Design and Implementation of hardware firewall based on MPC860 and VxWorks

Design and Implementation of hardware firewall based on MPC860 and VxWorks

[Date:]

Source: Electronic Technology Application Author: Li zhengxi, Yu Xingyi, Yang Zhu Xing

[Font: large, medium, and small]

　

Compared with the traditional PC architecture hardware firewall card, the hardware firewall implemented by the MPC860 has great advantages in the system structure, volume, power consumption, cost and application. This article introduces the hardware firewall design scheme developed by the MPC860, which not only makes full use of the functions of the MPC860, but also the design concept used in implementation can be easily applied to other embedded development.
Most of the devices used in this solution are the most frequently used devices in embedded development. All the devices are universal and can be applied to other designs with slight changes. Moreover, based on the system, it is easy to develop network control and communication systems suitable for other aspects.
1. system hardware structure and working principle
1.1 system structure and features
The entire system is composed of the core board and the core board mainly includes: Core CPU (MPC860) flash Memory, SDRAM memory, standard SODIMM interface, power monitoring and reset circuit, clock driving circuit, and connector connected to the baseboard. The baseboard mainly includes: m network interface circuit, 10 m network interface circuit, BDM debugging interface circuit, system power supply circuit, RS232 interface circuit for control and monitoring, and connector connected to the core board. In the solution design, the entire system is divided into two parts: the core board and the bottom board. They are designed and implemented separately, which not only reduces the development difficulty of the entire system, but also makes the system easy to maintain, upgrade, and expand.
1.2 functional diagram and working principle of the system
The Function Block 1 of the core board is shown in. After the system is powered on, the core Board uses a connector to bring the power from the bottom board. The power supply monitoring and reset circuit start to work and generate a reset signal. After the reset signal is generated, the core CPU (MPC860) of the core board starts. At this time, the MPC860 starts to read the data line (D0 ~ D15), and initialize the CPU by reading the set value, including memory initialization, interrupt vector initialization, and debugging register initialization. When all hardware environments (mainly refers to all the special function registers related to the operating system in the CPU, such as SRR0, SRR1, and cr) are initialized. The system will give control to the operating system (such as Linux and vxWorks) stored in Flash, and manage all hardware and tasks in the system through the operating system. The core board is managed and controlled by operating system scheduling, and the hardware of the bottom board is used to implement the routing, gateway, content filtering, and other functions of the hardware firewall.

To improve the applicability of the core board, a standard SODIMM slot and bus multiplexing circuit are added to the core board. SODIMM slot supports 16 MB, 32 MB, 64 MB, and MB of memory through jumpers. Bus multiplex circuits support external bus arbitration (that is, multiple core Boards can be added to the same bus in the same system without conflict ), this core board can be used in other systems without any modification, including multiple core Boards for the same system [1] [2].
The function Diagram 2 of the baseboard is shown in. After the operating system takes over the system (including the management of all hardware on the core board and bottom board), the operating system initiates a task to control the resources on the bottom board to implement the hardware firewall function, including the routing, gateway, and content filtering functions. At the same time, the connector extracts all the pins of the core board for the expansion design. The advantage of this design is that when the system is partially updated or designed, you only need to change the design of the baseboard, which greatly reduces the development difficulty and increases the Reuse Rate of the system.

2. Key devices and technologies
2.1 system core CPU MPC860
The MPC860 evolved from the Motorola-based mc68360 embedded communication controller. Powerpctm structure processor consists of three modules: powerpctm kernel, System Interface Unit (SIU), and communication processor module (CPM ). All three modules adopt a 32-bit internal bus. The master processor of the MPC860 is a 32-bit powerpctm kernel that enables memory management (MMU) and command and data caching. In the system interface unit of the MPC860, the memory control unit supports a variety of high-performance memory, including SDRAM and flash, as well as a PCMCIA controller and a real-time clock circuit. The MPC860 uses a communication processor module (CPM) similar to mc68360, and an I2C channel is added. The cpm of the MPC860 provides the DSP function. For more information, see [1] [4].
Lxt972 is an IEEE-compliant physical transceiver driver chip developed by Intel. It is suitable for applications in 100base-tx and 10base-t standard media connections. In addition, it provides an independent medium independent interface (MII) that is very easy to use in 10/100 M Media Access Controller (MACs ). For more information, see references [2].
Lxt905 is a low-voltage universal 10base-t transceiver developed by Intel. It is suitable for IEEE 802.3 standard physical layer applications. Features of lxt905 include manchasit encoding/decoding, receiver suppression and sending pulse waveform consolidation, fuzzy recognition, connection integrity testing, and reverse polarity detection and correction. Lxt905 driver 10base-t twisted pair wires are only isolated transformer with single 3.3v or 5 V power supply. For more information, see references [3].
3. Implementation of the design scheme
3.1 Hardware
Due to limited space, this article only analyzes several representative circuits in the system.
3.1.1 core board
Because the final design goal of this system is to design a standard embedded device, therefore, the flash memory of mbm29lv160bt 16 MB (2 Mbit/s x 8/1 Mbit/s x 16) (2 Mbit/s x 16 Mbit/s) is used on the flash memory circuit, on the circuit connection, it occupies two storage space manager of the MPC860. The chip selection of two flash storages is connected to the CS0 # And CS1 # Of the MPC860. CS0 is used to start flash. Generally, the startup code of the system is burned in. CS1 is connected to the file system flash. Generally, the operating system and file system are stored in the flash.
The SDRAM memory used in this system is a model developed by modern companies, which is hy57v641620hg 4banks × 1 m × 16-bit synchronous DRAM, in this way, two pieces of SDRAM are expanded to Form 4 MB × 32-bit SDRAM, that is, a total of 16 MB of memory space. On the physical connection, the two pieces of SDRAM are connected to CS2 #, which occupies a part of the storage space manager of the MPC860. In addition, this part can be disabled by jumper. The interface circuit 3 of the MPC860 and SDRAM is shown.

To improve the application scope of the system and increase the storage space of the system, the system design adds a 144pin standard sodimm slot to the core board, patch cords support 16 MB, 32 MB, 64 MB, and MB of standard memory. Physical connection to the cs5 # and CS6 # Of the MPC860 chip.
As shown in figure 4.

During power-on reset and hardware reset, in addition to the default clock reading settings, the CPU also reads the hardware reset setting (hrcw) from the data bus, as shown in figure 4. The 16-bit hrcw character must be set with the pulling resistance. If the pulling resistance is not added, the default value of each data bit is 0.
In this system, the hardware reset setting word is added to the data bus with three bus drivers 244. The hardware reset settings are as follows:
When power-on is reset, modck1 = 1 and modck2 = 0. extclk is the input of oscclk.
D0 = 0, that is, earb = 0. The system uses the internal bus arbitration mechanism.
D1 = 0 (you can set the jumper to 1), that is, IIP = 0. In this system, the address of the reset interrupt vector is 0xfff00100, And the Jumper can be set to 0x00000100.
D2 = 1, that is, bbe = 1. The Startup Device of the system does not support burst mode.
D3 = 0, that is, bdis = 0. The enable prohibition bit is disabled. After the hardware is reset, the memory controller maps all the addresses to the bank0 zone. Start from the flash of CS0 # connection.
D4 = 0, D5 = 1, that is, BPS = 01. After the system is started, the Data Bus works in 8-Bit mode.
D6 = 0; reserved by the system.
D7 = 1, D8 = 0, that is, ISB = 10. After the system is reset, the starting address of the internal memory is 0xff000000h.
D9 = 1, D10 = 1, that is, DBGC = 11. Some reuse pins of the MPC860 are set. After the system is reset, some reuse pins of the MPC860 work in the fixed pin status. To meet system requirements.
D11 = 0, D12 = 0, that is, the debugging port BDM debugging port pin settings of DBPC = 00 and MPC860.
D13 = 0, D14 = 0, that is, EBDF = 00, the bus works in full speed mode.
D15 = 0, that is, CLES = 0; Data Storage Mode: Big-end mode.
In this system, to reduce PCB Board size and improve system reliability, 8 layers are laid using Cadence Allego SPB15.1 software. Improve electromagnetic compatibility. In addition to adding layers on the PCB Board, the penetration holes are added around the upper and lower surface layers of the PCB Board to improve the anti-interference and electromagnetic compatibility of the entire PCB Board.
3.1.2 Bottom Plate
The m network drive circuit is the main part of the system. It is the interface connecting the system to the Internet. All network data enters the hardware firewall through the M network port, send the core board analysis and processed data to the Intranet through the 10 m network drive circuit interface. All algorithms (such as search algorithms, IP packet content restoration, and even advanced content substitution algorithms) all are implemented on the core board.
The system has two 10 m network drive circuits. The 10 m network drive circuit is the only path connecting the hardware firewall to the Intranet. The hardware firewall sends the processed data to the Intranet through this interface. Similarly, the data that accesses the Internet through the Intranet must also enter the hardware firewall. After the data is processed by the hardware firewall, the data is sent to the Internet through a m network drive circuit. At the same time, the two 10 m network circuits designed by the system can also monitor two 10 M bandwidth LAN at the same time to complete some advanced functions (such as network traffic detection, Intranet monitoring, Gateway and routing functions ).
Due to the function and development needs, the system adopts the dual-serial port scheme in the design. During development, one serial port can be used as the serial port connected to the host Super Terminal, and the other can be used as the port for communication with the host computer.
Since the MPC860 supports on-chip debugging and reduces development costs, the debugging method used in the system development is the BDM debugging supported by the MPC860.
3.2 Software
It mainly includes writing startup code, porting the operating system, writing hardware drivers, and applications. Due to limited space, this article only briefly introduces BSP porting.

3.2.1 BSP porting steps and BOOTROM Creation Method
(1) read the manual, learn about the BSP template compiling specifications and file organization of Windriver, and find a template suitable for the target processor.
(2) After finding the BSP template, determine whether all register configurations in the basic BSP are suitable for the current hardware (including SDRAM and flash) for different CPU types ). If not, make the corresponding changes, which mainly refers to the changes in rominits and config. h.
(3) If you have a network device, configure confignet. h. If you have a serial port, modify sysserial. C. Modify the hardware related part in syslib. C.
How to Create bootrom:
(1) For BSP customization, it mainly involves modifying bootline, configuring configall. H, config. H, and makefile.
(2) Select the Loading Method of VxWorks, configure the target server, create a bootrom through the "build bootrom" graphic dialog box or command line, and then download bootrom to the ram of the target machine through visionprobe to run it, or you can use a dedicated writer to burn a successful bootrom to flash.
3.2.2 modify BSP Based on hardware
In this topic, copy the bsp of the ads860 target board to the installDir/target/config/ncut860t directory, copy all files under the all directory to the installDir/target/config/ncut860t/all directory, and then modify the BSP for the hardware environment of the system, modify the makefile.
Note: copy the BSP to the corresponding directory and then start Tornado. Otherwise, the newly added BSP may not be displayed in the BSP list of Tornado.
(1) configuration to be modified in the config. h file (partial code)
# Define DEFAULT_BOOT_LINE
"Motfec (0, 0) host: vxWorks h = 219.224.61.102 e = 219.224.61.202 u = ncut pw = ncut ″
# Define CRISTAL_FREQ 50000000/* 50 MHz */
# Define LOCAL_MEM_LOCAL_ADRS 0x00000000
/* Base of RAM */
# Define LOCAL_MEM_SIZE 0x02000000
/* 32 MB memory available */
# Define ROM_BASE_ADRS 0x02800000
/* Base address of ROM */
# Define ROM_TEXT_ADRS ROM_BASE_ADRS + 0x100
# Define ROM_SIZE 0x00200000/* 2 m rom space */
# Define ram_high_adrs (local_mem_local _
ADRs + 0x00500000)
# Define ram_low_adrs (local_mem_local _
ADRs + 0x00010000)
# Define user_reserved_mem 0x00000000
/* User reserved memory size */
(2) modify the MAKEFILE file (partial code)
Target_dir = ncut860t
Vendor = Motorola
Board = fw860t
Rom_text_adrs = 02800100 # Rom entry address
ROM_SIZE = 00400000 # number of bytes of ROM space
RAM_LOW_ADRS = 00010000 # RAM text/data address
RAM_HIGH_ADRS = 00500000 # RAM text/data address
HEX_FLAGS =-a $ (ROM_TEXT_ADRS)
MACH_EXTRA = motFecEnd. o
CONFIG_ALL = F: workSetUpPpCTornado2.2targetconfig
Ncut860tall
3.2.3 common BSP debugging methods
There are two methods to develop and debug BSP: one is to use the simulator to track debugging step by step through the BDM method, and the other is to perform the so-called "black" debugging through the lighting method. Here we will mainly introduce the method of "black" adjustment. The method of "black" debugging is to debug the program by means of "flashing" or using an oscilloscope to test the film selection and compare and analyze the program according to the external phenomenon and the compiled test code. The first condition for blacklisting is that the serial port code has been tuned, and the host can communicate with the target through the serial port, and then DEBUG other parts of the BSP.
The BSP debugging process is divided into two parts. The first step is the Boot Code in BootRom. It is used to configure hardware and start the VxWorks download program. The next step is to jump to the VxWorks entry address to run the operating system and applications.
The startup code section in ROM:
