Hot Standby Redundancy Operation; Failover Time - Emerson PACSystems RX3i User Manual

Hide thumbs Also See for PACSystems RX3i:

User manual (232 pages)

Application manual (37 pages)

Manual (37 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

page of 143

/ 143
Contents
Table of Contents
Bookmarks

Table of Contents

User Manual

GFK-2409B

2.3

Hot Standby Redundancy Operation

During each controller scan, the Max-ON RX3i redundancy drivers are solved first, and then

your application logic is solved. The Max-ON RX3i redundancy drivers handle the following

functions:

•

2.4

Failover Time

The Mastership Time of the Max-ON RX3i system determines the Failover Time. The Failover

Time is the time required for control of the system to transfer from the Master Controller to

the Backup Controller.

Mastership Time: This is the time interval for the Backup Controller to recognize that the

Master Controller has failed. It takes one or two CPU scans plus one Synchronized Data

Transfer period to determine that the Master has failed. Then it takes an additional scan to

activate the output data stream in the Backup Controller.

For the Ethernet I/O LAN, the Remote Ethernet drop will start using the data from the

Backup Controller as soon as it detects that:

1. The Backup is now the Master

2. The Master is no longer sending data

For the Genius IO LAN, lacking output data from the current Master 's GBC, each output

circuit on each device on the Genius I/O LANs will hold its last state for up to 2.5 seconds

before it assumes the Default State unless there is output data from the Backup GBC. (This

System Overview

Determine Mastership – One CPU operates as the Master. The other operates as the

Backup. Output devices use the output states from the Master only. In a Max-ON

RX3i system, the user may specify either PLC to be the preferred Master. If no

preference is specified, then Mastership "floats" between the PLCs. The current

Master retains its status until it fails or until the user switches Mastership, at which

time the Master and Backup exchange their roles.

Transfer Synchronization Data – If the Master fails, the Backup must be prepared to

control the process using the latest internal states from the ex-Master. These states

may represent such things as latched coils, timer/counter values, PID values, system

set points, and perhaps user-calculated values.

Enforce an Orderly PLC Startup – When a failed PLC is returned to service, it must not

attempt to assume control of the system prior to being synchronized to the current

Master. If both PLCs startup simultaneously, then whichever one was the last valid

Master assumes the Mastership.

Process Genius Dual Bus I/O Devices – When the system uses dual Genius I/O

busses, input devices are mapped automatically from the active I/O LAN into the

PLC's input reference tables.

Execute Diagnostic Tests – Automatically post time-stamped fault messages into

the Max-ON RX3i Alarm Table. Identify system problems such as bus faults, loss of

devices, change of Mastership, program restart, and power-up event.

Chapter 2

Oct 2019

Table of Contents

Hot Standby Redundancy Operation; Failover Time - Emerson PACSystems RX3i User Manual

Hot Standby Redundancy Operation

Failover Time

Related Manuals for Emerson PACSystems RX3i

Related Content for Emerson PACSystems RX3i

Table of Contents