A Recap on Network Protocols: Subnet masking; LANs and VPNs vs. static IPs

It has been a while since we have talked about network addressing, and more and more CCTV cameras are now Internet Protocol (IP) addressable. I just received a couple of networking questions from one of our readers, Erestin. I thought they were good and timely so I would like to share them with you.

These questions reference a past article of mine called “Addressing the Protocols of Networking” (see the October 2002 issue)

Q: What does subnet masking mean?

A: Very simply, masks determine how much of an address is network and how much is host. A Class B mask is 255, 255, 0, 0, in which the first two octets are the network and the last two are the host. A subnet mask increases the amount of addresses that are allowed for the network part of the address. To calculate a subnet from a subnet mask is a little involved in that you have to “AND” the address and the mask. Hope this at least gives you a start.

Q: I am very interested in wire and wireless LANs and how they can potentially get around the issue over limited static IPs for addressable devices like cameras. Am I right in assuming that deploying a LAN or virtual private network (VPN) with routers is still the best way to assure reliability, performance and most of all real-time recording of video?

A: I did cover some suggestions on this in my article. Recently, however, I ran across a good description of dynamic addressing techniques provided by Axis Communications that I think will help answer your questions. It is a good overall description and I would like to quote them here on it.

DYNAMIC IP ADDRESSES

Most Internet Service Providers (ISP) only give you one external IP address, and in most cases this is a dynamic IP address (DHCP). In a dynamic IP address environment such as dial-up over modem or on a DHCP network, an IP-addressable camera will receive a new address each time it connects, or when the lease of the IP address expires. The dynamic IP address is not a problem if images are to be transmitted via E-mail or ftp. However, if you would like to have access directly to the Web server inside the IP-addressable camera and view truly live images, the IP address is unknown.

With the AXIS 2120 camera, it is able to send a newly received IP address via E-mail, upload an HTML page with a link to the current IP address or deliver the current IP address as a CGI parameter to a script on a Web server. These features enable you to always have the latest IP address available, and you can go directly to your camera and view truly live images.

SINGLE IP ADDRESSEven if you have an Internet service, which only assigns you one IP address, and you use this IP address for your PC, you still have a few options:

Use the Windows(tm) 2000 NAT-feature (Network Address Translation) or a program such as Wingate (for Win 95/98), which allows you to have multiple Ethernet cards in your PC. You will then let one port go to the Internet and the other for your internal “private” network.

A better solution is to get a small router/firewall that provides the NAT functionality. There are several on the market today, and this gives you the independence of the PC, which may be switched off or hanging…

If the public IP address provided by your ISP is static and your NAT unit provides “port mapping” functionality, you may configure your NAT unit to bypass requests on a specific TCP port to the IP address of your camera and port 80. This will give you access to live images from the camera as if the camera was connected directly to the Internet.

PROPRIETARY OR UNUSUAL CONNECTION, OR AUTHENTICATION PROTOCOLS

Some ISPs have implemented their own, or are using uncommon connection protocols and procedures. The best way to avoid these providers is to make sure they support connection from a wide variety of operating systems without installation of any special software.

Information provided courtesy of AXIS Communications (www.axis.com).