Add OPC UA PubSub Ethernet (Layer 2) transport (opc.eth://)#3915
Closed
marcschier wants to merge 3 commits into
Closed
Add OPC UA PubSub Ethernet (Layer 2) transport (opc.eth://)#3915marcschier wants to merge 3 commits into
marcschier wants to merge 3 commits into
Conversation
Implements the Part 14 Ethernet mapping (profile pubsub-eth-uadp, EtherType 0xB62C, optional 802.1Q VLAN) as a new Opc.Ua.PubSub.Eth library, reusing the existing UADP encoding and message-level security. Provides an injectable IEthernetFrameChannel provider with native Linux AF_PACKET / macOS BPF backends (AOT-clean), an opt-in SharpPcap backend via WithPcap() in the same package (net8.0+), and an in-memory loopback backend for deterministic tests. Adds DI/fluent AddEthTransport, the EthUadp sample profile, unit + AOT tests, and docs.
marcschier
commented
Jun 25, 2026
- Move the Ethernet transport profile URI constant out of Opc.Ua.Core SecurityConstants into a dedicated EthProfiles class in the Opc.Ua.PubSub.Eth assembly (its own file, next to the transport code). - Add <inheritdoc/> to all interface-implementing members and <summary> docs to public constructors and internal members of the internal frame-channel classes. - Merge Docs/PubSubEth.md into the Transports section of Docs/PubSub.md and update the README / Profiles links accordingly.
- ETH-SEC-02: return the send ArrayPool buffer with clearArray:true so plaintext NetworkMessage residue is not exposed in the shared pool. - ETH-SEC-01: drop the redundant receive-side copy (backends yield a distinct single-use array per frame) to cut GC pressure under a frame flood. - ETH-SEC-03: hold the channel lock across the AF_PACKET/BPF send syscall to close the file-descriptor-reuse race with concurrent close. - ETH-SEC-04/05: harden BPF record-parse bounds and EthernetFrameCodec.GetRequiredLength against integer overflow. - ETH-SEC-06: log a prominent warning when an opc.eth:// connection opens with SecurityMode=None; document the no-transport-security model, least-privilege, loopback-not-a-boundary and supply-chain notes in Docs/PubSub.md. Adds codec-overflow and unsecured-config-warning tests (Eth tests 54/53 pass, 0-warning).
Collaborator
Author
CI triage (build 14972)The two red checks are pre-existing macOS hosted-runner flakiness unrelated to this PR, not regressions from the Ethernet transport changes:
This PR's own jobs are green: No branch-related fix is required; the failing jobs are environmental and should clear on a runner re-run. |
marcschier
added a commit
that referenced
this pull request
Jun 29, 2026
marcschier
added a commit
that referenced
this pull request
Jun 29, 2026
Apply whitespace + style + safe analyzer fixes to the files introduced by the #3915 (Ethernet L2 transport) and #3916 (runtime schema generation) squash merges. Removed low-value empty <exception> auto-tags (RCS1140) and restored the two platform-#if Ethernet channel files (AfPacket/Bpf) that dotnet format cannot process across TFMs without emitting "Unmerged change" markers. No behavioural changes; UA.slnx builds 0-warning on net10.0 and the new project test suites pass.
Collaborator
Author
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Adds a third OPC UA PubSub transport — Ethernet (Layer 2) — alongside the existing UDP and MQTT transports, implementing the OPC UA Part 14 Ethernet mapping. PubSub NetworkMessages are carried directly inside raw Ethernet II frames (no IP/UDP), identified by the OPC Foundation EtherType
0xB62C, with optional IEEE 802.1Q VLAN tagging. The existing UADP message encoding and message-level PubSub security are reused — only the transport binding is new.This targets the
part14pubsubfeature branch (PR #3892).What's included
New library
Libraries/Opc.Ua.PubSub.Eth(net472/net48/netstandard2.1/net8.0/net9.0/net10.0):pubsub-eth-uadp(EthProfiles.PubSubEthUadpTransport, defined in the Eth assembly) and address schemeopc.eth://<mac>[?vid=<0-4095>&pcp=<0-7>](hyphen/colon/bare-hex MAC forms; legacy:vid.pcpsuffix accepted).EthEndpointParser,EthernetFrameCodec(Ethernet II + 802.1Q framing, EtherType filter, 60-octet padding),EthernetDatagramTransport(IPubSubTransport+ discovery announcements), andEthPubSubTransportFactory.IEthernetFrameChannel/IEthernetFrameChannelFactorywith four backends:AF_PACKETand macOS BPF via libc P/Invoke — NativeAOT-clean, default.WithPcap(), kept in the same package (compilednet8.0+, isolated with[UnconditionalSuppressMessage]).AddEthTransport(...),WithPcap()) plus a direct-construct fallback;EthTransportOptions(bindable fromOpcUa:PubSub:Eth).Sample, docs, wiring:
ConsoleReferencePubSubClientgains anEthUadpprofile (--profile eth-uadp); documented in the Transports section ofDocs/PubSub.md(linked from README / Profiles / migration docs);UA.slnxandDirectory.Packages.propsupdated.NativeAOT evaluation
The SharpPcap backend's AOT safety was decided empirically: an AOT smoke test in
Opc.Ua.Aot.Testsexercises the SharpPcap path, and the AOT-published binary ran it successfully ("Dynamic code generation is not supported"). SharpPcap therefore runs under NativeAOT, so unconditional suppression is sufficient (no[RequiresDynamicCode]/[RequiresUnreferencedCode]). Thenet8.0+gate avoids the transitive PacketDotNetnetstandardNU1701.Review feedback addressed
Docs/PubSubEth.mdinto the Transports section ofDocs/PubSub.md.<inheritdoc/>/<summary>documentation to the internal frame-channel classes and their members.Opc.Ua.CoreSecurityConstants.Profilesinto a dedicatedEthProfilesclass in theOpc.Ua.PubSub.Ethassembly.Validation
Opc.Ua.PubSub.Ethbuilds 0-warning on all six TFMs.Opc.Ua.PubSub.Eth.Tests: 51 pass (net10.0) / 50 pass (net48) — parser, codec (VLAN / padding / EtherType filter), transport loopback round-trip incl. discovery, channels, factory, DI +WithPcapwiring.Opc.Ua.Aot.Tests: builds clean, AOT-publishes, and the 3 Ethernet AOT tests pass.UA.slnxnet10.0 build: 0 errors; the sample builds clean.Related Issues
Checklist