How I got Roon working over OpenVPN (hard for me, easy for you)

Tinkering
222

Would be great if there was a version of ARC for Roon bridge on raspberry.

2 Likes
223

@vlad_k If that is a desire of yours, I strongly suggest you bring that up in another thread where support or the devs will see it. AFAIK, nobody from Roon reads this thread.

224

Hi Aaron,

I was hoping you could help me get this working. I have the latest version of roon server running under ubtunu 20.04 on the LAN at 10.10.10.27. I am using a Untangle / Arista Version 16 firewall router with Open VPN configured and working without issues. I installed udp-proxy-2020 Version 0.0.11 without issue on the firewall that is based on Debian 10. When I start upd-proxy-2020 on the router and bring up roon on the connected client over vpn – it never finds the server. Below I have included a debug log, the client vpn connection, and the ifconfig from the router. Any advice regarding debugging or what I am doing wrong would be greatly appreciated. Thank you for all your work on this.

[root @ untangle] ~ # udp-proxy-2020 --port 9003 --interface tun0,br.lxc --cache-ttl 300 --level=“debug” --logfile=“log3”
^C
[root @ untangle] ~ # cat log3
level=debug msg=“tun0: ifIndex: 18”
level=debug msg=“Listen: (main.Listen) {\n iname: (string) (len=4) "tun0",\n netif: (*net.Interface)(0xc00005aa40)({\n Index: (int) 18,\n MTU: (int) 1500,\n Name: (string) (len=4) "tun0",\n HardwareAddr: (net.HardwareAddr) ,\n Flags: (net.Flags) up|pointtopoint|multicast\n }),\n ports: ([]int32) (len=1 cap=1) {\n (int32) 9003\n },\n ipaddr: (string) "",\n promisc: (bool) true,\n handle: (*pcap.Handle)(),\n writer: (*pcapgo.Writer)(),\n inwriter: (*pcapgo.Writer)(),\n outwriter: (*pcapgo.Writer)(),\n timeout: (time.Duration) 250ms,\n clientTTL: (time.Duration) 0s,\n sendpkt: (chan main.Send) (cap=100) 0xc00005c7e0,\n clients: (map[string]time.Time) {\n }\n}\n”
level=debug msg=“br.lxc: ifIndex: 15”
level=debug msg=“br.lxc network: ip+net\t\tstring: 192.0.2.1/30”
level=debug msg=“br.lxc network: ip+net\t\tstring: fe80::d850:bff:fea0:dcac/64”
level=debug msg=“Listen: (main.Listen) {\n iname: (string) (len=6) "br.lxc",\n netif: (*net.Interface)(0xc00005b2c0)({\n Index: (int) 15,\n MTU: (int) 1500,\n Name: (string) (len=6) "br.lxc",\n HardwareAddr: (net.HardwareAddr) (len=6 cap=3580) da:50:0b:a0:dc:ac,\n Flags: (net.Flags) up|broadcast|multicast\n }),\n ports: ([]int32) (len=1 cap=1) {\n (int32) 9003\n },\n ipaddr: (string) (len=9) "192.0.2.3",\n promisc: (bool) false,\n handle: (*pcap.Handle)(),\n writer: (*pcapgo.Writer)(),\n inwriter: (*pcapgo.Writer)(),\n outwriter: (*pcapgo.Writer)(),\n timeout: (time.Duration) 250ms,\n clientTTL: (time.Duration) 0s,\n sendpkt: (chan main.Send) (cap=100) 0xc00005c8a0,\n clients: (map[string]time.Time) {\n }\n}\n”
level=debug msg=“tun0: applying BPF Filter: (udp port 9003) and (src net 172.16.0.1/32)”
level=debug msg=“Opened pcap handle on tun0”
level=debug msg=“br.lxc: applying BPF Filter: (udp port 9003) and (src net 192.0.2.0/30)”
level=debug msg=“Opened pcap handle on br.lxc”
level=debug msg=“Initialization complete!”
level=debug msg=“handlePackets(tun0) ticker”
level=debug msg=“handlePackets(br.lxc) ticker”
level=debug msg=“handlePackets(tun0) ticker”
level=debug msg=“handlePackets(br.lxc) ticker”
level=debug msg=“handlePackets(br.lxc) ticker”
level=debug msg=“handlePackets(tun0) ticker”
level=debug msg=“handlePackets(tun0) ticker”
level=debug msg=“handlePackets(br.lxc) ticker”
level=debug msg=“handlePackets(tun0) ticker”
level=debug msg=“handlePackets(br.lxc) ticker”
level=debug msg=“handlePackets(br.lxc) ticker”
level=debug msg=“handlePackets(tun0) ticker”
level=debug msg=“handlePackets(tun0) ticker”
level=debug msg=“handlePackets(br.lxc) ticker”
level=debug msg=“handlePackets(tun0) ticker”
level=debug msg=“handlePackets(br.lxc) ticker”

client
resolv-retry 20
keepalive 2 10
nobind
mute-replay-warnings
remote-cert-tls server
compress
verb 1
persist-key
persist-tun
explicit-exit-notify 1
dev tun
auth-user-pass
proto udp
port 1194
cipher AES-128-CBC
remote untangle.rmarlan.net 1194 # public address

[root @ untangle] ~ # ifconfig
br.lxc: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.0.2.1 netmask 255.255.255.252 broadcast 192.0.2.3
inet6 fe80::d850:bff:fea0:dcac prefixlen 64 scopeid 0x20
ether da:50:0b:a0:dc:ac txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 16 bytes 1216 (1.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

eth0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether 7c:5a:1c:72:41:bd txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device memory 0xdc900000-dc91ffff

eth1: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether 7c:5a:1c:72:41:be txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device memory 0xdc800000-dc81ffff

eth2: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether 7c:5a:1c:72:41:bf txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device memory 0xdc700000-dc71ffff

eth3: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether 7c:5a:1c:72:41:c0 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device memory 0xdc600000-dc61ffff

eth4: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether 7c:5a:1c:72:41:c1 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device memory 0xdc200000-dc2fffff

eth5: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.10.10.1 netmask 255.255.255.0 broadcast 10.10.10.255
ether 7c:5a:1c:72:41:b9 txqueuelen 1000 (Ethernet)
RX packets 308895 bytes 71464968 (68.1 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 611759 bytes 752377944 (717.5 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

eth6: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 73.19.96.202 netmask 255.255.252.0 broadcast 255.255.255.255
ether 7c:5a:1c:72:41:ba txqueuelen 1000 (Ethernet)
RX packets 640730 bytes 755368804 (720.3 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 312124 bytes 80659985 (76.9 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

eth7: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 7c:5a:1c:72:41:bb txqueuelen 1000 (Ethernet)
RX packets 94 bytes 32669 (31.9 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1105 bytes 165179 (161.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

eth8: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether 7c:5a:1c:72:41:bc txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 1000 (Local Loopback)
RX packets 85641 bytes 38633052 (36.8 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 85641 bytes 38633052 (36.8 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 172.16.0.1 netmask 255.255.255.255 destination 172.16.0.2
inet6 fe80::8f53:5ac0:7596:71fc prefixlen 64 scopeid 0x20
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC)
RX packets 3635 bytes 265265 (259.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3275 bytes 533004 (520.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

utun: flags=67<UP,BROADCAST,RUNNING> mtu 1500
inet 192.0.2.200 netmask 255.255.255.252 broadcast 192.0.2.203
inet6 fe80::e8e5:5dff:feee:78c3 prefixlen 64 scopeid 0x20
ether ea:e5:5d:ee:78:c3 txqueuelen 1000 (Ethernet)
RX packets 2946 bytes 224708 (219.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

[root @ untangle] ~ #

225

You say Roon is running on 10.10.10.27, but you specified br.lxc as the non-tunnel interface to forward traffic between OpenVPN on tun0. Based on the info you provided, you should use eth5?

226

Hi Aaron-

I changed it to eth5 but when I start the Roon client from the vpn side it never finds the Roon core? The logs are below. Anything I can try to help debug? Thank you.

[root @ untangle] ~ # udp-proxy-2020 --port 9003 --interface tun0,eth5 --cache-ttl 300 --level=“debug” --logfile=“log5”

[root @ untangle] ~ # cat log5

level=debug msg=“tun0: ifIndex: 13”

level=debug msg=“Listen: (main.Listen) {\n iname: (string) (len=4) "tun0",\n netif: (*net.Interface)(0xc00005aa40)({\n Index: (int) 13,\n MTU: (int) 1500,\n Name: (string) (len=4) "tun0",\n HardwareAddr: (net.HardwareAddr) ,\n Flags: (net.Flags) up|pointtopoint|multicast\n }),\n ports: ([]int32) (len=1 cap=1) {\n (int32) 9003\n },\n ipaddr: (string) "",\n promisc: (bool) true,\n handle: (*pcap.Handle)(),\n writer: (*pcapgo.Writer)(),\n inwriter: (*pcapgo.Writer)(),\n outwriter: (*pcapgo.Writer)(),\n timeout: (time.Duration) 250ms,\n clientTTL: (time.Duration) 0s,\n sendpkt: (chan main.Send) (cap=100) 0xc00005c7e0,\n clients: (map[string]time.Time) {\n }\n}\n”

level=debug msg=“eth5: ifIndex: 7”

level=debug msg=“eth5 network: ip+net\t\tstring: 10.10.10.1/24”

level=debug msg=“Listen: (main.Listen) {\n iname: (string) (len=4) "eth5",\n netif: (*net.Interface)(0xc00005b2c0)({\n Index: (int) 7,\n MTU: (int) 1500,\n Name: (string) (len=4) "eth5",\n HardwareAddr: (net.HardwareAddr) (len=6 cap=10256) 7c:5a:1c:72:41:b9,\n Flags: (net.Flags) up|broadcast|multicast\n }),\n ports: ([]int32) (len=1 cap=1) {\n (int32) 9003\n },\n ipaddr: (string) (len=12) "10.10.10.255",\n promisc: (bool) false,\n handle: (*pcap.Handle)(),\n writer: (*pcapgo.Writer)(),\n inwriter: (*pcapgo.Writer)(),\n outwriter: (*pcapgo.Writer)(),\n timeout: (time.Duration) 250ms,\n clientTTL: (time.Duration) 0s,\n sendpkt: (chan main.Send) (cap=100) 0xc00005c8a0,\n clients: (map[string]time.Time) {\n }\n}\n”

level=debug msg=“tun0: applying BPF Filter: (udp port 9003) and (src net 172.16.0.1/32)”

level=debug msg=“Opened pcap handle on tun0”

level=debug msg=“eth5: applying BPF Filter: (udp port 9003) and (src net 10.10.10.0/24)”

level=debug msg=“Opened pcap handle on eth5”

level=debug msg=“Initialization complete!”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“eth5: received packet and fowarding onto other interfaces”

level=debug msg=“tun0: sending out because we’re not eth5”

level=debug msg=“eth5: received packet and fowarding onto other interfaces”

level=debug msg=“tun0: sending out because we’re not eth5”

level=debug msg=“processing packet from eth5 on tun0”

level=debug msg=“tun0: Unable to send packet; no discovered clients”

level=debug msg=“processing packet from eth5 on tun0”

level=debug msg=“tun0: Unable to send packet; no discovered clients”

level=debug msg=“eth5: received packet and fowarding onto other interfaces”

level=debug msg=“tun0: sending out because we’re not eth5”

level=debug msg=“eth5: received packet and fowarding onto other interfaces”

level=debug msg=“tun0: sending out because we’re not eth5”

level=debug msg=“eth5: received packet and fowarding onto other interfaces”

level=debug msg=“tun0: sending out because we’re not eth5”

level=debug msg=“eth5: received packet and fowarding onto other interfaces”

level=debug msg=“tun0: sending out because we’re not eth5”

level=debug msg=“processing packet from eth5 on tun0”

level=debug msg=“tun0: Unable to send packet; no discovered clients”

level=debug msg=“processing packet from eth5 on tun0”

level=debug msg=“tun0: Unable to send packet; no discovered clients”

level=debug msg=“processing packet from eth5 on tun0”

level=debug msg=“tun0: Unable to send packet; no discovered clients”

level=debug msg=“processing packet from eth5 on tun0”

level=debug msg=“tun0: Unable to send packet; no discovered clients”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“eth5: received packet and fowarding onto other interfaces”

level=debug msg=“tun0: sending out because we’re not eth5”

level=debug msg=“eth5: received packet and fowarding onto other interfaces”

level=debug msg=“tun0: sending out because we’re not eth5”

level=debug msg=“eth5: received packet and fowarding onto other interfaces”

level=debug msg=“tun0: sending out because we’re not eth5”

level=debug msg=“processing packet from eth5 on tun0”

level=debug msg=“tun0: Unable to send packet; no discovered clients”

level=debug msg=“processing packet from eth5 on tun0”

level=debug msg=“tun0: Unable to send packet; no discovered clients”

level=debug msg=“processing packet from eth5 on tun0”

level=debug msg=“tun0: Unable to send packet; no discovered clients”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(eth5) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(tun0) ticker”

level=debug msg=“handlePackets(eth5) ticker”

227

based on the logs, the OpenVPN client isn’t able to send traffic across the VPN for udp-proxy-2020 to see. The result is that it is not discovered and packets aren’t forwarded. Could be an OpenVPN or firewall issue.

