rear Panel Ethernet Connectors.............................7
Front Panel LED Indicators..................................7
Chapter 2
Installation..................................................................
Overview.....................................................................9
Help Screens and Field Edits........................................9
Installation and Configuration.....................................9
1. Configure the IP address......................................9
2.Connect the Ethernet Ca le..................................11
3.Verify the IP Address Configuration.....................11
4. Enter Configuration Values .................................12
5. Minimum Configuration......................................12
Chapter 3
The Configuration Process.........................................13
Overview.....................................................................13
Using the Configuration Flexi ility..............................13
Configuration Process Examples .................................14
Example 1: ............................................................14
Example 2:...............................................................14
Example 3:...............................................................14
i
Saved Configuration Files........................................14
Chapter 4
Configuration..............................................................15
Overview.....................................................................15
Administration.............................................................15
Admin Password..........................................................16
Fields.......................................................................16
Notes........................................................................17
Admin Access Control..................................................17
Fields.......................................................................17
Notes........................................................................18
Set Clock.....................................................................19
Fields.......................................................................19
Notes........................................................................19
Set Name.....................................................................20
Fields.......................................................................20
Notes........................................................................20
Set All Defaults............................................................21
Configuration File........................................................22
Fields.......................................................................22
Notes........................................................................22
Firmware Upgrade.......................................................23
Fields.......................................................................23
Notes........................................................................23
System Re oot.............................................................24
Fields.......................................................................24
Notes........................................................................24
Version Information Screen..........................................25
LAN IP Configuration..................................................26
Fields .....................................................................26
Replication Selection Rules..........................................28
Fields.......................................................................29
Replication Rules Destinations Screen.........................30
Fields.......................................................................31
Notes........................................................................31
Ping Screen.................................................................32
Fields.......................................................................32
Notes........................................................................32
Traceroute Screen........................................................33
Fields.......................................................................33
Notes........................................................................33
Packet Sniffer Screen...................................................34
Fields.......................................................................34
Notes........................................................................34
Interface Status Screen................................................35
Replication Log Screen...............................................36
Replication Statistics Screen.......................................37
ii
Introduction
Routing Ta le Screen..................................................38
DHCP Status Screen.....................................................39
Store Configuration Screen.........................................40
Activate Configuration Screen....................................41
Chapter 5
Operation ...................................................................42
Common Uses – Overview ..........................................42
Typical Application Diagrams .....................................42
Chapter 6
Troubleshooting..........................................................43
Hardware Pro lems......................................................43
Can't Connect via the LAN...........................................43
Other Pro lems............................................................44
Appendix A
Specifications..............................................................45
PR-6606 Packet Replicator Specifications....................45
Ca les..........................................................................45
PR-6606 to hu or ethernet switch.....................45
PR-6606 to PC crossover ethernet ca le............45
Appendix B
Open Source Software Information...........................46
Introduction...........................................................46
O taining the Source Code....................................46
iii
Chapter 1
Introduction
This chapter provides an overview of the Packet Replicator’s features and capabilities.
ongratulations on the purchase of your new EtherSeries PR-6606. This is a simple, easily configured
packet replicating device containing three Ethernet interfaces.
C
The PR-6606 replicates UDP packets through any IP network. The PR-6606 has three Ethernet LAN ports
and a serial port. The Ethernet ports are 10/100/1000 BaseT, copper, MDI/MDIX auto-sensing. The serial
port is used for initial setup to configure the IP address.
The PR-6606 duplicates some or all of the UDP packets passing through it. The original packet is passed
unchanged; if selected for duplication, it is duplicated and the duplicates sent to configured addresses.
All UDP packets are candidates for duplication, selected ased upon configured criteria. The selection of a
packet to e duplicated may e ased upon any com ination of the source IP address, the destination
address, and UDP port num er. Additional flexi ility is provided with the selection criteria which may
include multiple address ranges for the source, destination as well as UDP port selected.
Each packet selected y one of the five selection rules may e duplicated to as many as ten recipient IP
addresses. UDP port num ers may e passed intact with no change to the destination port num er, or to a
different UDP port num er su stituted for the original one.
The PR-6606 is idirectional. Packets eing returned through the PR-6606 may e passed unchanged, or
duplicated according to duplication rules.
As all UDP packets are candidates for selection, the PR-6606 may e used to duplicate SNMP, NTP,
SCADA protocols including DNP/UDP, and MODBUS/UDP, as well as all other UDP packets.
