A practical engineering guide to configure Modbus TCP on the Mitsubishi MELSEC iQ-R series — quick setup, GX Works3 parameters, MODBUS Device Assignment, function codes, exception codes, float/endian handling, polling timing, and field troubleshooting Quick Setup (5 Steps) If you just need it working fast, here’s the short path: Step Action 1 GX Works3 → Module Parameter →… Read More »
The Schneider Modicon M340 PLC is one of the most widely deployed PLCs in Europe, the Middle East, and Africa for water treatment, building automation, energy management, and machine control. Modbus TCP is its default Ethernet protocol — the embedded CPU Ethernet port is a Modbus TCP server out of the box. This guide shows you how to… Read More »
Every node in an OPC UA address space — every variable, object, method, and data type — has a unique address called a NodeId. When you read a tag value, browse the address space, or call a method, you are using a NodeId. NodeIds are the OPC UA equivalent of register addresses in Modbus or class/instance/attribute paths in… Read More »
A complete reference for PROFINET ports — covering UDP 34962 (RT Unicast), UDP 34963 (RT Multicast), UDP 34964 (RPC Context Manager), UDP 49152, the Ethertype 0x8892 for cyclic I/O, MRP Ethertype 0x88E3, firewall rules, and Wireshark filters Introduction PROFINET ports are different from every other industrial protocol. Unlike Modbus (port 502), DNP3 (port 20000), or IEC 104 (port… Read More »
A practical reference for engineers covering every Modbus exception code (01, 02, 03, 04, 05, 06, 08, 0A, 0B) — what each code means, what causes it, how to fix it, and how to identify exception responses in Wireshark Introduction When a Modbus master sends a request to a slave, four things can happen: This article covers case… Read More »
OPC UA uses TCP port 4840 by default. This single port carries everything OPC UA does — discovery, session establishment, reading tags, writing values, subscriptions, method calls, and historical data access. Unlike OPC Classic (which used DCOM with dynamic port allocation and was a firewall nightmare), OPC UA uses one well-known port that works cleanly through NAT, proxies,… Read More »
You are developing a SCADA system, configuring a PLC, or building an HMI — but the field devices are not available yet. The energy meters, VFDs, temperature sensors, and I/O modules are still on order, or they are installed at a remote site you cannot access. A Modbus simulator solves this. It runs on your computer and pretends… Read More »
Every ASDU (Application Service Data Unit) in IEC 60870-5-104 contains a Type ID — a single byte that defines what kind of data the message carries. It tells the receiving station whether the message contains a single-point indication, a measured value, a command, a counter, or a system message. The Type ID is the first byte of every… Read More »
Every CIP device — whether it is an Allen-Bradley PLC, a variable frequency drive, a remote I/O module, or a safety controller — organizes its data using the same object model. Understanding this model is the key to configuring, programming, and troubleshooting any CIP-based device. CIP (Common Industrial Protocol) does not use register maps like Modbus. Instead, it… Read More »
EtherNet/IP (Ethernet Industrial Protocol) is the leading industrial Ethernet protocol in North America. It carries CIP (Common Industrial Protocol) messages over standard TCP/IP and UDP/IP. Wireshark fully decodes EtherNet/IP using two dissectors: EtherNet/IP uses two ports: This guide covers how to capture both traffic types, which display filters to use, how to decode CIP services and I/O connections,… Read More »