There are two main MODBUS communication modes:
RTU mode and ASCII mode.
RTU mode:
address code function code data Check code One byte One byte n bytes Two bytes (CRC) The slaves have corresponding address codes for easy identification by the master. Among them, the data has been framed as a unit for data transmission, the longest is 252 bytes per frame, and the shortest is 0. If the transmission time of one byte of data is T, then the minimum interval between every two frames should be greater than 3.5T, otherwise the slave cannot distinguish that it is two frames. Second, the interval between two consecutive data in the same frame cannot exceed 1.5T, otherwise the node will think that the data in this frame is incomplete, which shows that we need to enable a timer during modbus transmission.
ASCII mode:
Start address code function code data check Carriage return The character':' (colon) Two bytes Two bytes 0 to 2 * 252 bytes Two bytes (LRC check) Two bytes (CR, LF) The beginning of the frame':' begins with a colon and ends with a carriage return and line feed. The corresponding hexadecimal system can be queried in the ASCII table. The transmission interval between bytes cannot be greater than 1s, and it is considered that this frame of data is lost if greater than 1s. Similarly, we can calculate that the maximum length of an ASCII frame is 513 bytes.
RTU uses CRC check , ASCII uses LRC check.
Correct response format:
address code function code Data code check Slave's own Keep consistent with the sent (range: 0x00-0x7f) According to functional requirements Check code
Error response:
Add 0x80 to the function code, the highest bit of the original function code will not be 1, and add the highest bit of 0x80 to 1, if there is an error, the abnormal code of the data bit can know what the error is.
address code function code Data code check Slave's own Keep consistent with the sent (range: 0x00-0x7f) + 0x80 Exception code Check code
Exception code:
function code:
0x01: Read coil register (readable and writable coil)
0x02: Read discrete input register (readable and non-writable coil)
0x03: Read holding register (readable and writable register)
0x04: Read input register (readable and non-writable register)
0x05 : Write single coil register (writable single coil is unreadable)
0x06: write single holding register (writable single register is not readable)
0x0f: write multiple coil registers (writable multiple coils are not readable)
0x10: write multiple holding registers (Writable multiple registers are not readable)
01H-->Read coil register
address code function code data check send 01 01 00 20 00 05 FD C3 response 01 01 01 15 90 47 Send data: Read address: 00 20, start reading from 0x20, 00 05 read 5 registers.
Response data: 01, there are only 5 registers, less than 8, 5/8=0, add 1, so it is 1, assuming there are 9, it is 02, and so on. 15. Binary: 00010101, 3 of the 5 registers are in the on state. Under this function, only the status of the slave can be read.
02H--->Read discrete input register
address code function code data check send 01 02 00 20 00 05 B9 C3 response 01 02 01 02 20 49 Send data: Read address: 00 20, start reading from 0x20, 00 05 read 5 registers.
Response data: 01, there are only 5 registers, less than 8, 5/8=0, add 1, so it is 1, assuming there are 9, it is 02, and so on. 02, Binary: 00000010, one of the five registers is in the on state, and only the slave state can be read under this function.
03-->Read holding register
address code function code data check send 01 03 00 14 00 03 45 CF response 01 03 06 00 14 00 1E 00 00 71 70 Send data: Read address: 00 20, start reading from 0x20, 00 05 read 3 registers.
Response data: 06, followed by 6 digits, 00 14, sent data 0x14, 00 1E sent data 0x1E, 00 00 sent data 0X00.
04--> Read input register
address code function code data check send 01 04 00 14 00 03 F0 0F response 01 04 06 00 14 00 1E 00 00 30 96 Send data: Read address: 00 20, start reading from 0x20, 00 05 read 3 registers.
Response data: 06, followed by 6 digits, 00 14, sent data 0x14, 00 1E sent data 0x1E, 00 00 sent data 0X00.
05-->Write a single coil register
address code function code data check send 01 05 00 20 00 00 CC 00 response 01 05 00 20 00 00 CC 00 Send data: Read address: 00 20, start writing from 0x20, 00 00 write value.
Response data: same as sent.
06-->Write a single holding register
address code function code data check send 01 06 00 01 00 03 XX XX response 01 06 00 01 00 03 XX XX Send data: Read address: 00 20, start writing from 0x20, 00 03 write value.
Response data: same as sent.
0F-->Write multiple coil registers
address code function code data check send 01 0F 00 14 00 03 01 00 CC 00 response 01 0F 00 14 00 03 CC 00 Send data: Read address: 00 20, start writing from 0x20, 00 03 write 3 values, 01,3 is less than 8,00, the 3 data written are all 0.
Response data: 00 14, write address, 00 03, 3 data.
10-->Write multiple holding registers
address code function code data check send 01 10 00 34 00 02 04 0C 02 12 45 XX XX response 01 10 00 34 00 02 XX XX Sending data: Read address: 00 34, start writing from 0x34, 00 02 write 2 values, there are 4 bits after 04, 0C 02 and 12 45 are data.
Response data: 00 14, write address, 00 02, 2 data.
CRC check:
