ARC and cascading routers

H_R · March 17, 2024, 9:35pm

Roon Server Machine

QNAP TS-673, QTS 5.1.5.2679, AMD RX421ND, 20 GB
Roon server 2.0 (build 1382) production

Networking Gear & Setup Details

Who is your internet service provider?
Telekom Germany
Please list the make and model of your modem and router?
Fritz!Box 7510
Do you have any additional network hardware, like additional routers or managed switches?
Fritz!Box 7530
Does your network have any VPNs, proxy servers, or enterprise-grade security?
Not that I know…

Connected Audio Devices

Simaudio Moon ACE, two Macs

Description of Issue -

What is the exact port forwarding error message you see in the Roon Settings → ARC tab?

I use two FB, because I need to separate two LAN (ours and one for our tenant - that will eventually be a third FB). Thus the 7510 is the first (on the “outside”) and the 7530 is providing our LAN and WLAN, which is working fine. Both work as routers in their IP-Range respectively.
On the 7510 (xxx.xxx.aaa.zz) I installed a static route to the IP of the 7530 and (xxx.xxx.bbb.0) and forward the port ARC uses (as shown in the Roon settings) to the 7530.
On the 7530 I installed a static route to xxx.xxx.aaa.0 and forward the ARC port to the NAS.

The ARC test gives me: Roon ARC was unable to securely access your Roon server.
{
“ipv4_connectivity”: {“status”:“NetworkError”,“status_code”:504,“error”:“error: Error: ETIMEDOUT, response code: undefined, body: undefined connected? undefined”},
“external_ip”: {“actual_external_ip”:“91.aaa.bbb.ccc”,“actual_external_ipv6”:“null”,“router_external_ip”:“null”},
“natpmp_autoconfig”: {“status”:“NotFound”},
“upnp_autoconfig”: {“server_ip”:“xxx.xxx.bbb.1”,“found_upnp”:true,“error”:“<?xml version=\"1.0\"?>\n<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/\” s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/\“>\n<s:Body>\n<s:Fault>\ns:Client\nUPnPError\n\n<UPnPError xmlns="urn:schemas-upnp-org:control-1-0">\n403\nNot available Action\n\n\n</s:Fault>\n</s:Body>\n</s:Envelope>”}
}
(I deleted the actual server_ip here, which is correct - sorry, I’m unsure how important that information is…)

However, I can use ARC on my iPhone without problems as long I am in the xxx.xxx.bbb.0-WLAN. When I am outside the WLAN it sometimes works, more often not…

What am I missing here? Can I get this up and running securely? Any help would be greatly appreciated!
Hatto

Robert_F · March 18, 2024, 12:02am

@H_R, with the two routers, you are running multiple networks (multiple subnets) in your home based on your description. Roon requires all Roon devices (Server, endpoints, etc.) to be on the same subnet.

Typically (and identical what I configure using AT&T here in the US) is to create a port forward rule from the LAN IP address of the 7510 Level 1 router to the LAN IP address of the 7530 Level 2 router and not a static route (but I’m not sure exactly how to configure the FB routers). Then, as I believe you have stated, create a second port forward rule from the 7530 to the IP address of the Roon Server NAS, with both port rules using the port number shown in Roon’s Settings → Roon ARC.

Does this make sense? Also, UPnP should be deactivated on both routers.

H_R · March 18, 2024, 7:16am

Thank you for your reply, which I greatly appreciate. I realised that I had a static route only from 7510 to 7530 - as the inner subnet should see the outer, from what I understand.
Deactivating that route didn’t change anything, but when I deactivate uPnP on both routers the ARC test result changes to:
{
“ipv4_connectivity”: {“status”:“NetworkError”,“status_code”:504,“error”:“error: Error: ETIMEDOUT, response code: undefined, body: undefined connected? undefined”},
“external_ip”: {“actual_external_ip”:“91.aaa.bbb.ccc”,“actual_external_ipv6”:“null”,“router_external_ip”:“null”},
“natpmp_autoconfig”: {“status”:“NotFound”},
“upnp_autoconfig”: {“status”:“NotFound”}
}
ARC on my iPhone works in the 7530 WLAN, not on the 7510 WLAN or on on mobile network (bad connection)

