7/30/2019 Cisco_QoS_EtherNetIP.pdf

1/4

QoS and EtherNet/IP Control Traffic

ABSTRACT

Industrial Automation devices, conforming to the EtherNet/IP model for communicating data viathe CIP protocol, transmit their data using well known TCP/UDP port numbers. Because of this, itis relatively ease to create a QoS model that will elevate CIP based messages over other non-critical Data. Placing Control traffic in the high priority expedite queue ensures that it will betransmitted even in times of congestion. These QoS policies should to be added to the front lineaccess layer switches and need to be consistent with the remaining network equipment.

BACKGROUND

Industrial Automation devices, conforming to the Ethernet/IP model for communicating data viaCIP. The CIP protocol is layered onto of the standard TCP/IP network stack. It occupies Layer 4

or the Application layer in the OSI model. EtherNet/IP uses UDP/TCP port numbers which areregistered and often referred to as well known.

Figure 1: EtherNet/IP Stack Model

EtherNet/IP provides for several different types of communications, as outlined below:

1. Unconnected sent over TCP. Used for setting up connections (see below) andcommunications such as getting status of devices.

2. Explicit Connections sent over TCP. End-to-end CIP application connection,established using Fwd_Open service (which is an unconnected message). Used forapplication messaging, program upload/download, etc.

3. Implicit Connections sent over UDP. End-to-end CIP application connection,established using Fwd_Open service (which is an unconnected message). Used forcritical I/O communications.

UUDDPP

AARRPP IP RRAARRPP

IICCMMPPOOSSPPFF

TCP

FTP HTTBOOTP

DHCPSMT SN

IIGGMMPP

IIGGRRPP

IEEE 802.3

Application

Data Link

Physical

Network

TransportUUDDPP

IP

TCP

CIP

Explicit

Messaging

Real-time

I/O

7/30/2019 Cisco_QoS_EtherNetIP.pdf

2/4

The following port numbers are used as the Destination Port when a device sends EtherNet/IPmessages to another device:

TCP port 44818 used for Unconnected and Explicit messagesUDP port 44818 used for network browsing commandsUDP port 2222 used for Implicit messages

The above ports may also be used as the Source Port. It is highly recommended that devicevendors use the registered ports. However, depending on how a device has implementedEtherNet/IP, non-registered ports may be used. These ports are generally referred to asephemeral ports. For more information on registered ports see the IANA website at:

http://www.iana.org/assignments/port-numbers

Quality of Service Overview

It is very important in Factory networks to insure above traffic takes precedent over non criticaltraffic such as web browsing or file transfer. To priority traffic, Intelligent Ethernet networks usethe Quality of Service (QoS) tags in the packet header. QoS can be marked in either the MAClayer (Layer 2) or the IP (Layer 3) header.

For the Layer 2 header, this is referred as the Class of Service (CoS) bits. Three bits are used toidentify 8 levels of service. The bits are carried in the 802.1q Trunk Headers along with the VLANID. When traffic crosses a Layer 2 boundary (i.e. going through a router), these bits may beconverted to the Layer 3 values below and then remarked on the next Layer 2 segment.

For Layer 3, they are called the Differentiated Services Code Point (DSCP) values. Six bits areused to identify 64 levels of service. Generally, the upper 3 bits are mapped to the three bits in

the Layer 2 CoS tag and the lower three bits are used for more granular services.

Once traffic has been marked (or classified), it can then be routed correctly. Consider thenetwork to be a multilane highway. Traffic flows in each lane and different speeds and withdifferent priority. This fine when the traffic on the highway is light. However, what happens whenan ambulance or firetruck needs to make its way down a congested section of freeway. Thesame is true here, a mechanism must exist to elevate and insure that high priority traffic makes itway through the network, even if the network becomes congested.

Typically, Intelligent Ethernet devices contain multiple output queues where each queue isassigned a certain priority level. By servicing the higher priority queues first, the important trafficgets transmitted first. This is done by mapping the QoS values to the particular queues.

7/30/2019 Cisco_QoS_EtherNetIP.pdf

3/4

QoS example using the Catalyst 2955 Industrial Ethernet Switch

The Catalyst 2955 switch has four output queues. Each queue is linked to two CoS and 8 DSCP

Values:

Queue CoS Values DSCP Values

1 0,1 0-15

2 2,3 16-31

3 4,5 32-47

4 6,7 48-63

CoS values 6 and 7 are generally reserved for network control messages. Therefore, the highestvalue for user data is CoS value 5 (DSCP value 40). In this example, the CIP traffic will bemarked as CoS value 5.

For CIP based messaging, Implicit messages using UDP port number 2222 have a higher

importance than either the explicit or network browsing commands using TCP/UDP port number44818. In both cases, these messages should still have a higher priority over other networktraffic. To accomplish this, two classifications need to be made using standard Cisco AccessControl Lists (ACLs). Access list 101 will define the Implicit messages and access list 102 willdefine all other CIP based messages

access-list 101 permit udp any any eq 2222access-list 102 permit udp any any eq 44818

acesss-list 102 permit tcp any any eq 44818

Once the ACLs are created, a policer needs to be created to match these ACL and mark the QoSvalues to assign the appropriate priorities.

class-map match-all CIP-IMPLICIT

match access-group 101class-map match all CIP-Other

match access-group

policy-map CIP-Traffic

class CIP-IMPLICIT

set ip dscp 40class CIP-Other

set ip dscp 32

The above set of commands tell the switch that any traffic that is matched by the ACL group 101,will have its priority value (DSCP value) set to 40 and traffic matched by ACL group 102 will havethe value of 32. Since the switch will also map the Layer 3 DSCP value back to the Layer 2 CoSvalue, then that traffic will also have CoS value of 5. Lastly, the policer needs to be applied to all

access ports that are connected to CIP based controllers. For each port, the follow commandneeds to be added to the configuration.

service-policy input CIP-Traffic

Summary

Once these two policers have been created, all CIP traffic will be marked High Priority and will betransmitted throughout the network using the High Priority Queues. Implicit messaging will havethe highest priority followed by the remaining CIP messages. All other traffic will remain at theirexisting priority levels. In this example, Implicit messages will get assigned to the highest priority

7/30/2019 Cisco_QoS_EtherNetIP.pdf

4/4

queue, other CIP messages to the next highest, and all remaining network traffic can use the twolower priority queues.

Authors

Kenneth Coley,Technical Marketing Engineer for Industrial Ethernet Products,Cisco Systems, Inc.

Brian Batke,Senior Project Engineer for Embedded SoftwareRockwell Automation