Manualshelf

User Manual

ManualsBrandsSiemens ManualsBuilding automationDesigo - Praxisleitfaden BACnet-Netzwerke in der Gebäudeautomation
11121314151617181920
Overview
Networking Ethernet/IP networks
3
14 | 71 A6V11159798_en--_03
Edge switches
The end devices are connected here. They are located at the end of the network in the control cabinets.
They are typically unmanaged layer 2 switches; managed layer 2 switches when setting up VLANs.
Layer 2 and layer 3 switches
Layer 2 switches (Ethernet switches) only take the Ethernet MAC address into account when transmitting a
data packet. No additional configuration required.
Layer 3 switches (IP router) use IP addresses to forward data packets. The routing function improves
structuring of IP networks and results in lower load caused by broadcast communication.
Managed and unmanaged
Administration is another distinguishing feature of switches. Managed switches have an IP address and
can be managed and configured using a web browser or Command Line Interface (CLI).
Unmanaged switches are take end devices online on the network. These switches have no additional
functionality such as filters, redundancy, or alarm functions.
Managed layer 2 switches support intelligent network management functions, such as port trunking, MAC
address-based VLANs and RSTP for ring topologies. Port mirroring for troubleshooting and diagnostics
using network analysis tools is an important aspect for using managed layer 2 switches.
Also important, especially on BACnet networks, is support of IEEE802.1X, or more specifically, MAC
Authentication (MAB) in general with a whitelist of permitted devices or a complete certificate-based
client-server access control and authentication that prevents unauthorized devices from connecting to a
network over public access ports. In principle, devices must first be authenticated on the switch before it
can communicate with other network elements.
Managed layer 3 switches are multifunction devices that, in addition to layer 2 functions, connect IP
subnetworks to one another, i.e. IP packets are transmitted to the correct subnetworks and broadcasts are
blocked. Moreover, a layer 3 switch can route VLANs to each other, i.e. VLANs remain autonomous, but it
supports a network transition or common interface.
VLANs
The era of setting up a separate network in building automation and control for each supplier and discipline
has passed. Multi-service networks allow each to work undisturbed on VLANs.
Managed layer 2 switches make it possible.
Implement a VLAN to optimize security and communication, if:
More than 250 devices from the same discipline are planned (concentration of risk).
Different security zones are required to separate primary plants form secondary plants.
A high degree of reliability is required.
D
D
HVAC
Video
V
L
A
N
T
r
u
n
k