Maximize your industrial Ethernet performance

A successful plant floor Ethernet deployment involves increasing system performance, leveraging switch capabilities, understanding standardized protocols and making diagnostics and network management software work for you. Switch selection The decision of which switch type to use for a particular application depends on your networking needs and your plant automation strategy.

By Larry Komarek, Phoenix Contact, Inc. December 1, 2005

A successful plant floor Ethernet deployment involves increasing system performance, leveraging switch capabilities, understanding standardized protocols and making diagnostics and network management software work for you.

Switch selection

The decision of which switch type to use for a particular application depends on your networking needs and your plant automation strategy. There are several practical plant floor switch functions that are typically found on all managed switches and most, but not all, unmanaged switches.

System performance

Generally, the faster the system needs to perform (specifically, tens of milliseconds of update time per device), the greater the need to use managed switches. The specific message-filtering functions may be specified based on which I/O control protocol is used. For example, ODVA recommends that for the fastest Ethernet/IP performance, the IGMP Snooping feature, which filters out unwanted Multicast messages, is required. Profinet applications may require a QoS function, which allows priorities to be placed on communications from different device types for best response.

Managed switches have detailed traffic statistic diagnostics for each port that can be used to identify traffic overloaded vs. lightly loaded ports. This information can be used to help decide where to reconnect devices to different ports to eliminate traffic overloads in control systems. But many QC monitoring systems use unmanaged switches to connect I/O to monitoring PCs. Many OEM machines use unmanaged switches to connect to a supervisory PC or interlock sections of a manufacturing process.

Data connection between different systems

Generally, any time a portion of the control network is connected to an office or general plant network, a minimum of a managed switch is necessary. In larger systems, a router is needed. Managed switches with virtual LAN (VLAN) capability can block out and prevent office traffic from flooding into the control network that would disrupt the time-critical communications in the control network. Infrastructure devices called routers (typically purchased and maintained by the IT department in your plant), allow controlled access of data between devices on different industrial managed switch VLANs.

In small “office-to-control-system” applications, (one or two isolated supervisory PCs to several PLC systems) or when high speed interlocking between control systems is required, only industrial managed switches may be required. In larger applications where connection to a large plant network or between different manufacturing lines is necessary, combinations of industrial managed switches (moderate expense, plant-maintainable) and routers (higher expense, IT department maintained) are needed.

Redundant communications

PLC systems have had cable redundancy for decades; even if a cable breaks, control communications continue on a separate wire. Managed Ethernet switches not only compensate for broken cables, but they can reroute communications around one or more powered-down or failed switches.

Accomplishing this is not as easy as connecting all the switches together into a ring or loop. Connecting unmanaged switches in a loop configuration creates conflicts in the switches. The switches compensate by broadcasting messages to all the other switches, which create more conflicts. This whole process accelerates into a “broadcast storm,” which can shut down the network. Special redundancy protocols like spanning tree or rapid spanning tree allow the switches to communicate redundancy status between them. The control of redundancy-related communications prevents broadcast storms.

Mixing managed/unmanaged switch systems

Managed and unmanaged switches may be interconnected in the same system to allow the level of functionality to be balanced with overall cost. For redundancy applications, adding one managed switch in a ring of unmanaged switches is enough to provide redundant communications for the entire system.

A manufacturing cell may have one managed switch to allow data transfer to a supervisory computer on the plant network, but filter out plant network traffic that would otherwise reach the manufacturing cell.


Another major difference between commercial and industrial Ethernet devices is maintainability. Equipment optimized for the commercial world assumes that everyone has gone to IT school. While Web pages exist in the commercial devices, most interactions are done with text-based command-line screens.

The industrial automation world is very visual, as evidenced by the use of ladder diagram and function block PC/PLC programming. Industrial setup screens usually have colors and check boxes, not strings of text. Also, diagnostics are noted in plain English. The placement of LED indicators next to the ports, or the availability of numerical displays that allow basic troubleshooting without software are characteristics of plant-maintainable equipment.

In many facilities, there is debate about who “owns” the plant networks. If plant floor personnel are to be the first line of response to networking issues, the equipment must be “PLC-like” for them to perform basic support.


Different types of cables are needed when connecting infrastructure components to infrastructure components (switches to switches) vs. infrastructure components to control devices In the case of connecting switches to PLCs, I/O, or drives, the cables are wired straight through, which means that the “transmit” pin on the male connector is wired to the “transmit” pin on the receiving connector. In the case of connecting switches to switches, cables are wired with a crossover, which connects the “transmit” pin to the “receive” pin. In the past, different color-coded cables or connectors were used to keep track. With Autocross, any cable can be connected to the switch, which will automatically cross or uncross the connection internally if necessary. This feature can save significant startup delays.

