How to get Bell Fibe in Quebec/Ontario (Internet and IPTV) working with pfSense
-
Hi guys,
Sorry I should have mentioned that the any/any/any rules can definitely be tweaked.
First of all, yes, you can restrict the WAN_IPTV rule to UDP only.
Keep in mind that WAN_IPTV is from the VLAN which is linked directly to a private network at Bell's data center and doesn't hit the public internet.
I started with everything wide open, and I plan on closing things up a bit while the system is running. I just didn't want a too-restrictive firewall rule to slow me down, it was hard enough as it was. :)
–---
I should also mention that one is supposed to set the QoS priority on the IPTV VLAN to 4. I haven't done it because I have 175/175, but at 50/50 you might need to. I might do it in future if I see my signal suffering.
Hi, thank you for your great tutorial. Could you give me the specific on how to set QoD on the IPTV VLAN to 4 please. I have been searching for days on traffic shaping and havn't find the right way yet.
I meant QoS not QoD, sorry
-
I want to thank everybody here, I was finally able to get everything working today. IPTV, Relaunch and OnDemand all working perfectly.
-
DNS resolving, forcing all *.bell.ca addresses to 10.2.127.228 fixed all DNS issue for me.
-
Adding the "192.168.1.0/24" to the upstream configuration resolved the freeze when the signal switched over too multicast.
-
As for the IGMP flooding on my wlan, I run DD WRT on my AP and blocked all multicast packets on all interfaces. Therefor no more wireless interruptions.
Something I did noticed, making any modification on pfsense, requires a full reset of all devices for my configuration to stick.
Hi, can I ask you how you managed to force all bell.ca to 10.2.127.228 please ? I am using Outbound as my DNS resolver. Thanks
-
-
I want to thank everybody here, I was finally able to get everything working today. IPTV, Relaunch and OnDemand all working perfectly.
-
DNS resolving, forcing all *.bell.ca addresses to 10.2.127.228 fixed all DNS issue for me.
-
Adding the "192.168.1.0/24" to the upstream configuration resolved the freeze when the signal switched over too multicast.
-
As for the IGMP flooding on my wlan, I run DD WRT on my AP and blocked all multicast packets on all interfaces. Therefor no more wireless interruptions.
Something I did noticed, making any modification on pfsense, requires a full reset of all devices for my configuration to stick.
Hi, can I ask you how you managed to force all bell.ca to 10.2.127.228 please ? I am using Outbound as my DNS resolver. Thanks
From here : https://forum.pfsense.org/index.php?topic=87738.msg534214#msg534214
-
-
Thank you !
-
I found fairly easy solution and no additional trouble with the routing/NAT and no need for IGMP proxy.
Ok, I am not Canadian but my provider is also offering IPTV on VLAN 4.
what I did:
Had to create 3 additional interfaces under Interface Assignments.
IPTV_IN would be VLAN4 taken from network card handling the WAN connection.
IPTV_OUT would be physical NIC in pfSense box which you would connect to the IPTV STB
IPTV_BRIDGE would be bridge between those two. And only this would have IP from DHCP. The previous 2 assignments are left without anything assigned to them.What's left to do after creating those intefaces is to add passing rules for them in Firewall settings. And you are good to go.
I also changed Outbound NAT rules to manual and removed bunch of rules from there to tighten down subnet isolation but it's not really needed for watching TV.
Im away from home working about week but if anyone is interested, I can provide screenshots from WebUI afterwards.
-
Hello,
New user here. I'm trying to achieve the same objective as the OP (Bell Fibe Internet + IPTV without the Bell-provided Home Hub). Can someone who has done this please confirm whether the IPTV receiver can still obtain software updates with this setup? My concern is that Bell might have some port forwarding for remote management hidden away in the configuration of the Home Hub (not visible to the end user), and without this the receiver can't update itself.
Also, my setup is complicated by the fact that my LAN is on 10.10.1.0/24 which of course overlaps with Bell's IPTV range 10.0.0.0/8; I expect this will cause some routing issues.
Thanks
cinergi -
Hi @cinergi,
I've received updates with my configuration no problem. I went through the whole setup with a senior bell engineer and he likely would have mentioned this shortcoming if it existed.
I'm using 10.50.0.0/16 for my LAN and I have no problems whatsoever with the 10.0.0.0/8 probably because of the "downstream" setting on IGMPProxy.
Incidentally, you aren't the same @cinergi from the TMC forums are you? :)
Rob
-
Hello
My objective was;
Keep VLAN35 for Internet on HOMELAN on 192.168.2.0/24 (through pfsense) and keep VLAN36 for IPTV through the HH2000 on 192.168.10.0/24 + internet to achieve wireless through the hub (simply because i like the app BELL FIBE TV and it as to be on same subnet of IPTV to work…) It was important for me to keep two separate subnet because i like to manage my things and the HUB, well, i don't like it.
Ethernet cable from ONT through switch (cheap 8 ports switch from tplink)
Something like this http://blog.ngpixel.com/post/104449747538/how-to-bypass-bell-fibe-hub-and-use-your-own-router
SWITCH;
port1 = Ont
port2 = Hub2000
port3 = Wan(pfsense)PFSENSE
Setup VLAN35 + PPPOE WAN side
LAN on 192.168.2.0/24, HOMELAN + dhcp serverHUB2000
I inserted my B1xxxxxx + password for Internet/fibe + setup wirelessSo i have 2 x PPPOE, one on pfsense for VLAN35 and one on the hub for IPTV.
What its weird is that it worked so i kind have two public IP…?The HUB2000 crap help me to learn a lot in the past few weeks. I tried all kind of setup including the one described by shaqan wich is a nice approch, but i didn't achieve the goal, i don't have enough knowledge, help for this also http://www.dslreports.com/forum/r30116518-Tossing-the-Home-Hub-2000-while-keeping-TV, i understand only partially my problem so far, alot of readings to do…
I keep reading
-
Out of curiosity, why didn't you do the full switchover to pfSense? You wouldn't have the strange issues you're reporting had you done that. The Bell Fibe app works and you have full functionality with the Bell TV system.
-
Hello
I was not able to make it right, wasn't fluid enough, i was losing gateway with apinger and didn't have enough time to figure it out so i reverted back to my old setup, vlan35 on pfsense and vlan36 through hub2000, has i said i have much more readings to do. I take it one step at a time.
thx again
-
Oh no worries, just curious.
I assume you are getting two PPPoE addresses because you are passing the ONT signal through a switch which doesn't filter VLAN 35, so both the Home Hub 2000 and the pfSense box have access to VLAN 35.
You could check that by using a service like whatismyip.com. I'm betting your WiFi network (from the Home Hub) is on a different subnet than your wired pfSense network. Might not be great for, for example, controlling wired devices from your Wi-Fi smartphone.
-
Hi @cinergi,
I've received updates with my configuration no problem. I went through the whole setup with a senior bell engineer and he likely would have mentioned this shortcoming if it existed.
I'm using 10.50.0.0/16 for my LAN and I have no problems whatsoever with the 10.0.0.0/8 probably because of the "downstream" setting on IGMPProxy.
Incidentally, you aren't the same @cinergi from the TMC forums are you? :)
Rob
Hello @Zax123,
Sorry for the delayed reply. I thought the forum would notify me of new posts in this thread but it didn't, so I only saw your post now.
It's good to know that the software updates still work with this setup! I'm still working on my own setup. I should have mentioned that I'm not actually using pfSense, but an Edgerouter from Ubiquiti Networks. It runs a version of Vyatta. I'm currently having problems with my multicast streams - the IPTV stream works for about 10 seconds on every new channel, then freezes. I've read that Bell starts each stream as unicast and switches to multicast after approximately 10 seconds, so it seems that my receiver can't make the transition to multicast. I'm working to troubleshoot this issue, but I can't find anything wrong with my IGMP proxy settings.
My IPTV receiver is connected via coax cable (HPNA). I've ordered an HPNA media converter, but in the meantime I've been using the Home Hub 2000 as a media converter by plugging my router into one of the LAN ports (not WAN) and letting the Home Hub bridge this to the HPNA port. It only occurred to me afterwards that the Home Hub might be doing some IGMP and/or multicast filtering on its LAN ports, and since in a standard Fibe configuration this traffic comes from the WAN port, this could explain the issue I'm seeing. I'll be able to confirm once I receive my HPNA converter to replace the Home Hub.
As for the TMC Forums, I'm not sure what "TMC" stands for but I don't recall being a member of any forum with that acronym! :)
Thanks!
-cinergi
-
Hello
For now I have no Fibe Tv but Internet is ok. Yesterday i began troubleshooting with Bell and its a pain.
I have lost connection with IPTV Gateway, it is offline and no tv, no hockey no baseball….
I have reconnected all the cable as standard, just pfsense in a lan port of the Hub2000.
I have seen a couple of this 16.10.2015 17:00:48 WRN DHCPC The WAN DHCP client process has successfully been terminated on Vlan 36
Any idea?
Thx
-
Hello
Finally solve my problem, had to replace de HH2000…
Thx
-
The 10 second thing is definitely a problem with IGMP proxy. The settings I show at the beginning of this thread should help you to troubleshoot. Not sure if another router (not pfSense) would have the same settings, but I know that once I implement IGMP proxy in pfSense, that problem went away instantly.
Does your IPTV receiver not have the option of being connected by RJ45 port? That would eliminate the need for the Home Hub 2000 to convert…
-
Hello
Finally solve my problem, had to replace de HH2000…
Thx
You also could bypass the HH2000 altogether. When you plug pfSense into a HH2000 LAN port, the HH2000 goes into some kind of bridge mode, but it definitely slows down the connection and adds another layer that your packets have to travel through.
My intention with this thread was to eliminate the need for the HH2000 which is definitely possible. I've lived without it for more than a year now.
Now I need to upgrade my hardware because I got gigabit fiber from Bell and my little APU can't handle the speed. :(
-
Hello
Yes you're right.
But after testing my speed i didn't a big diff between bridge mode and direct input from ONT.
I'm on 50/50 i get 67mgb/s in and 6ms ping.
I have also tried the gigabit plan i was getting 980 mgb/s wich is insanly fast but the plan only give me 150g of bandwith wich is ridiculous so i revert back to 50/50 unlimited.
My pfsense is in and old computer that i have and put in some good ram, HD, 3 ethernet cards, access by ssh or webui, but i suspect that some of my ethernet card don't manage very well vlan tagging.
Good luck
-
Hello
Yes you're right.
But after testing my speed i didn't a big diff between bridge mode and direct input from ONT.
I'm on 50/50 i get 67mgb/s in and 6ms ping.
I have also tried the gigabit plan i was getting 980 mgb/s wich is insanly fast but the plan only give me 150g of bandwith wich is ridiculous so i revert back to 50/50 unlimited.
My pfsense is in and old computer that i have and put in some good ram, HD, 3 ethernet cards, access by ssh or webui, but i suspect that some of my ethernet card don't manage very well vlan tagging.
Good luck
Do you mind sharing what the specs of the old computer are? I was looking into a SuperMicro motherboard and case, etc… and the price was coming close to $1000 which is ridiculous.
Thanks!
Robert
-
Hello
Motherboard = And old Gigabyte
CPU Type AMD Athlon 64 Processor 3500+
2 g ram
80 g HD2.2.4-RELEASE (amd64)
built on Sat Jul 25 19:57:37 CDT 2015
FreeBSD 10.1-RELEASE-p15Package installed and online = Squid3, File Manager , OpenVPN Client Export Utility
thx
-
Hello
Ethernet card have to be Gigabit, i bought 2 tplink at 10$ each.
Also things to take into consideration for the motherboard, take one that has onboard video because yoou don't want to pay for a video card and for the energy that it consume because you don't need any its headless.
Motherboard should have at least two empty mini pci express slots for gigabit ethernet cards.
thx