Networking

jakeparsons03

Member
J
Join Date
Jun 2017
Location
Indiana
Posts
78
My plant network is on a 10.10.x.x/16 network. We have a new system coming in on the 10.10.1.x/24 network. This new system has 2 plcs, 2 hmis, and a few other IP devices. My plan is to open the 10.10.1.x/16 network up to this new system as its currently unused. Really I only want their PLCs on the plant network. Can I change the PLC IP addresses to the /16 network and keep their other devices on the /24 network without messing up comms from the PLC to HMIs/other devices?
 
I'm not clear on your intention is. Are you intend to have the two subnet communicate to each other?

The /24 subnet are already within the range of the /16 subnet.

The host range for 10.10.1.x/24 are 10.10.1.1 to 10.10.1.254
the host range for 10.10.x.x/16 are 10.10.0.1 to 10.10.255.254

Another point is /16 is a really wide subnet and is really not a good practice. If it's me I would change all the device in the /16 subnet to within the range and mask of /24 subnet.
 
My main PLC is on 10.10.10.10/16. The subsystem PLC is on 10.10.1.20/24. If I keep the network the way it is, I would be able to see the subsystem PLC but I don't think the subsystem PLC can respond back to my main PLC. Thats the issue. If I change the subsystem PLC address to 10.10.1.20/16, then theoretically it would be able to see my main plc from the subsystem plc. At the same time the subsystem PLC would still be able to see the devices on its own /24 network so I wouldn't have to adjust those IPs.
 
I wouldn't recommend it.



I don't think subnetting can do what you want. In addition, many IO brands automatically take their subnet mask from the PLC, you might not even be able to make them different.


I've seen people do what you want with VLANs, where the PLC and IO and rest of the network are technically on different VLANs and the switches sort it all out. Unless the switches have special support for this kind of setup, however, it has bad side effects with broadcast traffic. It definitely isn't a best practice.


The best practice is to use routers (combined with firewalls if possible/appropriate) to separate systems.



My recommendation would be to have each PLC system on it's own (unique) /24 subnet (or smaller, if you think you can get away with it), and then set it up so that only the PLCs have gateway addresses defined to your router. That way they can talk to each other and your upper level systems, and of course to the IO on the local network, but the IO can't talk out. NAT can be set up to do this if needed (if the IP addresses of the systems all have to be identical for reasons beyond your control), but the best practice is to have each PLC system have unique IPs.


Alternately, you can have an extra Ethernet interface added for each PLC, and connect those to the upper level, if your PLC system supports that kind of expansion.
 
Usually what i see is where the PLC arch is divided into customer network and PLC internal network.
customer network is the network you're describing.
If some of the devices on PLC network needs visibility by OEM support or customer, these IPs need to be given a NAT device interface.

PLC network is usually some IP address 192.168.x.x, mask 255.255.0.0 scheme. Just using 192.x.x.x for example but it's what is typical.

NAT device interface requires a gateway address on the plc network to map thru it.
If you define a gateway on this PLC network, try to make it 192.168.x.11, this way if your oem brings his own wireless for debug, it's not fighting the gateway setup by the plc network.
 
jakeparsons03 said:
My main PLC is on 10.10.10.10/16. The subsystem PLC is on 10.10.1.20/24. If I keep the network the way it is, I would be able to see the subsystem PLC but I don't think the subsystem PLC can respond back to my main PLC. Thats the issue. If I change the subsystem PLC address to 10.10.1.20/16, then theoretically it would be able to see my main plc from the subsystem plc. At the same time the subsystem PLC would still be able to see the devices on its own /24 network so I wouldn't have to adjust those IPs.
Click to expand...


Ok, that sound fine. Yes, it's not ideal as other pointed out but I suspect you don't have a tons of devices either so a wide broadcast isn't going to be a problem.
 

Similar Topics

Russ
Networking issues, and am curious about Produce/Consume versus MSG: (Allen Bradley PLCs)
I have a client who periodically experiences network communication issues. Sometimes when I VPN into the site, their SCADA systems will flash comm...
Replies
2
Views
168
Ken Roach
Ken Roach
M
IP networking and static IP address
guys: I have a problem with my IP configuration. my organization networking has 2 subnets. 10.0.0.25 and 10.1.0.25 both under 255.255.255.0 all...
Replies
2
Views
565
harryting
H
M
PLC Networking IP setting and subnetting
I have a question about IP addressing and Networking. I have a PLC with following IP address 10.1.0.120 this is an static PLC PLC is working like...
2
Replies
15
Views
1,999
widelto
widelto
H
feedback on Industrial Networking Solutions?
I swear I post this yesterday but can't find it. Don't see any notification about the post removal either. Maybe my memory is malfunctioning...
Replies
3
Views
2,565
jgreenewv
J
ceilingwalker
Networking multiple PLC's and an RC advice
Hello all. I have a system with 4 different machines, each has their own PLC. I also have a RC in this subnet also. I created a server PLC that...
Replies
0
Views
462
ceilingwalker
ceilingwalker
Back
Top Bottom