Vodafone TV multicast settings on pfSense?

Forums › Vodafone New Zealand › Vodafone TV multicast settings on pfSense?

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13

563 posts

Ultimate Geek
+1 received by user: 89

Reply # 1115325 25-Aug-2014 16:51

One person supports this post

chrispchikin: Is there any way you can get a dedicated PC with 2 NICs (even with a cheap realtek NIC from pbtech) running pfsense to test?

I'm beginning to wonder if the host networking is interfering with packet markings as well...

I'm beginning to think @TimA is sitting next to the multicast switch, waiting for me to plug in my pfSense box then flicking it off and on..

Yeah I do have another box, will try get hold of another network card.

Seen anything interesting in the logs so far?

chrispchikin

121 posts

Master Geek
+1 received by user: 30

Reply # 1115353 25-Aug-2014 16:56

Nothing really different between the IGMP messages / stream from either scenario...

I should be getting my Vodafone TV STB and HG659 any day now so will be able to do some testing of my own.

(I've got a managed Cisco switch on the LAN and WAN side of my router).

I'll be configuring the router as an IGMP proxy similar to how pfsense is setup...

kenkeniff

563 posts

Ultimate Geek
+1 received by user: 89

Reply # 1115462 25-Aug-2014 20:13

Got my (pretty high spec) spare box installed with dual NIC and pfSense.

Still having issues setting up VLAN under pfSense (same as with in VM).

Just found however that maybe I should be setting up the VLAN interface in the QinQ tab instead of the VLAN tab?

Either way I get assigned a WAN IP and DNS settings via DHCP however don't seem to be able to connect to any WAN address.

Still trying to figure it out..

hio77

'That VDSL Cat'
8100 posts

Uber Geek
+1 received by user: 1693

Trusted

Spark

Subscriber

Reply # 1115468 25-Aug-2014 20:37

kenkeniff: Got my (pretty high spec) spare box installed with dual NIC and pfSense.

Still having issues setting up VLAN under pfSense (same as with in VM).

Just found however that maybe I should be setting up the VLAN interface in the QinQ tab instead of the VLAN tab?

Either way I get assigned a WAN IP and DNS settings via DHCP however don't seem to be able to connect to any WAN address.

Still trying to figure it out..

so your currently using a dedicated box on pfsense now?

Are you assigning the VLAN in pfsense now?

#include <std_disclaimer>

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

kenkeniff

563 posts

Ultimate Geek
+1 received by user: 89

Reply # 1115479 25-Aug-2014 20:51

hio77:
so your currently using a dedicated box on pfsense now?

Yes.

Are you assigning the VLAN in pfsense now?

and Yes.

chrispchikin

121 posts

Master Geek
+1 received by user: 30

Reply # 1115504 25-Aug-2014 21:18

One person supports this post

I think for the multicast QoS stuff to work properly, the WAN must have the VLAN 10 tag all the way to the gateway (or in your case pfsense).

Chorus QoS relies on the VLAN header to carry the CoS / PCP tag.

What you are doing is 'breaking' this link by bridging pfsense to your tagged NIC using vmware workstation, thus the CoS / PCP info is not carried through. (obviously this only applies to your vm setup)

Not sure if you're already doing this but you should do the following to get VLAN tagging working in pfsense:

1. Go to Interfaces -> (assign) and click on the VLANs tab to create the VLAN,
2. go to Interfaces -> (assign) and click on the "+" at the bottom right to add the VLAN to the pool of interfaces available to pfSense,
3. go to Interfaces -> (assign) and click on the PPPs tab then click on the "+" to add a new PPPoE interface (if necessary) then configure it
4. go to Interfaces -> (assign) to set the pfSense WAN interface to the newly configured PPPoE interface.

BMarquis

160 posts

Master Geek
+1 received by user: 80

Trusted

Chorus

Reply # 1115545 25-Aug-2014 22:32

One person supports this post

chrispchikin: I think for the multicast QoS stuff to work properly, the WAN must have the VLAN 10 tag all the way to the gateway (or in your case pfsense).

Chorus QoS relies on the VLAN header to carry the CoS / PCP tag.

What you are doing is 'breaking' this link by bridging pfsense to your tagged NIC using vmware workstation, thus the CoS / PCP info is not carried through. (obviously this only applies to your vm setup)

Not sure if you're already doing this but you should do the following to get VLAN tagging working in pfsense:

1. Go to Interfaces -> (assign) and click on the VLANs tab to create the VLAN,
2. go to Interfaces -> (assign) and click on the "+" at the bottom right to add the VLAN to the pool of interfaces available to pfSense,
3. go to Interfaces -> (assign) and click on the PPPs tab then click on the "+" to add a new PPPoE interface (if necessary) then configure it
4. go to Interfaces -> (assign) to set the pfSense WAN interface to the newly configured PPPoE interface.

