Overcoming Private Wireless Network Challenges with Supernetting
Integrating non-cellular devices into Private 4G/5G networks via mobile routers like Cradlepoint, Sierra Wireless, and Digi offers significant benefits. However, this approach often leads to challenges such as reduced external visibility and the complexity of managing multiple IP subnets and DHCP scopes for each mobile router. These issues can pose security risks and significant management overhead potentially hindering the deployment of Private Wireless networks in industrial and enterprise settings.
Celona addresses these challenges with its unique and innovative 5G LAN Supernetting solution. This solution simplifies the network architecture, allowing for seamless connectivity and enhanced security.
This feature is supported on Celona private wireless networks with Edge clusters running software version 2306 or higher.
Implementing 5G LAN Supernetting: A Step-by-Step Guide
Objective
Enable non-cellular devices behind mobile routers to connect effortlessly to the enterprise network, ensuring full visibility and accessibility.
Following example illustrates how Celona's Supernetting feature can be used to onboard non-cellular OT & IT end-points in enterprise network.
Configurations on Enterprise Network
Create a subnet for mobile router cellular (WAN) Interface
Net 10 -
10.10.1.x/24VLAN 10IP Address Range -
10.10.1.1 to 10.10.1.254Default Gateway -
10.10.1.1
Create a subnet for LAN behind mobile routers, including devices behind mobile router (Supernet)
Net 30 -
10.30.1.x/24IP Address Range -
10.30.1.1 to 10.30.1.254Default Gateway -
10.30.1.1IP Address range
10.30.1.2 to 10.30.1.50reserved for mobile router LAN interfacesIP Address range
10.30.1.51 to 10.30.1.254reserved for non-cellular devices behind mobile routers
Switch port to Edge must be trunked with subnet Net 10 –
VLAN 10.Note IP subnet Net 30 is not required to be trunked as it will be routed instead
DHCP Configuration
Create a DHCP scope
10.10.1.x/24in subnet Net 10 defined for mobile router cellular (WAN) interfaceCreate a single DHCP scope
10.30.1.x/24in subnet Net 30 defined for end-devices behind all mobile routers (Supernet)Reserve static IP range for mobile router LAN interface in this IP address range
DHCP reservation or static IP address allocation for Edge interface is recommended
Enterprise core router must have a static route for Net 30 (Supernet) with next-hop IP set to Edge interface IP address on Net 10 (VLAN 10)
Configurations on mobile router(s)
IP address of the cellular (WAN) interface of the mobile router(s) is set up during the attach process
IP Address Range -
10.10.1.2 to 10.10.1.254Default Gateway IP -
10.10.1.1
Assign a unique static IP address to the LAN interface of the mobile router(s)
Reserved IP address range -
10.30.1.2 to 10.30.1.50Note - This can be done manually or via templates to assign static IP addresses in bulk
Turn off source NAT, so the mobile router is only routing
Turn on DHCP relay to upstream enterprise DHCP server
Configurations on Celona Orchestrator to set up Supernetting
Step 1. Create External IP Domain Setup
Create External IP Domain for IP subnet Net 10 (VLAN 10) for mobile router(s). Refer documentation.
Step 2. Create an Advanced Network configuration template to set up Supernetting
These templates can be created on an
Edge Cluster details page, as long as the edge is running a version of 2305 or higher.Navigate to the end of the page and click the
Add Advanced Network Configbutton to open up the form
Give a name for your template (mandatory field)
Enable Supernetting and set the subnet mask
Subnet masks must hold the following format:
a.b.c.d/e.f.g.h(where a, b, c, d, e, f, g, h are each numbers between 0 to 255) adhering to the IPv4 notationSubnet mask corresponds to the IP subnet (Supernet) set up for end-devices behind the mobile Router
In this example, the subnet mask will be set to :
10.30.1.0/255.255.255.0
Once you click
Createat the end of the form, you should see a success message with a green banner denoting that the advanced configuration has been successfully created, and the table should reflect your new template.
Step 3. Create a Device Group
Formulate a device group for the mobile routers, adding their SIMs to this group.
Navigate to the
Device Groupspage and click onCreate Newto create a new device group
To create a device group, provide a
Name (mandatory field)
Add mobile router(s) (SIMs) to the device group
Step 4. Apply Supernetting configuration to a Device Group
Assign the Supernetting template to the device group, ensuring the configurations take effect.
Navigate to the
Device Groupspage and click on the 3-dot menu, followed by theEditbutton to launch the edit device group workflow for mobile router(s) device group created in step 3.To apply an advanced network config policy to the device group, select an edge cluster and the corresponding advanced network configuration templates will appear
Please note that the
Advanced Network Configfield will only be displayed if an external IP domain is selected in the previous field
Editing/Removing advanced network config from a device group
To edit/remove an applied advanced network configuration from a device group, click on the 3-dot menu, followed by the
Editbutton to launch the edit device group workflow.Select another template or mark the field as
Noneto remove the associated configuration
Editing/Deleting an advanced network config template
Once an advanced network configuration has been successfully created, you can edit or delete the config and associated parameters from the edge cluster details page, using the 3-dot menu at the last column of the config table
Note: Please note that applying, editing or removing an advanced network configuration to a device group may result in network downtime so we recommend doing this during a maintenance window.
The same applies for editing the parameters of an advanced network config template which is already in use by one or more device groups.