2.05k likes | 2.23k Views
EIP Book of Knowledge Answer ID 57174. Contents. Purpose What’s changed in this document update? Stratix Switches Multicast Considerations System Performance Media Media Resiliency Loop prevention protocols Segmentation Network Topologies Wireshark Device Level Ring (DLR)
E N D
Contents • Purpose • What’s changed in this document update? • Stratix Switches • Multicast Considerations • System Performance • Media • Media Resiliency • Loop prevention protocols • Segmentation • Network Topologies • Wireshark • Device Level Ring (DLR) • CIP Safety on EtherNet/IP • Troubleshooting EIP • Timeouts – CIP and TCP • Multicast Considerations • Procurement spec for Stratix 8x00 • Miscellaneous (minor topics) • Q&A • References
Purpose and scope This document is intended to be a single source that includes practical information that may not be included in other documentation. With time, some of the information may be included in formal publications. Likewise, a topic may not be well understood at one point but eventually is well known and can be deleted from this document. Additions/deletions/clarifications, are made several times a year and this document is then reposted in Rockwell’s Knowledgebase.
What has changed in this doc update? • Added troubleshooting I/O connection loss (see Wireshark – advanced, 1/6)
Stratix 8000 multicast The default number of multicast groups that a switch can store is 256. If there are more than 256 groups seen by a switch, the switch will flood (out all ports) those groups in excess of 256. Flooding is not desired but may not necessarily be the cause of an anomaly. However, the maximum number can be increased to 1K groups by reconfiguring the switch to use the SDM routing template instead of the default template. See Cisco IE3000 user manual for details. If your application is approaching 200 multicast groups, it is recommended that you configure for the SDM routing template.
Stratix 8000/8300 SSH SSH (secure shell) is available on the Stratix 8000 however a specific (IOS) is required to support it. This is because there are government regulations on its use and customers must register when they use it. To enable SSH you must buy the SSH IOS via catalog item 1783-MCS. When you do this the customer will be asked to register. Note that ordering this item is an electronic download so the customer will get an email with access to a secure site where they go to download the SSH FM. Then the customer must use Device Manager to load it in to the switch. This loading process is documented in the Stratix 8000 user manual. Also note that the latest version of the S8000 User manual (on literature library) includes SSH.
Stratix Passwords Stratix8000 When running the web browser for the first time, you will be running Express Setup. The password you need to enter will be ‘switch’. No username is needed. Stratix6000 • Default • The default password is PASSWORD (all upper case). You can change this to whatever you want. • Upload configuration file • User: uploader • Password: PASSWORD
Reset to factory defaults Stratix8000 Cycle power and use paper clip to select Express Setup. When you see 3 LEDS (EIP Mod, EIP Net, Setup) turn solid red, release the paper clip. (CLI: delete flash:config.text, delete flash:vlan.dat, reload) Stratix6000 Remove the plastic clip from the rear of the switch and you will see a small reset button. Remove power from the switch. Then, hold the small reset button and then apply power. Keep hold the reset button for 30 seconds. Cycle power to complete the reset. The IP address is now 192.168.1.1. User = (no username), pw = PASSWORD
Stratix8000 Alarms and Faults Basic alarm information: • What alarms are there? • What causes alarms to become active? • What alarms activate minor and major relays? • How do I reset/clear an alarm? • The same questions as above but for faults.
Alarms and Faults In the RSLogix5000 add-on profile, Switch Status tab: Select Help on Switch Status and Port Status tabs.
Stratix8000 Alarms Q: How do I view the state of both switch relays? A: View the switch AOP, Switch Status tab. The screenshot below shows that the minor relay is closed and the cause is a port alarm. The port alarm which is causing the relay to be closed is not show.
Stratix 8x00 SFPs To determine which SFP you should purchase, read the release notes for the switch (industrial or commercial grade) you are going to use. SFPs support copper or fiber (single/multimode) and 10/100/1000Mbps. Stratix8x00 switches require “ruggidized” SFPs. See user manual, 1783-UM003E-EN-E
Stratix 8X00 Smartport RoleIdentification Commercial Engineering and Cisco use this info to identify switch port configuration.
Stratix Macros There are currently 33 macros defined in a Stratix 8K switch. These include both Cisco and Rockwell. Rockwell macros are run during Express Setup. To view all the macros, use CLI command show parser macro Use the space bar to view all the macro commands.
