March 2009

Babel Buster Network Gateways: Big Features. Small Price.
Control Solutions, Inc. - Minnesota

(Click Message to Learn More)

Connecting BACnet devices to an IP infrastructure
This paper reveals how all BACnet devices can effectively share a common IP network — thereby enhancing the power and convenience of BACnet.

George Thomas,
Contemporary Controls


New Products
Past Issues

Blue Ridge Technologies

Few people understood what the Internet Protocol (IP) was before the Internet became wildly popular. IP is the heart of the Internet, and for building automation systems (BAS), IP is becoming increasing important. That was not the case in the last decade of BACnet development in which several data link technologies were included — including Ethernet. But Ethernet is not IP although it works well with IP networks. The BACnet community recognized the need for a convenient method of attaching to IP networks in a meaningful way with the release of BACnet/IP, but many legacy BACnet devices exist and non-IP BACnet devices continue to be produced everyday. This paper reveals how all BACnet devices can effectively share a common IP network — thereby enhancing the power and convenience of BACnet.

Why the Internet Protocol?

Why are BACnet plugfest participants encouraged to attach to an IP network when testing for interoperability? Why at trade shows are IP networks used for interoperability demonstrations? It is because connecting to an Ethernet backbone running the IP protocol is convenient. Attempting to do the same with a BACnet MS/TP bus network is not as convenient.

IP is important for reasons other than convenience. Building automation systems and information technology (IT) are quickly converging with both areas sharing a common IP network. This IP network is the quickest way to gain access to the Internet which is the world’s wide-area-network (WAN). All modern communication networks are IP-based even if communication is restricted to local-area-networks (LANs). Modern buildings are designed and built with structured wiring in mind with integrated telephone and data wiring that can operate at Gigabit Ethernet speeds. Why run proprietary fieldbus networks when structured cabling is already in place? Even non-BACnet building automation systems are connecting to IP — including access control systems, security systems, life-safety systems, and lighting systems. LON-based systems are using the IP networks as a tunnel taking advantage of “free” wiring.

When we think of IP networks we think of Ethernet with speeds of 10, 100 or 1000 Mbps running over CAT 5, CAT 5e or CAT 6 twisted-pair cabling. These same speeds can be achieved over multimode or single-mode fiber optic cabling as well. Granted, the higher speed connections are wired, but there are plenty of wireless technologies that attach to IP networks. It is clear that the backbone of choice is IP.

BACnet and Its Flavors

Building Automation and Control Network (BACnet) protocol was introduced in the mid-90s using four of the seven layers of the Open Systems Interconnection (OSI) model as shown in Figure 1. At the lowest level of the model is the physical layer which is concerned with sending symbols representing binary data across a medium. The highest level is the application layer which defines the meaning of the data as it is sent between stations. This is where BACnet objects and properties are defined. After surveying what BAS vendors were providing at the time, the BACnet committee of the American Society of Heating, Refrigerating, and Air-Conditioning Engineers (ASHRAE) decided to support five data links – Ethernet, ARCNET, Master-Slave/Token-Passing (MS/TP), Point-to-Point protocol (PTP), and LonTalk. A data link defines how stations are addressed and how data in the form of frames are sent between stations within a local-area-network (LAN). A set of similar stations within one data link constitute a network. Stations with incompatible data links cannot communicate to one another at this level. Since interoperability between the various data links was a goal of the BACnet SPC 135 committee, the BACnet Network Layer was introduced, completing the four-layer model.

Figure 1. The BACnet four-layer model supports several data links including Ethernet.

Figure 1. The BACnet four-layer model supports several data links including Ethernet.


