Skip to main content

Hi,

This topic might give a clue to many other connectivity problems found in the field with Sonos.

 

first a short introduction to my environment.

I have been having issues with my Sonos setup for about 9 months now. I have a setup with 2x Five (in L+R pair), 2x One (in L+R pair) and 1x connect:Amp.

The Connect:Amp and one of the One’s is wired, the Five’s and the other One are wireless.

To complicate things I am running an Aruba 515 network with 4 AP’s with different VLAN’s. Previously I had a Cisco RV345 firewall as egress, but that has been replaced by a Fortigate 100F.

The firewall gives out DHCP, and I have created a soft switch in the Firewall where the wired connections and the VLAN from the wifi ssid for Sonos come together.

When I connect a wireless device (laptop, mobile, iPad) to the wifi network the core network functionalities work as expected. I can browse the internet, ping the firewall, AP’s, and wired Sonos devices.

However the wireless Sonos devices refuse to receive a DHCP address although I can see it being provided by the firewall (Wireshark, etc), the wifi AP’s say that no address has been given.

For weeks I could not get my app on the iPhone to correctly find my Sonos system, until I unplugged the Sonos One from the wired network, making it a wireless (L+R) pair. After a while all speakers showed up and my system started working again.

When I plugged the Sonos One’s both into the wired network the system works as well, but when I take one of them out it breaks fairly quickly.

As an experiment I have taken down the wireless AP’s and the Sonos system still can play music. (I can’t control it anymore because the mobile phone with the AP needs a wireless connection too).

My current thought is that it seems the Sonos system has a SonosNet backhaul system and it uses this to carry ethernet forwarding between the speakers.  Whenever a speaker is unreachable on the wifi channel, it’s MAC address traffic is picked up on any of the other speakers and forwarded to the proper speaker. It seems a good idea unless you have intelligent firewalls and meshed network systems with multicast and ARP optimisations. My AP’s and firewall do not like MAC addresses to float between wifi and wired connections, it is considered ARP spoofing… Many meshed network solutions, amongst others from Aruba, Fortinet, Cisco, TP-link and Orbis, will at some point break this functionality.

 

My question is, does anyone know an option to stop this behaviour? I would really appreciate an option to go back to simple meshed TCP connections between the devices. 

 

This isn't the spanning tree protocol problem? https://support.sonos.com/s/article/2118?language=en_US

Hi 106rallye,

thank you for your fast response.

Spanning tree is not enabled on the AP’s, and it is also not supported on the Fortigate soft switch.

I could change the soft-switch in Fortigate to a hardware switch and enable STP but this wouldn’t allow me to configure the settings required in the link you provided.

Maybe you know why Sonos requires STP? In a more or less secure environment I wouldn’t want to have the possibility of spanning trees in the first place.

Sonos requires STP to resolve the topology within the multiply-bridged SonosNet mesh, which by the way is the default -- and original -- method of connection. Only in the absence of SonosNet will a node revert to WiFi, assuming that the credentials have been configured into the system. (Move/Roam are WiFi only.) 

If your network is objecting to Sonos then it’s simply constrained too tightly. A device’s br0 MAC, which requests the IP, will appear via any available network interface. No spoofing involved at all. 

Thank you for the clarification Ratty,

 

as I understand now, every managed switch and AP within the connecting infrastructure need to support STP both for the wifi connected and wired connected nodes. And all Sonos devices need to be part of the same ethernet segment.

The Fortigate Software switches don’t support STP within the switch, they assume the soft switch is a small logical network without bridges according to a hub and spoke design. 

I will try to move all Sonos devices to a single vlan on a single port and see if that helps. This should prevent any STP issues.

It would be nice to better understand what is necessary for Sonos to work. 

The Sonos devices and controllers all need to be on the same IP broadcast subnet, not the same Ethernet segment. They can connect over any layer 2 technology: Ethernet, SonosNet, WiFi, etc.

 

As for the STP support requirement in switches, it only applies if more than one Sonos device is wired, and even then it only applies to switches on the path between the wired devices. The vast majority of ‘dumb’ switches which have no explicit STP support should be fine, as they’d simply forward STP packets transparently. Managed switches however would typically need STP to be deliberately enabled.

Hi Ratty,

 

With your help, I think I have identified the Sonos/Aruba/Fortigate issue in my environment, and I am not considering what is the best path forward.

At the moment I have the Sonos One and Sonos Five speakers without wires, and only connected to the SonosNet. I have removed the other wifi connections from Sonos. the Connect:Amp I have left wired and this way I can control all speakers fine.

phone → AP(x4) → VLAN1 Switch → VLAN1 → FW → VLAN10 → Connect:Amp → SonosNet → other Sonos devices

This works when I have enough speakers and they can all reach each other. However to understand the layout better I would like to be able to carry the connectivity over Wifi and/or wired connections.

I can create a dedicated Sonos Wifi network on the AP’s which are linked to a specific VLAN, but from my learning above I shouldn’t use any wired stations in that case. is that correct?

(The wired stations would connect through the Firewall on the same VLAN but firewall doesn’t support STP so the connectivity would break right?)

 

Set up the Sonos SSID on your APs, using the correct VLAN. Add that SSID/password to Sonos via Settings/System/Network.

If the speakers move outside of SonosNet range they will try and connect to the nearest AP’s WiFi signal. This should work okay, in ‘mixed mode’, but there might be some instability if the SonosNet signal is borderline. STP on the Firewall would not be relevant because Sonos devices connecting to WiFi don’t use STP.

Terms & ConditionsCookie settings