Today, IP networks are used throughout TV stations for such things as automation systems, video servers, encoding systems, microwave transmitters and receivers, switchers and remote-control systems. They are everywhere, and that makes them very important to the operation and stability of the stations that use them. Sometime soon your entire facility will be networked together to allow all the various pieces of equipment to work together to monitor and control the flow of your signals as well as the signals themselves.
This makes the understanding of IP networks very important to today’s engineers. As the network becomes more involved with the operation of the TV plant, not knowing how to design and operate one is not an option. One of the best ways to understand how an IP network operates is to understand how to plan for and design one.
As with most successful endeavors, it all starts with a plan. What will this network be used for? Will it be several workstations tied together to share printers and an Internet connection, a campuswide LAN/WAN with hundreds or thousands of workstations and associated equipment, a monitoring network at the transmitter with a dedicated data link back to the studio? Each of these scenarios presents a different set of planning and design challenges. (See Figure 1.)
If the purpose of the network is to monitor and control equipment at the transmitter, then you will need some sort of data link back to the studio. At the studio, will you just connect each system (automation, video servers, routing switcher, etc.) to itself or tie them together? As for the speed of the network, will there be any audio/video file transfers, TSoIP or other high-data-rate signals? If not, 100BASE-T, or even 10BASE-T, will do fine. Will this network be tied into any others as a subnet or just integrated? What type of security will be used and is it enough? (Although the chance of your network being compromised is small, that will be of little consolation if the whole network goes down at a critical time.)
All these questions and more need to be answered before designing any network for a broadcast facility.
At the transmitter, most new equipment, from microwave radios to SDI/ASI routers, has Ethernet ports that allow them to be monitored and controlled. Will you use an Internet connection with a firewall and virtual private network to gain access, or go all-out and have a dedicated data link installed between the transmitter and studio? Another option is to use the 45MB digital microwave STL/TSL as a data link. These are the kind of questions that arise when setting up networks at remote sites. You can also put in a backup link using the phone line if the site is that important. (See Figure 2.)
Harris has developed a system to handle these sorts of problems called eCDi. By integrating all remote monitoring and control into a single package, this system even allows you to use your PDA or smartphone to control your transmitter site.
By tying all the separate networks together, you can simplify the overall design and operation of the on-air networks. It makes sense to separate these small networks into subnets to protect them from each other and outside threats. In this case, they would be composed of subnets to keep data on one from being seen on another, but allow you to access any of the systems by connecting to only one network. (See Figure 3.)
Without the use of subnet, situations such as the one described in an earlier installment of this newsletter (Network troubleshooting) can happen, where one device improperly set up can disrupt the entire network. Subnets can prevent this from happening, which is why planning for and implementing them is so important.
In today’s world, network security is very important. It starts with individual users and extends to the hardware and software. Firewalls can be an important part of securing a network from the Internet, as are patch panels, where the network can be disconnected from it manually. Also, for the most secure installations, blocking all but the required sites will also help to keep your network safe by using hardware devices. Although there is site-blocking software, it needs to be installed on every computer, which is more difficult to maintain.
Security also extends to the physical plant. Is your data server secure? Can someone walk in and plug into your network and gain access? Are the patch panels and network switches in a secure area? These are some of the areas that need to be addressed and many of them are as simple as keeping important equipment behind locked doors and using secure passwords. Microsoft provides a Web site just for testing passwords to see how secure or strong they are, and it gives tips on how to choose better passwords.
To keep on-air networks safe from the Internet, some broadcasters just disconnect their network from the Internet when it’s not in use. This is the most assured way to protect your network. Whenever remote access is required by the manufacturer to do an upgrade or diagnose a problem, the engineer just plugs in a network patch cord connecting that system to the Internet and disconnects it when done, but this may be impractical in some situations. A telephone-controlled power switch can overcome this problem by remotely turning on or off the power to the firewall or network router. These are also used to remotely reboot important computers without having to physically be in the studio.
Many of the industrial computers supplied today come with at least two Ethernet ports. One port is used for the computer to communicate with the rest of the system it’s a part of, but the second one can have a completely different network setup (e.g. IP address, subnet mask, gateway). This can be the maintenance port that does not interfere with the dataflow of its normal operations.
At one TV station, when the automation system was installed, all four computers plugged into a network switch, and the default network settings from the supplier were used. When the video server showed up, it used several computers all plugged into a GigE switch, and, again, the network setup that came with the system was used. Finally, when the encoding system arrived, the default network settings were used as well.
All of these systems worked fine alone, but when operators wanted to use the master control workstation to access both the automation and video servers, they had to install a second network interface card (NIC) in the workstation so it could access two unrelated networks. And when they wanted the new GPS master clock to feed network time protocol (NTP) to all of the on-air systems, they found that it was difficult to do. These separate, unrelated networks were now causing a problem in that they could not communicate between each other or share a common address where a single workstation could monitor and control them all.
This is what subnets are for: They allow a larger network to be broken up into smaller subnetworks or allow a common addressing scheme to share needed data. They can also isolate data common to just that subnet. The automation system, video server and master control would be on their own subnets. Whenever a message was sent from one subnet to another, it would pass through a network router. In a subnet configuration, a workstation with just one NIC could communicate with all the subnets, and the installation of the NTP could be easily accomplished. (See Figure 4.)
The next tutorial is cover subnets and how they work.
Continue reading part two of Network planning.