228

In looking at the logs I could not tell if the Open VPN client could not pass traffic across the tunnel or if the udp-proxy-2020 could not pass traffic to the client through the tunnel? Is the issue just going from the client across tunnel? I am not sure why it can pass all other regular traffic through the tunnel without issue? Does anyone have a sample openVPN client/server config files that could be shared? Thanks!

229

I don’t share OpenVPN or other VPN configs because every network and use case is different.

All I can say is there is no indication of the VPN client sending udp/9003 traffic over the tunnel. That is why you see the message:

level=debug msg=“tun0: Unable to send packet; no discovered clients”

Are you running the VPN client on the same devices as the Roon app? If not, that would explain your problem.

230

I started from the ground up trying to get this to work.

Setup - OpenVPN and upd-proxy-2020 on 10.10.10.27 - ubtunu 20.04
Roon Server - on 10.10.10.157 - ubuntu 20.04

After starting upd-proxy-2020 and OpenVPN on both ends - the Roon client is able to find the server, but it can not find any of the local client audio devices. The client does see the audio devices on the Server LAN side. Below are the logs. I am so close - but it is still not working. Any help would be appreciated!

rsm@roon:~/udp-proxy$ ifconfig
ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.10.10.27 netmask 255.255.255.0 broadcast 10.10.10.255
inet6 fe80::20c:29ff:fe1b:122b prefixlen 64 scopeid 0x20
inet6 fd3c:da1e:9c0d:4409:20c:29ff:fe1b:122b prefixlen 64 scopeid 0x0
ether 00:0c:29:1b:12:2b txqueuelen 1000 (Ethernet)
RX packets 15965091 bytes 10553148690 (10.5 GB)
RX errors 0 dropped 298487 overruns 0 frame 0
TX packets 11394942 bytes 4198189106 (4.1 GB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 1000 (Local Loopback)
RX packets 1991094 bytes 116298442 (116.2 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1991094 bytes 116298442 (116.2 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

tailscale0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1280
inet 100.67.115.28 netmask 255.255.255.255 destination 100.67.115.28
inet6 fd7a:115c:a1e0:ab12:4843:cd96:6243:731c prefixlen 128 scopeid 0x0
inet6 fe80::955d:ca10:b39b:6d95 prefixlen 64 scopeid 0x20
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC)
RX packets 4681 bytes 320018 (320.0 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 133623 bytes 11169229 (11.1 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.8.0.1 netmask 255.255.255.0 destination 10.8.0.1
inet6 fe80::4273:bc22:ae53:5e16 prefixlen 64 scopeid 0x20
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC)
RX packets 300445 bytes 19157951 (19.1 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 770768 bytes 993965639 (993.9 MB)
TX errors 0 dropped 197 overruns 0 carrier 0 collisions 0

