GEI-100693E

WorkstationST* Network Monitor

Instruction Guide
These instructions do not purport to cover all details or variations in equipment, nor to provide for every possible
contingency to be met during installation, operation, and maintenance. The information is supplied for informational
purposes only, and GE makes no warranty as to the accuracy of the information included herein. Changes, modifications,
and/or improvements to equipment and specifications are made periodically and these changes may or may not be reflected
herein. It is understood that GE may make changes, modifications, or improvements to the equipment referenced herein or to
the document itself at any time. This document is intended for trained personnel familiar with the GE products referenced
herein.
This document is approved for public disclosure.
GE may have patents or pending patent applications covering subject matter in this document. The furnishing of this
document does not provide any license whatsoever to any of these patents.
GE provides the following document and the information included therein as is and without warranty of any kind, expressed
or implied, including but not limited to any implied statutory warranty of merchantability or fitness for particular purpose.
For further assistance or technical information, contact the nearest GE Sales or Service Office, or an authorized GE Sales
Representative.

Revised: Jul 2014

Issued: Mar 2003

Copyright © 2007 – 2009 General Electric Company, All rights reserved.

___________________________________
* Indicates a trademark of General Electric Company and/or its subsidiaries.
All other trademarks are the property of their respective owners.

We would appreciate your feedback about our documentation.

Please send comments or suggestions to [email protected]

For public disclosure

 Contents
1 Introduction.................................................................................................................................................3
2 Configuration...............................................................................................................................................5
2.1 System Information .................................................................................................................................7
2.2 Networks ..............................................................................................................................................9
2.3 Network Switches ................................................................................................................................. 10
2.4 Assigning Ports .................................................................................................................................... 16
2.5 Redundant HMI Example without HMI Trunk Ports .................................................................................... 18
2.6 Redundant HMI Example with HMI Trunk Ports ........................................................................................ 19
2.7 Controller Example ............................................................................................................................... 21
2.8 Network Status Display.......................................................................................................................... 22
3 Alarms ..................................................................................................................................................... 31
4 Troubleshooting ......................................................................................................................................... 33

2 GEI-100693E
For public disclosure
1 Introduction
The WorkstationST* Network Monitor provides the status of all devices (controllers,
computers, network switches) that are defined in the system and connected to at least one
of the Ethernet-based networks. Information is also provided about the health of each
network switch and its ports. The Network Monitor also allows proactive network
maintenance by providing visual indications and alarms of abnormal conditions. These
include devices not connected in their configured location, unknown devices being
connected to a switch, or attempts to gain unauthorized access to switch Simple Network
Management Protocol (SNMP) data.
During system startup, the Network Monitor determines where the devices are physically
connected. During normal system operation, changes in network topology should not
occur, therefore, any changes would indicate an abnormal condition. For example,
devices may be incorrectly reconnected after a network switch is replaced or new network
cables are run. This feature is also an important debugging tool because it allows network
issues to be spotted or ruled out very quickly. The Network Monitor also enhances
network stability and security by providing alarms in the event of an unauthorized
connection to the network.
With the release of ControlST* V04.07, the ToolboxST* application has been enhanced
to allow switch port connection information editing within the switch Component Editor,
rather than editing at each component’s network adapter. The ToolboxST application
imports the component network adapter information into each switch’s configuration
when the switch is first edited in the new version. Computers running WorkstationST
V04.06 and earlier use the component network adapter edited information. While it will
no longer be possible to view or edit the component network adapter switch connection
information at each Component Editor, any information that was configured before the
upgrade will remain available for any WorkstationST computer that has not been
upgraded. All upgraded WorkstationST computers will use the new switch-centric
information.
After an upgrade, any change to the network switch connection information from the
switch Component Editor will not be available for computers in a control system running
WorkstationST V04.06 and earlier. These earlier version WorkstationST Network
Monitor computers will need to be upgraded in order to use these network switch
connection information changes.

Instruction Guide GEI-100693E 3

For public disclosure
 Network Monitor Data Flow

4 GEI-100693E
For public disclosure
2 Configuration
The Network Monitor feature uses the Windows® Simple Network Management Protocol
component to communicate with the network switch components. The Windows Simple
Network Management Protocol component must be installed on the Workstation
computer running the Network Monitor feature.

� To install the Windows Simple Network Management Protocol

component
1. From the Start menu, select Control Panel, Programs and Features, and Turn
Windows features on or off to display the Windows Features dialog box..

From the Windows Features dialog box,

select Simple Network Management
Protocol (SNMP) .

Click OK .

2. Close the Control Panel.

The Network Monitor is configured in a WorkstationST component.

� To configure Network Monitor

1. From the System Editor, open a WorkstationST component.
2. From the General tab Tree View, select Features.
3. From the Summary View, in the Enabled column for Network Monitor, select
True. The Network Monitor tab displays.
4. Click the Network Monitor tab. The Network Monitor Configuration screen
displays.
5. Select the alarms or events to be generated by the Network Monitor.

Instruction Guide GEI-100693E 5

For public disclosure
 The data acquisition rate parameters allow the level of SNMP network traffic to be
adjusted based on network bandwidth rather than display update rate needs. The switch
data request rate is separate from the device SNMP data because the amount of SNMP
data exchanged with the switches is very large compared to the data retrieved from the
devices. Specifying a fast device scan rate allows for fast detection of a device going
online or offline, while fast switch data rates detect an unknown device being added to the
network or a device being moved to a different port. Knowing the device location is less
important than knowing whether the device is online. The network bandwidth necessary
to retrieve the forwarding database from the switches can be large in large systems, so
separate parameters allows for tradeoffs to be made between bandwidth and the speed of
detection of abnormal conditions.
The devices monitored are not directly configurable. The Network Monitor automatically
monitors all devices (controllers, workstations, network switches) in the system that are
configured to have at least one connection to one of the Ethernet-based networks defined
in the system.

6 GEI-100693E
For public disclosure
 2.1 System Information
The system network drawing displays all physical networks, as well as network switches
and devices, their physical locations, and their interconnection. The host name and IP
address of each device network connection on a per network basis, as well as the switch
and port where the physical connection is made is also provided. This information is
entered for the network switches and devices as they are added to the system in the
ToolboxST application. Samples of information contained in the system network drawing
are as follows.

System Network Example (1 of 2)

Instruction Guide GEI-100693E 7

For public disclosure
 System Network Example (2 of 2)

Network Switch

8 GEI-100693E
For public disclosure
 2.2 Networks
Information from the system network drawings must be entered into the ToolboxST
System Editor, as well as the ToolboxST devices. When a new system is created in the
ToolboxST application, it automatically includes a Unit Data Highway (UDH) network.
This is the default controller-level network to which all controllers are connected. The
Network Monitor only attempts to monitor devices connected to networks configured
with media type Ethernet and Transport type IP. Additional networks are added as needed.

The UDH network has a default

Media value of Ethernet and a
default Transport value of IP.

Instruction Guide GEI-100693E 9

For public disclosure
 2.3 Network Switches
Add network switches to the system after the networks have been added. This allows the
device network connections to be defined as the devices are added to the system. After
adding a switch to the system, configure the switch as follows.

� To add a switch to the system

From the System Editor

Tree View , right-click the
system and select Insert
New and Network
Switch .

The Network Switch

Device Creation
Wizard displays.

10 GEI-100693E
For public disclosure
 Select Name and enter a
name for the switch (such
as NS1 ).

Select Number Of Ports

and enter the number (such
as 48 ),

Click Finish.

The new switch displays in

the Tree View and
Summary View.

Instruction Guide GEI-100693E 11

For public disclosure
 From the Property Editor , configure the
switch using the defined properties.

The available properties are defined in the

following list.

12 GEI-100693E
For public disclosure
 Definitions of properties used to configure a selected network switch.
Connected Network is the communication path to the switch.
Description holds the user entered description for the switch. This text is displayed in
the switch ToolTips in the Network Status Viewer and should include the physical
location of the switch in order to help maintenance personnel locate and identify the
switch in the event of a failure.
GE Part Number is an optional setting.
Host Name is part of the communication path.
IP Address is part of the communication path.
Number of Ports specifies the number of ports the switch has. Note that for a stacked
switch arrangement, the total number of ports for both switches should be specified.
SNMP Community displays a password that retrieves data from the SNMP switch. This
value must match the SNMP Community value configured in the switch.
Stacked Switch Pair indicates whether the switch is operating in a Stacked Pair
arrangement.
Switch Type specifies the type of switch. If a switch type cannot be found that matches
the actual switch, one of the generic switch types can be used. Unknown switch types
may require trial and error in order to find a switch type that matches the behavior of the
actual switch.
Vendor Configuration Tool is an optional setting.

Instruction Guide GEI-100693E 13

For public disclosure
 Select each port to modify its
settings as necessary.

The available properties are

defined in the following list.

