Modbus is a widely used industrial fieldbus protocol released by Modicon in 1979, mainly including ModbusRTU, Modbus ASCII and Modbus TCP. It adopts master-slave communication mode, free and easy to use. The three communication protocols are the same in data model and function call, only the encapsulation method is different.
|
Name |
Length (bytes) |
Description |
|
Device address |
1 |
Slave address |
|
Function code |
1 |
Function code |
|
Data segment |
-- |
Different data segments respond to different changes |
|
CRC16 |
2 |
Device address + function code + data segment CRC check result, low bit first |
Modbus function code is an important part of Modbus message frame (message) and the basis of communication transaction processing in Modbus protocol.
MODBUS function codes are divided into three categories:
- Public function codes
Function codes that are well defined
Guaranteed to be unique
Verified by the MODBUS.org community
Publicly documented
Conformance tests available
Includes defined public assigned function codes, but also unassigned function codes reserved for future use.
- User defined function codes
User defined function codes have two ranges, 65 to 72 and 100 to 110 decimal.
Users can select and implement unsupported function code specifications
The use of the selected function code is not guaranteed to be unique
If a user wants to reposition a function as a public function code, he must initiate an RFC (Request for Change) to introduce the change into the public category and create a new assigned public function code.
The MODBUS organization expressly reserves the right to develop proposed RFCs.
- Reserved function codes
Function codes currently used by some companies for legacy products are not available for public use.
Common function code definition
Common function codes
- Read function codes
01 (0x01): Read Coils - used to read the current state (ON/OFF) of a group of logic coils.
02 (0x02): Read Discrete Inputs - used to read the state (ON/OFF) of a group of discrete inputs.
03 (0x03): Read Holding Registers - used to read the binary content in a group of holding registers.
04 (0x04): Read Input Registers - used to read the binary content in a group of input registers.
- Write function codes
05 (0x05): Write Single Coil - used to write the state (ON/OFF) of a single logic coil.
06 (0x06): Write Single Register - used to write the data of a single holding register.
15 (0x0F): Write Multiple Coils - Used to write the status of a group of logical coils.
16 (0x10): Write Multiple Registers - Used to write data to a group of holding registers.
- Diagnostic Function Codes
08 (0x08): Diagnostic - This group of function codes is used to diagnose the status of the communication link, as well as test and diagnose Modbus devices.
- Special Function Codes
17 (0x11): Report Slave ID - Returns information about the device, such as operating status and identification information.
22 (0x16): Mask Write Register - Allows the user to modify the contents of holding registers without changing the contents of unspecified bits.
23 (0x17): Read/Write Multiple Registers - Performs read/write operations simultaneously.
- Exception code
Exception function code: The exception function code is the normal function code + 0x80. For example, if a single register is written incorrectly, the exception code returned is 0x86.