rsm@roon:~/udp-proxy$ sudo ./udp-proxy-2020 --port 9003 --interface tun0,ens160 --cache-ttl 300 --level=debug
DEBUG tun0: ifIndex: 5
DEBUG Listen: (main.Listen) {
iname: (string) (len=4) “tun0”,
netif: (*net.Interface)(0xc000172540)({
Index: (int) 5,
MTU: (int) 1500,
Name: (string) (len=4) “tun0”,
HardwareAddr: (net.HardwareAddr) ,
Flags: (net.Flags) up|pointtopoint|multicast
}),
ports: ([]int32) (len=1 cap=1) {
(int32) 9003
},
ipaddr: (string) “”,
promisc: (bool) true,
handle: (*pcap.Handle)(),
writer: (*pcapgo.Writer)(),
inwriter: (*pcapgo.Writer)(),
outwriter: (*pcapgo.Writer)(),
timeout: (time.Duration) 250ms,
clientTTL: (time.Duration) 0s,
sendpkt: (chan main.Send) (cap=100) 0xc0000b46c0,
clients: (map[string]time.Time) {
}
}
DEBUG ens160: ifIndex: 2
DEBUG ens160 network: ip+net string: 10.10.10.27/24
DEBUG ens160 network: ip+net string: fd3c:da1e:9c0d:4409:20c:29ff:fe1b:122b/64
DEBUG ens160 network: ip+net string: fe80::20c:29ff:fe1b:122b/64
DEBUG Listen: (main.Listen) {
iname: (string) (len=6) “ens160”,
netif: (*net.Interface)(0xc000172940)({
Index: (int) 2,
MTU: (int) 1500,
Name: (string) (len=6) “ens160”,
HardwareAddr: (net.HardwareAddr) (len=6 cap=5240) 00:0c:29:1b:12:2b,
Flags: (net.Flags) up|broadcast|multicast
}),
ports: ([]int32) (len=1 cap=1) {
(int32) 9003
},
ipaddr: (string) (len=12) “10.10.10.255”,
promisc: (bool) false,
handle: (*pcap.Handle)(),
writer: (*pcapgo.Writer)(),
inwriter: (*pcapgo.Writer)(),
outwriter: (*pcapgo.Writer)(),
timeout: (time.Duration) 250ms,
clientTTL: (time.Duration) 0s,
sendpkt: (chan main.Send) (cap=100) 0xc0000b4780,
clients: (map[string]time.Time) {
}
}
DEBUG tun0: applying BPF Filter: (udp port 9003) and (src net 10.8.0.0/24)
DEBUG Opened pcap handle on tun0
DEBUG ens160: applying BPF Filter: (udp port 9003) and (src net 10.10.10.0/24)
DEBUG Opened pcap handle on ens160
DEBUG Initialization complete!
DEBUG handlePackets(ens160) ticker
DEBUG handlePackets(tun0) ticker
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 140
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 305
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 140
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 140
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 140
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 140
DEBUG ens160: received packet and fowarding onto other interfaces
DEBUG tun0: sending out because we’re not ens160
DEBUG ens160: received packet and fowarding onto other interfaces
DEBUG tun0: sending out because we’re not ens160
DEBUG ens160: received packet and fowarding onto other interfaces
DEBUG tun0: sending out because we’re not ens160
DEBUG processing packet from ens160 on tun0
DEBUG ens160: received packet and fowarding onto other interfaces
DEBUG tun0: sending out because we’re not ens160
DEBUG tun0 => 10.8.0.2: packet len: 126
DEBUG processing packet from ens160 on tun0
DEBUG tun0 => 10.8.0.2: packet len: 126
DEBUG processing packet from ens160 on tun0
DEBUG tun0 => 10.8.0.2: packet len: 126
DEBUG processing packet from ens160 on tun0
DEBUG tun0 => 10.8.0.2: packet len: 126
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 517
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 517
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 517
DEBUG ens160: received packet and fowarding onto other interfaces
DEBUG tun0: sending out because we’re not ens160
DEBUG ens160: received packet and fowarding onto other interfaces
DEBUG tun0: sending out because we’re not ens160
DEBUG processing packet from ens160 on tun0
DEBUG tun0 => 10.8.0.2: packet len: 523
DEBUG processing packet from ens160 on tun0
DEBUG tun0 => 10.8.0.2: packet len: 523
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 517
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 517
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 517
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 140
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 140
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 140
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG processing packet from tun0 on ens160
DEBUG ens160: sending out because we’re not tun0
DEBUG ens160 => 10.10.10.255: packet len: 380
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 380
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 380
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 380
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 380
DEBUG handlePackets(tun0) ticker
DEBUG handlePackets(ens160) ticker
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 140
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 140
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 140
DEBUG handlePackets(tun0) ticker
DEBUG handlePackets(ens160) ticker
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG tun0: Learned client IP: 10.8.0.2
DEBUG tun0: received packet and fowarding onto other interfaces
DEBUG ens160: sending out because we’re not tun0
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 380
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 380
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 380
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 380
DEBUG processing packet from tun0 on ens160
DEBUG ens160 => 10.10.10.255: packet len: 380
DEBUG handlePackets(tun0) ticker
DEBUG handlePackets(ens160) ticker
DEBUG handlePackets(tun0) ticker
DEBUG handlePackets(ens160) ticker
DEBUG handlePackets(ens160) ticker
DEBUG handlePackets(tun0) ticker
DEBUG handlePackets(ens160) ticker
DEBUG handlePackets(tun0) ticker
DEBUG handlePackets(tun0) ticker
DEBUG handlePackets(ens160) ticker
^C
rsm@roon:~/udp-proxy$

231

“After starting upd-proxy-2020 and OpenVPN on both ends” ??? Is this a site-to-site VPN?

