Skip to content

Network Port Configuration

3.9

In BACnet's networking model, each link to a different BACnet network is encapsulated in a Network Port. As of version 3.9, Normal supports multiple network ports simultaneously; this allows for stable connections on multiple UDP ports, BBMDs, or BACnet/SC hubs. By default, Normal will configure a BACnet port on the first network interface.

BACnet/IP

BACnet/IP transfers BACnet traffic within UDP packets. To account for limitations with UDP broadcast, it also supports a link-layer construct called a BACnet Broadcast Management Device, or "BBMD".

To configure a BACnet/IP link, you must select:

  • A local interface to run on;
  • A UDP port number; and
  • Optionally, BBMD settings (IP address and port number of the BBMD).

If the BBMD settings are present, Normal will register as a Foreign Device at that BBMD.

BACnet/Ethernet

BACnet/Ethernet is an alternative link layer which encapsulates BACnet traffic directly within Ethernet frames. Although it is less commonly used, it is in use by certain vendors. Since it uses Ethernet directly, you must be on the same physical link as the BAS in order to communicate with BACnet devices.

BACnet/SC (Secure Connect)

BACnet/SC allows BACnet connections to communicate over WebSockets, generally a more IT-friendly protocol. BACnet/SC defines two roles: nodes and hubs. Normal implements Hub functionality, which allows it to connect to BMS hubs using a WebSocket secured by MTLS. Since support is still emerging across different vendors, it may have compatibility problems; we have tested with Delta Controls entelliWEB, and the ASHRAE reference implementation.

In order to connect to a hub, you often need to generate a private key and certificate for Normal, and then have the certificate signed by the Certificate Authority of the hub you are joining. Vendors supporting SC hubs typically provide a way to sign third-party device certificates.

To generate a new key and certificate signing request (CSR), you will need to use openssl (or a similar tool):

$ openssl req -new -newkey rsa:2048 -nodes -keyout nf.key -out nf.csr

This will ask you a series of questions about different key fields. Fill them in according to your situation and any instructions from the hub vendor.

Secure Connect Configuration

Once you have generated a certificate from the hub, upload this key file, the CA certificate, and the device certificate into the network port configuration in settings page.