Industrial automation relies on seamless communication. Modern production facilities deploy thousands of smart sensors, meters, and controllers across large physical areas. To manage these networks efficiently, automation engineers separate these devices into isolated subnets. This separation improves network security, optimizes bandwidth, and isolates broadcast traffic.

However, network segmentation frequently creates data silos. A plant manager at a central workstation cannot access critical performance data from a machine on a different production line. This article explains how to connect segmented Modbus TCP subnets using industrial Ethernet gateways. We will examine the technical challenges, architecture solutions, configuration steps, and real-world deployment strategies.

Understanding the Network Segmentation Challenge

Network segmentation divides a physical industrial network into smaller, logical subnets. Engineers typically use routers, firewalls, or Layer 3 switches to manage these boundaries.

1. Why Engineers Segment Industrial Networks

Industrial automation networks grow rapidly. Unmanaged network growth leads to serious performance bottlenecks and security vulnerabilities. Segmentation solves three major problems on the factory floor:

• Broadcast Storm Mitigation: Modbus TCP runs on top of standard Ethernet. Devices on an Ethernet network frequently send out broadcast and multicast messages. Too many broadcast messages can easily overwhelm the limited processing power of small microcontrollers in older automation equipment.

• Enhanced Cybersecurity: Segmenting networks isolates critical infrastructure into distinct security zones. If malware infects an administrative workstation on the office network, the segmentation barrier prevents the infection from easily reaching the Programmable Logic Controllers (PLCs) on the factory floor.

• Traffic Prioritization: Industrial control loops require low latency and predictable response times. Separating time-critical control traffic from diagnostic or historical data traffic ensures consistent and deterministic network performance.

2. The Modbus TCP Communication Barrier

Modbus TCP uses a client/server architecture. Clients, such as human-machine interfaces (HMIs) or supervisory control and data acquisition (SCADA) systems, send requests. Servers, such as PLCs or power meters, respond to those requests. The protocol relies on standard IP routing to cross subnet boundaries. However, many legacy automation devices lack default gateway configurations. A Modbus TCP server without a default gateway setting cannot reply to a client that sits outside its immediate local subnet. The device receives the incoming packet from the router, but it does not know where to send the response. This engineering limitation stops data collection across subnets entirely.

The Role of Industrial Ethernet Gateways

Industrial Ethernet gateways solve this routing dead-end. These purpose-built hardware devices bridge disparate networks. They handle protocol conversion, address translation, and data mapping.

1. Key Features of Industrial Gateways

Modern industrial gateways offer features that go far beyond simple IP routing. They act as active data brokers between segmented networks.

• Multi-Port Isolation: High-quality industrial gateways feature independent Ethernet ports, each with its own network interface controller. Port 1 connects to Subnet A, and Port 2 connects to Subnet B. This physical separation maintains the security boundaries established by the network engineers.

• Protocol Translation: Many manufacturing facilities mix old and new equipment. Gateways bridge different variations of the same protocol. They function as a Modbus RTU to TCP Gateway to bring old legacy serial data into a modern Ethernet network.

• Data Caching: Gateways constantly poll target servers in the background. They store the retrieved values in internal memory maps. When an external client requests data, the gateway responds instantly from its local cache. This drastically reduces network latency.

How Gateways Differ from Standard Switches

Standard Layer 2 network switches only forward data frames within the same local subnet based on MAC addresses. Layer 3 switches route packets across subnets based on IP addresses, but they do not alter the underlying data payload.

Industrial gateways actively manage the data layer. They can change Modbus Unit IDs, map registers between different memory addresses, and convert serial packets into Ethernet frames. They provide a vital PLC to Ethernet Converter function for older control systems.

Network Architecture Designs for Subnet Bridging

Engineers use two primary network architectures to bridge segmented Modbus subnets. The specific choice depends on factory network security policies and equipment capabilities.

Architecture 1: The Multi-Homed Gateway Approach

This design uses an industrial gateway equipped with multiple independent LAN ports. Port 1 connects to Subnet A, which contains the SCADA system. Port 2 connects to Subnet B, which contains the production machinery.

The gateway does not pass or route standard IP packets between the ports. Instead, it moves data internally via a shared register map. A client on Subnet A reads registers directly from the gateway. The gateway independently fetches that data from a server on Subnet B. This architecture maintains strict network isolation and satisfies rigorous cybersecurity policies.

Architecture 2: Modbus Routing and IP Translation

This method uses Network Address Translation (NAT) principles. The gateway sits between the subnets and acts as a specialized industrial router. It translates foreign IP addresses into local addresses before forwarding the packets.

The destination server sees the incoming request as a local subnet packet. It replies directly to the local gateway address. The gateway then forwards the response back to the original client on the distant subnet. This method works perfectly when field devices lack default gateway configuration fields.

Step-by-Step Configuration Guide

Bridging subnets requires precise configuration. Misconfigured network settings can cause address conflicts, communication timeouts, or network loops. Follow these steps to set up a typical industrial gateway.

Step 1: Assign Physical IP Addresses

You must assign valid, static IP addresses to each gateway port. Ensure these addresses match the subnet schemes of the respective local networks.

• Connect your configuration laptop to the management port of the gateway using an Ethernet cable.

• Open a web browser and enter the default IP address of the gateway to access the management interface.

• Navigate to the Network Settings menu.

