EtherNet/IP
Ethernet/IP Active Discovery can be performed by Cisco Cyber Vision using Broadcast or Unicast mode. In any case, requests sent and component properties collected in return will be the same. The main differences will be:
-
Broadcast will discover all devices in the local LAN.
-
Unicast will only discover the devices and components which have an IPv4 address.
-
Unicast will search for, once an EtherNet/IP node is discovered, the devices' content. If a device is a chassis with a backplane, it will be queried and all modules will send their properties.
# | Name | Cyber Vision Properties | Example |
1 |
Vendor ID |
enip-vendor |
Rockwell Automation/Allen-Bradley |
2 |
Device Type |
enip-devicetype |
ProgrammableLogicController |
3 |
Product Code |
enip-productcode |
235 |
4 |
Revision |
enip-version |
33.012 |
5 |
Status |
enip-status |
AtLeastOneIOConnectionInRunMode, MinorRecoverableFault, ReservedBits12-15:0x3 |
6 |
Serial Number |
enip-serial |
01105356 |
7 |
Product Name |
enip-name |
1756-L81ES/B |
EtherNet/IP Broadcast or Unicast
A Broadcast Ethernet/IP Active Discovery consists of a packet sent by the sensor which requests EtherNet/IP identities to all devices in the local LAN. For example, a sensor with an Active Discovery IPv4 address 192.168.20.192/24 will send this EtherNet/IP request to the Broadcast address, here 192.168.20.255. All devices in the IPv4 range 192.168.20.0 to 192.168.20.254 will answer with the packet described above (CIP Identity response (0x000c)).
A direct Unicast Ethernet/IP (i.e. no backplane) will consist of the same request but sent directly to the device. When a preset is configured to query EtherNet/IP devices, the system will take the list of components of this preset which have an IPv4 address. Then, the Active Discovery engine will try to reach each IPv4 with this EtherNet/IP identities request. All reachable EtherNet/IP nodes of this list will answer with the packet described above (CIP Identity response (0x000c)).
In both cases (Broadcast and Unicast), the answer will be sent by the discovered devices to the sensor's Active Discovery network interface. The answer will be a UDP packet for the Broadcast request and some TCP packets for the Unicast request.
Ethernet/IP backplane discovery
To browse backplanes, the Active Discovery policy with the Unicast EtherNet/IP protocol enabled needs to have the backplane discovery option set to enabled.
In such case, all EtherNet/IP nodes detected by Active Discovery Ethernet/IP Unicast will be queried again by the sensor. The sensor will try to know the backplane size and then send a request to the different modules (link addresses form 0 to the chassis size). All modules will then send their properties such as the product reference and the firmware version.