Modbus Serial data response is being cut off.

wanderingmoose

posted May 5 '17 at 9:36 pm

Notes:
-Have tried all the setting I could find in the Tag Browser.
Polling Modbus Slave address of 50 for holding/float register of 47115.
-Also have tried this with a Terminal server(Serial to IP converter) and a TCP connection and get the same result.
-Also have put the Mdbus in monitor mode and watch the data stream. It is correct.
-Using a USB to Serial for the Comm Port testing.

Afternoon All; I am trying to poll a Modbus flow meter. The register I am polling is a floating point, and at this time just looking to get a proper HEX response. Below is a couple of request and response. The request is correct as I have tested with a Mdbus master modbus simulator. It is looking to me that there is a inter-character time out issue. But any thoughts, questions or solutions would be appreciated. ![590ce007782a4.jpg](serve/attachment&path=590ce007782a4.jpg) Notes: -Have tried all the setting I could find in the Tag Browser. Polling Modbus Slave address of 50 for holding/float register of 47115. -Also have tried this with a Terminal server(Serial to IP converter) and a TCP connection and get the same result. -Also have put the Mdbus in monitor mode and watch the data stream. It is correct. -Using a USB to Serial for the Comm Port testing.

Lawrence MacNeil

posted May 8 '17 at 1:08 pm

32 03 1B CA 00 02

The reply, however, contains 8 bytes of data, not the 4 bytes that would be expected in response to a query for 2 registers:

32 03 08 41 CB

Our driver is interpreting this as an improperly formatted response to the request (i.e. 8 bytes instead of 4) and is not accepting it.

For reference, see Modbus specification "MODBUS APPLICATION PROTOCOL SPECIFICATION V1.1b3" section 6.3 "03 (0x03) Read Holding Registers" (available from www.modbus.org):

This function code is used to read the contents of a contiguous block of holding registers in a remote device. The Request PDU specifies the starting register address and the number of registers. In the PDU Registers are addressed starting at zero. Therefore registers numbered 1-16 are addressed as 0-15.
The register data in the response message are packed as two bytes per register, with the binary contents right justified within each byte. For each register, the first byte contains the high order bits and the second contains the low order bits.

Unfortunately, the device you are communicating with appears to be sending incorrectly formatted Modbus responses to the request it receives from VTScada. Looking at the request message, we are asking the device for 2 consecutive 16 bit registers (which is correct if we want to read a single precision floating point value): 32 03 1B CA **_00 02_** The reply, however, contains 8 bytes of data, not the 4 bytes that would be expected in response to a query for 2 registers: 32 03 **_08_** 41 CB Our driver is interpreting this as an improperly formatted response to the request (i.e. 8 bytes instead of 4) and is not accepting it. For reference, see Modbus specification "_MODBUS APPLICATION PROTOCOL SPECIFICATION V1.1b3_" section 6.3 "_03 (0x03) Read Holding Registers_" (available from www.modbus.org): _This function code is used to read the contents of a contiguous block of holding registers in a remote device. The Request PDU specifies the starting register address **and the number of registers**. In the PDU Registers are addressed starting at zero. Therefore registers numbered 1-16 are addressed as 0-15. The register data in the response message are packed as **two bytes per register**, with the binary contents right justified within each byte. For each register, the first byte contains the high order bits and the second contains the low order bits._

Lawrence MacNeil
Trihedral Engineering Limited

edited May 8 '17 at 1:30 pm

Pending draft

Selected posts

Confirm move posts

Insufficient permissions

Select a different topic

Confirm selection

Edit history