Rockwell Automation ControlLogix 5580 User Manual
ControlLogix 5580 Redundant
Controller
For Use in High Availability Systems
User Manual
Original Instructions
ControlLogix 5580 Redundant Controller User Manual
Important User Information
Read this document and the documents listed in the additional resources section about installation, configuration, and
operation of this equipment before you install, configure, operate, or maintain this product. Users are required to familiarize
themselves with installation and wiring instructions in addition to requirements of all applicable codes, laws, and standards.
Activities including installation, adjustments, putting into service, use, assembly, disassembly, and maintenance are required to
be carried out by suitably trained personnel in accordance with applicable code of practice.
If this equipment is used in a manner not specified by the manufacturer, the protection provided by the equipment may be
impaired.
In no event will Rockwell Automation, Inc. be responsible or liable for indirect or consequential damages resulting from the use
or application of this equipment.
The examples and diagrams in this manual are included solely for illustrative purposes. Because of the many variables and
requirements associated with any particular installation, Rockwell Automation, Inc. cannot assume responsibility or liability for
actual use based on the examples and diagrams.
No patent liability is assumed by Rockwell Automation, Inc. with respect to use of information, circuits, equipment, or software
described in this manual.
Reproduction of the contents of this manual, in whole or in part, without written permission of Rockwell Automation, Inc., is
prohibited.
Throughout this manual, when necessary, we use notes to make you aware of safety considerations.
WARNING: Identifies information about practices or circumstances that can cause an explosion in a hazardous environment, which may
lead to personal injury or death, property damage, or economic loss.
ATTENTION: Identifies information about practices or circumstances that can lead to personal injury or death, property damage, or
economic loss. Attentions help you identify a hazard, avoid a hazard, and recognize the consequence.
IMPORTANT
Identifies information that is critical for successful application and understanding of the product.
Labels may also be on or inside the equipment to provide specific precautions.
SHOCK HAZARD: Labels may be on or inside the equipment, for example, a drive or motor, to alert people that dangerous voltage may
be present.
BURN HAZARD: Labels may be on or inside the equipment, for example, a drive or motor, to alert people that surfaces may reach
dangerous temperatures.
ARC FLASH HAZARD: Labels may be on or inside the equipment, for example, a motor control center, to alert people to potential Arc
Flash. Arc Flash will cause severe injury or death. Wear proper Personal Protective Equipment (PPE). Follow ALL Regulatory requirements
for safe work practices and for Personal Protective Equipment (PPE).
2 Rockwell Automation Publication 1756-UM015B-EN-P - February 2021
Table of Contents
Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Catalog Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Additional Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Chapter 1
ControlLogix 5580 High
Availability Systems
Configure the Redundancy
System
Features of the ControlLogix 5580 High Availability System . . . . . . . . . 12
Controller Keyswitch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Redundancy System Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
I/O Modules in Redundancy Systems . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Fiber-optic Cable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Use Dual Fiber Ports with the 1756-RM2 Redundancy Module . . . . 15
Redundancy System Operations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
System Qualification and Synchronization. . . . . . . . . . . . . . . . . . . . . 17
Switchovers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Chapter 2
Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Download the Redundancy Firmware Bundle. . . . . . . . . . . . . . . . . . . . . . 22
Install the Firmware Bundle. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Install the Redundancy Module Configuration Tool . . . . . . . . . . . . . . . . 22
Install the Redundancy System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Configure Redundant Firmware. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Upgrade the Firmware in the First Chassis . . . . . . . . . . . . . . . . . . . . . 24
Upgrade the Firmware in the Second Chassis . . . . . . . . . . . . . . . . . . 25
Set the initial Primary and Secondary Chassis . . . . . . . . . . . . . . . . . . . . . 25
After Designation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Conversion from a Non-redundant to a Redundant System. . . . . . 26
Qualification Status Via the RMCT . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Reset the Redundancy Module . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Remove or Replace the Redundancy Module . . . . . . . . . . . . . . . . . . . 28
Configure the EtherNet/IP
Network
Chapter 3
Requested Packet Interval (RPI) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
IP Address Swapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Static Versus Dynamic IP Addresses. . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Reset the IP Address for an EtherNet/IP Communication Module 32
CIP Sync . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Produce/Consume Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Rockwell Automation Publication 1756-UM015B-EN-P - February 2021 3
Table of Contents
Configure EtherNet/IP Communication Modules in a Redundant
System. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Options for Setting the IP Addresses of EtherNet/IP
Communication Modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Half/Full Duplex Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Use a Redundancy System with Device Level Ring. . . . . . . . . . . . . . . . . . 38
Use a Redundancy System with Parallel Redundancy Protocol. . . . . . . 38
Chapter 4
Configure the Redundancy
Modules
Configure the Redundant
Controller
Determine If Further Configuration Is Required . . . . . . . . . . . . . . . . . . . 40
Configure the Redundancy Module . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Identify the RMCT Version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Module Info Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Configuration Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Auto-synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Chassis ID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
Enable User Program Control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
Redundancy Module Date and Time . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
Synchronization Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Commands in the Synchronization Tab. . . . . . . . . . . . . . . . . . . . . . . . 48
Recent Synchronization Attempts Log . . . . . . . . . . . . . . . . . . . . . . . . . 48
Synchronization Status Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
System Update Tab. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
System Update Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
System Update Lock Attempts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
Locked Switchover Attempts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
Chapter 5
Configure the Redundant Controller. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Enable Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
Crossloads, Synchronization, and Switchovers. . . . . . . . . . . . . . . . . . . . . 61
Changing Crossload and Synchronization Settings . . . . . . . . . . . . . 61
Default Crossload and Synchronization Settings . . . . . . . . . . . . . . . 62
Recommended Task Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Continuous Task After Switchover . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Multiple Periodic Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
Crossloads and Scan Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Estimate the Crossload Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Redundancy Object Attributes for Crossload Times . . . . . . . . . . . . . 66
Equation for Estimating Crossload Times. . . . . . . . . . . . . . . . . . . . . . 67
Set the Task Watchdog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Minimum Value for the Watchdog Time . . . . . . . . . . . . . . . . . . . . . . . 69
4 Rockwell Automation Publication 1756-UM015B-EN-P - February 2021
Table of Contents
Chapter 6
Programming Best Practices Program to Minimize Scan Times . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Minimize the Number of Programs . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Manage Tags for Efficient Crossloads . . . . . . . . . . . . . . . . . . . . . . . . . 73
Use Concise Programming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
Program to Maintain Data Integrity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Timer Instructions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Array (File)/Shift Instructions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