Port Type displays speed, and specifies whether the port is copper or fiber-based.
Port Description holds the user entered description for the port. This text is displayed
in the Network Status Viewer ToolTip for the port, and the text is included in alarms
generated for the special case Port Connection settings described below.
Port Connection defines the type of connection made to the port. The values and
descriptions are:

Default_NativeDeviceConnectionOrNotUsed is used in the typical

case when there is a single native device (a device represented in the
system configuration) connected to the port, or the port is unused. Most
ports will use this setting, except for the special cases below.
Trunk Port is selected when the port is used to connect to another
switch. Trunk ports are critical to network communications and alarms
will be generated in the event that a configured trunk port is down or
disabled. The description field for Trunk Ports is included in the Network
Status Viewer ToolTip for the port and also in the alarm text for trunk

14 GEI-100693E
For public disclosure
 port alarms. The description should include the name and port of the
switch that this port is connected to in order to facilitate troubleshooting
network issues. The Trunk Port selection should also be used for ports
connected to network routers or hubs.
ThirdPartyCriticalDeviceConnection is used to specify a port that is
connected to a third-party device (a device not represented in the system
configuration) that is critical to the operation of the plant and is expected
to be online at all times. Alarms will be generated in the event that the
port is down or disabled. The description field for critical third-party
connection ports is included in the Network Status Viewer ToolTip for
the port and also in the alarm text for any alarms generated for the port.
The description should include information about the device the port is
connected to so that the Network Status Viewer display and the alarms
associated with the port provide information about the connected device
to the user. This designation also serves the purpose of suppressing
Unknown Device alarms associated with the port. If a third-party device
is connected to a port using the default selection, the MAC Address of
the connected device will not match any of the native devices and an
Unknown Device alarm will be generated for the port.
PeripheralDeviceConnection is used to specify a port that is
connected to a third-party device (a device not represented in the system
configuration) that is not critical to the plant operation and may not
always be online, such as a printer. Alarms are only generated for the port
in the event that the port is disabled. This designation also serves the
purpose of suppressing Unknown Device alarms associated with the port.

Note When another switch port is connected to the port, or multiple devices (through a
router or hub) are connected to a port, configure the Trunk Node as True. The system
network diagram specifies which ports are configured as trunk nodes.

Instruction Guide GEI-100693E 15

For public disclosure
 2.4 Assigning Ports
Each device in the ToolboxST application with a network connection contains one or
more network adapters. The switch and port information from the system drawing is
entered for each network adapter.
Some components (such as the WorkstationST component in the following figure) can
support redundant network interface connections (NICs). When the adapter redundancy
option is enabled, the connection allows the backup switch and port number to be
specified. With redundant NICs, the active NIC appears as the active connection for the
device and the redundant port link status will be up but no actual device connection is
seen by the switch. The Network Status Viewer shows that the redundant connection for
the device is functioning correctly as long as the redundant port link status is up. The
Network Monitor generates an alarm if either the configured primary or backup port is
down, which gives an immediate indication of a failure in the redundant communications
path for the device.

16 GEI-100693E
For public disclosure
Computers can be connected to all networks in the
system or a subset of them. A Network Adapter
is added for each network connection. Each
network adapter is configured according to the
system network drawing.

Network Switch and Port Number are

assigned for each Network Adapter.

Instruction Guide GEI-100693E 17

For public disclosure
 2.5 Redundant HMI Example without HMI Trunk Ports
Redundant HMI network connections are achieved by teaming two sets of NICs in the
HMI computer. One team handles the PDH network and the other team handles the UDH
network. Each NIC in the team is connected to a different switch in order to provide
communications in the event of a switch failure. The Network Adapter configuration in
the workstation component in the ToolboxST application represents the redundant NICs
as a single network adapter, and allows the primary and backup switch and port locations
to be defined. The following figure shows the physical connections in this arrangement.

The following figure shows the corresponding settings in the WorkstationST component
in the ToolboxST application.

18 GEI-100693E
For public disclosure
 2.6 Redundant HMI Example with HMI Trunk Ports
A simplified ControlST network implementation has been introduced that uses VLAN
tagging in the workstation NICs and the network switches in order to combine the PDH
and UDH VLANs onto a common network connection, referred to as a Trunk because
multiple VLANs coexist on the same connection. Only one set of teamed NICs is required
to provide full PDH and UDH redundancy. The following figure shows the physical
connections in this arrangement.

The following figure shows the corresponding settings in the WorkstationST component
in the ToolboxST application.

Instruction Guide GEI-100693E 19

For public disclosure
 The WorkstationST component configuration in the ToolboxST application is nearly
identical to the configuration of separate redundant NICs with the only difference being
that the PDH and UDH Network Adapters share the same configured switch and port
locations. In this arrangement, the Network Adapters represent the VLAN connection
rather than the physical Network Adapters. Notice also that the primary and backup
connections above are connected to the same switch. The network simplification effort
also introduced stacked switches into the network topology. A stacked switch is a pair of
switches connected together that act as a single switch. The stacked switch looks like a
single switch while providing redundancy in the event that one of the switches in the
stack fails. The same result can be achieved using two stand-alone switches and
connecting the primary to one switch and the backup to the other. This arrangement is
reflected in the following configuration example.

