Today, suddenly ARC stopped working. I use port forwarding as I have been ever since its launch. Nothing changed in my set up. Rock is the same, Router is the same, Port configuration is the same, etc. It just suddenly stopped working. Tried Tailscale but its VERY slow !! Diagnostics shows this.... { "ipv4_connectivity": {"status":"NetworkTimeout","status_code":998,"error":""}, "external_ip": {"actual_external_ip":"62.ddd.eee.fff","actual_external_ipv6":"null","router_external_ip":"176.aaa.bbb.ccc"}, "status": "status": MultipleNatFound , "natpmp_autoconfig": {"status":"NotFound"}, "upnp_autoconfig": {"server_ip":"192.168.2.1","found_upnp":true} }
Describe your network setup
Vodafone Powerstation 6 via ethernet to ROCK. No changes made to setup or configuration
Do you use an ISP modem/router as well as your own router?
If so, has the WAN side ip address of your own router (as issued by the ISP modem/router) changed? Has the ip address of your Roon Server changed? If either of these changes have occurred, you will need to update any manual port forward rule on the router(s) to reflect the changed ip address(es).
If you do not have a separate modem/router device and thus you only have one router in your local network, is it possible that your ISP has migrated your service onto CG-NAT? More than a few ISPs are doing this in order to free up public ip addresses.
If your ISP has started using CG-NAT, then your only options are:
To ask your ISP to go back to issuing a public ip address that supports port forwarding. If offered at all, it may be an additional monthly charge on your ISP account.
Thanks for writing in! @Wade_Oram is spot on correct in their statement above.
As Wade has mentioned, the port forwarding diagnostics you’ve provided suggest there is a redundant layer of network address translation preventing port forwarding. This prevents ARC from recognizing the external IP address of your home network.
The second layer of NAT can either be at the local network level (commonly as a result of two routers), or at the level of your service provider (called “carrier-grade” NAT, or CG-NAT).
Tailscale can be a solid option if CG-NAT is indeed at play, here’s more info:
Thanks for your feedback. I don’t have any additional router or any other hardware on the network. Just the ISP router. And it was set up to with port forwarding with no issues up until a few days ago. I hear you regarding CG-Nat, but I spoke to my ISP, and they said that they have not made any changes.
As for Tailscale, I installed it today but it is VERY slow (on a 500mbps 5G network). For example it might take 30 seconds to start playing something… And later in the day, it stoped working showing that the server was offline but when I got home it was online and fine.
You can tell if your ISP is using CG-NAT by going to a website that displays your ip address like whatismyipaddress.com
If the ip address shown matches the WAN ip address of your router you do not have a service provided uisng CG-NAT.
If the ip address displayed is different to the WAN side ip address of your router (Not the one used to access the Web UI - your router will normally tell you what ip address it has been issued by your ISP), then one of the two situations will apply:
If your router’s WAN side ip address starts with ‘192.168.’, ‘10.’ or ‘172.x’ where x is 16 to 31, then this ip address can only be issued by another router on your own network - so you have two routers on your local network.
If your router’s WAN side address does not start with ‘192.168.’, ‘10.’ or ‘172.x’, then your ISP is using CG-NAT.
Note: If you do this test, then do not report (or show images of) any ip address that does not start with ‘192.168.’, ‘10.’ or ‘172.x’ here or in any other public forum.
I did this test and the IP shown is the same as shown on my router UI as my IP address. So my ISP is not using CG-NAT? Then hwy does the dignostic say double NAT.
Also I cant connect with tailscale now either. Only through wifi. When I put my phone in 5G it says poor connection, or just doen’t play at all. And I currently see 200mbps on speedtest through 5G.
If you only have one router in your setup, then your ISP is surely using CGNAT. The only solutions to CGNAT is to request a dedicated IP from your ISP or to use Tailscale/other VPN solution. Focusing on Tailscale, can you confirm you still have the correct Exit Node set in the app? Do you have Tailscale installed on the ROCK or on a PC on the same network as the ROCK?
I hear what you are saying, but my ISP is very firm that they do not use CGNAT. Also requesting a static IP has an additional monthly cost of half the price of a roon subscription !
Regarding Tailscale: I followed the instructions on installing on Rock and my mobile phone. (no tailscale anywhere else) Downloaded the app, signed in, and signed in on the Rock WebUI. Restarted everything multiple times over. Phone is connected (and shows VPN), and ROCK says its logged in. On the phone app, I see both the Phone and ROCK as connected. I dont know what you’re saying about exit node setting in the app, as I have seen no instructions on this, and tbh there is no setting up anything on the phone app. So everything seems to be running, but my phone when on 5G says that it cannot connect to the the Roon Server, or Roon Server was last seen ## hour ago…
A couple of times that I did get it to work it (after multiple restarts of EVERYTHING) it was dead slow, taking 30 sec to start playing… Did not change anything, other than switch on wifi again on the phone, and the next time I was off wifi, it did not connect !!
Diagnostics indicate that the phone is encountering network failures attempting to access content from your RoonServer. Please verify in the VPN-on-Demand settings in Tailscale that this network interface is actually selected for use when cellular data is active.
Additionally, access the Tailscale admin page and verify that your ROCK and your phone are in the same Tailnet (proxy subnet).
Your ISP may not have changed implementation, but a regular firmware update on the router could have reset settings, including the DNS server or stateful security that might be filtering traffic here.
Please verify that you have a reliable DNS server installed - Cloudlfare (1.1.1.1) or QuadNine (9.9.9.9) are the most recommended on this forum.
Please also share a screenshot of the ROCK web administration page - we’d like to verify the network configuration displayed there.
@Connor Hello.
Thanks for your feedback and input. I am starting to think that the issue is with the Roon server (or the ROCK itself) and not my ISP, the router, or Tailscale. I’ve come to this conclusion, cause I reset everything like I had it before the problems started and it now connects (not always, but most of the time). I was having problems with Tailscale as I mentioned, and I had followed all instructions. What its come down to, is that when I run into these issues (provided I am home) if I restart Roon server a couple of times, it shows the server as accessible, without me changing anything else. But even when it does show the server accessible from ARC, it takes over a minute to do so, when previously it did so in seconds. I might me wrong, but if it connects now without my ISP changing anything, they obviously are not using CG-NAT. Could you check the server logs, to see if there is something there?
Thanks for you help !!
PS: Unfortunately the Vodafone router I am using does not let me input a manual DNS, but it worked fine till now without any DNS change.
