Capturing and analyzing Ethernet packets¶
In order to understand the Profinet traffic, it is useful to capture network packets and analyze them in a tool like Wireshark.
To install a relatively new Wireshark version on Ubuntu:
sudo add-apt-repository ppa:wireshark-dev/stable sudo apt update sudo apt -y install wireshark
In order to be able to capture packets you need to add yourself to the
wireshark user group, or run the program as root:
For details on how to add yourself to the
wireshark user group, see
Parsing Profinet data with Wireshark¶
It is possible to load a GSDML file into recent versions of Wireshark, for parsing the cyclic data. In the Wireshark menu, select Edit > Preferences > Protocols > PNIO. Enter the directory where you have your GSDML file.
For this functionality to work, the Wireshark capture must include the start-up sequence. When a packet is interpreted according to a GSDML file, the name of the GSDML file is displayed in the detail view of the packet.
When running on an embedded Linux board, it can be convenient to run without a graphical user interface. To capture packets for later display in Wireshark, use the tool tcpdump.
Install it, for example like:
sudo apt-get install tcpdump
Run it with:
sudo tcpdump -i enp0s31f6 -n -w outputfile.pcap
-i argument to specify Ethernet interface.
Capturing packets on network¶
Profinet is a point-to-point protocol. If the Profinet controller or device software is running on your machine, you can use Wireshark (or tcpdump) directly to capture the packets.
If you would like to capture packets between other units (Profinet controllers/devices) you need special hardware to do the capturing. A network tap is a network switch with packet monitoring to send a copy of each packet to another Ethernet connector. Connect the tap on the network link between the IO-device and IO-controller. Connect the mirroring port to the machine where you run Wireshark or tcpdump.