UPnP Sending hundreds of requests to router - already using port forward

So I have configured the specific port forward listed in the ARC setup page on my router. ARC is working as it should.

However, does anyone have any idea as to why the Roon server would still be spamming my firewall with UPnP requests to open a completely different port number?

Setting the port to 0 would stop all requests but then would not allow me to choose port to use.

I have UPnP locked down so is not available for just any device to use.

Hello @Sean_O,

Thank you for reaching out to Roon support.

When you configure port forwarding and open the necessary ports on your router, the Roon server will still send M-SEARCH requests (a type of SSDP request) to check if UPnP is enabled on the router. These requests are typically used for discovery purposes and are not asking the router to open any specific ports.

However, it’s possible that your router is still receiving these M-SEARCH requests even though port forwarding is set up correctly. It’s important to check if these requests contain an AddPortMapping action in the body. This would indicate that the Roon server is actively attempting to open or map specific ports via UPnP.

To help further diagnose the issue:

  1. Could you confirm if the requests you’re seeing are M-SEARCH requests, or if there’s a different type of discover request (e.g., AddPortMapping) trying to open ports?
  2. If you are able to capture the full request payload, check if there is any AddPortMapping action or a request related to the port number you’re seeing.

Hi @vadim, thanks for the response. For reference I was using port 55002 configured in Roon as the port to use.
My firewall logs were then showing:
No allowed eport for NAT-PMP 52273 udp->10.10.10.50:52273.
That IP address is my Roon server. That port is clearly not what was configured in Roon.
FYI, that port had also been 55493 in a previous session prior to a reboot.
I am unable to capture any other information as to that message aside from that listed in the FW logs as shown above.
I see this with other devices on my network requesting a port but they do no seem as prolific.

Hello @Sean_O,

The following port appears to be unrelated to the Roon application itself and is likely associated with Tailscale, which is included in the ROCK OS by default.

For reference, here are the Tailscale setup instructions for RoonOS/RoonServer.

Could you kindly confirm if this is causing any issues with your router?

Thanks @vadim , it was indeed Tailscale. I deactivated it and the issue stopped.

In terms of issues with the router? Not really an issue as such. I monitor network traffic to check for issues and when I see a device sending that many requests - I will usually track it down and see what it is. Not sure if it needs to be sending requests every second forever to try and make a connection - seems unnecessary.

Hello @Sean_O,

Thank you for the update — we’re glad to hear that the root cause of the UPnP requests has been identified.

Since Tailscale is a third-party application, unfortunately, there’s not much we can do to prevent this behavior on our end.

Enjoy your music, and feel free to reach out if you have any further questions!

This topic was automatically closed 36 hours after the last reply. New replies are no longer allowed.