Still ARC not working with cascading routers

H_R · April 7, 2024, 8:13pm

Continuing the discussion from ARC and cascading routers:

Roon Server Machine

Networking Gear & Setup Details

Who is your internet service provider?
Please list the make and model of your modem and router?
Do you have any additional network hardware, like additional routers or managed switches?
Does your network have any VPNs, proxy servers, or enterprise-grade security?

Connected Audio Devices

Description of Issue -

What is the exact port forwarding error message you see in the Roon Settings → ARC tab?

Unfortunately my topic was closed while I was on vacation…

The last diagnosis was that GC-NAT would bet the problem, but I checked it and I do have an public web address (Telekom reassured my they don’t do GC-NAT and I can see that the IP my “outer” Fritzbox is giving me is the same as I can test with “What is my IP”…

So I still get
{
“ipv4_connectivity”: {“status”:“NetworkError”,“status_code”:504,“error”:“error: Error: ETIMEDOUT, response code: undefined, body: undefined connected? undefined”},
“external_ip”: {“actual_external_ip”:“91.aaa.bbb.ccc”,“actual_external_ipv6”:“null”,“router_external_ip”:“null”},
“natpmp_autoconfig”: {“status”:“NotFound”},
“upnp_autoconfig”: {“status”:“NotFound”}
}
This is with port forwarding the NAS port in both routers.

When I activate UPnP in the inner router (sub-net), I get
{
“ipv4_connectivity”: {“status”:“NetworkError”,“status_code”:504,“error”:“error: Error: ETIMEDOUT, response code: undefined, body: undefined connected? undefined”},
“external_ip”: {“actual_external_ip”:“91.aaa.bbb.ccc”,“actual_external_ipv6”:“null”,“router_external_ip”:“null”},
“natpmp_autoconfig”: {“status”:“NotFound”},
“upnp_autoconfig”: {“server_ip”:“192.aaa.bbb.1”,“found_upnp”:true,“error”:“<?xml version=\"1.0\"?>\n<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/\” s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/\“>\n<s:Body>\n<s:Fault>\ns:Client\nUPnPError\n\n<UPnPError xmlns="urn:schemas-upnp-org:control-1-0">\n403\nNot available Action\n\n\n</s:Fault>\n</s:Body>\n</s:Envelope>”}
}
The server IP found is correct (namely the inner router - IP here edited by me).

To activate UPnP in the outer router as well doesn’t change anything:
{
“ipv4_connectivity”: {“status”:“NetworkError”,“status_code”:504,“error”:“error: Error: ETIMEDOUT, response code: undefined, body: undefined connected? undefined”},
“external_ip”: {“actual_external_ip”:“91.aaa.bbb.ccc”,“actual_external_ipv6”:“null”,“router_external_ip”:“null”},
“natpmp_autoconfig”: {“status”:“NotFound”},
“upnp_autoconfig”: {“server_ip”:“192.aaa.bbb.1”,“found_upnp”:true,“error”:“<?xml version=\"1.0\"?>\n<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/\” s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/\“>\n<s:Body>\n<s:Fault>\ns:Client\nUPnPError\n\n<UPnPError xmlns="urn:schemas-upnp-org:control-1-0">\n403\nNot available Action\n\n\n</s:Fault>\n</s:Body>\n</s:Envelope>”}
}

Can anyone help me with this, please?

Wade_Oram · April 7, 2024, 9:03pm

There is no mechanism by which uPnP can configure what you call the Outer router. This must be configured with an explicit port forwarding rule to forward the ARC port to the WAN side ip address of the inner router.

Also, you may find that uPnP, whilst capable of configuring the port forwarding rule on the inner router, will not allow the connectivity test to work because the WAN side ip address of that router will not match the routable ip address supplied by your ISP. In that case, you may be better off turning uPnP off on both routers and using an explicit port forwarding rule on both routers.

connor · April 8, 2024, 5:03pm

Hi @H_R,

Wade is correct - you’ll need to enter both the Fritz!Box GUI and the GUI of the downstream router and create the same TCP port forwarding rule in both. This rule should point to the RoonServer IP address and listening port assignment you’ve selected in Roon Settings.

UPnP can’t automatically create an identical rule in both routers, and you’ll need a rule for each layer of NAT active in your network.

H_R · April 8, 2024, 6:08pm

Thank you both for your swift reply. I might be mistaken, but that is exactly what I did in the beginning. I have the same port forwarding rule in both routers and started with UPnP off in both.
Is there a good way to check whether the rules works correctly?

Wade_Oram · April 8, 2024, 6:58pm

The ‘outer’ router must forward to the WAN side ip address on the inner router - not the Roon Server itself. This inner router WAN side ip address is the address shown on the WAN settings of the inner router (or the address of the inner router as it is shown on the web UI of the outer router). It is not the ip address that you use to access the web UI of the inner router.

