The LIAN 98 manual can and may not contain the complete MODBUS documentation, caused by legal position. Only all
knowledge that is essential necessary for the LIAN 98 software operation is specified in parts in this manual. |
Telegram format |
Control- and monitoring direction |
![]() |
ADU : Application Data Unit |
Error message : Monitoring direction only ( server to the client ) |
![]() |
Transaction Identifier : |
Identification of a MODBUS Request / Response transaction. Initialized by the client and recopied by the server from the received request. |
Protocol Identifier : |
The MODBUS protocol is identified by the value 0. Initialized by the client and recopied by the server from the received request. |
Length : |
The length field contains the number of the following bytes ( Unit Identifier and data fields ). |
Unit Identifier/ Server Address : |
Identification of a remote slave connected on a serial line or on other buses. |
Function code : |
Standard function codes used on MODBUS application layer protocol are described in details in the documentation |
Code | Function | Explaination |
1 | Read Coils | Single bit indication ( read/ write possible ) |
2 | Read Discrete Inputs | Single bit indication ( read only ) |
3 | Read Holding Registers | 16 bit analogue value ( read/ write possible ) |
4 | Read Input Registers | 16 bit analogue value ( read only ) |
5 | Write Single Coils | e.g. single bit command |
6 | Write Single Register | e.g. 16 bit analogue value/ bit pattern |
7 | Read Exception Status | only serial line |
8 | Diagnostics | only serial line |
11 | Get Comm Event Counter | only serial line |
12 | Get Comm Event Log | only serial line |
15 | Write Multiple Coils | e.g. single bit command |
16 | Write Multiple Register | e.g. 16 bit analogue value/ bit pattern |
17 | Report Slave ID | only serial line |
20 | Read File Record | |
21 | Write File Record | |
22 | Mask Write Register | |
23 | Read/ Write Multiple Register | e.g. 16 bit analogue value/ bit pattern |
24 | Read FIFO Queue | |
43 | Encapsulated Interface Transport | |
Exception code : |
The function code of an exception response correlates to the function code of the request plus 128. The exception code is provided to indicate the reason of the error and is described in the documentation "MODBUS Application Protocol Specification - Function codes descriptions" on the webpage of the "Modbus Organization". |
Link layer ( Layer 2 ) |
|
Ethernet v.2.0 MAC Header |
![]() |
I/ G = 0 |
Individual address |
I/ G = 1 |
Group address |
U/ L = 0 |
Global administered address |
U/ L = 1 |
Local administered address |
Preamble |
7 Bytes |
Start Frame Delimiter |
Start Frame Delimiter is 1 octet long and is the sequence 10101011 binary. |
Destination address |
Receiver address for which the frame is intended. |
Source address |
Identifies the station from which the frame is initiated. |
Ethernet Length- / Type Field |
Internet Protocol ( IPv4 ) = 0800 HEX |
MAC Client Data |
The data consist of : |
Frame Check Sequence |
4 Bytes |
Netzwork Layer ( Layer 3 ) |
IPv4 Header |
For more detailed information about the IPv4 header,
check the document RFC 791 "Internet Protocol" on the IETF Website. |
![]() |
Version |
Internet Protocol Version = 4 ( IPv4 ),
see [ RFC 791 ]. |
IHL |
The Internet Header Length is the length of the IP header counted in double words ( 32 bit units ), and thus points to the beginning of the data area. The minimum value for a correct header is 5 ( = 20 bytes ). |
Type of service bit 0 : reserved bit 1 : reserved bit 2 : R ( Reliability ) bit 3 : T ( Throughput ) bit 4 : D ( Delay ) bit 5 - 7 : PRECEDENCE |
The type of service describes the indication of the abstract parameters of the
desired service. These parameters are used in order to indicate the selection of the actual service parameters
when transmitting a datagram through a particular network. Several networks offer service precedence, which somehow
treats high precedence traffic as more important than other traffic ( generally by accepting only traffic above a certain
precedence at time of high load ). The major choice is a three way tradeoff between low-delay, high-reliability, and
high-throughput. |
Total length |
Total Length is the length of the datagram, measured in octets, including internet header and data. |
Identification |
An identifying value assigned by the sender in order to indicate to which datagram the fragments are allocated. |
Flags Bit 5 : MF ( more fragments ) Bit 6 : DF ( don't fragment ) Bit 7 : reserved, must be 0 |
Various control flags |
Fragment offset |
This field indicates where in the datagram this fragment is placed. The fragment offset is measured in units of 8 octets ( 64 bits ). The first fragment has offset zero. |
Time to live |
This field indicates the maximum time the datagram is allowed to remain in the internet system. If this field contains the value zero, then the datagram must be destroyed. This field is modified in internet header processing. The time is measured in units of seconds, but since every module that processes a datagram must decrease the TTL by at least one even if it processes the datagram in less than a second. |
Protocol |
Transmission Control Protocol = 6 ( TCP ),
see [ RFC 793 ]. |
Header checksum |
The checksum is only valid for the header. Since some header fields change ( e.g. time to live ) the checksum has to be new calculated after each pass through the rooter. |
Source address |
This parameter identifies the IP address of the transmitting host. ( Sender ) |
Destinatin address |
This parameter defines the IP-address of the receiving host ( Receiver ) |
Options ( variable ) |
The option field is variable in length |
Padding ( variable ) |
The padding field is variable in length |
Transport layer ( layer 4 ) |
TCP Header |
For more detailed information about the TCP Header
please read on the IETF Website |
![]() |
Source port |
Identifies the PORT from which the frame is initiated. |
Destination port |
Destination PORT for which the frame is intended. |
Sequence number |
The sequence number of the first data octet in this segment, except the SYN bit is set. If SYN is present the sequence number is the initial sequence number ( ISN ) and the first data octet is ISN + 1. |
Acknowledgement number |
If the ACK control bit is set this field contains the value of the next sequence number the sender of the segment is expecting to receive. As soon as a connection is established this is always sent. |
Data offset |
The number of double words ( 32 bit units ) in the TCP Header. This indicates where the data begin. The TCP header ( even one including options ) is an integral number of 32 bits long. |
reserved |
Reserved for later use and must be zero. |
Control field |
URG : Urgent Pointer |
Window |
The number of data octets beginning with the one indicated in the acknowledgment field which the sender of this segment is willing to accept. |
Checksum |
The checksum is used for all 16 bit units in the header and in the data. If a segment contains un odd number of header- and data bytes to be checked, the last byte on the right is replenished with noughts in order to built a 16 bit word for the check. The block is not transmitted as part of the segment. The check field itself is replenished with nougths while the checksum is calculated. |
Urgent pointer |
This field transmits the current value of the urgent pointer as a positive offset from the sequence number in this segment. The urgent pointer points to the sequence number of the octet following the urgent data. This field is only interpreted in segments with the URG control bit set. |
Options ( variable ) |
The option field is of variable
length. |
Padding ( variable ) |
The padding field is of variable length. |
User data |
MODBUS NET/ Data frames ( ADU ) |
Wuerzburger Ring 39, D 91056 Erlangen |
LIAN 98 Protocol Router, Simulator and Analyzer © Copyright 2001, 2006, 2011 by Werner Mayr. All Rights reserved. |