NAT switches
Cost-effective integration in higher-level networks – With virtual addressing (NAT)
If identical machines are operated in parallel in a network, each machine must be configured individually. This is the only way to integrate them into the higher-level communication network. Various NAT mechanisms enable you to operate entire production cells with the same IP address space, without having to configure the machines individually.
In the image gallery, we present various NAT mechanisms that are supported by our NAT switches.
Overview of NAT mechanisms
1:1 NAT
With 1:1 NAT, each device in the LAN is allocated an IP address from the higher-level network (WAN). The device can then be addressed from the WAN via this allocated address. Advantage: router or gateway configuration is not necessary in the WAN. Communication can be established from both the LAN and the WAN, and is not restricted to dedicated protocols. Disadvantage: an IP address must be reserved in the WAN for each accessible device in the LAN.
Virtual NAT
Virtual NAT combines 1:1 NAT with a virtual router level. In this router level, the address is mapped from the LAN and is then transferred to the WAN from the virtual intermediate level as with standard routing. Advantage: only one IP address is required from the WAN, for the NAT interface itself. Disadvantage: in the WAN, the route to the (virtual) network must be indicated and the NAT WAN interface entered as the NextHop or gateway address.
IP masquerading
With IP masquerading, the NAT device essentially acts as a proxy, so all the LAN devices communicate externally using the NAT WAN interface address. Various TCP/UDP ports are used to differentiate between the different LAN devices. Advantages: no additional WAN addresses are required aside from the address for the NAT device itself. Router or gateway configuration is not necessary in the WAN. Disadvantage: WAN devices can only communicate with LAN devices via port forwarding.
Port forwarding
You can access a specific service of a LAN device from the WAN network via port forwarding. To implement forwarding to the desired LAN device, the WAN interface of the NAT device is addressed using a defined TCP/UDP port number.
Very flexible
The FL NAT 2000 offers a high degree of flexibility, as each of its 8 ports can be freely assigned as LAN or WAN ports. This means that you can use the FL NAT 2000 as a simple NAT switch with one WAN port and seven LAN ports. There is no need for an additional switch in the system.
Alternatively, you can use the NAT switch to connect a machine to multiple higher-level networks, such as production and diagnostics networks. You can choose from various NAT mechanisms: 1:1 NAT, virtual NAT, IP masquerading, and port forwarding.
Redundancy in the LAN and WAN
In order to ensure a high degree of reliability both within the system and when connecting to higher-level networks, FL NAT 2000 switches support redundancy mechanisms on the LAN and WAN side.
For redundant connection to higher-level WAN interfaces, you can integrate the FL NAT 2000 into an RSTP ring with two WAN ports.
On the LAN side, you can use both RSTP and MRP as the master or client to redundantly connect parts of a machine to the NAT switch.
PROFINET support in the LAN
NAT switches support PROFINET functions
On the LAN side, the FL NAT 2200 and the FL NAT 2300 offer full PROFINET integration:
- Integration in PROFINET control environments, e.g., TIA or PC Worx
- MRP support for increased availability
- LLDP for topology detection
- Hardware-based PROFINET prioritization
- Extended diagnostics for PROFINET
Overview of FL NAT 2000
| FL NAT 2000 | FL NAT 2200 | FL NAT 2300 | |
|---|---|---|---|
| Transmission speed | 10/100 Mbps |
10/100 Mbps | 10/100/1000 Mbps |
| Alarm contact | No | Yes | Yes |
| Temperature range | 0°C ... +55°C | -40°C ... +70°C | -40°C ... +70°C |
| Protection class | IP20 | IP20 | IP20 |
| Supply voltage | 18 ... 32 V DC | 12 ... 57 V DC (redundant) | 12 ... 57 V DC (redundant) |
| NAT functions | 1:1 NAT, virtual NAT, IP masquerading, port forwarding (source/destination) | 1:1 NAT, virtual NAT, IP masquerading, port forwarding (source/destination) | 1:1 NAT, virtual NAT, IP masquerading, port forwarding (source/destination) |
| Routing | Static routing | Static routing | Static routing |
| Filter functions | |||
| Quality of Service | Yes | Yes | Yes |
| VLAN | Yes | Yes | Yes |
| Multicast/IGMP snooping | Yes | Yes | Yes |
| Redundancy | |||
| Rapid Spanning Tree (RSTP) | Yes | Yes | Yes |
| MRP manager/client | No/yes | Yes/yes | Yes/yes |
| Fast Ring Detection (FRD) | No | Yes | Yes |
| Large Tree Support | No | Yes | Yes |
| Extended ring redundancy of 15 ms | No | No | No |
| Management functions | |||
| Port configuration, statistics, and utilization | Yes | Yes | Yes |
| Link Layer Discovery Protocol (LLDP) | Yes | Yes | Yes |
| Address Conflict Detection (ACD) | Yes | Yes | Yes |
| DHCP server | Port-based | Pool-based/port-based, option 82 | Pool-based/port-based, option 82 |
| Command Line Interface (CLI) | Yes | Yes | Yes |
| Automation protocols | |||
| PROFINET conformance class | A | B | B |
| PROFINET device | No | Yes | Yes |
| EtherNet/IP™, extended multicast filtering | Yes | Yes | Yes |
| Approvals | - | Maritime approvals, ATEX, IECEx | Maritime approvals, ATEX, IECEx |
PHOENIX CONTACT (Ireland) Ltd
Calmount Park
Ballymount
Dublin 12
D12 XE18
Ireland
"$pageName" on