modbus TCP
Modbus TCP is a Modbus communication protocol based on the TCP/IP protocol, which is a variant of the Modbus protocol for communication over Ethernet. The Modbus TCP protocol is an open communication protocol that supports multiple programming languages and operating systems, and can communicate on different hardware and software platforms.
The Modbus TCP protocol uses the standard TCP/IP protocol stack to communicate via Ethernet. It supports multiple devices to access the same Modbus TCP server at the same time, thus realizing efficient data transmission.
The data format of the Modbus TCP protocol is similar to the Modbus RTU protocol, but it uses a different transmission method. The Modbus TCP protocol uses a TCP-based transmission, so it can communicate over a LAN or WAN without using serial communication lines.
The Modbus TCP protocol can be used to control and monitor various devices, including industrial automation equipment, robots, sensors, PLCs, etc. It is widely used in the field of industrial automation because of its high efficiency, reliability, flexibility and easy implementation.
Modbus TCP communication protocol
The data format of the Modbus TCP protocol is as follows:
- Modbus TCP frame format
Modbus TCP frame format is as follows:
| Transaction Identifier | Protocol Identifier | Length | Unit Identifier | Function Code | Data |
Among them, the meaning of each field is as follows:
- Transaction identifier: used to identify the correspondence between requests and responses.
- Protocol identifier: fixed to 0x0000.
- Length: Indicates the number of bytes of subsequent data.
- Unit identifier: used to identify Modbus devices.
- Function code: Indicates the type of operation requested.
- Data: The data of the request or response.
Several main domain descriptions:
The transaction identifier of Modbus TCP is used to identify the corresponding relationship between request and response. It is a 16-bit unsigned integer generated by the client and persisted across requests and responses. In the request, the client uses a new transaction identifier, and in the response, the server uses the same transaction identifier so that the client can match the response to the request. Transaction identifiers range from 0 to 65535.
The Unit Identifier for Modbus TCP is used to identify Modbus devices. It is an 8-bit unsigned integer, usually set to 0xFF, indicating the broadcast address. If the unit identifier is not a broadcast address, the request will be sent to the specified device and the response will be returned to that device. If the unit identifier is a broadcast address, the request will be sent to all devices, and the response will only be returned to the requesting client. In most cases, the unit identifier is set to 0xFF.
- Modbus TCP function code
The function codes supported by Modbus TCP are as follows:
| function code | describe |
|---|---|
| 0x01 | read coil |
| 0x02 | read discrete input |
| 0x03 | read holding register |
| 0x04 | read input register |
| 0x05 | write a single coil |
| 0x06 | write a single holding register |
| 0x0F | write multiple coils |
| 0x10 | Write multiple holding registers |
- Modbus TCP data format
The Modbus TCP data format is as follows:
- Read Coil, Read Discrete Input, Read Holding Register, Read Input Register:
| Bytes | describe |
|---|---|
| 2 | initial address |
| 2 | number of registers |
- Write a single coil, write a single holding register:
| Bytes | describe |
|---|---|
| 2 | register address |
| 2 | write value |
- Write multiple coils, write multiple holding registers:
| Bytes | describe |
|---|---|
| 2 | initial address |
| 2 | number of registers |
| 1 | Bytes |
| n | write value |
where n is the number of bytes written to the value.
Modbus TCP example
Suppose we have a Modbus TCP device with IP address 192.168.1.100 and port number 502. We can use a Modbus TCP client to communicate with the device.
For example, if we want to read the 16-bit integer value of register address 0 on this device, we can send the following Modbus TCP request:
Request message:
00 01 00 00 00 06 FF 03 00 00 00 01
Explanation:
00 01 -> transaction identifier, freely specify
00 00 -> protocol identifier, Modbus TCP protocol identifier is 0x0000
00 06 -> message length, indicating that the following message length is 6 bytes
FF -> unit Identifier, broadcast address
03 -> function code, the function code to read the holding register is 0x03
00 00 -> start address, the address of the register to be read is 0
00 01 -> the number of registers, the number of registers to be read is 1
After the device receives the request, it will return the following response:
Response message:
00 01 00 00 00 03 FF 03 02
Explanation:
00 01 -> transaction identifier, the same as the request message
00 00 -> protocol identifier, the same as the request message
00 03 -> message length, indicating that the following message length is 3 bytes
FF -> Unit identifier, broadcast address
03 -> function code, the function code of reading holding register is 0x03
02 -> register value, the read 16-bit integer value is 2
This is a simple Modbus TCP example, which demonstrates how to use the Modbus TCP protocol to read the register value of a device.
Why are unit identifiers needed?
Modbus TCP is an application layer protocol based on TCP/IP protocol, which uses the port number of TCP protocol to identify Modbus TCP communication. By default, Modbus TCP uses port 502.
While Modbus TCP uses port numbers to identify communications, a unit identifier is still required to identify the target device for communications. This is because the Modbus protocol was originally designed for serial communication, where each device has a unique address called a unit identifier. In Modbus TCP, the unit identifier is usually set to 0xFF, indicating that the target device for communication is a broadcast address, but it can also be set to a specific device address to communicate with that device alone.
Therefore, the unit identifier still plays an important role in Modbus TCP, which can help the Modbus TCP client identify the target device of the communication and send the request to the correct device. At the same time, the port number can help the network router to route the Modbus TCP communication to the correct device.
[The last bug] There are updates and releases on multiple platforms. You can connect three times with one click, follow + star, and don't miss exciting content~
