Forum Settings
       
Reply To Thread

Poor network setups.Follow

#1 Aug 07 2010 at 2:33 PM Rating: Good
Worst. Title. Ever!
*****
14,729 posts
There is a machine where I work that was setup by an OEM years before I got there. It uses ethernet to communicate between it's various pieces. The instruction manual for the devices used gave an example of how to setup the network, and it used the following IP addresses: 130.130.130.1, .2, and .3, with a subnet mask of 255.255.0.0

I don't understand why the manual for this used the 130.130.130 addresses. My IT guy doesn't understand either, since they aren't private IP ranges.

The factory networks use 10.0.0.XXX and we had to build a gateway between the two networks to pass information from the machine to computers on our network.

Now comes the strange part. The machine had two windows computers running some HMI software on them and a controller with a network interface. Configuring the two windows PCs wasn't a problem. IP Address 130.130.130.1, Subnet Mask 255.255.0.0, and the Gateway of 10.0.0.227. Windows accepted this setup without a problem. The network interface on the controller refused to accept the combination, saying that the Gateway address was invalid. Turns out that the result of the IP Address and Mask and the Gateway Address and Mask have to match. So I had to modify the Mask to 191.125.0.0 for it to work. (Masking 130.130 with 191.125 and 10.0 with 191.125 result in the same answer).

Now, a lot of the details are over my head, but the way I understood it is the Subnet Mask set up which IP address the device could talk to, using a Logical AND with the binary octets. Makes sense that the controller, with an IP of 130.130.x.x and a mask of 255.255.0.0 would only be able to talk to 130.130.x.x and therefor refused to talk to, or even accept, the 10.0.0.227 gateway. But why did the Windows Computers accept and use the gateway with the same IP and Mask combination?
____________________________
Can't sleep, clown will eat me.
#2 Aug 12 2010 at 6:55 PM Rating: Decent
Encyclopedia
******
31,484 posts
TirithRR the Eccentric wrote:
There is a machine where I work that was setup by an OEM years before I got there. It uses ethernet to communicate between it's various pieces. The instruction manual for the devices used gave an example of how to setup the network, and it used the following IP addresses: 130.130.130.1, .2, and .3, with a subnet mask of 255.255.0.0

I don't understand why the manual for this used the 130.130.130 addresses. My IT guy doesn't understand either, since they aren't private IP ranges.

The factory networks use 10.0.0.XXX and we had to build a gateway between the two networks to pass information from the machine to computers on our network.

Now comes the strange part. The machine had two windows computers running some HMI software on them and a controller with a network interface. Configuring the two windows PCs wasn't a problem. IP Address 130.130.130.1, Subnet Mask 255.255.0.0, and the Gateway of 10.0.0.227. Windows accepted this setup without a problem. The network interface on the controller refused to accept the combination, saying that the Gateway address was invalid. Turns out that the result of the IP Address and Mask and the Gateway Address and Mask have to match. So I had to modify the Mask to 191.125.0.0 for it to work. (Masking 130.130 with 191.125 and 10.0 with 191.125 result in the same answer).

Now, a lot of the details are over my head, but the way I understood it is the Subnet Mask set up which IP address the device could talk to, using a Logical AND with the binary octets. Makes sense that the controller, with an IP of 130.130.x.x and a mask of 255.255.0.0 would only be able to talk to 130.130.x.x and therefor refused to talk to, or even accept, the 10.0.0.227 gateway. But why did the Windows Computers accept and use the gateway with the same IP and Mask combination?


Because windows is stupid sometimes (most of the time?), and allowed an incorrect address scheme. Although to be fair, most systems will allow you to enter values which may not work properly. Your understanding of the netmask process is correct. The netmask establishes whether a range of addresses are "local" or "remote". Specifically, a local address is one which your interface can speak to directly. There is no router in between them. Everything else is remote. If the address you're communicating with is within the netmask range of your own address, it'll simply broadcast the signal through the NIC and wait for a response from the other computer. If it is deemed to be non-local, it'll send a connection request to the router/gateway address instead. That router will use it's own tables to figure out how to route the packets from/to the other computer, and enable longer distance communication.


