UPNP Delay

[Gödel]

Pardon my ignorance again, but I'm having a vexing issue on my main PC, a relatively fast (for me) Ryzen 3700x with a decent M.2 SSD on a gbps ether-network.

When I open VLC to try to play music from my UPNP record collection, it takes quite a while to find it. I just checked again, and it took over 6 minutes.

Other PCs in my mini-data-center connect to it in seconds, and so does my phone.

How can I get this major lag down to a reasonably short delay?

TIA​

 

[Mercutio]

Windows? Linux? What are you using to host your music? Dedicated server application or just Windows Media player?

 

[Gödel]

It's running Ubuntu Linux, and the music is hosted on Windows.

 

[Mercutio]

What happens if you turn off the Firewall on your Linux PC before you search?

 

[Gödel]

Confession: I'm using Rhythmbox instead of VLC, because in my search for the nasty problem that VLC skips the first 2 seconds of every song, I haven't found a solution. So for now, I'm just leaving Rhythmbox up. I'll check into turning off the firewall sometime.

I'm a sporadic multimediot. I occasionally like to listen to music while I'm cruisin' the web, or when I'm watching sports (I don't need the announcers to tell me what's going on on the field.)

 

[Mercutio]

I was going to suggest running your music through Squeezebox or Jellyfin. UPNP / DLNA i certainly works, but you may have an easier time in something that handles presentation as well.

 

[Gödel]

Upon further review, I figured out that my other PCs connected quickly because they weren't running firewalls. I don't know why; all 3 are running regular Ubuntu installs to which I didn't do anything UFW related.

I googled a bit, and I found to open ports 1900 and 5000, and then VLC would see the record collection fast, but then error out when I tried to listen.

OTOH, I found that if I open port 3689, Rhythmbox found the records pretty quick, and opened (at least one of) them fine.

I'm listening to Miles Davis right now:

Thank you so much, Mr. Mercutio!​

I'll check into Squeezebox or Jellyfin sometime.

 

[sedrosken]

Huh. I either use Jellyfin or just access everything via SMB or NFS. So there WAS once upon a time a reason to have UPnP enabled that wasn't just opening holes in your firewall for funsies.

 

[Gödel]

OK, I deleted those ufw rules, and I'll check into how to make them specific to my little network.

 

[Mercutio]

Huh. I either use Jellyfin or just access everything via SMB or NFS. So there WAS once upon a time a reason to have UPnP enabled that wasn't just opening holes in your firewall for funsies.

UPNP made a lot of consumer level LAN services a lot easier to set up but of course it's a bad practice to use it.

The main reason I use Jellyfin is that it supports multichannel FLAC and I have a lot of multichannel audio. Jellyfin's music service defaults also do a better job than Plex at respecting my audio tags, but it's SLOW to identify anything new. Jellyfin's interface is good enough, although it's arguable that it's any better than scrolling through well organized lists like DLNA would present. I tried another tool, Screamrouter, but it was bad for presentation, so I gave up on it.

 

[Gödel]

Back to my firewall issues, it looks like something like this:

ufw allow from 192.168.1.0/24 1900/tcp​

ufw allow from 192.168.1.0/24 3689/tcp​

would restrict the port access to just the devices in my local network.

Would that be acceptable, or would it still be as insecure as I am?

 

[sedrosken]

Yes, that would allow access within your LAN. Access from outside the network SHOULD be being blocked by your edge router's firewall.

Whether that's acceptable depends how much you trust the devices in your local network, and if you want every single one of them to be able to look at it.

It's probably fine, honestly. I gripe about UPnP being enabled on the edge router for game consoles and such. I have to allow some of it for older consoles to have any online capability at all, but I keep it locked down to specific IPs.

 

[Gödel]

Thanks for your input, sedrosken.

I checked the router, and it does have a firewall that's blocking outside access, so that part is good.

 

[Gödel]

Unfortunately, when I open those firewall ports, restricted to my local network, there is still a long delay detecting upnp sources in Rhythmbox.

So I wrote a little bash script that turns off ufw, starts Rhythmbox, then turns ufw back on. Then Rhythmbox sees the upnp sources right away.

How dangerous would it be to use that script?

 

[sedrosken]

Pretty sure that's running Rhythmbox with root permissions since you'd have to call the script with sudo or what-have-you. Not good practice by a long shot but also unlikely to be something that gets you pwned from within your LAN. I also wonder if that's effectively just turning off the firewall for Rhythmbox altogether and keeping the connections open again after ufw restarts since they were active before it started. Again, not good practice, but unlikely to be a problem in your case. I don't even run a firewall on my Linux machines interior to my LAN usually, though I probably should.

Also, I led you wrong -- supposedly port 1900 should be udp, not tcp.