"Failed to exchange Hello messages" from Android nodes?

Greetings friends!

Ran into some error messages trying to migrate into a new Syncthing node inside a Docker container with all files encrypted. Haven’t noticed any consequence besides the error message itself, and seems to come only from my Android nodes.

What could be causing this? Happy to provide any more info if needed.

  • Logs are from a fresh install of an encrypted “cloud” Syncthing accessed through public IP (99.99.99.99), port forwarded into a Docker container in bridge network mode.
  • 2 Syncthing on Android produce the “Failed to exchange Hello messages” in the logs.
  • 1 Syncthing on MacOs with identical setup did not produce the messages.

All versions are 1.18.1

2021-08-08 18:21:58 Failed to exchange Hello messages with ANDROID1-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX at 172.17.0.2:22000-99.99.99.99:42290/tcp-server/TLS1.3-TLS_AES_128_GCM_SHA256: write tcp 172.17.0.2:22000->99.99.99.99:42290: write: connection reset by peer 2021-08-08 18:23:05 Failed to exchange Hello messages with ANDROID1-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX at 172.17.0.2:22000-99.99.99.99:42293/tcp-server/TLS1.3-TLS_AES_128_GCM_SHA256: write tcp 172.17.0.2:22000->99.99.99.99:42293: write: connection reset by peer 2021-08-08 18:24:11 Failed to exchange Hello messages with ANDROID1-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX at 172.17.0.2:22000-99.99.99.99:42298/tcp-server/TLS1.3-TLS_AES_128_GCM_SHA256: write tcp 172.17.0.2:22000->99.99.99.99:42298: write: connection reset by peer 2021-08-08 18:25:17 Failed to exchange Hello messages with ANDROID1-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX at 172.17.0.2:22000-99.99.99.99:42302/tcp-server/TLS1.3-TLS_AES_128_GCM_SHA256: write tcp 172.17.0.2:22000->99.99.99.99:42302: write: connection reset by peer 2021-08-08 18:26:24 Failed to exchange Hello messages with ANDROID1-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX at 172.17.0.2:22000-99.99.99.99:42307/tcp-server/TLS1.3-TLS_AES_128_GCM_SHA256: write tcp 172.17.0.2:22000->99.99.99.99:42307: write: connection reset by peer 2021-08-08 18:27:30 Failed to exchange Hello messages with ANDROID1-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX at 172.17.0.2:22000-99.99.99.99:42312/tcp-server/TLS1.3-TLS_AES_128_GCM_SHA256: write tcp 172.17.0.2:22000->99.99.99.99:42312: write: connection reset by peer 2021-08-08 18:28:02 Connection to ANDROID2-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX at 172.17.0.2:22000-99.99.99.99:59883/tcp-server/TLS1.3-TLS_AES_128_GCM_SHA256 closed: read timeout 2021-08-08 18:28:37 Failed to exchange Hello messages with ANDROID1-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX at 172.17.0.2:22000-99.99.99.99:42319/tcp-server/TLS1.3-TLS_AES_128_GCM_SHA256: write tcp 172.17.0.2:22000->99.99.99.99:42319: write: connection reset by peer 2021-08-08 18:29:43 Failed to exchange Hello messages with ANDROID1-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX at 172.17.0.2:22000-99.99.99.99:42322/tcp-server/TLS1.3-TLS_AES_128_GCM_SHA256: write tcp 172.17.0.2:22000->99.99.99.99:42322: write: connection reset by peer 2021-08-08 18:30:49 Failed to exchange Hello messages with ANDROID1-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX at 172.17.0.2:22000-99.99.99.99:42328/tcp-server/TLS1.3-TLS_AES_128_GCM_SHA256: write tcp 172.17.0.2:22000->99.99.99.99:42328: write: connection reset by peer

Similar messages appear every other minute.

Check the logs on the other side, but most likely some sort of connection issue/firewall.

Nothing. Last log message on ANDROID1 side:

2021-08-08 12:54:45 Sent usage report (version 3)

While on the Encrypted Syncthing side every other minute:

2021-08-08 21:12:29 Failed to exchange Hello messages with ANDROID1-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX at 172.17.0.2:22000-99.99.99.99:55684/tcp-server/TLS1.3-TLS_AES_128_GCM_SHA256: write tcp 172.17.0.2:22000->99.99.99.99:55684: write: connection reset by peer

Question: Why is port 55684 used here for 99.99.99.99 instead of 22000? (172.17.0.2:22000->99.99.99.99:55684)

TCP client vs TCP server. Syncthing’s TCP server listens on port 22000 by default, but for outgoing TCP connections the OS kernel chooses a port (except if syncthing also reuses the server port for outgoing connections, which may not be supported in all scenarios).

Interesting. This could be due to a double NAT from the Network bridge added for the Docker container (subnet 172.17.0.X). But why would the MacOS client with the same settings be unaffected?

Hopefully someone with more knowledge than me on Syncthing running in Docker containers can chime in. Maybe “network_mode: host” is mandatory using a public IP with port forwarding?

No change after setting Docker Compose to use “network_mode: host”.

Of total 3 devices connected (same settings) only occurs with ANDROID1.

2021-08-12 00:21:17 Failed to exchange Hello messages with ANDROID1-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX at 192.168.1.99:22000-99.99.99.99:55000/tcp-server/TLS1.3-TLS_AES_128_GCM_SHA256: write tcp 192.168.1.99:22000->99.99.99.99:55000: write: connection reset by peer
2021-08-12 00:22:23 Failed to exchange Hello messages with ANDROID1-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX at 192.168.1.99:22000-99.99.99.99:55074/tcp-server/TLS1.3-TLS_AES_128_GCM_SHA256: write tcp 192.168.1.99:22000->99.99.99.99:55074: write: connection reset by peer
2021-08-12 00:23:35 Failed to exchange Hello messages with ANDROID1-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX at 192.168.1.99:22000-99.99.99.99:55124/tcp-server/TLS1.3-TLS_AES_128_GCM_SHA256: write tcp 192.168.1.99:22000->99.99.99.99:55124: write: connection reset by peer
2021-08-12 00:24:41 Failed to exchange Hello messages with ANDROID1-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX-XXXXXXX at 192.168.1.99:22000-99.99.99.99:55008/tcp-server/TLS1.3-TLS_AES_128_GCM_SHA256: write tcp 192.168.1.99:22000->99.99.99.99:55008: write: connection reset by peer

Moved all devices into a local network (192.168.X.X), changed settings on both ends and still getting spammed “Failed to exchange Hello messages” for ANDROID1 on my public IP (99.99.99.99 and not 192.168.X.X).

Weird. Running out of ideas.

Android version? The reason i’m asking is that Android 11 breaks local discovery.

It’s fixed in the forked app but the issue isn’t solved in the official app yet.

Android ver 8 and 9.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.