Tailscale ARC - works, but extremely slow/hangs/requires restart

After reading Roon’s great guide on making Tailscale work to support ARC, I thought I’d try it, as I’m often ejected by my frequent home IP address changes.
I bought a Raspberry Pi 4, installed Tailscale and configured it as a subnet router according to the Tailscale guide. I think I’ve done it all right but I admit it’s a bit beyond my skill level so it’s hard to know how to verify it’s working just as it should.
ARC connects to home from my phone, most of the time - but sometimes it can’t connect until I quit it and reconnect the Tailscale VPN. And downloads work, but they are awfully slow - it takes about 5 minutes hanging at 0%, then about 5-10 minutes for the download to complete. Compared to before using port forwarding, I could download an album in about 20 seconds and there was no hanging at 0%.
Have I perhaps made a mistake with the Tailscale setup? Or is it that I’m limited by the Raspberry Pi - is it the wrong choice of hardware for this? Any guesses or insight would be really welcome, thank you!

The Pi isn’t limiting unless it’s an older one which only has 100mb/s ethernet but even then it’s likely to be fine for Roons usage. There isn’t much to get wrong with setting up Tailscale so I doubt it’s this either as it’s mostly automated.

Being a vpn it will have an overhead on cpu speed of device used and the data speed as your going to and from another server as a proxy so added latency and this is just as reliant on a stable upload from your home server and mobile provider as using any other method. Also as your using subnet routing that will have an overhead as its routing local network traffic. If you can maybe run Tailscale locally on the roon server pc. If you can’t then not much else you can do.

If you experience severe detonation in data performance I would contact Tailscale directly to see of they can assist. It might be your phone doesn’t work well with it or your cellular provider. Not all will.

What’s your isp upload rate? How are you connecting via another Wifi network or cellular? What device you using to connect back home with?

Thank you for your reply! I really appreciate the thought. Answers as follows:
Pi is a 4B and has a Gigabit interface; unfortunately as I run ROCK I can’t install locally (but I am becoming increasingly frustrated with ROCK’s limitations and wonder about starting over… I hugely regret not partitioning the install drive so I could experiment with some replacements!); my upload rate is about 120Mbps, and the remote test device is an iPhone 14 in my home connected with 5 bars of 5G. So it should be able to manage some decent speed!
As a back-of-the-envelope calculation (obviously rather limited), a redbook album is about 250MB, and if it takes 5-10 mins to download it is arriving at about 3-6 Mbps. Previous experience (with port forwarding) of about 20 secs is consistent with the 120Mbps upload of my ISP, as 250MB would take that long at 100Mbps. So it’s quite a difference!

I highly recommend using Dietpi as the operatiing system for Roon instead of ROCK. Its a small linux distro that is fast, efficiient and well maintained runs on a full pc with the x64 version its not just for Raspberry pi’s… I switched a few months ago from ROCK and have never been happier as have a few others… Its desgined for headless use you access via ssh for setup and installing apps. You can easilly install tailscale on it. I have and runs well although I dont use ARC much any more as poor cellular on my commute does not play ball with ARC its still not good with intermittant data connections in my experience. But I do use it occasionnally at my works office over Wifi and works using Tailscale.

Do not use bars on a phone as a gauge of data reception, it has nothing to do with it, its purely an RF signal indicator., I can be in a full bar 5G situation but get no data due to over utilisation or other inteference. You can only tell if data is actually any godf using internet speed tests, to check latency and datarate. If it suffer high latency then this will cause issues.

Thanks - I may well try DietPi though I am a little nervous (having seen some of the errors around the forum!) and as I don’t have a backup Roon server it will mean taking mine offline and it only coming back if I’m successful!
As for 5G, just to reassure you, I am confident that I have a very good connection suitable for testing. I timed the 20 second port-forwarding download time sat in the same place, and on a speed test I get 400Mbps+ download - when connected to Tailscale! I wonder why ARC is unhappy to allow fast downloads on that same connection?

I can’t possibly say really. Hope you get to the bottom of it one way or another.

I was one of the earlier Tailscale>ARC users, in part because I had been using Tailscale already to integrate several systems across 3 locations. I’ve not had any problem streaming from my Intel/Ubuntu Server Roon servers to my Pixel phone(s) since last year. I don’t use subnet routers for this, though, my Roon servers are on Tailscale themselves.

Thanks for your replies. I took the DietPi plunge and after a little chown heartache I managed to get it to work well enough… but sadly Tailscale performance is just as slow when installed locally. I’ll dig into Tailscale’s troubleshooting guides and report back.

It seems that my problem is caused by the fact that Tailscale is using a relayed, rather than direct, connection. Speeds of around 3Mbps seem common, albeit anecdotally, with this. Tailscale can’t be sure why this is the case, but the likelihood is the use of CGNAT by my ISP, the lack of IPv6 provision by my ISP and potentially some tricky edges presented by my Unifi gateway.
Tailscale don’t offer much in the way of workarounds except port-forwarding, which I would rather not do… although it does mean I don’t have to worry about static IPs any more, it is rather annoying to be port-forwarding which seems a bit of a backward step. Tailscale admit it’s not a very lovely solution.
Unfortunately it seems that’s the end of the road for me for things to try… I wish I had a choice of ISPs where I live, but I don’t. So if anyone wants to short Virgin Media stock, please, feel free…

I use virgin media and UniFi hardware and don’t get these issues at all with Tailscale Are you using the hub as a router or just in modem mode? I don’t believe they use cgnat either, not in my area they don’t.

Thanks. I don’t know what to say except that I’ve verified the above and that perhaps you have better speeds because you have a direct rather than relayed Tailscale connection…? But I’m all out of things to try to get Tailscale to connect directly, and Tailscale don’t have any ideas either. Let me know if you had any luck with any specific Unifi settings to encourage it, as that’s about all I have left to try.

Not sure they give any different connections for Tailscale I am on free tier like anyone would be using. I didn’t have to change anything on my network it just works. You don’t need subnet routing for arc. Subnet routing will have an overhead as it’s acting like a tour to manage non tailscaled devices this all goes via the device set up as the subnet router. For ARC you should not need subnet routing unless your using ROCK or another device you can’t install Tailscale on . if your using Dietpi and have Tailscale installed it’s direct not via relay which is what subnet routing is.

Reading up it will revert to a relay connection if your network is blocking UDP or you have port forwarding active. Not sure why your UniFi would be blocking UDP connections unless you have set it to. Do you UPnP off on the router? Do you have intrusion detection on? Virgin to my knowledge don’t use cgnat for anything and they don’t support IPv6. But mine is a direct connection not relayed. You might need to ensure peer to peer is allowed if using unified security stuff.

If you use Tailscale status it should show you the type of connection you have.

Thanks. I’ve tried disabling all the security detection stuff on the Unifi gateway, and UPnP has always been off. I’ve checked my Tailscale status and am certain it’s a relayed connection, connections are always via a London or Paris DERP server.

Then that’s a relay if it says DERP. Odd as mine don’t say it’s a relay at all. Which gateway are you using? Is this checking on the machine running Tailscale?

It’s a Cloud Gateway Ultra, through a Virgin Hub 5 in modem mode; checking from Tailscale on the DietPi Roon Server, pinging the iPhone running the Tailscale app.

In out of ideas. Any reason you can’t use Unifis Teleport for ARC as it uses the same wireguard stuff but without the middle man.

Well it does look like my connection is also via relay when on iPhone outside my network. I tried yesterday and it wasn’t which is odd. I did change a few things Tailscale wise but not sure that would have affected this. Going to check when at works office on WiFi and see if it’s the same.

Works WiFi it’s direct connection. So this must be down to cellular provider limitations on their network.

Thanks, that’s great intel. I will see if I can contrive a way to do the same test myself… I don’t have admin access on a machine on my work wifi but I will try to borrow a friend’s wifi.