KNX over IP

New Solutions for KNX Installations

WEINZIERL ENGINEERING GmbH

Achatz 3
DE-84508 Burgkirchen / Alz
Germany

Phone +49 (0)8677 / 91 636 – 0

info@weinzierl.de
www.weinzierl.de

© 2020 Weinzierl Engineering GmbH Page 1/12

Content

1 Introduction: KNX TP and KNX IP .............................................................................. 3

2 KNX: Three Media, one Standard .............................................................................. 3
3 Tunnelling: PC Access via a LAN Connection ............................................................ 4
4 More Performance: Routing in Hierarchical Architectures .......................................... 5
5 Object Server: From Telegram to Data Point ............................................................. 6
6 Example: Application of the REST Services ............................................................... 8
7 Powerful: KNX IP Only Devices.................................................................................. 9
8 Additionally secure: KNX IP Security........................................................................ 11
9 Overview KNX IP Devices ........................................................................................ 12

© 2020 Weinzierl Engineering GmbH Page 2/12

1 Introduction: KNX TP and KNX IP

While KNX has established itself as the world's most important standard in building automation,
Ethernet (also often referred to as IP - Internet Protocol) has developed into a universal
communication solution for automation tasks.
Due to the different system properties, KNX and Ethernet can complement each other perfectly.
Thus, IP in KNX is not only used for interfaces, but is also specified as an independent medium in
the KNX standard.
The introduction of KNX Security was an important milestone for the broad use of IP in KNX
installations. Here KNX has positioned itself for the future like no other building automation protocol.

Photo: KNX IP LineMaster 762 Photo: KNX IP Multi IO 580 (48 I/O)

2 KNX: Three Media, One Standard

KNX TP (Twisted Pair)
The advantages of the KNX bus lie in the optimal adaptation of the KNX system to the special
requirements of building control. Using a single pair of wires (TP Twisted Pair), decentralised
devices can not only be networked but also supplied with power. The comparatively low bandwidth
of 9600 bits per second is sufficient for communication within a bus line, but allows long cable
lengths and a free topology.
At the same time, the low transmission speed reduces the power requirements of the devices, since
the power consumption of microcontrollers depends largely on the clock rate. KNX TP is simple and
cost-effective to install, as the bus can be looped through from one device to the next without a hub
or switch. Last but not least, KNX devices are functionally and mechanically specially designed for
installation technology.

© 2020 Weinzierl Engineering GmbH Page 3/12

KNX RF (Radio Frequency)
KNX RF (Radio Frequency) stands for KNX radio and is the wireless alternative within the KNX
standard. In installation locations that are difficult or impossible to be connected by cable, KNX RF
offers the possibility to transmit data wirelessly within a building. With a radio frequency of 868.3
MHz, KNX RF has a very good penetration of walls. As with KNX TP, the number of transmittable
telegrams per second is approx. 50. The configuration of the radio devices in system mode is
possible with the ETS® software version ETS5 or higher.
KNX IP (Ethernet / IP)
The decisive advantages of Ethernet on the other hand are its high bandwidth at relatively low
equipment costs and its enormous distribution. Ethernet is now used not only for networking
computers in the office, but also for multimedia applications in the home or in industrial automation.
Despite and also because of the high transmission speed, LAN networks cannot replace the KNX
bus. Instead, the combination of KNX TP and LAN is an optimal solution for future building
automation. KNX TP is primarily suitable for local control, while LAN is used for cross-system
communication. Control commands can be transmitted in a LAN network together with Internet use,
PC networking or multimedia. Overall, this results in a hierarchical architecture of building
networking.

3 Tunnelling: PC Access via a LAN Connection

An important application of Ethernet/IP in the KNX system is the interface function to the bus.
KNXnet/IP tunnelling describes the access, for example from a PC to a KNX network during
configuration and commissioning. The focus is always on the connection of a client (PC) to a bus
line. The tunnelling procedure V1 (without security) uses exclusively UDP, but includes a security
layer so that telegrams are repeated in the event of an error. Version V2 was introduced together
with KNX IP Security and now also supports TCP connections

Usage of the KNXnet/IP Standards Tunnelling

The tunnelling protocol can be selected in ETS in the Connection Manager and is also suitable for
remote access via the Internet. It can also be used to connect a visualization to a bus line. The
Tunnelling Protocol also supports the bus monitor function.