The Chrous QoS doesn't actually have much of a bearing here...

IGMP requests upstream are snooped and proxied in the ONT, and we sort the pbit marking out there. So as long as it is given preference in the network at your home, then it's not an issue as to whether it is marked with pbit 5 or something else.(not to mention delay of IGMP would only cause channel change delay)

The actual multicast video frames are using the high priority traffic class right through our network from the VF handover to the ONT.
Once those frames are in the home network you can do what you like - retain the pbit marking, switch to DSCP, or whatever, just give it priority somehow.

Aredwood

2811 posts

Uber Geek
+1 received by user: 1061

Subscriber

Reply # 1115547 25-Aug-2014 22:38

kenkeniff:
hio77: Hows progress on this going?

I successfully created my network TAP which works on the LAN side at 100BASE-T however unsuccessfully it wont operate at 1000BASE-T (which I found out is impossible for a passive TAP) and the ONT wont seem to connect to the router at anything less than that.

My next option was gonna try this: http://www.m0rd0r.eu/how-to-make-transparent-bridge-with-slackware-linux

Will try your suggestion too Chris..

The Chorus ONT definitely can work on 100BASE-T. As when I first got UFB, I couldn't get my Edge router lite to work on the day UFB was installed. (found out later that I hadn't applied the VLAN tag to the correct interface). So was using an older Fritzbox (7260?) which only had 100BASE-T ports. As a temporary router. The LAN1 light on the ONT is green for a 100BASE-T connection, And Orange for Gigabit.

kenkeniff

563 posts

Ultimate Geek
+1 received by user: 89

Reply # 1115567 25-Aug-2014 22:54

Was testing just before with this setup:

ONT > pfSense on bare metal > VLAN setup on pfSense > Test PC

Was getting usual flaky picture on Test PC

Then while VLC was still playing unplugged WAN an plugged directly into Test PC like so:

ONT > Test PC (No VLAN setup or anything, Windows default DHCP settings)

And suddenly got perfect continuous stream until I stopped it after a few min, web browsing obviously did not work as not VLAN configured.

So it seems VLAN is not required to receive the multicast stream? and possibly how VF segregates the bandwidth as suspected?

BMarquis

160 posts

Master Geek
+1 received by user: 80

Trusted

Chorus

Reply # 1115568 25-Aug-2014 23:01

One person supports this post

kenkeniff: Was testing just before with this setup:

ONT > pfSense on bare metal > VLAN setup on pfSense > Test PC

Was getting usual flaky picture on Test PC

Then while VLC was still playing unplugged WAN an plugged directly into Test PC like so:

ONT > Test PC (No VLAN setup or anything, Windows default DHCP settings)

And suddenly got perfect continuous stream until I stopped it after a few min, web browsing obviously did not work as not VLAN configured.

So it seems VLAN is not required to receive the multicast stream? and possibly how VF segregates the bandwidth as suspected?

The data and multicast video frames have separate VLANS through our (chorus) network, but at the ONT we use an inter-VLAN config where the multicast VLAN is translated to also be VLAN 10 like everything else.
The multicast traffic will have VLAN 10 on it, but your test PC will ignore the VLAN when plugged directly into the ONT.

Your test above proves there is definitely something in your pfsense config (or the underlying OS/hardware) which is causing significant frame loss or delay for the multicast traffic (or both!)

BTW, the ONT Ethernet ports are set to auto negotiate, so 10/100/1g should all work fine.

kenkeniff

563 posts

Ultimate Geek
+1 received by user: 89

Reply # 1115576 25-Aug-2014 23:35

BMarquis:

The data and multicast video frames have separate VLANS through our (chorus) network, but at the ONT we use an inter-VLAN config where the multicast VLAN is translated to also be VLAN 10 like everything else.
The multicast traffic will have VLAN 10 on it, but your test PC will ignore the VLAN when plugged directly into the ONT.

Your test above proves there is definitely something in your pfsense config (or the underlying OS/hardware) which is causing significant frame loss or delay for the multicast traffic (or both!)

BTW, the ONT Ethernet ports are set to auto negotiate, so 10/100/1g should all work fine.

Thanks Brent, you've shed quite a bit of light on the setup.

