How to get Bell Fibe in Quebec/Ontario (Internet and IPTV) working with pfSense
-
Well, looking at my logs, I don't see ipv6 traffic. I read somewhere that enabling IPV6 for iptv solved some troubles. I suppose it's not true. Sorry for the misleading information.
So no ipv6 is not needed for iptv. -
Bell used to be a world leader in telecom. However, lately they've become a laggard. Several competitors, including most, if not all the cable companies, provide IPv6, as do some of the 3rd party providers, who connect by Bell's ADSL system or cable TV.
-
observations on this setup, as of recently I noticed that accessing my recordings is sluggish and getting to the netflix app is a pain, i often get writing for your pvr.....so my initial thought was, failing hdd. so i did a few tests before and decided to plug back in the HH300, speed was back to normal, that's odd, while not turning off the PVR i rebooted my pfsense box and everything got sluggish again, hmmmm, so i was wondering anyone knows what might cause this ?
I also tested something else, in case it was the hard drive, i decided to replace it, for those who didn't know, you can swap out the hard drive with another 1tb or 500gb , the system will reset a few times, you will see a gear and a progress bar, odd thing again, that does not work with the pfsense setup, plugged back in the hh3000 boom, it started to re-install the software, again, i'm no expert in this, but something is missing with this pfsense setup
My setup right now is that i have a ethernet card just for my pvr, that port is in a bridge group with the iptv lan as documented in the steps here further up and my igmp setup has no downstream and an upstream of 10.0.0.0/8
-
Nevermind, I was looking at my logs, it seems bell has started to use ipv6, i had all kinds of blocked from my pvr but ipv6 addresses, my setup was to block all ipv6, enabled ipv6 and boom, recorded shows started to run fine again, i even tried a new hdd and it started right up to download required software to it, so it might be a good thing to add in the how to that bell now needs ipv6 and it must be enabled in the firewall rules and system itself
-
@pjaneiro
I’m working on my setup here with the HH3000. Would you be able to help me a bit. I got Internet working fine (that’s the easy part) but I have a few issue with the TV.... I’m getting an address but no gateway ... people are also talking about bridging .... do I have to bridge my Lab with my IPTV?It would be nice to get an updated version of this guide with the latest version of pfsense.
Thanks in advance!
-
@idscomm yeah sure I’ll give you a hand. If you can explain your set up that would be great. Are using a media converter into one wan port or do you have a different kind of set up?
-
@rcmpayne
Yes. I have the Fibe connected to the media converter, then I created 2 VLANS. 35 for Internet and 34 for TV (in my case here TV seems to be on 34 since I managed to get and IP). I spoof the MAC from the HH3000 on my “physical” WAN interface but I have set it to “none” compare to the 2 VLANS set to DHCP (no pppoe here either)Internet is working fine but like I said I don’t see a gateway in pfsense for the IPTV (using the latest version of pfsense).
My Network LAN is not 192.168.2.x like the HH3000 by default. Not sure if this can cause an issue.
I follow the guide on this site but I wasn’t sure about the downstream which shows I guess his LAN correct? I would have to adjust this to reflect my LAN I suppose.
My question is where to you connect the Wireless VAP, anywhere on your LAN? Then the DHCP will assign an IP to the device and the 2 receiver will then pull an address from the VAP (through the DHCP)?
I can send you print screen as well if it’s easier :)
Thanks a lot :)
-
I am using VLAN7 for my iptv LAN network.
So 4 interfaces:
WAN – tagged 35
IPTV WAN – tagged 34
LAN – no tag
IPTV LAN – tagged 7IPTV WAN has a gateway assigned statically because DHCP doesn’t provide it. We got this from a packet capture, it is likely different for other people.
- Disable the Gateway that was created by default for IPTV WAN interface. we will create a new one manually
Because I’m using multiple “virtual interfaces” for one physical interface, we also set up a static Route to use the IPTV WAN Gateway for the IGMP addresses, and IPTV addresses (239.0.0.0/8, 10.0.0.0/8).
From the DHCP request in the packet capture…
Relay agent IP address: 10.194.192.2Set this as the IPTV WAN Gateway address.
We also spoofed the HH3K MAC address on our WAN adapter – this picks up an IP faster instead of waiting for the IPTV lease to expire (up to 18 hours I believe).
In DHCP for the IPTV LAN I set the Bell DNS servers:
47.55.55.55
142.166.166.166Set up an IGMP proxy:
Upstream: 10.0.0.0/8
Downstream: 239.0.0.0/8If you cant get the gateway via the packet capture, let me know and i will give you a example and steps. Once you get this part we can talk about getting your box connected. do you want lan or wireless for the IPTV boxes? i have one running on unifi AC-Lite and one on lan using a tp-link smart switch (40.00 from amazon that allows for vlans)
-
Thanks for the write up. So your IPTV LAN is on a different interface and not your regular LAN then?
regarding the packet capture, did you use wireshark or pfsense?
I do have a Unifi Access Point AC Lite as well as the controller running on my LAN. So my understanding is that you are not using the Bell VAP?
In the meantime, I am currently setting things up as per your write up...
-
@idscomm I have two interfaces coming into PF sense, One for Wan and one for LAN. My lan connects to a switch This is a five port switch from TP link where I have one port with a PVid of 7 for the hardwired pvr. Another port K’NEX to unify access point where I have two Wi-Fi SSIDs is create it. 1 SSID is called IPTV and has a VLAN of 7 tagged.
Ill get you steps to cap from pfsense after I get out of the hot tub :)
-
Sounds good to me lol! I hear ya, we have a hot tub too!!! A must!
-
Would my gateway be there:
-
@idscomm I would open two pages for pfsense, one on pcap and one on Status -> Interfaces. Find your IPTV WAN and release the IP. Start the pcap and renew the WAN IPTV interface again
Stop the pcap and download the capture to open in wireshark. Filter by dhcp and look for "relay agent ip". This if your IPTV WAN gateway.
-
got it!
For testing purposes, I will use a second switch and put that IPTV LAN on another separate network like 192.168.2.x like the default one they use... I have 4 interfaces in that box...
-
The Next thing you need to do is create a VLAN LAN adapter. right now you likely have three
WAN host with mac from hh3k (not used)
WAN vlan 35 for internet
WAN vlan 34 for IPTV
LAN likely no vlan for your internal devicesCreate a new LAN with a vlan of something. I used vlan 7 for mine.
Setup a DHCP for this. Since its vlan 7, i used 192.168.7.x
Its this LAN interface that you need to used for your IGMP
Here is my IPTV LAN firewall rules
on your unifi AP, create IPTV SSID and give it your internal vlan. Connect your device to this and see if you get the 192.168.7.x ip not your standard IP for your reg LAN. This will ensure your new IPTV ssid is routing to pfsense with the correct vlan and getting a correct dhcp address.
If you have a TP-link switch and also want to get a local port set for this vlan as well you can do something like this. port 8 is pvid 7 thus will get forced a vlan 7 id
-
I have three of these switches. one for Living room, Rec room and one in the garage with the pfsense router. They work great for vlans
https://www.amazon.ca/TP-Link-Ethernet-Unmanaged-Replacement-TL-SG108E/dp/B00K4DS5KU/ref=sr_1_4?keywords=tp-link+easy+switch&qid=1575157953&sr=8-4
-
ok, I have a Cisco 3750G, port 1 is my Trunk carrying a few VLAN for my internal network. I will add VLAN7 and also add VLAN 7 as Trunk for my Access Point ports. So you are using your own access point for the IPTV and not the VAP? The wireless receivers will ask for an IP but what make them go on VLAN7, pfsense will route them to VLAN 7?
-
also, install Avahi in pfsense so you can cut your other networks from accessing your main LAN but allows your main lan to access these other networks. Mainly for IOT ssid but can be used for the LAN network for IPTV boxes as well.
Vid: https://www.youtube.com/watch?v=HW9mUrF1ZgU
-
@idscomm said in How to get Bell Fibe in Quebec/Ontario (Internet and IPTV) working with pfSense:
also add VLAN 7 as Trunk for my Access Point ports. So you are using your own access point for the IPTV and not the VAP? The wireless receivers will ask for an IP but what make them go on VLAN7, pfsense will route them to
Yea, I am using my unifi for the WIFI. i grabbed a cheap tplink access point with a bush button WPS. on that device I created a SSID that matched my unifi ssid. (unifi will start sending you alerts that you have a rouge AP). i booted my PVR and when it did not see the hh3k anymore, it asked me to press ok to connect to WPS. start wps on the tplink box and wait till it connects. after it connected, i disconnected the wps ap and it started connecting to unifi AP right away. not sure what a VAP is but if thats from Bell, i am not using it.
-
on your VLAN7, you use Bell DNS, your gateway is it your DHCP gatewan from your VLAN7 or the IPTV gateway?