-
Notifications
You must be signed in to change notification settings - Fork 146
Hardware Recommendations
Note: Moonfire NVR will run on almost any hardware, under Linux, macOS, or likely any other POSIX-compatible system. It should support recording (if not on-camera motion detection) from any RTSP camera. And it currently has only one developer working very part-time toward its "minimum viable product" (see open issues), so it's not yet recommended as your first (or even only) NVR. Those are all good reasons to try it on hardware you already own before spending money!
- Full example budget setup
- Full example nicer setup
- NVR machine
- Hard drives
- PoE switches and networking
- Cameras
Here's an example setup with prices as of 11 Feb 2021. It totals $784, includes 4 cameras, and has room for expansion. You'll also need: some determination, Ethernet cables, a free port on your main home switch, and the effort to wire the cameras through your walls. You may also want: a real-time clock add-on and a USB Ethernet adapter (see discussion at "PoE switches and networking").
Even though at its core this runs on a $35 single-board computer, this setup is expected to perform well with Moonfire NVR today. Some caveats apply:
- Future on-NVR video analytics support may be limited by the Raspberry Pi's performance, even with a USB neural network accelerator added on. For example, with the Coral USB Accelerator, some work still happens on the host CPU while holding the accelerator's lock, so single-thread performance may limit inference frame rates somewhat.
-
https
performance may be limited by the Raspberry Pi 4's lack of cryptographic acceleration. - This setup isn't recommended for developing the server because compilation will be very slow or simply run out of RAM. Use the pre-built Docker images or cross-compile on another machine instead.
Parts list:
- $63: Raspberry Pi 4 Basic Starter Kit, 2 GB RAM
- $93: WD Purple 4TB Surveillance Hard Drive
- $23: Kingston 120GB A400 SATA 3 2.5" Internal SSD SA400S37/120G - HDD Replacement for Increase Performance
- $30: Inateck SATA Hard Drive Docking Station, USB 3.0 SSD Docking Station, Dual Bay, FD2005. Note: disable UAS with this model to avoid reliability problems.
- $55: YuanLey 8 Port PoE Switch, 2 UpLink Gigabit, PoE Plus 802.3af/at, 120W Built-in Power, Vlan Up to 250m, Metal Plug & Play Network Switch
-
4 X $130: Loryta IPC-T2231T-ZS 2MP Starlight WDR IR Eyeball Network Camera Motorized Vari-Focal 2.7mm–13.5mm Lens English Version.- Moonfire NVR's author no longer recommends this rebranded Dahua camera because he believes that Dahua is writing custom software to support the Uyghur genocide. Look for a similar camera by another brand such as Reolink.
This setup is a couple steps up in quality of every component, for a total of $1,379 as of 4 Dec 2020, plus shipping. Here are the components and some of their advantages over the budget setup.
- $119: ODROID-H2+.
- Dramatically more powerful, x86-64-based machine. This isn't necessary to run Moonfire NVR today. However, it will be more pleasant for developing/compiling Moonfire NVR; be more likely to support encryption, video analytics, and other future features well; and be more versatile for other software, including but not limited to competing NVR products.
- Two NICs so you can plug one into your home's main network and one into a dedicated camera network.
- Real-time clock.
- Onboard SATA so you can install HDDs without flaky USB-SATA bridge chipsets or external cables that can get pulled out.
- Support for faster M.2 NVMe SSDs. (Or eMMC to free the M.2 slot for a neural network accelerator.)
- $20: ODROID-H2 Case Type 1
- Room for two 3.5" HDDs.
- 2 X $3: SATA Data and Power Cable
- Necessary to plug in the HDDs. This is a custom cable for the ODROID-H2+. They're cheap to buy with everything else now and expensive to ship by themselves later, so buy two even if you only plan on using one HDD.
- $19: 90W power adapter
- Should be powerful enough to support two 3.5" HDDs. The stock power adapter for this board may not be, as discussed here.
- Note I haven't actually verified this plug works well with the ODROID-H2+. Please update the wiki if you try it!
- $33: 8GiB DDR4-2400 memory kit
- $34: 256 GiB NVMe SSD
- Faster and higher-capacity.
- $208: WD Purple 8TB Surveillance Hard Drive
- Higher-capacity drive.
- $140: NETGEAR 16-Port Gigabit Ethernet Smart Managed Plus PoE Switch (JGS516PE) - with 8 x PoE @ 85W, Desktop/Rackmount, and ProSAFE Limited Lifetime Protection
- Name brand item with better reputation and support.
- May suffice as your home's only switch. It has 802.1q VLAN tagging to isolate cameras from other ports. It has gigabit speeds on every port. And it has more ports in total.
- However, it has one disadvantage: it has lower power capacity than the budget switch. You can buy switches that are clearly better in every way but they can be expensive.
-
4 X $200: EmpireTech IPC-T5442T-ZE White 4MP IR Vari-Focal Eyeball Starlight Network Camera English Version- Moonfire NVR's author no longer recommends this rebranded Dahua camera because he believes that Dahua is writing custom software to support the Uyghur genocide. Look for a similar camera by another brand such as Reolink.
- Larger sensor that performs better in low light.
- Higher resolution.
- ML-based on-camera analytics.
- Some newer features like SVC that Moonfire NVR may take advantage of some day.
Here are some machines which would work well:
- Raspberry Pi 4 Model B. The 2 GiB model will suffice. This is the cheapest hardware you're likely to find. You'll need a board, case with a heat sink, power supply, flash, USB enclosure, and hard drive. Consider buying and installing a real-time clock module. For best reliability and speed, we recommend USB booting from a 2.5" SATA SSD rather than using a microSD card.
- ODROID-N2+. This machine is noticeably faster than the Raspberry Pi 4 and comes with a real-time clock and adequate cooling. You'll also need the power supply, case, RTC backup battery, and flash (eMMC or perhaps a SATA SSD alongside your hard drive in a 2-bay USB SATA enclosure).
- nVidia Jetson Nano Developer Kit
- ODROID-H2+, as in the "Full example nicer setup" above.
- a used Intel NUC. New Intel NUCs are considerably more expensive than new ARM single-board computers. But you can likely find a used older model for $200–$300 with RAM, SSD, case, and power supply included that will be considerably faster than brand-new ARM SBCs.
- a HPE MicroServer, whether new/latest generation or not.
A few things to consider:
- software support. x86-64 (Intel/AMD) machines are clearly the best (always well-supported by the mainline kernel). Among ARM vendors, Raspberry Pi, PINE64, and ODROID have good reputations.
- RAM. Moonfire NVR can run on a 1 GiB machine. If you want to compile locally, 1 GiB likely isn't enough but may work with zram to stretch it. 2 GiB should work today; 4 GiB is more comfortable and future-proof.
- CPU speed. Again, Moonfire NVR is undemanding to run, but faster processors will be more versatile as new features are added and better support compiling locally. x86-64 processors are still the best.
- flash storage which supports many write cycles. microSD cards have a reputation for wearing out. Prefer M.2 NVMe SSDs, M.2/2.5" SATA SSDs, eMMC, or "high-endurance" microSD cards, in that order. The best SSDs will have specifications for endurance in terms of "DWPD" (driven writes per day) or "TBW" (terabytes written) and export their remaining lifespan via SMART statistics. As for endurance microSD cards, tomshardware: Best MicroSD Cards for Raspberry Pi mentions the Samsung Pro Endurance line.
- Hardware H.264 decode capability, for on-NVR analytics. The nVidia Jetson line excels in this area.
- USB3, SATA, and M.2 expansion options. On-NVR motion detection is still unimplemented (see issue #30) but likely will work best with a Coral USB Accelerator or Coral M.2 Accelerator. You'll likely also connect the hard drive via USB, unless direct SATA is available. USB2 bandwidth would be tight, so look for systems with at least two USB3 ports. And USB-to-SATA adapters can be flaky, so on-board SATA is best.
- Real-time clock with battery backup. It's best if your system can start up from power failure with no Internet connection and have an accurate time immediately.
- Low power draw. You'll likely run your NVR 24x7, so larger used hardware that seems like a good bargain at first may not be so cheap in the long term.
- Two NICs, if possible. See also more discussion at "PoE switches and networking".
Be wary of:
-
drive-managed SMR (shingled magnetic recording)
- Pro: these drives are cheap.
- Con: you have to be careful to ensure they can keep up with your workload. As a rule of thumb, they might handle the main and sub streams of 2 cameras; more will cause problems. Look at the specification sheet's "rated workload" (in terabytes per year), divide by 4 to approximate Mbps, and compare to what you're recording. Eg 55 TB/year is about 14 Mbps, or two cameras with their main streams capped to 6 Mbps and their sub streams capped to 1 Mbps.
- Con: in the author's limited experience, these drives are much less reliable even when running within their rated workload.
- Drives may not advertise if they use SMR or not, so try online searches for the model number and SMR. For example, the Seagate ST4000DM004 is not advertised as SMR, but a Google search for "ST400DM004 SMR" reveals several threads in which folks conclude from its observed performance, per-platter density, cache size, and rated workload that it is an SMR drive.
- After setting up Moonfire NVR with the drive, run
iostat -dx 10
and watch the%util
column. If goes over 10%, you're pushing the drive's limits. These devices do not expose all their I/O to the operating system, so you need to leave plenty of slack for their hidden book-keeping operations. - "Host-managed SMR" drives aren't supported by Moonfire NVR today. These don't appear to be commonly sold to end users; you may not find one outside of a Dropbox datacenter.
- refurbished drives, which likely have less life left. However, you may consider your surveillance data less precious than other files. If so, there are some bargains to be found on newegg, goharddrive, and other sites.
Look for:
- surveillance-rated drives such as the WD Purple series or Seagate Skyhawk Surveillance series. They're not strictly necessary, but they may last longer for Moonfire NVR's workload, and they don't use SMR.
- large capacity.
- long warranties, unless you're willing to give this up for bargain refurbished drives.
Doesn't matter:
- rotational speed. You don't need more expensive 7200-rpm drives. 5400 rpm is fine and will even save on power cost.
If connecting via USB, prefer USB3 over USB2.
You might buy an internal hard drive and USB3 enclosure separately. If so, consider a 2-bay enclosure or docking station. (Note: I recommend disabling UAS when using the linked model. I've had reliability problems that were fixed by doing this.) This gives you the ability to add a second hard drive or put your database on a SATA SSD rather than the slower and less reliable SD-Card or eMMC common with ARM single-board computers.
PoE = Power over Ethernet describes systems that pass electric power along with data on twisted-pair Ethernet cabling. You can deliver power to your cameras using a twisted pair of the cable that is not used for data. This saves having to provide a power source at the camera.
YuanLey has a couple switch models that are quite inexpensive for their specifications. (Note however this writer hasn't tried them, and their VLAN functionality is unusual if not broken. They definitely don't support IEEE 802.1q VLAN tagging.)
- YuanLey 8 Port PoE Switch, 2 UpLink Gigabit, PoE Plus 802.3af/at, 120W Built-in Power, Vlan Up to 250m, Metal Plug & Play Network Switch
- YuanLey 16 Port PoE Switch, 2 Uplink Gigabit, 1 SFP Port, 250W Built-in Power, 802.3af/at, Rackmount Unmanaged Plug and Play
There's a PoE switch suggestion list thread on ipcamtalk.
Look for a switch with:
-
PoE ports for the cameras. Note it's common for switches to have PoE on only some ports; make sure there are enough for your planned camera use.
- You don't need gigabit Ethernet for the cameras; "fast Ethernet" (100 Mbit/sec) is plenty.
- one or two free ports to connect to the NVR and/or to the rest of your LAN.
- be careful: many switches have uplink ports that are 1000baseX (for fiber optic cabling) or SFP (which requires an adapter) rather than 1000baseT (for more familiar cat6 cables and RJ-45 connectors). You'll need matching hardware to use them. Additionally, sometimes there's a pair of ports of different types where only one can be used at a time.
- prefer gigabit Ethernet. The total bandwidth of your cameras to the NVR might exceed 100 Mbit/sec, particularly if you have more than one client talking to cameras (redundant NVR setups or direct streaming from a computer) or more than eight cameras. You may also want faster transfer between the NVR and your LAN.
- sufficient per-port and total power capacity. Some PTZ (pan, tilt, zoom) cameras may need more than the standard 15.4W.
- fanless operation or quiet fans. Some PoE switches can be uncomfortably loud for a home closet. This is likely a trade-off with power capacity, so decide what's most important to you.
- nice-to-have: a good warranty. However, name-brand PoE switches are costly enough that it may be worth just rolling the dice.
- nice-to-have: IEE 802.1q VLAN tagging support.
Note that IP cameras are notoriously insecure. You'll likely want the ability to isolate them from the rest of your network. There are a few ways you could do this:
- have two NICs on your NVR. One connects to your main network; the other connects to the dedicated camera switch.
- A USB Gigabit Ethernet Adapter could work if you have a free USB3 port.
- You could connect to your main network by wifi in a pinch.
- use a camera PoE switch with support for IEEE 802.1q VLAN tagging and at least two more ports than you have cameras. Connect one extra to your NVR and another to the rest of your network. Configure main network port under one VLAN, all the cameras under another, and use tagging to configure the NVR's port for both.
- use a separate main switch with support for IEEE 802.1q VLAN tagging. (A OpenWRT-based wireless router with a built-in switch would work well.) Configure the dedicated camera switch's port to use its own VLAN. Configure the NVR's port to allow talking with both VLANs via tagging.
Look at the IP Cam Talk Cliff Notes and browse their IP Cameras forum. Look at the "Cameras: <brand>" pages here for any Moonfire NVR-specific notes.
Some general properties to consider:
- blood cameras. Three major Chinese manufacturers (Dahua, Hikvision, and Uniview) are widely believed to be actively supporting the Uyghur genocide. I try to avoid buying new models from these manufacturers! Unfortunately it's easy to buy them accidentally because they're often resold under different brand names. One trick is to look for "NDAA-compliant" cameras. For example, GeoVision has a PDF list of NDAA-compliant cameras which they confirm "are not manufactured by nor utilize components from Hikvision, Dahua or contain HiSilicon SoCs".
- sensor size and night image quality. Larger sensors are more important than high resolution.
- triple-stream. To support upcoming on-NVR analytics, the ideal camera supports three customizable H.264 streams:
- forensic quality: full resolution, high frame rate (~30 fps), high bitrate.
- analytics quality: medium resolution (eg 720x480, 1280x720, or 1920x1080, depending on available decoding power), low frame rate (~5 fps), high bitrate.
- mobile quality: low resolution (around 720x480), low bitrate.
- standards compliance. I've yet to see a camera that correctly implements RTSP and ONVIF, but some are better than others.
- form factor. I prefer "eyeball" cameras over "bullet" cameras because the latter seem to accumulate more spider webs. Bullet cameras, e.g. having a barrel on a swivel stick, also can have their barrel moved with a long pole or stick by someone not wanting the camera to monitor them, you simply push the barrel to point to sky or elsewhere; "eyeball" cameras cannot be so easily tampered with. If your camera can be accessed by a person with an 8' pole, go for the "eyeball."