Fundamentals of EtherNet/IP Network Technology

PUBLIC
Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 2Rockwell Automation TechED 2017 @ROKTechED #ROKTechED
Fundamentals of EtherNet/IP
Networking Technology
Converged Plantwide Ethernet (CPwE) Architectures

Abstract
 Learn the capabilities and features of EtherNet/IP, including an overview of
networking technology and terminology. Learn how the Common Industrial
Protocol (CIP) fully uses the Open Systems Interconnection (OSI) reference
model and the value of supporting standard Ethernet and Internet Protocol
(IP) network technology.

Agenda
 Standard Industrial Network Technology
 OSI Reference Model
 OSI Layers 1 - 7
 Industrial Automation and Control System Network Architectures
 Additional Material
 Training Resources

Standard Industrial Network Technology

Industrial Networks Trends
 Open networks are in demand
 Broad availability of products, applications and vendor support for Industrial Automation
and Control System (IACS)
 Network standards for coexistence and interoperability of IACS endpoints
 Convergence of network technologies – Industrial Internet of Things
 Reduce the number of disparate networks in an IACS application and create seamless information
sharing throughout the plant-wide / site-wide architecture
 Use of common network design, deployment and troubleshooting tools across the plant-wide / site-
wide architecture; avoid special tools for each application
 Better asset utilization to support lean initiatives
 Common network infrastructure assets, while accounting for environmental requirements
 Reduced training, support, and inventory for different networking technologies
 Future-ready – help maximizing investments and minimizing risks
 Support new technologies and features without a network forklift upgrade

Industrial Application Convergence
Industrial Network Trends
Controller
Drive Network
Safety Network
I/O Network
Plant/Site Network
Disparate Network Technology
Information
I/O, Motor
Control
Safety
Applications
Process
Power
Control
Multi-discipline Industrial Network Convergence – Industrial Internet of Things
High
Availability
Energy
Management
Safety I/O
Single Industrial
Network Technology
Camera
Controller
VFD
Drive
HMI
I/O
Plant/Site
Instrumentation

Industrial Application Convergence
Single Industrial Network Technology - Smart Endpoints
Multi-discipline Industrial Network Convergence
Process ControlDiscrete ControlInformation TechnologyIntelligent Motor Control
Convergence of Operational
Technology (OT) with Information
Technology (IT)

EtherNet/IP: “IP” - Industrial Protocol
Single Industrial Network Technology
 ODVA
 Supported by global industry leaders such as Cisco Systems®,
Omron®, Schneider Electric®, Bosch Rexroth AG®,
Endress+Hauser and Rockwell Automation®
 Conformance & Performance Testing
 Standard
 IEEE 802.3 - standard Ethernet, Precision Time Protocol (IEEE-1588)
 IETF - Internet Engineering Task Force, standard Internet Protocol (IP)
 ODVA - Common Industrial Protocol (CIP™)
 IEC - International Electrotechnical Commission – IEC 61158
 IT Friendly and Future-Ready (Sustainable)
 Multi-discipline control and information platform
 Established - products, applications and vendors
www.odva.org
What’s the difference?
 Ethernet IP
 EtherNet/IP

EtherNet/IP: “IP” - Industrial Protocol
 ODVA
 Supported by global industry leaders such as Cisco Systems®,
Omron®, Schneider Electric®, Bosch Rexroth AG®,
Endress+Hauser and Rockwell Automation®
 Conformance & Performance Testing
 Standard
 IEEE 802.3 - standard Ethernet, Precision Time Protocol (IEEE-1588)
 IETF - Internet Engineering Task Force, standard Internet Protocol (IP)
 ODVA - Common Industrial Protocol (CIP™)
 IEC - International Electrotechnical Commission – IEC 61158
 IT Friendly and Future-Ready (Sustainable)
 Multi-discipline control and information platform
 Established - products, applications and vendors
www.odva.org

OSI Reference Model

CIP - IEC 61158
OSI 7-Layer Reference Model
5-Layer TCP/IP Model
Application
Presentation
Session
Transport
Network
Data Link
Physical
Layer 7
Layer 6
Layer 5
Layer 4
Layer 3
Layer 2
Layer 1
Network Services to User App
Encryption/Other processing
Manage Multiple Applications
Reliable End-to-End Delivery Error Correction
Packet Delivery, Routing
Framing of Data, Error Checking
Signal type to transmit bits, pinouts, cable type
IETF TCP/UDP
IETF IP
IEEE 802.3/802.1/802.11
TIA - 1005
Routers
Switches
Cabling/RF
Layer NameLayer No. Function Examples
CIP - IEC 61158
IES
Open Systems
Interconnection

Routers
Switches
Cabling/RF
IES
CIP - IEC 61158
Application
Presentation
Session
Transport
Network
Data Link
Physical
Layer 7
Layer 6
Layer 5
Layer 4
Layer 3
Layer 2
Layer 1
IETF TCP/UDP
IETF IP
IEEE 802.3/802.1/802.11
TIA - 1005
What makes EtherNet/IP
industrial?
Physical Layer
Hardening
Infrastructure Device
Hardening
Common Application
Layer Protocol
Open Systems
Interconnection

Coexistence Interoperability
OSI Reference Model
Protocol Stack
TIA - 1005
CIP - IEC 61158
Modbus TCP
IEC 61850 –MMS
HTTP
RTP
Coexistence
Examples
IETF TCP/UDP
IETF IP
IEEE 802.3/802.1/802.11
Application
Presentation
Session
Transport
Network
Layer 7
Layer 6
Layer 5
Layer 4
Layer 3
Layer NameLayer No.
Data Link
Physical
Layer 2
Layer 1

OSI Reference Model
Protocol Stack
Application - CIP Layer 7 Application - CIP
Presentation - Null Layer 6 Presentation - Null
Session – Null Layer 5 Session - Null
Transport – TCP/UDP Layer 4 Transport – TCP/UDP
Network – IP Layer 3 Network - IP
Data Link - Ethernet Layer 2 Data Link - Ethernet
Physical - Ethernet Layer 1 Physical - Ethernet
Sender Receiver
DecapsulationEncapsulation

OSI Reference Model
Protocol Stack
Encapsulation Decapsulation
Studio 5000 Logix Designer®
RSLinx® Classic
ControlLogix®
TIA - 1005
CIP - IEC 61158
Examples
IETF TCP/UDP
IETF IP
IEEE 802.3/802.1/802.11
Application
Presentation
Session
Transport
Network
Layer 7
Layer 6
Layer 5
Layer 4
Layer 3
Layer NameLayer No.
Data Link
Physical
Layer 2
Layer 1

OSI Reference Model
Protocol Stack Example - Encapsulation
CIPTCP Header Segment
CIPTCPIP Header Packet
CIPTCPIPEnet Header Frame
Physical LayerEthernet Frame is sent out the PHY
Application
Presentation
Session
Transport
Network
Layer 7
Layer 6
Layer 5
Layer 4
Layer 3
Layer NameLayer No.
Data Link
Physical
Layer 2
Layer 1
CIP PayloadEncaps
 The Ethernet message structure is a concatenation of protocols
 EtherNet/IP defines an Encapsulation protocol that sets up the TCP resources

