Mini over VPN

Discussion in 'TiVo Mini' started by David B Gregory, Jan 1, 2019.

  1. UnitMaster

    UnitMaster New Member

    28
    12
    Jan 30, 2019
    The Netflix testing app as nothing to do with the Netflix streaming rate. It is a utility there so the Netflix engineers (or anyone) can test your actual network link speed. Does anyone on an A93 have a rate higher that 10.x speeds? If so please let us know as this shows the true speed of the link speed of your Mini A93. If any of you have an A95 Vox mini, run the exact same Netflix network speed test on those and see the change. The A95 has a true 100 meg uncapitated connection.

    What all of this tells you is that Tivo capitates speeds internally at 10 mbs of the A93's. Who knows why they do this. It could be at the time they were released, they assumed most home networks were 10baseT. But I'm telling you that the A93's don't run faster the 10 megs.
     
  2. krkaufman

    krkaufman TDL shepherd

    15,476
    2,797
    Nov 25, 2003
    The A95 Mini VOX has a Gigabit Ethernet port.

    p.s. Note that the Mini VOX is 4K-capable, so Netflix may use a different test approach (conditions, servers) for the A95 than it does for the older Minis.
     
    Last edited: Mar 10, 2019
  3. krkaufman

    krkaufman TDL shepherd

    15,476
    2,797
    Nov 25, 2003
    And it’s been reasonably demonstrated that all Minis most definitely do better than 10 Mbps, since streaming live or recorded MPEG2 content from their host DVR can require 20 Mbps. (Use KMTTG to identify a program’s bitrate, then stream it to a Mini.)

    The Netflix test is NOT a reliable test of a device’s LAN throughput max.
     
  4. Time_Lord

    Time_Lord Member

    268
    17
    Jun 4, 2012
    just shy of 17Mb/s... this is from my switch, so "output" is from the switch to the Mini (see below).

    about the max I've see is 19Mb/s, depends upon what you are watching, fast moving High def images (eg sports) tend to use more bandwidth, like others said it depends upon the compression used and how efficient it is on the content being watched.

    -TL


    GigabitEthernet1/0/5 is up, line protocol is up (connected)
    Hardware is Gigabit Ethernet, address is 0008.2fe5.8505 (bia 0008.2fe5.8505)
    Description: TiVO Mini (My Desk)
    MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
    reliability 255/255, txload 43/255, rxload 1/255
    Encapsulation ARPA, loopback not set
    Keepalive set (10 sec)
    Full-duplex, 100Mb/s, media type is 10/100/1000BaseTX
    input flow-control is off, output flow-control is unsupported
    ARP type: ARPA, ARP Timeout 04:00:00
    Last input never, output 00:00:01, output hang never
    Last clearing of "show interface" counters never
    Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 7850
    Queueing strategy: fifo
    Output queue: 0/40 (size/max)
    30 second input rate 481000 bits/sec, 830 packets/sec
    30 second output rate 16966000 bits/sec, 1475 packets/sec

    74934763 packets input, 5416727407 bytes, 0 no buffer
    Received 204815 broadcasts (100243 multicasts)
    0 runts, 0 giants, 0 throttles
    0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
    0 watchdog, 100243 multicast, 0 pause input
    0 input packets with dribble condition detected
    132042216 packets output, 142276270533 bytes, 0 underruns
    0 output errors, 0 collisions, 1 interface resets
    0 unknown protocol drops
    0 babbles, 0 late collision, 0 deferred
    0 lost carrier, 0 no carrier, 0 pause output
    0 output buffer failures, 0 output buffers swapped out
     
    Last edited: Mar 10, 2019
    HerronScott likes this.
  5. southerndoc

    southerndoc TiVo Fanatic TCF Club

    685
    50
    Apr 4, 2003
    Atlanta, GA USA
    I've often found that slow connections (100 instead of gig) is often due to a bad cable. Just too much noise on the cable.
     
  6. cwoody222

    cwoody222 Well-Known Member

    11,784
    374
    Nov 13, 1999
    Buffalo, NY
    My partner got this setup working this week.

    I don’t fully understand all he did but this is the basics, I think.

    We both have Gigabit Fios at our homes. He set up servers with VPN at both locations, on the same subnet. Then he used Sophos firewall software on both to make the setup think it was on the same network. It took him a bit of experimentation to get the setup correct in Sophos. There was also some checkbox in Windows related to virtualization that he had to discover and uncheck.

    He setup his Bolt at my place, connected to my server via Ethernet. It will connect perfectly to his multiple Mini Vox units at his place.

    He said everything works flawlessly - playing, recording, trickplay, etc. he says he literally cannot tell the difference from when the Bolt was at his house.

    Upload and download usage at both locations is minimal. Since Fios is symmetrical, I was watching 4K HDR Netflix on WiFi on a non-TiVo device while he was accessing the Bolt from his place. Not even a hiccup.

    We (well, he) did it was a proof of concept and it works perfectly.
     
