Fullscreen HTML5Med Res (??MB)HTML4

PICAXE Net Server – Pt.2 By CLIVE SEAGER Con t r ol y our n ex t el ec t r on ic s p r ojec t f r om v i r t u a ll y a n y w h er e on t h e p l a n e t ! Last month, we described the basics of the PICAXE Net Server (PNS) and built a simple demo board which we then controlled over a local network. This month, we look at how to access the PNS over the Internet. O NCE YOUR PICAXE Net Server is up and running on the local network, you’ll no doubt be keen to expand your horizons and control it externally – from a remote location over the Internet. This article describes how to configure a “typical” home network and how to make use of various Internet-based services to enable remote access to the PNS. A diagram of the network we’ll be referring to in this article appears in Fig.1. Note that this is not intended to represent the ideal layout but rather is presented as an example. In fact, some 66  Silicon Chip of the devices mentioned are now quite a bit out of date! Nevertheless, it’s typical of the network found in many homes. Connection to the Internet is made via an “always on” cable modem, while a webcam is included so that the author can check that the PNS is behaving as expected. A Panasonic BL-C10 webcam was selected because it can broadcast images without the need for a computer connection. Obviously, you won’t need a webcam for your setup! Before we explain how to configure the network to support the PNS, it is useful to identify each component and briefly describe its function within the network: Cable modem (Motorola SurfBoard 4100): in simple terms, the cable modem’s job is to convert the signals on the carrier’s cable network in the street into signals compatible with the local computer network in your home. When the modem is plugged in and connected to the computer (or router), your ISP automatically allocates the connection an IP address by a process known as DHCP. We described this process briefly last month. To avoid confusion, we will refer to this address as the “public IP address”, as it is visible externally to other computers on the Internet. In most cases, this address will be dynamic, meaning that it will change often – perhaps every time the modem is switched on. For convenience, we siliconchip.com.au will use 82.83.84.85 as the public IP address in our example network. INTERNET Cable/DSL router and switch (LinkSys BEFSR41): if you just want to connect a single computer to the cable modem, you do not need a router/switch, as the computer is simply plugged directly into the modem. However, when you want to share the Internet connection with other computers or add a PICAXE Net Server, then more than one connection is required. This is where the router/switch comes in. It allows multiple devices to share the same public IP address (the “router” part) and provides five physical connection points for extra computers and the PNS (the “switch” part). Taken together, the modem, router/ switch, computers and the interconnecting cables constitute a small home network. Each device on the network is given a local IP address, which in the examples shown is selected from the range 192.168.1.x. All devices are assigned a subnet mask of 255.255.255.0 and a gateway address of 192.168.1.1. Note: last month, we used the address range 192.168.0.x (where x = 1-254) instead of 192.168.1.x for all of our examples. Either address range is valid for a private local area network. In other words, it would be equally valid to use addresses in the 192.168.0.x range here. However, it is probably easiest to use the range that will work with the default settings provided with your router. In this case, the LinkSys router has a default address of 192.168.1.1, hence our choice. Whichever you choose, remember that all devices on the same network (including the router) must have addresses in the same range! The router can also act as a DHCP server for the local network. This means that it will automatically issue IP addresses to computers as they are connected to the network. Using its default settings, the BEFSR41 router will issue addresses in the range 192.168.1.100 - 192.168.149, so in theory your network could consist of up to 50 computers with dynamically assigned IP addresses. Note that the router has two IP addresses - the public IP address (82.83.84.85) and the local IP address (fixed at 192.168.1.1). The router shares the single public IP address besiliconchip.com.au MODEM LAPTOP A Dynamic: 82.83.84.85 WIRELESS ACCESS POINT Dynamic: 192.168.1.100 ROUTER NETWORK CAMERA Fixed: 192.168.1.1 Fixed 192.168.1.2 MULTIMEDIA PC Fixed 192.168.1.11 LAPTOP B PICAXE NET SERVER Fixed: 192.168.1.10 Dynamic: 192.168.1.102 Dynamic: 192.168.1.101 Fig.1: here’s the layout of the network described in the text. Many home networks will use a combined modem, router and switch, simplifying the layout considerably. The wireless section is obviously not needed for a basic set-up but we’ve shown it here because most networks will now include wireless components. tween all of the local network devices via a method called “NAT” (Network Address Translation). We’ll come back to this in more detail shortly. Many of the router/switch settings can be tailored to suit your network and can be accessed via a HTML (webbased) interface built into the router/ switch. To access the settings, open a browser on any of the computers connected to the local network and type in the router/switch address, which in this case is: http://192.168.1.1 You will then be prompted for a user name and password (Fig.2). For LinkSys systems, the default user name is empty and the password is admin. The default configuration page then appears (Fig.3). the information on the cable in “wireless” format to/from wireless devices on the network. As shown in Fig.1, the WAP has been configured with a fixed IP ad- a wireless access point (WAP) enables PCs, notebooks, PDA’s, etc, with wireless (or “WiFi”) networking capability to communicate with the wired network. The WAP connects to the switch via CAT5 cable and retransmits Fig.2: the router’s setup menus can be accessed with a web browser from any computer on the local network. You’ll need to know the IP address, user name and password. Check the router’s documentation to discover the defaults. Wireless access point (LinkSys WAP54G): October 2006  67 WiFi networks can be difficult to install, so we suggest that you connect your PNS to a wired part of the network initially. Combined functions Those setting up a new network should be aware that it is now possible to buy a wireless access point, router and switch in a single package (eg, LinkSys WRT54G Cable/DSL Wireless Router Switch). The ADSL equivalent (LinkSys WAG54G) even includes the modem! These combined devices would be more economical that purchasing the two (or three) separate items described here. All about NAT Fig.3: the router’s default configuration page appears after successful login. Other models will look different to this, but nonetheless will give access to all of the relevant settings. Fig.4: before access to the PNS can be gained from the Internet, port forwarding must be set up correctly. This shot of the LinkSys router’s “Applications & Gaming” page shows the two entries needed for the example network. dress of 192.168.1.2. All devices using fixed IP addresses on this network use addresses below 192.168.1.100 so as 68  Silicon Chip not to conflict with the address range used by the DHCP server. Note that for the inexperienced, The router used in our examples includes a function called Network Address Translation. Basically, NAT shares the single public IP address given to the router with all the devices on the local network. When any computer communicates with the Internet, it sends out data in parcels called “IP packets”. In our network, these packets must pass through the router on their way out to the Internet. Each IP packet starts with a header containing the source and destination addresses and two port numbers (source address, source port, destination address and destination port). This combination of numbers defines the TCP/IP connection between the two devices (eg, your computer and the destination web server). The addresses specify the location of the devices at each end and the two port numbers ensure that each connection between this pair of devices can be uniquely identified. The source address will initially be the local IP address (eg, 192.168.1.100 from Laptop A). The router must change this source address on every outgoing packet to the public IP address (82.32.84.85). At the same time, it also renumbers the source port number so that each packet is unique. This allows the router to keep track of each device connection. The router uses a port-mapping table to remember how it renumbered the ports for each device’s outgoing packets. This port-mapping table relates the device’s real local IP address and source port plus its translated source port number to a destination address siliconchip.com.au and port. Using this table, the router can therefore reverse the process for returned packets and hence direct them back to the correct device on the network. This process may seem complicated but it’s actually invisible to the end user. In our network, any one of the computers can surf the Internet as if they were individually directly connected to the modem! Interestingly, NAT technology also boosts security. As computers on the local network are not connected directly to the Internet, it’s harder for hackers to gain access to them. Of course, you should still run personal firewall and anti-virus software! So we can see how devices within the local network can communicate with the Internet, but what about requests from outside the network coming in to the router? INTERNET MODEM LAPTOP A Dynamic: 82.83.84.85 WIRELESS ACCESS POINT Fixed 192.168.1.2 ROUTER Fixed: 192.168.1.20 NETWORK CAMERA Fixed: 192.168.1.1 Fixed 192.168.1.11 MULTIMEDIA PC PICAXE NET SERVER LAPTOP B ETHERNET BRIDGE Port forwarding With our PICAXE Net Server (PNS) hooked up and working on the local network, we’re now ready to access its web pages from the Internet. However, we cannot use the 192.168.1.10 address to access the PNS from outside our local network, as this address is considered private and will be ignored. Initially, we cannot use the router’s public IP address (82.32.84.85) either, as it does not have any information on how to deal with externally generated requests. In particular, the NAT function deals only with communications that were initiated from the local network; hence, it will ignore such requests. This issue is overcome by a process called “port forwarding”. When this feature is enabled, the router is configured to redirect any unknown packets received on a particular port to a fixed IP address within the local network. Often this would be to a conventional computer running a web or FTP server but the process works equally well for the PNS. The PNS operates on the standard HTTP port (port 80) and so the router should be configured to forward any unknown packets destined for that port to the PNS IP address – in this case, 192.168.1.10. With port forwarding enabled and redirecting packets for port 80 to the PNS, the PNS web pages are accessed simply by referencing the router’s public IP address. So in the case of siliconchip.com.au Fixed: 192.168.1.22 Fixed: 192.168.1.21 Fixed: 192.168.1.3 Fixed: 192.168.1.10 Fig.5: the router’s DHCP server function had to be disabled to sidestep a design limitation, meaning that all devices now needed fixed IP addresses. Here’s the result. Note how the author also moved the PNS to a wireless part of the network by adding a wireless Ethernet bridge. our example network, we could access the PNS home page from anywhere on the Internet by using the address http://82.83.84.85. Limitations There are a couple of limitations to port forwarding. First, fixed IP addresses must be used for the devices that are to receive the forwarded packets. Second, only one device is allowed for each port number. However, this is not a major limitation because many devices allow the port number to be assigned manually. Such is the case for the Panasonic webcam, for which we assigned port 81 to prevent a clash with the PNS. In our network, the router’s port forwarding rules now contain two entries: • Port 80 packets forwarded to 192.168.1.10 (PNS). • Port 81 packets forwarded to 192.168.1.11 (webcam). Fig.4 shows this arrangement, which can be found under the “Applications & Gaming’” tab in the BEFSR41 router’s setup. To access devices on a port other than the default (port 80), you must include the port number as part of the IP address. For example, to access the webcam on port 81, you would type http://82.83.84.85:81 into your web browser (note the “:81” after the IP address). Note: some ISPs (Internet Service Providers) block incoming requests on port 80 to prevent home users running their own web servers. If your ISP inconsiderately does this, you will need to use a webpage “redirector” service (eg, WebHop at www.dyndns. com) that redirects all port 80 traffic to another port. For example, you could redirect all port 80 traffic to port 81 and run the PNS firmware set-up to reflect this change. Refer to the “Advanced Manual Configuration” section of the PNS technical manual for more information on how to change the port number. Reliability issues After setting up the network exactly as described here, the author was disappointed by its apparent lack October 2006  69 of reliability. Often, web pages would mysteriously become unavailable. A closer examination of the user’s manual for the router revealed that the DHCP feature should be disabled while using the port redirection feature. Apparently, this particular model lacks the necessary performance to drive both features simultaneously. Disabling DHCP fixed the reliability issues and it’s unlikely that you will experience this problem unless you have the same model router! Anyway, with DHCP disabled it was necessary to assign fixed IP addresses to all devices on the network. The updated network diagram in Fig.5 reflects these changes. Fly meets ointment Fig.6: most ISPs don’t supply a fixed IP address with their home Internet services, so you’ll need to set up a dynamic DNS service for use with the PNS. After you’ve created an account on the chosen provider’s website, click on the “Add Dynamic DNS Host” option. The screen shots shown here are for www. dyndns.com – other sites will provide functionally equivalent options. Fig.7: in this example, “picaxe” is chosen as the hostname, allowing the PNS to be accessed at the address http://picaxe.dyndns.org. The IP address is the public Internet address of your router (shown here as 82.46.17.200). 70  Silicon Chip There is one big flaw in the process described above – most ISPs do not provide fixed IP address to home users, so the router’s public IP address is dynamic and likely to change at any time! Without knowing the router’s current IP address with any certainty, it is obviously impossible to guarantee reliable access to the PNS from a remote location. While it is possible to purchase a fixed IP address with some types of Internet services, this option is expensive and probably unnecessary for the home network. Fortunately, a cheaper solution is to be found in a web-based service called “dynamic DNS” (DDNS). Simply put, this service automatically keeps track of your changing IP address while allowing you to use an alternative, easy-to-remember address that never changes. At least two large providers offer this DDNS service: www.dyndns.com and www.no-ip.com The service is available free or charge; all you need to do is register and set up your DDNS service on the provider’s website. Fig.8 shows this process, called “adding a host level service”, on the www.dyndns.com website. Once the service is up and running, you can use an address like http:// picaxe.dyndns.org rather than the more obscure http://82.83.84.85 to access the PNS! Clearly, this system only works if the DDNS provider knows your router’s public IP address and that in turn means they must always be notified when the IP address changes. While you can update the IP address manusiliconchip.com.au ally via the provider’s website, it is far better to set up a system to perform the updates automatically. There are two ways to do this: (1) via a small client program running on a computer within the local network; or (2) via the router itself. The client program approach is the easiest, since you simply download the program from the DDNS provider’s website, run it on any computer within your local network, enter a few details and then leave it running in the background. In operation, the client program regularly checks the router’s IP address and updates the DDNS server when it detects a change. For reliable operation, it must always be running when the PNS is running. This usually isn’t a problem because the program is small and unobtrusive. The second approach is to configure your router to update the DDNS details directly. This is more difficult to set up but is ideal if you want to have the PNS on all the time, even when all other computers on the network are switched off. First, you need to check which DDNS provider is supported by your router; each manufacturer tends to support only one or two. For instance, LinkSys products favour www.dyndns. com, while D-Link favours www.no-ip. com. Check your router’s documentation before registering! Fig.9 shows how to setup DDNS on the LinkSys BEFSR41 router. Once configured, the router will automatically inform DynDNS each time the public IP address changes. Hence, the http://picaxe.dyndns.org address will always point to the correct IP address and the PNS! Fig.8: once the DDNS service is set up, you must notify the provider whenever your router’s IP address changes. Although this can be done manually, as shown here, it makes more sense to do it automatically, either via your router or a small client program. Summary Hopefully, you have been able to successfully apply the information presented here to your own network and can now access the PNS web pages from anywhere on the Internet. If you have connected the demo board described last month, you’ll now be able to see the temperature and light level in your house from anywhere in the world! An example of a PNS setup like this is available to view at: www.rev-ed. co.uk/picaxe/pns/index.htm Coming next month OK, we’re out of space for this siliconchip.com.au Fig.9: it only takes a few seconds to set up automatic DDNS updating on the LinkSys router. month. In Pt.3 next month, we take this idea further and look at building our own web pages and control systems SC for home automation projects. October 2006  71