You are not registered yet. Please click here to register!


 
 
plc storereviewsdownloads
This board is for PLC Related Q&A ONLY. Please DON'T use it for advertising, etc.
 
Try our online PLC Simulator- FREE.  Click here now to try it.

---------->>>>>Get FREE PLC Programming Tips

New Here? Please read this important info!!!


Go Back   PLCS.net - Interactive Q & A > PLCS.net - Interactive Q & A > LIVE PLC Questions And Answers

PLC training tools sale

Reply
 
Thread Tools Display Modes
Old January 12th, 2019, 08:08 AM   #1
PeeLC
Member
United States

PeeLC is offline
 
Join Date: Oct 2018
Location: Krypton
Posts: 16
Tech Device to tap and record Ethernet/IP connections?

Hello PLCS.net!

I was wondering if there is such a thing available that connects inline with two RJ45 jacks and lets me know what communication is happening?

From what I understand, I don't necessarily want the packet information, but rather the information about the contents of the packet, so the application data.

We are in the AB environment, and would like something to help us log communication between the OPC and the PLC.

Thanks!
-PeeLC.
  Reply With Quote
Old January 12th, 2019, 08:33 AM   #2
Archie
Member
United States

Archie is offline
 
Join Date: May 2002
Location: Orangeburg, SC
Posts: 1,800
A SharkTap and Wireshark software:

https://www.amazon.com/midBit-Techno.../dp/B00DY77HHK

It is basically a 3 port switch with a mirrored port that let's you see the traffic. Wireshark does a good job at breaking down the packet.
__________________
Expectations lead to disappointment. Appreciation leads to satisfaction.

AdvancedHMI - HMI Software without the license key hassles
  Reply With Quote
Old January 12th, 2019, 08:33 AM   #3
Aabeck
Member
United States

Aabeck is offline
 
Aabeck's Avatar
 
Join Date: Feb 2013
Location: Detroit
Posts: 1,105
Wireshark might be what you are looking for, it's a free download. It installs on any PC on the network.

I records each item on a network that send a packet, and the type of send with the destination IP if it is to a specific other device. It can be filtered to show only data for specific IP addresses, MAC addresses, type of packet or request, etc.
__________________
Never underestimate the quality of idiots that will be running your machines
http://aabeck.com
  Reply With Quote
Old January 12th, 2019, 08:38 AM   #4
lfe
Member
France

lfe is offline
 
Join Date: Jun 2007
Location: Barcelona
Posts: 328
If the OPC server is running on a PC you can try Wireshark packet analyzer on it.

The hard part will then be to interpret the sequence of bytes since two sources of information have to be used, the first from OVDA about Ethernet/IP and the CIP packets and then from Rockwell Automation about the data contained in those packets..

OVDA documents are not free, you have to be a member and pay a fee to obtain them and as for RA there are a few documents and from my point of view there are incomplete.
__________________
Suppanel HMI
  Reply With Quote
Old January 12th, 2019, 11:49 AM   #5
James Mcquade
Member
United States

James Mcquade is offline
 
Join Date: Oct 2007
Location: Tennessee
Posts: 2,280
a word of caution about sniffer programs.

one of our guys ran a sniffer program to see what was on the network and brought the traffic to a crawl.
everyone came asking me if I had a network loop.
when we got to him, we had him turn off the program and everything was normal.


please be aware of the network when you run the program.

james
  Reply With Quote
Old January 12th, 2019, 12:08 PM   #6
dmroeder
Lifetime Supporting Member
United States

dmroeder is offline
 
dmroeder's Avatar
 
Join Date: Apr 2006
Location: Vancouver, WA
Posts: 2,095
Quote:
Originally Posted by James Mcquade View Post
a word of caution about sniffer programs.

one of our guys ran a sniffer program to see what was on the network and brought the traffic to a crawl.
everyone came asking me if I had a network loop.
when we got to him, we had him turn off the program and everything was normal.


please be aware of the network when you run the program.

james
Bizarre, I would have liked to be involved in understanding that one. I don't see how Wireshark would do that, it just captures the packets entering the specified network adapter on the machine running it. It doesn't send anything out onto the network. Maybe the program he was running was more than a packet sniffer?

I could see a misconfigured switch used for mirroring or something like that, but it's hard to see Wireshark by itself causing problems.

I have one of those shark taps and have used it many times with no noticeable network impact. To be useful, they need to have no impact on the network or you wouldn't be able to use it for what it's designed for, troubleshooting.

Last edited by dmroeder; January 12th, 2019 at 12:12 PM.
  Reply With Quote
Old January 12th, 2019, 02:19 PM   #7
SD_Scott
Member
United States

SD_Scott is offline
 
SD_Scott's Avatar
 
Join Date: Feb 2006
Location: South Carolina
Posts: 119
You can run wireshark on the machine that the OPC server is running on. You can set up filters on IP or port number.
  Reply With Quote
Old January 12th, 2019, 02:36 PM   #8
dmroeder
Lifetime Supporting Member
United States

dmroeder is offline
 
dmroeder's Avatar
 
Join Date: Apr 2006
Location: Vancouver, WA
Posts: 2,095
To guarantee you are getting all the data on the wire, you would want to use a port mirroring device like a managed switch or the shark tap, running on a different machine than the one the OPC server is running on.

It is possible that the OPC server can intercept inbound packets prior to wireshark being able to see them. RSLinx does this in certain cases, which was what led me to buy the shark tap in the first place. I had to capture the data on a machine that was not running RSLinx.
  Reply With Quote
Old January 12th, 2019, 03:19 PM   #9
SD_Scott
Member
United States

SD_Scott is offline
 
SD_Scott's Avatar
 
Join Date: Feb 2006
Location: South Carolina
Posts: 119
I think wireshark is ethernet/IP aware. When I wrote my direct driver for the logix platform I used wireshark to inspect the packets. It knew the names of the various areas of the packet like session id, connection id, etc.
  Reply With Quote
Old January 12th, 2019, 04:46 PM   #10
Mark-
Lifetime Supporting Member
United States

Mark- is offline
 
Join Date: Nov 2008
Location: Texas
Posts: 655
Quote:
Originally Posted by SD_Scott View Post
I think wireshark is ethernet/IP aware. When I wrote my direct driver for the logix platform I used wireshark to inspect the packets. It knew the names of the various areas of the packet like session id, connection id, etc.
Yes it can dissect some of the traffic, especially the header data. Some packet payloads it does not dissect.

Wireshark, an excellent tool.
__________________
Good luck,

Mark
PeakHMI
  Reply With Quote
Reply
Jump to Live PLC Question and Answer Forum

Bookmarks


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -5. The time now is 11:41 PM.


.