How to get Bell Fibe in Quebec/Ontario (Internet and IPTV) working with pfSense
-
Why would you mess around using IGMP proxy? What's wrong with simply bridging the IPTV-related interfaces together and simply passing the traffic trough pfSense? As far as I can tell, all (and there is a bunch of 'em) IPTV related services work.
My setup (Northern-European/Scandinavian ISP Telia or Telia Sonera). IPTV coming in tagged as VLAN4, Internet traffic is left untagged
Interfaces followed by logic:
IPTV_INT - Virtual interface derived from VLAN4.
IPTV_EXT - Physical NIC, for connecting the pfSense box and ISP-provided TV set-top box.
IPTV_BR - For bridging the two above and requesting DHCPInterface assignments (bigger picture under thumbnails)
Configuring IPTV VLAN4
IPTV_EXT
IPTV_IN
IPTV bridging. No Advanced settings used.
IPTV_BR
Grouped all the IPTV-related interfaces together
Firewall rules IPTV_INT/IPTV_EXT/IPTV_BR are all the same, nothing defined. Rules are under group tab "TV"
Firewall rules TV
'allowing' base rule more precisely
Part I
Part II (below that, everything is 'by default')
Don't think there's anything else left to do.. If pictures are loading slowly, let me know. I'll find some other host and modify the post accordingly.
-
I did a fresh install recently, and i'm a bit lost for some settings …
I added the 2 domain override here : https://192.168.5.1/services_unbound_overrides.php
Domain IP Description Actions
bell.ca 10.2.127.228
bell.com 10.2.127.228but i'm a bit lost with those setings ...
rebind-domain-ok=bell.ca
rebind-domain-ok=bell.comdhcp-option=br1,6,10.2.127.228
in what page or config file do i enter those settings ?
Also, my iptv wan interface is opt2, so I would replace br1 with opt2 i guess ?
-
Hi , brilliant post ! , I was looking for this a while now … however, Im still missing If I read this correcyly , the two VLANs(35 &36) goes to the same WAN interface ? , then how can you diferentiate traffic ? there got to be some kind of switch (one port goes to VLAN35 and the other directly to IPTV ?
can you elaborate more on this setup i.e. traffic coming in on VLAN35 goes out on interfacce X and traffic incoming from VLAN36 goes to interface Y ?
Thank You
-
@info@logikcell.com:
Hi , brilliant post ! , I was looking for this a while now … however, Im still missing If I read this correcyly , the two VLANs(35 &36) goes to the same WAN interface ? , then how can you diferentiate traffic ? there got to be some kind of switch (one port goes to VLAN35 and the other directly to IPTV ?
can you elaborate more on this setup i.e. traffic coming in on VLAN35 goes out on interfacce X and traffic incoming from VLAN36 goes to interface Y ?
Thank You
With the current bug (https://redmine.pfsense.org/issues/6099) i would suggest to skip vlan for now …. I have a 4 port gigabit intel (+- 75$ on ebay) .... 1 wan port, 1 lan port, 1 wanfibe port, and 1 lanfibe port. for this to work, you will probably need a managed switch that support vlan (until the bug is solved, then you will be able to run a cat5/6 cable directly between your pfsense & ONT).
the port between the managed switch & ONT will have to be tagged with vlan 35 & 36, then on different port, you setup 2 access port, 1 with vlan 35, and the other on vlan 36.
-
Hi Guys,
I just switched to Bell for Gigabit Internet + TV + home phone and was wondering what is the best way to set up pfSense with the Home Hub 3000 (HH3000) which is the current model they are installing (FTTH).
Would want to use the iOS / TvOS apps as well.
I currently have a pfSense box with 2 network cards (1 for WAN and 1 for LAN), a Wifi access point and a unmanaged switch.
An updated guide would be great!Thank you!
-
- Just call your ISP and set your ONU or ONT to set your excess ethernet ports and dedicate it for IPTV, in my case I had 4 ethernet ports on ONT, 3 of them are assigned for IPTV and 1 for internet. No more mambo jumbo VLAN setup or routing setup, it works right away.
-
Remlei, can you elaborate? Are you with Bell Fibe with Internet + TV?
Thanks. -
Hi guys,
I found this forum and i found it very useful and i must thank the OP and everyone who contributed to this thread
I got the internet to work but i had problems with the TV. By doing a lot of googling i found out that you need to put your lan network (in my case 192.168.2.0/24 in the igmp proxy upstream but then the tv would play for 10s and then cut out so i did more googling around and i found a VERY IMPORTANT step : you need to do a bridge between the IPTV wan interface and the LAN interface. As soon as i did that the TV came on and stayed on !!! apps and whatnot are still not working but this is a major progress from the IPTV not working at all (i did try the dns redirection as advised by @iscy but maybe my seetings are wrong i will check tomorrow).If you have any questions feel free to ask :)
Thanks again !!
Update : I had issues with the multicast packets causing tv to cut if i had multiple receivers plugged in my lan switch so i
installed a third NIC plugged in a seperate switch and configured IPTV on that interface. Now tv and internet works A1. Next step : installing a wireless access point ;)split the lan into 2 vlans and used a managed switch (more info here https://www.highlnk.com/2014/06/configuring-vlans-on-pfsense/ )Update #2 : PVR wasn't working on the wireless receivers connected to the VAP2500(IPTV Access Point). Thanks to @iscy who gave me a hint in the right direction(reply #13) I did some syslog investigation and i found out there was IPv6 traffic being blocked on the LAN interface(I really suggest everyone to host a syslog server on their PC/network) After i added Ipv6 traffic on the "Pass all" traffic rule on the IPTV LAN and rebooted everything PVR was up and running again !! Now all is working(Internet+IPTV+apps+PVR)
I'm 90% on my pfsense connection as i'm speaking(HH2000 is still hooked up for wifi connection and I might get a cheap AC1200 wireless router to finish the full switch to pfsense)I'm 100% on the pfsense nowThanks again everyone for your contribution it helped me a lot :)Update #3: I finlly made the full switch to pfsense yesterday and i noticed that the Tv would cut on/off every 5-10min so i did some investigation and i found out that you need to spoof the HH2000 MAC address to the WAN internet interface. I think bell has a list of mac addresses associated with their routers and that it doesn't work with a non-bell mac address. Also i noticed when you plug the VAP2500 in the switch there's a couple of "wrong network" errors on the wireless receivers so i had to unplug it for a couple seconds then plug iy back and reboot the wireless receivers and everything was fine then otherwise they would just boot to the "Bell Fibe" screen until you unplug the AP and plugged it back
If anyone needs help to get everything to work send me a PM and i will gladly help :)
-
I got it work with the 2.4 finally.. .. but app doesnt work… I added bell.ca in the resolver (with 10.2.xxx) and from a pc if I try to nslookup, I get "server failed"
any clue ?
Thanks
-
A little off topic but I don't know where else to go for help. I got an Asus router with AdvancedTomato installed and got Internet and my PVR working. However, I need help getting my VAP2500/VIP2502 to work. Does anyone have suggestions why I'm stuck at the Bell logo on boot?
- Do I need to place it on the same vlan as my PVR?
- Do I need to get the apps to work in order for the VAP2500/VIP2502 to work?
-
I haven't worked with the HH2000, but have with the HH1000. With some difficulty, I was able to put it into bridge mode, so that the internal gateway is bypassed. Hopefully, you can do the same. I have also tried with the HH3000, but the results cannot be adequately described in a public forum.
-
Thanks but that's not really what I'm looking for. I know I can always connect a switch to the ONT and have the HH2000 connected to one port and my router another, but I want one device if I can help it.
-
Bringing this one back up ... has anyone else attempted IPTV using GPON (i.e. Fibe install with Home Hub 3000)?
I can get internet on VLAN 35 working great, but I cannot get an IP / Gateway for IPTV.
-
@autumnwalker I am having the same issue. I have Fiber line to a TPLink media converter and I've set up vlan 33-37 on its own wan interface's. Vlan 35 gets a IP and i have internet however, all the other vlans (34 and 36) don't get IPs at all.
Enable dhcpclient VLAN Priority tagging on
Choose 802.1p priority to set is set to Video (VI, 4)
IPv4 Configuration Type: DHCPAny ideas?
-
@rcmpayne I had an issue with the MAC address association on the IPTV VLAN for some reason. Internet was fine right off the bat, IPTV wouldn't grab an IP. You could spoof the MAC or you could wait awhile for the existing lease to expire. Once the MAC association thing was sorted out for me I got an IP, but no gateway. I had to manually enter the gateway as it was on on the HH3k.
-
Re: How to get Bell Fibe in Quebec/Ontario (Internet and IPTV) working with pfSense
@autumnwalker
I just added the mac address and got a IP. but i still cant get TV boxes to start. This is the config now. Does this look right? -
Your IPTV boxes should be in the same subnet / VLAN as your main "trusted" network in order for any of the Bell apps to work.
You do not need 192.168.7.0/24 in your IGMP upstream proxy.
You need to create a manual gateway for IPTV and assign it what you had on your HH3K. The gateway address has been different for every Aliant user I have looked at. I suspect this is your issue - right now the STB's have no gateway defined for network traffic.
With "Allow DNS server list to be overridden by DHCP ..." you do not need to enter the DNS servers for Bell manually - they will be pulled with your Internet DHCP lease. You should; however, enable a secondary DNS with Cloudflare (1.0.0.1).
-
I know this is an old thread, but has anyone ever figure out why iptv's may work for only 10 seconds, i got everything else working fine, even the apps on my tv terminals work, but viewing the tv itself freezes after about 10 seconds or so
I've been reading and reading, I don't get it, I'm using bell ftth passing through the ONT (still on old 2000 homehub), I was using the edgerouter from ubiquity all worked fine, decided to try the pfsense and the settings are really different when it comes to igmp and firewall rules
I also tried the bridging lan and iptv, it wortks kinda ok, but i still have the occasional skip and i cannot access the fibe app from the exterior
Help would be greatly appreciated form the gurus on here
Thanks
-
I've been on this for two days now and I can't get the tv going, i only get the 10 seconds per channel working, i tried multiple igmp proxy settings, played with the firewall settings, nada, i got my edgerouter working in a jiffy, anyone with a working setup using bell fibe 1gbit could help me out ?
-
I have it running on opnsense. I did a few things differently but it seems to work. I haven't keep the tv running extended period of time (30min+) but for now it works.
I wrote it down for reference here :
https://forum.opnsense.org/index.php?topic=13664.msg62951#msg62951I started with this page as a guideline.
I noticed you didn't share your firewall rules, you must allow passing of ipv4 & ipv6 traffic !
I didn't touch routing and dns for my setup as I am bridging traffic.Hope this works for you !
-
@rekrek said in How to get Bell Fibe in Quebec/Ontario (Internet and IPTV) working with pfSense:
you must allow passing of ipv4 & ipv6 traffic !
Bell is using IPv6? When did that happen?
-
Well, looking at my logs, I don't see ipv6 traffic. I read somewhere that enabling IPV6 for iptv solved some troubles. I suppose it's not true. Sorry for the misleading information.
So no ipv6 is not needed for iptv. -
Bell used to be a world leader in telecom. However, lately they've become a laggard. Several competitors, including most, if not all the cable companies, provide IPv6, as do some of the 3rd party providers, who connect by Bell's ADSL system or cable TV.
-
observations on this setup, as of recently I noticed that accessing my recordings is sluggish and getting to the netflix app is a pain, i often get writing for your pvr.....so my initial thought was, failing hdd. so i did a few tests before and decided to plug back in the HH300, speed was back to normal, that's odd, while not turning off the PVR i rebooted my pfsense box and everything got sluggish again, hmmmm, so i was wondering anyone knows what might cause this ?
I also tested something else, in case it was the hard drive, i decided to replace it, for those who didn't know, you can swap out the hard drive with another 1tb or 500gb , the system will reset a few times, you will see a gear and a progress bar, odd thing again, that does not work with the pfsense setup, plugged back in the hh3000 boom, it started to re-install the software, again, i'm no expert in this, but something is missing with this pfsense setup
My setup right now is that i have a ethernet card just for my pvr, that port is in a bridge group with the iptv lan as documented in the steps here further up and my igmp setup has no downstream and an upstream of 10.0.0.0/8
-
Nevermind, I was looking at my logs, it seems bell has started to use ipv6, i had all kinds of blocked from my pvr but ipv6 addresses, my setup was to block all ipv6, enabled ipv6 and boom, recorded shows started to run fine again, i even tried a new hdd and it started right up to download required software to it, so it might be a good thing to add in the how to that bell now needs ipv6 and it must be enabled in the firewall rules and system itself
-
@pjaneiro
I’m working on my setup here with the HH3000. Would you be able to help me a bit. I got Internet working fine (that’s the easy part) but I have a few issue with the TV.... I’m getting an address but no gateway ... people are also talking about bridging .... do I have to bridge my Lab with my IPTV?It would be nice to get an updated version of this guide with the latest version of pfsense.
Thanks in advance!
-
@idscomm yeah sure I’ll give you a hand. If you can explain your set up that would be great. Are using a media converter into one wan port or do you have a different kind of set up?
-
@rcmpayne
Yes. I have the Fibe connected to the media converter, then I created 2 VLANS. 35 for Internet and 34 for TV (in my case here TV seems to be on 34 since I managed to get and IP). I spoof the MAC from the HH3000 on my “physical” WAN interface but I have set it to “none” compare to the 2 VLANS set to DHCP (no pppoe here either)Internet is working fine but like I said I don’t see a gateway in pfsense for the IPTV (using the latest version of pfsense).
My Network LAN is not 192.168.2.x like the HH3000 by default. Not sure if this can cause an issue.
I follow the guide on this site but I wasn’t sure about the downstream which shows I guess his LAN correct? I would have to adjust this to reflect my LAN I suppose.
My question is where to you connect the Wireless VAP, anywhere on your LAN? Then the DHCP will assign an IP to the device and the 2 receiver will then pull an address from the VAP (through the DHCP)?
I can send you print screen as well if it’s easier :)
Thanks a lot :)
-
I am using VLAN7 for my iptv LAN network.
So 4 interfaces:
WAN – tagged 35
IPTV WAN – tagged 34
LAN – no tag
IPTV LAN – tagged 7IPTV WAN has a gateway assigned statically because DHCP doesn’t provide it. We got this from a packet capture, it is likely different for other people.
- Disable the Gateway that was created by default for IPTV WAN interface. we will create a new one manually
Because I’m using multiple “virtual interfaces” for one physical interface, we also set up a static Route to use the IPTV WAN Gateway for the IGMP addresses, and IPTV addresses (239.0.0.0/8, 10.0.0.0/8).
From the DHCP request in the packet capture…
Relay agent IP address: 10.194.192.2Set this as the IPTV WAN Gateway address.
We also spoofed the HH3K MAC address on our WAN adapter – this picks up an IP faster instead of waiting for the IPTV lease to expire (up to 18 hours I believe).
In DHCP for the IPTV LAN I set the Bell DNS servers:
47.55.55.55
142.166.166.166Set up an IGMP proxy:
Upstream: 10.0.0.0/8
Downstream: 239.0.0.0/8If you cant get the gateway via the packet capture, let me know and i will give you a example and steps. Once you get this part we can talk about getting your box connected. do you want lan or wireless for the IPTV boxes? i have one running on unifi AC-Lite and one on lan using a tp-link smart switch (40.00 from amazon that allows for vlans)
-
Thanks for the write up. So your IPTV LAN is on a different interface and not your regular LAN then?
regarding the packet capture, did you use wireshark or pfsense?
I do have a Unifi Access Point AC Lite as well as the controller running on my LAN. So my understanding is that you are not using the Bell VAP?
In the meantime, I am currently setting things up as per your write up...
-
@idscomm I have two interfaces coming into PF sense, One for Wan and one for LAN. My lan connects to a switch This is a five port switch from TP link where I have one port with a PVid of 7 for the hardwired pvr. Another port K’NEX to unify access point where I have two Wi-Fi SSIDs is create it. 1 SSID is called IPTV and has a VLAN of 7 tagged.
Ill get you steps to cap from pfsense after I get out of the hot tub :)
-
Sounds good to me lol! I hear ya, we have a hot tub too!!! A must!
-
Would my gateway be there:
-
@idscomm I would open two pages for pfsense, one on pcap and one on Status -> Interfaces. Find your IPTV WAN and release the IP. Start the pcap and renew the WAN IPTV interface again
Stop the pcap and download the capture to open in wireshark. Filter by dhcp and look for "relay agent ip". This if your IPTV WAN gateway.
-
got it!
For testing purposes, I will use a second switch and put that IPTV LAN on another separate network like 192.168.2.x like the default one they use... I have 4 interfaces in that box...
-
The Next thing you need to do is create a VLAN LAN adapter. right now you likely have three
WAN host with mac from hh3k (not used)
WAN vlan 35 for internet
WAN vlan 34 for IPTV
LAN likely no vlan for your internal devicesCreate a new LAN with a vlan of something. I used vlan 7 for mine.
Setup a DHCP for this. Since its vlan 7, i used 192.168.7.x
Its this LAN interface that you need to used for your IGMP
Here is my IPTV LAN firewall rules
on your unifi AP, create IPTV SSID and give it your internal vlan. Connect your device to this and see if you get the 192.168.7.x ip not your standard IP for your reg LAN. This will ensure your new IPTV ssid is routing to pfsense with the correct vlan and getting a correct dhcp address.
If you have a TP-link switch and also want to get a local port set for this vlan as well you can do something like this. port 8 is pvid 7 thus will get forced a vlan 7 id
-
I have three of these switches. one for Living room, Rec room and one in the garage with the pfsense router. They work great for vlans
https://www.amazon.ca/TP-Link-Ethernet-Unmanaged-Replacement-TL-SG108E/dp/B00K4DS5KU/ref=sr_1_4?keywords=tp-link+easy+switch&qid=1575157953&sr=8-4
-
ok, I have a Cisco 3750G, port 1 is my Trunk carrying a few VLAN for my internal network. I will add VLAN7 and also add VLAN 7 as Trunk for my Access Point ports. So you are using your own access point for the IPTV and not the VAP? The wireless receivers will ask for an IP but what make them go on VLAN7, pfsense will route them to VLAN 7?
-
also, install Avahi in pfsense so you can cut your other networks from accessing your main LAN but allows your main lan to access these other networks. Mainly for IOT ssid but can be used for the LAN network for IPTV boxes as well.
Vid: https://www.youtube.com/watch?v=HW9mUrF1ZgU
-
@idscomm said in How to get Bell Fibe in Quebec/Ontario (Internet and IPTV) working with pfSense:
also add VLAN 7 as Trunk for my Access Point ports. So you are using your own access point for the IPTV and not the VAP? The wireless receivers will ask for an IP but what make them go on VLAN7, pfsense will route them to
Yea, I am using my unifi for the WIFI. i grabbed a cheap tplink access point with a bush button WPS. on that device I created a SSID that matched my unifi ssid. (unifi will start sending you alerts that you have a rouge AP). i booted my PVR and when it did not see the hh3k anymore, it asked me to press ok to connect to WPS. start wps on the tplink box and wait till it connects. after it connected, i disconnected the wps ap and it started connecting to unifi AP right away. not sure what a VAP is but if thats from Bell, i am not using it.