HDHomeRun Prime and Apple TV 4K on two different VLANs

Hi,

I need some help to be able to stream from the HDHomeRun Prime to the Channels app running on the Apple TV4K. The Apple TV and Prime are on two different VLANs/subnets: Apple TV is on VLAN200, and HDHomeRun Prime is on VLAN1.

The layer 3 boundary between the two subnets is currently is a Cisco 3560cg switch. There are no access lists that would block any traffic between these two VLANs/subnets.

If I specify the IP address of the HDHomeRun Prime in the Channels app, the Channels app can scan the HDHomeRun Prime's channels across the L3 boundary (Cisco 3560cg switch). However, when I try to stream any channel, the HDHomeRun Prime lights up the tuner LED, but then the LED goes out and I get the message that tuner is unavailable.

I tried to connect a MacBook to VLAN1 (the VLAN in which the HDHomeRun Prime lives), and I can stream from the HDHomeRun Prime to the HDHomeRun app running on the MacBook.

Until today, the HDHomeRun Prime was on the same VLAN as the Apple TV (VLAN200), I could stream from the HDHomeRun Prime to the Channels app on the Apple TV without any issues when both devices were on the same VLAN. Today I had to move the HDHomeRun Prime from VLAN200 to VLAN1 due to the network change. It's a long story, but if you want to know why I had to make the network change, please read on.

Is it possible to stream from the HDHomeRun Prime to the Channels app on the Apple TV across a L3 boundary? If so, what am I missing?

Thank you.

The long story:

Until today, I used a hybrid Ubiquiti AP (UAP-IW-HD), which has a built-in Ethernet switch capable of tagging 802.1q traffic out of its switch ports.. The HDHomeRun Prime was connected to one of the LAN ports of the UAP-IW-HD, so I was able to assign the port connected to the HDHomeRun Prime to VLAN200, and the HDHomeRun Prime and the Apple TV were on the same VLAN. There were no issues streaming from the HDHomeRun Prime to the Apple TV while they were on the same VLAN. However, my Macs had Wi-Fi problems with the UAP-IW-HD, so I had to replace that AP with a better AP (UAP-AC-HD).

Once I replaced the hybrid AP with built-in Ethernet switch (UAP-IW-HD) with the pure AP (UAP-AC-HD), I had to connect the HDHomeRun Prime to the secondary port (daisy-chained) of the UAP-AC-HD. The secondary port on Ubiquiti APs is oblivious to 802.1q tagging, so it can only pass untagged traffic, which means that it can only be connected to the VLAN that's untagged (native VLAN) on the switch upstream from the Ubiquiti AP's primary port. The Ubiquiti AP itself understands VLANs, and it can properly assign VLANs to its management interface as well as to map SSIDs to VLANs. However, the secondary GigabitEthernet port on the Ubiquiti APs is incapable of tagging VLANs properly. All of my management IPs for Ubiquiti gear is on VLAN2 (tagged), and my main data VLAN is VLAN200 (tagged). Because Ubiquiti APs always use VLAN1 as the untagged (native) VLAN on their uplink port, I have to use VLAN1 on the Cisco 3560cg port that powers the UAP-AC-HD with POE+ as the native (untagged) VLAN. Hence, the HDHomeRun Prime daisy-chained to the secondary port on the UAP-AC-HD is on VLAN1. Both of my Apple TVs are on the home data network (VLAN200).

Sounds like its almost working if the light comes on. Can you click Submit Diagnostics in the app after attempting to watch so we can see what's going on.

Here's a weird part. I just tried to stream from an Apple TV4 (not Apple TV4K). The Apple TV4 is on another floor and is associated with a different AP. The AP on the second floor is a UAP-IW-HD (hybrid) the same as I had on the first floor before today, but replaced it with the UAP-AC-HD.

So, the upstairs Apple TV4 can stream from the HDHomeRun Prime. The upstairs Apple TV is also on VLAN200 with the IP 192.168.200.102. The downstairs Apple TV has IP 192.168.200.101, and it gives me an error message.

Both Apple TVs are trying to stream from the same HDHomeRun Prime, which is on VLAN1 (192.168.1.100). I will try again to stream from the Apple TV4K downstairs in 30 minutes and will submit diagnostics if it doesn't work.

