Separate Network for IP Cameras?

eyeball

Getting comfortable
Jun 30, 2014
218
517
I was thinking about IP traffic on my home network and wondering if I'd overwhelm it with traffic from my cameras. I have 4 foscam FI8910W (~12fps, which is adequate for me) but will probably add two more of some type eventually. I'm using an asus rt-ac66u and gb tplink switches.

I was wondering if there is any merit to isolating all of the cameras on a separate network and having my BI software (webserver, etc) running on a pc with two ethernet cards in it - one connecting to the 'camera' network, the other connecting to my home network.

The thought is that devices connecting to my home network could access the BI webserver for monitoring not be adversely affected by increased IP traffic from cameras.

Obviously not that adept at networking - do you network guru types think this notion has any merit or am I out in left field on this?

If it does have any merit, do you know of a guide that would show how to set this up?

Thanks in advance!!
 
There is merit to the idea of separating traffic, it is more secure if insulated from the web, but then you have a harder time accessing it from your ordinary network, and can't view remotely from the outside, unless you put a switch after the modem, then run the two routers from that switch.

The thing is, with compression, the data streams are really not that bandwidth intense.

You may want to see how much traffic you have, and try a little network speed monitor utility on your computer, if your operating system doesn't have one built-in, and then do a live view of your cameras one at a time; and see how much traffic each camera generates. Then compare that to your daily lan bandwidth needs and your router + switch's capacity whether ethernet or wifi. On gigabit you've got quite a bit of headroom.

During one trial with a 3mp cam set to 1080p at well above average quality in h264 it was running 1MB/s. My little 720p foscams run half that.

But resolutions, compression, fps etc and the environment your cameras are looking at vary greatly, so have a look one at a time or put 4 up on the main stream.
 
  • Like
Reactions: solidstate
I'm not a networking engineer, but from my personal experience (I've done a fair amount of networking with decent amounts of traffic), I don't think that 4 or 6 cameras running on your intranet (intranet, aka LAN = traffic within your house on your own network between devices) will affect much. Cheapy switches and router ports are generally rated for 10meg each. I just don't see you having any bottle necking going on with 4-6 foscams. Now, if you're running a bunch of wireless, or everything wireless, then you may run into some issues.

For example, you have all camera traffic, and all other devices on your network going through a cheap switch with a slow (slower than average) port, then you try to download music or videos, or stream Netflix on the same port, you may experience a traffic jam. But generally, for the average person to add 6 cameras to a intranet infrastructure, it shouldn't cause any issues.

You are more likely to experience a bottle neck effect on your internet (Internet is different from intranet. Internet = traffic going and coming from the outside world), especially if you have a slow internet connection.

Anyone with more experience than myself, please chime in and feel free to correct me if I goofed up the advice.

thanks, good luck.
 
  • Like
Reactions: solidstate
icerabbit & Ken - thanks for the sound advice. I guess for now I'll continue using the one network & see if anyone (aka my wife) complains about latency. Icerabbit mentioned the limitation of not being able to access my BI webserver from the internet in a two-network config (at least not easily), and that's a deal-breaker for me anyway.

Thanks guys!
 
Yup eyeball, that's why I decided not to mess with 2 networks. 2 IP ranges can be tedious, and port forwarding to actually get to the network from the internet can be very nerve racking when you're dealing with multiple networks, routers, and NIC cards. The only OS I've actually had much success on running 2 NICs is Microsoft Server. My luck with windows OS and multiple network connections has not been good.
 
Good to know, Ken. I'd likely have been pulling the rest of my hair out trying to get it to work with win7 - I and my hair thank you :)
 
Sorry to jump in to this a little late but thought I would throw out a few details to clarify for posterity sake-

I'm somewhat new to IP cameras in general but been in IT for a long time. The cameras mentioned by the OP have WiFi capabilities and I didn't see if he was using them in the WiFi mode or wired. If using them in WiFi then I would definitely recommend using a separate WiFi router. 4-6 WiFi cameras on a WPA (54 Mps) secured network will bring the network to a standstill. WPA2 (300 Mbs) networks have a better chance but I would guess there still will be problems. It was mentioned above that a Foscam was running at 1 MBs. That's basically 12 Mbs to your network (with overhead). Considering real-world throughput on a 54 Mbs network router is only half of what the router is rated for (20 Mbs would be generous) you can see that it only takes a couple of cams to overwhelm a WiFi network. Since I run a thin client 24/7 for our IP phone service I thought I would add a couple of the new really cheap Sricam bullet cameras. It only took two of these cameras on WiFi to max out the 54 Mbs wireless router. Now they may have poor compression and are bandwidth hogs because of how dirt cheap they are, but that's not what I am seeing by the reading I have done.

