This article is original, and I wrote it after reading Kevin's blog post !
1. Introduction to ModbusTcp
What is ModbusTcp?
/1, Modbus rtu and Modbus tcp are both MODBUS protocols in essence, both rely on MODBUS register addresses to exchange data;
/2, but the hardware interfaces used are different, Modbus RTU generally uses serial RS232C or RS485/422, and Modbus TCP generally uses an Ethernet port.
/3. There are many protocol converters on the market, which can easily convert these different protocols. For example, Intesisbox can convert modbus rtu to Modbus tcp. In fact, Modbus protocols include ASCII, RTU, and TCP.
/4. The standard Modicon controller uses RS232C to implement serial Modbus. Modbus's ASCII and RTU protocols stipulate the structure of messages and data, the way of command and answer, and the data communication adopts the Maser/Slave way.
/5. Modbus protocol needs to check data. Except for parity check in serial protocol, ASCII mode uses LRC check, and RTU mode uses 16-bit CRC check.
/6, ModbusTCP mode does not require additional check. Because the TCP protocol is a reliable connection-oriented protocol.
/7. TCP and RTU protocols are very similar, just remove the two-byte check code of the RTU protocol, and then add 5 0s and a 6 at the beginning of the RTU protocol and send them out through the TCP/IP network protocol. .
/1, Modbus rtu and Modbus tcp are both MODBUS protocols in essence, both rely on MODBUS register addresses to exchange data;
/2, but the hardware interfaces used are different, Modbus RTU generally uses serial RS232C or RS485/422, and Modbus TCP generally uses an Ethernet port.
/3. There are many protocol converters on the market, which can easily convert these different protocols. For example, Intesisbox can convert modbus rtu to Modbus tcp. In fact, Modbus protocols include ASCII, RTU, and TCP.
/4. The standard Modicon controller uses RS232C to implement serial Modbus. Modbus's ASCII and RTU protocols stipulate the structure of messages and data, the way of command and answer, and the data communication adopts the Maser/Slave way.
/5. Modbus protocol needs to check data. Except for parity check in serial protocol, ASCII mode uses LRC check, and RTU mode uses 16-bit CRC check.
/6, ModbusTCP mode does not require additional check. Because the TCP protocol is a reliable connection-oriented protocol.
/7. TCP and RTU protocols are very similar, just remove the two-byte check code of the RTU protocol, and then add 5 0s and a 6 at the beginning of the RTU protocol and send them out through the TCP/IP network protocol. .
Two, message analysis
This message is analyzed by the message of the power inverter equipment
1. Query instructions
(Send) 00 00 00 00 00 06[k1] 01[k2] 03[k3] 00[k4] 00[k5] 00[k6] 00[k7]
[k1] Starting character group, length, which means there are 6 bytes behind
[k2] Device address
[k3] Read command
[k4] The upper 8 bits of the register address
[k5] The lower 8 bits of the register address
[k6] The upper 8 bits of the number of registers
[k7] The lower 8 bits of the number of registers
(Return) 00 00 00 00 00 25[k1] 01[k2] 03[k3] 22[k4] (User-defined function code byte area)
[k1] Starting character group, length, representing 25 bytes behind
[k2] Device address
[k3] Read command
[k4] represents the length of the next data byte
2. Control instructions (start/stop)
(Send) 00 00 00 00 00 06[k1] 01[k2] 06[k3] 00 12 00 01[k4]
[k1] Starting character group, length, which means there are 6 bytes behind
[k2] Device address
[k3] Write command
[k4]00=stop/01=start
(Back) Same as above
3. Inverter power setting command
(Send) 00 00 00 00 00 06[k1] 01[k2] 06[k3] 00 13 00[k4] 00[k5]
[k1] Starting character group, length, which means there are 6 bytes behind
[k2] Device address
[k3] Write command
[k4] Power setting high byte
[k5] Power setting low byte
(Back) Same as above
I would like to take this as a reference for friends who need to do analysis.