Tailscale implementation on ROCK (NUC) To circumnavigate ISP CGNAT for ARC

Good news that it’s working for QNAP too.

Subnet routing should be a stopgap solution until Roon recognizes the tailscale IP directly, or in situations where your core server can’t run Tailscale.

It’s a useful feature of Tailscale but is definitely not their primary model.

I’m not sure if you are saying that Roon will recognise the Tailscale IP and you can disable the subnet router aspect of Tailscale, or you are waiting for a feature to be added to Roon that would recognise the Tailscale IP?

Sometimes it does, but it can be inconsistent, and both Core and ARC will incorrectly claim that ARC can’t access Roon.

If you have Tailscale running on your core, there is no technical reason why you should need to use port forwarding on your router (or Tailscale subnet routing).

My experience, and that of a couple others, has been that you first need to be on the same local network as your core to connect ARC via Tailscale (otherwise it will say it can’t connect, and give up). At that point, you can disconnect your iPhone from the local network, and after a minute or two it should find the Core via Tailscale.

I am hoping that Roon will acknowledge the popularity and validity of connecting via Tailscale (or other VPN or wireguard approaches) and directly support connecting to a known IP, rather than telling everyone they need to forward ports. It currently does work, but because of their default forwarding approach, it can be a bit confusing for people to get started with it.


How to (probably) get it to work:

  1. Install Tailscale on your core, and your iPhone. No subnet routing is required.
  2. Make sure they’re both connected and running.
  3. Connect your iPhone to the same network as Core, so you could use it as a remote like normal
  4. Start ARC. It should connect.
  5. Disconnect your iPhone from wifi, so it only goes over your cell connection.
  6. Hopefully it still works, and continues to work!

From Tailscale documentation on subnet router:

So as you can see, the intent with Tailscale is to install it on your nodes and have them connect directly. Subnet routing is effectively a workaround for nodes that can’t install Tailscale… or for software that assumes you should connect over the local network IP.

In the case of an NUC running ROCK the subnet router is a requirement then.

1 Like

The Tailscale subnet router works for an NUC ROCK. I guess it would be impossible to install it on the core in that case.

Danny has said that they considered a Tailscale integration but it would have delayed release of ARC by a year in his estimation.

I tried this the other day, i’d already started to listen to a playlist in the car, so i turned tailscale off to save battery thinking it’s streaming from Tidal so does it need the core if it knows what to play.

Eventually it stopped playing and I got no artwork.
But that could have been lack of signal, i’ll have to try again.

It’s going to need the Tailscale connection all the time.

That’s if they want to do some fancy auto-discovery thing, where the core shows up in a list somewhere and you can select it. Which I get is their brand.

From a technical standpoint though, there is no need for Tailscale “integration.” You can go to your Tailscale app, click the name of your Core node to copy the IP address, and then paste it into a box to specify the core IP address.

That’s how networking works - you specify an IP and let the network stack handle the rest. Room’s interface is a fancy way of finding the core’s IP and configuring the client to point to it… but as of now, the simple straightforward approach is unavailable.

Tailscale provides the network connection to Roon, so as soon as ARC needs to request data from Core it will require Tailscale. I don’t see any reason it would work for more than a couple minutes. Get a USB charging cable! :slight_smile:

You’re not streaming from Tidal to the Arc client the streaming path is:

Tidal >> Roon Core >> Roon Arc client

all streaming traffic is proxied through the roon core.

No it’s been said before that streaming comes directly from the supplier.

I’ve started a tidal album with tailscale connected, i’ve killed the app it’s still playing im on 4g , im guessing it will continue until it needs data from the core. I’m three tacks in of Beth Ortons new album.

It goes via the core, I checked it by doing a packet capture whilst using the arc client.

The reason it carries on playing after disconnecting tailscale is that the client will buffer some data.

Well I’ve just listened to a full album and now its playing Roon radio

1 Like

Plus as you can see the only app open on my iPhone is Arc

Did you open the Tailscale app and disable the active switch? Because I think it just sets VPN config, so you’d still be connected even after closing the app.

If you’re definitely disconnected from Tailscale that would be quite cool!

Would you need to be running a Tailscale app on the core node for it to appear in the Tailscale app.

If so it won’t work on a ROCK core i.e. Nucleus.

Yes. Tailscale would have to be running and connected on the same machine as the core for it to show up in the Tailscale app.

Yep. Same idea applies though: if you have Tailscale subnet routing on, you would configure ARC to use that IP. The networking stack would make sure it goes through Tailscale and you can connect.

That’s basically what Roon does when you run ARC on the local network.