STEP RIGHT UP, Get Your IP Address Here! Understanding BOOTP vs. DHCP
When IT and OT converge on the shop floor, it’s important to understand how and when to let a computer control the assignment of network addresses, or when you would rather keep it under control.
The first time I set up an automation lab of my own at a small school classroom in which I both learned and taught PLCs, I wanted to be absolutely sure of what I was doing, and how I was managing the network. It was a reasonable goal, for sure.
In that case, I chose to assign IP addresses to each PLC, HMI, VFD, and programming PC manually using static IP addresses. In a notebook, I logged each station so that I knew exactly what numbers to assign to each device around the room. It worked somewhat well, but there were some obvious downsides, and it took me a while to learn the differences between static and dynamic addressing, as well as the subtle difference between DHCP and the BOOTP servers that are commonly used for industrial networks.
What’s Wrong with Static IP Addressing?
Before diving into the actual main topic of this article, it’s worth a mention as to why automatic addressing (in other words, handing off control to a computer) may be worthwhile.
Static IP addressing is a very labor-intensive method. At least with a network connection, you can access the various devices remotely, but you still must apply settings and set each one individually. If you lose count, there may be a conflict. It’s exhaustive enough at first setup, but if the network needs to change, you must repeat the process for all machines.
Figure 1. A fairly typical simple automation network with a motor drive, network switch, a couple PLCs, and likely a programming PC. Image used courtesy of Adobe Stock
Inserting new machines into an existing network can also create inconsistencies in the static IP numbering, and before too long, the numbers are completely out of order with how the machines are physically arranged.
IP Addresses Assigned by a Server
Early on in the history of networking, a better method was developed. This more streamlined approach used the presence of a single computer always attached to the network to act as a server for various data applications. One of the data points to be ‘served’ was the network parameters. Today, we can not only assign IP addresses to specific machines, but the server can dynamically release and introduce new devices coming and going from the network at a moment’s notice. Smart, fast, and fairly hands-free. Yet still, careful management may be necessary, and for that reason, BOOTP is still present for industrial machines.
Bootstrap Protocol (BOOTP)
For whatever reason, ‘bootstrap’ was the term applied to the timing of a computer or microcontroller first booting up. Recognizing the binary in/out function (BIOS) and fundamental operating system in order to load the programs involves reading and distributing relevant info at startup, after which it doesn’t need to check for that info again.
If you have a computer that will be firmly connected to a network and bolted down to the shop floor, you can simply transmit the network details to that machine at startup. Each machine on the network can be carefully accounted for, all within one single assignment list on one server computer, especially when you know exactly how many devices should be present at any given time.
Figure 2. BOOTP server tool. Image used courtesy of the author
This is accomplished with a BOOTP server tool, a very small program often included with many industrial automation software packages or as a standalone tool from manufacturers like WAGO or Rockwell. Note that these tools are slowly disappearing as technology evolves to more automated systems.
Using the BOOTP server, a relation is made between a physical hardware MAC address and the IP address reserved for that hardware. Every network interface card has a unique, fixed MAC address. In this way, as each device boots up, it transmits a request to the server to receive its IP address. Any future changes are edited and saved in the tool on the BOOTP server, then the equipment is all restarted and the new network parameters are saved.
There are a couple of catches to this system. If you are using a BOOTP server, you must make sure that a parameter is set on your PLC, VFD, etc. that forces the device to look for a server at a specific IP address. If the parameter looks internally for a static IP address, the network will fail to function.
Second, a BOOTP server will only work with BOOTP-enabled devices. If you have an IPC, for example, that is configured for DHCP only, it will fail to load from a BOOTP server.
Speaking of which, what is this DHCP?
Dynamic Host Configuration Protocol (DHPC)
As devices slowly became more mobile (phones, laptops, etc.), it is obvious that a database that manually matches each MAC address with a pre-defined IP address is impractical. However, that relationship must still be established. With a dynamic configuration, the DHCP server identifies devices entering and periodically checking the network and accessing the server for an IP address.
The engineer does not need to pre-define each IP address, but rather a range of allowable addresses. As a machine comes online (boots up), it requests the next available address from the DHCP server. In an industrial setting, the devices periodically check the server for updates, but if the server goes offline, the machine retains the last IP address.
Figure 3. A normal wi-fi router, like the one in your home, can adapt to devices entering and leaving the network continually. Image used courtesy of Adobe Stock
As you might predict, there are security risks when IP addresses are handed out at the will of the server. If someone gains access to your wired or wi-fi network (like when a friend with a phone visits your house), they may instantly connect to the network, although a password may be needed before browsing.
Even within your home’s wi-fi router, you can access the DHCP and ‘blacklist’ certain MAC addresses. In a similar procedure, for an industrial network, you can whitelist the MAC addresses of your equipment and disallow any other machine from connecting. Even this is not an absolute failsafe cybersecurity measure, but it does provide peace of mind when handing control to an automatic configuration tool.
A DHCP server has the advantage of also being able to assign IP addresses to a BOOTP-enabled device, which comes as a relief when working with legacy equipment.
Should I Use BOOTP or DHCP?
All methods provide a sliding scale of time investment, but at the risk of becoming hands-off in architecture design. Most modern devices will default to BOOTP/DHCP configuration. Working with an IT staff for an industrial network will usually lead to a choice of a DHCP-assigned system, but once again, care must be taken to prevent unauthorized access by any computer with access to a spare Ethernet work in the building.
As with most topics, we cannot make a blanket recommendation on which tool to always use. That’s like recommending one car for all drivers. Different networks have different devices, different managers, and different needs. Understanding the differences can at least help to diagnose problems and weigh the pros and cons while developing the next install.