Network Addressing for Video Surveillance Guide

Author: IPVM Team, Published on Mar 14, 2018

The goal of this guide is to explain addressing devices on IP networks, focusing on how IP cameras and recorders are used in those networks. For even more IP networking basics, see our IP Video 101 Training.

Inside, we cover the following topics and their impact on surveillance/security networks:

  • MAC Addresses
  • Multiple MACs Possible
  • Manufacturer OUIs
  • OEM Devices
  • IP Addresses
  • Address Conflicts
  • Subnet Mask
  • Subnetting Large Deployments
  • Default Gateways
  • IPv4 vs IPv6 Formats
  • Video and IP Addresses
  • Dynamic vs. Static Addresses
  • Public vs Private Addresses
  • Zero Config
  • Network Classes
  • Loopback / localhost
  • Test Yourself

MAC Addresses

All network devices (PCs, servers, cameras, switches, etc.) have a fixed address, called a MAC address (Media Access Control), a unique 12 character identifier, such as:


Since MAC addresses are issued at the factory and do not change, they are often used for identifying devices on a network even if the IP address is unknown or has changed.

Multiple Network Interface = Multiple MACs

If a device has multiple network interfaces, it may have more than one single MAC address as the MAC is associated with a device's network interfaces, not the general device. In the case of cameras with multiple network connections (e.g., a camera with both a wired ethernet port and an integrated wireless radio), the device would have multiple MAC addresses.

Since the vast majority of cameras include only a single ethernet port, the MAC address could be/is often indirectly used to describe the entire camera.

Organizationally Unique Identifier

Get Video Surveillance News In Your Inbox
Get Video Surveillance News In Your Inbox

The first six digits of a MAC are called the OUI, and each manufacturer is assigned one or more unique identifiers. For example, these are the OUIs of some common cameras manufacturers:

  • Avigilon: 00:18:85
  • Axis: 00:40:8C, AC:CC:8E
  • Bosch: 00:01:31, 00:04:63, 00:10:17, 00:1B:86, 00:1C:44, 00:07:5F
  • Dahua: 4C:11:BF, 90:02:A9
  • Hikvision: 44:19:B6, C0:56:E3
  • Samsung (Techwin): 00:09:18
  • Sony: 00:01:4A, 00:13:A9, 00:1A:80, 00:1D:BA, 00:24:BE, 08:00:46, 30:F9:ED, 3C:07:71, 54:42:49, 54:53:ED, 78:84:3C, D8:D4:3C, F0:BF:97, FC:F1:52

In the case of manufacturers such as Sony, which are part of a larger conglomerate, it is difficult to know which of these OUIs is used specifically for security without scanning devices, as they are listed simply as "Sony Corporation" in OUI lookups. Here is an OUI to manufacturer lookup engine that lets you put in any manufacturer (IP camreas, DVRs, PCs, etc.) and find their OUIs.

OEM Devices

In cases where manufacturers OEM their devices from another, which OUI is used depends on manufacturing agreements. For example, checking the MAC address of a Q-See camera (90:02:A9:1D:DA:E6), it is listed as Dahua, seen in the results from an IP scanning tool below. Others, however, show the OUI of the manufacturer relabeling the camera.

IP Addresses Defined

In video surveillance, many components are IP addressed, including IP cameras, encoders, recorders, access control panels, and more. The IP address of a camera is used to add it to a VMS or NVR, while client software connects to the VMS or NVR typically via its IP address.

An IP address (IPv4 specifically) consists of four parts (called octets because they contain 8 bits of data) ranging in value from 0-255, separated by periods, such as:

The IP address is divided into a network address (192.168.1 in the example above) and a host address (.49 in this case). On a single LAN, the network address is typically the same for all devices, while the host address differs. So,, and all reflect different devices on the same network.

Analog vs IP Cameras IP Addressing

Analog cameras (whether SD or HD), by definition of being analog, do not have or need IP addresses since they have no network interface. However, analog cameras are generally connected to recorders or encoders that do have network interfaces and therefore use IP addresses.

IP Address Conflicts

If more than one device attempts to use the same IP address, generally neither will be able to connect to the network. On PCs, the user is typically notified that a device has connected and is causing an IP address conflict. However, if two cameras share the same address, errors will typically not be generated, but cameras may randomly go offline or not stream video to a recorder, leading to wasted troubleshooting time.

Note that some manufacturers ship their cameras with a hardcoded default IP address. Plugging more than one into the network at a time may cause address conflicts, so these cameras must be connected one at a time and re-addressed. Installers should check if their chosen manufacturer(s) use default IP addresses and plan initial setup accordingly. An IP Scanner may save you time and frustration.

Subnet Mask / Subnetting

Subnet masks are an advanced topic in IP addressing, outside the scope of this report. Essentially, a subnet mask determines which parts of an IP address reflect the "network" vs. the "host." In practice, the vast majority of networks, surveillance included, use default subnet masks for the IP address class (discussed below), most commonly In class B networks, e.g., 172.20.x.x), the default subnet mask is

Subnets In Large Deployments

For larger camera networks which require over 255 device addresses, subnet masks are most often used to expand the network to an additional subnet or subnets. This is done by changing the last octet of the mask. For every bit that is removed, an additional 255 host subnet becomes available.

As a practical example, changing subnet mask from to on a network allows users to expand into the network without using a router, a total of 510 hosts instead of 255, effectively doubling available IP addresses. Changing the mask to expands this further to 2046 IPs (

To see how subnet masks impact available addresses, users may refer to commonly available subnet calculators.

Default Gateways

Generally, and typically in video surveillance, the term "default gateway" is synonymous with routers. IP cameras and DVRs, like PCs, have fields to enter the address of the default gateway. In practice, this means the address of the router — the "gateway" to the internet.

The default gateway is needed for computers on other networks to access the IP video surveillance equipment. For example, users at a remote site or on their phones would typically not be able to connect to an IP camera or recorder that does not have a default gateway set. Sometimes, in security applications, not entering in a default gateway is done on purpose, to block any access to the system.

IPv4 vs. IPv6

Because the use of the internet has expanded over time, concerns about the number of addresses available using IPv4 format arose (called address exhaustion), lead to the development of an expanded address format, IPv6.

Unlike IPv4, which uses 32 bits (8x4) for each address, IPv6 uses 16 octets (128 bits total), displayed in hexadecimal (0-9 + A-F). Each group separated by colons represents two octets. For example:


This increase in address size results in approximately 34 undecillion addresses, a huge increase over the IPv4 limit of about 4.2 billion addresses.

Many networks support either and both formats, and most modern IP cameras can be configured to use either format. Note that the same format should be used throughout.

IPv4 for Surveillance

Despite IPv6's larger address pool, IPv4 continues to be the dominant format used. Especially for private networks, with a finite number of connected devices like a surveillance system, address exhaustion is not a practical problem. IPv4 remains easier to use and administer, and there is little or no reason to use the more complex IPv6 format.

IPv6 Growing For Internet Addresses

Despite its limited use in surveillance networks, Google reports that IPv6 usage among their users has jumped from ~10% in 2016 to ~20% so far in 2018. This comes after taking 20 years (from IPv6's RFC adoption in 1996 until 2016) to reach 10%.

This growing adoption may increase use in internal networks, but IPv6 is likely to remain limited to the public Internet for some time.

Static vs. Dynamic Addressing

Devices may be set with either a static (does not change over time) or dynamic (changes periodically based on lease time) IP address. Because cameras and NVRs are typically fixed devices and configured to communicate via IP address, giving them dynamic addresses may cause issues when the IP changes, forcing users to reconfigure devices. Therefore, all devices in security systems are typically manually assigned static addresses. Using dynamic addresses for devices that need to be found via their IP address is comparable to trying to deliver postal to homes in a town where the houses are renumbered and the streets are renamed periodically.

However, there are some cases in which dynamic addresses may be used.