Stratix Smartport Roles Using CLI, Show Run, you can see the details of port configuration: • interface FastEthernet1/1 • switchport access vlan 10 Sets access VLAN to 10. • switchport mode access Puts switch port into access mode. • switchport port-security Allows only 1 MAC. • switchport port-security aging time 2 • switchport port-security violation restrict • switchport port-security aging type inactivity • macro description desktop-automationDesktop for Automation • alarm profile ab-alarm Sets content of alarms. Show Alarm-Profile to view. • spanning-tree portfast Skips span-tree listen/learn states. • spanning-tree bpduguard enable Err-diable this port if a BPDU is received. • service-policy input CIP-PTP-Traffic • ! • interface FastEthernet1/2 • switchport access vlan 10 • switchport mode access • switchport port-security • switchport port-security violation restrict • switchport port-security aging type inactivity • load-interval 30 • srr-queue bandwidth share 1 19 40 40 • priority-queue out • macro description ab-ethernetipAutomation Device • alarm profile ab-alarm • no cdp enable • spanning-tree portfast • service-policy input CIP-PTP-Traffic
Stratix Smartport Roles • ! • interface FastEthernet1/4 • alarm profile ab-alarm None • service-policy input CIP-PTP-Traffic • ! • interface GigabitEthernet1/1 • switchport mode trunk • srr-queue bandwidth share 1 19 40 40 • priority-queue out • mls qos trust cos • macro description switch-automation Switch for Automation • alarm profile ab-alarm • spanning-tree link-type point-to-point • service-policy input CIP-PTP-Traffic
Stratix Smartport Roles • ! • interface FastEthernet1/2 • switchport mode trunk • switchport nonegotiate • switchport port-security • switchport port-security violation restrict • switchport port-security aging type inactivity • load-interval 30 • srr-queue bandwidth share 1 19 40 40 • priority-queue out • mls qos trust dscp • macro description ab-syncmotionAutomation Device with QoS • alarm profile ab-alarm • no cdp enable • spanning-tree portfast trunk • service-policy input CIP-PTP-Traffic • ! • interface FastEthernet1/2 • switchport mode trunk • switchport nonegotiate • srr-queue bandwidth share 1 19 40 40 • mls qos trust cos • macro description wireless-automation Wireless for Automation • alarm profile ab-alarm • spanning-tree bpduguard enable • service-policy input CIP-PTP-Traffic • !
Stratix Smartport Roles • ! • interface FastEthernet1/2 • switchport mode access • switchport port-security maximum 2 • switchport port-security • switchport port-security aging time 2 • switchport port-security violation restrict • switchport port-security aging type inactivity • srr-queue bandwidth share 10 10 60 20 • macro description phone-automation Phone for Automation • alarm profile ab-alarm • spanning • ! • interface FastEthernet1/2 • switchport mode trunk • srr-queue bandwidth share 1 19 40 40 • priority-queue out • mls qos trust dscp • macro description router-automation Router for Automation • alarm profile ab-alarm • spanning-tree portfast trunk Portfast is significant - keeps this link up during span-tree event. • spanning-tree bpduguard enable • service-policy input CIP-PTP-Traffic
Stratix 6000 Configuration Upload/download S6000 configuration See online user manual for description.
Stratix 8x00 Configuration Upload/download configuration using: • Logix AOP (add-on profile) • CLI (from the compact flash card)
Q&A • How do I clear the configuration of a S8000 switch? Answer: Use either of the 2 methods described below. 1. Power up Stratix000 and hold a paper clip in the Express Setup hole. 2. Use the CLI commands as follows: - write erase (deletes startup config file) - delete flash:vlan.dat - reload (uses the non-existing config file)
Q & A How do I configure a S8K switch Smartport when connecting to a DLR? Answer: Select ‘None’ in the Smartport pull-down menu.
Unicast, multicast, broadcast Unicast - Used for point-to-point communications. - Uses IP addressing classes A, B, or C. - Can be TCP (most frequent) or UDP. - Example: HMI, MSGing, programming. Multicast - Used for one-to-many communications. - Uses IP addressing class D. - Always is UDP (at least for EtherNet/IP) - Video (which is not EIP protocol) and EIP I/O are 2 examples. - More switch management knowledge is required than for unicast. Broadcast Used for one-to-all communications. Can be either OSI layer 2 (ARP) or OSI layer 3 (AB_ETHIP driver.)
Multicast considerations What are considerations for multicast? Answer: • EIP uses multicast for I/O and produce tag • IGMP recommended (Internet Group Management Protocol) • TTL (time-to-live) If the producer and the consumer are in the same network, TTL is not a factor. (TTL is a Internet Protocol parameter). Also, if in the same network, multicast routing is not needed. IGMP reference: EtherNet/IP 10 Commandments (www.ab.com/networks/site-index.html)
Multicast - IGMP Snooping Recommendations • Select IGMP Snooping on all switches • Enable IGMP querier on all switches • Verify operation with Wireshark --- look for multicast flooding • Troubleshooting – an IGMP Leave message is an indicator See KnowledgeBase 55266, IGMP Leave Note: With version 2, all the switches will negotiate and the lowest IP address will be the IGMP querier. IGMP v1 enabled queriers will not negotiate.
Multicast - IGMP Querier Compatibility Version 2 Is a superset of version 1. Version 2 added a Leave function whereas v1 handled this with a timeout. V1 & V2 Interoperability includes consideration of a number of factors such as the network mix of querier version and host IGMP version. However, there are some simple statements such as IGMPv1 multicast consumers will work with IGMP v2 queries. V3 The author has not seen any v3 messaging.
Multicast - IGMP Leave happens when? A Logix Ethernet module sends an IGMP Leave when all CIP connections through that module are broken for the multicast address being consumed. Case 1: Startup • When a consumer receives a successful Forward Open reply for a multicast group, the consumer starts sending heartbeats and also sends an IGMP Join. • If the first multicast is not received in 10 seconds, the consumer sends an IGMP Leave. The consumer considers the CIP connection as timed out and stops sending unicast. • Examples of timeouts after the first data: • A 2ms RPI has a CIP connection timeout of 128ms. Then, X >128ms. • A 100ms RPI has a CIP connection timeout of 400ms. Then, X > 400ms. Case 2: Two controllers consuming same tag thru same ENBx • At the consumer Logix chassis, if there are 2 consumer controllers for the same tag and both are consuming thru the same ENBT module, then that ENBT will send a Leave for that multicast group when both Logix controllers no longer want to consume that group. A Logix controller will not consume under the following conditions: • consumed tag is inhibited or deleted • I/O connection is inhibited or deleted
Multicast IGMP Leave – happens when? Case 3: Tag producer dies/disconnected/disappears • At the consumer Logix chassis, if the tag producer dies or is disconnected or the infrastructure (switch) dies, the consumer Ethernet module no longer detects the produced tag and the CIP connection will close. Case 4: Duplicate multicast address • Consider the case of 2 Logix controllers each consuming data from different data producers. And, each data producer transmits its data using the same multicast address. This is allowed in the EIP spec because each multicast stream includes unique information that differentiates. • If 2 or more multicast producers are using the same multicast address, the consumer ENBT module will not send a Leave until all consumer Logix controllers no longer want to receive that multicast group.
System Performance System performance requires: - Few customers request performance analysis but it is important for I/O - Characterizing each component in the system (network, Logix, switch, I/O, HMI) - Combining the components for end-end result (e.g.“screw-to-screw” for I/O) - Note that system performance is not Ethernet interface loading (connections or packet rates) Network Considerations: • Latency (including queuing in Logix Ethernet modules) • Jitter • Multicast containment • Broadcast limiting • QoS (queuing in Ethernet switches) !!! Network Availability If every link/cable is no more than 50%-60% utilized and QoS is implemented, then the network should not have a problem supporting any EIP application (Motion, PTP, I/O, etc.).
Media • Copper • Fiber • Slip rings • RF (wireless)
Media – resiliency • Ring topology • Redundant star topology • Etherchannel (Cisco switches) • Both links active • Flex Links (Cisco switches) • One active, one backup
Media • Copper types for EIP Category 5e, category 6 recommended by ODVA • RA sells copper cables and connectors - http://ab.com/sensors/ethernet/ • Unshielded twisted pair • Shielded • See EtherNet/IP Media Selection and Installation Guide http://www.odva.org/Home/ODVATECHNOLOGIES/EtherNetIP/EtherNetIPLibrary/tabid/76/Default.aspx
Media, fiber Offerings at RA 1756-EN2F Fixed multimode, LC connector, no autonegotiation, Speed = 100M, Duplex=half/full (see notes) 1783-fiberETAP everything the same as EN2F above, LC only. Stratix6000, See above. Also, autonegotiation not supported, LC only. Stratix8000 (uplinks) See above. Also, autonegotiation not supported, LC only Stratix8000 (expansion) See above. Also, autonegotiation not supported, LC only.