OSI Reference Model
Physical Layer Independent
Application
Presentation
Session
Transport
Network
Data Link
Physical
Layer 7
Layer 6
Layer 5
Layer 4
Layer 3
Layer 2
Layer 1 Copper
CIP
Physical Layer
Independent
Layer NameLayer No. Examples
IETF TCP/UDP
IETF IP
IEEE 802.3/802.1
Fiber

Wi-Fi
IEEE 802.11
OSI Reference Model
Data Link Layer Independent
Data Link Layer
Independent
Standard IP provides Portability and seamless Routing
Application
Presentation
Session
Transport
Network
Data Link
Physical
Layer 7
Layer 6
Layer 5
Layer 4
Layer 3
Layer 2
Layer 1
CIP
IETF TCP/UDP
IETF IP
Copper / Fiber
IEEE 802.3/802.1

OSI Reference Model
Open Systems Interconnection
Limits Portability and Routability,
may require additional assets
to forward information throughout
the plant-wide / site-wide architecture
Application
Presentation
Session
Transport
Network
Data Link
Physical
Layer 7
Layer 6
Layer 5
Layer 4
Layer 3
Layer 2
Layer 1 TIA 1005
CIP
Vendor Specific
Vendor Specific
IEEE 802.3/802.1

OSI Reference Model
Open Systems Interconnection
Non standard Ethernet,
will require additional assets
to connect into
the plant-wide / site-wide architecture
Application
Presentation
Session
Transport
Network
Data Link
Physical
Layer 7
Layer 6
Layer 5
Layer 4
Layer 3
Layer 2
Layer 1 TIA 1005
CIP
Vendor Specific
Vendor Specific
Vendor Specific

OSI Reference Model
Network Independent
Layer 7
Layer 4
Layer 3
Layer 2
Layer 1
Layer No.
Network
Independent

CIP - IEC 61158
Application
Presentation
Session
Transport
Network
Data Link
Physical
Layer 7
Layer 6
Layer 5
Layer 4
Layer 3
Layer 2
Layer 1
IETF TCP/UDP
IETF IP
IEEE 802.3/802.1/802.11
TIA - 1005
Routers
Switches
Cabling/RF
Similar sounding network devices, services and terms exist at Layer 2 (L2)
and Layer 3 (L3) – e.g. Connections, QoS, Resiliency, Security
IES
Open Systems
Interconnection

OSI Layer 1

Layer 1 – Physical Layer
Design and Implement a Robust Physical Layer
 Environment Classification - MICE
 More than cable
 Connectors
 Patch panels
 Cable management
 Noise mitigation
 Bonding, Shielding and Grounding
 Standard Physical Media
 Wired vs. Wireless
 Copper vs. Fiber
 UTP vs. STP
 Singlemode vs. Multimode
 SFP – LC vs. SC
 Standard Topology Choices
 Switch-Level, Device-Level and Hybrid
Cable Selection
ENET-WP007
Industrial Ethernet Physical
Infrastructure Reference
Architecture Design Guide
ODVA Guide
Fiber Guide
ENET-TD003
25

Environmental Focus – M.I.C.E.
 M.I.C.E. provides a method of categorizing the
environmental classes for each plant Cell/Area
Zone.
 The MICE environmental classification is a
measure of product robustness:
 Specified in ISO/IEC 24702
 Part of TIA-1005 and ANSI/TIA-568-C.0
standards
 This provides for determination of the level of
“hardening” required for the network media,
connectors, pathways, devices and enclosures.
 Examples of rating:
 1585 Industrial Ethernet Media : M3I3C3E3
 M12: M3I3C3E3
 RJ-45: M1I1C2E2
Office IndustrialTIA 1005
Increased Environmental
Severity

Select best media for your needs
UTP vs. STP
Unshielded Twisted Pair (UTP) Shielded Twisted Pair (STP)
Costs less Excellent immunity from EMI and RFI noise
Installs faster Can locate cable close to source of noise
Smaller diameter, more flexible Well suited for more rigorous environments
CAT5e vs.
CAT6a
CAT5e CAT6a
Costs Less Higher signal to noise ration; performance margins
Suitable for speeds of less than a Gbps Designed to deliver Gbps performance
Copper vs.
Fiber
Copper Fiber
Termination and installation is faster Cost of fiber transceivers is higher
Less fragile Use when excessive EMI noise is present
Distances of less than 100m Use when distance is a factor (over 100m)
Multimode
vs.
singlemode
Fiber
Multi-mode Single-mode
For distances of up to 550m @ 1Gbps and 2km @ 100 Mbps Longer distances (up to 40km)
Lower cost transceivers, connectors and installation High bandwidth capabilities
Higher fiber cost, but lower total system cost Lower fiber cost, but higher total system cost

 Responsible for converting a frame, Layer 2 output, into signals to be transmitted over the physical
network (electrical, light, RF)
 It provides the hardware means of sending and receiving data on a carrier, including defining cables,
cards and physical aspects.
 LAN or WAN
 Physical data rates, maximum transmission distances,
physical connectors
 Ethernet examples:
 100Base-TX, 100Base-SX, 100Base-FX,
1000Base-SX, 1000Base-LX
 Layer 1 Protocols and Services
 Other PHY examples:
 RS-232, USB
 T1, E1, ISDN, DSL
 802.11, 802.15.4, Bluetooth

Layer 1 - Physical Layer
Auto-Negotiation - Clause 28 of IEEE 802.3-2012
Pulses detect
Link speed and
integrity
(10/100/1000)
Negotiate
Full/Half
Duplex
Negotiate
optional
features (like
MDI - MDIX)

Auto-Negotiation - Clause 28 of IEEE 802.3-2012
 Choice of auto-negotiation or manual settings for speed and duplex is often driven by
customer standards and policies
 Duplex mismatch is a common source of network performance issues
 Auto-negotiation failure on a 100 Mbps copper link defaults to half-duplex mode
 Auto-negotiation failure on a 1 Gbps copper link defaults to full-duplex mode

Auto-Negotiation - Summary
 CPwE Reference Architectures Recommendations
 Be consistent
 Do not mix auto-negotiation and manual settings between ports on the same link
 Always verify speed and duplex using the tools you have
 Auto-negotiation of speed and duplex is recommended for:
 On ports between switches and EtherNet/IP devices
 Manual setting of speed and duplex is recommended for:
 On ports (copper link) between infrastructure devices such as switches and routers
 On ports between switches and servers
 Use fiber media and SFPs for all inter-switch links

EN2TR Example
RSLinx® Classic
Module Configuration
EN2TR web page
Network Settings
Logix Designer
EN2TR Properties

Infrastructure – Active Devices
 A repeater recreates the incoming signal and re-transmits it without noise or distortion
that may have effected the signal as it was transmitted down the cable.
 Repeaters were available on legacy Ethernet to increase the overall length of the
network and allow additional nodes to be added.

