By Daniel Yantis


2017-04-10 16:42:33 8 Comments

I have a new Debian install that I installed my Ubiquity NVR (Network Video Recorder) on and all is well so far. The cameras are currently attached to the U-verse router via external switch device.

The PC has a Realtek Gigabit on the motherboard that is connected to my U-verse router (and the rest of my network). It has a second Realtek PCI Fast Ethernet card that is a 4 port switch (DNR-17746).

what I want to do is use the PCI 4 port switch to connect all my cameras to the recorder and reduce traffic on my LAN. Further, I want to use the 4 Port PCI Switch because the U-verse router is not always reliable. It seems to power cycle and loose connection to often. So I reasoned that putting the cameras on the 4 port PCI card would allow the software to continue recording even if the U-verse router failed. I wanted the NVR software and cameras independent if the rest of the network so it has less failure points. The software will reconnect to internet and sync recordings when internet returns.

Thus, I think I need to install routing on Debian to have the camera live view data only travel through the PCI 4 port switch to the recording software installed on the same PC.

The software will detect motion and record but live view is always on. The recorded videos then are auto uploaded to a cloud service. There are times when I remote connect to the recording software to see live view, so there still needs to be passthough to the internet.

for me this is all too complicated! However, I was able to bridge eth0 and eth1 to br0 and that also works but no traffic routing happens. to make it worse (for me) I want routing to be transparent to the U-verse router. When I plug in another router (external) I get error messages saying double NAT detected on the U-verse router.

I've read that using ebtables (maybe instead of iptables) that the routing is MAC layer based and hopefully works better with my U-verse router.


3.16.0-4-amd64 #1 SMP Debian 3.16.39-1+deb8u2 (2017-03-07)

PRETTY_NAME="Debian GNU/Linux 8 (jessie)"
NAME="Debian GNU/Linux"
VERSION_ID="8"
VERSION="8 (jessie)"
ID=debian

01:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL-8100/8101L/8139 PCI Fast Ethernet Adapter (rev 10)
Subsystem: Realtek Semiconductor Co., Ltd. RTL-8100/8101L/8139 PCI Fast Ethernet Adapter
Kernel driver in use: 8139too

02:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 02)
Subsystem: Hewlett-Packard Company Asus IPIBL-LB Motherboard
Kernel driver in use: r8169

The 4 Port PCI Fast Ethernet Adapter has 2 Realtek chips: RTL8305SC and RTL8100CL. The board has DNR-17746 printed on it but no other info.

1 comments

@derobert 2017-04-10 17:07:19

First off, if you've got a gigabit network, this is probably not a problem. Most small gigabit switches can provide the full bandwidth between any grouping of ports; so even though your cameras may be sending a 20mbit stream each to the video box, that's 20 in on each of their ports and 80mbps out on the PC's port—less than 10% usage for gigabit even on the PC port. And it shouldn't affect the other ports on the switch; two unrelated ports should still get the full gigabit between them.

Second, bridging sounds like what you want. Bridging is based on MAC addresses; routing is based on IP addresses. If you had NAT and iptables, you probably had some sort of routing set up, not bridging.

On Debian, the easiest way to set up a bridge is probably via /etc/network/interfaces. You'll need bridge-utils installed. Note also that a bridge is a virtual interface on the machine, and you typically put the machine's IP address on that interface (and not either of the two real Ethernet interfaces). It looks like this:

auto br0
iface br0 inet static
        address A.B.C.D
        netmask E.F.G.H
        gateway I.J.K.L
        bridge_ports eth0 eth1
        bridge_stp off
        bridge_fd 2
        bridge_maxwait 20

Other than that, eth0 and eth1 should not appear in the interfaces file. You don't have to use static IPs (though my example does). The key things are those bridge_* lines. Ports says which Ethernet interfaces to bridge; _stp is a protocol for multiple bridges to communicate and avoid loops (surely not needed on a small network); _fd is how long to wait between bringing up the interface and actually forwarding packets (default is longer, to allow for STP setup), _maxwait is how long to wait for the ports to come up before continuing with them down. All of this is documented in man 5 bridge-utils-interfaces

(There are other ways to configure a bridge, too. Network Manager can do it. Systemd has its own way.)

@Daniel Yantis 2017-04-10 17:20:35

Thank you - I did almost that! you confirmed that i performed step 1 pretty close. lol. I installed bridge-utils and edited /etc/network/interfaces. however, i have to start the bridge manually at each boot with # ifup br0. and my interfaces has this: # iface eth0 inet manual # iface eth1 inet manual # iface br0 inet dhcp # bridge_ports eth0 eth1

@derobert 2017-04-10 17:23:23

@DanielYantis if you're having to start it manually, you're probably missing the auto br0 line.

@Daniel Yantis 2017-04-10 17:29:02

yes, thank you. that made it auto start. I also added your suggested bridge_* lines.

@Daniel Yantis 2017-04-10 17:32:37

HOWEVER, I wanted to use the 4 Port PCI Switch because the U-verse router is not always reliable. It seems to power cycle and loose connection to often. So I reasoned that putting the cameras on the 4 port PCI card would allow the software to continue recording even if the U-verse router failed. I wanted the NVR software and cameras independent if the rest of the network so it has less failure points.

@derobert 2017-04-10 17:35:02

@DanielYantis ah, that makes sense. BTW: Since you're using DHCP, if the U-verse router is the DHCP server (or if the DHCP server is connected to it), they're not independent yet.

@Daniel Yantis 2017-04-10 17:39:20

yes, i see that. So i figured I needed to put eth0 on the U-verse router and eth1 on it's own subnet (I think) or assign static IPs to the cameras. That is part of my question here.

@derobert 2017-04-10 17:41:47

@DanielYantis That's a much more complicated setup (because you have to teach the rest of the network where to find that other subnet). OTOH, normally only part of the subnet is used for the DHCP pool (e.g., 192.168.1.2–192.168.1.101). You can just use static IP addresses outside of the pool (e.g., starting with 192.168.1.102) but on the same subnet.

@Daniel Yantis 2017-04-10 18:05:11

good ideas and i will assign static ips to each camera. However, that still does not isolate the traffic from the rest of the network. If I have 32 cameras (with a 4 port switch on each of the 4 ports on the PCI card) at 1080P / 6000k bitrate / 30 FPS, I see bandwidth issues! although I don't have that many now. I still want my Apple TVs and Digital TVs to have some room.

@derobert 2017-04-10 18:06:40

@DanielYantis The bridge isolates the traffic from the rest of the network. It learns which MAC addresses are on each side, and only forwards traffic across the bridge if required. (A switch does the same thing, actually).

@Daniel Yantis 2017-04-10 18:09:28

NOW THAT I NEEDED TO KNOW! Thank you. I thought the bridge only connected the items bridged with no management. But you are saying that the bridge actually learns to shape traffic?

@derobert 2017-04-10 18:12:57

@DanielYantis Yes, it learns which devices are connected to which port, and uses that to send traffic out the appropriate port. So sending hundreds of mbps of traffic to the PC doesn't saturate the rest of the network. Your typical $20–30 small gigabit switch does this, too. (And of course, so to do the larger more expensive ones)

@Daniel Yantis 2017-04-10 18:31:00

Related Questions

Sponsored Content

1 Answered Questions

[SOLVED] debian - iptables doesn't work for allowing one specific port

1 Answered Questions

[SOLVED] Debian 9: Audio Issues

1 Answered Questions

1 Answered Questions

Unknown Display // Drivers issue

1 Answered Questions

1 Answered Questions

Routing traffic with multiple NICs on Ubuntu

  • 2016-03-23 17:12:19
  • ubuntu_user
  • 1036 View
  • 0 Score
  • 1 Answer
  • Tags:   routing

1 Answered Questions

[SOLVED] Debian Stable with one install ever

0 Answered Questions

PCI passthrough with Xen

1 Answered Questions

[SOLVED] kernel panic error after recompilation

Sponsored Content