To send data between a device on one local area network to another device on another LAN,
a standard way of communicating is required since local area networks may use different types
of technologies. This need led to the development of IP addressing and the many IP-based protocols
for communicating over the Internet, which is a global system of interconnected computer
networks. (LANs may also use IP addressing and IP protocols for communicating within a
local area network, although using MAC addresses is sufficient for internal communication.)
Before IP addressing is discussed, some of the basic elements of Internet communication such
as routers, firewalls and Internet service providers are covered below.
Routers
To forward data packages from one LAN to another LAN via the
Internet, a networking equipment
called a network router must be used. A router routes information from
one network to another based on IP addresses. It forwards only data
packages that are to be sent to another
network. A router is most commonly used for connecting a local network
to the Internet. Traditionally,
routers were referred to as gateways.
Firewalls
A firewall is designed to prevent unauthorized access to or from a private network. Firewalls
can be implemented in both hardware and software, or a combination of both. Firewalls are
frequently used to prevent unauthorized Internet users from accessing private networks that are
connected to the Internet. Messages entering or leaving the Internet pass through the firewall,
which examines each message, and blocks those that do not meet the specified security criteria.
Internet connections
In order to connect a LAN to the Internet, a network connection via an Internet service provider
(ISP) must be established. When connecting to the Internet, terms such as upstream and downstream
are used. Upstream describes the transfer rate with which data can be uploaded from the
device to the Internet; for instance, when video is sent from a network camera. Downstream is the
transfer speed for downloading files; for instance, when video is received by a monitoring PC.
In most scenarios — for example, a laptop that is connected to the Internet — downloading information
from the Internet is the most important speed to consider. In a network video application
with a network camera at a remote site, the upstream speed is more relevant since data (video)
from the network camera will be uploaded to the Internet.
IP addressing
Any device that wants to communicate with other devices via the Internet must have a unique
and appropriate IP address. IP addresses are used to identify the sending and receiving devices.
There are currently two IP versions: IP version 4 (IPv4) and IP version 6 (IPv6). The main difference
between the two is that the length of an IPv6 address is longer (128 bits compared with
32 bits for an IPv4 address). IPv4 addresses are most commonly used today.
IPv4 addresses
IPv4 addresses are grouped into four blocks, and each block is separated by a dot. Each block
represents a number between 0 and 255; for example, 192.168.12.23.
Certain blocks of IPv4 addresses have been reserved exclusively for private use. These private IP
addresses are 10.0.0.0 to 10.255.255.255, 172.16.0.0 to 172.31.255.255 and 192.168.0.0 to
192.168.255.255. Such addresses can only be used on private networks and are not allowed to be
forwarded through a router to the Internet. All devices that want to communicate over the Internet
must have its own individual, public IP address. A public IP address is an address allocated by an
Internet service provider. An ISP can allocate either a dynamic IP address, which can change during
a session, or a static address, which normally comes with a monthly fee.
Ports
A port number defines a particular service or application so that the receiving server (e.g., network
camera) will know how to process the incoming data. When a computer sends data tied to
a specific application, it usually automatically adds the port number to an IP address without
the user’s knowledge.
Port numbers can range from 0 to 65535. Certain applications use port numbers that are
pre-assigned to them by the Internet Assigned Numbers Authority (IANA). For example, a web
service via HTTP is typically mapped to port 80 on a network camera.
Setting IPv4 addresses
In order for a network camera or video encoder to work in an IP network, an IP address must be
assigned to it. Setting an IPv4 address for an Axis network video product can be done mainly in
two ways: 1) automatically using DHCP (Dynamic Host Configuration Protocol), and 2) manually
by either entering into the network video product’s interface a static IP address, a subnet
mask and the IP address of the default router, or using a management software tool such as
AXIS Camera Management.
DHCP manages a pool of IP addresses, which it can assign dynamically to a network camera/
video encoder. The DHCP function is often performed by a broadband router, which in turn gets
its IP addresses from an Internet service provider. Using a dynamic IP address means that the IP
address for a network device may change from day to day. With dynamic IP addresses, it is
recommended that users register a domain name (e.g., www.mycamera.com) for the network
video product at a dynamic DNS (Domain Name System) server, which can always tie the domain
name for the product to any IP address that is currently assigned to it.
Using DHCP to set an IPv4 address works as follows. When a network camera/video encoder
comes online, it sends a query requesting configuration from a DHCP server. The DHCP server
replies with an IP address and subnet mask. The network video product can then update a
dynamic DNS server with its current IP address so that users can access the product using a
domain name.
With AXIS Camera Management, the software can automatically find and set IP addresses and
show the connection status. The software can also be used to assign static, private IP addresses
for Axis network video products. This is recommended when using video management software
to access network video products. In a network video system with potentially hundreds of
cameras, a software program such as AXIS Camera Management is necessary in order to effectively
manage the system.
NAT (Network address translation)
When a network device with a private IP address wants to send information via the Internet, it
must do so using a router that supports NAT. Using this technique, the router can translate a
private IP address into a public IP address without the sending host’s knowledge.
Port forwarding
To access cameras that are located on a private LAN via the Internet, the public IP address of the
router should be used together with the corresponding port number for the network camera/video
encoder on the private network.
Since a web service via HTTP is typically mapped to port 80, what happens then when there are
several network cameras/video encoders using port 80 for HTTP in a private network? Instead of
changing the default HTTP port number for each network video product, a router can be configured
to associate a unique HTTP port number to a particular network video product’s IP address and
default HTTP port. This is a process called port forwarding.
Port forwarding works as follows. Incoming data packets reach the router via the router’s public
(external) IP address and a specific port number. The router is configured to forward any data
coming into a predefined port number to a specific device on the private network side of the
router. The router then replaces the sender’s address with its own private (internal) IP address.
To a receiving client, it looks like the packets originated from the router. The reverse happens with
outgoing data packets. The router replaces the private IP address of the source device with the
router’s public IP address before the data is sent out over the Internet.
|
| Thanks to port forwarding in the router, network cameras with private IP addresses on a local network can be accessed over the Internet. In this illustration, the router knows to forward data (request) coming into port 8032 to a network camera with a private IP address of 192.168.10.13 port 80. The network camera can then begin to send video. |
Port forwarding is traditionally done by first configuring the router. Different routers have
different ways of doing port forwarding and there are web sites such as www.portfoward.com
that offer step-by-step instruction for different routers. Usually port forwarding involves bringing
up the router’s interface using an Internet browser, and entering the public (external) IP
address of the router and a unique port number that is then mapped to the internal IP address
of the specific network video product and its port number for the application.
To make the task of port forwarding easier, Axis offers the NAT traversal feature in many of its
network video products. NAT traversal will automatically attempt to configure port mapping in a
NAT router on the network using UPnP™. In the network video product interface, users can manually
enter the IP address of the NAT router. If a router is not manually specified, then the network
video product will automatically search for NAT routers on the network and select the default
router. In addition, the service will automatically select an HTTP port if none is manually entered.
IPv6 addresses
An IPv6 address is written in hexadecimal notation with colons subdividing the address into
eight blocks of 16 bits each; for example, 2001:0da8:65b4:05d3:1315:7c1f:0461:7847.
The major advantages of IPv6, apart from the availability of a huge number of IP addresses,
include enabling a device to automatically configure its IP address using its MAC address. For
communication over the Internet, the host requests and receives from the router the necessary
prefix of the public address block and additional information. The prefix and host’s suffix is then
used, so DHCP for IP address allocation and manual setting of IP addresses are no longer
required with IPv6. Port forwarding is also no longer needed. Other benefits of IPv6 include
renumbering to simplify switching entire corporate networks between providers, faster routing,
point-to-point encryption according to IPSec, and connectivity using the same address in changing
networks (Mobile IPv6).
An IPv6 address is enclosed in square brackets in a URL and a specific port can be addressed in
the following way: http://[2001:0da8:65b4:05d3:1315:7c1f:0461:7847]:8081/
Setting an IPv6 address for an Axis network video product is as simple as checking a box to
enable IPv6 in the product. The product will then receive an IPv6 address according to the
configuration in the network router.
Data transport protocols for network video
The Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) are the IP-based
protocols used for sending data. These transport protocols act as carriers for many other protocols.
For example, HTTP (Hyper Text Transfer Protocol), which is used to browse web pages on
servers around the world using the Internet, is carried by TCP.
TCP provides a reliable, connection-based transmission channel. It handles the process of breaking
large chunks of data into smaller packets and ensures that data sent from one end is
received on the other. TCP’s reliability through retransmission may introduce significant delays. In
general, TCP is used when reliable communication is preferred over transport latency.
UDP is a connectionless protocol and does not guarantee the delivery of data sent, thus leaving
the whole control mechanism and error-checking to the application itself. UDP provides no
transmissions of lost data and, therefore, does not introduce further delays.
|
|||||||||||||||||||||||||||||||||||
| Common TCP/IP protocols and ports used for network video. | |||||||||||||||||||||||||||||||||||