VPN and IPTV (multicast)

RouterOS General
11

In addition to what @ppptran wrote above:

  • In the URLs to the streams, if the video player apps dislike having two : in the URL, you can replace the last : with characters like -. So instead of http://192.168.221.2:4000/rtp/239.200.80.15:10254 you can use the link http://192.168.221.2:4000/rtp/239.200.80.15-10254. Allowed replacement characters include %, ~, +, -, ^. But normally in URL % and + are special and need to be encoded, so stick with - for simplicity.

  • The UDPXY status page can be reached at http://ip:port/status/ (update IP and port to match).

  • The UDP rule on chain input should be limited to dst-address=224.0.0.0/4 and the action should be drop, and the rule should be move up (but still below the accept established/related rule of the input chain). The router itself doesn't need to consume any of those multicast packets coming from the vlan2420 interface, and we can omit this rule too without any difference. But we drop them early so that the other parts later in the chain don't have to deal with these packets.

  • The accept UDP rule on the forward chain is necessary, but here you can add dst-address=224.0.0.0/4 to further limit the rule to multicast, not accepting other things such as DNS queries.