Infrastructure – Active Devices - Media Converters
Fiber link
Fiber link
Use Caution!
Small Form-Factor
Pluggable (SFP)
IES
IES IES
IES

Topology - Linear
Layer 2 Access Link
Layer 2 Interswitch Link/802.1Q Trunk
Layer 3 Link
Layer 2 Industrial Ethernet Switch
Stratix® 2500, Stratix® 5700, Stratix® 5400, Stratix® 8000
Multi-Layer Switch, Layer 2 and Layer 3
Layer 3 Services Router
Stratix® 5900
Layer 2 Bridge
Stratix® 5100 as WGB
Linear
Device-Level
Linear
Switch-Level
IES
IFW Industrial Firewall
Stratix® 5950

Network Architecture Icon Key
Converged Plantwide Ethernet (CPwE)
Layer 2 Access Link (EtherNet/IP Device Connectivity)
Layer 3 Link
Layer 2 Access Switch, Catalyst 2960
Multi-Layer Switch - Layer 2 and Layer 3,
Layer 3 Router, Stratix® 5900
Autonomous Wireless Access Point (AP),
Stratix® 5100 as Autonomous AP
Layer 2 IES with NAT, Stratix® 5700, Stratix® 5400
Layer 2 IES with NAT and Connected Routing,
Stratix® 5700, Stratix® 5400
NAT
NAT - CR
Layer 3 Distribution Switch Stack,
Catalyst 3750-X, Catalyst 3850
Layer 3 Core Switch,
Catalyst 4500, 4500-X, 6500, 6800
Layer 3 Core Switch with Virtual Switching System (VSS)
Catalyst 4500-X, 6500, 6800
Firewall, Adaptive Security Appliance (ASA) 55xx
Wireless workgroup bridge (WGB),
Stratix® 5100 as workgroup bridge (WGB)
Unified Wireless Lightweight Access Point (LWAP),
Catalyst 3602E LWAP
Unified Wireless LAN Controller (WLC), Cisco 5508 WLC
Unified Computing System (UCS), UCS-C series
Identity Services Engine (ISE) for Authentication,
ISE - PAN/PSN/MnT
Layer 2 Access, Industrial Ethernet Switch (IES),
Stratix® 2500, Stratix® 5700, Stratix® 5400, Stratix® 8000IES IFW
Layer 3 Router with Zone-based Firewall, Stratix® 5900
Industrial Firewall, Stratix® 5950

Topology – Star and Redundant Star
Star Redundant Star

Topology - Ring
Ring
Device-Level Ring
Switch-Level

OSI Layer 2

Layer 2 – Data Link
802.3/802.1 – Ethernet – local area network (LAN)
 Standard Ethernet frames
 Short frame - 64 bytes = 512 bits
 Long frame - 1518 bytes = 12144 bits
 MAC (802.3) lower sub-layer controls how a device on the network gains access to the
data and permission to transmit it.
 Ethernet Media Access: CSMA/CD
 Layer 2 Examples:
 LAN - 802.3, 802.5, 802.11
 WAN – HDLC, PPP, Frame Relay, ATM, ISDN, EoMPLS (service providers)
 Layer 2 Protocols and Services Examples
 QoS – Quality of Service, VLAN – Virtual LAN, LLDP – Link Layer Discovery Protocol
 Resiliency and Security
Data (Payload) FCSSADASFD Type/Len
Ethernet Frame
Pre

Hardware Addressing
 All devices on Ethernet communicate using the Ethernet address for the device.
This address is sometimes referred to as the “hardware”, “burned-in (BIA)” or
“media access control address” (MAC stands for Media Access Controller).
 The hardware address is a unique (in the world) 6-byte (48 bits) address that is
embedded in the circuitry of every device that sits on an Ethernet network. First 3-
bytes identify a specific vendor.
 Every vendor of Ethernet products obtains their own unique address range -
organizationally unique identifier (OUI)
 Allen-Bradley® is 00:00:BC:XX:XX:XX and 00:1D:9C:XX:XX:XX
 Representations - 00:00:BC:03:52:A9, 00-00-BC-03-52-A9, 0000.BC03.52A9
Note that each digit of the media access control address is a hex number (range 0-F)
http://www.techzoom.net/tools/check-mac.en
MAC Decoder

LAN Transmission Methods
 Unicast
 A method by which a frame is sent to a single destination.
 Multicast
 A technique that allows copies of a single frame to be passed to a selected subset of
possible destinations.
 Example: 01-00-0C-CC-CC-CC (Cisco Discovery Protocol – CDP)
 Broadcast
 A frame delivery system that delivers a given frame to all hosts on the LAN.
 FF:FF:FF:FF:FF:FF
 Examples – ARP, DHCP

Layer 2 - Data Link
Bridging
 A bridge is a device that isolates traffic between segments by selectively
forwarding frames to their proper destination. It is transparent to the
network and protocol independent.
 Similar to the repeater, the bridge isn’t used much any more, but more
advanced devices which perform the bridging function are commonly used.
Ethernet Ethernet
Ethernet Token Ring
Access
Point
Workgroup
bridge
Bridge
Bridge
Ethernet Ethernet
EtherNet/IP DeviceNet
Bridge
Layer 2
Layer 3 Layer 7

Layer 2 - Data Link
Collision Domains
Controller 1 Controller 3
Controller 2
Switch L2-1 Switch L2-2
Switch L3-1
L3 - 10.10.10.5
L2 - 0000:BC10:1005
L3 - 10.10.20.5
L2 - 0000:BC10:2005
L3 - 10.10.10.6
L2 - 001D:9C10:1006
L3 - 10.10.10.1
L2 - E490.6919.5B44
L3 - 10.10.20.1
L2 - E490.6919.5B41
L3 - 10.10.10.0/24
L2 - VLAN 10
L3 - 10.10.20.0/24
L2 - VLAN 20
Fa1/1
Fa1/2
Gi1/1 Gi1/1 Gi1/2 Fa1/1 Fa1/2
IES

Layer 2 - Data Link
Broadcast Domains
Controller 1 Controller 3
Controller 2
Switch L2-1 Switch L2-2
Switch L3-1
L3 - 10.10.10.5
L2 - 0000:BC10:1005
L3 - 10.10.20.5
L2 - 0000:BC10:2005
L3 - 10.10.10.6
L2 - 001D:9C10:1006
L3 - 10.10.10.1
L2 - E490.6919.5B44
L3 - 10.10.20.1
L2 - E490.6919.5B41
L3 - 10.10.10.0/24
L2 - VLAN 10
L3 - 10.10.20.0/24
L2 - VLAN 20
Fa1/1
Fa1/2
Gi1/1 Gi1/1 Gi1/2 Fa1/1 Fa1/2
IES

IES
IES
Layer 2 - Data Link
Layer 2 Switching
 Layer 2 Switch - Multi-port Bridge
 Examples - Stratix® 2500, Stratix® 5700, Stratix® 5400 and Stratix® 8000
switches
 All ports are in the same broadcast domain
 Forwards frames based on the destination
media access control address and a MAC table
 CAM (MAC) Table – content addressable memory
 Learns a device’s location by examining source address
 Sends out all ports when destination address is broadcast, multicast, or unknown
address
 Forwards and filters when destination is located on different interface
 Managed switches provide Layer 2 features, such as segmentation (VLAN
tag), security, QoS, resiliency, etc.
1
6
8
LAN
Controller
HMI
Drive I/O

Layer 2 - Data Link
Switching – Embedded Switch Technology
2-port Embedded Switch
Port 1 Port 2
Linear Device-level Topology
Ring Device-level Topology

Layer 2 - Data Link
Switching – Embedded Switch Technology
 Note that the ControlLogix® and CompactLogix™ L4x platforms can support multiple
network interface cards (NICs) to segment network traffic. However, the
CompactLogix™ 5370 platform is not capable of this method of network segmentation.
The two ports of the CompactLogix™ 5370 Programmable Automation Controller
(PAC) are part of an embedded switch, not a dual NIC.
ENxTR ENxT’s
= ≠
PHY PHY
= ≠
CompactLogix™ 5370 ControlLogix® ControlLogix®

