Need Help Figuring Out How To Network Your Site?
Got a new IP (DSL, Wireless) connection, and confused how to handle the inside of your shelter or how to do connections?
Site Networking Overview
As availability increases and costs fall for DSL, cable modem, satellite, and wireless communications to remote monitoring sites, let us consider the complex issues involved in creating your “shelter network.”
WAN Side vs. LAN Side
So, you get your site DSL (or whatever) enabled, and you get your static IP address assigned to the site. Now what?
This IP address represents the “public internet” or WAN side of the router (for example, 72.15.67.144)- on the other side, all the devices plugged into it will have another range of IP addresses, referred to as the “LAN” side. These addresses commonly start with the “192.168…” range of addresses, but the LAN side address scheme can generally be configured in the router to be whatever scheme you want. No reason to change it, let’s just leave it as is.
Devices you plug into the router will either dynamically request an IP address from the router (DHCP), or can be configured with a default static IP address. Because the network is small (maybe a dozen devices at most), and for easier control, we would recommend switching all devices to fixed IP addresses and programming each one, maybe by an easy to remember scheme, such as:
IP Address
|
Device
|
|
192.168.1.88
|
Data Logger
|
|
192.168.1.42
|
NOx Analyzer
|
|
192.168.1.140
|
O3 Analyzer
|
We never use the first few or the last few IP addresses, as they are generally reserved in TCP/IP networking. For example, the router will take 196.168.1.1 for itself, and represents the “gateway” address for other devices in the network. If you’re not familiar with subnets, just set every subnet to 255.255.255.0 and you’ll be fine.
Hey- What About Security With A Public IP?
Not a problem. Almost every router has the capability to restrict incoming data requests from a limited set of IP addresses. Find out the IP address range of your main office that will be polling the site, and you can program the router to ignore requests that come from any other IP addresses. You’ve effectively created a private network. This features is often referred to in the firewall/router documentation as “stateless packet filtering.”
Back To The Shelter – Network Address Translation Tables
So, now we have a WAN side address for our shelter (72.15.67.144) and LAN-side addresses for everything else. Now what?
The next thing to understand is that every TCP/IP has one or more ports used for functions. You normally never see ports, say when you type in “www.google.com” because browsers automatically know to connect to a web server via port 80. FTP uses a default port of 21. But that’s just the default, technically you could program a PC to respond to HTTP or FTP on any port, but that would be non-standard.
Analyzers, of course, are the most non-standard thing when it comes to any kind of data communication, so we look up in their manual what ports they use for what.
Device
|
Function
|
Port
|
API Analyzers
|
APICOM
|
3000
|
Thermo Analyzers
|
Modbus
|
502
|
Agilaire Loggers
|
Polling
|
9881
|
Agilaire Loggers
|
Link to Logger (Telnet)
|
9887
|
So, if we want to poll a logger through our DSL connection, we have to somehow go from public IP 72.15.67.144, through the router, and to LAN-side IP address 192.168.1.88 and into port 9881, right? That’s exactly what the Network Address Translation table (sometimes called the “Port Forwarding” table) in routers does. It lets you map any LAN side IP/port combination to a port on the router for the WAN/public side.
So, a NAT table for our site might look like this:
WAN Port
|
LAN IP
|
LAN Port
|
9881
|
192.168.1.88
|
9881
|
9887
|
192.168.1.88
|
9887
|
9942
|
192.168.1.42
|
502
|
9400
|
192.168.1.140
|
3000
|
If we configure E-DAS to look for the logger at IP 72.15.67.144 for the site, then ports 9881 and 9887 just pass through normally. If we want to use APICOM to hit our ozone analyzer, we can program APICOM to go to IP 72.15.67.144 and port 9400, and the APICOM commands will route through, etc.
Note that some routers don’t let you change the ports (“translation”), but may only allow you to “forward” a port or series of ports without changing the port numbers.
Assuming the router acts as a regular switch as well, the various shelter devices can talk to each other as well, allowing the Model 8832 to digitally collect data from the analyzers as well. Since Ethernet is multi-session for most devices, they can support simultaneous digital data acquisition as well as remote diagnostics. Similarly, the Model 8832 can simultaneously support data polling from the central computer simultanously with a technician remotely linked into the data logger via Telnet, watching real-time readings or reviewing diagnostic data.
THIS is the future.
Whoa, whoa- I still have some old serial analyzers or some of my analyzers don’t even come with Ethernet! What do I do?
You still have a number of architecture options. There is no obviously “best” option, since it depends on your priorities. Serial devices are single-session, so the usage of that serial port is tied to your physical architecture. There are two main approaches:
Remote Diagnostics-Focused
In this case, we prioritize the capability to use remote control/diagnostic functions remotely. In this case, we tie the serial devices together into a terminal server (which acts as a serial-to-Ethernet converter). The terminal server has its own IP address, and each serial port on the terminal server can be mapped to an IP port (which through the NAT table, we can map to WAN ports on the router, and connect remotely via iPort / APICOM / etc). If our site is running a Model 8832 data logger, it is possible to create “virtual serial ports” on the data logger mapped to those IP/port combinations, from which serial data acquisition can also be done. However, since two tasks can both try to connect to that port on the terminal server, the serial data acquisition can be interrupted. |
Digital/Logger-Focused
In this scenario, we use the serial ports on the Model 8832 to connect to the instrument, making it the central point for the serial instrumentation. This provides more reliable data communications, but use of remote diagnostic software from a remote location is more limited. In this case, the technicians focus on using the diagnosic values collected in the data logger / Agilaire software for initial diagnostics, and might utilize a local connection via iPort/APICOM/etc while on-site for control/configuration functions. |
In summary..
There’s a variety of available architectures when designing your shelter network. Often, the decisions are driven by the connections and ports that are made available going out from the central data management office. Recognize also that the network will mature and grow as you move from more serial devices to more network-capable devices (to take advantage of the full capabilities).
Of course, the network can be fairly easily changed with modest equipment/cabling changes, so get out there, grab some cables, and hook some things up. And, of course, we stand ready to offer help and advice at any time (contact us at [email protected]).