I’ve been using Plex for quite a while. You have to jump through some hoops (it only supports MKV files, not DVD or Blu-Ray directory structures), but it does in the end work quite well with my Fire TV stick and with the Google Nexus Player (Android TV).
I recently got a PlexPass subscription. This should let me create user profiles for people in the house. (These are called Managed Users or Home Users depending on the documentation.) I should also be able to sync contect (offline copy) to portable devices.
Except for whatever reason, the system was horribly broken in my house. The server would be unavailable for most of the UI’s–especially the one where you designate users and define what server libraries they have access to.
After a good day of debugging (total), I found that there were two reasons this didn’t work.
Security Features
One laudable thing Plex does is try to maintain a secure connection to your server. This is detailed here. Essentially, they own the plex.direct domain and can assign any number of hostnames under that address, all of which direct to your personal server. This is necessary because plex has to create a security certificate that matches the hostname of your server. This hostname additionally needs to resolve to an IP address that works. (A LAN subnet address while at home and an Internet IP address when you’re outside your home.)
The problem is that devices inside my house need to (for example) query the hostname 192-168-0-10.long_hash.plex.direct, and what is supposed to happen is that the DNS is supposed to return 192.168.0.10 (the local IP address of the server, within the LAN subnet).
Unfortunately, in my case, pfSense blocks this from happening because it doesn’t want a fully-qualified domain resolving to something within the house. The fix is to let pfSense know that plex.direct is allowed to resolve locally. This information is detailed here.
But, that didn’t fix the problem. The next thing that happened is OpenDNS (the DNS service I use) then also blocked the IP address lookup. The only way to fix that problem was to disable this option at OpenDNS:
Security setting in OpenDNS to help Plex resolve local addresses.
NAT Reflection
Curiously, even after I got the above DNS resolution working, my Plex server still didn’t work right. I would get a message saying secure connections aren’t possible and that I need to fall back to insecure connections. This happened even when I was accessing the player web interface on the plex server. How can it not create a secure connection to itself?
I did a tcpdump to investigate. I saw that the Plex server was trying to contact my WAN address. (I had to do port-forwarding to get the server accessible outside my home network.) I assumed that while I was on my subnet, Plex clients (including the web client) would use the LAN subnet address. For whatever reason (bad coding, bad configuration), this local-addressing isn’t the case.
The Plex web client was trying to contact the Plex server through the WAN (routable Internet) address. Most NAT systems can’t do this. Luckily, pfSense can handle it well. I just had to create a NAT reflect rule (with proxy) to accept those connections and redirect them as necessary.
Curve-Ball: Disk Space
The long version of the story is that things didn’t stop there. I still couldn’t access the server. I got farther htan I did before, but the Plex Android app wasn’t syncing content. It wouldn’t transcode; it wouldn’t do anything. In fact, it wouldn’t even play a video. (Although songs were fine.)
What I found was that my Plex server was out of disk space. I basically had a 32GB booot/OS drive in there, and it was full. I did some cleaning and that helped. Then I also noticed that there’s a transcoding directory in the Plex server settings. I presume that this is set to /tmp or to the plex installation path, but in my case, both sit on a single small drive. So, I pointed it to my ZFS system, where there is plenty of space.
This has seemed to clear everything up. Huzzah!
Suspicious Quirk
I also had a long battle with Managed Users. Adding one for my wife (for example) did not show any selectable libraries I could share with her. I ended up blowing away my install, installing with the PlexPass version, and then re-adding users. It’s probably coincidence, but it seemed that when I created libraries in a different order (adding SD quality before HD), things worked. But, it’s very unscientific, and perhaps it was related to the other issues already listed.
Post a Comment