Network Resiliency for Video Surveillance at the Hardware Level

Mar 1, 2019 | Blog

While looking into multiple Video Management Systems (VMS), it reveals many options provide sustained operational status. Primary, secondary, and failover databases, redundant recording locations, as well as service failover helps to provide continuous uptime.

The demand for high availability in physical security systems requires a highly available network to provide the highway so that video data can be seamlessly transported. Alongside each of these critical applications, a VMS is only capable of delivering highly available performance if the underlying network is also designed with high availability in mind.

Some of the critical events to consider when designing the core of a video surveillance network:

  • Failure of a single core switch, resulting in a complete loss of video delivery and operational status.
  • Software updates (or maintenance windows) for a single core switch will result in a complete loss of operational status.
  • Failure of any uplink from an edge device (without redundancy) will result in regional loss of data.

Obtaining core resiliency can be achieved in a multitude of ways and provides numerous levels of redundancy. Depending on the project, choosing the proper level of resiliency is critical to building and deploying the right network infrastructure.

The most simplistic way of providing a resilient core is by switch stacking. Switch stacking is a method where multiple switches are connected via stacking cables to represent a single logical switch. Enabling this method of resilience offers a basic approach to provide resiliency through aggregated links from edge switches.

To increase resiliency, using a dual-core layer 2 switch configuration increases availability and performance. The network contains a linked pair of switches at the core, with redundant fiber connections to edge switches and devices. Implementation of the spanning tree protocol ensures that a Layer 2 loop is not created. Aggregated links back to the core put one link in an active state, and the other in a passive state.

For faster convergence in the event of a switch or device failure, dual-core layer 3 configurations allow for consistent video delivery. Depending on the VMS, each having its own tolerance to network outages, layer 3 protocols such as Open Shortest Path First (OSPF) and Intermediate System to Intermediate System (IS-IS) offer higher reliability than a dual core layer 2 set up. In this configuration, both links from edge devices are active, load balancing, providing convergence that is usually sub-second, preventing potential VMS outages.

Above: Virtualized core with MLAG, with LACP uplinks to edge switches

With the advent of virtualization, many network switches offer the ability to provide a virtualized core via multi-chassis LAG/MLAG to virtualize each switch to represent one core logical switch. In this state, each switch and aggregated link is active and load balancing at all times, providing high availability and sub-second convergence within the network.

Above: Shortest Path Bridging redundant core switches, with LACP to edge switches for increased bandwidth

To achieve always-on video, as well as true high availability, IEEE 802.1aq aka Shortest Path Bridging is the optimal solution. Shortest path bridging allows for each core network switch to maintain its own local resources for higher scalability, in addition to providing active uplinks to all aggregated network devices. With shortest path bridging, the convergence of tens of thousands of video streams can converge sub-second, in addition to having the benefit of automating deployment.

Ensuring network availability is critical to maintaining the integrity of video data being delivered to the VMS. While a VMS can offer multiple layers of resilience at the application level, the underlying network is critical for maintaining those mechanisms are properly able to function.