Ok, so I'm a newbie to this, coming from a nOwl coax system installed 9 years ago when I built my retirement home. At the time I used the COAX cable provided and was blissfully ignorant of the potential I was missing with my choice. In fairness to my ignorance, IP camera systems then were not as readily available as today. So as I read about the capability of BI several questions arise in my mind that perhaps can be touched upon here!
1) is there intelligence in the cameras that offload some of the work from the BI software that are meaningful and cost effective. Example - a license plate reader might be helpful but those cameras are cost prohibitive.
2) It seems that a M.2 drive a SATA3 SSD and a 8TB spinning HD are a good baseline to start with. I've read and watched several videos about hardware and optimizations but have found little mention of the resource load on the LAN!
3) So is subletting - port bonding in the switch- and something like a Inter Pro/1000 4 port NIC worth the time and trouble - or money spent in the wrong direction?
My goals are to have a 8 to 12 camera system with 24/7 storage with a 30 to 45 day retention policy. I would also like to access this thru some vpn portal with my Android phone or perhaps a laptop. One problem I have is my location which is NOT bandwidth favorable - rural DSL
The notification to the Smartphone would be a welcome addition - something with all the false positives I get now must remain unused!
Any suggestions are welcome and appreciated.
Multiple NIC's and subnetting
-
- Posts: 1
- Joined: Sun Jun 27, 2021 3:34 pm
Re: Multiple NIC's and subnetting
A complicated email to respond to, but let's try:
1. BI5 has ALPR integrated (subscription ?) which I assume works with a normal camera pointing where you need to read number plates. Obviously the right camera/ resolution/ field of view and lighting is required.
2. If your LAN is gigabit then it shouldn't cause any problems for a home installation. However I have a physically separate second wired network going to a second NIC in the BI5 pc which fully prevents home LAN congestion. That was done to stop the cameras calling the mothership
3. Just two ordinary NIC's for me. One on the home LAN, and one on the CCTV LAN
4. I presently have nine cameras of various resolutions up to 1080. I have a seperate 250GB SSD for BI5 database and the "New" folder, and a 14TB hard drive for the "Stored" folder. With some cameras on 24/7 recording, and others on motion trigger, I get around 2-3 months of video.
The biggies with BI5 are now sub-streams and direct to disk. If you are able to use H265 streams with D2D then you are saving hard drive space.
8 to 12 cameras with 24/7 storage and 30+ day retention ? I used this website to try and get a handle on the required hard drive https://felenasoft.com/xeoma/en/help/calculator/ It seems fairly close to what I ended up with, even though it's not a BI tool.
1. BI5 has ALPR integrated (subscription ?) which I assume works with a normal camera pointing where you need to read number plates. Obviously the right camera/ resolution/ field of view and lighting is required.
2. If your LAN is gigabit then it shouldn't cause any problems for a home installation. However I have a physically separate second wired network going to a second NIC in the BI5 pc which fully prevents home LAN congestion. That was done to stop the cameras calling the mothership
3. Just two ordinary NIC's for me. One on the home LAN, and one on the CCTV LAN
4. I presently have nine cameras of various resolutions up to 1080. I have a seperate 250GB SSD for BI5 database and the "New" folder, and a 14TB hard drive for the "Stored" folder. With some cameras on 24/7 recording, and others on motion trigger, I get around 2-3 months of video.
The biggies with BI5 are now sub-streams and direct to disk. If you are able to use H265 streams with D2D then you are saving hard drive space.
8 to 12 cameras with 24/7 storage and 30+ day retention ? I used this website to try and get a handle on the required hard drive https://felenasoft.com/xeoma/en/help/calculator/ It seems fairly close to what I ended up with, even though it's not a BI tool.
Forum Moderator.
Problem ? Ask and we will try to assist, but please check the Help file.
Problem ? Ask and we will try to assist, but please check the Help file.
Re: Multiple NIC's and subnetting
I second the whole network segmentation to prevent cameras from calling home. Most do it under the guise of "app" compatibility, but the reality is I've seen a number of these devices call home to servers in China. The optimist might say they do it for "improvement," but I'll keep my camera data here all the same, thank you.
If your firewall has the features, you can block the camera IPs from hitting the WAN entirely. Because I have Layer3 Juniper switches, I segment cameras and IoT devices and block the whole subnet from hitting the Internet. I strongly encourage any tinkerers that are interested to try Linux/BSD-based firewalls, as you'll get 9/10 of the Enterprise features at a fraction of the cost. Of course, you have to have the desire to learn such things and more than a little bit of patience at first, but in the end you may find it rewarding. pfSense and Sophos UTM (formerly Astaro Gateway) are two great distros to start with.
Bonded NICs (LACP, link-aggregation, EtherChannel, LBFO, Teaming, etc., depending on the technology and specific standard) is a great feature, but not for the reason the most people think. Teaming/bonding is useful for load-balancing and redundancy. Many people think it increases maximum single-threaded throughput - it does not. Essentially a 4-port NIC could support 4 simultaneous 1 Gbps I/O streams but not 1 x 4 Gbps, even though the OS may give you this impression. It also seamlessly fails-over in the even of a cable/NIC port/switch port failure. You also need an LACP-capable switch to get the most benefit from teamed NICs.
In actuality an NVR is a pretty good candidate for teaming/bonding, but in the end you likely won't saturate that 1 Gbps connection like TimG said. That said, if you want to play, ebay everything. Four-port Intel and Broadcomm PCIe NICs can be had from working server pulls for pennies on the dollar.
As far as disks are concerned, an SSD for the DB is hard to beat, as TimG also said. I virtualize and all my VMs are on RAID-10 SSD arrays, so I have theoretical throughput and IOPs to spare. Spindles are just fine for recording, I prefer RAID-10 for both performance and protection from drive failure. You might be pleasantly surprised to find that you can hit nearly SATA SSD read-write speeds from a 4-disk RAID-10 with commodity 7.2k RPM drives.
If your firewall has the features, you can block the camera IPs from hitting the WAN entirely. Because I have Layer3 Juniper switches, I segment cameras and IoT devices and block the whole subnet from hitting the Internet. I strongly encourage any tinkerers that are interested to try Linux/BSD-based firewalls, as you'll get 9/10 of the Enterprise features at a fraction of the cost. Of course, you have to have the desire to learn such things and more than a little bit of patience at first, but in the end you may find it rewarding. pfSense and Sophos UTM (formerly Astaro Gateway) are two great distros to start with.
Bonded NICs (LACP, link-aggregation, EtherChannel, LBFO, Teaming, etc., depending on the technology and specific standard) is a great feature, but not for the reason the most people think. Teaming/bonding is useful for load-balancing and redundancy. Many people think it increases maximum single-threaded throughput - it does not. Essentially a 4-port NIC could support 4 simultaneous 1 Gbps I/O streams but not 1 x 4 Gbps, even though the OS may give you this impression. It also seamlessly fails-over in the even of a cable/NIC port/switch port failure. You also need an LACP-capable switch to get the most benefit from teamed NICs.
In actuality an NVR is a pretty good candidate for teaming/bonding, but in the end you likely won't saturate that 1 Gbps connection like TimG said. That said, if you want to play, ebay everything. Four-port Intel and Broadcomm PCIe NICs can be had from working server pulls for pennies on the dollar.
As far as disks are concerned, an SSD for the DB is hard to beat, as TimG also said. I virtualize and all my VMs are on RAID-10 SSD arrays, so I have theoretical throughput and IOPs to spare. Spindles are just fine for recording, I prefer RAID-10 for both performance and protection from drive failure. You might be pleasantly surprised to find that you can hit nearly SATA SSD read-write speeds from a 4-disk RAID-10 with commodity 7.2k RPM drives.
Re: Multiple NIC's and subnetting
TimG, would you kindly expand on the configuration of the CCTV LAN? I'm just starting to set mine up, and for the time being, I just did not put any default gateway on that NIC so any camera IP traffic does not know how to be routed forward. Also, can I block any traffic from the camera IP at the firewall, or will that cause problems with streams and notifications? I'm assuming the Blue Iris app is handling all this?TimG wrote: ↑Fri Jul 02, 2021 6:29 pm A complicated email to respond to, but let's try:
1. BI5 has ALPR integrated (subscription ?) which I assume works with a normal camera pointing where you need to read number plates. Obviously the right camera/ resolution/ field of view and lighting is required.
2. If your LAN is gigabit then it shouldn't cause any problems for a home installation. However I have a physically separate second wired network going to a second NIC in the BI5 pc which fully prevents home LAN congestion. That was done to stop the cameras calling the mothership
3. Just two ordinary NIC's for me. One on the home LAN, and one on the CCTV LAN
4. I presently have nine cameras of various resolutions up to 1080. I have a seperate 250GB SSD for BI5 database and the "New" folder, and a 14TB hard drive for the "Stored" folder. With some cameras on 24/7 recording, and others on motion trigger, I get around 2-3 months of video.
The biggies with BI5 are now sub-streams and direct to disk. If you are able to use H265 streams with D2D then you are saving hard drive space.
8 to 12 cameras with 24/7 storage and 30+ day retention ? I used this website to try and get a handle on the required hard drive https://felenasoft.com/xeoma/en/help/calculator/ It seems fairly close to what I ended up with, even though it's not a BI tool.
