IPTV IGMP multicast problems with BT YouView on pfSense

Jimbo

Hi casualsix,

Thank you for your fast reply.

Please see attached screen shots of my settings. Hopefully these will make more sense than my typing.

I really appreciate any help as the other half isn't happy…

.png)
.png_thumb)
.png)
.png_thumb)
.png)
.png_thumb)
.png)
.png_thumb)
.png)
.png_thumb)
.png)
.png_thumb)
.png)
.png_thumb)

casualsix

Hi,
Not sure you need all the NAT-OUT rules for the BT Vision, mine doesn't need it.

Firewall rules look O.K to me.

Can you screenshot the interface assignments please(hide the mac add's).

I take it your hardwired between your vlan interface and the BT Vision/Youview box, as I've found some wifi configs block multicasting?

Also have you used the test stream rtp://234.81.130.4:5802 with VLC player on your PC?

What does your System > General Logging say? IGMP system messages


Jimbo

casualsix,

Thank you for taking the time to look through my config.

I've tried VLC streaming on the same network as the BT Vision box and via another LAN. Both just show no image and no seconds counting on the video time.

I created the NAT rules as before the BT Vision box couldn't connect to the internet at all.

The BT Vision box is hired wired straight into the TP-LINK TL-SG108 with IGMP snooping enabled.

I can only see one entry from this morning UK BST time in the system general log regarding IGMPproxy: Oct 2 10:45:49 igmpproxy 73792 select() failure; Errno(4): Interrupted system call

Please see attached interface assignments.

Thank you for taking the time to help.

casualsix

Thats No problem, I've been through the same pain!!

What hardware have you got for your router?

Have you tried it in different hardware (sounds extreme, but thats what I have done and found incorrect settings in my managed switch.

I've seen that error message before on a NIC card which wasn't compatible. I also had it working on the SG-1000 netgate, then updated the firmware and it never worked again, so changed to the SG-2220 now after getting a refund for the SG-1000, and i've not had any further problems with 2.4, I've also ran it on an old Acer Revo 3610 with one NIC and the community edition of pfsense 2.3 and all vlans like yours and it ran a treat with that, no issues. So thats why I put it down to the NIC make causing that error.

Thanks, Jeremy

Jimbo

Thankfully the other half is very patient and puts up with my network issues :).

Sorry I probably should have mentioned the setup sooner.

Host running KVM (Ubuntu 16.04)
Onboard NIC runs the HOST / Mail server in KVM.
2 X TP-Link Gigabit PCI Express PCI-E for the PfSense VM.
TP-LINK TL-SG108E - Managed switch - The LAN interface from the PfSense box connects directly to this. Trunk port 8.
The WAN side is connected directly to the BT FTTC VDSL (HUAWEI) unit.

That's the setup.

I've had a bit more of a play but no joy sadly. I found that if I removed the NAT-OUT rules the BT Vision box would complain that there was no Internet connection.

Not really sure what else to try.

casualsix

Did you try rebooting the youview box after removing the nat out rules to get it to recognise the internet again? I had same problem and that cured it.

Jimbo

Hi casualsix,

Actually I don't think I did. (I did unplug the network cable).

This morning I removed the NAT-OUT rules and rebooted the YouView BT Vision box. I'm afraid that no Internet connection was detected until I setup the NAT-OUT rules (was worth a try though).

I had another play around this morning but sadly nothing has helped.

I've attached a picture of the error message and network settings from the YouView BT Vision box.

casualsix

I take it you've got DHCP server and "DHCP" firewalls rules setup for the BTVision Vlan?

casualsix

The error message is to do with the IGMP multicast not working, not due to the Youview Box not getting internet. I would recommend deleting your out nat rules to keep things simpler, unless there's another need for them.

You could try this…

Under System -> Advanced -> System Tunables, add a new entry with the Tunable as "net.link.ether.inet.allow_multicast" and the Value as "1".

Jimbo

casualsix,

Thank you for the pointers. I have removed all outbound NAT rules for 192.168.0.0/24 WAN,BT_VLAN,EXTERNAL_BT :).

I have also added the tunable you supplied.

For good measure I rebooted everything (PfSense, BT box) but sadly I now receive that the box can't see any broadband connection. This error seems to go away with the NAT rules.

Regarding the BT Vision VLAN: I've attached a screenshot of the rules, yes it has a DHCP server :).

As always thank you for taking the time to assist!


casualsix

Also, in your "BT Vision vlan" firewall rule, wildcard "any" the source, Instead of the strict rule.

casualsix

My IPTV WAN rules


casualsix

My vLan (Internal lan) rules


Jimbo

Casualsix,

Thank you so much for sending this over. Sadly even with a colleagues help and using your rules as templates we couldn't get it working. I must be missing something, not sure what though.

May I ask what kind of IP range you are using on your WAN? I'm using 10.20.30.1/24

casualsix

For my secondary IPTV WAN i'm using a 10.10.10.1, IGMP Proxy isn't really fussy about what you use.

I'm using a EchoLife HG612  (BT openreach) "firmware hacked" ;D  modem, is that what you have?

When you turn off you outbound nat rules , I take it your youview box is seeing the DHCP O.K.?

I also read somewhere that BT need the Youview DNS to be pointed at they're servers but Im not sure if thats true, but it's not the case with Plusnet supplied youview service though (Obviously part of BT anyway)

casualsix

Also, For Info,,,,,,I've tested your IPTV WAN IP 10.20.30.1/24 , and it's working fine with my setup.

Jimbo

casualsix,

Thank you for testing my IPTV WAN IP and confirming I'm not going mad haha!

Yes I have a EchoLife HG612 but the firmware isn't hacked. Do you think that could be the issue?

I'll try BT DNS later today - At this point I'm grabbing at straws :)

casualsix

No, the standard BT Modem works fine also. Have you considered the SG-2220? Its such a improvement, I've messed with VM's and Iso installs but found Netgate hardware the answer for me. No IGMP Proxy issues and internet and VPN features I used are great,

Jimbo

casualsix,

Thank you, at least I know that the modem unit should be fine. I might try to install PfSense on metal to see if KVM/QEMU is doing something weird. I will take a look at SG-2220 and see what I think. I kinda like building my own stuff but then again these problems happen!

I do appreciate all your help. I have promised the other half that if I can't fix this we may go to another TV service that doesn't reply on IPTV :-).

casualsix

OK not problem, If I had a standalone linux o/s to install QEMU i'd test pfsense for you out of interest. I too like to try thing out but IGMP proxy got the better of me and forced me to get the Netgate hardware.