NTP clocks and LAN disconnected from the internet

General discussion about Blue Iris
User avatar
TimG
Posts: 1114
Joined: Tue Jun 18, 2019 10:45 am
Location: Nottinghamshire, UK.

NTP clocks and LAN disconnected from the internet

Post by TimG » Sun May 10, 2020 9:22 am

Hi all,

As some of you know, I use a second NIC in the BI5 pc to keep the cameras physically disconnected from the internet. I then run a NTP time server on the BI5 pc for the cameras to sync with, so that they can show the time whilst BI5 is in Direct to Disc mode (so it can't add BI overlays).

This works well with the Dahua and Ertech cams, and the old analogue SD cams are set for BI5 to add the time overlay since they have none of their own. The odd one out is the Foscam R2. I have tried lots of different settings, but it just won't sync with my local NTP time server. Since the clock is also inaccurate, it soon drifts off :(

Has anybody been able to get a Foscam IP camera working with a non standard local NTP time server ?
BI5 v54904 x64 | Win10 21H1 | Dahua IPC-HDW5231R-ZE, Foscam R2, Ertech 4MP, Neos2, 2 SD cams | BI5:1 i5-3330, 16GB Ram, Multiple SSD and HD, Homeseer 2 HSPhone, TVMosaic | BI5:2 Ryzen 1800X, 16GB Ram, Multiple SSD and HD, Homeseer 4, Emby, DVBViewer.
Matts1984
Posts: 414
Joined: Fri Apr 10, 2020 1:12 pm
Location: Maryland, USA

Re: NTP clocks and LAN disconnected from the internet

Post by Matts1984 » Mon May 11, 2020 1:51 pm

So to directly answer you, no.. I don't have any experience with that specific camera but I do have experience with this situation. I have two cameras that do not let me configure custom NTP addresses. To be fair they do allow me to set reasonable time server options vs only stuff in Russia or China ;) . But anyway, in my situation I do have a firewall front ending my camera network and I have an address translation rule to redirect NTP which works great. It's basically:

'Camera Network' -> Any Internet IPv4 on udp/123 (ntp port) = 'Camera Network' -> 172.16.10.1 on udp/123

Where 172.16.10.1 is my NTP listener on the firewall. I also had to be sure to allow the cameras to be able to run DNS lookups because they are set to use 'time.nist.gov' which they need to resolve. It doesn't matter what they get as a response because it will ultimately go to 172.16.10.1 either way, but they do need to get a resolution or they can't/won't even try. This all is definitely working though.
Blue Iris 5.4.9.x | Server 2019 VM | Xeon X5650 @ 2.67GHz - 12 Cores | 12GB RAM | 7TB RAID | Sophos UTM WAF | 3x SV3C 5MP Bullet A | 2x SV3C 3MP Bullet A | 1x SV3C 5MP Bullet HX | 1x SV3C 5MP Dome HX | 2x Amcrest 5MP Bullet
User avatar
davidf
Posts: 9
Joined: Wed Jun 19, 2019 7:16 pm

Re: NTP clocks and LAN disconnected from the internet

Post by davidf » Mon May 11, 2020 5:47 pm

Hi Tim,

I ran into this once.

It turned out to be that the device in question wanted SNTP instead of NTP. It would not work with a NTP server. Before this happened SNTP wasn't on my radar. When I thought of time I thought of NTP.

Check your NTP server and see if it is configed for both or not, maybe try to find a server on the internet that serves sntp and point your camera to it for a test.

Hope this helps.
Blue Iris v5.3.3.13 | Amcrest IP2M-858W, IP2M-854EW Gadspot NC1600, Cisco WVC210 | i7-4770 CPU, 16GB Ram, 256G SSD and 2T HD|
User avatar
TimG
Posts: 1114
Joined: Tue Jun 18, 2019 10:45 am
Location: Nottinghamshire, UK.

Re: NTP clocks and LAN disconnected from the internet

Post by TimG » Sat May 16, 2020 1:58 pm

The BI5 pc is on my internet enabled LAN, but the cctv is on a secondary LAN via a second NIC that doesn't have internet access. The cameras cannot see the official ntp servers.

I'm running a time server program on the BI5 pc that was recommended for this use, an old program called NetTime. This was set to look up internet sntp servers on port 123. It also has the option to look up RFC868 udp or tdp instead. Since it has the option to set up four time servers, I have set two of them to check the RFC868 servers on port 37.

I don't know if that will work with the Foscam, or if it will break the other cams, but "time will tell" :lol:

It doesn't appear to have any settings for the local time output server, and I don't know what the Foscam is looking for.
BI5 v54904 x64 | Win10 21H1 | Dahua IPC-HDW5231R-ZE, Foscam R2, Ertech 4MP, Neos2, 2 SD cams | BI5:1 i5-3330, 16GB Ram, Multiple SSD and HD, Homeseer 2 HSPhone, TVMosaic | BI5:2 Ryzen 1800X, 16GB Ram, Multiple SSD and HD, Homeseer 4, Emby, DVBViewer.
Matts1984
Posts: 414
Joined: Fri Apr 10, 2020 1:12 pm
Location: Maryland, USA

Re: NTP clocks and LAN disconnected from the internet

Post by Matts1984 » Mon May 18, 2020 1:31 pm

It sounds like your time client on the BI server would do the job, the hard part is getting your cameras to try and talk to it. I have one set of cameras that allow me to configure a time server while the others only give me a list of options (like nist or ntp pool, etc) without the ability to add my own. To make it worse***, they are set to use 'time.nist.gov' which they need a DNS server to resolve before they can try to connect to it.

*** Depending on your Foscams, maybe you could use this to your advantage though. If you're able to determine what they are trying to use for NTP, you could spoof the DNS. It gets a little involved but very doable and honestly seems up your alley :)

If your BI5 pc also ran a DNS server, you could lie to the cameras (if configured to use the BI5 pc as DNS) that 'whatever time server.com' is at the IP of your BI5 pc. Then all of it's NTP queries would just go to your BI5 pc. This is similar to what I'm doing on my installation, only I'm doing an address translation on the actual traffic rather than providing false DNS responses.
Blue Iris 5.4.9.x | Server 2019 VM | Xeon X5650 @ 2.67GHz - 12 Cores | 12GB RAM | 7TB RAID | Sophos UTM WAF | 3x SV3C 5MP Bullet A | 2x SV3C 3MP Bullet A | 1x SV3C 5MP Bullet HX | 1x SV3C 5MP Dome HX | 2x Amcrest 5MP Bullet
User avatar
hotbrass
Posts: 35
Joined: Sat Jan 11, 2020 8:40 pm

Re: NTP clocks and LAN disconnected from the internet

Post by hotbrass » Mon May 18, 2020 3:33 pm

TimG wrote: Sat May 16, 2020 1:58 pm The BI5 pc is on my internet enabled LAN, but the cctv is on a secondary LAN via a second NIC that doesn't have internet access. The cameras cannot see the official ntp servers.

I'm running a time server program on the BI5 pc that was recommended for this use, an old program called NetTime. This was set to look up internet sntp servers on port 123. It also has the option to look up RFC868 udp or tdp instead. Since it has the option to set up four time servers, I have set two of them to check the RFC868 servers on port 37.

I don't know if that will work with the Foscam, or if it will break the other cams, but "time will tell" :lol:

It doesn't appear to have any settings for the local time output server, and I don't know what the Foscam is looking for.
What address do you point the camera to get the time with NetTiime? The PC local address?
nielk
Posts: 7
Joined: Thu Apr 02, 2020 10:07 am

Re: NTP clocks and LAN disconnected from the internet

Post by nielk » Tue May 19, 2020 9:32 am

I have two old Foscam FI9816P cameras connected to my BI5 system. The BI5 system runs an open source NTP client/server (NetTime - http://www.timesynctool.com) and the Foscams use it to correct their time. It's all good ... apart from the Foscams calling the NTP server three times every minute.