Many thanks,
LINKn8r
Re: Multiple NIC's and subnetting
Your cameras need zero access to anything (unless you're doing timestamps on the video... then MAYBE need DNS and NTP) so yes you can firewall block it all or just have no default gateway on the cameras. The server will connect to cameras to get the streams and the server is what does all internet communications are with (notifications, watching streams, etc).
Blue Iris 5.9.4.x | Server 2022 VM | Xeon E5-2660 v3 @ 2.60GHz - 16 Cores | 24GB RAM | 8TB RAID | Sophos UTM WAF | Mostly various SV3C Cameras
Re: Multiple NIC's and subnetting
It was all a bit chaotic on settings, as some cameras complain if you haven't filled parts in correctly, and others just save the settings. The first proof of success was trying to online update the cameras on the new LAN which they couldn't do. Also, the CCTV NIC shows "No Network Access" for ipv4 and ipv6 even though I can see activity in the numbers below and BI5 is working.
I'm no expert at this, I just had a go and it worked. My next idea was not to use a router on the second NIC. I had no idea if it would work ! Each of the cameras have a static IP address and it just works. I try not to think about it too much
I did at one time use ntp, and some cameras could use this one but not that one and others would only work with a different one. More chaos. With the network segregation they all lost the clock, so I tried a ntp server on the BI5 pc. Once again, some worked, and others didn't. I now let BI5 put the time stamp on. It doesn't seem to load up the cpu, and they are all synchronised.
I'm no expert at this, I just had a go and it worked. My next idea was not to use a router on the second NIC. I had no idea if it would work ! Each of the cameras have a static IP address and it just works. I try not to think about it too much
I did at one time use ntp, and some cameras could use this one but not that one and others would only work with a different one. More chaos. With the network segregation they all lost the clock, so I tried a ntp server on the BI5 pc. Once again, some worked, and others didn't. I now let BI5 put the time stamp on. It doesn't seem to load up the cpu, and they are all synchronised.
Forum Moderator.
Problem ? Ask and we will try to assist, but please check the Help file.
Problem ? Ask and we will try to assist, but please check the Help file.
Re: Multiple NIC's and subnetting
I'm sure I posted on this thread before but a recent glitch meant that all my posts got removed.
My BI PC like others here has 2 network cards installed. 1 is connected to my home network, the other to a POE switch (CCTV LAN) which all the cams are plugged into. All cams have static IPs set as there is no DHCP service on the CCTV LAN. My BI PC also runs an NTP service and all the cams are set to sync with that service else I've found that the time on them drifts. I also don't tend to use BI overlays, for example to get the date/time on the recordings as when I first started off that was regarded as a no-no?
I think provided you can go down the dual network card route, this is the easiest and simplest to setup and effectively blocks the cams from trying to get out on the internet. Another advantage of the separate networks is that it keeps all the CCTV traffic off your main home network, yes this can be done using VLANs but not everybody has an in depth grasp of networking and VLANs.
My POE switch is a layer 2 switch and does support VLANs but using the dual network cards above means that you don't have to dabble with VLANs unless you really want to, I do have VLANs setup on the switch but beyond that I've not really made much use of VLANs.
My BI PC like others here has 2 network cards installed. 1 is connected to my home network, the other to a POE switch (CCTV LAN) which all the cams are plugged into. All cams have static IPs set as there is no DHCP service on the CCTV LAN. My BI PC also runs an NTP service and all the cams are set to sync with that service else I've found that the time on them drifts. I also don't tend to use BI overlays, for example to get the date/time on the recordings as when I first started off that was regarded as a no-no?
I think provided you can go down the dual network card route, this is the easiest and simplest to setup and effectively blocks the cams from trying to get out on the internet. Another advantage of the separate networks is that it keeps all the CCTV traffic off your main home network, yes this can be done using VLANs but not everybody has an in depth grasp of networking and VLANs.
My POE switch is a layer 2 switch and does support VLANs but using the dual network cards above means that you don't have to dabble with VLANs unless you really want to, I do have VLANs setup on the switch but beyond that I've not really made much use of VLANs.
Re: Multiple NIC's and subnetting
I'm as sure as I can be that I started using it when they stated it wouldn't load the cpu. I remember it made no difference at all to cpu loading when I changed them over. The uniform appearance of date/time, and proper sync of the time on all cameras was the icing on the cake.I also don't tend to use BI overlays, for example to get the date/time on the recordings as when I first started off that was regarded as a no-no?
Forum Moderator.
Problem ? Ask and we will try to assist, but please check the Help file.
Problem ? Ask and we will try to assist, but please check the Help file.