Page 6
10.9. Compliance Federal Communications Commission and Innovation, Science and Eco- nomic Development Canada ....................233 10.10. Compliance ANATEL Brasil ..................240 10.11. Warranty ........................240 10.12. RipEX2 Availability and service life time ..............240 10.13. RipEX2 maintenance ....................241 A. Abbreviations ..........................243 B. Proprietary UDP ports ......................... 245 Index ..............................
Page 7
RipEX2 Radio modem & Router 1.1. Connecting RipEX2 to a PC over WiFi, ETH/USB adapter, ETH interface ........ 10 1.2. RipEX2 bench testing ......................... 12 2.1. RipEX2 dimensions ........................14 2.2. RipEX2 dimensions – bottom ..................... 15 2.3. RipEX2 with DIN rail ........................15 2.4.
). The ETH/USB contains a built-in DHCP server, so if you have a DHCP client in your PC as most users, you do not need to set anything up. The default IP address of RipEX2 unit, for access over the ETH/USB adapter, is 10.9.8.7.
Section 2.2.9, “HW button”. 1.1. Bench testing Before installing a RipEX2 network in the field, a bench-test should be performed in the lab. The RipEX2 Demo case is great for this as it contains everything necessary: 3× RipEX2 unit, Power supply, dummy load antennas, etc.
2. Product RipEX2 is a radio modem platform renowned for overall data throughput in any real-time environment. RipEX2 radio modems are native IP devices, Software Defined with Linux OS that have been designed with attention to detail, performance and quality.
(separated Tx and Rx antennas or full duplex operation with duplexer) - Rx for receiving and Tx/Rx for transmitting. Warning RipEX2 radio modem may be damaged when operated without an antenna or a dummy load. Explosive atmospheres Antenna has to be installed outside of the hazardous zone.
This rugged connector connects to a power supply and it contains control signals. A Plug with screw- terminals and retaining screws for power and control connector is supplied with each RipEX2. It is Tyco 7 pin terminal block plug, part No. 1776192-7, contact pitch 3.81 mm. The connector is designed for electric wires with a cross section of 0.5 to 1.5 mm...
The SFP modules listed in Accessories are thoroughly tested by RACOM and are guaranteed to function with RipEX2 units. It is possible to use any other SFP module, but RACOM cannot guarantee they will be completely compatible with RipEX2 units.
Page 21
RipEX2 unit should be DTE (Data Terminal Equipment) and a straight-through cable should be used. If a DCE device is connected to the serial port of RipEX2, a null modem adapter or cross cable has to be used.
Page 22
RxD COM2 TxD COM2 This interface is not compatible with RipEX2-HS. If the RipEX2 unit is installed in the RipEX2-HS (Hot Standby chassis), the DI/DO interface is dedicated for the Hot Standby operation. 2.2.6. USB RipEX2 uses USB 3.0, Host A interface. USB interface is wired as standard: Tab.
Page 23
Fig. 2.11: AUX connector SMA levels RipEX2 can be equipped with an internal GPS (Expansion board 'G'). The GPS module is used for time synchronization of the NTP server inside RipEX2. In this case the AUX connector serves for connecting the GPS antenna: •...
• Pull below 1.1 VDC to activate (1.1 VDC / 1.9 VDC threshold hysteresis) • Max. 30 VDC If the RipEX2 unit is installed in the RipEX2-HS (Hot Standby chassis), the DI/DO interface is dedicated for the Hot Standby operation.
It is recommended to use both antennas (MIMO diversity) for the LTE connection. In case of using only one antenna, attach it to the ANT1 connector. 2.3.2. SIM cards Two SIM card holders for Micro SIM (3FF) are available under the screwed cover on the RipEX2 bottom side. Warning Disconnect RipEX2 unit from a power supply before opening the cover and manipulating with SIM cards.
Page 28
SFP – enables SFP interface; Part No.: RipEX2-SW-SFP Ex - authorization for use RipEX2 in hazardous location II 3G Ex ic IIA T4 Gc. Part No.: RipEX2- Ex (Note: Ex keys are available only for units produced after 1st of January 2022) Region –...
Page 29
In the case of export from the country where the units were delivered by RACOM, the exporter must inform RACOM of the new country of delivery. ** E, P, A bands for cellular module were under production until XI/2021 https://webservice-new.racom.eu/main/eshop.list?t=10...
8. Ingress Protection IP52 https://www.racom.eu/eng/products/radio-modem-ripex.html#accessories_mounting 9. Dummy load antenna Dummy load antenna for RipEX2 is used to test the configuration on a desk. It is unsuitable for higher output – use transmitting output of 1.0 W only. https://www.racom.eu/eng/products/radio-modem-ripex.html#accessories https://www.racom.eu/eng/products/radio-modem-ripex.html#accessories_mounting https://www.racom.eu/eng/products/radio-modem-ripex.html#accessories_mounting...
(recommended) or widthwise; in both cases with the RipEX2 lying flat. The choice is made by mounting the clips, one M4 screw per clip. RipEX2 is delivered with two clips, two screws and four threaded holes. Use solely the M4×5 mm screws that are supplied.
Page 35
4.1.4. IP52 mounting RipEX2 unit provides IP41 level of environmental protection. It is possible to reach higher level of pro- tection IP52 (Limited dust ingress protection and protection from water spray < 15 degrees from vertical). To obtain IP5x protection: plug in all connectors and cover unused ports (COM port does not need to be covered) with dust covers from the SET-RipEX2-IP52 Fig.
Use 50 Ω impedance cables only. The shorter the feed line, the better. If RipEX2 is installed close to antenna, the data cable can be re- placed by an Ethernet cable for other protocols utilizing the serial port, see Section 7.1.4, “Terminal servers”.
Installation 4.7. Power supply We do not recommend switching on power supply of the RipEX2 unit before connecting the antenna and other devices. Connecting the RTU and other devices to RipEX2 while powered increases the likelihood of damage due to the discharge of difference in electric potentials.
Ethernet ports The whole radio network build from RipEX2 radio modems behaves as a standard Ethernet bridge. An Ethernet bridge ("Network interface" in RipEX2) automatically learns which devices (MAC addresses) are located in the local LAN and which devices are accessible over the radio channel.
The COM port needs to be Enabled and a Protocol needs to be selected to transfer any data. "Trans- parent" type of COM protocol is dedicated for Bridge mode purposes. This protocol transfers data between the COM port and the RipEX2 network transparently. Any other Protocol can be selected when needed.
Page 41
RipEX2 C and RipEX2 A send the received packet to their COM ports. Packet is addressed to RTU C, so only RTU C responds. RipEX2 A is set as a repeater, so it retransmits the packet on Radio channel. Packet is received by all RipEX2 units. Step 4 RipEX2 B sends repeated packet to its COM.
You can see an example of IP addresses of the SCADA equipment and RipEX2 ETH interfaces in the picture below. In Bridge mode, the IP address of the ETH interface of RipEX2 is not relevant for user data communic- ation. However it is strongly recommended to assign a unique IP address to each RipEX2 Network in- terface, since it allows for easy local as well as remote service access.
○ Install a duplexer (exact type for a given channel link). A recommended duplex distance is 75 dB and more. ○ Due to high duty cycle, proper cooling is required. We recommend to use RipEX2-RS For more details see RipEX2 PtP link tutorial video 5.2.
As already mentioned, RipEX2 works as a standard IP router with multiple independent interfaces: Radio and Ethernets. Each interface has its own MAC address, IP address and mask. When Base driven protocol is used, Radio IP addresses for all RipEX2 units must share the same IP subnet.
CSMA and TDMA; the Radio channel is deemed to be free when there is no noise, no interfering signals and no frames being transmitted by other RipEX2 stations. In this situation, a random selection of time slots follows and a frame is then transmitted on the Radio channel.
Page 48
RipEX2 1 receives this packet, checks data integrity and transmits the acknowledgement. At the same time packet is sent to RTU1 through COM. RipEX2 3 receives this packet too. It doesn’t react, because this packet is directed to RipEX2 1 only. Step 3 RipEX2 2 waits untill previous transaction on Radio channel is finished (anti-collision mechanism).
