Network Layer Message Types X'12': What-Is-Network-Number and X'13': Network-Number-Is

[duffy-ocraven]

Clause 6.2.4 Network Layer Message Types X'12' and X'13' are seeing adoption. What seeing them should tell a protocol parser to do, is a subject worthy of its own ticket.

X'12': What-Is-Network-Number
X'13': Network-Number-Is

These two message types were invented during a transient period of BACnet history. In 2011, the original 1995 approach to cryptographic obfuscation of on-the-wire traffic which no one implemented, was "discarded" (in terms beyond even the typical BACnet renunciation of past mistakes, which are merely termed: "deprecated"), and a second transient period of BACnet history tried to specify another different cryptographic approach to obfuscation of on-the-wire traffic, which again no one implemented, and which too was then in 2019 "discarded".

But the two message types which had been invented during that transient 2011-2019 period were actually mandated in some devices, so a resigned capitulation to adding them as needless work became the path of least resistance. Every device which implements them is mandated to local broadcast emit one or the other on startup. Typically no one answers, and typically nodes do nothing with the payloads even if they do execute one or both messages. Sometimes an answer is indistinguishable from the mandated initial unilateral broadcast which occurs contemporaneously. They aren't important, as long as they appear in traffic only in this vestigial situation.

But they are either the most information-laden or very-close-to the most information-laden messages which a nefarious outsider could exploit. If they ever appear outside of the mandated initial unilateral broadcast, they are probably notice-worthy.