© 2020 Weinzierl Engineering GmbH Page 4/12

4 More Performance: Routing in Hierarchical Architectures
A major motivation for expanding the KNX system with Ethernets/IP is to increase the transmission
capacity of the overall system. The transmission speed of KNX TP is fully sufficient to form a bus
line with up to 256 devices. However, a much higher bandwidth may be required in the backbone
across lines. This is particularly the case if there are central devices in the system, such as
visualization systems, to which all telegrams are to be transmitted. In this case no selective routing
can be performed.

Usage of the KNXnet/IP Standards Routing

Thus, the large bandwidth of a LAN network offers an optimal solution. While KNX TP can only
transmit a maximum of approx. 50 telegrams per second, in the LAN it is already more than 10,000
at 10 Mbit/s. In order to process this amount of telegrams without losses, both high computing
power and a corresponding telegram buffer from IP to KNX TP are required.
Since the use of the Ethernet as a backbone is of great importance for the system, a corresponding
protocol was standardized in KNX. The KNXnet/IP specification describes in the Routing sub-item
how KNX/IP routers forward telegrams via IP. For forwarding via Ethernet, the KNX telegrams are
individually packed into UDP/IP telegrams and sent as multicast telegrams via Ethernet. All KNX/IP
routers in the network can receive these telegrams at the same time and decide, based on their
routing table, whether to forward the telegram into the connected KNX line. For a secure
transmission, KNX IP Security has also introduced an encrypted transmission of routing telegrams.
The routing protocol is suitable for connecting any number of visualizations to a KNX installation
with IP backbone, but does not support the bus monitor format.

© 2020 Weinzierl Engineering GmbH Page 5/12

5 Object Server: From Telegram to Data Point
For an increasing number of devices, such as in the field of multimedia or security technology, the
exchange of control information with building automation is important. For certain devices, however,
it is advantageous not to access the bus directly. Instead, a connection to KNX can also be
implemented via IP/Ethernet. Communication via Ethernet is particularly interesting for devices that
have a network connection anyway.
If the protocol stack for TCP/UDP/IP is already available in the operating system used, applications
can communicate with other devices via Ethernet and thus also via KNX with little effort. This is the
case with many Linux-based devices.

Typical application of the KNX IP BAOS

If tunnelling or routing were used for such a solution, the devices could access the KNX network, but
would still have to compile or interpret KNX telegrams
It is much easier if a special KNX IP interface takes over this task. The KNX IP BAOS devices
(BAOS stands for "Bus Access and Object Server") provide access to telegram level as well as the
configured data points of the building as object server. This means that the KNX stack in the device
assigns received telegrams to the corresponding communication objects and stores their data in
memory. Registered clients are informed about every change, but can also retrieve the data
independently. The data of the communication objects are updated on receipt even if no client is
connected. This enables a smartphone, for example, to read the process image from the BAOS
interface without any loss of time when establishing a connection, without loading the KNX bus. In
order to send data to the bus, a client can access the communication objects by writing. The device
can independently generate and send group telegrams.
The configuration of the data points is done with the help of the ETS (Engineering Tool Software). In
the ETS, the interface appears like a conventional bus subscriber. The data types of the
communication objects are set via the parameter dialog. The group addresses can then be assigned
as usual.

© 2020 Weinzierl Engineering GmbH Page 6/12

Overview BAOS protocol Photo: KNX IP BAOS 773/774

A client can thus access the data points using the BAOS protocol without having to know the syntax
of KNX telegrams. It addresses the data points by their number as they are displayed in the ETS. If
group addresses in the KNX network are changed, the interface is automatically updated by an ETS
download. It is not necessary to change the configuration of the client.
The KNX IP BAOS 773/774 provides two different BAOS protocols:
• Firstly, the devices support the so-called KNX BAOS Binary Protocol. It is available both
via TCP/IP and UDP/IP. The binary protocol is particularly suitable for devices that are
programmed with classic programming languages such as C, C++ or C# and support IP
sockets. However, it is hardly possible to use the KNX BAOS Binary Protocol from a web
browser:
• For this reason, access to the Object Server can now alternatively be made via the new
KNX BAOS Web Services based on Java Script Object Notation (JSON). Thus, the KNX IP
BAOS 773/774 can be directly integrated into own web applications. The Web Services have
the same functional range as the KNX BAOS Binary Protocol, but use a text-based syntax,
which is sent via HTTP (TCP/IP, Port 80). The web services do not include a graphical user
interface. This must be created separately, typically in HTML and Java Script, and can be
stored in the client memory, for example.
In addition to the functionalities of the KNX IP BAOS 773/774, the KNX IP BAOS 777 contains
REST Services.

© 2020 Weinzierl Engineering GmbH Page 7/12

6 Example: Application of the REST Services
In addition to the features of the KNX IP BAOS 773/774 models, the KNX IP BAOS 777 also has an
integrated web server that allows access to the device settings in a standard web browser on a PC
or mobile device such as a smartphone or tablet.
With the help of the ETS database with building structure, the web server offers an automatically
generated visualization and comfortable control for the entire KNX installation. The data from the
KNX IP BAOS 777 is displayed graphically in the browser and the functions can be accessed
directly. Time functions and time courses are also available via the web interface.
To access the web application, simply enter the IP address of the KNX IP BAOS 777 in the browser.
The IP address of the device can be seen in the OLED display of the device. As soon as a
connection to the device is established, the login page appears with access to the visualization and
control.

KNX IP BAOS 777 Visualization in the Web browser KNX IP BAOS 777 Email Function

With the integrated email function, it is now easy and convenient to have notifications sent to a
mobile device such as a smartphone or tablet when changes are made to the individual functions.
The device also allows a connection to a time server, which synchronizes the system time in the
KNX installation with an external time server.

© 2020 Weinzierl Engineering GmbH Page 8/12

7 Powerful: KNX IP only devices
"KNX IP only" means "KNX exclusively via IP", i.e. KNX communication via the Internet Protocol in a
computer network. What at first glance may sound like a limitation and replacement of the proven
TP medium of building automation is rather a powerful extension of the KNX system which enables
a whole new class of KNX devices.
In addition to end devices with a KNX TP connection and KNX IP as backbone, it is also possible to
connect the end devices directly with KNX IP to the building installation.

Application of a KNX IP only device Photo: KNX IP Multi IO 580 (48 I/O)

This allows - as shown here as an example with the KNX IP Multi IO 580 - a direct connection to an
existing LAN if no KNX TP line is available or if a high data rate is required for this device. This is
also useful for devices that already have an IP connection, e.g. a VoIP telephone that is to be
equipped with KNX functionality by the manufacturer.
The KNX IP only device Multi IO 580 can be programmed by the ETS in several ways:

KNXnet/IP Routing
Programming via KNXnet/IP routing is possible if the
device already has a valid IP configuration (e.g. via
DHCP or Auto IP). The routing interface appears in
the ETS if at least one device is visible in the network
which supports routing. The name of the network
interface in the PC appears as designation.
If Routing is selected as interface, the programming
is done from the ETS project as with other devices.
In this case the LAN is used as KNX medium similar
to TP. No additional interface device is required.