Ethernet port. This helps to keep the routing tables clear and simple. Note Even if the IP addresses of all RipEX2 units in a radio channel share a single IP network, they may not be communicating directly as in a common IP network. Only the RipEX2 units that are within the radio range of each other can communicate directly.
Page 50
• Based on this record, all packets with addresses in the range from 192.168.2.1 to 192.168.2.254 are routed to 10.10.10.1 • Because RipEX2 50’s radio IP is 10.10.10.50/24, the router can tell that the IP 10.10.10.1 belongs to the radio channel and sends the packet to that address over the radio channel •...
5.3.1. Detailed Description Generally, a Terminal server (also referred to as Serial server) enables connection of devices with a serial interface to a RipEX2 over the local area network (LAN). It is a virtual substitute for the devices used as serial-to-TCP(UDP) converters.
Page 52
Terminal server in RipEX2. User data are extracted from the TCP messages and processed as if it came from a COM port. When the data reaches the destination RipEX2, it can be transferred to the RTU either via the serial interface or via TCP (UDP), using the Terminal server again.
(via LAN) or a high-speed WAN (e.g. Internet). The RipEX2 which you are logged-in to in this way is called Local. Then you can manage any remote RipEX2 in the network over-the-air in a throughput-saving way: all the static data (e.g. Web page graphic objects) is downloaded from the Local RipEX2 and only information specific to the remote unit is transferred over the Radio channel.
Page 54
Web interface • Login page The login page informs you about the Unit name and IP address of the RipEX2 unit you are trying to log in. The login page allows changing of the language of the whole web interface (English language is default).
• Discard all changes via Reset All 6.3. Notifications With RipEX2 new way of showing important system events to the user is introduced. It is called Notific- ation Centre and is used consistently throughout the interface. Notification Centre is located on the top...
RipEX2 network). RipEX2 local unit must have the highest firmware version in the whole network to ensure proper Remote access functionality. Nevertheless it is recommended to keep the same version of firmware in the whole network.
Page 59
Web interface The connection to remote radio proceeds... The IP address of the actually connected RipEX2 unit is displayed as part of the Remote access button. All the configuration settings are remotely available using standard web interface. Some of the Diagnostic features are available via local connection only.
7.1. Interfaces 7.1.1. Ethernet RipEX2 provides 5 physical Ethernet ports ETH1, ETH2, ETH3, ETH4 and ETH5. First 4 ETH ports are metallic, the 5th port is a SFP port. There is a possibility to define an Ethernet bridge - a logical Network interface - by bridging (joining) together multiple physical Ethernet interfaces.
(e.g. when a repeater receives a packet from another repeater) or duplicate packets delivered to the user interface (e.g. when RipEX2 receives a packet directly and then from a repeater). Transparent protocol does not solve collisions on the radio channel protocol. There is a CRC check of data integrity, however, i.e.
Page 68
After transmitting to or receiving from the Radio channel, further transmission (from this RipEX2) is blocked for a period calculated to prevent collision with a frame transmitted by a Repeater. Furthermore, a copy of every frame transmitted to or received from the Radio channel is stored (for a period).
Resilience parameter controls this functionality. By default the Auto is set - when intereference holds, RipEX2 stays in High resilience mode of receiver operation and signals this state by turning the yellow RX LED on. Once the interfering signals fade away, RipEX2 automatically returns to its High sensitivity mode of receiver operation.
Such UDP frames received by the RipEX2 unit from the RipEX2 network (based on the unit IP address and UDP port of the Protocol module) are translated into original frame format (by the Protocol module) and send out through the COM port.
Page 76
RTS/CTS (Request To Send / Clear To Send) hardware flow control (handshake) between the DTE (Data Terminal Equipment) and RipEX2 (DCE - Data Communications Equipment) can be enabled in order to pause and resume the transmission of data. If RX buffer of RipEX2 is full, the CTS goes down.
Some Master SCADA units sends broadcast messages to all Slave units. SCADA application typ- ically uses a specific address for such messages. RipEX2 (Protocol module) converts such message to a customized IP broadcast and broadcasts it to all RipEX2 units resp. to all SCADA units within the network.
