WyzeCam and Pfsense
-
@johnpoz I have PF on the DMZ for my Modem/Router.
@stephenw10 Yes the App sees the cams as online and pulls a thumbnail. Its when I go to view live streams. The app shows a KBPS and it will range from a low speed say 3-5KBps and then jump up to 50 and then down to 4 and then hangs out at zero for a while and then maybe will spike up to 14 or 20 and then back to zero.
When on Cellular
When On LAN
-
Hmm, interesting. Is it actually updating the image during that time?
What sort of bit rate do you get when connecting locally?
-
Between 60-170 KBps The attached links to Youtube above show the behavior and rates.
-
Ah, yes I missed that second link, thanks. So it doesn't actually fail. You can see the timestamp incrementing still.
That looks more like MTU issue or a TCP windowing error. Try looking at a pcap of that traffic. Is it full of errors and/or retransmissions?
-
The cap is below See file attached, wyzeCAP.txt This is from when I loaded the cam in the App from my Mobile Phone. So the stream is coming through Port 10001 (UDP), I see a Secure HTTP from wyze to my phone prob to auth, and then starting to stream. The packet lengths vary. It seems that its a direct connection from the Cam to the App for this stream, its not uploading to the cloud (If Im reading this right).
Currently NO rules blocking TCP/UDP are in play.
This is all new to me so forgive me for any ignorance.
I tried finding my MTU.
└─$ ping -M do -s 1500 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 1500(1528) bytes of data.
ping: local error: message too long, mtu=1500└─$ ping -M do -s 1472 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 1472(1500) bytes of data.
76 bytes from 8.8.8.8: icmp_seq=1 ttl=58 (truncated)└─$ ping -s 1472 -M do 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 1472(1500) bytes of data.
76 bytes from 8.8.8.8: icmp_seq=1 ttl=58 (truncated)
76 bytes from 8.8.8.8: icmp_seq=2 ttl=58 (truncated)$ ping -s 1473 -M do 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 1473(1501) bytes of data.
ping: local error: message too long, mtu=1500So 1472 + 28 = 1500, so the MTU is 1500 or 1472?
Then MSS
MSS = 1500 - 20 - 20 - 8 = 1452 bytes.
Or
MSS = 1472 -20 -20 - 8 = 1424 bytes
Am I on the right path?
-
This post is deleted! -
1500 is the default so that's expected. Where were you testing that from though?
I note the maximum packet size the camera is sending is 1117. Or at least that's the largest packet captured. Where was that pcap taken?
-
@stephenw10 I was pinging from my laptop connected to the VLAN the cams are on. The cap was taken from Pfsesnse's packet capture tool.
-
@djskott what specific version of camera is this? I half a mind to order one to play with..
-
@johnpoz I have a Mix of the V3 and Floodlights w/ V3 cams.
https://www.amazon.com/Vision-Indoor-Outdoor-Camera-Assistant/dp/B08R59YH7W/ref=sr_1_5?crid=13FLV3G805FJ7&keywords=Wyze+v3&qid=1693310484&sprefix=wyze+v3%2Caps%2C348&sr=8-5
-
@djskott said in WyzeCam and Pfsense:
I would think the pan model would be exactly the same when it comes to networking.. Which is less than $2 more..edit: Well my v3 "pan" will be here tmrw ;)
-
@djskott said in WyzeCam and Pfsense:
The cap was taken from Pfsesnse's packet capture tool.
On which interface though?
If that was on WAN try looking on the VLAN. There might be more traffic there that isn't shown on the WAN. Which would be a big clue.
-
@stephenw10 That was from the VLAN
Here are Caps from when I initialize the Cam from My Phone (Not connected to LAN):
VLAN wyzeCAPVLAN200.txt
WAN wyzeCAPWAN.txt -
@djskott txt caps are not very useful.. just upload the actual pcap file..
-
@johnpoz My apologies
Due to size using links
WAN: https://www.djskott.com/thingsthatgohmm/pcapwan.zip
VLAN: https://www.djskott.com/thingsthatgohmm/pcapvlan.zip -
There are only 8 packets in the WAN pcap there to the cell IP. And they are all small.
You probably need to filter than pcap by the remote IP so it doesn't get swamped by other WAN traffic.
-
@stephenw10 When I filter the Phones IP, i see a string to the Modem and then nothing.
-
That's on the WAN? Do you see more on the VLAN?
Also that's a different IP, did the phone just get a new IP?
-
@stephenw10 It's entirely possible that the device picked up a new IP from the Carrier. I am seeing a different IP in the VLAN than i do with the WAN now that you mentioned it.
Here is the VLAN as of 1056a https://www.djskott.com/thingsthatgohmm/pcapvlan200-1056.zip
-
What we're looking to do here though is make sure the UDP stream looks the same on both the VLAN and the WAN. Potentially some MTU difference could be dropping traffic there for example. I don't think that is happening but we need pcaps from both interfaces where the IPs used are the same ideally.
