Digging into Wireshark display filters with Optigo

Optigo Networks Wireshark display filters new release
Optigo’s field dissectors recently accepted for the BACnet APDU

If you’ve been wanting to dive deeper into your BACnet packets, we’ve got great news: Optigo’s developers have been hard at work adding new display filters to Wireshark. These field dissectors expose more detailed information in BACnet packets, allowing you to get a deeper understanding of your systems.

In Wireshark, field dissectors let you expose a packet’s information in a human readable way. There’s a lot of data in each BACnet packet, and display filters let you translate that data and gather detailed information on your network.

Wireshark already has many display filters, but we’d noticed a few key ways we could contribute more. Our developers added field dissectors for the object name, to state, from state, notification type, error code, error class, event type, and present value.

Present value was a big addition, because it contains so much important information. It’s one of the most commonly used properties, conveying messages, updates, and instructions. For example, for an object in a thermostat, the present value may be the temperature reading; for an object in an air valve, the present value may be true or false, denoting that the valve is opened or closed. Some might even use percentages to say if it's fully opened or closed, or somewhere in between. The present value only makes sense when it is described with the device and object type. In Visual BACnet, we would use the present value in the Change of Value (COV) checks to show how sensitive COVs are set.

The information exposed with these field dissectors will drastically improve filtering in Wireshark. Let’s say you have one file with a million packets in it, and of those million, there’s 100 packets that specifically sends an object name. With bacapp.object_name, you can filter for just those 100 packets. You can get even more exact if you need to: filter bacapp.present_value.uint == 3, and it will show you all the packets that have bacapp.present_value.uint equal to 3 — and only those packets.

All these new display filters will help you better understand your BACnet networks. You won’t have access to the dissectors yet through Wireshark until a new release is available, but you can stay tuned on the Wireshark mailing lists. Visual BACnet, our advanced visualization tool for building automation system service providers, is already taking advantage these new changes to give you an even more powerful understanding of your BACnet networks. We’ll be adding in more to our diagnostic checks over the next few months too!

Recent Blog Posts

What defines a BACnet network?

BACnet Web Services is a standardized system that helps facilities managers integrate different types of information to understand their building and network.

April 3, 2019, Vancouver, BC – The latest release from Optigo Networks helps facility managers understand their building network’s health at the site, zone, and capture node levels.

We’re excited to announce the launch of our new Visual BACnet Site Manager! On April 25th, we’re releasing the latest update to Visual BACnet Site Monitoring.

We actually wrote a whole whitepaper on why you should use BACnet, interviewing thought leaders and technicians throughout the industry.

Recent Projects

Penn State University Optigo Networks Visual BACnet

PENN STATE UNIVERSITY

When Tom Walker looked at Penn State University’s Navy Yard network, he saw huge issues. The system was busy and loud, to the point where the overrun network was bringing down the entire building. Because this was happening on the MS/TP network, pinpointing the problem would mean boots on the ground to segment and test the chain, piece by piece.

Penn State University Optigo Networks Visual BACnet

PENN STATE UNIVERSITY

When Tom Walker first started working at Penn State University four years ago, there were a lot of network issues. Buildings were dropping offline. Broadcast traffic was pushing 90,000 packets per hour. Walker was on the phone almost every single night because devices were down or had to be reset.

 

Torre Manacar Mexico City Optigo Connect

TORRE MANACAR

When MR Soluciones began work on Torre Manacar, they knew they needed a flexible and scalable network infrastructure to support a wide array of integrated systems. Optigo Networks was a natural fit for the massive project, designing a robust network at a competitive cost.

short

SHORT PUMP TOWN CENTER

Short Pump Town Center, an upscale retail center, underwent a complete renovation in 2014. The flexibility of Optigo Networks’ solution meant the retail center’s unknown final design was not a barrier to placing IP surveillance equipment in the field.

BOULEVARD MALL

BOULEVARD MALL

Optigo Networks connected New York-based Boulevard Mall’s security surveillance devices in December 2015, using a Passive Daisy Chain topology.

Visual BACnet tech support team

TECH SUPPORT TEAM

One tech support team at a manufacturer purchased an account with Visual BACnet in April 2017, for technical problems around the world.

Aster Conservatory Green Optigo Connect

ASTER CONSERVATORY GREEN

The Aster Conservatory Green is a community comprising 352 residences across 24 low-rise buildings. The buildings use advanced surveillance and access control technology, including 40 HD video cameras and 60 FOB-access-tele-entry points for access control.

25 NATIONAL CIRCUIT

25 NATIONAL CIRCUIT

When Delta Building Automation (Australia) won the BMS Upgrade at 25 National Circuit for the Australian Trucking Association, they partnered with Optigo Networks to create a secure and robust Building Services Network (BSN). Optigo Connect more than delivered on this project with a scalable solution that restored the building network to perfection.

Optigo Connect Seattle Stadium

SPORTS AND ENTERTAINMENT CENTER

Optigo Connect offered a simple, cost-efficient solution for a premier Seattle-based stadium. Optigo Networks’ design improved the surveillance system to crystal clear perfection, made it dependable, and allowed the security system to scale with the addition of more than 40 16MP cameras.

TELECOM DATA CENTER

TELECOM DATA CENTER

Optigo Networks and OTI offered a secure and scalable solution for four data centers’ HVAC and Access Control systems throughout the United States. Optigo Connect’s performance in the first data center was so impressive, the client asked that Optigo replicate the network design for three other data centers.