The PR-6606 is managed via we rowser.
PR-6606 Applications
The PR-6606 is in used SCADA, SNMP, netflow, streaming video, streaming audio, and other applications
where it is useful to have a single device send duplicate data streams to multiple devices. In short, may e
applied any time a single UDP packet needs to e duplicated.
Since the packets from the PR-6606 appear to e sent from the originating device, any responses to those
packets will e returned to the originating device. This ack-path is without any action y the PR-6606.
In installations where multicast packets are required and only a unicast path is availa le, the PR-6606 can
translate multicast UDP addressing to unicast UDP addresses in a idirectional operation.
4
Conguration
Features
Other Protocols
The PR-6606 operates only on UDP/IP packets. All other protocols are passed through the device
unchanged.
DHCP Protocol
The PR-6606 may e configured as a DHCP client.
xtensive Packet Selection Rules
User defined selection criteria is configured in "rules". Each rule allows packets to e selected ased upon
source IP address, destination IP address, and destination IP port num er. IP address and port entries may e
a single value such as one IP address (192.168.2.2 for example) or one port num er (for example 3001) or a
range such as 192.168.1.2 to 192.168.1.230 or port 5001 through 8000. If no port num er is entered, all
UDP packets meeting other selection criteria are duplicated. To insure the PR-6606 will replicate the
desired packets, the PR-6606 must e inserted in the network path etween the original packet's source and
original packet's destination. Furthermore, to prevent MAC ta le corruption in any layer-2 switches, the
destination of a replicated packet must also reside on a different LAN port from the original source. To
summarize, the original source cannot e located on the same PR-6606 LAN port as the original destination
or replicated destination.
Upgradeable Firmware
Firmware upgrades may e installed using any we rowser.
Security Features
The we interface used to configure the PR-6606 may e secured using HTTPS SSL. The secure we
server operates using the SSL protocol which allows for the use of x509 certificates to identify and
authenticate we servers and we rowsers. You may generate a pair of x509 certificates within the
PR-6606 or import certificates from your external certificate authority.
On-board Tools
The PR-6606 contains diagnostic tools such as extensive logging, statistics, traceroute, ping, and a simple
packet sniffer to aid in network trou leshooting.
Installation Location
To insure the PR-6606 will replicate the desired packets, the PR-6606 must e inserted in the network path
etween the original packet's source and original packet's destination. Furthermore, to prevent MAC ta le
corruption in any layer-2 switches, the destination of a replicated packet must also reside on a different
LAN port from the original source. To summarize, the original source cannot e located on the same
PR-6606 LAN port as the original destination or replicated destination.
Package Contents
You should find the following items in the package:
The PR-6606
Power Adapter
This User’s Guide CDROM
9-pin Remote-PC adapter (Units with serial ports only)
If any of the a ove are missing, contact your dealer immediately.
5
Software Requirements
The PR-6606 replicated only UDP/IP packets. It also bridges any valid Ethernet protocol between it's
Ethernet ports, similarly to a switch. The initial IP address may e entered using any terminal or
terminal emulation software on a PC, or the default may e used if appropriate for your network.
Any standard we rowser may e used for configuration once the PR-6606 is configured with a valid IP
address.
6
Conguration
PR-6606 Hardware
Introduction
The PR-6606 three Ethernet ports and two USB ports. There is also a RS-232 serial port used for initial IP
address configuration (if needed).
Configuration
This model contains a serial interface to e used in initial setup (if needed). IF the default IP address is not
appropriate for your LAN, connect a terminal to the serial port following the instructions in the
configuration section. The setup port is always active. Follow the command line setup instructions to
configure a compati le IP address. Once a compati le IP address is availa le, the rowser setup screens are
used to complete the unit's configuration.
PR-6606 Front PR-6606 Rear
Rear Panel L D Indicators
One set of indicators For Each Ethernet Port
The green LED to the left of each Ethernet port is a LAN activity indicator. This LED flashes with
activity on the Ethernet (even if the activity isn't directly to this unit).
The yellow/green LED to the right of each Ethernet port is the Ethernet Status indicator. It is lit am er
when the port is connected to a 1000BaseT switch, green for 100BaseT. It is not lit for 10BaseT
connections.
