Introduction to IT Networking

Featuring Robert Lastinger from Distech Controls

February 2019
 Robert Lastinger Dave Cousins
Technical Support, Distech Controls Director of Product Development,
Optigo Networks
Objective

For OT professionals to gain a base understanding of the IT

language, and enable them to participate in overall network design
conversations.
Intro to networking agenda
• Network Layers
• Network Access
• Ethernet
• Wi-Fi
• Hotspots & Clients
• VLAN
• Internet
• DHCP
• Static IP
• Subnet
• Gateway, Firewalls, VPNs
• DNS
• Transport & Application
• TCP & UDP
• BACnet
• Protocols
It’s a big topic!
Register at: https://new.optigo.net/intro-networking-webinars/

Intro to Networking

Network Access Internet Layer Transport &

DHCP, Static IP, Subnets, Application
Ethernet, Wi-Fi, Hotspots &
Gateways, Firewalls, VPNs, TCP, UPD, BACnet, Protocols
Clients, VLANs
DNS

Designing a Network
Network Layers
From:me To:you

Distech Controls, Robert Lastinger

4205 place de Java, Brossard, QC
Canada, J4Y 0C4

Optigo Networks
Attn: Dave Cousins
1200-555 W. Hastings
Vancouver, BC
V6B 4N6 Canada
Network Layers
Networking can be divided into distinct layers. For the
purposes of this training it will help with our
understanding of basic network architecture and how it
relates to controls. There are several models commonly
used to describe network layers. The most popular is the
OSI Model which uses 7 layers. Despite being the most
popular, this model is not well suited for this training or
for controls in general. The TCP/IP Model is easier to
understand, has fewer layers and facilitates the design
and implementation of controls networks that include IP
based controllers.
 Internet & connectivity

Computer

Server rooms
 Public or VPN
Network Overview
Internet
Gateway & Firewall

Private L3 Network Gateway & Firewall

/
Intranet

Private L3 Network
L2 Network L2 Network /
/ Intranet
/
Subnet Subnet
 Switch Router & Firewall &
VPN
IT Internet

SaaS
Layer-3
Switch

BBMD
Switch
BACnet LAN - Ethernet

BACnet
Workstation BACnet
Field Panel
Switch (layer-2) Network of devices Ethernet to
MS/TP
“Router” (layer-3 switch) Connects networks Sensors and Router
Actuators
Router (Gateway) Bridge public and private network BACnet LAN - MSTP
Firewall Filter traffic
BACnet
VPN Connect trust devices over untrusted Field Panels
medium
Sensors and
Actuators
Network Access
Network Access Layer

The Network Access Layer can be thought of as the physical layer. This layer describes and defines how computers
and devices will physically send their data through the network. Basically, how will you connect to the network. The
most common methods in the control world are Ethernet and Wi-Fi.
Ethernet
Definition - a system for connecting a number of computer systems to form a local area network, with protocols to
control the passing of information and to avoid simultaneous transmission by two or more systems.
Advantages
● Ethernet Ports are common

● Faster than wireless

● Typically more secure

● Greater Stability

Disadvantages
● Expensive to install

● Not supported by mobile devices

Wi-Fi

Definition – The standard wireless local area network (WLAN)

technology for connecting computers and a myriad of electronic
devices to each other and to the Internet. Wi-Fi is the wireless version
of a wired Ethernet network, and it is commonly deployed alongside it

Advantages
● Lowered cost of install

● Compatible with mobile phones and tablets

● Better accessibility for technicians and other trades.

Disadvantages
● Slower than wired

● Subject to interference

● Typically less secure than wired

 Unmanaged vs Managed Ethernet Switch
Unmanaged Switch Managed Switch

• Packet Switching • Packet Switching

• Segregation / Isolation
Pro: Easy to set up • Port Security
• Information
Con: No control or information, poor
• Easy to use interface
troubleshooting ability

Pro: Control and Information, ideal for large deployments

Con: Expensive, and more setup work
OPTIGO NETWORKS
VLANs
VLAN-10

VLAN-20

VLAN-30
Internet
Internet
The Internet layer is responsible for placing data that needs to be transmitted into data packets known as IP
datagrams. These will contain the source and destination addresses for the data within. This layer is also
responsible for routing the IP datagrams. The main protocols included at Internet layer are IP (Internet
Protocol), ICMP (Internet Control Message Protocol), ARP (Address Resolution Protocol), RARP (Reverse
Address Resolution Protocol) and IGMP (Internet Group Management Protocol). Terms you will commonly hear
that relate to this layer are IPV4 and IPV6. For the purposes of this training we will only be talking about IPV4.
IPV4

DHCP (Dynamic Host Configuration Protocol)

DHCP Lease (Dynamic vs Reserved)

Static IP

Subnet

Gateway

DNS ( Domain Name System)

DHCP
DHCP – is a client/server protocol that automatically provides
an Internet Protocol (IP) host with its IP address and other
related configuration information such as the subnet mask and
default gateway.

