碼上快樂

相關內容    簡體    繁體

歐姆龍 EntherNet/IP(CIP報文格式)

本文轉載自   查看原文   2019-12-06 17:16   767    c#/ PLC

Enthip/IP_ CIP報文格式

測試Demo在文章末尾

注冊請求幀:

0x65 0x00   注冊請求命令 2byte

0x04,0x00   header長度2byte   < 封裝頭>

0x00,0x00,0x00,0x00 會話句柄 4byte()

0x00,0x00,0x00,0x00    狀態默認0 4byte

0x00, 0x00, 0x00,0x00,0x00,0x00,0x00,0x00 發送方描述 默認0 8byte

0x00,0x00,0x00,0x00選項默認0 4byte

0x01,0x00  協議版本

0x00,0x00  選項標記

注冊請求幀發送實例:

65 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00

 

注冊應答幀:

  0x65,0x00,命令 2byte
  0x04,0x00, CommandSpecificData的長度 2byte
  0x6B,0x01,0x01,0x00,會話句柄 4byte 由PLC生成
  0x00,0x00,0x00,0x00,狀態默認0 4byte  狀態字段
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,發送方描述默認0 8byte
  0x00,0x00,0x00,0x00,選項默認0 4byte

  0x01,0x00,協議版本 2byte

  0x00,0x00,選項標記 2byte

注冊請求幀接收實例:

65 00 04 00 71 01 0E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00

(提取會話句柄或者會話ID  71 01 0E 00

狀態字段

 

 

 

 

 

************讀取信息報文幀  EtherNet/ip *************************

PLC標簽:TAG1

讀取報文:

6F 00 28 00 70 01 27 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 02 00 00 00 00 00 B2 00 18 00 52 02 20 06 24 01 0A F0 0A 00 4C 03 91 04 54 41 47 31 01 00 01 00 01 00

下面是解析:

6F 00 命令碼

28 00  后面報文長度 指:( 00 00 00 00 01 00 02 00 00 00 00 00 B2 00 18 00 52 02 20 06 24 01 0A F0 0A 00 4C 03 91 04 54 41 47 31 01 00 01 00 01 00

70 01 27 00  會話句柄

00 00 00 00   狀態,初始值 0  狀態好

00 00 00 00 00 00 00 00 發送方描述

00 00 00 00   選項默認

以上是封裝頭Header(6F 00 28 00 70 01 27 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00)

 

 

以下是特別命令數據:

00 00 00 00:接口句柄 00 00 00 00 代表CIP

01 00  超時

02 00項數

00 00  空地址項

00 00   空地址項長度

B2 00   未連接項 默認

18 00  CIP報文包的長度(52 02 20 06 24 01 0A F0 0A 00 4C 03 91 04 54 41 47 31 01 00 01 00 01 00)

52命令

02請求路徑長度

20 06 24 01默認請求路徑

0A F0 0A 00默認超時

4C服務標識

03 CIP長度多少字(91 04 54 41 47 31)

91固定

04PLC標簽長度 多少個字節

01 00讀取長度

01 00 01 00 槽號

 

 

 

 

 

 

 

 

返回報文幀解析 

6F 00 18 00 71 01 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   封裝頭

00 00 00 00 01 00 02 00 00 00 00 00 B2 00 08 00 CC 00 00 00 C1 00 00 00   特定命令數據

 

6F 00  命令

18 00 長度  (總長度 -封裝頭長度 )

71 01 14 00 會話句柄(會話ID)

00 00 00 00 會話狀態

00 00 00 00 00 00 00 00 發送方描述  固定

00 00 00 00 選項 默認

 

命令特定數據

00 00 00 00 接口句柄 ,00000000 指CIP

01 00 超時

02 00 項數 默認2

00 00 連接的地址項

00 00 連接地址項長度

B2 00  未連接數據項

08 00  連接長度

CC  服務標識

00 填充字節

00 00 狀態

C1 00  數據類型 BOOL   (0x00C3(195) 為整型,0x00CA(202)為實型, 0x00C1(193)為布爾型,long 型為0x00C4,BYTE為0x00C2  )