    Last edited: Apr 25, 2020
  7. David B Gregory

    David B Gregory Member

    66
    13
    Feb 25, 2018
     
  8. David B Gregory

    David B Gregory Member

    66
    13
    Feb 25, 2018
    I am glad to see someone got it working. I purchased two TP-Link VPN routers with the hope of setting up a subnet from my Florida home where I have gigabit up/down to my summer place. I worked on the configurations for days without luck, basically I need someone in each location to change configs and test, so I bought an Amazon Recast and can remotely watch my OTA channels via streaming with no problems.
     
  9. bbloom96

    bbloom96 New Member

    7
    1
    Mar 11, 2016
    I use a slingbox and an A93 mini with the slingbox app on a firestick. I can watch anything on my DVR or live TV over a 5Mb internet connection at my farm in Iowa or my cabin on the river using my phones internet hotspot.

    The controls are a little slow, but the streaming is great.
     
    kpeters59 likes this.
  10. kdmorse

    kdmorse Well-Known Member TCF Club

    7,344
    1,507
    Jan 29, 2001
    Germantown, MD
    I think the last time I tried a Mini over a VPN, it was symmetrical FIOS 75Mbps, to a Comcast 50/10Mbps, with about 25ms RTT between the two. It didn't go entirely well. We were unable to set up the Mini remotely, we had to move the Mini and the Parent to the same location. Once set up, we could then move the Mini to the remote location, but the experience was, substandard. Live TV never worked well, playing recordings worked, but with issues that would bounce you out of the program back to Tivo central repeatedly if someone dared try to use the line for anything else. It was very, very twitchy if the line was ever anything other than 100% perfect. On the same VPN, we had Premiers (and now Roamios and Bolts) merrily doing MRS and MRV without issue.

    Now the same setup is running symmetrical 1G at both ends, with a 4ms in tunnel response time. We should probably try Mini's again, except each location now has multiple parent boxes, the parent boxes talk over the VPN, and the mini's all talk to their local parents, and there's no real need to try to cross connect them other than curiosity. But it's good to know that it might work.
     
  11. rcliff

    rcliff Member

    198
    4
    Jun 16, 2001
    New York
    Greetings. I'm trying to set up something similar for my vacation cottage and have a ipsec VPN tunnel and presumably adequate bandwidth between sites. Routing is working fine by directionally between the sites and I'm see throughput of about 20Mb/sec. No issues ping devices across the VPN and zero packet loss. The issue is that the Mini does not see the Bolt on the other side of the VPN and there is no way to manually assign the IP of the bolt (server) to the mini. By definition, each end of the VPN must be on a different subnet so that the traffic is routable, in this case one network is 192.168.1.0/24 and the other 192.168.100.0/24. I think the Mini expects the bolt to be on the same subnet and is not discovering the bolt. How did you guys get the mini to discover the Bolt(s) across the VPN? Thanks for any assistance
     
    Xavmt78 likes this.
  12. kdmorse

    kdmorse Well-Known Member TCF Club

    7,344
    1,507
    Jan 29, 2001
    Germantown, MD
    I think you'll find tricking the Tivo's into working does indeed require a Bridge based VPN, with the same subnet on both sides (from the tivo's point of view). Everyone manages the details a implementation a bit differently. Back when lines were slower, it was important to keep 'unnecessary' traffic off the bridge, but with line speeds these days, you almost don't have to worry about it. It's easy enough to run one location as 192.168.1.0/23, the other at 192.168.2.0/23, and just block DHCP on the bridge. My personal implementation is older, (no need to rebuild it), where I leave each side it's own subnet, then build a bridged supernet just for the tivo's. (Site a, 192.168.1.0/24, site b 192.168.2.0/24, but the tivos get a netmask of /23, and the bridge carries only L2 tivo<->tivo traffic filtered by mac address).

    I cannot imagine a path to success using ipsec in Tunnel mode, due to the limitations of, well, it's just not designed to do that. Maybe you could twist Transport mode into doing something for you, but I don't really know, I wouldn't put any money on getting the broadcasts across. Underneath virtually every working Tivo VPN, you'll find an instance of OpenVPN (be it run on it's own, or embedded in a router).
     
    kpeters59 likes this.
  13. rcliff

    rcliff Member

    198
    4
    Jun 16, 2001
    New York
    Thanks for that. I don't think my current firewalls support bridged VPN with the exception of mobile clients. Do you have any info on how the Mini's discovery process works? What protocols it uses and whether there are broadcast services as well?
     
  14. ringo574

    ringo574 New Member

    12
    2
    Feb 13, 2006
    I made a couple post on here about how I got my Mini connected over OpenVPN and I don't remember what the protocol is because it has been so long since I set it up but I can tell you that I'm forwarding port 943 on the server side and that port is a Microsoft Silverlight port. And if I'm forwarding that port I must have read something somewhere about having to forwarding that port. Its been more that 4 years since I've been up and still running fine. Occasionally I check on here to see if others are attempting this and to offer some help.
     
    rcliff likes this.
  15. kdmorse

    kdmorse Well-Known Member TCF Club

    7,344
    1,507
    Jan 29, 2001
    Germantown, MD
    At the very least, Tivo's expect to be able to see each other with UDP Broadcasts to 2190 (old Beacon protocl), and Multicasts to udp 1902 (SSDP) and 5353 (mDNS). Once they find each other, they at the very least expect TCP ports 2191 and 1413 to be open for unit to unit conversations. Mini's are known to fall off the network if they cannot form reliable multicast groups with their parent or get pruned by IGMP.

    This is not an all-inclusive list. One mans personal opinion - it doesn't matter. At the end of the day, they will fail to talk to each other if they detect they aren't on the same subnet (they check - to prevent exactly what you're trying to do). So rig it so they're on the same subnet/broadcast domain, permitting full connectivity between them, and everything else falls into place.

    Were it me (fair warning, I'm a crazy person), starting with what you already have, I might simply grab two systems capable of running linux (Raspberri Pi's would probably work), and drop one in each subnet (local network only, no external connection). Toss OpenVPN on each Pi (disabling encryption), and build a bridge mode UDP vpn from one pi to another (using internal addresses only, as your existing ipsec router will permit the two pi's to talk). Then each pi bridges the vpn0 interface to eth0, with ebtables rules in place to only permit the MAC address of known Tivo's to cross from eth0 to vpn0 (at each end). Either static, or use a DHCP server capable of lying, to give the Tivo's a netmask of 255.255.0.0, but ip addresses and routers in your subnet. They will think they're on the same network, arp for each other (arps go into local pi's eth0, forwarded to vpn0 -> remote pi's vpn0 -> remote network eth0), and find their friends mac addresses. They will each be able to also talk to their respective local networks, use the local router, dns, etc... (But due to the shenanigans in play, they will not be able to talk to non-tivo's on the other site, so no cross site kmttg, etc.. unless you do even sillier things. )

    But as I said, I'm a crazy person. In my world, *all* problems can be solved with the addition of just one more linux router... ;)
     
    rcliff likes this.
  16. Xavmt78

    Xavmt78 New Member

    1
    2
    May 16, 2020
    Buffalo, NY
    Hi rcliff,

    Setup was relatively straightforward.

    1) We used Sophos XG Firewall (Sophos offers free uncrippled firewall for home use) at both sites. I opted to use Sophos XG as the RED (Remote Ethernet Device) feature setup acts as a virtual ethernet connection, it allows for both ends of the network to seamlessly appear on the same subnet and passes broadcasts across the tunnel without restrictions.

    2) Between these firewalls, we created a RED VPN tunnel and bridged both ends of the tunnel to a physical NIC to allow ethernet connection between the Bolt at site A and the Mini's at site B.

    3) Plug in your TiVOs and go.

    That said, there is a caveat you are most likely to encounter. Once you successfully establish a remote link between your Tivo Bolt and Mini(s), I learned that when you begin to view a recording on a mini, the mini first pings the Bolt to check network quality. If the ping is to high, the Mini will throw a V113 error. You could have excellent speeds (bandwidth) at both sites but should this ping be too high it will fail. I have included a link below for a bit more info. It appears you will need to call support and convince them to disable the RTT check.

    https://support.tivo.com/articles/Device_Error_Code/V113-Error-Code

    As was previously mentioned, we both have FiOS at each of our homes and I know we just happen to be served from the same central office. The ping times between our locations is 1ms. I have tried this same setup between Spectrum and a FiOS connection and kept getting the v113 error. the ping times I observed was 23ms which was apparently failing TiVO's network quality checks.

    Presently, when using the TiVO mini remotely, I have observed peak bandwidth usage of no more than 15-18Mbps. This is important to bear in mind so that you are placing your Bolt at the site with the larger upload bandwidth connection.

    For me the PROS of this setup is it truly is seamless, menu guides, recordings etc, everything operations as if the Bolt is in the same location. There is no lags or degradation of picture quality; 4k streams work flawlessly.

    The CONS of this setup; it can become a bit technical and frustrating to implement.

    Alternative setup is a Slingbox, it's obvious it will work, but seriously how boring is that :) I really enjoyed the challenge of getting this to work. If you have any questions shoot an email.
     
    rcliff and cwoody222 like this.
  17. rcliff

    rcliff Member

    198
    4
    Jun 16, 2001
    New York
    Great replies here guys. Thank you. I'm wondering if I could take couple of old linksys routers running dd-wrt and use openvpn to create a L2 ethernet tunnel? Or maybe the performance will not be adequate with that hardware? More importantly, I'm also not sure if my connection will be stable enough to support the required perfect link (zero packet loss). Surely a packet may be dropped on rare occasion and if that causes the tivo to throw an error then this will be nothing but a nuisance. I do have a slingbox m2 that I haven't used in a while that I might dust off. While less than perfect from a usability standpoint, it works reasonably well and is quite forgiving on the connection.
     
  18. ringo574

    ringo574 New Member

    12
    2
    Feb 13, 2006
    Not enough power
    Accessing TiVo Content from 2nd Home
    2nd post down
     
  19. rcliff

    rcliff Member

    198
    4
    Jun 16, 2001
    New York
    Excellent post, thanks. May give that a try. I did set up the Slingbox M2 and that is working with a fire TV as the client but the remote control functionality, while reasonably complete, is painful to use due to the delay.
     

Share This Page