Throughput is supported by world-leaders in industrial data communications equipment which is backed by extensive research and development and field tested, offering warrantees and and backup service that is worldclass.

Modbus TCP Protocols

Modbus Transmission Modes


MODBUS TCP/IP is a variant of the MODBUS family of simple, vendor-neutral communication protocols intended for supervision and control of automation equipment. Specifically, it covers the use of MODBUS messaging in an ‘Intranet’ or ‘Internet’ environment using the TCP/IP protocols. The most common use of the protocols at this time are for Ethernet attachment of PLC’s, I/O modules, and ‘gateways’ to other simple field buses or I/O networks.

The MODBUS TCP/IP protocol is being published as a (‘de-facto’) automation standard. Since MODBUS is already widely known, there should be little information in this document which could not be obtained elsewhere. However, an attempt has been made to clarify which functions within MODBUS have value for interoperability of general automation equipment, and which parts are ‘baggage’ from the alternate use of MODBUS as a programming protocol for PLC’s.

This is done below by grouping supported message types into ‘conformance classes’ which differentiate between those messages which are universally implemented and those which are optional, particularly those specific to devices such as PLC’s.


In MODBUS, data transactions are traditionally stateless, making them highly resistant to disruption from noise and yet requiring minimal recovery information to be maintained at either end.

Programming operations, on the other hand, expect a connection-oriented approach. This was achieved on the simpler variants by an exclusive ‘login’ token, and on the MODBUS Plus variant by explicit ‘Program Path’ capabilities which maintained a duplex association until explicitly broken down.

MODBUS/TCP/IP handles both situations. A connection is easily recognized at the protocol level, and a single connection may carry multiple independent transactions. In addition, TCP/IP allows a very large number of concurrent connections, so in most cases it is the choice of the initiator whether to reconnect as required or re-use a long-lived connection.

Developers familiar with MODBUS may wonder why the connection-oriented TCP/IP protocol is used rather than the datagram-oriented UDP. The main reason is to keep control of an individual ‘transaction’ by enclosing it in a connection which can be identified, supervised, and canceled without requiring specific action on the part of the client and server applications. This gives the mechanism a wide tolerance to network performance changes, and allows security features such as firewalls and proxies to be easily added. Similar reasoning was used by the original developers of the World Wide Web when they chose to implement a minimal Web query as a single transaction using TCP/IP on well-known port 80.

Data encoding

MODBUS uses a ‘big-endian’ representation for addresses and data items. This means that when a numerical quantity larger than a single byte is transmitted, the MOST significant byte is sent first.


TCP is Transmission Control Protocol and IP is Internet Protocol. These protocols are used together and are the transport protocol for the internet. When modbus information is sent using these protocols, the data is passed to TCP where additional information is attached and given to IP. IP then places the data in a packet (or datagram) and transmits it.

TCP must establish a connection before transferring data, since it is a connection-based protocol. The Master (or Client in Modbus TCP) establishes a connection with the Slave (or Server). The Server waits for an incoming connection from the Client. Once a connection is established, the Server then responds to the queries from the Client until the client closes the connection.

Modbus RTU over TCP

Simply put, this is a Modbus RTU message transmitted with a TCP/IP wrapper and sent over a network instead of serial lines. The Server does not have a SlaveID since it uses an IP Address instead.

Modbus TCP

A Modbus Messaging Implementation Guide provided by Schneider Automation outlines a modified protocol specifically for use over TCP/IP. The official Modbus specification can be found at . The main differences between Modbus RTU and Modbus TCP are outlined here.

What is Modbus TCP I/P

Modbus TCP/IP (also Modbus-TCP) is simply the Modbus RTU protocol with a TCP interface that runs on Ethernet.

The Modbus messaging structure is the application protocol that defines the rules for organizing and interpreting the data independent of the data transmission medium.

TCP/IP refers to the Transmission Control Protocol and Internet Protocol, which provides the transmission medium for Modbus TCP/IP messaging.

Simply stated, TCP/IP allows blocks of binary data to be exchanged between computers. It is also a world-wide standard that serves as the foundation for the World Wide Web. The primary function of TCP is to ensure that all packets of data are received correctly, while IP makes sure that messages are correctly addressed and routed. Note that the TCP/IP combination is merely a transport protocol, and does not define what the data means or how the data is to be interpreted (this is the job of the application protocol, Modbus in this case).

So in summary, Modbus TCP/IP uses TCP/IP and Ethernet to carry the data of the Modbus message structure between compatible devices. That is, Modbus TCP/IP combines a physical network (Ethernet), with a networking standard (TCP/IP), and a standard method of representing data (Modbus as the application protocol). Essentially, the Modbus TCP/IP message is simply a Modbus communication encapsulated in an Ethernet TCP/IP wrapper.

In practice, Modbus TCP embeds a standard Modbus data frame into a TCP frame, without the Modbus checksum, as shown in the following diagram.

Modbus TCP diagram

The Modbus commands and user data are themselves encapsulated into the data container of a TCP/IP telegram without being modified in any way.

However, the Modbus error checking field (checksum) is not used, as the standard Ethernet TCP/IP link layer checksum methods are instead used to guaranty data integrity. Further, the Modbus frame address field is supplanted by the unit identifier in Modbus TCP/IP, and becomes part of the Modbus Application Protocol (MBAP) header (more on this later).

Why Combine Modbus With Ethernet?

The complete Modbus TCP/IP Application Data Unit is embedded into the data field of a standard TCP frame and sent via TCP to well-known system port 502, which is specifically reserved for Modbus applications. Modbus TCP/IP clients and servers listen and receive Modbus data via port 502.

We can see that the operation of Modbus over Ethernet is nearly transparent to the Modbus register/command structure. Thus, if you are already familiar with the operation of traditional Modbus, then you are already very with the operation of Modbus TCP/IP.

IEEE 802.3 Ethernet is a long-standing office networking protocol that has gained universal world-wide acceptance. It is also an open standard that is supported by many manufacturers and its infrastructure is widely available and largely installed. Consequently, its TCP/IP suite of protocols is used world-wide and even serves as the foundation for access to the World Wide Web. As many devices already support Ethernet, it is only natural to augment it for use in industrial applications.

Just as with Ethernet, Modbus is freely available, accessible to anyone, and widely supported by many manufacturers of industrial equipment. It is also easy to understand and a natural candidate for use in building other industrial communication standards. With so much in common, the marriage of the Modbus application protocol with traditional IEEE 802.3 Ethernet transmission forms a powerful industrial communication standard in Modbus TCP/IP. And because Modbus TCP/IP shares the same physical and data link layers of traditional IEEE 802.3 Ethernet and uses the same TCP/IP suite of protocols, it remains fully compatible with the already installed Ethernet infrastructure of cables, connectors, network interface cards, hubs, and switches.

Modbus Frequently Asked Questions - Answered

Here are some answers that may assist you in your decisions. Courtesy of Modbus org

Modbus Protocol is a messaging structure developed by Modicon in 1979. It is used to establish master-slave/client-server communication between intelligent devices. It is a de facto standard, truly open and the most widely used network protocol in the industrial manufacturing environment. It has been implemented by hundreds of vendors on thousands of different devices to transfer discrete/analog I/O and register data between control devices. It's a lingua franca or common denominator between different manufacturers. One report called it the "de facto standard in multi-vendor integration". Industry analysts have reported over 7 million Modbus nodes in North America and Europe alone.

Modbus is used in multiple master-slave applications to monitor and program devices; to communicate between intelligent devices and sensors and instruments; to monitor field devices using PCs and HMIs. Modbus is also an ideal protocol for RTU applications where wireless communication is required. For this reason, it is used in innumerable gas and oil and substation applications. But Modbus is not only an industrial protocol. Building, infrastructure, transportation and energy applications also make use of its benefits.

TCP/IP is the common transport protocol of the Internet and is actually a set of layered protocols, providing a reliable data transport mechanism between machines. Ethernet has become the de facto standard of corporate enterprise systems, so it comes as no surprise that it has also become the de facto standard for factory networking. Ethernet is not a new technology. It has matured to the point that the cost of implementing this network solution has been dropping to where its cost is commensurate with those of today's field-buses.

Using Ethernet TCP/IP in the factory allows true integration with the corporate intranet and MES systems that support the factory. To move Modbus into the 21st century, an open Modbus TCP/IP specification was developed in 1999. The protocol specification and implementation guide are available for download (

Combining a versatile, scaleable, and ubiquitous physical network (Ethernet) with a universal networking standard (TCP/IP) and a vendor-neutral data representation, Modbus gives a truly open, accessible network for exchange of process data. It is simple to implement for any device that supports TCP/IP sockets.

Modbus TCP/IP has become ubiquitous because of its openness, simplicity, low-cost development, and minimum hardware required to support it. There are several hundred Modbus TCP/IP devices available in the market - more being developed each year. It is used to exchange information between devices, monitor, and program them. It is also used to manage distributed I/Os, being the preferred protocol by the manufacturers of this type of devices.

