Demystifying Industrial Ethernet Networking · Stratix 5700 Enhanced Security Options. 26....

ReynoldsOnline.com

Demystifying Industrial Ethernet NetworkingLouisiana Users GroupOctober 2017

Upcoming Events

Users Group Seminars

December 13thBest in Show II: Automation Fair Review

January 17th Automation & Software Topic - tbd

February 21stPower Topic - tbd

March 21stIndustrial Control Topic -tbd

PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 32017 Automation Fair® Event #AutoFair17


Process Solutions User Group (PSUG)


Innovation

Safety

Services Modernization eTools

Components

IntelligentMotor

Control

Integrated Architecture

The Connected Enterprise(Industries)


Connected Enterprise Pavilion

Connected Information

/ SCIO Launch

Oil & Gas

Food & Bev

Chemical

Information Solutions Process

LACT

Compressor

CAMA IF318

Pump Jack

Well Head

Theater


Automation Fair 2017Hardware and Software Highlights

GuardLogix 5580

ControlLogix Compute

CompactLogix 5480GuardLogix 5580

Flex 5000

ControlLogix Parallel Redundancy ProtocolModule

Logix Designer V30V4 View Designer

FactoryTalk Network Assistant

DCOM

3RD PARTY OPCDATA CLIENT

UA TCP

3RD PARTY OPCUA CLIENT*

ENHANCEDLinx™ Gateway

(9355-OPDxxxxENE)

Software as a Subscription- FactoryTalk AssetCentre- FactoryTalk Analytics for Devices- FactoryTalk TeamONE- Studio 5000 Application Code Manager- Studio 5000 License Portal (license based

protection)


See You in Houston!

2017 Automation Fair® EventNovember 15-16

Houston, Texas, USAGeorge R. Brown Convention Center

Today’s Topic:

Demystifying Industrial Ethernet Networking

?

Today’s Agenda

•Stratix Portfolio• Managed and Lightly Managed Switches• Methods used to configure Stratix networking devices

•Converged Plantwide Ethernet (CPwE) concepts

•Resilient Network Design

•Ethernet Media

From the User Group Archives

January 2016 topic covered how to configure a Stratix 5700 switch using Device Manager and Studio 5000 AOP

https://trcnew.com/2016/01/18/enabling-the-industrial-internet-of-things-iiot/

https://trcnew.com/2016/01/18/enabling-the-industrial-internet-of-things-iiot/

PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 12

Stratix Introduction

12


The StratixTM product line provides advanced switching, routing and security features for simple, to complex networks applications. The portfolio includes wireless, “On-Machine™” and rack mount options for increased flexibility in hard-to-wire and remote areas. Products are configured using common IT tools for a customized, integrated Plant floor and Enterprise system.

Stratix 8000™/Stratix 8300™

…and Operationsand IT

Addressing the needs of Automation…

Stratix 5900™

Stratix 2000™

Stratix 5100™

Stratix 5700™

1783-NATR

ArmorStratix™ 5700

Networks Infrastructure and Security Portfolio Overview

Stratix 5400™

Stratix 5410™

Stratix 2500™

Copyright © 2016 Rockwell Automation, Inc. All Rights Reserved.COMPANY INTERNAL — CONFIDENTIAL

Rockwell Automation / Cisco Partnership:Best of Both Worlds

14

The Connected Enterprise and the convergence of IT/OT What Rockwell Automation brings to the table within Stratix®

Ability to use existing OT tools to design, build, deploy and maintain Stratix network infrastructure products

Global distribution network capable of providing full service support local to your sites What Cisco brings to the table within Stratix

Ability to use existing IT tools to configure and support Stratix products Best in breed technology designed with the security demands of IT in mind

What the partnership delivers Collaborative engagements not only as it pertains to products, but also for design and

implementation guidance, training, and efforts to address the OT skills gap


The Value of Stratix: Design Phase

15

Validated Reference Architectures (Converged Plantwide Ethernet – CPwE): Detailed documentation and guidance to

address common questions and concerns: Migrating Legacy Networks

Network Segmentation considerations

DMZ Implementation

Implementing Wireless

Custom AOPs/AOIs: Reduced coding effort, and provides for

automatic and consistent context as it relates to tag naming and structure within your programs

Offline Network Performance Evaluation: Layout your network in a software

environment to proactively identify potential issues before a single cable is run


The Value of Stratix: Build Phase

16

Device Level Ring: Ethernet version of “daisy chain” allowing for

reduced cabling and built in resiliency OT Centric Distributor Support:

Local distribution partner who understands the customer applications and can provide local system level support and training

OT Optimized Switch Configuration: Understanding some OEMs and plant maintenance

personnel may not be familiar with networking best practices, the configuration wizard for Stratix® automatically configures the switch to be optimized for automation applications – all the way to the per port level

Network Address Translation (NAT): Allows like equipment to be configured identically

(IP addressing), yet still accessible on the plant network once commissioned


The Value of Stratix: Deploy Phase

17

HMI Faceplates: Existing Stratix faceplates allow for

diagnostics and troubleshooting directly from your Rockwell Automation® HMI applications, reducing the need for PC based troubleshooting

SD Card Support: Save configurations onto an SD card for quick

and easy deployment at commissioning, or if a Stratix® switch needs replaced in the future

Switch InformationFaceplate

Port Information

Faceplate

Trend InformationFaceplate

Broken WireTest

Faceplate


Stratix and Networking Faceplates


The Value of Stratix: Maintain

19

Technical Support: Stratix® switches are covered under your existing

Tech Connect support agreement. This also provides support capabilities for the entire Rockwell Automation® control system as opposed to support tied only to the switch itself

Auto Device Config/Replace: When combining Stratix and Logix controllers, it

is possible to replace devices on the network in a “plug and play” fashion. The IP address and config parameters are automatically downloaded upon replacement

DLR Overview Faceplate: Reduce MTTR by providing instant

feedback to maintenance via the HMI about topology and connectivity

Testing: All of the Stratix portfolio of

products undergo not only functional testing, but also system level testing within a Rockwell Automation® architecture

Managed vs. Unmanaged Switches

PUBLIC Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved.


Network Switch Product Overview

Stratix 8000/8300

Stratix 5400

Stratix 5410

Layer 2 firmware 6–20 ports IP30 and IP67

On-Machine™ platform

Integrated DLR Integrated NAT IEEE1588 PTP PoE/PoE+

Layer 2 or layer 3 routing firmware

6–26 ports Modular platform

for maximum flexibility

IEEE1588 PTP PoE/PoE+

Layer 2 or Layer 3 routing firmware

8–20 ports 4 port or all gig port

versions IEEE1588 PTP Integrated NAT Up to 8 PoE/PoE+ ports PRP (RedBox)

Feat

ures

Access

Distribution

Stratix 2000

5-16 ports Fiber port options Gig port option Plug & play

Unmanaged / Lightly Managed

Stratix 6000

5–9 port Lightly managed Gig Fiber option

19 in Rack Mount Layer 2 or Layer 3 routing

firmware 28 ports All gig ports plus four 10

gig ports IEEE1588 PTP Up to 8 separate

integrated NAT ports Up to 12 PoE/PoE+ ports PRP (RedBox) DC and AC power input

options

Stratix 5700/ ArmorStratix™

5700

Stratix 2500

5-port model 8-port model Basic Traffic management Diagnostics Security

100M/1G 1G/10G100M/1G 100M


Stratix 2500 Lightly Managed Switch

Lightly Managed Switches enable a migration path to improved operational efficiencies and reduced costs through provision of secure, contextualized data and control.

Lightly Managed Switches allow you to control the network: Connect your plants, gain critical diagnostic information within

your Integrated Architecture® system Detect network loops using Spanning Tree Protocol (STP) and

prevent them to help uncover errors before the network stops Prioritize critical traffic using Quality of Service (QoS)

and optimize bandwidth Segment your network using VLANs to help minimize risk of packet

storms that can bring down your network Improve your security posture by using network security features

like port security to control connections to the network

Unmanaged Switches only allow you to connect devices, but cannot provide context of the state of your connectivity


Offers 5 and 8 10/100 Mbps EtherNet/IP copper port versions in a compact design Add-on Profile (AOP) for configuration via Studio 5000® and FactoryTalk® View Faceplate Port security helps disable ports, or control end device connectivity based on MAC ID Diagnostics help minimize downtime SNMPv3, Syslog uncovers errors before the network stops completely SSH and HTTPS for secure connectivity VLAN provides logical segmentation IGMP enables multicast for data traffic control Topology discovery (LLDP) STP, RSTP and MSTP – Loop prevention Operating temperature -20 ˚C…60˚C, protection class IP30

Stratix 2500 Lightly Managed Switch Features


Stratix 5700 Managed Switch 3 base platforms offering 25 configurations

6, 10, 18 and 20 port base units 2 gig port option

SFP slots support multi & single mode fiber Secure Digital flash card (optional) Power over Ethernet (PoE) Dual independent power inputs Alarm relays (2 inputs and 1 output)

Supports – NAT, DLR, CIP SyncCombo ports can be either copper or SFP

Copyright © 2016 Rockwell Automation, Inc. All Rights Reserved.PUBLIC

Stratix 5700 Managed Switch Differentiators

25

Includes integrated DLR connectivity enabling the switch to act as a node or a supervisor on the ring

Offers consolidation of ring information for a single point of management for retrieving network machine-level diagnostics and DLR status (in supervisor mode)

Provides redundant gateway capability providing support for two switches on a single ring connected together on the network for increased resiliency

Enables DHCP IP address assignment to end devices on the DLR network for simplified device replacement.


Stratix 5700 Enhanced Security Options

26

Protecting the Machine Application/Project (CIP) based port access Controller-based port control (on/off) Unauthorized device identification

(tags) per port Configurable port security Preconfigured port security set-up

via smartports Configure number of devices that are

allowed per port Configurable device MAC ID

authentication

Protecting the Plant Encrypted administrative traffic

SSHv2, SNMPv3, and HTTPS 802.1x for user authentication Multiple layers of password protection Access Control Lists (ACLs) to apply

security policies per port TACACS+ and Radius for centralized

authentication


Stratix 5700 Catalog Information

27


Stratix 5700 Software Features

28

* Separate SW IOS required


Stratix 5400 Hardware 18 catalog items supporting

4 gig port versions (8 to 20 ports)

All gig versions (12 to 20 ports)

Single HW form factor (6.12H x 6.12 W x 5.09D in.)

SecureDigital (SD) flash card (included)

Power over Ethernet (PoE)

Up to 12 ports of gig fiber

Dual power inputs (9.6 to 60 VDC)

Expanded temp range (-40 to 70 C)

2 alarm inputs and one output

RJ45 or Mini-USB console port

Minimum four Combo ports for either copper or SFP SD card for

backup

Dual power inputs including PoE power

LED mode selector

Alarm input/outputs




Stratix 5410 Industrial Managed Switch

31

The Stratix 5410TM industrial distribution switch offers a 19” rack mount design with 28 ports providing a centralized point of network distribution and increased port density. In addition to its rugged design, the Stratix 5410 also enables layer 2 switching and layer 3 routing with high performance (10-Gigabit port) capabilities, which can help increase flexibility in designing robust, future-ready network architectures.


Stratix 5410 Applications

32

Rugged design for applications where harsh conditions are present

Provides a centralized point of network distribution

Enables access switching to distribution switching with routing capabilities for configuration flexibility

For use in a wide variety of applications such as: Water/wastewater Oil & Gas Pulp & Paper

Cell/Area Zone - Levels 0–2Star Topology

(Lines, Machines, Skids, Equipment)

Operator Interface

Camera

Controller

Stratix 5410 Distribution Switch

Camera

Drive



33


Stratix Configuration Tools

34


Simplified Setup and Maintenance Common Configuration and Support Tools Configure, Manage and Diagnose your network with familiar tools Automation (OT) Professionals

FactoryTalk® Services tightly integrateinto the Integrated Architecture® system

Studio 5000AOP, Predefined Logix tags FactoryTalk® View Faceplates – Sample Code website Device Manager web Interface

IT Professionals Cisco IOS software and Command Line Interface (CLI) IT management tools: Cisco CNA, CiscoWorks, Cisco Prime, SNMP-based tools Tight integration into joint Cisco and Rockwell Automation®

Converged Plantwide Ethernet (CPwE) Architecture


Simplified Setup and MaintenanceDefault Configurations and Smartports

Easy Switch configuration without being a network expert Express Setup

Automatically sets switch configuration for typical automation applications Smartports

Pre-defined port settings for common automation and network devices like Logix Controllers, Desktop devices and Routers Optimizes traffic through the port

and network Minimizes latency


Studio 5000 AOP

Logix IO Tree Stratix Configuration / Monitoring Options in Studio 5000


Cisco CNAFor easy system diagnostics and configuration


New USB Console Cable

New cable:USB to StratixCNSL - 9300-USBCBL-CNSL

No more adapters• One cable• Plugs into USB port on PC

No installation disk Drivers automatically install


Converged Plantwide Ethernet (CPwE)

40


41

Why Is This Important?Design Considerations for Robust EtherNet/IP Networking

Scalable, robust, secure and future-ready infrastructure/architecture:

Application

Software

NetworkInternet of Things, Internet of Everything


Reference ArchitecturesConverged Plantwide Ethernet (CPwE) Tested, validated and documented Reference Architectures

Tested for performance, availability, repeatability, scalability and security Comprised of a collection of Cisco and Rockwell Automation Validated Designs

Built on technology and industry standards “Future-ready” network design

Content relevant to both OT and IT Engineers OT – Operational Technology

Industrial Control Systems Deliverables

Tested and Validated Reference Architectures Deploy Firewalls Within a CPwE Architecture – Dec. 31, 2016

Industrial Network and Security Whitepapers Deployment of Industrial Firewalls – Dec. 30, 2016

http://www.rockwellautomation.com/global/capabilities/industrial-networks/technical-data/overview.page?

http://www.rockwellautomation.com/global/capabilities/industrial-networks/whitepapers/overview.page?


Logical FrameworkConverged Plantwide Ethernet (CPwE)

Operational Technology

Industrial IT

Information Technology

Physical or Virtualized Servers• FactoryTalk® Application Servers

and Services Platform

• Network & Security Services –DNS, AD, DHCP, Identity Services (AAA)

• Storage ArrayRemote AccessServer

Physical or Virtualized Servers• Patch Management• AV Server• Application Mirror• Remote Desktop Gateway Server

DistributionSwitch Stack

HMI

Cell/Area Zone - Levels 0–2Redundant Star Topology - Flex Links Resiliency

Unified Wireless LAN(Lines, Machines, Skids, Equipment)

Cell/Area Zone - Levels 0–2Linear/Bus/Star Topology

Autonomous Wireless LAN(Lines, Machines, Skids, Equipment)

IndustrialDemilitarized Zone

(IDMZ)

Enterprise ZoneLevels 4-5

Rockwell Automation®Stratix 5000/8000

Layer 2 Access Switch

Industrial ZoneLevels 0–3

(Plant-wide Network)

CoreSwitches

Phone

Controller

CameraSafety

Controller

Robot

Soft Starter

Cell/Area Zone - Levels 0–2Ring Topology - Resilient Ethernet Protocol (REP)


I/O

Plant Firewalls• Active/Standby• Inter-zone traffic segmentation• ACLs, IPS and IDS• VPN Services• Portal and Remote Desktop Services proxy

SafetyI/O

ServoDrive

Instrumentation

Level 3 - Site Operations(Control Room)

HMI

Active

AP

SSID5 GHz

WGB

SafetyI/O

Controller

WGB

LWAP

SSID5 GHz WGB

LWAP

Controller

LWAP

SSID2.4 GHz

Standby

WirelessLAN Controller

(WLC)

Cell/Area ZoneLevels 0–2


Drive


Wide Area Network (WAN)Data Center - Virtualized Servers• ERP - Business Systems• Email, Web Services• Security Services - Active Directory (AD),

Identity Services (AAA)• Network Services – DNS, DHCP• Call Manager

Enterprise

Identity Services

Identity Services

External DMZ/ Firewall

Internet

AccessSwitches

AccessSwitches


Logical FrameworkConverged Plantwide Ethernet (CPwE)

Levels 0-2

Phone

Controller

SafetyController

Camera

Safety I/O

Instrumentation

HMI

Industrial ZoneLevels 0-3

Switch Stack

Media & Connectors

Cell/Area Zone #1Redundant Star Topology

Cell/Area Zone #2Ring Topology

MCC

Layer 3 Distribution

Switch

Soft Starter

Level 2 HMI

Level 0 Drive

I/O

Level 1 ControllerServoDrive

Levels 0-2Levels 0-2 Cell/Area Zone #3Bus/Star Topology



Cisco® Catalyst® Switching and Routing

• Catalyst 3850, Layer 3Distribution Switch

• StackWise™ allows up to 9 switches to be linkedtogether, managed as a single switch, 480GBthroughput

15







HMI






(IDMZ)






CoreSwitches

Phone

Controller

CameraSafety

Controller

Robot

Soft Starter



I/O


SafetyI/O

ServoDrive

Instrumentation


HMI

Active

AP

SSID5 GHz

WGB

SafetyI/O

Controller

WGB

LWAP

SSID5 GHz WGB

LWAP

Controller

LWAP

SSID2.4 GHz

Standby


(WLC)



Drive




Enterprise

Identity Services

Identity Services


Internet

AccessSwitches

AccessSwitches



• Catalyst 4500-X, Layer 3Distribution/Core Switch

• Mid to high level plantdistribution andaggregation

15







HMI






(IDMZ)






CoreSwitches

Phone

Controller

CameraSafety

Controller

Robot

Soft Starter



I/O


SafetyI/O

ServoDrive

Instrumentation


HMI

Active

AP

SSID5 GHz

WGB

SafetyI/O

Controller

WGB

LWAP

SSID5 GHz WGB

LWAP

Controller

LWAP

SSID2.4 GHz

Standby


(WLC)



Drive




Enterprise

Identity Services

Identity Services


Internet

AccessSwitches

AccessSwitches



• Catalyst 6800, Layer 3 Core Switch

• Flagship network core switch, different chassis sizes. 880 GB per slot bandwidth. 11Terabit system capacity

• Virtual Switching System (VSS) – two switches act as a single virtual switch

15







HMI






(IDMZ)






CoreSwitches

Phone

Controller

CameraSafety

Controller

Robot

Soft Starter



I/O


SafetyI/O

ServoDrive

Instrumentation


HMI

Active

AP

SSID5 GHz

WGB

SafetyI/O

Controller

WGB

LWAP

SSID5 GHz WGB

LWAP

Controller

LWAP

SSID2.4 GHz

Standby


(WLC)



Drive




Enterprise

Identity Services

Identity Services


Internet

AccessSwitches

AccessSwitches


Campus ModelConverged Plantwide Ethernet (CPwE)

Hierarchal, modular and scalable building blocks Creates small domains - clear demarcations and segmentation

Fault domain (e.g. Layer 2 loops), broadcast domain, domains of trust (security) Easier to grow, understand and troubleshoot Multi-tier switch model

Core Aggregates distribution switches Backbone of network Industrial DMZ connectivity

Distribution Aggregates access switches Provides Layer 3 services

Access Aggregates industrial automation and

control system (IACS) devices Provides Layer 2 services Access

Distribution

Core


Campus ModelPlantPAx High Availability Architecture

Access


Campus ModelTraffic Recovery

Access

https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Campus/campover.html


EtherNet/IP IntelliCENTER MCCConnecting to the Plant Ethernet Network


Packaged Power SolutionsSegmented Network Approach Integrated Network Approach

52


Logical Model Access Layer Distribution

Structure, Hierarchy and Segmentation Physical vs. Logical

Segmentation Virtual LANs

Network Availability Linear Star Ring

Network Redundancy

Industrial Network Design MethodologyDesign Considerations for Robust EtherNet/IP Networking


Resilient Network Design

54


Network AvailabilityRing Linear

HMI

CiscoCatalyst 2955

Cell/Area Zone

Cisco Catalyst3750 StackwiseSwitch Stack

Controllers,Drives, and Distributed I/O

HMI

CiscoCatalyst 2955

Cell/Area Zone

Controllers

Controllers, Drives, and Distributed I/O

CiscoCatalyst 2955

Cell/Area ZoneControllers, Drives, and Distributed I/O

HMI

Controllers

Cell/Area Zone



HMI

Controllers

Star/Redundant Star

Controller

VFDDrive

HMII/O I/O

ServoDrive

Controller

VFDDrive

HMI

I/O

I/O

Servo DriveDevic

e Lev

elSw

itch

Leve

l


ResiliencyProtocol

Mixed Vendor Ring Redundant

StarNetwork

Convergence> 250 ms

Network Convergence60 - 100 ms

Network Convergence

1 - 3 msLayer 3 Layer 2

STP (802.1D) X X X X

RSTP (802.1w) X X X X X

MSTP (802.1s) X X X X X

rPVST+ X X X X

REP X X XEtherChannel(LACP 802.3ad) X X X X

Flex Links X X XDLR(IEC & ODVA) X X X X

StackWise X X X X X

HSRP X X X X

GLBP X X X X

VRRP(IETF RFC 3768) X X X X X

Network Resiliency ProtocolsSelection is Application Driven


Device Level RingDevice Level Ring (DLR) Overview

A DLR network is a single-fault tolerant ring network intended for the interconnection of automation devices:

Advantages include: Simple installation Resilience to a single point of

failure on the network Fast recovery time when a single

fault occurs on the network


Embedded Switch TechnologyDirect DLR Overview (available on select Stratix 5700™ switches)

Direct DLR connection to Stratix 5700™ : Firmware upgrade on selective

hardware versions Eliminates the need for an ETAP Removes single point of failure at

ETAP Can be configured as a node or

supervisor (active or backup) Supports Redundant Gateway and

DHCP Provides consolidated (in the switch)

network status and diagnostics

PowerFlex®

Drive

CompactLogix™ 5370

Point I/O™

Stratix 5700™

Point I/O™ ArmorPoint I/O™

ETAP

PowerFlex®

Drive

CompactLogix™ 5370

Point I/O™

Stratix 5700™

Point I/O™ ArmorPoint I/O™

Before:

After:


Embedded Switch TechnologyDevice Level Ring (DLR) Example

Shown using DLR faceplates: Available diagnostics:

Network Supervisor

Node

Ring Participant

Node

Connection Link Status (Red/Green)

Supervisor Takeover

Order


Spanning Tree Protocol (MSTP) MSTP is an IEEE standard Ring and redundant star topology Built into Stratix 5410 / 5400 / 5700 / 8000 / 8300 / 2500 Provides:

Loop-free network Redundancy in case of failure

Distribution is the root bridge Operates in a plug-and-play fashion Coordinate with IT before implementing

FB

F - Forwarding

F

DistributionSwitch

Catalyst 3750 Switch Stack

Stratix 8000Access

Switches

B

B - Blocking


EtherChannel

6

Link Aggregation Control Protocol (LACP) port aggregation – IEEE 802.3ad

Redundant Star Topology Built into Stratix 5410/5400/5700/8000/8300 Aggregates multiple physical links into one logical link Provides resiliency between connected switches if a connection is

broken

Stratix 8000Access

Switches

F - Forwarding

F F F F

DistributionSwitch



EtherNet/IP IntelliCENTER MCCHigh Availability – Redundant Star Topology with EtherChannel

