The “MultipleNatFound” indication means that either:
You have two or more routers on your local network (e.g an ISP router and another router that you have supplied yourself. Note: some devices supplied by ISPs are called “modems” by the ISP but are actually routers (or modem and router combined).
Or:
Your ISP uses CG-NAT
The two cases are not mutually exclusive. You could have an ISP that uses CG-NAT and two routers on your own network (meaning at least three layers of NAT).
In the first case - two routers on your home network - their are a number of ways forward:
Remove the ISP router from your network. This is likely only possible if you have a router connected to a fibre internet ONT (Optical Network Terminator - a device that converts the optical signal to standard ethernet).
Set the ISP router to ‘bridge mode’ or ‘Modem only mode’. The will prevent the ISP router doing NAT and DHCP and so it will elliminate one layer of NAT.
User explicit port forwarding on both routers (uPnP and natPMP will not work). On the ISP router create a port forwarding rule to forward TCP connections on the ARC port to the WAN side ip address of the second router (presumably the Netgear ORBI). On the second router create a port forwarding rule to forward TCP connections on the ARC port to the ip address of the Roon Server.
Configure the Orbi Router to be ‘access point’ mode. This means that the ORBI router will be used only to provide a WiFi service in the house. It will not perform router functions (NAT, DHCP, firewall etc).
In the second case - your ISP uses CG-NAT, you have two options:
You can contact your ISP and ask if they can provide you with a public ip address that supports port forwarding. Many ISPs charge extra for this. Once you have such a public ip address, you can setup port forwarding on your own router(s).
Note 1: The tailscale solution can always be used and will always work once correctly setup. When Tailscale is used, the Roon ARC settings page will continue to show ‘not ready’ and give diagnostic text indicating the reason why - but this only applies to Port Forwarding which is not necessary with Tailscale. Consequently, this settings page can be ignored.
Note 2: If you are using a Nucleus, a Nucleus Plus or a ROCK installation running RoonOS build 259, Tailscale cannot be installed on the Roon server. In this case it has to be installed on a separate computer (e.g. a Raspberry Pi 4) connected to your router by ethernet. In this case, Tailscale should be configured as a Tailscale Subnet Router. ROCK installations using UEFI boot can be upgraded to RoonOS build 271 which does support Tailscale on the server.
This makes no sense to me since I have made NO changes to my home network or routers in several years. Roon ARc worked perfectly fine for a long time until just recently. Yet i made no network or router or setting changes whatsoever. So why suddenly now? I do have an ISP supplied combined modem/router and installed my own Netgear Orbi, that is true. But like I said this has been the situation for years and ARC always worked fine until just recently. So could it be something else?
Hi David, this could hopefully be something minor. Have you attempted to reboot your Roon Server recently if not can you do so. It may be necessary to reboot your router as well.
It’s not great news when something stable stops working but to add to @Wade_Oram amazing analysis Tailscale is essentially free for personal use and only takes minutes to setup as well. I use it myself.
If your ISP has not migrated you to a CG-NAT setup, then has the ISP installed a firmware update on the ISP supplied router which, as a side effect, either reset it to router mode (if it was in bridge/modem only mode before) or lost any manual port forwarding rule you had established?
I think, of these two scenarios, the first, resetting from bridge or modem only mode to router mode, is the most likely because the use of uPnP on the Orbi router, whilst correctly setting up port forwarding, triggers a connectivity check which is somewhat simplistic and does not work with a two router setup and thus continues to report MultipleNatFound even if the port forwarding setup might actually work. By contrast, if your ISP router was previously configured for bridge mode or modem only mode, then the Roon Server would have been able to correctly configure (VIA uPnP) and test the port forwarding rule.