PDA

View Full Version : Trying to Setup Classic Through Router...



HalNineThousand
2009-04-19, 19:37
I have 5 Squeezeboxes in my home, 2 Classics, 2 Duets, and one Boom. Since I use all flac files in my library and I often sync 2-3 or more SBs, I've had problems with wifi choking on the bandwidth -- so I'm using ethernet to connect all my SBs to my LAN. There's just one problem (isn't that always so!): One SB is on my screen porch, an area where I don't have much control over physical access. I don't want an open connection to my LAN out on the screen porch. (And if someone thinks I'm going extreme wiring my house for CAT5e for SBs, all the connections were planned for possible other devices as well.)

I can solve the problem of having a connection on the porch by running it through a router that I'm using for something else. My idea was to have the porch SB connect to the WAN side of the router and on the other side is my LAN with Squeezecenter and all the other SBs (and my other computers).

My LAN is in the 172.16.7.xxx address range. I was setting up the WAN interface on the router with address 10.0.0.101 and specifically told the SB to use the address 10.0.0.201. I told the SB the gateway was 10.0.0.101. In the router's firewall I forwarded all attempts to reach 172.16.7.2 (the Squeezecenter address) from the WAN to that computer on the LAN side, so, supposedly, if the SB tries to access port 9000 at 172.16.7.2, it should go through the gateway, or the WAN interface on the router, then be forwarded to my server with Squeezecenter.

Of course, since I'm posting, you can tell it doesn't work.

The hard part is I don't know if the router (running OpenWRT) is not working or the SB is not working. I do see that when I check the router firewall logs, there is NOTHING showing any connection attempts on the WAN side, which is where ONLY the SB is.

From what I've read, if I set the router to forward ports 3483 and 9000 to the server running Squeezecenter, it should work, but there's no indication it does, and no indication of any traffic going through the router.

I know this could be a router issue OR an SB issue and I'm not sure which. I've also posted on the OpenWRT site asking for help (lots of views on that topic, no responses).

So I've got two questions:

1) Any ideas what I can do or need to change to get the SB to talk to Squeezecenter through this firewall?
2) With this SB on a different net, can the Duet controller still control it? What would that take?

Thanks for any help or insight on this.

Mick Seymour
2009-04-19, 23:01
Two simple checks first.

1. If you hard wire the SB to the LAN and reconfigure the SB network interface with a LAN side IP, does it work? That should prove the SB isn't broken.

2. Are you using a crossed or straight cable from SB to the router WAN port? Should you be using a crossed or straight cable from the SB to the router WAN port. My guess, without knowing the router, would be a crossed cable.

If that doesn't get you where you need to be, can you give us more info on the hardware setup. I can't tell from your post whether you are using a single router or two bridged routers.

As far as using the controller to control the SB is concerned, so long as the SB can connect to SC, control should work.

HalNineThousand
2009-04-19, 23:20
The SB is okay. I've been using it for a year or two (can't remember when I got it). But yes, I specifically checked and it's working fine directly on the LAN.

I'm using a regular CAT5 cable that has worked for other connections with no problem. It goes straight into the WAN port on a Linksys WRTSL54GS router (that also has a USB port for attached storage). The instructions didn't specify to use a crossover cable at all. I'm almost positive I took this cable from a working setup, but just to be sure I'll change it out.

It's one router. Here's a quick diagram:

INTERNAL LAN (172.16.7.xxx) (includes server at 172.16.7.2)
|
\/
ROUTER (172.16.7.101 on LAN interface, 10.0.0.101 on WAN interface)
|
\/
SB (10.0.0.201 connected ONLY to WAN interface)

The firewall rules in the router specify that incoming on the WAN destined for 172.16.7.2 will be forwarded to that server on the LAN side. For now I'm specifying ANYTHING with a destination of 172.16.7.2 be forwarded. When I finish and put it in place, I'll limit it to ports 9000 and 3483 for the SB, port 53 for DNS, and port 8000 for Icecast2. (I'm assuming when a SB gets a stream from Internet radio or any other service, it comes in through Squeezecenter first, so the SB itself doesn't need Internet access, if it does, I can forward other traffic to my external firewall.)

I'll have to dig for a known good CAT5 cable and if that makes a difference, I'll report it.

Thanks!

Mick Seymour
2009-04-19, 23:40
Something else to try - can you ping the SB on the WAN side from the server on the LAN side?