20 GEI-100693E
For public disclosure
 2.7 Controller Example
Each controller is connected to the UDH network, and depending on redundancy, can
have up to three connections to the controller network. The network configuration for a
TMR controller displays as follows.

Note Network Adapter 0 represents the connections to the controller network, and each
connection can be assigned a unique switch and port location according to the system
network drawing.

Instruction Guide GEI-100693E 21

For public disclosure
 2.8 Network Status Display
The system network status can be used to troubleshoot issues with the network. The
system network status can be viewed in several ways.

2.8.1 System Editor Summary View

The Summary View in the ToolboxST System Editor displays all system components and
their simplified connections to the defined networks. It also displays the composite health
of the connection of each device to each network by displaying healthy connections with
a green line and unhealthy connections with a red or orange line.

22 GEI-100693E
For public disclosure
Instruction Guide GEI-100693E 23
For public disclosure
 2.8.2 Network Status Viewer
The Network Status Viewer allows you to troubleshoot network issues down to the device
level. This utility retrieves status data from the Network Monitor.

� To open the Network Status Viewer: From the System Editor View menu,
click Network Status Viewer to display the Network Status Viewer.

24 GEI-100693E
For public disclosure
 2.8.3 Network View Tab
The Network View tab displays the network hierarchy; the networks are the top-level
items. The switches are at the next level, followed by the devices.

Instruction Guide GEI-100693E 25

For public disclosure
 2.8.4 Device View As Configured Tab
The Device View As Configured tab displays the devices in their configured locations, as
well as deviations of the device connections from their configured locations. This is used
to find occurrences of a device connected to the wrong port that is masking the location of
an offline device configured to be connected to that port.

26 GEI-100693E
For public disclosure
 The following screen displays the configured and connected device views with the switch
connections expanded.

Instruction Guide GEI-100693E 27

For public disclosure
 2.8.5 Device View By Connection Tab
The Device View By Connection tab displays the actual location of each device by the
network switch and port.

28 GEI-100693E
For public disclosure
 2.8.6 Network Troubleshooting Example
The following is an example of the Network Status Viewer being used to determine any
network issues, the devices affected, and the cause.

Instruction Guide GEI-100693E 29

For public disclosure
30 GEI-100693E
For public disclosure
3 Alarms
The Network Monitor generates alarms and maintains them in an internal queue. The
WorkstationST Alarm Server feature can be configured to connect to the Network
Monitor, which allows you to receive and display Network Monitor alarms.

From the WorkstationST Component Editor , Alarms

tab, under Network Monitor Interface , select Connect
To Network Monitor and set to True .

Select Network Monitor Hostname and enter the

appropriate IP address .

Instruction Guide GEI-100693E 31

For public disclosure
 Network Monitor-generated Alarms Example

32 GEI-100693E
For public disclosure
4 Troubleshooting
The most common issue associated with the Network Monitor is the inability to get
SNMP data from one or more network switches. This results in topology errors because
the Network Monitor is unable to determine which ports the devices are connected to, and
it results in a lack of port level data. The following screen shot shows the Network Status
Viewer display for a switch where the switch SNMP information cannot be read due to a
configuration error. The Status Viewer is indicating topology errors because it cannot
determine the state of the port and whether the configured device is connected to it. Note
also that the port information is uninitialized, especially the first field which should be the
port description. A blank port description with an uninitialized (0) value for MTU is the
best indication of a failure to read SNMP data from the switch.

Instruction Guide GEI-100693E 33

For public disclosure
 The following figure shows the expected Network Status Viewer display, including a
legitimate topology error:

Failure to read SNMP data from all of the switches is an indication that the Windows
Simple Network Management Protocol component is not installed on the WorkstationST
computer running the Network Monitor feature. Failure to read SNMP data from a subset
of switches is an indication that the SNMP Community setting for the switch in the
ToolboxST system does not match the SNMP Community configured in the switch.
Telnet into the switch and modify the SNMP Community setting in the ToolboxST system
to match the SNMP Community configured for the switch.

34 GEI-100693E
For public disclosure
 Note Some Allied Telesis switch models do not accept special characters such as the @
symbol, so these switches cannot use the standard GeS@lem9ro SNMP community name.
This is a common configuration error where all of the switches are configured with the
default community name, while certain switches are using a different community name.

Instruction Guide GEI-100693E 35

For public disclosure
1501 Roanoke Blvd.
Salem, VA 24153 USA
For public disclosure