r/crestron

This is a follow up to my post the other week: https://www.reddit.com/r/ArubaNetworks/comments/1taak5b/aoscx_switches_leaking_igmp_group_memberships_at/

I'm mostly posting this because I've been banging my head against the wall trying to figure this out over many weeks. My hope is that other people can avoid this, or similar, pitfalls in the future. I already have both Crestron and Aruba engineers working on resolutions, so I don't think there will be a lot of useful additional information from the community.

That said, I will start with something that would've been great to know about NVX, even if not using Aruba switches. It is something I've never seen discussed or documented anywhere before:

Two different IGMP message methods

After the IGMP querier sends an IGMP query, the devices all respond with IGMP membership reports. According to RFC 4541, it is recommended that these are suppressed so that only the switch itself sees these and uses them to build its snooping tables (or they get forwarded to other routers). Devices should not see any other membership reports. In wireshark, if you connect to the switch, you should only see the queries and your own. Some switches sort of do the opposite of this. They send the IGMP memberships to everyone all the time.

Netgear: Tested on an M4250 with various profiles. It forwards IGMP memberships to everyone all the time. I didn't try it, but it seems like you can configure this behavior so it will suppress these messages as well. They might do this intentionally for NVX, which you will see why later.

Cisco: I don't have Cisco gear to test, but I believe they suppress the IGMP membership messages. I believe it is configurable to flood or suppress.

Aruba: Suppresses IGMP membership messages, and there is no way to configure this behavior. Tested on 6000 (12, 24, 48 port), 6100 (24 port), 6300 (24 port)

How NVX responds

NVX works with either method above, both the suppression and the flooding. However, if a device sees a single IGMP membership join for a group it is sending to, it will want to see those messages repeatedly forever.

Let's say you have an encoder sending on 239.1.0.0. The decoder will send IGMP joins for 239.1.0.0. If these are flooded, the encoder will see those joins from the decoder every {query interval} seconds. If they are suppressed, the encoder will never see those joins. If the encoder sees a single IGMP join for 239.1.0.0, it starts a timer for about 4 minutes and 30 seconds. If it never sees another, it will stop sending the multicast data. You have to stop and start the stream again. The nvx units will still think everything is happily working, as does the switch.

Why would Crestron do this? Not sure, but maybe to somehow sort of work on a switch with a querier but no snooping? Maybe it saves on power usage? It is like it is trying to manage multicast itself instead just letting the switch do it.

AES67 SAP

This also happens for SAP announcement messages. Since both encoders and decoders using NAX join the SAP group of 239.255.255.255, this one tends to break even more easily. Also, the only way I know to recover is to reboot the NVX unit. However, this only tends to happen if you have a Q-SYS on the network, and possibly other AES67 devices. I explain why more below.

How it really gets messed up on Aruba

The boot process on Aruba is a bit slow. It first brings up layer 2, then layer 3. What I am seeing is multicast is flooding on my Aruba switches for 20-40 seconds at boot. This includes IGMP messages.

There is a command on Aruba called "filter-unknown-mast" that is supposed to suppress this stuff at boot, but it only partially works. For what its worth, I've tested what I'm talking about across AOS CX 10.11, 10.13, 10.16, 10.17 and different sub-versions as well, and they all behaved the same.

The problem here is during this boot window, the NVX units see a single IGMP join because of this flooding and then never again. Which, as discussed above, then breaks the streams 4m30s later, plus the AES67 SAP announcements.

When the devices first come online, they immediately send an unsolicited IGMP membership join - this is what is flooding during the boot process. This unsolicited list actually appears to differ from the solicited IGMP membership joins. Interestingly, on NVX, it won't join SAP group of 239.255.255.255 unsolicited. So AES67 SAP won't ever break if using JUST NVX. However, Q-SYS does send an unsolicited join for 239.255.255.255, which will then break the announcements on all the NVX units during boot.

Once the Aruba querier is running and sends the very first membership query, it is properly suppressing everything so the solicited joins are never seen by other devices.

You can actually mimic (and prove) this behavior by mirroring a NVX decoder's tx to a NVX encoders rx. This will send the IGMP join packets to the encoder. Then break the mirroring so the IGMP messages are cut off. The NVX will stop sending video 4m30s later, and SAP will break at that point as well.

Different behavior on different Aruba models

This started to drive me really crazy. Why isn't this reported more? Well, I'm using a newer series heavily, the 6000.

It appears only the Aruba 6000 series floods these unsolicited joins during boot. The 6100 and 6300 I tested do not do this.

However, the 6100 and 6300 are not flawless. There is a feature on Aruba called IGMP fastlearn (different from fast leave). If you enable this, it sends a IGMP query any time the switch topology changes (like a link comes online). So at boot, you will see many IGMP queries rapidly. Since these occur before the querier is fully ready, the responses from the devices are then flooded, causing the same issue to occur on 6100 and 6300.

Edit to add: The real nitty-gritty of why this happens on the 6000 is in the event logs of the switch. The command I mentioned "filter-unknown-mcast" is applying after the interfaces come online in the 6000. In the others, it occurs before the interfaces come online. Regardless, filter-unknown-mcast will filter unsolicited joins, but it won't filter the joins initiated from fastlearn before the switch querier is fully up and running.

Final conclusion

Don't use Aruba 6000 with NVX for now, until either Aruba or Crestron has a fix for this behavior. I don't see a solution at this point other than a firmware fix. Oh, also if ALL the nvx is PoE, you won't have this issue since they power up later in the boot process. I am using cards.

For 6100 and up, do not use IGMP fastlearn (fast leave is OK). If you really want to be careful, you can make an ACL on 6200 and up (6000 and 6100 don't support outbound ACL). The ACL should be to block IGMP messages OUT only to edge devices in the NVX ranges for audio/video plus SAP. I don't think the ACL would work for IGMPv3 due to it using the same address for all joins.

As for Netgear, I imagine it is possible they forward these IGMP joins everywhere all the time just to avoid potential issues like what I see on Aruba.

Crossing my fingers for Aruba or Crestron (or both) to fix this issue so I don't have to swap out all my Aruba 6000s.

Anyone know of a locking cover that will fit around an MPC4-102? FSR makes a bunch of different things, but it is somewhat difficult to tell if the dimensions work with the protrusion of the panel itself. Figured I would ask in case someone had recent experience.

There was a post about a different topic that had commented on AI. I want to bring this discussion out into its own thread.

Apparently, people are having success now with developing full-blown crestron programs and full-blown crestron UI with AI.

1. What AI engine is people having success with?

2. I assume that you’re creating C-sharp and HTML5?

3. Any other suggestions for someone new to bring AI into crestron programming?

There is no way to get an update without a partner account. right?

Hey all,

So basically I am on a big de-comm that has a ton of old NVX350 gear, A lot of it does not work. I am aware the NVX-350s had a reputation for dying, especially power-related failures.

I figured id see if anyone has successfully been able to repair one and if so what the process was like! I am pretty good with a soldering iron haha

I love playing with old gear that would have otherwise ended up in an E waste pile so any tips or suggestions would be great!

Ill be posting this on other AV/ Crestron related subs as well. Anyways hope to see yall around!

Hello, I'm a Latin American integrator with many years of experience in videoconferencing, automation (full Crestron), monitoring centers, lighting control, convention centers, digital signage, and LED displays. I have a solid understanding of all the protocols we use daily. However, today I have a new challenge outside my area of ​​expertise: I've been asked to completely redesign an interactive museum for a multinational corporation.

This museum has been operating for the past six years with a system that combines Watchout 5, Watchout 6, and Pixi Labs. However, for the last three years, it has been causing so many problems that the client simply wants to scrap everything and never hear from the company again.

Our AV experience is more focused on the corporate world than the experiential world. However, I want to take this challenge as a new opportunity for growth, and that's where I'd like to ask for your help.

This museum is comprised of nine rooms, each telling a different story. Two of these rooms have LED screens playing a video with accompanying audio. Two others are immersive projection rooms (one with three projectors and the other with eight, including two pointing at a central table). Two more rooms use standard projectors to play a video with audio. Two have signage-type screens (using the Pixilab player via the web), and the last room simply has audio playing on a loop.

For this project, I'm considering a multi-platform integration between BrightSign, VIOSO with Exaplay, and Crestron as the central control hub for all equipment in the museum.

I'm open to recommendations for choosing the right "heart" for this museum—something reliable and easy to use. Unfortunately, the current platform has failed too often because they created a kind of "Frankenstein" of hardware within the project.

I'd like to learn more about this world of experiential learning. If you've worked in this field, what should we use?

The experience always consists of guided tours with a guide for each group. This guide controls each room using a Pixilab app, which they use to play videos and control the volume and mute the audio in each area.

Thanks for your help.

I have the IR codes for my topping D90 and wish to convert them to a module for use in Crestron simpl. Does anyone know the workflow? And what tools to use?

TLDR; Do touch panels on the wall outside of rooms need to use a teams license, or should they just attach using the Crestron Entra app to read the room schedule?

I need a sanity check here.

New building, about 14 conference, huddle and other rooms. General contractor went with a sub to install the Crestron equipment, which is good because I wasn't up to speed with the Teams rooms until now.

In our older buildings, I have touch panels at the door in Crestron Default app mode, attached to the Crestron App in Entra to display the status of the room. The rooms have dedicated PCs or dongles on Air Media devices. Works fine.

In the new building, the vendor has chosen Flex systems for the medium and large conference rooms. Tss1070 or Tss770 room scheduling touch screens outside of the conference and relaxation rooms (and a few more rooms without equipment).

The IT department created the resources in Entra. The vendor was unable to connect the touch screens to Entra. I had to come in to troubleshoot to find that they didn't update the firmware as required to connect to Intune AOSP. One problem averted. We were able to connect one touch screen from conference room 3c to Microsoft 365 (using a Pro license).

On to device #2 (room without equipment), we get the error "Your current license isn't supported" using a standard Teams license. Upgrading to Pro solved the problem. That just adds significant monthly cost.

So, my question: Should the panels outside of the conference room need to be configured as a Teams Room or should the Flex device attached to the monitor and camera have the teams license and the touch panels use the default Crestron Application mode to read/write the M365 resource calendar? From my understanding, the Flex device needs to join the meetings and share equipment, not the device in the hall. Can I save 2/3 of my costs by only assigning Pro licenses to the Flex equipment?

We have three Crestron MX50-T systems, with Mercury tabletop, UC bracket and Huddly L1 cameras. After adding the system to InTune last week, the camera stopped working. Upon investigation, it was found that there is a User Account Control window that pops up after reboot, asking if "you want to allow app to make changes.... " and the app in question is "libusb-win32 - Install-Filter".

If no one inputs the username and password when this comes up, Teams just starts up after 60 seconds, and the camera will not connect. A reboot has to be done, with someone either connected remotely or sitting in front of the Mercury, and input the user creds, so that the camera will work.

We've moved most of our Logi fleet into InTune, without issues, but this was the first of the Crestron systems to move, and this happened.

Wondering if anyone has run across this and if there's a known fix.

TIA !

Does anyone have a good Roku IP module you would be willing to share?