Qt X Networking

Last updated
Save as PDF

Configuring QT X networks

Systems controlled by Qt X controllers can be configured using either the browser-based web user interface loaded on each controller (web UI) or the Qt X systems management software (Qt X software). Some settings may also be edited on the controller front panel using the display and buttons there.

The Qt X platform provides virtualized architectural zoning through a flexible media and control network topology.
Multiple supported network topologies can be used to maximize design capabilities into many control and media network topologies.

Network connections

All Qt X controllers come with dual RJ45 Gigabit Ethernet port connectors that support control and media network audio. These ports can be configured to support multiple network topologies.

Note: Control port 1 on the Qt X 800s and 800D controllers supports Power over Internet to the controller.

MAC addresses

Each Qt X controller has 3 device MAC addresses. These are viewable under the Network tab in both the Qt X Software and Web UI as well as the front panel display.

When a controller is in single cable mode, all MAC addresses are visible on the Port 1 LAN connection. When in dual cable mode, the AVB and Dante MAC address will be visible on port 1 while the Control MAC address will be visible on port 2.

The MAC addresses will be sequential, appearing as shown here:

Dante (media) - active when Dante selected as media type
Control (control)
AVB (media) - active when AVB selected as media type

Note: The controller may only have a single media type present in a configuration, so the displayed Media MAC address on front panel, web UI or software will correspond to the selected media on the controller. The Control MAC address will be present with either media type.

AVB only hardware models will also ave a Dante MAC address present but in an inactive state.

Network settings overview

The Network Settings tab in both the Web UI and QT X systems software allows users to:

Modify the primary DNS
Add or modify the secondary DNS
Configure the control and media ports
Switch between single and dual cable modes
The media type can only be changed to Dante if a Dante-enabled device is connected.

Addressing options

DHCP is checked by default for automatic assignment of an IP by the server. The device network settings can be configured if Static IP is selected. Qt X controllers also support automatic automatic private IP addressing (APIPA) or auto-IP.

Qt X controllers may also be connected to a network with a DHCP server for initial discovery
mDNS discovery is limited to a single subnet

Note: If changing IP addressing options between DHCP and Static on devices in running configuration, it is recommended to reboot the controller(s) after changes to clear any inter-device communication faults.

Devices will show 0.0.0.0 IP address if no network cable is connected.

Control and media network addresses

Control and media network address settings can be set on a controller's front panel as well as by using the Qt X Software or Web UI. However, the front panel will not display any information related to the network cable mode or media type setting. These settings must be viewed or changed from the software or web UI.

Cable modes overview

Qt X controllers support single-cable mode by default, allowing users to connect to devices with a single cable from the media ports.

In Single Cable mode, one port handles all control and media communications. Selecting Dual Cable mode separates the control and media communications. This choice is based on user preference and system design requirements.

Single Cable Mode

This is the default mode for Qt X controllers.

LAN Port 1 – Control and media combined
LAN Port 2 – Disabled

Single Cable MAC.png

Note: The selected media type MAC address will be the displayed and active MAC in the configured system.

Dual Cable Mode

LAN Port 1 – Media network
LAN Port 2 – Control network

Dual cable MAC.png

Note: The selected media type MAC address will be the displayed and active MAC in the configured system.

Media Modes (Dante Qt Xs)

Dante-enabled Qt x D controllers ship with Dante media mode enabled by default. In an unconfigured state, the controller may be switched from Dante to AVB media mode .

Note: Qt X hardware does not support AVB and Dante in mixed network modes.

Control and media network options

Cable mode settings are located under the Networks Settings tab in both the Qt X systems software and the onboard web UI.

Single-cable mode details

Both control and media IP addresses are active in single cable mode and may be addressed uniquely. While in single cable mode both Control and Media MAC addresses are viewable behind the single LAN port.

In single cable mode, all control data, AVB or Dante media is transmitted and received from the Qt X controller over Port 1. This allows all Qt X web-based management software, Qt X control software, SageVue management and 3rd party control to connect to a common switch with the audio media network.

The Web UI may be accessed via either Control or Media IP address in single cable mode.

Qt X Software View Qt X Web UI View

The single-cable carries both control and AVB or Dante media and connects to a common converged control plus media network.

Note: When in single cable mode, the media network IP address is still active and may be addressed separately from the control LAN. This is the address a Dante Qt X D controller uses to discover the device and route Dante audio flows. The address must be in the same range as other Dante devices routed to the Qt X hardware.

Dual Cable mode for separated networks

Dual cable mode supports isolating AVB or Dante media from control data on two physically separated networks. This allows media networks to be isolated from building WAN or system control networks. Qt X controllers support the use of an individual uplink from the control and AVB or Dante media ports to the respective separated networks.

In separated networks, AVB or Dante media is transmitted and received from the Qt X controller over Port 1, while inter-device communication, Qt X web-based management software, Qt X control software, SageVue management, and 3rd party control are accessed via Port Position 2.