Page 78
UDP ports for COM or Terminal servers can be used or UDP port can be set manually. If the des- tination IP address belongs to a RipEX2 and the UDP port is not assigned to COM or to a Terminal server or to any other special SW module running in the destination RipEX2, the packet is discarded.
The None protocol switches the COM port off. All incoming data will be thrown away, No data will be send into the COM interface. 7.1.3.3.2. Transparent protocol Operates in Bridge mode only. All the traffic is bridged transparently to RipEX2 network (see Section 5.1, “Bridge mode” for details). 7.1.3.3.3. Async link Async link creates an asynchronous link between two COM ports on different RipEX2 units.
Note The COMLI protocol in the RipEX2 is not fully compatible on COM port with RipEX and MR radio modems. RipEX2 implementation is not supporting “Intercharacter tx delay”. Mode of Connected device: MASTER Congestion timeout [ms] Number {0 –...
Each frame in the DNP3 protocol contains the source and destination addresses in its header, so there is no difference between Master and Slave in terms of the RipEX2 configuration. The DNP3 allows both Master-Slave polling as well as spontaneous communication from the remote units.
Settings 7.1.3.3.6. DF1 Each frame in the Allen-Bradley DF1 protocol contains the source and destination addresses in its header, so there is no difference between Master and Slave in the Full duplex mode in terms of RipEX2 configuration. Duplex mode List box {Full duplex;...
MARS-A was widely used by legacy RACOM radio modems in the MORSE system from the year 1999. The new implementation of this protocol in RipEX2 is limited to the parts of the complex protocol which can be used together with modern packet type of radio routers: USER DATA (0x09) from router to the serial interface (e.g.
7.1.3.3.9. Modbus RTU Modbus RTU is a serial polling-type communication protocol used by Master-Slave application. When RipEX2 radio network run in Router mode, more Modbus Masters can be used within one Radio network and one Slave can be polled by more Masters.
RipEX and appended to the received data. 7.1.3.3.12. SAIA S-bus SAIA S-bus protocol was widely used by legacy RACOM radio modems in the MORSE system. The S-Bus protocol is implemented as an access module for communication with the SAIA PCD device.
7.1.4. Terminal servers Generally, a Terminal Server (also referred to as a Serial Server) enables connection of devices with serial interface to a RipEX2 over the local area network (LAN). It is a virtual substitute for devices used as serial-to-TCP(UDP) converters.
Up to 5 independent Terminal servers can be set up. Each one can be either TCP or UDP Type, TCP Inactivity is the timeout in seconds for which the TCP socket in RipEX2 is kept active after the last data reception or transmission. As source IP address of a Terminal server will be used the IP address of the RipEX2 ETH interface (Local preferred source address if exists see Section 7.2.1, “...
BABEL, OSPF and BGP standard routing protocols are available in RipEX networks. 7.2.1. Static RipEX2 works as a standard IP router with multiple independent interfaces: Radio interface, Network interfaces (bridging physical Ethernet interfaces), COM ports, Terminal servers, optional Cellular interface etc.
Page 100
Switches the rule on / off • Destination IP / mask Each IP packet, received by RipEX2 through any interface (Radio, ETH, COM, ...), has got a destin- ation IP address. RipEX2 (router) forwards the received packet either directly to the destination IP address or to the respective Gateway, according to the Routing table.
Local preferred source address: (Routing_LocalUseSrcAddr) Local IP address used as a source address for packets originating in the local RipEX2 unit being routed by this routing rule. It might be for example packets originating from the COM port or from the Terminal Server. If the address is set to 0.0.0.0 it is not considered active.
Router ID IP address, default = 0.0.0.0 RipEX2 unit acts in the BABEL network as a dynamic router. Every router is identified by an ID having the format of IP address. This IP address does not have to be ‘real’.
L3 Firewall settings do not impact packets received and redirected from/to Radio channel. The problem described in NOTE 2 will not happen, if the affected RipEX2 router is a radio repeater, i.e. when it uses solely the radio channel for input and output.
Although there are 2 modes of operation RipEX2 only offers Tunnel mode. In Tunnel mode, the entire IP packet is encrypted and authenticated. It is then encapsulated into a new IP packet (ESP – Encap- sulating Security Payloads) with a new IP header.