Scan-dependent Logic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
Optimize Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Programming Considerations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
Data Transfer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
SSV Instruction Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
Communications Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
Programed-scoped Tags. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
Redundant System Update (RSU) Operation . . . . . . . . . . . . . . . . . . . 82
Instruction Operation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
Alarms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
Diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
Conduct a Test Switchover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
Synchronization After a Switchover . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
Program Logic to Run After a Switchover. . . . . . . . . . . . . . . . . . . . . . . . . . 86
Use Messages for Redundancy Commands . . . . . . . . . . . . . . . . . . . . . . . . 87
Verify User Program Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Use an Unconnected Message. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Configure the MSG Instruction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
Download the Project. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
Store a Redundancy Project to Nonvolatile Memory . . . . . . . . . . . . . . . . 91
Store a Project While the Controller is in Program or Remote
Program Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Store a Project While a System is Running . . . . . . . . . . . . . . . . . . . . . 92
Load a Project . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
Online Edits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
Partial Import Online (PIO). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
Plan for Test Edits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
Assemble Edits with Caution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
Monitor and Maintain a
Redundancy System
Chapter 7
Controller Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
Controller Log. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
Controller Logging in Redundancy Systems . . . . . . . . . . . . . . . . . . . 100
Component Change Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
Monitor System Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
Verify Date and Time Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
Verify System Qualification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
Check Qualification Status Via Module Status Displays . . . . . . . . 103
Check Qualification Status Via the RMCT . . . . . . . . . . . . . . . . . . . . . 105
Rockwell Automation Publication 1756-UM015B-EN-P - February 2021 5
Table of Contents
Troubleshoot a Redundant
System
Check the EtherNet/IP Module Status. . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
CPU Usage. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
Connections Used . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
Chapter 8
General Troubleshooting Steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
Check the Module Status Indicators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
Use Programming Software to View Errors. . . . . . . . . . . . . . . . . . . . . . . 109
Redundant Controller Major Fault Codes . . . . . . . . . . . . . . . . . . . . . . 111
Use the RMCT for Synchronization Attempts and Status. . . . . . . . . . . . 111
Recent Synchronization Attempts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
Module-level Synchronization Status . . . . . . . . . . . . . . . . . . . . . . . . . 112
Use the RMCT Event Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
Controller Events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114
Event Classifications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
Access Extended Information about an Event . . . . . . . . . . . . . . . . . 116
Interpret Extended Information for an Event . . . . . . . . . . . . . . . . . 117
Interpret Event Log Information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
Export Event Log Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122
Export Diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
Contact Rockwell Automation Technical Support . . . . . . . . . . . . . . 127
Clear a Fault . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
System Event History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
System Event History Column Descriptions. . . . . . . . . . . . . . . . . . . 129
Edit a User Comment for a System Event . . . . . . . . . . . . . . . . . . . . . 130
Save System Event History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
Event Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
Partner Network Connection Lost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
Redundancy Module Connection Lost. . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
Redundancy Module Missing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
Qualification Aborted Due to a Non-redundant Controller . . . . . . . . . 136
Redundancy Module Status Indicators . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
1756-RM2 and 1756-RM2XT Status Indicators. . . . . . . . . . . . . . . . . . 138
Redundancy Module Fault Codes and Display Messages. . . . . . . . 141
Recovery Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
Appendix A
Convert from a Non-redundant
System
Update the Configuration in Programming Software. . . . . . . . . . . . . . 144
Replace Local I/O Tags. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
Replace Aliases to Local I/O Tags . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
Remove Other Modules from the Controller Chassis. . . . . . . . . . . . . . . 148
Add an Identical Chassis. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
Upgrade to Redundancy Firmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
Update the Controller Revision and Download the Project . . . . . . . . . 148
Appendix B
Redundancy Object Attributes Table of Redundancy Object Attributes. . . . . . . . . . . . . . . . . . . . . . . . . . . 149
6 Rockwell Automation Publication 1756-UM015B-EN-P - February 2021
Table of Contents
Appendix C
Redundancy System Checklists Chassis Configuration Checklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
Remote I/O Checklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
Redundancy Module Checklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
ControlLogix Controller Checklist. . . . . . . . . . . . . . . . . . . . . . . . . . . . 152
EtherNet/IP Module Checklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152
Project and Programming Checklist . . . . . . . . . . . . . . . . . . . . . . . . . . 153
Appendix D
Online Firmware Update
Considerations
Module Replacement
Considerations
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
RSU Requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
Redundancy System Update Migration Paths . . . . . . . . . . . . . . . . . 156
Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
Verify Your Redundancy Module Configuration Tool (RMCT)
Version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
Prepare the Controller Project for the Update . . . . . . . . . . . . . . . . . . . . . 158
Update the Redundancy System Firmware . . . . . . . . . . . . . . . . . . . . . . . 159
Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159
Prepare the Redundant Chassis for the Firmware Update. . . . . . . 160
Update the Redundancy Module Firmware in the
Primary Chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
Update Redundancy Module Firmware and Other
Module Firmware in the Secondary Chassis . . . . . . . . . . . . . . . . . . . 162
Lock the System and Initiate a Switchover to Update. . . . . . . . . . . 163
Update the New Secondary Chassis Firmware . . . . . . . . . . . . . . . . . 165
Synchronize the Redundant Chassis. . . . . . . . . . . . . . . . . . . . . . . . . . 165
EDS Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167
Appendix E
Before You Begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
Replace a Module in the Secondary Chassis That Has the
Same Catalog Number and Firmware Revision . . . . . . . . . . . . . . . . . . . 170
Replace an EtherNet/IP Module with a New Series . . . . . . . . . . . . . . . . 171
Synchronization and Switchover for EtherNet/IP Modules . . . . . 171
Replace a 1756-RM2 Module with a 1756-RM2 Module . . . . . . . . . . . . . . 174
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175
Rockwell Automation Publication 1756-UM015B-EN-P - February 2021 7
Table of Contents
Notes:
8 Rockwell Automation Publication 1756-UM015B-EN-P - February 2021
Preface
Catalog Numbers
This publication applies to these controllers:
• 1756-L81E, 1756-L81EK,1 756-L81E-NSE, 1756-L81EXT, 1756-L81EP
• 1756-L82E, 1756-L82EK, 1756-L82E-NSE, 1756-L82EXT
• 1756-L83E, 1756-L83EK, 1756-L83E-NSE, 1756-L83EXT, 1756-L83EP
• 1756-L84E, 1756-L84EK, 1756-L84E-NSE, 1756-L84EXT
• 1756-L85E, 1756-L85EK, 1756-L85E-NSE, 1756-L85EXT, 1756-L85EP
Summary of Changes This manual contains new and updated information. This list includes
substantive updates only and is not intended to reflect all changes.
Top ic Pa ge
Added Online Firmware Update Considerations. 155
Added Module Replacement Considerations. 169
Overview This publication provides information specific to ControlLogix 5580 high
availability systems:
• Installation procedures
• Configuration procedures
• Maintenance and troubleshooting methods
This publication is designed for use by anyone responsible for planning and
implementing a ControlLogix® redundancy system:
• Application engineers
• Control engineers
• Instrumentation technicians
The contents of this publication are for anyone who already has an
understanding of Logix 5000™ control systems, programming techniques, and
communication networks.
Additional Resources These documents contain additional information concerning related products
from Rockwell Automation.
Resource Description
High Availability System Reference Manual, publication HIGHAV-RM002
ControlLogix 5580 and GuardLogix 5580 Controllers User Manual, publication 1756-
UM543
ControlLogix 5580 Controllers Installation Instructions, publication 1756-IN043
ControlLogix Redundancy Modules Installation Instructions, publication 1756-IN087
1756 EtherNet/IP Communication Modules Installation Instructions,
publication 1756-IN050
ControlLogix Power Supply Installation Instructions, publication 1756-IN619
ControlLogix Redundant Power Supply Installation Instructions, publication 1756-IN620
ControlLogix Chassis Installation Instructions, publication 1756-IN621
Provides information to help design and plan high availability systems.
Provides information on how to configure, select I/O modules, manage
communication, develop applications, and troubleshoot the ControlLogix 5580
controllers.
Describes how to install ControlLogix 5580 controllers.
. Describes how to install ControlLogix redundancy modules.
Describes how to install ControlLogix EtherNet/IP communication modules.
Describes how to install standard power supplies.
Describes how to install redundant power supplies.
Describes how to install ControlLogix chassis.
Rockwell Automation Publication 1756-UM015B-EN-P - February 2021 9
Preface
Resource Description
1715 Redundant I/O System Specifications Technical Data, publication 1715-TD001 Contains specifications on a Redundant I/O system.
1756 ControlLogix Controllers Technical Data, publication 1756-TD001
ControlFLASH Plus Quick Start Guide, publication CFP-QS001C-EN-E
ControlLogix System Selection Guide, publication 1756-SG001 Provides information on how to select components for a ControlLogix system.
EtherNet/IP Parallel Redundancy Protocol Application Technique, publication ENET-
AT0 06
EtherNet/IP Device Level Ring Application Technique, publication ENET-AT007
EtherNet/IP Socket Interface Application Technique, publication ENET-AT002
EtherNet/IP Network Configuration User Manual, publication ENET-UM006
Integrated Architecture and CIP Sync Configuration Application Technique,
publication IA-AT003
Logix 5000 Controllers Common Procedures Programming Manual,
publication 1756-PM001
Logix 5000 Controllers General Instructions Reference Manual, publication 1756-RM003
PlantPAx Process Automation System Reference Manual, publication PROCES-UM001
Redundant I/O System User Manual, publication 1715-UM001
Industrial Automation Wiring and Grounding Guidelines, publication 1770-4.1 Provides general guidelines for installing a Rockwell Automation industrial system.
Product Certifications website, rok.auto/certifications
. Provides declarations of conformity, certificates, and other certification details.
Contains specifications on ControlLogix controllers and redundancy modules.
Describes how to use the ControlFLASH Plus™ software to upgrade device
firmware.
Describes how to configure a Parallel Redundancy Protocol (PRP) network with the
1756-EN2TP EtherNet/IP™ communication module and a Stratix® 5400 or 5410
switch.
Describes how to install, configure, and maintain linear and Device Level Ring
(DLR) networks that use Rockwell Automation® EtherNet/IP devices with
embedded switch technology.
Logix 5000Describes the socket interface that you can use to program MSG
instructions to communicate between a Logix 5000 controller via an EtherNet/IP
module and Ethernet devices that do not support the EtherNet/IP application
protocol.
Describes how to use EtherNet/IP communication modules with your Logix 5000
controller and communicate with various devices on the Ethernet network.
Provides an explanation of CIP Sync™ technology and how you can synchronize
clocks within the Rockwell Automation Integrated Architecture®.
Provides links to a collection of programming manuals that describe how to use
procedures that are common to all Logix 5000 controllers projects.
This manual provides details about each available instruction for a Logix-based
controller.
Elaborates on the application rules that are required to configure a PlantPAx®
system.
Contains information on how to install, configure, program, operate, and
troubleshoot a Redundant I/O system.
You can view or download publications at rok.auto/literature.
10 Rockwell Automation Publication 1756-UM015B-EN-P - February 2021
Chapter 1
Catalyst 9300 24S
Catalyst 9300 24S
NE
-NM-2Q
Catalyst 9300 24S
ControlLogix 5580 High Availability Systems
Top ic Pa ge
Features of the ControlLogix 5580 High Availability System 12
Controller Keyswitch 13
Redundancy System Components 14
Fiber-optic Cable 15
Redundancy System Operations 17
Restrictions 19
The ControlLogix® 5580 high availability system uses a redundant chassis pair
to maintain process operation when events occur that stop process operation
on non-redundant systems, such as a fault on a controller.
The redundant chassis pair includes two synchronized ControlLogix chassis
with specific, identical components in each. For example, one redundancy
module and at least one EtherNet/IP™ communication module are required.
Controllers are typically used in redundancy systems, but are not required if
your application only requires communication redundancy. Your application
operates from a primary chassis, but can switch over to the secondary chassis
and components if necessary.
NETWOR
2Q
40G 1
01 12 13 24
40G 2
01 12 13 24
01 12 13 24
NETWORK MODULE
Catalyst 9300 24S
NET
01 12 13 24
C9300-NM-2Q
40G 1
40G 2
2Q
40G 1
40G 2
40G 1
40G 2
Rockwell Automation Publication 1756-UM015B-EN-P - February 2021 11
Chapter 1 ControlLogix 5580 High Availability Systems
Features of the ControlLogix 5580 High Availability System
The software and hardware components that are required to configure and use
a ControlLogix 5580 high availability system provide these features:
• All non-safety ControlLogix 5580 controller catalog numbers are
supported.