  • When setting up a new surveillance network, a DHCP (dynamic host configuration protocol) server is often used to temporarily assign IP addresses to devices so they may be reached for configuration. for example, a new camera connected to the network receives an address from the server, which the installer users to perform initial configuration and assign a permanent address.
  • Some less crucial devices, such as client PCs and tablets may be dynamically addressed. Since these devices are typically used only periodically, and generally do not need to be reached for configuration or connected to a VMS by IP address as cameras are, assigning them a dynamic address is often sufficient.

For more detail on why static addressing is best practice for IP video systems, read our Dynamic vs. Static IP Addresses post.


There is a subset of dynamic addresses available in use by zero-configuration, commonly called zeroconf, which allows devices to use a dynamic address without a DHCP server in place. In surveillance, the most common example of this is initial setup of IP cameras. Connecting a laptop directly to a camera, with both devices set to use dynamic addressing, they will both be automatically addressed to an address beginning with 169.254. This allows initial configuration to be performed and the IP address changed without needing a DHCP server (note that many, but not all, current cameras support this).

Loopback / localhost

The address is the localhost / loopback address and serves two purposes. As the loopback address it is used for testing the TCP/IP protocol stack. If a machine has network connectivity problems, it is way to test that the NIC and protocol are functioning correctly as shown below:

When used as the localhost, it lets system know that the target is the same as the host. This is commonly used when a client is running on the same machine as a server and for web applications. The screenshot below shows a machine running Exacqvision server and the client on the same machine. The client connects using localhost.

Below is an image of machine running PRTG, where entering into a browser on that machine brings us to the web interface for PRTG.

Network Classes

In general, the relationship between potential unique addresses in a network, and total potential number of unique sub-networks supported is a decision well beyond a surveillance system. The three most common network classes are limited as follows:

  • Class A: This type supports over 16 million IP addresses per network, but only supports 128 different subnets. (From to
  • Class B: The type supports over 65,000 IP addresses per network, and about 16,000 different subnets. (From to
  • Class C: This type supports only 256 IP addresses per network, but almost 3 million subnets. (From to

The vast majority of surveillance/security networks use class C addresses, as the number of devices simply does not require other classes.

Private/ Public Networks

Every device on the Internet has an IP address, but not every networked device is on the internet. The difference is the boundary between private vs. public networks. For example, an IP Video network might consist of hundreds or thousands of cameras without a single unit being directly connected to the internet.

Typically only a few tightly controlled devices like routers or firewalls are given a public IP address. However, some recorders or IP cameras may be publicly available (example 1, 2) on the web. This is far more common in consumer/residential and small office use than midsize and enterprise systems, which typically demand tighter security, with organizations' IT department preferring not to open these devices to the internet.

Portions of the "172" and the "192" address ranges are designated for private networks. The remaining addresses are "public," and routable on the global Internet. Private networks can use IP addresses anywhere in the following ranges:

  • - (65,536 IP addresses)
  • - (1,048,576 IP addresses)
  • - (16,777,216 IP addresses)

In modern systems, IP addresses are associated with subnet masking, which helps regulate traffic within a network at the expense of adding a trivial configuration step. Most surveillance systems are installed on a class C network, as evidenced in our Which Private IP Addresses Do You Use For IP Video? discussion, in which 50% of respondents said they use 192.168.X networks for their installations.

Test Your Knowledge

Take this 10 question quiz now

[Note: This guide was originally published in 2015, but substantially updated in 2018 to reflect IPv4/IPv6 changes, subnet masking information, and more]

10 reports cite this report:

