With the continuous emergence of new standards and protocols for Ethernet and the Internet, such as IEEE 802.1ab (LLDP), IEEE 802.1Q (VLAN), IEEE 802.1p, IEEE 802.3x, IEEE 802.1w (RSTP), IEEE 1588 (PTP), DHCP Option 82, GMRP, IGMP, RFC 1769 (SNTP), SNMP V2c, V3, RMON, etc., industrial Ethernet managed switches have undergone significant changes and rapid development. This article attempts to reveal these changes from eight aspects using the new generation of Schneider Electric's TCSESM series managed switches, providing some assistance to users in better building their own industrial Ethernet systems. Management Functions Web-based Management: TCSESM supports web-based management, providing: ■ Extensive diagnostic and configuration functions for quick switch startup; ■ Comprehensive network and device information. From anywhere on the network, through a standard browser such as Netscape Navigator/Communicator or Microsoft Internet Explorer, users can use a user-friendly, web-based interface to manage TCSESM with a wide range of options. The web interface allows users to configure TCSESM switches graphically. RMON, short for Remote Monitoring, is a standard network management protocol that aggregates network information onto a single workstation. While SNMP collects a single type of data from the Management Information Base (MIB), RMON defines additional MIBs, providing richer, current, and historical data about network usage. This includes sent packets, sent bytes, lost packets, host statistics, pairwise address sessions, and specific types of events. For RMON to work, network devices, such as hubs and switches, must support the protocol. Switch configuration via V.24 serial port can be achieved using HyperTerminal. CLI (Command Line Interface) is very similar to the DOS interface, which many veteran computer users are familiar with and prefer to use the keyboard to enter DOS commands. The command line allows users to: ■ Use device functions through local or remote connections; ■ Configure IT devices, providing a familiar environment; ■ Configure the same configuration data for multiple devices due to its scripting capabilities. Telnet, also known as a remote login service, is a built-in application in many operating systems, such as Windows. The Telnet server on a built-in switch allows users to configure the switch via Ethernet using the CLI. Security Features IP and MAC address-based port security aims to prevent unauthorized access. TCSESM allows users to configure each port to prevent unauthorized access. Depending on your choice, the switch can select either the MAC address or IP address of the connected device. Each port can be monitored: ESM recognizes two types of access control: All: No access restrictions; User: Only specified users can access. A user is defined using either a MAC or IP address. What happens if unauthorized access occurs? ESM has three selectable responses to unauthorized access: None: No response; Trap: Send a trap message; Port Invalid: Send a trap message and invalidate the port. SNMP V3 (Security Features) By default, communication between the web-based interface and the user interface is via SNMP version 3 (SNMP V1 is still configurable). SNMP encryption password; the complex calculation of the key makes brute-force attacks extremely difficult; all SNMP packets can be encrypted if desired. Diagnostic Functions The TCSESM switch provides an alarm relay contact for monitoring the status of the Ethernet switch, enabling remote diagnostics without management software. The alarm contact indicates one of the following possible errors: ■ At least one of the two power supplies has failed; ■ A permanent fault in the switch (internal power supply); ■ At least one port has a connectivity failure (default is "not used"). Note: The switch's connectivity status indication can be configured via a web page. When TCSESM is in standby mode (slave), the relay contact can also indicate: ■ Control line interruption; ■ Control line short circuit; ■ Partner's device is operating in standby mode. When TCSESM is in normal mode (slave), the relay contact can also indicate: ■ Control line short circuit; ■ Partner's device is operating in normal mode. When TCSESM is in Redundancy Manager (RM) mode, the relay contact can also indicate: ■ Loss of a redundancy loop. SNMP Traps: In TCSESM switches, fault traps can be configured via a web page. Topology Discovery (IEEE 802.1ab): IEEE 802.1ab describes the Link Layer Discovery Protocol (LLDP). LLDP allows users to automatically discover the topology of their local area network (LAN). LLDP-enabled devices send their own connection and management information to neighboring devices and also receive connection and management information from neighboring devices. If all devices support the LLDP protocol, a management message digest and object definition can be established in a shared LAN to store connection information for neighboring devices with LLDP capabilities. The most important element of the connection information is a precise and unique identifier (ID) for the connection endpoint: MSAP (MAC Service Access Point). It consists of the device's MAC address and a unique port identifier for that device. The connection and management information includes: ■ Device ID (its MAC address); ■ Port ID (its port MAC address); ■ Port description; ■ System name; ■ System description; ■ Currently valid system capabilities; ■ Management address interface ID; ■ Port VLAN-ID; ■ Port auto-negotiation status; ■ Port media, half/full duplex settings, and transmission speed settings; ■ Information on the redundant protocols (Spanning Tree Protocol, Rapid Spanning Tree Protocol, RSTP, Higher Ring, Ring Coupling, Dual Booting) valid on this port; ■ VLAN information about the port (VLAN ID and VLAN name). This information can be retrieved using a network management