Media Fiber • Simply, there is no autonegotiation on fiber. • The speed on fiber is always determined by the fiber transceiver. If the transceiver is a SFP the speed can be changed by exchanging out the fiber SFP (Small Form-factor Pluggable) module with one of a different speed, for example a 100BASE-FX for a 1000BASE-SX. The host that the SFP module is plugged in must be able to support the data rate of the SFP module. For example if the host has the ability to only support 100BASE data rates, putting a 1000BASE SFP in will not give you 1000BASE speeds. In fact the host may warn or produce an error indication that an incorrect/unsupported SFP has been installed. Some products use a fixed fiber transceiver (SFF, Small Formfactor Fiber), It is not possible to change the speed or connector of a SFF since it is soldered directly to the board. • The fiber type (Single Mode or Multi Mode) does not determine the duplex. Duplex is determined by the host and in most if not all cases will be full duplex for fiber. Because of the dedicated TX and RX channels in fiber systems, there is no need or benefit to have HD on fiber. Single mode and multimode refer to the mode of light propagation through the fiber not the duplex capability of the link. Typically fiber transceivers are designed exclusively for specific launch mode into a matching fiber. For example you cannot use a SM fiber on a multimode transceiver or a multimode fiber on a single mode transceiver.
Media - Kinetix 6500 The Kinetix 6500 EtherNet/IP solution has been tested in high noise environments. This system does require shielded cables. I do not think that you will have problems with these drives as long as you follow good installation practices and the guidelines given in either the ODVA EtherNet/IP Planning and Install guide or in IEC 61784-5-2 and IEC 61918. If you are concerned or are aware of ground loops, install a equalization conductor between the two drives locations where the cabling is installed. Guidance for the equalization conductor can also be found in the ODVA PNI. Rockwell Automation Bob Lounsbury – Principal Engineer
Media • Slip rings Two basic types: optical, mechanical • Slip-ring vendors used by at least one customer for I/O - Meridian on rotary fillers, http://www.meridianlab.com/index.html - Label (a French company), http://www.label.fr/accueil_en.html Slip-rings have not been validated by ODVA or Rockwell.
Media, slip-rings Example of how one customer is using
Media color codes I do not know of any standards that call out specific color codes, however Red is common for safety communications cabling. Teal is commonly used for robotics and control cabling.
Media – RA sells media The customer should contact our Chelmsford division to arrange to purchase the cables for an application. For those who wish to make their own or have requirements that our cables cannot provide, use the guidance doc. Our robotic cables have weld splatter jackets, meet 10 million flexes, are low noise and are sealed to IP67. For M12 connectors, see http://www.ab.com/catalogs/connectivity/onmachinepartno.html RA sells UTP and STP (2009)media.
Loop Prevention Protocols • Rapid Spanning-tree (see next slide) • Resilient Ethernet Protocol (REP, Cisco) • DLR
Spanning-tree protocols Question: What are the spanning-tree protocols and how did they evolve? STP (50 sec) RSTP (2 sec) PVST(2?-50 sec), Cisco MSTP (2 sec) Rapid PVST (2 sec), Cisco The protocols high-lighted in blue are supported in the Stratix8000.
STP (50 sec) RSTP(2 sec) REP (100ms) DLR (3 ms) max Loop prevention protocols Question: What is range of network recovery times (convergence) for a single link fault?
Segmentation • How many nodes can I put on a subnetwork/VLAN? Fewer is better (see notes) because of the following: • Broadcast storm size and duration is less • Protection against defective device behavior (might affect all nodes on subnet) • Spanning-tree event (re-convergence) reduced exposure • Why do I segment? • Performance and security • How do I segment automation networks? • VLAN (connected thru a router, if needed) • Subnetworks (connected thru router, if needed) • Isolation • EIP-only protocol (CLGX bridge) • Best approach First understand the customer’s requirements, including data types, flow, security, and performance. Then decide on the best way to segment.