Ubiquiti Dream Machine Pro with Ubiquiti switch and APs
Who is your internet service provider?
Starlink
Please list the make and model of your modem and router?
Squared antenna with standard router with ethernet adapter all setup in bridget mode.
Do you have any additional network hardware, like additional routers or managed switches?
no
Does your network have any VPNs, proxy servers, or enterprise-grade security?
no
Connected Audio Devices
N/A
Description of Issue -
What is the exact port forwarding error message you see in the Roon Settings → ARC tab?
Since ipv6 doesn’t utilize NAT nor port forwarding I have opened the port 55000 TCP from the “white” ipv6 adress from ANY souce and ANY port source. But restricted destination to TCP 55000 and my ipv6 adress.
The test in Roon works and everything look OK See attached picture. However in the client app it tells me that Roon Arc is not configured for outside access. See picture 2.
To provide you with another piece of information. I have tried to open port 22 to be sure that I have access from the internet to my machine, and SSH works perfectly.
My only conclusion is that RoonArc requires further ports to be opened or that something else is broken Please advice.
Best regards Thomas
I Do see one problem and that is a debug log entry that states “07/06 17:42:59 Debug: [easyhttp] [411] POST to https://api.roonlabs.net/porttest/1/port/check returned after 9383 ms, status code: 504”
This obviously states that something is wrong but without more infromation such as how exactly the test works, I don’t know what to do with the information. /Thomas
So far, I haven’t received a single reply here. Does anyone know if I’m posting in the wrong place?
Anyway, in my search for answers, I can see that the ssl certificate provided by roon that as I understand it encrypts the arc communication has expired. Please see the picture. Perhaps someone at support could provide insight in this? It’s in swedish but I’m sure by using your imagination you can see that it has expired wednesday the 5th of july 2023.
No, this is the right place to post requests for support on ARC issues. The problem is that Roon Labs Support team is currently very small (less than a handful of people) and they are dealing with a queue of issues. They will respond as soon as they can.
When you get that message about your Roon Core not being configured for outside access, did you click the button? That should cause it to configure your core for outside access. It will either work after that or give you a new message about connection problems.
I assume you mean the “connect” button in the RoonARC client? - Yes I have pressed it.
There is a really long timeout til it the button changes from connect to “Retry”. If I press retry another extremely long timeout occurs until the button says “retry” again.
Thank you for your reports and for your patience while we worked through the queue to reach your inquiry. I appreciate you taking the time to dive into logs and share your findings.
First off, according to our servers, your broadcasted external IP is actually an IPv4 format address, although it doesn’t appear to be in the standard range for Starlink’s DHCP. We’re curious if there’s a VPN involved - otherwise, please verify that you’ve actually been assigned a dedicated IPv6 address with Starlink. While their adoption of IPv6 has made a splash, many users on this forum are still in the pooled CG-NAT IPv4 tier with Starlink, depending on the age of their account and the generation of their Starlink gateway.
If you’re positive you have an IPv6 external address and not some sort of dual-stack or mixed setup, then please disable any VPNs or proxies you might be using.
Just to verify, you’ve fully bypassed the Starlink gateway? IPv6 pinholing will only work if the Starlink router is has all router functionality disabled.
Please also share any settings regarding IPv6 in the Dream Machine GUI. Our diagnostics show you have a large number of networked devices visible to Roon.
If you’re relying on prefix delegation for any of these devices in their independent use, you need to make sure you’ve set the prefix delegation size to 56 or higher, if that setting is available in your current firmware. Make sure DHCPv6 is enabled.
Then try augmenting the port by increments of 1 in both the Roon → Settings → ARC page and the associated pinhole for the firewall. For instance, go from 55001 up through 550010, testing if any have better results. Sometimes, backgrounded software might compete for the same port and trigger a timeout instead of a more precise error.
We’ll keep a lookout for your response. Thank you!
There is a lot of new terminology when it comes to ipv6 which I’m trying to wrap my head around. Earlier in my carrer we referred to external addresses as white addresses… meaning that they reside on the internet and not a local LAN in the private address ranges. To my understanding ALL the ipv6 addresses are white = public ip addresses. Hence I do not understand what you mean by “external”. My computers ipv6 address IS external and in the public address range. I can reach it from my phone on it’s ISP over ipv6 and connect to my computer over SSH (port 22). However this means that for ipv6 absolutely no NAT or portforwarding takes place at all. It’s simply a port to be opened in the unifi firewall. Basically Any, Any to ipv6 55002.
What ROON broadcasts is out of my configurational reach, since ROON doesn’t support ipv6 I cannot disable my computers ipv4 address since I will no longer be able to start ROON. Perhaps this is wrong and a part of the puzzle?
So based on the previous questions and information. Yes I have CGNAT ipv4, but public ipv6. I have not opened and configure any port forwarding to the ipv4 address since this is futile based on the CGNAT Starlink has.
Yes I have the starlink router in by-pass mode, it can only be configured back by doing a factory reset.
Not sure what you mean by settings regarding ipv6 in the dream machine gui? But this is the extent of unifi GUI ipv6 config. It’s crap.
The thing is, that I can access the port 55001 from my phone whilst on LTE (ipv6) I can see the RoonBroker certificate being expired. I don’t believe this is a question of a device not being able to access the network port, but rather something else. If there is someway I can provide you with my ipv6 address (not publically) I will do that.
Actually Roon does support IPv6 and it’s working with Starlink for many customers. Also, you don’t need to disable your IPv4 in order to use IPv6 since all routers I’m aware of will support both if they have IPv6 support.
I’ve been through this setup on my own system and it looks like you have things configured correctly although I’m not familiar with your specific router. You can use this site to see if Starlink has enabled IPv6 for you:
Don’t worry if it fails the DNS test since very few ISPs support IPv6 DNS yet and that won’t cause any problems with Roon ARC.
Let me ask internally about these certificate expirations with the broker to verify there’s nothing out of order - we don’t have any site reliability issue reports otherwise related to what you’re seeing, but there has to be a specific cause here. In the meantime please let us know the results of your troubleshooting.
I’ve confirmed the RoonBroker certificate is not the source of the issue here - in fact, that certificate plays no part in the connectivity protocols in question here.
If you’re still unable to connect using the IPv6 public address, try adjusting IPv6 to Static in the web administrations above, changing back to DHCPv6, and then restarting the routing.
Hi Dean.
What I mean is that the Roon Server/Core does not support ipv6. It only seems to support ipv4. However the RoonArc supports ipv6. I could be wrong, but when only using ipv6 on my Mac where the roon core resides. NOTHING works.
Hi Connor, I have indeed a ipv6 static address on my machine. All IPV6 tests work perfectly including your own (Server side) it’s the Roon Arc client that doesn’t work.
Do you have any evidence that Roon Arc works with Starlink at all using ipv6? Are you going to build in advertisment rules since you told me before that the server gives of an external ipv4 address?
Hi Thomas,
By any chance does your IPv6 address contain any segments with leading zeros? If you look at the detailed section of the Roon ARC test it will show the IPv6 address for your Roon server so any leading zeros will show up as a 3-digit segment instead of 4.
That sounds great. Perhaps I can play around with different ipv6 addresses hopefully some that lacks leading zeros. Will se if possible and get back. /Thomas
