EPICS Controls Argonne National Laboratory

Experimental Physics and
Industrial Control System

1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  <20142015  2016  2017  2018  2019  2020  2021  2022  2023  2024  Index 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  <20142015  2016  2017  2018  2019  2020  2021  2022  2023  2024 
<== Date ==> <== Thread ==>

Subject: RE: VLANS designing,Geographical vs functional?
From: Emmanuel Mayssat <[email protected]>
To: Zhang Yuliang <[email protected]>, EPICS mailing list <[email protected]>
Date: Wed, 8 Jan 2014 14:51:57 -0800

VLAN = broadcast domain that exists within a defined set of switches.
A VLAN is a switched network that is logically segmented on an organization basis, by functions, project teams, or applications rather than on a physical or geographical basis.
If you are talking about many physical locations, how far apart are they?
Do you have a dedicated link? What are the physical characteristics of your link?
In the case of collocation, this is done with firewalls/VPNs

If you want to use VLAN you should take in consideration (1) human errors, (2) the accessibility of the switch, (3) who is responsible and who manages the switches.

(1) Let's say you have a development vlan and a production vlan on the same switch fabric.
If someone configure incorrectly the switch (or if the configuration is not correctly saved in the Flash and the switch reboot) then you can have PV variables that leak to other networks. In other words, you may think you are working with a development IOC when indeed you are using a production one.
To avoid this, we don't use VLAN but instead different switches and color-coded cables. (Blue = intranet, yellow= development, green= production, etc.)

(2) Function of your configuration (i.e. often ports are configured to belong to untagged VLANs), if a multi-vlan switch is accessible to end-users, that user may connect to the wrong vlan by plugging his cat5 to the wrong port.

(3) There is a logical separation between the IT infrastructure and accelerator's network. Those 2 may be managed by different groups. If that's the case you may consider separate infrastructure otherwise one group may blame the other whenever an issue arise. (The alternative is to be good at scanning log entries!)

Here we use VLANs to segregate beamlines and accelerator networks.
For me, the killer feature of VLANs is the possibility to change the network topology without touching a cable.
That's a must-have if the network equipment is spread throughout the building or at a remote location.

Finally if you are using advanced network features, you should prepare for the worst case scenario where you lose the entire configuration and connection to the switches. Obviously you should dump their respective configurations on disks and have a few memory sticks around, but better yet you may  consider a  clustering of console servers. ( http://www.perle.com/supportfiles/Secure_Clustering_Tech_Note.shtml ) I use IOLAN SCS console servers. The master has the optional V92 modem.

Good luck!
--
Emmanuel



> Date: Wed, 8 Jan 2014 13:28:15 +0800
> From: [email protected]
> To: [email protected]
> Subject: VLANS designing,Geographical vs functional?
>
> Hello all,
>
> We are designing VLANS for CSNS(China Spallation Neutron Source). I want to know which method do you choose in your site, geographical or functional? Any advice? Thanks in advance.
>
> Regards,
> Zhang Yuliang

Replies:
Re: VLANS designing,Geographical vs functional? Maren Purves
References:
VLANS designing,Geographical vs functional? Zhang Yuliang

Navigate by Date:
Prev: Re: Increasing scan rate to 10 kHz Till Straumann
Next: Re: VLANS designing,Geographical vs functional? Maren Purves
Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  <20142015  2016  2017  2018  2019  2020  2021  2022  2023  2024 
Navigate by Thread:
Prev: Re: VLANS designing,Geographical vs functional? Maren Purves
Next: Re: VLANS designing,Geographical vs functional? Maren Purves
Index: 1994  1995  1996  1997  1998  1999  2000  2001  2002  2003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  <20142015  2016  2017  2018  2019  2020  2021  2022  2023  2024 
ANJ, 17 Dec 2015 Valid HTML 4.01! · Home · News · About · Base · Modules · Extensions · Distributions · Download ·
· Search · EPICS V4 · IRMIS · Talk · Bugs · Documents · Links · Licensing ·