TL;DR
Inside a Docker container, Syncthing can’t connect to global@https://discovery-v4.syncthing.net/v2/
and global@https://discovery-v6.syncthing.net/v2/
. Outside of container, Syncthing can connect to v4 but not v6. How can I fix that?
Problem
When I run the Docker container (either the official one or the LinuxServer one, the container is unable to IPv4 and IPv6 connect to the relay hosts. However, when I run Syncthing on the same machine, but outside of a Docker container, things work as expected. Other machines on the same network are able to connect to the IPv4 relay, but not the IPv6 relay.
Notes
- The UI for the Docker container is behind a reverse proxy. See the
nginx.conf
section shared below. - The server is a NixOS machine with the firewall disabled.
- I am running a local DNS server. However, running
dig https://discovery-v{4,6}.syncthing.net
returns as expected
Config and Logs
Errors message from log
listenerSupervisor@dynamic+https://relays.syncthing.net/endpoint: service dynamic+https://relays.syncthing.net/endpoint failed: Get "https://relays.syncthing.net/endpoint": dial tcp: lookup relays.syncthing.net on 127.0.0.11:53: read udp 127.0.0.1:40966->127.0.0.11:53: i/o timeout
Error message from UI
global@https://discovery-v4.syncthing.net/v2/: Post "https://discovery-v4.syncthing.net/v2/": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
global@https://discovery-v6.syncthing.net/v2/: Post "https://discovery-v6.syncthing.net/v2/": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
nginx.conf
location /syncthing/ {
proxy_pass http://syncthing:8384/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
}
location /syncthing {
rewrite ^([^.]*[^/])$ $1/ permanent;
}
docker-compose.yml
syncthing:
image: ghcr.io/linuxserver/syncthing
hostname: atlas
environment:
PUID: "1000"
PGID: "100"
ports:
- "22000:22000/tcp"
- "22000:22000/udp"
- "21027:21027/udp"
volumes:
- "/data/documents/notes:/notes"
- "./syncthing:/config"
restart: unless-stopped
Logs when running Syncthing inside the Docker container
2021-07-25 16:41:38 My ID: <ID>
2021-07-25 16:41:38 Single thread SHA256 performance is 213 MB/s using minio/sha256-simd (212 MB/s using crypto/sha256).
2021-07-25 16:41:39 Hashing performance is 181.14 MB/s
2021-07-25 16:41:39 Overall send rate is unlimited, receive rate is unlimited
2021-07-25 16:41:39 Using discovery mechanism: global discovery server https://discovery.syncthing.net/v2/?noannounce&id=<ID2>
2021-07-25 16:41:39 Using discovery mechanism: global discovery server https://discovery-v4.syncthing.net/v2/?nolookup&id=<ID2>
2021-07-25 16:41:39 Using discovery mechanism: global discovery server https://discovery-v6.syncthing.net/v2/?nolookup&id=<ID2>
2021-07-25 16:41:39 Using discovery mechanism: IPv4 local broadcast discovery on port 21027
2021-07-25 16:41:39 Using discovery mechanism: IPv6 local multicast discovery on address [ff12::8384]:21027
2021-07-25 16:41:39 TCP listener ([::]:22000) starting
2021-07-25 16:41:39 ...
2021-07-25 16:41:39 Relay listener (dynamic+https://relays.syncthing.net/endpoint) starting
2021-07-25 16:41:39 QUIC listener ([::]:22000) starting
2021-07-25 16:41:39 Ready to synchronize "Default Folder" (default) (sendreceive)
2021-07-25 16:41:39 Completed initial scan of sendreceive folder "Default Folder" (default)
2021-07-25 16:41:39 GUI and API listening on [::]:8384
2021-07-25 16:41:39 Access the GUI via the following URL: http://127.0.0.1:8384/
2021-07-25 16:41:39 My name is "atlas"
2021-07-25 16:41:39 Device <ID3> is "Orion" at [dynamic]
2021-07-25 16:41:49 Relay listener (dynamic+https://relays.syncthing.net/endpoint) shutting down
2021-07-25 16:41:49 listenerSupervisor@dynamic+https://relays.syncthing.net/endpoint: service dynamic+https://relays.syncthing.net/endpoint failed: Get "https://relays.syncthing.net/endpoint": dial tcp: lookup relays.syncthing.net on 127.0.0.11:53: read udp 127.0.0.1:33866->127.0.0.11:53: i/o timeout
2021-07-25 16:41:49 Relay listener (dynamic+https://relays.syncthing.net/endpoint) starting
2021-07-25 16:41:53 Detected 1 NAT service
2021-07-25 16:41:59 Relay listener (dynamic+https://relays.syncthing.net/endpoint) shutting down
2021-07-25 16:41:59 listenerSupervisor@dynamic+https://relays.syncthing.net/endpoint: service dynamic+https://relays.syncthing.net/endpoint failed: Get "https://relays.syncthing.net/endpoint": dial tcp: lookup relays.syncthing.net on 127.0.0.11:53: read udp 127.0.0.1:40966->127.0.0.11:53: i/o timeout
2021-07-25 16:41:59 Relay listener (dynamic+https://relays.syncthing.net/endpoint) starting
2021-07-25 16:42:09 Relay listener (dynamic+https://relays.syncthing.net/endpoint) shutting down
2021-07-25 16:42:09 listenerSupervisor@dynamic+https://relays.syncthing.net/endpoint: service dynamic+https://relays.syncthing.net/endpoint failed: Get "https://relays.syncthing.net/endpoint": dial tcp: lookup relays.syncthing.net on 127.0.0.11:53: read udp 127.0.0.1:34348->127.0.0.11:53: i/o timeout
dig https://discovery-v{4,6}.syncthing.net
❯ dig https://discovery-v{4,6}.syncthing.net dig
; <<>> DiG 9.16.16 <<>> https://discovery-v4.syncthing.net https://discovery-v6.syncthing.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20970
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;https://discovery-v4.syncthing.net. IN A
;; AUTHORITY SECTION:
syncthing.net. 1800 IN SOA ns1.digitalocean.com. hostmaster.syncthing.net. 1616692690 10800 3600 604800 1800
;; Query time: 251 msec
;; SERVER: 100.70.234.26#53(100.70.234.26)
;; WHEN: Sun Jul 25 10:56:54 MDT 2021
;; MSG SIZE rcvd: 130
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43594
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;https://discovery-v6.syncthing.net. IN A
;; AUTHORITY SECTION:
syncthing.net. 1800 IN SOA ns1.digitalocean.com. hostmaster.syncthing.net. 1616692690 10800 3600 604800 1800
;; Query time: 69 msec
;; SERVER: 100.70.234.26#53(100.70.234.26)
;; WHEN: Sun Jul 25 10:56:54 MDT 2021
;; MSG SIZE rcvd: 130E rcvd: 12