I just enabled all high-ports for communication in a firewall rule as the connection tracking and the underlaying protocoll just sucks.
```
port-group SONOS-PORTS {
description "Ports used by SONOS"
- port 58627
port 1900
port 1901
port 6969
port 3400-3401
port 1443
+ port 20000-65535
}
```
```
vyos@vyos# time commit
real 23m44.800s
user 9m9.063s
sys 14m20.008s
```
That means a reboot will take additional 20 minutes.
A reason could be: https://github.com/vyos/vyatta-cfg-firewall/blob/8d373bd48b8142692dc704dbdbc0c6b314c0913b/lib/Vyatta/IpTables/IpSet.pm#L413 according to @zsdc