Anyways, from the logs you provided, things look correct: udp-proxy-2020 is passing traffic in both directions on that node. If this is a site-to-site VPN then we’d need to look at the other host running OpenVPN/udp-proxy-2020.

That said, I’ve seen the behavior you describe with not being able to see the local audio output and as best as I can guess it is a bug in the Roon client. For me at least, it always goes away if I fully quit the app (not background it) and restart. Make sure the VPN is already running when you restart.

On iOS “fully quit” means doing a 1/3 swipe from the bottom of the screen until you see the “cards” for each of the apps and finding the Roon app and swiping up on it so it no longer is listed as a card.

232

Did not mean to confuse this is not a site to site VPN. I meant that the VPN server was running and then I brought up the VPN client. I have tried both the ios and mac roon client and both do the same thing. They come up fine - can find roon server - but can not see local audio. I have made sure to bring them up after the VPN has been brought up. Aside from forwarding the vpn port through the firewall - are there any other ports (?udp or tcp) that need to be opened in the firewall? Is there anything special about the OpenVPN config (split-tunnel enabled / not enabled). Is there anything else I can log or do to get his working? I am so close. ARC works fine, but I would like to be able to use roon client remotely on my macbook and windows laptops. Thanks.

233

Honestly, I’m too lazy to look up the ports Roon uses. You should really be allowing all ports through your VPN tunnel… unless you have a specific need not to. In that case you should be looking in your firewall logs to decide what to allow & deny. But honestly, you’d be the first person to have this issue.

Split tunnel shouldn’t matter as long as you have a route on the VPN to 10.0.10.0/24 over the VPN tunnel. Since you are using a MacBook, you should be able to ping the IP address of your Roon core and ping the MacBook from the Roon Core.

Beyond that, you can use the --pcap and --pcap-root flags for udp-proxy-2020 to generate some pcap files that I or you can look at to see if there is anything else interesting going on. Easiest to open a ticket on GitHub and attach your pcap files in the ticket there.

234

Hi Aaron,

As suggested, I have generated the pcap files and included the debug output and opened this as a ticket on GitHub #103. Thank you so much for looking at this! I appreciate it.

235

Hello Aaron,

Thanks for making this nice piece of software.

I’m a beginning in linux programme and I’m not sure where to put --no-listen in the docker config file. Currently I am using this:

version: ‘3.3’
services:
udp-proxy-2020:
image: synfinatic/udp-proxy-2020:latest
environment:
- PORTS=1900,5353,9003
- INTERFACES=eth0,wg0
- EXTRA_ARGS=–no-listen,–debug
- TIMEOUT=250
- CACHETTL=90
- PUID=1003
- PGID=1000
restart: always
network_mode: host

But still the iPhone just shows up randomly. Do you mind commenting anything I’ve done wrong?

Also, may I know if your software would pass airplay or AirPrint multicast packages as well?

Thank you very much!

236

I’m sorry, I forgot to mention I’m currently running Roon core, wireguard and udp-proxy-2020 on the same QNAP NAS

Thank you!

237

there’s no comma between --no-listen and --debug. it needs to be the actual args passed in as a string.

That said, no experience running everything in docker on the same box. Assuming everything is using host networking it might work?

238

Thanks for the reply Aaron!

Sorry I’m just too new to the programming. Do you mean i should write:

  • EXTRA_ARGS=–no-listen –debug

Or could you give an example on how i should write it? :pray:t3::pray:t3:

Thanks for looking at my silly question.

239

Until recently I had the Roon server software on my Intel NUC server (in a docker container). In addition, I used Ropieee as a Roon bridge.
Now I’m able to run Roon on a remote server, outside my home network (which is connected through an OpenVPN site-to-site to my home network). Via udp-proxy-2020 I can see my roon server in the roon client software.

But I can’t use my ropieee device as an audio endpoint. In fact, I don’t see any audio endpoints in the client software at all. Of course because the broadcast (?) which ropieee does to indicate that it is a roon bridge does not arrive at the roon server on the other side of the VPN.

Has anyone experienced this before and found a solution?

240

Maybe iPfire SW can help you ?
Works fine for me as road warrior. Using iOS.

242

Thanks for the reply, but that’s not something I’m looking for. I already use pfsense and a Unifi UDMP for the site-to-site vpn. (and that’s something different than a road-warrior setup).