dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
4264

Anav
Sarcastic Llama? Naw, Just Acerbic
Premium Member
join:2001-07-16
Dartmouth, NS

Anav

Premium Member

Programming USG for Multicast??

Dare I say it, trying to emulate something apparently an edgerouter can do.
No smirking there Brano!!

here is the info the person is doing.
The USG40 can do most of the VLAN stuff and with latest firmware can assigne 802.1p values as well. The problem is I have no clue IF and HOW to do some of the stuff noted in this note...

I’ve had the Internet and IPTV working flawlessly without the ActionTec for a few months now. I’m using an Ubiquiti EdgeRouter PoE (The “Lite” version would be just as effective). I have 2 IPTV receivers running on the same LAN subnet as my other devices. The FibreOP Remote App is working as well (including remote control capabilities). As far as I know, all IPTV features are fully functional.

Here’s a basic overview of the configuration.

WAN Port

I recommend cloning the ActionTec’s MAC address. I haven’t verified whether this is necessary for either the HSI or IPTV interfaces, but it’ll save a lot of headaches when switching back and forth between the ActionTec and the other router. Aliant won’t send an offer to a different MAC address until the existing lease either expires or is released. While the HSI leases expire every 20 minutes, the IPTV leases are good for 19 hours.

VIF 34 (IPTV)

egress QoS map ”0:4 1:4 2:4 3:4 4:4 5:4 6:4 7:4"
DHCP enabled
default route disabled
ignore the name servers

VIF 35 (Internet)

DHCP enabled
default route enabled
name servers enabled

Create a static route for the IPTV traffic.

10.236.0.0/15 via 10.195.128.1

I don’t know if this is the same for everyone. You should see the route on the ActionTec’s routing table. It’s also available in the DHCP offer if you send the “classless-static-routes” dhcp-option.

Use igmpproxy to forward the IPTV multicast traffic.

Warning: The IPTV Multicast traffic can kill your WIFI. Be sure to block this traffic from your WIFI interface(s).

igmpproxy.conf snippet

Code:
phyint eth1.34 upstream ratelimit 0 threshold 1
altnet 10.236.0.0/15
phyint switch0 downstream ratelimit 0 threshold 1
The IPTV receivers will acquire an IP from your LAN’s DHCP server. I recommend using a static DHCP addresses for the IPTV receivers as the Remote App had some trouble once when the IP of the receiver changed.

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON
(Software) OPNsense
Ubiquiti UniFi UAP-AC-PRO
Ubiquiti NanoBeam M5 16

1 edit

Brano

MVM

Don't have 4.1 to test, but according to manual page 75 section 8.2.2 »ftp://ftp.zyxel.com/USG40W/cli ··· 0W_1.pdf ZyXEL added igmpproxy to 4.1 ... so it seems to be LLama's lucky day ... give it a try

Anav
Sarcastic Llama? Naw, Just Acerbic
Premium Member
join:2001-07-16
Dartmouth, NS

Anav

Premium Member

Okay I was hoping you could translate edgerouter speak above into something intelligible that I could understand and apply to the router. Meaning all the entries not just that ambiguous code snippet thingamabobber.

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON
(Software) OPNsense
Ubiquiti UniFi UAP-AC-PRO
Ubiquiti NanoBeam M5 16

Brano

MVM

So what are you trying to do here? I don't have IPTV so I'm not sure what the requirements are.

I'm guessing only, you have internet connection on one VLAN and IPTV on other VLAN is that it?
And the set top box needs multicast from IPTV VLAN?

Anav
Sarcastic Llama? Naw, Just Acerbic
Premium Member
join:2001-07-16
Dartmouth, NS

Anav

Premium Member

VLAN35 is the internet VLAN,
VLAN34 is the IPTV VLAN.

The rest is mumbo jumbo but should give a clue as to what the edge router is doing.

The actiontech router gets an IP address on the IPTV network VLAN itself - one for the entire house. It then forwards multicast traffic as appropriate based on the routes it has been told (from the DHCP response) and also NATs to the IPTV network when appropriate. The DHCP server for it requires the DHCP request to look a specific way

When you use the "authorized install" from Bell you have one CAT 6 cable from the ONT port 1 to your WAN port on your Actiontech, this brings VLAN's 33, 34, & 35 to your Actiontech. The Actiontech gets an IP address from VLAN 34 and VLAN 35 (this one you can see in the web admin page on the Actiontech).

When you turn on a STB you get an internal IP address from the Actiontech and the Actiontech is set as the default gateway. When you turn on the STB it request the UDP multicast stream from the default gateway. The Actiontech has routing info for the 10.x.x.x networks and some IGMP snooping going on and with some magic it all works. When you use the facebook app it's the same process but on the Actiontech you will see a routing statement that send 0.0.0.0 to your VLAN 35 IP gateway and this is how those apps get data via the internet.
Anav

Anav

Premium Member

More technospeak.......
When you order FibreOP TV service you are given access to the IPTV VLAN. Unlike internet service where the router gets an IP address and then NATs this VLAN is actually 'bridged' to your local network. This means that any packets that your router gets and doesn't handle gets forwarded to this IPTV VLAN at Bell Aliant. One thing I learned is that packets going to this VLAN MUST contain a priority of 4 (for video). If you don't have this priority set then the packets are ignored. I suspect Bell Aliant is doing this for filtering purposes.

Let's examine how this works in the real world. When you turn on an IPTV Receiver it sends out a request to get an IP address. The provided router IGNORES this request and instead the request gets forwarded to the IPTV VLAN of Bell Aliant. A server at Bell Aliant provides the receiver with an IP address and also with additional information (where to get firmware, what firmware to get, some other configuration details). This is why you see your IPTV receiver getting a 10.X.X.X address even though your local network might be different. As the receiver contacts various IPTV servers these packets get sent to the router, which forwards them on to the IPTV VLAN and vice versa. The router is essentially a dumb forwarder.

When you tune into a channel the receiver joins a multicast group which is broadcasting the channel. This gets forwarded up the chain so that if equipment in the chain is not yet receiving the channel it shortly will, and if it already is receiving the channel then nothing needs to be done except send it downward.

This is crucial for IPTV since it scales far, there aren't multiple copies of a channel being sent simultaneously in the core infrastructure like a normal UDP stream would be. Multicast is good.

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON
(Software) OPNsense
Ubiquiti UniFi UAP-AC-PRO
Ubiquiti NanoBeam M5 16

Brano

MVM

Well, I've never done any config like this nor have any USG available that I can experiment with (those that I do have available are 3.30 and are in production environments). This sound like interesting challenge but I'm afraid you're on your own ... you'll have to do the trial error config.
Here are my first thoughts.
1) Create the WAN VLANs 34 & 35. I'd go with VLAN "general" to give you more flexibility to configure details i.e. NAT, routing and DHCP.
2) Configure LAN/VLAN subnets
3) Configure IGMP ...see example in CLI guide
4) Configure QoS/DSCP markings. On 3.30 this can be done in policy route settings or BWM
5) ...trial, error, trial, error, trial, error, ...success! (maybe)

...post your progress here, take it one step at a time and verify that the step is working correctly

Anav
Sarcastic Llama? Naw, Just Acerbic
Premium Member
join:2001-07-16
Dartmouth, NS

Anav

Premium Member

Sounds reasonable. I already have vlan35 setup to WAN1,
I have a netgear switch between the ONT and the USG and the actiontech.
The switch has pvic 35 on port 1 with vlan35 and vlan 34 associated with port 1
VLAN35 associated to port 2 which goes to wan port on USG
and VLAN34 which goes to wan port on Actiontech.

To initially setup the TV side, one does not attach the usg so that the actiontech sets up its routing tables and connectivity with the STBs via the coax output on the actiontech. Once thats done, I go to the actiontech place its ethernet WAN side from ethernet to ppoe and then turn it and the ont off. Plug in the USG into the switch and turn it back on. The TV connectivity is still in the actiontech and tv works fine and the usg grabs the vlan35 dhcp internet lease as the action tech set to pppoe cannot.

So the trick will be to setup the usg to be able to emulate the tv side of the actiontech routing. I am hoping then to be able to remove the action tech and use ethernet the whole way.
JPedroT
Premium Member
join:2005-02-18

JPedroT to Anav

Premium Member

to Anav
I would try to create a mental picture of what you are trying to do, before you actually do it

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON

Brano

MVM

Instead of mental picture, Alex can you draw a real picture? Of the original ISP setup and then we can try to determine the USG setup.

Anav
Sarcastic Llama? Naw, Just Acerbic
Premium Member
join:2001-07-16
Dartmouth, NS

Anav

Premium Member

Have to concur with Brano there, JP. My mental picture would drive most people insane.
What I can do in the interim is find a picture thats close to what I am doing now but at least we can speak to it.......... Once again am looking for translation of edgerouter speak above to usg speak, before even talking about cli commands for igmp proxy.......
Anav

Anav

Premium Member

Click for full size
related diagram to current setup......

In my case I have smart switch one only, connected to the usg and to the actiontech. THe action tech via coax is connected to the STB near the TV.

I do have a second managed switch at the TV if necessary to carry vlan across the house ethernet to the stb direct (to replace coax and remove the actiontech).

Thus would like to remove the actiontech and coax parts by having the usg handle the iptv initial negiotiation and followup. The person using the edgerouter on the first post claims he has done this.

An acceptable solution would also be to keep the action tech to setup the routing tables as it does now and then remove it having the USG keep the flow going (if it cannot handle the initial handshaking).
JPedroT
Premium Member
join:2005-02-18

1 recommendation

JPedroT

Premium Member

What you are trying to do, is to have 2 routers in one box.
If you think of your router as a door in a castle wall. And that wall goes around your castle, ie the castle is you LAN. Then the router keeps the traffic going through the caste door/gate and basically is a guide helping people find their way.

Now multicasts are bards that only goes to places where they are invited, so you send out people from your castle to tell the bards please come to us. IGMP are those people going out and requesting bards to come. But you need some sort of cooperation with the router to get them into the right place. So you have an IGMP Proxy or snooper or what you want, to make sure they bards fragile egoes are handled correctly and keep reassuring them that you still want them to come. And when you do not like one anymore you tell them to never come around here again.

Clear as ice to me

Anav
Sarcastic Llama? Naw, Just Acerbic
Premium Member
join:2001-07-16
Dartmouth, NS

Anav

Premium Member

Thats effing brilliant. I got my hot chocolate and a blankie here, all comfie listening to your enrapturing story. I only wish it was longer.

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON

Brano

MVM

So the VLAN 35 is internet, VLAN 34 is IPTV, what is VLAN 33?
Which ISP is this?

Anav
Sarcastic Llama? Naw, Just Acerbic
Premium Member
join:2001-07-16
Dartmouth, NS

Anav

Premium Member

Apparently vlan33 is not required as its an actiontech to ISP vlan with nothing significant about it, not even sure if its still used. Bell Aliant FibreOp.
As you can see from the edgerouter guy, it does not figure in to his equation, nor has it for a while. the diagram is dated in that regard.
Anav

Anav

Premium Member

Brano lets start with the first three items.......

VIF 35 (Internet)

DHCP enabled
default route enabled
name servers enabled


I already have VLAN35 setup for my internet on WAN1.
Its set as an external interface.
What changes do I need to make to it to match the settings above?
In other words:
What does default route enabled translate to on USG?
What does name servers enabled translate to on USG?

VIF 34 (IPTV)

egress QoS map ”0:4 1:4 2:4 3:4 4:4 5:4 6:4 7:4"
DHCP enabled
default route disabled
ignore the name servers


So here it appears I create a vlan34
BUT does DHCP enabled mean the router is to accept a DHCP hANDED OUT IP by the ISP (receiver) or does it mean its a DHCP server??

I'm assuming the egress QoS MAP is stating any packets
leaving this interface need to a setting of 4 (not sure why he's translating all to 4 as I understood the requirement as it had to be a minimum of 4. I will research how to do that, if you concur I've read this edge router setting properly.

Create a static route for the IPTV traffic.

10.236.0.0/15 via 10.195.128.1


I have never created a static route, is this a policy route??
I'm assuming this is something I assign somehow to VLAN34.
Anav

Anav

Premium Member

Providing my current vlan35 setup and a possible vlan34 setup.
Anav

Anav

Premium Member

Click for full size
Anav

Anav

Premium Member

Now for vlan34
The difference is that I have enabled IGMP downstream and added QoS 4 to all packets leaving the interface.
Anav

1 edit

Anav

Premium Member

looking for static routes???
By the way the Bridge functionality looks promising in that it may end up serving a useful purpose.

Specifically, and this is a finesse point for anyone actually reading this thread, is when the IPTV side needs to go to the internet side, perhaps the bridge is the mechanism to set this up.
Again much is predicated on understanding that bloody edge router setup so that they (and he knows who he is, can explain such nuances...........

As a refresher... (and I might need both static and policy route manipulation)

The ZyWALL/USG usually uses the default gateway to route outbound traffic from computers on the LAN to the Internet. To have the ZyWALL/USG send data to devices not reachable through the default gateway, use static routes.

Policy routes are only used within the ZyWALL/USG itself. Static routes can be propagated to other routers using RIP or OSPF.

Policy routes take priority over static routes. If you need to use a routing policy on the ZyWALL/USG and propagate it to other routers, you could configure a policy route and an equivalent static route.
Anav

Anav

Premium Member

I think I am going to change VLAN34 interface to general as in the edge router schema he states default route DISABLED. With internal interface selected on the USG, the help notes that the ZyWALL/USG automatically adds this interface to the default WAN trunk. Whereas, with the general interface...... the rest of the screen’s options do not automatically adjust and you must manually configure a policy route to add routing and SNAT settings for the interface.

It appears as though RIP and OSPF are used for static routes, so will need help from others to setup one via one of these two mechanisms to match edge router.
Anav

Anav

Premium Member

Settled on RIP for vlan34 for static route.
Bidir (cause Im assuming incoming only but not sure)
1&2 (cause options are 1 or 2 or both and don't have a clue)

Now how in the heck or where do I put this information........
Create a static route for the IPTV traffic.

10.236.0.0/15 via 10.195.128.1

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON
(Software) OPNsense
Ubiquiti UniFi UAP-AC-PRO
Ubiquiti NanoBeam M5 16

Brano

MVM

Before we get to the solution, one more question. Do the STBs have to be on VLAN34? And my question is specific to the cyan color on LAN side between ActionTec and STB on your picture.

We know that VLAN34 tag is needed on WAN side to ISP, is it really needed on LAN side to STB?

Same way all your computing gear on LAN side can be on any VLAN (in your case you picked VLAN 5) or can be no VLAN.

...I'm just trying to understand the requirements so we create optimal and not over-engineered solution.

Anav
Sarcastic Llama? Naw, Just Acerbic
Premium Member
join:2001-07-16
Dartmouth, NS

Anav

Premium Member

Very astute question. I am not sure.
I think the actiontech acts like a dhcp server in that it gives the STBs a 192.168.2.x address but the IPTV traffic is routed through 10.x.x.x networks via udp packets, so I am thinking maybe the vlan 34 is needed to the STB. Now currently the vlan34 Ethernet cable goes to t he actiontech and then by coax to the STB, im assuming that the multicast data is routed to the STBs via the 10.x.x.x vlan networking>>
Clear as mud????
Anav

Anav

Premium Member

okay using the jpeg for static route on the usg,,,,, how does this relate to the text from the first post.........

Create a static route for the IPTV traffic.

10.236.0.0/15 via 10.195.128.1

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON

Brano

MVM

Destination IP: 10.236.0.0
Subnet: 255.254.0.0
Gateway IP: 10.195.128.1

Anav
Sarcastic Llama? Naw, Just Acerbic
Premium Member
join:2001-07-16
Dartmouth, NS

Anav

Premium Member

Thanks, also assumed the interface to use was vlan34.

I am confused as to how the STBs get IP addresses that are different from the internal VL34 10.x.x.x IPs. In threads they seem to get like 192.168.2.x IPs from the action tech and yet because routing has been established the STBs still get the 10.x.x.x muliticast traffic.
Not sure how the USG is going to do this.????
JPedroT
Premium Member
join:2005-02-18

1 edit

JPedroT

Premium Member

For Multicasst traffic it does not matter what IP the STB has. because the STB sends out an IGMP message to join a Multicast group. Then IGMP proxy stores this information and then joins the multicast group, by sending a join message out the WAN port of the USG. Then traffic destined for IP Multicst group will arrive at the USG, the USG will forward it out the correct LAN port, ie the port that the STB is connected to. If you have a switch where the STB and your computers are connected that is connected to the same LAN port of the USG. Then that switch must also have a IGMP Snooper/Proxy function, if not your network can get quote weird. Also make sure the multicast traffic does not end up on your Wifi.

If a device is not multicast aware, then it might drop the traffic or send it out on all ports. The last part really make your network wonky if you got multiple streams going.

Also the IGMP Proxy/Snooper should also support fast leave, if not your wan link might be saturated for the first 1-10s after a channel switch. Especially if you channel surf.

The IP address on the STB and static router is there to make sure the STB can get the program guide and portal stuff. Which is usually plain old http anyway, so NAT is just fine for that.

Anav
Sarcastic Llama? Naw, Just Acerbic
Premium Member
join:2001-07-16
Dartmouth, NS

Anav

Premium Member

Okay makes some sense, I will try that. Both netgear switches I have I noted have that IGMP snooper option.

My problem is that I have VLAN34 associated with the WAN side of the house.
I have it set to get DHCP and there is no way for me to also make it a dhcp server for the STBs.

I get that its not necessary now because that's not the function of the VLAN. but
then how do the STBs get an IP from the USG^^

Can I create another VLAN for the STBs, that gives out DHCP addresses and that VLAN will simply sit on or piggyback on a LAN I have aready setup on the USG?????

How does the usg know to send multicast down this route though....... I feel like I a missing somethgn