Using BI machine like traditional "NVR" - IP Addresses

Dasstrum

IPCT Contributor
Joined
Nov 4, 2016
Messages
578
Reaction score
736
Location
Florida
To my understanding: In a traditional NVR setup the IP cameras are connected directly to the NVR and the NVR assigns the IP addresses to the cameras. In this setup the NVR is in no way reliant of router for IP assignment or routing and can function offline or without internet.

A BI setup is done like this: IP cam cameras --> POE Switch --> router <-- Blue Iris Machine

A good setup would be to have a static IP for each camera and the BI machine and call it a day HOWEVER, what happens if you get a new ISP or the router goes out... everything goes down.

Is it possible to have: IP Cameras --> POE Switch <-- BI Machine and Router (plugged into different ports on switch)

Then on the BI machine have 2 IP addresses basically creating a VLan. Cameras on 192.168.1.X subnet with BI machine and rest of home network on 192.168.8.x subnet. But still being able to access the cameras remotely via app or UI3.

My thoughts on this would be to eliminate losing camera feed and recording if someone got a new ISP or has router problems giving me time to go out and config BI to new router.

Am I overthinking this or is there an easier way to accomplish this?
 

mat200

IPCT Contributor
Joined
Jan 17, 2017
Messages
13,655
Reaction score
22,743
...
A BI setup is done like this: IP cam cameras --> POE Switch --> router <-- Blue Iris Machine ( #1 )

Is it possible to have: IP Cameras --> POE Switch <-- BI Machine and Router (plugged into different ports on switch) (#2)
..
Hi Dass,

I would recommend not having a setup which puts more work on the router ( #1), instead set it up as (#2). The router can still assign IPs if you like, or they can be static, or the BI can assign IPs.
 

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,897
Reaction score
21,250
To my understanding: In a traditional NVR setup the IP cameras are connected directly to the NVR and the NVR assigns the IP addresses to the cameras. In this setup the NVR is in no way reliant of router for IP assignment or routing and can function offline or without internet.

A BI setup is done like this: IP cam cameras --> POE Switch --> router <-- Blue Iris Machine

A good setup would be to have a static IP for each camera and the BI machine and call it a day HOWEVER, what happens if you get a new ISP or the router goes out... everything goes down.

Is it possible to have: IP Cameras --> POE Switch <-- BI Machine and Router (plugged into different ports on switch)

Then on the BI machine have 2 IP addresses basically creating a VLan. Cameras on 192.168.1.X subnet with BI machine and rest of home network on 192.168.8.x subnet. But still being able to access the cameras remotely via app or UI3.

My thoughts on this would be to eliminate losing camera feed and recording if someone got a new ISP or has router problems giving me time to go out and config BI to new router.

Am I overthinking this or is there an easier way to accomplish this?
ideally the blue iris machine should be setup like #2...then even if the router is turned off, everything will still work.
 

Dasstrum

IPCT Contributor
Joined
Nov 4, 2016
Messages
578
Reaction score
736
Location
Florida
ideally the blue iris machine should be setup like #2...then even if the router is turned off, everything will still work.
Hmm... gonna have to rethink all my setups then. Generally speaking I do 4 cameras using a 4 port poe switch so there is never a free port on the switch for the BI machine to be plugged into. Maybe need to start using 8 port switches on 4-7 camera installs
 

NoloC

Getting comfortable
Joined
Nov 24, 2014
Messages
701
Reaction score
454
In that case no reason for 2 IPs on the BI machine
Actually you would still have the "2 IPs" if I understand your goal.

The BI machine would have 2 nics each with a unique IP and as per you example, different subnets. This would allow you to isolate the cams from the rest of the network and the router, so no internet access for cams. A good thing. Cams would need to be assigned static IPs in this scenario. (no dhcp server/ no router) As per Fenderman's comment, router could be off and everything still works.

Second nic in BI machine would be on the normal home network with router/wan access. This is how you would view cams remotely through BI. Recommend vpn for the remote connection. Also recommend static or "reserved" ip address for this nic.

You could accomplish the same thing with vlans but this seems pretty simple. Just be aware only the BI machine will "see" the cams on their network.
 