• ControlLogix 5580 redundant controllers use the same controller
firmware revision as standard controllers.
• Configure a redundant controller with a checkbox on the Controller
Properties dialog box in Studio 5000 Logix Designer application
software.
• Partnered sets of 1756-RM2 modules can reach speeds as fast as
1000 Mbps.
• Redundant fiber ports for crossloading; no single point of failure of a
fiber cable.
• Plug-and-play-style commissioning and configuration that does not
require extensive programming.
• Support for produced unicast connections.
• EtherNet/IP network for the redundant chassis pair.
• Support for Device-level Ring (DLR) and Parallel Redundancy Protocol
(PRP) networks.
• Easy-to-use, fiber-optic communication cable that connects redundant
chassis pairs.
• A redundancy system ready to command and monitor the redundant
system states after basic installation, connection, and powerup.
• Switchovers occur as fast as 20 ms.
• Support for FactoryTalk® applications for Ethernet communication
modules including, but not limited to:
- FactoryTalk Alarms and Events
- FactoryTalk Batch
- FactoryTalk PhaseManager™
• Logix tag-based alarms considerations:
- ControlLogix 5580 controllers support up to 7500 Logix tag-based
alarms per software guidelines.
• Logix instruction-based alarms considerations:
- ControlLogix 5580 controllers support up to 3000 Logix instruction-
based alarms with 3000 burst.
• Support for CIP Sync™ technology over an EtherNet/IP network to
establish time coordination across the redundant system.
• Access to remote I/O modules over an EtherNet/IP network.
• Access to 1715 Redundant I/O systems over an EtherNet/IP network.
• Supports FLEX 5000 I/O.
• Supports PhaseManager.
• Supports DLR topologies with the use of an EtherNet/IP communication
module. For more information about DLR, see the EtherNet/IP Device
Level Ring Application Technique, publication ENET-AT007
• Sockets are supported in the 1756-EN2T, 1756-EN2TP, 1756-EN2TR and
1756-EN2F modules, firmware revision 5.008 or later. For additional
information, see the EtherNet/IP Socket Interface Application
Technique, publication ENET-AT002
• For information on how to best organize a process application, see the
PlantPAx DCS Configuration and Implementation User Manual
publication PROCES-UM100
12 Rockwell Automation Publication 1756-UM015B-EN-P - February 2021
.
.
.
Chapter 1 ControlLogix 5580 High Availability Systems
Features Not Supported
• Compact 5000 I/O
• The embedded Gigabit Ethernet port of the controller.
• DeviceNet
• Messaging to PLC2, PLC3, PLC5, SLC, and other legacy controllers.
• IEC62443-4-2 secure communications
• License-based Source and Execution Protection
• Any motion feature
• Firmware Supervisor
•Event Tasks
• Input or consumed unicast connections
• SequenceManager
(1)
, ControlNet, RIO, DH+ networks
IMPORTANT
For Ethernet modules, signed and unsigned firmware are available.
Signed modules provide the assurance that only validated firmware can
be upgraded into a module.
Signed and unsigned firmware:
• Both signed and unsigned firmware are available.
• Product is shipped with unsigned firmware. To obtain signed firmware,
you must upgrade the firmware for your product.
• To obtain signed and unsigned firmware, go to
http://www.rockwellautomation.com/global/support/firmware/
overview.page.
• Once signed firmware is installed, subsequent firmware updates must be
signed also.
There are no functional/feature differences between signed and
unsigned communication modules.
Controller Keyswitch The position of the keyswitch on the controllers in both chassis must match
(both in REM or both in RUN). There should NOT be a mismatch. See
Knowledgebase Technote Processor Key Switches in ControlLogix Redundancy
System.
For more information on operation modes of the controller see Choose the
Controller Operation Mode in the ControlLogix 5580 and GuardLogix 5580
Controllers User Manual, publication 1756-UM543
.
(1) DeviceNet modules are supported if accessed across an Ethernet bridge but may experience
a bump during a ControlLogix Redundancy switchover.
Rockwell Automation Publication 1756-UM015B-EN-P - February 2021 13
Chapter 1 ControlLogix 5580 High Availability Systems
Redundancy System Components
Communication between a redundant chassis pair that includes matching
components makes redundancy possible.
Each chassis in the redundant chassis pair contains these ControlLogix
components:
• One ControlLogix power supply - Required
• One ControlLogix 1756-RM2 redundancy module - Required
Redundancy modules link the redundant chassis pair to monitor events
in each chassis and initiate system responses as required.
• At least one ControlLogix EtherNet/IP communication module - up to
seven, optional (any combination)
• One ControlLogix 5580 controller.
If the chassis is used as a redundant gateway, then a controller is not
required.
In addition, redundant chassis are connected to other components outside the
redundant chassis pair, for example, remote I/O chassis or human machine
interfaces (HMIs).
For more information about components you can use in a redundancy system,
see the High Availability System Reference Manual, publication
HIGHAV-RM002
.
I/O Modules in Redundancy Systems
A ControlLogix 5580 redundancy system supports I/O modules in a remote
chassis connected via EtherNet/IP. You cannot use I/O modules in the
redundant chassis pair.
You can put DeviceNet modules in a remote rack but DeviceNet devices will
not be bumpless during a switchover event.
14 Rockwell Automation Publication 1756-UM015B-EN-P - February 2021
Chapter 1 ControlLogix 5580 High Availability Systems
Fiber-optic Cable If you choose to make your own fiber-optic cables, consider the following:
• Fiber-optic Communication Cable Specifications:
Attribute 1756-RM2 1756-RM2XT
Temperature, operating 0…60 °C (32…140 °F) -25…70 °C (-13…158 °F)
Connector type LC-type (fiber-optic)
Cable type 8.5/125 micron single-mode fiber-optic cable
Channels 1 (transmit and receive fiber)
Length, max 10 km (10,000 m, 10936.13 yd
Transmission 1000 Mbps
Wavelength 1310 nm
SFP transceiver
• Determine Optical Power Budget
You can determine the maximum optical-power budget in decibels (dB)
for a fiber-optic link by computing the difference between the minimum
transmitter-output optical power (dBm avg) and the lowest receiver
sensitivity (dBm avg). As shown in Table 1
budget for the 1756-RM2 module is -9.5 - (-19) or 9.5 dB.
Transceiver Rockwell Automation PN-91972
Connector/cable: LC duplex connector, 1000BASE-LX-compliant
, the maximum optical power
The optical-power budget provides the necessary optical-signal range to
establish a working fiber-optic link. You must account for the cable
lengths and the corresponding link penalties. All penalties that affect the
link performance must be accounted for within the link optical power
budget.
Table 1 - Optical Power Budget Ranges for 1756-RM2 and 1756-RM2XT Modules
Transmitter Min Typical Max Unit
Output optical power -9.5 — -3 dBm
Wavelength 1270 — 1355 nm
Receiver Min Typical Max Unit
Receiver sensitivity — — -19 dBm
Receiver overload — — -3 dbm
Input operating wavelength 1270 — 1355 nm
Use Dual Fiber Ports with the 1756-RM2 Redundancy Module
The dual fiber ports of the 1756-RM2 module constitute a redundant pair of
communication channels between the partner 1756-RM2 modules in a
redundant chassis pair. One of the channels is termed as 'ACTIVE', while the
other channel is termed as 'REDUNDANT'. All data communication between
the partner redundancy modules is conducted exclusively over the ACTIVE
channel. If or when the ACTIVE channel fails, a 'Fiber Channel Switchover' is
initiated automatically and all data communication shifts to the REDUNDANT
channel, which then becomes the new ACTIVE channel.
Rockwell Automation Publication 1756-UM015B-EN-P - February 2021 15
Chapter 1 ControlLogix 5580 High Availability Systems
Fiber Channel Switchover
Due to the fiber channel switchover, the redundant chassis pair remains
synchronized even after a failure of the ACTIVE channel. Any of the following
failures of the ACTIVE channel trigger an automatic fiber channel switchover
to the REDUNDANT channel, provided the REDUNDANT channel is still
operating in a normal condition:
• Signal attenuation along the fiber cable path that is routed between the
• A broken or damaged fiber cable that is routed between the partner
• Improper or loosely fit cable connector
• SFP transceiver fault
• Removal or loose connection of the SFP transceiver
• Data communication error (signaled by a failed CRC check)
Chassis synchronization is lost only when both of the channels have failed or
are disconnected.
The fiber channel switchover can occasionally extend the completion of data
communication packets between the partner redundancy modules. Therefore,
the scan time of the controller can occasionally experience a delay of 10 ms or
less.
partner redundancy modules
redundancy modules
Configuration
The use of dual fiber ports is entirely ‘plug and play’. There is no user
configuration that is needed for any of the operations of the active and
redundant channels. The firmware automatically manages the selection of
active and redundant channels. The dual fiber cables between the partner
redundancy modules can be crossed over between CH1 and CH2 without any
restriction, however, this is not recommended as it can complicate
troubleshooting.
Monitoring and Repair
Synchronization is preserved if the REDUNDANT channel has failed or is
being repaired. The repair of the REDUNDANT channel can be performed
online while the redundant chassis pair is running synchronized. To aid online
repairs, the fiber cable connections and SFP transceiver can be removed and
inserted under power.
It is not mandatory to use the REDUNDANT channel that is connected
between the two redundancy modules. The redundant chassis pair can be
synchronized with just one of the channels connected. The REDUNDANT
channel can be installed later while the chassis is running synchronized.
The status indicators on the front panel and the indicators and counters that
are displayed in the RMCT provide monitoring of the channel status.
16 Rockwell Automation Publication 1756-UM015B-EN-P - February 2021
Chapter 1 ControlLogix 5580 High Availability Systems
Redundancy System Operations
Once the redundancy modules in the redundant chassis pair are connected
and powered, they determine which chassis is the primary chassis and which is
the secondary chassis.
The redundancy modules in both the primary and secondary chassis monitor
events that occur in each of the redundant chassis. If certain faults occur in the
primary chassis, the redundancy modules execute a switchover to the
unfaulted, secondary chassis.
System Qualification and Synchronization
When the redundant system is first started, the redundancy modules run
checks on the redundant chassis. These checks determine if the chassis
contain the appropriate modules and firmware to establish a redundant
system. This stage of checks is referred to as qualification.
After the redundancy modules complete qualification, synchronization can
take place. Synchronization is a state in which the redundancy modules
execute these tasks:
• Verify that the connection between redundancy modules is ready to
facilitate a switchover
• Verify that the redundant chassis continue to meet qualification
requirements
• Synchronize the data between the redundant controllers, also called
crossloading
This data is crossloaded:
- Updated tag values
-Forced values
- Online edits
- Other project information
Synchronization always takes place immediately following qualification. Also,
depending on your system configuration, synchronization takes place at the
end of each program that is run within the controller project, or at other
intervals that you specify.
Some communication delays can occur during qualification. The existence and
duration of these delays depend on:
• Quantity and types of tags on scan in FactoryTalk Linx software
• Client screen and tag update rates (for example, FactoryTalk Live Data/
FactoryTalk Historian)
• Number of data subscribers (for example, FactoryTalk Alarms and
Events, FactoryTalk Batch, and so on)
• Size of the redundant controller application
•Network traffic
Rockwell Automation Publication 1756-UM015B-EN-P - February 2021 17
Chapter 1 ControlLogix 5580 High Availability Systems
Switchovers
During redundant system operation, if certain conditions occur on the
primary chassis, primary control is switched to the secondary chassis. These
conditions cause a switchover:
• Loss of power
• Major fault on the controller
• Removal or insertion of any module
• Failure of any module
• Loss of an EtherNet/IP connection - This event only causes a switchover
• A program-prompted command to switchover
• A command that is issued via the Redundancy Module Configuration
After a switchover occurs, the new primary controller continues to execute
programs. For more information about how tasks execute after a switchover,
see Crossloads, Synchronization, and Switchovers
if it results in the EtherNet/IP communication module transition to a
lonely state, that is, the module does not see any devices on the network.
Tool (RMCT)
on page 61.
IMPORTANT
It is required that all messaging communications point to the primary
controller when reading/writing to a ControlLogix Redundancy system.
Do not target message instructions to modules in the secondary
chassis.
Your application can require some programming considerations and potential
changes to accommodate a switchover. For more information on these
considerations, see Chapter 6
IMPORTANT
During a switchover of the fiber channels of the 1756-RM2 module, scan
, Programming Best Practices on page 71.
time encounters a delay of ~10 ms; however, the chassis always remains
synched.
