Intelligent Ethernet
Upcoming SlideShare
Loading in...5
×
 

Intelligent Ethernet

on

  • 743 views

 

Statistics

Views

Total Views
743
Views on SlideShare
743
Embed Views
0

Actions

Likes
0
Downloads
37
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • As for stations B & C, they too will pull this packet up to their data link layers and inspect the MAC addresses. Upon inspection they will see that there is no match between the data link layer MAC address for which it is intended and their own MAC address and will proceed to dump the packet.
  • Summary
  • Control Traffic would be sharing the network resources at minimum with configuration (FTP) and data collection flows (TFTP) Most likely there would be additional traffic (HTTP, MPEG) As in any data network there will be instances of congestion By giving high priority to the Control Traffic (UDP Port 2222) we can guarantee that there will not be delay or jitter affecting any control functions such as interlocking Control traffic can be tagged at L2 or L3 depending on the existing network architecture

Intelligent Ethernet Intelligent Ethernet Presentation Transcript

  • Intelligent Ethernet and EtherNet/IP Deployments Cisco Systems, Inc.
  • Why Ethernet?
    • From just 500Kbps 10,100, Gig, 10 Gig 
    • From limited Many management  management options
    • Proprietary Common standards 
      • From isolation WW connectivity 
    Ethernet. . . the everlasting advantage of simplicity and total cost of ownership Challenge on the Factory Floor Solution Ethernet
      • From single vendor Multiple vendors 
  • Intro to Networking World: Understanding the OSI Model Like Morse Code Cables, Connectors, NIC Cards Hubs, Repeaters Bits Physical 1 MAC address BIA address, Flow Control FR, TR, ATM, FDDI, Ethernet, SDLC, ISDN, SNA Bridges, Switches Frame Data Link 2 Routed or routing protocols Logical Addressing, Best path IP IPX Routers, PCs Packet Network 3 Reliable or unreliable Windowing, Buffering TCP UDP Segment Transport 4 Negotiate a session set up Establish, manage and terminate sessions NFS SQL NetBios RPC Session 5 Standardized format Syntax, Compression, Formatting .doc .xls .midi .ppt .jpg .bmp .gif .mp3 .ascii .ebcdic Presentation 6 Ideas, Thoughts Checks availability with comm. partner Crayons, Pictures, Writing, Sound Software PCs Raw Data Application 7 NOTES NOTES PROTOCOLS DEVICES ENCAPS / PDU NAME NO.
  • Media Transmission Chart 15000 M Fiber - Singlemode Gig E Gigabit Ethernet 2000 M Fiber - Multimode 802.3 100 MBPS 100 M TP (UTP) Fast E Fast Ethernet 185 M Coax - Thin 10 MBPS 500 M Coax - Thick 10 MBPS STP Shielded Twisted Pair 802.3 10 MBPS 100 M TP Twisted Pair STANDARD DATA RATE LENGTH ACRONYM NAME
  • How the OSI Model Works Sender Data Link Network Transport Session Presentation Application Physical Receiver Data Link Network Transport Session Presentation Application Physical MEDIA
  • Ethernet – Original Implementations PC A PC B PC C PC F PC G PC D PC H PC J PC E Ethernet was originally designed as a bus topology
  • Basic Ethernet Implementation PC A PC B PC C PC F PC G PC D PC H PC J PC E Whoever transmits owns the wire! Broadcast Domain
  • Basic Ethernet Implementation PC A PC B PC C PC F PC G PC D PC H PC J PC E So, What Happens When Two Data Streams Are Sent At The Same Time? Broadcast Domain and a Collision Domain
  • Ethernet “Collisions” PC A PC B PC C PC F PC G PC D PC H PC J PC E PC’s B and D Transmit Simultaneously Broadcast Domain and a Collision Domain
  • Ethernet “Collisions” PC A PC B PC C PC F PC G PC D PC H PC J PC E If both transmit at the same time, there is a “Collision” Broadcast Domain and a Collision Domain Collision
  • Ethernet “Collisions” PC A PC B PC C PC F PC G PC D PC H PC J PC E When there is a collision, both sides “back off” (stop, wait a for a random time segment, and re-transmit) Back Off Broadcast Domain and a Collision Domain
  • Random Backoff and Re-Transmission PC A PC B PC C PC F PC G PC D PC H PC J PC E Both sides re-transmit successfully Re-send 5 ms. Re-send 7 ms.
  • Watch out for COLLISION DOMAINS
    • What makes up a collision domain?
      • Half Duplex Transmission
      • Ethernet Hubs (creates a shared bus)
    • Avoid designs that create a COLLISION Domain
      • -- Data transmission is not predictable – NOT DETERMINISTIC
    • Deploying Ethernet in a collision domain architecture is NOT acceptable for Manufacturing Control applications!!!
  • Deploying Deterministic Ethernet Networks
    • FULL DUPLEX Ethernet vs. HALF DUPLEX Ethernet
    • Switches vs. Hubs
    • Intelligent Switching vs. basic Switching
  • Half versus Full Duplex transmission
    • Half Duplex
      • One station transmits, other listens.
      • While transmitting, you do not receive, as no one else is transmitting.
      • If someone else transmits while you are transmitting, then a collision occurs
      • Any “Receive-while-Transmit” condition is considered a collision
      • NON-DETERMINISTIC
    • Full Duplex (standardized in 802.3x)
      • Transmit and receive at the same time.
      • Transmit on the transmit pair, and receive on the receive pairs.
      • No collision detection, backoff, retry, etc
      • Collision Free. No CS, no MA, no CD. Only relationship to HD is frame format & encoding/signaling method
      • DETERMINISTIC
  • Switches vs. Hubs Ethernet 10 One device sending at a time Hub All nodes share 10 Mbps Layer 1 Domain Ethernet Switch Each node has 10 Mbps Backbone Switched Ethernet 10 Multiple devices sending at the same time Layer 2 Domain
  • Ethernet Switching Delivers Determinism Shared Ethernet Each node has 10 Mbps
    • Ethernet has progressed exponentially since it was first introduced
      • Cost
      • Performance
      • Shared Media vs. Switches
      • Collisions vs. Determinism
    • Requirements for an scalable industrial networking solution go even farther
    • Intelligent Ethernet switches enable personalized bandwidth per port
    10 Switched Ethernet 100
    • Forwards packets based on a forwarding table
      • Forwards based on the MAC (Layer 2) address
    • Operates at OSI Layer 2
    • Learns a station’s location by examining source address
      • Sends out all ports when destination address is broadcast, multicast, or unknown address
      • Forwards when destination is located on different interface
    LAN Switch Operation 3 A C B 2 4 1 10 Mbps 10 Mbps Interface Stations 1 2 3 4 A X B X
  • Industrial Ethernet is Extended to the Control Layer Motors, Drives, Actuators Robotics Sensors and other Input/Output Devices Programmable Logic Controllers (PLC) Human Machine Interface (HMI) PC Based Controllers Back-Office Mainframes and Servers (ERP, MES, CAPP, PDM, etc.) Device Level Network Ethernet Office Applications, Internetworking, Data Servers, Storage Corporate IT Network Central NMS Pager Handheld Scanner Wireless Video Apps Video Feed
  • Agenda Challenges of Implementing Ethernet Ethernet Evolution Intelligent Services in the Network Availability, QoS, and Security Summary
    • Benefits
      • Enhanced Productivity and Efficiency
      • Reduced Costs
      • Remote Diagnostics
      • Streamlined Network Infrastructure
      • Scalability
    • Challenges
      • Determinism: Is the Control Data always on time?
      • Uptime: Is my network as resilient?
      • Access Control: Are authorized entities the only ones accessing the control traffic and data?
    The Benefits and Challenges of Ethernet
    • Industrial Ethernet deployments must focus on three key areas for scalable deployments
      • Availability : Insure that network resources are resilient and scalable
      • Quality of Service : Provides assurance of low latency and delay of the Control Data
      • Security : Protect the factory floor data and network resources from threats and/or unauthorized access
    • By implementing these functions, Industrial Networks will institute a solid foundation for supporting incremental applications and solutions
    Challenges to Implementing Ethernet Can be Addressed
  • Agenda Challenges of Implementing Ethernet Ethernet Evolution Intelligent Services in the Network Availability QoS Security Summary
