Network switch not allowing cams to operate at 1gbps

wittaj

IPCT Contributor
Joined
Apr 28, 2019
Messages
24,162
Reaction score
46,821
Location
USA
Then deal with the issues that will come from having a camera on the same network as your internet and going thru a router...

Get a 4 port then and daisy chain LOL
 
Joined
Dec 6, 2014
Messages
3,518
Reaction score
14,583
Location
South Dakota
I literally don't have enough ports on that switch though, and I can't justify getting a 16 port PoE switch just to accommodate one extra cam.
Yes you can--- and your whole network will be better for it.

Look on Ebay for a used enterprise class business switch. You can buy a switch that was originally $800 to $1,200 for under $100...
here is a good one-- 10/100 with a gigabit port to your router and 12 POE ports. under $40 A gigabit version of would be under $100 and all 24 ports would be POE
 
As an eBay Associate IPCamTalk earns from qualifying purchases.

Corvus85

Getting the hang of it
Joined
Aug 18, 2021
Messages
495
Reaction score
79
Location
Australia
Then deal with the issues that will come from having a camera on the same network as your internet and going thru a router...

Get a 4 port then and daisy chain LOL
Again, the problem is also that it's physically impossible to run CAT6 cable from that location to where the switch is directly.
 

wittaj

IPCT Contributor
Joined
Apr 28, 2019
Messages
24,162
Reaction score
46,821
Location
USA
Probably not impossible, just difficult.

Then powerline adapter it and run the data over the electric lines.

Otherwise someday you will be starting a thread about one camera lagging compared to rest or saying your system has been hacked....
 

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,896
Reaction score
21,247
I literally don't have enough ports on that switch though, and I can't justify getting a 16 port PoE switch just to accommodate one extra cam. It also isn't possible to run CAT6 cable from that location to where the switch is directly.
You dont need a 16 port switch, you need a 4 port poe switch to connect to the 8 port. Otherwise try using the router, for one cam it should be ok.
 

Corvus85

Getting the hang of it
Joined
Aug 18, 2021
Messages
495
Reaction score
79
Location
Australia
Were you planning on wifi there??
No, that room with the 8 port PoE switch is also where my router is. From my router, there's CAT6 running to the other side of the house, where it terminates in another 8 port gigabit switch. Connected to that switch (apart from the additional camera) is my NAS, a gaming computer, and an nVidia Shield. The cables were run when the house was built, and due to brickwork being in the way, additional cable runs between these rooms is impossible.

So as you can see, I can't meaningfully isolate that camera from the rest of the traffic on that side of the house because there's only one CAT6 cable connecting the router and the switch in that room.
 

looktall

Getting comfortable
Joined
Sep 3, 2022
Messages
512
Reaction score
744
Location
Australia
The cables were run when the house was built, and due to brickwork being in the way, additional cable runs between these rooms is impossible
not impossible, just expensive.

So as you can see, I can't meaningfully isolate that camera from the rest of the traffic on that side of the house because there's only one CAT6 cable connecting the router and the switch in that room.
VLAN.
 

looktall

Getting comfortable
Joined
Sep 3, 2022
Messages
512
Reaction score
744
Location
Australia
It's going to require having the right network equipment.
Mainly managed switches.
I'm sure there's some detailed posts on here somewhere explaining how to do it but I'm on mobile so it's not easy to search.

Essentially you can configure your switches to treat certain ports as one network and other ports as a different network and the traffic is completely separate despite being on the same physical equipment.
 

Corvus85

Getting the hang of it
Joined
Aug 18, 2021
Messages
495
Reaction score
79
Location
Australia
Essentially you can configure your switches to treat certain ports as one network and other ports as a different network and the traffic is completely separate despite being on the same physical equipment.
Will that involve having to change/allocate different IP addresses/subnets?
 

SpacemanSpiff

Known around here
Joined
Apr 15, 2021
Messages
1,447
Reaction score
2,411
Location
USA
Will that involve having to change/allocate different IP addresses/subnets?
That depends on how your cameras are set-up now compared to your non-camera network. Do the cameras currently have a different IP scheme/range than everything else? If cameras are on the same IP scheme as everything else, then they will need to be re-configured.

