How to configure Syncthing in a subnetted LAN?

My home LAN has several subnets and Syncthing-enabled devices will be in three of them. The subnets are internally routed but otherwise are private.

I believe that this means that from the perspective of my devices, they are in completely unrelated networks and therefore will look for a relay to communicate. This means leaving the LAN, going through a relay and getting back to the LAN, into another network.

They will not see each other directly because broadcasting is confined to a subnet.

It would not have been that bad since one of the devices (my server) is exposed on Internet and can be reached directly. Unfortunately, my ISP provider in his infinite wisdom, disabled local loopback on the access box (which holds the public IP). This means that I cannot access from an internal device (on the 10.x LAN) to my public IP. Should I want to, I need to go through the private interface of the box. This is an abomination.

I was hoping for an internal relay who would handle the switch but

  • the documentation states that Syncthing can be configured to use specific relay servers (exclusively of the public pool)
  • and I would need to be able to configure a device so that it also tries the public pool in case the private one is not available (= it is on Internet)

How can I approach this problem?

As a fallback, for the fixed computers which will always be on the LAN: is it possible to forcefully point a device to another device?

You don’t want a private relay, but a private discovery server. The advantage is, that you will have direct connections so less overhaul. The discovery server should live in one of your private subnets and be reachable from all subnets, but doesn’t need to be from outside. Thus it will pick up the internal addresses of all your clients and advertise those.
After setting up such a discovery server ( you need to add it’s address (in addition to the default) in the settings (

Sure, in the device edit dialog as to be expected:

If your networks resolve computer names you can just add those to the addresses of the remote clients. If not, you need the IP address.

The Addresses field in the remote device edit dialog would need to be something like this:

tcp://computername:22000, dynamic

You can omit the port, if it’s the default 22000.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.