IEEE 802.3, now an ISO standard, refers to part 3 of the Institute of Electrical and Electronics Engineers’ 802 standard entitled Carrier sense multiple access with collision detection (CSMA/CD) access method and physical layer specifications. However, we typically call this 1500 page standard Ethernet. Ethernet, along with a Logical Link Control (LLC) as defined in ISO 8802-2, forms a data link that can operate at speeds of 10 Mbps, 100 Mbps and 1 Gbps. Ethernet’s physical layer includes several copper and fiber options such as 10BASE2, 10BASE5, 10BASE-FL, 100BASE-TX, 100BASE-FX, and 1000BASE-T. Any of these options can be combined in one piece of equipment and each is compliant with BACnet/Ethernet. Ethernet provides for greater speed, star topology, and transformer-isolated transceivers. However, BACnet/Ethernet is not the same as BACnet/IP Ethernet. With BACnet/Ethernet, LAN addressing is accomplished using the Ethernet’s media access control (MAC) address. The MAC address is the 48-bit worldwide unique value given to every Ethernet controller chip and not the 32-bit IPv4 address we would expect with an IP/Ethernet device. Of all the BACnet data links, Ethernet provides the greatest speed.


Master-slave/token-passing remains a popular BACnet data link with baud rates from 9.6 kbaud to 76.8 kbaud. It provides its own logical link control to BACnet’s network layer. Like ARCNET, MS/TP uses a token-passing protocol, but it is implemented in software using a serial port on a microcontroller. MS/TP relies upon a very common physical layer called 2-wire EIA-485. EIA-485 transceivers are relatively inexpensive and typically found in low-cost controllers. They can drive long lines and can operate at the required upper limit data rate of 78.6 kbaud.


As the popularity of TCP/IP exploded, the BACnet community needed a strategy for using the BACnet protocol in an IP world without a major re-write of the standard. The result was BACnet/IP (B/IP) which is described in Annex J of the BACnet standard. The body of the BACnet standard makes exclusive use of MAC addresses for all data links, including Ethernet. But in the BACnet/IP world, IP addresses are needed. For BACnet/IP, Annex J defines an equivalent MAC address comprising of a four-byte IP address followed by a two-byte UDP port number. The BACnet community registered a range of 16 UDP port numbers as hexadecimal BAC0 through BACF.

BACnet/IP incorporates the same four-layer ISO model as shown in Figure 1. Routers operate at the network layer. Since routers were already defined in “The Network Layer” (clause 6 of the BACnet standard), Annex J makes reference to this clause. Annex J introduces the concept of the BACnet Virtual Link Layer (BVLL) which provides an interface between Clause 6 equipment and another communications subsystem. BVLL messages can be either directed or broadcast. A directed message is exchanged between two IP addresses and no others. A broadcast message originates from one IP address and is sent to all other IP addresses on the subnet.

Infrastructure Equipment

In order to understand how infrastructures are built, you need to understand the role of infrastructure equipment. Figure 2 shows the four-layer communications reference model that BACnet uses — with infrastructure equipment associated at each level.

Figure 2. The role of infrastructure equipment depends upon the communications level.

Figure 2. The role of infrastructure equipment depends upon the communications level.


As mentioned before, the physical layer is concerned with the transmission and reception of symbols representing binary data sent across the medium. A repeater is used to simply link together two cable segments to make a longer run. A good example is a 2-port EIA-485 repeater used to extend MS/TP or ARCNET cable lengths. An example of a multi-port repeater is an Ethernet repeating hub. A media converter is used to change one medium to another such as from copper cabling to fiber optic cabling. All these devices operate on the symbols sent over the wires. They provide low latency but do not understand protocols or even the data link under which they operate. These are very simple devices.


One step up the reference model is the data link layer which is the home for bridges. Bridges link two or more of the same data links together with the best example being an Ethernet switch. An Ethernet switching hub is fundamentally different from an Ethernet repeating hub. A switching hub operates upon the frames sent from Ethernet stations or from other Ethernet switches. In the normal mode of operation, a complete frame is received on one port of the switch before it is sent out to all other ports on the switch. This is called store and forwarding. No forwarding occurs at the port where the frame was received. Therefore, a switch has much more latency than a repeater because it must wait until the complete frame is received. Although an Ethernet repeating hub is part of the Ethernet collision domain, an Ethernet switch terminates an individual collision domain at each of its ports. Therefore, cascading switches does not limit the physical Ethernet network like repeating hubs. Much greater distances can be achieved with switches than with repeating hubs. A switch can also operate in full-duplex mode — assuming its link partner is full-duplex compatible. Full-duplex can effectively double the throughput. With switches, there is potentially no restriction on data rates. Different ports on the switch can operate at different data rates.