EtherChannel redundant star topology Provides redundancy with higher bandwidth

MCC Serviceability Device-level Star topology remains -- no impact

Network and Device Configuration Requires Stratix 5700 with Full firmware Complex implementation, typically used for larger

networks

Network Fault Tolerance High level of network performance & convergence


Flex Links

6

Cisco technology Redundant star only Built into Stratix 5410/5400/5700/8000/8300 Active/Standby port scheme

Provides alternate path in case of failures, avoiding loops

No bandwidth aggregation

Applied to the Stratix Access Switch

Recommend using equal speed ports

Provides fast fail over for multicast traffic A S A S

A - ActiveS- Standby

Stratix 8000Access

Switches

DistributionSwitch



Flex LinksRedundant Star Topology

Stratix 5410

Stratix 5700(Full Features)


Resilient Ethernet Protocol (REP)

• A REP segment is a chain of switch ports connected to each other and configured with the same segment ID.

• Each end of a segment terminates on what is called the "edge port" of an edge switch.

• With REP, in order to prevent a loop in the network, one switch port (the alternate port) is always blocked in any given segment.

• The blocked port helps ensure that the traffic within the segment is loop-free by requiring traffic flow to exit only one of the edge ports. Therefore, when a failure occurs in the segment, REP opens the alternate port so traffic can reach the edge of the segment.


REPSingle Ring

Stratix 5410

Stratix 5700(Lite or Full Features)

Stratix 5400


REPDual Ring

Stratix 5410

Stratix 5700(Lite or Full Features)


NEW - 1756-EN2TPParallel Redundancy Protocol Module

68


1756-EN2TP Parallel Redundancy Protocol Module

The 1756-EN2TP Parallel Redundancy Protocol Module offers PRP support for a redundant network infrastructure for high availability to help minimize unplanned downtime.


1756-EN2TP Parallel Redundancy Protocol ModuleFeatures and Benefits

Provides a redundant network infrastructure for high availability, helping minimize the risk of downtime

IEC 62439-3 compliant Same packets sent out of both ports to

eliminate network switchover time PRP is a different protocol than DLR

Acts as I/O scanner in controller chassis or I/O adapter in remote chassis

Supports HMI communications Provides same performance and capacity

as 1756-EN2TROffers ControlLogix® redundancy system support


* For example only - number of switches and topology varies based on application

Building a PRP NetworkStarting with a Basic Star Topology


Redundant Ethernet Networks Independent LANs

Independent Paths

Switches are not PRP aware

Redundancy is in the end nodes, called, “Doubly Attached Nodes (DANs)” attach to both LANs

The DANs in this example are all 1756-EN2TP PRP modules

Any switch that supports 1506 byte frames can be used

Stratix 5700 switchesshown in example

Building a PRP NetworkAdding Redundant Media and ControlLogix PRP Modules

LAN A LAN B

DAN DAN DAN

DAN


Building a PRP NetworkSending Frames on both LANs

Source DAN sends same frame over both LANs

Destination DAN consumes the frame the first time it is received, then discards the duplicate when received

DAN has 1 MAC, 1 IP address Frames have LAN ID


Building a PRP NetworkAdding RedBox Devices

RedBox: a device that attaches non-PRP devices to a redundant network

Devices attached through a Redbox are called, “Virtual Doubly Attached Nodes (VDANs)”

The RedBox shown is a standard Stratix 5400 switch with built-in RedBox functionality

Redbox

VDANs


Building a PRP NetworkAdding a Singly Attached Node

Non-PRP devices can be connected to only one of the two LANs, however, media redundancy is lost

Singly Attached Nodes (SANs) can communicate only to other devices on the LAN that they are connected to

SANs are not PRP-aware

SAN

SAN


Building a PRP NetworkAdding ControlLogix Controller Redundancy

Future capability - ControlLogix Redundancy kit that supports the 1756-EN2TP


Ethernet Media

77


Demystifying Ethernet Typeswww.ab.com/networks/media/ethernet

Speed 1000Mbps 10 Gbps over 33-55 meters (110-165 feet) of cable

Cost Varies by length and manufacturer, generally $0.20 - $0.30 per foot.

Varies by length and manufacturer, with $0.40 - $0.60 per foot as an average; generally about 20% higher than Cat5e.

Frequency Up to 100MHz Up to 250 MHz

Performance Less crosstalk/interference than CAT5. Potentially more interference than CAT6.