Rear Panel USB Connectors
There are two USB connectors. They are interchangea le, and only the first one that senses a USB device
connection is activated. These are only used for transferring certificate files.
Rear Panel RS-232 Connector
The DE-9 (PC 9-pin) connector is used for command line setup. A cross-over ca le is required to use this
with any standard PC serial port. Terminal configuration is 9600 ps, 8N1 .
Rear Panel thernet Connectors
The three 10/100/1000 BaseT connectors are auto-sensing and share the same IP address.
Front Panel L D Indicators
Power indicator. It should e on.
7
Chapter 2
Installation
This Chapter details the installation process for the PR-6606.
Overview
The PR-6606 is configured using a we rowser directed to its address. If the default address of
192.168.0.1 is appropriate for your local network, then plug it in and simply direct your we rowser to the
PR-6606 (using https if you've configured it to use https, otherwise use http:) without using a proxy and
continue with configuration. If this address is not appropriate for your network, the IP address must e
configured using the initial terminal method elow.
Help Screens and Field dits
The field names on all configuration screens are hyperlinks to context sensitive help screens. Simply click
on the field name to ring up a second window with the help information. Close that window to return to
your entry screen.
Entries are always tested for valid values. However, there are many “valid” values that are not appropriate
for any given configuration. So, “appropriateness” isn’t tested. For example, an IP address of
300.400.500.256 will not e accepted, ut the field will accept an IP address that is not appropriate for
your installation.
Installation and Configuration
1. Configure the IP address
If the default address (1 2.168.0.1) is appropriate for your network, skip to step 2, “Connect the
Ethernet Cable”.
1. Connect a terminal or PC running terminal emulation program (Hyperterm, Procomm, etc) to the serial
port.
2. Start the terminal emulation program using 9600 ps, 8- its, No parity, No flow control.
3. Power up the unit.
Login Screen
8
Welcome to the PR-6606 v2.00
To start the Setup Program, login with
the name: setup
PR-6606 login:
Conguration
4. It will re oot pausing at a login screen. For initial setup, enter the login name “setup” in lower
case letters. No password is required.
5. You will then e asked if you wish to set ALL parameters to factory defaults. If you have previously
changed any values and want to return to the factory defaults, answer “Y”, otherwise answer “N”.
Default Screen
6.You are then asked if you wish to configure the unit as a DHCP client. If you want it to pick up a DHCP
address from a local DHCP server connected to LAN1, answer “y”, otherwise answer “n”.
DHCP Screen
7. If you answered no to that question, you will e prompted to enter the unit’s IP address and su net
mask. Enter the values. Note that all three ports share the same IP address.
8. The configuration is now saved to flash memory. Do not cycle power during this time or the unit may
e rendered inopera le.
9. The PR-6606 will now re oot.
9
-------- PR-6606 Setup Program --------
Welcome to Setup. This setup will esta lish the PR-6606 in
a known state so that you can configure it via a We Browser.
It will allow you to configure the Ethernet IP address
su net mask, and gateway. You also have the option to set all
parameters to default, which is the only method to remove
security parameters.
HTTP port: 80
LAN1 Configuration:
IP: 192.168.1.56
SM: 255.255.255.0
GW:
Set ALL parameters to default (y/[n])?
Should LAN1 use DHCP to get an IP address (y/[n])? n
Saving Configuration. Do not cycle power...
Setup complete.
After re ooting the system, you will e a le to configure
the unit from a We Browser. Use the URL
http://11.22.33.44
re ooting system. .
2. Connect the thernet Cable
Connect a LAN ca le from your hu or switch to a LAN port. Re oot with a power cycle. The PR-6606
will now e availa le to any we rowser on the same LAN segment. If your we rowser does not see it,
verify that you do not have a proxy server configured in the rowser and are using https instead of http for
a secure connection IF you've already changed the unit to HTTPS. If so, properly configure the rowser to
ypass the proxy server for this URL. The default address is 192.168.0.1. This address must e
appropriate for your local LAN and workstation, or step 1 a ove must e followed.
3. Verify the IP Address Configuration
Enter the URL from step 1 (or http://192.168.0.1 if using the default address ) into your we rowser. The
login screen elow should e displayed.
Login Screen
Log in using the user name “admin” and no password ( lank field). If this screen doesn’t display, check
the Trou leshooting Section in Chapter 6.
10
Conguration
4. nter Configuration Values
Initial Main Menu
From this index screen, you can select a section on the left and will e taken to configuration screens for
each su system. You must enter configuration values specific to your installation.
5. Minimum Configuration
The minimum configuration items required for asic packet replication are:
1. Correct IP address configuration, includes either DHCP or IP address, Gateway, and Netmask.
2. At least one packet replication selection rule.
3. At least one destination detail screen for the packet replication rule
Configure these items using the LAN Configuration and Replication Rule screens and the PR-6606 is ready
for use.
11
Chapter 3
The Conguration Process
This Chapter describes the configuration management process on the PR-6606 using a
eb Browser.
Overview
The PR-6606 contains a quite flexi le configuration management system. By using this system correctly,
one can remotely configure, save copies of that configuration to a PC, make configuration changes for later
activation, and remote transfer firmware upgrades to the unit.
There may e up to three configuration “images” in use at any time.
1. The active configuration. Normally, this is the configuration that was loaded from memory when the
unit was last ooted. However it may have een changed since oot time as descri ed elow. This is
the configuration that is currently running the unit.
2. The pending configuration: This is the current configuration that was loaded form memory during the
last oot along with any changes made by using the configuration screens. This configuration is
NOT the configuration running the PR-6606 at present.
3. The stored configuration. This is the configuration that was last written to the non-volatile RAM. The
next time the PR-6606 is power cycled, it will start running this configuration.
Note that any configuration transfer (with the Administration Configuration Transfer screen) is the pending
configuration. You can load a configuration file from the PC, then either activate it to test it. Or, save it
without activation if you don’t want to change the currently running configuration.
Using the Configuration Flexibility
When the PR-6606 starts from a power-off condition, it loads an active configuration from its non-volatile
memory. This active configuration is also copied to the working memory and is the “pending”
configuration.
Whenever the configuration screens are used to change values, only the pending configuration is
changed… not the active configuration.
Using the configuration screens will change the pending configuration. You may change the active
configuration y copying the pending configuration over it. This change is performed using the “Activate
Configuration” screen. Going to this screen activates the pending configuration y copying the pending
configuration over the top of the active configuration. This does not store the configuration in non-volatile
memory. When the hardware is next reset or powered up, it will egin using the old stored configuration
from efore the changes were made and activate command clicked.
Using the “store configuration” screen will copy the pending configuration into non-volatile memory. It
will not cause this configuration to egin running. However, upon the next reset or power cycle, the
PR-6606 will egin using the stored configuration.
It is possi le to activate the pending configuration using the Activate Configuration screen and then store
the configuration using the Store Configuration screen. This two step process will cause all three
configurations to e identical.
12
Conguration
Configuration Process xamples
xample 1:
Make configuration changes, test them with Activate, then save them with Save.
This is the most commonly used method for changing the configuration. It allows you to test the
configuration prior to saving it. If, during the testing, you notice an a normality; you can reset the
hardware to return to the last good configuration.
xample 2:.
Make configuration changes, save them, reset the hardware to activate the changes.
This method allows one to configure thePR-6606 via an IP network that will not work using the new
configuration. Make the changes to the pending configuration and save them. Your current session will not
e affected, ut when the hardware is next powered on, it will egin using the new configuration. This
method is useful when you are configuring to use a new LAN address range while still on the old LAN.
xample 3:
Transfer a saved configuration, save it, reset the hardware to activate the changes.
It is useful to transfer an existing configuration to a PC text file for future use. Then if the hardware must
e replaced, simply transfer that stored configuration to the new hardware.
If the PC is in the default IP address range of the new hardware (192.168.0.x su net), then a new,
out-of-the- ox unit is easily configured using this method. Start the hardware on the LAN, transfer a
stored configuration file from the PC, and store it. When restarted, the PR-6606 will have the proper
configuration.
Saved Configuration Files
The saved configuration file is a simply formatted raw text file. Advanced users may wish to edit this file
using an appropriate text editor, then transfer the changed configuration to a different unit.
Use care when performing configuration with this technique as the text configuration file must e in the
proper format.
This method is ideal for automating the configuration of many units in a large corporate environment.
13
Chapter 4
Conguration
This Chapter describes configuration screens and some configuration hints for the
PR-6606
Overview
The PR-6606 is configured using forms displayed on a we rowser. In this chapter, we illustrate all entry
forms, and descri e their use.
