How to get Bell Fibe in Quebec/Ontario (Internet and IPTV) working with pfSense
-
Yeah I'm not even getting that, the PVR boots up and displays a Network Connection error message so I don't even get to the apps. I've got vlans 35 and 36 created and put the IPTV_WAN on vlan 36 on my ethernet that connects to the ONT. VLAN35 works for Internet as I'm posting this message but 36 doesn't seem to work. The DHCP address I'm getting for the Fibe TV appears to be correct (though in my logs it's saying it can't ping the gateway that has been provided for the interface, not sure if that is normal).
-
Where do you see that you can't ping the gateway?
My gateway IP is 10.240.112.1, is yours something similar?
-
Where do you see that you can't ping the gateway?
My gateway IP is 10.240.112.1, is yours something similar?
In the gateway logs I believe it's using the monitor IP to check the health of the link
Dec 30 14:21:14 dpinger send_interval 250ms loss_interval 1000ms time_period 25000ms report_interval 0ms alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr 10.227.32.1 bind_addr 10.227.43.30 identifier "WAN_IPTV_DHCP "
Dec 30 14:21:16 dpinger WAN_IPTV_DHCP 10.227.32.1: Alarm latency 0us stddev 0us loss 100%Yeah my IPTV gateway is different … hmm
-
I see you're using dpinger. I believe they switched to dpinger in pfSense 2.3. Are you using 2.3?
-
Yes last night's snapshot, I know it's still in Alpha but it's always good to provide feedback
-
I haven't tested it with 2.3… so I'm not sure if any settings need to change with it. :(
-
Will try grabbing 2.2.4 and reload the firewall. I'll report back with findings
-
Doesn't have appeared to worked, still getting the same message. Going to see if I can speak with an egineer about this
-
Which of course is pointless as they say they don't know how to troubleshoot their own network unless it's with a homehub 2000. They kept saying that the PVR should receive an IP in the 192.168.2.11-17 range (but what if the PVR is plugged into a router that offers its a completely different address)? :) I wish there was at least 1 or 2 lvl 2 desk support agents that were at least curious as to how a network they support actually functions (perhaps when pigs fly).
Anyhow one though occurred to me while on hold, for those that it worked for was your PVR connected via the HPNA connector or via LAN before moving to pfSense? Either way I have to hook up my homehub again because they had me soft reset it when caused it to get a red x on the screen.
-
Which of course is pointless as they say they don't know how to troubleshoot their own network unless it's with a homehub 2000. They kept saying that the PVR should receive an IP in the 192.168.2.11-17 range (but what if the PVR is plugged into a router that offers its a completely different address)? :) I wish there was at least 1 or 2 lvl 2 desk support agents that were at least curious as to how a network they support actually functions (perhaps when pigs fly).
Anyhow one though occurred to me while on hold, for those that it worked for was your PVR connected via the HPNA connector or via LAN before moving to pfSense? Either way I have to hook up my homehub again because they had me soft reset it when caused it to get a red x on the screen.
.
-
Well this is going to sound strange but after leaving the whole setup alone and doing some more traffic captures I plugged everything back in and it now works. I didn't make any changes to the pfSense config, very odd. Finally I can enjoy the PVR and be rid of this homehub. Thanks for the help!
-
Well this is going to sound strange but after leaving the whole setup alone and doing some more traffic captures I plugged everything back in and it now works. I didn't make any changes to the pfSense config, very odd. Finally I can enjoy the PVR and be rid of this homehub. Thanks for the help!
First of all, thanks to the OP, and everyone else in this thread.
I had everything working in a virtual machine to test, except I had a dedicated subnet/interface for the LAN side of the IPTV, everything worked.
So I decided to move to an APU unit and now I am receiving the same network connection error on the dvr unit as surrealillusion… my Wireless Receiver works fine to watch tv.
Tried DVR on HomeHub again, works fine, moved back same issue.
I am wondering if there is a timeout or something that needs to drop as I have made many changes/tests, so I guess I am waiting it out as I can see nothing getting blocked.
-
Is there anyway to set this up with non-FTTH? I can't seem to get a gateway IP, just says "Dynamic' and no internet activity. Was hoping to have my pfSense and my Coax to Ethernet box replace the HH2000.
-
Hello,
I followed the tutorial step by step:
Internet works totally
TV Works partially: Multicast work but not Replay, VOD and APPAny idea ?
PfSense Router Configuration:
Config: Intel Atom Processor C2750, Supermicro A1SAi-2750F, 4gb ram, 120gb ssd
Version: 2.2.6-RELEASE (amd64) -
@zax103, thanks a lot for this post. I recently switched from Videotron to Bell FTTH recently and after reading what you've done, I was sure I could also replicate such a setup. I didn't have a pfSense box at home (only at the office), so I was wondering if I could get this working on cheaper hardware (Linksys E4200 with custom firmware). In the process, I went through several issues that I had to debug, but actually got it fully working. I've wrote about it on a different forum and you can find my post if you search for 'Tossing the Home Hub 2000 while keeping TV', but I wanted to highlight a few things in your setup.
Bell also uses VLAN 37 for what it seemed, some IPv6 traffic. Anyone thinking about simply bridging their WAN port to connect the HH2000 on it should also bring that VLAN on it. However, if you aren't using that HH2000 device, you don't have to worry about it at all.
When my setup was completed, I could watch TV, but once in a while, it would simply cut off for a very short period of time, then resume. I tracked this down to a timeout mechanism used by Bell (upstream), or it could even be coming from the ONT. The interface on VLAN36 will receive an IGMP request to report the current subscription from 192.168.1.1. If the IGMP proxy doesn't answer that request, the multicast membership will be evicted. So you should add "192.168.1.0/24" to your upstream configuration to handle this.
As for the 'Apps' and 'On Demand' features, you need to hijack the DNS queries that are going to "*.iptv.bell.ca". I didn't take any chance, and did hijack the entire "bell.ca" and "bell.com" domains redirecting these queries to one of the DNS servers I was getting back from the DHCP Ack. I'm not sure if you are using dnsmasq on your setup, but if you do, the configuration change is simple:
rebind-domain-ok=bell.ca
rebind-domain-ok=bell.com
server=/bell.ca/10.2.127.228
server=/bell.com/10.2.127.228The 'rebind-domain-ok' is only needed if you have 'stop-dns-rebind' in your configuration, which prohibits upstream servers from returning private addresses. For instance, "mdsfe001.iptv.bell.ca" has to resolve to "10.2.121.4".
With all of this, an STB user wouldn't even noticed that the HH 2000 device isn't used anymore.
Thanks again for your great post!
Hi,
Where exactly enter the dns changes (rebind-domain-ok=bell.ca, rebind-domain-ok=bell.com, server=/bell.ca/10.2.127.228, server=/bell.com/10.2.127.228) on the web configurator ?thank you,
Nabolito. -
@zax103, thanks a lot for this post. I recently switched from Videotron to Bell FTTH recently and after reading what you've done, I was sure I could also replicate such a setup. I didn't have a pfSense box at home (only at the office), so I was wondering if I could get this working on cheaper hardware (Linksys E4200 with custom firmware). In the process, I went through several issues that I had to debug, but actually got it fully working. I've wrote about it on a different forum and you can find my post if you search for 'Tossing the Home Hub 2000 while keeping TV', but I wanted to highlight a few things in your setup.
Bell also uses VLAN 37 for what it seemed, some IPv6 traffic. Anyone thinking about simply bridging their WAN port to connect the HH2000 on it should also bring that VLAN on it. However, if you aren't using that HH2000 device, you don't have to worry about it at all.
When my setup was completed, I could watch TV, but once in a while, it would simply cut off for a very short period of time, then resume. I tracked this down to a timeout mechanism used by Bell (upstream), or it could even be coming from the ONT. The interface on VLAN36 will receive an IGMP request to report the current subscription from 192.168.1.1. If the IGMP proxy doesn't answer that request, the multicast membership will be evicted. So you should add "192.168.1.0/24" to your upstream configuration to handle this.
As for the 'Apps' and 'On Demand' features, you need to hijack the DNS queries that are going to "*.iptv.bell.ca". I didn't take any chance, and did hijack the entire "bell.ca" and "bell.com" domains redirecting these queries to one of the DNS servers I was getting back from the DHCP Ack. I'm not sure if you are using dnsmasq on your setup, but if you do, the configuration change is simple:
rebind-domain-ok=bell.ca
rebind-domain-ok=bell.com
server=/bell.ca/10.2.127.228
server=/bell.com/10.2.127.228The 'rebind-domain-ok' is only needed if you have 'stop-dns-rebind' in your configuration, which prohibits upstream servers from returning private addresses. For instance, "mdsfe001.iptv.bell.ca" has to resolve to "10.2.121.4".
With all of this, an STB user wouldn't even noticed that the HH 2000 device isn't used anymore.
Thanks again for your great post!
Hi,
Where exactly enter the dns changes (rebind-domain-ok=bell.ca, rebind-domain-ok=bell.com, server=/bell.ca/10.2.127.228, server=/bell.com/10.2.127.228) on the web configurator ?thank you,
Nabolito.you can juste go to your 'dns resolver' page, and add the dns and domain manualy from there. it's at the bottom of the page.
-
@zax103, thanks a lot for this post. I recently switched from Videotron to Bell FTTH recently and after reading what you've done, I was sure I could also replicate such a setup. I didn't have a pfSense box at home (only at the office), so I was wondering if I could get this working on cheaper hardware (Linksys E4200 with custom firmware). In the process, I went through several issues that I had to debug, but actually got it fully working. I've wrote about it on a different forum and you can find my post if you search for 'Tossing the Home Hub 2000 while keeping TV', but I wanted to highlight a few things in your setup.