Signal-to-Noise-Ratio higher

Maximum Cable Length

100 meters 100 meters for slower network speeds (up to 1,000 Mbps) For Gigabit Ethernet, 55 meters max, with 33 meters in high crosstalk conditions. Thicker sheath

Standard gauges in conductors

24-26 AWG wire 22-24 AWG wire


Product Overview Ethernet Media – Complete Portfolio

Ethernet Cable Spools & RJ45 Cables Unshielded Twisted Pair (UTP)

2-pair High Flex TPE – 10 million cycles 4-pair High Flex TPE – 10 million cycles 4-pair PVC Riser – General Purpose 4-pair Plenum – Air duct applications

Shielded Twisted Pair (STP) STP 4-pair PVC Riser – General Purpose STP 4-pair PUR – Halogen Free – High Flex STP 2-pair PUR – Halogen Free – High Flex STP 4-pair PVC – 600 Volts STP 2-pair PVC – 600 Volts

RJ45 Right and Left Angle overmolded Connectors RJ45 IP67 Overmolded Patchcords

Variant 1 Overmolded Patchcords Male to Male Variant 1 Patchcords

Variant 1 Field Attachable Connectors Male Housing with Crimp/IDC Insert Female Receptacle Outlet Female to Female RJ45 Coupler Protective Cap for Housing and Outlet

M12 Patchcords/Cordsets & Field attachables M12 Connectivity - D Code

Straight / Right Angle – Male & Female Connectors Unshielded High Flex TPE Cable – 2 pair Shielded High Flex, Halogen Free PUR Cable -2 pair Shielded 600V cable – 2 pair

M12 to RJ45 Connectivity - Patchcords M12 Female Receptacle to RJ45 Patchcord M12 Field Attachable Components

M12 IDC Connector M12 to RJ45 Bulkhead Connector - IP20 to IP67

RJ45 Field Attachable Components RJ45 IDC Connector

CAT 6 rating AWG 26-22

RJ45 Crimp Connector with rugged Boot Crimp Tool Kit

Crimper, cable stripper/cutter, conductor separator

PUBLIC

www.rockwellautomation.com

Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 80

Thank you!


Additional Material

81


Additional Material CPwE Architectures - Cisco and Rockwell Automation

CPwE websites Rockwell Automation Cisco

http://www.cisco.com/c/en/us/solutions/enterprise/design-zone-manufacturing/landing_ettf.html


Additional Material CPwE Architectures - Cisco and Rockwell Automation Whitepapers ENET-WP022B-EN-P - Top 10 Recommendations for Plant-wide EtherNet/IP Deployments ENET-WP031A-EN-P - Design Considerations for Securing Industrial Automation and Control

System Networks ENET-WP033A-EN-P - Resilient Ethernet Protocol in a Converged Plantwide Ethernet (CPwE)

Architecture ENET-WP034A-EN-P - Deploying 802.11 Wireless LAN Technology within a Converged Plantwide

Ethernet Architecture ENET-WP036A-EN-P - Deploying Network Address Translation within a Converged Plantwide

Ethernet Architecture

http://literature.rockwellautomation.com/idc/groups/literature/documents/wp/enet-wp022_-en-e.pdf

http://literature.rockwellautomation.com/idc/groups/literature/documents/wp/enet-wp031_-en-e.pdf

http://literature.rockwellautomation.com/idc/groups/literature/documents/wp/enet-wp033_-en-p.pdf



Additional Material CPwE Architectures - Cisco and Rockwell Automation Whitepapers

ENET-WP037A-EN-P - Deploying Identity Services within a Converged Plantwide Ethernet Architecture

ENET-WP038A-EN-P - Securely Traversing IACS Data Across the Industrial Demilitarized Zone

ENET-WP039B-EN-P - A Resilient Converged Plantwide Ethernet Architecture

ENET-WP040A-EN-P - modernizing Legacy IACS Networks to a Converged Plantwide Ethernet Architecture






Additional Material CPwE Architectures - Cisco and Rockwell Automation Design and Implementation Guides

ENET-TD001E-EN-P - Converged Plantwide Ethernet (CPwE) Baseline Document

ENET-TD005B-EN-P - Deploying the Resilient Ethernet Protocol (REP) in a Converged Plantwide Ethernet Architecture

ENET-TD006A-EN-P - Deploying 802.11 Wireless LAN Technology within a Converged Plantwide Ethernet Architecture

ENET-TD007A-EN-P - Deploying Network Address Translation within a Converged Plantwide Ethernet Architecture

http://literature.rockwellautomation.com/idc/groups/literature/documents/td/enet-td001_-en-p.pdf





Additional Material CPwE Architectures - Cisco and Rockwell Automation Design and Implementation Guides

ENET-TD008A-EN-P - Deploying Identity Services within a Converged Plantwide Ethernet Architecture

ENET-TD009A-EN-P - Securely Traversing IACS Data Across the Industrial Demilitarized Zone

ENET-TD010A-EN-P - Deploying A Resilient Converged Plantwide Ethernet Architecture

ENET-TD011A-EN-P - modernizing Legacy IACS Networks to a Converged Plantwide Ethernet Architecture

ENET-TD012A-EN-P - Site-to-site VPN to a Converged Plantwide Ethernet Architecture







