I am using libnodave and s7netplus to read and write data blocks to my simatic s7-300.
Everything is working fine but I want to understand how libnodave or s7netplus are workingso that I can implement something similar in c++ or c# myself based on plain tcp/ip sockets, just for fun.
On the library websites or source code itself I could not find any information about how they are implemented only that they are using tcp/ip sockets (I know in libnodave you can also use other ways but for now I am only focused on tcp/ip).
On my researches on other websites I found that I can use open tcp/ip or modbus tcp/ip.
But I could not really find any specifications related to simatic s7-300 which are telling me how to establish a connection or what to send to start a data transfer....
Please don't understand me wrong.
For example for modbus tcp/ip itself I can find specifications but these specifications are not telling me anything about what to send to the plc if I want to read 10 bytes from data block 17 or write 3 bytes to data block 1.
So my question is which possibilities on top of tcp/ip I have to exchange data from a pc with my plc and where I can find exact specifications related to simatic s7-300?
The communication protocol to a Siemens PLC is discribed on the site of Snap7. http://snap7.sourceforge.net/siemens_comm.html
(Maybe better to use Snap7 instead of Libnodave for support of newer PLC's!)