IPTV – blocking multicast on WIFI
(Redirected from Setting up IPTV without impact to LAN and Wireless traffic)
(original guide https://www.dd-wrt.com/wiki/index.php/Setting_up_IPTV_without_impact_to_LAN_and_Wireless_traffic)
2.2 Allow for multicast traffic
2.3 Disable multicast traffic to reach the Wireless adapter
2.4 Setup an additional VLAN
2.5 Disable multicast traffic to reach the LAN Ports 1,2,3
2.6 Enable DHCP for the additional local Networks and final steps
3 Block Multicast via Ebtables Firewall
This section explains how to use the DD-WRT GUI to configure DD-WRT supporting multicast IPTV traffic while at the same time enable some LAN ports and Wireless Clients working in parallel.
There are 2 ways to achieve this. The first is to unbridge the LAN area that shouldnt get flooded with mulicast packets. The second (and imho more elegand) way is to block mulicast traffic to the interfaces which doesnt need it.
In the sample configuration, the TV media receiver is connected to LAN Port 4, and the router Ip is 192.168.1.1. Other configurations work accordingly.
Ensure that you are at least on DD-WRT 24v1 Firmware, otherwise download the most recent release.
Connect the TV media receiver to Port 4. Connect other LAN connections to Ports 1,2,3
 Allow for multicast traffic
Disable (uncheck) “Filter Multicast” on Security–>Firewall
 Disable multicast traffic to reach the Wireless adapter
In Wireless–>Basic setting, set “Network Configuration” to “Unbridged”, and “Multicast forwarding” to “disabled”.
Provide 192.168.3.1 with subnet mask 255.255.255.0 as the IP address for Wireless connections
 Setup an additional VLAN
In Setup–>VLANs, check the “tagged” checkboxes for Ports 1,2,3. Then, check the three accoring checkboxes in the VLAN 7 row, uncheck them in the VLAN 0 row, and finally uncheck the “tagged” checkboxes.
Apply the settings and reboot the router
 Disable multicast traffic to reach the LAN Ports 1,2,3
In Setup–>Networking, check “Unbridged” for “Network Configuration vlan7”, “Multicast forward” to “disable”.
Below this entry, provide IP number 192.168.2.1 with subnet mask 255.255.255.0 as the IP address
 Enable DHCP for the additional local Networks and final steps
In Setup–>Networking, add two DHCP Servers in the bottom area, one for vlan7, one for eth1 (keep the standard settign for the other fields)
Apply all changes, and reboot the router
 Block Multicast via Ebtables Firewall
Leave the wifi brdiged. Load the layer2 firewall modules and your ebtables rules via the firewall startup
ebtables -A FORWARD -o “interface to block” –pkttype-type multicast -j DROP
ebtables -A OUTPUT -o “interface to block” –pkttype-type multicast -j DROP
If you want this script to run everytime your router starts, do the following:
Go to Administration->Commands
Paste commands in the Commands window
Click Save startup
The drawback is ebtables will use sightly mode cpu time. Finally, enjoy TV, LAN, and Wireless simultaneously.