Skip to content

Instantly share code, notes, and snippets.

@danparsons

danparsons/gist:3195652

Created July 29, 2012 01:46
Show Gist options
  • Star 77 You must be signed in to star a gist
  • Fork 20 You must be signed in to fork a gist
  • Save danparsons/3195652 to your computer and use it in GitHub Desktop.
Save danparsons/3195652 to your computer and use it in GitHub Desktop.
Download ZIP
How to stream the London 2012 Olympics
Raw
gistfile1.md

How to stream the London 2012 Olympics

There have been several HOWTOs posted regarding streaming the 2012 Olympics using HTTP / SOCKS proxies via SSH and other similar methods. None of these actually work using the latest Flash on Mountain Lion (with Firefox, Chrome or Safari). Additionally, the third-party streaming sites don't provide BBC's amazing interface, which lets you quickly skip to individual competitors and events. However, setting up an OpenVPN server does work, with some tweaks. You'll get the exact same UX that people in England receive.

  • Get a Linode VM in the UK. The 512MB server for $20 works just fine. (If you want to use my referral link, go for it: http://bit.ly/OuzdVe)

  • Follow the standard OpenVPN installation documentation. (Basically, 'apt-get install openvpn' or 'yum install openvpn' and then follow these docs: http://openvpn.net/index.php/open-source/documentation/howto.html). For an OS X client, I prefer Viscosity: http://www.thesparklabs.com/viscosity/ .

  • Push the following routes from your OpenVPN server. These are all the IPs the BBC uses for streaming recorded and live Olympics games. You can put this inside your OpenVPN server.conf file:

push "route 212.58.224.0 255.255.128.0"
push "route 68.142.94.242 255.255.255.255"
push "route 68.142.94.239 255.255.255.255"
push "route 69.22.163.44 255.255.255.255"
push "route 77.72.118.168 255.255.255.255"
push "route 66.235.128.0 255.255.224.0"
push "route 23.32.0.0 255.224.0.0"
push "route 141.101.126.37 255.255.255.255"
push "route 80.239.224.0 255.255.255.128"
  • Put these entries in your /etc/hosts file:
80.239.224.43 a974.w23.akamai.net bbchdsodsecure-f.akamaihd.net
23.63.98.9 open.bbci.co.uk open-bbci.bbc.net.uk open.bbci.co.uk.edgesuite.net a1638.g2.akamai.net
23.63.99.226 ichef.bbci.co.uk
77.72.118.168 sa.bbc.co.uk
23.62.53.67 static.bbci.co.uk
@whalesalad
Copy link

Has anyone tried doing this without a VPN? Simply setup your Linode in Europe and SSH/Socks tunnel to it?

ssh -d <port> mylinodeserver.com

Then setup your browser/computer to proxy thru localhost:<port>

@TheBigS
Copy link

TheBigS commented Jul 29, 2012

I get an error with the first route,

Sun Jul 29 17:27:01 2012 TUN/TAP device tun0 opened
Sun Jul 29 17:27:01 2012 TUN/TAP TX queue length set to 100
Sun Jul 29 17:27:01 2012 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sun Jul 29 17:27:01 2012 /sbin/ifconfig tun0 10.8.0.6 pointopoint 10.8.0.5 mtu 1500
Sun Jul 29 17:27:01 2012 /sbin/route add -net 212.58.224.0 netmask 255.255.128.0 gw 10.8.0.5
route: netmask doesn't match route address
Usage: route [-nNvee] [-FC] [<AF>]           List kernel routing tables
       route [-v] [-FC] {add|del|flush} ...  Modify routing table for AF.

       route {-h|--help} [<AF>]              Detailed usage syntax for specified AF.
       route {-V|--version}                  Display version/author and exit.