station. Using this information, the network management station can display a network topology diagram. TCSESM switches display LLDP information in the lldp-MIB and proprietary salldp-MIB entries in the Management Information Base (MIB). Port mirroring is the process of copying data transmission from one input port—the source port—to another port—the destination port. Therefore, the transmission status can be monitored and analyzed through management tools (computers) connected to the target port. Log files contain all necessary system information and include timestamps. Up to 2,000 events can be logged, and this information is reset-resistant. The log information can be restored to an HTML file via a web interface. Redundancy Features If users want to achieve high availability on their networks, the answer is to establish "redundancy" in their network infrastructure. Using a single-ring structure, or better yet, a coupled-ring structure, can protect the network itself from segment loss. HIPER-Ring Single Ring: TCSESM allows you to build a backbone ring structure. This ring is built using HIPER-ring ports (6 and 7). If a network segment goes down, a ring structure with 50 switches will transform into a linear network structure within 0.5 seconds. Coupled Ring: Built-in control intelligence in TCSESM enables redundant coupling between the HIPER ring and network segments. Various redundancy configurations can be formed. Spanning Tree Protocol (STP, IEEE 802.1d) and Rapid Spanning Tree Protocol (RSTP, IEEE 802.1w) are used to address the increasing complexity of networks. As networks grow larger, multiple bridges are needed to provide multiple pathways between devices. This allows for: ■ Reducing network load within subnets; ■ Establishing redundant connections; ■ Overcoming distance limitations. However, using multiple bridges with multiple connections between subnets can lead to numerous problems. Incorrect bridge configuration can even cause the entire network to fail. The Spanning Tree Protocol (STP) describes a method to prevent this problem. Note: In time-critical applications, the Rapid Spanning Tree Protocol (RSTP) allows for reconfiguration within one second if the original path is broken. Spanning Tree Protocol, on the other hand, takes one minute to several minutes and is an older protocol used in the IT industry. Dual-input power supplies have two uncoupled power inputs, providing two independent power inputs. Traffic optimization aims to increase bandwidth and improve communication within a network. The current 100 Mbps Modbus TCP is already much faster than many other proprietary industrial networks, but with some traffic optimization features, as well as features called "filtering" and the inherent properties of switches (collision domain network segmentation), users can better enjoy the advantages of 100 Mbps. Priority Packet (Frame) Priority: TCSESM supports four priority queuing levels (1 & 2: low, 0 & 3: medium, 4 & 5: high, 6 & 7: management) (communication types conform to IEEE 802.1p). The classification of received packets is done by the switch's packet priority classification function. When the data communication load is heavy, this function prevents high-priority data from being interfered with by low-priority data. When the memory or transmission channel is overloaded, low-priority data is discarded. Port Priority: Additional priority information can also be added to the switch; this priority function can be handled without special terminal device software. Packets without priority information (no VLAN or priority tag) will be transmitted according to port priority. For each port, the packet priority level can be defined separately: 0 = low priority, 7 = high priority. VLAN Tag: The VLAN tag consists of 2 bytes. It is inserted between the source address area and type area of ​​the Ethernet frame (IEEE 802.1Q). For packets with VLAN tags, the TCSESM switch analyzes the 3-bit priority area of ​​the VLAN tag. Flow control is a mechanism that acts as load protection. It throttles a portion of the traffic when the load is high. Fast aging means that if any port connection drops, all addresses stored (learned) on that port will be lost. This feature is very useful if a connected device moves from one port to another. Moving devices are immediately accessible, so you won't encounter timeout issues due to long aging times. Multicast (Global Data, Publish & Subscribe) Typical Ethernet packets are sent in unicast (one receiver) and broadcast (every receiver can receive). These new switches can support sending packets in multicast mode, where only receivers within a group can receive multicast packets. Multicast allows for greater use of network bandwidth and is the foundation of Global Data services. Global Data: Uses: ■ Deterministic data communication from one point to another; ■ Data synchronization in distributed applications; ■ Intra-group information sharing. Benefits: ■ Deterministic and reliable information; ■ Optimized communication load and efficient use of network bandwidth; ■ No programming required for communication. Real-time software addressing; ■ Automatic discovery and reconfiguration (plug and play) when a node leaves or joins the network. Note: This feature is based on the Multicast Registration Protocol (GMRP), which is not supported by all industrial switches. Therefore, remember this when your control system uses global data. Filtering Function Broadcast Limitation: To ensure the reliability of data exchange under heavy broadcast communication loads, switches need to limit broadcast messages. Users can input a quantity value for each port of the switch, which sets the maximum number of broadcasts. This value is the maximum number of broadcasts that can be sent from that port per second. Multicast GARP: The GARP (Multicast Registration Protocol) is