02/11/091

Gaylon HicksGaylon HicksSystem Engineer - TVA Browns Ferry Nuclear PlantSystem Engineer - TVA Browns Ferry Nuclear Plantgfhicks@tva.gov256-614-8386256-614-8386

2009 Foxboro I/A2009 Foxboro I/ASoutheastern Users GroupSoutheastern Users Group

Mesh Switch ConfigurationMesh Switch ConfigurationTips and Lessons LearnedTips and Lessons Learned

02/11/092

DisclaimerDisclaimer This presentation is not sponsored by, authorized by, sanctioned by, or otherwise endorsed in any manner for any purpose by Invensys Process Systems (formerly The Foxboro Company). All information in this presentation is based on the presenters personal knowledge and opinions, and no warranty is made or implied as to the accuracy, veracity, or efficacy of any information disseminated through this presentation. In return for viewing this presentation, you agree without further action to hold harmless, and to waive any claims, rights to recovery, rights to action, causes of action, or lawsuits against the presenter, the Foxboro I/A Southeastern Users Group, Invensys Process Systems (formerly The Foxboro Company), their employees, officers, directors, and associates, from and against any and all damages of any kind, including, but not limited to direct, indirect, compensatory, or punitive damages for any and all mishaps which might occur due to your application of information received from this presentation.

02/11/093

Reference MaterialReference Material B0700AX-H – The MESH Control Network System Planning and

Sizing – Basic Network considerations

B0700AZ-K – The MESH Control Network Architecture Guide– Detailed network design guide

B0700CA-H – The MESH Control Network Operation, and Switch Installation and Configuration Guide

– Switch Configurator v3.0.1 usage guide– Detailed switch configuration guide

Foxboro Switch Specific Hardware Instructions

Enterasys Switch Specific Configuration Guides (Command Summary)

02/11/094

ToolsTools Foxboro MESH Network Config Tool K0173ZU-D (v3.0.1)

– http://support.ips.invensys.com/

PuTTY - Telnet/SSH client– http://www.puttyssh.org/

Wireshark/Ethereal – Packet Sniffer– http://www.wireshark.org/

Security Tools Distribution (STD) 0.1– http://knoppix-std.org/

Text View and Compare app such as NotePad++– http://notepad-plus.sourceforge.net/uk/site.htm

02/11/095

Tips and Lessons LearnedTips and Lessons Learned

Architecture – The simpler the better.– Avoid ZCPs if possible to eliminate the fieldbus

communications through the switches.– Use a minimum number of switches. Consider pulling

wire/fiber where possible to avoid additional switches.– Use the best switches you can afford, i.e., Platinum blades.– Don’t use a ring network design.– The star network topology is the simplest and easiest to

deploy

02/11/096

Tips and Lessons LearnedTips and Lessons Learned

Switch Configuration– Use the Foxboro Switch Configurator tool to configure and

document your switch configuration.– Set broadcast limits to 100 pkt/sec on 100MB (fe) ports,

and 500 pkt/sec on GB (ge) ports. The typical I/A system doesn’t require much broadcast traffic.

– Use VLANs. At a minimum set up everything as VLAN2 for security purposes. Consider VLANs on ZCP fieldbus networks.

– Use LDP if your switch will support it. The latest implementation is very resistant to false rule hits.

– Use multicast rate limit policies if your switch will support it.

02/11/097

Tips and Lessons LearnedTips and Lessons Learned

Switch Testing– Use the packETH application on the STD 0.1 cdrom and

Wireshark/Ethereal to test your switch settings, such as broadcast limits, mulitcast limits, and VLAN configuration, BEFORE initial installation.

– If you have LDP configured, test it by disabling STP on each switch.

– Learn to set up port mirroring for test and monitoring purposes.

– Use Wireshark/Ethereal to capture normal network traffic on your system, and store as baseline data.

– Use Wireshark/Ethereal to capture network traffic during any testing on your system to verify data/packet rates.

02/11/098

SummarySummary

A well configured MESH network will take a lot of planning, setup, and testing.

A basic understanding of networking is crucial to installing and maintaining a MESH system.

The MESH is definitely NOT a Plug-and-Play system.

Configure your application to ride through a total failure of the MESH, where possible

02/11/099

Questions?Questions?

Gaylon HicksGaylon HicksSystem Engineer - TVA Browns Ferry Nuclear PlantSystem Engineer - TVA Browns Ferry Nuclear Plantgfhicks@tva.gov256-614-8386256-614-8386