How it Works - DHCP provides an automated way to distribute

and update IP addresses and other configuration information on
a network. Typically a DHCP server will respond to requests from
clients with an address that resides in the DHCP Scope. Along
with IP addresses, DHCP servers can provide other information
concerning the network if they are configured to do so.

DHCP Scope - A DHCP scope is a valid range of IP addresses

that are available for assignment or lease to client computers on
a particular subnet. In a DHCP server, a scope is configured to
determine the address pool of IPs that the server can provide to
DHCP clients.
Subnet
A Subnet or a Sub Network is a logical subdivision of an IP network. The
practice of dividing a network into two or more networks is called subnetting. A
subnet is basically a smaller network within a larger one. We can subdivide a
larger network to create a smaller network for our controllers and devices on a
job and we can control how much of the network sees our broadcast traffic.
Gateway & NAT
Many Private IPs

192.168.0.5
Single Public IP

192.168.0.6 206.12.0.100

Router Gateway Internet

192.168.0.7 With NAT

Network Address Translation (NAT) Gateway

• Map all private IP address as one public IP address • This is the router that the network uses to
• Example: route packets with indeterminant destination
• 192.168.1.5:8080 ←→ 206.12.0.100:23456
• 192.168.1.7:80 ←→ 206.12.0.100:23457
Gateway – Typically, in a TCP/IP network,
nodes such as servers, workstations and
network devices each have a defined default
route setting, (pointing to the default gateway),
defining where to send packets for IP
addresses for which they can determine no
specific route. The gateway is by definition a
router.
 192.168.11.20/24
IP Routing Default gateway: 192.168.11.1

192.168.11.1/24

10.10.0.254/16 192.168.12.1/24

192.168.12.2/24
10.10.88.100/16 Default gateway: 192.168.12.1
Default gateway: 10.10.0.254

Example route:
10.10.88.100 → 10.10.0.254 → 192.168.11.1 → 192.168.11.20

• Routes based on routing table

• Routers do not pass broadcast packets
• Reason we have BBMDs (BACnet Broadcast Management Devices)
DNS DNS (Domain Name System) – The Internet's system for converting
alphabetic names into numeric IP addresses. For example, when a Web
address (URL) is typed into a browser, DNS servers return the IP address of
the Web server associated with that name.

URL
www.optigo.net DNS IP
69.67.187.44

Domain Name Service (DNS)

• DNS is the yellow pages of the internet
• Maps hostnames to IP Addresses
• Central registry hosted by trusted companies (ISP, Google, etc..)
Firewall and VPN

Firewall
• permit/block traffic based on rules
• Example:
• Only port 47808 may exit

VPN
• Extend network over a secure encrypted tunnel
• Give remote trusted device(s) a local IP address
Transport Layer
 Transport Layer

The Transport Layer defines the level

of service and status of the connection
used when transporting data. A simple
analogy to use when thinking of this
layer is language. This layer basically
defines what language two device are
going to talk. The primary protocols
(languages) used to facilitate this are
TCP and UDP. There are many more
protocols, but these are two you will
most often use when working with IP
based controllers.
TCP
TCP (Transmission Control Protocol) is a standard
that defines how to establish and maintain a network
conversation via which application programs can
exchange data.

Advantages – TCP is considered a reliable

transmission protocol because it re-orders
unordered segments so that they are in the right
order and it will re-send any data that gets lost in
the network.

Disadvantages – Has significantly more overhead

than UDP and does not allow for “one-to-many”
messages.
UDP

UDP (User Datagram Protocol) a connectionless

protocol that, like TCP, runs on top of IP networks.
Unlike TCP, UDP provides very few error recovery
services, offering instead a direct way to send and
receive datagrams over an IP network. It's used
primarily for broadcasting messages over a network.

Advantages – UDP allows for multi-cast and is

typically faster than TCP with less delay, assuming
ideal network conditions.

Disadvantages – It’s not considered reliable since it

does not typically make use of acknowledgements,
retransmission of missing packets or timeouts.
Application Layer
Application Layer
The Application Layer provides network
services to applications. This layer contains the
high level protocols many of which you have
likely heard of and used. Earlier we made the
analogy between the Transport Layer and
language. We can do the same here. If the
Transport Layer is the language we are
speaking then the Application Layer is the
subject we are talking about using that
language. This is typically the layer that most
people are familiar with. This is because most
of the services they are interested in using are
at this layer.
Protocols

HTTP – Hyper Text Transfer Protocol

SNMP – Simple Network Management Protocol
SMTP – Simple Mail Transfer Protocol
NTP – Network Time Protocol
DNS – Domain Name System
BACnet – Building Automation and Controls networks
Working together.