It's usually a good idea to use private net addresses unless you actually own the IP address range in question. I'm not sure why 130.130.130.x is given as an example. It's not a range I would use. That address range appears to belong to a university in Australia, so unless you work at "uow.edu.au", I'd pick other addresses. Anything in the 10.x.x.x or anything in the 192.168.x.x ranges are commonly used for private net addresses and wont get you into any trouble. Of course, all of this assumes that you are setting up a private network and that the systems aren't expected to communicate to anything other than themselves.

Pick a smaller netmask. If you've got a device with a network connection to your lan, and another one to a switch with 3 other systems attached (so they can only speak to eachother and the main system), why use a large netmask? Use 255.255.255.0 in most cases. That gives you 254 addressees in that range. Probably far far more than you actually need. It'll also simplify the work.

Since the factory network (I'm assuming that's your lan) is set up on 10.0.0.x, you're presumably using the one system as a gateway, correct? The Windows boxes on that smaller private network should *not* use the same gateway as the factory network. They don't have a direct network connection to that network, only to the primary system. It should have two interfaces, one on the factory network, and one on the smaller private network (the factory network is also private, so I don't want to confuse the two). The secondary network interface on the first system should perhaps be set to 192.168.0.1, with a netmask of 255.255.255.0. It's primary interface should be the 10.0.0.x address with a 10.0.0.1 gateway (or whatever you're using on the factory floor), and whatever netmask is used on the factory network. The two windows boxes should be set to 192.168.0.2 and .3 respectively, with netmasks of 255.255.255.0, and a gateway of 192.168.0.1 (the secondary interface of the primary machine).

If the primary system is being used as a router, you'll need to configure it that way. This usually involves turning on certain services on the secondary interface. I guess that all depends on whether other systems on the network need to talk to those windows boxes. That wasn't clear. I know that a lot of vendor equipment involves the use of multiple computers, all of which need to talk to eachother, but none of which need to speak to a broader network (except one of them of course). We have tester computers with a private network on each (set up more or less exactly as I just indicated). That interface connects to a small switch, which in turn is connected to a few devices. We can connect handlers, probers, diagnostic equipment, etc and control them through the lan connection. Obviously, we don't want those communicating over the floor network (and that would make it difficult to manage multiple otherwise identical pieces of equipment.


Not sure if this helps you or not.

Edited, Aug 12th 2010 5:58pm by gbaji
____________________________
King Nobby wrote:
More words please
#3 Aug 12 2010 at 8:33 PM Rating: Good
Worst. Title. Ever!
*****
14,729 posts
Well, currently we have only two machines that use Ethernet for their controllers/HMIs on the shop floor. Then we have the office network which also has a few terminals for employee use on the shop floor. But they are updating the entire plant system in the next 6 months to have a plant wide network that will control everything... inventory, production, shipping, quality, etc. (and likely cause me a whole new series of headaches for me).

I've been trying to get the OK to change the IP Addresses on this particular machine for a while now (About 3 years. But the machine runs 24/7 and they are afraid we'll break something). I never liked the 130.130.130.x numbers they used (even before I found out from our IT guy that they weren't private ranges). Mainly because when I connect my computer to them I have to change the IP address to match. Where the other machines I hook up to via Ethernet are all 192.168.1. or .0.

What I dread is going through and adding a network interface on every single machine we have on the shop floor. I have looked forward to being able to program any of the machines from my office, but there is a lot of work that needs to be done before I will be able to do that. And given the levels of expertise available where I work, I can guarantee that I'll be doing a lot of this myself.


But, I still don't know why the two Windows PCs can communicate with the 10.0.0.227 gateway with a bad Subnet Mask. I guess "Windows did it" is a good enough answer for me.


