and opened a port to be forwarded the OP2 device. Not sure if I needed to do that as DMZ opens up all ports.
Yup; you don't need to because the IP of the OPII is in a DMZ.
Maybe don't even need DMZ opened up?
Personally its easy but you only need one port anyways to the OP2 open. Its just easy and there should be no issues caused by other devices on your network.
The firewall is internal to your network that is behind another firewall to the internet.
The other ports I opened only relate to management of the firewall as typically the default is no access via the red interface for management (rather its just the blue interface for management). (SSH or HTTP or HTTPS).
I also update the firmware of the router this way.
How do the devices communicating to the new router actually make it through to the OP2?
All of the devices that talk to the OP2 see the red interface as a direct connect to the OP2.
The Red network interface on the router talks to the Blue interface on the router and the IP of the OPII panel.
You configure network chit chat connection by telling your router to forward/allow the network traffic from one port (red NIC) to the other port (blue NIC) and then to the OP2.NIC.
IE: like you have today on your home LAN / network. You have one pipe / one dynamic or static IP address to the internet shared to all of the devices on your home network.
You tell those home network device the route to the Internet by providing a gateway IP address (your home firewall) and a DNS IP address (which can be the same one). This is manually when you configure a static IP address or automatically if the device on your network is using DHCP.
Only difference is that you have only the OP2 device on the blue side of the network and it is statically configured as the OP2 doesn't do a DHCP request.
However my one OT7 seems to flake out occasionally and reboot
I have read about similiar issues with other folks and their OT7's and running CCTV stuff? It is making the Android OS do a bunch of processing which causing it to hiccup.
There have been many updates to the OT7 since the beginning. I do not see my Omnitouch Pro embedded Wintel screens hiccup but that is using old software.
Here my very old OmniTouch 5.7e's make tiny SD 4:3 CCTV videos and I have to squint to see any details on them. The oldest Omnitouch 5.7's make bigger SD videos but they are a bit blurry.
Thinking still its just relating to an older network interface that is very promiscuous and see everything traffic related on your network. I didn't have issues here until the number of networked devices / traffic went way up. I have another OP2 panel in another home that hasn't ever been touched. The network there is much smaller and I have never had any issues with it.
I have sort of hybrid of old HAI CCTV stuff (IE: HAI Analog VIdeo hub and my NVR's and my Axis servers and my encoder / decoder). IP video goes to the encoder / decoder as an IP. From the box it goes analog to one port on the old HAI Video hub then to the Omnitouch 5.7's. On the IP side the cams talk via the NVR or directly to the Omnitouch 5.7e's configured in PC Access.
You can if you want organize your network and document to a spreadsheet such that it is easier to manage. Just something to think about. Here when I add a device to the network, I change the name of the device to something I remember and the IP to some subgroup of IPs.
1 - use the same mask as you are using today: 255.255.255.0
Divide up your network to:
1 - static IP'd devices / then organize your static IP addresses. Here a network switch is in one group of IPs, NAS boxes in another group, desktops, TV box (XMBCs) are in another group, touchscreens in another group.
2 - DHCP addresses - the scope is the from and to address range - number of devices you want using DHCP - Mostly here used for tablets, laptops, phones et al
3 - statically assigned DHCP addresses based on the MAC address of the hardware. Here I have configured my HDHomerun boxes and 3 Com Intellijack devices (like little mini POE managed switches).
Think too if you want a small low energy device that you can put inside of your panel; consider the tiny
TP-LINK TL-WR710N 150Mbps Wireless N Mini Pocket Router, Repeater, Client, 2 LAN Ports, USB Port for Charging and Storage
It is on Amazon for $22.28 with free shipping or 2 day shipping with Amazon Prime. It takes literally 5 minutes to change the TP-Link firmware to OpenWRT. The 5VDC pins on the TL-WR710 are easy to find. You can also utilize the wireless on this device although I am not sure it would work very well inside of the HAI can.
Here is some basic networking stuff for quick reading.
Layer 2 is the data link where data packets are encoded and decoded into bits. The MAC (Media Access Control) sub layer controls how a computer on the network gains access to the data and permission to transmit it and the LLC (Logical Link control) layer controls frame synchronization, flow control and error checking.
Layer 3 provides switching and routing technologies, creating logical paths, known as virtual circuits, for transmitting data from node to node. Routing and forwarding are functions of this layer, as well as addressing, internetworking, error handling, congestion control and packet sequencing.
To
summarize:
Layer 2 Data Link: Responsible for physical addressing, error correction, and preparing the information for the media
Layer 3 Network: Responsible for logical addressing and routing IP, ICMP, ARP, RIP, IGRP, and routers
Some advantages of Layer 2 include lower costs, only requires switching, no routing gear is necessary and offers very low latency. Layer 2 also has some significant disadvantages such as the lack of router hardware, leaving them susceptible to broadcast storm and the additional administrative overhead of IP allocations due to flat subnet across multiple sites.
Layer 2 networks also forward all traffic, especially ARP and DHCP broadcasts. Anything transmitted by one device is forwarded to all devices. When the network gets too large, the broadcast traffic begins to create congestion and decreases network efficiency.
Layer 3 devices, on the other hand, restrict broadcast traffic such as ARP and DHCP broadcasts to the local network. This reduces overall traffic levels by allowing administrators to divide networks into smaller parts and restrict broadcasts to only that sub-network.
Sniffing the network and network packets is a network diagnostic means of looking at bits and pieces of communications between different devices or broadcasts on your network.
There is software now too that interprets these values of bits and pieces.
One work thing back in the 1990's was a mandatory sniffer class. It was an eclectic group of us folks taking the class in San Diego
One day the discussion went to the difference between a brouter and a router.
The brouter / router discussion quickly escalated to and whom should have won / won the American war of Independence (1775–1783). Then folks started to get really vocal standing up in the chairs and shaking their fists.
It did make for a lively network sniffer class.
Let us know how it goes. I am curious as I have now been doing this with my OPII for some time now.