NVR5216-14KS2 NON-Poe NVR with multiple switches

[happf]

I really want a quiet system. I'm not worried about spending a bit extra for more flexibility. I don't like that the POE version has more fans and plus, I would then have to run cables from the nvr to each camera versus running individual cables to separate 4 to 8 port poe switches at each corner of the house.

But the NON-POE version only has a single network port so now I have to introduce at least one managed switch if I don't want the cameras impacting the whole network.

These are my thoughts

1) NON-POE NVR with a single 8 port managed switch right next to it with at least 4 POE ports for those cameras closest to the NVR.
2) At least 1 or 2 more unmanaged (maybe even managed and that would allow me to remotely turn them on/off) in better areas of the house for those cameras with a single cable running back to the main managed switch in #1 above.
3) I would have a single cable from the managed switch connecting back into my main network.
4) I would run a single cable from the managed switch to a nearby desktop computer.

I am assuming somewhere I can create a complete new subnet of static ips for all the cameras and that I can configure both subnets into the NVR and Desktop?

So my home would be 192.168.10.X
The cameras would be 192.168.20.X
The NVR would be on a 192.168.10.X address. Is it then still able to access the .20.X cameras?
I could add a second 20.x address to the desktop for it to be able to access the cameras directly? Am I doing the same thing in the nvr?


My hopes with the managed switch are that I can configure it's ports to
1) Allow the POE ports and the remote switch ports to only send traffic to the NVR AND Desktop ports
2) Only the NVR and Desktop ports are allowed to interact with the main network.

This way I would
1) always have that one PC available to directly interact/configure the cameras
2) All PCs can access the NVR

BTW, I already have 12v power run to many camera spots since I have a current analog bnc system. Should I go ahead and leverage that power or just not bother with that?

Am I making things more complicated than they need to be?

 

[alastairstevenson]

Am I making things more complicated than they need to be?

Yes, I believe so.
- Adding multiple IP segments won't change how the traffic flows between end-points on the network, or the traffic volume, unless you have a Layer-3 network and multiple wiring choices for routes between end-points.
- Segregating access by assigning end-points to VLANS will not change the traffic volume either (just in case you think of that).
- 5 or 10 cameras at 4-8Mbps each isn't going to make much of hole at all in the available bandwidth of Gigabit switch connections even if all were aggregated.
- Splitting the wiring will positively segregate the traffic flow and can manage how it aggregates.
- Switches will only forward (non-broadcast) packets between ports if the source and destination require it. There will be no traffic on uninvolved ports, so the burden is on the switch fabric / backplane to handle the aggregate traffic. Which on a good switch should be 'non-blocking', ie the fabric can fully handle all ports at full wire speed.
- A managed switch doesn't add congestion reduction value but usefully adds the ability to remotely power-cycle PoE ports.

 

[Fastb]

Happf,

Let me say "Welcome to the Forum"!
You joined a while ago, but only have a handful of posts under your belt.

alastairstevenson provides good guidance, and more technically detailed than I could provide. But I can share my exxperience, on my system, with an NVR with just one e-net port.

I have to introduce at least one managed switch if I don't want the cameras impacting the whole network.

NON-POE NVR with a single 8 port managed switch right next to it

I don't have a managed POE switch. It's unmanaged. I don't have the ability to cycle power to a cam while sitting on a keyboard and connecting to the non-managed POE switch. If I need to power cycle a cam (an extremely, extremely rare occurrence for poe cams, but more common on WiFi cams), I simply unplug the POE Cat5 cable from my POE switch, wait, then plug it in again. I don't regret the decision to buy a non-managed switch, and enjoy the lower cost and the simplicity of a non-managed switch.

I created a camera subnet as you are envisioning. Sure, the cam bandwidth is low for a wired lan, as alastairstevenson points out. Nevertheless, I didn't want cams to degrade internet access & speed (netflix, surfing, etc). My cam subnet benefits:
- NVR & cam traffic is completely seperate, except where the 2 subnets meet at the router connected to my comcast cable modem.
- If I view cams at home,
--- (with a tablet near the kitchen to see what's going on)
--- (with gDMSS when I view using the local lan ip addresses)
--- (with a laptop to playback recorded video of last night's events, which are mostly visits by coyotes and coons)
--- (if I want to surf in to a)the NVR or b) the cams to configure, I do that on the cam subnet.
All this cam b/w activity does not impact my home lan b/w.
And wife/kids on my home lan can't reach the cam lan, unless they know the ip of my cam lan. Not that I need that level of "obscurity" within my home.
Lastly, it keeps my cams and NVR one subnet away from the big, bad internet. Again, obscurity is not security. But still...

Downside:
setting this up was more complicated. Figuring ip subnet addresses, ip masks, while still allowing the NVR to reach my home router and comcast cable modem. With my laptop, I can connect to two subnets. Both reach the internet. The home subnet can't reach the cams. The cam subnet can't reach my printer, NAS, other computers on the home lan, etc.
"Unnecessarily complicated"? - maybe.
Providing only marginal benefits? - maybe.
If I add a NAS to my cam network (to back up the NVR), I can install it remotely (physically away from the NVR), and that added traffic wouldn't be on the home lan.

I'm not an IT guy. The above architecture was developed while matriculated at "Seat-of-the-Pants" University. I graduated Magma No Laud. So I hope my guidance is helpful, but I'm no expert by any stretch! Experts may fine-tune my guidance, while spending their valuable time enhancing/correcting the basics I shared.

Fastb