niek.be

Because my name deserves a domain

Interactive television with OpenWrt (Telenet Digicorder behind your own router)

tl;dr:
use a VLAN to link the WAN port with the LAN port the set-top box is attached to
.

My tv set-top box (Telenet Digicorder in Belgium) needs an external IP address. Without it, you’re missing certain functions, such as browsing the program guide further than two days, or planning recordings over the web. The Digicorder only gets an external IP address when it’s connected to the modem/router my ISP (Telenet) installs.

If you use your own router with DHCP enabled, you run into troubles. Everywhere on Belgian forums you will find that I should buy Powerline adapters to keep a direct line between the Digicorder and the Telenet router. Or I should drop the (silly) idea to have my own router… But where’s the fun in that?

My home network

For personal reasons (guest wifi, VPN, etc.), I like having my own router connected to the Telenet router, with DHCP enabled for a different subnet. The router I use is a Linksys WRT1900AC with OpenWrt. In my apartment, the Telenet modem/router is installed in a storage room. My NAS (a noisy old pc) is also located there. That’s why I installed the WRT1900AC there as well. The WRT1900AC WAN port is connected to a port on the Telenet router. One of the LAN ports is connected to the NAS, another to a cable in the wall that arrives behind the television. At the television location, there are several devices that need LAN and/or WAN connectivity: the A/V receiver (LAN), Playstation 4 (LAN), Raspberry Pi with OpenElec (LAN) and then the Digicorder (LAN+WAN!). I use a TP-Link TL-WR1043nd (v1) as a switch to distribute internet at the television location.

My home network.

My home network.

I admit that my setup is more complex than the average Telenet customer’s setup, so first I will explain how to have the Digicorder behind just one router (other than the one provided by Telenet), then with the extra switch.

How NOT to do it

Telenet doesn’t use IPTV, so my initial attempts to use igmpproxy with OpenWrt were a waste of time. I also don’t want to use Powerlink or pull extra wires through the wall, that would be the easy way out.

Digicorder behind one router

Let’s just start with what most people would do: installing a personal router behind the Telenet router and attach the Digicorder.

The Digicorder is connected directly to your own router.

The Digicorder is connected directly to your own router.

You need to create a VLAN (Virtual LAN) to link the port the Digicorder is attached to with the WAN port. How your current switch setup looks, depends on the router/switch you have. In the WRT1900AC, there are already two VLANs. If you’re not sure about the port numbers, look up your router in the OpenWrt wiki.

These are the ports for the WRT1900AC, taken from the WRT1900AC OpenWrt wiki at the time of writing:

wrt1900ac-ports

The standard switch setup is this:

wrt1900ac-standard

Which looks like this in /etc/config/network:

config switch_vlan
option device 'switch0'
option vlan '1'
option vid '1'
option ports '0 1 2 3 5'
 
config switch_vlan
option device 'switch0'
option vlan '2'
option vid '2'
option ports '4 6'

The cable towards the Digicorder is attached to port 3, so we remove it from VLAN 1 and add it to VLAN 2:

wrt1900ac-only

/etc/config/network:

config switch_vlan
option device 'switch0'
option vlan '1'
option vid '1'
option ports '0 1 2 5'

config switch_vlan
option device 'switch0'
option vlan '2'
option vid '2'
option ports '3 4 6'

No further customization is required! Tagging isn’t needed because each port belongs to just one VLAN. The firewall rules are still fine. Port 3 belongs to the WAN zone now.

Digicorder behind a router and a switch

Now let’s add an OpenWrt switch to provide internet to the other devices at the Digicorder’s location.

My home network.

On the WRT1900AC, port 3 (cable going to the TL-WR1043nd) will be used for both LAN and WAN traffic, so the port will be added to both VLANs and tagging needs to be enabled:

wrt1900ac+tp-wr1043nd

Switch on the WRT1900AC

/etc/config/network on the WRT1900AC:

config switch_vlan
option device 'switch0'
option vlan '1'
option vid '1'
option ports '0 1 2 3t 5'
 
config switch_vlan
option device 'switch0'
option vlan '2'
option vid '2'
option ports '3t 4 6'

The TL-WR1043nd will be used as a switch, so the DHCP server is disabled. I also won’t need the WAN port anymore, so port 0 will be added to VLAN 1. Port 1 is used for the Digicorder. Port 0 is the cable from the WRT1900AC and it needs to be tagged (because it is tagged when it leaves the WRT1900AC on port 3).

tl-wr1043nd+wrt1900ac

Switch on the TL-WR1043nd

/etc/config/network on the TL-WR1043nd:

config switch_vlan
option device 'switch0'
option vlan '1'
option ports '0t 2 3 4 5t'

config switch_vlan
option device 'switch0'
option vlan '2'
option ports '0t 1 5t'

So the Digicorder is in a separate VLAN with the cable coming from the WRT1900AC.

I removed the WAN interface and added a second LAN interface. LAN is attached to eth0.1 (VLAN 1) and LAN2 to eth0.2 (VLAN 2). Notice that I removed the wifi network, but feel free to leave it. Both interfaces are configured to be DHCP clients. LAN will get its IP from the WRT1900AC and LAN2 will get it from the Telenet router.

tl-wr1043nd-interfaces

Interfaces on the TL-WR1043nd

Both LAN and LAN2 are in the same firewall zone. The WAN firewall zone is still there but is unused.

tl-wr1043nd-firewall

TL-WR1043nd firewall

At this point the Digicorder gets an IP address from the Telenet router and an external IP! The only thing left to do is to enable masquerading in the WRT1900AC for the LAN zone. Only then you are able to login into the TL-WR1043nd for configuration:

wrt1900ac+tp-wr1043nd-firewall

Firewall on the WRT1900AC (part of it), with masquerading enabled

That’s it!

4 Comments

  1. Hello,

    Thank you for this tutorial! It works perfectly!

    Well, almost….

    My Digibox gets nice his 10.xxx IP, but does not get an InHome IP…. And I don’t know why.

    Do you get an inhome IP? Technically, I still do not see how it is possible to get an Inhome IP….

    Also, can you explain the very last part about the masquerading. I do not know why that is needed. It seems to work all perfectly without the masquerading rule.

    Thank you very much for your help!

    • Hi Arnout,
      Thanks for your question.
      As shown in one of my pictures, my Digicorder gets two IP’s from the Telenet router: 10.x.x.x and 192.168.0.x.
      It does not get one from my own router (192.168.1.x), which is normal.
      If you get the 10.x one, that means you’ve setup your own router correctly.
      It’s weird you’re not getting the second one.
      Are you able to reach your Digicorder using the Yelo TV app?

      As for IP masquerading, this was needed to be able to reach the configuration page of the second router I installed (Telenet router – Router 1 (WRT1900AC) – Router 2 (TL-WR1043) – Digicorder).
      More info here: https://wiki.openwrt.org/doc/uci/firewall#masquerading_on_lan

      Good luck!

      • Hello,

        Thanks for the reply.
        In the Settings interface on my digibox I only see the 10.x.x.x address, but I am able to ‘swipe’ programs from my Yelo app to the digibox and to see my recordings etc.
        So, everything seems to work.

        After further reading, it seems that the 192.x.x.x address is only used to stream DLNA content from other home devices to the digibox, which is not something I need.
        Can you maybe confirm that I am correct on that one?

        Everything else seem to work perfectly, so once again, thank you for your guide. This really helped me out a lot!

        A.

        • The main reason why I did this was to be able to use my own router together with the Yelo app and a program schedule longer than 3 days.
          If that works, then you’re set!

          Still not sure why you only get one IP address but you’re right, I’m not using it either.

Leave a Reply

Your email address will not be published.

*

 

© 2017 niek.be

Theme by Anders NorenUp ↑