search

JoelBender / BACpypes3

BACnet communications library
33 stars 7 forks source link

No response(s) #48

Open xkostrna opened 1 month ago

xkostrna commented 1 month ago

The problem

After restarting bacnet device we no longer recieve response to the Who-Is service.

Use-Case

  1. We initialize the bacnet stack using this command: py -m bacpypes3 --address 192.168.251.3
  2. We sent the whois command to the target ip 192.168.251.5 which is fully functional bacnet device like this: > whois 192.168.251.5
  3. At first we normally recieve the answer: 5 192.168.251.5
  4. We then restart the bacnet connection of the device on IP 192.168.251.5.
  5. After restart we sent the Who-Is request again and we get No response(s) which is correct since the bacnet is loading: No response(s)
  6. After the device is successfully loaded we sent the Who-Is request again and the response is: No response(s)

We are tracking everything with a Wireshark so we see when the device successfully connects to the bacnet. We also see the request and responses between our stack and the device. Everything works fine until we restart the bacnet on the target device. Then we can only see the No response(s) even when in the Wireshark everything seems fine.

Evidence:
bacnet je zly

JoelBender commented 1 month ago

While the application at 192.168.251.5 is down the operating system is sending back the ICMP error, there is no application listening on the port. When it is restarted it responds correctly again, but for some reason 192.168.251.3 isn't processing it. Please run...

py -m bacpypes3 --address 192.168.251.3  --debug bacpypes3.ipv4

and see if you are getting something like this when the I-Am comes back...

DEBUG:bacpypes3.ipv4.IPv4DatagramProtocol:datagram_received b'\x81...

Which should be followed by something like this...

DEBUG:bacpypes3.ipv4.IPv4DatagramServer:confirmation <bacpypes3.pdu.PDU object at 0x79c5075edcf0>
    <bacpypes3.pdu.PDU object at 0x79c5075edcf0>
        pduSource = <IPv4Address 192.168.251.5>
        pduDestination = <IPv4Address 192.168.251.3>
        pduExpectingReply = False
        ...

If the application is not getting PDU then it's not a BACpypes problem, but if it is and you're still getting no response, there's something else going on.

p.s.- when you say "...restart the BACnet connection..." there is no connection in BACnet

xkostrna commented 1 month ago

Sorry for late response.
Thanks for suggestion, I've run bacpypes3 as you suggested with argument --debug. Output of the --debug is working as you stated, I'm able to see PDU objects in both situations. Most important thing is that we figured out the behavior changes when I set my NetworkCategory to Private in Windows.

Situation 1

I run this cmd: 

py -m bacpypes3 --address 192.168.251.3

I send Who-Is to the device on address 192.168.251.5 which is responding normally like this:

> whois 192.168.251.5
5 192.168.251.5

Now I restart the device so it doesn't respond which is OK and after restarting it responses again:

> whois 192.168.251.5
No response(s)
---After while----
> whois 192.168.251.5
5 192.168.251.5

Situation 2

I set the NetworkCategory to private using this command:

Get-NetConnectionProfile -InterfaceAlias 'Ethernet 6' | Set-NetConnectionProfile -NetworkCategory Private

I run this cmd: 

py -m bacpypes3 --address 192.168.251.3

I send Who-Is to the device on address 192.168.251.5 which is responding normally like this:

> whois 192.168.251.5
5 192.168.251.5

Now I restart the device so it doesn't respond which is OK and after restarting i still can't see response in console however in Wireshark yes:

> whois 192.168.251.5
No response(s)
---After while----
> whois 192.168.251.5
No response(s) (even when Wireshark sees actual response)

I have to exit and re-run bacpypes3 to see actual response.