Please remove the "same network" restriction in Windows app

Help and support for HDHomeRun DVR and HDHomeRun software for Windows 10, Mac, Android, XBox, etc.
EddieA
Posts: 17
Joined: Fri Jun 30, 2017 4:46 pm

Please remove the "same network" restriction in Windows app

Post by EddieA »

VLANs are no longer just a corporate thing. Many consumer switches and routers now support VLANs and home users are separating IoT devices from the main LAN.

However, the Windows app still appears to insist that it and the device are on the same subnet. With my setup, I can see the app throw out the broadcast trying to find the device. I can see the device replying to the app with the packet containing the device IP, but the Windows app still won't connect to it.

nickk
Silicondust
Posts: 17303
Joined: Tue Jan 13, 2004 9:39 am
x 95

Re: Please remove the "same network" restriction in Windows app

Post by nickk »

If your network bridges the broadcast discover so the HDHomeRun can receive it the HDHomeRun response should be routed back to the app and should work.

Windows UWP apps need permission to communicate on the local network (which the HDHomeRun app requests) so I am wondering if the Windows OS might be blocking the reply from reaching the app due to it not being on the local network.

Can you please try Android, iOS, Apple TV, or Mac.

sdust
Posts: 154
Joined: Sat Jun 05, 2021 3:39 am
x 3

Re: Please remove the "same network" restriction in Windows app

Post by sdust »

If I may suggest - viewtopic.php?f=119&t=75513

EddieA
Posts: 17
Joined: Fri Jun 30, 2017 4:46 pm

Re: Please remove the "same network" restriction in Windows app

Post by EddieA »

@sdust I'm already using a proxy to bridge the VLANs, as I do get the reply to the broadcast back on the Windows machine.

@nikk Yeah, it looks like it is the UWP causing it. I could connect and get responses with the SetUp program, which from the packet trace is exactly the same sequence of packets. According to the Windows firewall settings, both the UWP and SetUp have exactly the same settings, but obviously something is different.

After finding a Realtek utility I was able to create an alias IP on Windows tagged with the same VLAN as the tuner. A quick firewall rule later (on my router) and I can now view live broadcasts on Windows, iOS, and Android.

But all of them can't find my DVR, running (correctly) on Linux. Watching packet traces and firewall logs, I can't see any traffic that's trying to discover the DVR address. So, how does that discovery work.

BTW. After adding the alias IP in Windows, I see some strange traffic leaving the IP *only* when I start the HomeRun viewer. I see 2 TCP packets to a non-existent 192.168.0.x address (my normal subnet) on port 4080, followed by loads of TCP attempts to 10.0.0.88 at port 8080.
Last edited by EddieA on Fri Aug 13, 2021 5:35 pm, edited 1 time in total.

nickk
Silicondust
Posts: 17303
Joined: Tue Jan 13, 2004 9:39 am
x 95

Re: Please remove the "same network" restriction in Windows app

Post by nickk »

EddieA wrote: Fri Aug 13, 2021 5:21 pm But all of them can't find my DVR, running (correctly) on Linux. Watching packet traces and firewall logs, I can't see any traffic that's trying to discover the DVR address. So, how does that discovery work.
The DVR should respond to the same broadcast discovery packet the HDHomeRun is responding to.

Nick

EddieA
Posts: 17
Joined: Fri Jun 30, 2017 4:46 pm

Re: Please remove the "same network" restriction in Windows app

Post by EddieA »

Gottcha, thanks.

Need a little re-design in my network. The proxy was running on the same server as the DVR, and so "stole" the UDP listener.

sdust
Posts: 154
Joined: Sat Jun 05, 2021 3:39 am
x 3

Re: Please remove the "same network" restriction in Windows app

Post by sdust »

EddieA wrote: Fri Aug 13, 2021 5:21 pm @sdust I'm already using a proxy to bridge the VLANs, as I do get the reply to the broadcast back on the Windows machine.
you never mentioned any proxies :o

can we get full details? my crystal ball is still being repaired

EddieA
Posts: 17
Joined: Fri Jun 30, 2017 4:46 pm

Re: Please remove the "same network" restriction in Windows app

Post by EddieA »

sdust wrote: Fri Aug 13, 2021 7:09 pm you never mentioned any proxies :o

can we get full details?
Well, duhh. How did you think I was getting the tuner, on a VLAN, to respond to the broadcast.

I was playing with this: https://github.com/nomeata/udp-broadcast-relay/. But as the only permanent Linux server on my network is the one running the DVR, it 'aint working too well as a solution.
sdust wrote: Fri Aug 13, 2021 7:09 pm my crystal ball is still being repaired
Yep, same here, or I wouldn't be asking all the questions. :shock:

sdust
Posts: 154
Joined: Sat Jun 05, 2021 3:39 am
x 3

Re: Please remove the "same network" restriction in Windows app

Post by sdust »

EddieA wrote: Sat Aug 14, 2021 2:54 pm
sdust wrote: Fri Aug 13, 2021 7:09 pm you never mentioned any proxies :o

can we get full details?
Well, duhh. How did you think I was getting the tuner, on a VLAN, to respond to the broadcast.
I think, as a super geek, you just concentrated really hard and it would happen. That's why you wanted to keep the details to yourself.

I was playing with this: https://github.com/nomeata/udp-broadcast-relay/. But as the only permanent Linux server on my network is the one running the DVR, it 'aint working too well as a solution.
Plus your linux server needs to be on both VLANs so you are clearly over engineering this. :geek:
The solution I was talking about can be run locally on the machine which tries to connect to HDHR.
sdust wrote: Fri Aug 13, 2021 7:09 pm my crystal ball is still being repaired
Yep, same here, or I wouldn't be asking all the questions. :shock:
[removed by moderator]

EddieA
Posts: 17
Joined: Fri Jun 30, 2017 4:46 pm

Re: Please remove the "same network" restriction in Windows app

Post by EddieA »

sdust wrote: Sat Aug 14, 2021 5:48 pm Plus your linux server needs to be on both VLANs so you are clearly over engineering this. :geek:
It already is to broadcast my music library to a remote player (in my IoT VLAN).
sdust wrote: Sat Aug 14, 2021 5:48 pm The solution I was talking about can be run locally on the machine which tries to connect to HDHR.
Assuming you can load that. How's the iOS version coming along. :lol:
sdust wrote: Sat Aug 14, 2021 5:48 pm [removed by moderator]
Hmmm, I hope that comment wasn't besmirching my reputation.

sdust
Posts: 154
Joined: Sat Jun 05, 2021 3:39 am
x 3

Re: Please remove the "same network" restriction in Windows app

Post by sdust »

EddieA wrote: Sat Aug 14, 2021 8:37 pm
sdust wrote: Sat Aug 14, 2021 5:48 pm Plus your linux server needs to be on both VLANs so you are clearly over engineering this. :geek:
It already is to broadcast my music library to a remote player (in my IoT VLAN).
Great. Just run a VM/docker image with a separate IP.
sdust wrote: Sat Aug 14, 2021 5:48 pm The solution I was talking about can be run locally on the machine which tries to connect to HDHR.
Assuming you can load that. How's the iOS version coming along. :lol:
arm64 is a supported platform for Go so I would say it is already there. Since you have a mostly idle linux box available you can use it for now.
sdust wrote: Sat Aug 14, 2021 5:48 pm [removed by moderator]
Hmmm, I hope that comment wasn't besmirching my reputation.
Your reputation remains impeccable ...

shawn_75
Posts: 182
Joined: Sun Oct 14, 2012 5:19 pm
Device ID: 151032EF

Re: Please remove the "same network" restriction in Windows app

Post by shawn_75 »

EddieA wrote: Fri Aug 13, 2021 10:19 am VLANs are no longer just a corporate thing. Many consumer switches and routers now support VLANs and home users are separating IoT devices from the main LAN.
Just curious, why do you treat the HDHR tuner as an IoT device? I know it technically qualifies as one, but it is regularly updated and seems to me is a low risk device.

foxbat121
Posts: 2051
Joined: Tue Jan 05, 2010 3:48 pm
Device ID: 131087C9, 13233B7C
x 8

Re: Please remove the "same network" restriction in Windows app

Post by foxbat121 »

Here is my question: the point of VLAN is to isolate different vLAN segments so that the traffic doesn't cross over, especially the broadcast traffic. Now you actively added devices to bridge the traffic between two vLANs, doesn't that defeat the purpose of setting up VLAN in the first place?

klipsch
Posts: 2
Joined: Tue Aug 24, 2021 11:41 am

Re: Please remove the "same network" restriction in Windows app

Post by klipsch »

EddieA wrote: Fri Aug 13, 2021 5:21 pm @sdust I'm already using a proxy to bridge the VLANs, as I do get the reply to the broadcast back on the Windows machine.

@nikk Yeah, it looks like it is the UWP causing it. I could connect and get responses with the SetUp program, which from the packet trace is exactly the same sequence of packets. According to the Windows firewall settings, both the UWP and SetUp have exactly the same settings, but obviously something is different.

After finding a Realtek utility I was able to create an alias IP on Windows tagged with the same VLAN as the tuner. A quick firewall rule later (on my router) and I can now view live broadcasts on Windows, iOS, and Android.

But all of them can't find my DVR, running (correctly) on Linux. Watching packet traces and firewall logs, I can't see any traffic that's trying to discover the DVR address. So, how does that discovery work.

BTW. After adding the alias IP in Windows, I see some strange traffic leaving the IP *only* when I start the HomeRun viewer. I see 2 TCP packets to a non-existent 192.168.0.x address (my normal subnet) on port 4080, followed by loads of TCP attempts to 10.0.0.88 at port 8080.
Hi, sounds like you've got things working for windows - was hoping you could help with the Alias process you followed - is that something you could elaborate more on?

For others that may come here - hope this helps - I was able to use UDP Broadcast Relay in OPNsense to enable my android devices to see the HDHR Prime with both being on different VLANs. It took 1 firewall rule an 4 entries in to a OPNsense plugin: UDP Broadcast Relay.

Setup
VLAN X - Android Devices and windows devices here
VLAN Y - HDHR Prime here

In UDP Broadcast Relay (plugin for OPNsense), I have 4 entries at the moment:
Interfaces Multicast Address Port ID Description
VLAN X, VLAN Y 239.255.255.250 5004 1 HDHR 5004
VLAN X, VLAN Y 65001 2 HDHR 65001
VLAN X, VLAN Y 239.255.255.250 1900 3 HDHR 1900
VLAN X, VLAN Y 239.255.255.250 1902 4 HDHR 1902
(second entry has a blank Multicast Address for the 255.255.255.255 that is used for discovery)

If I run the Windows HDHOMERUN setup, it finds all three tuners - but the app does not work for playing TV, while android devices do work for playing TV.

Communication between VLAN X and VLAN Y is locked down, so I have a firewall rule that allows HDHR in VLAN Y to go out over any port to VLAN X.
Protocol IPv4 Source HDHR(alias in OPNsense for my HDHR IP) Port * Destination VLAN X Port *

EddieA
Posts: 17
Joined: Fri Jun 30, 2017 4:46 pm

Re: Please remove the "same network" restriction in Windows app

Post by EddieA »

shawn_75 wrote: Thu Aug 19, 2021 5:49 pm Just curious, why do you treat the HDHR tuner as an IoT device? I know it technically qualifies as one, but it is regularly updated and seems to me is a low risk device.
I just like to keep anything that has access to the internet walled off from my main network.

And if regular updates lead to low risk, then Windows has to be the most secure system ever.
foxbat121 wrote: Fri Aug 20, 2021 12:54 pm Here is my question: the point of VLAN is to isolate different vLAN segments so that the traffic doesn't cross over, especially the broadcast traffic. Now you actively added devices to bridge the traffic between two vLANs, doesn't that defeat the purpose of setting up VLAN in the first place?
With this setup, I can control exactly what traffic bridges between VLANs and only allow what I want to cross over. Any other traffic is still blocked.
klipsch wrote: Tue Aug 24, 2021 11:55 am
EddieA wrote: Fri Aug 13, 2021 5:21 pm
After finding a Realtek utility I was able to create an alias IP on Windows tagged with the same VLAN as the tuner. A quick firewall rule later (on my router) and I can now view live broadcasts on Windows, iOS, and Android.
Hi, sounds like you've got things working for windows - was hoping you could help with the Alias process you followed - is that something you could elaborate more on?
Run the Realtek utility and create a virtual ethernet interface, tagged with the relevant VLAN.

Post Reply