Multiple IT VLANs-BAS access switches connected to the IT network with trunks - Metasys - LIT-12012458 - Field Device - 13.0

Metasys IP Networks for BACnet/IP Controllers Technical Bulletin

Brand
Metasys
Document type
Technical Bulletin
Document number
LIT-12012458
Version
13.0
Revision date
2023-10-23
Product status
Active
Language
English

As was the case when using a single IT VLAN, when connecting the BAS access switches to the IT network by way of trunks, the network engine s are physically connected to the BAS access switches. The traffic from both network engine s and the BAS switches are allowed over the trunks connecting the BAS access switches to the IT access layer switches. The trunks must be configured on both the BAS switch and the IT switch. Connecting the network engine s to the BAS access switches rather than the IT access layer switches reduces the number of switch ports which would have to be leased from IT. It also reduces the number of physical drops which would have to be run from an IT closet where the IT access layer switch resides to the mechanical room where the network engine would reside. Configuring a switch port as a trunk, however, puts a larger burden on the IT department which they may not be willing to do.

Figure 1 illustrates an example Segmented Metasys BACnet/IP Network configured using multiple IT VLANs with the BAS access switches connected to the IT network by way of trunks.

Figure 1. Multiple IT VLANs-BAS access switches connected to the IT network with trunks

In this example, the BAS access switches are connected to two IT access switches by way of trunk port uplinks allowing different IT VLANs, VLAN 2 and VLAN 3, each of which is associated with a /24 subnetwork. The BAS access switches and the network engine s are assigned static IP addresses from the existing IT VLANs' subnetworks. The following table illustrates the IP address configurations for the devices in IT VLANs 2 and 3. The IP controllers are once again assigned to BAS VLANs 10, 11, and 12 and are assigned to subnets in the BAS private address space as they were for the single IT VLAN case.

Table 1. IP Address Assignments for Devices in IT VLANs 2 and 3
IT VLAN Subnetwork Device/interface IP address Default gateway
2 192.168.2.0/24 SVI in the IT network (existing configuration) 192.168.2.1 Configured by IT
VLAN 2 SVI on BAS Access Switch 1 192.168.2.100 192.168.2.1
network engine supervising VLAN 10 devices 192.168.2.101 192.168.2.100
network engine supervising VLAN 11 devices 192.168.2.102 192.168.2.100
3 192.168.3.0/24 SVI in the IT network (existing configuration) 192.168.3.1 Configured by IT
VLAN 3 SVI on BAS Access Switch 1 192.168.3.120 192.168.3.1
network engine supervising VLAN 12 devices 192.168.3.121 192.168.3.120

Because all the network engine s and BAS access switches are not in the same IT VLAN, IP packets from a network engine in one IT VLAN have to be routed to an network engine in a different IT VLAN by the IT network switches. To enable Global Data Sharing between the network engine s in this network architecture, the network engine in IT VLAN 3 and one of the network engines in IT VLAN 2 must be configured as BBMDs. This is necessary for all the network engine s to be able to discover each other by way of BACnet broadcasts. As noted earlier, the IP packets from the controllers in the BAS private address space cannot be routed by the IT network switches. Therefore the IP controllers connected to a BAS access switch in one IT VLAN cannot communicate with IP controllers connected to a BAS access switch in a different IT VLAN. This also means that peer-to-peer references cannot be established between IP controllers connected to BAS access switches in different IT VLANs.