There is another advantage to switches. A switch learns the location of Ethernet stations by noting in its database the MAC address of each station initiating a transmission and noting at which port the transmission was received. This process is called learning. This MAC address/port number combination remains in memory so that the switch will know to which port it should direct transmissions destined to a particular MAC address. When a switch receives a message with a destination MAC address recorded in its database, it will forward the message only from the port with the associated MAC address. This reduces traffic on the network by restricting transmissions to only those ports party to the transmission. This process is very efficient as long as all transmissions are unicast or directed messages — where the transmission is from one station and directed to another. With broadcast transmissions, all stations must hear the transmission so the transmission is flooded to all ports on the switch. In this situation the switch functions much like a repeating hub. To allow for topology changes, the database is periodically cleared and the location of MAC addresses is re-learned. This process is called aging.

Switches are commonly used in Ethernet networks since their benefits far outweigh their shortcomings. Their greatest inconvenience is when attempting to troubleshoot network protocols — since network traffic does not appear on all ports of a switch.


Optergy At the network level there are routers that link networks together to form an internetwork. Instead of individual frames, routers operate upon packets. The most famous internetwork is the Internet and the most famous network layer protocol is the Internet Protocol. The Internet is a public network, but it is not necessary to have access to the Internet in order to construct an IP infrastructure. Using the same Internet Protocol and the same IP infrastructure equipment, an intranet can be created to achieve the highest level of security with the convenience of using a structured wiring system. An intranet is a private network that uses the Internet Protocol. Best practice calls for assigning private IP addresses to all devices to ensure no conflict with public addresses. Private addresses are restricted to the LAN side of the router while public addresses are on the WAN side. If there is no intention to connect to the Internet, then there is no need to supply a router for this purpose. But if the intranet is so large or complex that sub-netting the networks is desired, IP routers are still needed.

Think of an IP router as one device with two halves. The names of the two halves vary but typical terms are LAN side – WAN side, Private Side – Public Side, Trusted Side – Not Trusted Side, and simply LAN 1 – LAN 2. The LAN – WAN terminology may be easier to understand when talking about IP routers connected to the Internet, while the LAN1 – LAN2 references are best for sub-netting a larger network.

IP routers can be much more complex than an Ethernet switch, but they serve a much different purpose. IP routers block broadcasts from propagating from one side to the other. They restrict blocks of IP addresses to one side or the other. They can provide a firewall function by allowing only those messages through the router that are intended. Unintended messages, or messages constructed in an unexpected manner, are dropped with no indication given to the sender.

A BACnet router is not necessarily an IP router. A BACnet router understands the BACnet Network Layer protocol and not the Internet Protocol unless it is supporting BACnet/IP. A BACnet router attaches two or more BACnet data links together to form one BACnet internetwork. The physical layers could be quite different on each side of a BACnet router because of the different data links BACnet supports. With an IP router, Ethernet is typically present on each side of the router.


The terms gateway and router are sometimes intermixed. In the strict sense, gateways operate on messages sent between two different application layers. Since the application layers are incompatible, custom software must be developed in the gateway so that meaningful data can be exchanged between the two devices. The best example is the BACnet application layer and the Modbus application layer. Because there is no application layer commonality, a gateway must provide an interface. Converting Modbus serial to Modbus TCP is different. The application layers are compatible, so it would appear a router is in order. However, the term gateway could be loosely applied to this situation as well.

An Infrastructure Example

Figure 3 shows a typical building automation system that is to share the same IP infrastructure as other information technology equipment. Perhaps the specification calls for existing structured wiring to be used to reduce installation expense while allowing the complete system to be monitored from any point on the IP network. For remote access, the Internet is to be used.

