WyzeCam and Pfsense
-
Hi! I'm new here and new to this stuff. I have PFSense 2.7 running with several VLANS.
I use Wyze Camera's and I'm running in to an issue where when trying to view live feeds from the Internet the feed will spike up to 50-100ish KBps and then drop to zero and hang for 2-5 seconds then spike and hang, Rinse/repeat. This does not occur while on the LAN for the AP, or any of my other LAN's I've got setup. LAN streams fine. I've tried adding rules to allow ports, with no success. Side note I have some Wyze cams still on my Main LAN which is running on a Nighthawk router. I have zero issues streaming those devices, so that tells me its not the ISP on either end, its got to be a PFSense configuration gap. I have a Unifi AP-Pro setup in standalone mode, I don't have a Unify Controller.
I'm looking for some guidance on what I may be missing on this. What sort of details would one need to help me?
I want to get this VLAN working fine before I start Migrating the Nighthawk connections to its own VLAN. That VLAN will have Plex Server that would need to communicate externally, along with some other streaming devices like SmartTV, chromecast/Firesticks etc. So that's another topic for another time when that project comes to play.
Thank you
Skott
-
Sounds like it's dropping the states and then reconnecting. Do you see blocked traffic in the firewall log when this happens?
How is pfSense and the Nighthawk sharing the WAN connection? There could be a conflict there.
Does the camera connection rely on UPnP?
Steve
-
@stephenw10 thank you for responding.
Until I get the pfsense box working proper the modem is not in bridge mode.I'm assigning an ip from the modem to each device.
What logs should I be looking at?
I dont believe they need upnp.
-
Look at the firewall logs when it stops streaming. Do you see blocked traffic logged?
Check the states that are opened when you start streaming.
-
Checking the FW logs are only showing WAN errors, and it appears those are for the Amazon Dot on that VLAN.
I tried searching FW logs for the IP of my phone and the IP of the Camera with no results.
States show the IP for the camera has 22 states open , 16 upd and 6 TCP.
-
I really want to thank you for the assist. Ive been looking some things over and I discovered that I had my Port forwarding rules backwards for source and destination. After reversing these the Cameras are now streaming with out any buffering / zero KBps.
To solve this I set two port forwards for 10001 and 22345. These are the P2P stream and keep stream alive ports disclosed on the Wyze support page.
So far everything appears to be working with the Cams. Now on to the next VLAN setup.
-
Interesting, that sounds like they might be using UPnP on the other router then if they require forwarded traffic.
-
I guess i counted my chickens before they hatched. Back to square one.
-
Then I would look at some conflict between the two routers. If they are sharing one public IP traffic coming to that can only ever go to one of them so if cameras behind both a trying to open connections on the same ports some may fail. That might explain why it starts and stops as it does. Try disconnecting the other router as a test.
-
I have 3 wyze cams.
2 Pan v3 and 1 v3
They all work without issue.
I can't remember if they worked or not before I turned on UPMP ant nat port forwarding or whatever but I never saw any activity in there anyway.
If you have any questions Ill try to help the bvest I can
-
Thank you both for the responses.
@nullcure What does your NAT PF rule look like?
This is my Setup which may help: This is an old SFF Desktop.
I7-2600 @ 3.4ghz (8CPU, 4 core x 2 hardware threads)
8GB RAM
100/100/1000Mbps Gigabit Ethernet Converged Network Adapter (NIC) with Intel 82576 Chip | Dual NIC
2x AP: Ubiquiti Networks UniFi UAP-AC-PROWAN is on one port of the Dual NIC and LAN to the Managed switch is on the 2nd port.
So while doing some tests yestraday I noticed the speed on both AP's are not 100%. These are Wifi-ac devices, so i should see throughput up to 1300mbps. The VLAN for the Cams and Home both are on a 1GB connection. The Link up LED on the switch shows 1000 and PFSENSE Reflects the same, however im only peaking at 95 mbps down, my upload is peaking at 113 mbps.
I'm on a 1gbps/100mbps plan. Speedtests on the Nighthawk are at 950ish down and peaking 125 mbps up. This is on a wired connection, and when on the wifi its around 750 down and 100 up.
Both PFSENSE and Nighthawk are grabbing an IP from the Modem via DHCP. I have tried the BufferBloat fix on and off with no changes in behavior
To remove a bad wire sceanrio I have a newer Cat8 coming today, even though the current cat5e should handle the through put it is a older wire that was in my spare parts Bin.
I have an assumption that the buffering that is occurring for the WyzeCams could be related to this speed limitation.
Another setting Ive tested is by putting the PFSENSE on the Modems DMZ, not super secure which I understand but I'm trying anything I could think of to see what may be the cause of this. My end goal is to bridge PFSENSE to the Modem rather than DHCP.
Push comes to shove, Should I just nuke the box and start over?
-
@djskott Are you saying you're seeing only 95mbps AND 113mbps coming through for your wyze cams? Cause that would be correct.
{Edit}
What do you mean both Nighthawk and Pfsense are are getting an IP from the modem via DHCP isn't Nighthawk Your Modem? or is it a nighthawk router.For router like you see in my config yoiu need to do this.
-
The throughput on the Cams is 0.0 most of the time and then will randomly show traffic example 0.5 then 14 then 55 then 0 and sits. This is in KBs.
The throughput I'm seeing the degradation is via the AP's. Both AP's exhibit the same throughput.
The nighthawk is my original router that is connected to my Modem. Its grabbing an IP via DHCP from the modem. I have zero issues with my internet connection with devices on this router, it is not in AP mode.
Another tidbit, I had a ASUS router which I had placed in AP Mode . This Router was running the cams before I moved to the Unify AP's. I thought it was the ASUS router causing the issue so I moved to the Unify's. The ASUS router in AP mode yielded the same results.
-
@djskott You're using a WLC (Wireless Controller) for these? If so you have setup vlan for wifi mgmt traffic yeah?well of course, you have connectivity right so lets narrow it down.
OSI Model we'll be looking at Layers 2 and 3 I believe.
Layer 2 to make sure our hardware ports have the correct settings.
Layer 3 to check for any bandwidth limiters or traffic shapers. Perhaps an accidently turned on setting somewhere?If I was you and I know you've already probably tripled checked by now.
I'd run traceroute from said bandwidth limited device to the gateway to the internet.
Then with pen and paper go from point to point checking my layer 2 ethernet stuff including the port neogotiations and link tests. installing iperf can also help you narrow it down by running it from different end devices.After checking the layer 2 stuff I'd start back and go again checking layer 3 stuffs.
Let me know what you find. If you choose to do this
-
@nullcure The AP's are in standalone I do not have a Unify Controller.
I do have traffic shaping setup for Bufferbloat. I have that disabled at the moment.
The links appear to be 1000 in PFSENSE and the Link Lights are indicating 1000 on the Switch.
The Ipref test does show a limited connection.
AP 1 (Home)
AP2 (Cameras)
This is from the Modem to PFSENSE
This is the speedtest from the NightHawk while on my LAN
Both devices are pulling dhcp from the Modem.
-
@djskott said in WyzeCam and Pfsense:
These are Wifi-ac devices, so i should see throughput up to 1300mbps
You won't ever actually see that. That's just the maximum link speed.
However this doesn't seem like a throughput issue, you won't need anything like that to stream video. It seems more like a blocked or replaced state somewhere. Possibly in the upstream router.
-
Correct The AP BW is up to 1300, never what you will actually see. Totally get that peice.
But it should be more than 100mbps.I just ran a state reset on PFsense and rebooted the modem.
No Change in behavior
-
Try setting a static port outbound NAT mappings for the camera IPs. It's possible the cloud side of this can't cope with source port changes. Though that's unlikely, anything vaguely recent should have no problem with that.
https://docs.netgate.com/pfsense/en/latest/nat/outbound.html#static-port
-
Added the Static port earlier and there was no change.
New Cat 8 arrived and has Doubled speeds to around 200-220 on speed.cloudflare.com
─$ iperf3 -c 192.168.200.1
Connecting to host 192.168.200.1, port 5201
[ 5] local 192.168.200.236 port 45108 connected to 192.168.200.1 port 5201
[ ID] Interval Transfer Bitrate Retr Cwnd
[ 5] 0.00-1.00 sec 18.9 MBytes 158 Mbits/sec 0 837 KBytes
[ 5] 1.00-2.00 sec 18.8 MBytes 157 Mbits/sec 0 1.09 MBytes
[ 5] 2.00-3.00 sec 18.8 MBytes 157 Mbits/sec 0 1.20 MBytes
[ 5] 3.00-4.00 sec 18.8 MBytes 157 Mbits/sec 0 1.45 MBytes
[ 5] 4.00-5.00 sec 20.0 MBytes 168 Mbits/sec 0 1.52 MBytes
[ 5] 5.00-6.00 sec 18.8 MBytes 157 Mbits/sec 0 1.52 MBytes
[ 5] 6.00-7.00 sec 20.0 MBytes 168 Mbits/sec 0 1.52 MBytes
[ 5] 7.00-8.00 sec 17.5 MBytes 147 Mbits/sec 0 1.52 MBytes
[ 5] 8.00-9.00 sec 12.5 MBytes 105 Mbits/sec 0 1.52 MBytes
[ 5] 9.00-10.00 sec 10.0 MBytes 83.9 Mbits/sec 0 1.52 MBytes
[ ID] Interval Transfer Bitrate Retr
[ 5] 0.00-10.00 sec 174 MBytes 146 Mbits/sec 0 sender
[ 5] 0.00-10.03 sec 171 MBytes 143 Mbits/sec receiver -
Hmm, what link did you replace the cable on? Where is that test between?
