cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
495
Views
0
Helpful
3
Replies

Need some help with a video network...

Mark Mattix
Level 2
Level 2

I have a network which consists of 2 switches (3Com and a 2960) and also a Linksys router that is used for the internet connection to come in to where the vendor can remote in to help resolve any issues. There are also 3 servers for the web gui, recording and video. Every camera (96 IP devices) on this network has an IP decoder and encoder and is configured with a gateway that does not exist.
The computers also connected to this network have a gateway configured of the Linksys router's interface. My question is, how is this video network functioning? Are the switches remembering the MACs of all the video devices and just forwarding them to the correct ports or is all traffic being broadcasted throughout the network?

Thank you for any help!  -Mark

3 Replies 3

stephenshaw
Level 1
Level 1

Hi Mark,

assuming they are all on the same VLAN, arp is being used. A gateway is only required to reach outside of any particular VLAN.

Does this make sense for your environment?

Cheers,

Steve

Yes that does make sense in needing a router to go outside the network. I was finally able to figure out an issue I was having on the switch which has enabled me to perform a packet capture of the data. First though, I performed a show arp on the switch and there were no results. I perform a show mac address-table and it shows the MACs of the devices and the port they're connected to or by.

So I'm wondering, does the switch not store an arp table but uses arp at the beginning of a video conference in order to find the other device's IP? At the beginning of the capture I see gratuitious arp requests and eventually the feed uses IPs to transmit the data in RTP protocol.

Also, seeing these packets got me wondering, is it possible to re-assemble these RTP packets into the video feed? If a hacker performed the same capture how would they see the video?

Hi Mark,

a full arp table is only seen on the L3 gateway device .... since you aren't using a gateway, you won't see arp entries for the camera units. Typically, you only see the management IP addresses of the L2 switches when issuing the show arp command on a L2 switch (the 3COM & 2960). However, you are correct that the MACs are collected and stored in a table. Just do a search on ARP and you should find good explanations on how it works.

If the stream is unencrypted, for audio, using RTP, a sniffer can capture and re-assemble the packets. Once in the correct format, audio can be played back. I've done this while testing voice recording.

Encryption is your best bet for protecting the stream - that's typically done by the end systems (i.e. the actual cameras & servers).

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco