IP Addressing

Basics

Standard Training
TP-RA-007-1-EN (2014 – V1)

1
 Network & Gateway

2
 What’s a Network?

• Two or more Ethernet devices connected to each other to exchange

information

3
 Network & Gateway

Each device on the network has an IP address, a Subnet Mask and

eventually a Default Gateway.

IP Controller GateWay
associated to each A B C
Ethernet Controller (EC) EC EC D E F
EC EC EC
EC EC EC
IP Address : XXX.XXX.XXX.XXX
Subnet Mask: XXX.XXX.XXX.XXX
Network 1
Default Gateway: XXX.XXX.XXX.XXX Network 2

• IP Address – An identifier for the Ethernet device on the network

• Subnet Mask – Defines how many devices (IP addresses) belong to the
same network.
• Default Gateway – Handles requests outside the network.

4
 Network & Gateway

A IP_ADR_A = 10.0.0.67
IP Contr. Mask_A = 255.255.255.0
Gateway_A = 10.0.0.2
Eth. Contr.

B IP_ADR_B = 10.0.0.85
Mask_B = 255.255.255.0
IP Contr.
Gateway_B = 10.0.0.2
Eth. Contr.

• if A wants to send something to B, it will refer to IP address 10.0.0.85

• The IP Controller of A checks whether this address belongs to its network
The subnet mask defines the network range:
IP:10.0.0.53 Mask:255.255.255.0 => Network 10.0.0.#
range: 10.0.0.1 - 10.0.0.254
IP:10.0.0.53 Mask:255.255.0.0 => Network 10.0.#.#
range: 10.0.0.1 - 10.0.255.254
IP:192.168.1.53 Mask:255.255.255.0 => Network 192.168.1.#
range: 192.168.1.1 - 192.168.1.254

Check network calculators on the web: http://www.subnet-calculator.com/

5
 Network & Gateway

A IP_ADR_A = 10.0.0.67 10.1.0.19

Mask_A = 255.255.255.0
IP Contr.
Gateway_A = 10.0.0.2
Eth. Contr.

E IP_ADR_E = 10.1.0.19
Mask_E = 255.255.255.0
IP Contr.
Gateway_E = 10.1.0.24 10.0.0.2
Eth. Contr.
10.1.0.24

If A wants to send something to E, it will refer to IP address 10.1.0.19

The IP Controller of A checks whether the IP address of E belongs to its network
Since it is NOT, it looks for a Gateway and, if available, it will pass the message to
this Gateway

The Gateway checks if the IP address of E is compatible with one of its controllers
if NOT, it will return a "No Match Address" notification to A
if YES, it will perform an IP Forwarding via the matching Controller

6
 Network & Gateway

A IP_ADR_A = 10.0.0.67 10.1.0.19

Mask_A = 255.255.255.0
IP Contr.
Gateway_A = 10.0.0.2
Eth. Contr.

E IP_ADR_E = 10.1.0.19
Mask_E = 255.255.255.0
IP Contr.
Gateway_E = 10.1.0.24 10.0.0.2
Eth. Contr.
10.1.0.24

Note that:
- A gateway has 2 (or more) network controllers (network interfaces).

- In order to allow E to send the answer back to A, device E must have as

gateway the second network interface of the physical gateway.

- The gateway specified on a device, must be reachable by the device. So it

must be on the same network.

7
 Internet
o DNS
o DHCP
o Private versus public IP addresses
o Firewall
o Proxy

8
 Domain Name Servers (DNS)

A DNS (Domain Name Server) is a computer on Internet (Public) that

translates domain names into IP addresses.
- For the human brain it’s easy to remember: www.ewon.biz
- It’s not easy to remember: 37.59.207.131

Let’s make a little experiment:

Type [ping www.ewon.biz] in your cmd prompt

9
 Domain Name Servers (DNS)

The ping we just made was possible because the computer was linked to
a DNS that translated the domain name www.ewon.biz into its IP address.
Just check by typing [ipconfig /all] in your cmd prompt

10
 Dynamic Host Configuration (DHCP)

A DHCP server sends all necessary information to a DHCP client

computer in order to connect it to the world behind itself… a DHCP
server is often a router

DHCP Request
for IP address

DHCP Request for

DNS addresses

11
 Dynamic Host Configuration (DHCP)

The DHCP server defines on your PC:

o The local network to which it belongs:
− IP address, ex: 192.168.1.2
− Mask, ex: 255.255.255.0

o How to join Internet

− Default Gateway IP address, ex: 192.168.1.1
− DNS (Domain Name server), ex: 192.168.1.1 or 8.8.8.8

Advantages of DHCP address configuration:

− No risk of duplicate IP address on the network
− All settings are configured automatically to allow Internet access

Disadvantage of DHCP address configuration:

− You do not know the IP address and it can change at next PC reboot.
 Use DHCP for eWON WAN side, but use fixed IP address for eWON LAN side

Use DHCP for eWON WAN side.