Layer 2 - Data Link
Industrial Ethernet Switch Type Selection
Advantages Disadvantages
Managed
Switches
Unmanaged
Switches
ODVA
Embedded
Switch
Technology
 Loop prevention and resiliency
 Security services
 Management services (Multicast, DHCP per port and DLR)
 Diagnostic information
 Segmentation services (VLANs)
 Prioritization services (QoS)
 Inexpensive
 Simple to set up
 More expensive
 Requires some level of support and
configuration to start up
 No loop prevention or resiliency
 No security services
 No diagnostic information
 No segmentation or prioritization services
 Difficult to troubleshoot, no management services
 Cable simplification with reduced cost
 Ring loop prevention and resiliency
 Prioritization services (QoS)
 Time Sync Services (IEEE 1588 PTP Transparent Clock)
 Diagnostic information
 Limited management capabilities
 May require minimal configuration

EN2TR Example
EN2TR web page
Media access control
address
EN2TR web page
Ethernet Statistics
RSLinx® Classic
EN2TR Diagnostics
Ethernet Statistics

EtherNet/IP is Standard
 MAC addressing - 00:00:BC:XX:XX:XX and 00:1D:9C:XX:XX:XX
 Transmission types: unicast, multicast and broadcast
 EtherType
 Common – e.g. IPv4, ARP
 ODVA embedded switch beacon for DLR - EtherType - 0x08E1
 Layer 2 services example
 QoS – CoS
Data (Payload) FCSSADASFD Type/Len
Ethernet Frame
Pre

OSI Layer 3

Layer 3 – Network
Internet Protocol (IP) Packet
 This layer provides switching and routing technologies, creating logical paths, known as
virtual circuits, for transmitting data from node to node.
 Routing and forwarding are functions of this Layer, as well as addressing, and
internetworking.
 IP address (host, network), Subnet Mask, Default Gateway
 Layer 3 Protocol Examples:
 ICMP – Internet Control Message Protocol
 IPsec – Internet Protocol Security
 IGMP – Internet Group Management Protocol
 Routed protocol vs. Routing Protocol vs. Router Redundancy
 Layer 3 Services Examples
 QoS – Quality of Service, Resiliency, Security
ID Offset TTL Proto HCS IP SA IP DA DataLen
Version
/Len
ToS
Byte IPv4 Packet

 IPv4
 32 binary (0-1) digits, 32 bits, four 8-bit
fields (octets), dotted-decimal notation
(DDN)
 4,294,467,295 possible addressable
nodes
 Example:
 192.168.1.1
 IPv6
 32 hex (0-F) digits, 128 bits, eight 16-bit
hexadecimal fields separated by colons (:)
 3.4 * 1038 possible addressable nodes
 340,282,366,920,938,463,463,374,607,431,768,211,456
 5 * 1028 addresses per person ( 6.5 billion people )
 Example:
 2001:0DB8:7654:3210:FEDC:BA98:7654:3210
Layer 3 – Network – IPv4 and IPv6
IPv4 versus IPv6

340,282,366,920,938,463,374,607,432,768,211,456
(IPv6 Address Space - 340 Undecillion)
Versus
4,294,967,296
(IPv4 Address Space - 4 Billion)
Layer 3 – Network
Antares
15th Brightest
star in the sky
Our Sun
 Lot’s of talk about how big, it’s BIG, do NOT worry about waste
 Each /64 prefix contains 18 Quintillion host address’s (18,446,744,073,709,551,616)
 Theoretical vs. Practical deployment, still not an issue
So How Big Is The IPv6 Address Space?

Layer 3 – Network
IPv6
340,282,366,920,938,463,463,374,607,431,768,211,456
340 Undecillion 1036
282 Decillion 1033
366 Nonillion 1030
920 Octillion 1027
938 Septillion 1024
463 Sextillion 1021
463 Quintillion 1018
374 Quadrillion 1015
607 Trillion 1012
431 Billion 109
768 Million 106
211 Thousand 103
456 100

 Unicast
 A method by which a packet is sent to a single
destination.
 Multicast
 A technique that allows copies of a single
packet to be passed to a selected subset of
possible destinations
 224.0.0.0 - 239.255.255.255
 EtherNet/IP IP Multicast Address Range:
 239.192.0.0 - 239.195.255.255
 Broadcast
 A packet delivery system that delivers a given
packet to all hosts on the LAN.
 255.255.255.255
 Unicast
 Global - routable across the internet
 Link Local - non routable
 Unique Local - routable within administrative
domain
 Multicast
 Solicited Node
 Anycast
Layer 3 – Network
LAN Transmission Methods - IPv4 vs. IPv6
2000:NNNN:NNNN:SSSS::HHHH:HHHH:HHHH:HHHH
3FFF:NNNN:NNNN:SSSS::HHHH:HHHH:HHHH:HHHH
FE80:0000:0000:0000::HHHH:HHHH:HHHH:HHHH

Layer 3 – Network
IPv4 versus IPv6 Header Comparison
Fragment
Offset
Flags
Total Length
Type of
Service
IHL
PaddingOptions
Destination Address
Source Address
Header ChecksumProtocolTime to Live
Identification
Version
IPv4 Header (20-60)
Next
Header
Hop Limit
Flow Label
Traffic
Class
Destination Address
Source Address
Payload Length
Version
IPv6 Header (40)
 Length is constant in IPv6
 Fragmentation occurs in (EH)
 Option’s occur in (EH)
 UDP must have valid Checksum, unlike v4.
 Upper layer checksums use the Pseudo Header format: SRC/DST Addr + Next Header

Layer 3 – Network
Internet Protocol Address
Fixed or assigned from a
pool?
What type of server? If
assigning from a pool
Unique Network Identity
Resolves host names to IP
addresses on the network
“User-Friendly” Name to
identify a node on the network

Option Description Advantages Disadvantages
Static
Hardware
Devices hard coded with an IP
address
Simple to commission and
replace
In large environments, can be burdensome to
maintain
Limited ranged of IP addresses and subnet
Not all devices support
Static via BOOTP
Configuration
Server assigns devices IP
addresses
Precursor to DHCP
Supported by every device
Requires technician to configure IP address/MAC
address when a device is replaced
Adds complexity and point of failure
DHCP
Server assigns IP addresses from a
pool (NOT RECOMMENDED for
industrial devices)
Efficient use of IP address range
Can reduce administration work
load
More complex to implement and adds a point of failure
Devices get different IP addresses when they restart
DHCP Option 82
Server assigns consistent IP
addresses from a pool (NOT
RECOMMENDED)
Can reduce administration work
load
More complex to implement and adds a point of failure
Mixed environments may not work
DHCP port-based and
DLR-based allocation
Automatically assign IP address per
physical switch port
Eases commissioning and
maintenance in large
environments
Requires some maintenance and upkeep, on a per
switch basis
Layer 3 – Network
IP Addressing Schema

