Figure 17 illustrates the structure of a Message placed on the wire. This also illustrates how the Message elements defined by the OPC UA Binary Encoding mapping (see 5.2) and the OPC UA Secure Conversation mapping (see 6.7) relate to the OPC UA Connection Protocol Messages.

image020.png

Figure 17 – OPC UA Connection Protocol Message structure

Every OPC UA Connection Protocol Message has a header with the fields defined in Table 68.

Table 68 – OPC UA Connection Protocol Message header

Name

Type

Description

MessageType

Byte [3]

A three byte ASCII code that identifies the Message type.

The following values are defined at this time:

HEL a Hello Message.

ACK an Acknowledge Message.

ERR an Error Message.

RHE a ReverseHello Message.

The SecureChannel layer defines additional values which the OPC UA Connection Protocol layer shall accept.

Reserved

Byte [1]

Ignored. shall be set to the ASCII codes for ‘F’ if the MessageType is one of the values supported by the OPC UA Connection Protocol.

MessageSize

UInt32

The length of the Message, in bytes. This value includes the 8 bytes for the Message header.

The layout of the OPC UA Connection Protocol Message header is intentionally identical to the first 8 bytes of the OPC UA Secure Conversation Message header defined in Table 53. This allows the OPC UA Connection Protocol layer to extract the SecureChannel Messages from the incoming stream even if it does not understand their contents.

The OPC UA Connection Protocol layer shall verify the MessageType and make sure the MessageSize is less than the negotiated ReceiveBufferSize before passing any Message onto the SecureChannel layer.

The Hello Message has the additional fields shown in Table 69.

Table 69 – OPC UA Connection Protocol Hello Message

Name

Data Type

Description

ProtocolVersion

UInt32

The version of the UACP protocol requested by the Client.

If Server does not support the requested version or any lower version it rejects the Client by returning Bad_ProtocolVersionUnsupported.

If the Server supports the requested version or a lower version it shall return the version it will use in the Acknowledge Message.

The ProtocolVersion for this version of the standard is 0.

ReceiveBufferSize

UInt32

The largest MessageChunk that the sender can receive.

Shall be at least 1 024 bytes if the sender intends to use an ECC SecurityPolicy.

Shall be at least 8 192 bytes otherwise.

SendBufferSize

UInt32

The largest MessageChunk that the sender will send.

Shall be at least 1 024 bytes if the sender intends to use an ECC SecurityPolicy.

Shall be at least 8 192 bytes otherwise.

MaxMessageSize

UInt32

The maximum size for any response Message.

If MessageChunks have not been sent, the Server shall return an Error Message with a Bad_ResponseTooLarge error if a response Message exceeds this value.

If MessageChunks have already been sent the Server shall abort the Message as described in 6.7.3.

The Message size is calculated using the unencrypted Message body.

A value of zero indicates that the Client has no limit.

MaxChunkCount

UInt32

The maximum number of chunks in any response Message.

The Server shall abort the Message with a Bad_ResponseTooLarge Error Message if a response Message exceeds this value.

The mechanism for aborting Messages is described fully in 6.7.3.

A value of zero indicates that the Client has no limit.

EndpointUrl

String

The URL of the Endpoint which the Client wished to connect to.

The encoded value shall be less than 4 096 bytes.

Servers shall return a Bad_TcpEndpointUrlInvalid Error Message and close the connection if the length exceeds 4 096 or if it does not recognize the resource identified by the URL.

The EndpointUrl parameter is used to allow multiple Servers to share the same endpoint on a machine. The process listening (also known as the proxy) on the endpoint would connect to the Server identified by the EndpointUrl and would forward all Messages to the Server via this socket. If one socket closes, then the proxy shall close the other socket.

If the Server does not have sufficient resources to allow the establishment of a new SecureChannel it shall immediately return a Bad_TcpNotEnoughResources Error Message and gracefully close the socket. Client should not overload Servers that return this error by immediately trying to create a new SecureChannel.

The Acknowledge Message has the additional fields shown in Table 70.

Table 70 – OPC UA Connection Protocol Acknowledge Message

Name

Type

Description

ProtocolVersion

UInt32

A protocol version supported by the Server that is less than or equal to the protocol version requested in the Hello Message.

If the Client accepts the protocol version it shall ensure that it sends Messages that conform to this version.

The ProtocolVersion for this version of the standard is 0.

ReceiveBufferSize

UInt32

The largest MessageChunk that the sender can receive.

This value shall not be larger than the SendBufferSize requested in the Hello Message.

Shall be at least 8 192 bytes if the SendBufferSize requested in the Hello Message is >= 8 192 bytes. Shall be at least 1 024 bytes otherwise.

SendBufferSize

UInt32

The largest MessageChunk that the sender will send.

This value shall not be larger than the ReceiveBufferSize requested in the Hello Message.

Shall be at least 8 192 bytes if the ReceiveBufferSize requested in the Hello Message is >= 8 192 bytes. Shall be at least 1 024 bytes otherwise.

MaxMessageSize

UInt32

The maximum size for any request Message.

If a request Message exceeds this value the Client shall report a Bad_ResponseTooLarge error to the application. If MessageChunks have already been sent the Client shall also abort the Message as described in 6.7.3.

The Message size is calculated using the unencrypted Message body.

A value of zero indicates that the Server has no limit.

MaxChunkCount

UInt32

The maximum number of chunks in any request Message.

The Client shall abort the Message with a Bad_RequestTooLarge StatusCode if a request Message exceeds this value.

The mechanism for aborting Messages is described fully in 6.7.3.

A value of zero indicates that the Server has no limit.

The Error Message has the additional fields shown in Table 71.

Table 71 – OPC UA Connection Protocol Error Message

Name

Type

Description

Error

UInt32

The numeric code for the error.

Possible values are listed in Table 74.

Reason

String

A more verbose description of the error.

This string shall not be more than 4 096 bytes.

A Client shall ignore strings that are longer than this.

The socket is always closed gracefully by the Client after it receives an Error Message.

The ReverseHello Message has the additional fields shown in Table 72.

Table 72 – OPC UA Connection Protocol ReverseHello Message

Name

Data Type

Description

ServerUri

String

The ApplicationUri of the Server which sent the Message.

The encoded value shall be less than 4 096 bytes.

Client shall return a Bad_TcpEndpointUrlInvalid error and close the connection if the length exceeds 4 096 or if it does not recognize the Server identified by the URI.

EndpointUrl

String

The URL of the Endpoint which the Client uses when establishing the SecureChannel.

This value shall be passed back to the Server in the Hello Message.

The encoded value shall be less than 4 096 bytes.

Clients shall return a Bad_TcpEndpointUrlInvalid error and close the connection if the length exceeds 4 096 or if it does not recognize the resource identified by the URL.

This value is a unique identifier for the Server which the Client may use to look up configuration information. It should be one of the URLs returned by the GetEndpoints Service.

For connection-based protocols, such as TCP, the ReverseHello Message allows Servers behind firewalls with no open ports to connect to a Client and request that the Client establish a SecureChannel using the socket created by the Server.

For message-based protocols the ReverseHello Message allows Servers to announce their presence to a Client. In this scenario, the EndpointUrl specifies the Server’s specific address and any tokens required to access it.