Creating a secure BMS system for your customers: Part 8, BACnet

Now that we have a network established with a couple of buildings attached we need to get BACnet communicating.

Each LAN side of a ERX is a unique network segment. The ERX is an IP router and it will not pass the broadcast/multicast BACnet who-is discovery messages to other buildings or the server. Due to the routing we established in OpenVPN server/CCD files the connecting OpenVPN client in the ERX will place entries in its routing table so devices on the LAN can reach other sites. The BMS devices will be able to reach other sites and the server through their default gateway with no special configuration necessary but to bridge the broadcast network boundary each site will need a BACnet Broadcast Management Device (BBMD).

In the case of the supervisor software we are using, it can’t function as a BBMD so it needs to use Foreign Device Registration (FDR) to reach the first site and we can optionally declare the second site as a backup FDR target.