Bell Fibe Internet & IPTV with pfsense

If you go through my Blog, you will notice that ​I wrote an article in January 2018 in regards to using your own router with Bell Fibe. In the previous Blog I was giving people the option to either activate the advanced DNZ option on their Home Hub 3000 (HH3000) or simply remove the HH3000. I was suggesting devices to handle the Fiber Optic conversion and referred to Forums where you were able to find posts on how to accomplish this and configure your systems.

At the time I was using the advanced DMZ option from my HH3000 which worked fine for me. One year later I started experiencing issues with my Network, including the VPN connections. My Firewall would get the WAN address of the HH3000 but for some obscure reason I was unable to reach the Internet. I called Bell hoping to get some help but I was told that if the advanced option was not working, it was not their problem. The first technician who answered the phone even told me that nobody was using this function (I bet he didn't even know this function existed!) Well, as mentioned in my previous Blog Post, Bell Aliant came up with a PDF documenting this function which let me believe that it should have been supported!

Well guess what? I got tired of Bell's BS and I decided to look online hoping to find out how I could get rid of my HH3000. I found a few Forums with valuable information but the gold mine was the Netgate Forum. On this post from zax123 I found enough information to get me started. The issue I ran into was that I was using a Check Point Firewall and most users were running pfsense. Since I was due to renew my licence and support ($300+/year in my case), I was easy to convince and decided to give pfsense a try.

After a few weeks and many hours searching, googling, posting ... I managed to get my Bell Fibe Internet and IPTV to fully work without the HH3000! Finally, I was able to ditch the HH3000! in an attempt to help others, I decided to come up with my own updated post on how to accomplish this.

Now, like me if you live on the East Coast (I live in Nova Scotia) and you would like to ditch your Bell Aliant HH3000, this "How To" guide is for you!

First of all you have to install pfsense. This guide will not give you direction on how to install and configure pfsense. In my scenario, my pfsense box has multiple network cards to suit my needs but to follow this guide you will only need 3 i.e.: WAN, LAN and IPTV.

Let's get started, for this tutorial I was using pfsense v2.4.4-release-p3. Please also note that I will not discuss the Bell Phone service.

First you need to remove the Fiber Optic cable from your HH3000 Modem. It comes out with the GBIC which can then be used in many ways (Directly in a switch, EdgeRouter X, Converter etc). In my case I chose to buy a TP-Link MC220L Media Converter like this one which was reasonably priced and easy to use.

*** BE CAREFUL as routes and gateway may vary depending on your region. I recently moved and my IPTV was not working. After conducting a packet capture I found out that I needed to adjust my configuration (Gateway, Routes, IGM) to reflect the new IP addresses.

First of all, on your WAN interface, under MAC Address - You have to spoof the MAC address of your HH3000 for the IPTV to obtain an IP address from the Network. 


Under System / General Setup, set the DNS Servers to Bell Aliant and check the option DNS Server Override as shown below


Under Interfaces / VLANs, create 2 VLANS. The first one will be VLAN35 for your Fibe Internet and the second one will be VLAN34 for IPTV. Assign both VLANS to your WAN Interface.


Under Interfaces / Interface Assignments, we will create and enable all our Interfaces:

  • Add the VLAN35 Interface, I named it "Internet". This Interface is DHCP;
  • Add the VLAN 34 Interface, I named it "IPTV". This Interface is also DHCP;
  • Add and configure an Interface for your LAN (I suggest NOT using 192.168.2.0/24 since this is the range we are going to use for the IPTV_LAN Interface)
  • Add the last Interface, I named it IPTV_LAN. This Interface is configured with a Static IP which I used 192.168.2.1/24. This is the Interface where I connected my VAP device (Bell Fibe Access Point). 

Now, if you connect your TP-Link Converter, insert your Fiber Optic on one end and your CAT5 (or CAT6) cable on the other end and link this ​cable to your WAN card you should have Internet. That's pretty much all you have to do if you only have Internet Service with Bell Fibe. If you also have IPTV, you should have received an IP address for your TV Service but your pfsense is not configured to route IPTV yet. Let's continue...


Enable and configure the DHCP Server for the IPTV_LAN Interface to assign IP addresses to your other Wireless Bell Boxes. Make sure that the DNS Servers are the Bell Aliant ones.


Configuring the IPTV Gateway is a little bit more tricky. You will have to use a packet sniffer to find out what is your Gateway since it is assigned statically and not through the DHCP. I used the pfsense Packet Capture function under Diagnostic and chose the IPTV Interface. My configuration looked like this one...


To capture my Gateway, I opened another pfsense instance and selected Status / Interfaces. In the other window I started monitoring the IPTV Interface. I returned to my Status / Interfaces window and Released / Renew my IP for the IPTV Interface. I waited a minute then stopped the capture. You should see communication where an IP, in my case 10.195.128.3 using port 67 talking to your IPTV local IP ex: 10.195.XXX.XXX on port 68. The first address is your Gateway.


​Now, under System / Routing / Gateways, add your newly discovered Gateway and make sure that your Default Gateway IPv4 is set to your Internet Connection Gateway. I ran into issues where I was unable to reach the Internet and found out that this was my issue. You can also deactivate the dynamic Gateway created by default after your created the IPTV Interface.


Under System / Routing / Static Routes, add the following Routes

  • 10.2.0.0/16
  • 10.237.0.0/16
  • 10.195.0.0/16

All the Routes have to be linked to the IPTV Gateway you just created. 

Be aware that it is possible to have different routes depending of your IP address, if your IPTV IP address is in a different IP range than mentioned above, you will have to modify some entries.


​Under Services / IGMP Proxy, add the same routes for the upstream. Leave the downstream blank.


​Now we need to create rules under the Firewall. For this part, I will let you tweak the rules if you want to but for this tutorial I kept things easy by allowing ALL traffic IPv4 and IPv6 for the IPTV and IPTV_LAN Interfaces. I do not think that Bell is using IPv6 yet but I might be wrong. Like I said, I am keeping things easy here for the tutorial. 

One important thing you have to do while creating these 2 rules is to check the box under Advanced Option / Allow IP options. 


​One last thing, to be on the safe side, configure Domain Overrides under Services / DNS Resolver / General Settings to redirect the following requests:

  • tv.fibreop.ca / 47.55.55.55
  • tv.fibreop.ca / 142.166.166.166
  • iptv.microsoft.com / 47.55.55.55
  • iptv.microsoft.com / 142.166.166.166


​If you followed this guide and did everything right you should now have Internet and IPTV working without the use of the Bell HH3000!!!

This is the basic setup to have both services working without the HH3000, I am sure you can tweak some of the settings as you please. Like I said earlier this is the basic configuration.

It took me quite a bit of time and I did a lot of research as well to accomplish this and I cannot take the credit for this configuration. All I can say is that I promised myself to put an updated "Configuration Guide" together once I got things working and this is what I did!

I hope you enjoy, let me know what you think!

PS: If you notice mistake(s) or configuration error(s), please let me know. Remember, the ultimate goal is to help each other out!

REFERENCES: 

Netgate Forum
https://forum.netgate.com/topic/78892/how-to-get-bell-fibe-in-quebec-ontario-internet-and-iptv-working-with-pfsense

DSLReports Forum
https://www.dslreports.com/forum/r32420749-

I want to Thank the following people for sharing their knowledge, you guys helped me a lot!

rcmpayne
autumnwalker
JAMESMTL

Related Posts

 

Comments 58

Guest - Dan on Saturday, 15 February 2020 16:51

Great post! Thanks for taking the time to explain!! I think a lot a people like you and me want their independence - not being attached to your Provider's Router is awesome!

Great post! Thanks for taking the time to explain!! :) I think a lot a people like you and me want their independence - not being attached to your Provider's Router is awesome!
Guest - Michael B. on Friday, 27 March 2020 13:39

I have an issue with this configuration as my internet speed is dropping from 940Mb download to around 800Mb and the upload is dropping to. I have 1Gb down and 750Mb up speed from Bell. Do you have solution for this issue?

I have an issue with this configuration as my internet speed is dropping from 940Mb download to around 800Mb and the upload is dropping to. I have 1Gb down and 750Mb up speed from Bell. Do you have solution for this issue?
idscomm on Friday, 27 March 2020 13:54

Hi Michael, I have 500Gb (up and down) and have no speed issue as far as I am aware. How did you find out/test your speed? I can do more testing on my side. Everything else is working (Internet and IPTV)?

Hi Michael, I have 500Gb (up and down) and have no speed issue as far as I am aware. How did you find out/test your speed? I can do more testing on my side. Everything else is working (Internet and IPTV)?
Guest - Michael B, on Saturday, 28 March 2020 19:39

I tested using speedtest.net with computer connected to pfSense LAN interface directly, I think the issue is with media converter 1Gbit SFP and bell provided 2.5Gb GPON. For some reason HH3000 works better with GPON then media converter. For the speeds lower than 1Gbit the issue is not noticeable.

I tested using speedtest.net with computer connected to pfSense LAN interface directly, I think the issue is with media converter 1Gbit SFP and bell provided 2.5Gb GPON. For some reason HH3000 works better with GPON then media converter. For the speeds lower than 1Gbit the issue is not noticeable.
idscomm on Saturday, 28 March 2020 21:59

ok, good to know. I'll do some testing on my side when I get a chance. Thanks for sharing.

ok, good to know. I'll do some testing on my side when I get a chance. Thanks for sharing.
Guest - text on Tuesday, 21 April 2020 09:56

Have you tested this? Ive been experimenting with this and came to the same conclusion, i have the fiber 1.5 plan and i installed the fiber in the tplink media converter, and the fastest speed i can now get is 500mb/s no matter what i do. Ive ordered a sfp+ card from ebay and im now waiting on that to see if that works. Fingers crossed.

Have you tested this? Ive been experimenting with this and came to the same conclusion, i have the fiber 1.5 plan and i installed the fiber in the tplink media converter, and the fastest speed i can now get is 500mb/s no matter what i do. Ive ordered a sfp+ card from ebay and im now waiting on that to see if that works. Fingers crossed.
idscomm on Tuesday, 21 April 2020 10:29

Hi,

I haven't had the time to test this scenario to be honest. My concern with switching the GPON SFT received from your Internet provider (Bell in ma case) is that I believe they enter the S/N of your GPON in their system... Not sure if another GPON would be recognize on their network. I am waiting for parts on my side. I want to try something, if everything works as planned I should have an update within a week. I will update this post with an alternative.

I did some research but not sure what type of GPON SFT are compatible with the HH3000 to be honest.

0
Hi, I haven't had the time to test this scenario to be honest. My concern with switching the GPON SFT received from your Internet provider (Bell in ma case) is that I believe they enter the S/N of your GPON in their system... Not sure if another GPON would be recognize on their network. I am waiting for parts on my side. I want to try something, if everything works as planned I should have an update within a week. I will update this post with an alternative. I did some research but not sure what type of GPON SFT are compatible with the HH3000 to be honest.
Guest - Testeur on Thursday, 16 April 2020 19:29

Hi,

How can I find my HH3000 MAC address ?

Thanks

Hi, How can I find my HH3000 MAC address ? Thanks
idscomm on Thursday, 16 April 2020 19:50

Hi,

You can look on the Webinterface of the modem by connecting with your browser (http://192.168.2.1 by default if you didn’t change the IP configuration) you can find it there or maybe behind the actual modem as well.

Hi, You can look on the Webinterface of the modem by connecting with your browser (http://192.168.2.1 by default if you didn’t change the IP configuration) you can find it there or maybe behind the actual modem as well.
Guest - Nathan on Friday, 05 June 2020 16:30

I wonder if I am just pass VLAN 34 to HH3000 and let HH do IPTV and Phone, but not pppoe, will that work?

I wonder if I am just pass VLAN 34 to HH3000 and let HH do IPTV and Phone, but not pppoe, will that work?
idscomm on Friday, 05 June 2020 20:03

Nathan, I actually tried but so far haven't put more time working on a solution. Basically I bought this splitter and connected one end to my HH3000 and the other end to my media converter -> going to my pfsense. I had purchased another GPON as well (for my Media converter) but I believe Bell uses Serial (or MAC) to assign the IP address therefore when I added another GPON I wasn't able to get an IP... Only the original Bell GPON was receiving its IP (no matter if it was connected to the HH3000 or my Media Converter.

Nathan, I actually tried but so far haven't put more time working on a solution. Basically I bought this [url=https://www.amazon.ca/gp/product/B07PBWNN6V/ref=ppx_yo_dt_b_asin_title_o08_s00?ie=UTF8&psc=1]splitter[/url] and connected one end to my HH3000 and the other end to my media converter -> going to my pfsense. I had purchased another GPON as well (for my Media converter) but I believe Bell uses Serial (or MAC) to assign the IP address therefore when I added another GPON I wasn't able to get an IP... Only the original Bell GPON was receiving its IP (no matter if it was connected to the HH3000 or my Media Converter.
Guest - Nathan on Sunday, 07 June 2020 12:10

First, the IP address for vlan 34 and vlan 35 are different on HH3000 (HH is getting 2 IP). Second, HH have the wan port so basically before going to router it go through a virtual switch. Pfsense routing gets 35 untagged and HH port get 34 and 35 (I believe HH still can use vlan 35 to communicate for firmware and telemetry and something more even though there's no pppoe (HH might have a default credential for limited service so it can communicate with bell if you don't put in your b1)). However I figure out these setup is so frustrated and I just transfer my phone number to a SIP service and just use internet only.

First, the IP address for vlan 34 and vlan 35 are different on HH3000 (HH is getting 2 IP). Second, HH have the wan port so basically before going to router it go through a virtual switch. Pfsense routing gets 35 untagged and HH port get 34 and 35 (I believe HH still can use vlan 35 to communicate for firmware and telemetry and something more even though there's no pppoe (HH might have a default credential for limited service so it can communicate with bell if you don't put in your b1)). However I figure out these setup is so frustrated and I just transfer my phone number to a SIP service and just use internet only. :D
idscomm on Friday, 12 June 2020 06:03

You are right about the 2 different IP's. The Internet IP is a Public IP assigned through VLAN35 and the Fibe TV IP is assigned through VLAN34 (usually in the 10.X.X.X range). I tried using my WAN port (the RJ45 one) but never got an IP from that one.. some people said that this port was deactivated since the HH3000 was using GPON. I though about getting rid of the TV and simply keep Internet which would make my life easier but with a family, TV is not something we are ready to abandon yet. I already have VOIP therefore I can careless about the phone service provided by Bell but since I have the service (cheaper to keep it as it falls under "bundle" than getting rid of it) I decided to buy a bridge and send the line to my PBX server... I now have 2 phone numbers coming to my system where I manage the route based on cost ie: local calls are routed through Fibe and long distance are sent to my VOIP account.

Overall I wish Bell would give their customer more freedom in regards to using their own equipment but that's not happening anytime soon!

You are right about the 2 different IP's. The Internet IP is a Public IP assigned through VLAN35 and the Fibe TV IP is assigned through VLAN34 (usually in the 10.X.X.X range). I tried using my WAN port (the RJ45 one) but never got an IP from that one.. some people said that this port was deactivated since the HH3000 was using GPON. I though about getting rid of the TV and simply keep Internet which would make my life easier but with a family, TV is not something we are ready to abandon yet. I already have VOIP therefore I can careless about the phone service provided by Bell but since I have the service (cheaper to keep it as it falls under "bundle" than getting rid of it) I decided to buy a bridge and send the line to my PBX server... I now have 2 phone numbers coming to my system where I manage the route based on cost ie: local calls are routed through Fibe and long distance are sent to my VOIP account. Overall I wish Bell would give their customer more freedom in regards to using their own equipment but that's not happening anytime soon!
Guest - Steve on Thursday, 20 August 2020 08:32

You wouldn't happen to have the config for the er-x-sfp for Internet and TV on Aliant?

You wouldn't happen to have the config for the er-x-sfp for Internet and TV on Aliant?
Guest - Steve Forbes on Thursday, 20 August 2020 14:47

You wouldn’t happen to have a config for er-x-sfp for Bell Aliant in NS with internet and TV? I also have a TP link mesh system (Deco X20), would I need a bridge? port so that there’s no double NAT?

You wouldn’t happen to have a config for er-x-sfp for Bell Aliant in NS with internet and TV? I also have a TP link mesh system (Deco X20), would I need a bridge? port so that there’s no double NAT?
Guest - Steve on Wednesday, 26 August 2020 16:41

Anyone have a config.boot for Bell Aliant in NS for a ER-X-SFP?

Anyone have a config.boot for Bell Aliant in NS for a ER-X-SFP?
idscomm on Tuesday, 08 September 2020 15:52

Hi Steve,

No, sorry I don't have the config for the Edge Router. I am using a lot of Unifi Products but never owned an Edge Router... I heard they were decent router tho. I know many people are using them with Fibe. Hopefully someone will get back to you with the config.

Hi Steve, No, sorry I don't have the config for the Edge Router. I am using a lot of Unifi Products but never owned an Edge Router... I heard they were decent router tho. I know many people are using them with Fibe. Hopefully someone will get back to you with the config.
Guest - Roo.T on Friday, 11 September 2020 13:53

Fantastic article!

Wondering if anyone has had any issues with getting their 4k box to work properly with this config.. all the older wireless and wired boxes seem to work fine but i've been having issues getting the 4k to boot up past the blue fibe screen.

Fantastic article! Wondering if anyone has had any issues with getting their 4k box to work properly with this config.. all the older wireless and wired boxes seem to work fine but i've been having issues getting the 4k to boot up past the blue fibe screen.
idscomm on Saturday, 12 September 2020 21:44

Thanks for the "thumbs up". It took me quite a bit of time to gather the information from here and there to write up this article merging all the info I found into 1 post hoping to make it easier for people.

I have not heard anything about 4K streaming to be honest... and I have not tried 4K streaming yet... Maybe someone will be able to answer that one for us. I need be, I can tweak this post. Keep me posted.

Thanks for the "thumbs up". It took me quite a bit of time to gather the information from here and there to write up this article merging all the info I found into 1 post hoping to make it easier for people. I have not heard anything about 4K streaming to be honest... and I have not tried 4K streaming yet... Maybe someone will be able to answer that one for us. I need be, I can tweak this post. Keep me posted.
Guest - Matt on Sunday, 29 November 2020 15:04

Hi there, thank you so much for this article! I recently switched to Bell (in NB) and right now use an Asus router but I am in the process of setting up a pfsense vm on a r720 I have. I working some of the IPTV portion out in my head as I go and I am curious for some feedback... I was thinking to setup VLAN34 on my switch and then plug the IPTV box into that and just have some firewall rules set up so the my other vlans are blocked from the IPTV VLAN and vice versa. This should work in my head but seems you've gone through this I am wondering what your thoughts are? Thank you! Matt

Hi there, thank you so much for this article! I recently switched to Bell (in NB) and right now use an Asus router but I am in the process of setting up a pfsense vm on a r720 I have. I working some of the IPTV portion out in my head as I go and I am curious for some feedback... I was thinking to setup VLAN34 on my switch and then plug the IPTV box into that and just have some firewall rules set up so the my other vlans are blocked from the IPTV VLAN and vice versa. This should work in my head but seems you've gone through this I am wondering what your thoughts are? Thank you! Matt
idscomm on Monday, 30 November 2020 10:48

Hi Matt,

Thanks for the "kudo" for the article, it took a while to put this together but if I am helping people, I'm happy.

To answer your question properly I am trying to understand what you are trying to do. If I got this right you want to use a switch to manage VLAN 34 and your IPTV? If that is correct, do you also have Internet Services with Fibe? Question is that Bell "link" the client side with the GPON serial number (like a reserved DHCP with a MAC) therefore you will need to use the GPON provided by Bell. I don't know if you also have Internet with Fibe (which I'd say most likely yes) then how do you plan to get your Internet? Not sure if you see where I'm going with this?

I tried different GPON and I was never able to get an IP address from Bell if not using their device.

Hi Matt, Thanks for the "kudo" for the article, it took a while to put this together but if I am helping people, I'm happy. To answer your question properly I am trying to understand what you are trying to do. If I got this right you want to use a switch to manage VLAN 34 and your IPTV? If that is correct, do you also have Internet Services with Fibe? Question is that Bell "link" the client side with the GPON serial number (like a reserved DHCP with a MAC) therefore you will need to use the GPON provided by Bell. I don't know if you also have Internet with Fibe (which I'd say most likely yes) then how do you plan to get your Internet? Not sure if you see where I'm going with this? I tried different GPON and I was never able to get an IP address from Bell if not using their device.
Guest - Matt on Monday, 30 November 2020 16:06

Hey there,

So what I have done is plugged the fiber cable into a media converter and then there is a Ethernet cable on that which goes into my existing Asus router. That router has an IPTV setting so I pop in the TV and Internet VLANs and specify which port on the Asus Router is for IPTV. Currently this works. The setup I am working towards moving the NIC from the Asus Router WAN port to a port on dell r720 I have. From there I have a vSwitch created and I will set it up two port groups, one on VLAN 35, one on VLAN 34. Those will be setup in the pfSense VM. Then after that I will be following your instructions for the IPTV and internet setup.

Once that is all done, I am thinking I can mostly likely create VLAN 34 (tagged) on my switch and assign that VLAN to the port(s) I would plug the set top box into and then have some firewall rules just dropping VLAN34 traffic to any of my other internal VLANS.

And yes, I have Internet & TV! Thanks!

Hey there, So what I have done is plugged the fiber cable into a media converter and then there is a Ethernet cable on that which goes into my existing Asus router. That router has an IPTV setting so I pop in the TV and Internet VLANs and specify which port on the Asus Router is for IPTV. Currently this works. The setup I am working towards moving the NIC from the Asus Router WAN port to a port on dell r720 I have. From there I have a vSwitch created and I will set it up two port groups, one on VLAN 35, one on VLAN 34. Those will be setup in the pfSense VM. Then after that I will be following your instructions for the IPTV and internet setup. Once that is all done, I am thinking I can mostly likely create VLAN 34 (tagged) on my switch and assign that VLAN to the port(s) I would plug the set top box into and then have some firewall rules just dropping VLAN34 traffic to any of my other internal VLANS. And yes, I have Internet & TV! Thanks!
idscomm on Tuesday, 01 December 2020 13:40

ok, so yes our setup is similar as I am using the Media Converter to convert the Fiber to RJ45 which connects to my pfsense. From there I have all my Interfaces and LAN/VLAN configured. Your setup sounds similar other than the fact that you'll run everything through VMs.

I haven't tried setting up VMs and virtual switch (other than in pfsense, which was running on a physical machine with multiples NICs) but if you follow the guide and configure all the Networks and Route properly it should work. IPTV can sometimes be tricky tho so hope it'll work.

Keep me posted.

ok, so yes our setup is similar as I am using the Media Converter to convert the Fiber to RJ45 which connects to my pfsense. From there I have all my Interfaces and LAN/VLAN configured. Your setup sounds similar other than the fact that you'll run everything through VMs. I haven't tried setting up VMs and virtual switch (other than in pfsense, which was running on a physical machine with multiples NICs) but if you follow the guide and configure all the Networks and Route properly it should work. IPTV can sometimes be tricky tho so hope it'll work. Keep me posted.
Guest - Matt on Tuesday, 01 December 2020 18:44

I will let you know how it goes! Just waiting on a Unifi AP Pro and getting this set up in the background!

I will let you know how it goes! Just waiting on a Unifi AP Pro and getting this set up in the background!
Guest - MattV on Saturday, 05 December 2020 12:56

Hello,

Im receiving the "0Gtek Gigabit Ethernet Media Converter, Multimode Dual LC Fiber, 1.25Gb/s SFP Module to 10/100/1000Base-Tx Fiber Media Converter with a SFP 1000Base-SX Module" tomorrow and will be attempting to replace the HH3000 with my Synology RT1900ac router.

All I have from bell is the fiber 1gbps internet (no phone or tv). I've been preparing the RT1900 as best I can, so far I spoofed the HH's MAC and setup all the LAN ports with VID: 35.

I'm leaving the WAN "connection type" on "Auto" assuming the router will get some DHCP info from Bell? The only other option I have in the router is ISP Settings: Hostname (option 12) / DHCP client ID (option 61) / DHCP class ID (option60) / DHCP client option

Will I need any of those settings filled in? also, in my bell HH there is a user: b1**** Pass:*** setup for internet access. Wont I need that setup in my synology somewhere?

Any help is much appreciated!

Hello, Im receiving the "0Gtek Gigabit Ethernet Media Converter, Multimode Dual LC Fiber, 1.25Gb/s SFP Module to 10/100/1000Base-Tx Fiber Media Converter with a SFP 1000Base-SX Module" tomorrow and will be attempting to replace the HH3000 with my Synology RT1900ac router. All I have from bell is the fiber 1gbps internet (no phone or tv). I've been preparing the RT1900 as best I can, so far I spoofed the HH's MAC and setup all the LAN ports with VID: 35. I'm leaving the WAN "connection type" on "Auto" assuming the router will get some DHCP info from Bell? The only other option I have in the router is ISP Settings: Hostname (option 12) / DHCP client ID (option 61) / DHCP class ID (option60) / DHCP client option Will I need any of those settings filled in? also, in my bell HH there is a user: b1**** Pass:*** setup for internet access. Wont I need that setup in my synology somewhere? Any help is much appreciated!
idscomm on Saturday, 05 December 2020 19:36

Hi MattV,

The Internet is pretty straight forward to configure. Depending where you are located, the VLAN can change. For the Atlantic Region in Canada, Internet is usually on VLAN 35. In my case, yes I left it to DHCP (or auto in your case) and I received my IP address since I am still using Bell's GPON (the serial number is recognized).

