Introduction
A Virtual Local Arena Network (VLAN) refers to a logical grouping of different hosts in a similar broadcast domain. This document explains how to use VLANs with LUCID cameras.
Requirements
Arena SDK:
- Windows: Arena SDK v1.0.31.8 or higher
- Linux x64: Arena SDK v0.1.59 or higher
- Linux ARM64: Arena SDK v0.1.43 or higher
Firmware:
- Phoenix: firmware v1.64 or higher
- Triton: firmware v1.75 or higher
Other Hardware:
- 2x Netgear GS305PP (a switch with VLAN support)
VLAN Tag
The 802.1Q standard was created to support VLANs. The network device that manages the VLAN (e.x. the switch) can apply a VLAN tag. The network ports that are part of the same VLAN can receive the VLAN-tagged traffic.
VLANs are identified by their VLAN ID, which can be a number from 1 to 4094:
The above trace shows a packet that has been tagged with VLAN ID 10.
Example Setup
Consider the following diagram using 2x Netgear GS305PP switches:
The diagram can be segmented into a VLAN with the following rules:
- The switch will tag any untagged traffic passing through Ports 1 or 5 with VLAN ID 10
- The switch will send traffic to ports that are part of the VLAN ID 10
In the above setup, traffic that arrives on Ports 2 to 4 will not be seen by the camera or the PC since those parts are not part of VLAN ID 10. This also means a device that connects to Ports 2 to 4 of either switch will not see traffic from the camera or the PC.
First Switch Setup
This switch has the following conditions:
- Traffic originating from the host PC is UNTAGGED
- Traffic entering Port 5 is TAGGED with VLAN ID 10
- Port 1 and Port 5 are part of VLAN ID 10
- Traffic received on Port 1 can be sent to Port 5 because they are part of VLAN ID 10
In the above setup, traffic that arrives on Ports 2 to 4 will not be seen by the camera or the PC since those parts are not part of VLAN ID 10. This also means a device that connects to Ports 2 to 4 of either switch will not see traffic from the camera or the PC.
Second Switch Setup
This switch has the following conditions:
- Traffic originating from the camera is UNTAGGED
- Traffic entering Port 1 is TAGGED with VLAN ID 10
- Port 1 and Port 5 are part of VLAN ID 10
- 4. Traffic received on Port 5 can be sent to Port 1 because they are part of VLAN ID 10
In the above setup, traffic that arrives on Ports 2 to 4 will not be seen by the camera or the PC since those parts are not part of VLAN ID 10. This also means a device that connects to Ports 2 to 4 of either switch will not see traffic from the camera or the PC.
Traffic Between Switches
This diagram has the following conditions:
- Traffic sent from Port 1 of the first switch to Port 5 of the second switch is already TAGGED
- Traffic sent from Port 5 of the second switch to Port 1 of the first switch is already TAGGED
In the above setup, traffic that arrives on Ports 2 to 4 will not be seen by the camera or the PC since those parts are not part of VLAN ID 10. This also means a device that connects to Ports 2 to 4 of either switch will not see traffic from the camera or the PC.
VLAN Setup on the Switches
The following steps show how to set up a VLAN on the Netgear GS305PP switch.
-
- Log into the Netgear switch
- Click Switching in the Netgear top menu bar
- Choose VLAN in the left menu bar
- Choose Advanced 802.1Q VLAN in the VLAN options and click the ACTIVATE MODE button
- Click ADD VLAN
- Enter the VLAN details:
- VLAN Name: VLAN10 (name of your choosing)
- VLAN ID: 10
- Set Port 1 and Port 5 to Tag All
- Set Port 2, Port 3, and Port 4 to Exclude All (these ports will not be part of VLAN 10)
- Click Apply to save the VLAN details
- Click PVID Table to define the PVID of each port
- Set the following PVID Table settings:
- Port 1: VLAN ID 10
- Port 5: VLAN ID 10
This will assign Port 1 and Port 5 exclusively to VLAN ID 10.
- Apply the same rules to the second Netgear GS305PP switch
In the above setup, traffic that arrives on Ports 2 to 4 will not be seen by the camera or the PC since those parts are not part of VLAN ID 10. This also means a device that connects to Ports 2 to 4 of either switch will not see traffic from the camera or the PC.
Additional Setup Example
Consider the following diagram where VLAN ID 10 is assigned to Ports 1 and 5 of each switch:
This following conditions would apply:
-
- PC 1 will see traffic related to VLAN ID 10
- PC 1 WILL NOT see PC 2 or Camera 2 because Ports 3 and 4 are not part of VLAN ID 10
- PC 2 will see Camera 2
- PC 2 WILL NOT see PC 1 or Camera 1 because Ports 3 and 4 are not part of VLAN ID 10
In the above setup, traffic that arrives on Ports 2 to 4 will not be seen by the camera or the PC since those parts are not part of VLAN ID 10. This also means a device that connects to Ports 2 to 4 of either switch will not see traffic from the camera or the PC.