From the NetTime log:

Code: Select all

19/05/2020 10:24:18 Sent NTP Response to: 192.168.0.107
19/05/2020 10:24:19 Sent NTP Response to: 192.168.0.107
19/05/2020 10:24:20 Sent NTP Response to: 192.168.0.107
19/05/2020 10:24:22 Sent NTP Response to: 192.168.0.107
19/05/2020 10:24:23 Sent NTP Response to: 192.168.0.107
19/05/2020 10:24:24 Sent NTP Response to: 192.168.0.107
19/05/2020 10:25:22 Sent NTP Response to: 192.168.0.107
19/05/2020 10:25:23 Sent NTP Response to: 192.168.0.107
19/05/2020 10:25:24 Sent NTP Response to: 192.168.0.107
User avatar
TimG
Posts: 1114
Joined: Tue Jun 18, 2019 10:45 am
Location: Nottinghamshire, UK.

Re: NTP clocks and LAN disconnected from the internet

Post by TimG » Mon May 25, 2020 9:10 am

What address do you point the camera to get the time with NetTiime? The PC local address?
Hi hotbrass,

Yes, the BI5 pc has the second NIC with a static IP of 10.0.0.1. There is no router, just a POE ethernet switch and cameras with static IP addresses. The local NTP server is at 10.0.0.1, with port 123. The Dahua and Ertech cams work well with this; it's just that darn Foscam :(
BI5 v54904 x64 | Win10 21H1 | Dahua IPC-HDW5231R-ZE, Foscam R2, Ertech 4MP, Neos2, 2 SD cams | BI5:1 i5-3330, 16GB Ram, Multiple SSD and HD, Homeseer 2 HSPhone, TVMosaic | BI5:2 Ryzen 1800X, 16GB Ram, Multiple SSD and HD, Homeseer 4, Emby, DVBViewer.
User avatar
TimG
Posts: 1114
Joined: Tue Jun 18, 2019 10:45 am
Location: Nottinghamshire, UK.

Re: NTP clocks and LAN disconnected from the internet

Post by TimG » Mon May 25, 2020 9:25 am

I have two old Foscam FI9816P cameras connected to my BI5 system. The BI5 system runs an open source NTP client/server (NetTime - http://www.timesynctool.com) and the Foscams use it to correct their time. It's all good ... apart from the Foscams calling the NTP server three times every minute.

From the NetTime log:
Hi nielk,

That sound very similar to my NTP set up. You have the same local NTP server, and it works with your Foscam's. I checked NetTime for the log, and realised I had set it to "None" to prevent hidden files getting too big. It's back on now, so that may give a clue.

Can you tell me more about your Foscam NTP settings ? I must be missing something simple :?

Device status shows NTP Status as failed.
Camera time has a tick for "sync with NTP server", and "NTP server" shows 3 dots (It's that, auto, or preset NTP servers).
"Enter the NTP server" is set to 10.0.0.1
BI5 v54904 x64 | Win10 21H1 | Dahua IPC-HDW5231R-ZE, Foscam R2, Ertech 4MP, Neos2, 2 SD cams | BI5:1 i5-3330, 16GB Ram, Multiple SSD and HD, Homeseer 2 HSPhone, TVMosaic | BI5:2 Ryzen 1800X, 16GB Ram, Multiple SSD and HD, Homeseer 4, Emby, DVBViewer.
ctfjr
Posts: 40
Joined: Mon Oct 14, 2019 5:43 pm

Re: NTP clocks and LAN disconnected from the internet

Post by ctfjr » Thu May 28, 2020 11:13 pm

Hi TimG Thanks for starting this thread. I've been meaning to do something like this for a while (install a time server client on my pc).

You got me to thinking today and in literally 5 minutes I had a solution. I have a couple of Synology NAS' on my network. With 2 keystrokes I had my NTP :)
With a couple of minutes on each camera I had them all providing their video stream with the time/date overlay.

To be honest I don't see much of a drop in cpu usage, maybe 1-2% but I feel better - I actually accomplished something today :)

Have a great day!
Post Reply