Isolation of multicast TV traffic for home internet access

on under configuration
5 minute read

Moving into a new house with built-in RJ45 wall sockets, one could thing that setting up the network would be very easy.

The Problem

My FAI (Orange in France) relies on multicast for the live TV and that is a pain in the a#!. The goal was to keep WiFi to a bare minimum and avoid multiple WiFi repeaters. We use as much as possible the RJ45 connections now available. But there is no simple way to configure the network using the cables runningin the house for multiple rooms in a clean way. Live TV relies on multicast which tends to send traffic to all the devices connected if you don’t configure it right. The FAI proposes WiFi repeaters as a solution to connect all devices. Multicast is not easy to handle and I quickly got fed up of having each device receiving the multicast stream everytime the TV was on. That is no problem for a desktop computer but it is more damaging for simpler devices that suddenly receive a HD stream.

The fiber provided by my FAI ends in my basement, next to the ethernet connnections for each of the rooms. Two options there:

  • set-up the FAI router right there in the basement and connect all the rooms on the router. It required an additional switch to do it as there are only 5 port on my FAI router, but it is probably a viable option. BUT I didn’t want to have my router in my basement where it was far from reach in case I needed to reboot it. Also radio communication between the basement and the other floors is poor so it made it impossible to use the router WiFi or built-in DECT for the phone.
  • set-up the FAI router in another room inside the house. This required to set-up a switch where the Fiber connection would be connected and connect all the other rooms to the switch. This leads to require to set-up a switch in the room to connect both the FAI router and the wall sockets.

The configuration below isolates the multicast stream in a dedicated VLAN that is sent only to the room where the TV settop box is connected. The rest of the traffic, called “internet traffic”, uses another VLAN and is sent to all the other rooms. This way the live TV stream is received only in the room where the TV is. Other devices connected in the same room would still receive the multicast stream but it is not a problem in our setup.

Configuration on the side of the fiber optics arrival

  • an ONT is in the basement with FAI fiber directly attached to it. The RJ45 output is connected on port 1 of a 8-port switch.
  • Attached to this switch are also all the ethernet cables connecting the house, one for each of the 5 rooms with RJ45 plugs.
  • The switch is a Netgear GS108Ev3. Below are screenshots of the main configuration elements switch-basement switch-basement switch-basement switch-basement

Configuration on the side of FAI router

  • The FAI router Livebox 4 is located in another room
  • The switch in the Office is also a Netgear GS108Ev3. Below are screenshots of the main configuration elements switch-office switch-office switch-office switch-office

The VLANs

  • Network from the FAI at the output of the ONT uses multiple VLAN:
    • 832 for everything but,
    • 840 for Live TV,
    • 838 for VoD ,
    • 852 for VoIP
  • Live TV traffic on VLAN 840 relies on multicast
  • To isolate the live TV streams, all the traffic is sent to the FAI router where it is then in turn split in two VLAN: 5 for the live TV, 1 for the rest LAN

WiFi hotspot

  • FAI router WiFi is turned OFF
  • WiFi is provided by a Ubiquiti UniFi UAC-AC-Lite Access Point connected by an ethernet cable in one of the rooms and turned on when needed only.
  • It provides 802.11ac and 802.11n on 2.4 and 5 GHz radio
  • The UniFI web UI is installed on a desktop computer and is not always on.

Why so complicated and why not use IGMP snooping ?

Why not IGMP snooping ? Because it does not work well on every brand of switches when you need to go through more than 1 switch. I tried to set-it up on the Netgear switches and shared my configuration with Netgear support which told me it can not work on these switches. I always ended up with the multicast stream sent to all devices connected to the switch. IGMP snooping does work fine when there is a single switch between the router and the settop box.

So in this set-up IGMP Snooping is disabled on switches, the live TV multicast is isolated in a dedicated VLAN 5. Which means that the only VLAN available on the RJ45 socket for the TV room is VLAN 5 for TV. It is possible to update the configuration to also send VLAN 1 for internet traffic to the room but in this case all equipment connected in the room would receive the multicast stream.

I guess a lot of people didn’t care to isolate the multicast traffic and have setups where the multicast stream is sent to all the connected devices in the house. It probably works fine for a lot of people. But some devices, especially if you have devices with 100Mbs connections in your home like IP camera, connected audio speakers, … can get saturated by a HD stream and have unpredictable behaviors.

It is also possible to just have a WiFi connection between the router and the settop box. In my case it requires using a WiFi repeater or WiFI extender because the settopbox itself does not have WiFi support. But WiFi is not as reliable as cable connections and we got tired of having some loss of packets, even minor, in our HD streams.

configuration, FAI, IGMP, VLAN