Pelion Border router is a Pelion Device Management enabled border router implementation that provides the Wi-SUN border router logic.
A border router is a network gateway between a wireless Wi-SUN mesh network and a backhaul network. It controls and relays traffic between the two networks. In a typical setup, a Wi-SUN border router is connected to another router in the backhaul network (over Ethernet) which in turn forwards traffic to and from the internet or a private company LAN.
The code layout is organized like this:
configs/ Contains Mbed TLS configs and Wisun Certificates
bootloader/ Contains Bootloader for DISCO_F769NI and MIMXRT1050_EVK platform
mbed_app.json Build time configuration file
To work with the pelion-border-router application, you need the following:
pip
package requirements.txt list from Mbed OS.Administrators
group privilages) for your Device Management account. The API key is needed for auto-generating the developer certificate and for firmware update.On border router the memory that is needed on board depends on network size. The RAM memory needed for a node on a network is about 650 bytes and needed KV store size is about 100 bytes for a node. KV store is needed to store Wi-SUN parameters during power cycle. Some Wi-SUN parameters need to be stored to KV store periodically, e.g. once in an hour. The size of periodically stored parameters is less than hundred bytes.
Clone the repository if not done yet:
git clone https://github.com/PelionIoT/pelion-border-router.git
Go to pelion-border-router
and deploy the dependencies:
cd pelion-border-router
mbed deploy
Configure Mbed CLI to use your Device Management account and board for DISCO_F769NI
.
mbed target DISCO_F769NI
mbed toolchain GCC_ARM
Download a developer certificate from Device Management Portal.
Copy the mbed_cloud_dev_credentials.c
file to the root folder of the example application.
Create update-related configuration and credentials using the manifest-tool
python package:
manifest-tool
version 2.2.0 or higher:
pip install --upgrade manifest-tool
manifest-dev-tool init --access-key <Device Management access key>
Note: When you create a firmware update image for a deployed device, you must use the same update-related configuration and credentials (update private key, public key certificate, update_default_resources.c
and configuration files) you used in the original device firmware image. Therefore, you need to skip running this command as your environment should be already initialized.
Configure the application for your Wi-SUN network:
configs/wisun_certificates.h
, or generate your own Wi-SUN certificates (recommended) file to the same location.configs/wisun_certificates.h
) are valid (WISUN_ROOT_CERTIFICATE
, WISUN_SERVER_CERTIFICATE
, WISUN_SERVER_KEY
), and match the settings you are using with the border router. Invalid certificates or certificates that don't match prevent mesh network formation.mesh-iface-start-control
in JSON file to decide whether to start the mesh interface automatically or not.
mesh-iface-start-control
to "BLOCK" to prevent starting of mesh interface automatically. In this mode, various configurations of mesh interface can be configured from Pelion server before starting it. There is a timeout, after which the mesh interface will be started automatically. This timeout can be configured using mesh-iface-start-timeout
parameter of the JSON file. Setting the value of mesh-iface-start-timeout
to 0 will prevent the starting of mesh interface for infinite time.mesh-iface-start-control
to "CONTINUE" to start the mesh interface automatically. In this mode, the mesh interface will be started right after registering to the Pelion. The parameter mesh-iface-start-timeout
has no effect in this mode.Tip: Use the same Mbed OS version in the border router and the application (Device Management Client).
Note: When you go to production, please do not use the example Wi-SUN certificate files provided as is due to security reasons.
Wi-SUN configuration: mbed_app.json file contains configuration for Pelion Border Router application. The Wi-SUN specific parameters are listed below.
Field | Description |
---|---|
wisun-network-name |
Network name for Wi-SUN the network, MUST be same for all the devices in the network |
wisun-regulatory-domain |
Defines regulatory domain, refer to ws_management_api for correct values for your region. |
wisun-operating-class |
Defines operating class, limited by the regulatory domain |
wisun-operating-mode |
Defines the operating mode, limited by the regulatory domain |
wisun-uc-channel-function |
Unicast channel function |
wisun-bc-channel-function |
Broadcast channel function |
wisun-uc-fixed-channel |
Fixed channel for unicast |
wisun-bc-fixed-channel |
Fixed channel for broadcast |
wisun-uc-dwell-interval |
Unicast dwell interval. Range: 15-255 milliseconds |
wisun-bc-interval |
Broadcast interval. Duration between broadcast dwell intervals. Range: 0-16777216 milliseconds |
wisun-bc-dwell-interval |
Broadcast dwell interval. Range: 15-255 milliseconds |
certificate-header |
Wi-SUN certificate header file |
root-certificate |
Root certificate |
own-certificate |
Own certificate |
own-certificate-key |
Own certificate's key |
Regulatory domain, operating class and operating mode are defined in the Wi-SUN PHY-specification.
