Fellow engineers,
I have been given an assignment to design an industrial Ethernet network and since I don't have any experience in doing so, I signed up on this forum to get your opinion and comments on my current design proposal.
Main requirement is to mitigate any single point of failure influence on overall network performance. The approved (from my supervisors) network topology is the double star topology (network A and B). Other requirements are:
- fiber optic links due to long distances and harsh environment;
- minimal latency;
- minimal or no at all convergence time;
The system consists of 15 subsystems, 6 of which are main and the focus of my concerns. Main systems are based on S7-400H Siemens
PLCs, with two CPs per each CPU (one for every network).
Heart of both networks is the core managed switch.
All of the subsystems are connected to network over dedicated unmanaged switches and media converters (copper to fiber).
Brains of the operation is PC based server (two of them for redundancy) which is managing the following actions:
- Application server (fetching the data from all subsystems, calculating the status of the system and outputting the set points, communication with other servers on the other networks);
- OPC server (Data Access, Historical Data Access, Alarms and Events, serving HMIs...);
- Network Manager Server (SNMP manager, NTP).
The two servers shall be installed in hot redundancy (active mirror) configuration providing hardware and software redundancy.
When standby server detects failure it assumes the active role automatically without any user intervention. The servers must be synchronized and they must ensure bumpless switchover by holding last data value active.
Communication with other networks is done via Demilitarized Zone with router and firewall.
There are two HMIs running on WinCC.
One simulation server that can fetch data from the OPC, other servers or manual input, run the simulations and output results.
PRP (Parallel Redundancy Protocol) is not a option due to the need for uniformity of protocols throughout the whole plant.
UTP will be used for communication between subsystems and the server.
Here are my concerns:
1. My idea is to have all of the critical data exchange to take place simultaneously on both networks. The receiving nodes, on the application layer, evaluate two received packets from two network interfaces, drop one and process the other. By implementing this design topology and data flow paths, in the case of failure of one network component, there are no convergence times associated because there is no reconfiguration of data paths (e.g. RSTP). Also, UDP packet loss is easily detected and coped with. Is this approach feasible?
2. Since core switches are not interconnected, I have basically two independent networks.
172.network.subsystem.node (subnet mask 255.240.0.0)
e.g.
- 172.20.10.101 - network A (20), Subsystem 1 (10), PLC 1 (101);
- 172.30.30.101 - network B (30), Subsystem 3 (30), PLC 1 (101);
- 172.20.100.51 - network A, high-level system (100), HMI 1 (51).
Is this good IP addressing practice? Will I have difficulties with network configuration / routing?
3. Can I connect both core switches to one router?
4. Do you recommend using managed access switches? If yes, why?
5. In the future if I want to install IP cameras (50 pcs) should I make new dedicated network for that? With media server and other components? Or I should make network A capable of handling that traffic (1000 Mbps Ethernet), put managed access switches, implement QoS and VLANs?
In the attachment you'll find network topology schematics.
Thank you in advance! Looking forward to your replies and comments!
Best regards,
mrvlica
I have been given an assignment to design an industrial Ethernet network and since I don't have any experience in doing so, I signed up on this forum to get your opinion and comments on my current design proposal.
Main requirement is to mitigate any single point of failure influence on overall network performance. The approved (from my supervisors) network topology is the double star topology (network A and B). Other requirements are:
- fiber optic links due to long distances and harsh environment;
- minimal latency;
- minimal or no at all convergence time;
The system consists of 15 subsystems, 6 of which are main and the focus of my concerns. Main systems are based on S7-400H Siemens
PLCs, with two CPs per each CPU (one for every network).
Heart of both networks is the core managed switch.
All of the subsystems are connected to network over dedicated unmanaged switches and media converters (copper to fiber).
Brains of the operation is PC based server (two of them for redundancy) which is managing the following actions:
- Application server (fetching the data from all subsystems, calculating the status of the system and outputting the set points, communication with other servers on the other networks);
- OPC server (Data Access, Historical Data Access, Alarms and Events, serving HMIs...);
- Network Manager Server (SNMP manager, NTP).
The two servers shall be installed in hot redundancy (active mirror) configuration providing hardware and software redundancy.
When standby server detects failure it assumes the active role automatically without any user intervention. The servers must be synchronized and they must ensure bumpless switchover by holding last data value active.
Communication with other networks is done via Demilitarized Zone with router and firewall.
There are two HMIs running on WinCC.
One simulation server that can fetch data from the OPC, other servers or manual input, run the simulations and output results.
PRP (Parallel Redundancy Protocol) is not a option due to the need for uniformity of protocols throughout the whole plant.
UTP will be used for communication between subsystems and the server.
Here are my concerns:
1. My idea is to have all of the critical data exchange to take place simultaneously on both networks. The receiving nodes, on the application layer, evaluate two received packets from two network interfaces, drop one and process the other. By implementing this design topology and data flow paths, in the case of failure of one network component, there are no convergence times associated because there is no reconfiguration of data paths (e.g. RSTP). Also, UDP packet loss is easily detected and coped with. Is this approach feasible?
2. Since core switches are not interconnected, I have basically two independent networks.
172.network.subsystem.node (subnet mask 255.240.0.0)
e.g.
- 172.20.10.101 - network A (20), Subsystem 1 (10), PLC 1 (101);
- 172.30.30.101 - network B (30), Subsystem 3 (30), PLC 1 (101);
- 172.20.100.51 - network A, high-level system (100), HMI 1 (51).
Is this good IP addressing practice? Will I have difficulties with network configuration / routing?
3. Can I connect both core switches to one router?
4. Do you recommend using managed access switches? If yes, why?
5. In the future if I want to install IP cameras (50 pcs) should I make new dedicated network for that? With media server and other components? Or I should make network A capable of handling that traffic (1000 Mbps Ethernet), put managed access switches, implement QoS and VLANs?
In the attachment you'll find network topology schematics.
Thank you in advance! Looking forward to your replies and comments!
Best regards,
mrvlica