Layer 3 – Network
IP Forwarding – Layer 3 Switching
 Layer 3 switches/routers use the network portion of IP addresses to
identify where networks are, switch/route packets by network.
 Examples - Stratix® 5400, Stratix® 5410 and Stratix® 8300 switches
 A routing table is kept that tells the Layer 3 device which port a
message should be transmitted out in order to get the message to
the proper network.
 If the particular network is not directly attached
to that Layer 3 device, it will forward, based on the
routing table, the message to the next Layer 3
switch or router in the path for further routing.
 EtherNet/IP - Time-to-live (TTL)
 Multicast =1, Unicast = 64
Default Gateway
10.10.10.1
10.17.10.1
VLAN 17
Subnet 10.17.10.0/24
Controller 1
VLAN 10
Subnet 10.10.10.0/24
Controller 2
10.17.10.56
10.10.10.56
10.17.10.0
10.10.10.0
1
2
Network
Routing Table
Port

Layer 3 – Network
Single Hop Routing
Source Destination
10.17.10.56 10.10.10.56
001d.9c00.8308 unknown
Source Destination
10.17.10.56 10.10.10.56
001d.9c00.8308 e490.6919.5b44
Source Destination
10.17.10.56 10.10.10.56
e490.6919.5b41 0000.bc5a.d056
VLAN 17
Subnet 10.17.10.0
VLAN 10
Subnet 10.10.10.0
10.17.10.56
001d.9c00.8308
10.10.10.56
0000.bc5a.d056
Stratix®
Default Gateway
e490.6919.5b44 e490.6919.5b41
Packet

Layer 3 - Network
IP Forwarding - Routing
 Switch/route packets by Network Address
 Stratix® 5900 Services Router
 Extend network distance
 LAN, MAN, WAN
 Connect different LANs
 Broadcast control
 Multicast control, EtherNet/IP multicast not routable -
TTL=1
 Layer 3 features such as security, QoS, resiliency, etc.
 Make sure IT understands required protocols
 Is there a need to route to other subnets?
 Multicast traffic?
 Security or segmentation?
WAN
10.17.10.56
10.10.10.56
Default Gateway
10.10.10.1
10.17.10.1
VLAN 17
Subnet 10.17.10.0/24
VLAN 10
Subnet 10.10.10.0/24

Layer 3 – Network
 Routed protocols - Internet Protocol (IP)
 Routing Types
 Connected, Static, Default and Dynamic
 Stratix® 5700 switches (Connected & Static Routing)
 Stratix® 8300, Stratix® 5400 and Stratix® 5410 switches(Connected, Static & Dynamic Routing)
 Dynamic Routing Protocols
 Routers talking to routers
 Maintaining optimal network topology/path to subnets, and forwarding packets along
those paths
 Examples:
 OSPF – Open Shortest Path First, IETF Standard (Link-State Routing)
 EIGRP – Enhanced Interior Gateway Routing Protocol, Cisco innovation (Distance Vector
Routing)

Layer 3 – Network
 Router Redundancy Protocols
 Fault tolerance for default gateways
 Examples:
 VRRP – Virtual Router Redundancy Protocol, IETF Standards
 HSRP – Hot standby Router Protocol , Cisco innovation
 GLBP – Gateway Load Balancing Protocol , Cisco innovation
Catalyst
3750X/3850 Switch
Stack
HSRP
Active
HSRP
standby
Stratix®

Layer 3 – Network
EN2TR Example
EN2TR web page
ARP Table
EN2TR web page
IP Statistics
Logix Designer
EN2TR Properties
Port Diagnostics

Layer 3 – Network
 Standard IPv4
 Transmission types: unicast, multicast and “IP directed-broadcast”
 Routing
 Connected, Static and Dynamic
 TTL
 Unicast - 64
 Multicast - 1
 Layer 3 service example
 QoS – ToS - DSCP
ID Offset TTL Proto HCS IP SA IP DA DataLen
Version
/Len
ToS
Byte IPv4 Packet

OSI Layer 4

Layer 4 – Transport
Segment
 This layer provides transparent transfer of data between end systems, or devices and
is responsible for end-to-end error recovery and flow control.
 User Datagram Protocol - UDP
 Provides applications with access to the
network layer without the overhead of
reliability mechanisms
 Operates as a connectionless protocol
 Provides limited error checking
 Provides best-effort delivery
 Provides no data recovery features
 Transmission Control Protocol – TCP
 Access to the network layer for applications
 Connection-oriented protocol
 Full-duplex mode operation
 Reliable delivery – acknowledgement of receipt
 Session multiplexing
 Error checking, data recovery features
 Segmentation, sequencing of data packets
 Flow control

Segment
 User Datagram Protocol - UDP
 Connectionless/best effort
 Does not use acknowledgements
 IP - Unicast and Multicast
 CIP™
 Class 1 (Implicit) I/O and personal computer connections
 Port 2222
 Transmission Control Protocol - TCP
 Connection-oriented, end-to-end reliable transmission
 Uses acknowledgements (ACK) to help confirm reliable delivery
 IP - Unicast
 CIP
 Class 3 (Explicit) messaging such as Operator Interface
 Port 44818
UDP Header
TCP Header

Segment
 Well-know ports – assigned by IANA
http://www.iana.org/assignments/port-numbers
Application Port Type Value Description
FTP-Data TCP 20 File Transfer Protocol (data port)
FTP TCP 21 File Transfer Protocol (control port)
SSH TCP 22 Secure Shell
Telnet TCP 23 RFC 854 Telnet
SMTP TCP 25 Simple Mail Transport Protocol
HTTP TCP 80 Hyper Text Transfer Protocol
HTTPS TCP 443 HTTP over SSL
DNS TCP/UDP 53 Domain Name System
TFTP UDP 69 Trivial File Transfer Protocol
SNMP UDP 161 Simple Network Management Protocol

Communications
Module
TCP connections CIP Connections
1756-ENBT 64 128
1756-EN2T 128 256
1756-EN2TR 128 256
1756-EN3TR 128 256
1756-EN2F 128 256
ENET-UM001G-EN-P EtherNet/IP Modules in Logix5000™ Control
Systems…provides connection and packet rate specs for modules
ControlLogix® Module connection support (partial list)

EN2TR Example
EN2TR web page
Diagnostic Overview
EN2TR web page
TCP Connection
EN2TR web page
UDP Statistics

 Standard IETF TCP and UDP
 Standard IETF TCP and UDP Port Usage
UDP Header
TCP Header

OSI Layer 7

Layer 7 – Application
Common Industrial Protocol
Bonjour?
Hi.
I’m great.
Hello.
How are you?Guten tag?
PLANT/SITE
MACHINE/SKID
• Standard IEEE 802.3/802.1 Ethernet
• Standard IETF TCP/IP Protocol Suite
• Common Network Services
• Common Industrial Protocol

Common Industrial Protocol
• CIP uses object modeling to describe devices
• Device Profiles define the communication
view of a device
• Electronic Data Sheets (EDS)

CIP – Object Modeling - Example
Object (Class): Discrete Input
Instances
Attributes
Value:
Status:
Off_On Delay
On_Off Delay
Channel 0 Channel 7
1
0
20
15
0
1
20
15
• • • • • • • • •
I/O Device

CIP Objects
 Connection Objects model the communication characteristics of a particular application
to application(s) relationship
 In EtherNet/IP these are actually several objects
Connection
Device #2Device #1
“Connection
Objects”
“Connection
Objects”
Application
Object
Application
Object
Sensor
Actuator Controller

CIP Safety
Layer 7 - Application
 CIP™ Extension - IEC 61508 – SIL 3 and EN 954-1 - Cat 4
 High-integrity Safety Services and Messages for CIP
 Data redundancy - data sent twice (actual & inverted)
 Safety CRC redundancy – actual & inverted
 End-to-end Safety CRCs - individual CRCs for data (actual & inverted)
and overall message
 Every packet is time stamped
 Two behaviors must be implemented:
 Real-time transfer of safety data
 Safety Validator Object
 Client (Device producing safety data)
 Server (Device consuming safety data)
 Safety Messages
 Configuration of safety devices
 Safety Supervisor Object

CIP Safety
Safety I/O
Safety I/O
Safety I/O
Instrumentation
I/O
Safety Controller
Safety Controller
Controller
Camera
HMI
VFD
Stratix® FactoryTalk®
Server

CIP Sync
 CIP™ Extension
 Defines time synchronization services and object for CIP Networks
 Allows distributed control components to share a common notion of time
 Implements IEEE-1588 precision clock synchronization protocol
 Referred to as Precision Time Protocol (PTP)
 Provides +/- 100 ns synchronization (hardware-assisted clock)
 Provides +/- 100 µs synchronization (software clock)
 Time Synchronized Applications such as:
 Input time stamping
 Alarms and Events
 Sequence of Events (SOE)
 First fault detection
 Time scheduled outputs
 Coordinated Motion
FTP HTTP OPC SNMP
IP
IEEE 802.3 Ethernet
OSPF ICMP IGMP
RARPARP
UDP
CIP
TCP
Layer 1-2
Layer 3
Layers 5-7
Layer 4
Synchronized
Clock Value
Optional
Hardware
Assist
1588

Integrated Motion on the EtherNet/IP
 Traditional motion control
approach
 Network Scheduling (time-slot)
 Integrated Motion on
EtherNet/IP network approach
 Pre-determined Execution Plan for
position path, which is based on a
common understanding of time
between the motion controller and
drives… where to be
and at what time

Integrated Motion on the EtherNet/IP
• CIP™ Extension
• Controller and Drive Profiles
• Motion Axis Object
Safety I/O
Safety I/O
Controller
Safety Controller
I/O
Camera Servo drive
Instrumentation
VFD
HMI
Controller

CIP Security
 CIP™ Extension
 Endpoint Hardening
 Connections between Trusted Endpoints
 Reject data that has been altered (integrity)
 Reject messages send by untrusted people or
untrusted devices (authenticity)
 Reject messages that request actions that are
not allowed (authorization)
 Confidentiality through Data Encryption

EN2TR Example
EN2TR web page
Diagnostic Overview
EN2TR web page
Diagnostic Overview
RSLinx® Classic - EDS
RSLinx® Classic
EN2TR Diagnostics
Connection Manager

Application Requirements
Network Technology Convergence - Performance
Source: ARC
Advisory Group
Function
Information
Integration,
Slower Process
Automation
Time-critical
Discrete Automation
Motion Control
Communication
Technology .Net, DCOM, TCP/IP Industrial Protocols - CIP
Hardware and Software
solutions, e.g. integrated motion
on the EtherNet/IP network, PTP
Period 10 ms to 1000 ms 1 ms to 100 ms 100 µs to 10 ms
Industries Oil & Gas, chemicals,
energy, water
Auto, Food & Beverage,
semiconductor,
metals, pharmaceutical
Subset of discrete automation
Applications Pumps, compressors,
mixers, instrumentation
Material handling, filling,
labeling, palletizing, packaging
Printing presses, wire drawing,
web making, pick & place
What is real-time? What is resilient? What is secure?
 Application dependent ….. only you can define what this means for your application.

Network Technology Convergence
Single Industrial Network Technology - Performance
IEEE 802.3 Ethernet @ 100 Mbps, full-duplex, Switched Network
 1 bit = 10 ns (1 byte = 80 ns)
 Ethernet frame size varies from
 Short frame - 64 bytes = 512 bits
 Long frame - 1518 bytes = 12144 bits
 Some of the Ethernet frame is counted separately
 Preamble and Start Frame Delimiter (SFD) = 64 bits
 Interframe Gap = 96 bits
 Theoretical throughput for Ethernet @ 100 Mbps, full-duplex, Switched Network
 Short frame with 64 bytes ≈ 148,000 frames/second
 Long frames with 1518 bytes ≈ 8,000 frames/second

Network Technology Convergence
Single Industrial Network Technology - Performance
EtherNet/IP @ 100 Mbps (IEEE 802.3 Ethernet ), full-duplex, Switched Network
 Total header size for an EtherNet/IP I/O frame is 64 bytes
 EtherNet/IP implicit message connection adds 18 bytes
 User Datagram Protocol adds 8 bytes
 Internet Protocol adds 20 bytes
 Ethernet Protocol adds 18 bytes
 Frame length (short frame) for an EtherNet/IP implicit message is:
 64 byte + I/O data size (bytes)
 Typical I/O data size for implicit messages are < 36 bytes
Theoretical throughput for EtherNet/IP @ 100 Mbps, full-duplex, Switched Network
 Typical I/O frame size (64 byte + 36 byte I/O data) ≈ 104,000 frames/second
 Maximum I/O frame size (64 byte + 511 byte I/O data) ≈ 21,000 frames/second
 Normal CIP Forward_Open

 Controller exchanges 36 bytes of I/O
data with 10 I/O Adapters with a 1 ms
Requested Packet Interval (RPI)
 RPI = 1 ms
 1,000 frames/second in each direction
 Each I/O Adapter must be able to:
 Consume 1,000 frames/second
 Produce 1,000 frames/second
 The Controller must be able to:
 Consume 10,000 frames/second
 Produce 10,000 frames/second
 Design considerations
 Size the Controller
 Communication Speed
 Maximum # of Adapters (CIP Connections)
 Minimum RPI (how fast)
 Maximum I/O Data Size per RPI
 Size the Adapters
 Minimum RPI (how fast)
 Maximum I/O Data Size per RPI
 Physical Environment – e.g. EMI
Interference for Copper Media
 Speed / Duplex (potential mismatch)
 Network Infrastructure Latency and Jitter
Sizing and Selection of Devices
Theoretical EtherNet/IP Performance Example
This represents about 10% of
the total network bandwidth

Industrial Automation and Control System
(IACS) Network Architectures

IACS Network Architectures
 Isolated Network with Single Controller (ODVA)
 Examples
 Equipment Builder Solution
(Machine or Process Skid)
Star
Linear
HMI
I/O I/O
VFD
Drive
HMI
I/O
I/O
Instrumentation
VFD
DriveHMI
I/O
I/O
VFD
Drive
VFD
Drive
Instrumentation
VFD
Drive
Ring
Controller
Servo
Drive
Controller
Controller
Servo
Drive

 Isolated Network with Multiple Controllers (ODVA)
 Examples
 Integrated Equipment Builder Solutions
 Single Cell/Area Zone, Multiple
Machines/Lines or Skids/Areas
Stratix®
Star
Ring
Linear
VFD
Drive
I/O I/O
VFD
Drive
HMI I/O
I/O
Instrumentation
Controller
VFD
DriveHMI
I/O
I/O
Servo
Drive
VFD
Drive
VFD
Drive
Controller
Controller
Servo
Drive

 Connected and Integrated Control System (ODVA)
 Example - Integrated Equipment Builder Solutions or End User Plant-wide / Site-wide Network
 Single Cell/Area Zone, Multiple Machines/Lines, Multiple Skids/Areas
VFD
Drive
HMI
Stratix®
DLR
Class 1 & 3
Camera
Safety
Controller
Servo
Drive
I/OSafety I/O
Camera
Controller
VFD
Drive
HMI
HMI
I/O
Controller
I/O
Controller
I/O
Industrial Zone
Levels 0-3
VLAN 17
Subnet 10.17.10.0/24
VLAN 10
Subnet 10.10.10.0/24
VLAN 16
Subnet 10.16.10.0/24
Convergence-Ready

Reliable, Safe and Secure Architectures for The Connected Enterprise
Operational Technology
Industrial IoT
Industrial IT
Information Technology
Physical or Virtualized Servers
• FactoryTalk® Application Servers and
Services Platform
• Network & Security Services – DNS,
AD, DHCP, Identity Services (AAA)
• Storage Array
Remote
Access
Server
• Patch Management
• AV Server
• Application Mirror
• Remote Desktop Gateway Server
Distribution
Switch Stack
Cell/Area Zone - Levels 0–2
Redundant Star Topology - Flex Links Resiliency
Unified Wireless LAN
(Lines, Machines, Skids, Equipment)
Linear/Bus/Star Topology
Autonomous Wireless LAN
Industrial
Demilitarized Zone
(IDMZ)
Enterprise Zone
Levels 4-5
Industrial Zone
Levels 0–3
(Plant-wide Network)
Core
Switches
Phone
Controller
Camera
Safety
Controller
Soft
Starter
Ring Topology - Device Level Ring (DLR) Protocol
Unified Wireless LAN
Plant Firewalls
• Active/Standby
• Inter-zone traffic segmentation
• ACLs, IPS and IDS
• VPN Services
• Portal and Remote Desktop Services proxy
Safety
I/O
Instrumentation
Level 3 - Site Operations
(Control Room)
HMI
Active
AP
SSID
5 GHz
WGB
Safety
I/O
Controller
WGB
LWAP
SSID
5 GHz
WGB
LWAP
Controller
LWAP
SSID
2.4 GHz
Standby
Wireless
LAN Controller
(WLC)
Cell/Area Zone
Levels 0–2
Cell/Area Zone
Levels 0–2
Drive
Distribution
Switch Stack
Wide Area Network (WAN)
Data Center - Virtualized Servers
• ERP - Business Systems
• Email, Web Services
• Security Services - Active Directory (AD), Identity Services (AAA)
• Network Services – DNS, DHCP
• Call Manager
Enterprise
Identity Services
Identity Services
External DMZ/
Firewall
Cloud
Access
Switches
Access
Switches
IFW
IFW
Drive I/O Drive I/O
I/O I/O I/O Robot
Servo
Drive

Site-to-Site VPN Connection
 Broad geographic area
 WAN Examples:
 Point-to-Point Link – PSTN Leased Lines – T1, E1
 Circuit Switching - ISDN
 Packet Switching - Frame Relay, Broadband DSL, Broadband Cable
 Higher Latency
 Use case examples – HMI and Data Collection
WAN
PSTN
Remote Site Plant Site

Site-to-Site VPN Connection
Enterprise-wide
Business Systems Enterprise Zone
Levels 4-5
Data Center
• FactoryTalk® Application Servers & Services Platform
• Network Services – e.g. DNS, AD, DHCP, AAA
• Remote Access Server (RAS)
• Storage Array
IDMZ - Level 3.5
Plant-wide / Site-wide
Operation Systems
Site-to-Site
Connection
Remote Site #1
Skid / Machine
Local
Skid / Machine #1
Industrial Zone
Levels 0 – 3
(Plant-wide Network)
Level 3 - Site Operations
(Control Room)
Cell/Area Zone - Levels 0-2
Ring Topology - Resilient Ethernet Protocol (REP)
Local
Skid / Machine #2

EtherNet/IP Advantage Summary
 Single industrial network technology for:
 Multi-discipline Network Convergence - Discrete, Continuous Process, Batch, Motor, Safety,
Motion, Power, Time Synchronization, Supervisory Information, Asset Configuration/Diagnostics
 Established
 Risk reduction – broad availability of products, applications and vendor support
 ODVA: Cisco Systems, Endress+Hauser, Rockwell Automation® are principal members
 Supported – Conformance testing, defined QoS priority values for EtherNet/IP devices
 Standard – IEEE 802.3 Ethernet and IETF TCP/IP Protocol Suite
 Enables convergence of OT and IT – common toolsets (assets for design, deployment and
troubleshooting) and skills/training (human assets)
 Topology and media independence – flexibility and choice
 Device-level and switch-level topologies; copper - fiber - wireless
 Portability and routability – seamless plant-wide / site-wide information sharing
 No data mapping – simplifies design, speeds deployment and reduces risk

Additional Material

Additional Material
Network Architecture Icon Key
Layer 2 Access Link (EtherNet/IP Device Connectivity)
Layer 3 Link
Layer 2 Access Switch, Catalyst 2960
Multi-Layer Switch - Layer 2 and Layer 3,
Layer 3 Router, Stratix® 5900
Autonomous Wireless Access Point (AP),
Stratix® 5100 as Autonomous AP
Layer 2 IES with NAT, Stratix® 5700, Stratix® 5400
Layer 2 IES with NAT and Connected Routing,
Stratix® 5700, Stratix® 5400
NAT
NAT - CR
Layer 3 Distribution Switch Stack,
Catalyst 3750-X, Catalyst 3850
Layer 3 Core Switch,
Catalyst 4500, 4500-X, 6500, 6800
Layer 3 Core Switch with Virtual Switching System (VSS)
Catalyst 4500-X, 6500, 6800
Firewall, Adaptive Security Appliance (ASA) 55xx
Wireless workgroup bridge (WGB),
Stratix® 5100 as workgroup bridge (WGB)
Unified Wireless Lightweight Access Point (LWAP),
Catalyst 3602E LWAP
Unified Wireless LAN Controller (WLC), Cisco 5508 WLC
Unified Computing System (UCS), UCS-C series
Identity Services Engine (ISE) for Authentication,
ISE - PAN/PSN/MnT
Layer 2 Access, Industrial Ethernet Switch (IES),
Stratix® 2500, Stratix® 5700, Stratix® 5400, Stratix® 8000IES IFW
Layer 3 Router with Zone-based Firewall, Stratix® 5900
Industrial Firewall, Stratix® 5950

 Website:
 http://www.odva.org/
 EtherNet/IP
 https://www.odva.org/Technology-
Standards/EtherNet-
IP/OverviewSecuring EtherNet/IP™
Networks
 EtherNet/IP Network
Infrastructure Guide
 https://www.odva.org/Portals/0/Library
/Publications_Numbered/PUB00035R
0_Infrastructure_Guide.pdf
 Common Industrial Protocol (CIP)
Standards/Common-Industrial-Protocol-
CIP/Overview
 The Family of CIP Networks
 https://www.odva.org/Portals/0/Library/Public
ations_Numbered/PUB00123R1_Common-
Industrial_Protocol_and_Family_of_CIP_Net
works.pdf
 CIP Security
Standards/Common-Industrial-Protocol-
CIP/CIP-Security
Additional Material
ODVA

