Modbus

Modbus

Modpoll is a command line-based Modbus master simulator and test utility utilizing the FieldTalk™ Modbus driver.

To check Modbus connection using modpoll:



cd modpoll
cd x86_64-linux-gnu/
./modpoll -t 1 -a 50 -c 2 -r 4 -m tcp 192.168.110.128

Parameter explanations:

·        -t 1: Discrete input data type

·        -a #: Slave address (1-255 for serial, 0-255 for TCP, default is 1)

·        -c #: Number of values to read (1-125, default is 1), optional for write

·        -r #: Start reference (1-65536, default is 1)

·        -m tcp: MODBUS/TCP protocol (default otherwise)

For more information: Modpoll

If you are using Moxa, the configuration page includes:

·        Default username: admin

·        Password: moxa

.





 









Modbus Communication Guidelines and Example Using Modpoll  

1. Overview:

In Modbus communication using Modpoll, the following details are crucial for users to understand and configure their systems.

2. Essential Information:

Host Information:

·       The device's host information is required for Modbus communication, utilizing the default port 502.

·       Ensure you have the device's IP address for communication.

Security Credentials:

·       If applicable, gather the username and password for authentication.

Slave ID:

·       Identify the slave ID of the target device.

Timeout Considerations:

·       Set the timeout duration based on the device's response speed.

First Register Index:

·       Determine whether the device's register addresses start from 0 or 1.

·       If the first register is 0, set the index as 0; if it is 1, set the index as 1.

Health Check Register Index:

·       Choose a meaningful register address to serve as a health check for connection status.

3. Modbus Function Codes:

Function 03 (03hex) Read Holding Registers:

Request: Specify the starting register and quantity of registers to read.

Example Request (Slave 1, Registers 40001 to 40002):


Header     :(Colon)
 Slave Addr :01
 Function   :03
 Start Addr  :0000
 Quantity   :0002
 Checksum   :C40B
 Trailer    :CRLF


Example Response


Header     :(Colon)
Slave Addr :01
Function   :03
Byte Count :04
Data Hi    :0006
Data Lo    :0005
Checksum   :DA31

            Trailer    :CRLF


Function 04 (04hex) Read Input Registers:

Request: Specify the starting register and quantity of registers to read.

Example Request (Slave 1, Registers 30001 to 30002):


Header     :(Colon)
Slave Addr :01
Function   :04
Start Addr  :0000
Quantity   :0002
Checksum   :71CB
Trailer    :CRLF


Example Response:

 

Header     :(Colon)
Slave Addr :01
Function   :04
Byte Count :04
Data Hi    :0006
Data Lo    :0005
Checksum   :DB86
Trailer    :CRLF


Function 01 (01hex) Read Coils:

Request: Specify the starting coil and quantity of coils to read.

Example Request (Slave 4, Coils 11 to 23):


Header     :(Colon)
Slave Addr :04
Function   :01
Start Addr  :000A
Quantity   :000D
Checksum   :DD98
Trailer    :CRLF


Example Response:


Header     :(Colon)
Slave Addr :04
Function   :01
Byte Count :02
Data(Coils18...11):0A
Data(Coils23...19):11
Checksum   :B350
Trailer    :CRLF


Function 02 (02hex) Read Discrete Inputs:

Request: Specify the starting input and quantity of inputs to read.

Example Request (Slave 4, Inputs 10011 to 10023):


Header     :(Colon)
Slave Addr :04
Function   :02
Start Addr  :000A
Quantity   :000D
Checksum   :9998
Trailer    :CRLF

 

Example Response:

 

Header     :(Colon)
Slave Addr :04
Function   :02
Byte Count :02
Data(Inputs18...11):0A
Data(Inputs23...19):11
Checksum   :B314
Trailer    :CRLF

4. Additional Notes:

Data types and address information can be found in the user manual of each device.
Please use this comprehensive guide for Modbus communication using Modpoll, and feel free to ask for any further clarification or adjustments.

Modbus Exception Codes  

In Modbus communication, exception codes are used to indicate errors or exceptional conditions that may occur during data exchange between the master and slave devices. Below are common Modbus exception codes, along with their meanings:

Exception Code 01 (01 hex): Illegal Function

Meaning: The function code received in the query is not allowable for the slave. It could be due to incompatibility with the device or the slave being in the wrong state to process the request.

Exception Code 02 (02 hex): Illegal Data Address

Meaning: The data address received in the query is not a valid address for the slave. This may result from an invalid combination of reference number and transfer length.

Exception Code 03 (03 hex): Illegal Data Value

Meaning: A value in the query data field is not acceptable for the slave. This indicates a fault in the structure of a complex request, such as an incorrect implied length.

Exception Code 04 (04 hex): Slave Device Failure

Meaning: An unrecoverable error occurred while the slave was attempting to perform the requested action.

Exception Code 05 (05 hex): Acknowledge

Meaning: The slave has accepted the request and is processing it, but a long duration is required. This is to prevent a timeout error in the master, and the master can issue a Poll Program Complete message to check if processing is completed.

Exception Code 06 (06 hex): Slave Device Busy

Meaning: The slave is engaged in processing a long-duration program command. The master should retransmit the message later when the slave is free.

Exception Code 07 (07 hex): Negative Acknowledge

Meaning: The slave cannot perform the program function received in the query. It is returned for an unsuccessful programming request using function code 13 or 14. The master should request diagnostic or error information from the slave.

Exception Code 08 (08 hex): Memory Parity Error

Meaning: Used in conjunction with function codes 20 and 21, and reference type 6. Indicates that the extended file area failed to pass a consistency check. The master can retry the request, but service may be required on the slave device.

Exception Code 10 (0A hex): Gateway Path Unavailable

Meaning: Used in conjunction with gateways, indicates that the gateway was unable to allocate an internal communication path for processing the request. Typically, this implies misconfiguration or overload.

Exception Code 11 (0B hex): Gateway Target Device Failed to Respond

Meaning: Used in conjunction with gateways, indicates that no response was obtained from the target device. Usually means that the device is not present on the network.

These exception codes help in understanding and diagnosing errors that may occur during Modbus communication.

https://www.modbustools.com/modbus.html

https://www.simplymodbus.ca/exceptions.htm  


    • Related Articles

    • Modbus TCP

      Modbus TCP, a widely used communication protocol in industrial automation and control systems, is designed to establish a connection between a server device, typically possessing input/output (I/O) capabilities, and a client device, such as a ...

    • Siemens S7 Connection

      Siemens S7 PLC Connection Introduction This report provides guidelines for establishing a connection to Siemens S7 PLCs, specifically focusing on the S1200 and S1500 models. To initiate a connection with the PLC, it is essential to verify and control ...

    • OPC UA

      Introduction OPC UA (OPC Unified Architecture) is a highly adaptable communication protocol and architectural framework designed for industrial automation and control systems. Its purpose is to provide a standardized and interoperable approach for ...

    • AWS SiteWise

      AWS IoT SiteWise is an AWS service designed to efficiently collect, organize, and analyze industrial data. It enables users to structure and gather data from industrial devices, securely store it in the AWS Cloud, and gain valuable insights to ...

    • SMTP

      SMTP is a protocol used for sending email messages over the Internet. It is a client-server protocol, where a client program sends email messages to a server program, and the server program forwards the messages to their intended recipients. There ...