Multicast (IPTV) Over VPN

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Locked
h4lt
OpenVpn Newbie
Posts: 3
Joined: Tue Mar 29, 2016 1:29 pm

Multicast (IPTV) Over VPN

Post by h4lt » Tue Apr 12, 2016 8:21 pm

I currently work at an ISP and I'm trying to figure out how to setup an OpenVPN server at work to feed IPTV to my home (through a different ISP), so I can get free IPTV service :)

What I am trying to do is setup the OpenVPN server with a Public and private IP. The IPTV STB's get their IP's via an external DHCP server, so I would like to bridge this traffic over the VPN. I would like to shy away from nat if possibe, which is why I want to use a public IP directly on the server itself. I have attached a simple of diagram of what I envision the setup would look like.

When trying to wrap my head around the configuration I see people using the "server-bridge" command in their server config, but they always indicate a DHCP range. I don't need a DHCP range since DHCP is fed externally in our situation. I also don't see a lot of configs where people use a public IP on the server itself. So I'm also wondering how the two interfaces effect my config. If someone could to point me in the right direction I would greatly appreciate it!

This was the closest thing I could find to my setup on the forums.
topic21240.html

Image
Top
h4lt
OpenVpn Newbie
Posts: 3
Joined: Tue Mar 29, 2016 1:29 pm

Re: Multicast (IPTV) Over VPN

Post by h4lt » Thu Apr 14, 2016 1:14 pm

Just a follow up. I've been working on this setup and I think I'm really close to getting it to work. I was able to get the VPN to link up and I can ping from the OVPN client to the OVPN server, but when the OVPN client pulls an IP from the DHCP server the client strips the default gateway. Initially I was using the "server-bridge" command because I was using my own DHCP server. I found a different thread where someone suggusted using "server-bridge nogw". I am now able to pull the default gateway via DHCP, but I am unable to ping the default gateway (10.1.94.1). I can ping the OVPN Server (10.1.94.205). Any ideas on what may be causing this?

The good new is that I was able to pull multicast over the VPN on VLC by configuring a static IP on a laptop bridge to my windows ovpn client. The video is pretty choppy so I'm trying to figure out if it is a bandwidth issue at my house or if it is the overhead of the VPN. I have a 30Mbps/2Mbps connection through a cable modem at my house.

OVPN Client IP = 10.1.94.238 (DHCP)
OVPN Server IP = 10.1.94.205 (static)
Router IP = 10.1.94.1

Server Config (Ubuntu 10.04):

Code: Select all

port 1194
proto udp
dev tap
up "/etc/openvpn/up.sh br0 eth1"
ca ca.crt
cert openvpn.crt
key openvpn.key
dh dh2048.pem
server-bridge nogw
keepalive 10 120
comp-lzo
persist-key
persist-tun
verb 3
up.sh script:

Code: Select all

#!/bin/sh

BR=$1
ETHDEV=$2
TAPDEV=$3

/sbin/ip link set "$TAPDEV" up
/sbin/ip link set "$ETHDEV" promisc on
/sbin/brctl addif $BR $TAPDEV
/etc/network/interfaces

Code: Select all

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
  address 199.X.X.X.X
  netmask 255.255.255.252
  gateway 199.X.X.X.X

auto eth1
iface eth1 inet manual
  up up link set $IFACE up promisc on

auto br0
iface br0 inet static
  address 10.1.94.205
  netmask 255.255.255.0
  bridge_ports eth1
ifconfig from server:

Code: Select all

br0       Link encap:Ethernet  HWaddr 00:50:56:95:35:66
          inet addr:10.1.94.205  Bcast:10.1.94.255  Mask:255.255.255.0
          inet6 addr: fe80::250:56ff:fe95:3566/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:52891 errors:0 dropped:0 overruns:0 frame:0
          TX packets:159 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:4453611 (4.4 MB)  TX bytes:8542 (8.5 KB)

eth0      Link encap:Ethernet  HWaddr 00:50:56:95:08:9f
          inet addr:199.X.X.X Bcast:199.X.X.X  Mask:255.255.255.252
          inet6 addr: fe80::250:56ff:fe95:89f/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:48346 errors:0 dropped:20 overruns:0 frame:0
          TX packets:302912 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:9290640 (9.2 MB)  TX bytes:369199037 (369.1 MB)

eth1      Link encap:Ethernet  HWaddr 00:50:56:95:35:66
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:293437 errors:0 dropped:0 overruns:0 frame:0
          TX packets:30010 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:353325468 (353.3 MB)  TX bytes:3975638 (3.9 MB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:1504 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1504 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:129380 (129.3 KB)  TX bytes:129380 (129.3 KB)

tap0      Link encap:Ethernet  HWaddr 6e:47:f2:f3:8d:6d
          inet6 addr: fe80::6c47:f2ff:fef3:8d6d/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:13525 errors:0 dropped:65 overruns:0 frame:0
          TX packets:15176 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:1483560 (1.4 MB)  TX bytes:1620315 (1.6 MB)

Client Config:

Code: Select all

client
remote 199.X.X.X
port 1194
proto udp
dev tap
dev-type tap
ns-cert-type server
reneg-sec 86400
comp-lzo yes
verb 3
ca ca.crt
cert client1.crt
key client1.key

Code: Select all

Description: TAP-Windows Adapter V9
Physical Address: ‎00-FF-18-C8-E2-7A
DHCP Enabled: Yes
IPv4 Address: 10.1.94.233
IPv4 Subnet Mask: 255.255.255.0
Lease Obtained: Thursday, April 14, 2016 8:51:50 AM
Lease Expires: Sunday, April 17, 2016 8:06:24 PM
IPv4 Default Gateway: 10.1.94.1
IPv4 DHCP Server: 10.0.3.2
IPv4 DNS Server: 10.100.0.2
IPv4 WINS Server: 
NetBIOS over Tcpip Enabled: Yes


C:\Users\h4lt>ping 10.1.94.1

Pinging 10.1.94.1 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 10.1.94.1:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

C:\Users\h4lt>ping 10.1.94.205

Pinging 10.1.94.205 with 32 bytes of data:
Reply from 10.1.94.205: bytes=32 time=17ms TTL=64
Reply from 10.1.94.205: bytes=32 time=9ms TTL=64
Reply from 10.1.94.205: bytes=32 time=10ms TTL=64
Reply from 10.1.94.205: bytes=32 time=9ms TTL=64

Ping statistics for 10.1.94.205:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 9ms, Maximum = 17ms, Average = 11ms
Top
h4lt
OpenVpn Newbie
Posts: 3
Joined: Tue Mar 29, 2016 1:29 pm

Re: Multicast (IPTV) Over VPN

Post by h4lt » Fri Apr 15, 2016 1:30 am

Well surprisingly I got this to work tonight. I just attempted to boot a box from my home and it booted into our IPTV middleware. I am able to change channels (join/leave multicast streams without issues!), audio sounds ok, but video is really choppy. One thing I noticed is that my residential bandwidth usage is not being affected all that much. I have a 30Mbps/2Mbps package and when I am watching a channel through the STB it only uses about 5Mbps/.5Mbps. The majority of these channels are 10-15Mbps (and higher). I got to wondering if there was a was to force more bandwidth over the VPN and I found the "sndbuf 0" and "rcvbuf 0" commands. I tried those with no luck. Anybody have any tricks to pushing more bandwidth across that link, or is this just an inherent openvpn bridge issue?
Top
User avatar
Traffic
OpenVPN Protagonist
Posts: 4066
Joined: Sat Aug 09, 2014 11:24 am

Re: Multicast (IPTV) Over VPN

Post by Traffic » Fri Apr 15, 2016 9:17 pm

h4lt wrote:Anybody have any tricks to pushing more bandwidth across that link
The most obvious answer is: Pay for more bandwidth ..
Top
brianhill
OpenVpn Newbie
Posts: 2
Joined: Wed Oct 26, 2016 8:14 pm

Re: Multicast (IPTV) Over VPN

Post by brianhill » Wed Oct 26, 2016 10:40 pm

Hello h4lt,

I'm in the same boat as you. Work for an ISP and we've just deployed our IPTV solution. I'd like to have a VPN server setup so I can use a set top box from home. I have a bit more of a linear setup than you have and was hoping to get some help.

My internet connection at home is more than sufficient to handle the IPTV traffic. 150Mbps Down and Up, 1TB of bandwidth.

Anyways, I was hoping you can help me with the OpenVPN server setup. I am having trouble getting the bridging to work properly.

I can connect to the VPN server. I get an IP from the VPN server. I can ping the VPN gateway, I can ping the IP of the interface that faces the IPTV network where multicast traffic would be, but I cannot ping anything beyond that. Any help or suggestions would be appreciated.

Thanks!
Top
User avatar
disqualified
OpenVPN User
Posts: 40
Joined: Fri Jun 03, 2016 7:13 pm

Re: Multicast (IPTV) Over VPN

Post by disqualified » Wed Oct 26, 2016 11:31 pm

brianhill wrote:Work for an ISP and we've just deployed our IPTV solution
And you want a Free Open Source Software Community to solve your problem ?

You are in the wrong job, you should be a politician with that level of sass.
Top
Locked

Return to “Configuration”