• Get involved.
    We want your input!
    Apply for Membership and join the conversations about everything related to broadcasting.

    After we receive your registration, a moderator will review it. After your registration is approved, you will be permitted to post.
    If you use a disposable or false email address, your registration will be rejected.

    After your membership is approved, please take a minute to tell us a little bit about yourself.
    https://www.radiodiscussions.com/forums/introduce-yourself.1088/

    Thanks in advance and have fun!
    RadioDiscussions Administrators

I need help finding a post about assigning IP addys.

T

TomZ

Frequent Participant
I've lost the bookmark I made to someone's post herein describing how they assigned IP addresses within their studio...

Today, I'm reviewing and beginning the installation process of a new router and such... anyway, I had a trojan that took the computer down that I had the bookmark saved...

What I remember was how their program computer (in my case AudioVault) was not ported to the internet...

Also, I've never had any luck getting the ViaRadio's RDS to work with RDDI and I'm hoping the new router helps this, too.

Thanks.
 
What we did here is set up a little, cheap broadband router between our Vault network and the rest of the world. What we had laying around was a D-Link DI-624S. We turned off the internet to the IP addresses of the Vault computers, but left it on for a couple machines that we use to LogMeIn into our system. We then use VNC to hop into our Vaults remotely. The internet-enabled computer has antivirus running on it. We only use it for the portal and for the transmitter remote control. We keep from browsing on it except for very specific programming-related stuff... It's not for general use. Hope this helps!
 
You're OK, OKCRadioGuy. I'm also interested in knowing how your ViaRadio boxes are programmed....
 
Our ViaRadio box is pretty much static. We do talk most of the time so we don't have data feed out of the Vault to it. :(
 
I use a mikrotik router and use firewall rules to selectively disallow internet access to inside ip addresses. Threats of bodily harm also work....
 
I know that I posted some information regarding how I subnetted our network. I'm not sure if you're talking about that thread. I can't find it now.

Basically, the automation was placed on it's own subnet and then firewall rules were added that dropped all traffic except VNC. (There are also firewall rules that make each subnet "invisible" to the others.) It's quite easy with a Mikrotik router. Does your router allow subnetting and moderate firewall rules?

Looks something like this:

192.168.1.xxx = iMediatouch system
192.168.22.xxx = encoder
192.168.33.xxx = Tieline
192.168.44.xxx = office machines

Firewall rule: Allow VNC port (s) to 192.168.1.xx. Drop all other traffic.

Works very well..
 
ChiefOperator said:
I know that I posted some information regarding how I subnetted our network. I'm not sure if you're talking about that thread. I can't find it now.
Click to expand...

Ah yes I remember that thread, it is here. Specifically check on page 2 of the thread.
 
Many thanks to everyone who contributed and also to celar for the find...

In a nutshell, I was wanting to 'remember' the following:

I need to combine the streams & automation system into one router, but keep the traffic off of each other. Then, I will open ONE port for each set of call letters between the two to pass metadata to the encoders.


I *think* I know what your asking. Yes, that is simple to do and can be done with basic firewall rules. Subnet the encoders and automation systems
(automation = 192.168.2.XXX, encoders = 192.168.3.XXX) and then create firewall rules that all traffic between the two shall be dropped. Then, add a firewall exception that traffic on Port XXXX to machine 192.168.3.XXX shall be passed. Or you could keep all machines on the same and create a bunch of rules to separate the two. The former would be simpler and cleaner.

Mikrotik processes firewall rules top to bottom, so the port exception would
be placed above the other rules. It would basically read: "Pass all traffic on Port XXXX to machine 192.168.3.XXX, but drop all other traffic from 192.168.2.XXX to 192.168.3.XXX and from 192.168.3.XXX to 192.168.2.XXX."

If you have a lot of machines, you may need to get a switch as well so that you have enough physical ethernet ports.

You could also certainly set-up a VLAN as DoctorWu states. That would work.

Spinjector-

I am real particular about traffic on my automation network. There are only 3 computers on it outside of the automation system and all the audio (44.1 Uncompressed) is streamed over it to the On-Air boxes from one of two redundant file servers. I will probably also setup some QOS rules between the servers and the on-air boxes.
Yes, it would have to be managed.
 
ChiefOperator said:
I know that I posted some information regarding how I subnetted our network.  I'm not sure if you're talking about that thread.  I can't find it now.   

