Solving BACnet Broadcast Storms with OptigoVN

An AI-Generated image of a satellite image of large hurricane seen from above.
BACnet global broadcast messages are important for device discovery, notifications, and other common operations. But without constraints, they can grow into BACnet broadcast storms, slowing your network to a crawl. Find out how to find and solve them with Optigo Visual Networks (OptigoVN).

Who-Is, I-Am, and BACnet Broadcasts

BACnet devices are a chatty bunch. The protocol requires BACnet devices to use broadcast messaging to discover and establish communications with each other*. We still need BBMDs to “punch through” IP routers, deny broadcast packets, and deliver messages to other BACnet devices across different subnets. 

Although the messages themselves are small in size, a lot of traffic is still being created and shared around the network. It’s also a resource burden on the devices themselves—as they must process and choose an action for every broadcast message that’s received. 

*Broadcast messages can also be used for COV notifications, event notifications, alarms, and other vendor-proprietary messages.

Targeted Who-Is/I-Am

BACnet devices need to establish where everything is before they can start talking directly to each other. They do that by sending out what’s known as a  Who-Is message. As in, “Who is at device instance number 3004, I need your (MAC or IP) address.” This message will be processed by every BACnet device, and the correct device (number 3000) will respond with the I-Am broadcast message. As in, “I’m at 3004, and my address is XXX.” And because that response is broadcast back, all the BACnet devices originally targeted now know the address too.

Global Who-Is/I-Am

This is where things can start to get sticky. A “global” Who-Is occurs when the request doesn’t specify a device or a range of devices. In this case, every device on the network responds with an I-Am. Global Who-Is requests are commonly used to discover all the devices on your system. This becomes a problem, though, when the Who-Is messages—and the I-Am responses—are sent too frequently. For example, on a system with a large number of devices (>1000), a single Global Who-Is will produce a large spike of I-Am broadcast messages.

So What’s a BACnet Broadcast Storm?

Global Who-Is requests are important, not just for device discovery, but for events and alarm reporting. But if they occur too often, they create “broadcast storms”, a clog in the system caused by all the I-Am replies. Forcing BACnet systems to dedicate their limited resources to processing and responding to global Who-Is messages can have a lot of detrimental effects, including:

  • Device Overload: High numbers of discovery requests could be a sign that devices are overwhelmed, resulting in inconsistent responses and further requests. In other words, a self-inflicted Denial of Service attack.
  • Network Performance Degradation: High levels of discovery requests can saturate the network bandwidth, causing performance degradation for other network traffic.
  • Overall network instability.

Simply put, broadcast storms are messaging run amok. Some device(s) on your network have been (mis)configured to send out Who-Is messages too broadly and too often. As devices continue to receive and broadcast Who-Is/I-Am messages, the traffic they generate simply overwhelms the devices’ capacity to deal with it. 

An image of a laptop with OptigoVM Diagnostic results displayed, showing BACnet MSTP troubleshooting issues

How many issues will you solve today?

How OptigoVN Helps

OptigoVN has several diagnostics that help to surface broadcast issues:

The Device Global Discovery diagnostic is designed to measure and report global Who-Is requests that exceed our best practices threshold (the details of that are here). Rather than having to run through a series of different manual tests to narrow down symptoms—like slow downs, random connectivity issues, etc. —OptigoVN will instantly report back on an excessive traffic issue due to too many global Who-Is requests. 

Now that you’re aware of the issue, let’s track down the culprits. With an optional Site Scope enabled on your OT network, you can leverage the Excessive Traffic Rate: Broadcast by Source diagnostic to pinpoint the devices with the most broadcast messages. The context from Site Scopes will tell you the rate of broadcast packets per minute (PPM), as well as the largest broadcast rate from a single device. With the source addresses of the devices transmitting a high rate of broadcast messages, you can now review and adjust the configurations of devices to lower the frequency of broadcast messages and retest to ensure the issue has been resolved. That’s it!

A screen shot of the OptigoVN traffic rates by broadcast source readout. Helpful in tracking down devices responsible for causing broadcast storms!

By regularly running OptigoVN’s diagnostic suite, you’ll be able to proactively track down excess broadcast messages before they escalate to a full-blown broadcast storm.

Best Practices to Reduce BACnet Broadcast Issues

Once you’ve diagnosed the issue with OptigoVN, there are several steps you can take to reduce the chances of a BACnet broadcast storm from reoccurring:

First, a Who-Is should be a targeted message to one, or a few, devices — not the entire network. Some level of broadcast is okay and necessary, but it should be much less frequent than the usual set-by-default programming. And if devices are requesting I-Ams from every device on the network, you will quickly end up with broadcast storms. 

Second, Global Who-Is messages should only be sent very sparingly — not once every minute, or five minutes, or even 30 minutes. Think about it: there’s no need to poll every device on the network for their “name and address” several times a day, or even several times a week. If your devices are configured to send out periodic Global Who-Is requests, check the frequency and consider whether that is necessary. Some devices’ configurations can be changed to eliminate these requests, while others can only be reduced. If you can’t delete them, increase the amount of time between Global Who-Is messages to the maximum amount allowed.

Third, if these automatic messages are required, consider setting up a Segmented Who-Is, rather than Global. A Segmented Who-Is breaks up the requests into many smaller ones, looking for ranges with the entire BACnet device ID range, excluding known device IDs. For example, a device will say “Who-Is 0–99” and then send “Who-Is 100–199,” minimizing the number of concurrent I-Am messages.

BACnet, to broadcast storms, and beyond, are you ready to see what OptigoVN can do for your OT networks?  Create your free account, and get started today.

Share This Post

Don't want to wait?

Sign up now to get posts delivered right to your inbox the moment they go live.

An overhead photograph of a solar farm in an urban setting, possibly a parking lot.

How OT Networks Drive Decarbonization and Energy Efficiency

Energy efficiency is at the heart of many organizations’ policies to address their overall carbon footprints. For facilities operators, campus managers, and their vendors, the drive to decarbonize falls under their purview. Let’s look at what exactly decarbonization is, what impacts this policy has on OT networks, and some of the ways facilities and systems integrators have begun to tackle the problem.

Read More »
A photograph of a blue pad lock on top of an open laptop

Is BACnet/SC the Key to Securing OT Networks?

The success of BACnet/SC will depend on how widely it is adopted and how well it integrates with other security technologies. That said, with the right implementation strategies, and a focus on maintaining flexibility and interoperability, BACnet/SC has the potential to play a central role in securing OT networks against future threats.

Read More »

How OptigoVN Helps Hardware Sales

Selling hardware to your customers is a net positive for everyone. So how do you encourage customers to break into their budgets for upgrades and replacements? Leveraging OptigoVN is a great way to bring data-based proof to your customers when it comes time to make recommendations.

Read More »