  • Traditional Redundant Network Designs Ring Topology Distribution Core Access Dual Homed Tree Network Design
  • Logical Industrial Ethernet Template Access/Client Layer- IGMP Snooping will be employed to control multicast Producer/Consumer communication model Distribution/Access Layer- 802.1D, 802.1W and 802.1S will be employed to ensure layer 2 convergence <= 50ms. VLAN 102 VLAN 103 VLAN 104 VLAN 105 VLAN 101 Core Layer- RMON, CDP,NTP and SNMP will be employed to aid in management. In all instances where applicable a QOS template should be engineered and deployed. A minimum configuration to classify traffic at the access layer must be employed to ensure a QOS template in the future. Backbone Network Cell Zone Cell
    • IEEE 802.1w standard providing sub-second redundant link resilience (Non Timer Based)
    • Eliminate forwarding delay on point-to-point links using explicit handshaking protocol
    What is 802.1w? Inter-Switch Determinism Learning Forwarding Blocking Forwarding 20 sec Listening 15 sec 15 sec Blocking 802.1d 802.1w (p2p link) < 1 sec Proposal-Agreement Handshake
    • Most Proprietary convergence schemes disable or cannot support Spanning Tree
    • Disabling Spanning Tree can cause loops in the network.
    • Control Networks can now rely on a standards base method for sub-second convergence
    • Backward compatible with 802.1D (Spanning Tree Protocol) allowing for a direct connection with traditional data networks
    IEEE 802.1w in Control Networks
  • Traditional vs. Producer-Consumer M ulticast Models Mbps Producer-Consumer Multicast Traffic Unicast Traffic No. of Control Devices Mbps Traditional Multicast Unicast Traffic Multicast Traffic No. Multicast Users
    • A Layer 2 switch will flood multicast packets to all ports within the same VLAN by default
    • An Intelligent switch will “Snoop” or intercept IGMP Joins and Leaves received on interfaces from hosts
    • Traffic is forwarded only to those ports which have “Joined” the multicast group
    • Traffic continues to be forwarded until the client issues a Leave Message at which time the switch will stop forwarding traffic on that port.
    • When all nodes have “left” the particular group, the multicast router will prune off the traffic
    IGMP Snooping and Intelligent Ethernet
    • Without IGMP Snooping hosts (I/O Devices) can be overwhelmed by traffic not addressed to them
    • In a Consumer-Producer Model traffic grows exponentially with the number of hosts unless multicasts are constrained
    • IGMP Snooping provides scalability for Consumer-Producer Data Models by limiting the amount of multicast traffic
    • Performance benefits of the Consumer-Producer model are maintained (all consumers have equal access to data)
    IGMP Snooping Summary Mbps Producer-Consumer Multicast Traffic Unicast Traffic No. of Control Devices Multicast with IGMP Snooping
  • Agenda Challenges of Implementing Ethernet Ethernet Evolution Intelligent Services in the Network Availability QoS Security Summary
  • What Is Quality of Service (QoS)? Data Collection Mission-Critical (Control) Back Office Configuration (File Transfer)
    • Classification
    • Policing
    • Congestion avoidance
    QoS enables determinism in Industrial Ethernet deployments
    • Points of substantial speed mismatch and points of aggregation
    • If a buffer fills it is not possible to place new traffic into it  DROPS!
    • Increasing the size of the buffer can help avoid drops but introduces delay
    Why QoS? Congestion, Control Operational Determinism Aggregation Speed Mismatch 10 Mbps 1000 Mbps
  • Not All Traffic Is Created Equal Control Video Data (Best-Effort) Voice Bandwidth Low to Moderate Moderate to High Moderate to High Low Random Drop Sensitivity High Low High Moderate Delay Sensitivity High High Low Moderate to High Jitter Sensitivity High High Low High
