Can anyone help me better understand what is going on here? I keep receiving "broken pipe" errors that say the connection is being reset by the peer. Also, I thought 192.168.114.30 was the client, but from my reading, the original SYN in a handshake is supposed to come from the server (and same with the RST, ACK). I'm sorry if this is an obvious answer. I've tried to do as much research as possible. Any help is greatly appreciated.
EDIT: I appreciate any answers and apologize for my lack of knowledge on the topic. I wanted to add the when querying the socket stats with the ss
command, I do not see this server listed as it should be. Does this mean that the server is not listening to any ports? Is this something that needs to be resolved within the server’s end of the modbus configuration?
It’s worth noting that this issue is present across multiple facilities that we operate, all related to the same device (a UPS) that the server is supposed to be sending data from. At one of the sites the dump indicated only ARP requests, so that one can’t even locate the MAC address.
Last question - is this at all related to a heartbeat timeout issue? I don’t believe it is, but there are people above me (that frankly aren’t that familiar with the Modbus TCP Protocol either) that seem to think it is. I understand a “Connection reset by peer” can be caused by a timeout, but does anyone have suggestions on how I can rule that out with confidence?