Flash Video does not play when going via a Proxy.

book

Article ID: 165749

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

 

Flash Video is being used more and more in the internet  replacing the older stream like RTSP/MMS.  With this it has been noted that a lot of these sites that don't work when a client is going via a Proxy.

The reason for this is that some Flash Video servers have a configuration file that tells the Browser Applet how to communicate with the stream. By default this is port 1935 and a lot of these are coded with the IP Address of the OCS (Web site).

To prove this a simple Packet capture on the PC accessing the site will show if this is the case.

Wireshark filter : http.request or http.response or tcp.port == 1935

Client IP : 10.91.1.79
Blue Coat IP : 10.91.1.210
OCS Site : xx.xx.xx.xx

In this example we see the HTTP Request go via the proxy on port 8080


   1825 2010-02-25 15:36:09.298827 10.91.1.79    10.91.1.210        HTTP            GET http://www.testvideosite.com/demo/vidoefile.flv HTTP/1.1
   1829 2010-02-25 15:36:09.305138 10.91.1.79    10.91.1.210        HTTP            GET http://www.testvideosite.com/vidoefile.flv HTTP/1.1
   1837 2010-02-25 15:36:09.884679 10.91.1.210   10.91.1.79         HTTP/XML        HTTP/1.1 200 OK                                             
   1838 2010-02-25 15:36:09.896081 10.91.1.210   10.91.1.79         HTTP/XML        HTTP/1.1 200 OK                                              
   

In the response from the OCS are the Video details and we then see a direct request over port 1935   


   1839 2010-02-25 15:36:09.961682 10.91.1.79    xx.xx.xx.xx        TCP      2452 > 1935 [SYN] Seq=925511883 Win=65535 Len=0 MSS=1260       
   1844 2010-02-25 15:36:10.122386 xx.xx.xx.xx   10.91.1.79         TCP      1935 > 2452 [SYN, ACK] Seq=3480320864 Ack=925511884 Win=16384 Len=0 MSS=1460
   1845 2010-02-25 15:36:10.122443 10.91.1.79    xx.xx.xx.xx        TCP      2452 > 1935 [ACK] Seq=925511884 Ack=3480320865 Win=65535 Len=0 
   1846 2010-02-25 15:36:10.162967 10.91.1.79    xx.xx.xx.xx        TCP      2452 > 1935 [ACK] Seq=925511884 Ack=3480320865 Win=65535 Len=1260

 

In most cases there is a firewall between the Client PC and the Internet that would block this traffic. So 1st check the access logs on the Firewall for these Denied requests.

The solution here is to allow the IP address / Port through the firewall or contact the hosting company as ask for this to be altered

 

Additional troubleshooting.

If examining a local PC PCAP no connection is made over 1935, 80 or 443 directly to the Hosting Site then check to see if the hostname is resolvable from a DNS query.

If the hostname is not resolvable via DNS then the Flash Player will not attempt to make these connections making troubleshooting that bit harder.

To verify the above issue try adding a host entry (normally found in the http/xml file) into the PC Local host file for the hosting site and IP address. Then repeat the above testing and obtain a PCAP.