Automation Ethernet Network Design?

nmurray

Member
N
Join Date
Apr 2014
Location
USA
Posts
90
Hey all,

I've been reading a lot about managed switches for a project we have coming up that is going to have upwards of 50 different ethernet devices on it. They will be ranging from Robots, Remove I/O, Drives, HMI's, and PLC.

When is it necessary to use a managed switch and what all would I need?
I read through this post: http://www.plctalk.net/qanda/showthread.php?t=68028&page=4

and it has a lot of good information.

Most of our devices are going to be setup to use Unicast over EtherNet/IP, does this make a managed switch redundant if I am staying on the same LAN for all devices?

We typically stick with the default 192.168.1.xxx scheme so everything on 1 subnet talking to eachother.

This is going to be done using a compactlogix so 1 ethernet card built in.

My game plan was to use unmanaged switches in most of the cabinets then have those run to a managed switch like a STRATIX 6000 or another similary priced managed switch then run that to a master switch that has layer 3 in case automation network is desired to be hooked into business network. that way the layer 3 switch can keep the 2 separate but also allow people to connect to devices on the automation network.

After reading about the managed switches and IGMP Snooping it seems like maybe that is not too beneficial seeing as most our devices use Unicast, is this correct?
 
Thats how I see it. Put one on the boundary of the network to sanitise the traffic each way and control broadcast domains. The multicast traffic was definitely a problem in the past.
 
unmanaged switches are still switches that only send traffic down a port if the connected device has the correct MAC address. I haven't seen a hub which sent all traffic out every port in about 20 years.

However I would also still use managed switches everywhere for their help in troubleshooting communications issues by recording when ports go up and down, counting different types of errors, allowing packet captures, etc.

if you have network troubles and unmanaged switches you are blind.
 
I would use the new Stratix 2500 Lightly Managed Switches in all of your smaller cabinets, and a full firmware Stratix 5700 (like the 1783-BMS20CGN) or Stratix 5400 as your master or boundary switch. The Stratix 2500 are not essential, and you could get away with unmanaged Stratix 2000's, but the extra diagnostics and features you get are worth the increased cost in my opinion.

With the full firmware Stratix 5700 or Stratix 5400 you can actually enable layer 3 inter VLAN and static routing. You also get the ability to apply ACL's to lock down traffic to the business network, and NAT as well on the more full featured switches.
 
Last edited:
The main issue with managed everywhere is we usually have a switch in any cabinet that has remote IO. There will probably be 12+ cabinets of remote IO, which if using a managed switch (not lightly managed) would add a cost of over $1000 x the 12+ cabinets.

I agree lightly managed would be nice for diagnostics, and the added cost of 100-200 per isn't too bad. and for sure a layer 3 capable for the automation to business connection.

Thanks for the input, what you guys said backed up my assumptions.
If anyone else has value added input please feel free.
 
nmurray said:
I've been reading a lot about managed switches for a project we have coming up that is going to have upwards of 50 different ethernet devices on it.

We typically stick with the default 192.168.1.xxx scheme so everything on 1 subnet talking to eachother.

This is going to be done using a compactlogix so 1 ethernet card built in.
Click to expand...

The price difference on the switches is the eternal CAPEX vs OPEX... those 12k over the life of the installation would be fairly cheap considering the size you have.

Leaving the network on the default subnet 1 shouldn't really be done. Why not start at 10 (which is hexadecimal A) for the network naming?

Lastly, although it is possible to logically split networks, I very much prefer to see them separated physically. In your case, why not have your automation network connected to your PLC and a dedicated comms port to the eventual business network connection?
Perhaps I'm old and distrust all the advances done on network security, but having the possibility of your entire automation network available to the outside world, versus only the PLC (which will have more security than remote IO's, VFD's, Robots, etc... is probably best).
 
Managed switches used to be vital to an EIP network to use IGMP snooping to make the EIP traffic sane. Unicast IO has mostly made IGMP snooping redundant, but it is far from the most useful feature of a managed switch.