Basically, the automation was placed on it's own subnet and then firewall rules were added that dropped all traffic except VNC.  (There are also firewall rules that make each subnet "invisible" to the others.)  It's quite easy with a Mikrotik router.  Does your router allow subnetting and moderate firewall rules?

Looks something like this:

192.168.1.xxx = iMediatouch system
192.168.22.xxx = encoder
192.168.33.xxx = Tieline
192.168.44.xxx = office machines

Firewall rule: Allow VNC port (s) to 192.168.1.xx.  Drop all other traffic.

Works very well.. 
Click to expand...

Chief,

Which current model does this?  I want to buy one of these to clean up a couple of separate routers by combining and subnetting. 

Which nice model would you recommend. Anything below 300 is fine... Linkage is appreciated. :)
 
TomZ said:
Many thanks to everyone who contributed and also to celar for the find...

In a nutshell, I was wanting to 'remember' the following:

I need to combine the streams & automation system into one router, but keep the traffic off of each other. Then, I will open ONE port for each set of call letters between the two to pass metadata to the encoders.


I *think* I know what your asking. Yes, that is simple to do and can be done with basic firewall rules. Subnet the encoders and automation systems
(automation = 192.168.2.XXX, encoders = 192.168.3.XXX) and then create firewall rules that all traffic between the two shall be dropped. Then, add a firewall exception that traffic on Port XXXX to machine 192.168.3.XXX shall be passed. Or you could keep all machines on the same and create a bunch of rules to separate the two. The former would be simpler and cleaner.

Mikrotik processes firewall rules top to bottom, so the port exception would
be placed above the other rules. It would basically read: "Pass all traffic on Port XXXX to machine 192.168.3.XXX, but drop all other traffic from 192.168.2.XXX to 192.168.3.XXX and from 192.168.3.XXX to 192.168.2.XXX."

If you have a lot of machines, you may need to get a switch as well so that you have enough physical ethernet ports.

You could also certainly set-up a VLAN as DoctorWu states. That would work.

Spinjector-

I am real particular about traffic on my automation network. There are only 3 computers on it outside of the automation system and all the audio (44.1 Uncompressed) is streamed over it to the On-Air boxes from one of two redundant file servers. I will probably also setup some QOS rules between the servers and the on-air boxes.
Yes, it would have to be managed.
Click to expand...

I am particular too, Tom. I use two redundant FILE Servers in my Flex network. So my audio is flying over the network. It's all linear and it handles six stations and three production rooms.

I have a completely separate router on the vault side. It has AV, PD Computers (firewalled down to the FTP content providers, no Internet open other Microsoft update servers), and RDS.

I just leave it in it's own network island. Even traffic is on a separate network. I use some second copy trickery to get com logs over (I love that program).

Since I did that, not one single viral problem. I love the file servers... No NFS delay.
 
Chris-

Even the least expensive model will do everything you want and then some. (RB750GL) It will blow away the Linksys, Netgear, etc on function, speed, and stability. In fact, this model was my very first Mikrotik router, and I've since installed a few.

That said, the RB450G is now the model that I install, and the one I will recommend. Contrasted to the RB750G, It has a few more features, additional RAM, improved architecture. (there is also a slightly less expensive model without gigabit ports, the RB450). The RB450G has five gigabit ports total, so it will support four subnets. Now, if you need additional ports for additional subnets, there are other routers available.

http://www.roc-noc.com/mikrotik/routerboard/rb450g-complete.html

This router will need some configuration. Not difficult, just takes a little time to learn. You'll need to download from the Mikrotik website a program called "Winbox" which is the GUI interface to the router. Place Winbox on your computer and then use the program to log into and configure the router.

For training, I recommend that you first view the Mikrotik training videos at www.gregsowell.com Greg does a nice job of walking one through a default config in the "Mikrotik Basics" video. There are also some advanced videos on the site.

Mikrotik also has many support documents and an active forum. Have a look here:

http://wiki.mikrotik.com/wiki/Main_Page

http://forum.mikrotik.com/


Get in touch if you have questions.
 
The stations I engineer use Microtik routers. They are reliable, easily configured for our needs, and are the best bargain in business class IP routers. And powerful and easily managed.
 
You must log in or register to reply here.
Status
This thread has been closed due to inactivity. You can create a new thread to discuss this topic.
Back
Top Bottom