Skip to content

Instantly share code, notes, and snippets.

@skierpage

skierpage/roon-server.xml

Last active July 24, 2023 20:12
Show Gist options
  • Star 2 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save skierpage/19d313330a9ac8db0f2a3a3a19fc6b29 to your computer and use it in GitHub Desktop.
Save skierpage/19d313330a9ac8db0f2a3a3a19fc6b29 to your computer and use it in GitHub Desktop.
Download ZIP
Firewalld rule for Roon server
Raw
roon-server.xml
<?xml version="1.0" encoding="utf-8"?>
<service>
<short>Roon Server</short>
<description>Roon Server from Roon Labs plays music according to instructions from Roon Controllers</description>
<!-- per https://community.roonlabs.com/t/connection-failed-and-chromecast-issues-roon-using-new-additional-network-ports-since-880/181528/18 -->
<!-- unclear if necessary: port protocol="tcp" port="8008-8009"/ -->
<port protocol="udp" port="9003"/>
<port protocol="tcp" port="9330-9339"/>
<port protocol="tcp" port="30000-30010"/>
<!-- unclear if necessary: port protocol="udp" port="32768-65535"/ -->
<!-- igmp enables multicast. Unclear if broadcast and SSDP are needed too, see https://community.roonlabs.com/t/android-roon-remote-looses-connection-to-core-daily/61650/45 says is also required? -->
<protocol value="igmp"/>
</service>
@erig0
Copy link

erig0 commented Nov 4, 2019
edited

You can enable igmp with

<protocol value="igmp"/>

See man firewalld.service for details.

@skierpage
Copy link
Author 

<protocol value="igmp"/>

Thanks, that seems to work! I have comments on how to use this in Roon forums.

@skierpage
Copy link
Author

skierpage commented Jan 20, 2022
edited

Note that as of Roon Server build 880 the 2021 version of this rule stopped working; the Roon Remote controller for Android (and probably others) couldn't connect to Roon Server. I had to disable the Fedora Firewall (sudo systemctl stop firewalld). You have to allow new and different TCP ports in the Firewalld rule, maybe 9330-9339? The new version here works for me, but I don't have complicated multi-room, Sonos devices, etc.

@skierpage
Copy link
Author

This ruleset still works with a new installation of Roon Server on Fedora 37, but again I'm not using complicated multi-room, remote controls, the API, or ARC.

@aclater
Copy link

aclater commented Mar 20, 2023
edited

Adding port 55000/tcp will make ARC work:

<port protocol="tcp" port="55000"/>

@aclater
Copy link

aclater commented Mar 20, 2023
edited

Opening 32768-65535/udp appears to make Chromecast, Apple Airplay and Roon Ready devices like the Cambridge Audio CXN V2 work.

@aclater
Copy link

aclater commented Mar 20, 2023
edited

It looks like roon is also listening for mDNS traffic on UDP 5353. It might be worthwhile to enable that as well or enable the built-in firewalld mdns service:

firewall-cmd --permanent --add-service=mdns

With the above ranges enabled I am able to connect to:
Cambridge Audio CXN V2 (Roon Ready)
Google Home Mini via Chromecast (Roon Tested)
Sonos via Sonos Streaming
Misc devices via both Chromecast streaming and AirPlay

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment