DLNA across two interfaces / subnets
-
Let me provide some background info. For past years I have been using this router from my provider. It was doing NAT, WiFi, phone system etc. And using the cordless phones from same manufacturer allowed me to listen to DLNA sources in the LAN on the phone or send the stream to other media renderer in the network. Recently I changed my tariff plan to obtain a static IP and allow me to install my own router. The "old" router now has been degraded by the provider to a cable modem with a public IP (bridging to one LAN port) and telephone system. Other functionalities are gone. And since the "old" router / "new" cable modem now has only a public IP it won't see my local DLNA server.
Using a VPN to achieve my goal is therefore not possible.
So I would start to set up IGMP proxy with the upstream interface being my LAN 192.168.0.0/24 and downstream interface is the IP of my old router aka cablemodem?!
For firewall config I came across this guide, see section "Swisscom TV"
Do you think it is applicable (with some tweaking) to my scenario? -
Hmm, I'm still not clear. :-
You are trying to setup an IGMP proxy between LAN and WAN. What device is on the WAN side that need access to DLNA resources in the LAN?Steve
-
The cablemodem which is able to act as a DLNA client (in combination with some phones that support this).
-
Ah, OK. So your new cable modem is not just a modem then. Does it have a web interface? What IP is that accessed on? Does your pfSense box get a public IP on its WAN interface? (PPPoE, DHCP?)
If it really does have only a public IP then you would be opening up your firewall to multicast traffic from the internet in general which seems like a very bad idea!Steve
-
Actuall it is still the same router as I used for whole this time (see link above) and my provider re-configured it to act as cable modem and telephone system.
For sure it has a webinterface and a public IP (..*.109). The WAN interface on pfsense is configured as .110 with .109 as gateway. So I guess I can bury the idea to get it working for the sake of security :-\ -
If it has a fixed IP then you can just limit your firewall rules to only allow that traffic.
It seem odd to me that a phone system would have DLNA playback capability. I guess why not. ;)Steve
-
Haha, be sure it does. You can either play from USB storage attached to the box or any DLNA source. While it was still configured as router it worked pretty well. You can browse the media library on your phone and forward it to any media renderer in the network. So the phone acts like a remote control - pretty neat feature.
So I gave it a try and set up IGMP proxy as above. I enabled the option that allows packets with IP options to pass in my allow-all-outbound rule (LAN). Both rules (IGMP and UDP) for WAN have been configured like in that swisscom tutorial with source IP set to .109
But guess what? not working :( -
Well DLNA is not IPTV so it's not directly transferable. Your server is on the inside playing streams to the outside so it's working the opposite way around to the IPTV example.
There are a few threads here I contributed to about getting DLNA working across two interfaces/subnets. At least one of them was successful. ;)
Let me see if I can find it….Hmm can't find it. Thus might be useful though:
https://forum.pfsense.org/index.php?topic=73171.0
You'll need to know what ports your DLNA server is using for actually streaming the data.Steve
-
Still trying to figure out the ports of Twonky. Unfortunately the config files are not accessible as it is built into my NAS.
But with the IGMP proxy set up and the IGMP rule on the WAN interface at least the media server should show up. IGMP is used for discovery of devices ahile later on the actual streaming is done via UDP?! -
You also need a rule on wan to allow udp port 1900 (also with IP options?) for the ssdp part of the discovery.
I'm not totally sure on this but I beleive it should go something like this:
Client sends out a multicast igmp packet, 'who is out there?'.
Server responds.
Client then talks SSDP to find out the name of the server and what services it offers.
Client then talks to the media server to request files/streams on the appropriate port.Steve
