Entry type: Manual, Entry ID: 102777629, Entry date: 09/23/2014
WinCC V7.3: General information and installation
|Document:||WinCC V7.3: General information and installation (06/2014, English)|
|Type of topic:||Fact|
Information on networks
WinCC only supports the TCP/IP network protocol on the terminal bus.
Operation on network servers
It is not permitted to operate WinCC on network servers (e.g. domain controllers, file and name utility servers, routers, software firewalls, media servers, exchange servers, etc.).
Operation on systems with Windows cluster technology
WinCC cannot be used on systems implementing Windows cluster technology.
Use of redundant servers
When redundant pairs of servers are implemented, the master and standby server must be operated in the same IP/subnet band.
Network adapters with energy-saving mode
When using network adapters provided with energy-saving mode, the energy-saving mode must not be activated.
Operation with multiple network adapters
If WinCC is used on a PC with more than one network adapter, observe the following:
Select the IP addresses which WinCC should use for communication with other WinCC stations. In Windows Explorer, select the "Simatic Shell" directory. Click into the navigation window of the dialog "Simatic Shell" and select "Settings..." in the shortcut menu. In the "Settings" dialog that follows, select the IP address to be used.
If problems occur with the configuration and project management despite this setting, it could be due to the assignment of the IP address by the DHCP server to the WinCC station being too slow. In this case, the network administrator must define the IP address for each network adapter on the WinCC station causing the problem.
To do this, press the Windows "Start" button and select "Settings" > "Control Panel". Open the "Network Connections" folder and then the "LAN Connection" dialog. Click "Properties" in the "General" tab. Open the "LAN Connection Properties" dialog and select the "Internet Protocol (TCP/IP)" element from the list in the "General" tab by double-clicking it. Use the "Use the following IP address" option button in the properties of Internet Protocol (TCP/IP) to define the IP addresses.
Observe the information in the following chapter: "Special features for communication with a server with multiple network adapters"
Network environment and network drives
Ensure that there are no unnecessary network drive connections.
In order to prevent delays following a restart of a distributed system, start the multi-user projects first. The reason for this is the reaction of the master browser service (responsible for displaying the network environment in the operating system) and administration of the domains and working groups.
Operation with TCP/IP protocol
If the TCP/IP protocol is installed, the IP address must be valid and must not change in runtime operation.
Observe the following here:
- The IP address becomes invalid when the network adapter is removed or deactivated after installation of the TCP/IP protocol.
- The IP address may not be initialized yet. This occurs, for example, when the TCP/IP protocol is installed with the IP address derived from a DHCP server. When the computer is connected to the network, the computer undergoes a basic initialization during which an IP address is transferred. This IP address then remains valid even after the computer is disconnected from the network. After the period of the lease has expired, however, it can become invalid or changed in another way.
If the computer is not connected to the network, the user must log on via a user configured locally on this computer. This user should have local power user rights for runtime operation and for the configuration.
Leading zeros in IP addresses
When multi-user mode is used with name derivation via "hosts" and "lmhosts", no preceding zeros may be entered in the "hosts" file. IP addresses with leading zeros are interpreted as OCTAL instead of DECIMAL.
- Computer_1 199.99.99.020 is interpreted as 126.96.36.199 (decimal)
- Computer_2 199.99.99.026 is interpreted as 188.8.131.52 (decimal)
The specification can also be made hexadecimal:
- 184.108.40.206x10 for Computer_1
Using WinCC in multiple domains
The correct functioning of WinCC can only be guaranteed when all the computers in a multi-user system are located in a common domain or working group. When WinCC is used in different domains or working groups, complications may arise if the access rights and/or name utility are configured incorrectly.
When the user administration is realized in a working group, all the WinCC users must be set up on all the computers in the multi-user system and have the necessary access authorization.
Use of WinCC within a domain
If problems occur accessing the Windows domains, it cannot be guaranteed that WinCC functions correctly. Therefore, in addition to a "server-stored user profile", a local user profile and local user with necessary rights for WinCC must be set up. If access problems occur with a domain logon, exit WinCC and log on again using the local user profile.
Information for using routers and firewalls
WinCC V7 can also be used to connect WinCC clients to WinCC servers via routers.
WinCC clients without their own project cannot be used for configuration with the routers, only for WinCC Runtime. There are no restrictions for WinCC clients with their own project.
The following is required when using routers:
- WinCC must use the correct IP address of the WinCC stations.
- The WinCC stations must be capable of resolving the physical computer name (NETBIOS name) of the other computers in the WinCC project.
- The WinCC stations must be capable of reaching each other via TCP/IP and ICMP without any problems. When testing the connection using Ping, it must be possible to access the computers immediately.
- Activate multicast forwarding to the network routers between the servers and the clients.
Speed of the network connections
For slow network connections, we recommend:
- Restricting the quantity of data to be transferred, for example, by avoiding complicated graphics.
- Using the local pdl cache of the WinCC client.
- Using the ISDN router for a WinCC client in multi-link mode (channel bundling). Bandwidths below 128 Kbps have proved insufficient.
- Integrate only one WinCC client for each additional ISDN channel.
- The operation of WinCC via ISDN routers depends on the stability and availability of the ISDN network.
- Reserve the maximum bandwidth of the connection for WinCC.
Connection via ISDN and operation using slow connections has not been approved for clients without a local project.
Connecting to an office network with a central firewall
Some network configurations can increase the load on the firewall.
You can avoid the described reaction by assigning unique IP addresses to all WinCC stations.
Basic system characteristics
- With a standard installation of Windows, the computer is assigned a random IP address from the DHCP server.
The following conditions can lead to undesirable reactions when operating WinCC:
- The IP address band used in the terminal network is higher than the APIPA address band (169.254.x.x).
- IP addresses are routed via the default gateway.
- IP addresses from the APIPA band are routed to the firewall.
Cause of the increased load at the firewall
Following a system startup, each WinCC station sends its IP address once to all the other WinCC stations in the network. The WinCC stations define the WinCC station with the lowest IP address as the server that coordinates availability of the project.
If a WinCC station does not receive an address from the DHCP server and is therefore missing in the APIPA process, this station becomes the coordinating server. As a result, all the other WinCC stations attempt to access this server cyclically to publish the project.
The coordinating server, however, cannot be addressed because the IP address from the APIPA band is automatically transferred to the firewall. This also causes an increased network load at the central firewall.
This reaction can be avoided by assigning a unique IP address to each WinCC station.
Information on uninterruptible power system
Please note the following:
Prevent damaged files during power outages
If a power failure occurs while using Windows systems when the WinCC system is active, files can be corrupted or lost. Operation using the NTFS file system offers more security.
Secure continuous operation can only be guaranteed when an uninterruptible power system (UPS) is used.
Uninterruptible power system for client-server systems
If the server in a client-server system should be buffered by an UPS system, it must be capable of bridging a power failure for up to 30 minutes. This value depends on the configuration and number of computers, especially in a multi-user system. A great deal of time is required for the configuration.