Showing results for 
Search instead for 
Did you mean: 


Industrial Ethernet design issues

Fellow engineers,

I have been given an assignment to design an industrial Ethernet network and since I don't have any experience in doing so, I signed up on this forum to get your opinion and comments on my current design proposal.

Main requirement is to mitigate any single point of failure influence on overall network performance. The approved (from my 

superiors) network topology is the double star topology (network A and B). Other requirements are:

- fibre optic links due to long distances and harsh environment;

- minimal latency;

- minimal or no at all convergence time;

The system consists of 15 subsystems, 6 of which are main and the focus of my concers. Main systems are based on S7-400H Siemens 

PLCs, with two Communication Processors per each CPU (one for every network).

Heart of both networks is the core managed switch.

All of the subsystems are connected to network over dedicated unmanaged switches and media converters (copper to fibre).

Brains of the operation is PC based server (two of them for redundancy) which is managing the following actions:

- Application server (fetching the data from all subsystems, calculating the status of the system and outputting the set points, 

communication with other servers on the other networks);

- OPC server (Data Access, Historical Data Access, Alarms and Events, serving HMIs...);

- Network Manager Server (SNMP manager, NTP).

The two servers shall be installed in hot redundancy (active mirror) configuration providing hardware and software redundancy. 

When standby server detects failure it assumes the active role automatically without any user intervention. The servers must be 

synchronized and they must ensure bumpless switchover by holding last data value active.

Communication with other networks is done via Demilitarized Zone with router and firewall.

There are two Human Machine Interfaces running on Siemens WinCC.

One simulation server that can fetch data from the OPC, other servers or manual input, run the simulations and output results.

PRP (Parallel Redundancy Protocol) is not a option due to the need for uniformity of protocols throughout the whole plant.

UTP will be used for communication between subsystems and the server.

Here are my concerns:

1. My idea is to have all of the critical data exchange to take place simultaneously on both networks. The receiving nodes, on the application layer, evaluate two received packets from two network interfaces, drop one and process the other. By implementing this design topology and data flow paths, in the case of failure of one network component, there are no convergence times associated because there is no reconfiguration of data paths (e.g. RSTP). Also, UDP packet loss is easily detected and coped with. Is this approach feasible?

2. Since core switches are not interconnected, I have basically two independent networks. (subnet mask


- - network A (20), Subsystem 1 (10), PLC 1 (101);

- - network B (30), Subsystem 3 (30), PLC 1 (101);

- - network A, high-level system (100), HMI 1 (51).

Is this good IP addressing practice? Will I have difficulties with network configuration / routing?

3. Can I connect both core switches to one router?

4. Do you recommend using managed access switches? If yes, why?

5. In the future if I want to install IP cameras (50 pcs) should I make new dedicated network for that? With media server and other components? Or I should make network A capable of handling that traffic (1000 Mbps Ethernet), put managed access switches, implement QoS and VLANs?

In the attachment you'll find network topology schematics.

Thank you in advance! Looking forward to your replies and comments!

Best regards,



Everyone's tags (3)

Industrial Ethernet design issues


I guess I see what your trying to do... I suppose that will all work depending on your application.  One concern I have, however, is that its probably more complicated than it would need to be.  You could get two stackable switches for your core and link to single switches at the edge with etherchannels.  I typically do this as channel group is always up even if one of the single links goes down.  The issue with this would be that you have only a single edge switch then.  I'm not sure how critical that would be but it would make you life a heck of a lot easier as you would only need a single IP network, you can still do two nics, etc. if you would like.

You could also agragate IP cameras onto this network but be sure to calculate and monitor where any throughput bottle necks will be.  I would put these in a seperate VLAN and be sure to apply QOS of some type.  PLC's, etc typically have less processing power and should be seeing as few broadcasts and other unrelated traffic as posible. 

- Be sure to rate all helpful posts

- Be sure to rate all helpful posts
CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards