Details
Description
According to 2-5.5.2 "TCP Connection Management for EtherNet/IP" - CIP Volume 2 Edition 1.23:
"In the condition where a target's CIP connections from an originator all time out, the target shall close the TCP connection from that originator immediately."
It is important to know that the above sentence applies only to CIP connections that are based on the same encapsulation session and thus are based on the same TCP connection. It is possible that there are other active CIP connections having the same Originator but running based on another encapsulation session/ TCP connection. Connections running on different encapuslations sessions shall not influence each other.
Current stack behavior:
When a connection times out, the EtherNet/IP stack searches for other connections that have the same originator IP address regardless of the underlying encapsulation session. If there are connections having the same originator, the session/TCP connection will not be closed.
Problematic behavior:
The above behavior can lead to situations where a TCP connection will not be closed even though there are no more CIP connections running to the originator based on the same encapsulation session.
The illustration below shows 4 established CIP connections where CIP connection 1 and 2 are based on TCP connection 1 and CIP connection 3 and 4 are based on TCP connection 2.
The CIP sepcification wants TCP1 to be closed in case CIP connection 1 and 2 time out. However, the current stack implementation would "see" CIP connection 3 and 4 (both having the same originator as CIP connection 1 and 2) and would therefore not close TCP1 which is wrong.
|