Are you also able to give us an insight into how Chorus / Vodafone "segregates" the multicast bandwidth from internet bandwidth?

BMarquis

160 posts

Master Geek
+1 received by user: 80

Trusted

Chorus

Reply # 1115607 26-Aug-2014 06:49

One person supports this post

kenkeniff:
BMarquis:

The data and multicast video frames have separate VLANS through our (chorus) network, but at the ONT we use an inter-VLAN config where the multicast VLAN is translated to also be VLAN 10 like everything else.
The multicast traffic will have VLAN 10 on it, but your test PC will ignore the VLAN when plugged directly into the ONT.

Your test above proves there is definitely something in your pfsense config (or the underlyingVLAN OS/hardware) which is causing significant frame loss or delay for the multicast traffic (or both!)

BTW, the ONT Ethernet ports are set to auto negotiate, so 10/100/1g should all work fine.

Thanks Brent, you've shed quite a bit of light on the setup.

Are you also able to give us an insight into how Chorus / Vodafone "segregates" the multicast bandwidth from internet bandwidth?

It's all to do with the seperate VLAN for multicast and the ONT handling IGMP.
It allows us to police the traffic separately and offer the multicast bandwidth in addition to the data service.

From your point of view there is nothing special you need to do/configure for this. As you have seen it just works (apart from the pfsense issues you are having)

kenkeniff

563 posts

Ultimate Geek
+1 received by user: 89

Reply # 1115684 26-Aug-2014 09:44

BMarquis:
It's all to do with the seperate VLAN for multicast and the ONT handling IGMP.
It allows us to police the traffic separately and offer the multicast bandwidth in addition to the data service.

From your point of view there is nothing special you need to do/configure for this. As you have seen it just works (apart from the pfsense issues you are having)

Thanks I've confirmed this by attaching ONT directly to Windows box, setting up VLAN on there and running SpeedTest before and during playback; this causes no bandwidth drop.

In light of being able to setup multiple WAN connections, I may just try to setup the HG659 and pfSense as two independent WANs like so:

ONT
|
[SWITCH?]
|
|---------------------|
HG659 Router Windows Server
| |
STB pfSense Router
/ | | \
VM1 VM2 VM3 VM4

In such case what would be the best/simplest switch/router to use between the ONT and the two WAN routers so as to not strip any VLAN tags or anything?

I was trying to setup the bridge again as I had it below and then was just going to "bridge the bridge" with pfSense however I can't even get it to work as below anymore: (router gets WAN IP & DNS via DHCP however connect connect to any WAN address).

kenkeniff: And finally managed to get a dump of STB working perfectly though HG659 on WAN side.

ONT > Server NIC 1 in Promisc Mode [Wireshark] > Windows Bridge > Server NIC 2 in Promisc Mode > HG659 Router WAN port > HG659 LAN > STB

kenkeniff

563 posts

Ultimate Geek
+1 received by user: 89

Reply # 1115730 26-Aug-2014 10:48

I'm guessing something like this wouldn't do the trick?: ($35) http://www.pbtech.co.nz/index.php?z=p&p=SWHDLK1005A&name=D-Link-DGS-1005A-5-Port-Gigabit-Desktop-Switch-Pla

So would probably need something that explicitly states it supports IGMP & VLAN like?: ($171) http://www.pbtech.co.nz/index.php?z=p&p=SWHTEN1009&name=TENDA-TEG1210P-8-Port-101001000-+-2-Shared-Mini-GB

BMarquis

160 posts

Master Geek
+1 received by user: 80

Trusted

Chorus

Reply # 1115747 26-Aug-2014 10:59

2 people support this post

kenkeniff:

In such case what would be the best/simplest switch/router to use between the ONT and the two WAN routers so as to not strip any VLAN tags or anything?

I don't really know. I wouldn't be wanting to add any more devices into the mix if I were you! :)

What you are trying to do here is something that VF don't support for this service and it is obvious that it is your network causing the issues - that's all I was trying to point out.
I dont know enough about pfsense to be able to help.

My advice would be:

ONT
|
HG659 Router
|
|---------------------|
        |              Windows Server
STB    |
   pfSense Router
/ | | \
VM1 VM2 VM3 VM4

Then you will have the HG659 and STB in a supported fashion and you can play with pfSense/Windows server and VMs as much as you want without interfering with the TV service.
I don't see the point or benefit of using pfsense/windows server here - other than generally being a geek and wanting to play with 'stuff'

Keep It Simple would be my advice.... Otherwise You'll be chasing all kinds of strange issues around

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13