Stratix工业以太网交换机产品选型手册

Stratix 5700Industrial Managed Ethernet SwitchThe wide deployment of EtherNet/IP™ in industrial automation means that there is a growing demand to manage the network properly.Integtrating new machine-level networks into an existing plant network requires convergence.With more devices connected on the same Ethernet network than ever before, an industrial managed switch can help you simplify your network infrastructure. Adding a managed switch to your network architecture can also help make the process of adding new machines easier. The Allen-Bradley® Stratix 5700™ is a compact, scalable Layer 2 managed switch with embedded Cisco technology for use in applications with small isolated, to complex networks. With integration into Studio 5000 Automation Engineering and Design Environment™, you canleverage FactoryTalk® View faceplates and Add-on Profiles for simplified configuration and monitoring.By choosing a switch co-developed by Rockwell Automation and Cisco, your Operations Technology (OT) and Information Technology (IT) professionals leverage tools and technology that are familiar to them. This collaboration can also help to reduce configuration time and cost.Features and Benefits:Advanced Networking Features• Integrated Device Level Ring (DLR) connectivity helps optimize the network architecture and provide consolidated network diagnostics • Integrated Network Address Translation (NAT) provides 1:1 IP address mapping helping to reduce commissioning time • Power over Ethernet (PoE) versions provide power to devices over Ethernet minimizing cabling • Security features, including access control lists, help ensure that only authorized devices, users and traffic can access the network • Secure Digital (SD) card provides simplified device replacementOptimized integration:• Studio 5000® Add-on Profiles (AOPs) enable premier integration into the Rockwell Automation Integrated Architecture® system • Predefined Logix tags for monitoring and port control • FactoryTalk® View faceplates enable status monitoring and alarming • Built-in Cisco® Internet Operating System (IOS) helps provide secure integration with enterprise networkDesigned and Developed for EtherNet/IP Automation ApplicationsNetwork Address TranslationMachine integration onto a plant network architecture can be difficult as machine builder IP-address assignments rarely match the addresses of the end-user network. Also, network IP addresses are often unknown until the machine is being installed. The Stratix 5700 with Network Address Translation (NAT) is a Layer 2 implementation that provides “wire speed” 1:1 translations ideal for automation applications where performance is critical.NAT allows for:• Simplified integration of IP-addressmapping from a set of local,machine-level IP addresses to theend user’s broader plant network• OEMs to deliver standard machinesto end users without programmingunique IP addresses• End users to more simply integratethe machines into the larger network192.168.1.4192.168.1.4MACHINE 1MACHINE 2Private Network Private NetworkSwitch Reference ChartAllen-Bradley Stratix 5700 Industrial Ethernet SwitchSwitch Selection TableFE - Fast Ethernet GE - Gigabit EthernetPublication ENET-PP005F-EN-E – April 2016Copyright ©2016 Rockwell Automation, Inc. All Rights Reserved. Printed in USA.Supersedes Publication ENET-PP005E-EN-E – March 2015EtherNet/IP is a trademark of the ODVA.Cisco is a trademark of Cisco Systems, Inc.Allen-Bradley, CompactLogix, Factory Talk, Integrated Architecture, Kinetix, LISTEN. THINK. SOLVE., Powerflex, Rockwell Automation, Rockwell Software, Stratix 5700, Studio 5000, Studio 5000 Automation Engineering and Design Environment are trademarks of Rockwell Automation, Inc.Glossary of TermsAccess Control Lists allow you to filter network traffic. This can be used to selectively block types of traffic to provide traffic flow control or provide a basic level of security for accessing your network.CIP port control and fault detection allows for port access based on Logix controller program or controller mode (idle/fault). Allows secure access to the network based on machine conditions.CIP SYNC (IEEE1588) is the ODVAimplementation of the IEEE 1588 precision time protocol. This protocol allows very high precision clock synchronization across automation devices. CIP SYNC is an enabling technology for time-critical automation tasks such as accurate alarming for post-event diagnostics, precision motion and high precision first fault detection or sequence of events.Device Level Ring (DLR) allows direct connectivity to a resilient ring network at the device level.DHCP per port allows you to assign a specific IP address to each port, confirming that the device attached to a given port will get the same IP address. This feature allows for device replacement without having to manually configure IP addresses.Encryption provides network security by encrypting administrator traffic during Telnet and SNMP sessions.EtherChannel is a port trunking technology. EtherChannel allows grouping several physical Ethernet ports to create one logical Ethernet port. Should a link fail, the EtherChannel technology will automatically redistribute traffic across the remaining links.Ethernet/IP (CIP) interface enables premier integration to the Integrated Architecture with Studio 5000 AOP , Logix tags and View Faceplates.FlexLinks provides resiliency with a quick recovery time and load balancing on a redundant star network.IGMP Snooping (Internet Group Management Protocol) constrains the flooding of multicast traffic by dynamically configuring switch ports so that multicast traffic is forwarded only to ports associated with a particular IP multicast group.* Separate SW IOS requiredKey Software FeaturesMAC ID Port Security checks the MAC ID of devices connected to the switch to determine if it is authorized. If not the device is blocked and the controller receives a warning message. This provides a method to block unauthorized access to the network.Network Address Translation (NAT) provides 1:1 translations of IP addresses from one subnet to another. Can be used to integrate machines into an existing network architecture.Port Thresholds(Storm control & Traffic Shaping)allows you to set both incoming and outgoing traffic limits. If a threshold is exceeded alarms can be set in the Logix controller to alert an operator. Power over Ethernet (PoE) provides electrical power along with data on a single Ethernet cable to end devices.QoS – Quality of Service (QoS) is the ability to provide different priority to different applications, users, or data flows, to help provide a higher level of determinism on your network.REP (Resilient Ethernet Protocol) – A ring protocol that allows switches to be connected in a ring, ring segment or nested ring segments. REP provides network resiliency across switches with a rapid recovery time ideal for industrial automation applications.Smartports provide a set of configurations to optimize port settings for common devices like automation devices, switches, routers, PCs and wireless devices. Smartports can also be customized for specific needs.SNMP Simple Network Management Protocol (SNMP) is a management protocol typically used by IT to help monitor and configure network-attached devices.Static and InterVLAN Routing bridges the gap between layer 2 and layer 3 routing providing limited static and connected routes across VLANs.STP/RSTP/MST Spanning Tree Protocol, is a feature that provides a resilient path between switches. Used for applications that requires a fault tolerant network.VLANs with Trunking is a feature that allows you to group devices with a common set of requirements into network segments. VLANs can be used to provide scalability, security and management to your network.802.1x Security is an IEEE standard for access control and authentication. It can be used to track access to network resources and helps secure the network infrastructure.。

工业以太网交换机Stratix TM 8000 动手实验目录STRATIX 8000_________________________________________________________________________3关于本动手实验_______________________________________________________________________3实验内容___________________________________________________________________________3实验设备____________________________________________________________________________3硬件______________________________________________________________________________3软件______________________________________________________________________________3恢复交换机的工厂默认设置______________________________________________________________4通过EXPRESS SETUP按钮恢复工厂默认设置_______________________________________________5运行E XPRESS S ETUP____________________________________________________________________6实验二: 理解设备管理器和SMARTPORTS___________________________________________________11获得诊断信息________________________________________________________________________11端口标识___________________________________________________________________________13端口号____________________________________________________________________________13端口状态指示灯不同颜色表示的意义：___________________________________________________13趋势图_____________________________________________________________________________14 S PANNING T REE P ROTOCOL (生产树协议)___________________________________________________18更改交换机的配置____________________________________________________________________19 E XPRESS S ETUP______________________________________________________________________21配置S MARTPORTS_____________________________________________________________________22测试S MARTPORT______________________________________________________________________23 Smartport错误检测__________________________________________________________________24实验三: 使用STRATIX 8000 RSLOGIX5000 AOI指令和 FACTORYTALK VIEW FACEPLATES_________27在RSL OGIX 5000中组态S TRATIX 8000_____________________________________________________27设置S TRATIX 8000A DD-ON 指令__________________________________________________________31使用S TRATIX 8000的F ACTORY T ALK V IEW F ACEPLATES_________________________________________39实验四: 设置端口镜像，使用WIRESHARK抓取数据包__________________________________________57通过W IRESHARK抓取数据包_____________________________________________________________57设定端口镜像________________________________________________________________________63设定端口镜像后抓取数据包_____________________________________________________________64Stratix 8000关于本动手实验本实验的目的是使您熟悉Stratix 8000交换机和组网的基本知识。

Training WorkstationStratix 5700 EtherNet/IP WorkstationCatalog NumberMAJOR COMPONENTSPhoto shows ABT-TDENET5700 unit.Unit Dimensions• Width: 30 in (76 cm)• Height: 21 in (53 cm)• Depth: 13 in (33 cm)• Weight: Approx 45 lb (20 kg)Estimated Lead Time7 weeks. Some items are available for immediate shipment. Please call for availability.220-240V Plug OptionsSee the available document on Literature Library for 220-240V Plug Options for Workstations used in EMEA/AP (GMST10-PP524).Related ProductsThe workstation can be used in conjunction with the following products:• EtherNet/IP Procedures Guide (ABT-N300-TSJ50)• EtherNet/IP Fundamentals and Troubleshooting Lab Book (ABT-CCP180-TLB)• EtherNet/IP Configuration and Troubleshooting Lab Book (ABT-CCP183-TLB)†• Essentials of Industrial Ethernet Networks for an OT Professional Lab Book (ABT-CCP182-TLB)†• Essentials of Industrial Automation for an IT Professional Lab Book (ABT-CCP810-TLB)To use any of the lab books listed above with the ABT-TDENET5700-A workstation, the files provided for use with the PanelView Plus operator terminal will need to be updated.†Additional Hardware Required: The ABT-TD8300 Stratix 8300 workstation (or equivalent hardware) is required to complete some exercises in these lab books.Important Ordering Information*This unit is available with different PanelView Plus operator terminals:• For a unit with a PanelView Plus 6 terminal, order ABT-TDENET5700• For a unit with a PanelView Plus 7 terminal, order ABT-TDENET5700-AAllen-Bradley, CompactLogix, ControlLogix, expanding human possibility, PanelView Plus and Stratix are registered trademarks of Rockwell Automation Inc.Trademarks not belonging to Rockwell Automation are property of their respective companies.Publication GMST10-PP636F-EN-E – February 2020 | Supersedes Publication GMST10-PP636E-EN-E – October 2018Copyright © 2020 Rockwell Automation, Inc. All Rights Reserved. Printed in USA.To be respectful of the environment, Rockwell Automation is transitioning some of its training courses to a paperless format. Students are asked to complete downloads and bring personal devices to these classes. A full list of digital/paperless courses is currently available through your local distributor.。

Cisco Industrial Ethernet 5000 Series SwitchesData sheet Cisco publicContentsProduct overview 3 Features and benefits 3 Cisco ONE Software 5 Product specifications 6 Ordering information 16 Warranty information 17 Cisco environmental sustainability 17 Cisco and Partner Services 17 Cisco Capital 17 For more information 18Developed specifically to withstand the harshest industrial environments, these switches offer the most flexible and scalable industrial Ethernet platform that grows with your network.Product overviewThe Cisco® Industrial Ethernet (IE) 5000 Series Switches with four 10 Gigabit or four 1 Gigabit Ethernet uplinks and 24 Gigabit Ethernet downlinks is a rack mount, ruggedized switch that provides Layer 2 and Layer 3 line rate aggregation and copper Power over Ethernet (PoE) connectivity in the harshest of industrial environments. The IE 5000 Series uses superior high-bandwidth hardware switching and proven Cisco IOS® Software. TheIE 5000 is highly secure and scalable for access and aggregation layer deployments. It also provides Cisco stackable technologies for advanced network reliability. The switch is built to withstand extreme environments while adhering to overall IT network design, compliance, and performance requirements. The IE5000 has built-in SW image verification to ensure authenticity of the Cisco Software.The IE 5000 Series can be used to easily and securely extend the enterprise network to harsh environments with a software-defined access extension for the Internet of Things (IoT) enabling connectivity in outdoor areas, warehouses, distribution centers, roadways, etc., using powerful enterprise-grade intent-based network management platform such as Cisco DNA Center.The IE 5000 Series is ideal for industrial Ethernet applications where hardened products are required. This includes utility industries, manufacturing, energy and process control, Intelligent Transportation Systems (ITS), oil and gas field sites, city surveillance programs, and mining. With improved overall performance, greater bandwidth with available 10 Gigabit Ethernet interfaces, a richer feature set, and enhanced hardware, the Cisco IE 5000 Series Switches complement the current Industrial Ethernet portfolio of products. This portfolio includes Cisco industrial Ethernet switches, such as the Cisco IE 2000, IE 3200, IE 3300, IE 3400, IE 4000 and IE 4010 Series Switches, as well as utility - focused products, such as the Cisco IE 2000U Industrial Ethernet switches and Cisco 2500 Series Connected Grid Switches.Through a user-friendly web device manager, the IE 5000 provides easy out-of-the-box configuration and simplified operational manageability to deliver advanced security, data, video, and voice services over industrial networks.Features and benefitsTable 1 lists the features and benefits of Cisco IE 5000 Series Switches.Table 1.Features and benefits of Cisco IE 5000 Series SwitchesThe Cisco Industrial Ethernet 5000 Series Switches offer:●Bandwidth and capacity to grow with your networking needs: High-performance non-blocking switchcapacity with up to 24 Gigabit Ethernet downlink ports and four 10 Gigabit or four 1 Gigabit Ethernet uplink ports per switch●SFP+ heater to allow standard SFP+ optics to operate to -40C (10GE SKU only)●Cisco IOS Software features for smooth IT integration and policy consistency●Robust resiliency enabled by features, such as dual-ring design through four 10 Gigabit Ethernet uplinkports, Resilient Ethernet Protocol (REP), Parallel Redundancy Protocol (PRP), PROFINET– MediaRedundancy Protocol (MRP) ring, High Availability Seamless Redundancy (HSR) ring, EtherChannel, Flex Links, redundant power input, and dying gasp●Oven-controlled crystal oscillator (OCXO) to provide superior frequency stability needed for precisesynchronization applications●Simplified software upgrade path with universal images●Integrated support for features such as GPS receiver and IRIG●Cisco DNA Center management and support for software-defined access extension for IoTCisco ONE SoftwareCisco ONE Software offers a simplified consumption model, centered on common customer scenarios in the industrial automation and extended enterprise environments. Cisco ONE Software and services provide customers with four primary benefits:●Software suites that address typical customer use scenarios at an attractive price●Investment protection for their software purchase through software services-enabled license portability●Access to ongoing innovation and new technology with Cisco Software Support Service (SWSS)●Flexible licensing models to smoothly distribute customers' software spending over timeFigure 1 shows switch models, Table 2 shows all the available IE 5000 models, Table 3 lists the power supplies and Table 4 shows the available power budget for PoE/PoE+ for Cisco IE 5000 Series Switches Series Switches.Figure 1.IE 5000 switchTable 2.Cisco Industrial Ethernet 5000 Series models1 Uplink ports can run at 1 Gigabit Ethernet or 10 Gigabit Ethernet mode depending on the SFP or SFP+ inserted.2 Can be upgraded to IP Services license with the PID in Table 15.Table 3.Power supplies for Cisco IE 5000 Series SwitchesTable 4.Available power budget for PoE/PoE+ with different power supply wattageProduct specificationsTable 5 lists specifications, Table 6 lists information about Physical specifications, Table 7 lists information about switch performance and scalability, Tables 8 and 9 list important software license features, Tables 10-11 list the Cisco DNA Essentials and Advantage features. Table 12 lists compliance specifications, and Table 13 lists information about management and standards and Table 14 lists the supported SFPs on Cisco IE 5000 Series SwitchesTable 5.Product specificationsTable 6.Physical specificationsTable 7.Switch performance and scalabilityTable 8.Cisco IE 5000 Key LAN Base Software features1 Full flexible Netflow is included is included on all IE-5000 Switches and requires either one of the following licenses per switch:●Cisco ONE™ Foundation Perpetual license●Cisco DNA Essentials license●Cisco IP Services licenseTable 9.Cisco IE 5000 IP services license: Key software featuresTable 10.Cisco IE 5000 DNA Essentials featuresTable 11.Cisco IE 5000 DNA Advantage featuresTable pliance specificationsTable 13.Management and standardsIEEE standards ●IEEE 802.1D MAC Bridges, STP●IEEE 802.1p Layer2 COS prioritization●IEEE 802.1q VLAN●IEEE 802.1s Multiple Spanning-Trees●IEEE 802.1w Rapid Spanning-Tree●IEEE 802.1x Port Access Authentication●IEEE 802.1AB LLDP●IEEE 802.3ad Link Aggregation (LACP)●IEEE 802.3af Power over Ethernet provides up to15.4W DC power to each end device●IEEE 802.3at Power over Ethernet provides up to25.5W DC power to each end device ●IEEE 802.3af Power over Ethernet●IEEE 802.3at Power over Ethernet Plus●IEEE 802.3ah 100BASE-X SMF/MMF only ●IEEE 802.3x full duplex on 10BASE-T●IEEE 802.3 10BASE-T specification●IEEE 802.3u 100BASE-TX specification ●IEEE 802.3ab 1000BASE-T specification ●IEEE 802.3z 1000BASE-X specification ●IEEE 1588v2 PTP Precision Time ProtocolRFC compliance ●RFC 768: UDP●RFC 783: TFTP●RFC 791: IPv4 protocol●RFC 792: ICMP●RFC 793: TCP●RFC 826: ARP●RFC 854: Telnet●RFC 951: BOOTP●RFC 959: FTP●RFC 1157: SNMPv1●RFC 1901,1902-1907 SNMPv2●RFC 2273-2275: SNMPv3●RFC 2571: SNMP Management●RFC 1166: IP Addresses●RFC 1256: ICMP Router Discovery ●RFC 1305: NTP●RFC 1492: TACACS+●RFC 1493: Bridge MIB Objects●RFC 1534: DHCP and BOOTP interoperation●RFC 1542: Bootstrap Protocol●RFC 1643: Ethernet Interface MIB●RFC 1757: RMON●RFC 2068: HTTP●RFC 2131, 2132: DHCP●RFC 2236: IGMP v2●RFC 3376: IGMP v3●RFC 2474: DiffServ Precedence●RFC 3046: DHCP Relay Agent Information Option ●RFC 3580: 802.1x RADIUS●RFC 4250-4252 SSH ProtocolSNMP MIB objects ●BRIDGE-MIB●CALISTA-DPA-MIB●CISCO-ACCESS-ENVMON-MIB●CISCO-ADMISSION-POLICY-MIB●CISCO-AUTH-FRAMEWORK-MIB●CISCO-BRIDGE-EXT-MIB●CISCO-BULK-FILE-MIB●CISCO-CABLE-DIAG-MIB●CISCO-CALLHOME-MIB●CISCO-CAR-MIB●CISCO-CDP-MIB●CISCO-CIRCUIT-INTERFACE-MIB●CISCO-CLUSTER-MIB●CISCO-CONFIG-COPY-MIB●CISCO-CONFIG-MAN-MIB●CISCO-DATA-COLLECTION-MIB●IF-MIB●CISCO-DHCP-SNOOPING-MIB ●CISCO-SNMP-TARGET-EXT-MIB●CISCO-STACK-MIB●CISCO-STACKMAKER-MIB●CISCO-STP-EXTENSIONS-MIB●CISCO-SYSLOG-MIB●CISCO-TCP-MIB●CISCO-UDLDP-MIB●CISCO-VLAN-IFTABLE-RELATIONSHIP-MIB ●CISCO-VLAN-MEMBERSHIP-MIB●CISCO-VTP-MIB●ENTITY-MIB●ETHERLIKE-MIB●HC-RMON-MIB●IEEE8021-PAE-MIB●IEEE8023-LAG-MIB●IF-MIB●IP-FORWARD-MIB●IP-MIB●CISCO-EMBEDDED-EVENT-MGR-MIB●IP-MIB●CISCO-ENTITY-ALARM-MIB●CISCO-ENTITY-SENSOR-MIB●CISCO-ENTITY-VENDORTYPE-OID-MIB●LLDP-MIB●CISCO-ENVMON-MIB●CISCO-ERR-DISABLE-MIB●CISCO-FLASH-MIB●CISCO-FTP-CLIENT-MIB●CISCO-IF-EXTENSION-MIB●CISCO-IGMP-FILTER-MIB●CISCO-IMAGE-MIB●CISCO-IP-STAT-MIB●CISCO-LAG-MIB●CISCO-LICENSE-MGMT-MIB●CISCO-MAC-AUTH-BYPASS-MIB●OLD-CISCO-TCP-MIB●CISCO-MAC-NOTIFICATION-MIB●OLD-CISCO-TS-MIB●CISCO-MEMORY-POOL-MIB●CISCO-PAE-MIB●CISCO-PAGP-MIB●CISCO-PING-MIB●CISCO-PORT-QOS-MIB●CISCO-PORT-SECURITY-MIB●CISCO-PORT-STORM-CONTROL-MIB●SNMP-NOTIFICATION-MIB●CISCO-PRIVATE-VLAN-MIB●CISCO-PROCESS-MIB●CISCO-PRODUCTS-MIB●CISCO-RESILIENT-ETHERNET-PROTOCOL-MIB ●SNMP-VIEW-BASED-ACM-MIB●CISCO-RTTMON-ICMP-MIB●CISCO-RTTMON-IP-EXT-MIB●CISCO-RTTMON-MIB●CISCO-RTTMON-RTP-MIB ●LLDP-EXT-MED-MIB●LLDP-MIB●NETRANGER●NOTIFICATION-LOG-MIB●OLD-CISCO-CHASSIS-MIB●OLD-CISCO-CPU-MIB●OLD-CISCO-FLASH-MIB●OLD-CISCO-INTERFACES-MIB ●OLD-CISCO-IP-MIB●OLD-CISCO-MEMORY-MIB●OLD-CISCO-SYS-MIB●OLD-CISCO-SYSTEM-MIB●OLD-CISCO-TCP-MIB●OLD-CISCO-TS-MIB●RMON-MIB●RMON2-MIB●SMON-MIB●SNMP-COMMUNITY-MIB●SNMP-FRAMEWORK-MIB●SNMP-MPD-MIB●SNMP-NOTIFICATION-MIB●SNMP-PROXY-MIB●SNMP-TARGET-MIB●SNMP-USM-MIB●SNMP-VIEW-BASED-ACM-MIB ●SNMPv2-MIB●TCP-MIB●UDP-MIBTable 14.SFP supportNote:For DOM support and for first software release supporting SFP, refer tohttps:///en/US/products/hw/modules/ps5455/products_device_support_tables_list.html.Not all SFPs are supported in PROFINET GSD for SIMATIC STEP7/TIA Portal. Please visithttps:///c/en/us/td/docs/switches/lan/industrial/software/configuration/guide/b_sfp_TIA.html.Ordering informationTable 15 lists the ordering information for Cisco IE 5000 system. Table 15.Ordering informationWarranty information for the IE 5000 switch is available at/warrantyfinder.aspx.Cisco environmental sustainabilityInformation about Cisco’s environmental sustainability policies and initiatives for our products, solutions, operations, and extended operations or supply chain is provided in the “Environment Sustainability” section of Cisco’s Corporate Social Responsibility (CSR) Report.Reference links to information about key environmental sustainability topics (m entioned in the “Environment Sustainability” section of the CSR Report) are provided in the following table:Cisco makes the packaging data available for informational purposes only. It may not reflect the most current legal developments, and Cisco does not represent, warrant, or guarantee that it is complete, accurate, or up to date. This information is subject to change without notice.Cisco and Partner ServicesAt Cisco, we’re committed to minimizing our customers’ TCO, and we offer a wide range of services programs to accelerate customer success. Our innovative programs are delivered through a unique combination of people, processes, tools, and partners, resulting in high levels of customer satisfaction. Cisco Services helps you protect your network investment, optimize network operations, and prepare your network for new applications to extend network intelligence and the power of your business. Some of the key benefits our customers can get from Cisco Services follow:●Mitigating risks by enabling proactive or expedited problem resolution●Lowering TCO by taking advantage of Cisco expertise and knowledge●Minimizing network downtime●Supplementing your existing support staff so they can focus on additional productive activitiesFor more information about Cisco Services, refer to Cisco Technical Support Services or Cisco Advanced Services at https:///web/services/Cisco CapitalFlexible payment solutions to help you achieve your objectives.Cisco Capital makes it easier to get the right technology to achieve your objectives, enable business transformation and help you stay competitive. We can help you reduce the total cost of ownership, conserve capital, and accelerate growth. In more than 100 countries, our flexible payment solutions can help you acquire hardware, software, services and complementary third-party equipment in easy, predictable payments. Learn more.For more information about the Cisco IE 5000 Series, visit https:///go/ie5000 or contact your local account representative.Printed in USA C78-734967-12 07/20。

罗克韦尔发布Stratix 5410分布式交换机
作者：暂无
来源：《智能制造》 2015年第10期
2015 年9 月30 日，罗克韦尔自动化正凭借新型Allen-Bradley Stratix 5410 工业分布式交换机，进一步扩展其工业以太网交换机产品组合。

Stratix 5410 交换机配备四个万兆以太网端口，可与工厂网络架构的其余部分建立高性能连接。

该交换机可用作第2 层或第3 层路由交换机，因此可帮助工程师实现更加丰富应用。

“扩展后的Stratix 系列交换机应用范围更广，可帮助IT 和工程专家设计高可用性的网络，”罗克韦尔自动化的产品经理Mark Devonshire 介绍，“Stratix 5410 分布式交换机具备设计面向未来的网络架构时所需的高性能和灵活性。

”Stratix 5410 交换机采用19 英寸机架安装设计，为最终用户提供了分布式网络的中央节点和更密集的端口。

凭借嵌入思科技术以及与罗克韦尔自动化集成架构系统的源代码级集成，Stratix 5410 交换机能够提供信息技术(IT) 和运营技术(OT) 专业人员都熟悉的解决方案。

1EinführungSIMATIC NETAnswers for industry.Industrial Ethernet Switches SCALANCE XB-000/XB-000GSimple – Space-saving – Suitable for industry Brochure · May 2009Industrial Ethernet Switches SCALANCE XB-000/XB-000GBenefits•Implementing a machine network even under constant cost pressure•Space-saving installation thanks to small, compact design •Quick commissioning without configuration•Easy on-site diagnostics via LEDsApplication areaThe unmanaged Industrial Ethernet switches of theSCALANCE XB-000/XB-000G line allow cost-effective solu-tions for setting up small star or line topologies with switching functionality in machinery or plant components. The enclo-sure is designed for space-saving installation in a control cabinet on a standard rail. Wall mounting is also possible. Product versionsAll versions can be diagnosed directly on the device using LEDs (power, link status data traffic)Versions for the construction of electrical Industrial Ethernet star and line topologies with:Fast Ethernet (100 Mbit/s):•SCALANCE XB005 and SCALANCE XB008;5 or 8 x 10/100 Mbit/s electrical RJ45 portsGigabit Ethernet (1000 Mbit/s):•SCALANCE XB005G and SCALANCE XB008G;5 or 8 x 10/100/1000 Mbit/s electrical RJ45 ports Versions for the construction of electrical and optical Industrial Ethernet star and line topologies with:Fast Ethernet (100 Mbit/s):•SCALANCE XB004-1 and SCALANCE XB004-1LD;4 x 10/100 Mbit/s electrical RJ45 ports and1 x 100 Mbit/s optical SC port (multimode/singlemode,glass)Gigabit Ethernet (1000 Mbit/s):•SCALANCE XB004-1G and SCALANCE XB004-1LDG;4 x 10/100/1000 Mbit/s electrical RJ45 ports and1 x 1000 Mbit/s optical SC port (multimode/singlemode,glass) DesignThe SCALANCE XB-000/XB-000G Industrial Ethernet switches are optimized for mounting on a standard rail.They have:• A 3-pin terminal block for connecting the power supply (1x24 V DC) and functional ground.•An LED to display status information (Power)•LEDs for indicating the status information (link status and data exchange) per portThe following port types are available:•10/100 BaseTX electrical RJ45 ports or10/100/1000 BaseTX electrical RJ45 ports;automatic data transmission rate detection(10/100/1000 Mbit/s), with Autosensing and Autocrossing function for connecting IE TP cables up to 100 m.•100 BaseFX, optical SC port for direct connection to the Indus-trial Ethernet FO cables. Multimode fiber-optic cable up to 3 km •100 BaseFX, optical SC port for direct connection to the Industrial Ethernet FO cables. Single mode fiber-optic cable up to 26 km •1000 BaseSX optical SC port for direct connection to the Industrial Ethernet FO cables.Multimode fiber-optic cable up to 750 m•1000 BaseLX optical SC port for direct connection to the Indus-trial Ethernet FO cables. Singlemode fiber-optic cable up to 10 km Function•Construction of electrical Industrial Ethernet line or star topologies•Use of uncrossed connecting cables is possible due to the integrated Autocrossing function of the ports•Simple network configuration and network expansion;no restriction on network expansion when cascading the switches.SCALANCE XB004-1Industrial Ethernet Switches2Industrial Ethernet Switches3Network topology and network configurationThe SCALANCE XB-000/XB-000G switches are typically in-stalled with the stations to be connected in a control cabinet or control box. When configuring the network, it is necessary to observe the following boundary conditions:•Length of the TP cable between two SCALANCE XB-000/ XB-000G switches -max. 100 m-max. 10 m via patch cable with TP Cord-max. 100 m via Industrial Ethernet FC Outlet RJ45, IE FC Standard Cable and TP Cord •Length of fiber-optic cables:-max. 3 km with Industrial Ethernet FO cables multimode-max. 26 km with Industrial Ethernet FO cables singlemode DiagnosticsThe following information is indicated on the device by means of LEDs:•Power •Port status •Data trafficElectrical star topology with SCALANCE XB005G for the connection of ter-minal devices and connection to higher-level network structures with Gigabit EthernetElectrical star topology with SCALANCE XB005 for the connection of ter-minal devices with Fast EthernetMixed star topology with SCALANCE XB004-1 or SCALANCE XB004-1GThe information provided in this brochure contains descriptions or characteristics of performance which in case of actual use do not always apply as described or which may change as a result of further development of the products. An obligation to provide the respective characteristics shall only exist if expressly agreed in the terms of contract. Availability and technical specifications are subject to change without notice.All product designations may be trademarks or product names of Siemens AG or supplier companies whose use by third parties for their own purposes could violate the rights of the owners.Siemens AG Industry SectorSensors and Communication Postfach 48 4890026 NÜRNBERG GERMANYSubject to change without prior notice Order No.: 6ZB5530-1AS02-0BA13P.8101.46.16 / Dispo 26000BR 0509 2.0 ROT 4 En Printed in Germany © Siemens AG 2009/simatic-netOrdering dataTechnical specificationsIndustrial Ethernet Switches SCALANCE XB-000/XB-000Gunmanaged Industrial Ethernet Switches for 10/100/1000 Mbit/s,IP20 degree of protection, incl. operating instructions, Industrial Ethernet Network manual on CD-ROM SCALANCE XB0055 x 10/100 Mbit/s RJ45 electrical RJ45 ports6GK5 005-0BA00-1AB2SCALANCE XB005G5 x 10/100/1000 Mbit/s electrical RJ45 ports6GK5 005-0GA00-1AB2SCALANCE XB0088 x 10/100 Mbit/s RJ45 electrical RJ45 ports6GK5 008-0BA00-1AB2SCALANCE XB008G8 x 10/100/1000 Mbit/s electrical RJ45 ports6GK5 008-0GA00-1AB2SCALANCE XB004-14 x 10/100 Mbit/s electrical RJ45 ports and 1x 100 Mbit/s optical SC port (multimode, glass), up to 3 km 6GK5 004-1BD00-1AB2SCALANCE XB004-1G4 x 10/100/1000 Mbit/s RJ45 electrical RJ45 ports and 1x 1000 Mbit/s optical SC port (multimode, glass), up to 750 m 6GK5 004-1GL00-1AB2SCALANCE XB004-1LD4 x 10/100 Mbit/s electrical RJ45 ports and 1 x 100 Mbit/s optical SC port (singlemode, glass), up to 26 km 6GK5 004-1BF00-1AB2SCALANCE XB004-1LDG4 x 10/100/1000 Mbit/s electrical RJ45 ports and 1 x 1000 Mbit/s optical SC port (singlemode, glass), up to 10 km6GK5 004-1GM00-1AB2IE TP Cord RJ45/RJ45TP cable 4 x 2 with 2 RJ45 connectors■0,5 m ■ 1 m ■ 2 m ■ 6 m ■10 m6XV1 870-3QE506XV1 870-3QH106XV1 870-3QH206XV1 870-3QH606XV1 870-3QN10FO Standard Cable GP 50/125Fiber-optic cable, pre-assembled with 4 SC connectors (not for SCALANCE XB004-1LD/XB004-1LDG)■80 m ■100 m ■150 m ■200 m ■300 m6XV1 873-6AN806XV1 873-6AT106XV1 873-6AT156XV1 873-6AT206XV1 873-6AT30InterfacesConnection of terminal equipment or network components via twisted pair4, 5 or 8 x 10/100/1000 Mbit/s RJ45 electrical portsNumber of optical ports for fiber-op-tic cables1 x 100/1000 Mbit/s optical SC port (multimode/singlemode)Connection for power supply1 x 3-pin plug-in terminal blockElectrical data Power supply+24 V DC■Premissible range+19.2 V DC to +28.8 V DC Power loss at 24 V DC 2.9 W Current consumption at rated voltage120 mAPermissible ambient conditions/EMC Operating temperature -10 ºC to +60 ºC Transport/storage temperature -40 ºC to +80 ºCRelative humidity in operation < 95% (no condensation)Interference immunity EN 61000-6-2Emitted interference EN 61000-6-4Degree of protection IP20ConstructionDimensions (W x H x D) in mm 45 x 100 x 87Weight in g 180Installation optionsDIN rail, wall mounting。

支持服务产品系列适用范围无论您的业务目标是什么，罗克韦尔自动化支持服务均能帮助您挖掘运营潜能。

借助每一份支持协议带来的高价值工具以及我们训练有素的专家团队，您能够减少维护时间及成本，并提高整体设备效率。

了解更多信息生命周期服务咨询我们的工程师在罗克韦尔自动化软件门户网站购买的软件包括一份独立的支持合同，其终止日期与 TechConnect 协议的签署周年日期保持一致。

在罗克韦尔自动化商业网站上续订所购软件时，将提供单独的协议。

标准产品产品系列 (例如自动化控制系统) 中列出的全部产品均可得到支持。

自动化控制系统可编程控制器 — Compact GuardLogix®、CompactLogix™、ControlLogix® (1756 系列), GuardLogix®, SmartGuard™ 600 SoftLogix™ 5800操作员界面— DTAM™ 2707、工业计算机、InView™、PanelView 5500、PanelView Plus、MobileView™ (仅包括 2711T)分布式 I/O — Block I/O™、Expansion I/O、Flex™ I/O、POINT I/O™ 以及远程 I/O网络 — ControlNet、DeviceNet、DH+™、DH-485、EtherNet/IP、9300 (电缆和 9300-ENA)、1784 板卡 (不包括 ISA 或 PCMCIA 板卡)网络安全与基础设施 — Stratix® 交换机传感器与开关 — 无线射频识别 (RFID)相关软件 — FactoryTalk Echo、FactoryTalk® View ME、RSLinx® Lite、RSNetWorx™、RSLogix™ 5000、Studio 5000® 状态监测 — 集成式机器状态监测模块 (包括 1444)、ESAFE 状态监测软件、便携式数据采集器、保护模块 (包括 XM 模块) 以及状态监测传感器电力监测仪 — PowerMonitor™ 500、PowerMonitor 1000 以及 PowerMonitor 5000电能 —RSPower™低压变频器和启动器ArmorConnect® 电源介质 (280-PWRM)、ArmorStart® 控制器 (280、281、284、290、291、294)、PowerFlex® 4M、4、40、40P、400、523、525、527、753、755、755TL/ TR/TM 以及 755 On-Machine、755TS、753TS 变频器、20S SCR 母线电源、电源调节产品 1321、变频器通信卡 (20 comm、20-750-comm) DriveExecutive™、DriveExplorer™、Connected Components Workbench™ 软件、MegaDySC® 1608M、MiniDySC ® 1608N 和ProDySC® 1608P Armor PowerFlex 35S、35P、PFDC 20P 中压变频器和启动器857、865、1500-1599、1900-1999、7000A-RPDTD、7000L-RPDTD 7000L-R18TX、7000A-RPTX、7000L-RPTX、7000A-RPTXI、7000-RPTX、7000-R18TX、7000-RPTXI、7760、7761、7762、7703电机控制中心 (MCC) IntelliCENTER®、CENTERLINE® 2100 和 CENTERLINE® 2500独立推车技术 (ICT) MagneMotion® iTRAK® 5730/5750、MagneMover®、QuickStick® 100、QuickStick® HT™工业运动控制基于机架的运动控制产品 —ControlLogix 运动控制模块 (1756-M02AE、M08SE、M16SE、M03SE、M02AE、M02AS、HYD02 和 1758M04SE)伺服驱动器和电机 — Kinetix® 驱动器 (3、300、350、2000、5100、5300、5500、5700、5800、6000、6200、6500 和 7000)、Ultra™ 3000 (2098DSD) 和 Kinetix VP、TLP、MP-Series™ 电机 (旋转电机和直线电机系列)编程软件 — MotionView、RSLogix Motion Commands、UltraWARE组件级产品北美以外地区：• 一个工作日内免费回电支持，24x7 全天候响应• 电话或实时聊天支持：上午 8:00 至下午 5:00，可升级至 24x7 全天候响应北美地区：• 上午 8：00 至下午 5：00 免费支持• 24x7 全天候服务 (需签署支持协议)计算机与操作员界面 — PanelView Component 和 PanelView 800工控产品1可编程控制器 — Micro800® 控制系统安全、传感器、连接系统商业产品软件 — Connected Component Workbench 软件过程安全需要签署过程安全支持合同。

.Stratix TM工业以太网交换机产品选型手册1Stratix TM 工业以太网交换机产品以太网在车间层和在整个企业内的部署，以及制造商日益增加的业务压力，导致了网络和技术通过以太网进行了融合。

这就造成了IT 及制造业控制部门在组织结构上和文化上的融合。

Stratix TM 系列工业以太网基础架构产品是专为帮助您推进网络融合而设计的。

提供了坚固、易用、安全的交换基础设施，符合工业规范，适用于恶劣环境。

该系列产品提供一系列的工具方便工业网络的部署、管理和更换。

安全性是该系列产品的重点之一。

该系列产品通过一系列措施，确保开放标准的基础上的网络安全。

Stratix 8000系列产品具有罗克韦尔自动化和Cisco 联合品牌的模块化管理型交换机的特性，它为IT 和自动化控制专业人员带来了新价值。

该系列的其他产品线还包括：Stratix 嵌入式技术，以及一系列固定端口的管理型和非管理型交换机及物理介质。

整个系列产品使用标准的、未修改的以太网并且在EtherNet/IP 应用和集成架构中得以优化使用，另外Stratix 8000产品线中特别使用了Cisco 操作系统、用户环境及功能集。

Stratix TM 系列产品可以广泛用于流程工业自动化，工厂自动化，地铁、隧道、高速公路、铁路和机场，电力，水、污水等基础设施，智能交通运输系统(ITS)，SCADA 系统等。

使用Cisco 技术的Stratix 8000联合品牌模块化管理型交换机Cisco 和罗克韦尔自动化在联合品牌的工业管理型交换机上进行了合作，Stratix 8000是两家公司联合推出的首款交换机。

包括一个对IT 和制造环境的优化功能集。

交换机产品线使用当前Cisco Catalyst TM 交换机的操作系统、功能和用户界面，从而使IT 专业人员能使用思科设备管理器Web 界面，以及思科网络助理和CiscoWorks 等支持工具，简化了工业网络的部署、管理和更换。