H_R · April 8, 2024, 8:21pm

Thank you again for sticking to this.

I checked it again (as I had this tried before - that was my starting assumption…):
Outer Router forwarding to the inner router, inner one forwarding to the NAS gives:
{
“ipv4_connectivity”: {“status”:“NetworkError”,“status_code”:504,“error”:“error: Error: ETIMEDOUT, response code: undefined, body: undefined connected? undefined”},
“external_ip”: {“actual_external_ip”:“91.aaa.bbb.ccc”,“actual_external_ipv6”:“null”,“router_external_ip”:“null”},
“natpmp_autoconfig”: {“status”:“NotFound”},
“upnp_autoconfig”: {“server_ip”:“192.aaa.bbb.1”,“found_upnp”:true,“error”:“<?xml version=\"1.0\"?>\n<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/\” s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/\“>\n<s:Body>\n<s:Fault>\ns:Client\nUPnPError\n\n<UPnPError xmlns="urn:schemas-upnp-org:control-1-0">\n403\nNot available Action\n\n\n</s:Fault>\n</s:Body>\n</s:Envelope>”}
}

Both port forwarding rules are “TCP” and the port is the one showing in Roon…

Wade_Oram · April 8, 2024, 8:26pm

Can you post screen shots of the ARC settings and the port forwarding rules created on each of the routers?

Don’t worry about hiding any ip addresses that start with 192.168… or 10… or even 172.x… where x is 16 to 31 because these ip addresses will help us sort out the issues and are, in any event, not routable which means that they are of no use to anybody that is not connected to your network.

H_R · April 8, 2024, 8:46pm

Yes, sure. I’ll post them as soon as I’m back at home (that will be on Friday). Sorry for the delay…

H_R · April 9, 2024, 3:40am

Found some time before leaving to post the pics
Fritz-EG is the sub-net router (“inner router”)

1st pic is port forwarding rule in the outer router, 2nd pic the one in Fritz-EG

Hope this helps…
And again thank you very much, Wade_Oram and Connor, for helping!

Wade_Oram · April 9, 2024, 6:08am

I’m not familiar with the routers you are using, I don’t speak German and I don’t have much time this morning so there is little that I can do to help you just now.

However, the screenshots that you have posted appear to be using the wrong part of the settings and the first one is using an incorrect ip address.

Firstly, are you sure that you are configuring port forwarding and not external webui access? I would expect to see a table of port forwarding rules with an option to add another one.

As for the port forwarding rules themselves:

The Roon Server is at ip address 192.168.188.37 so I would expect the inner router (accessed at 192.168.188.1) to forward port 55002 to 192.168.188.37.

The outer router should port forward to the inner router. It looks like the inner routers WAN side ip address may be 192.168.178.57 so this is the ip address that your outer router (presumably at ip address 192.168.178.1) should forward port 55002 to.

If what you are showing is the port fording settings, then it looks like you have got both rules reversed to that are trying to set a route from the Roon server outwards to the Internet. What you should be doing is setting rules telling each router to forward port 55002 connections to the router to the inward device.

Think of routers like road junctions and the port forwarding rules like Road signs. Traffic arrives at the router (junction) from outside and does not know where to go next so a forwarding rule (road sign) is provided to direct to traffic to the next device (either the server or the next router - destination or road junction) until the destination (your Roon Server) is reached. You need a sign post (port forward rule) at every router (junction) in the path from the internet to your server. You don’t need road signs for outward connections because every device has an implicit rule (road sign) configured by the router DHCP when the device ip address is issued - the ip gateway. In it’s most simple form, this is an implicit rule that says ‘if a device does not know where to send the traffic, then send it to the gateway’. The gateway is almost always the router on simple home networks.

Thus:

I believe your outer router has a WAN side ip address of 91.aa.bb.cc (hidden for security) and a LAN side ip address of 192.168.178.1 which is the address used to access the Web Ui.

The inner router has a WAN side ip address of 192.168.178.57 ( allocated by DHCP on the Outer router) and a LAN side ip address of 192.168.188.1 (probably)

The outer router should forward to the WAN ip address of the inner router (192.168.178.57)

The inner router forwards to the Roon Server (192.168.188.37).

H_R · April 9, 2024, 9:10am

Thank you! That is quite a lot for having little time I understand what you mean and I’ll try reconfiguring it that way on Friday! I’ll report back

Wade_Oram · April 10, 2024, 9:24am

What I didn’t have time for was the proper translation of German to English on the router Web UI pages that you posted

Jens_Sven_Dumpff · April 10, 2024, 11:24am

Jens_Sven_Dumpff:

I had an identical error message

If you have the following installation like me:

Roon Server on Mac Book Pro M1

Mac Book Pro connected via WLAN with Fritz Repeater in the Mesh network

Mesh Repeater connected to the Fritz!Box (router) via WLAN

Fritz!Box connected via LAN to the cable modem of the internet provider Vodafon

then you not only have to enable the port for the Roon server computer in the Fritz!Box, but also enable a port for the port displayed in Roon in the Vodafon cable modem for the Fritz!Box according to these instructions here, which can be done in 1 minute:

Portforwarding auf der Vodafone Station einrichten | (am Beispiel von Call of Duty Modern Warfare)

After that it worked for me.

The logical chain is thus:

the ARC app makes a request to the port,

the provider’s modem lets the request through to the Fritz!Box, but only if port forwarding to the Fritz!Box is set up.

the Fritz!box also lets the port forwarding request through because port sharing is set up in the home network

(The provider’s technical hotline was absolutely no help here. They merely created a public dynamic IPV4 address for me and advised me to remove the Vodafon modem from the chain and connect my own Fritz! cable box directly, which would mean that I would lose the in-depth technical support in the event of Internet faults).

auf Deutsch:
Ich hatte eine identische Fehleranzeige.

Wenn Sie etwa die folgende Netzwerkinstallation wie ich haben:

Roon Server auf Mac Book Pro M1 (Laptop)
Mac Book Pro mit dem WLAN über einen Mesh Fritz Repeater verbunden
Fritz Mesh Repeater über WLAN verbunden mit der Fritz!Box (Router)
Fritz!Box verbunden über LAN mit dem Kabel Modem (WAN) des Internet Providers Vodafon

dann müssen Sie nicht nur in der Fritz!Box die Port Weiterleitung vornehmen, sondern auch eine Port Weiterleitung für den in Roon angezeigten Port vom Vodafon Kabelmodem zu der Fritz!Box gemäß dieser Anleitung hier, was in 1 Minute erledigt ist:

Danach ging es bei mir.

Die logische Kette ist damit:

Die ARC App stellt eine Anfrage via dem Port an den Roon Server,
Das Modem des Providers lässt die Anfrage an die Fritz!Box durch, wenn die Port Weiterleitung an die Fritz!Box eingerichtet ist.
Die Fritz!Box lässt die Portweiterleitung ebenso zu, wenn die Port Weiterleitung von der Fritz!Box an den Laptop, den Roon Server Port, eingerichtet ist.

(Die technische Hotline des Providers war hier wenig hilfreich. Die haben mir eine öffentliche dynamische IPV4 Adresse eingerichtet und empfohlen, dass Vodafon Modem zu entfernen und den Kabelanschluss direkt an die Fritz!Box anzuschließen, womit ich aber den tiefergehenden technischen Support bei Internet Störungen verlieren würde.)

H_R · April 15, 2024, 4:44pm

Thank you very much for your patience! I did post those pics in a haste - they did show the port forwarding, but not the interessing part…
I do feel enormously stupid: I spend so much time on this and now I finally realised I had a typo in one of the rules, thus forwarding the wrong port in the outer router!
I still have to test it from outside, but for the moment being, the Arc info pages is positiv!

H_R · April 15, 2024, 4:46pm

Danke! I habe ein etwas anderes Problem, nämlich zwei Router hintereinander, aber heute habe ich entdeckt, dass ich schlicht einen Tippfehler in einer Port forwrding rule hatte…
Aber, Ende gut, alles gut

system · April 20, 2024, 12:33pm

This topic was automatically closed 36 hours after the last reply. New replies are no longer allowed.

H_R · April 20, 2024, 1:14pm

I just thought that I post my solution as I couldn’t reply in my old post as it was closed.

Just to sum up things for folks with the same problem: Roon ARC can be used with two FritzBoxes being set up as cascading routers, ie where you use a second FritzBox (or any other router) to create a sub-net and your Roon server resides in your sub-net.
You need a port forwarding rule in both routers, one in the first (or outer router - being the main router) pointing to the second (or inner) router, and a second in the inner router pointing to your Roon Server.

In Fritz!OS 7.57 you’ll create the rules under Internet - Freigaben where you add a device (“Gerät für Freigaben hinzufügen”) and then you click on “Neue Freigabe” where you choose “Portfreigabe” (not “MyFritzFreigabe”). There you choose as “Anwendung” HTTPS-Server (not sure wether this actually makes any difference), as “Protokoll” you use TCP and than you enter the port which is shown in the Roon settings page for ARC (three times: “an”, " bis" and “extern”). Make sure the “Freigabe aktivieren” is ticked.
In the outer router you choose as device (drop down menu) the inner router and in the inner router you select as device your Roon Server (in my case a NAS).
Don’t activate “Selbstständige Portfreigaben” (UpnP).

That’s all, actually. (Just make sure you get no typos in the ports as I had…)