an application of the Generic Attribute Registration Protocol (GARP) to provide a limited multicast sending function. Both GMRP and GARP are industry-standard protocols defined by IEEE 802.1P. GMRP allows switches and terminals to dynamically register group membership information with switches connected to the same LAN segment, and this information can be propagated to all switch systems in the LAN that support extended filtering services. GMRP operation is based on the services provided by GARP. GMRP software runs on switches and hosts. When a host wants to join an IP multicast group, it needs to send a GMRP join message. Once the switch receives the GMRP join message, it will add the port that received the message to the appropriate multicast group. In addition, the switch periodically sends GMRP queries. If a host wants to remain in the multicast group, it will respond to the GMRP query; in this case, the switch does nothing. If a host does not want to remain in the multicast group, it can either send a leave message or not respond to the periodic GMRP queries. Once the switch receives a host leave message or does not receive a response message during the timer's set period, it removes the host from the multicast group. IGMP—Internet Group Management Protocol (IGMP)—describes the distribution of Layer 3 multicast messages between routers and end devices. IGMP snooping helps translate Layer 3 IGMP multicast messages, thus enabling its use in Layer 2 switches. A Virtual Local Area Network (VLAN) allows participants in one or more network segments to form a user group, enabling them to communicate if they are on the same local area network. VLANs are based on logical (not physical) connections, offering great flexibility in network design. The biggest advantage of VLANs is that they allow user groups to be formed based on function rather than physical location or medium. Because broadcast/multicast packets are transmitted in a proprietary manner within a VLAN, they have no impact on other data networks. Time Synchronization: IEEE 1558 (PTP) Software Client: When you need to synchronize the time of your network system, TCSESM switches allow users to use either the Simple Network Time Protocol (SNTP) or the Precise Time Protocol (PTP). These two protocols provide different levels of time precision. If you only need millisecond-level accuracy, the Simple Network Time Protocol (SNTP) offers an economical solution. Applications of this protocol include: ■ Logging; ■ Timestamps of production data; ■ Production control. Precision Time Protocol (PTP), described as the IEEE 1588 standard, achieves microsecond-level accuracy. For time-critical applications over a local area network (LAN), a precision time management system is necessary. The IEEE 1588 standard for precision time describes an implementation based on a reference clock principle. This means that clocks on a LAN are synchronized against the most accurate clock reference (or master clock). This process allows clocks to synchronize with microsecond-level accuracy. Synchronization messages do not impact network load. PTP uses multicast communication. IEEE 1588 reference clocks are classified according to their accuracy. An algorithm that measures the effective clock accuracy over the network determines the most accurate time as the master clock. Easy to use ■ Supports DHCP/BOOTP (configures switch IP parameters); ■ Faulty Device Replacement (FDR); ■ Memory Backup Adapter (TCSEAM0100); ■ DHCP Option 82: Automatic IP address allocation for end devices, based on DHCP relay agent for each port. ■ Ethernet Switch Configurator Software (Switch IP Parameter Setting): This is the easiest way to provide IP addresses to the switch. To use this tool, this small software needs to be installed on the configuration PC. To configure one or more devices, all you need is an internet connection. The application scans the entire network and displays all stations on the network (supports Ethernet switch configurator) with their parameters. Users can easily provide the desired IP parameters for each station. ■ Auto-negotiation (Copper Ports): The switch's copper ports support auto-negotiation of speed and duplex mode: 10 or 100 Mbps, full-duplex or half-duplex. ■ Auto MDI/MDI-X (Copper Ports): Auto-negotiation is enabled (default). All copper ports on the switch support automatic switching of transmit and receive pairs (Auto MDI/MDIX) when establishing communication with terminal devices. Therefore, the connection between the switch and intermediate or terminal devices is transparent, regardless of whether it's a straight-through cable or a crossover cable. ■ Fiber Optic Ports These ports allow users to establish bus, star, and ring topologies, providing interference resistance and long-distance networking. Multimode Fiber: Using this type of fiber (TCSESM), users can place switches at 2km intervals, and depending on fiber attenuation and other installation conditions, even longer distances can be achieved. Single-mode Fiber: Using this type of fiber (TCSESM), users can separate switches at 15km intervals, and depending on fiber attenuation and other installation conditions, even longer distances can be achieved. From the above analysis, we can see that the two main problems that previously plagued us with Ethernet—latency issues—have been greatly alleviated through methods such as packet prioritization (IEEE 802.1p), port prioritization, VLAN tagging (IEEE 802.1q), flow control, multicast transmission GMRP, and broadcast restrictions; and security issues—have been greatly mitigated through methods such as device binding with IP or MAC addresses, SNMPv3, and VLANs. In addition, the added diagnostic functions and enhanced redundancy functions have greatly improved the controllability and reliability of Ethernet, making us feel more at ease when using Ethernet.