Plant LAN - VLAN 17-Layer 2 Domain Plant IP-Subnet 10.17.10.0/24Segmentation Via Network Address Translation21342134ABBACell/Area Zone #1Subnet 192 168 1.0/24Cell/Area Zone #2Subnet 192 168 1.0/24Cell/Area Zone #3Subnet 192 168 1.0/24Stratix 57009300-ENAStratix 5700Stratix 5900Stratix 5900Stratix 5900Cell/Area Zone #1Subnet 192 168 1.0/24Cell/Area Zone #2Subnet 192 168 1.024Cell/Area Zone #3Subnet 192 168 1.0/24Plant-wide/Site-wide Network using Stratix 9300-ENAs with NAT Providing IP Subnet RepeatabilityPlant-wide/Site-wide Network using Stratix 5900’s with NAT Providing IP Subnet RepeatabilityPlant-wide/Site-wide Network using Stratix 5700’swith VLANS and NAT 9300-ENA9300-ENAStratix 8300Plant-wideSite-wide Operation SystemLevel 3-Site OperationsIndustrial ZoneLevel 0-2Cell/Area ZoneLevel 3-Site OperationsIndustrial ZoneLevel 0-2Cell/Area ZoneLevel 3-Site OperationsIndustrial ZoneLevel 0-2Cell/Area ZoneStratix 8300Plant-wide Site-wide Operation SystemStratix 5700Stratix 5700Stratix 5700Stratix 8300Plant-wide Site-wide Operation SystemRockwell Automation and EtherNet/IP Provide Multiple Options to Connect to Your Plant Network Using Standard Ethernet TechnologyNote: Information presented here is for illustrative purposes onlyPlant LAN - VLAN 17-Layer 2 Domain Plant IP-Subnet 10.17.10.0/24Plant LAN - VLAN 17-Layer 2 Domain Plant IP-Subnet 10.17.10.0/24Cell/Area Zone #1VLAN 10Subnet 192 168 1.0/24Cell/Area Zone #2VLAN 20Subnet 192 168 1.0/24Cell/Area Zone #3VLAN30Subnet 192 168 1.0/24Plant LAN - VLAN 17-Layer 2 Domain Plant IP-Subnet 10.17.10.0/24Repeating IP subnets between CPwE Cell/Area Zones. Translating IP addresses using 9300-ENA network address translation appliances In this example, IP addresses can be reused across Cell/Area Zones, allowing OEMs to repeat IP subnets while still allowing for a converged network.• A 9300-ENA appliance is placed between each Cell/Area Zone to provide Network Address Translation .• From the Level 3, the site operations are able to access all devices • Between each individual Cell/Area Zone, IP addresses can be re-used• Each 9300-ENA must be programmed to translate from the192.168.1.0/24 IP subnet to the plant-wide/site-wide IP subnet.If the entire Cell/Area Zone needs to communicate with the plant-wide/site- wide network, then all devices must have their addresses manually translated• This architecture complicates the plant-wide/site-wide side of the ar chitecture to provide simplicity to the Cell/Area Zones and OEMsRepeating IP subnets between CPwE Cell/Area Zones. Translating IP addresses using Stratix 5900 Unified Threat Management Security Appliance with NATIn this example, IP addresses can be reused across Cell/Area Zones, allowing OEMs to repeat IP subnets while still allowing for a converged network. NAT also provides the benefit of smaller Layer 2 building blocks, allowing control over traffic traversing between IP subnets.NAT can be implemented via the Stratix 5900 unified threatmanagement security appliance.The UTM security appliance can provide an additional level of enhanced security to further segment Cell/Area Zones from the plant-wide/site-wide network and other Cell/Area Zones.• A UTM security appliance is placed between each Cell/ Area Zone to provide Network Address Translation• From the Level 3, the site operations are able to access all devices • Between each individual Cell/Area Zone, IP Addresses can be re-used • Each UTM security appliance must be programmed to translate from the 192.168.1.0/24 IP subnet to the plant-wide/site-wide IP subnet • This architecture complicates the plant-wide/site-wide side of the architecture to provide simplicity to the Cell/Area Zones and machine/ process skid buildersRepeating IP subnets between CPwE Cell/Area Zones. Translating IP ad-dresses using Stratix 5700 series switches VLANs implemented to logically segment CPwE Cell/Area Zones.In this example, IP addresses can be reused across Cell/Area Zones, allowing OEMs to repeat IP subnets while still allowing for a converged network. The Cell/Area Zones repeat IP subnets and are segmented from each other by utilizing VLANs.• Each Cell/Area Zone is segmented via a unique VLAN• If Cell/Area Zones need to communicate between each other, they must communicate through a Layer 3 switch such as the Stratix 8300 that can provide inter-VLAN routing• This architecture provides small layer 2 domains of trust, fault domains and broadcast domains• This architecture can help limit access between Cell/Area Zones to help provide restrictive access to machine/process skid builders’ intellectual property• From Level 3, the site operations are able to access all devices • Between each individual Cell/Area Zone, IP Addresses can be re-used • Each Stratix 5700 must be programmed to translate from the192.168.1.0/24 IP subnet to the plant-wide/site-wide IP subnet.If the entire Cell/Area Zone needs to communicate with the plant-wide/site-wide network, then all devices must have their addresses manually translated• This architecture complicates the plant-wide/site-wide side of the architecture to provide simplicity to the Cell/Area Zones and machine/ process skid buildersPublication IASIMP-QR30A-EN-PAbout the ProductsStratix 5700• Scalable Layer 2 managed industrial switch• Default configurations for industrial autom ation and EtherNet/IP devices (Global and Smartports)• Studio 5000 for configuration via Add on Profiles/Predefined Logix tags for diagnostics • FactoryTalk View Faceplates for status monitoring and alarming • Best of Cisco - Catalyst® switch architecture/ feature setStratix 8300• Full Layer 3 industrial switch that supports routing between Subnets and VLANs.• Default configurations for industrial automation and EtherNet/IP devices (Global and Smartports)• Studio 5000 for configuration via Add on Profiles/Predefined Logix tags for diagnostics • FactoryTalk View Faceplates for status monitoring and alarming • Best of Cisco - Catalyst® switch architecture/ feature setStratix 5900• Combines a number of modern security functions into a single appliance• Managed router that also provides a number of managed switching features • A single device to implement VPN, Firewall, NAT, and many other services • Best of Cisco - Fully integrated with Cisco IOS9300-ENA• NAT Appliance allowing identical machines to be placed on Ethernet networksAbout this ConfigurationThis system consists of three Cell/Area Zones, each with different hardware and potentially from three unique OEMs who would like to protect their Intellectual Property (IP). It illustrates different techniques to accomplish the following: 1. Protect intellectual property of machine/process skid builders 2. Provide small Layer 2 domains of trust and broadcast domains3. Provide logical Layer 2 building blocks to ensure a future-ready network4. Enable Network Address Translation on a plant-wide/site-wide network to provide IP subnet repeatability at the Cell/Area Zone level, providing faster commissioning time for machine/ process skid buildersSummary of Considerations for Segmentation MethodologiesAdditional ResourcesENET-PP005C-EN-E Stratix 5700 Industrial Ethernet Switch Product ProfileENET-PP002B-EN-P Stratix 8000 and 8300 Industrial Ethernet Switches Product Profile ENET-PP006A-EN-P Stratix 5900 Services Router Product ProfileENET-AT004B-EN-ESegmentation Methods within the Cell / Area ZoneIASIMP-QS038A-EN-PStratix 5700 NAT Quick StartENET-WP032A-EN-E Stratix 5700 NAT WhitepaperENET-QR001-EN-E Stratix Switch Reference Chart ENET-QR002-EN-EStratix 5700 Reference ChartGMSP-PP001-EN-E 9300-ENA Network Address Translation Device Product ProfileIASIMP-QR029A-EN-PStratix/Infrastructure Product Family Quick Reference DrawingENET-TD001-EN-PConverged Plantwide Ethernet (CPwE) Design and Implementation Guide (DIG)Reference Architecture Web Page/rockwellautomation/products-technologies/network-technology/architectures.pageBill of MaterialQty Catalog # Description System: Communication Hardware1 1783-BMS10CL Stratix 5700 Layer2 Managed Switch, 10 Ports Lite1 1783-BMS10CGN Stratix 5700 Layer2 Managed Switch, 10 Ports,Full with CIP Synch and NAT 1 1783-RMS10T Stratix 8300 Layer3 Managed Switch, 10 Ports 1 1783-MS10T Stratix 8000 Layer 2 Managed Switch, 10 Ports 1 1783-SR Stratix 5900 Security Appliance1 9300-ENA Network Address Translation ApplianceSegmentation Techniques Positive Design Considerations Negative Design ConsiderationsNo Segmentation (Not Recommended)• Initially, may appear to be simple to design anddeploy• Link Resiliency (redundant path topologies)• Same Layer 2 broadcast andfault domain, not a scalable or future ready solution.• Every node requires a unique IP address • Blurred demarcation line of network ownershipMultiple NIC Segmentation (ControlLogix Only)• Simple to design and deploy• Smaller Layer 2 domains (broadcast and fault)• Reusable IP addresses/subnets• Clear demarcation of network ownership• Not scalable or future ready, only CIP traffic can traverse a CIP bridge, limited quantity of bridge modules.• Smaller PACs do not support a dual NIC.• No Link Resiliency (redundant path topologies)NAT Appliance Segmentation 9300-ENA• Smaller Layer 2 domains (broadcast and fault)• Reusable IP addresses/subnets • Clear demarcation of network ownership• More difficult to design, deploy,and manage-manual entry and management of IP address translations• No Link resiliency (redundant path topologies)Unified Threat Management Security Appliance with NAT Stratix 5900• Smaller Layer 2 domains (broadcast and fault)• Reusable IP addresses/subnets • Clear demarcation of network ownership• Enhanced security features• More difficult to design, deploy, and manage-manual entry andmanagement of IP address translations • No Link resiliency (redundant path topologies)VLANs Only Segmentation Stratix 5700• Scalable and future ready• Smaller Layer 2 domains (broadcast and fault)• Smaller domains of trust (management of security policies)• Link Resiliency (redundant path configuration)• Layer 3 switch or router is required to forward (route) information between VLANs• Every node requires a unique IP address • Blurred demarcation line of network ownershipVLAN Segmentation with NAT Stratix 5700• Scalable and future ready• Smaller Layer 2 domains (broadcast and fault)• Smaller domains of trust (management of security policies)• Reusable IP addresses/subnets • Link Resiliency (redundant path configuration• Layer 3 switch or router is required to forward (route) information between VLANs• More difficult to design, deploy, andmanage-manual entry and management of IP address translations• Blurred demarcation line of network ownershipPlant LAN - VLAN 17-Layer 2 Domain Plant IP-Subnet 10.17.10.0/24,every device requires a unique IP addressPlant LAN - VLAN 17-Layer 2 Domain Plant IP-Subnet 10.17.10.0/24Segmentation Via VLANs21342134ABBACell/Area Zone #1VLAN 10Subnet 192 168 1.0/24Cell/Area Zone #2VLAN 20Subnet 192 168 1.0/24Cell/Area Zone #3VLAN30Subnet 192 168 1.0/24Level 3-Site OperationsIndustrial ZoneLevel 0-2Cell/Area ZoneStratix 5700Stratix 5700Stratix 5700FAULTFWD SelEsc 525FAULTFWD SelEsc 525Stratix 8300Plant-wide Site-wide Operation SystemCell/Area Zone #1VLAN 10Subnet 10.10.10.0/24Cell/Area Zone #2VLAN 20Subnet 10.10.20.0/24Cell/Area Zone #3VLAN 30Subnet 10.10.30.0/24Plant-wide/Site-wide Network using Stratix 5700’s with VLANs and Unique IP SubnetsPlant-wide/Site-wide Network using Stratix 5700’s with VLANs and NATLevel 3-Site OperationsIndustrial ZoneLevel 0-2Cell/Area ZoneStratix 5700Stratix 5700Stratix 5700FAULT FWD SelEsc 525FAULT FWD Sel Esc 525Stratix 8300Plant-wide Site-wide Operation SystemRockwell Automation and EtherNet/IP Provide Multiple Options to Connect to Your Plant Network Using Standard Ethernet TechnologyNote: Information presented here is for illustrative purposes onlyNon repeating IP subnets (with each device requiring a unique IP address) between CPwE Cell/Area Zones. Stratix 5700 series switches - VLANs implemented to logically segment CPwE Cell/Area Zones.In this example, all nodes within the Industrial Zones must have a unique IP address.IP addresses cannot be reused across machines/process skids or anywhere else within the Industrial Zone.• Each Cell/Area Zone is segmented via a unique VLAN and IP subnet• Note that CPwE VLAN best practices dictates that each Cell/Area Zone must have a unique IP subnet• If Cell/Area Zones need to communicate between each other, they must communicate through a Layer 3 switch such as the Stratix 8300 that can provide inter-VLAN routing• This architecture provides small layer 2 domains of trust, fault domains and broadcast domains• This architecture can help limit access between Cell/Area Zones to help provide restrictive access to machine/process skid builders’ intellectual property • Machine/process skid builders must adhere to addressing schema of plant-wide/ site-wide network, potentially adding complication and time to commissioningRepeating IP subnets between CPwE Cell/Area Zones. Translating IP addresses using Stratix 5700 series switches VLANs implemented to logically segment CPwE Cell/Area Zones.In this example, IP addresses can be reused across Cell/Area Zones, allowing OEMs to repeat IP subnets while still allowing for a converged network. The Cell/Area Zones repeat IP subnets and are segmented from each other by utilizing VLANs.• Each Cell/Area Zone is segmented via a unique VLAN• If Cell/Area Zones need to communicate between each other, they must communicate through a Layer 3 switch such as a Stratix 8300 that can provide inter-VLAN routing• This architecture provides small layer 2 domains of trust, fault domains and broadcast domains • This architecture can help limit access between Cell/Area Zones to help provide restrictive access to machine/process skid builders’ intellectual property• This architecture utilizes Network Address Translation provided by the Stratix 5700 switches • From Level 3, the site operations are able to access all devices • Between each individual Cell/Area Zone, IP Addresses can be re-used• Each Stratix 5700 must be programmed to translate from the 192.168.1.0/24 IP subnet to the plant-wide/site-wide IP subnet.If the entire Cell/Area Zone needs to communicate with the plant-wide/site-wide network, then all devices must have their addresses manually translated • This architecture complicates the plant-wide/site-wide side of the architecture to provide simplicity to the Cell/Area Zones and machine/process skid buildersPublication IASIMP-QR30A-EN-PAbout the ProductsStratix 5700• Scalable Layer 2 managed industrial switch• Default configurations for industrial autom ation and EtherNet/IP devices (Global and Smartports)• Studio 5000 for configuration via Add on Profiles/Predefined Logix tags for diagnostics • FactoryTalk View Faceplates for status monitoring and alarming • Best of Cisco - Catalyst® switch architecture/ feature setStratix 8300• Full Layer 3 industrial switch that supports routing between Subnets and VLANs.• Default configurations for industrial automation and EtherNet/IP devices (Global and Smartports)• Studio 5000 for configuration via Add on Profiles/Predefined Logix tags for diagnostics • FactoryTalk View Faceplates for status monitoring and alarming • Best of Cisco - Catalyst® switch architecture/ feature setStratix 5900• Combines a number of modern security functions into a single appliance• Managed router that also provides a number of managed switching features • A single device to implement VPN, Firewall, NAT, and many other services • Best of Cisco - Fully integrated with Cisco IOS9300-ENA• NAT Appliance allowing identical machines to be placed on Ethernet networksAbout this ConfigurationThis system consists of three Cell/Area Zones, each with different hardware and potentially from three unique OEMs who would like to protect their Intellectual Property (IP). It illustrates different techniques to accomplish the following: 1. Protect intellectual property of machine/process skid builders 2. Provide small Layer 2 domains of trust and broadcast domains3. Provide logical Layer 2 building blocks to ensure a future-ready network4. Enable Network Address Translation on a plant-wide/site-wide network to provide IP subnet repeatability at the Cell/Area Zone level, providing faster commissioning time for machine/ process skid buildersBill of MaterialQty Catalog # Description System: Communication Hardware1 1783-BMS10CL Stratix 5700 Layer2 Managed Switch, 10 Ports Lite1 1783-BMS10CGN Stratix 5700 Layer2 Managed Switch, 10 Ports,Full with CIP Synch and NAT 1 1783-RMS10T Stratix 8300 Layer3 Managed Switch, 10 Ports 1 1783-MS10T Stratix 8000 Layer 2 Managed Switch, 10 Ports 1 1783-SR Stratix 5900 Security Appliance1 9300-ENA Network Address Translation ApplianceSegmentation Techniques Positive Design Considerations Negative Design ConsiderationsNo Segmentation (Not Recommended)• Initially, may appear to be simple to design anddeploy• Link Resiliency (redundant path topologies)• Same Layer 2 broadcast andfault domain, not a scalable or future ready solution.• Every node requires a unique IP address • Blurred demarcation line of network ownershipMultiple NIC Segmentation (ControlLogix Only)• Simple to design and deploy• Smaller Layer 2 domains (broadcast and fault)• Reusable IP addresses/subnets• Clear demarcation of network ownership• Not scalable or future ready, only CIP traffic can traverse a CIP bridge, limited quantity of bridge modules.• Smaller PACs do not support a dual NIC.• No Link Resiliency (redundant path topologies)NAT Appliance Segmentation 9300-ENA• Smaller Layer 2 domains (broadcast and fault)• Reusable IP addresses/subnets • Clear demarcation of network ownership• More difficult to design, deploy,and manage-manual entry and management of IP address translations• No Link resiliency (redundant path topologies)Unified Threat Management Security Appliance with NAT Stratix 5900• Smaller Layer 2 domains (broadcast and fault)• Reusable IP addresses/subnets • Clear demarcation of network ownership• Enhanced security features• More difficult to design, deploy, and manage-manual entry andmanagement of IP address translations • No Link resiliency (redundant path topologies)VLANs Only Segmentation Stratix 5700• Scalable and future ready• Smaller Layer 2 domains (broadcast and fault)• Smaller domains of trust (management of security policies)• Link Resiliency (redundant path configuration)• Layer 3 switch or router is required to forward (route) information between VLANs• Every node requires a unique IP address • Blurred demarcation line of network ownershipVLAN Segmentation with NAT Stratix 5700• Scalable and future ready• Smaller Layer 2 domains (broadcast and fault)• Smaller domains of trust (management of security policies)• Reusable IP addresses/subnets • Link Resiliency (redundant path configuration• Layer 3 switch or router is required to forward (route) information between VLANs• More difficult to design, deploy, andmanage-manual entry and management of IP address translations• Blurred demarcation line of network ownershipSummary of Considerations for Segmentation MethodologiesReference Architecture Web Page/rockwellautomation/products-technologies/network-technology/architectures.pageAdditional ResourcesENET-PP005C-EN-E Stratix 5700 Industrial Ethernet Switch Product ProfileENET-PP002B-EN-P Stratix 8000 and 8300 Industrial Ethernet Switches Product Profile ENET-PP006A-EN-P Stratix 5900 Services Router Product ProfileENET-AT004B-EN-E Segmentation Methods within the Cell / Area ZoneIASIMP-QS038A-EN-PStratix 5700 NAT Quick StartENET-WP032A-EN-E Stratix 5700 NAT Whitepaper ENET-QR001-EN-E Stratix Switch Reference Chart ENET-QR002-EN-EStratix 5700 Reference ChartGMSP-PP001-EN-E 9300-ENA Network Address Translation Device Product ProfileIASIMP-QR029A-EN-PStratix/Infrastructure Product Family Quick Reference DrawingENET-TD001-EN-PConverged Plantwide Ethernet (CPwE) Design and Implementation Guide (DIG)。

工业以太网交换机选型指导工业以太网交换机选型指导——西门子（中国）有限公司自动化与驱动集团随着自动化技术的不断发展，工业以太网在自动化系统中扮演着越来越重要的角色。

ARC的统计报告中指出，工业以太网设备在2009年将超过600万台。

工业以太网交换机作为构建系统网络的硬件设备，决定了工厂自动化网络对连接设备所提供的服务性能水平。

随着自动化技术的不断发展，工业以太网在自动化系统中扮演着越来越重要的角色。

ARC的统计报告中指出，工业以太网设备在2009年将超过600万台。

工业以太网交换机作为构建系统网络的硬件设备，决定了工厂自动化网络对连接设备所提供的服务性能水平。

在目前市场上，工业以太网交换机的品牌繁多，类型复杂。

如何选择最适合用户现场需求环境的工业以太网产品成为构建高效、可靠的自动化网络的关键。

在这里，我们基于可靠性、实时性、安全性、兼容性几点给出一些建议。

一、可靠性在工业现场环境中，可靠性毫无疑问是最重要的一点。

工业自动化网络可以通过提高网络设备的硬件条件以及网络结构两点来提供更加可靠的通讯链接。

从硬件角度来讲，我们需要考虑的因素有：设备硬件对工作环境的耐受力：诸如工作温度范围、EMC电磁兼容性、安装以及供电方式等。

工业以太网设备区别于商用以太网设备，一般都采用更加适合现场机柜安装的紧凑设计与导轨安装方式。

为了避免因旋转件故障造成的设备损坏，还应当选择无风扇设计的硬件设备。

在产品的参数描述中，应当具有关于工作温度范围、电磁兼容性的详细描述。

并附有相关准入标准的证明。

相关行业组织所能提供的认证及标准。

在不同行业的现场应用环境中，应当注意选择的设备应具有相应行业组织给出的认证。

例如在船舶行业的应用中，就应当选择具有各国船级社或海事协会给出认证的产品；在煤矿行业应用中，选用的交换机就应当拥有危险场合应用的认证，并需通过我国矿用产品安全标准。

即使一般工业环境下应用的产品，也应当符合UL508工业设备安全认证标准，而不是与商用网络一致的UL60950信息设备安全认证标准。

交换机 罗克韦尔自动化Stratix交换机常见问题解答常见问题解答1.工业现场布置以太网时对电缆有什么要求？在工业现场布置以太网时，可以使用屏蔽双绞线(STP)、非屏蔽双绞线(UTP)和光纤。

可以使用5类、5e、6类和6e的双绞线。

电缆的等级越高，它的性能就越好，所需的EMC保护就越少。

推荐100M时使用5e以上的双绞线，1000M推荐使用6类以上的双绞线。

使用光纤具有更强的噪音抗扰性，可以传输更长的距离。

2.双绞线和光纤的传输距离在常温（20度）下，交换机与网卡间的双绞线最大传输距离为100米，当线缆的温度上升时，信号就会衰减，导致传输距离变短；当电缆周围干扰比较大时，也会传输距离变短，因此实际安装时应该小于90米。

光纤可传输更长的距离，多模光纤在100M的速度下可以传输2km，多模光纤在1000M的速度下使用直径为50um的光纤可以传输550m，多模光纤在1000M的速度下使用直径为62.5um的光纤可以传输220m。

单模光纤可以传输距离为10km。

光纤的实际传输距离与光纤模块、光纤的类型和直径以及光纤安装时的弯曲半径有关。

下表是Stratix 系列光纤模块的传输距离3.以太网双绞线安装时应注意哪些事项？按照电磁兼容性（EMC）标准，网络通讯属于EMC-2，而交流电源、大功率输入输出以及运动驱动器与电机之间的电源线等属于EMC-1。

安装以太网双绞线时应注意以下基本原则。

a. 如果必须与电源线交叉，它们之间应该互相垂直；b.至少与高压外壳、或RF/微波发射源相隔1.5米；c.如果导体安装在一个金属导线槽或导管，1)导线槽或导管的每段接头处必须焊接以保证整个线路的导电连通性，2)入口点必须与外壳焊接在一起；d.适当的屏蔽（在需要的地方）并将其安放在配线管道中，使之与EMC-1导体隔开；e. 参考用户当地、国家以及国际关于电缆分组的标准。

不要将以太网电缆与下表所示的电缆离的太近。

电缆至少要保持的距离噪声源的强度通过电缆电压8.3 cm 小于20安培的EMC-1导体24 至10015 cm 大约20安培，低于100kVA的交流电源线101至20030 cm 高于100kVA的交流电源线201 至400g. 在导管或金属导向槽中安装UTP电缆时，请咨询电缆供应商确认是否影响电气性能；4.HUB、交换机、管理型交换机、三层交换机、路由器和网关有何区别？HUB：HUB或称集线器属于物理层的设备，HUB主要功能是对信号放大，HUB只识别数据包是0还是1，不识别其它内容，所有HUB连接在一起的设备属于一个冲突域，HUB连接的网络是一个共享式网络。