Bell also uses VLAN 37 for what it seemed, some IPv6 traffic. Anyone thinking about simply bridging their WAN port to connect the HH2000 on it should also bring that VLAN on it. However, if you aren't using that HH2000 device, you don't have to worry about it at all.
When my setup was completed, I could watch TV, but once in a while, it would simply cut off for a very short period of time, then resume. I tracked this down to a timeout mechanism used by Bell (upstream), or it could even be coming from the ONT. The interface on VLAN36 will receive an IGMP request to report the current subscription from 192.168.1.1. If the IGMP proxy doesn't answer that request, the multicast membership will be evicted. So you should add "192.168.1.0/24" to your upstream configuration to handle this.
As for the 'Apps' and 'On Demand' features, you need to hijack the DNS queries that are going to "*.iptv.bell.ca". I didn't take any chance, and did hijack the entire "bell.ca" and "bell.com" domains redirecting these queries to one of the DNS servers I was getting back from the DHCP Ack. I'm not sure if you are using dnsmasq on your setup, but if you do, the configuration change is simple:
rebind-domain-ok=bell.ca
rebind-domain-ok=bell.com
server=/bell.ca/10.2.127.228
server=/bell.com/10.2.127.228The 'rebind-domain-ok' is only needed if you have 'stop-dns-rebind' in your configuration, which prohibits upstream servers from returning private addresses. For instance, "mdsfe001.iptv.bell.ca" has to resolve to "10.2.121.4".
With all of this, an STB user wouldn't even noticed that the HH 2000 device isn't used anymore.
Thanks again for your great post!
Hi,
Where exactly enter the dns changes (rebind-domain-ok=bell.ca, rebind-domain-ok=bell.com, server=/bell.ca/10.2.127.228, server=/bell.com/10.2.127.228) on the web configurator ?thank you,
Nabolito.you can juste go to your 'dns resolver' page, and add the dns and domain manualy from there. it's at the bottom of the page.
Use this from now on:
dhcp-option=br1,6,10.2.127.228Since my PVR is setup on 'br1', when it sends the DHCP request, the router will return Bell's DNS resolver and all DNS requests from the PVR will now succeed.
There was a firmware update on these machines that are now trying to resolve:
discovery.iptv.microsoft.com. 300 IN A 10.2.76.132If this doesn't resolve properly, the PVR doesn't boot anymore.
-
Hello everyone,
I have a question, will this kind of setup also work with Bell "Take the Hill - FTTB" ?
my Client has a Bell Connection Hub with Internet Only. The Router has limited control / functionality so i finally bought a pfSense SG4860 router.
I have been trying to get it to work but i am unable to, Bell Customer support people are not helping… When i asked them if i need to configure VLANs or anything else they said no.
Currently I have the connection going like this...
Fiber Box > Connection Hub > Switches > Desktops & servers
I would like to replace the connection hub with the pfSense router.
Does anyone have any idea on how do i get this done? Does the FTTB follow the same configuration as FTTH which the OP has setup? am i asking in the wrong section :-X
Thanks in Advance.
Aasim
-
Trying to accomplish this with a Cisco ASA and a pair of Cisco 3850s
Any pointerS?
-
Hi all,
I thought I'd post this for all to see as others may be interested in how I finally got this working.
My mission was to replace the Bell Home Hub 2000 router which is a rather in-flexible device considering that I have 175mbps/175mbps service. I wanted to replace it with a pfSense box I built on an APU.
After doing some reading, I realized that Bell passes both internet and IPTV on one network wire using VLANs coming off the ONT (Optical Network Terminator) box.
They use VLAN 35 for internet and PPPoE authentication on this VLAN and VLAN 36 for IPTV with DHCP.
The steps to get internet working are quite simple. You create a VLAN at 35 on the external interface that connects to the one active port on the ONT:
.While you're in there, create a VLAN at 36 on the same interface for the IPTV connection.
Then assign that VLAN to an interface and enable it and set it to use PPPoE authentication:
That's pretty much all you need to do for internet. pfSense does the NATing and routing setup for you automatically.
Getting IPTV to work is a little more involved.
First assign the VLAN 36 to an interface, and set it to DHCP:
Your automatic gateways will look like this:
Then set up a static route for 10.0.0.0/8 to go to the gateway discovered by DHCP on the IPTV WAN interface:
Then set an advanced option on the LAN interface and the WAN-IPTV interface in the pass all firewall rules:
Finally, set up IGMP proxying as such:
If you've done everything correctly, you likely don't even need to restart pfSense, it'll just start working!
If anyone has any questions about this, let me know.
Robert
Is this setup still working for you? I just got my Fibe Internet and TV yesterday and trying to set this up as you do but I can't get the PPPoE interface to come up. Has anything changed at all in the setup?