If you have a B1 username and password, your configuration will be different. Usually B1 username and password are PPPoE type connection. I did not configure any of the options you mentioned (12, 60 or 61). My best advice would be for you to look at the current config on your HH3000 and replicate the config on your Synology.

This should point you in the right direction to start.

Hi MattV, The Internet is pretty straight forward to configure. Depending where you are located, the VLAN can change. For the Atlantic Region in Canada, Internet is usually on VLAN 35. In my case, yes I left it to DHCP (or auto in your case) and I received my IP address since I am still using Bell's GPON (the serial number is recognized). If you have a B1 username and password, your configuration will be different. Usually B1 username and password are PPPoE type connection. I did not configure any of the options you mentioned (12, 60 or 61). My best advice would be for you to look at the current config on your HH3000 and replicate the config on your Synology. This should point you in the right direction to start.
Guest - MattV on Sunday, 06 December 2020 14:14

Hey it worked first shot!

I tested without the VLAN 35 setup and that broke it so definitely need that. I'm curious if I really need the MAC spoofed since I have the PPPoE setup (I found where to set that up in my router) but I'll leave it like so for now.

Thanks for the write-up, you inspired me to finally attempt this, very happy I don't have bell's stupid router broadcasting that ultra high power 5ghz signal in my basement anymore (you can turn off the wifi signals but not the built in TV one). I confirmed this with a RF Acoustimeter.

Hey it worked first shot! I tested without the VLAN 35 setup and that broke it so definitely need that. I'm curious if I really need the MAC spoofed since I have the PPPoE setup (I found where to set that up in my router) but I'll leave it like so for now. Thanks for the write-up, you inspired me to finally attempt this, very happy I don't have bell's stupid router broadcasting that ultra high power 5ghz signal in my basement anymore (you can turn off the wifi signals but not the built in TV one). I confirmed this with a RF Acoustimeter.
idscomm on Sunday, 06 December 2020 15:28

Good to hear Matt!

For the Mac Spoofing, you can try without and see how it acts. Here we don't use PPPoE so I had to use the MAC of my router if not I was not getting an IP address from Bell. In your case, maybe the PPPoE authentication is all you need to get that IP.

Thanks for the feedback on my post, I'm happy if this write-up helped you! That's my goal when I write those posts, sharing the knowledge and helping others (it take time and a little bit of work but it's worth it)!

I totally agree with you, if you can make things work without the HH3000, go for it!

Good to hear Matt! For the Mac Spoofing, you can try without and see how it acts. Here we don't use PPPoE so I had to use the MAC of my router if not I was not getting an IP address from Bell. In your case, maybe the PPPoE authentication is all you need to get that IP. Thanks for the feedback on my post, I'm happy if this write-up helped you! That's my goal when I write those posts, sharing the knowledge and helping others (it take time and a little bit of work but it's worth it)! I totally agree with you, if you can make things work without the HH3000, go for it!
Guest - MattM on Sunday, 06 December 2020 13:27

Good day! Working on my setup. I have it working, partially. TV plays for about 10 seconds and stops so I know that this is IGMP issue. I am a little fuzzy on where you got those other two gateways from?

10.2.0.0/16 - Where did this come from and what does it refer to?
10.237.0.0/16 - Where did this come from and what does it refer to?
10.195.0.0/16 - From packet capture

I am not sure if using the one gateway is all I need and then to put that into the igmp proxy? Also, just an FYI, for me in NB, I have never had to spoof the MAC address of the HH3000. From day one I was using a Asus router and it just worked.

Good day! Working on my setup. I have it working, partially. TV plays for about 10 seconds and stops so I know that this is IGMP issue. I am a little fuzzy on where you got those other two gateways from? 10.2.0.0/16 - Where did this come from and what does it refer to? 10.237.0.0/16 - Where did this come from and what does it refer to? 10.195.0.0/16 - From packet capture I am not sure if using the one gateway is all I need and then to put that into the igmp proxy? Also, just an FYI, for me in NB, I have never had to spoof the MAC address of the HH3000. From day one I was using a Asus router and it just worked.
idscomm on Sunday, 06 December 2020 15:45

Hi Matt,

These routes you are talking about are IPTV Routes. When you look at my packet capture, my Gateway was in the 10.195.0.0 Network (Gateway being 10.195.128.3). The other 2 were discussed on other posts (references are at the bottom of my post). I am not sure if these routes can change depending on your location or maybe they have been updated, hard to tell. The best way to find out is probably to run a packet sniffer again.

I now the Gateway changes depending on your location therefore you have to find yours if you want this to work properly.

Routes are going under IGMP Proxy but not your gateway. You have to manually entered your gateway under gateways as shown in this post.

Thanks for the update on the spoofing of the Mac, I was unaware that some users did not have to spoof. Good news, make things a bit easier.

Hi Matt, These routes you are talking about are IPTV Routes. When you look at my packet capture, my Gateway was in the 10.195.0.0 Network (Gateway being 10.195.128.3). The other 2 were discussed on other posts (references are at the bottom of my post). I am not sure if these routes can change depending on your location or maybe they have been updated, hard to tell. The best way to find out is probably to run a packet sniffer again. I now the Gateway changes depending on your location therefore you have to find yours if you want this to work properly. Routes are going under IGMP Proxy but not your gateway. You have to manually entered your gateway under gateways as shown in this post. Thanks for the update on the spoofing of the Mac, I was unaware that some users did not have to spoof. Good news, make things a bit easier.
idscomm on Sunday, 06 December 2020 16:05

I forgot to mention, yes you are correct. If your TV works for about 10 seconds, this is most likely a IGMP issue. Make sure that you have the right gateway configured (under gateway), the routes under static routes and IGMP Proxy and make sure the option ALLOW IP OPTIONS is checked, this one can cause this kind of behaviors if not checked.

I forgot to mention, yes you are correct. If your TV works for about 10 seconds, this is most likely a IGMP issue. Make sure that you have the right gateway configured (under gateway), the routes under static routes and IGMP Proxy and make sure the option [b]ALLOW IP OPTIONS[/b] is checked, this one can cause this kind of behaviors if not checked.
Guest - Figo1976 on Sunday, 06 December 2020 15:25

Hi,

Just so happens, I’m trying to do the same thing! I’ve been a loyal Bell customer for almost a decade (just moved to Nova Scotia from Quebec) and now i am trying to take advantages of new wifi technologies and want to get rid of the HH3000. In my case, i bought a LinksysMX5 becuase i want to use a mesh system, and have tons of wifi peripherals using both 2.4hz and 5hz channels.

Questions. Is this legal? I mean can Bell Aliant complain or charge me fees for manipulating their hardware setup?

If so, and i have the right to change modem/routers without breaking any legal issues with Bell, what easy steps do i need to do? I got the new modem, he spf media converter, cables... i have isp address...simply put, without getting that pfsense software...just using the linksys app...what info i need to update my network settings so i can get internet thru my linksys? I have bell aliant, nova scotia.

Let me know, thank you!

Hi, Just so happens, I’m trying to do the same thing! I’ve been a loyal Bell customer for almost a decade (just moved to Nova Scotia from Quebec) and now i am trying to take advantages of new wifi technologies and want to get rid of the HH3000. In my case, i bought a LinksysMX5 becuase i want to use a mesh system, and have tons of wifi peripherals using both 2.4hz and 5hz channels. Questions. Is this legal? I mean can Bell Aliant complain or charge me fees for manipulating their hardware setup? If so, and i have the right to change modem/routers without breaking any legal issues with Bell, what easy steps do i need to do? I got the new modem, he spf media converter, cables... i have isp address...simply put, without getting that pfsense software...just using the linksys app...what info i need to update my network settings so i can get internet thru my linksys? I have bell aliant, nova scotia. Let me know, thank you!
idscomm on Sunday, 06 December 2020 16:32

Hi,

First of all, Welcome to Nova Scotia! This write-up was done for Atlantic Provinces using Bell Aliant therefore you are at the right place.

To answer your question if this is legal, I will say that yes it is (in my opinion). You are not doing anything illegal, you are simply using your own device to access a service you are paying for. You can't really "break" anything, worse case scenario is you won't be able to make things work with your own equipment and you can always revert back using their router.

If you were playing in the Bell Router config to a point where you "broke" something causing your service to stop then yes, they would most likely charge you fees to fix the issue. Other fees will depends on your contract with them (i.e.: unlimited Internet or not, etc). This has nothing to do with using your equipment or not. The decision is yours, I am not here to suggest people to use their own equipment but rather help them if this is what they want.

The only thing is that if you are using your own equipment and encounter issues, well, you're on your own!!! Bell will obviously not support clients using devices other than the modem they provided the them. My advice is that if you have issues, plug back their modem and see if things are working, if it does not, then you can call support. Since you are using their equipment they'll have to fix your problem.

To answer your question on how to do it with your LinksysMX5, I can't answer that since I am not using this type of router. You will have to look into the Router configuration to find similar options than the one discussed in this post for pfsense.

Hi, First of all, Welcome to Nova Scotia! This write-up was done for Atlantic Provinces using Bell Aliant therefore you are at the right place. To answer your question if this is legal, I will say that yes it is (in my opinion). You are not doing anything illegal, you are simply using your own device to access a service you are paying for. You can't really "break" anything, worse case scenario is you won't be able to make things work with your own equipment and you can always revert back using their router. If you were playing in the Bell Router config to a point where you "broke" something causing your service to stop then yes, they would most likely charge you fees to fix the issue. Other fees will depends on your contract with them (i.e.: unlimited Internet or not, etc). This has nothing to do with using your equipment or not. The decision is yours, I am not here to suggest people to use their own equipment but rather help them if this is what they want. The only thing is that if you are using your own equipment and encounter issues, well, you're on your own!!! Bell will obviously not support clients using devices other than the modem they provided the them. My advice is that if you have issues, plug back their modem and see if things are working, if it does not, then you can call support. Since you are using their equipment they'll have to fix your problem. To answer your question on how to do it with your LinksysMX5, I can't answer that since I am not using this type of router. You will have to look into the Router configuration to find similar options than the one discussed in this post for pfsense.
Guest - Figo1976 on Sunday, 06 December 2020 17:51

Thanks a lot for the quick reply! I don't' think either i'm doing anything bad by grabbing the fibre optic cable and plug it on a SPF converter, and then to a new router. I already tried. When I couldn't get the Linksys to work, I put it back as it was back to the HH3000, and nothing changed.

But I'll try again. I'll go over the specs you wrote in this article in more detail...and see if I can get the Linksys to work! The worst of this whole thing is that it's NOT made to be easy. I mean, transitioning between routers. It's not simply a "plug & play". I mean, we have all these new routers with better technology...and we are supposed to continue using the HH3000 just because Bell says so? My house is getting more and more smart products,...the bandwidth is getting narrower, the speed slower and the signal strength weaker. Now, I try to help improve my home internet by switching routers..and Bell doesn't seem to care. I talked to Tech Support department at Bell...and no one knows there what I'm asking, or worse, doesn't want to help! it's frustrating! I must've talked to 4-5different people...one didn't even know what a ISP is!! no joke!

If I can't make work the switch, i'll see if I can disable the wifi on the HH3000 and use it just a modem, then bridge the new Linksys router via LAN/WAN connection. it's not what I want, because i'd be limited by the 1gig LAN port...I think. But at least I'd be able to use a better WiFi technology. I think you mentioned an article about that DNZ thing...sounds like the "De nerd zone" ;-) Or...just change providers. Maybe Eastlink allow to have your own router?

Thanks again for your help! I might consult you again.

Thanks a lot for the quick reply! I don't' think either i'm doing anything bad by grabbing the fibre optic cable and plug it on a SPF converter, and then to a new router. I already tried. When I couldn't get the Linksys to work, I put it back as it was back to the HH3000, and nothing changed. But I'll try again. I'll go over the specs you wrote in this article in more detail...and see if I can get the Linksys to work! The worst of this whole thing is that it's NOT made to be easy. I mean, transitioning between routers. It's not simply a "plug & play". I mean, we have all these new routers with better technology...and we are supposed to continue using the HH3000 just because Bell says so? My house is getting more and more smart products,...the bandwidth is getting narrower, the speed slower and the signal strength weaker. Now, I try to help improve my home internet by switching routers..and Bell doesn't seem to care. I talked to Tech Support department at Bell...and no one knows there what I'm asking, or worse, doesn't want to help! it's frustrating! I must've talked to 4-5different people...one didn't even know what a ISP is!! no joke! If I can't make work the switch, i'll see if I can disable the wifi on the HH3000 and use it just a modem, then bridge the new Linksys router via LAN/WAN connection. it's not what I want, because i'd be limited by the 1gig LAN port...I think. But at least I'd be able to use a better WiFi technology. I think you mentioned an article about that DNZ thing...sounds like the "De nerd zone" ;-) Or...just change providers. Maybe Eastlink allow to have your own router? Thanks again for your help! I might consult you again.
idscomm on Sunday, 06 December 2020 19:10

I hear you when you say you called Bell and nobody knew what you were talking about... been there done that my friend! Usually when I call I know the Level 1 can't assist me... I need to speak to someone higher than the first line Tech Support who answer the phone.

When you switch equipment, yes you have to configure and optimize things and make sure everything works like it should... not really plug and play like you said. Obviously your speed with be limited to your "weakest" link on your network... it you have a switch which supports 1gb per port then yes, this will be your limit.

If nothing works for you, yes you can "bridge" the HH3000 and use it with your own router. It's not the same as the HH3000 will still be present but it is what it is. If you look at my other post you can find the documentation from Bell in regards to the DMZ activation which will forward all the traffic to the device you select (in most cases the router). Nothing will be filtered or blocked by the router... everything will pass therefore you need to make sure your router/firewall is properly configured. The other option on the Bell HH3000 is to let your router have the Public IP instead of the private address usually issued by the router through DHCP... It worked for me then stopped. I called Bell and like you said nobody had a clue what I was talking about, I ended up being told that if it was not working it was not their problem! Quite the customer service here... it is an option on your router, if it does not work, it is YOUR problem (not mine)! That is another reason why I was trying to ditch the HH3000!

I am not sure about Eastlink to be honest... not sure about the Router and bundle available...

I hear you when you say you called Bell and nobody knew what you were talking about... been there done that my friend! Usually when I call I know the Level 1 can't assist me... I need to speak to someone higher than the first line Tech Support who answer the phone. When you switch equipment, yes you have to configure and optimize things and make sure everything works like it should... not really plug and play like you said. Obviously your speed with be limited to your "weakest" link on your network... it you have a switch which supports 1gb per port then yes, this will be your limit. If nothing works for you, yes you can "bridge" the HH3000 and use it with your own router. It's not the same as the HH3000 will still be present but it is what it is. If you look at my other post you can find the documentation from Bell in regards to the DMZ activation which will forward all the traffic to the device you select (in most cases the router). Nothing will be filtered or blocked by the router... everything will pass therefore you need to make sure your router/firewall is properly configured. The other option on the Bell HH3000 is to let your router have the Public IP instead of the private address usually issued by the router through DHCP... It worked for me then stopped. I called Bell and like you said nobody had a clue what I was talking about, I ended up being told that if it was not working it was not their problem! Quite the customer service here... it is an option on your router, if it does not work, it is YOUR problem (not mine)! That is another reason why I was trying to ditch the HH3000! I am not sure about Eastlink to be honest... not sure about the Router and bundle available...
Ironman on Saturday, 06 February 2021 06:55

Here from NB. Cool stuff. I did removed my hh3k with a media convertor. Not a big deal, apart that I have to tag my vlan to port 35 and 34 for TV. The phone I don’t use it, but anyway I forwarded to my cell.
Now I want to replace the media convertor (on a 1.5/940 get 600/940), for something that I can manage and eventually get rid also of my consumer router (Asus GT-AX-11000).
Then my plan is like this :
Unifi UDMP to receive the gpon from bell on the wan2 spf+ -> Asus router -> wifi clients

Eventually that Asus router to be changed with some unifi router (udm) and access points from the same brand.

Is not about performance or issues, just why not.

Now, could be a pfsense thing, but I did not have to mirror any routing or hh3k stuff. Practically plug and play after the vlan tag).

I’m not a network expert, just an enthusiast, but the process could not be simple.

Thank you for sharing, I may give a try to pfsense on the future, but also I want to try the udm pro thing, just to take it out of my system.

Here from NB. Cool stuff. I did removed my hh3k with a media convertor. Not a big deal, apart that I have to tag my vlan to port 35 and 34 for TV. The phone I don’t use it, but anyway I forwarded to my cell. Now I want to replace the media convertor (on a 1.5/940 get 600/940), for something that I can manage and eventually get rid also of my consumer router (Asus GT-AX-11000). Then my plan is like this : Unifi UDMP to receive the gpon from bell on the wan2 spf+ -> Asus router -> wifi clients Eventually that Asus router to be changed with some unifi router (udm) and access points from the same brand. Is not about performance or issues, just why not. Now, could be a pfsense thing, but I did not have to mirror any routing or hh3k stuff. Practically plug and play after the vlan tag). I’m not a network expert, just an enthusiast, but the process could not be simple. Thank you for sharing, I may give a try to pfsense on the future, but also I want to try the udm pro thing, just to take it out of my system.
idscomm on Saturday, 06 February 2021 09:43

@Ironman, since this post I changed my configuration a bit. I now have the Bell GPON coming straight to my Unifi 24-Ports Switch (SFP port) where I created a VLAN 35, then added a standard port in the VLAN which goes back to my Firewall Internet connection port. It works like a charm.

Let me know if you manage to test the UDMP, I would be interested to know how it goes. I know that the Firewall features of the UDMP are lacking in some areas compared to other firewall. On my side I am a big fan of Check Point, I've been working with Check Point firewall for over 20 years where I tried different line of products. Great firewall overall. I do have many Unifi products here (Cameras, Access Point, Switches, Cloud Keys, etc). I thought about the UDMP but kept my Check Point for now as I believe the features are far more superior in my opinion (and based on the reviews I read).

Keep me posted and thanks for your comment.

@Ironman, since this post I changed my configuration a bit. I now have the Bell GPON coming straight to my Unifi 24-Ports Switch (SFP port) where I created a VLAN 35, then added a standard port in the VLAN which goes back to my Firewall Internet connection port. It works like a charm. Let me know if you manage to test the UDMP, I would be interested to know how it goes. I know that the Firewall features of the UDMP are lacking in some areas compared to other firewall. On my side I am a big fan of Check Point, I've been working with Check Point firewall for over 20 years where I tried different line of products. Great firewall overall. I do have many Unifi products here (Cameras, Access Point, Switches, Cloud Keys, etc). I thought about the UDMP but kept my Check Point for now as I believe the features are far more superior in my opinion (and based on the reviews I read). Keep me posted and thanks for your comment.
Ironman on Monday, 08 February 2021 20:21

Finally I cleaned my media shelve and now that I have the space for the udmp, i’ve triggered the order.
Will definitely let you know how that goes.
Still I’m not sure if I will do the unifi ap part, but I think could be an interesting learning time. I may not be able to appreciate or test the firewall piece, as at this point I use only the asuswrt firewall , but I’m sure the checkpoint is better, as it’s a niche product.
I may at least be able to compare speeds, etc.
As today with the 10gtek media convertor I get pretty close to what I pay, I’m looking to learn and understand better what the udmp can give me.
Thank you for sharing your knowledge.


Finally I cleaned my media shelve and now that I have the space for the udmp, i’ve triggered the order. Will definitely let you know how that goes. Still I’m not sure if I will do the unifi ap part, but I think could be an interesting learning time. I may not be able to appreciate or test the firewall piece, as at this point I use only the asuswrt firewall :D, but I’m sure the checkpoint is better, as it’s a niche product. I may at least be able to compare speeds, etc. As today with the 10gtek media convertor I get pretty close to what I pay, I’m looking to learn and understand better what the udmp can give me. Thank you for sharing your knowledge.
idscomm on Monday, 08 February 2021 20:54

I like sharing knowledge, this is the main purpose of my Website. I really appreciate when I can find information on something I’m working on (and obviously not working like it should LOL). This site is my way to give back to people, tech or simply IT enthusiasts! Thanks for the comment.

Keep me posted for sure and if you decide to go forward with AP and need a hand, let me know, like I said I have a bunch of Unifi products here and I have been using them for the last 6-7 years.

:) I like sharing knowledge, this is the main purpose of my Website. I really appreciate when I can find information on something I’m working on (and obviously not working like it should LOL). This site is my way to give back to people, tech or simply IT enthusiasts! Thanks for the comment. Keep me posted for sure and if you decide to go forward with AP and need a hand, let me know, like I said I have a bunch of Unifi products here and I have been using them for the last 6-7 years.
Ironman on Sunday, 14 February 2021 10:12

And the udmp is here. Took a while as purolator was very busy with the Valentine’s Day.
Still playing around but what I see is not a very impressive. Always having an all in one will be less than having specific devices.

Setup
———-
Took the GPON and put it on the spf+, very plug and play after fired up.
However the first problem, only one vlan can be tagged from the wan2.
The only workaround will be to put a switch in between and then tag the ports. Bye bye Fibe TV (not a big deal, we don’t watch tv). The for the purpose of having the bell internet coming in, we are all good.
Speed was not affected, still is not synchronizing at 2.5 (shows only 1000). Then I’m getting 750/700 wired.

Usage
———-
Has a lot of features. Networks, protection, firewall, but all very simple. Still I don’t adventure the ssh side, but my first feeling is that will work, but not sure how deep could be done the setup.
My two Asus AP are working, however if I want to adventure on IoT isolation and more vlan, etc. Looks like the only way will be to “upgrade” to the access point (thinking on a couple UAP-AC-Pro). However here are not that many options locally (Munro in SJ seems to have unifi devices).
For now I will just setup one of the asus AP to a specific wired port and vlan from there, just to at least have the playing time and all the possible setups investigated.

How about the access points?. I have a large sub-urban house to cover (2 floors + basement), 3 very demanding end users and around 70 devices (mainly IoT). Will be a 2-3 UAP-AC-PRO be enough?.

Thank you

And the udmp is here. Took a while as purolator was very busy with the Valentine’s Day. Still playing around but what I see is not a very impressive. Always having an all in one will be less than having specific devices. Setup ———- Took the GPON and put it on the spf+, very plug and play after fired up. However the first problem, only one vlan can be tagged from the wan2. The only workaround will be to put a switch in between and then tag the ports. Bye bye Fibe TV (not a big deal, we don’t watch tv). The for the purpose of having the bell internet coming in, we are all good. Speed was not affected, still is not synchronizing at 2.5 (shows only 1000). Then I’m getting 750/700 wired. Usage ———- Has a lot of features. Networks, protection, firewall, but all very simple. Still I don’t adventure the ssh side, but my first feeling is that will work, but not sure how deep could be done the setup. My two Asus AP are working, however if I want to adventure on IoT isolation and more vlan, etc. Looks like the only way will be to “upgrade” to the access point (thinking on a couple UAP-AC-Pro). However here are not that many options locally (Munro in SJ seems to have unifi devices). For now I will just setup one of the asus AP to a specific wired port and vlan from there, just to at least have the playing time and all the possible setups investigated. How about the access points?. I have a large sub-urban house to cover (2 floors + basement), 3 very demanding end users and around 70 devices (mainly IoT). Will be a 2-3 UAP-AC-PRO be enough?. Thank you:)
idscomm on Wednesday, 17 February 2021 20:12

That's what I got from people's feedback. The device is great in general but lack in features and flexibility on the Firewall side. I agree with you, having a all in one device could be nice but with some drawback. I can see that you are already running into some configuration issues...

In regards to access point, I bought the NanoHD here and my coverage is sufficient (I have a bungalow with a walkout basement so fairly good size). I can't go too far in the driveway before I loose signal. I had an older AP-AC Lite which I added to my setup in the garage to cover some dead spot. So far so good.

Some people are being cautious now with Ubiquiti since they dropped the Unifi Video and "forced" people to sign in through their cloud to access their CloudKey Gen 2 (and UDMP)... some people are not happy, I personally would love to be able to keep everything local (no cloud sync or login).

You have a lot of devices for sure. Here I have 25 on WIFI and 24 Wired. No issues on my side. IoT devices don't usually take a lot of bandwidth unless you're including Streaming stick in IoT devices... As per Ubiquiti, "The UniFi nanoHD is a compact 4x4 MU-MIMO 802.11ac Wave 2 dual-band access point with an aggregate radio rate of over 2 Gbps and supports over 200 concurrent users."

Hope this helps. Keep me posted.

That's what I got from people's feedback. The device is great in general but lack in features and flexibility on the Firewall side. I agree with you, having a all in one device could be nice but with some drawback. I can see that you are already running into some configuration issues... In regards to access point, I bought the NanoHD here and my coverage is sufficient (I have a bungalow with a walkout basement so fairly good size). I can't go too far in the driveway before I loose signal. I had an older AP-AC Lite which I added to my setup in the garage to cover some dead spot. So far so good. Some people are being cautious now with Ubiquiti since they dropped the Unifi Video and "forced" people to sign in through their cloud to access their CloudKey Gen 2 (and UDMP)... some people are not happy, I personally would love to be able to keep everything local (no cloud sync or login). You have a lot of devices for sure. Here I have 25 on WIFI and 24 Wired. No issues on my side. IoT devices don't usually take a lot of bandwidth unless you're including Streaming stick in IoT devices... As per Ubiquiti, [i]"The UniFi nanoHD is a compact 4x4 MU-MIMO 802.11ac Wave 2 dual-band access point with an aggregate radio rate of over 2 Gbps and supports over 200 concurrent users."[/i] Hope this helps. Keep me posted.
Ironman on Wednesday, 17 February 2021 20:51

I saw the nano, interesting info, I will take a look maybe this week.
I just finished setting up my new office on the basement, as my wife is working from home, she got my office on the second floor as I really wanted to move closer to the fiber :-).
I get very decent speeds out of the udmp (~800 down / 950 up) very similar to the media convertor, but with all the extras. I don’t see big changes with idp and threat management enabled (750/800).
For the cloud stuff, I can see how some people could be unhappy. But the udmp only ask you for the cloud to start, after the setup is completed you can ditch the cloud user and manage all with a local one.
Before unifi I’ve contemplated the enGenius solution, but seems that there are some of the switches and ap that get locked to the user and can’t be associated with a new one.
Still I see the udmp as a very nice acquisition, next will be the AP (maybe 2-3). When I Tried to use the two asus as AP, even on different channels they kept crashing to each other. Thank you again.

0
I saw the nano, interesting info, I will take a look maybe this week. I just finished setting up my new office on the basement, as my wife is working from home, she got my office on the second floor as I really wanted to move closer to the fiber :-). I get very decent speeds out of the udmp (~800 down / 950 up) very similar to the media convertor, but with all the extras. I don’t see big changes with idp and threat management enabled (750/800). For the cloud stuff, I can see how some people could be unhappy. But the udmp only ask you for the cloud to start, after the setup is completed you can ditch the cloud user and manage all with a local one. Before unifi I’ve contemplated the enGenius solution, but seems that there are some of the switches and ap that get locked to the user and can’t be associated with a new one. Still I see the udmp as a very nice acquisition, next will be the AP (maybe 2-3). When I Tried to use the two asus as AP, even on different channels they kept crashing to each other. Thank you again.
ekimseekem on Thursday, 18 February 2021 19:22

Hey Ironman!

I'm super happy to see someone has got a UDM-P and connected their Bell Fibe directly to it. I'm working on that also, but seem to be having issues.

On WAN2, I'm setting the DNS servers and tagging the interface with VLAN ID 35. I only have Fibe Internet, no TV or phone.

Per this article, I'm cloning the MAC address of the HH3000 onto eth9.35 via SSH with this command: ip link set dev eth9.35 address xx:xx:xx:xx:xx:xx (There doesn't appear to be a way to clone MAC addresses from within the Unifi Network web console for the UDM/P)

After connecting the SFP module and cable, that interface is not coming up and getting an IP address, am I missing anything? I think you rebooted your UDMP, will the MAC address clone command persist after reboot? Do I still need a switch in front of my UDMP for VLAN tagging?

Kind regards

Hey Ironman! I'm super happy to see someone has got a UDM-P and connected their Bell Fibe directly to it. I'm working on that also, but seem to be having issues. On WAN2, I'm setting the DNS servers and tagging the interface with VLAN ID 35. I only have Fibe Internet, no TV or phone. Per this article, I'm cloning the MAC address of the HH3000 onto eth9.35 via SSH with this command: ip link set dev eth9.35 address xx:xx:xx:xx:xx:xx (There doesn't appear to be a way to clone MAC addresses from within the Unifi Network web console for the UDM/P) After connecting the SFP module and cable, that interface is not coming up and getting an IP address, am I missing anything? I think you rebooted your UDMP, will the MAC address clone command persist after reboot? Do I still need a switch in front of my UDMP for VLAN tagging? Kind regards
Ironman on Thursday, 18 February 2021 19:55

Hey, I’m in New Brunswick, then could be different depending where you are.
On my case I just plug it in the port 10 and setup the vlan 35 for the spf +, and got the IP address. No setup, no Mac cloning, nothing.
However, I’ve read on people with the huawei ONT having issues. I have the Alcatel one, and was literally plug and play.
What I will try, connect the udmp to your existing modem and update the udmp, check if they support the model of gpon you have.
For fun I’ve tried just connecting the wan to the media convertor I used before and all was the same, just vlan 35.
I know in other places in Canada you have to put the PPPOE credentials, but ok the phone I don’t see a way to do it, then you may need to plug your udmp to the hh3k and then do that after setup.

Let me know how that goes.

0
Hey, I’m in New Brunswick, then could be different depending where you are. On my case I just plug it in the port 10 and setup the vlan 35 for the spf +, and got the IP address. No setup, no Mac cloning, nothing. However, I’ve read on people with the huawei ONT having issues. I have the Alcatel one, and was literally plug and play. What I will try, connect the udmp to your existing modem and update the udmp, check if they support the model of gpon you have. For fun I’ve tried just connecting the wan to the media convertor I used before and all was the same, just vlan 35. I know in other places in Canada you have to put the PPPOE credentials, but ok the phone I don’t see a way to do it, then you may need to plug your udmp to the hh3k and then do that after setup. Let me know how that goes.
idscomm on Thursday, 18 February 2021 20:29

Hi ekimseekem,

Welcome to the blog! Someone mentioned to me that it wasn’t necessary to clone the MAC anymore, I haven’t tested this but that explains why it worked for @ironman.

0
Hi ekimseekem, Welcome to the blog! Someone mentioned to me that it wasn’t necessary to clone the MAC anymore, I haven’t tested this but that explains why it worked for @ironman.
Guest - Ray on Thursday, 11 February 2021 22:50

Do I still need to provide Fibe in username and password to make this work? In your old post (https://www.idscomm.ca/blog/bell-fibe-with-your-own-router), you put in the username and password.

The reason I would like to ditch HH3K is because I have 1.5gbps speed (I get 1.2gbps when I speed test within HH3K) but I am only getting 900mbps.

Any suggestion on the hardware to get 1.5gbps speed or at least around 1.2gbps?

Thanks.

Do I still need to provide Fibe in username and password to make this work? In your old post (https://www.idscomm.ca/blog/bell-fibe-with-your-own-router), you put in the username and password. The reason I would like to ditch HH3K is because I have 1.5gbps speed (I get 1.2gbps when I speed test within HH3K) but I am only getting 900mbps. Any suggestion on the hardware to get 1.5gbps speed or at least around 1.2gbps? Thanks.
idscomm on Thursday, 11 February 2021 23:51

You only need a username and password if your connection uses PPPoE. In regards to the equipment to get the full speed, you’ll need something that supports 10Gb but keep in mind that if your local network uses 1Gb switch or 1Gb Network Cards, you will encounter a bottleneck...

You only need a username and password if your connection uses PPPoE. In regards to the equipment to get the full speed, you’ll need something that supports 10Gb but keep in mind that if your local network uses 1Gb switch or 1Gb Network Cards, you will encounter a bottleneck...
Ironman on Friday, 12 February 2021 09:48

The hh3k, I believe, can synchronize at 2.5gbps,but the Ethernet can’t give more than 1g. Then having the hh3k you can’t get more than 1g. The bottle neck is the hh3k Ethernet, and because bell use qos, you never will get more than what you have in the contract.
To improve that you will need some time equipment, then you have to define if that will be worth the 200-500mbps extra.
Unifi (Ubiquiti), mikrotik, méralo, others come to my head.
Currently I’m waiting for some unifi equipment, but I will have the same restriction as the synchronization on the one that I bought is only 1 or 10 at the spf+ and not 2.5.
What I’m trying to say, is that there are a lot of hardware that you can get, but will require some work and tuning to get the extra speed. If you are also looking for extra functionality, and obviously you have money to burn, you can design a nice unifi or mikrotik network and test what is the best for your own scenario.
To me the ideal world will be at least a switch that sync to 2.5g to the Bell gpon, and that will be anything between $500-$1000, and then you can put a router, firewall, etc. Then you may be looking for an over $1500 project...

The hh3k, I believe, can synchronize at 2.5gbps,but the Ethernet can’t give more than 1g. Then having the hh3k you can’t get more than 1g. The bottle neck is the hh3k Ethernet, and because bell use qos, you never will get more than what you have in the contract. To improve that you will need some time equipment, then you have to define if that will be worth the 200-500mbps extra. Unifi (Ubiquiti), mikrotik, méralo, others come to my head. Currently I’m waiting for some unifi equipment, but I will have the same restriction as the synchronization on the one that I bought is only 1 or 10 at the spf+ and not 2.5. What I’m trying to say, is that there are a lot of hardware that you can get, but will require some work and tuning to get the extra speed. If you are also looking for extra functionality, and obviously you have money to burn, you can design a nice unifi or mikrotik network and test what is the best for your own scenario. To me the ideal world will be at least a switch that sync to 2.5g to the Bell gpon, and that will be anything between $500-$1000, and then you can put a router, firewall, etc. Then you may be looking for an over $1500 project...
ekimseekem on Thursday, 18 February 2021 23:51

Ironman & idscomm,

Seems I can't reply to your replies directly.

I'm in rural NS and just got Fibe last year with their big roll out. I've called their support a couple times and at least one tech said I needed to clone MAC address but that I should talk to Ubiquiti about the details, can't always trust those guys so it might be that I don't need to clone the MAC.

I've got the following SFP module: Nokia GPON ONT SFP G-010S-A

If it's not compatible with my UDMP, can I get a different one that is and have it still work with Bells service?

Ironman & idscomm, Seems I can't reply to your replies directly. I'm in rural NS and just got Fibe last year with their big roll out. I've called their support a couple times and at least one tech said I needed to clone MAC address but that I should talk to Ubiquiti about the details, can't always trust those guys so it might be that I don't need to clone the MAC. I've got the following SFP module: Nokia GPON ONT SFP G-010S-A If it's not compatible with my UDMP, can I get a different one that is and have it still work with Bells service?
idscomm on Friday, 19 February 2021 06:45

Are you using the GPON that came with the Bell Modem? Like I mentioned in this blog, Bell DHCP used the GPON serial number to give addresses to their clients. I was unable to obtain an IP address using a different GPON, I tired but it didn’t work (even when cloning the MAC). Unless it changed, you have to used their GPON.

Are you using the GPON that came with the Bell Modem? Like I mentioned in this blog, Bell DHCP used the GPON serial number to give addresses to their clients. I was unable to obtain an IP address using a different GPON, I tired but it didn’t work (even when cloning the MAC). Unless it changed, you have to used their GPON.
ekimseekem on Friday, 19 February 2021 09:48

Yup, that was the module in my Bell modem. I looked on Ubiquity's compatibility chart and can't find it: https://help.ui.com/hc/en-us/articles/212561258-UniFi-USW-Which-SFP-Modules-Can-be-Used

However, it seems like someone else got that GPON working with their UDM-P: https://www.reddit.com/r/Ubiquiti/comments/gh338z/dream_machine_pro_slow_wan_sfp_speeds/

Hope i'm not stuck...

Yup, that was the module in my Bell modem. I looked on Ubiquity's compatibility chart and can't find it: https://help.ui.com/hc/en-us/articles/212561258-UniFi-USW-Which-SFP-Modules-Can-be-Used However, it seems like someone else got that GPON working with their UDM-P: https://www.reddit.com/r/Ubiquiti/comments/gh338z/dream_machine_pro_slow_wan_sfp_speeds/ Hope i'm not stuck...
ekimseekem on Friday, 19 February 2021 16:41

Good news, I'm up and running with the different GPON! See my reply to Ironman below.

Good news, I'm up and running with the different GPON! See my reply to Ironman below.
Ironman on Friday, 19 February 2021 07:20

If you are in rural NS, you should only need the vlan tag 35.
If you are using the bell’s gpon, then should be all good. No need to clone the MAC address as the validation goes against the gpon, not your modem.
Some people needed to release the public up address from their hh3k before.
I will suggest to test your network with the hh3k (assuming that you got one) and then when you have all working connect the gpon on the udmp.
Also, the udmp could take up to 10 min getting the connection.
Ensure that you are plugging the gpon correctly on the udmp (a light should be coming on in port 10)
I’ve added some pics here
https://photos.app.goo.gl/bXJD2nAwqvj3ec519



If you are in rural NS, you should only need the vlan tag 35. If you are using the bell’s gpon, then should be all good. No need to clone the MAC address as the validation goes against the gpon, not your modem. Some people needed to release the public up address from their hh3k before. I will suggest to test your network with the hh3k (assuming that you got one) and then when you have all working connect the gpon on the udmp. Also, the udmp could take up to 10 min getting the connection. Ensure that you are plugging the gpon correctly on the udmp (a light should be coming on in port 10) I’ve added some pics here https://photos.app.goo.gl/bXJD2nAwqvj3ec519
ekimseekem on Friday, 19 February 2021 16:46

Per your suggestions, I got it running! You were indeed correct, I didn't need to clone the MAC, just needed to set VLAN to 35 and rebooted my UDM-P. After it started, the connection lights started blinking for the SFP port and I got one of Bell's IP addresses on WAN2.

I did use your recommendation and released the IP from my HH3000 before powering it off and yanking the cable/GPON out. That might have also made a difference.

On WAN2, I also specified Bell's DNS servers, wasn't sure if those are required either?

Per your suggestions, I got it running! You were indeed correct, I didn't need to clone the MAC, just needed to set VLAN to 35 and rebooted my UDM-P. After it started, the connection lights started blinking for the SFP port and I got one of Bell's IP addresses on WAN2. I did use your recommendation and released the IP from my HH3000 before powering it off and yanking the cable/GPON out. That might have also made a difference. On WAN2, I also specified Bell's DNS servers, wasn't sure if those are required either?
Ironman on Friday, 19 February 2021 16:53

Woot woot
I don’t have the dns there, and they came automatically.
Now waiting for the udmp to synchronize to 2.5 and eventually put the APs

Woot woot I don’t have the dns there, and they came automatically. Now waiting for the udmp to synchronize to 2.5 and eventually put the APs
idscomm on Wednesday, 03 March 2021 20:08

So everything still running smooth with the UDMP?

0
So everything still running smooth with the UDMP?
Ironman on Wednesday, 03 March 2021 21:49

Got my hands full lately and no progress at all on anything else than work. I should have time on the next week or two to see if I can get an ap to test . Still not very impressed with the udmp, I think will make a lot more sense with more equipment around.
Speed wise the udmp doesn’t compare to the hh3k, what at the end makes sense as bell customized to their needs.
Asked about Rogers business on my area and that also doesn’t work...1g / 80mbps

Will keep playing around and see if I can make it work. For now I’m with the Asus and the guest network for IoT.

Got my hands full lately and no progress at all on anything else than work. I should have time on the next week or two to see if I can get an ap to test ;). Still not very impressed with the udmp, I think will make a lot more sense with more equipment around. Speed wise the udmp doesn’t compare to the hh3k, what at the end makes sense as bell customized to their needs. Asked about Rogers business on my area and that also doesn’t work...1g / 80mbps Will keep playing around and see if I can make it work. For now I’m with the Asus and the guest network for IoT.
ekimseekem on Thursday, 04 March 2021 09:57

I'm not getting matched speeds either, but i don't really blame that on the UDMP. I did some parallel downloading from an Amazon S3 bucket to a Linux server i'm running, about 10 files around 10GB each and it only took a couple minutes for all 10.

With Bell, you'll only get the full speed of the fiber connecting to their head-end office, mine appears to be Sydney NS. Even doing a speed test to Halifax, which is closer to me, I only see about 70% of my total bandwidth speed, but it's making a couple hops there. The UDMP's speed test server barely breaks 200 Mbps, but it appears to be a server in Quebec?

I have noticed way better latency consistancy in online gaming, playing Rocket League, i'm right around 50-60 ping. Before, on Eastlink, my ping would be anywhere between 60 and 150 ping, giving me lots of in-game lag.

I'm not getting matched speeds either, but i don't really blame that on the UDMP. I did some parallel downloading from an Amazon S3 bucket to a Linux server i'm running, about 10 files around 10GB each and it only took a couple minutes for all 10. With Bell, you'll only get the full speed of the fiber connecting to their head-end office, mine appears to be Sydney NS. Even doing a speed test to Halifax, which is closer to me, I only see about 70% of my total bandwidth speed, but it's making a couple hops there. The UDMP's speed test server barely breaks 200 Mbps, but it appears to be a server in Quebec? I have noticed way better latency consistancy in online gaming, playing Rocket League, i'm right around 50-60 ping. Before, on Eastlink, my ping would be anywhere between 60 and 150 ping, giving me lots of in-game lag.
Already Registered? Login Here
Guest
Thursday, 22 April 2021

 

MCP logo

      A+ logo       Network+ logo       CIOS logo   BlackBag CBE