ADI W-Box Dropping Hikvision (Tested) on Mar 05, 2018
The next generation of ADI's W-Box (ADI's competition against their manufacturing partners) is here. And unlike the previous generation, which was...
Remote Network Access for Video Surveillance Guide on Feb 21, 2018
Remotely accessing surveillance systems is key in 2018, with more and more users relying on mobile apps as their main way of operating the system....
Multicasting Surveillance Tutorial on Jan 04, 2018
Network bandwidth can be a concern for some surveillance systems. While improvements in video codecs, such as smart codecs for H.264 and H.265,...
QoS for Video Surveillance on Dec 29, 2017
Along with VLANs, QoS is one of the most misunderstood topics in IP surveillance networks. Many purported "experts" claim it is required in any...
Access Control Commissioning / Install Checklist on Aug 03, 2017
This 80+ point checklist helps end users, integrators and consultants verify that access control installation is complete. It covers the following...
Panasonic OEM Dahua Camera Tested on May 03, 2017
Panasonic is now OEMing a series of cameras from Dahua, known for their backdoor, various other problems and their rapid expansion of direct sales...
Video Surveillance Commissioning / Install Checklist on Feb 08, 2016
This 60+ point checklist helps end users, integrators and consultants verify that video surveillance installation is complete. It covers the...
IP Networking Course Fall 2015 (CLOSED) on Oct 08, 2015
This is the only networking course designed specifically for video surveillance professionals. The next IP Networking for Video Surveillance...
IP Network Setup Guide for Surveillance on Apr 06, 2015
In this guide, we teach the fundamentals of setting up an IP video surveillance network, taking factory default cameras through to a fully...
NMAPing IP Cameras on Mar 05, 2015
The Hikvision hack has increased security concerns. Indeed, most users do not know whether they are vulnerable or not, which ports of their...

Comments (30)

Only IPVM PRO Members may comment. Login or Join.

Will IPv4 be discontinued in the near future?

Mel, if by the near future, you mean 2030, then yes :)

Otherwise, IPv4 will be the dominant IP addressing scheme for years to come.

IPv6 is definitely gaining ground now after more than 15 years of hype and claims, adoption is still fairly limited today.

I think there is no question that It will be discontinued.

I saw another another article just yesterday about how the US is running out of IPs. The answer being--ISPs are going to go to IPv6 any day now.

But most *devices* are not directly connected to the public internet, and are instead NATed behind a firewall. There are millions of devices that all have the same 192.168.x.x IP number and that's just fine.

I realize that IPv6 is designed to do away with NAT, but I really struggle with imagining this happening any time soon.

So I think a more likely answer is, yes IPv4 will go away for devices connected to the public internet, but IPv4 will remain for quite some time longer on the LAN.

In the IP networking course, we do an assignment asking attendees to look up their public IP address. With ~100 responses recently, less than 10 had IPv6 addresses now.

Everyone knows the timeframe for general adoption of IPv6 is 18 months and has been since 1995. ;)

I would not say near future. It is slowly being exhausted out due to the fact there are no more IPV4 addresses to assign new end users. We have exhausted our limit and that is why IPV6 was created. Now, with that being said, millions and millions and millions of orginizations are still using their IPV4 address and they have no intentions on changing it over to IPV6. With the change, think of all the networking peramiters that would need to change as well to induct the new scheme into a live network. On a commercial level the practicality of that does not exist. It would cost to much money, cause to much downtime, and would have zero benifit to the company. In our lifetime I do not see IPV4 disapearing. However within the next couple of generations yes it is possible as more and more companies / homes / end users dissolve.

What about DNS server settings?

Preferred DNS server and Alternate DNS server. What are these settings about and should we be concerned about them?

Generally, IP cameras are not assigned domain names because it tends not to be necessary nor worth the cost.

For example, let's say you had an IP camera and its IP address was You could theoretically assign it the domain name Then people or VMSes could connect using that domain name instead of the IP address.

Domain names are most valuable when:

(1) People are trying to connect to devices. If you want to go to, it's a lot easier to remember that then (which is our current IP).

(2) The IP address might change. IP camera addressing rarely needs to change unlike web servers (e.g., we might decide to host on another provider). Having people use the domain name allows them not to worry or even know if we can change IP addresses.

That said, you could assign domain names for IP cameras and some do, but it's uncommon.

Hi John,

I have been using No-Ip for DDNS in DVR installtions that do not have a fixed IP and I enter this information in the DDNS area of the network settings in the DVR.

But also in the network settings under TCP/IP where I set the Static IP and Default Gateway are settings for Preferred DNS at (default) and Alternet DNS (default).

