Netload Limiter

Available for:

  • AXC F 1152 and AXC F 2152 from 2022.0 LTS
  • AXC F 3152 from 2020.6
  • RFC 4072S from 2019.9

With the Netload Limiter, PLCnext Control devices offer an option to limit the CPU load caused by received Ethernet telegrams. 

During normal operation, an increased amount of Ethernet telegrams may occur for a short time. However, an increased amount of Ethernet telegrams can, for example, also be caused by a malfunction or false configuration in the network infrastructure (e.g. a switch), or by a cyber attack.

In principle the Netload Limiter is an extension of the low level Ethernet drivers and can limit the amount of received packets and bytes. The limit above which the network load is limited can be configured. The Netload Limiter does not affect the packets and bytes sent by the controller but only the received packets. 

Activation/deactivation

The Netload Limiter can be enabled or disabled via the WBM page System Services.  Only when the service is activated, the configuration can be performed. Furthermore, the respective limitation must still be activated in the configuration so that it can be applied.

Configuration

The limitation can be configured as maximum received packets and bytes per millisecond. Besides setting these limits, the configuration includes an activation of each limitation. Both limitations can be configured and activated independently. When enabled, the Netload Limiter buffers the received telegrams if the configured limit is exceeded. In case of a short period of overload the Netload Limiter will forward the buffered telegrams to the Ethernet driver. If the overload period is too long, the Ethernet telegrams cannot be buffered and are lost. In case of TCP the telegrams may be re-transmitted by the communication partner, while in case of UDP the datagrams are lost (without detection by Ethernet drivers or stacks).

The following sections describe the various ways in which the Netload Limiter can be configured.

IEC 61131-3 function block

The Netload Limiter can be configured using the IEC 61131-3 function block PBCL_SysNetloadlimiter_1 provided by the PLCnextBase library.
The library can be downloaded from the PLCnext Store.

The implementation of the IEC 61131-3 function block PBCL_SysNetloadlimiter_1 calls the RSC service INetloadLimiterService .

RSC service

The Netload Limiter can be configured using the RSC service INetLoadLimiterService. A description can be found in the PLCnext API documentation. Select the PLCnext API documentation from the list that matches your firmware version. 

A configuration set by the RSC service INetloadLimiterService is persisted in the configuration file /opt/plcnext/config/Hardware/Nim/Interfaces.config

XML configuration file

When the Netload Limiter is enabled, it can be configured in the configuration file /opt/plcnext/config/Hardware/Nim/Interfaces.config

For information on accessing the controller's file system, see Firmware directories

The changes made in this configuration file become active after the next (re)start of the firmware.

Note:

  • In case of an invalid configuration, the Netload Limiter emits an ERROR message to the Output.log file and removes the configuration file. It is recommended to save a backup of the configuration file.
  • When editing the configuration file not as Linux user admin, ensure that the firmware can read and write this file. Otherwise the RSC service INetloadLimiterService will fail.
Example configuration:
<?xml version="1.0" encoding="UTF-8"?>
    <InterfaceConfigDocument schemaVersion="1.0.0.0">
     <Interfaces>
      <Interface id="1" byteLimit="0" packetLimit="200" byteLimiterEnabled="false" packetLimiterEnabled="true"/>
      <Interface id="2" byteLimit="65535" packetLimit="0" byteLimiterEnabled="true" packetLimiterEnabled="false"/>
      <Interface id="3" byteLimit="0" packetLimit="0" byteLimiterEnabled="false" packetLimiterEnabled="false"/>
     </Interfaces>
    </InterfaceConfigDocument>

Attributes for the configuration

<Interfaces>

Attribute Description
id ID of the Ethernet interface (the number of interfaces depends on the controller type, see also Naming of LAN interfaces and LAN ports on controllers)
byteLimit Bytes set as limit
packetLimit Number of packets set as limit
byteLimiterEnabled true = The limit defined in the attribute byteLimit is activated 
false = The limit defined in the attribute byteLimit is deactivated
packetLimiterEnabled true = The limit defined in the attribute packetLimit is activated 
false = The limit defined in the attribute packetLimit is deactivated

Default values

Default values for AXC F 1152 and AXC F 2152:
Packet limit: 32 packets/ms 

Default values for AXC F XT ETH 1TX attached to AXC F 2152:
No limitation

Default values for AXC F 3152 and RFC 4072S
No limitation

 

 


•  Web browser recommendation: Chrome/Edge 88 or newer, Firefox ESR 90 or neweror Safari • 
• Published/reviewed: 2022-09-14 • Revision 046 •