Thanks.

I've uploaded the diagnostics from the Apple TV 4K. The streaming didn't work. Do you need any information to identify my diagnostics log?

I found it based on the time and IPs. It looks like the TCP/HTTP connection succeeds, but no data is ever received.

Try checking the HDHR System Log via my.hdhomerun.com to see what it says about the connection.

If it works on one TV and not the other, that seems to suggest something with your network. I'm pretty sure other users here have streamed across VLANs, and the app is obviously able to communicate with it since it sees the HDHR and even gets as far as grabbing a tuner.

20190209-01:11:06 Tuner: tuner2 tuning 834 CNNHD (auto:231MHz-2)
20190209-01:11:07 Tuner: tuner2 streaming http to 192.168.200.101:49193
20190209-01:11:07 CableCARD: tuner2 834 CNNHD (auto:231MHz-2) access = subscribed
20190209-01:11:17 Tuner: tuner2 http stream ended (remote closed)

My guess is some sort of firewall or ACL issue. Note that video streaming happens over port 5004, and that's what is not working correctly. The parts which are working already happen on port 80.

So, there's no firewall in between. It's a Layer 3 switch that does inter-VLAN routing between VLAN1 and VLAN200.

I associated this Apple TV4K with the upstairs AP (UAP-IW-HD), and I was able to stream from the HDHomeRun Prime daisy-chained into secondary port on UAP-AC-HD. When I associated the Apple TV4K back with the UAP-AC-HD, I couldn't stream again.

So, basically,when the Apple TV4K is associated with the UAP-AC-HD, it can't stream from the HDHomeRun Prime plugged in to the same UAP-AC-HD. The traffic doesn't go directly from Wi-Fi to wired GigabitEthernet because the Apple TV is on a different subnet from the HDHomeRun Prime. Therefore, the traffic has to inter-VLAN switch at the L3 boundary (Cisco 3560cg).

Is there any sort of multicasting (PIM, IGMP) involved in the streaming process?

I don't believe so (it's a simple HTTP request), but this is getting into stuff that's more in the realm of SiliconDust's expertise.

Thanks. I appreciate the help. I don't have much trust in the Silicon Dust's technical support. I will try to work with Ubiquiti on this.

To hazard a guess, I’d blame the Cisco switch. If there is a network issue and it is doing the routing, that’d be my focus. I’ve got a multi access point full Ubiquiti setup at home and have no trouble streaming to various Apple TVs both on WiFi and wired. At work I partially administer some 3800 and 3600 series stacks. If they weren’t Cisco nobody would put up with their overly complex and finicky configuration.

Sorry, I know that’s not any help. My strategy would be to eliminate one piece of equipment at a time to diagnose.

The problem was in the UAP-AC-HD. When the Apple TV associated to the UAP-AC-HD tried to stream from the HDHomeRun Prime connected to the secondary Gigabit Ethernet port of the UAP-AC-HD, the streaming didn’t work with the two devices being on different VLANS. When I put the two devices on the same VLAN, everything worked fine.

When I associated the Apple TV with the UAP-IW-HD, it was able to stream from the HDHomeRun Prime connected to the secondary port of the UAP-AC-HD even when the Apple TV was on a VLAN different from the VLAN that the HDHomeRun Prime was in.

I had to do some native VLAN magic on the upstream Cisco switch to allow traffic in VLAN 200 to be passed out of the UAP-AC-HD’s secondary Gigabit Ethernet port, as UBNT doesn’t support any VLAN tagged on the upstream port to be passed out of the secondary port.

Cisco wasn’t to blame here. The blame is squarely on UBNT. Their feature sets are so rudimentary that any non-trivial network design becomes nearly impossible with UBNT hardware. So, if Cisco has too wide a feature set, UniFi is the other extreme: features are almost non-existent. I can’t fight this war with UBNT. The UniFi line is not up to the task even for the SMB segment. It’s purely prosumer and small business segment. However, it’s decent in these segments as long as one doesn’t try to implement non-trivial network designs. It surely beats consumer-grade hardware, and the price is manageable.