How to get Bell Fibe in Quebec/Ontario (Internet and IPTV) working with pfSense
-
also, install Avahi in pfsense so you can cut your other networks from accessing your main LAN but allows your main lan to access these other networks. Mainly for IOT ssid but can be used for the LAN network for IPTV boxes as well.
Vid: https://www.youtube.com/watch?v=HW9mUrF1ZgU
-
@idscomm said in How to get Bell Fibe in Quebec/Ontario (Internet and IPTV) working with pfSense:
also add VLAN 7 as Trunk for my Access Point ports. So you are using your own access point for the IPTV and not the VAP? The wireless receivers will ask for an IP but what make them go on VLAN7, pfsense will route them to
Yea, I am using my unifi for the WIFI. i grabbed a cheap tplink access point with a bush button WPS. on that device I created a SSID that matched my unifi ssid. (unifi will start sending you alerts that you have a rouge AP). i booted my PVR and when it did not see the hh3k anymore, it asked me to press ok to connect to WPS. start wps on the tplink box and wait till it connects. after it connected, i disconnected the wps ap and it started connecting to unifi AP right away. not sure what a VAP is but if thats from Bell, i am not using it.
-
on your VLAN7, you use Bell DNS, your gateway is it your DHCP gatewan from your VLAN7 or the IPTV gateway?
-
@idscomm sorry about that. I use the bell dns on my vlan7 lan dhcp server.
47.55.55.55
142.166.166.166 -
@rcmpayne ok, so I tested everything and I'd say I am almost there. The TV works but I lost connection after 10 sec ish. I remember seeing this issue earlier... any idea?
-
Are you sure your box is getting a IP from the correct lan dhcp? I recall getting that as well but the box was not on my vlan7 ip
-
for testing purposes tonight I used a separate NIC and setup a different Network for the IPTV
-
@idscomm looks like it might be your IGMP Proxy or multicast being filtered
https://www.dslreports.com/forum/r31118482-Yes-you-CAN-bypass-the-HomeHub-3000~start=330
-
Seems like I lost my internet now ......
-
hummm, that's odd! Here are a few more screenshots
WAN IPTV
LAN IPTV
LAN IPTV Rules: Ensure the IGMP rule has "Allow packets with IP options to pass. Otherwise they are blocked by default. This is usually only seen with multicast traffic." enabled
-
Everything looked fine. I'll do some research and review my settings in the next day or 2 and get back to you... I feel like it's close since I got the TV and Guide at least...
-
ok let me know how you make out
-
@rcmpayne
Quick question in regards to the downstream. The original post on top of this page shows 10.50 network and you put 239. Network. What should the downstream be? -
@idscomm are you an Aliant user?
-
@autumnwalker
Yes I am. In Nova Scotia. -
@jessej1984 said in How to get Bell Fibe in Quebec/Ontario (Internet and IPTV) working with pfSense:
@idscomm said in How to get Bell Fibe in Quebec/Ontario (Internet and IPTV) working with pfSense:
@autumnwalker
Yes I am. In Nova Scotia.hablas español
quien habla español
-
Why are you posting here in Spanish?
Please use the Spanish language section: https://forum.netgate.com/category/11/espa%C3%B1ol
-
@idscomm said in How to get Bell Fibe in Quebec/Ontario (Internet and IPTV) working with pfSense:
@autumnwalker
Yes I am. In Nova Scotia.I keep meaning to document my setup. Aliant functions completely differently from this guide (as you've discovered). All of my cable boxes are wired so I cannot speak to the wireless boxes / configuration, but with wired all of your set top boxes should be in the same LAN (VLAN) as your home network. In my experience 192.168.2.x was required. Changing it broke the STBs.
High level configuration notes:
- Fiber should come into your pfSense box somehow (media converter, direct GPON in SFP+ card, etc.).
- The port that acts as your WAN (where your fiber comes in) should have the MAC of your HH3K spoofed on it (otherwise you have to wait for Aliant to forget your lease - it's 10's of hours).
- pfSense should have the port that your Fibe comes in on tagged with VLAN 34 (IPTV) and VLAN 35 internet.
- You should have another NIC in your box that serves as your LAN port, everything else (including STBs) should connect to that.
- IGMP proxy should ONLY have upstream configured (leave downstream blank). Upstream should have networks 10.2.0.0/16, 10.237.0.0/16.
- You can use whatever DNS servers you want, but make sure that pfSense forwards fibreop.ca and iptv.microsoft.ca to Aliant DNS servers.
- You must create your own IPTV gateway based on the results of your packet sniffing.
- You must create two static routes for IPTV based on the gateway you just created: 10.2.0.0/16 (IPTV traffic) and 10.237.0.0/16 (IPTV DHCP).
- You will need to create firewall rules for your IPTV WAN connection (VLAN 34) which allow traffic to pass from WAN (VLAN 34) to LAN. This is the part that I have not refined any further than this guide. Make sure you allow IP Options on this firewall rule. You can make one for IPv4 and one for v6 or just one for both (I made two).
That's the config in a nutshell that works for me and has been working for several months now.
If you want to use your Cisco switch as your media converter I can help you with that too (that's what I'm doing).
-
@idscomm said in How to get Bell Fibe in Quebec/Ontario (Internet and IPTV) working with pfSense:
@rcmpayne ok, so I tested everything and I'd say I am almost there. The TV works but I lost connection after 10 sec ish. I remember seeing this issue earlier... any idea?
This is almost certainly an IGMP proxy issue - take a look at my post above. Excellent info here as to why the config in this article is incorrect: https://www.dslreports.com/forum/r32420749-
-
Thanks for the replies guys. I fully intent to put up a full and updated Guide to help others as well... I think it's great to run Internet and TV on your own devices and not depends on Bell....
Now, I managed to get Internet and TV working today for half the day! All the apps (Youtube, Netflix and On Demand were working perfectly) ... no glitch so far. I used a separate NIC on the Pfsense Box (plugged a switch) and set my VAP on the same network Bell did in their router i.e.: 192.168.2.1 DHCP activated. My Wireless receivers are getting IPs in that range and it's all good. I had a glitch with my Internet but it ended up being caused by wrong default Gateway (for some reason the IPTV Gateway had been set by default). DNS and Gateway fixed and all good for the Internet.
My questions are:
-
Regarding IGMP Proxy, why only Upstream and no down? Where did you get the 2 Networks (10.2.0.0/16, 10.237.0.0/16)? I have my Downstream set to 192.168.2.0/24 (FibeTV LAN) and my Upstream to 224.0.0.0/4 and 10.0.0.0/8
-
In regards to DNS, my DHCP provides Bell DNS 47.55.55.55 & 142.166.166.166. Everything seems to work like that... Should I change something else in regards to fibreop.ca and iptv.microsoft.ca?
-
10.2.0.0/16 (IPTV traffic) and 10.237.0.0/16 (IPTV DHCP) still need to be created un Routes?
-
So there is no need for the 239.0.0.0/8 route?
italicised text You will need to create firewall rules for your IPTV WAN connection (VLAN 34) which allow traffic to pass from WAN (VLAN 34) to LAN. This is the part that I have not refined any further than this guide. Make sure you allow IP Options on this firewall rule. You can make one for IPv4 and one for v6 or just one for both (I made two). I do not have this done but for now my Fibe TV LAN is wide open outbond... I don't have inbound rules on the WAN IP TV tho...
- Are you guys aware of any IPV6 being used by Bell? Should I still allow IPV6?
-