Radio Broadcast Facilities rely on computers for everything – and every group of computers needs a solid network to glue it all together and keep the packets flowing consistently. This article outlines a series of best practices for building and running a computer network for your radio broadcast facility.

Separation of Functions

Let’s start with the most basic computer networking principle. Broadcast networks should segregate their broadcast and back-office networks into separate segments. You don’t want your broadcast traffic to be competing for bandwidth with other functions, such as the accounting software or backup processes. Likewise, you probably don’t want your automation software accessing the public internet or your announcers accidentally sharing files with a computer at the TX site via that new IP-STL.

I’d go one step further and suggest most different functions need to get their own subnet. Here’s some functions I’d recommend splitting into different subnets:

  • Servers and storage
  • General purpose office clients
  • Automation/playout
  • IP Audio (e.g. AES67, Dante or Livewire)
  • IP-STL (Transmitter Site Link)
  • Streaming/Codecs
  • VoIP
  • Public/guest WiFi
  • Privileged WiFi
  • Security Cameras

You can achieve this segregation by creating separate VLANs on one switch, or by installing separate physical switches.

Subnets & Routing

IP Address Worksheet (Blurry)

While I advocate running separate networks, you’ll still need to share some traffic between them all. This is why I advise creating a structured subnet plan, and connecting them all via a good router/firewall. This way, you can control exactly which services are accessible via each network and also implement a bit of traffic control.

My personal recommendation for subnets is to use the 10.0.0.0/8 (10.0.0.0 to 10.255.255.255) private address space. This is the largest private address space available and gives us a lot of room to move.

Here’s a recommended address scheme for this Class A IPv4 address space:

  • First Octet: This is always “10”
  • Second Octet: Use this for your Site ID
    If you have a separate transmitter site or disaster recovery site, give each one a separate number. You can also use this ID if you share content or infrastructure with other stations. This will require a bit of coordination.
  • Third Octet: Service/System ID (e.g. Playout, Office, Servers, VoIP, etc)
  • Fourth Octet: Device ID

Using my previously suggested list of network segments, here’s a sample subnet plan you could use:

  • Servers and storage
    10.90.5.0
  • General purpose office clients
    10.90.10.0
  • Automation/playout
    10.90.15.0
  • IP Audio (e.g. AES67, Dante or Livewire)
    10.90.20.0
  • IP-STL (Transmitter Site Link)
    10.91.25.0
  • Streaming/Codecs
    10.90.30.0
  • VoIP
    10.90.35.0
  • Public/guest WiFi
    10.90.40.0
  • Privileged WiFi
    10.90.45.0
  • Security Cameras
    10.90.50.0

In this example address scheme, the Site ID is always “90”, except the IP-STL. This is a separate physical site, so we’re setting this to “91”.

This plan gives us a nicely segregated network, with plenty of room to expand. As we’re separating all Service IDs by an interval of five, you can always expand individual subnets to include more than 255 devices on each one.

This is a good time to sit down and create a spreadsheet to map out all your subnets. Make a list of every device on your network (existing or proposed) and assign it to a subnet based on function.

Then, work out your spacing of devices within each subnet. You could give each studio a block of addresses. If you have Dual NICs in some computers (such as Playout PCs connecting to your IP Audio LAN), then use the same number in the Fourth Octet between these two LANs. This makes it very easy to locate devices on your network.

How Strict Should My Inter-Subnet Routing Be?

Once you’ve mapped out your devices between all your subnets, you need to work out inter-subnet communication.

I always like to start off by routing absolutely no traffic between each subnet, and then opening specific services as needed. The first services to get opened up are typically domain services, such as Active Directory, DHCP, DNS and NTP. You may also need to open up ports for management, SMB/CIFS file transfer, FTP, and internet access.

How strict you get with your routing policies depends on your specific requirements. I can say, however, that the stricter you get the more secure and robust your network is likely to be.

WAN Redundancy & Failover

Firewall Illustration

Most broadcast facilities need some sort of WAN connectivity. This is probably just basic internet access, but can sometimes also include dedicated site-to-site WAN links.

Whatever your requirements, I suggest having at least two WAN uplinks. This is essential if you rely heavily on Internet access for the day-to-day operations of your radio station. Many stations now receive content such as news, weather, traffic, voice tracks and syndicated shows via the Internet. Ensuring you can access the Internet automatically via multiple connections from multiple providers is a must.

The good news is that most areas have a variety of connection options available – including ADSL, Fibre, Fixed Wireless, or even 4G. Some stations get ADSL installed at the transmitter site, and make that routable over the IP-STL in case of emergencies.

There are many Dual WAN firewalls available these days, which will support these sorts of requirements. Many of them are cheap, too!

Draytek Vigor 2832 - Dual WANThe DrayTek Vigor 2832 provides an in-built ADSL2+ connection, Ethernet WAN and USB 3G/4G with failover and load-balancing capabilities. The Mikrotik RB3011UiAS-RM provides ten Gigabit Ethernet ports that can be assigned to WAN or LAN as needed, with all the usual failover and load-balancing options.

When you setup your WAN connections, make sure your inbound connectivity is as resilient as your outbound connectivity. If users need to access your internal network remotely (such as via audio codecs, VPNs, web servers, email, etc.) you’ll need to set this up on all your WAN connections. Practically, this means dual sets of firewall rules for every inbound connections and also dual DNS records (a primary and a standby).

Network Switches

All networked devices need to be connected to a good network switch for connectivity. As we’re using multiple subnets, you’ll probably need a managed switch (so you can create VLANs). I’d suggest using Cisco switches, as their command syntax is widely documented and you’ll find it easy to get support. Cisco IOS switches are also supported by popular multicast IP Audio protocols (such as Livewire).

Layer 3 managed switches are preferable, as you can do inter-subnet routing within the switches themselves. If you don’t buy a Layer 3 managed switch, you’ll need to do all routing within a separate router. Where you do the actual routing is a matter of preference, and depends on the tools you’re comfortable using and the performance you can achieve in certain equipment.

Cisco 3750 Stacking

If you’re on a budget, previous-generation network switches such as the Cisco 3750 can be purchased used or refurbished. This particular range supports stacking, meaning multiple switches can act as one with a common backbone. If you’re on a budget, eBay frequently lists used Gigabit 3750’s for the $300 to $1000 range. There are also local dealers such as Network Brokers or IP Trading who’ll do you a good deal on used switches.

Organising Physical Infrastructure

Broadcast Network Patch Bay

Organising your physical cabling and equipment is just as important as proper subnets and routing. You should adopt a good structured network topology, where all Cat6 cabling in the facility wires back to a central location.

From every studio, office and workspace, run a considerable amount of Cat6 (or better) cable. Terminate it all to patch bays in one rack in your main equipment room. Ensure each end is labeled consistently. Also run cable from every rack in the equipment room to your patching rack. All your patch-bays and switches can live in this one rack, making it easy to interconnect all equipment.

When patching between patch-points and switch ports, use colour-coded network patch cables to indicate which subnet the cable belongs to. Green for Livewire, red for playout, yellow for uplink, etc…

Port Uplink

Network Cable Bundles

If you have virtual servers, edge switches, or digital audio consoles with built-in switches, you’re going to need to setup uplink ports on your core network switches. These ports should be setup with Link Aggregation to enable multi-gigabit connectivity and redundancy. Make sure you setup your ports as “trunk” ports (rather than “access” ports as is the default). Aim to use gigabit ports for all your uplink. Employ Spanning Tree protocol to ensure all your traffic isn’t incorrectly routed via edge switches.

Documentation

Ensure you create documentation and keep it updated:

  • Patch point listing with every port number and it’s physical location
  • IP Addresses & Subnets
  • Credentials for all equipment
  • Topology map of key network components

In Conclusion…

These are the best-practices for a broadcast facility’s computer network. With this segregation, routing, switching, physical infrastructure and documentation you will have a very solid foundation of a network that should be capable of supporting all your critical broadcast and back-office services.