From my perspective, the most useful feature of a managed switch is diagnostics. Common diagnostics I've seen used in managed switches:


  • Cable testers- each port can test the Ethernet cable. If all conductor pairs come back as the same length, your cable is probably OK.
  • Fiber diagnostics- with copper ports things generally either work or they don't. With Fiber, it helps to have things like signal strength available.
  • Packet counts- Managed switches usually have counters for packets coming through each port. I don't usually need the total packet counts, but the Error counter is vital to help you know what is going on
  • Syslog- the switch keeps an internal log of all events (plug/unplug cable, power cycle, etc), and can send them to a central syslog server if desired
  • SNMP- Allows monitoring of a lot of the details from the switch from external programs
  • Port Mirroring- lets you see the actual traffic going over the cable, so you can dig into in Wireshark and see what is REALLY going on.
  • PLC integration- want the switch to report network errors to the PLC, so you can display them on the HMI?
  • Topology detection- do you want to be able to view which devices are connected to which other devices, and get errors if the wrong device is connected to a port?
A lot of the more advanced networking features seem less commonly used in industrial systems. Most of with the exception of redundancy mechanisms/rings, most of them allow you to segment your network and prevent access between devices. Although this is great for security, it is often counter to how Bubba expects the network to work, and therefore they often cause more trouble than they are worth.
 
brendan.buchan said:
I would use the new Stratix 2500 Lightly Managed Switches in all of your smaller cabinets, and a full firmware Stratix 5700 (like the 1783-BMS20CGN) or Stratix 5400 as your master or boundary switch. The Stratix 2500 are not essential, and you could get away with unmanaged Stratix 2000's, but the extra diagnostics and features you get are worth the increased cost in my opinion.

With the full firmware Stratix 5700 or Stratix 5400 you can actually enable layer 3 inter VLAN and static routing. You also get the ability to apply ACL's to lock down traffic to the business network, and NAT as well on the more full featured switches.
Click to expand...


I tried a couple of the 2500 switches a few months ago. Major problems with them. If you put one in the Logix IO tree it will brick the first two ports. Even a reset to factory defaults wont un-brick them. Got distributor to replace with 6000s for free.
 
nmurray said:
Hey all,
After reading about the managed switches and IGMP Snooping it seems like maybe that is not too beneficial seeing as most our devices use Unicast, is this correct?
Click to expand...

IMHO it's not about the local control "Island" you are creating, it's about the overall network systems that exist in the facility where this control island will be living.

As mk42 mentioned, diagnostics alone is the reason for using managed switches. The other is vlans and giving the end user flexibility to access this control island from a broader perspective.

Being able to access all Remote/IO in facility because it's all on an IO VLAN is wonderful, same with having a separate VLAN for Ethernet Controlled devices such as VFDs, Weight Controllers, flowmeters...etc. Network accessibility is a key feature that is easily overlooked in these 192.16.1.### control islands. Granted, the end user should provide guidance on network integration.
 
I only use fully managed switches, everywhere. That being said, STAY AWAY FROM STRATIX.
I've actually found the newish Automation Direct Stride SE2 series to be inexpensive, reliable, capable of Ethernet/IP connections to processors (for status), and, unlike Red Lion switches, have a full per-port DHCP server.

The DHCP server is nice, as if you have to replace a field device, it auto-assigns the correct address, of course you can just randomly plug things into open ports if you use it.
 

Similar Topics

M
Command over Ethernet/IP (Sysmac Studio and Automation direct GS20)
Hi, I have been trying to run drive via Sysmac studio. I can ping the drive. I can see the logic bits going on/off as per command. But, drive is...
2
Replies
21
Views
545
tarik1978
T
geniusintraining
AUtomation Direct BRX to Click via Ethernet
Hello Everyone, I have a project that I have been working with a customer on and need some help/ideas, its a large project but small parts, one...
2
Replies
17
Views
5,903
Bolt
B
E
PC for Automation --> No Ethernet Port???
Has anyone else used a PC for controls work that didn't come with an Ethernet port? I'm looking at the Lenovo P1 Gen 2 and it only comes with an...
Replies
9
Views
3,308
77nomad
7
A
Automation Direct RS232 to Micrologix 1100 Ethernet
Okay here we go. I am new to this and I need to know the easiest method to mate an Micrologix 1100 to and Automation Direct with RS232. I have a...
Replies
9
Views
2,805
yasirkhi
Y
B
EZ automation HMI ethernet problem
Hello all. I am a new member. I've searched the forum in the past and found answers, but I am stumped on this one. I have an EZ automation EZ...
Replies
2
Views
2,942
bwhite701
B
Back
Top Bottom