        -v, --verbose            be verbose
        -n, --numeric            don't resolve names
        -e, --extend             display other/more information
        -F, --fib                display Forwarding Information Base (default)
        -C, --cache              display routing cache instead of FIB

  <AF>=Use '-A <af>' or '--<af>'; default: inet
  List of possible address families (which support routing):
    inet (DARPA Internet) inet6 (IPv6) ax25 (AMPR AX.25) 
    netrom (AMPR NET/ROM) ipx (Novell IPX) ddp (Appletalk DDP) 
    x25 (CCITT X.25) 
Sun Jul 29 17:27:01 2012 ERROR: Linux route add command failed: external program exited with error status: 4
Sun Jul 29 17:27:01 2012 /sbin/route add -net 68.142.94.242 netmask 255.255.255.255 gw 10.8.0.5
Sun Jul 29 17:27:01 2012 /sbin/route add -net 68.142.94.239 netmask 255.255.255.255 gw 10.8.0.5
Sun Jul 29 17:27:01 2012 /sbin/route add -net 69.22.163.44 netmask 255.255.255.255 gw 10.8.0.5
Sun Jul 29 17:27:01 2012 /sbin/route add -net 77.72.118.168 netmask 255.255.255.255 gw 10.8.0.5
Sun Jul 29 17:27:01 2012 /sbin/route add -net 66.235.128.0 netmask 255.255.224.0 gw 10.8.0.5
Sun Jul 29 17:27:01 2012 /sbin/route add -net 23.32.0.0 netmask 255.224.0.0 gw 10.8.0.5
Sun Jul 29 17:27:01 2012 /sbin/route add -net 141.101.126.37 netmask 255.255.255.255 gw 10.8.0.5
Sun Jul 29 17:27:01 2012 /sbin/route add -net 80.239.224.0 netmask 255.255.255.128 gw 10.8.0.5
Sun Jul 29 17:27:01 2012 /sbin/route add -net 10.8.0.1 netmask 255.255.255.255 gw 10.8.0.5
Sun Jul 29 17:27:01 2012 Initialization Sequence Completed

@ddn
Copy link

ddn commented Jul 29, 2012

I think there are more blocks to route, as some streams were working and others were not. I did have good luck with routing everything via:

push "redirect-gateway def1"

@joshskidmore
Copy link

Thanks Dan - this worked perfectly for me. I switched the routes from the server to the client. I also added a couple more routes:

route 212.58.224.0 255.255.128.0 vpn_gateway
route 68.142.94.242 255.255.255.255 vpn_gateway
route 68.142.94.239 255.255.255.255 vpn_gateway
route 69.22.163.44 255.255.255.255 vpn_gateway
route 77.72.118.168 255.255.255.255 vpn_gateway
route 66.235.128.0 255.255.224.0 vpn_gateway
route 23.32.0.0 255.224.0.0 vpn_gateway
route 141.101.126.37 255.255.255.255 vpn_gateway
route 80.239.224.0 255.255.255.128 vpn_gateway

route 87.248.209.0 255.255.224.0 vpn_gateway # iplayer/live
route 178.79.195.0 255.255.224.0 vpn_gateway # iplayer/live

Thanks!
--Josh

@ddn
Copy link

ddn commented Jul 30, 2012

For what it's worth, I've played with 3 setups today and I think the OpenVPN is overkill.

SOCKS proxy via ssh -D is very quick:

ssh -D 2001 user@server_host <- run this then set SOCKS proxy to localhost:2001

Alternatively, tinyproxy is quick and easy to setup and then requires only changing your web proxy setting.

The only way I could get the VPN to be reliable was to route ALL traffic, and that's not exactly ideal.

My 2 cents.

@joshskidmore
Copy link

Personally, I like the OpenVPN route because tomorrow, when I'm at work trying to catch up on a couple Olympic events, I won't be in a browser/proxy hell which will interfere with my development. OpenVPN can be pretty confusing though and the ssh SOCKS proxy is much easier and quicker to get rolling. You could even throw the dynamic route option into ~/.ssh/config or (got all out and) create a persistant ssh daemon to keep the dynamic proxy alive 24/7 with something like:

ssh -o ServerKeepAliveInterval 5 -o ServerAliveCountMax 2 -D 2001 -i /PATH-TO-SSH-PRIVATE-KEY -TNCv username@linodebox

Again, that's probably overkill as well :)

@cayblood
Copy link

cayblood commented Aug 1, 2012

unblock-us.com is a much better alternative, since it doesn't force all your traffic through a potential bottleneck.

@nestedluck
Copy link

Does adding a -carcfour to the ssh improve performance?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment