Connection failure on Forward open request
1,096 views
Skip to first unread message
John Arvanitis
Nov 28, 2019, 9:04:28 AM11/28/19
to EIP Stack Group OpENer Developers
First of all your implementation of adapter class is great.
And my question.
We download build and execute your code on eclipse. We have a Scanner able to send msgs to devices.
We used your code sample code as is (creating the 100,151-154 assemblies) and we didn't change anything on it.
From Scanner we initiate a PtP implicit msg connection and we try to send it to Opener adapter.
On wireshark we see all TCP and EIP messages of initial connection and registration.
We also see the forwardopen request msg that is sent by scanner to adapter device.
Unfortunately the adapter does not produce the forward response msg. Instead of this the adapter sends connection failure msg.
Why this is happened? Am I doing something wrong? Have toimplement my own assemply first?
Bellow we have the forward open request and teh connection failure msgs
Request
--------
No. Time Source Destination Protocol Length Info
25206 2543.943674000 192.168.1.235 192.168.1.226 CIP CM 156 Forward Open
Frame 25206: 156 bytes on wire (1248 bits), 156 bytes captured (1248 bits) on interface 0
Interface id: 0 (\Device\NPF_{A540E8E6-88C2-4B3A-AB53-A26C34D482E1})
Encapsulation type: Ethernet (1)
Arrival Time: Nov 28, 2019 14:15:15.692877000 Hora estándar romance
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1574946915.692877000 seconds
[Time delta from previous captured frame: 0.019416000 seconds]
[Time delta from previous displayed frame: 144.353505000 seconds]
[Time since reference or first frame: 2543.943674000 seconds]
Frame Number: 25206
Frame Length: 156 bytes (1248 bits)
Capture Length: 156 bytes (1248 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ip:tcp:enip:cip:cipcm]
[Number of per-protocol-data: 1]
[Common Industrial Protocol, key 0]
[Coloring Rule Name: TCP]
[Coloring Rule String: tcp]
Ethernet II, Src: CadmusCo_09:12:0d (08:00:27:09:12:0d), Dst: CadmusCo_28:48:cf (08:00:27:28:48:cf)
Destination: CadmusCo_28:48:cf (08:00:27:28:48:cf)
Address: CadmusCo_28:48:cf (08:00:27:28:48:cf)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Source: CadmusCo_09:12:0d (08:00:27:09:12:0d)
Address: CadmusCo_09:12:0d (08:00:27:09:12:0d)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: IP (0x0800)
Internet Protocol Version 4, Src: 192.168.1.235 (192.168.1.235), Dst: 192.168.1.226 (192.168.1.226)
Version: 4
Header Length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 142
Identification: 0xfc0c (64524)
Flags: 0x02 (Don't Fragment)
0... .... = Reserved bit: Not set
.1.. .... = Don't fragment: Set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 128
Protocol: TCP (6)
Header checksum: 0x793f [validation disabled]
[Good: False]
[Bad: False]
Source: 192.168.1.235 (192.168.1.235)
Destination: 192.168.1.226 (192.168.1.226)
[Source GeoIP: Unknown]
[Destination GeoIP: Unknown]
Transmission Control Protocol, Src Port: 2904 (2904), Dst Port: 44818 (44818), Seq: 29, Ack: 29, Len: 102
Source Port: 2904 (2904)
Destination Port: 44818 (44818)
[Stream index: 282]
[TCP Segment Len: 102]
Sequence number: 29 (relative sequence number)
[Next sequence number: 131 (relative sequence number)]
Acknowledgment number: 29 (relative ack number)
Header Length: 20 bytes
.... 0000 0001 1000 = Flags: 0x018 (PSH, ACK)
000. .... .... = Reserved: Not set
...0 .... .... = Nonce: Not set
.... 0... .... = Congestion Window Reduced (CWR): Not set
.... .0.. .... = ECN-Echo: Not set
.... ..0. .... = Urgent: Not set
.... ...1 .... = Acknowledgment: Set
.... .... 1... = Push: Set
.... .... .0.. = Reset: Not set
.... .... ..0. = Syn: Not set
.... .... ...0 = Fin: Not set
Window size value: 64212
[Calculated window size: 64212]