The Web UI may be accessed via either Control or Media IP address in dual cable mode.

Qt X Software View Qt X Web UI View

The media network traffic resides on a logically separated switch from control traffic. This topology allow for control traffic to reside on an enterprise building network with all media traffic on an isolated switch.

AVB Media Network Requirements

AVNU Certified Network Switch w/AVB Active License
AVB switches will automatically create and use VLAN 2 for all AVB media traffic.
AVB controller software for routing explicit AVB streams to Qt X hardware. Biamp currently recommends using the Riedel AVB Manager software as the AVB controller. The software is free, but requires registration on Riedel's website. Other notable AVDECC controllers are Hive AVB Controller and Hono AVB Controller.

AVB Propagation Delay setting

When using Media converters with Qt X endpoints over fiber, it is sometimes necessary to adjust the Propagation Delay or pDelay to a range longer than the default of 1200ns.

AVB propagation delay The length of the fiber line and media converter will have an impact on propagation delay. If the link propagation delay exceeds the peer delay threshold, AVB clocking will not function correctly and ports will report AS-incapable. Both the switch and Qt X controller(s) must have their peer delay threshold configured to account for the media conversion.

Qt X software and firmware version 2.4 and later will have an available pDelay setting accessible via the Qt X software Network tab.

AVB Propagation Delay Threshold

Changes to the default value (1200 ns) should also be replicated on the associated network switch. Available range: 800 - 10000 ns

Note: AVB propagation delay setting is not available via the Web UI.

Dante Media Network Requirements

QoS Priorities (4 Levels)
IGMP Snooping (multicast)
VLAN Support in most instances
Dante Controller Software for audio routing between Dante devices and QT X hardware.
Audinate Dante port requirements can be found here https://www.audinate.com/faq/which-network-ports-does-dante-use
Additional Audinate Dante network requirements can be found at https://www.audinate.com/sites/default/files/PDF/adding-dante-to-your-network-audinate.pdf
Audinate Dante Domain Manager has additional network requirements which can be reviewed here https://dev.audinate.com/GA/ddm/technical-notes/network-admin/pdf/latest/DDM%20-%20Info%20for%20Network%20Administrators%20v1.9.pdf

802.1X and Certificate Management

The Security Configuration dialog manages security settings such as viewing currently-applied security certificates, the status of 802.1x, and settings associated with the web server.

The standard allows for protecting the 802.1X traffic using varying degrees of encryption to prevent authentication credentials from passing over the wire as clear text. This reduces vulnerability to “man in the middle” attacks that intercept network traffic.

Topologies not supported

Important: The topologies listed below are not supported for 802.1x in Qt X hardware.

802.1x is not supported while in single cable mode. There are 2 MAC addresses that are seen behind a single LAN port in this mode. A switch with 802.1x will not authenticate to a device with more than one MAC address.
A Qt X controller in dual cable mode while set to Dante media mode does not support 802.1x. This is due to 802.1x supporting only Unicast communication while the Qt X controllers are communicating via multicast. Controller must be in AVB mode to use 802.1x on control and media ports.

Managing certificates

Certificate management is only accessible via the Qt X software application.

The certificates tab is accessed from the Device Information screen - Operations tab.
Select the Certificate Management button to view and update settings.

The 802.1X Certificates tab allows configuring 802.1X security protocols for the controllers control and media ports. 802.1X. is an IEEE standard for port-based Network Access Control (PNAC) and is part of the IEEE 802.1 group of networking protocols. 802.1X provides an authentication method for connecting devices to a Qt X system.

Security

Integrators and administrators configuring 802.1X and choosing EAP methods should be knowledgeable in network security and know the requirements of the enterprise network Qt X devices are being installed in.

Biamp supports the following security types:

EAP_NONE - EAP is disabled
EAP_PEAP/MSCHAPv2 - Server authentication via certificate; client authentication via another EAP method
EAP_TLS - Certificate-based two-way authentication

802.1X security may be selected for the control or media ports on the selected Qt X sound masking controller. Connected devices must support 802.1X to enable the security protocol:

Users must choose which Mode to apply. Mode establishes the Extensible Authentication Protocol (EAP) by which authentication takes place and is disabled by default (EAP_NONE).

Certificates

Users may select a Root or Client certificate based on the security requirements of the organization. The Qt X comes factory-equipped with a root certificate issued by Biamp (a trusted Certificate Authority (CA).) Users may choose to apply the Biamp Production Root certificate, or supply their own. Clicking 'Select Certificate' will allow the user to browse to available certificates. Users may upload their own certificate via the Certificates Tab.

Root Certificate

Click Apply. The 802.1X Certificate Management window will reflect the applied certificate:

Client Certificate

The Qt X comes factory-equipped with a client certificate used to make authenticated requests to a remote server. Administrators may choose to apply the device client certificate or supply their organization's certificate. Available certificates may be browsed to by clicking on Select Certificate. Certificates may be uploaded on the Certificates Tab.