PLC Ethernet Configuration IP Port Addressing Best Practices


We use a Japanese PLC brand made by JTEKT and plc ethernet modules that occupy a slot in the rack. When they are configured we can set the Port numbers to whatever we like. To date there has been zero standardization other than using what comes up by default in the software (ports 2000-2007). Currently there are many groups in the organization that are using various software packages and kepware drivers/etc to data mine the plcs. I have no influence on what other departments are doing but I can hopefully roll out a numbering convention for ethernet port numbers.
For instance my Ignition server would be known to all because I would use port:1234 for the DEV, and port: 5678 for Production (just made up those numbers). Other departments would use different numbers. That way when a programmer approach's a plc that they hadn't previously accessed, they could at least identify what was happening with the existing port numbers.
Currently if I see all ports 2000-20007 enabled, I have to do a Test-NetConnection -ComputerName x.x.x.x -Port xxxx and verify it is free, but even then I can't be sure that someone else may intermittently try to access the port and cause potential issues. The IP addressing is documented but the port numbers have not been documented to date.
Things are very early days here so I'm hoping some sort of standard can be created.

My question is, what does everyone else do for port addressing standards?

Most industrial protocols don't have this problem, as a single TCP listening port, by the standard, can accept many connections (each gets diverted to a unique ephemeral port as part of the TCP handshake).

Try configuring multiple connections to the same port number and see if you can make that many simultaneous connections to that port. If not, you're pretty much on your own. (And I'd do everything possible to abandon such a lame technology.)

1 Like

Curiously, the Mitsubishi MELSEC-based PLCs all have this same limitation. I actually couldn't believe it until we called their support and it was confirmed for us very plainly, an addition to the empirical observations during our own testing and of other software's configuration options.

I was under the impression, based on a conversation on another site, that the MELSEC family does allocate connections like this, but you can assign multiple to a single port number. Perhaps that is specific to certain models. I'll try to find the link to that conversation.

Oh you might be right, you just need an explicit configuration entry for each connection allowed to the port.

This brand of hardware will not allow simultaneous connections to the same port. We've tried and all it does is cause a battle between kepware drivers and each will have intermittent connectivity.

There is the ability to have a node lookup table where we can go in thru the plc ethernet port, and then access other ethernet devices so perhaps I can point it back to itself that way.

Regardless, it sounds like a bit of a unique situation.

Thank you.

idk that much about networking (anymore, been a while) But there probably is a solution with networking, assigning ipaddres to ports should be possible i believe.
That way you could maybe atleast rule out someone else using your ports. if you could get their IT to figure out how it works xd