All configuration screens are accessed from the main index screen shown elow. They are divided into
sections with only one layer of screens elow the top level.
Some units may e configured to require a secure we rowser connection for configuration (https:// )
PR-6606 Main Screen
From this index, click on a menu keyword to open the appropriate screen. In this manual, screens are
discussed in the order shown on the index screen.
Administration
The Administration section contains screens used to configure system-wide settings and perform a few high
level operations.
14
Conguration
Admin Password
Admin Password Screen
Access to the configuration we server is protected y HTTP Basic Authentication and may use a
secure we server. This is a simple methodology where the We Server will require a We Browser to
provide a username and password for each page requested. The We Browser will typically ask the
user to enter the username and password once, then will remem er it for the duration that the We
Browser is running. For some configurations, use https: (instead of http: ) when addressing we
rowser screens.
The Administration screen allows you to change the user name and password for the administrator.
This is the only user allowed to configure the unit. If you forget the administrator name or
password, the hardware can only be configured by returning it to factory defaults as described in
the quick start chapter.
Fields
User Name
This field may e a string of 0 to 15 printa le characters. Do not use space or control characters. If you
leave this field lank, you will need to enter a lank username during authentication.
Old Password
In order to change the username and password, you must know the old password. When making a
change, enter the current password in this field.
New Password
When changing the username and password, this field provides the new password. It may e a string
of 0 to 15 characters. If you leave this field lank, you will need to enter a lank password during
authentication.
Verify New Password
Retype the password to verify that it was correctly entered.
15
Notes
If you forget your username or password, you can use the Serial Port Setup to erase the current
settings and return the unit to factory defaults.
Admin Access Control
Administrative Access Control Screen
Access Control allows you to place further restrictions on access to the internal we server.
Fields
We Server Port
This is the TCP Port to use for the internal We Server. Typically it is set to port 80. However you
may set it to any value etween 1 and 65535.
There are several reasons that you may want to change the we server port. By changing it to a
non-standard value, you reduce the chance that a random attacker will find the we interface and
attempt to reak in. A different port may e needed to accommodate local firewalling.
If you change the we server port num er to any value other that 80, remem er that you will have to
include the port num er in your URL. For example, https://192.168.0.1:7995 OR
http://192.168.0.1:7995 .
Require Certificates
This option ena les certificate ased authentication of we rowsers attempting to connect to the
internal we server. The rowser must present the appropriate certificate, otherwise access will e
denied. See the help section on making and installing certificates.
Certificate ased authentication is required y some network security departments.
Respond to Ping
This item allows you to lock ping requests. Ping is a valua le tool for diagnosing network pro lems,
ut can also ecome a security pro lem. Disa ling ping causes the unit to not respond to ping requests
16
Conguration
for one of its IP addresses. It has no effect on the passing of ping request and responses from other
network nodes through it's ridged interfaces.
Accepted We IP Source Address
This ta le allows you to control what hosts or networks have access to the configuration we server. If
empty, any host may access the unit.
Entries are made y specifying a Target and Netmask. For example, if you want to allow only the host
192.168.10.16 access, you would enter:
Target: 192.168.10.16 Netmask:255.255.255.255.
If you wanted to allow access to all hosts in the range 192.168.10.1 to 192.168.10.255, you would
enter:
Target: 192.168.10.0 Netmask: 255.255.255.0
Target
Host or Network address.
Netmask
If lank or set to 255.255.255.255, target is assumed to e a host address. Otherwise, target is
treated as a network address.
Notes
Remem er to su mit the change y clicking the “SUBMIT” utton.
Set Clock
Set Clock Screen
This form allows you to set the hardware clock. The setting will take effect immediately.
Fields
Year Year in the range 2000 to 2035.
Month Numeric value of month in the range 1 to 12.
17
Day Day of month in the range 1 to 31.
Hour Hour of the day in the range 0 to 23.
Minute Minutes in the range 0 to 59.
Notes
There is a hardware real-time clock that saves the time etween power cycles.
Set Name
Set Name Screen
This form allows you to set the units host name and domain.. The setting will take effect when you
"Activate Changes".
Fields
Host Name
The name given to the unit. If you enter a name, it will e displayed as the title of the we pages.
Domain
The name of the local domain. For example: widgets.com
Notes
If used, these names must e appropriate for your DNS system.
18
Table of contents
Other DCB Repeater manuals