I dont change these but I have noticed on some systems that the settings are different but did not worry too much about it as long as I was ablet to get remote access through No-Ip.




The DNS servers are run by Google and are highly available (and fast) across the world. They're typically always going to work well for you, unless the corporate network policy requires that the local DNS servers be used.

In cases where you're seeing a default DNS configuration--those are coming from the local network's router, and should be viable as the local network is telling the device "here's the best DNS server for you to use." I do sometimes see cases where the local router hands out a bogus (or slow/broken) DNS server. In which case (as in your case if you're having problems getting to No-Ip), you'd want to override the default--and is as good an alternative as any.

Jim, I interpret your question as "what do I do about setting a DNS server in my IP camera configuration, should I be concerned about it?"

Short answer, probably not.

A Domain Name Server (DNS) setting allows the device to look up a domain name and translate that into an internet addressable IP number. In the case of surveillance equipment, this would only be required if the surveillance equipment had some reason to directly contact that external service. For IP cameras, they typically only address the local network (i.e, their VMS server). Specifically IP cameras tend to act as slaves to the rest of the local system, passively waiting for a VMS to connect to them and pull video or communicate with their API. They tend to not initiate contact to the rest of the system, and more rarely still to services on the internet.

If there are some features of the IP camera software that require communication with external services on the internet, then DNS might come into play. If that's the case, the local network's router typically provides a default DNS server (often the router itself) or some other configuration for a viable DNS server (often the local network's upstream network DNS server) for the device to use. This would be provided as part of the initial DHCP dialog with the network, and in most cases persists even after the camera's IP has been converted to static.

If you're concerned with the DNS server settings in your NVR/VMS system, then chances are they may be necessary more frequently than on an IP camera, but the same configuration issues as above apply.

So the long answer is, you're probably okay with using whatever the default may be provided by the local network.

Note that some security minded corporate networks only allow DNS from their internal DNS Servers. In those cases that DNS server IP would be provided by the LAN router, or the network's administration would provide instruction.

Thanks guys,



Can a device with only one nic have more than one mac address, and conversely can a device with only one nic have more than one mac?
or more simply does every nic have a mac? when we speak of a network interface is that the effectively the same as a network interface card?

Generally speaking, it's one MAC per NIC and one NIC per MAC.

There are dual Ethernet adapters with two jacks of course, but logically they're considered two NICs even though it's one card.

In any event, as far as modern computers go, discreet NICs are rare as most systems now have embedded the controller in the motherboard. But we still call it a NIC. ;)

Though I have seen adapters change their MAC during boot. For instance if a device is MAC spoofing, it might first show as it's factory assigned MAC for a second or two before switching to the spoof MAC.

In the Network Classes chapter it states -

  • Class C: This type supports only 256 IP addresses per network, but almost 3 million subnets. (From to

Why does the address stop at and not for the range of IP's fall in that class. Is it because is the start of Class D?

Does anyone know if there's a tool to detect the IP addresses of any network device on a network and indicate if there is an IP conflict between 2 devices? It would be very valuable since I've seen some installs where there were IP conflicts between a camera and a keypad and that caused both devices to go on/off line. It was by luck that we found the issue.

There are multiple tools capable of mapping a network to see active IP Addresses. However none of these tools will show you if an IP Address is in conflict. It will just show you which IP Addresses are being used during the time of the scan.

Does anyone know if there's a tool to detect the IP addresses of any network device on a network and indicate if there is an IP conflict between 2 devices?

Sure, arpwatch is a simple one used in Linux. There are also windows ports.

Thanks for the quick reply and answer!

Very interesting read and information. I don't typically deal with the install or programming side of things, but very good information to have.

What is difference between the IP address, and the subnet address? as this subject is new to me I just need a more clear understanding.

thank you

The IP address is a unique number assigned to one device. The subnet mask defines what parts of that IP address are associated with the network and which are the host.

I am learning :-)

Small error in the ipv6 example ip address. The 3 rd and 4 th octets consist of five digits in stead of four...

Just wandering. a lot of devices from different brands seems to Class C IP addresses starting from 192.168.x.xx. Is there any reason why?

The range of – is a private Class C address range that is not routable on the internet. Thus, it allows devices to be shipped with an IP and not conflict with other devices on the internet. Usually you will see a private IP address of some sort for devices that are shipped.

Others are – & –

There is no mention of the exclusivity of the address being loopback. Might be something to add to this article.

the address

Setting a camera to an ip of ensures the ultimate network hardening ;)

Jon - Thank you. I just added a loopback / localhost section to the report.

"There's no place like"

Related Reports

Final Day - Save $50 - April 2018 IP Networking Course on Mar 22, 2018
Today, March 22nd is the last day to save $50. Register now and save. NEW - 2 sessions per class, 'day' and 'night' to give you double the chance...
Network Racks For Surveillance Guide on Mar 21, 2018
In this guide, we look at network rack infrastructure, one of the fundamentals of IP video surveillance. Inside, we cover: What is a rack unit...
Camera Form Factor Guide on Mar 16, 2018
When selecting surveillance cameras, users may choose from a number of different form factors, each with its own unique strengths and weaknesses,...
Access Control - Restricted Keys Guide on Mar 15, 2018
Not all doors, even in larger facilities, can justify using electronic access control. And even for doors that do have electronic access control,...
Panasonic Selling Off Security Camera Factory on Mar 14, 2018
Panasonic is OEMing cameras from Dahua, as IPVM testing confirmed in 2017. Now, Panasonic is selling their security camera factory, according to...
Favorite Camera Manufacturers 2018 on Mar 12, 2018
A number of major moves in integrator's favorite camera rankings for 2018: Two manufacturers make major moves up One major manufacturer moves...
IPVM Camera Calculator User Manual / Guide on Mar 09, 2018
Learn how to use the IPVM Camera Calculator. The guide below includes instructions, images, gifs, and videos demonstrating and explaining the...
PoE for IP Video Surveillance Guide on Mar 08, 2018
This guide provides comprehensive explanations of the elements in selecting and using Power Over Ethernet with IP cameras, covering: PoE vs Low...
Vehicle Gate Access Control Guide on Mar 07, 2018
Vehicle gate access control demands integrating myriad systems to keep unauthorized cars out. Everything from high voltage electrical, to...

Most Recent Industry Reports

Top 4 Biggest Problems Selling Access Control on Mar 23, 2018
We received 150+ responses from integrators when we asked them "What is the biggest problem you face when selling electronic access control?...
US / China Tariffs Impact on Video Surveillance on Mar 23, 2018
On March 22, 2018, the US issued a Presidential Memorandum on the Actions by the United States Related to the Section 301 Investigation, with 3...
Final Day - Save $50 - April 2018 IP Networking Course on Mar 22, 2018
Today, March 22nd is the last day to save $50. Register now and save. NEW - 2 sessions per class, 'day' and 'night' to give you double the chance...
Favorite Access Control Credentials 2018 on Mar 22, 2018
In this 2018 access integrator statistics result, which credential type holds the favored spot to unlock access doors? More than 150 integrators...
ISC West Bans Booth Babes on Mar 22, 2018
Booth babes, goodbye. Technically, ISC West banned them 2 years ago with a 'staffing attire' requirement but it looks like ISC West is going to...
Network Racks For Surveillance Guide on Mar 21, 2018
In this guide, we look at network rack infrastructure, one of the fundamentals of IP video surveillance. Inside, we cover: What is a rack unit...
Security Robot Sales Struggle on Mar 21, 2018
2 year ago, PSA Security CEO Bill Bozeman called security robots one of “the biggest game changers” in decades for security integrators. Just over...
Dahua Global Launch LeChange on Mar 20, 2018
Dahua is getting into the consumer video surveillance market globally, with "LeChange", an offering long available inside of China is now being...
Axis Z-Wave IP Camera Tested Poorly on Mar 20, 2018
Z-Wave is drawing notable interest for video surveillance use. In IPVM's initial coverage, 84% expressed interest in it, with nearly half being...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact