MDS 05-6632A01, Rev. F MDS Orbit MCR/ECR Technical Manual 343
using multicast. BGP uses TCP connection with peer to exchange routes. The cellular interface by itself is
not capable multicasting. Therefore, in this use case, a GRE tunnel interface needs to be used over Cell.
Further, IPsec in transport mode can be used to secure GRE traffic over Cell. Please refer to sections on
GRE and IPsec on how to setup GRE over IPsec. The configuration examples below assume that an
interface named ‘GRE’ has been configured to tunnel routing updates to the back-office router.
NOTE The GRE interface needs to be configured with an IP address for the dynamic routing protocols
to operate over it.
SCADA Master
CELL
ETH
GRE-TUN
ROUTER FUNCTION
Cellular Network
RTU
R1
Backoffice Router
10.10.40.1.0/24
10.10.6.0/24
REMOTE-1
GRE configured as routed interface over Cell
(Optional) IPsec transport mode configured
over Cell to secure GRE traffic.
RIP or OSPF configured to export LOCAL
LAN route (10.10.6.0/24) and import routes
sent by back-office router.
Back-office router configured to terminate
GRE (and IPsec) tunnels from remotes over
cell.
RIP or OSPF configured to export LOCAL
LAN route (10.10.40.0/24) and import
routes sent by remotes.
BACKOFFICE
Dynamic Routing between SCADA Back-office and Remote LAN
CELL
ETH
GRE-TUN
ROUTER FUNCTION
RTU
10.10.7.0/24
REMOTE-2
Configuring
Following example shows how to create a route filter to export route for a directly connected local LAN
(i.e. direct/interface route for Bridge interface for a unit with factory default configuration).
Navigate to Routing-> Basic Config->Route filters
Click ‘Add’ to create a route filter named LOCAL_LAN.
To Next Page
Loading...
Need help?
General
