- Dec 13, 2013
- 1
- 0
- 10,510
I need some help with a networking problem. We have a variety of TCP devices that we control from a single PC. These are industrial/embedded devices and have varying levels of TCP reliability. All of them work reliably when tested with their own kind, but when placed in the field with a variety of different manufacturers/devices we start to see problems. I think this is because some devices are broadcasting to everything in the local network (ARP requests are an example) and some of the more primitive devices have issues when this happens. (In the embedded world TCP implementation is almost always a subset of what is on a PC).
All use Class A addresses (10.x.x.x) that I can configure and in most cases I can configure the subnet mask as well. My goal is to set their addresses and subnet masks such that the different groups of devices (motor controllers, temperature sensors, pumps,..) can only see or broadcast to each other, and not different types of devices.
So here is my plan: Give the PC a dedicated NIC with addresses 10.0.0.160, 10.0.1.160, and 10.0.2.160 (subnet mask 255.255.255.0) which connects to all devices via a switch. Then give each group of like devices the addresses 10.0.0.xx, 10.0.1.xx and 10.0.2.xx (all with subnet masks 255.255.255.0).
Question is would this prevent one group of devices from getting traffic broadcast by another device, other than the PC?
If this does not achieve the network isolation I seek, then would a router with appropriate firewall settings do the job?
All use Class A addresses (10.x.x.x) that I can configure and in most cases I can configure the subnet mask as well. My goal is to set their addresses and subnet masks such that the different groups of devices (motor controllers, temperature sensors, pumps,..) can only see or broadcast to each other, and not different types of devices.
So here is my plan: Give the PC a dedicated NIC with addresses 10.0.0.160, 10.0.1.160, and 10.0.2.160 (subnet mask 255.255.255.0) which connects to all devices via a switch. Then give each group of like devices the addresses 10.0.0.xx, 10.0.1.xx and 10.0.2.xx (all with subnet masks 255.255.255.0).
Question is would this prevent one group of devices from getting traffic broadcast by another device, other than the PC?
If this does not achieve the network isolation I seek, then would a router with appropriate firewall settings do the job?
Facebook
Twitter
Instagram