I’ve been using Syncthing to keep two Android phones in sync for quite some time. One is configured to receive only, the other to send only.
A few days ago I’ve noticed that, regardless whether the app is actively syncing or not, the traffic never stops. Not surprisingly, after a while AdGuard starts blocking the overly active IPs (IPv4/IPv6 TCP/UDP/QUIC). A few hours of traffic monitoring shows primarily two “offending” addresses:
2a0d:5600:60:2::2
45.128.36.2
and a lookup on “who.is” reveals that both addresses belong to RIPE Network Coordination Centre.
In about an hour AdGuard blocked more than 88,000 requests from these two addresses alone however, the overall CONTINUOUS chatter was significantly higher. Please note that while nothing had changed in my configuration, this crazy traffic is something that occurred recently.
I would really appreciate some input here on what exactly is going on and how to address this. I used to allow traffic as root but since the privilege is not needed I’ve revoked it. No difference though.
It’s strange to me that I didn’t have this problem for so long (under the same configuration).
The continuous traffic only occurs on the receiving phone. As for the DNS lookup, are you suggesting that AdGuard itself may have caused this as it may have blocked some DNSs otherwise needed by Syncthing?
My best guess is neither of those addresses have anything to do with Syncthing, unless it happens to be one of your own devices. Also nothing to do with RIPE, other than those being the ones who allocated the addresses to the current user of them.
I still don’t know what caused all this however, I was able to solve it by starting fresh on the receiving phone by wiping data on the Syncthing app and manually recreating all jobs.
Since I did no other changes, I guess it’s safe to assume that neither AdGuard, or RIPE were part of the problem. My guess is that Syncthing configuration somehow got corrupted.