Roon ARC not working with Deutsche Glasfaser likely due to CG-NAT

Roon Core Machine

Synology Diskstation

Networking Gear & Setup Details

AVM Fritz!Box

Description of Issue

{
“connectivity”: {“status”:“NetworkError”,“status_code”:504,“error”:“error: Error: ETIMEDOUT, response code: undefined, body: undefined connected? undefined”},
“external_ip”: {“actual_external_ip”:“xxxx”,“router_external_ip”:“yyyy”},
“status”: “status”: MultipleNatFound
,
“natpmp_autoconfig”: {“status”:“NotFound”},
“upnp_autoconfig”: {“server_ip”:“192.168.167.1”,“found_upnp”:true}
}

Same Problem on my side with Deutsche Glasfaser:

{
“connectivity”: {“status”:“NetworkError”,“status_code”:504,“error”:“error: Error: ETIMEDOUT, response code: undefined, body: undefined connected? undefined”},
“external_ip”: {“actual_external_ip”:“xxxx”,“router_external_ip”:“yyyy”},
“status”: “status”: MultipleNatFound
,
“natpmp_autoconfig”: {“status”:“NotFound”},
“upnp_autoconfig”: {“server_ip”:“192.168.3.1”,“found_upnp”:true}
}

BR
Frank Gottschalk

Hallo, habt Ihr eine Lösung gefunden?
Grüße Thomas

Hi @Guido_Heller, @Frank_Gottschalk and @Thomas_Veit,

I’m very sorry Roon ARC isn’t working at your side.The problem Roon Arc isn’t working is because of MultipleNAT.

Did you all checked this part of the Roon ARC documentation?

If you still encounter problems after reading the documentation, could you please answer the following questions:

1. Who is your internet service provider?
2. Please list the make and model of your modem and router?
3. Do you have any additional network hardware, like additional routers or managed switches?
4. Does your network have any VPNs, proxy servers, or enterprise-grade security?
5. What machine are you using as a Roon Core, and how is it connected to the internet?

With these answers, my and other community members can help you better.

Kind regards,

Maarten.

I think the root cause for Deutsche Glasfaser (FTTH), Cable or ADSL/VDSL are all the same.
It depends on whether or not you have an IPv4 address.
If yes, ARC works, if not, then ARC will not work.
Check (in your Fritz!Box) under Internet/Online Monitor, here you see whether you have an IPv4 address or not (DS-Lite-Tunnel).
See picture here for DS-Lite connection or here if you have an IPv4 address assigned.

Hello Marten,

Deutsche Glasfaser doesn’t provide IPv4 addresses per user, IPv6 is available though.

1. Deutsche Glasfaser
2. Fritz!Box 7590 working as Router, Modem is from Deutsche Glasfaser
3. No
4. No
5. Core is running on a Synology DS 918+, which is connected to direct to the Fritz!Box.

BR
Frank

Hallo Marten,
Deutsche Glasfaser

1. Deutsche Glasfaser
2. Fritz!Box 7590 arbeitet als Router, Modem Deutsche Glasfaser
3. Nein
4. Nein
5. Core läuft auf Laptop über WLAN FritzBox

Ich habe mir einen IP-Tunnel-Zugang der Firma Internet XS Service GmbH bestellt. Es wird eine Static IPV4 vergeben. Kostet 5,95€ im Monat. Habe es am Mac ausprobiert. Roon Trail Zugang abgeschlossen und die Tunnel-Software installiert, Roon-Arc funktioniert sofort.
Da ich einen externen R.O.C.K. auf NUC-Basis besitze, werde ich mir einen kleinen externen Router (MikroTik RB750GR3) hinter meine Fritzbox hängen, der die Static IPV4 zur Verfügung stellt. Hat auch den Vorteil, dass ich mein Synology NAS wieder erreichen werde von außen.
Bei der Deutschen Glasfaser bekommt man leider nur als Business-Anschluss einen IPv4 dazu. Als Privatperson hat man keine Chance.
So, vielleicht das Ganze als kleine Anregung. Würde Roon-Arc schon gern nutzen wollen.

Danke für die Info.
Welchen Service muss ich da buchen?
Ich kann da nur einen IP-Tunell für 2 Wochen zum testen anfordern.

Muss ich die feste IP in der Fritz!Box eintragen?

Die zwei Wochen Probezeit hatte ich vorab telefonisch bestellt.

Ich habe den gebucht: IP-Tunnel Basic.
Dann erhälst du eine ausführliche Erklärung wie du in Windows, MacOS etc. ein zusätzliches Programm installierst und dann läuft das. Hast du deinen Core auf einem externen Gerät müsstest du noch das hier buchen ( IP-Gateway LAN Basic) bzw. dir den Router bestellen und ihn selbst programmieren. So werde ich es machen. Router ist bestellt.
Die Fritzbox bleibt in jedem Fall unangetastet. Versuche dich mal einzulesen. Im Netz gibt es viel darüber.
Gruß Dietmar

So, der externe Router ist heute gekommen. Nach Anleitung von Internet XS Service programmiert. ARC läuft prima.

Wozu einen kostenpflichtigen IP-Tunnel buchen, wenn es auch mit einem selbst aufgesetzten VPN geht, besonders zweckmäßig mit Tailscale gemäß der kostenlosen “Personal”-Lizenz? Vgl. diverse Post zu Tailscale in diesem Forum.

Nachteile

• Zentraler Server nötig
• Server kann nicht selbst gehosted werden
• PublicKeys liegen bei Tailscale
• Viele weitere Daten liegen auf den Tailscale Servern

Vorteile: Kostenlos, extrem einfach zu konfigurieren.
Aufgrund der Ende-Zu-Ende-Verschlüsselung von Tailscale sehe ich keine ernsthaften Sicherheitsprobleme.
Es gibt auch noch eine vermutlich genau so gut und sicher funktionierende, aber eventuell kostengünstigere Lösung als der oben angesprochene IP-Tunnel, siehe Feste-IP.NET- Allgemeine Informationen

Hi,
i have the same Problem here in Germany with my glass fiber connection. Incoming connections are only available with IPv6.

I would definitively prefer a manual way to set up the network, since a automatic way eventually fails at some point if the network gets more complex.

Hi @Chris_H,

I’ve moved your recent post into a dedicated topic thread where the team can assist directly, as there’s a possibility we can still resolve your situation and enable mobile playback in ARC without waiting for Roon to implement further address compatibility.

If you’re willing to provide a little information, would you confirm the following information?

1. What is the make and model of your modem and router?
2. Do you have any additional network hardware, like additional routers or managed switches?
3. Who is your internet service provider (based on your post, I am guessing Deutsche Glasfaser?)

I’ll either respond with next steps or merge your thread accordingly. In the meantime, if you’ve done enough research to confirm that your provider absolutely can’t provide a routable IPv4 address, note the following:

• There’s a priority internal effort at Roon to enable port forwarding with routable IPv6 addresses from providers to resolve situations such as the one hampering you. I don’t have a timeline, but we’re working on it as we speak.
• There’s a growing list of solutions for users blocked by carrier-grade NAT, enterprise-grade networks, or other issues in our #tinkering and #roon sections: Tailscale implementation with ARC to circumnavigate ISP CGNAT, Is there a way to get ARC working over VPN?, ARC and a VPN - alternative solution?

Hi Connor,
thank’ s for your answer.

1. My main router is a TP-Link ArcherC6 v2 running OpenWRT.
   The modem is a unknown device from my provider
2. As DNS Server i use a RaspberryPi3 running Pi-Hole.
   As Web, Cloud and Messaging Server i use a RPi4 which is accessible via IPv6 and v6 DNS entry
   (I did a lot of research here, before i gave up the IPv4 idea)
   Beside that i have 4 WIFI access points in the network.
3. Yes you are right, my provider is Deutsche Glasfaser

Hi everyone,

Thank you for your patience as we’ve merged several posts from users here who are stranded without port forwarding as a result of the carrier-grade network address translation implemented by Deutsche Glasfasaer.

To clarify where things stand, more broadly:

At this time, Roon ARC requires an external (WAN) IPv4 address for port forwarding and on-the-go connectivity. Similarly, Roon ARC requires the Core to have an address in the IPv4 format, as it doesn’t yet support IPv6 at this time. Fiber optic networks in Germany have fully adopted IPv6 with Dual-Stack Lite to accommodate outbound/inbound IPv4 traffic. In many implementations, this is an innavigable situation for Roon ARC. Your router will generally have a routable IPv6 address automatically, and if you designate an IPv4 address, it will be translated through a shared IPv4 address via CG-NAT.

Some users, as discussed above, can request a routable IPv4 address for their account to bypass CG-NAT, sometimes for a monthly or flat fee. I do not believe Deutsche Glasfaser offers this, although it is always worth checking with their support team, as fiber users from other providers have encountered occasional lucky results.

That said, there are several VPN and proxy-server solutions in the #roon and #tinkering sections that users have configured as workarounds. Common basic consumer solutions include NordVPN or other common VPNs, and Tailscale . Note that the support team will be unable to assist with VPN configuration, but we can help guide you to popular threads with solutions other users have found for their own use cases.

Roon is actively working to implement workarounds for IPv6 and CG-NAT to enable ARC functionality for users such as yourselves. We’re also researching alternatives to port forwarding for future releases of ARC; rest assured this is just how it works at the moment.

Thank you for your patience.

This is also an issue with T-Mobile internet in the USA. It only accepts ipv6.