HalNineThousand
2009-04-19, 23:44
Okay, a big Homer Simpson D'oh for me on that one.

Yeah, I can ping it. Forgot I had done that. So we know the cable's okay.

Guess I get a thwack with a 2x4 for forgetting that point!


Come to think of it, is there a way to log in to an SB Classic like I can log in to the Duet controller? Traceroute might be quite handy in a case like this if I could run it from the SB.

Mick Seymour
2009-04-20, 00:32
Come to think of it, is there a way to log in to an SB Classic like I can log in to the Duet controller? Traceroute might be quite handy in a case like this if I could run it from the SB.

I don't think you can. A traceroute back the other may be helpful.

Do you have a laptop/spare PC you could connect on the WAN side to test if that can see the SC browser interface? You could run a traceroute from that end as well then too.

GlenL
2009-04-20, 01:31
Just a thought ... is the subnet mask set correctly on your SB3 ?
Presumably it should be 255.0.0.0 (10.x.x.x being a Class A address and all that)

I'm thinking that with your LAN being a Class B network with a 255.255.0.0 subnet mask, you may have been on 'auto pilot' when configuring the SB3 and set the subnet mask incorrectly.

radish
2009-04-20, 07:04
Are you telling the SB where the server is (IP)? The auto-discovery isn't going to work through the router.

cdmackay
2009-04-20, 07:37
Mick Seymour wrote:
> 2. Are you using a crossed or straight cable from SB to the router WAN
> port? Should you be using a crossed or straight cable from the SB to
> the router WAN port. My guess, without knowing the router, would be a
> crossed cable.

I believe all the current SBs have polarity correction, so that
shouldn't be an issue.

cheers,
calum.

HalNineThousand
2009-04-20, 10:13
Thanks for the suggestions and ideas -- I have yet to get a single response from the folks on the OpenWRT board and I suspect the issue is more with the firewall on the router than the SB. I've done some checking:

1) Mick Seymour: I did a traceroute on the router to the SB at 10.0.0.201 and to the server at 172.16.7.2 and both were only one line long -- direct connection to each one. I'm glad you used the word "laptop." I hate laptops -- I don't like taking my work with me! I did a mental rundown on what else I had in the house and recently I dumped a lot of stuff because I was overloaded. If you hadn't said laptop, I would have forgotten I have an old Win98 laptop my Mother stopped using stashed away. I'll be testing that later this afternoon, when I get back from a class I need to go to.

2) GlenL: Yes, I was on auto-pilot, so I changed the netmask to 255.0.0.0, but that didn't make a difference. I'm not sure that would be the issue, since the addresses only differ on the byte, but I did try it.

3) radish: Yes, I'm telling the SB the server is at 172.16.7.2 and even tried a variation -- I told the router (as an experiment ONLY) to forward ALL incoming connections to 172.16.7.2 and tried telling the SB the server was at 10.0.0.101 (the router's WAN address) and that didn't help at all.

Basically, I've tried every way possible to tell the SB where the server is. I don't think there is much more I can do with the SB, so I think the next step is to find out what I need to do with the router to clear all the settings in NVRAM and to reflash it (it's been a while since I've done that). More and more I suspect it's the router.

toby10
2009-04-20, 12:19
Thanks for the suggestions and ideas -- I have yet to get a single response from the folks on the OpenWRT board and I suspect the issue is more with the firewall on the router than the SB. I've done some checking:............

Turn off the router's firewall, see if the SB connects.

HalNineThousand
2009-04-20, 19:31
I don't see a way to turn off the router's firewall completely.

I dug out the old laptop I mentioned earlier, but it's so old it doesn't have an ethernet connection. I had to put together a system that was over in the corner, waiting for a friend to pick up. I was avoiding touching that one because it was already all set up and I didn't want to mess with the network settings -- and it would also mean moving other parts of my setup into another room.

I hooked that computer up, giving it the address of 10.0.0.201, just like with the SB. From there I tried and could ping 10.0.0.201 (itself) and 10.0.0.101 (the WAN interface).

I cannot ping ANYTHING on the 172.16.7.xxx LAN at all from the computer at 10.0.0.201. I tried traceroute to 10.0.0.101 and it took about 15 seconds or longer to report back a single hop. I tried it on another computer and traceroute, for one hop, took only about 5 seconds. (But that was a quad core computer...)

