Arch Linux Core has remote connectivity issues

First, loving ROON - the database brain is nonpareil. It’s like beets music organizer but automated and without any input.

I too am experiencing intermittent connectivity issues w/ roon remote and the server. I experienced the problem with an android galaxy s4 as well as with an iPhone (X os11.1). It will work well for several hours of use, then out of the blue it will be reluctant to connect.

My server runs Linux 4.13.9-1-ARCH x86_64 GNU/Linux on a Zotac MI547 nano. I run roonserver as a different user (leery on running things as root), but that user’s permissions are set up properly.

I run iptables, but the problem persists with it active or not. To be sure I ran a:
netstat -tulpn | grep -i raat
and
netstat -tulpn | grep -i roon

I noticed that the listen ports change sometimes, but here is the output from one call:

tcp 0 0 127.0.0.1:9004 0.0.0.0:* LISTEN 30341/RAATServer
tcp 0 0 0.0.0.0:43473 0.0.0.0:* LISTEN 30341/RAATServer
tcp 0 0 0.0.0.0:37945 0.0.0.0:* LISTEN 30341/RAATServer
tcp 0 0 0.0.0.0:39749 0.0.0.0:* LISTEN 30341/RAATServer
udp 0 0 0.0.0.0:54344 0.0.0.0:* 30341/RAATServer
udp 0 0 0.0.0.0:9003 0.0.0.0:* 30341/RAATServer
udp 0 0 0.0.0.0:9003 0.0.0.0:* 30341/RAATServer
udp 0 0 0.0.0.0:9003 0.0.0.0:* 30341/RAATServer
udp 0 0 0.0.0.0:58872 0.0.0.0:* 30341/RAATServer
udp 0 0 0.0.0.0:59202 0.0.0.0:* 30341/RAATServer
udp 0 0 0.0.0.0:51458 0.0.0.0:* 30341/RAATServer

tcp 0 0 0.0.0.0:9100 0.0.0.0:* LISTEN 30297/RoonAppliance
tcp 0 0 0.0.0.0:9101 0.0.0.0:* LISTEN 30297/RoonAppliance
tcp 0 0 0.0.0.0:9150 0.0.0.0:* LISTEN 30297/RoonAppliance
tcp 0 0 127.0.0.1:43685 0.0.0.0:* LISTEN 30286/RoonServer
udp 0 0 0.0.0.0:36548 0.0.0.0:* 30297/RoonAppliance
udp 0 0 0.0.0.0:36882 0.0.0.0:* 30297/RoonAppliance
udp 0 0 0.0.0.0:54004 0.0.0.0:* 30297/RoonAppliance
udp 0 0 0.0.0.0:5353 0.0.0.0:* 30297/RoonAppliance
udp 0 0 0.0.0.0:56244 0.0.0.0:* 30297/RoonAppliance
udp 0 0 0.0.0.0:9001 0.0.0.0:* 30297/RoonAppliance
udp 0 0 0.0.0.0:9003 0.0.0.0:* 30297/RoonAppliance
udp 0 0 0.0.0.0:9003 0.0.0.0:* 30297/RoonAppliance
udp 0 0 0.0.0.0:42160 0.0.0.0:* 30297/RoonAppliance
udp 0 0 0.0.0.0:45454 0.0.0.0:* 30297/RoonAppliance
udp 0 0 0.0.0.0:49087 0.0.0.0:* 30297/RoonAppliance
udp 0 0 0.0.0.0:33072 0.0.0.0:* 30297/RoonAppliance
udp 0 0 0.0.0.0:49809 0.0.0.0:* 30297/RoonAppliance
udp 0 0 0.0.0.0:1900 0.0.0.0:* 30297/RoonAppliance
udp 0 0 0.0.0.0:34705 0.0.0.0:* 30297/RoonAppliance

I assume I should only be concerned with those that say ‘LISTEN’.
Currently I have these rules in iptables:
-A INPUT -i bond0 -p tcp -m multiport --dports 9100:9200 -j ACCEPT
-A INPUT -i bond0 -p tcp -m multiport --dports 30000:45000 -j ACCEPT
-A INPUT -i bond0 -p udp -m udp --dport 9003 -j ACCEPT
-A INPUT -i bond0 -p udp -m udp --dport 9001 -j ACCEPT
-A INPUT -i bond0 -p tcp -m tcp --dport 51283 -j ACCEPT
-A INPUT -i bond0 -p tcp -m tcp --dport 51317 -j ACCEPT
-A INPUT -i bond0 -p tcp -m tcp --dport 59211 -j ACCEPT
-A INPUT -i bond0 -p udp -m udp --dport 9004 -j ACCEPT

Is there any way I can force roon to use the same ports so that I can minimize how many ports I have open and be sure what is needed is open? What does the remote use, RPC?

The only solution to the remote connection issue is to SSH into my server and restart roonserver. This is annoying because when roonserver is restarted, my roonbridges don’t automatically reconnect. I have to use a script such as this to make them all visible again:

#!/bin/bash

NUMCLIENT=$(cat /etc/hosts | grep “^192.168.1.” | grep “roon” | wc -l)
CLIENTS=$(cat /etc/hosts | grep “^192.168.1.” | grep “roon” | awk ‘{ print $2 }’)

#echo $CLIENTS
CLIENT=1

for i in $CLIENTS; do
CHOSTNAME=$(cat /etc/hosts | grep “^192.168.1.” /etc/hosts | grep “roon” | awk ‘{ print $2 }’ | sed -n “${CLIENT}p”)
CUSERNAME=$(cat /etc/hosts | grep “^192.168.1.” /etc/hosts | grep “roon” | awk ‘{ print $3 }’ | sed -n “${CLIENT}p” | sed ‘s/#user_//’)

ping -c1 -w1 $CHOSTNAME > /dev/null

if [ “$?” -eq “0” ]; then
echo “$CHOSTNAME is up, restarting roonbridge”
sudo -u SSHUSER ssh -t ${CUSERNAME}@${CHOSTNAME} “sudo systemctl restart roonbridge” > /dev/null 2>&1
else
echo “$CHOSTNAME is down”
fi

let CLIENT=$CLIENT+1
done

This requires some finagling of the sudoers file on the client to only allow that one command and a pubkey ssh authentication without a password.

I’d love for my roon use to be more fluid and require less finagling!

Edit: Because the Zotac has 2 ethernet interfaces I bond them for load balancing, but this shouldn’t cause any port issues.

1 Like

The ports we use are dynamic, and can change based on a number of factors, including what’s available or not on your machine.

My advice here is make sure your firewall isn’t sitting between the various Roon components, or to do all your filtering at the application level.

Let us know if you’re still stuck here and can take another look, ok? Thanks!

3 Likes

Hi Mike,

Thanks for tips and quick response! I decided to cut my rules to these:
-A INPUT -i bond0 -p tcp -m tcp --dport 9100 -j ACCEPT
-A INPUT -i bond0 -p tcp -m tcp --dport 9101 -j ACCEPT
-A INPUT -i bond0 -p udp -m udp --dport 9003 -j ACCEPT
-A INPUT -i bond0 -p udp -m udp --dport 9001 -j ACCEPT

and so far the connection issue hasn’t popped up again. I have a MoCa extender with different wifi SSID’s and I think that may have been causing the issues.

Edit: things working swimmingly! Also helps sometimes to restart the app (previously didn’t know how to do this on iPhone X: swipe up for app switch, tap and hold on app, swipe on on app to force close)