• Configure LAN 1 for Subnet A (Example: IP Address 192.168.1.254, Subnet Mask: 255.255.255.0).

• Configure LAN 2 for Subnet B (Example: IP Address 192.168.2.254, Subnet Mask: 255.255.255.0).

• Save the settings and reboot the device to apply changes.

Step 2: Configure Modbus Routing Rules

Next, define how the gateway routes incoming Modbus requests across the network boundary. You must map client requests to the correct destination servers.

• Map by Unit ID: You can route requests based on the Modbus Unit ID, which is also known as the Slave ID. For example, configure the gateway to route Unit ID 1 to IP address 192.168.2.10. Route Unit ID 2 to IP address 192.168.2.11.

• Map by TCP Port: Some gateways use unique TCP ports for routing data. The client sends requests to TCP port 5022 on the gateway. The gateway forwards this specific traffic to standard TCP port 502 on a designated subnet server.

Step 3: Set Up Internal Register Mapping

If your application requires high-speed data delivery or involves slow field devices, configure the internal memory map of the gateway to use data caching.

• Create a new data polling command in the gateway management interface.

• Select the target server IP address and the specific Modbus register addresses you need to collect.

• Define the polling interval, such as 100 milliseconds.

• Assign a local memory address inside the gateway, such as Holding Register 40001, to store this data.

• Configure the remote SCADA client to read data directly from this local gateway address instead of the distant server.

Integrating Legacy Serial Networks

Many manufacturing plants own reliable, legacy machinery that has run for decades. These machines use serial communication protocols like Modbus RTU over RS-485 wires. You must integrate these devices into your segmented Ethernet subnets to achieve full data visibility.

1. Utilizing a Modbus RTU to TCP Gateway

A Modbus RTU to TCP Gateway bridges the physical and logical gap between two-wire RS-485 serial networks and modern RJ45 Ethernet cables.

The gateway converts the serial packets into standard TCP/IP packets. It embeds the exact Modbus RTU frame inside a Modbus TCP packet. This allows modern PLCs located on any segmented Ethernet subnet to read data from legacy power meters, flow meters, and variable frequency drives seamlessly.

2. Connecting Older PLCs

Older PLCs often lack built-in network interfaces. They rely on proprietary serial communication links for programming and data transfer. A PLC to Ethernet Converter solves this compatibility issue. This hardware device attaches directly to the serial programming port of the PLC. It translates the serial protocol into standard Ethernet communication. This conversion allows the old PLC to participate in the segmented Modbus TCP network alongside modern equipment.

Industrial Network Metrics and Data

Data shows that network configuration issues cause significant manufacturing downtime. Proper bridging configurations prevent these costly production interruptions.

The following table shows typical performance metrics for industrial gateways operating across segmented networks.

Industrial field studies show that improper network configuration causes 35% of all industrial communication failures. Utilizing dedicated industrial gateways instead of standard IT routers reduces troubleshooting time by 40%. This improvement keeps production lines running efficiently.

Troubleshooting Common Connectivity Issues

When bridging subnets, engineers often encounter communication errors. Here are the three most common issues and the steps required to resolve them.

Issue 1: Modbus Exception Code 04 (Slave Device Failure)

This error occurs when the gateway successfully talks to the end server, but the server cannot process the specific request.

• Cause: The gateway is asking for a register address that does not exist on the server, or the request format is incorrect.

• Solution: Check the Modbus register map documentation of the target device. Ensure your gateway configuration does not offset the register addresses by one index, which is a common formatting error.

Issue 2: Request Timeouts

The client sends a request across the bridge, but receives no response from the destination device.

• Cause: Incorrect IP routing configurations or missing default gateways on the server devices.

• Solution: Ping the destination server from the built-in diagnostic tool of the gateway. If the ping fails, check the subnet masks and physical cable connections. Ensure the field server points to the gateway IP address as its default gateway.

Issue 3: High Latency and Data Jitter

Data values update slowly, or the communication link drops intermittently.

• Cause: Too many clients are trying to poll the same limited field server simultaneously across the network bridge.

• Solution: Enable data caching on the industrial gateway. Let the gateway poll the field server once at a controlled rate. Allow all external clients to read data from the gateway memory cache.

Security Considerations for Bridged Subnets

Bridging networks creates a communication path between previously isolated zones. You must protect this path from unauthorized access and cyber threats.

1. Implement Access Control Lists

Most industrial gateways include Access Control Lists (ACLs) within their security settings. Only allow specific IP addresses to communicate across the gateway. Block all other network traffic by default. For example, permit only the main SCADA server IP address to access the production subnet. Block all engineering workstations unless they require temporary maintenance access.

2. Disable Unused Management Protocols

Gateways support various configuration methods for ease of use. Turn off all services that you do not use during normal operations. Disable standard HTTP and use encrypted HTTPS for web management. Turn off Telnet and use SSH for command-line access. Finally, disable unused SNMP features to prevent network scanning tools from gathering device data.

Conclusion

Connecting segmented Modbus TCP subnets is essential for comprehensive data collection in modern factories. Industrial Ethernet gateways and PLC to Ethernet Converter devices provide a secure, efficient, and reliable way to bridge these networks. By implementing proper architecture designs, utilizing tools like a Modbus RTU to TCP Gateway, and configuring accurate register maps, engineers can ensure reliable data flow across the entire factory floor.