I'm trying to write a little app to poll a PLC (AutomationDirect Productivity 2000 specifically.) I've found two libraries that seem to work (EasyModbus and NModbus,) but neither of them can do 32 bit register addresses.
The Modbus spec says that you can use registers 40,000-49,999 for holding registers, and also 400,000- 465535, but both of the libraries I use can only do the 40,000 range.
The guy working on the PLC swears up and down that the PLC will not let him use 40,000- 49,999, only the 400,000- 465535.
Does anyone know of a library that can do the 400,000- 465535 registers?
I think there may be some confusion here on Modbus addressing terminology. There is actually no difference between register 40,001 and register 400,001 - both are referring to Holding Register 1.
To understand why this is the case, you first need to understand how the register is addressed in the Modbus packet itself. The address field in the Modbus packet is a 16-bit integer, allowing for values from 0 to 65,535. For a Read Holding Registers request using function code 3, an address of 0 in the Modbus packet is actually referencing Holding Register 1. The address in the packet is always 1 less than the register being referenced.
Holding Registers in Modbus are known as "4X" references. Traditionally, these are expressed as 40,001 - 49,999 because the old Modicon PLC's only addressed 9,999 registers (1 - 9,999).
However, since we know the Modbus packet allows for addresses from 0 to 65,535, the register range expressible by Modbus is actually 1 to 65,536. For devices that support this entire range, the 40,000 offset becomes 400,000 so that the entire range can be expressed from 400,001 to 465,536 so as to maintain the leading "4" to signify that the register is a Holding Register type.
The important thing to remember is that the 40,000 or 400,000 offset is not actually encoded into the packet. It is just the terminology used to indicate that the register is a Holding Registers.
You are correct on the overlap of 6 digit vs 5 digit addressing, but I think the OP is looking for code with which to write his own app that supports a full 65K memory space, not the limited, earlier version code that only actually addresses 10K registers.
Either of the libraries that the OP mentioned will work for the entire 65K address space.
The NModbus library takes a ushort argument for the start address when reading/writing registers. Therefore, it supports values from 0 - 65,535, which is the entire range.
The EasyModbus library takes an int argument for its starting address when reading/writing registers and checks for invalid values above 65,535. So EasyModbus also supports the entire register address range from 0 to 65,535.