RomInit: In the file romInit. s, it is the start of the program running, to determine the Startup Type, configure the kernel and non-kernel registers, as well as the read/write timing of memory and peripheral devices, so you can add the memory detection function here. The flashing function should also be added here. You do not need to change the start type and configuration register. You need to modify the read/write timing of the memory and peripheral devices. For details, see the templates for the SDRAM, ROM, Flash, and FPGA parts. They are implemented using macro definitions. Generally, it is used to change the shielding space, read/write digits, and the chip selection registers OR and BR. Memory detection is complicated here, and it is implemented based on the corresponding memory detection algorithm. It mainly checks the address line and data line, and reads data after writing data to determine whether to use the "Step 1" and "Step 0" algorithms. Flashing is strongly recommended in this part, because Flashing can locate the running position of the program.
At the end of the RomInit function, the pointer jumps into RomStart (), and RomStart () is in the BootInt. c file. It is the first C function run by the system. This part is a standard procedure provided by Wind River, which generally does not need to be changed. This function is the entry function of C. It is called by assembler. It mainly clears the memory, copies the program in ROM to RAM, decompress the program, and jumps to the program running after decompression.
In the BootConfig. c file, UsrInit mainly implements hardware initialization. It involves the serial port, network port initialization, and CONSOLE configuration. The configuration of serial port and network port is an important part of BSP. In the BootConfig. c file, UsrRoot downloads the vxworks file and jumps to the vxworks entry address to enter the operating system.
The Code section in the VxWorks file:
SysInit is in sysAlib. s. It is the startup code of VxWorks, and serves the same purpose as RomInit. This file does not need to be modified. UsrInit is used in Usrconfig. c in the same way as UsrInit in Boot. All of them call the sub-functions in SysLib. c to implement the same hardware initialization function. UsrRoot is used in UsrConfig. c, which is similar to UsrRoot in Boot, but UsrRoot enters the application.
The hardware firewall features high performance, high stability, and strong compatibility. In addition to the gateway, routing, and host computer monitoring functions, in terms of the functions of the hardware firewall, the software can achieve typical performance parameters, 1000 concurrent connections, 20 M of swallowed data, 10 M of secure bandwidth filtering, VPN, IDS, dos.
At the same time, as a typical design of embedded development, the core board can be applied to other embedded applications without any changes. This fully demonstrates the advantages of applying duplicate circuits in the future development of embedded systems. In addition, some extensibility designs used in the design, such as the standard SODIMM slots added to the system memory and the crystal oscillator driving circuits of different packages, not only increase the application scope of the core board circuit, in addition, the circuit stability is also enhanced in actual use.
References
[1] Freescale semiconduco. Ltd. MPC860 PowerQUICC Family User's Manual. Rev.3.
[2] Intel Co. Ltd. LXT972A 3.3 V Dual-Speed Fast Ethernet Transceiver Datasheet.2001, 1.
[3] Intel Co. Ltd. LXT905 Universal 10Base-T Transceiver with 3.3 v Support Datasheet.2001, 1.
[4] Xie bin. Entry into and guide for developing embedded systems in MPC860/850. Xi'an: Xi'an University of Electronic Science and Technology Press, 2004.
[5] Freescale semiconduco. Ltd. Application Note SDRAM and the MPC860 03-19-98 Revised, 01-11-00.