Data Server Communication Recovery Time Reduction During a Switchover
Brief communication interruption occurs between FactoryTalk Linx software
and the redundant chassis pair when a switchover occurs. After the switchover
is complete, communication resumes automatically.
Data server communication recovery time is the time during a switchover
from primary to secondary, when tag data from the controller is unavailable
for reading or writing. Data server communication recovery time applies to
any software that uses tag data, such as HMI displays, data loggers, alarms
systems, or historians. Data server communication recovery time reduction is
important to increase the availability of the system.
When you configure the connection between a FactoryTalk Linx data server,
and a redundant ControlLogix controller, you can configure redundant
shortcut paths to the primary and secondary controllers. These shortcut paths
help reduce data server communication recovery time that occurs during a
redundancy switchover.
18 Rockwell Automation Publication 1756-UM015B-EN-P - February 2021
Chapter 1 ControlLogix 5580 High Availability Systems
The following are required to take advantage of this:
• A dedicated pair of ControlLogix communication modules with firmware
revision 11.002 or later (1756-EN2TP, 1756-EN2TR, 1756-EN2T), that do
not swap IP addresses. See Do Not Use IP Address Swapping
• ControlLogix 5580 redundancy controllers with redundancy firmware
revision 33.011 or later
• FactoryTalk Linx 6.00 with the FactoryTalk Linx patch available from
Knowledgebase Technote Patch: FactoryTalk Linx 6.00 patch required to
support ControlLogix V31.05 Redundancy, or later versions of FactoryTalk
Linx.
• Redundant ControlLogix Controller shortcut type in FactoryTalk Linx
that points to the Primary and Secondary controllers through the
communication modules, without swapping IP addresses. For
information on shortcuts in FactoryTalk Linx, see the FactoryTalk Linx
Getting Results Guide, publication LNXENT-GR001
.
on page 30.
Restrictions There are restrictions that you must consider when using a redundancy
system. Most of these restrictions apply to all redundancy system revisions.
Exceptions are noted:
• See the release notes of the redundancy bundles for compatible products,
versions, and revisions
• The redundant controller program cannot contain these tasks:
-Event tasks
-Inhibited tasks
For recommendations and requirements that are related to
programming the redundant controller, see Programming Best
Practices on page 71.
• You cannot use the Match Project to Controller feature available in
Studio 5000 Logix Designer® in a redundancy system.
• You cannot use motion in a redundant controller program.
• You cannot use SequenceManager.
• You cannot use consumed unicast connections in a redundancy system.
You can use produced unicast connections that remote consumers
consume.
• Outputs controlled by IOT instructions are not guaranteed to maintain a
bumpless transition during a switchover. Due to this, it is recommended
to avoid using IOT instructions within a redundancy system.
• The HMIBC instruction is not supported in a redundancy system.
• You can use one controller of the same family, and seven EtherNet/IP
communication modules in each chassis of a redundant chassis pair.
• Cannot use Listen Only or Input Only connections for FLEX 5000 I/O
and ControlLogix 1756 HART I/O from a redundant controller.
- There is no ability for another controller to listen or dual-own
connections to FLEX 5000 I/O.
- This means no sharing of FLEX 5000 I/O or Highly Integrated HART
between a the redundant controller pair and other controllers.
Rockwell Automation Publication 1756-UM015B-EN-P - February 2021 19
Chapter 1 ControlLogix 5580 High Availability Systems
Notes:
20 Rockwell Automation Publication 1756-UM015B-EN-P - February 2021
Chapter 2
Configure the Redundancy System
Top ic Pa ge
Before You Begin 21
Download the Redundancy Firmware Bundle 22
Install the Firmware Bundle 22
Install the Redundancy Module Configuration Tool 22
Install the Redundancy System 23
Configure Redundant Firmware 24
Set the initial Primary and Secondary Chassis 25
Before You Begin Complete these tasks before you configure the redundancy system:
IMPORTANT
For best performance, place the redundancy module in the
chassis as close as possible to the controller.
• Read and understand the safety and environmental considerations
explained in the installation instructions publication for each
component.
• Order a 1756-RMCx fiber-optic communication cable if you do not have
one.
• If you choose to make your own fiber-optic cable for lengths that the
1756-RMCx catalog numbers do not support, refer to Fiber-optic Cable
on
page 15.
• Download and install the compatible versions of the Studio 5000 Logix
Designer® application, RSLinx® Classic or FactoryTalk® Linx
communication software, and ControlFLASH Plus™ software.
For information on how to download and install ControlFLASH Plus
software, see the ControlFLASH Plus Quick Start Guide, publication
CFP-QS001
IMPORTANT
If RSLinx Classic software or FactoryTalk Linx is already on your system,
make sure to shut it down before installing/upgrading software.
• Review the release notes for the firmware bundle that you are installing.
Make sure that you have compatible hardware and the correct firmware
revisions.
• Determine the IP address for each of your Ethernet/IP™ communication
modules. Both Ethernet/IP communication modules of the redundant
chassis pair will usually have the same IP address. See IP Address
Swapping on page 29.
• System scan time will likely be different between a synchronized and
unsynchronized system. See Crossloads, Synchronization, and
Switchovers on page 61
Rockwell Automation Publication 1756-UM015B-EN-P - February 2021 21
Chapter 2 Configure the Redundancy System
Download the Redundancy Firmware Bundle
You can download the appropriate redundancy firmware bundle from the
Rockwell Automation Product Compatibility and Download Center (PCDC).
1. Go to https://compatibility.rockwellautomation.com/Pages/home.aspx
2. Search for ‘1756-L8x Redundancy Bundle’.
3. Select and download the appropriate bundle revision.
The Redundancy Module Configuration Tool (RMCT) is included in the
redundancy bundle download, and is not available for separate download.
Install the Firmware Bundle Follow the steps in this section.
Create a firmware directory on your computer first, so you can unzip the files to
this directory.
1. You must first shut down RSLinx Classic software.
2. Browse to the location of the redundancy firmware revision bundle.
3. Unzip the redundancy firmware bundle on your computer. After you
unzip, you will have these files:
•Firmware: Vxx.0xx_kitx_5580CLXRED Bundle.dmk (where x is the
firmware revision and kit number)
• Redundancy Module Configuration Tool
4. Unzip the Redundancy Module Configuration Tool on your computer.
.