[Window size scaling factor: -2 (no window scaling used)]
Checksum: 0xdb7e [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Urgent pointer: 0
[SEQ/ACK analysis]
[This is an ACK to the segment in frame: 25205]
[The RTT to ACK the segment was: 0.019416000 seconds]
[iRTT: 0.000823000 seconds]
[Bytes in flight: 102]
EtherNet/IP (Industrial Protocol), Session: 0x00000001, Send RR Data
Encapsulation Header
Command: Send RR Data (0x006f)
Length: 78
Session Handle: 0x00000001
Status: Success (0x00000000)
Sender Context: 0000000057010000
Options: 0x00000000
Command Specific Data
Interface Handle: CIP (0x00000000)
Timeout: 1024
Item Count: 2
Type ID: Null Address Item (0x0000)
Length: 0
Type ID: Unconnected Data Item (0x00b2)
Length: 62
[Response In: 27660]
Common Industrial Protocol
Service: Unknown Service (0x54) (Request)
0... .... = Request/Response: Request (0x00)
.101 0100 = Service: Unknown (0x54)
Request Path Size: 2 (words)
Request Path: Connection Manager, Instance: 0x01
Path Segment: 0x20 (8-Bit Class Segment)
001. .... = Path Segment Type: Logical Segment (1)
...0 00.. = Logical Segment Type: Class ID (0)
.... ..00 = Logical Segment Format: 8-bit Logical Segment (0)
8-Bit Class Segment
Class: Connection Manager (0x06)
Path Segment: 0x24 (8-Bit Instance Segment)
001. .... = Path Segment Type: Logical Segment (1)
...0 01.. = Logical Segment Type: Instance ID (1)
.... ..00 = Logical Segment Format: 8-bit Logical Segment (0)
8-Bit Instance Segment
Instance: 0x01
CIP Connection Manager
Service: Forward Open (Request)
0... .... = Request/Response: Request (0x00)
.101 0100 = Service: Forward Open (0x54)
Command Specific Data
...0 .... = Priority: 0
.... 1010 = Tick time: 10
Time-out ticks: 240
Actual Time Out: 245760ms
O->T Network Connection ID: 0x00000000
T->O Network Connection ID: 0x05ee5625
Connection Serial Number: 0x5626
Vendor ID: Alstom Transport (0x0476)
Originator Serial Number: 0x00000000
Connection Timeout Multiplier: *4 (0)
Reserved: 0x000000
O->T RPI: 100ms (0x000186A0)
O->T Network Connection Parameters: 0x48ce
0... .... .... .... = Owner: Exclusive (0)
.10. .... .... .... = Connection Type: Point to Point (2)
.... 10.. .... .... = Priority: Scheduled (2)
.... ..0. .... .... = Connection Size Type: Fixed (0)
.... ...0 1100 1110 = Connection Size: 206
T->O RPI: 100ms (0x000186A0)
T->O Network Connection Parameters: 0x48ce
0... .... .... .... = Owner: Exclusive (0)
.10. .... .... .... = Connection Type: Point to Point (2)
.... 10.. .... .... = Priority: Scheduled (2)
.... ..0. .... .... = Connection Size Type: Fixed (0)
.... ...0 1100 1110 = Connection Size: 206
Transport Type/Trigger: 0x21
0... .... = Direction: Client (0)
.010 .... = Trigger: Application Object (2)
.... 0001 = Class: 1 (1)
Connection Path Size: 10 (words)
Connection Path: [Key], , Assembly Object, Instance: 0x01, Connection Point: 0x64, Connection Point: 0x65
Path Segment: 0x34 (Electronic Key Segment)
001. .... = Path Segment Type: Logical Segment (1)
...1 01.. = Logical Segment Type: Special (5)
Electronic Key Segment (VendorID: 0x0000, DevTyp: 0x0000, 0.0)
Key Format: 0x04
Vendor ID: Reserved (0x0000)
Device Type: Generic Device (deprecated) (0)
Product Code: 0x0000
Compatibility: Bit Cleared, Major Revision: 0
0... .... = Compatibility: Bit Cleared (0x00)
.000 0000 = Major Revision: 0
Minor Revision: 0
Path Segment: 0x43 (Production Inhibit Time)
010. .... = Path Segment Type: Network Segment (2)
...0 0011 = Network Segment Type: Production Inhibit Time (3)
Production Inhibit Time
Production Inhibit Time: 50ms
Path Segment: 0x20 (8-Bit Class Segment)
001. .... = Path Segment Type: Logical Segment (1)
...0 00.. = Logical Segment Type: Class ID (0)
.... ..00 = Logical Segment Format: 8-bit Logical Segment (0)
8-Bit Class Segment
Class: Assembly Object (0x04)
Path Segment: 0x24 (8-Bit Instance Segment)
001. .... = Path Segment Type: Logical Segment (1)
...0 01.. = Logical Segment Type: Instance ID (1)
.... ..00 = Logical Segment Format: 8-bit Logical Segment (0)
8-Bit Instance Segment
Instance: 0x01
Path Segment: 0x2c (8-Bit Connection Point Segment)
001. .... = Path Segment Type: Logical Segment (1)
...0 11.. = Logical Segment Type: Connection Point (3)
.... ..00 = Logical Segment Format: 8-bit Logical Segment (0)
8-Bit Connection Point Segment
Connection Point: 0x64
Path Segment: 0x2c (8-Bit Connection Point Segment)
001. .... = Path Segment Type: Logical Segment (1)
...0 11.. = Logical Segment Type: Connection Point (3)
.... ..00 = Logical Segment Format: 8-bit Logical Segment (0)
8-Bit Connection Point Segment
Connection Point: 0x65
Response
---------
No. Time Source Destination Protocol Length Info
27660 2808.421603000 192.168.1.226 192.168.1.235 CIP CM 110 Connection failure
Frame 27660: 110 bytes on wire (880 bits), 110 bytes captured (880 bits) on interface 0
Interface id: 0 (\Device\NPF_{A540E8E6-88C2-4B3A-AB53-A26C34D482E1})
Encapsulation type: Ethernet (1)
Arrival Time: Nov 28, 2019 14:19:40.170806000 Hora estándar romance
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1574947180.170806000 seconds
[Time delta from previous captured frame: 0.443489000 seconds]
[Time delta from previous displayed frame: 264.477929000 seconds]
[Time since reference or first frame: 2808.421603000 seconds]
Frame Number: 27660
Frame Length: 110 bytes (880 bits)
Capture Length: 110 bytes (880 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ip:tcp:enip:cip:cipcm]
[Number of per-protocol-data: 1]
[Common Industrial Protocol, key 0]
[Coloring Rule Name: TCP]
[Coloring Rule String: tcp]
Ethernet II, Src: CadmusCo_28:48:cf (08:00:27:28:48:cf), Dst: CadmusCo_09:12:0d (08:00:27:09:12:0d)
Destination: CadmusCo_09:12:0d (08:00:27:09:12:0d)
Address: CadmusCo_09:12:0d (08:00:27:09:12:0d)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Source: CadmusCo_28:48:cf (08:00:27:28:48:cf)
Address: CadmusCo_28:48:cf (08:00:27:28:48:cf)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: IP (0x0800)
Internet Protocol Version 4, Src: 192.168.1.226 (192.168.1.226), Dst: 192.168.1.235 (192.168.1.235)
Version: 4
Header Length: 20 bytes
Differentiated Services Field: 0x6c (DSCP 0x1b: Unknown DSCP; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
0110 11.. = Differentiated Services Codepoint: Unknown (0x1b)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 96
Identification: 0x11fe (4606)
Flags: 0x02 (Don't Fragment)
0... .... = Reserved bit: Not set
.1.. .... = Don't fragment: Set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: TCP (6)
Header checksum: 0xa310 [validation disabled]
[Good: False]
[Bad: False]
Source: 192.168.1.226 (192.168.1.226)
Destination: 192.168.1.235 (192.168.1.235)
[Source GeoIP: Unknown]
[Destination GeoIP: Unknown]
Transmission Control Protocol, Src Port: 44818 (44818), Dst Port: 2904 (2904), Seq: 29, Ack: 132, Len: 56
Source Port: 44818 (44818)
Destination Port: 2904 (2904)
[Stream index: 282]
[TCP Segment Len: 56]
Sequence number: 29 (relative sequence number)
[Next sequence number: 85 (relative sequence number)]
Acknowledgment number: 132 (relative ack number)
Header Length: 20 bytes
.... 0000 0001 1000 = Flags: 0x018 (PSH, ACK)
000. .... .... = Reserved: Not set
...0 .... .... = Nonce: Not set
.... 0... .... = Congestion Window Reduced (CWR): Not set
.... .0.. .... = ECN-Echo: Not set
.... ..0. .... = Urgent: Not set
.... ...1 .... = Acknowledgment: Set
.... .... 1... = Push: Set
.... .... .0.. = Reset: Not set
.... .... ..0. = Syn: Not set
.... .... ...0 = Fin: Not set
Window size value: 64109
[Calculated window size: 64109]
[Window size scaling factor: -2 (no window scaling used)]
Checksum: 0x18b0 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Urgent pointer: 0
[SEQ/ACK analysis]
[iRTT: 0.000823000 seconds]
[Bytes in flight: 56]
EtherNet/IP (Industrial Protocol), Session: 0x00000001, Send RR Data
Encapsulation Header
Command: Send RR Data (0x006f)
Length: 32
Session Handle: 0x00000001
Status: Success (0x00000000)
Sender Context: 0000000057010000
Options: 0x00000000
Command Specific Data
Interface Handle: CIP (0x00000000)
Timeout: 0
Item Count: 2
Type ID: Null Address Item (0x0000)
Length: 0
Type ID: Unconnected Data Item (0x00b2)
Length: 16
[Request In: 25206]
[Time: 264.477929000 seconds]
Common Industrial Protocol
Service: Unknown Service (0x54) (Response)
1... .... = Request/Response: Response (0x01)
.101 0100 = Service: Unknown (0x54)
Status: Connection failure
General Status: Connection failure (0x01)
Additional Status Size: 1 (words)
Additional Status
Additional Status: 0x0315
[Request Path Size: 2 (words)]
[Request Path: Connection Manager, Instance: 0x01]
[Path Segment: 0x20 (8-Bit Class Segment)]
[001. .... = Path Segment Type: Logical Segment (1)]
[...0 00.. = Logical Segment Type: Class ID (0)]
[.... ..00 = Logical Segment Format: 8-bit Logical Segment (0)]
[8-Bit Class Segment]
[Class: Connection Manager (0x06)]
[Path Segment: 0x24 (8-Bit Instance Segment)]
[001. .... = Path Segment Type: Logical Segment (1)]
[...0 01.. = Logical Segment Type: Instance ID (1)]
[.... ..00 = Logical Segment Format: 8-bit Logical Segment (0)]
[8-Bit Instance Segment]
[Instance: 0x01]
CIP Connection Manager
Service: Forward Open (Response)
1... .... = Request/Response: Response (0x01)
.101 0100 = Service: Forward Open (0x54)
Status: Connection failure, Extended: Invalid segment in connection path
General Status: Connection failure (0x01)
Additional Status Size: 1 (words)
Extended Status: Invalid segment in connection path (0x0315)
Additional Status
Command Specific Data
Connection Serial Number: 0x5626
Vendor ID: Alstom Transport (0x0476)
Originator Serial Number: 0x00000000
Remaining Path Size: 0
Reserved: 0x00
John Arvanitis
Nov 29, 2019, 4:07:21 AM11/29/19
to EIP Stack Group OpENer Developers
I do a deeper investigation on my problem
I found that in connectionmanager.c line 1188 the class does not contain the instance_id (that is 1 in my case)
which is the instanse related to forwardopen msg.For this reason Opener sends connection failure.
Do we have to AddCipInstance() when forwardopen msg arrived on device? and in which function?
if ( NULL == GetCipInstance(class, instance_id) ) { //iarv 2 : The instance Id does not exist in class
//according to the test tool we should respond with this extended error code
*extended_error =
kConnectionManagerExtendedStatusCodeErrorInvalidSegmentTypeInPath;
return kCipErrorConnectionFailure;
}
Martin Melik-Merkumians
Nov 29, 2019, 4:35:29 AM11/29/19
to EIP Stack Group OpENer Developers
Hi,
I just had time to take a look on your problem, and your analysis helped, but is incorrect. OpENer is behaving as it should.
Your original FWD Open tries to open the following connection path. "Connection Path: [Key], Assembly Object, Instance: 0x01, Connection Point: 0x64, Connection Point: 0x65"
The problem is, that this request is already incorrect. It is a little counter-intuitive, but the first part of the Connection Path - Instance 0x01, shall not reference to an instance ID, but also to a connection point in some sense.
If you, as in your provided trace, use 3 connection points, they are to be supplied in the following sequence Config, Output, Input connection point. So the correct and working sequence would be 0x97, 0x96, 0x64.
A second error in your request is, that you also supply a connection point ID of 0x65. There is no connection point 0x65 (101 decimal) in the standard config of OpENer.
Best regards,
Martin
Reply all
Reply to author
Forward
0 new messages