PDU (protocol data unit)

This is the central part of packets exchanged in S7-Communication. A PDU cosists of:
  • A 10 or 12 byte header
  • A parameter area
  • A data area
    • Header:
    Positionmeaningpossible values
    0allways 0x32
    1type1,2,3 or 7
    2,3unknown0
    4,5sequence number
    6,7length of parameters
    8,9length of data
    10,11error code
    Parameters:
    Positionmeaningpossible values
    0a function number
    restdepends on function number
    Data:
    Positionmeaningpossible values
    restdepends on function number
    Parameters for read request:
    Positionmeaningpossible values
    0function number for read4
    1number of items to read1..20
    2..item adresses, 12 byte each
    Forming the item address:
    Positionmeaningpossible values
    0,1,2unknownallways 0x12, 0x0a, 0x10
    3transport size or unit size1=single bit, 2=byte, 4=word
    4,5length in byte
    6,7number of data block0 for ares other than data block
    8area codesee area
    9,10,11Start address in bits.multiples of 8, if unit size is not bits
    read response:
    Positionmeaningpossible values
    0function number for read4
    1number read items1..20
    2..items, 4 byte "data header" +data each
    Data header:
    Positionmeaningpossible values
    0return code0xFF means ok, data follows after this header. Other codes give reasons why no data is returned.
    1transport size or unit size4=single bit, 9=byte
    2,3length in bits