12
Use fixed IP address for eWON LAN side
 Private versus Public

The Gateway between a private and a public network (e.g., the

Internet) is a Router.
Router
A B C EC EC
EC EC EC
INTERNET
Private ISP
Public
small 010.000.000.xxx 010.000.000.xxx
medium 010.000.yyy.xxx 010.000.yyy.xxx
large 010.zzz.yyy.xxx 010.zzz.yyy.xxx
small 192.168.001.xxx 192.168.001.xxx
self 127.000.000.001 127.000.000.001

Some address ranges are for private use only.

These addresses are not allowed on the public networks.
 For eWON LAN and WAN use private addresses

13
 Firewall

Firewall is a technological barrier designed to prevent unauthorized

access

A firewall establishes a barrier between the local network (LAN) and an

external network (e.g., the Internet) that might not be secure.

Note: Your PC probably also has a firewall

14
 Firewall

On a firewall we distinguish incoming and outgoing traffic.

Incoming traffic

Internet
Outgoing traffic

Incoming traffic is generally blocked.

Outgoing traffic is generally open.
At least the standard ports for Web access are open.
(http:TCP80 and https:TCP443)

15
 Proxy

Big companies often use a Proxy server for Internet access:

o LAN devices will send the Internet requests to the Proxy server
o The Proxy transmits the requests to the Internet

Proxy advantages :
o Speed up access to resources
(using caching)
o Log / audit usage
o Scan transmitted content for
malware before delivery.
o Block access to unauthorized
sites,
o etc.

16
 Proxy

The user must encode the proxy settings in every application that
needs to access Internet:
o IP address (or PC name, domain name, etc)
o Port used
o Username/Password

 You also need to encode these information in your eCatcher or your eWON

17
 How applications communicate
o TCP and UDP
o Ports

18
 TCP or UDP

TCP and UDP are 2 different protocols that handle data

communications between application on devices.

Application data
UDP
Application data
TCP UDP
TCP

Depending on the application either UDP or TCP is used.

Some applications allow to select to communicate in UDP or in TCP:
Example: Mitsubishi PLC allows communication using TCP or UDP
protocol
19
 Application Ports

An identification number is
assigned to each application
to determine which packets
are for them.

This identification number

is called a Port.

20
 Standard Ports

Applications exchange messages using their Port

Example:
A Web server generally uses Port 80
A web client sends requests to the web server addressing Port 80
Telling a web client to browse http://www.ewon.biz
is equivalent to ask for www.ewon.biz:80
or, after DNS translation 91.121.140.152:80

Standard TCP port ID corresponding to standard services:

80 = http hyper text transport protocol (web service)
25 = smtp simple mail transport protocol
21 = ftp file transfer protocol

21
 VPN
o OpenVPN

22
 What is VPN?

VPN = Virtual private network

VPN is a private communication network that allows secured
communication over a public network.
o Virtual: because using a virtual link (over Internet)
o Private: because only devices connected on this VPN can understand the
encrypted data
o Network: because devices connected to the same VPN can communicate
with each other as if they were connected together on a local network.

VPN is secure because:

o Data is encrypted
o Authorization and VPN-Keys are required to make part of the VPN network

23
 OpenVPN

Different VPN applications exist: OpenVPN, IPSec, etc.

eWON features the OpenVPN protocol

OpenVPN is specially dedicated for passing through firewalls and

routers. It is also best suited for non permanent connections.

OpenVPN can work on

TCP or on UDP:
OpenVPN will securely
tunnel all the data
through one single
TCP/UDP port.

24
 Applied to Talk2M

25
 eWON is a gateway

• eWON LAN and WAN must be on different network ranges

LAN = Local Area Network, WAN = Wide Area Network
• To act as gateway, the IP addresses of both interfaces must not be
compatible
• WAN network <> LAN network
26 For example LAN = 192.168.120.#, WAN = 10.10.#.#
 Routing on the PLC side

• By default eWON uses the Plug‘n Route function for Talk2M connections.
With Plug’n Route eWON will make think to the PLC that the request is initiated
by the eWON itself and not by the remote PC.
 No Gateway is required on the PLC side

Some application protocols are incompatible with the Plug’n Route

27 feature. Plug’n Route must then be disabled to use classical routing
 Routing on the PLC side

• If not using the Plug‘n Route function, the Ethernet device(s) behind the
eWON must have the eWON LAN as default Gateway.
Must be configured in the parameters of the Ethernet device.
Best reboot the Ethernet device after changing IP address or gateway

28
 Routing on the PC side

• Your PC must have the eWON as default

gateway or an adequate route
o eCatcher will automatically add the route on the PC
o Can be checked using Dos command: [route print]

If you change the eWON LAN IP address after Talk2M configuration,

29 don’t forget to update the LAN Subnet information inside Talk2M.
 Routing on the PC side

• The IP address of your PC must not be compatible with the remote LAN
network
Make sure that Company 1 LAN <> eWON LAN,
otherwise routing through VPN is not possible
30
 Used ports

• Talk2M connection is based on OpenVPN.

Talk2M uses VPN on port UDP 1194 or TCP 443.

These outgoing ports must be open on the Firewall (eWON side and
31
PC side). HTTPS Port is generally open to allow secured Web access.
 Thank You

Follow us www.ewon.biz

32