Alarm contact

Because switches are connected in a mesh or tree configuration like extension cords connected to extension cords, the failure of one switch can disable communications to half the plant. Losing the power supplied to a control cabinet or junction box can also inadvertently shut down a switch. The alarm contact on a switch, which is powered by a separate source, can be connected to a light, horn or spare PLC input to allow quick identification of the non-operational switch. The need to quickly identify a failed switch rapidly increases as more switches are distributed throughout the plant. Because unmanaged switches do not have Web page diagnostics, the simple alarm contact is the main diagnostic function.

Redundant power supply inputs

Consider what could happen if a plant person shuts down power to a panel to perform maintenance, a power supply fails or a circuit breaker trips because of an application fault. Supplying power to the switch from two independent sources prevents the dropout of one power source from shutting down communications to down-stream switches and devices.

Standardized protocols

There are three types of Ethernet messages: Unicast, Broadcast and Multicast. Unicast is when one device is talking to one device. A Broadcast message is used to transmit a message from one device to all the devices on the network. A Multicast is used to send a message to a group of devices. Unicast messages are used most often but certain application software packages, addressing and network supervisory software and control protocols add multicast and broadcast messages.

Switches are optimized to work with Unicast messages. It is the destination address of the Unicast messages that switches use to determine to which port to send the message. When switches receive either a Multicast or Broadcast message, like a hub, they retransmit those messages on all the ports. This is why additional filtering protocols are needed to control Multicast and Broadcast traffic. The following are IEEE-standardized protocols supported by multiple vendors:

  • IGMP Snooping – Internet Group Management Protocol (IGMP) snooping is a protocol that managed switches use to learn how to properly route Multicast messages. Some automation control protocols, such as Ethernet/IP, and application packages use Multicast messages to increase system speed. Not all control devices such as I/O, PLCs and drives support Multicast messaging.

  • Quality of service (QoS) – This is a function where traffic from each device connected to the switch can be prioritized. Real-time control devices, such as I/O, drives or PLCs, are assigned high priorities. Devices that are not time-critical such as operator displays, HMIs and supervisory PCs are assigned low priorities. If communication traffic is high, the switch processes the high priority messages before the low priority messages.

  • Spanning tree or rapid spanning tree – Switches use these protocols to control network redundancy. Spanning tree was the first and most widely used. Switch vendors are quickly adopting an improved version called rapid spanning tree. The difference between the two is in the time it takes the switches to detect a problem and reroute traffic. Spanning tree typically requires 30-60 seconds. Rapid spanning tree typically requires 1-2 seconds. These times are approximate and vary for each application.

  • GVRP protocol and VLAN – Switches use the GVRP protocol to communicate between themselves to create one or more virtual LANs. (GVRP stands for “GARP VLAN Registration Protocol.” GARP stands for “Generic Attribute Registration Protocol.”)

    • VLAN devices are physically connected but all traffic (Broadcast, Unicast and Multicast messages) can be totally blocked between groups of devices assigned to different VLANs. Traffic is completely blocked as if the physical cable was cut. But unlike physical cables, VLANs can be changed easily as the system is expanded or reconfigured to meet new production needs. Port-based VLANs are easy to maintain because each physical port can be assigned to a VLAN. Any device connected to that port belongs to the VLAN whose traffic is separated from all other traffic. VLANs also provide security. A person communicating in one section cannot hack into another VLAN.

      Switches with VLAN functionality may also have port security features where each port has a short list of device MAC (or IP) addresses with which it will communicate. This prevents someone unplugging one device, and replacing it with his or her computer, which could be used to hack into the system. Diagnostics and network management software

      Maintenance tools

      There are many diagnostics available to help start and maintain industrial Ethernet-based control systems. When connecting cables, the link LEDs indicate when connections are made properly. Communication-activity LEDs indicate network traffic is present. Alarm contacts on unmanaged switches can be used to quickly determine which switch is powered down and impacting communications in a section of the network. Switches, I/O devices and PLCs may have numerical displays that can provide added fault information when access to a laptop is limited.

      Most of today’s I/O, managed switches, PCs and PLCs have diagnostic web pages that can be used with browsers instead of special vendor software. For medium/large scale systems or systems spread out over a long distance, optional network management software can significantly shorten maintenance and startup times. Network management software provides a bird’s eye view of the entire system. The software receives the diagnostic messages from all the devices on the network. It provides an instant view of what is connected and communicating or not.

      Devices that are communicating but have faults are typically highlighted in red. A click of the mouse takes you to a Web page of the device in question to examine its diagnostic details. Without network management software, you would have to call up each device’s Web page individually to eventually have a status of the whole system.

      Network management software also includes the capabilities to set IP addresses into devices. Because all network management software uses the IT standard Simple Network Management Protocol to convey diagnostic and setup information, software purchased form one company will work with other vendor’s Ethernet equipment.

      Larry Komarek can be reached at (717) 944-1300, ext. 3625 or at

      Fourth of four parts

      September — “Create the connection to industrial Ethernet”

      October — “Select the right industrial Ethernet device for the job”

      November — “Completing the industrial Ethernet connection”

      Web Exclusive“Maximize your industrial Ethernet performance”