Presentation is loading. Please wait.

Presentation is loading. Please wait.

Naming, Addressing, & Discovery

Published byEnrique Ashland Modified over 10 years ago

Similar presentations

Presentation on theme: "Naming, Addressing, & Discovery"— Presentation transcript:

1 Naming, Addressing, & Discovery
BACnet IT Naming, Addressing, & Discovery

2 Identifying things Devices Objects Properties Device ID Device Name
Network address (network + “MAC” address) Objects Object Name Object ID (Object Type + Object Instance Number) Properties Property ID

3 Identifying things Three ways of identifying a device causes problems
Difficult to keep all three device “identifiers” unique and consistent with each other Some vendors ensure Device ID is unique, others only ensure the name is unique It’s difficult to avoid collisions in a small namespace (e.g. Device ID, network number) Brittle – BACnet clients can persist any of the three identifiers, so Changes at the network level (e.g. IP address change) can break things at the BACnet level (BBMDs, COVs) The requirement that the naming tuple (ID, Name, Address) be stable makes it difficult to change any part

4 Network Address issues
Network address <-> Device ID <-> Device Name One to one to one mapping makes it difficult to host more than one BACnet device on a single physical device To workaround device must create its own virtual network Adds complexity Exacerbates network address space management issues It’s difficult to keep small integer namespace unique Merging two networks almost certainly requires renumbering Device IDs, Network numbers BACnet’s “MAC” layer addresses leak into upper layers Doesn’t work with NATs

5 Why multiple identifiers?
Most BACnet operations (e.g. Read Property) just use the network address The rest of the identifiers are only there to support multiple forms of discovery: Lookup by Device ID (Who-is) Lookup by Device Name (Who-Has) Lookup by Network address (Device Object 222-1)

6 Naming rules No restriction on characters that can appear in a BACnet name In theory quotes, slashes and other problematic characters could appear in names Limits toolset available to programmers for handling BACnet names BACnet supports several character encodings E.g. ANSI X3.4, DBCS Could potentially be an interoperability issue Different vendors allow different max lengths Could be impediment to interoperability

7 BACnet IT naming What can we do to improve the situation in BACnet IT?
Have one way to name a device, not three Be clear about what should be persisted and what shouldn’t Persist names, not addresses! Make it easy to support multiple devices on a single “host”

8 Naming recommendations
BACnet devices should only have names Impose reasonable syntax restrictions Borrow rules from some other spec – e.g. only what’s allowed in an XML NMTOKEN, or a DNS hostname? Use Unicode Specify a single industry wide max length Describe the procedure for obtaining a network address from a BACnet device name Copy obvious design paradigm from URLs Host name part is looked up via DNS Recommended that IP addresses not be persisted long term except in unusual cases

9 Use URLs for names? Why not? Very successful for the web
Are there advantages to being able to identify host, device, object, and property in one string? Can name just host, or host+device, or host+device+object, or host+device+object+property Potential synergy with upcoming new BACnet Web Services specification

10 URI/URLs E.g.: We probably do not want to fix the hierarchy levels:
bacnet://host/device/object/property We probably do not want to fix the hierarchy levels: bacnet://host/building/floor/device/object Alternative example of a single device on a host: bacnet://host/object/property

11 Multiple devices per host
This isn’t hard if it’s part of your naming scheme bacnet://host/device1/object/property bacnet://host/device2/object/property But it should also be possible to do: bacnet://host1/object/property bacnet://host2/object/property host1 & host2 could each resolve to the same IP address DNS has no problem supporting arrangements like this But some unfortunate design designs on the web have confused this issue

12 Several web sites, one host
A single IP host can have as many DNS names as you want Can have many “A” records resolve to the same IP address Or use CNAME records (recommended) This works fine for http Hostname portion of the URL is looked up in DNS Get an IP address Open a TCP connection to the web server (port 80) Send an http GET command, & include the full URL being requested E.g.: GET //ocw.mit.edu/index.htm instead of just: GET /index.htm If is located on the same server as ocw.mit.edu, the web server can parse the GET URI to determine which web site is being requested

13 SSL is the problem https uses SSL, not TLS
SSL establishes the secure connection before any information is exchanged So when the web server provides your web browser with its authentication certificate, it doesn’t yet know what web site you wanted So its only choice is to give you a default certificate for the whole web service on that host E.g. you wanted for ocw.mit.edu, but the certificate says “ So your web browser puts up a warning Workarounds: “wildcard” names in certificates (but now many hosts share a secret), or Subject Alternative Names (need to know all possible names when certificate is issued)

14 Avoid it with TLS TLS first establishes a TCP connection
So the conversation can start by identifying which “web site” (or BACnet device) is being requested, before the authentication step The tradeoff is that this name is sent in the clear SMTP works this way For BACnet, we would probably want to send only the device name in the clear Then establish a secure TLS connection and then specify the object & property names being requested

15 These names are too long
I miss my compact device ID/Network address! There are ways to deal with this Allow the use of short-identifiers (e.g. 32-bit numbers) to name devices, objects, or properties But only to help transmission efficiency Limited lifetime – no long-term persistence! But how to manage lifetime? In a connection-oriented architecture, short identifiers would only be valid as long the connection was open To be efficient – keep a nailed up TCP (or TLS) connection to those you converse with often Look up the property you reference a lot once, and for the rest of the conversation just use the token If/when the connection drops, the token becomes invalid

Download ppt "Naming, Addressing, & Discovery"

Similar presentations

SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Services Networking for Home and Small Businesses – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Services Networking for Home and Small Businesses – Chapter 6.
Networking Support In Java Nelson Padua-Perez Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.

Networking Support In Java Nelson Padua-Perez Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Gursharan Singh Tatla Transport Layer 16-May-2011 1

Gursharan Singh Tatla Transport Layer 16-May
Understanding Networks Charles Zangla. Network Models Before I can explain how connections are made from across the country, I would like to provide you.

Understanding Networks Charles Zangla. Network Models Before I can explain how connections are made from across the country, I would like to provide you.
Web Client/Server Communication A290/A590, Fall 2014 09/09/2014.

Web Client/Server Communication A290/A590, Fall /09/2014.
 An electrical device that sends or receives radio or television signals through electromagnetic waves.

 An electrical device that sends or receives radio or television signals through electromagnetic waves.
1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.

1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.
Mr C Johnston ICT Teacher

Mr C Johnston ICT Teacher
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.

Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.
Chapter 10 Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Explain how the functions of the application layer,

Chapter 10 Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Explain how the functions of the application layer,
思科网络技术学院理事会. 1 Application Layer Functionality and Protocols Network Fundamentals – Chapter 3.

思科网络技术学院理事会. 1 Application Layer Functionality and Protocols Network Fundamentals – Chapter 3.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Communicating over the Network Network Fundamentals – Chapter 2.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Communicating over the Network Network Fundamentals – Chapter 2.
Chapter 6: Packet Filtering

Chapter 6: Packet Filtering
CS134 Web Design & Development Introduction to the Internet Mehmud Abliz.

CS134 Web Design & Development Introduction to the Internet Mehmud Abliz.

Similar presentations

Ads by Google