Endpoints disappear after Core reboot

Core Machine (Operating system/System info/Roon build number)

Linux Ubuntu 20.04LTS Roon 1.7 537

Network Details (Including networking gear model/manufacturer and if on WiFi/Ethernet)

Netgear Orbi

Audio Devices (Specify what device you’re using and its connection type - USB/HDMI/etc.)

Lumin D2, Raspberry Pi/ Hifiberry

Description Of Issue

When I reboot my Core, two endpoints do not show up until I powercycle them. This is a new issue, which I have never had before. I have the following ports open in my firewall: 9100:9200/tcp, `9003/udp.

Hi @Charles_Snider,

How is the Hifiberry connected to the network? Is it connected directly to the router or through a switch? Is the Core connected directly to the router or via a switch?

According to your screenshot, I only see the Hifiberry zone appear after the power cycle, what is the other zone impacted by this issue?

The core is connected via ethernet to the Orbi switch. Both the Lumin (wired, same switch) and Hifiberry (wifi) do not “survive” a reboot unless they are power-cycled. I took the 1st screen shot after power-cycling the Lumin. Oddly, the Guest Bedroom Speaker (Google Nest Mini) does survive the reboot.

Hi @Charles_Snider,

Instead of performing reboots of the zones, does unplugging/re-plugging the Ethernet cable for the Lumin get it back as well? Or does it require the full reboot?

Please disable firewall temporarily and check if it’s related.

In the Netgear Orbi, please make sure IGMP Proxy is enabled (uncheck Disable).

Also try shutting down all network devices. Power cycle the Netgear, wait for 5 minutes, then power up everything else.

Unplugging and plugging back in the ethernet did the trick for the Lumin.
Hifiberry still requires a reboot because of Wifi.

I should note that these are all new issues after doing a clean install of Ubuntu 20.04LTS and the latest version of Roon Core (noted above). All other hardware on my network including the Orbi and connected to Roon Core have not changed.

IGMP did not make a difference, and shutting down all network devices seems excessive.

As for the firewall, ports should all be known and documented. Also, by what amounts to be a simple off/on of network connection, I can’t see this being a firewall issue.

The Lumin has been a rock solid device over the past year.

Hi @Charles_Snider,

Can you please reproduce this issue once more, note the exact local time + date you booted up the Core and didn’t see these zones, and then note the time + date you unplugged/re-plugged the Ethernet cable for your Lumin and post a copy of your Roon logs by using these instructions?

6:21am CST reboot Core
6:25am toggle ethernet Lumin

Not sure where to post the log files, but I have them.

Hi @Charles_Snider,

I have followed up via private message.

Hello @Charles_Snider,

We’re unsure what could be causing this issue to occur—we are in agreement that its odd it would occur after the setup was stable for a long period of time. Did this behavior occur in the same timeframe that you upgraded to Ubuntu 20.04?

Looking at the diagnostic logs, we’re unable to detect any issues on Roon’s end of things. We can infer that RoonServer is correctly sending the discovery packets to the operating system’s network stack when it discovers and connects to the “localhost” RAATServer instance seconds after startup. We then see the connection to the HiFiBerry device as well.

I would recommend completely disabling the firewall on your Roon Core temporarily to see if you’re able to reproduce the issue. I would also try to reproduce this issue using a different PC or Mac as your Roon Core.

I’ve scheduled a ticket with the QA team to see if anything has changed with Ubuntu 20.04 that would cause this to occur. Offhand I’m not aware of anything that should have impact here, but we’ll try to replicate your setup to investigate further.


Hi John, thank you for your reply.
This issue did first appear with Ubuntu 20.04 after being very stable for a year (when I first acquired the Lumin). I will disable the firewall next time I reboot, and reply.
However, there should be a definitive list of ports that need to be opened which I could check against.


Even if you refuse to power cycle the whole network, at the absolute minimum you must power cycle the Netgear, Roon Core, and Lumin, after disabling whatever firewall in Ubuntu and Netgear (at least temporarily).

Hi John.
It’s the firewall. If I reboot the Core with the firewall disabled, the Lumin does not disappear. If I reboot with the firewall (ufw, btw) enabled, it disappears until I plug/unplug the Lumin, after which it immediately appears.

Let’s talk firewall ports now… which need to be opened?

Hello @Charles_Snider,

Please see the following threads regarding Ubuntu firewall, this might help:

What would help the most is if Roon published a list of ports used by their software. This is an exact science after all…

RoonAppli 102546 root 32u IPv4 2627247 0t0 TCP> (ESTABLISHED)
RoonAppli 102546 root 54u IPv4 2627275 0t0 TCP> (ESTABLISHED)

RoonAppli 104654 root 31u IPv4 2640684 0t0 TCP> (ESTABLISHED)
RoonAppli 104654 root 61u IPv4 2639259 0t0 TCP> (ESTABLISHED)

As I restart the server, I see one consistent with my Lumin, but the other isn’t.

Hello @Charles_Snider,

We don’t publish a list of ports because Roon uses a few randomized ports, so they are subject to change each time the application starts and more ports may get used as Roon matures.

Instead, we suggest to add an “application” level firewall exception for Roon whenever possible:

1 Like

I never got this to work and Roon don’t seem to know how to fix it. I gave up and just repurposed an old NUC to run Roon Bridge in headless mode. That way I can run a firewall or a VPN on my main PC without worrying about Roon. Some way to go before we get a decent Linux solution I think. (I’m running Xubuntu.)

So the answer for Ubuntu’s UFW is:
ufw allow from <endpoint ip>
I can confirm that with this rule, the Lumin appears after restarting the Core.

OpenSnitch is experimental. Why don’t you publish an application profile for UFW. I perhaps understand randomized ports, but they could be set within a range.


1 Like