How can I verify if a Modbus TCP connection is being properly closed?
We are troubleshooting a possible problem where a Modbus TCP client is supposedly not closing Modbus TCP connections with the Modbus Master, and after a while the Modbus master rejects any further attemps for TCP connections. The thing is, that we do not know which TCP client might be the culprit.
What would be the proper way to capture and filter TCP flows between two hostos to verify if the Modbus TCP connections are being properly closed (and thus not left "hanging" using up resources)? Not sure if this can be done with the "conversation" feature or some other way?
Tank you in advance for any advice you can provide.
Chuck, thank you for the input, very useful indeed.
The TCP completness analysis has allowed us to identify a device in our network that is generating a lot of incomplete TCP connections that I think are causing this problem. I might add that the troublesome device is a Teltonika 4G router that is reading Modbus TCP holding registers and is generating a lot of incomplete TCP connections that can be filtered with the ´tcp.completeness==30´ view filter that basically shows you anytime a TCP connection is not properly closed or completed. Additional info about this can be found here: https://www.qacafe.com/resources/abou...
When we use a Node-Red simulator with the exact same Modbus poll sent by the router, we see no failures, so I think we have found the problem. Thank you Wireshark.