What does an industrial switch do?

Time : Nov. 14, 2022    View : 17

An industrial switch, also known as an industrial Ethernet switch, is a kind of MAC (network card media access control address) that works on the second layer of OSI (data link layer, see the definition of “wide area network”). A network device that completes the function of encapsulating and forwarding data packets. So, what are the functions of industrial switches?

 

By regenerating the information and forwarding it to the designated port after internal processing, the industrial switch has an automatic addressing capability and switching function. All ports on the industrial switch have exclusive channel bandwidth to ensure fast and efficient transmission of data on each port. Because the industrial switch sends each information packet independently from the source port to the destination port according to the destination address of the transmitted information packet, instead of sending it to all ports, it avoids conflict with other ports, so the industrial switch can exchange information at the same time. The transmission of these packets is not affected, and transmission collisions are prevented, improving the actual throughput of the network.

 

There is no essential difference between the industrial Ethernet switch itself and the normal network in terms of the data link layer, network layer, protocol layer, etc. Still, for the real-time requirements of industrial control, industrial Ethernet solves real-time communication, network security, essential Safety, and safety explosion-proof technology and other technical issues, and adopts some measures suitable for industrial environments, such as waterproofing, anti-vibration, etc. The core is still no essential different from normal Ethernet, similar to a PC and an industrial computer. The difference is the same.

industrial network switch

1. Network Security

In advanced industrial applications, cybersecurity has become a problem to be solved.

①Password—Have multiple levels of user passwords to avoid unauthorized access and settings.

②Enable/Disable Ports open and close ports – close unused ports.

③802.1q VLAN predefines WLAN on industrial switches to achieve logical isolation between physical ports.

④802.1x port-based network access control—locks the ports of industrial switches to allow only legitimate users to communicate.

⑤MAC-Based Port Security – Protects the ports of industrial switches so that they can only communicate with specific devices or MAC addresses.

 

2. Port Device Status

Set the speed, duplex, auto-negotiation, flow control, etc. of each port to establish the correct connection with devices that cannot negotiate or have specific settings.

 

3. Port Rate Limit

Configure rate limits for ports, including ingress and egress speed limits. Types of port restrictions include all unicast packets, multicast packets, and broadcast packets. The ingress speed refers to the actual speed of flow from other devices such as PCs to the industrial switch port. The egress speed refers to the actual speed at which the industrial switch port flows between the consuming devices. If the ingress speed and egress speed between two device connection ports are limited at the same time, the actual speed is the smaller of the two.

 

4. Storm Suppression

Wreak havoc on the network and cause the failure of network-connected devices. In business-critical applications, it can lead to catastrophic losses. Filter broadcast packets based on user-defined limits to suppress storms.

 

5. Quality of Service (IEEE802.1p)

Due to the mechanism based on frame buffer queue and first come first processing, industrial switches will cause delay when the network load is heavy. IEEE802.1p allows packets in high-priority queues to stay in the industrial switch for a shorter time, while packets in low-priority queues do the opposite.

 

6. Virtual Local Area Network VLAN (IEEE802.1q)

A virtual local area network (VLAN) is a method of creating independently separated logical networks from an actual physical network. This method enables several virtual local area networks to exist simultaneously in an existing physical network. VLAN can effectively reduce the broadcast range and facilitate network management. In fact, if a router is added between these different virtual network segments, they can still exchange data through the router. VLANs can effectively suppress broadcast storms.

 

7. Multicast Snooping IGMP Snooping

A Layer 2 device running IGMP Snooping analyzes the received IGMP packets, establishes a mapping relationship between ports and MAC multicast addresses, and forwards multicast data according to the mapping relationship. When the Layer 2 device does not perform IGMP Snooping, the multicast data is broadcast at Layer 2; when the Layer 2 device runs IGMP Snooping, the multicast data of the known multicast group will not be broadcast at Layer 2, but at Layer 2. Layers are multicast to specified recipients.

 

8. Fast Ring Network (MW-Ring)

MW-Ring can connect industrial switches with redundant links. When one link is disconnected, the other link can quickly and automatically recover. In the event of a network interruption or network failure, it has link redundancy and fast self-recovery capabilities. MW-Ring technology is specially developed and designed by Wuhan Maiwei Communication Co., Ltd. for high-reliability industrial control network applications.

 

9. Link Aggregation (802.3ad)

The main function of port aggregation (TRUNK) is to bind multiple physical ports (usually 2-4) into a logical channel, making it work like a channel. Bundling multiple physical links together, not only improves the bandwidth of the entire network but also data can be transmitted through multiple physical links that are bound at the same time, which has the effect of link redundancy. When one or more of the links is disconnected, the remaining links can still work.

 

10. Rapid Spanning Tree RSTP

Spanning Tree Protocol is a Layer 2 management protocol. It can eliminate Layer 2 loops in the network by selectively blocking redundant links in the network, and at the same time, it has the function of link backup.

 

11. Port-based Network Access Control (802.1x)

A port-based network access control mechanism is defined to provide a method for authenticating and authorizing devices connected to LAN ports.

 

12. HTML Web Browser

Provides a simple, intuitive user interface for setup and monitoring via a standard graphical web browser. All system parameters, including detailed online help, are made easy using the system setup.

 

13. SNMP (Simple Network Management Protocol)

The Simple Network Management Protocol (SNMP) is defined by the Internet Engineering Task Force and forms part of the Internet Protocol. Under the condition of paying attention to a certain network device, use SNMP to monitor the network device through the network management system. The SNMP protocol consists of a series of standard network management, application layer protocols, databases, and data objects.

 

14. Port Mirroring

The port mirroring function is to copy all the sent and received data of one or more ports to another designated port. By specifying a port as the mirror port of other ports, you can observe all the sent and received data of other ports through this port. Through the port mirroring function, you can diagnose, debug, and analyze the network.

 

15. Port Statistics and Remote Monitoring (RMON)

Each port provides continuously updated statistics including all incoming and outgoing packet and byte counts, as well as detailed error statistics. All support for RMON statistics, history, alarms, and event groups is also provided. RMON can complete accurate data collection, analysis, and detection of data flow models.

 

16. NTP (Network Time Protocol)

The internal clock of the system is automatically synchronized with the NTP server in the network to provide a time correlation of events for fault analysis.

 

17. Event Record and Alarm

Log all major events to a non-volatile system log for later failure analysis. Events include link failure and recovery, illegal access, broadcast storm detection, and self-diagnosis. Alerts provide a snapshot of the most recent events that have occurred for which the network administrator has not yet responded. An external hardware relay releases contacts during major events, allowing an external controller to operate when necessary.