00 00 數據值

 

網絡調試助手發送數據歷史記錄

 

[2019-12-03 15:33:31.560]# SEND HEX>   注冊會話   PC=>PLC

65 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00

 

[2019-12-03 15:33:31.564]# RECV HEX> 返回會話句柄 PLC=>PC

65 00 04 00 70 01 0D 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00

 

[2019-12-03 15:34:08.745]# SEND HEX> PC=>PLC讀取

6F 00 28 00 70 01 0D 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 02 00 00 00 00 00 B2 00 18 00 52 02 20 06 24 01 0A F0 0A 00 4C 03 91 04 54 41 47 31 01 00 01 00 01 00

 

[2019-12-03 15:34:08.751]# RECV HEX> plc=>PC返回

6F 00 18 00 70 01 0D 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 02 00 00 00 00 00 B2 00 08 00 CC 00 00 00 C1 00 00 00

注釋:C1 00 _BOOL   00 00_數據,true的情況下=01 00

寫單個標簽

在寫單個標簽之前 ,需要注冊會話,獲取會話句柄 ,之后進行寫入命令

下面是寫入單標簽完整報文幀 :

6f 00 2c 00 71 01 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 02 00 00 00 00 00 b2 00 1c 00 52 02 20 06 24 01 0a f0 0e 00 4d 03 91 04 54 41 47 31 c1 00 01 00 00 00 01 00 01 00

解析:

=>Header封裝頭:6f 00 2c 00 71 01 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

命令特定數據:

00 00 00 00 01 00 02 00 00 00 00 00 b2 00 1c 00 52 02 20 06 24 01 0a f0 0e 00 4d 03 91 04 54 41 47 31 c1 00 01 00 00 00 01 00 01 00

 

6F 00 :命令碼

2C 00 :長度(去除header后報文長度 字節為單位)

71 01 14 00 :會話句柄

00 00 00 00 :會話狀態

00 00 00 00 00 00 00 00 :發送方描述 固定

00 00 00 00 :選項 默認

 

00 00 00 00 :接口句柄 ( 00 00 00 00 指CIP)

01 00 :超時

02 00    項數 默認2

00 00   空地址項  默認

00 00  空地址項長度 默認

B2 00 未連接數據項 默認

1C 00:數據長度 指后面數據長度 (字節)

52 請求服務代碼

02 請求路徑長度

20 06 24 01 請求路徑 默認

0A F0  超時默認 245760ms

OE 00:長度 (從服務標識開始 到 寫入的值 結束 )

4D :服務標識

03 :長度(91 04 54 41 47 31 )

91:固定

04:標簽長度

54 41 47 31 :TAG1(標簽名)

C1 00:數據類型 bool0x00C3(195) 為整型,0x00CA(202)為實型,0x00C1(193)為布爾型,long 型為0x00C4,BYTE為0x00C2

01 00:寫入數量

 00 00 :寫入的值  false:0   TRUE:任意非0數

01 00 01 00 PLC槽號

 

返回報文:

6f 00 14 00 71 01 14 00 00 00  00 00 00 00 00 00 00 00 00 00 00 00 00 00

00  00  00 00  01 00 02 00 00 00 00 00 b2 00 04 00 cd 00  00 00

解析:

71 01 14 00:會話句柄

B2 00:未連接數據項 默認

CD:服務標識(寫)固定

00:填充字節

0000:狀態、 成功

單標簽寫入,調試軟件調試記錄:

 

[2019-12-03 17:08:09.346]# SEND HEX> 注冊會話

65 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00

 

[2019-12-03 17:08:09.353]# RECV HEX> 返回會話句柄

65 00 04 00 70 01 21 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00

 

