Subnet Mask problem

kfbest

Member
Join Date
Jul 2013
Location
Pennsylvania
Posts
4
Hi all,

We have to change the subnet mask on ~400 E/IP devices to make the network bigger. Is there a quick way to do that? I can do them one at a time, but that will take a couple days. Is there a program or script that could do that.

Alternately, if we just change the subnet mask on the PLC and switches (/22), but leave the subnet mask on the IO blocks and VFDs at /24, will that work? The IO blocks and VFDs are only communicating with the PLC, not any of the devices on the larger subnet.

Thanks in advance for your help.
 
The existing devices wont be able to talk to any address outside of the existing subnet. If they don't need to it wont be a problem.

It is worth updating the PLCs and HMI so that they can be connected to from the new address space.
 
Are you going in the wrong direction? That's a lot of devices on a subnet, and now adding more, leads to more risk.

Maybe smaller subnets with a router / firewall in between to control traffic flow - provides for better security from segmentation and reduced risk of harm from other devices in the network.

If you have that many devices, I would expect a fully managed infrastructure so little might be required besides a new architecture design and some configuration. Especially if you already have to go through the work of updating all of those devices, additional changes might only be incremental.
 
I'm curious to know how you have 400 odd devices on a /24 subnet when the maximum number of hosts is 254. Or are there two subnets and you are essentially looking at combining them into one by changing to /22, giving you 1023 hosts?

As robertkjonesjr says, using a router may be a better option. Set the gateway address in the PLC to be that of the router's interface which is facing your /24 network. Any traffic that needs to transition to other networks will be sent to the router.

If you don't need to talk to your drives etc from your /22 network then no need to change. But if you do then you would need to set their default gateways accordingly to that of the router.
 
Do all of these devices need to be connected to each other? I feel it could become quite dangerous quite fast.

Common way of this is having machine specific devices on a local separate network. With the PLC having a secondary network card to communicate with the plant. With Rockwell this setup still allows you to see all the devices, but it makes it waaaaaaaaaaaaaaaaaaaay harder to make a simple typing error and potentially breaking a machine. Or a person.
 
I'm curious to know how you have 400 odd devices on a /24 subnet when the maximum number of hosts is 254. Or are there two subnets and you are essentially looking at combining them into one by changing to /22, giving you 1023 hosts?

As robertkjonesjr says, using a router may be a better option. Set the gateway address in the PLC to be that of the router's interface which is facing your /24 network. Any traffic that needs to transition to other networks will be sent to the router.

If you don't need to talk to your drives etc from your /22 network then no need to change. But if you do then you would need to set their default gateways accordingly to that of the router.

Everything he said. Also, if you do what you intend (only change subnet for some of the devices) it will work, but it is throwing a ton of best practices out the door, and it will be very easy to accidentally screw things up down the road.
 
If these devices are getting their IP via DHCP, then just update the DHCP server to serve the new subnet mask.

Be careful with having your devices on different subnets in the same address space. The subnet mask, along with the IP address, determines the broadcast address the device listens to. While normal IP traffic may work just fine, things like discovery type protocols won't work.
 
The subnet mask, along with the IP address, determines the broadcast address the device listens to. While normal IP traffic may work just fine, things like discovery type protocols won't work.

This is a really interesting point. Most of the protocols I work with are layer 2, I forget that layer 3 protocols are just as common.

Things like DHCP and BOOTP require IP (layer 3) broadcasts.
 
Before you start !!!
consider this, you also need to consider all messaging, hmi, scada, SQL, odbc, and other potential interface issues.

think this out and look at all programs first, make a plan, and then implement.
as you said, 400 is a lot.

better to take your time and look at everything than to shut down production and ask what happened.

james
 
Here's a list of how you might setup up your subnets.


Addresses Hosts Netmask Amount of a Class C
/30 4 2 255.255.255.252 1/64
/29 8 6 255.255.255.248 1/32
/28 16 14 255.255.255.240 1/16
/27 32 30 255.255.255.224 1/8
/26 64 62 255.255.255.192 1/4
/25 128 126 255.255.255.128 1/2
/24 256 254 255.255.255.0 1
/23 512 510 255.255.254.0 2
/22 1024 1022 255.255.252.0 4
/21 2048 2046 255.255.248.0 8
/20 4096 4094 255.255.240.0 16
/19 8192 8190 255.255.224.0 32
/18 16384 16382 255.255.192.0 64
/17 32768 32766 255.255.128.0 128
/16 65536 65534 255.255.0.0 256
 

Similar Topics

So for the last few weeks I have been communicating with my PLC's just fine. We use 10.10.10.10 mask 255.255.255.0 on our PLC's. For my laptop I...
Replies
27
Views
11,736
Hi. Rockwell learning curve 132-1b. I was having trouble to change IP address on a EN2TR. Finally found out that I need to change the IP...
Replies
1
Views
734
I am working with a 1768-ENBT and I was able to connect to it through my laptop. My laptop IP is 192.168.1.10 subnet 255.255.255.0 and the PLC...
Replies
12
Views
1,456
I could not connect to or PLC over or network so I checked and the IP address is correct, but the subnet and gateway are incorrect. It has a...
Replies
2
Views
1,963
Hello guys, How can I change subnet mask on ET200. It is grayed out. I am using TIA 14
Replies
9
Views
2,281
Back
Top Bottom