Page 135
The PFS (Perfect Forward Secrecy) feature is performed using the Diffie-Hellman group method. PFS increases IKE SA key exchange security. The RipEX2 unit load is seriously affected when key exchange is in process. The "legacy" marked methods are recognized as unsafe. Peer configuration must match.
Page 136
The PFS (Perfect Forward Secrecy) feature is performed using the Diffie-Hellman group method. PFS increases IKE CHILD SA key exchange security. The RipEX2 unit load is seriously affected when key exchange is in process. The "legacy" marked methods are recognized as unsafe.
RADIUS accounts can be mapped to one of the four user roles. This is either managed by the server itself or by local RipEX2 settings. Local accounts are checked first and if the account does not exist, RADIUS accounts will be used. If the RADIUS server is not accessible, users may use the local username/password to “fall back”...
• Server request retries Number {1 – 7}, default = 3 Number of request retries in case of RipEX2 did not receive a valid reply. Additional expert parameters shall be set in the ADVANCED menu. The level of access is realised by Management-Privilege-Level (RFC 5607, index 136, type integer).
7.6.1.4. Hot standby 7.6.1.4.1. Hot standby settings Following settings is supported by the controller version of the RipEX2-HS, where the controller manages the active and passive/standby RipEX2 units and their accessing to the shared channels (e.g. radio). The communication between individual RipEX2 units and HS controller use DI/DO interfaces, so other use of this interface is not possible.
Page 152
Settings MAC address of shared LAN interface. It should be same for both individual RipEX2 units. This MAC address has to differ from other MAC addresses used in unit. It is possible to use e.g. VRRP type of addresses: 00:00:5E:00:01:XX.
Number {1 – 65535}, default = 162Notification packets destination port. 7.6.5. SW keys Certain RipEX2 features needs to be activated by a SW key to be available. When the respective SW key is not present, the feature cannot be configured. If the feature is enabled in a configuration backup...
Page 162
4. Click the Upload firmware button to transfer the firmware file into the unit. The upload can take a long time – depending on the connection speed between the management PC and the RipEX2 unit. In case of slow connection and file transfer longer than 120 s, the web browser will shut down the connection and the action will not finish successfully.
Diagnostics 8. Diagnostics 8.1. Overview The Overview section serves to give general information about the RipEX2. 8.1.1. Measurements Section Overview - Measurements contains current data measurement (obtained from sensors). • Card Temperature - provides data about temperature (on CPU, modem and radio).
• 15-min interval is collected by taking 14 mins from history + seconds passed from current minute. 8.2. Information This section provides more detailed information (data extract) about settings of RipEX2 unit. It provides also a deeper explanation about some of set values and interfaces and. Diagnostic data are provided as well.
Debug 8.4. Statistics RipEX2 unit permanently monitors various system 'channels'. There are several types of those channels: Physical interfaces (Ethernet ports, serial ports, radio interface, additional module interface (e.g. LTE module) when installed), virtual interfaces (e.g. VLAN interfaces) and HW sensors (CPU temperature, supply voltage, ...).
(unlike "Radio protocol statistics" where the Link address is an address of the unit where the packet entered the RipEX2 network). There is a special address 'RELAY' to indicate frames coming from the re-translation unit in case of Base Driven Protocol operation.
'Correct' and 'Drop' Bytes provides the total amount of Bytes on the physical interface. Rx direction: from the connected (at the COM or ETH port) external device to the RipEX2 unit (i.e. from the COM port module or Terminal server module to the Router module). Tx direction: from the RipEX2 unit to the external device.
Only correctly received frames are handled. The counters correspond to the specific IP protocol types. Rx direction: from the physical Ethernet port to the RipEX2 unit (i.e. to the Router module). Tx direction: from the RipEX2 unit to the physical Ethernet port.
Terminal Server) and vice versa. When an external interface (e.g. Interface COM) is monitored, the Tx also means packets being transmitted from the RipEX2 over the respective interface (Rx means "received"). Understanding the directions over the internal interfaces may not be that straightforward, please consult Fig.
