Why You Need Wireshark for Industrial Ethernet Analysis

Industrial Ethernet is a term that refers to the use of Ethernet protocols and technologies in industrial applications, such as automation, control, and monitoring. Industrial Ethernet networks are designed to meet the high demands of reliability, performance, and safety that are required in industrial environments.

However, industrial Ethernet networks are not immune to problems, such as network congestion, packet loss, misconfiguration, or cyberattacks. These problems can affect the quality of service, data integrity, and availability of the network, and ultimately impact the productivity, efficiency, and safety of the industrial processes.

That’s why you need a powerful and versatile tool to analyze and troubleshoot your industrial Ethernet network. And that tool is Wireshark.

What is Wireshark?

Wireshark is a free and open-source network protocol analyzer that allows you to capture, filter, and inspect network traffic in real time or from saved files. Wireshark supports hundreds of protocols, including many industrial Ethernet protocols, such as EtherCAT, EtherNet/IP, PROFINET, Modbus TCP, and OPC UA.

Wireshark can help you to:

• Monitor the health and performance of your industrial Ethernet network
• Identify and diagnose network problems and errors
• Verify the compliance and interoperability of network devices and protocols
• Detect and prevent network security threats and attacks
• Learn and understand how network protocols work

How to Use Wireshark for Industrial Ethernet Analysis

To use Wireshark for industrial Ethernet analysis, you need to have the following:

• A computer with Wireshark installed. You can download Wireshark from here.
• A network interface card (NIC) that supports promiscuous mode and can capture raw Ethernet frames.
• A network tap, switch, or hub that can mirror or forward the network traffic to your NIC.

To capture industrial Ethernet packets, make sure you have the required tools and follow the steps below:

• Create a LabVIEW project with the Real-Time controller and the EtherCAT slave1.
• Run your EtherCAT VI to begin communication.
• Open Wireshark and begin capture. You will see the ECAT packets transmitted over the network1.

To analyze industrial Ethernet packets, you can use the following features of Wireshark:

• Display filters: You can use display filters to narrow down the packets that you want to see, based on various criteria, such as protocol, source, destination, port, or content. For example, you can use the filter enip to show only EtherNet/IP packets2.
• Statistics: You can use statistics to get an overview of the network traffic, such as the number of packets, bytes, conversations, endpoints, protocols, and errors. You can also generate graphs and charts to visualize the network behavior, such as throughput, round-trip time, packet size, and packet loss.
• Decode as: You can use decode as to change how Wireshark interprets a packet or a field, based on the protocol that you specify. For example, you can use decode as to view the payload of an EtherNet/IP packet as CIP (Common Industrial Protocol) data3.
• Expert info: You can use expert info to get a summary of the network problems and anomalies that Wireshark detects, such as malformed packets, checksum errors, retransmissions, duplicate packets, and out-of-order packets.

Conclusion

Wireshark is a must-have tool for anyone who works with industrial Ethernet networks. It can help you to monitor, analyze, and troubleshoot your network, and ensure its optimal performance and security. Wireshark is easy to use, flexible, and powerful, and it supports many industrial Ethernet protocols. You can download Wireshark for free and start using it today.