The good news it that adding WiFi capacity is dirt cheap and easy. Buy a cheap used/new WiFi router , set it to act as an access point (not a DHCP router), give it a channel number at least three channels away from your (and your neighbors) existing router and a separate SSID (name) and plug it into your exisiting router. Tell your cameras to use the new SSID. Now your regular WiFi network is open and all your cameras are easily addressable (Internet access, etc) just as they were before because they are still on your network just reporting to a different WiFi router. And if you are having trouble deciding who is using what WiFi bandwidth around you then grab a copy of WiFi Analyzer for your phone (https://play.google.com/store/apps/details?id=com.farproc.wifi.analyzer&hl=en). It will tell you more than you ever wanted to know.

In the mean time, I would like to throttle down the bandwidth of these cheapy cams, but I haven't been able to figure out how to do it or the settings just aren't there to do it.
 
  • Like
Reactions: bp2008 and Mike
@Diggs,
I think you meant 802.11g and 802.11n when you were referring to speeds, not WPA and WPA2. WPA and WPA2 are encryption modes that have little effect on speed.

Regarding throttling down the bandwidth of a cheap camera, I'm going to assume you mean cameras that use MJPEG for streaming (since they don't typically have a bit rate or frame rate option). Not all software supports limiting the speed in this case, but you can in Blue Iris by setting a fixed frame rate and then ticking the "framerate limiting compatibility mode" box on the IP camera configuration window.
 
Last edited by a moderator:
I tried that WiFi Analyzer. Pretty cool! The graph view it does is the next best thing to having a hardware spectrum analyzer, though I am a little suspicious of it since it shows all the access points as having the same channel width. Perhaps everything around here is actually using 20 Mhz, or perhaps the app is just guessing. I almost want to plug in one of my old ubiquiti radios and set it to 5 or 10 mhz and see if this app can tell the difference.
 
@Diggs - thanks for the input - I've been in IT 30+ years also and relatively new to the camera game as well, but I screwed around enough with the cameras and wifi to know it's not reliable enough (for me) to implement. Instead I ran cat5e to the 7 locations I have cameras - that's been some time back now.

If I had it all to do over (and I may do this at some point in the future anyway) I'd run cat6 and PoE, even though it'd mean getting more expensive PoE switches. Running power for all of those cameras sucked.
 
Last edited by a moderator:
  • Like
Reactions: solidstate
Perhaps everything around here is actually using 20 Mhz, or perhaps the app is just guessing. I almost want to plug in one of my old ubiquiti radios and set it to 5 or 10 mhz and see if this app can tell the difference.

All consumer gear is 20Mhz wide or greater channels, leaving only 3 usable channels without overlap.. 1/6/11.. WiSP/Enterprise gear can typically be set to 5/10MHz channels in order to eek out range over speed but whom in your neighborhood is running that?

@Diggs Adding WiFi capacity is not dirt cheap and easy; adding noise and degrading performance of the existing wireless networks however is.. A WiFi router connected at 54Mbps to you is not limited to 54Mbps throughput for everyone.. You can have 50 clients connected at 54Mbps to 350Mbps+ with a properly designed network and just two good access points... with the bottleneck being either RF noise you cant control or the access points uplink speeds.

WiFi Analyzer only shows that; WiFi.. there are a TON of other devices operating on the 2.4GHz spectrum and that tool is entirely blind to them... If you really want to see what the spectrum usage you looks like get your self a $50 Ubiquiti AirMax NanoStation and it will show you the full spectrum use.

To the original poster: A switch does not broadcast traffic on your network; it intelligently switches it to only its destination... A good switch typically has full speed to every other port at all times.. if a handfull of devices are at 100% bandwidth it should have zero impact on any other devices on the same switch as there bandwidth is untouched.

Segregating Networks is a great idea; if only because these cheap china cameras are the last thing you should trust to be secure... Mine are on a separate VLAN with a very strict firewall between them allowing only the required traffic through from the required machines.. all else is dropped.

Wireless and Security are opposing forces; pick one or the other but your not getting both together.
 
Last edited by a moderator:
@Diggs,
I think you meant 802.11g and 802.11n when you were referring to speeds, not WPA and WPA2. WPA and WPA2 are encryption modes that have little effect on speed.

Regarding throttling down the bandwidth of a cheap camera, I'm going to assume you mean cameras that use MJPEG for streaming (since they don't typically have a bit rate or frame rate option). Not all software supports limiting the speed in this case, but you can in Blue Iris by setting a fixed frame rate and then ticking the "framerate limiting compatibility mode" box on the IP camera configuration window.

You can have a 802.11n router, but many people just check the WPA encryption box as they are used to the older standard. WPA only supports 54mps and will throttle down any "n" router to 54Mbs. I will do some more investigation into Blue Iris. Although I can currently control the framerate saved to the hard drive/archive, I can't seem to control the cameras. Thanks for the heads-up.

Nayr - I was referring to a residential/homeowner environment where adding WiFi capacity is much cheaper and easier than most imagine. Wireless/security is always a tradeoff that each person must decide but a breach of a properly configured home WiFi WPA2 network is very rare.

The WiFi Analyzer is free and at least gives anyone with a smartphone an intelligent reference for setting the channel of their wireless points.