XProtect-specific configuration

(Configuration Best Practices—Dell Storage with Milestone XProtect Corporate)

10-10-2024
table of contents

XProtect-specific configuration
Configuring Active Directory and domain controller
Hard disk formatting
Enabling motion detection
Modifying the number of archive process threads
Modifying the Archive DB write block size
Isilon OneFS for the Archive DB
Multipathing and NIC failures
iSCSI initiator queue depth on ESXi hosts

XProtect-specific configuration
Configuring Active Directory and domain controller
Although local user account authentication is available, we configured Active Directory (AD) user
account authentication in the lab to simplify user management.
Hard disk formatting
One factor that can impact a disk's performance in asafety and security video system is the cluster size
of the formatted hard disk.
Enabling motion detection
If motion detection is not working, you must enable a new rule for motion detection.
Modifying the number of archive process threads
When using archive storage, such as NAS attached Isilon scale-out cluster, each recording server must
be modified to use either three or four archive processes. By default, XProtect uses a single thread.
Modifying the Archive DB write block size
When using archive storage, such as NAS attached Isilon scale-out cluster, the Archive DB write block
must be modified.
Isilon OneFS for the Archive DB
Configure XProtect to use an Isilon cluster for the Archive DB.
Multipathing and NIC failures
Configure the Unity and SC block storage arrays with multiple paths to recorders using Microsoft MPIO.
For redundancy, configure multiple NICs with the recorders and controllers. Recorders that are
configured with multipathing reconnect to the volume across another available path after a NIC failure.
iSCSI initiator queue depth on ESXi hosts
Define the iSCSI initiator queue depth for each SAN attached ESXi host.

Configuring Active Directory and domain controller

Although local user account authentication is available, we configured Active Directory (AD) user account

1
 XProtect-specific configuration

authentication in the lab to simplify user management.

AD is a distributed directory service included with several Windows Server operating systems. It identifies
resources on a network in order for users or applications to access them. If you wish to add users through the
AD service, you must have a server with AD installed that acts as the domain controller on your network.
Consult your network administrator regarding the use of AD with your XProtect deployment.

1. Ensure that there is a server with AD installed and acting as the domain controller on the network.
2. Add all recording servers and management hosts to the available domain controller.
3. Add the Isilon cluster to the available domain controller.
4. Log in as the Domain user on the host.
5. In Windows Services, select Milestone XProtect Corporate Recording Server. Click the Log On tab
and update the credentials for the Active Directory user.
6. Restart the service.

Hard disk formatting

One factor that can impact a disk's performance in asafety and security video system is the cluster size of the
formatted hard disk.

Note: Update the allocation unit size when formatting the hard drive to significantly improve the performance
of the archive process.

Dell EMC recommends the following allocation unit size settings:

Multi-tier implementation-Live DB
Change the allocation unit size setting to 8 KB when formatting the hard disk for the Live DB in a two-
tier structure. This block size is better suited for the balanced reads and writes rate caused by the
archive process.
Multi-tier implementation-Archive DB
Change the allocation unit size setting to 64 KB when formatting the hard disk for the Archive DB. A 64
KB block size significantly improves the performance of the archive process.
Single-tier implementation
Change the allocation unit size setting to 64 KB when formatting the hard disk for the Live DB only.

See the Microsoft Support article Default cluster size for NTFS, FAT, and exFAT for more information about
single and multi-tier allocation unit sizes.

Enabling motion detection

If motion detection is not working, you must enable a new rule for motion detection.

1. Disable the Default Record on Motion Rule on the management server.

XProtect-specific configuration
 XProtect-specific configuration

2. Add a new rule named Record Always using the following definition:
Perform an action in a time interval
always
start recording immediately on All Cameras

Perform an action when time interval ends

stop recording immediately

Modifying the number of archive process threads

When using archive storage, such as NAS attached Isilon scale-out cluster, each recording server must be
modified to use either three or four archive processes. By default, XProtect uses a single thread.

To minimize the risk of errors, the RecorderConfig.xml file can be edited with the Recorder Configuration
Manager tool available from Milestone.

1. Stop the Milestone XProtect Corporate Recording Server Service.

2. Go to: C:\ProgramData\Milestone\XProtect Recording Server.
3. Open the RecorderConfig file.
4. Edit the file as follows to change the low priority archive thread pool size to 4 and the high priority
archive thread pool size to 4:
<thread_pools>
<delete_thread_pool_size>2</delete_thread_pool_size
<low_priority_archive_thread_pool_size>4</low_priority_archive_thread_pool_size>
<high_priority_archive_thread_pool_size>4</high_priority_archive_thread_pool_size>
</thread_pools>

5. Save the file.

6. Start the Milestone XProtect Corporate Recording Server Service.
Note: These steps apply to XProtect starting with version 2014.

Modifying the Archive DB write block size

When using archive storage, such as NAS attached Isilon scale-out cluster, the Archive DB write block must
be modified.