© 2020 Weinzierl Engineering GmbH Page 9/12

 Via a direct IP connection
While KNXnet/IP routing is limited to the speed
of KNX TP, the device can be loaded at high
speed via a direct IP connection. The direct IP
connection is possible if the device already has
both a valid IP configuration and a physical
address. For this purpose, the selection "Use
direct IP connection if available" must be
selected in the ETS menu under "Bus -
Connections - Options". The download is then
performed directly into the device and is not
visible in the ETS group monitor. Due to the
significantly shorter transmission times, it is
recommended to perform downloads via a
direct IP connection.
KNX can also be used over IP for lighting control, providing completely new installation options in
two respects: KNX Blue IO is a new series of LED dimmers for installation outside the control panel
with a total of four outputs for dimming LEDs with functions for RGB/RGBW and TW (Tunable
White). The KNX Blue IO with its flat design is optimised for installation in furniture or ceilings and is
available for KNX TP, KNX RF and KNX IP.
via Ethernet the KNX telegrams are packed individually into UDP/IP telegrams and sent as multicast
telegrams via Ethernet. All KNX/IP routers in the network can receive these telegrams
simultaneously and decide, based on their routing table, whether to forward the telegram to the
connected KNX line.
The routing protocol is suitable for connecting any number of visualisations to a KNX installation
with IP backbone, but does not support the bus monitor format.

Photo: KNX Blue IO family

With the variants for KNX IP, the dimming actuator can be connected directly to the IP network of a
building with full compatibility with the KNX system and ETS. On models that also support Power-
over-Ethernet (PoE), the connected LED lamps can be supplied directly via the network cable. They
only require an Ethernet connection, but no additional power supply. This opens up new installation
possibilities and represents a further step towards the "digital ceiling".

© 2020 Weinzierl Engineering GmbH Page 10/12

8 Additionally secure: KNX IP Security
KNX IP Security is a pragmatic approach, which assumes that the main point of attack is at the IP
level. KNX Twisted Pair is assumed to be relatively secure as a local medium that is located in the
wall. On the other hand, IP communication is often connected to the Internet and is therefore
vulnerable to attack from a distance.
KNX IP Security secures KNX IP communication, while communication on KNX TP remains
unencrypted. The main advantage of this approach is that existing KNX TP devices and installations
can continue to be used unchanged. Only the KNX IP devices, mainly KNX IP interfaces and KNX
IP routers, need to be replaced.
KNX IP includes the routing protocol, which is used for IP backbones but also represents the
medium KNX IP. On the other hand, the tunnelling protocol is used to allow a client (for example
ETS) to access a TP line via IP. While KNX IP routers usually implement both protocols, KNX IP
interfaces only support the tunnelling function.

Photo: KNX IP Interface 732 secure and

Overview: KNX Data Security und KNX IP Security
KNX IP Router 752 secure

As different as the two applications of KNX IP are, as different are the respective extensions for
security. With the Secure Routing protocol, which is based on UDP Multicast, a common key is used
to encrypt the entire KNX IP routing communication. A special feature is the telegram counter during
routing. This is time-based and thus represents a time stamp that allows obsolete telegrams to be
detected. The common system time is continuously synchronized between the devices.
With the tunnelling protocol, the client and KNX IP device (KNXnet/IP server) first build a secure
channel using the so-called Diffie-Hellmann method. Only then are the user ID and password
transmitted. A new feature of KNX Secure Tunnelling is the possibility to establish the connection
with TCP.

© 2020 Weinzierl Engineering GmbH Page 11/12

9 Overview KNX IP Devices
Weinzierl Engineering offers powerful KNX IP devices for various applications. All KNX IP devices
from Weinzierl are based on a 32-bit architecture and are specially optimized for KNX solutions. A
functional overview is shown in the following table:

Features KNXnet/IP KNXnet/IP BAOS IP KNX IP Integrated Power Powered

Tunneling Routing Security Powersupply over over the
Binary Web REST
(Interface for (Line Coupler for the KNX Ethernet KNX Bus
e.g. ETS) via LAN)
Services Services Services
Device Bus (PoE)

KNX IP
Interface
732 secure
KNX IP Router
752 secure
KNX IP
LineMaster
762
KNX IP BAOS
773/774
KNX IP BAOS
777

© 2020 Weinzierl Engineering GmbH Page 12/12