1 BI server - 2 networks (1 cameras only, 1 home/internet)

[kc8tmv]

If this is already out there, sorry, could not find exactly what I was looking for.
I have BI on a dedicated server, 6 cameras (mix of 4MP and 2MP).
I would like to add a 2nd NIC card to the sever and separate out into a "camera only" network and a "rest of the world" network.
To see the cameras directly you would have to be on the "camera only" network, or browse to BI UI2 (UI3 etc).

Do I need a router? (No internet connection!) to control/route the traffic on the "camera only" network or do I just connect all the cameras to a isolated switch and hard code (assign) IP addresses to each camera and the new NIC in a separate subnet? ie.
"rest of the world" = 192.168.200.100-255
"camera only " = 192.168.300.1-255

Sorry if I am not making this clear, but this is the best I can explain with enough network knowledge to be very dangerous!

 

[Hetticles]

No you do not need a router.
You do not need a second network card or a isolated switch.

You can actually assign one physical interface (your ethernet connection) multiple IP addresses, so long as they are statically assigned (not DHCP).
Maybe this would help: Connect to two LAN networks with a single card


I do this specifically to isolate the cameras from my main network, ensuring not to give them a default gateway. That way they can't connect to the internet, and unless someone adds a second IP they're not accessible by normal users of the network.

 

[kc8tmv]

OK, good to know and I am learning. But here is where my weird little mind gets confused. If I do as you state above, does all of my camera traffic (packets) still travel through the whole network? And actually is all my other traffic (4K streaming TV, normal IP TV and such) still intermingle with the camera traffic? I have 2 goals: #1 - keep the cameras secure from the outside. #2 - keep the camera traffic from flowing through the rest of the network and taking up bandwidth from the TV traffic.

 

[bp2008]

A second network card and isolated switch is the most foolproof way to do it, and then you just assign static IP addresses to everything on the camera network, including the PC running Blue Iris. No router necessary, and you can be quite certain that the cameras can't reach the internet.

But it probably isn't necessary to do it that way. Video streams don't get broadcast to every device on the network. The streams take an orderly route to their intended destination, and other computers/TVs/etc on the network don't know it is happening. Unless your TV's network traffic shares a network link with the video streams, they won't have any effect on each other. If you do need some traffic to share a network link with the cameras, then just make sure that link has 1 Gbps speed and then there is nothing to worry about.

Basically I'm saying if you build your core network with gigabit switches, then all your video streaming traffic put together will be an inconsequential amount.

 

[awahl101]

This would be ideal for a vlan if you have the hardware already insalled for it that way you dont need a second isolated switch. More complicated however .



Sent from my SM-J727P using Tapatalk