Joined
Apr 26, 2016
Messages
1,090
Reaction score
852
Location
Colorado
I saw on the PoE Switch recommendations that a number of them have (# of POE Ports) + (1 or 2 additional non-POE ports) usually these are to uplink to another switch or router, but in your case might be an option for the BI machine. The BI machine clearly wouldn't need POE.
 

Dasstrum

IPCT Contributor
Joined
Nov 4, 2016
Messages
578
Reaction score
736
Location
Florida
Thanks for all the recommendations. I have a few spare switches and BI machines I can play around with and experiment based on these suggestions.
 

giomania

IPCT Contributor
Joined
Jun 1, 2017
Messages
780
Reaction score
538
Actually you would still have the "2 IPs" if I understand your goal.

The BI machine would have 2 nics each with a unique IP and as per you example, different subnets. This would allow you to isolate the cams from the rest of the network and the router, so no internet access for cams. A good thing. Cams would need to be assigned static IPs in this scenario. (no dhcp server/ no router) As per Fenderman's comment, router could be off and everything still works.

Second nic in BI machine would be on the normal home network with router/wan access. This is how you would view cams remotely through BI. Recommend vpn for the remote connection. Also recommend static or "reserved" ip address for this nic.

You could accomplish the same thing with vlans but this seems pretty simple. Just be aware only the BI machine will "see" the cams on their network.
And the BI computer is the time server for the cameras, with the cameras’ time server configuration settings set to the BI computer static IP address on the non-secure “surveillance” subnet, correct?


Sent from my iPhone using Tapatalk Pro
 

NoloC

Getting comfortable
Joined
Nov 24, 2014
Messages
701
Reaction score
454
And the BI computer is the time server for the cameras, with the cameras’ time server configuration settings set to the BI computer static IP address on the non-secure “surveillance” subnet, correct?


Sent from my iPhone using Tapatalk Pro
Yes. And funny you should mention that! I have been having a heck of a time getting that to work on my new Win 10 BI machine. Using Net time , www.timesynctool.com . Worked fine on my Win 7 machine but not getting a connection on my BI box. It does work on another Win 10 machine I have and firewall setting are identical. Maybe time for another thread!
 

Jason Hall

n3wb
Joined
Dec 27, 2017
Messages
6
Reaction score
4
I’m no network expert, but I believe an alternative to setting up a subsets is to keep everything on the same subset but use your firewall to restrict internet traffic to/from the camera IPs. Basically, only allow camera traffic to the Blue Iris server. This is what I do. If this not is as effective as using subsets, or has a downside, I’d be interested in learning.
 

looney2ns

IPCT Contributor
Joined
Sep 25, 2016
Messages
15,521
Reaction score
22,657
Location
Evansville, In. USA
Yes. And funny you should mention that! I have been having a heck of a time getting that to work on my new Win 10 BI machine. Using Net time , www.timesynctool.com . Worked fine on my Win 7 machine but not getting a connection on my BI box. It does work on another Win 10 machine I have and firewall setting are identical. Maybe time for another thread!
I believe you have to disable the Windows time service.
 

NoloC

Getting comfortable
Joined
Nov 24, 2014
Messages
701
Reaction score
454
I believe you have to disable the Windows time service.
I'll give that a try. The one windows machine I have it working on I did not do that but in addition to allowing it on the Norton AV , I had to allow it also on the Windows firewall settings.
Then it worked. Both machines are Win 10 but the one that works is a clean install, while the other still is Dell factory.
 

Frankenscript

Known around here
Joined
Dec 21, 2017
Messages
1,288
Reaction score
1,197
I'll second pretty much everything NoloC has suggested in this thread.

Originally I thought I needed a router between the BI PC and the POE switch; eventually was taught it was not needed.

So, my system looks like this:

Cams --> PoE Switch--> BI PC (secondary NIC) | BI PC (Primary NIC)--> Home router--> Cable modem--> Internet

The BI PC works as time server (remember to open up windows firewall port 123) too.

The Cams talk to the BI PC, and get their time there, and are NOT connected to the main home LAN and have no access to or from the internet, by design. If I'm out and about and want to see what's going on, I access the BI PC via the web UI (VPN is preferred over less secure port forwarding).

My 8 port PoE switch is now full when I put up one last camera, so there may be a traditional switch between the BI PC and the PoE switch soon, allowing me to connect a second PoE switch to support... you guessed it... more cameras.
 
Top