What does a Malformed packet mean in BacNet MSTP? Has Anybody else seen this?

We have had some vendors use our product and are having difficulty with our products on their MSTP. Wireshark shows Malformed packets. What does this mean and how can we resolve it?

2 Answers

Could it be due to an MSTP/communication issue (or even a buggy packet-builder implementation of BACnet)? E.g. A faulty/damaged cable maybe (or other common MSTP issue).

When a Wireshark dissector, the code that handles a particular protocol, is unable to make sense of the traffic either due to non-compliant traffic or a bug in the dissector the result is often shown as a Malformed packet.

If you can share such a capture on a public share and post a link to it back here more may be said about the particular errors you are seeing.

