Optigo Logo to return to homepage

Diving into transport and application

Deep dive into networking distech controls optigo networks transport and application layers

Share This Post

The worlds of IT and Operational Technology (OT) are merging more and more these days as the Internet of Things grows in prominence. This collaboration between IT and OT is great, but there are still gaps in understanding that keep these worlds from fully working together.

To help, we teamed up with Distech Controls to create a webinar series on networking, for OT professionals. Be sure to check out our previous Introduction to Networking, Network Access, and Internet Layer sessions as well!

In this edition about the Transport and Application layers, we dug into TCP, UDP, protocols, and more. Watch our webinar recording, and read the recap below. You can also download the PDF handout of our presentation to refer back to later.

The webinar dug into a lot of topics, including:

  • TCP & UDP (from 9:49 to 16:51)
  • Application Layer (from 16:51 to 24:40)
  • BACnet and BBMDs (from 24:40 to 41:55)
    • Live Demo
  • Protocols (from 41:55 to 58:27)
    • Hyper Text Transfer Protocol (HTTP)
    • Voice Over IP (VOIP)
    • Simple Mail Transfer Protocol (SMTP)
    • Simple Network Management Protocol (SNMP)
    • Secure SHell (SSH)
    • Secure File Transfer Protocol (SFTP)

Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)

The Transport Layer (from 9:49 to 16:51) defines the level of service and status of the connection used when transporting data. It’s helpful to think of this layer as the “language”: it basically defines what language two devices will speak to one another.

The primary protocols (languages) used to facilitate this are Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). There are many more protocols, but these are the two you will most often use when working with IP-based controllers.

TCP is a standard that defines how to establish and maintain a network conversation via which application programs can exchange data. TCP is considered a reliable transmission protocol because it re-orders unordered segments into the correct order, and it will re-send any data that gets lost in the network. On the downside, TCP has significantly more overhead than UDP, and does not allow for “one-to-many” messages.

UDP is a connectionless protocol that, like TCP, runs on top of IP networks. Unlike TCP, UDP provides very few error recovery services, offering instead a direct way to send and receive datagrams over an IP network. It’s used primarily for broadcasting messages over a network. UDP allows for multi-cast and is typically faster than TCP with less delay, assuming ideal network conditions. Unfortunately, UDP is not considered reliable, since it doesn’t typically make use of acknowledgements, retransmission of missing packets, or timeouts.

Deep dive into networking distech controls optigo networks transport and application layers

Application layer

The Application Layer (from 16:51 to 24:40) provides network services to applications, and contains high-level protocols. Before, we said that the Transport Layer is like the language two devices are speaking to each other. Following that line of thinking, the Application Layer is like the topic of conversation. This is typically the layer that most people are familiar with, because most of the services they are interested in using are at this layer.

The Application Layer has a lot of protocols — far more than there was time to discuss in this webinar session. A common one that many will be familiar with is BACnet/IP. It looks a lot like traditional IT networking, but BACnet/IP uses lots of broadcasts, employs BBMDs, connects with MS/TP, and uses no authentication or encryption.

Deep dive into networking distech controls optigo networks transport and application layers

There are two different types of network communications on the application layer: client server, and peer to peer.

Client Server:

  • Centralized server contains the useful application
    • Website/Data base
    • Authentication of clients
    • Remote commands
  • Request/Response based messaging
  • Pro: stable system
  • Con: server can be bottleneck

Peer to Peer:

  • Data exchange between devices
    • Distributed data
    • Streaming
    • File exchange
  • Direct or broadcast messaging
  • Pro: cheap & easy to scale
  • Con: less control over data

Deep dive into networking distech controls optigo networks transport and application layers

BACnet and BBMDs

Now, looking at BACnet (from 24:40 to 41:55) with what we know about the transport and application layers, BACnet is:

  • UDP
  • Peer to Peer
  • Looks like IT except for:
    • Lots of broadcasts (e.g. Who-Is)
    • BBMDs
    • MS/TP
    • No authentication or encryption

BACnet Broadcast Management Devices (BBMDs) act as a sort of forwarding service. They’re especially useful on large, complicated networks. A BBMD forwards messages from one subnetwork to another, so communications can be broadcast locally. No overwhelming the network, and no convoluted network of one-to-one communications.

Protocols

Common ports for protocols

Ports are assigned to a specific application/service via configuration. This is a means to differentiate traffic by service (recall the firewall discussion). This assignment can change if you want it to (i.e. SMTP defaults to port 25 but it can assigned another port).

Port number Protocol Application
20 TCP FTP data
21 TCP FTP control
22 TCP SSH
23 TCP Telnet
25 TCP SMTP
53 UDP, TCP DNS
67, 68 UDP DHCP
69 UDP TFTP
80 TCP HTTP (WWW)
110 TCP POP3
161 UDP SNMP
443 TCP SSL

Next, we covered common protocols (from 41:55 to 58:27). There are many more than what we could cover in this webinar session, so it’s important to learn what you need to know in your day to day position.

Hyper Text Transfer Protocol (HTTP)

  • Allows applications to define content by mark up language (HTML)
    • Body of messages can contain a wide range of session and presentation layer data
  • Client-server model (browser = client, website = server)
  • TCP message exchange to send client requests and server responses
  • HTTPS – secure version
  • Rest APIs – Architecture communicates via HTTP

Deep dive into networking distech controls optigo networks transport and application layers

Voice Over IP (VOIP)

  • Peer to peer model (some can be client <-> server <-> client)
  • Voice recording broken into small packets and sent to peer in “real-time” using UDP
  • Priority is ensuring fast communication so that conversation doesn’t get out of sync
  • If some packets are lost the human brain can fill in the missing data (to an extent)

Deep dive into networking distech controls optigo networks transport and application layers

Simple Mail Transfer Protocol (SMTP)

  • Application’s that exchange emails between users across the network
  • Uses TCP messaging between sender’s and recipient’s email servers
  • Two-way client server model (sender = client, receiver = server)
  • Other related protocols or extensions: POP3 & IMAP

Deep dive into networking distech controls optigo networks transport and application layers

Simple Network Management Protocol (SNMP)

  • Used by network devices to provide their status to network (BACnet of IT world)
  • Client server model where the client is any management system needing SNMP data and the server is the management information base (MIB) located on the device
  • Client uses UDP message format to request data and MIB responds likewise
  • Also can send Alarms/Traps from the device using similar UDP messages
    • Issue: unreliable – alarms/traps can be missed!

Deep dive into networking distech controls optigo networks transport and application layers

Secure SHell (SSH)

  • Applications used to remotely connect to and execute commands on servers
  • Client server application
  • TCP based messaging exchanges request and response
  • SSH has a secure session while Telnet does not
  • Delay is OK but need to make sure the messages are acknowledged by the remote server

Deep dive into networking distech controls optigo networks transport and application layers

Secure File Transfer Protocol (SFTP)

  • Transfer of encrypted files between a client and server
  • Uses TCP to ensure file integrity and security
  • More secure that the old FTP method

Deep dive into networking distech controls optigo networks transport and application layers

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore