Is there a data limit with the Reolink app?

user_727999352516787_727999352516787

Hi,

I recently purchased my first Reolink Duo Floodlight WiFi camera to start replacing my Ring products. To say I'm impressed is an understatement. It's honestly mindblowing just how good the quality is compared to my Ring products. I can't wait to start replacing my Ring camera one by one around the next year.

One of the reasons I purchased the Ring products is to provide security to my parents. When they leave the home, they are a little on edge due to recent break-ins around the area. So my Dad likes to review the camera throughout the day to make sure nothing is going on or one of us is in the home.

I read on Reddit and another website that there is a data limit with the Reolink app of around 1GB which can be chewed up by the high setting. What they claim is when you are on 3G or 4G, the app will use the UID to attempt to make a direct connection to the camera using UDP which allows for unlimited data to be transferred. If this fails, then TCP will be used to route the camera through the Reolink network which has a 1GB limit. However, from speaking with the support team, they are unaware of this limit and there is nothing mentioned on the website or the product pages. The app doesn't even mention how it's connecting to the camera when you are on the external cellular network. Apparently, you can get around this limit by creating a VPN within your home network to allow the Reolink app to use. Someone else mentioned that they tested this theory but just using the UID setting from their camera to the Android app, it showed a direct connection, they were never able to get it to run through a server.

I was just wondering if anyone from Reolink or a community member can elaborate on this.

I'm technical enough that I could create a VPN on my router to use but don't have a good enough setup where I can see incoming and outgoing connections, unfortunately. I would rather not use the VPN setup if I can help this.

Thank you!

joseph_1979

@user_727999352516787_727999352516787 Read my comments at https://community.reolink.com/topic/87/how-does-the-reolink-uid-actually-work/3?post_id=22657&_=1692644814908 and https://community.reolink.com/topic/6240/software-windows-resolution-start-up?post_id=23966&_=1692644814917 respectively.

If there will be a limit which I have never tested out then it shall be per connection. I had never used 1GB per session on my Android smartphone to watch a single camera. So even if there will be 1GB then it will be more than adequate to watch through the smartphone.

Note that you will have issues to watch high def streams on HSPA (3G). You need at least 4G.

You can check this out. Run reolink Win client and connect to the camera from an external network (to use the P2P relay servers) and from the cmd prompt enter netstat -s -p udp and take note of the datagrams received. Leave the stream in high definition. The data included in each packet sent by the P2P server is 1350 bytes..........so you need to receive 1G/1350 datagrams :)...... say 4 to 5 days assuming 100 packets/sec

user_727999352516787_727999352516787

@joseph_1979

Hi Joseph,

I don't own a Windows computer. I use macOS.

All of our phones are on 5G/4G typically, but sometimes they drop down to 3G in rural areas. However, a speed test still provides around 25Mbps which is fine for viewing the cameras.

I've read your posts but got confused about the public and private IP sections.

To break it down, am I correct in the following?

If the Reolink app is external, it will ping the P2P server for the Private (My IP) and Public (Amazon/Azure Server). It will try to make a connection through the Private IP using TCP which is a direct connection with unlimited bandwidth. If this fails, it will then use the Public IP with UDP which may have a 1G limit. If this is the case, is there a way of testing whether the app is connecting through Private/Public IP or not and would a VPN ultimately fix this? I could probably get a Firewalla to setup OpenVPN and then set this up on our devices for the Reolink app to use which should in theory make a direct connection as I assume the app would think the cameras are streaming locally? I read in your post that the default value over external networking is Fluent. However, if I set High on my iOS app, close it down, switch to 5G and open it again, it will prompt me with the message about playing in cellular but it starts streaming in High. Do I assume from this that it's making a direct connection and not using the Reolink servers?

user_727999352516787_727999352516787

@joseph_1979

Hi Joseph and anyone else reading.

I was fortunate enough to gain a response from a Reolink developer who explained how the UID process works.

UID essentially is an identifier for the camera and stores the camera location within the Reolink servers. This allows you or a friend to add the camera from any external network and view it without trouble. Because the Reolink server is just used as a phone book, all traffic between the camera and the application should be direct, and for this reason, there isn't a 1GB limit. You could theoretically watch all of your cameras in high quality without any consequence other than your mobile data being hammered. Where does the 1GB limit come from? It's from a user who posted in the past because their ISP or mobile network limited how much Reolink traffic could be sent. It's not a limit that Reolink has put in place and as far as they're aware, does not affect the UK, US, etc. Unfortunately, this now acts as a rumour that is picked up every so often. This is why the 1GB limit is not mentioned on their website or product pages because it doesn't exist directly by Reolink.

joseph_1979

@user_727999352516787_727999352516787 I did explained in my articles the data flow between the client and the cameras when both entities are both on the same and different networks. When the AWS/Azure P2P relay servers are used, Reolink pays for the service and bandwidth allocated and subsequently whenever you start a live view from any camera which is external to the client, the stream is always FLUENT. You can change it to CLEAR but as soon as you click on the Playback and click again on the Live view, the stream starts again in FLUENT. Typically a 5MP camera requires a nominal bandwidth of 10Mbps.

So nothing is free and nothing is unlimited :).

joseph_1979

@user_727999352516787_727999352516787 If you are on UMTS and HSPA you will encounter issues. You shall be fine if you are on HSPA+ and having a strong signal. You may reach the 25Mbps.

Irrespective where the client is located, it sends a DNS query to get the IPs of the P2P servers which are provided by Amazon and Microsoft. The client will then request the P2P servers to provide the local IP of the camera and a public IP on the P2P relay servers (Profile is identified by the UID). Note that you cannot connect directly between the camera and the client when the client is on an external network ( a number of ISPs refrain this data flow). So to avoid this Reolink will provide a public IP on the P2P relay server. The P2P server already knows the public IP/port of the BB router to which the camera is connected to. So a connection is setup between the P2P server and the camera. This is leg A. Leg B is the connection established between the client and the Public IP of the P2P relay server. So data flows from camera to P2P Relay server and from P2P relay server to the client. Conversely, from the client to P2P server and from P2P server to the camera.

And if you are technical, you can see this by capturing a trace using Wireshark on the PC running the client.

user_727999352516787_727999352516787

@joseph_1979

Hi Joseph,

Reolink assures me that an external server is not used. The connection is made directly from the camera to the end device, and any limits in place, such as the 1GB, were on the ISP or mobile network of the user who made the claim, not Reolink. The only thing the external server is used for is Cloud Recordings if you have this enabled or as the address book to store the information regarding your cameras. This way, if you were to share the UID with a friend, they could automatically connect to your camera, etc.

I also tested both my iPhone, Android, and MacBook Air on external networks and they always allow me to view in Clear if they were left on that option last. I've never had them automatically switch over to Fluent.

There was also a person who wrote a blog and they claimed they installed the Reolink client on their computer at work, viewed the firewall logs both at home and on their computer, and it showed Reolink as establishing a direct P2P connection between their home and work. There was no Reolink IP or servers involved. So perhaps this is some older information you have at hand.

joseph_1979

@user_727999352516787_727999352516787 Hi Mitch,

Your client is directly connected to the camera IF AND ONLY IF both the PC running the client and the camera are on the same network. This is really P2P. However, when you are on an external public network such as mobile network or on a WIFI network other than that where the cameras are connected to, your PC running the client establishes a connection with an Amazon (mostly as it may use Azure) server. This server has a connection to your camera and the media flows from camera to this P2P Relay server back to your PC and conversely from the PC to the P2P Relay server to the camera. If you are familiar with networking then you can use Wireshark on your PC and see the UDP packets destination IP address. Go to WHOIS IP and you will get Amazon. You shall even see the client sending DNS queries (A record) to get the IPs of the P2P servers.....Reolink have reserved 16 P2P IP addresses but only 8 are used, the others pointing to the loopback IP. I did explained this in details in various articles in the community. Try to search them.

Or else if you wish to share the trace I will show you. I can teach you to pursue a Master Degree in Telecoms/Networking if you pay me accordingly :).

See the trace below. So the camera is sending packets to the Amazon P2P server which in turn forwards it to my PC (local IP since the NAT is done at the router side). Go to the Internet and search for whois IP and enter 35.180.0.0 and it will give you the company using this range. In the 192.168. UDP packet, the client acknowledges the packet received.

Amazon Data Services France AMAZON-CDG (NET-35-180-0-0-1) 35.180.0.0 - 35.180.255.255

So I will send you the bill........address pls :).

user_727999352516787_727999352516787

@joseph_1979

Hi Joseph,

I had a check using Terminal on my macOS when tethered to my iPhone and if I stream using the Reolink app, it shows a CloudFlare IP address. This is neither Amazon or Azure as you've mentioned.

It also uses TCP and not UDP as you've mentioned.

So I assume because it's not using Amazon or Azure like your camera, it's creating a direct connection?

joseph_1979

@user_727999352516787_727999352516787 cloudflare is a service provider too like Amazon and Azure. I am in Europe and the p2p servers are through Azure and AWS.

From mac terminal enter nslookup p2p2.reolink.com. You need to use the client on the mac and not the iPhone. Just use the iPhone for hotspot using mobile data. Please install wireshark on mac and take a trace on mac.

See this written by Reolink.

https://support.reolink.com/hc/en-us/articles/900000618443-Introduction-to-P2P-or-UID/?gclid=EAIaIQobChMI9dyDj5mAgQMVSC4GAB11AAerEAAYASAAEgKxafD_BwE

user_727999352516787_727999352516787

@joseph_1979

Hi Joseph,

I installed Wireshark. Very confusing.

So I looked at all the stuff coming through and when I was locally connected through ethernet, I could see my computer sending stuff to the camera and sending stuff back to the computer over UDP. When I connected through iPhone hotspot, I found the same IP as earlier bouncing stuff back and forth over TCP and when I looked it up online, it was Cloudflare in Germany.

joseph_1979

@user_727999352516787_727999352516787 Another service provider offering the relay functionality.

user_727999352516787_727999352516787

@joseph_1979

Thanks Joseph.

Learned a lot from this. Much appreciated.

Last question.

How do you have your cameras setup for external usage? Do you use the UID or another way to access them such as VPN, DDNS, etc.? I've read that the UID is fine at the moment security-wise. Some others say you should disable the UID and use them LAN only and then use a VPN to run the app instead so all the traffic is direct mobile to camera at all times.

joseph_1979

@user_727999352516787_727999352516787 You're welcome. If you have networking or Telecom (Mobile, IMS, vPBX, Fixed, VOIP, protocols, etc) questions just put it here and when I am free I will answer. The communication between the camera and the client is encrypted and so far I didn't hear anyone who was able to decrypt it. No matter how much security you add, there is always a way to get through, This is like the well known Alcatraz which was considered as the most secured prison.......but three managed to escape. I am using the UID method and if your router has firewall then you can implement rules.

You can use DDNS and port forwarding to communicate with the cameras too. You can create a free account at noip(dot)com. Here you need to create a hostname which you need to enter in the camera DDNS config. Set a static IP 192.168.1.Y and media port XXXX for the camera. Then on the router add a rule with external/internal port mapped to 192.168.1.Y for both UDP and TCP. Then go to client and add the camera using the domain and port and voila'. In case of VPN you need to set up an VPN on your router like openvpn. This is the mostly secured.

Don't forget to follow the policies set out for passwords creation and renewal. I have forwarded a number of suggestions to Reolink to enhance the security on the cameras. It is not about securing the premises but also securing the camera itself. I didn't get any reply. Just that my suggestions have been forwarded to the dev team and nothing else.

joseph_1979

@user_727999352516787_727999352516787 Try to avoid having cameras inside the house, wherever possible. I have two (in garage) but I check the logs of the router and have a number of rules.

user_727999352516787_727999352516787

@joseph_1979

Hi Joseph,

Thank you very much. Super kind.

I don't have too many customisation options at the moment. I'm hoping to improve my network in the future to allow this, but this is how my setup runs at the moment.

Right now, my home is as follows.

Modem > Eero Gateway > TP-LINK 16-Port Switch.

One CAT5e cable runs from here to each room which connects to another switch to wire in all the entertainment devices and computers. I then have another eero at the front of the home, another at the back of the home, and a TP-LINK EAP650-Outdoor on the front of the house to provide better signal to my outdoor devices such as the Reolink Floodlight, Ring products, etc. Because my house is fully made of brick, it makes it very difficult to get Wi-Fi around and also makes it difficult to place ethernet cables where I want.

My hope in the future is to start adding EAP series around the home in lieu of the eero units and also wire up the Reolink products if possible. From here, add a Firewalla for better customisation. And finally replace all the CAT5e with CAT6A.

I don't plan on having indoor cameras. I just want a few around the exterior of my home including the Reolink Doorbell to replace my Ring products.

joseph_1979

@user_727999352516787_727999352516787 That's fine. Is it the RE650 V2? This is absolutely one of the best I have ever seen. I installed two at my sister's house and she never complains.

user_727999352516787_727999352516787

@joseph_1979

Hi Joseph,

No, it's a TP-LINK Omada EAP-650 Outdoor Access Point. It's very overkill for what I need it for, but stock was limited during COVID and my Ring products and other stuff like my phone, echo for listening to music when washing the car, etc. was struggling when I was at the front. I literally have an eero sitting on the other side of the wall and it struggles to get through the brick. Old homes are built different.

I have it setup so it mirrors my Wi-Fi SSID but also has a dedicated hidden SSID which I connect my Reolink/Ring to so it sticks to it instead of roaming back into the home. Once I start getting more EAP series Omada products, I'll be able to get the controller which will let them automatically manage their own channels and power output to maintain the home better. Wanted to do it much sooner, but had other jobs to do around the home first which has eaten into my budget. So it's going to be a next year job.

joseph_1979

@user_727999352516787_727999352516787 Home maintenance is like software........you won't ever say it is complete as it merely depends on one's imagination and creations. I do remember developing applications for big companies and I never say that's all. Always adding.

Just plan it and do it.

For Reolink cams. just have distinct 2.4G and 5G SSIDs.