1. Stop your Recording Server Services.

2. Rename the file %ProgramFiles%\Milestone\XProtect Corporate Recording
Server\VideoOS.Platform.Database.dll to, for example, VideoOS.Platform.Database.dll,orig.
3. Open the file %ProgramData%\Milestone\XProtect Recording Server\RecorderConfig.xml in an editor.
4. Update the disk utilization section. Use one of the following methods:
For Milestone version 2013 5.0, add the following xml code highlighted in bold:

XProtect-specific configuration
 XProtect-specific configuration

<disk_utilization>
<max_bytes_in_block_files>16777216</max_bytes_in_block_files>
<max_records_in_block_files>2000</max_records_in_block_files>
<truncate_block_files>true</truncate_block_files>
<precreate_block_files>true</precreate_block_files>
<precreate_sizes>
<regular>16777216</regular>
<sequence>65536</sequence>
<signature>4194304</signature>
</precreate_sizes>
<media_block_files use_os_cache="true">
<read_buffer_size>4096</read_buffer_size>
<write_buffer_size>4096</write_buffer_size>
</media_block_files>
<sequence_block_files use_os_cache="true">
<read_buffer_size>4096</read_buffer_size>
<write_buffer_size>4096</write_buffer_size>
</sequence_block_files>
<signature_block_files use_os_cache="true">
<read_buffer_size>4096</read_buffer_size>
<write_buffer_size>4096</write_buffer_size>
</signature_block_files>
<index_files use_os_cache="true">
<read_buffer_size>4096</read_buffer_size>
<write_buffer_size>4096</write_buffer_size>
</index_files>
<chunk_files use_os_cache="true">
<read_buffer_size>65536</read_buffer_size>
<write_buffer_size>65536</write_buffer_size> <!-- default 4096 -->
</chunk_files>
</disk_utilization>

For Milestone version 2013 R2 through 2017, the 2018 version has these values included.Update
the chunk_files use_os_cache section. Modify the read_buffer_size and write_buffer_size values
to 65536.
<chunk_files use_os_cache="true">
<read_buffer_size>65536</read_buffer_size>
<write_buffer_size>65536</write_buffer_size> <!-- default 4096 -->
</chunk_files>

<precreate_block_files>false</precreate_block_files>

<maxframesinqueue>500</maxframesinqueue>

5. Save the RecorderConfig.xml file.

6. Restart your recording server.

Isilon OneFS for the Archive DB

XProtect-specific configuration
 XProtect-specific configuration

Configure XProtect to use an Isilon cluster for the Archive DB.

Refer to the Dell Isilon Storage with Video Management Systems: Configuration Guide to configure the
following with Isilon OneFS:

Configure SmartConnect and Domain Name System (DNS)

Configure SmartQuotas

OneFS 8.1 job workers (required)

OneFS can be tuned to provide optimal bandwidth, performance, or operating characteristics. Starting
with OneFS 8.1 the Dell Technologies Safety & Security Lab achieved optimum resilience when the
number of job workers slowly increased their number per job phase.

OneFS 8.1 job workers (required)

OneFS can be tuned to provide optimal bandwidth, performance, or operating characteristics. Starting with
OneFS 8.1 the Dell Technologies Safety & Security Lab achieved optimum resilience when the number of job
workers slowly increased their number per job phase.

To modify the job workers to 0 per core, run the following command from the command line interface:

isi_gconfig -t job-config impact.profiles.medium.workers_per_core=0

Note: With OneFS 8.2.2, this setting will be the default and this modification will not be necessary.

Multipathing and NIC failures

Configure the Unity and SC block storage arrays with multiple paths to recorders using Microsoft MPIO. For
redundancy, configure multiple NICs with the recorders and controllers. Recorders that are configured with
multipathing reconnect to the volume across another available path after a NIC failure.

The TCP Max transmissions value determines how many times the Transmission Control Protocol (TCP)
retransmits an unacknowledged data segment on an existing connection. The TCP retransmits data segments
until they are acknowledged or until this value expires.

TCP/IP adjusts the frequency of retransmissions over time. The TCP establishes an initial retransmission
interval by measuring the round trip time on the connection. This interval doubles with each successive
retransmission on a connection, and it is reset to the initial value when responses resume.

To reduce the reconnection time and eliminate video loss, adjust the following TCP retransmission timers:

Note: It is recommended that you perform a backup before editing registry settings.

XProtect-specific configuration
 XProtect-specific configuration

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters
Value Name: TcpMaxDataRetransmissions
Data Type: REG_DWORD - Number
Valid Range: 0 - 0xFFFFFFFF
Value: 3

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters
Value Name: TCPInitialRtt
Data Type: REG_DWORD - Number
Valid Range: 0 - 0xFFFFFFFF
Value: 2

To reduce path failover times for volumes that are mapped through ESXi hosts using raw device mapping
(RDM) LUN's or Datastores, use the following timeouts. Modify these settings on the iSCSI software adapter
for each SAN attached host. These settings are located on the Advanced tab in the properties section of the
individual ESXi servers Software iSCSI adapter.

iSCSI Login Timeout 5

NoopInterval 2
NoopTimeout 10
Recovery Timeout 4
Delayed ACK Disabled

iSCSI initiator queue depth on ESXi hosts

Define the iSCSI initiator queue depth for each SAN attached ESXi host.

Run the following command to iSCSI initiator queue depth:

esxcli system module parameters set -m iscsi_vmk -p iscsivmk_LunQDepth=255

XProtect-specific configuration