Ensure that only reliable networks are set up in your systems by listening to our short Webinar teaching you all about the basics of industrial ethernet communications and computer networking. Starting from the ground up, this presentation covers the basics of how network connections work, and how one computer talks to another.
2. 2
Overview
Team Introduction
Introduction to Westermo
Industrial Networking Introduction and Considerations
Physical Layers
How does Ethernet Handle Data?
Switching and Layer 2
Routing and Layer 3
Firewalls
Tying it all together
Further Learning
4. 4
Who is Westermo 2021
Founded in 1975
No. of employees: 250
14% R&D
Extensive IPR portfolio for key
technologies
Recent Aquistions:
Naretech Solutions AG – June 2019
Virtual Access – November 2019
Eltek – April 2021
Flexible production with state of the
art process control
Sales and support units in 12
countries, distributors in another 36
Member of the Beijer Electronics
Group
5. 5
Industrial Networking Introduction
Operate on the “Edge”
Likely interfaces with the core network
Completely different considerations
Environmental
Noise
Legacy Cabling
Focuses on “LAN” type networking
Many Physical Layers (Layer 1)
MAC Addresses (Layer 2)
IP Addresses (Layer 3)
Firewalls (Layer 3 and 4)
7. 7
Tough Physical Environments
Hot
+70 c
Cold
-40 c
Dusty
No fans to pull in dirt
Wet
Environmental ratings as high as IP67
Shock and Vibration
“Core Networking” devices won’t cut it
Requires devices designed to live in these places
8. 8
Noisy Environments and Old Cables
High levels of Electromagnetic Noise
Extreme spikes
High average noise (Noise Floor)
Cables installed for legacy systems
RS 232/422/485
LonWorks
New cables cost prohibitive
Fiber or Cat 5,6,7 is rare
Requires a “Media Conversion”
9. 9
Physical Mediums
Fiber optic is the best choice
Expensive to install
Relatively rare in brown field applications
Cat 5,6,7
Ethernet Compliant
Legacy cabling
Installed for legacy systems
Non-Ethernet compliant
Often not shielded
Maybe twisted pair, maybe not (50/50)
Coax
10. 10
More Physical Mediums
PLC
Extreme environments
Cable sharing
Shorter Distances
300 m
Higher Speeds
70 Mbit/s
Wireless (WiFi)
Only option sometimes
Can be affected by high noise floors
Media Conversions (Legacy Cables)
SHDSL
Long distances (15 km)
High noise resilience
Limited Speed
15.3 Mbit/s
30.6 Mbit/s with bonding
12. 12
OSI Model Overview
• Stands for Open Systems Interconnection Model.
• Consists of 7 layers that explains how data
interchange occurs.
• Layers are named based on what they manage, with
each layer working with a different form of data.
• Each layer only interacts with the layers immediately
above and below it.
13. 13
Physical and Data Link Layers
Layers 1 and 2
• The Physical Layer refers to the physical medium through which data communication occurs.
• Includes Copper, Fiber, even Air as a wireless medium.
• Focuses on the conversion of binary 1 and 0s (bits) into a signal.
• Outlines the method for node-to-node data transfer, a link over which data is transferred.
• The layer establishes and terminates connections between two physically connected devices.
• MAC Addresses are assigned at this layer, with any physical Network Interface Card (NIC) receiving a
standardized MAC address for all communications.
14. 14
Network and Transport Layers
Layers 3 and 4
• The Network Layer provides the means to transfer packets from one node to another, located in different
networks.
• Assigns a logical address of nodes (IP Address).
• Path determination, or Routing is enforced. Many protocols were created to cover many different network types.
• Transport layer covers how to transfer data from source to host while maintaining the Quality of Service (QoS).
• Reliability is maintained through flow control and error checking.
• Acknowledges failures in sent data and resend lost packets to ensure communications are not lost.
• Firewalls exist between layers 3 and 4.
15. 15
The Application Layers
Layers 5 through 7
• The top 3 layers are referred to as the “Application Layers”.
• Application is the highest layer in the OSI model, and the
layer closest to the end user. This layer interacts directly
with the software applications.
• The Presentation layer works between the Application and
Session layers to translate between data the application
uses, to data that can span the network.
• The Session Layer manages connections between
computers. This layer establishes and terminates
connections between applications.
19. 19
Introduction To Network Switching
In network communications, traffic between nodes can result in collisions of packets,
rendering information useless.
Hubs expand these collision domains, adding more chances of mangled packets.
Switches segment the collision domain between the node and the switch by directing
traffic to only go to the intended recipient rather than over broadcast.
All data is sent through “Frames”, which list the Source and Destination MAC Address.
Switches learn the MAC Addresses of the connected nodes.
VLANs can be implemented to add security and further segment a network in Layer 2
Switching.
Protocols such as Spanning Tree Protocol and FRNT add redundancy to switched
networks while avoiding broadcast storms.
20. 20
Hub vs Switch
A
D
B
C
• With a Hub, all traffic is broadcasted (sent to all
connected nodes) regardless of destination.
21. 21
Hub vs Switch
A
D
B
C
• The Switch only sends traffic to the intended recipient
based on information in the Frame.
22. 22
Switching and Frames
In a Layer 2 Environment, all data is sent in the form of Frames.
Frames are a type of data transmission unit containing a single network packet.
Destination
Address
Source
Address
VLAN Tag Type Data FCS
• Destination Address: The physical address of where the frame is going.
• Source Address: The physical address of where the frame came from.
• VLAN Tag: Information that specifies what VLAN the frame belongs to.
• Type: Specifies the protocol type of network, typically Ethernet.
• Data: The payload including all the data and information requested.
• FCS: Frame Check Sequence, or error checking.
23. 23
MAC Addresses
Media Access Control Address is a unique identifier assigned to every Network Interface
Controller.
Also known as a “Physical Address” or “Ethernet Hardware Address"
6 pairs of hexadecimal values or Octets, separated by “ : ”
Made up of 2 parts: OUI and NIC Specific
OUI (Organizationally Unique Identifier) is first 3 octets of MAC Address
Denotes a manufacturer of NIC or node
NIC Specific are remaining 3 octets that are a unique number given to each device.
EC:B1:D7:9A:E9:D2
OUI NIC Specific
24. 24
MAC Address Table
Switches automatically build tables assigning MAC addresses to ports.
When a frame is received it holds the Source MAC address.
The switch then assigns the port the frame came through to that MAC address.
Also uses the VLAN Tag portion of the frame to assign the VLAN the port belongs to.
VLAN MAC Address Port
1
1
10
10
00:07:91:21:23:8C
00:12:9E:5C:EE:D7
00:1D:9D:5D:37:55
00:20:2E:3B:24:76
Fa0/1
Fa0/2
Fa0/3
Fa0/4
25. 25
VLANs
VLAN, or Virtual LAN, or Virtual Local Area Network segments a single broadcast domain.
Several physical devices can all share the same network while being separated by VLAN
software controls.
“Pipes inside a pipe”
Adds security, performance, and can organize a complex network.
Frames are tagged with a VLAN ID to define what VLAN they belong to.
VLANs can be configured to apply to either a physical port on the switch (Static VLAN) or
to all traffic coming from a specific MAC address (Dynamic VLAN).
27. 27
Layer 2 Redundancy
When learning MAC Addresses, a switch broadcasts all traffic for the first time.
These broadcasts can propagate and flood the network in a “Broadcast Storm” when a
loop is made between multiple switches.
Protocols exist such as Spanning Tree Protocol (STP) and Fast Reconfiguration of Network
Topology (FRNT) that automatically disable a link to prevent Broadcast Storms and only
enable it when another link is detected to go down.
In networks without these protocols configured, it’s very important to avoid looping the
network.
36. 36
Overview
IP Addressing, Subnets and Ports
Basics of Routing
Firewalls
Tying it all together
Address Resolution Protocol (ARP)
37. 37
IP Addressing
IP Addresses
Not burned into the hardware
Divided into 4 octets
Required for any IP routing functions
IPv4 still most common in industrial
IPv6 becoming more common in core networks
Private vs. Public Addresses
192.168.0.0 – 192.168.255.255
172.16.0.0 – 172.31.255.255
10.0.0.0/8 – 10.255.255.255
38. 38
Subnetting
Defined by a Subnet Mask
32 bit number like an IP Address
Used to logically divide IP Networks
Segregates a physical network into smaller logical subnetworks
A “filter” of sorts
Helps a device determine if the host it wishes to reach is in the same
network
Controls how many hosts can be on a network
Requires a router to communicate across subnets
39. 39
Ports
The “room number” at the hotel
Paired with an IP Address
192.168.1.1:80
Many network applications running on the same computer
Each application would be “bound” to a port
Web Server : 80
SSH : 22
FTP : 21
40. 40
Routing Basics
Allows communications between subnets or VLANs
Device 1 wants to talk to Device 2
Device 1 will calculate that Device 2’s IP address is outside of its subnet.
Device 1, who’s default gateway is the router, sends the packet to the router.
The router will realize that Device 2 lives on VLAN2 and will route the packet to Device 2 on that
subnet.
If the communications are 2 way, the exact same thing happens in reverse from Device 2.
Device 1
192.168.0.100
255.255.255.0
Device 2
10.2.1.50
255.0.0.0
VLAN1 VLAN2
VLAN1: 192.168.0.1
VLAN2: 10.0.0.1
41. 41
Firewalls
Controls what data can enter or leave a network
Work on a “deny by default” policy
Only traffic that is explicitly allowed is passed thru the firewall
Different kinds
Port Based
Port 80 is allowed in
Host Based
10.0.1.2 is allowed
10.0.0.0/24 is allowed
Deep Packet Inspection
Looks at the data in a packet
Requires a lot of “horsepower”
Generally standalone appliance
42. 42
Address Resolution Protocol
The glue that ties Layer 2 to 3
“Links” a MAC Address to an IP
Switches, Routers, Computers all rely on this. Any network device.
Expire after some time. Different from operating system to operating system.
Cleared after reboot.
When a device wants to send a message to a device that it’s never talked to, it will only
have it’s IP address. The device will send a layer 2 message to all devices asking, “who as IP
Address aaa.bbb.ccc.ddd”. If a device has that IP it will respond saying “IP Address
aaa.bbb.ccc.ddd is at MAC Address eee.fff.ggg.hhh”.
44. 44
44
Westermo Certified Training
Introduction to IP
Introduction to WeOS
Certified Engineer Switching
Certified Engineer Routing
Also Available Customer Tailored Training
https://www.westermo.us/support/academy
45. 45
45
Further Webinars
Redundant and Resilient Networks with Microsegmentation
Presentation in June
Focusing on Cybersecurity and how to configure and install a
secure network from the ground up
Redundancy protocols, how they work, as well as VPNs and other
services
We look forward to seeing you there!