Edit: Regardless of your physical network layout. Best practice is to have the cameras on a different subnet
 

looktall

Getting comfortable
Joined
Sep 3, 2022
Messages
512
Reaction score
744
Location
Australia
Best practice is to have the cameras on a different subnet
And if you can't do that, firewall them from reaching the internet.
I have two cameras recording on my NVR which are on the main network, not the NVRs Poe network.
My router is configured to block all but one service port to those two cameras.
The only port that is open for those cameras is 587 so they can send out email alerts.
 

wittaj

IPCT Contributor
Joined
Apr 28, 2019
Messages
24,162
Reaction score
46,821
Location
USA
You are preventing the camera from talking to the internet by firewalling, not the BI computer, so direct to wire in UI3 would still work...
 

Corvus85

Getting the hang of it
Joined
Aug 18, 2021
Messages
495
Reaction score
79
Location
Australia
So it turns out both my smart switches have VLAN capability (as does my router).
If I put all of my cameras (and also my BI machine I'm assuming?) on the same VLAN, how would I access it from my regular LAN?
For example, how would I remote into the server? Also how would I access UI3? What about my various camera feed integrations in Home Assistant?
 

looktall

Getting comfortable
Joined
Sep 3, 2022
Messages
512
Reaction score
744
Location
Australia
Does your bi server have two network cards?
Network card 1 is on your main network (vlan1).
Network card 2 is on your camera network (vlan 2).

You can then run camera traffic and your home network traffic over the one copper cable that runs from one side of your house to the other and they will be completely separated.

Your bi server will still be accessible as per normal via vlan 1.

Normally people can do this without using vlans but it would require running a second cable which you're unable to do.
 

The Automation Guy

Known around here
Joined
Feb 7, 2019
Messages
1,359
Reaction score
2,709
Location
USA
If I put all of my cameras (and also my BI machine I'm assuming?) on the same VLAN, how would I access it from my regular LAN?
For example, how would I remote into the server? Also how would I access UI3? What about my various camera feed integrations in Home Assistant?
VLANs can be hard to understand at first - or at least they don't operate how most beginners think they do. Most beginners (including myself) hear about VLANs and how the isolate and segment their network and assume the devices can never communicate between VLANs. This isn't how they work however. What really happens is that devices on a VLAN can't initiate contact with devices outside of their VLAN (unless specifically set up to do so), but they can always respond to requests from devices outside of their VLAN.

What this means is that you can isolate your cameras on their own VLAN and lock it down so they cannot initiate communication with devices outside of their camera VLAN (let's call it the CameraVLAN). However if you have the rest of your network set up on another VLAN (let's call it the MainVLAN) and you want to pull up the GUI of your BI/NVR machine (which is located in CameraVLAN) from a computer/phone/tablet/etc that is located on the MainVLAN, that won't be a problem if you have set the MainVLAN to be able to communicate with the CameraVLAN.

In that case, devices on the MainVLAN can "see" and communicate with ALL devices on the network including those on the CameraVLAN. However the devices on the CameraVLAN can only "see" the devices on the CameraVLAN and are "blind" to everything else. But just like a blind person can respond to someone speaking to them, the devices on the CameraVLAN can communicate with devices on the MainVLAN when the MainVLAN device starts the "conversation". But the devices on the CamaraVLAN are always "blind" to devices on MainVLAN, so as soon as the MainVLAN devices stops communicating with the CameraVLAN device, the CameraVLAN device doesn't even know the MainVLAN device exists anymore and can't communicate with it until something on the MainVLAN starts another conversation. Hopefully that makes sense.

In your case, as long as you set it up so that your MainVLAN can initiate communication with your CameraVLAN, all those devices you mentioned would work normally with regard to how they interact with the camera server. It would just "work". But the devices on the Camera VLAN would be isolated from the rest of your network and couldn't contact any of them or connect to the internet (assuming everything is set up correctly). This is why adding a VPN connection is the next step in the process too. So that once you have your VLANs set up, you can also set up a method to securely access your network while remote. Once connected to the VPN, you should have access to all your devices, including your cameras (assuming that is what you want and you set the VPN to access that VLAN. By default it's normal that the VPN would only allow communication with the MainVLAN, so you would need to add the CameraVLAN to the allowable connections over VPN).

This is a very basic explanation of how VLANs work (and it's probably wrong at a technical level), but it's how I began to understand it myself when I was first learning about it.
 
Last edited:

SpacemanSpiff

Known around here
Joined
Apr 15, 2021
Messages
1,447
Reaction score
2,411
Location
USA
So it turns out both my smart switches have VLAN capability (as does my router).
If I put all of my cameras (and also my BI machine I'm assuming?) on the same VLAN, how would I access it from my regular LAN?
For example, how would I remote into the server? Also how would I access UI3? What about my various camera feed integrations in Home Assistant?
 
Top