cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Incorrect value display after connecting Phoenix Industrial switch to Cisco 2960X

sbourgoignie
Beginner
Beginner

Hello all,

We are having weird behaviors in our production. Attached you can find back our network topology.

When the industrial switch "SFNB 5TX PHOENIX CONTACT" (red circle) is not connected to our 2960X Cisco switch, the values (numbers of production level) of the "Display/HMI" are synced correctly with the display physically located on top of our box unit "Matrix Display" (see the blue marked displays on the topology).

So when for example number 5 is displayed on "Display/HMI", the number 5 is also displayed on "Matrix Display", this is a value to inform the employees what level the current machine is working on. As you can see, both displays are connected to the same small Phoenix industrial switch(red circle).

Now, from the moment we connect our Phoenix industrial switch to our Cisco 2960X switch (because we need to add this production unit to our global monitoring system), the values between the two displays are not synced anymore. We see for example the number 8 on the "Display/HMI" and in the meantime the number 5 on the "Matrix Display". This is ONLY when we connect the PHOENIX to the Cisco switch. When they disconnect the uplink, everything works fine again and the numbers are synced between the two displays.

Somehow our Cisco switch interrupts something between the two displays. We have tried different configurations on the Cisco switchport (the production unit has to be put in our VLAN 672):

- Fixed speed and duplex config (100/full) on switchport;

- Switchport in access mode with access vlan 672;

- Switchport in trunk mode with native vlan 672;

- Disabled spanning-tree portfast + BPDU-guard;

- Added VOICE vlan on port for PROFINET;

- Added "dot1p" on VOICE vlan for PROFINET;

==> All the above didn't help.

This is the current configuration of our switchport on the Cisco:

interface GigabitEthernet1/0/11
description ## UNOTECH ##
switchport access vlan 672
switchport mode access
switchport nonegotiate
switchport voice vlan 672
speed 100
duplex full
spanning-tree portfast edge

We have contacted "Unotech", the company who installed this production unit, but they can't help us either.

We really don't know what to test anymore and are giving it a try here hoping someone had the same issue.

Attached I also added a packet capture of when we connect the phoenix to the cisco switch (did a monitor session of the Gig1/0/11).

Is it an issue with PROFINET? Is it problem with broadcast/multicast? Spanning-tree? We don't know and are at the end of ideas.

Thanks in advance!

Simon

6 REPLIES 6

Giuseppe Larosa
Hall of Fame Master Hall of Fame Master
Hall of Fame Master

Hello @sbourgoignie ,

as a last resort I would suggest you to configure the port with spanning-tree bdpu filter enabled to hide the C2960S.

You can also disable LLDP and CDP on the port.

 

What you see is strange.  C2960 should not be able to understand PROFINET or PROFIBUS, the IE Swiches like IE 2000 are able.

But in your case you would like to use it for management in IPv4 of the industrial switch.

 

Hope to help

Giuseppe

 

Hello Giuseppe,

 

Thanks for your quick reply!

I will try again with your suggestions.

We only need access to be able to monitor them. But it's really weird that connecting the PHOENIX switch to our 2960X Cisco causes inaccurate values on the displays...

 

Kind regards,

Simon

Hello @Giuseppe Larosa , we have done the tests with your recommendations but still no improvement.

The port config we tried:

interface GigabitEthernet1/0/11
description ## UNOTECH ##
switchport access vlan 672
switchport mode access
switchport nonegotiate
switchport voice vlan 672
speed 100
duplex full

no cdp enable
no lldp transmit
no lldp receive
spanning-tree portfast edge
spanning-tree bpdufilter enable

We are going to try to connect the devices directly on our Cisco switch, hopefully that will help.

kr,

Simon

Hello @sbourgoignie ,

voice vlan and data vlan should have different values in normal deployments untagged frames are considered part of data VLAN example 100 and tagged frames with voice VLAN IS example 200 are delivered and processed by the IP phone.

During the boot up of a phone it is normal that it can initially get an IP address in the data VLAN then either via CDP or LLDP MED or via appopriate DHCP option   (value depends of type of phone) it will get an IP address in the voice VLAN.

 

If you are not interested in supporting a PC downstream the phone you can configure the port directly as access port in voice VLAN but at this point DHCP server has to provide all the correct info as options.

 

Hope to help

Giuseppe

 

Hello @Giuseppe Larosa ,

 

First of all, thanks for your quick replies!

I configured the voice vlan for the PROFINET protocol to be able to work. Apparently that's some kind of workaround (or configuring "dot1p").

Btw, we have removed the unmanaged PHOENIX CONTACT switch and patched everything (the displays) directly on our temporarily Cisco switch and it seems to work now already for 3 days... So fingers crossed.

Kind regards, Simon

 

Hello @sbourgoignie ,

>> I configured the voice vlan for the PROFINET protocol to be able to work. Apparently that's some kind of workaround (or configuring "dot1p").

Yes the protocol may need to use the CoS bits in the 802.1P field so using tagged frames is a way to achieve this as 8021P bits are inside the 802.1Q 4 bytes header.

 

removing unmanaged switches is also good for security.

 

Hope to help

Giuseppe

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: