meaning of the connection status from each device

Hi, I want to debug some connection problems to my different server and nas about syncthing. Could someone tell me what does mean tcp-client, tcp-server ? Realy-server it’s pretty clear so I won’t ask that. thanks in advance

It just means who connected to who. Both are listening on 22000 (by default) but only one connection is made. So either A connects to B (so A is client and B is server) or vice versa.


ooow okey. so the server then can send the data from another random port?

Once connected there is no difference whatsoever between the two devices, regardless who is shown as “server” and “client”. Data will flow in both directions over the same connection. It’s just an informational thing that can be useful when figuring out port forwards and whatnot.

that’s totally not what I’ve jsut understood then. I’m going to develop a bit my problem here then(which is not really a problem but still it bothers me).

I have 2 different behaviour for the same docker container from the same host to 2 differents host.

normally the docker container is related to bast on a conventional debian host .

From the another docker container inside a synology(since the synoapp doesn't work anymore), I have as information : for the container above

From the windows app on another host I have: for the first container I was speaking about.

if I understand you correctly the transmission should happening on the same port that I've configured in both ways. and I don't get the same port or the samie ip. But indeed if I'm outside the lan I would have the good public ip and the good port. Is it not a problem for the firewall inside the lan then woth these random ports?

Docker proxies connections and acts like a combo NAT router / port forward as far as Syncthing is concerned. You’ll probably have to do a fair amount of manual setup to get things to connect as expected into a Docker container. (Out from it should work with global discovery; local discovery will not work as “local” doesn’t extend outside the Docker container.)

that, I totally agree with you about how docker is handling things but if I watch the behaviour of plex for example, or even resilio, it won’t give me something else that I configured in it. And it seems that for my syncthing containers it’s different since I don’t get the good ip address, which is totally fine since as you said docker is acting as a NAT router, but not the good port either and I 've well putted 50101 in the config.xml. That’s why I was looking for another explanation. And the behaviour of a NAT router should’nt decide of another port to send data than what is asking to. We could take the example of dns server which would go request informations from a random port to the destionation port 53. That’s why I was a bit surprised by your answer if you tell me that in anycase all transations are made from and to the same port that I’ve normally configured.

Sorry, I really don’t know what you’re saying. Maybe someone else gets it better. You can get incoming connections to Syncthing through the Docker proxying. It can connect out as usual. If you change the ports in the forward Syncthing will get confused, much like it does behind a regular NAT router with an unknown port forward.

okey maybe i’m not telling it correctly then.

plex would be on port 32400. it won't happen on another port except if you do an eplicit forward in your docker command.

in resilio sync, you can configure the port, so it will take that port and not change it for another random port unless if you do an explicit forward in your docker command.

here what I have with syncthing configured :


my command was that:

sudo docker run -d --name syncthing -p -p -v /media/stock/reserve/syncthing/config:/var/syncthing/config -v /media/stock/reserve/syncthing/data:/var/syncthing/Sync syncthing/syncthing:latest

as a result I have this:

> a89fadff2d50 syncthing/syncthing:latest "/syncthing/syncth..." 6 seconds ago Up 5 seconds>8384/tcp,>50101/tcp

so why am I seeing another port as connection to this container from other hosts? I should get precisely 50101 and nothing else. Except if you tell me that syncthing choose a random port to put in place the connection ? OR is it maybe not working with something else than 22000?

Listening always happens on 22000.

Dialing happens on a random port that the OS assigns when you try to initiate a new connection somewhere. You cannot listen and dial from the same port in TCP without special tricks.

Same way you access this page on, yet your Chrome gets a socket from the OS in the 32000+ range randomly assigned.

Dialing connections are only outbound, they cannot be dialed back to. Listening connections are inbound only.

Obviously once the connection is established, data moves both ways, but the dialer is the initiator of the connection.

okey that’s more clear and that’s what I wanted to explain with my dns example. So actually I can’t change the 22000 by something else? I mean that I should configure every syncthing instances on 22000 and then do the forward only on my external router for outside connection puposes?

You can change it to whatever you like. For that to make sense to Syncthing in Docker, you should change it both in Syncthing (sync protocol listen address) and Docker. That is, if you want it on port 1234, tell Syncthing to listen on and tell Docker to -p 1234:1234.

okey great thanks

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.