Install the Redundancy Module Configuration Tool
The RMCT version that is compatible with your redundancy module firmware
is included in the downloads for the redundancy bundle, and is not available as
a separate download.
IMPORTANT
To install the RMCT:
1. Browse to the RMCT directory on your computer.
2. Double-click setup.exe.
3. On the RMCT Setup dialog, click Next.
4. When the installation is complete, click Finish.
You must uninstall any existing version of the Redundancy Module
Configuration Tool (RMCT) before you install the RMCT, version 8.06.03 or
later. If you do not uninstall the previous version, you can have difficulty
if you try to uninstall version 8.06.03 or later at another time.
22 Rockwell Automation Publication 1756-UM015B-EN-P - February 2021
Chapter 2 Configure the Redundancy System
Install the Redundancy System
If you need to install the redundancy system, determine the location of your
controller, Ethernet/IP communication modules, and redundancy modules in
both chassis of the system, matching partners slot for slot.
IMPORTANT
1. Install the first chassis and power supply (or redundant power supplies):
• ControlLogix® Chassis Installation Instructions, publication
1756-IN621
• ControlLogix Power Supply Installation Instructions, publication
1756-IN619
• ControlLogix Redundant Power Supply Installation Instructions,
publication 1756-IN620
2. Install and connect the 1756-RM2 redundancy modules in both chassis:
• ControlLogix Redundancy Modules Installation Instructions,
publication 1756-IN087
3. Install the first chassis Ethernet/IP communication modules:
• 1756 EtherNet/IP Communication Modules Installation Instructions,
publication 1756-IN050
4. Install one controller in the first chassis of the redundant pair:
• ControlLogix 5580 Controllers Installation Instructions, publication
1756-IN043
5. Install the second chassis and power supply (or redundant power
supplies).
6. Install the second chassis Ethernet/IP communication modules.
7. Install one controller in the second chassis of the redundant pair.
Do not power on either chassis until you have installed all modules in
both chassis.
.
Rockwell Automation Publication 1756-UM015B-EN-P - February 2021 23
Chapter 2 Configure the Redundancy System
Configure Redundant Firmware
Use ControlFLASH Plus software to upgrade the firmware of each module in
each chassis. For information on how to download, install, and use
ControlFLASH Plus software, see the ControlFLASH Plus Quick Start Guide,
publication CFP-QS001
IMPORTANT
• Apply power ONLY to the chassis that contains modules on which you are
• Redundancy module firmware that is contained in the redundancy
• All modules in both chassis must use firmware as defined in the 1756-L8x
.
upgrading firmware.
system firmware bundle is designed for use with the 1756-RM2 and 1756RM2XT redundancy modules.
Redundancy Bundle.
Upgrade the Firmware in the First Chassis
IMPORTANT
Complete these steps to upgrade the firmware in the first chassis.
1. Apply power to the chassis.
2. Set the keyswitch on the controller to PROG.
Redundancy module firmware that is contained in the redundancy
system firmware bundle is designed for use with the 1756-RM2 and
1756-RM2XT redundancy modules.
3. Wait for the modules to complete their start-up scroll messages. Check
Module and status indicators. During this time, the redundancy module
conducts internal operations to prepare for an update.
Create a firmware directory on your computer first, so you can unzip the files to
this directory.
4. Launch ControlFLASH Plus software, and upgrade the Ethernet
communication module that you going to use as the gateway to the other
modules.
5. Upgrade the 1756-RM2 redundancy module.
6. Once the firmware upgrade is complete, verify that the redundancy
module status displays PRIM, which indicates a successful upgrade.
7. Use ControlFLASH Plus software to upgrade the rest of the modules in
the chassis.
IMPORTANT
• Verify the firmware revision of each module to make sure it matches the
revision in the 1756-L8x Redundancy Bundle.
• Power off the first chassis after you have verified a successful update of
each module.
24 Rockwell Automation Publication 1756-UM015B-EN-P - February 2021
Chapter 2 Configure the Redundancy System
Upgrade the Firmware in the Second Chassis
Complete these steps to update the firmware for the modules in the second
chassis.
1. Apply power to the second chassis.
2. Set the keyswitch on the controller to PROG.
3. Complete steps 3
beginning on page 24
…7 in section Upgrade the Firmware in the First Chassis
for the modules in the second chassis.
Set the initial Primary and Secondary Chassis
IMPORTANT
Power on the chassis you want to set as the initial primary chassis first. After
you have applied power, verify all module pairs are at compatible firmware
revision levels.
IMPORTANT
Complete these steps to designate the primary and secondary chassis of a
redundant pair.
• verify the firmware revision of each module to make sure it matches the
revision in the 1756-L8x Redundancy Bundle.
• Power off the second chassis after you have verified a successful update
of each module.
• Do not apply power to the chassis until you have read the instructions
for designating the primary chassis. Applying power to the chassis in
the correct order is crucial to designating the primary and secondary
chassis.
• Make sure both Ethernet/IP communication modules are set
appropriately. See Data Server Communication Recovery Time
Reduction During a Switchover on page 18.
• It is not recommended to load an application image until the primary
and secondary racks are synchronized.
• Before you set the initial primary chassis and qualify the system, it is
recommended to have the latest firmware installed. See Configure
Redundant Firmware on page 24.
1. Verify that power is removed from both chassis.
2. Apply power to the chassis you want to designate as the primary chassis
and wait for the status indicators of the module to display PRIM.
3. Apply power to the chassis you want to designate as the secondary
chassis.
4. Verify primary and secondary chassis designations by viewing the
redundancy module status displays.
See Redundancy Module Status Indicators
redundancy module display information.
IMPORTANT
Rockwell Automation Publication 1756-UM015B-EN-P - February 2021 25
If both modules have power applied to them simultaneously, the module
with the lowest IP address is designated as the primary chassis and
displays PRIM on the four-character display of the module. In addition,
the PRI status indicator on the primary redundancy module is green. The
secondary chassis displays either DISQ or SYNC, depending on the state
of the secondary chassis. In addition, the PRI status light on the
secondary redundancy module is not illuminated.
on page 138 for specific
Chapter 2 Configure the Redundancy System
After Designation
When you first apply power to the primary and secondary chassis,
compatibility checks are carried out between the redundant chassis. Then,
because the default Auto-Synchronization parameter is set to Always,
qualification begins.
While the qualification occurs, the module status display transitions from DISQ
(disqualified) to QFNG (qualifying) to SYNC (synchronized). The qualification
completes in 1…3 minutes and the module status display indicates the
qualification status.
