1.6 MODBUS-TCP/IP PROTOCOL
The Modbus-TCP/IP protocol has been implemented to be as compatible as possible with the original published
Modbus-TCP/IP standard v1.0b.
Note: The Modbus protocol allows parameter register access only as defined by the explicit mapping in
this manual. To send the ASCII commands (R000, T`A, MAM, MRS, etc.) that are handled by the other
three protocols, the Modbus Extended Services registers must be used.
Using the Modbus tcp/ip-protocol, MultiLoad accepts data in the following format:
The header is 7 bytes long:
Transaction Identifier - It is used for transaction pairing, the MODBUS server copies in the response the
transaction identifier of the request.
Protocol Identifier – It is used for intra-system multiplexing. The MODBUS protocol is identified by the value 0.
Length - The length field is a byte count of the following fields, including the Unit Identifier and data fields.
Unit Identifier – This field is used for intra-system routing purpose. It is typically used to communicate to a
MODBUS+ or a MODBUS serial line slave through a gateway between an Ethernet TCP-IP network and a
MODBUS serial line. This field is set by the MODBUS Client in the request and must be returned with the same
value in the response by the server.
All MODBUS/TCP ADU are sent via TCP to registered port 502.
Remark : the different fields are encoded in Big-endian.
Fn is the Modbus function. Functions implemented are as follows.
The formal specification of Modbus lists the starting Holding Register address as 40001. The Modbus
Holding Register functions (Fn 3, 6 and 16) all have an implied 4XXXX reference. Referencing Holding
Register 40001 is addressed as register 0000 in the register address field in the message for fn 3, 6, and
16.
To Next Page
Loading...
Need help?
General