We'll be juggling the IP addresses all around for the next few months while we prepare things. Maybe they'll let me re-address the machine finally and get rid of this router between the two networks.
____________________________
Can't sleep, clown will eat me.
#4 Aug 13 2010 at 4:03 PM Rating: Decent
Encyclopedia
******
31,484 posts
TirithRR the Eccentric wrote:
But, I still don't know why the two Windows PCs can communicate with the 10.0.0.227 gateway with a bad Subnet Mask. I guess "Windows did it" is a good enough answer for me.


Were they actually communicating with that address though? It sounds like right now your entire floor is made up of individual systems and small private networks, none of which talk to each other. As long as the systems only need to communicate with eachother, and they're all on that same bogus 130.130.130.x range, it doesn't really matter what the gateway address is set to. They're never going to try to send any packets to that gateway.

You could always open up a cmd window and attempt to ping the gateway address and see what happens. I'm betting you'll get something like "destination unreachable".

Quote:
We'll be juggling the IP addresses all around for the next few months while we prepare things. Maybe they'll let me re-address the machine finally and get rid of this router between the two networks.


A friend of mine went through that same process at a shop he worked at years ago. It's a nightmare if you're not properly prepped. Make sure you've got a system in place for tracking which system gets which IP address (are you guys setting up some sort of DNS service? That will help tremendously), and have a plan for changing the addresses and then connecting to the larger network. In that order, or bad things will happen...


Don't know how familiar your IT guys are with network dos and don'ts, but a good rule of thumb when setting up a lan is to allocate an address range at the beginning of each subnet for "service" systems (DNS, DHCP, NIS, PDC/BDC, etc). Depending on the size of the subnet, this might be the first 10 or 20 addresses. The thinking being that someone is less likely to accidentally configure some random host to the same IP as a critical service if all those services use a specific range of addresses, and you make sure everyone knows not to use say "numbers lower than 20" when selecting IPs for their hosts.
____________________________
King Nobby wrote:
More words please
#5 Aug 13 2010 at 5:20 PM Rating: Good
Worst. Title. Ever!
*****
14,729 posts
gbaji wrote:
TirithRR the Eccentric wrote:
But, I still don't know why the two Windows PCs can communicate with the 10.0.0.227 gateway with a bad Subnet Mask. I guess "Windows did it" is a good enough answer for me.


Were they actually communicating with that address though? It sounds like right now your entire floor is made up of individual systems and small private networks, none of which talk to each other. As long as the systems only need to communicate with eachother, and they're all on that same bogus 130.130.130.x range, it doesn't really matter what the gateway address is set to. They're never going to try to send any packets to that gateway.

You could always open up a cmd window and attempt to ping the gateway address and see what happens. I'm betting you'll get something like "destination unreachable".


Well, I haven't tried pinging out from the 130.130.130.x addresses, but I have pinged in. We set up two computers on the office network with the 10.0.0.227 gateway (the router linking the 10.0.0 and 130.130.130 networks). We can ping the two windows PCs with the 130.130.130.1 and 130.130.130.2 IP addresses, and they respond.

So the 10.0.0.227 Gateway is communicating with the 130.130.130 computers (with the bad subnet mask...) and getting a response.


Quote:
A friend of mine went through that same process at a shop he worked at years ago. It's a nightmare if you're not properly prepped. Make sure you've got a system in place for tracking which system gets which IP address (are you guys setting up some sort of DNS service? That will help tremendously), and have a plan for changing the addresses and then connecting to the larger network. In that order, or bad things will happen...


I'm hoping they are planning. I usually don't deal with the network, just the factory controls. Unfortunately this system is going to integrate the two, and... I'm just hoping everything goes smoothly. They keep telling me all this stuff in passing, but haven't involved me in any of the planning. I know in the end a good portion is going to be resting on my shoulders, I just hope they start telling me more info and letting me prepare.
____________________________
Can't sleep, clown will eat me.
Reply To Thread

Colors Smileys Quote OriginalQuote Checked Help

 

Recent Visitors: 20 All times are in CDT
Anonymous Guests (20)