Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.
PUBLIC
PUBLIC - 5058-CO900H
L03 - Applying Advanced EtherNet/IP™ Features in Converged Plant-wide Ethernet Systems
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.PUBLIC
Networks Infrastructure and Security Portfolio Overview
2
Advanced switching, routing and security features
Plant-floor and Enterprise integration
Common tools for Controls and IT
“On-Machine™” connectivity
Wireless connectivity
Improved Maintainability
Customization based on your plant’s needs
Stratix 8000™/Stratix 8300™
…and
Operations
and IT
Addressing
the needs of
Automation
…
Stratix 5900™
Stratix 2000™
Stratix 5100™
Stratix 5700™
1783-NATR
ArmorStratix™ 5700
Stratix 5400™
Stratix 5410™
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.PUBLIC
Stratix Managed Switch Positioning
Stratix 5700™/ArmorStratix™ 5700
Support Layer 2 switching with
NAT, PoE and integrated DLR
Stratix 8000™/Stratix 8300™
Supports Layer 2 and Layer 3
routing with expansion modules
for maximum flexibility
Stratix 5400™
Supports Layer 2 and Layer 3
routing capabilities with an
all Gigabit (GE) platform
Stratix 5410
19" rack mount design with
Layer 2 or Layer 3 routing
and 10 Gigabit support
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.PUBLIC 11
Network SegmentationVLANs and Connected Routing
Segmentation through smaller building blocks enables
scalable, robust and future-ready network infrastructure Minimization of network sprawl
Smaller fault domains
Smaller broadcast domains
Smaller domains of trust (security)
Segmentation techniques Multiple Ethernet modules
Virtual Local Area Networks (VLANs)
Network Address Translation (NAT)
VLANs with NAT
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.PUBLIC
NAT is a service that allows the translation
of a packet from one IP address to another IP address:
NAT One to Many (1:n) – allows multiple devices to share one
“public” IP address, most common for Internet connections
NAT One to One (1:1) – allows the assignment of a unique “public”
IP address to an existing “private” IP address
NAT in Layer 2 switches (Stratix 5700/5400/5410 only):
Hardware-based translations with NO impact on performance
Supports multiple VLANs through NAT boundary
NAT in Layer 3 devices
Software-based translations with CPU loading
NAT device acts as the default gateway (router) for the devices on the inside
network
12
Network Address Translation (NAT)What is NAT?
Outside Subnet
(ex. 10.0.0.x)
Inside (Private) Subnet
(ex. 192.168.1.x)
NAT-enabled device
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.PUBLIC
Lab Agenda
15
This lab will demonstrate Network Address Translation (NAT), VLAN
segmentation, and Connected Routing
Lab 1 will show how to set up NAT for a single VLAN Architecture
Lab 2 will demonstrate:
VLAN assignment and network segmentation
Connected Routing
NAT in a multi-VLAN (Layer 3) Architecture
Device Manager will be used to complete all configurations
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.PUBLIC 16
Lab 1 – Single VLAN (Layer 2) Architecture
Copyright © 2015 Rockwell Automation, Inc. All Rights Reserved.PUBLIC 17
VLAN Segmentation
Connected Routing
Lab 2 – Multi-VLAN (Layer 3) Architecture
NAT