Figure 3. Typical BAS system using an IP infrastructure.

Figure 3. Typical BAS system using an IP infrastructure.

At the top is a single BACnet/IP compliant building controller (BC), having no point I/O of its own, is attached to Ethernet and supervises the complete system. It can be called a building controller, application engine, or IP network controller. A BACnet/IP operator workstation (OWS) provides an overview of the system. A laptop computer functions as a commission tool for a BACnet MS/TP device.

At the bottom are found individual sensors and actuators that are not part of any network — although sometimes proprietary sensor buses are used. However, for sake of discussion we will say that sensors and actuators connect on a one-to-one basis to Direct Digital Controllers (DDC) or Remote Input/Output (RIO) devices. A DDC is an intelligent device that can execute a control algorithm, while an RIO is an intelligent device that can concentrate input/output points and forward the data to a DDC over a serial bus or network. RIO devices do not implement control. The DDCs and RIOs in this example connect to either an MS/TP, Modbus serial, or BACnet/IP network.

This BAS example identifies equipment residing in several domains.

• Sensors and Actuators
• Modbus Serial
• BACnet MS/TP
• BACnet/IP Ethernet
• Internet

Sensors and Actuators

Sensors are used to measure parameters within the process, while actuators manipulate the process. These active or passive, analog or binary, input/output devices reside at the lowest level of the control hierarchy. Analog input devices are used to measure temperature, humidity, air quality, or velocity. An analog output device can be a motor speed control, a value positioner, or a damper positioner. Passive analog sensors, such as thermistors that measure temperature, require low-level excitation from the receiving device to accomplish the measurement. Calibration curves are built into the receiving equipment. More accurate measurements call for an analog transmitter capable of outputting either a 0–10 V or 0–20 mA signal to a receiving device. Binary input devices can be passive pushbuttons, limit switches, or level switches. The receiving equipment provides the sensing current that “measures” the state of the binary input. Binary output devices could be motor starters, interposing relays, pilot lights, and solenoid valves. The driving device must have sufficient capability to power the actuator. For analog output devices, either a 0–10 V or 0–20 mA command signal is usually required.

Modbus Serial

Besides BACnet and LON, Modbus-compatible equipment is frequently used for building automation — especially for energy measurement or for motor drives. The Modbus physical layer is typically 2-wire EIA-485. While a Modbus TCP device would allow for a direct connection to an IP/Ethernet network, Modbus serial devices (because of the incompatible application layers) will require either a gateway to BACnet/IP or a Modbus Serial to Modbus TCP router. Either way, Modbus serial devices can be viewed from an IP network.


The popularity of MS/TP ensures that there will be plenty of devices that require attachment to an IP network. Unitary controllers and programmable thermostats bused over an EIA-485 physical layer are typically found at this level. Attachment to an IP infrastructure is accomplished using a BACnet MS/TP to BACnet/IP router. This routing capability can be found in either a building controller that supports routing or in a stand-alone router.

BACnet/IP Ethernet

BACnet/IP devices can directly attach to the building’s IP infrastructure. The most convenient method is to use Ethernet. In this example there is one building controller and one workstation attached to all other devices through an Ethernet copper connection. That does not preclude the use of fiber optics as shown in the example. BACnet MS/TP devices are connected to routers which are attached to switches. Ethernet switches are not protocol-aware and only facilitate connections to the IP infrastructure. They do not block broadcasts and the complete IP network can be treated as a single BACnet internetwork.


In order to gain remote access to or from the Internet, an IP Router is needed. For security, the IP router also functions as a stateful firewall. On the LAN side of the router is the BAS which is treated as an intranet. On the WAN side is the Internet.

A longer printed version of this article can be obtained by contacting Contemporary Controls at +1-630-963-7070.


Haystack Connect 2015
[Click Banner To Learn More]

[Home Page]  [The Automator]  [About]  [Subscribe ]  [Contact Us]


Want Ads

Our Sponsors