UPnP only on the 7530 gives:
{
“ipv4_connectivity”: {“status”:“NetworkError”,“status_code”:504,“error”:“error: Error: ETIMEDOUT, response code: undefined, body: undefined connected? undefined”},
“external_ip”: {“actual_external_ip”:“91.aaa.bbb.ccc”,“actual_external_ipv6”:“null”,“router_external_ip”:“null”},
“natpmp_autoconfig”: {“status”:“NotFound”},
“upnp_autoconfig”: {“server_ip”:“xxx.xxx.bbb.1”,“found_upnp”:true,“error”:“<?xml version=\"1.0\"?>\n<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/\” s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/\“>\n<s:Body>\n<s:Fault>\ns:Client\nUPnPError\n\n<UPnPError xmlns="urn:schemas-upnp-org:control-1-0">\n403\nNot available Action\n\n\n</s:Fault>\n</s:Body>\n</s:Envelope>”}
}
ARC on my iPhone works in the 7530 WLAN, not on the 7510 WLAN or on on mobile network (bad connection)

UPnP only on the 7510 results
{
“ipv4_connectivity”: {“status”:“NetworkError”,“status_code”:504,“error”:“error: Error: ETIMEDOUT, response code: undefined, body: undefined connected? undefined”},
“external_ip”: {“actual_external_ip”:“91.aaa.bbb.ccc”,“actual_external_ipv6”:“null”,“router_external_ip”:“null”},
“natpmp_autoconfig”: {“status”:“NotFound”},
“upnp_autoconfig”: {“status”:“NotFound”}
}
ARC on my iPhone works in the 7530 WLAN, not on the 7510 WLAN or on on mobile network (bad connection)

Any ideas?

connor · March 18, 2024, 4:43pm

Hi @H_R,

You’ll need to 1) deactivate UPnP in both routers and 2) create an identical TCP port forwarding rule in both routers (called “port sharing” sometimes in the Fritz!Box admin).

This rule should match the IP address and port number listed in Roon Settings → ARC. The rule should be the same in both routers.

This will instruct both routers to keep the port open for RoonServer.

Please note that many providers issuing Fritz!Box units have instituted CG-NAT. This includes Vodafone and Deutsche Telekom, based on the experience of users on this forum.

H_R · March 18, 2024, 6:16pm

Hi Connor,
thank you very much for offering your assistance. The problem is, the 7510 won’t let me set a port forwarding rule to an IP which is not in the same subnet… When I reactivate the static route from the 7510 to the 7530, then the failure description changes to “this IP-address is already used by another device”…

Somehow I now could actually set a port forwarding rule in the 7510 directly to the NAS - it showed up under “unused devices”, but that didn’t work out:
{
“ipv4_connectivity”: {“status”:“NetworkError”,“status_code”:504,“error”:“error: Error: ETIMEDOUT, response code: undefined, body: undefined connected? undefined”},
“external_ip”: {“actual_external_ip”:“91.aaa.bbb.ccc”,“actual_external_ipv6”:“null”,“router_external_ip”:“null”},
“natpmp_autoconfig”: {“status”:“NotFound”},
“upnp_autoconfig”: {“status”:“NotFound”}
}

connor · March 19, 2024, 10:59pm

Hi @H_R,

Ah - so, you’ve effectively Bridged a router, but you’re still seeing a timeout on the request return through the open port.

This is very likely a layer of CG-NAT imposed by Deutsche Telekom. I recommend you reach out to your provider and inquire if they have dedicated external IPv4 addresses available; they’ll likely clarify whether they have CG-NAT imposed.

system · March 25, 2024, 7:41pm

This topic was automatically closed 36 hours after the last reply. New replies are no longer allowed.