Comcast-supplied modems are configured to do modem+router+WiFi access point by default. If you have a separate WiFi system, the Orbi in your case, without reconfiguration you’ll have two NAT (network address translation) steps, which Arc can’t work over. So, one of the devices needs to be in bridge mode. For example, when I had an AmpliFi WiFi mesh connected to my router, I put the AmpliFi in bridge mode, and I configured the router for Arc.
That’s not true, you just need to ensure that the port forwarding works twice. I found it more reliable to manually configure the ports rather than trying to get UPnP to do its thing. Arc absolutely can work over multiple NATted interfaces.
1 Like
Before moving to Tailscale, I was using manual port forwarding, not UPnP. I agree that in principle it’s possible to do double forwarding, but it’s an error-prone process, as is anything involving double NAT. I prefer not to recommend complex solutions when the basics are not yet working.
Again, I disagree. It’s a simple configuration and has been rock solid on my Xfinity based install.
My ISP in NH is Comcast/Xfinity. Last year I rented its all-in-one network device for a couple of weeks when my own Ubiquiti gateway was accidentally fried. You can easily turn on bridge mode using Comcast’s mobile app.
There’s no good justification for running double NAT. Doing so doesn’t improve anything at all but can cause certain things to break. Here’s a Netgear article on the topic:
I understand that you, @Robem, are competent enough to get ARC to work behind double NAT by using the Xfinity admin interface and your router’s interface to forward and then forward again. Even so, I don’t think it helps the original poster to encourage him to go after a double NAT solution. For one thing, we don’t know for sure that he’s running in a double NAT environment and, secondarily, even if he gets it ARC working behind double NAT, he’s potentially going to run into other problems.
His best bet is to run one of his two routers in bridge mode and to port forward from the one acting as a router. That will get ARC working, will give him a single point of administration going forward, and will eliminate the know/unknown and current/future issues that double NAT can cause.
I’m definitely trying to say that ARC can’t be made to work with double NAT, I’m just saying that the best practice (for all scenarios) is to not run double NAT.
2 Likes
That is true, it’s not ideal and needs an appropriate configuration. What is not true though is that it doesn’t work. It’s as simple as that, it does work and it work very reliably when configured correctly. I’m just trying to respond to someone posting inaccurate information.
When I tried early in Arc (before GA possibly), I could not make it to work on a setup that would not allow bridging. So it works now (for some at least), but it’s a problematic hack.
Not a hack, it’s a valid network configuration that closely resembles static routing.
Just check this forum on how many folks have been confused & foiled by double NAT. Effective networking should not be an obstacle course.
1 Like
I’m in SF, use Comcast for my internet and Arc works fine. I also have my own router and modem though.
1 Like
There really is no case to be made for double NAT. It makes nothing better and makes multiple things worse. I don’t think we should be encouraging the poster - whose issues are the subject of this thread - to consider it.
All:
Thanks to all who have provided input on my issue.
Here is my current update.
I put my Xfinity Modem, an XB8, into bridge mode.
In my Netgear Orbi webpage for the administering the Orbi Router.
WAN Setting: Disable IGMP Proxying
LAN Setting: Use Router as DHCP Server
Under the Advanced Tab:
Router / AP Mode: Router Mode set
I have set the Port Forwarding / Port Triggering for:
HTTP
Protocol: TCP/UDP
External Port Range: 50
Internal IP address: 192.168.1.13 (Nucleus + LAN Address)
UPnP is on
No Dynamic DNS
No VPN Service
No Static Routes
Web Services Management: Unchecked Box for “Always Use HTTP to Access Router”
UPnP:
UPnP On
Advertisement Period: 30 minutes
Advertisement Time to Live (in hops): 4
UPnP Portmap Table
Active: Yes
Protocol: TCP
Int. Port: 55002
IPv6
Internet Connection Type: DHCP
IPv6 Domain Name Server (DNS) Address: Get Automatically from ISP
LAN Setup
Router’s IPv6 Address on LAN:
2601:645:8000:f9a4:ca9e:43ff:fe63:f634/64
IP Address Assignment: Use DHCP Server
Roon Set Up:
Ext. Port: 55002
IP Address: 192.168.1.13
It seems to be working now from my iPhone w/out Wi-Fi.
Although, I get the following note from Roon
{“ipv6_connectivity”: {“status”:“NetworkError”,“status_code”:504,“error”:“error: Error: ETIMEDOUT, response code: undefined, body: undefined connected? undefined”},
“ipv4_connectivity”: {“status”:“NetworkError”,“status_code”:504,“error”:“error: Error: ETIMEDOUT, response code: undefined, body: undefined connected? undefined”},
“external_ip”: {“actual_external_ip”:“73.ddd.eee.fff”,“actual_external_ipv6”:“2601:ggg:hhh:iii:jjj:kkk:lll:mmm”,“router_external_ip”:“null”},
“natpmp_autoconfig”: {“status”:“NotFound”},
“upnp_autoconfig”: {“server_ip”:“192.168.1.1”,“found_upnp”:true,“error”:“<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/\” s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/\“><s:Body><s:Fault>s:ClientUPnPError<UPnPError xmlns="urn:schemas-upnp-org:control-1-0">501ActionFailed</s:Fault></s:Body></s:Envelope>”}
}
@John_Leeper, you need EITHER a port forwarding ruie active OR UPnP active, but not both. This may be what you are seeing in the ARC error message. What happens if you deactivate UPnP on the Orbi?
