I was able to get it work.
This is the working config now, the forwarder dont know needed buts it was a trial and error now:
interface vlan 66 – server side
ip address 172.16.66.2/24
ip helper-address 172.16.68.60
ip helper-address 172.16.68.61
ip helper-address 172.16.68.62
ip helper-address 172.16.68.63
ip forward-protocol udp 172.16.68.60 47808
ip forward-protocol udp 172.16.68.61 47808
ip forward-protocol udp 172.16.68.62 47808
ip forward-protocol udp 172.16.68.63 47808
ip directed-broadcast
interface vlan 68 – client side
ip address 172.16.68.2/24
ip helper-address 172.16.66.99
ip forward-protocol udp 172.16.66.99 47808
ip directed-broadcast
Original Message:
Sent: May 19, 2025 09:32 AM
From: r.grossmann
Subject: Aruba CX8100 forward broadcast Bacnet discovery problem
Hi,
sorry I'm not familiar with BACnet, so it does maybe not help.
If the BACnet devices are not IP enabled, there is nothing you can do on the Switches or the PaloAlto Firewall.
If they are IP enabled (BACnet/IP):
If the VLAN SVIs (Default Gateway) lay on the Palo Alto Firewall and there is no IP on the Switches for the appropriate VLANs, than there's nothing you can do on the Switches.
The the Palo Alto Firewall has to be configured to route BACnet Broadcasts from one IP subnet to another.
If you have appropriate VLAN SVIs on the Switches (and use transfer networks to Firewall), then and only then the switches could be involved.
Not sure if ip-helper helps, guess it intercepts only DHCP Packets on udp/69. But yeah it forwards these Packets (Broadcasts and Unicast) to the desired server.
ip directed-broadcast enables a interface to send out an Broadcast received from outside the interface. I have used it a far years ago on Juniper and Cisco for remote Wake on LAN.
Another thing you can try is the "ip forward-protocol" command (try on interface Vlan 1 "ip forward-protocol udp OTHER-VLAN-IP 47808" and maybe with global command "ip udp-bcast-forward" and on interface Vlan 2 "ip directed-broadcast").
But maybe this all is meaningless and you need dedicated BACnet Routers or BACnet Gateways or BBMDs (BACnet Broadcast Management Devices).
Enabling the routing mode • BACnet Controller Integration Technical Bulletin • Reader • OpenBlue, Building Automation and Controls Knowledge Exchange
BACnet Routers from Control Solutions
Get to Know BACnet, BACnet/IP and MS/TP? | Optigo Networks
What is a BACnet BBMD
Hope you will get it working!
Kind regards
Robert
Original Message:
Sent: May 16, 2025 05:56 PM
From: bolvar
Subject: Aruba CX8100 forward broadcast Bacnet discovery problem
Dear Guys!
Am now at aruba and immediately into deep. I have to install a 8100 with VSX, the switch stack is L2 in my inviroment, FW is a Palo Alto.
I have two vlan for the bms and lightning systems, and now i need to forward bacnet discovery from the 2 vlan.
I search the docs and the forum, but not found any solution what works.
In the docs i found to setup both vlan the ip direct broadcast, but not worked, looked deeper that maybe i need ip helper, but not getting how do its actually need to setup up.
Is it possible to do this on the aruba?
Thank you for the help!
bolvar