I have multiple machines that share the same IP address, lets say 192.168.10.xxx and i need to get them on my ignition gateway at 10.20.200.xxx how do i accomplish this?
From everything i have read online the best option seems to be routing them using some sort of NAT device? If so does anything have any cheap options they can suggest. And then if so what do i need to do to setup this NAT function.
I have an older ethernet router on hand ETIC IPL-E-1220B and i have tried everything to get this to work.
Any suggestions or comments would be greatly appreciated!!
We typically use either a Skorpian EIPR-E(~$350 USD) or an Antaira LRX-0200(~$500 USD) as quick drop in and run NAT routers.
Basic setup is to set the router's local side (LAN) to a 192.168.10.xxx address and the WAN side of the router to a 10.20.200.xxx subnet address. You would then configure the router's NAT mapping to map your 192.168.10.xxx device address to a 10.20.200.xxx address. Do this for every device that needs an address on the 10.20.200.xxx subnet.
Also keep in mind that your machines MUST have a gateway IP defined in their IP configuration. For us its typically the IP of the managed switch in the machine.
If your machine does not have a managed switch inside of it, then set the machine's gateway IP to the IP of the NAT router/device's LAN port. If it does have a managed switch, set that switch's gateway address to the address of the NAT router/device.
Just so i'm making sense of this, in the configuration picture you provided. The LAN IP's are all individual machines? Mapped back to the corresponding WAN IP's?
And on top of this, the PLC IP configuration needs to be modified so the gateway is the IP address of the NAT device?
Also would this device only work for one machine in my case? They all have the exact same IP address.
Does anyone know of any rack mounted switch/routers that would be able to accomplish multiple machines then? As in the ability to configure per port? I have upwards of 200 machines on my site that we are eventually looking to connect and it would be a pain to manage that many individual devices.
They are individual PLCs on my test bench, but yes.
Yes
The fact that you have multiple machines with the exact same IP is going to be a major pain point. I'm not aware of any switches that are able to gracefully handle multiple devices with the same IP address. Looks like you'll need a switch that you can configure VLANs on, and set a VLAN per port of the switch.
In any case it sounds like you're looking at a few thousands dollars of networking equipment to get 200+ devices all configured for the same IP address exposed...
I don't believe price to be a major issue in this case, i'm more just looking to prove this out before we pull the trigger on buying any products. I'd like to start with something small to get a few machines connected. To this point the only way i'm able to accomplish this is change my ignition gateway to follow to subnet of an individual machine.
For the sake of knowledge if i'm looking to get a larger switch i think i would be going the route and giving each individual machine its own VLAN. But is the option of an individual router in each cabinet still an option given they all have the same IP address? I'm just looking for options to take to my IT department.
I will see what i can figure out, i think we may be in the ballpark of 30-40 machines that have the same IP address so maybe i can make it work for them. If needed i will explore the option of adding a NAT device to each. If this is the case i just need to assign each device with a different WAN IP?
More than likely, you'll want to stick a NAT device on each machine so they're localized. This would let you keep your network simplified also without having VLANs everywhere to keep things separate and hoping nothing gets mixed up along the way because if they're sharing IPs, it will be hard to tell which is which by the time they get to whatever NAT device you put in a rack.
Hey got brought to this topic as a result of Michael sharing our blog posts.
I just wanted to flag while Kevin is normally 100% spot on that you would need 1 NAT appliance per overlapping IP island we have cracked a way to do it through a single NGFW (or pair/cluster is you want to avoid single point of failure) leveraging virtualization. It's certainly not trivial compared to single NAT appliance configurations but if your situation is pretty static we have indeed deployed this in the field as you'll see in the final link below.
You can use an industrial PC for each device and the MQTT Sparkplug B protocol. You would send data to the MQTT cloud, and then SCADA would read the data from the cloud. It does not matter what the IP address of the device is.
This solution is not so cheap but it would work.
How in the world can you operate these 3 machines using the same IP. I would suggest changing the IP address at this point to avoid other issues in the future. And use fixe IP.
Its highly likely that their machines were isolated/not interconnected and they are now moving to connect their machines to their network for monitoring/control purposes.
Its not an uncommon thing to see, especially if the machines were designed without the thought of connecting them to a larger network.
Several of our machines were running with identical PLC IP's on a 192.168.0.xxx subnet, because they were separate standalone units and were not designed with connection to a common network in mind.
Drop in NAT routers/devices help alleviate the issues that arise when a company moves to connect these machines to their networks