When I turn off UPnP my Nucleus + disappears and I can’t access Roon.
I turned UPnP and deleted the Port Forwarding / Port Triggering.
Here is what Roon tells me now.
{
“ipv6_connectivity”: {“status”:“NetworkError”,“status_code”:504,“error”:“error: Error: ETIMEDOUT, response code: undefined, body: undefined connected? undefined”},
“ipv4_connectivity”: {“status”:“NetworkError”,“status_code”:504,“error”:“error: Error: ETIMEDOUT, response code: undefined, body: undefined connected? undefined”},
“external_ip”: {“actual_external_ip”:“73.aaa.bbb.ccc”,“actual_external_ipv6”:“fe80:ddd:ddd:ddd:eee:fff:ggg:hhh”,“router_external_ip”:“null”},
“natpmp_autoconfig”: {“status”:“NotFound”},
“upnp_autoconfig”: {“server_ip”:“192.168.1.1”,“found_upnp”:true,“error”:“<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/\” s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/\“><s:Body><s:Fault>s:ClientUPnPError<UPnPError xmlns="urn:schemas-upnp-org:control-1-0">501ActionFailed</s:Fault></s:Body></s:Envelope>”}
}
Hi, @John_Leeper.
Looks like you’ve made progress! You’re in a really good state now - your Xfinity device is acting as a dumb bridge, you know how to configure your router, and no more double NAT. That’s really good!
If what you’re saying is that everything, including ARC, is working but Roon is showing you a message about what may be a UPnP error, then I would just ignore the Roon message.
@Robert_F may be correct about what’s happening. Roon may be trying to use UPnP to set up a port forward but it may be getting an error because you’ve already set one up. In other words, your Orbi may be basically saying “I can’t do what you’re asking” to Roon, since you’ve already done it manually.
So if things are working, I’d ignore it. In other words, if it works (but shows an error message) when you manually port forward, then just go with that.
All:
Update today is that Roon Arc is not working.
JL
@John_Leeper - that’s unfortunate.
I’m looking more closely at your earlier posts and I’m confused by the port forwarding rule you describe. You included:
If I’m understanding this correctly, you’re saying that you configured external port 50 to forward to internal port 55002 on your Nucleus.
You should be forwarding the same external port number that you’re forwarding to your Nucleus. In other words, if your Nucleus is listening on port 55002, then the port forwarding rule on your Orbi should be forwarding 55002.
You can verify the port in the ARC settings so just to clarify…in my case, my server is running on internal IP 192.168.50.48, port 43982. So I go to my router and forward external port 43982 to the same port on 192.168.50.48.
It’s also important to note that unless you do something to make the IP address of your Nucleus stable, it actually can change over time. You can make it stable on your Orbi by using the feature that is probably called DHCP address reservation, or something like that. Most consumer routers don’t cause IP address changes to happen very often but they can - especially when you do something like reboot your router. So you definitely want to at least check and make sure that your Nucleus is currently still on 192.168.1.13 since if it’s changed, that would definitely cause ARC to break.
1 Like
To extend @gTunes’ comment you most likely should not need the internal port value. On my Asus router, I also have an option for using an internal port, but leave it blank as Asus treats this as an option (and it has never affected my ARC configuration). My external port reference is what is shown in Roon’s Roon ARC settings tab.
I state this but do not know exactly how your router settings configurations work.
So, in the Orbi Admin I did the following:
-
The Nucleus + has an reserved address of 192.168.1.13
-
In the advanced tab, advanced field i set the following:
Roon shows me the following:“ipv6_connectivity”: {“status”:“NetworkError”,“status_code”:504,“error”:“error: Error: ETIMEDOUT, response code: undefined, body: undefined connected? undefined”},
“ipv4_connectivity”: {“status”:“NetworkError”,“status_code”:504,“error”:“error: Error: ETIMEDOUT, response code: undefined, body: undefined connected? undefined”},
“external_ip”: {“actual_external_ip”:“73.aaa.bbb.ccc”,“actual_external_ipv6”:“fe80:ddd:ddd:ddd:eee:fff:ggg:hhh”,“router_external_ip”:“null”},
“natpmp_autoconfig”: {“status”:“NotFound”},
“upnp_autoconfig”: {“server_ip”:“192.168.1.1”,“found_upnp”:true,“error”:“<s:Envelope xmlns:s="[http://schemas.xmlsoap.org/soap/envelope/\](http://schemas.xmlsoap.org/soap/envelope/\)” s:encodingStyle="[http://schemas.xmlsoap.org/soap/encoding/\](http://schemas.xmlsoap.org/soap/encoding/\)“><s:Body><s:Fault>s:ClientUPnPError<UPnPError xmlns="urn:schemas-upnp-org:control-1-0">501ActionFailed</s:Fault></s:Body></s:Envelope>”}
}
–
John Leeper
[Private Information Removed]