Additional Material
CPwE Architectures - Cisco and Rockwell Automation®
 CPwE website
 Overview Documents
 Alliance Profile
 Top 10 Recommendations for
Plant-wide EtherNet/IP
Deployments
 Design Considerations for
Securing Industrial Automation
and Control System Networks

Additional Material
CPwE Architectures - Cisco and Rockwell Automation®
Topic Design Guide Whitepaper
Design Considerations for Securing IACS Networks N/A ENET-WP031A-EN-P
Converged Plantwide Ethernet – Baseline Document ENET-TD001E-EN-P N/A
Resilient Ethernet Protocol in a CPwE Architecture ENET-TD005B-EN-P ENET-WP033A-EN-P
Deploying 802.11 Wireless LAN Technology within a CPwE Architecture ENET-TD006A-EN-P ENET-WP034A-EN-P
Deploying Identity Services within a CPwE Architecture ENET-TD008A-EN-P ENET-WP037A-EN-P
Securely Traversing IACS Data Across the Industrial Demilitarized Zone (IDMZ) ENET-TD009A-EN-P ENET-WP038A-EN-P
Deploying Network Address Translation within a CPwE Architecture ENET-TD007A-EN-P ENET-WP036A-EN-P
Migrating Legacy IACS Networks to a CPwE Architecture ENET-TD011A-EN-P ENET-WP040A-EN-P
Deploying A Resilient Converged Plantwide Ethernet Architecture ENET-TD010A-EN-P ENET-WP039B-EN-P
Site-to-site VPN to a CPwE Architecture ENET-TD012A-EN-P N/A
Deploying Industrial Firewalls within a CPwE Architecture ENET-TD002A-EN-P ENET-WP011B-EN-P
Deploying Device Level Ring within a CPwE Architecture ENET-TD015A-EN-P ENET-WP016A-EN-P

 Ethernet Design Considerations
Reference Manual
 ENET-RM002C-EN-P
 EtherNet/IP Overview, Ethernet
Infrastructure Components, EtherNet/IP
Protocol, Predict System Performance
 EtherNet/IP IntelliCENTER®
Reference Manual (MCC-RM001)
 The OEM Guide to Networking
 ENET-RM001A-EN-P
 This guide is intended to help OEMs
understand relevant technologies, networking
capabilities and other considerations that
could impact them as they develop
EtherNet/IP solutions for the machines, skids
or equipment they build
 Segmentation Methods Within the
Cell/Area Zone ENET-AT004B-EN-E
Additional Material
Rockwell Automation® Reference Documents

 Integrated Architecture® Builder (IAB)
 Updates and additions to better-reflect
CPwE structure, hierarchy and best
practices
 Improved Switch Wizard for distribution
(e.g. Stratix® 5410) and access (e.g.
Stratix® 5700)
 Easier to create a large EtherNet/IP
network with many topologies
 CIP traffic is measured per segment, not
just controller scanner and adapter centric
 EtherNet/IP Capacity Tool
 Popular Configuration Drawings
(PCDs)
 Updates and additions to better reflect
CPwE recent enhancements
Additional Material
Rockwell Automation® Automaton Tools

Training Resources

Training Resources
Education - Industrial IoT / Industrial IT (Bridging OT-IT)
 A ‘go-to’ resource for training and educational
information on standard Internet Protocol (IP),
security, wireless and other emerging technologies
for industrial applications
 Led by Cisco, Panduit, and Rockwell Automation®
 Receive monthly e-newsletters with
articles and videos on the latest trends
 Scenario-based training on topics such as: logical
topologies, protocols, switching, routing, wireless and
physical cabling
Network Design eLearning course available at promotional price for TechEd Attendees!
Earn PDHs by signing up today at www.industrial–ip.org with code “EVENTS2017”

Training Resources
Four eLearning courses cover key aspects of implementing networked, industrial
control systems. 20-30 minute interactive, scenario-based courses cover automation
controls and physical infrastructure considerations.

Training Resources
 Courses 1 and 2: Designing for the Cell/Area Zone
 Design secure, robust, future-ready networks for cells, machines, skids and other functional units
by implementing reference architectures and standard IP.
 Course 3: Designing for the Industrial Zone
 Learn design principles on line integration, high-availability networks and wireless architectures to
optimize plant networks.
 Course 4: IT/OT Integration
 Understand how to effectively converge a smart manufacturing facility with IT and OT
stakeholders.
EtherNet/IP Topologies Security Wireless

Training Resources
Training and Certification – Industrial IoT / Industrial IT (Bridging OT-IT)
• Cisco Industrial Networking
Specialist Training and
Certification
– Classroom training
• Managing Industrial Networks with
Cisco Networking Technologies
(IMINS)
– Exam: 200-401 IMINS
– CPwE Design Considerations
and Best Practices
• CCNA Industrial Training and
Certification
– Classroom training
• Managing Industrial Networks for
Manufacturing with Cisco
Technologies (IMINS2)
– Exam: 200-601 IMINS2
– CPwE Design Considerations
and Best Practices

Training Resources
Training and Certification – Industrial IoT / Industrial IT (Bridging OT-IT)
Industrial Networking Specialist
Module 1
Industrial Networking Solutions and
Products
Module 2
Industrial Network Documentation and
Deployment Considerations
Module 3
Installing Industrial Network Switches,
Routers, and Cabling
Module 4 Deploying Industrial Ethernet Devices
Module 5
Maintaining Industrial Ethernet
Networks
Module 6
Troubleshooting Industrial Ethernet
Networks
CCNA Industrial
Module 1
Industrial Networking Concepts and
Components
Module 2 General Troubleshooting Issues
Module 3 EtherNet/IP
Module 4 Troubleshooting EtherNet/IP
Module 5 PROFINET
Module 6 Configuring PROFINET
Module 7 Troubleshooting PROFINET
Module 8 Exploring Security Concerns
Module 9 802.11 Industrial Ethernet Wireless Networking

Training Resources
Rockwell Automation® - Webinars
 Industrial Automation Webinars
 On Demand Webinars
 Introduction to Building a Robust, Secure and Future-ready Network
Infrastructure
 Increase Business Agility by Converging Manufacturing and
Business Systems
 The Power of Building a Secure Network Infrastructure
 Design Considerations for Building a Secure Network Infrastructure

Training Resources
Cisco Training & Certifications
ICND1 ICND2
Cisco
Certification
Track

Complete A Survey
Please take a moment to complete the brief session survey
on our mobile app and let us know how we’re doing!
Username: Last name
Password: Email address used to register
 Locate the session in the “Schedule” icon
 Click on the “Survey” icon in the lower right corner of the session details
 Complete survey & submit
 Download the ROKTechED app and login:
Thank you!

www.rockwellautomation.com
PUBLIC
Copyright © 2017 Rockwell Automation, Inc. All Rights Reserved. 115Rockwell Automation TechED 2017 @ROKTechED #ROKTechED
Converged Plantwide Ethernet (CPwE) Architectures
Fundamentals of EtherNet/IP
Networking Technology

Fundamentals of EtherNet/IP Network Technology

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Fundamentals of EtherNet/IP Network Technology

Similar to Fundamentals of EtherNet/IP Network Technology (20)

More from Rockwell Automation

More from Rockwell Automation (20)

Recently uploaded

Recently uploaded (20)

Fundamentals of EtherNet/IP Network Technology