Network Planning and Design for IP Cams

[TechDiver]

I have just gotten an EdgeRouter Lite wired router to beef up my home network. I currently have an 8 port Gigabit switch with 4 PoE ports. I will probably go with a NVR unit in my wiring closet. I could setup a dedicated port / subnet on the router for the Camera Network and put my regular network traffic on another port / subnet. I was thinking this would be the most efficient way to go about it, but I could be wrong. My thinking was to have the PoE switch running 4 cameras with one non PoE port going to the router and the other going to the non PoE NVR. I would then get an 8 port non PoE switch for my regular network devices (ie: printer, NAS, desktops) and connect that to a dedicated subnet on the router. Any suggestions from anyone else that has already done this?

Thanks,
TechDiver

 

[shokunin]

That is one way to segregate the two networks using your EdgeRouter to do the layer 3 routing and probably the easiest with the switches you have. I myself use VLANS instead and have multiple VLANS to segregate, LAN, wireless (using Ubiquiti access points), guest wireless, VoIP, and CCTV with QoS routing. If you have L2 or L3 managed switches you can assign each port to specific VLAN rather than dedicating a switch to a subnet.

 

[TechDiver]

Nice, I didn't invest in managed switches for the house. Simply replacing an over worked linksys router which will serve as a temporary access point. Going with a Ubiquity AC ap in the house and one out in my shop to cover the back yard. I really like the Ubiquity line. I have installed plenty of them at work and they have never given me trouble. Thanks for the input.

 

[nayr]

Managed switches can be had for pretty cheap used, consider it.. but you can always just use dedicated switches and a router.. first look around on craigslist or ebay for like a 10/100Mbit 24 port 3com managed switch with PoE and GigE uplink you can get one for a song and a dance.. and 10/100 is more than enough for IPCameras, they use like 10Mbit tops.

I have an EdgeRouter PoE and 3x UniFi AC Access Points spread across the house.. my IPCameras have there own VLAN and are firewalled off from the internet, and lets my network access only the RSTP Feed and WebUI.. I VPN into the EdgeRouter for remote camera access with a mobile device.. I dont really trust these Chinese cameras not to call home or be full of security issues, so they are in a carefully crafted walled garden.. with little more than a NTP and FTP service on the local network the cameras can access .

Be Aware UniFi dont do standard PoE, my PoE switch wont power those access points.. thats why I got the EdgeRouter PoE because it WILL power the AC access points and it had Gigabit Uplinks for the WiFi.. My PoE switch is 100Mbit, thats fine for all my IPCameras and VoiIP Phones, but those UniFI AC access points can crush 100Mbit without breaking a sweat so you want to give em Gig.

 

[TechDiver]

Managed switches can be had for pretty cheap used, consider it.. but you can always just use dedicated switches and a router.. first look around on craigslist or ebay for like a 10/100Mbit 24 port 3com managed switch with PoE and GigE uplink you can get one for a song and a dance.. and 10/100 is more than enough for IPCameras, they use like 10Mbit tops.

I have an EdgeRouter PoE and 3x UniFi AC Access Points spread across the house.. my IPCameras have there own VLAN and are firewalled off from the internet, and lets my network access only the RSTP Feed and WebUI.. I VPN into the EdgeRouter for remote camera access with a mobile device.. I dont really trust these Chinese cameras not to call home or be full of security issues, so they are in a carefully crafted walled garden.. with little more than a NTP and FTP service on the local network the cameras can access .

Be Aware UniFi dont do standard PoE, my PoE switch wont power those access points.. thats why I got the EdgeRouter PoE because it WILL power the AC access points and it had Gigabit Uplinks for the WiFi.. My PoE switch is 100Mbit, thats fine for all my IPCameras and VoiIP Phones, but those UniFI AC access points can crush 100Mbit without breaking a sweat so you want to give em Gig.

Are you using OpenVPN? Yeah, the non-pro Ubiquiti units use the low voltage 24 V PoE. At our office we are using the Pro versions which are 802.3af/at compliant, so we power them with a Cisco Catalyst 3750X PoE+ 48 port switch.

Thanks for the info. I will check into some used gear.