Backhaul connectivity: The Pelion border router application should be connected to a backhaul network. This enables the border router to connect to the pelion server as well as the Wi-SUN mesh network to the internet or a private LAN. The application supports Ethernet backhaul connectivity:
Enable Dual-Bank mode on DISCO_F769NI:
Compile the application for DISCO_F769NI
:
mbed compile -m DISCO_F769NI -t GCC_ARM
You can enable external RADIUS server interface on the Pelion Border Router by setting RADIUS server IPv6 address and shared secret on Wi-SUN configuration: mbed_app.json
The external RADIUS server specific parameters are listed below.
| Field | Description |
|-------------------------------------|---------------------------------------------------------------|
| `radius-server-ipv6-address` | RADIUS Server IPv6 address in string format (e.g. \"2001:1234::1\") |
| `radius-shared-secret` | RADIUS shared secret; ASCII string or sequence of bytes |
| `radius-shared-secret-len` | RADIUS shared secret length; If length is not defined, strlen() is used to determine RADIUS shared secret length |
pelion-border-router.bin
in the BUILD
folder.Client registered
Endpoint Name: <Endpoint name>
Device ID: <Device ID>
manifest-dev-tool update-v1 \
--payload-path pelion-border-router_update.bin \
--device-id <Device ID>
--wait-for-completion
Update progress = 0%
The list of supported resources and corresponding parameters are listed below. | Resource Path | Resources | Values |
---|---|---|---|
33455/0/13 | Mesh Interface Control (Get & Put Allowed) |
"CONTINUE" - Start Mesh Interface Automatically. "BLOCK" - Prevent Starting of Mesh Interface Automatically. |
|
33455/0/14 | Application State (Only Get Allowed) |
"Waiting Permission" - Waiting Permission to Start the Mesh Interface. "Wi-SUN Booting" - The Mesh Interface has been Started. "Wi-SUN Active" - The Mesh Interface is Connected. |
Serial connection settings are as follows:
If there is no input from the serial terminal, press the Reset button of the development board.
In the PuTTY main screen, save the session, and click Open. This opens a console window showing debug messages from the application. If the console screen is blank, you may need to press the Reset button of the board to see the debug information. The serial output from the pelion border router looks something like this in the console:
Mbed Bootloader
Update image is older
[DBG ] Active firmware up-to-date
booting...
[INFO][App ]: Pelion Border Router Application
[INFO][App ]: Fetching Backhaul Interface
[INFO][App ]: Fetching Mesh Interface
[INFO][App ]: Connect to Backhaul Interaface
[INFO][IPV6]: Start Bootstrap
[INFO][addr]: Tentative Address added to IF 1: fe80::280:e1ff:fe24:1c
[INFO][addr]: DAD passed on IF 1: fe80::280:e1ff:fe24:1c
[INFO][addr]: Tentative Address added to IF 1: 2001:14b8:1830:b000:280:e1ff:fe24:1c
[INFO][icmp]: Route: ::/0 Lifetime: 60 Pref: 0
[INFO][Ndns]: DNS Server: 2001:14b8:1830:8000::1 from: fe80::208:a2ff:fe0d:53 Lifetime: 60
[INFO][Ndns]: DNS Search List: 0b:6c:6f:63:61:6c:64:6f:6d:61:69:6e:00 Lifetime: 60
[INFO][icmp]: Route: ::/0 Lifetime: 60 Pref: 0
[INFO][Ndns]: DNS Server: 2001:14b8:1830:8000::1 from: fe80::208:a2ff:fe0d:53 Lifetime: 60
[INFO][Ndns]: DNS Search List: 0b:6c:6f:63:61:6c:64:6f:6d:61:69:6e:00 Lifetime: 60
[INFO][addr]: DAD passed on IF 1: 2001:14b8:1830:b000:280:e1ff:fe24:1c
[INFO][IPV6]: IPv6 bootstrap ready
[INFO][App ]: Backhaul Interface connected with IP 2001:14b8:1830:b000:280:e1ff:fe24:1c