Additional Material CPwE Architectures - Cisco and Rockwell Automation

Application Guides ENET-TD003A-EN-E - Fiber-optic Infrastructure Application Guide

(Panduit/Cisco/Rockwell Automation)

http://literature.rockwellautomation.com/idc/groups/literature/documents/td/enet-td003_-en-e.pdf


Ethernet Design Considerations Reference Manual ENET-RM002C-EN-P EtherNet/IP Overview, Ethernet

Infrastructure Components, EtherNet/IP Protocol, Predict System Performance

EtherNet/IP IntelliCENTER® Reference Manual (MCC-RM001)

The OEM Guide to Networking ENET-RM001A-EN-P This guide is intended to help OEMs

understand relevant technologies, networking capabilities and other considerations that could impact them as they develop EtherNet/IP solutions for the machines, skids or equipment they build

88

Additional Material Reference Documents

http://literature.rockwellautomation.com/idc/groups/literature/documents/rm/enet-rm002_-en-p.pdf

http://literature.rockwellautomation.com/idc/groups/literature/documents/rm/mcc-rm001_-en-p.pdf

http://literature.rockwellautomation.com/idc/groups/literature/documents/rm/enet-rm001_-en-p.pdf


Integrated Architecture® Builder (IAB) Updates and additions to better-

reflect CPwE structure, hierarchy and best practices

Improved Switch Wizard for distribution (e.g. Stratix 5410™) and access (e.g. Stratix 5700™)

Easier to create a large EtherNet/IP network with many topologies

CIP traffic is measured per segment, not just controller scanner and adapter centric

EtherNet/IP Capacity Tool Popular Configuration Drawings

(PCDs) Updates and additions to better

reflect CPwE recent enhancements

89

Additional Material Tools

http://www.rockwellautomation.com/global/support/configuration.page?

http://www.rockwellautomation.com/global/products-technologies/integrated-architecture/tools/select.page?#tab2

http://www.rockwellautomation.com/global/products-technologies/integrated-architecture/tools/overview.page?

http://literature.rockwellautomation.com/idc/groups/literature/documents/qr/iasimp-qr035_-en-p.pdf


Additional MaterialEducation - OT - OT/IT Convergence - Industrial IT

Community of like-minded companies –Cisco, Panduit, and Rockwell Automation

Four eLearning courses that teach criticalnetwork design skills based on CPwE Reference Architectures

Scenario-based training on topics such as: logical topologies, protocols, switching, routing, wireless and physical cabling

Sign up today for free on the Industrial IP Advantage website

Network Design eLearning modulesModule 1 Designing for the Cell/Area Zone (part

1)

Module 2 Designing for the Cell/Area Zone (part 2)

Module 3 The Industrial Zone

Module 4 IT/OT Integration

http://iipa.shop.gpstrategies.com/ProductDetails.asp?ProductCode=Industrial_Network_Arch

http://www.industrial-ip.org/en


Cisco Industrial Networking Specialist Training and Certification Classroom training

Managing Industrial Networks with Cisco Networking Technologies (IMINS)

Exam: 200-401 IMINS CPwE Design Considerations

and Best Practices

CCNA Industrial Training and Certification Classroom training

Managing Industrial Networks for Manufacturing with Cisco Technologies (IMINS2)

Exam: 200-601 IMINS2 CPwE Design Considerations

and Best Practices

91

Additional MaterialTraining and Certification - OT - OT/IT Convergence - Industrial IT

http://www.rockwellautomation.com/en_UK/training/certificate-courses/cisco-imins.page?

https://learningnetwork.cisco.com/community/certifications/iot/industrial-networking/imins-exam

http://www.rockwellautomation.com/en_UK/training/certificate-courses/cisco-imins.page?

https://learningnetwork.cisco.com/community/certifications/ccna-industrial/imins2


Additional MaterialTraining and Certification - OT - OT/IT Convergence - Industrial IT

Industrial Networking Specialist Module 1 Industrial Networking Solutions and

Products

Module 2 Industrial Network Documentation and Deployment Considerations

Module 3 Installing Industrial Network Switches, Routers, and Cabling

Module 4 Deploying Industrial Ethernet Devices

Module 5 Maintaining Industrial Ethernet Networks

Module 6 Troubleshooting Industrial Ethernet Networks

CCNA IndustrialModule 1 Industrial Networking Concepts and

Components

Module 2 General Troubleshooting Issues

Module 3 EtherNet/IP

Module 4 Troubleshooting EtherNet/IP

Module 5 PROFINET

Module 6 Configuring PROFINET

Module 7 Troubleshooting PROFINET

Module 8 Exploring Security Concerns

Module 9 802.11 Industrial Ethernet Wireless Networking

Date post:	29-Jun-2020
Category:	Documents
Upload:	others
View:	2 times
Download:	0 times