Device to tap and record Ethernet/IP connections?

PeeLC

Member
Join Date
Oct 2018
Location
Krypton
Posts
30
Hello PLCS.net!

I was wondering if there is such a thing available that connects inline with two RJ45 jacks and lets me know what communication is happening?

From what I understand, I don't necessarily want the packet information, but rather the information about the contents of the packet, so the application data.

We are in the AB environment, and would like something to help us log communication between the OPC and the PLC.

Thanks!
-PeeLC.
 
Wireshark might be what you are looking for, it's a free download. It installs on any PC on the network.

I records each item on a network that send a packet, and the type of send with the destination IP if it is to a specific other device. It can be filtered to show only data for specific IP addresses, MAC addresses, type of packet or request, etc.
 
If the OPC server is running on a PC you can try Wireshark packet analyzer on it.

The hard part will then be to interpret the sequence of bytes since two sources of information have to be used, the first from OVDA about Ethernet/IP and the CIP packets and then from Rockwell Automation about the data contained in those packets..

OVDA documents are not free, you have to be a member and pay a fee to obtain them and as for RA there are a few documents and from my point of view there are incomplete.
 
a word of caution about sniffer programs.

one of our guys ran a sniffer program to see what was on the network and brought the traffic to a crawl.
everyone came asking me if I had a network loop.
when we got to him, we had him turn off the program and everything was normal.


please be aware of the network when you run the program.

james
 
a word of caution about sniffer programs.

one of our guys ran a sniffer program to see what was on the network and brought the traffic to a crawl.
everyone came asking me if I had a network loop.
when we got to him, we had him turn off the program and everything was normal.


please be aware of the network when you run the program.

james

Bizarre, I would have liked to be involved in understanding that one. I don't see how Wireshark would do that, it just captures the packets entering the specified network adapter on the machine running it. It doesn't send anything out onto the network. Maybe the program he was running was more than a packet sniffer?

I could see a misconfigured switch used for mirroring or something like that, but it's hard to see Wireshark by itself causing problems.

I have one of those shark taps and have used it many times with no noticeable network impact. To be useful, they need to have no impact on the network or you wouldn't be able to use it for what it's designed for, troubleshooting.
 
Last edited:
To guarantee you are getting all the data on the wire, you would want to use a port mirroring device like a managed switch or the shark tap, running on a different machine than the one the OPC server is running on.

It is possible that the OPC server can intercept inbound packets prior to wireshark being able to see them. RSLinx does this in certain cases, which was what led me to buy the shark tap in the first place. I had to capture the data on a machine that was not running RSLinx.
 
I think wireshark is ethernet/IP aware. When I wrote my direct driver for the logix platform I used wireshark to inspect the packets. It knew the names of the various areas of the packet like session id, connection id, etc.
 
I think wireshark is ethernet/IP aware. When I wrote my direct driver for the logix platform I used wireshark to inspect the packets. It knew the names of the various areas of the packet like session id, connection id, etc.

Yes it can dissect some of the traffic, especially the header data. Some packet payloads it does not dissect.

Wireshark, an excellent tool.
 

Similar Topics

We are trying to poll data coming from a PLC for remote monitoring we have the IP address of the PLC and the default port number and the path is...
Replies
25
Views
417
I'm adding an IAI Gateway with 2 axes connected to it. To an ethernet network on my PLC. So, I think the math is correct on the Input and Output...
Replies
0
Views
68
We have some very old technology in my plant that needs adjusted but I don’t have the equipment. Can anyone tell me what I need to program this IO...
Replies
13
Views
293
Hello all, I am a college student currently working on my senior year engineering capstone project. As part of this project, I have been given an...
Replies
6
Views
202
Hello, friends, I am trying to upgrade a system that uses an Onrom incremental encoder (E6B2-CWZ6C) connected to a Danfoss VFD (FC360), but now...
Replies
4
Views
246
Back
Top Bottom