When it comes to choosing a network for your device, Modbus TCP/IP offers several significant advantages:

  • Simplicity: Modbus TCP/IP simply takes the Modbus instruction set and wraps TCP/IP around it. If you already have a Modbus driver and you understand Ethernet and TCP/IP sockets, you can have a driver up and running and talking to a PC in a few hours. Development costs are exceptionally low. Minimum hardware is required, and development is easy under any operating system.
  • Standard Ethernet: There are no exotic chipsets required and you can use standard PC Ethernet cards to talk to your newly implemented device. As the cost of Ethernet falls, you benefit from the price reduction of the hardware, and as the performance improves from 10 to 100 Mb and soon to 1 Gb, your technology moves with it, protecting your investment. You are no longer tied to one vendor for support, but benefit from the thousands of developers out there who are making Ethernet and the Internet the networking tools of the future. This effort has been complemented opportunely with the assignment of the well-known Ethernet port 502 for the Modbus TCP/IP protocol.
  • Open: The Modbus protocol was transferred from Schneider Electric to the Modbus Organization in April 2004, signaling a commitment to openness. The specification is available free of charge for download, and there are no subsequent licensing fees required for using Modbus or Modbus TCP/IP protocols. Additional sample code, implementation examples, and diagnostics are available on the Modbus TCP toolkit, a free benefit to Modbus Organization members and available for purchase by nonmembers
  • Availability of many devices: Interoperability among different vendors' devices and compatibility with a large installed base of Modbus-compatible devices makes Modbus an excellent choice.

The FD-10 is just transferring the I/O information and not the profibus frame. The I/O information will be inserted in a profibus DP frame on the remote side. The FD-10 is a profibus slave and need a profibus master to control the communication in the profibus network.

To implement a Modbus ® TCP/IP device, download the Modbus TCP/IP Protocol specification and the Modbus TCP/IP implementation guide from the website. You also need to understand the basics of implementing a TCP driver. To test your driver, you will need a minimum of two devices: a slave and a master to exchange information. This could be two PCs talking to each other using standard Ethernet cards, or a PC talking to a sensor or device with an embedded microcomputer.

Modbus TCP/IP is an Internet protocol. The fact that TCP/IP is the transport protocol of the Internet automatically means that Modbus TCP/IP can be used over the Internet. It was designed to reach this goal. In practical terms, this means that a Modbus TCP/IP device installed in Europe can be addressed over the Internet from anywhere in the world. The implications for an equipment vendor or an end-user are endless. Performing maintenance and repair on remote devices using a PC and browser reduces support costs and improves customer service. Logging onto a plant's control system from home allows the maintenance engineer to maximize his plant's uptime and reduces time in the field. Managing geographically distributed systems becomes easy using commercially available internet/intranet technologies.

Since Modbus TCP/IP is simply Modbus protocol with a TCP wrapper, it is very simple for existing Modbus devices to communicate over Modbus TCP/IP. A gateway device is required to convert from the current physical layer (RS232, RS485 or others) to Ethernet and to convert Modbus protocol to Modbus TCP/IP. Such a gateway device could be implemented using a PC. Commercial products to do this are available from several different manufactures. The Modbus device database can help you identify gateways and other Modbus devices.

The performance depends on the network and the hardware. If you are running Modbus TCP/IP over the Internet, you won't get better than typical Internet response times. However, when communicating for debug and maintenance purposes, this may be perfectly adequate and save you from having to catch a plane or go to site on a Sunday morning!

For a high-performance intranet with high-speed Ethernet switches guaranteeing performance, the situation is completely different. In theory Modbus TCP/IP carries data at up to 250/(250+70+70) or about 60 percent efficiency when transferring registers in bulk. Since 10BaseT Ethernet carries about 1.25 Mbps raw, the theoretical throughput is 1.25M/2 * 60% = 360000 registers per second and the 100BaseT speed is 10 times greater.

This assumes that you are using devices that can service Ethernet as fast as the available bandwidth. Practical tests carried out by Schneider Electric using a MOMENTUM™ Ethernet PLC with Ethernet I/O demonstrated that up to 4000 I/O bases could be scanned per second, each I/O base having up to 16 12-bit analog I/O or 32 discrete I/O. Four bases could be updated in one millisecond. While this is below the theoretical limit calculated above, remember that the tested device was running with only a 80186 CPU running at 50 MHz with an effective computing power of 3 MIPS (compared to the 700 MIPS of a 500 MHz Pentium). Nevertheless, these results are faster than the proprietary I/O scan methods used to date. As low-end CPUs get less expensive, Momentum-type devices will chase the theoretical limit, although they'll never reach it because the limit will continue to be pushed further away with 1 Gigabit Ethernet, 10 Gigabit Ethernet, etc. Contrast this with other field-buses, which are inherently stuck at one speed.