Post on 19-Mar-2020
transcript
UserGroupTechnical Seminars
Our presentation will begin at 12:00 pm Central
Design Considerations for EtherNet/IP NetworkJanuary 2020
Presenters:
Luis RamosSolution Architect
Rockwell Automation
Wayne WelkAutomation Specialist
The Reynolds Company
2020 Events
• Monthly technical seminars
• Stay current on the latest trends, products & solutions
• Hands on workshops with FactoryTalk Studio
• Cloud-based, work from your office
• Seminars and workshops that explore the Industrial Internet of Things (IIoT)
• Local instructor-led training
• Certificate programs available
https://trcautomation.solutions/events/
Future User Group Topics
February 12th
Industrial LED Lighting ControlsMarch 18th
IIoT Update with HMS NetworksApril 15th
Bringing Augmented Reality (AR) to the Factory Floor
https://trcautomation.solutions/events/
Future Dev Day Workshops
January 28th
Introduction to Distributed HMI with FactoryTalk View SE
Also available as on-demand workshops
https://trcautomation.solutions/events/
Future IIoT Learning Series Topics
March 18th
IIoT Update with HMS NetworksMarch 31st
Flexy 205 Advanced Functionality Workshop
https://trcautomation.solutions/events/
Industrial Network DesignStructured and hardened network infrastructure
PUBLIC | Copyright ©2019 Rockwell Automation, Inc. | #ROKLive | 8
• What are reference architectures?• Blueprint for baseline architectures, considerations and best
practices for design and implementation
• Reference Architectures:• Marketectures – high-level marketing architectures and
illustrations• White papers and Knowledgebase articles based on
proof-of-concept (POC) testing• Accelerator Toolkits:
• Examples - Drives and Motion, Safety, Energy Management
• System Configuration Drawings• Examples – Stratix®, MCC, Wi-Fi, ControlLogix®
• Converged Plantwide Ethernet (CPwE) Architectures:• Collection of Architected, Tested & Validated Designs
• Test labs – Cisco, Panduit, and Rockwell Automation
• White papers, design guides, application guides
Reference ArchitecturesStructured and hardened network infrastructure
PUBLIC | Copyright ©2019 Rockwell Automation, Inc. | #ROKLive | 9
• Smart Industrial IoT Devices• EtherNet/IP™ Industrial IoT Technology, Hardened,
ODVA Conformance Tested• Managed Infrastructure – Stratix® for:
• Zoning (Segmentation), Resiliency, Security, Diagnostics
• Zoning (Segmentation)• Logical Model based on Standards• Physical – e.g. CIP Bridge• Switch Hierarchy (L2/L3), VLANs, Firewalls• Software-Defined Security Groups
• Resiliency• Robust Physical Layer• Redundant Paths with Resiliency Protocols• Redundant Switches, Wireless and Firewalls
• Time-critical Data• Data Prioritization via Quality of Service (QoS)• Time Synchronization via IEEE 1588 Precision
Time Protocol (PTP) and CIP Sync™
• Wireless – Mobility• Unified and Autonomous Architectures• Equipment and Personnel
• Holistic Defense in Depth Security• Multiple Layers, at different IACS Levels, with
diverse technology, implemented by different personas
• Convergence-ready• Network Address Translation (NAT)
Key tenets of Converged Plantwide Ethernet (CPwE):Structured and hardened network infrastructure
Managed infrastructure
PUBLIC | Copyright ©2019 Rockwell Automation, Inc. | #ROKLive | 11
Industrial Ethernet switch type selectionManaged infrastructure
Advantages Disadvantages
Managed Switches
Unmanaged Switches
Device Level Ring (DLR) –Embedded Switch Technology
• Loop prevention and resiliency• Segmentation services (VLANs and security groups)• Security services• Management services (Multicast, DHCP per port and DLR)• Diagnostic information• Prioritization services (QoS)
• Inexpensive• Simple to set up
• More expensive• Requires some level of support and
configuration to start up
• No loop prevention or resiliency• No security services• No segmentation or prioritization services• No diagnostic information• Difficult to troubleshoot, no management services
• Ring loop prevention and resiliency• Cable simplification with reduced cost• Prioritization services (QoS)• Time Sync Services (IEEE 1588 PTP Transparent Clock)• Diagnostic information
• Limited management capabilities• May require minimal configuration
PUBLIC | Copyright ©2019 Rockwell Automation, Inc. | #ROKLive | 12
• Manageability by OT and IT tools• Topologies - switch-level and device-level• Switching • Routing • FactoryTalk® Network Manager™ software
Managed infrastructure enables network and security servicesManaged infrastructure
Stratix® 8000/8300 Stratix® 5400 Stratix® 5410
Stratix® 5700/ ArmorStratix™ 5700
Stratix® 2500
Stratix® 5800
Industrial Ethernet Switches (IES)
• Layer 2 switching or Layer 3 routing• Diagnostic information• Network Address Translation (NAT)• Segmentation / VLAN capabilities• Prioritization services (QoS)• Network resiliency
PUBLIC | Copyright ©2019 Rockwell Automation, Inc. | #ROKLive | 13
• QoS helps mitigate the following network issues:• End-to-end delay
• Fixed delay – latency• Variable delay – jitter
• Bandwidth capacity issues• Packet loss
Quality of Service (QoS)Time-critical data - Data prioritization
Stratix® Managed Industrial Ethernet
Switches (IES)
PUBLIC | Copyright ©2019 Rockwell Automation, Inc. | #ROKLive | 14
What Is DHCP?• Dynamic Host Configuration Protocol (DHCP)
• Protocol for assigning dynamic IP addresses to devices on a network.