Page 184
Diagnostics Monitoring bandwidth limit to prevent overload of management link between client PC and the RipEX2 unit. LOW (up to ~300 kb/s), NORMAL (up to ~800 kb/s), HIGH (up to ~2 Mb/s), UNLIMITED (up to ~8 Mb/s) Source port (from) (to) TCP/UDP source port to be enabled/disabled in the monitoring output.
Page 185
When Promiscuous mode is enabled, the unit is capable to monitor (receive) frames from the other RipEX2 units even if the other unit(s) is(are) working in the other Unit mode (Bridge versus Router). Frames transmitted under another Unit mode may not be properly 'analyzed'. In such a case frames are displayed in raw data format.
Output format of different type (other than radio) of hops is similar to ICMP ping. Destination IP Destination IP address. This address must belong to a RipEX2 unit as the RSS ping can be initiated only between two RipEX2 units.
Page 190
Diagnostics Source IP The local IP address of RipEX2 unit originating RSS ping. Blank field (equal to 0.0.0.0 address) is used to assign the source address automatically - address is assigned automatically according to the routing rules. Go on List box {On; Off}, default = “Off”...
Page 199
Digitally signed HW tamper Case opening evidence When full-duplex with full power (40 dBm PEP) and the surrounding temperature above + 60°C the external passive cooler should be used (e.g. RipEX2-RS 19" Rack chassis Diagnostic and Management Link testing ICMP ping...
10.0 10.3. High temperature If the RipEX2 is operated in an environment where the ambient temperature exceeds 55 °C, the RipEX2 must be installed within a restricted access location to prevent human contact with the enclosure heatsink. 10.4. Battery disposal Battery Disposal - This product may contain a battery (e.g.
• The unit must be powered with an intrinsically safe power source. • The antenna has to be installed outside the hazardous zone. • Do not manipulate the RipEX2 (e.g. plug or unplug connectors) unless powered down or the area is known to be non-hazardous.
Everyone can copy and spread word-for-word copies of this license, but any change is not permitted. The program (binary version) is available for free on the contacts listed on https://www.racom.eu. This product contains open source or another software originating from third parties subject to GNU General Public License (GPL), GNU Library / Lesser General Public License (LGPL) and / or further author li- censes, declarations of responsibility exclusion and notifications.
• any requirements for authorisation of use. Fig. 10.5: EU restrictions or requirements The RipEX2 radio modem predominantly operates within frequency bands that require a site license be issued by the radio regulatory authority with jurisdiction over the territory in which the equipment is being operated.
С настоящото RACOM s.r.o. декларира, че този тип радиосъоръжение RipEX2 е в съответствие с Директива 2014/53/ЕС. Por la presente, RACOM s.r.o. declara que el tipo de equipo radioeléctrico RipEX2 es conforme con la Directiva 2014/53/UE. Tímto RACOM s.r.o. prohlašuje, že typ rádiového zařízení RipEX2 je v souladu se směrnicí 2014/53/EU.
Page 232
Με την παρούσα ο/η RACOM s.r.o., δηλώνει ότι ο ραδιοεξοπλισμός RipEX2 πληροί την οδηγία 2014/53/ΕΕ. Hereby, RACOM s.r.o. declares that the radio equipment type RipEX2 is in compliance with Directive 2014/53/EU. Le soussigné, RACOM s.r.o., déclare que l'équipement radioélectrique du type RipEX2 est conforme à...
Safety, regulations, warranty RACOM s.r.o. týmto vyhlasuje, že rádiové zariadenie typu RipEX2 je v súlade so smernicou 2014/53/EÚ. RACOM s.r.o. potrjuje, da je tip radijske opreme RipEX2 skladen z Direktivo 2014/53/EU. RACOM s.r.o. vakuuttaa, että radiolaitetyyppi RipEX2 on direktiivin 2014/53/EU mukainen.
The serviced equipment shall be returned by RACOM to the customer by prepaid freight. If circumstances do not permit the equipment to be returned to RACOM, then the customer is liable and agrees to reim- burse RACOM for expenses incurred by RACOM during servicing the equipment on site. When equipment does not qualify for servicing under warranty, RACOM shall charge the customer and be reimbursed for costs incurred for parts and labour at prevailing rates.