![]() ![]() But joining the same subnet still gives access to the cameras (Android app), even under these circumstances. No other ARP/DNS timeouts reported for other devices on the IoT VLAN, although some TCP latency every now and then. ![]() So, I can't really see it should be a router issue from the Unifi Dream Machine Pro. Something fishy is going on, indeed, but it is across E1s, so I can't see how it should be a malfunctioning camera I have, as the batch of E1s show the same (unwanted) and identical behavior. #Scw networker pro cameras in other subnet software.#Scw networker pro cameras in other subnet update.#Scw networker pro cameras in other subnet install.I would highly recommend taking the next IPVM networking class. ![]() Knowing your customer well is the first step to choosing the correct option. There are cost and security trade-offs with each option. There are no absolute rights an wrongs here. But, if they don't have any of these requirements, option 1 will be your only choice, unless you add a better router ahead of the existing router. If your client has managed switches, a robust router, and an adept IT dept, then option 3 is the most practical. Now, deciding which is best for you is the hard part. Under this scenario, you would have the camera and corporate LANs on the same switches and router, but configured as virtual LANs (VLANs), which means each LAN would be segregated by use of switch and router configuration. Under his one NIC scenario, nothing is segregated, physically or logically.)Ĥ) Virtually segregating the networks via VLANs. ![]() (Matt Ion's way of using one NIC isn't the same as this scenario. Under this scenario, your recording device, whether it's a VMS server or a dedicated NVR, will need to have multiple network interfaces one facing the camera LAN and one facing the corporate LAN. This could be restricted to the bare essential ports and protocols, enhancing security.ģ) Physically segregated, but using multiple network cards in your server/NVR Under this scenario, you could provide access through the router from the corporate LAN to the camera LAN, if desired. Under this scenario, the camera LAN would still have it's own switches, but would be using an alternate port on a shared router. Under this style of network, the camera LAN would only be accessible by the corporate LAN via an internet connection.Ģ) Physically segregated network, but sharing a router. I will lay out some of the basics and see if you want to give more input from there.ġ) Completely segregated network with it's own switches, router, internet connection, etc. Choosing which way is best for you would take much more info. There are many ways to accomplish what you are asking. I agree this works, I do it myself all the time when working with cameras of different subnets.īut it doesn't reduce traffic and its likely to confuse the IT guys. With video payloads, this is not insignificant. In addition, whenever a switch doesn't have an ARP table entry for an IP, it broadcasts the data frames to everyone, hoping someone will claim it. After some number of hosts, the clutter becomes more than the data. This clutter is one of the reasons to keep ethernet domains smaller in size. Lots of things get broadcast, DHCP, ARP, NetBios, LLDP. Sure it might fool the IT admins for a while, but if for instance the NVR has DHCP enabled, (they often do by default), you will give out 192.168.2.xxx addresses to the 10.x crowd, and bye-bye internet. Why? Because without a router, the switches are looking at the same exact traffic with your solution as without, they could care less that the cameras are now on the 192.168.2.xxx network. Your suggestion does absolutely nothing to change this impact. Matt, the OP is clearly talking about reducing the impact to the corporate lan from the network cameras. ![]()
0 Comments
Leave a Reply. |