Sign in to follow this  
Followers 0
Mike Krell

How to Join 2 networks.

6 posts in this topic

I have a control network for all of my process equipment at the plant and i have a new machine that i just purchased that has its own network. I cant add these devices to my network because there is IO hardware that needs to stay on that local network. My thought was to connect this network to my existing network using a router. I would assume a router is the way to go, but if i was certain i wouldnt be posting this. the new machine has a subnet of 172.33.33.__ The PLC that is on this network is at 172.33.33.40. I am not certain what the addresses are of the other devices, but i'm not too worried about that. My existing network is on a subnet 10.31.67.___. There is a central router for the plant that has the gateway 10.31.67.31. I can authenticate through this router to access it remotely or i can hook up directly at the plant. My goal is to not just be able to connect to these devices from the subnet 10.31.67.___ but also to allow the PLC's to talk to each other. So my next question after "how do i simply join the networks?" is how do i let them talk to each other? i have been told a VPN is what i need, but thats a little over my head.

Share this post


Link to post
Share on other sites
Mike - just my 2 cents. Several of our machines of late have had ethernet I/o and ethernet safety. What we've done is the following. 1st PLC Ethernet Card - A.B.C.D IP Address which is on our Plant Control Network. 2nd PLC Ethernet Card E.F.G.H IP Address for machine I/O. 3rd PLC Ethernet Card J.K.L.M IP Address for Servos and VFDs. 4th PLC Ethernet Card N.O.P.Q IP Address for Safety I/O. The only way for communications between the four isolated nets is thru the PLC backplane. I turst it to maintain isolation and integrity more than I would a router. A router with 2 nics one on the 10.31.67 and one on the 172.33.33 net would achieve what you desire but I wouldn't chince on the router and I'd use a managed unit. Last thing you want is a net who command or something flooding your 1720.33.33 subnet and hosing machine operations.

Share this post


Link to post
Share on other sites
I agree with Bob, We had some machines with AB Control Logix processors that had Ethernet cards on subnet 1.1.1.X. We needed to add them onto our control network so I just added another Ethernet card and made it subnet 10.101.50.X. That's probably the easiest way to join to another network. The downside is that you won't get any HMI's or any other networked devices on the network that way, but most people don't mind that as long as they can communicate with the PLC.

Share this post


Link to post
Share on other sites
I am not sure if i mentioned at any point that the PLC is a compactlogix. You cannot add multiple ethernet modules to a compact logix. What is a "managed unit"

Share this post


Link to post
Share on other sites
Mike - I have employed Serial - Ethernet modules on CPLX and ML's. This allows me to hop online through the plant floor subnet. Also, I have set up some messaging between CLX and ML / CPLX processors using the ENI Module. jMk 1761-pp004_-en-p.pdf

Share this post


Link to post
Share on other sites
A router could be the way to go. In your case I think it is the best solution. Since it is a Compactlogix and the IO is probably on EThernet/IP, then the router should have IGMP snooping. I believe that Bob means that the managed Router should be able to be setup to limit what traffic goes where on what port. If the Router must be part of a corporate LAN, then it will probably be managed by an IT department and not by the SCADA or PLC programmers. For small projects with one or two SCADA PCs connected to a few controllers, a simple solution to isolate each controller and its network and still be able to reach the company LAN from the PCs is to install several NICs in each PC. One NIC goes to company LAN, additional NICs connect to the controller network(s). Simple and very inexpensive. What you get is that the PCs can connect to the controllers and to LAN servers at the same time, but the controllers cannot communicate with each other. The SCADA PCs can for example log production data from the controllers on the LAN servers. So it is not uncommon to do like this. An advantage is that the networks on the controller side is not managed by a corporate IT department (!). There are ways to reach through to the controllers via the PCs from the LAN, but if this is a requirement you would be better off by using a dedicated router.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0