Hi,
I'm hoping someone here can help with this problem.
I'm working on updating GB3FT repeater (currently pending NoV approval) - its new site relies on a 4G modem for internet connectivity which in turn means no fixed public IP due to CGNAT.
So I have created a VPN using ZeroTier which allows me full access to the repeater systems including a SRT stream player.
As I'm an authorized client of the ZeroTier VPN I can stream directly to the repeater with no problems using Streamcast on an iphone.
However I wish to expose the stream input to others on the web via a controlled access webpage.
To accomplish this I have a home based fixed IP with a nginx server behind it which is also a Zerotier VPN client - but here's the problem.
Reverse proxy of a normal TCP service to the stream player ui is not a problem but it needs a SRT UDP input stream and so far I've not been able to create a UDP reverse proxy. I suspect this may not even be possible with UDP.
Hope all of the above makes sense !
As a fall back I could use RTMP which uses TCP and is therefore easier to proxy but then I'd need to generate a RTMP signal present output - the SRT player already does this on GPIO26 and signals the repeater controller to switch over to the stream signal. The hdmi switch could be used to select the streamer input via dtmf which would prevent malicious streamer input.
Any thoughts or comments ?
73 Tim
Secure Reliable Transport SRT with CG NAT
Forum rules
This forum is run by the BATC (British Amateur Television Club), it is service made freely available to all interested parties, please do not abuse this privilege.
Thank you
This forum is run by the BATC (British Amateur Television Club), it is service made freely available to all interested parties, please do not abuse this privilege.
Thank you
Re: Secure Reliable Transport SRT with CG NAT
Hi Tim,
Is your repeater only having an SRT input but no output of the repeater to the web?
It's late and probably not fully understood.
Good to see you looking at SRT.
73's
Martin
G8KOE
Is your repeater only having an SRT input but no output of the repeater to the web?
It's late and probably not fully understood.
Good to see you looking at SRT.
73's
Martin
G8KOE
Re: Secure Reliable Transport SRT with CG NAT
Hi Martin
the plan is to stream the output of the repeater back to the BATC streamer website but to avoid huge 4G data charges we will likely recieve the output over the air and stream to the BATC using a stand alone rx / streamer at someones home QTH. Less than ideal due to the added latency of the remote reciever.
The main problem is how to stream into the repeater over a 4G data connection - so far the only solution I can come up with is mentioned in my post.
SRT does seem to work very well with low latency but being udp based and behind a CGNAT router is causing me some headaches.
Ultimately I may have to abandon this approach and use RTMP or similar - but have a few months to sort it out !
73 Tim
the plan is to stream the output of the repeater back to the BATC streamer website but to avoid huge 4G data charges we will likely recieve the output over the air and stream to the BATC using a stand alone rx / streamer at someones home QTH. Less than ideal due to the added latency of the remote reciever.
The main problem is how to stream into the repeater over a 4G data connection - so far the only solution I can come up with is mentioned in my post.
SRT does seem to work very well with low latency but being udp based and behind a CGNAT router is causing me some headaches.
Ultimately I may have to abandon this approach and use RTMP or similar - but have a few months to sort it out !
73 Tim
Re: Secure Reliable Transport SRT with CG NAT
Hi Tim,
I would keep it simple and locate the SRT TX RX remotely.
Receiving the repeater off air and SRT TX linked via RF into the repeater.
Good Luck
Martin
G8KOE
I would keep it simple and locate the SRT TX RX remotely.
Receiving the repeater off air and SRT TX linked via RF into the repeater.
Good Luck
Martin
G8KOE
Re: Secure Reliable Transport SRT with CG NAT
Hi Martin
just had an in depth chat on the phone with Phil XTW and I agree with you and him that I've been over thinking the problem and keeping it simple is likely the best solution.
So I've shelved the CGNAT / UDP problem and the SRT input to FT will remain on the VPN so limiting access to those whole hold the VPN credentials - likely just me, Tony UIS and Steve AIN.
In due course I could add a home based SRT IP receiver with a public fixed address hooked up to a tx to access FT - again bypassing any CGNAT drama.
Thanks to everyone who has helped me climb out of this self dug hole !
73 Tim
just had an in depth chat on the phone with Phil XTW and I agree with you and him that I've been over thinking the problem and keeping it simple is likely the best solution.
So I've shelved the CGNAT / UDP problem and the SRT input to FT will remain on the VPN so limiting access to those whole hold the VPN credentials - likely just me, Tony UIS and Steve AIN.
In due course I could add a home based SRT IP receiver with a public fixed address hooked up to a tx to access FT - again bypassing any CGNAT drama.
Thanks to everyone who has helped me climb out of this self dug hole !
73 Tim