dali/gateway
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
803348ea3ab17ed3d0bce778c371b5a1d20ac7bf
gateway/components/gateway_knx/oam_knxprod/README.md
T
Tony 803348ea3a Add Gateway OAM IP Router XML and README documentation 
- Introduced `Gateway-SecureTemplateRouter.xml` for the OAM-compatible BAU091A KNX/IP Router, incorporating secure application metadata and supporting secure tunneling.
- Created a `README.md` file detailing the purpose, structure, and validation steps for the new XML configuration, including instructions for running XML checks and using OpenKNXproducer.

Signed-off-by: Tony <tonylu@tony-cloud.com>
2026-05-28 16:01:38 +08:00

2.1 KiB
Raw Blame History

Gateway OAM IP Router KNX Product XML

This folder contains the gateway-owned OpenKNXproducer source for the OAM-compatible BAU091A KNX/IP Router persona.

The source is derived from the upstream OpenKNX OAM-IP-Router database and merges the secure application metadata used by OAM-AccessControl:

  • Manufacturer: 0x00FA
  • Application: 0xA11F
  • Version: 0x07
  • Mask: MV-091A
  • Tunnels: 16
  • Security: IsSecureEnabled="true"
  • Default language: en-US
  • Translations: zh-CN, de-DE, ja-JP

The XML keeps the upstream router/coupler shape and absolute memory segment while adding KNXnet/IP Secure download hooks for:

  • OT-11 PID 94, PID_SECURED_SERVICE_FAMILIES
  • OT-11 PID 97, PID_TUNNELLING_USERS
  • OT-6 PID 81, PID_SECURITY_PROXY_GRP_KEY_TABLE

The secure proxy capability is advertised with CouplerCapabilities="SecurityProxy" on Hardware2Program and MaxSecurityProxyGroupKeyTableEntries on the application program, matching the secure proxy-enabled ETS database shape.

The runtime identity must stay synchronized with gateway/components/gateway_knx/include/gateway_knx_internal.h and the OAM router Kconfig defaults in gateway/apps/gateway/main/Kconfig.projbuild.

Validation

Run a well-formed XML check from the repository root:

xmllint --noout gateway/components/gateway_knx/oam_knxprod/*.xml

Then run OpenKNXproducer with Gateway-OAM-IP-Router.xml and import the generated product database into ETS. ETS validation should confirm the router imports as a secure-capable KNX/IP router, exposes 16 tunneling interfaces, and supports secure tunneling plus security proxy table download/verify.

For a local sanity check without ETS or the KNX XSD support folder installed, run:

OpenKNXproducer create --NoXsd \
	-h /tmp/gateway_oam_knxprod.h \
	-o /tmp/Gateway-OAM-IP-Router.knxprod \
	gateway/components/gateway_knx/oam_knxprod/Gateway-OAM-IP-Router.xml

This verifies OpenKNXproducer include expansion, generated IDs, translation references, and internal sanity checks. A full .knxprod export still requires ETS on the machine running OpenKNXproducer.

Reference in New Issue View Git Blame Copy Permalink