• DHCP Server functionality • Assigns IP address from a pool of available addresses to the devices (DHCP Clients)• If a device leaves and then rejoins the network, it may not get the same address.
• DHCP Persistence • Can be used to assign specific IP addresses.
Segmentation
PUBLIC | Copyright ©2019 Rockwell Automation, Inc. | #ROKLive | 16
Isolated Local Area Networks (LANs)Segmentation – Network services
PhysicalMultiple NIC
IsolatedNetworks
Plant-wide / Site-wide Network
Control NetworkLevels 0-2
PUBLIC | Copyright ©2019 Rockwell Automation, Inc. | #ROKLive | 17
Virtual LANs (VLANs)Segmentation – Network services
Layer 2
Stratix®
Ring
Plant-wide /
Site-wide IACS
Machine #1
OEM #1
Machine #2
OEM #2
EWSOWS
Controller
I/OI/O
Controller
Plant-wide / Site-wide IACSVLAN 40IP Subnet 172.16.40.0/24
Large Flat LANLarger Layer 2 Broadcast Domain
Machine #1 (OEM #1)VLAN 20IP Subnet 10.20.20.0/24 VLAN 10IP Subnet 10.10.10.0/24
Machine #2 (OEM #2)VLAN 30IP Subnet 192.168.30.0/24VLAN 5IP Subnet 192.168.1.0/24
Plant-wide / Site-wide IACSVLAN 40IP Subnet 172.16.40.0/24
VLAN10 Ring
Plant-wide /
Site-wide IACS
Machine #1
OEM #1
Machine #2
OEM #2
EWSOWS
Layer 3
VLAN20
VLAN30
VLAN5
Small Connected LANsSmaller Layer 2 Broadcast Domains
Stratix®Stratix®
IES IES
Controller
I/OI/O
Controller
Stratix®
Stratix®Stratix®
IES IES
Topology Design Considerations
PUBLIC | TechEd | #ROKLive | Copyright ©2019 Rockwell Automation, Inc. 19
Redundant Path Topologies with Resiliency ProtocolsResiliency
Switch-level Topologies
Device-level Topologies
VFDDrive
I/O I/O
VFDDrive
HMII/O
I/O
Instrumentation
VFDDrive
Controller
ControllerServoDrive
Switch-level, Device-level and Hybrid Topologies
Controllers,Drives, and Distributed I/O
Cell/Area Zone
HMI
RedundantStarFlex Links
HMI
CiscoCatalyst 2955
Cell/Area Zone
Switch Stack
Controllers,Drives, and Distributed I/O
Cell/Area Zone
HMI
Controller
RingResilient Ethernet Protocol (REP)
HMI
Cell/Area Zone
Controllers
Controllers, Drives, and Distributed I/O
Switch Stack
Star/BusLinear
Cell/Area ZoneControllers, Drives, and Distributed I/O
HMI
Controllers
Stratix® Managed Industrial Ethernet
Switches (IES)
Stratix® Managed Industrial Ethernet
Switches (IES)
PUBLIC | TechEd | #ROKLive | Copyright ©2019 Rockwell Automation, Inc. 20
Networking Design Considerations - Topology ChoiceResiliency
Redundant Star Ring Linear
Cabling RequirementsEase of ConfigurationImplementation CostsBandwidthRedundancy and ConvergenceDisruption During Network UpgradeReadiness for Network ConvergenceOverall in Network TCO and Performance Best OK Worst
RedundantStarFlex Links
HMI
CiscoCatalyst 2955
Cell/Area Zone
Switch Stack
Controllers,Drives, and Distributed I/O
Cell/Area Zone
HMI
Controller
RingResilient Ethernet Protocol (REP)
HMI
Cell/Area Zone
Controllers
Controllers, Drives, and Distributed I/O
Switch Stack
Star/BusLinear
Cell/Area ZoneControllers, Drives, and Distributed I/O
HMI
Controllers
Stratix® Managed Industrial Ethernet
Switches (IES)
Device Level Ring (DLR)
PUBLIC | Copyright ©2019 Rockwell Automation, Inc. | #ROKLive | 22
Device Level Ring (DLR) Overview
A DLR network is a single-fault tolerant ring network
Advantages include: Simple installation
Resilience to a single point of failure on the network
Fast recovery (3ms) time when a single fault occurs on the network
Comprehensive diagnostics
Hardware Support: Stratix 5700 / 5400 / 5800
IO / Power / Visualization / E-Taps
A full report is provided in ENET-TD015_-EN-P
PUBLIC | Copyright ©2019 Rockwell Automation, Inc. | #ROKLive | 23
Device Level Ring protocol
Device Level Ring Topology
• Supervisor blocks traffic on one port
• Sends Beacon frames on both ports to detect break in the ring
• Once ring is restored, supervisor hears beacon on both ports, and transitions to normal ring mode, blocking one port
Beacon Beacon
Announce AnnounceBlocking
Forwarding
I/O I/O
Active Ring Supervisor
Controller
VFDI/O
IES
PUBLIC | Copyright ©2019 Rockwell Automation, Inc. | #ROKLive | 24
Device Level Ring (DLR) ExampleDevice Level Ring (DLR) Faceplate - Diagnostics
Shown using DLR faceplates: Available diagnostics:
Network Supervisor
Node
Ring Participant
Node
Connection Link Status (Red/Green)
Supervisor Takeover
Order
PUBLIC | Copyright ©2019 Rockwell Automation, Inc. | #ROKLive | 25
Redundant Gateway and DHCPDHCP for DLR Overview
Combines Direct DLR and DHCP: Provides assignment of fixed IP addresses to devices on the
Device Level Ring
Similar to DHCP per port except that end devices are recognized by their location on the ring
DHCP switch must be the ring supervisor
Table does not have to include all devices on the ring
Parallel Redundancy (PRP)
PUBLIC | Copyright ©2019 Rockwell Automation, Inc. | #ROKLive | 27
• What is PRP?• PRP, parallel redundancy protocol, IEC standard
62439-3• Fault tolerant, fully redundant Ethernet infrastructure
at Layer 1 and 2• Same packet is sent on both LANs
• Typical applications for PRP• Where redundant network infrastructure is desired• Process applications (eg. 24x7x365 operational
requirements)• ControlNet redundant media migration opportunities,
such as transportation tunnels
PRP (Parallel Redundancy Protocol)
LAN A LAN B
Overview
PUBLIC | Copyright ©2019 Rockwell Automation, Inc. | #ROKLive | 28
• PRP terminology• DAN, Dually Attached Node, has PRP protocol built in and attaches to both LANs• SAN, Singly Attached Node, is a node that does not have PRP built, attaches to one LAN• RedBox, facilitates PRP connectivity for standard devices• VDAN, Virtually attached Node would be the device connected through the RedBox.
PRP (Parallel Redundancy Protocol)IEC standard terminology
LAN ALAN B
SAN
DANs in I/O chassis
VDANs
RedBox –Stratix® 5400
PUBLIC | Copyright ©2019 Rockwell Automation, Inc. | #ROKLive | 29
• Smart Industrial IoT Devices• EtherNet/IP™ Industrial IoT Technology, Hardened,
ODVA Conformance Tested• Managed Infrastructure – Stratix® for:
• Zoning (Segmentation), Resiliency, Security, Diagnostics
• Zoning (Segmentation)• Logical Model based on Standards• Physical – e.g. CIP Bridge• Switch Hierarchy (L2/L3), VLANs, Firewalls• Software-Defined Security Groups
• Resiliency• Robust Physical Layer• Redundant Paths with Resiliency Protocols• Redundant Switches, Wireless and Firewalls
• Time-critical Data• Data Prioritization via Quality of Service (QoS)• Time Synchronization via IEEE 1588 Precision
Time Protocol (PTP) and CIP Sync™
• Wireless – Mobility• Unified and Autonomous Architectures• Equipment and Personnel
• Holistic Defense in Depth Security• Multiple Layers, at different IACS Levels, with
diverse technology, implemented by different personas
• Convergence-ready• Network Address Translation (NAT)
Key tenets of Converged Plantwide Ethernet (CPwE):Structured and hardened network infrastructure
Happy New Year…