How to get Bell Fibe in Quebec/Ontario (Internet and IPTV) working with pfSense
-
Why are you posting here in Spanish?
Please use the Spanish language section: https://forum.netgate.com/category/11/espa%C3%B1ol
-
@idscomm said in How to get Bell Fibe in Quebec/Ontario (Internet and IPTV) working with pfSense:
@autumnwalker
Yes I am. In Nova Scotia.I keep meaning to document my setup. Aliant functions completely differently from this guide (as you've discovered). All of my cable boxes are wired so I cannot speak to the wireless boxes / configuration, but with wired all of your set top boxes should be in the same LAN (VLAN) as your home network. In my experience 192.168.2.x was required. Changing it broke the STBs.
High level configuration notes:
- Fiber should come into your pfSense box somehow (media converter, direct GPON in SFP+ card, etc.).
- The port that acts as your WAN (where your fiber comes in) should have the MAC of your HH3K spoofed on it (otherwise you have to wait for Aliant to forget your lease - it's 10's of hours).
- pfSense should have the port that your Fibe comes in on tagged with VLAN 34 (IPTV) and VLAN 35 internet.
- You should have another NIC in your box that serves as your LAN port, everything else (including STBs) should connect to that.
- IGMP proxy should ONLY have upstream configured (leave downstream blank). Upstream should have networks 10.2.0.0/16, 10.237.0.0/16.
- You can use whatever DNS servers you want, but make sure that pfSense forwards fibreop.ca and iptv.microsoft.ca to Aliant DNS servers.
- You must create your own IPTV gateway based on the results of your packet sniffing.
- You must create two static routes for IPTV based on the gateway you just created: 10.2.0.0/16 (IPTV traffic) and 10.237.0.0/16 (IPTV DHCP).
- You will need to create firewall rules for your IPTV WAN connection (VLAN 34) which allow traffic to pass from WAN (VLAN 34) to LAN. This is the part that I have not refined any further than this guide. Make sure you allow IP Options on this firewall rule. You can make one for IPv4 and one for v6 or just one for both (I made two).
That's the config in a nutshell that works for me and has been working for several months now.
If you want to use your Cisco switch as your media converter I can help you with that too (that's what I'm doing).
-
@idscomm said in How to get Bell Fibe in Quebec/Ontario (Internet and IPTV) working with pfSense:
@rcmpayne ok, so I tested everything and I'd say I am almost there. The TV works but I lost connection after 10 sec ish. I remember seeing this issue earlier... any idea?
This is almost certainly an IGMP proxy issue - take a look at my post above. Excellent info here as to why the config in this article is incorrect: https://www.dslreports.com/forum/r32420749-
-
Thanks for the replies guys. I fully intent to put up a full and updated Guide to help others as well... I think it's great to run Internet and TV on your own devices and not depends on Bell....
Now, I managed to get Internet and TV working today for half the day! All the apps (Youtube, Netflix and On Demand were working perfectly) ... no glitch so far. I used a separate NIC on the Pfsense Box (plugged a switch) and set my VAP on the same network Bell did in their router i.e.: 192.168.2.1 DHCP activated. My Wireless receivers are getting IPs in that range and it's all good. I had a glitch with my Internet but it ended up being caused by wrong default Gateway (for some reason the IPTV Gateway had been set by default). DNS and Gateway fixed and all good for the Internet.
My questions are:
-
Regarding IGMP Proxy, why only Upstream and no down? Where did you get the 2 Networks (10.2.0.0/16, 10.237.0.0/16)? I have my Downstream set to 192.168.2.0/24 (FibeTV LAN) and my Upstream to 224.0.0.0/4 and 10.0.0.0/8
-
In regards to DNS, my DHCP provides Bell DNS 47.55.55.55 & 142.166.166.166. Everything seems to work like that... Should I change something else in regards to fibreop.ca and iptv.microsoft.ca?
-
10.2.0.0/16 (IPTV traffic) and 10.237.0.0/16 (IPTV DHCP) still need to be created un Routes?
-
So there is no need for the 239.0.0.0/8 route?
italicised text You will need to create firewall rules for your IPTV WAN connection (VLAN 34) which allow traffic to pass from WAN (VLAN 34) to LAN. This is the part that I have not refined any further than this guide. Make sure you allow IP Options on this firewall rule. You can make one for IPv4 and one for v6 or just one for both (I made two). I do not have this done but for now my Fibe TV LAN is wide open outbond... I don't have inbound rules on the WAN IP TV tho...
- Are you guys aware of any IPV6 being used by Bell? Should I still allow IPV6?
-
-
I'm curious to see if you will get the PVR bug i've seen, A few people that have been using the PfSense setup get a slow pvr response after a few days of using it, watching live tv or apps work fine, but accessing/deleting recordings is slow and sometimes when you have a scheduled recording you won't get the info... rebooting the pvr seems to resolve the issue.
-
well, I was curious if the pvr problem was still there, in my case sure is...after an hour of use or so, all the pvr functions become sluggish, this does not happen with my er-x router from ubiquity, I’m also wondering why is it we need to bridge the interfaces to get iptv to work ? i know that if i don’t do that i get tv for about 10 seconds and then it stops, I read it has to do with igmp, but i’m using the latest version and i tried connecting the fibe receiver directly to the ethernet card, my switch is L2/l3 and snooping is enabled, but that didn’t change anything
If anyone on here is indeed using pfsense with their gpon plugged in directly to their pc I would be curious to see how they have it set up, because in the time being i’m paying for 1.5gbit but because of the ubiquity er-c flimsy hardware i get about 800mbits
-
@pjaneiro
Hi there, my setup is not bridge... I am using 2 NIC, one for the Internet Connection of my IPTV (WAN) and the other one is the LAN IPTV on a different NIC. Like I mentioned earlier if you follow my recent posts (the last 203 days) I had some issues as well but got it working fine today. I did not test the PVR to see if I was having the same issues you mentioned but I certainly will within the next few days. Once I am satisfied that everything is working fine I will write a new port/blog detailing all the steps, thanks to @autumnwalker and @rcmpayne who helped me a lot.I am still tweaking my install as I believe I need to review some of my settings.
-
This post is deleted! -
@idscomm take a look at this post re: IGMP config https://www.dslreports.com/forum/r32420749-
@pjaneiro you should not bridge your WAN and LAN for IPTV to work. You should have VLAN 34 tagged on your WAN interface (if you're with Aliant, it's a different VLAN for Bell) and your routing should be setup per my post above so that IPTV multicast traffic is passed to your LAN port.
I do not have the issues you describe with my PVR.
You should make sure that any downstream switch in your network is capable of IGMP snooping otherwise you will likely flood your LAN with multicast traffic.
These cable boxes are designed to be in your local network on the same IP range as everything else, not bridged to Bell's IPTV network.
-
@CrazyMitchy said in How to get Bell Fibe in Quebec/Ontario (Internet and IPTV) working with pfSense:
Would you guys know why for 5-10 minutes I can watch the TV, then the PVR says disconnected, then it comes back on its own? I've followed you guys instruction, and everything works (mainly)
Is it a IGMP issue?
IGMP is usually seconds, not minutes.
Do you have pfSense forwarding fibreop.ca and iptv.microsoft.ca to Aliant DNS servers? AFAIK if you don't have iptv.microsoft.ca forwarded the PVR will do weird things.
-
This post is deleted! -
@CrazyMitchy said in How to get Bell Fibe in Quebec/Ontario (Internet and IPTV) working with pfSense:
@autumnwalker I've missed that requirement, what would those DNS be? Is it going to be different if I'm with Bell Fibe (in Quebec)
As far as I know Quebec uses the "Bell" configuration, not the "Aliant" configuration. My instructions would not apply to you. I cannot comment on the Bell config unfortunately.
-
@autumnwalker Hi, my pvr is connected to a separate NIC on the pfsense box directly, igmp is enabled on pfsense, but if i do not bridge wan iptv interface with the nic, the tv does not work, when rebooting the fibe pvr and for the green light takes a while to become solid...
Just wondering why is it so complicated to get this going with pfsense, it took me less 10 min to get it all working with a ubiquity box, same setup too, one port for lan and one port for fibe receiver
-
@pjaneiro I cannot comment on the Ubiquiti stuff.
pfSense is not a switch, it is a router. You can configure it to work like a switch with bridging LAN ports, but out of the box it doesn't work like a switch and it isn't intended to.
Over simplifying - each port is intended to have one function (VLANs are a different discussion), but think of each port of being either in or out and each in / out is a different network location / segment. If you have WAN in from Bell on one port and LAN out on another port that routing is configured in pfSense automagically on initial setup. If you add your IPTV box to another port on pfSense it doesn't automatically know how to route the traffic. When you bridge it to WAN, it basically just puts your IPTV box in Bell's data centre - it isn't intended to function that way.
The "right" way to do this is to have WAN in from bell with VLAN 34, 35 (for Aliant users only) and a LAN out (no VLAN required). Put a switch behind your LAN port on pfSense (make sure it does IGMP snooping), and plug your IPTV boxes and all your other network gear into that.
Bell (internet) > (pfSsense WAN > pfSense LAN) > switch > your network gear
-
This post is deleted! -
@autumnwalker
Thanks for the link, very interesting post, helped me understand a bit better. That JamesMTL seems to be very knowledgeable!!I will have to tune my IGMP Proxy, DNS and Rules a bit. Do you have any IPV6 traffic going through or not?
-
in my case there is when the pvr is booting up, also in the case you ever need to replace the hard drive it’s also needed, i don’t believe it needs it while viewing live tv or recording
-
@idscomm said in How to get Bell Fibe in Quebec/Ontario (Internet and IPTV) working with pfSense:
@autumnwalker
Thanks for the link, very interesting post, helped me understand a bit better. That JamesMTL seems to be very knowledgeable!!I will have to tune my IGMP Proxy, DNS and Rules a bit. Do you have any IPV6 traffic going through or not?
No, there does not appear to be any IPv6 going through for IPTV.
JamesMTL has helped me tune my config a lot. Very knowledgeable!
-
@CrazyMitchy said in How to get Bell Fibe in Quebec/Ontario (Internet and IPTV) working with pfSense:
@autumnwalker Everything else in your instructions work A1 though, I'm looking at my firewall and don't see my PVR trying to contact anything other than routes I created at the start. How did you go about finding those Aliant DNS?
Does Bell in Quebec use DHCP or PPPoE? In Atlantic Canada (Bell Aliant) we use DHCP and no PPPoE. The DNS servers are pulled down with the DHCP request that the GPON sends out to Aliant. Once I had them I swapped to my own DNS and setup the two URLs in my DNS Resolver to forward to the Aliant DNS servers.
I strongly suspect that Quebec is not the same as Aliant ...
-
This post is deleted!