Modbus

Strickland701

Member
S
Join Date
Apr 2024
Location
North Dakota
Posts
3
Hello everyone,

I am fairly new to Modbus and was hoping if anyone had any tips or tricks for better practice on utilizing it. Any info would be appreciated.
 
I try to teach ModBus, EthernetI/P, ASCII, ect..ect...is just a language. You have to learn the basics. You have input bits, output bits, input words, output words.

When you learn a different language you also have to learn when to ask for a reply or are you making a statement.

Thank of the addresses as spots on a spreadsheet. You want to read from A1 to A12 but you want to write to B13 to B15.


The attached link if for Red Lion's modbus primer.
 
Pareto principle: in 80% of your Modbus setups, Modbus will just work, and you hardly need to know anything about it, and you will spend 20% of your time making it work; in the remaining 20% of your Modbus setups, the implementations will have inconsistencies and will not work right off, and you will spend 80% of your time on those.

Get a Modbus program e.g. that
  • can run on your PC (Windows, Linux, etc.).
  • can run both Modbus Slave (Server) and Modbus Master (Client)
  • displays the values sent and received "on-the-wire," preferably in hexadecimal
because it is far easier to debug one half of the Modbus implementations you are stuck with at a time. than debugging both at the same time.

Understand the Modbus protocol: navigate to The Modbus Organization and read the Technical Documentation; it is fairly simple.

Always remember that in addresses such as 400001 or 300002, the prefix digits (4 and 3) are not part of the address.

Understand what each bit in a 16-bit integer means, signed and unsigned.

Know how to convert between hexadecimal and decimal representation of 8- and 16-bit values.

Always remember that for every Modbus implementation, Master or Slave, the numbering of the first address may be either 00000 or 00001; so if a Modbus Slave use a different first address convention than the Modbus Master you are using to make requests of that Modbus Slave, then you need to account for when you issue Modbus requests.

Bookmark this forum, and ask questions will complete information about the master, the slave, hexadecimal dumps, what you tried, what you expected, and whay you saw.

Bookmark this link.

Understand byte order (LSB- and MSB-first; Big-Endian and Litte-Endian).

All 16-bit registers should be MSByte-first "on-the-wire" i.e. in the PDU (Protocol Data Unit; refer to the technical documentation).

All Modbus implementations should correct that to its own architecture's internal byte order "behind the curtain" i.e. without you doing anything to the data being sent or received.

Never assume that any Modbus implementation actually does what the previous two statements say it should do; this is why the "displays the values sent ..." bullet point is so important.
 
Modbus is like the English language. People from the US, Australia, New Zealand, Canada, England, and others. All speak English. But there are differences. drbitboy has listed many of the gotchas. In my experience, almost every Modbus job I ever worked on, required tweaking in the field. I do have to disagree with the Pareto Principle on that.
 
Modbus is a very simple protocol, if someone were told to design a simple protocol that would transmit the fewest bytes the result would probably be similar to Modbus.

Modbus transmits bits and raw 16-bit words, in no case does it specify whether it is a signed or unsigned integer, nor does it specify how 32-bit data types are sent.
 
Modbus is fun to work with, but it will be what it is when you get your hardware to work with. Not everyone plays the same game.
 
Not to be a Killjoy but what are you planning to use Modbus for ? It is ideal to connect hardware to a PLC or Hardware to a PC etc. But as a transimission protocol between 2 PCs or PLC and and PC or PLC & HMI it is far from ideal. It works and has worked for years, that part of the problem, it is legacy but there are better more modern ways of doing things.
 
Just to illustrate how frustrating Modbus can be. I did a job once where they wanted to monitor the status of their switch gear via Modbus. I was given a low voltage gear to test with. Everything worked great in the shop. Upon arriving in the field, I discover they are using a different models on some gear, at least different from the test gear. The Modbus tables had changed.
On the medium voltage gear, a byte swap was required. All from the same vendor.
 
Serial Modbus connections are much like a USB connection - you will have to swap the polarity more than once to get it to work.
If you select zero based addressing the device will use 1 based addressing.
If you byte swap, you should have word swapped.

Modbus is the wild west.
 
I have found many times that the Modbus addresses given by the manufacturer are one greater than the actual addresses you must send to the device to request that particular register. For example, the CLICK PLC Tag Browser lists DS1 as Modbus address 400001, but to read this register you must request address "0".
1712697346608.png

Floating point values (32-bit) can be a gotcha. If your address is off by 1, you could still get a reasonable approximation of the floating point value, but with less precision.

QModMaster is a great free app to read and write Modbus RTU/TCP addresses.

32-bit values always come to you with the high word first (on the left/in the 0th position). If you're parsing such values with any standard 32-bit value libraries (for example Node.JS Buffer.readFloatBE()), you'll need to swap the words. This is NOT the same as Big Endian vs Little Endian encoding.
Use Greg Stoll's conversion app when working with floating point values for easy visualization and to verify values.

Many device manufacturers provide a Modbus memory map table in the device manual, which maps settings and functions to their respective Modbus function codes and addresses.

Good luck!
 
I was working with a large manufacturer on their products. The owner of this company is a technical guru. He understands what it's like to be the "GUY". So he ask me what I would change about their system. I told him to use 1 ModBus stack from the vendor. They had bought 3 or 4 versions. So we had base 0, base 1, tables that didn't line up with other data tables. It took me 4 hours with a few spreadsheets and we had all the data aligned across 10 different products.

This product group didn't talk to that group, etc etc. Once they started talking EthernetI/P was implemented and it was smooth. They had just a few bugs to workout. From.what I remember it was turning on or off Byte swapping. Other than that it was smooth.
 

Similar Topics

F
Modbus TCP communication
Hi folks, I have a Controllogix in communication with a zigbee coordinator using Logix AIO for modbus tcp. This zigbee coordinator have 3 slaves...
Replies
0
Views
44
felipealencr
F
R
Modbus Master Siemens S7-300 - OB35?
Hi, I'm setting up a modbus master on an S7-300. It seems to work in OB1 but not when I use it in OB35. Does anyone have any ideas why? Could...
Replies
9
Views
80
JesperMP
JesperMP
D
Help with TCSEGDB23F24FA M340 Modbus Plus Proxy Module
Hi Everyone, i was hoping for a little help with this module. i have data that needs to be read from a different plc through the Modbus plus...
Replies
11
Views
243
davexr
D
T
Rockwell MODBUS TCP AOI
I have a PH meter that I am trying to bring its data into 1756-L81. I have downloaded the Rockwell MODBUS AOI kit, but I am not sure if I need to...
Replies
5
Views
181
Contr_Conn
Contr_Conn
A
Error 36 in microwin modbus rtu
Dear All, i am trying to connect Danfoss inverter with s7 200 cpu 226.but microwin shows following error at DATA Ptr.i assigned different VB...
Replies
1
Views
51
BryanG
B
Back
Top Bottom