CrossLink
Functional description
With HOOC CrossLink service, network groups of several sites can be connected with each other. Once administered, end devices from different locations can communicate directly with each other as if they were at the same location. The possibilities for networking devices and sites are virtually unlimited. Below is just a selection of possible areas of application:
- Networking of several sites on Layer 2 (Site-2-Site)
- Networking of several end devices from several sites on Layer 3 (Device-2-Device)
- VPN access to dedicated VLANs can be realized by using virtual sites.
- Networking of SCADA systems to multiple end devices from multiple sites
- Networking of several end devices from several sites to centralized servers (e.g. log server)
Configuration
Since CrossLink is a user-level service, for its configuration you don’t have to navigate to Site as you would normally do, but instead you stay at the user level (Reseller or Customer) by going directly to Services -> CrossLink.
In case the option DHCP filter is enabled (recommended), the DHCP packets between the connected systems are blocked.
Diagnosis via PING
For diagnostic purposes, you can execute a PING on the specific IP addresses by clicking on the icon.
| Property | Description |
|---|---|
| Source IP | Enter the IP address for the service interface |
| Destination IP | Enter the IP address for the device |
| Subnet | Enter the subnet mask |
| VLAN type | The VLAN type to be used: tagged for the selection of a specific VLAN, untagged if no VLANs are to be used |
| VLAN | The VLAN to be used if tagged is selected for VLAN type |
IP address conflict detection
To determine potential IP conflicts, an IP address check can be performed by clicking on the symbol.
| Property | Description |
|---|---|
| IP-Adresse | IP address to be checked |
| VLAN-Typ | The VLAN type to be used for the check: untagged if no VLANs are used, tagged for the selection of a specific VLAN |
| VLAN | The VLAN to be used if tagged is selected for VLAN type |
Used sites
Before you add any sites and their network groups to the service, make sure that their IP addresses do not overlap in order to prevent IP conflicts.
If there is no overlapping of the IP addresses, you can add a site with the corresponding network group and VLAN by clicking on the icon.
Network group
There are different networks to choose from when selecting the network group:
| Network group | Description |
|---|---|
| LAN | Standard (layer 2 networking) |
| OPT0 | Virtual Network 0 (Layer 3 networking) |
| SEP0 | Isolated network 0 (layer 2 networking) |
| SEP1 | Isolated network 1 (layer 2 networking) |
Please note that the network groups OPT0, SEP0, and SEP1 only work if the firmware of the physical HOOC gateway supports the corresponding network group functionality.
The network groups in the service can be combined individually. For example, a SCADA system can be configured in network group LAN and the remote sites in network group OPT0, so that the SCADA system can communicate directly with the virtual network group OPT0 using a secure remote access connection.
VLAN type of network group
VLANs can be used to divide a single physical network into several logical networks. Virtual sites can be connected to specific VLANs of physical sites.
You can choose between untagged, tagged and trunk:
Untagged
If untagged is selected, no VLANs are used for data traffic to and from the site. For integrating the traffic into the CrossLink service, the affiliation must also be defined. For this purpose, untagged and VLAN are available:
| Affiliation | Description |
|---|---|
| untagged | The traffic from and to the site is assigned to the CrossLink traffic, which does not use any VLANs |
| trunk port | The traffic from and to the site is assigned to the CrossLink traffic that belongs to a specific VLAN. A VLAN ID (1…4094) must be defined accordingly |
Tagged
The traffic to and from the site includes VLAN traffic exclusively managed by the CrossLink service. This means that only VLANs that have been entered as VLAN type untagged and affiliation VLAN are available. The data traffic from and to the site is marked with the corresponding VLAN tags.
Trunk (tagged and untagged)
When trunk is selected, all traffic with and without VLAN tags is transparently forwarded to and received from the site. This also includes VLAN tags that are not explicitly managed by the CrossLink service.
Actions
| Action | Description |
|---|---|
| Change the VLAN settings of the site | |
| Remove the site from the service | |
| Switch to site |