Industrial Ethernet is widely used in manufacturing and other applications to connect devices including advanced controllers, PLCs, I/O and servo devices—using a wide variety of configurations and hardware. Industrial Ethernet is also used for connecting upper level enterprise, manufacturing, quality and historian applications to HMIs and cell controllers. All of these connections are implemented through physical networks and configurations defined by protocols.
Study Up on the Basics
Let’s start with cabling, the most basic part of an Ethernet network. Most commercial Ethernet devices are switches and can auto crossover (Auto-MDIX) and use crossover cabling, but not all industrial devices can. So, patch cables should be used for connecting end devices such as PLCs and HMIs to Ethernet switches, and crossover cables should be used to connect end devices together directly without a switch.
Cat5e or Cat6 cables are both good choices, and use shielded cable where possible, especially in applications where you would also shield analog cables.
Half duplex devices cannot transmit and receive at the same time. Full duplex, can which, offers considerable performance increases over half duplex, but can cost more.
Another not so basic Ethernet item that’s important to know exist is the Open System Interconnection (OSI) model. It defines the 7-layers of the Ethernet networking framework. Most of the lower layers such as physical medium, data link with MAC address, network with IP address are often common among devices and well established. However, upper layers such as session, presentation and applications are where things change. For example, application layer protocols such as Modbus TCP, EtherNet/IP and Profinet must be understood by each device in the network. A Modbus TCP device can’t talk directly to an EtherNet/IP device, and neither can talk to a Profinet device.
Managing Switches
Connecting Ethernet devices to a central point is done using both unmanaged and managed switches. With a small network of up to five devices covering a small area, an unmanaged Ethernet switch is a good, cost effective choice. However, for larger or high performance applications, a managed Ethernet switch is a much better choice.
There are many reasons to use a managed switch. One example is its use in a large EtherNet/IP industrial Ethernet application. EtherNet/IP uses multicast messages, and a managed switch can use IGMP snooping to intelligently route a multicast message to the correct port and device. It only sends the message to the port that needs the data, improving performance by reducing network traffic.
MAC and IP Addresses
The media access control (MAC) address is like the numbers on a mailbox. It’s the hard coded, physical address of a device. The Ethernet packet needs this address to enter the device. This address is not normally seen or entered because an Ethernet address resolution protocol (ARP) correlates it to an IP address automatically.
The IP or logical address is used to identify a devices network address and host address. The network address, like a street name, helps routers and switches know where to send messages. The host address identifies the device, like a house address. The subnet mask is used to define which part of the IP address is the network address and which is the host address. Anywhere a 1 is present corresponds to part of the network address.
A device can only send and receive Ethernet messages to other devices on its network as determined by the IP address and subnet mask. To communicate to another network, a router is used.
Getting Remote Access
Connecting two Ethernet networks together requires accessing devices through routers and firewalls. These connections start with Network Address Translation (NAT) which gives a facility a single public IP address so each device won’t need one. The router takes care of the translation of incoming and outgoing messages from and to the Internet.
Port numbers are used with these public IP addresses. Since the originating message doesn’t know the internal IP address of all devices, just the public one, port numbers are used to match up the response to the original message. Although the port number can point to an internal IP address, it’s not a very secure method because it’s an open port which can be accessed by a hacker.
A virtual private network (VPN) connection is much more secure, but takes more effort to set up. A VPN ties remote devices to a VPN router/firewall together like they are on the same local network. The connection is made through VPN router hardware or a VPN client software tool. When connected, the VPN server gives the remote device an IP address as if it was connected to the local network.
Extensive diagnostic information is available in a managed switch to help resolve network problems, and port mirroring and some free software makes it easily available. With port mirroring in a router, messages from one or more devices can be mirrored on a specific port. The messages can then me monitored and recorded by a free tool called Wireshark (www.wireshark.org). It’s a great tool to capture diagnostic data, which can then be sent to a protocol or network expert to help solve a problem quickly.
Much of the required industrial Ethernet functionality is built-in to controllers, HMIs and other devices. Start with the basics, get the physical connection, select the protocol and configure the devices. For more information, please see Applying Industrial Ethernet article in the Design World magazine, authored by Chris Harris, Team Lead – Technology Assistance Group at AutomationDirect.