  • Quality of Service and the OSI Model Application Device Profiles L2 Data Link L1 Physical IPV4 ToS L3 Network L4 Transport Fieldbus Specific QoS Parameters 802.1Q/p CoS Physical Layer EtherNet MAC/LLC IP TCP UDP Message Routing, Connection Management Data Management Services Explicit Messages, I/O Messages Application Object Library Semi- conductor Valves Drives Robots Other
  • Aggregate QoS Model for Industrial Ethernet
    • QoS classification based on Layer 2/3/4 attributes:
      • Destination MAC Address
      • Ethertype
      • Source / Destination IP Address
      • TCP / UDP Source or Destination Port Number
    Classification Policing/ Metering Marking Queue/ Schedule Congestion Control INGRESS ACTIONS EGRESS ACTIONS Distinguish Traffic by examining L2-L4 labels and QoS fields. CoS changed depending on trust state at port. Ensure conformance to a specified rate DSCP-CoS or CoS-DSCP mapping 4 queues/port with Priority scheduling
  • An Example: EtherNet/IP Model Priority on Control Traffic (UDP Port 2222) guarantees that there will not be delay or jitter affecting any control functions such as interlocking Control traffic can be tagged at L2 or L3 depending on the existing network architecture UDP ARP IP RARP ICMP OSPF TCP FTP HTTP BOOTP DHCP SMTP SNMP IGMP IGRP IEEE 802.3 Ethernet Application Data Link Physical Network Transport UDP IP TCP CIP Explicit Messaging Real-time I/O Control
    • QoS enables low-latency of Control Traffic guaranteeing a deterministic behavior for critical control data
    • L2-L4 packet inspection and tagging should be used to establish traffic priorities
    • Buffer management is a key part of QoS
    • As networks evolve to support more services QoS becomes even more critical
    • QoS is an essential component for scalable deployments
    QoS Benefits Industrial Network Deployment
  • Agenda Challenges of Implementing Ethernet Ethernet Evolution Intelligent Services in the Network Availability QoS Security Summary
  • Security in IP Networks
    • Any IP network that does not implement the appropriate security mechanism is susceptible to intrusion
    • Intrusion by malicious entities can potentially bring down a network and capture key competitive information
    • Large scale secure EtherNet/IP networks are successfully deployed today in numerous critical services (financial, medical, process control, etc.)
    • Intelligent Ethernet Switches support security features that work at different layers to identify, prevent, and alert malicious or unauthorized activities on the data network
  • Intelligent Ethernet and Security
    • Security Filters
      • Inspection and classification of L2-L4 packets can insure that only the authorized MAC and IP addresses go through the switch. L4 port inspection can insure that only the authorized applications are running.
    • Port Security
      • Provides a means to ensure the appropriate user is on the network by limiting access based on MAC addresses
    • 802.1x authentication
      • Protects network access by allowing RADIUS server to authenticate user allowing/disallowing access to the network
    • MAC Address Notification
      • Provides an alert to a management station so that network administrators know when and where users came on to the network and can take appropriate actions
    • AAA control and central Management
    • SNMPv3
      • Provides network security by encrypting administrator traffic during SNMP session to configure/troubleshoot switch
    • Secure Shell (SSH)
      • Encrypts administration traffic during Telnet sessions while configuring or troubleshooting switches
    Intelligent Ethernet and Security
  • Agenda Challenges of Implementing Ethernet Ethernet Evolution Intelligent Services in the Network Availability, QoS, and Security Summary
  • Intelligent Ethernet Enables
    • Reduced operational and capital expense by leveraging a single, common network infrastructure
    • Connectivity and real-time decision making in a secure environment
    • Network availability and reliability
    While maintaining industrial grade networking and connectivity
  • © 2001, Cisco Systems, Inc. All rights reserved. Presentation_ID