Set subnet mask to allow connections to two different class c networks

In summary, the lab uses a separate ethernet connection to control instruments, with each PC having two network cards. They are all connected to one switch and use a subnet mask of 255.255.255.0. However, with an increasing number of instruments, the lab is considering using a bigger address space (e.g. 192.168.0.1 to 192.168.1.255) and changing the subnet mask on the PC network card (to 255.255.254.0) to keep different instruments on different subnets while still controlling them from one network card. While this may be possible, it may not be necessary as the instruments do not need to communicate with each other and keeping them separate can improve
  • #1
f95toli
Science Advisor
Gold Member
3,509
1,071
These days most measurement instruments in m,y lab are controlled via an ethernet connection.
In my lab the PCs that control the experiments therefore have two network cards: one is used of "normal" internet/intranet access the other is set to static IP address (typically 192.168.0.x) and is only used to communicate with the instruments. .
All the instruments as well the "local" network card are then connected to one switch (NOT a router). The instruments should NOT be connected to internet in any way so we don't e.g. need a gateway. Effectively this means that we have several small LANs running in the lab, one for each measurement setup (which can have more than one PC)

It used to be that we did not have that many instruments and we would just use 192.168.0.2-254 with a 255.255.255.0 subnet mask. Each instrument in the lab is assigned an unique static IP address when we get it; as long as we are careful about keeping track of these we can also move instruments between setups.

This worked well in the past, but now we have some many instruments that it is getting messy.

My question is if there is any reason why we shouldn't start using a bigger address space (e.g. 192.168.0.1 to 192.168.1. 255) by changing the subnet mask (to e.g. 255.255.254.0) on the PC network card?

That is, keep the 255.255.255.0 subnet mask on the instruments and only use a "wider" mask on the PC ( there is very rarely a reason for why different instruments would need to communicate; everything goes via the PC). This way we could keep different instruments on different subnets while still being able to control all of them from a single network card.

Are there any drawbacks to this solution? I guess I could just try it, but I know from experience that when it comes to network the fact that "it work" does not mean that you won't run into weird problems later.
 
Computer science news on Phys.org
  • #2
I'm a little confused as to what you want. Do you want more subnets or do you want bigger subnets?
 
  • #3
A bit of both; we'd like to have more addresses but would also like have more subnets.
I guess my question is if it is possible/sensible to have several separate subnets (each with 254 possible addresses) connected to the same computer?
That is

Very simplified example:
To have
All DACs on 192.168.0.x
All ADC on 192.168.1.x
etc

where they are all connected to one PC with 255.255.254..0 subnet mask? In a normal LAN with regular PCs this would be bad idea since you normally want all computers to be able to see each other, but instruments typically don't need to communicate (except with the PC) among them selves and keeping them separate would be nice
 
  • #4
So what IP will your PC use? If your PC uses a 192.168.0.x address with a .254 SM mask and you have an instrument using 192.168.1.x and 255.255.255.0 subnet then the PC can send data to the instrument but the instrument can't send it back. Why not just use the .254 SM everywhere?

To stop things getting out of the subnet you just don't configure a default gateway on those devices...simples.
 
  • #5
f95toli said:
I guess my question is if it is possible/sensible to have several separate subnets (each with 254 possible addresses) connected to the same computer?

Possible? Yes.
Sensible? Maybe.

First, computers don't have IP addresses. Interfaces do. So you could have two network cards on the PC, each connected to a different physical network, one for the ADCs and one for the TDCs. No problem there.

But if you have your ADCs and TDCs on the same physical network, giving them different IP subnets isn't going to prevent them from talking to each other. It will just make network configuration more difficult.

Second, while the ADCs and TDCs don't need to talk to each other, do you really need to make them unable to talk to each other?
 
  • #6
Vanadium 50 said:
Second, while the ADCs and TDCs don't need to talk to each other, do you really need to make them unable to talk to each other?
Perhaps not. Some of our instruments are not very well behaved and sometimes they can flood the network. Some of them are also running old Windows versions which we can't really maintain properly, so keeping everything as separate a possible is quite good from a security point of view.

MikeeMiracle said:
So what IP will your PC use? If your PC uses a 192.168.0.x address with a .254 SM mask and you have an instrument using 192.168.1.x and 255.255.255.0 subnet then the PC can send data to the instrument but the instrument can't send it back. Why not just use the .254 SM everywhere?

To stop things getting out of the subnet you just don't configure a default gateway on those devices...simples.
That is a very good point. I had not realized that the not configuring the gateway would keep them separated. So setting the same .254 subnet mask for everyone might be more sensible.
 
  • #7
f95toli said:
so keeping everything as separate a possible is quite good from a security point of view.

Then you should isolate them on their own physical network. Changing IPs won't fix this.
 
  • #8
If you have devices which can flood the network then make sure you are using switches and not plain old hubs. A hub will just replicate anything coming into 1 port to all the other ports. A switch will only send data to the port it's destined for. Naturally by design they are also better for security.
 
  • #9
Vanadium 50 said:
Then you should isolate them on their own physical network. Changing IPs won't fix this.
They are one their own physical network. Part of the question was if it would be possible to keep some separation between e.g. two sets of instruments where some are running Windows while still controlling both sets from the same PC. The PC is of course kept up-to-date with anti-virus etc.
It shouldn't matter since nothing should be able to get to the instruments; and we try to avoid using memory sticks if at all possible. But if there a way to add some isolation without affecting the functionally then this is of course a bonus.
 
  • #10
MikeeMiracle said:
If you have devices which can flood the network then make sure you are using switches and not plain old hubs. A hub will just replicate anything coming into 1 port to all the other ports. A switch will only send data to the port it's destined for. Naturally by design they are also better for security.
Yes, we often rely on pretty fact data transfer so we use gigabit switches.
One reason I started thinking about subnets was that we just bought some new kit and I had to turn off the IGMP snooping in the switch to get things working, the instruments use multicast for discovery and this was being blocked by the switch.
 
  • #11
Hard to talk of isolation without more knowledge of the existing setup...

I see you mentioned old Windows management boxes, if it's just 1 management box per instrument then another potential route is to use multiple network cards in those management boxes. 1 Connected directly to each instrument and the other to the main network. That way each instrument can only talk to it's management box and only the management boxes can talk to the rest of the network which still allows you to collect all the data on your regular PC.

There's always a way, it just depends how much hassle you want to go through.
 
  • #12
f95toli said:
They are one their own physical network.

I was unclear. One network for ADCs and TDCs? Or two networks, one for ADCs and one for TDCs?
 
  • #13
Vanadium 50 said:
I was unclear. One network for ADCs and TDCs? Or two networks, one for ADCs and one for TDCs?
In my simplified example one network for each.
In reality there isn't of course a clear distinction where we only use one type of instrument in each network; but it is generally true that we have different setups different measurement tasks and the instruments do not really need to interact in any way.

But again, the main idea of using different subnets would be to organise things a bit better iwhen we need to increase the number of possible IP addresses we can. Some extra security would just be a bonus.,
 
  • #14
There's no reason you can't use a /16 subnet with 192.168.x.x. That will give you 64,000 addresses. How many addresses do you need? :wink:

It sounds like you want 192.168.1.x to indicate one class of instruments, 192.168.2.x to indicate another, and so on. There is no problem doing this if they are on one great big network. Set the netmask to /16 (255.255.0.0) and it will just work.

Since these are all on the same physical network, making 256 smaller subnets instead of one big one won't do anything to improve security. It will, however, make administering the network much harder.
 

FAQ: Set subnet mask to allow connections to two different class c networks

How do I set the subnet mask to allow connections to two different class C networks?

To set the subnet mask for two different class C networks, you will need to use a subnet mask of 255.255.255.192. This will allow for a total of 62 usable IP addresses, which is enough for two class C networks. You can set this subnet mask in the network settings of your device or router.

What is a subnet mask and why is it important for connecting to two different class C networks?

A subnet mask is a number that determines the size and boundaries of a network. It is important for connecting to two different class C networks because it helps to identify which devices are on which network and allows for proper routing of data between the two networks.

Can I use a different subnet mask to connect to two different class C networks?

Yes, you can use a different subnet mask to connect to two different class C networks. However, the subnet mask should still be able to accommodate the total number of devices on both networks. It is recommended to use the standard subnet mask of 255.255.255.192 for two class C networks.

Is it possible to connect to two different class C networks without changing the subnet mask?

No, it is not possible to connect to two different class C networks without changing the subnet mask. The subnet mask determines the size and boundaries of a network, so it is necessary to change it in order to properly connect to two different networks.

Are there any specific steps or considerations I should keep in mind when setting the subnet mask for two different class C networks?

When setting the subnet mask for two different class C networks, it is important to ensure that the total number of devices on both networks can be accommodated. You should also make sure that the subnet mask matches on all devices and routers connected to the networks. It is also recommended to consult with an IT professional for assistance in setting up the subnet mask for multiple networks.

Similar threads

Understanding Subnet Masks and IP Addresses in Computer Networking
Replies
16
Views
4K
Comp Sci Current broadcast address+1 for next subnet network address?
Replies
3
Views
3K
Connecting extra IPs on a server
Replies
4
Views
2K
Using a modem in a LAN to access the Internet
Replies
27
Views
3K
Comp Sci Network design -- numerical problem asked in our exams
Replies
1
Views
959
Networking Problems? LLDP Didn't work
Replies
2
Views
4K
How are IP addresses assigned and used in different networks?
Replies
4
Views
3K
Networking Newbie Needs Help Setting Up Secured Network
Replies
2
Views
2K
Why Did Only One Computer Connect to the Network This Morning?
Replies
4
Views
3K
How to make raspberry pi connect with window7 (no internet)?
Replies
3
Views
1K

Hot Threads

Recent Insights

Back
Top