From the 10.0.0.201 computer I ping'ed 10.0.0.5 and got a timeout message from ping. When I pinged anything out of the 10.xxx.xxx.xxx range, there was no response or action at all. No report back that it was out of range or there was no route to the host or anything -- it just hung there, and in one case I let it sit for 15 minutes.

I think this definitely shows the issue is the router. The computer does see it as a gateway, as it needs to, but the router is not forwarding anything as it should. (And that seems to raise the question of how it works on the LAN side, but I can ping it, ssh to it, and use the web interface from the LAN side, so it does communicate there -- just no communication between WAN and LAN within the router.

I tried to get some kind of verification on what I need to do to be sure all the variables in NVRAM in the router were reset, but getting answers on the OpenWRT board is slow.

So this puts it out of the SB/Slimdevices court and definitely in the OpenWRT area, but if anyone here knows enough about firewalls and such, I would still appreciate their help. This is not an area I know well. I've spent years programming, but rarely have had to deal with issues like this.

Thanks for any thoughts and for the help and suggestions that have already been offered!

HalNineThousand
2009-04-21, 01:05
First, again, thanks to all with suggestions. After my last post (the end of about 2 1/2 days of farting around with the issue), I was at least able to pinpoint the issue as being OpenWRT and NOT anything with my SB or Squeezecenter. To help others, and to let those who helped me know what happened, here it is:

I was using OpenWRT, the White Russian version, as recommended on the page for that piece of hardware on the OpenWRT site. I had a lot of views of my topic, but not one post to help me. I was looking at other open router Linux distros, but then ended up trying their next release, Kamikaze. The web interface didn't give me the fine tuning I wanted and it took a while to get used to the new interface and what it did offer, but I did get it working.

It took extra time to get it working because I couldn't ping the WAN interface for some reason and couldn't ping the server either, but when I did requests for host addresses and tried to read the web pages for Squeezecenter, I got them.

I still have to go through to verify that it is NOT forwarding all ports to all computers, but since I can't ping anything I suspect it's not.

Again, thanks for the help! I'm a long time supporter of FOSS, but when I can ask for help with a FOSS project like OpenWRT and get no responses, it seems clear to me why so many people dislike FOSS.

radish
2009-04-21, 06:00
Again, thanks for the help! I'm a long time supporter of FOSS, but when I can ask for help with a FOSS project like OpenWRT and get no responses, it seems clear to me why so many people dislike FOSS.

To be fair, given that what you're trying to do is pretty unusual I doubt very much you'd have got any more useful help from Netgear or whoever if you were using the original firmware! Whilst FOSS support can often be flaky, so can commercial support. It's also worth remembering that this forum spends much of it's time supporting FOSS so it's not all bad ;)

HalNineThousand
2009-04-21, 09:24
I don't think FOSS is "not all bad." I started my business in 2001 and based it fully on FOSS and software I wrote. If it ever comes down to a choice between two programs and they're anywhere close in abilities, I'll take the FOSS program every time. The reason I'm using an iMac now instead of Linux on my desktop (which I used for about a decade) is because I need video editing abilities that I just can't find on Linux. I've also written a few projects of my own that I've released as FOSS. If you want to control an HD radio with a Linux carputer, there's a good chance you'll be using my code to do it.

However I have the unusual situation where I've had to see FOSS from the point of view of a developer and as a "non-techie" end user. When I'm writing or working in "creative" mode I can't remember things like keystroke sequences and such. I honestly think FOSS programs could and should be much more prevalent than they are, but that we, as FOSS developers and proponents, keep shooting ourselves in the foot. I've seen websites for FOSS programs that toot the program and make it sound like the best thing since sliced bread, but then when you look at help forums, sometimes newbies are called idiots for not knowing what seems obvious to more advanced developers, yet the website isn't well organized and there are few topics in the wiki and most of those are out of date.

If those of us who use and create FOSS software want people to use it, then we have to be willing to work with newbies and shepherd them into the fold instead of ignoring help requests or treating less knowledgeable people roughly. We have to be aware of what non-techies need and be willing to help them.

From what I've seen, that happens here, on this forum, but doesn't on a number of others. I'm very pro-FOSS, which is why I am rather quick to criticize parts of the FOSS community that tend to be more "inbred" or exclusive or not as open to helping newbies and outsiders.