After you verify the system is synchronized, you can download the user
application to the primary controller. It automatically crossloads to the
secondary controller.
Use this table as a reference when interpreting the qualification status of the
modules that are displayed on the module status display.
Module Status Display Interpretation
QFNG Qualification processes are in progress.
SYNC displays after qualification processes are complete.
SYNC
DISQ…QFNG…DISQ
This indicates that chassis configuration and the firmware revision levels are
compatible and that the secondary chassis is ready to assume control if there is a
major fault in the primary chassis.
If DISQ continues to display after about 3 minutes, check the following:
• Incorrect chassis configuration. That is, incompatible hardware is used.
• Incompatible firmware revisions are used between the primary and secondary
modules.
• The partnered EtherNet/IP modules are not set to the same IP Configuration.
• The Auto-Synchronization parameter within the Redundancy Module Configuration
Tool is set to Never or Conditional (default setting).
Conversion from a Non-redundant to a Redundant System
To upgrade a standalone chassis to a redundant chassis pair:
1. Insert a redundancy module in a spare slot in the standalone chassis, and
2. Configure an identical chassis with compatible modules in the same slot
as the standalone chassis (including the redundancy module).
A partnered chassis that is set as the secondary chassis stops functioning if it
contains:
• non-redundancy-compliant modules
• modules not compatible with redundancy
• non-redundancy-compliant firmware
For more information, see Convert from a Non-redundant System
on page 143.
26 Rockwell Automation Publication 1756-UM015B-EN-P - February 2021
Chapter 2 Configure the Redundancy System
Qualification Status Via the RMCT
To view the details for a qualification attempt, access the Synchronization or
Synchronization Status tabs of the RMCT. These tabs provide information
about qualification attempts and redundant chassis compatibility.
For more information on how to use the RMCT, see Use the RMCT for
Synchronization Attempts and Status on page 111.
RMCT Synchronization Status Tab
Synchronization Status Tab for Chassis Compatibility
You can also view events specific to qualification in the Event Log of the RMCT.
Event Log with Qualification Events
Reset the Redundancy Module
There are two ways to reset the module.
• Cycle power to the chassis.
• Remove the module from the chassis and reinsert the module.
IMPORTANT
Do not choose to cycle power to the chassis if it causes you to
lose control of your process.
Rockwell Automation Publication 1756-UM015B-EN-P - February 2021 27
Chapter 2 Configure the Redundancy System
Remove or Replace the Redundancy Module
IMPORTANT
If you remove the redundancy module, you will lose
redundancy functionality.
To remove or replace the redundancy module, follow these steps.
1. To disengage the upper and lower module tabs, push them.
2. Slide the module out of the chassis.
3. Insert the replacement in the same slot and move the fiber cable(s) to the
new module.
IMPORTANT
If you want to resume system operation with an identical
module, you must install the new module in the same slot.
28 Rockwell Automation Publication 1756-UM015B-EN-P - February 2021
Configure the EtherNet/IP Network
Top ic Pa ge
Requested Packet Interval (RPI) 29
IP Address Swapping 29
CIP Sync 33
Produce/Consume Connections 35
Configure EtherNet/IP Communication Modules in a Redundant System 37
Use a Redundancy System with Device Level Ring 38
Use a Redundancy System with Parallel Redundancy Protocol 38
Chapter 3
Requested Packet Interval (RPI)
The RPI for I/O connections in a redundant-enabled controller tree are
configured the same way as a with a simplex controller. Adjusting the RPI rates
of I/O connections impact the loading of the associated EtherNet/IP
communications modules.
The RPI for I/O connections in a redundant-enabled controller tree are
configured the same way as a with a simplex controller. Adjusting the RPI rates
of I/O connections impact the loading of the associated EtherNet/IP
communications modules.
This table describes CPU usage for EtherNet/IP™ communication modules.
If the CPU utilization
percent is
0…80%
Greater than 80%
Then
No action is required.
Important: This range is the optimal rate.
• Take steps to reduce your CPU utilization. See the EtherNet/IP Network Configuration User
Manual, publication ENET-UM001
• Adjust the requested packet interval (RPI) of your connection.
• Reduce the number of devices that are connected to your module.
• Add another Ethernet module to the redundant chassis pair (maximum of 7)
Important: Your EtherNet/IP communication module can function at 100% CPU
capacity, but at or near this rate, you run the risk of CPU saturation and
performance degredation.
.
IP Address Swapping IP address swapping is a feature available to EtherNet/IP communication
modules in a redundancy system where a partnered set of EtherNet/IP
communication modules swap IP addresses during a switchover.
IMPORTANT
Rockwell Automation Publication 1756-UM015B-EN-P - February 2021 29
You must use IP address swapping to use remote I/O and
produce/consume connections of an EtherNet/IP network.
Chapter 3 Configure the EtherNet/IP Network
Primary chassis Secondary Chassis
Assigned IP Address: 192.168.1.3
Determine Use of IP Address Swapping
Depending on your EtherNet/IP network configuration, you can choose to use
IP address swapping between your partnered EtherNet/IP communication
modules in the event of a switchover.
If you want to Then
Minimize data server communication recovery time during switchover
Have your partnered EtherNet/IP communication modules on different subnets
Use Remote I/O or produce/consume
Have your partnered EtherNet/IP communication modules on the same subnet.
(1) For more information, see Data Server Communication Recovery Time Reduction During a Switchover on page 18
(1)
Do not use IP address swapping
Use IP address swapping
If you are using different subnets, you are responsible for programming your
system to use the address and subnet of the new primary chassis in the event
of a switchover.
Do Not Use IP Address Swapping
If you do not use IP address swapping, assign unique values for the IP address
on both EtherNet/IP communication modules in the partnered set:
IMPORTANT
The IP address cannot be of the following format between the partner
EtherNet modules: aaa.bbb.ccc.ddd & aaa.bbb.ccc.(ddd+1)
Use IP Address Swapping
If you use IP address swapping, at minimum, the below parameters must be
configured on both EtherNet/IP communication modules in the partnered set:
• IP address
•Subnet mask
Figure 1
initial configuration.
Figure 1 - IP Addresses of EtherNet/IP Communication Modules During System Configuration
shows a partnered set of EtherNet/IP communication modules during
CH2 CH1 OK
CH2 CH1 OK
30 Rockwell Automation Publication 1756-UM015B-EN-P - February 2021
Loading...