[2019-12-03 17:08:42.352]# SEND HEX> 標簽TAG1 寫入0

6F 00 2C 00 70 01 21 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 02 00 00 00 00 00 B2 00 1C 00 52 02 20 06 24 01 0A F0 0E 00 4D 03 91 04 54 41 47 31 C1 00 01 00 00 00 01 00 01 00

 

[2019-12-03 17:08:42.357]# RECV HEX> 寫0結果返回

6F 00 14 00 70 01 21 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 02 00 00 00 00 00 B2 00 04 00 CD 00 00 00

 

[2019-12-03 17:08:55.840]# SEND HEX> 寫1

6F 00 2C 00 70 01 21 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 02 00 00 00 00 00 B2 00 1C 00 52 02 20 06 24 01 0A F0 0E 00 4D 03 91 04 54 41 47 31 C1 00 01 00 FF FF 01 00 01 00

 

[2019-12-03 17:08:55.845]# RECV HEX> 寫1結果

6F 00 14 00 70 01 21 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 02 00 00 00 00 00 B2 00 04 00 CD 00 00 00

 

[2019-12-03 17:09:11.630]# SEND HEX>寫1

6F 00 2C 00 70 01 21 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 02 00 00 00 00 00 B2 00 1C 00 52 02 20 06 24 01 0A F0 0E 00 4D 03 91 04 54 41 47 31 C1 00 01 00 01 00 01 00 01 00

 

[2019-12-03 17:09:11.639]# RECV HEX> 寫1結果

6F 00 14 00 70 01 21 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 02 00 00 00 00 00 B2 00 04 00 CD 00 00 00

 

多標簽讀取

參考單標簽的 報文幀

讀取TAG1  和TAG2

54 41 47 31  TAG1

54 41 47 32   TAG2

[2019-12-03 17:55:55.741]# SEND HEX>

6F 00 3E 00 70 01 27 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 02 00 00 00 00 00 B2 00 2E 00 52 02 20 06 24 01 0A F0 20 00 0A 02 20 02 24 01 02 00 06 00 10 00 4C 03 91 04 54 41 47 31 01 00 4C 03 91 04 54 41 47 32 01 00 01 00 01 00

 

[2019-12-03 17:55:55.847]# RECV HEX>

6F 00 2A 00 70 01 27 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 02 00 00 00 00 00 B2 00 1A 00 8A 00 00 00 02 00 06 00 0E 00 CC 00 00 00 C1 00 01 00 CC 00 00 00 C1 00 01 00

注銷會話

注銷會話報文是沒有返回值的

[2019-12-05 12:27:18.253]# SEND HEX> 注冊會話

65 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00

 

[2019-12-05 12:27:18.256]# RECV HEX> 返回會話句柄

65 00 04 00 71 01 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00

 

[2019-12-05 12:27:42.889]# SEND HEX>  注銷會話

66 00 00 00 71 01 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

 

66 00 :命令

00 00 :長度

71 01 04 00:要注銷的會話句柄

00 00 00 00 狀態 默認0

00 00 00 00 00 00 00 00:發送內容 默認0

00 00 00 00: 選項 默認0

 

 水平有限 ,有錯誤之處 ,多多包涵,意見或建議,請留言!

測試Demo 

鏈接:https://pan.baidu.com/s/1_niradiIAOPXUNV-k-PS9w
提取碼:9mc6


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 c#基於TCP/IP、CIP協議的歐姆龍PLC通信 c#基於TCP/IP、CIP協議的歐姆龍PLC通信 歐姆龍plc通訊協議格式 基於EtherNet/IP實現歐姆龍NX系列PLC通信 IP報文格式詳解 歐姆龍PLC HostLink協議整理 ip協議——ip報文格式 歐姆龍Fins讀寫指令大全 【新閣教育】基於EtherNet/IP實現歐姆龍NX系列PLC通信 TCP/IP參考模型和報文格式
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM