lantzvillian
Member
Hello all,
I have some wireshark captures of what I believe is DH+ traffic over EIP. I have scoured the documentation and I am concerned by what I am seeing, but it is only one sample.
I am getting packets that look like DH+/PCCC, but there is an 8 byte pre-amble before the CMD. The first byte is 0x0000, which makes Wireshark think that this is a generic CIP service and perhaps this is true, but it could also be that the link-ID is 0x00 too! What would happen if it was non-zero? (Sorry I can't test my hypothesis).
I've attached a screenshot.
Can anyone provide input?
I have some wireshark captures of what I believe is DH+ traffic over EIP. I have scoured the documentation and I am concerned by what I am seeing, but it is only one sample.
I am getting packets that look like DH+/PCCC, but there is an 8 byte pre-amble before the CMD. The first byte is 0x0000, which makes Wireshark think that this is a generic CIP service and perhaps this is true, but it could also be that the link-ID is 0x00 too! What would happen if it was non-zero? (Sorry I can't test my hypothesis).
I've attached a screenshot.
Can anyone provide input?