Private relay: Clients stay in status 'disconnected'

I’m trying to setup a private relay server for my two clients. The first client is my laptop on my home wifi, the second is a VPS in a remote data centre. The relay is also running on the VPS (the purpose of having the relay is to avoid opening syncthing itself up to being publicly internet).

I’ve been able to get the relay up and working and both clients seem to connect to it. The problem is that the clients never seem to intiate a session with each other (even though I’ve deliberately created new files in the Sync directory on one that should be synced to the other). In the web interfaces both clients show ‘Relays 1/1’ in green, but show the other client as ‘Disconnected’.

Not sure what I’m missing here - anyone able to help?

This is the output from the relay server, I’ve anonymised it with X’s

2015/12/08 11:24:29 listener.go:46: Listener accepted connection from 127.0.0.1:55447 tls true 2015/12/08 11:24:29 listener.go:105: Message protocol.JoinRelayRequest from O275INB-XXXXXXXXXXXXXXXXXXXXXXXXXXX 2015/12/08 11:25:29 listener.go:105: Message protocol.Pong from O275INB-XXXXXXXXXXXXXXXXXXXXXXXXXXX 2015/12/08 11:26:29 listener.go:105: Message protocol.Pong from O275INB-XXXXXXXXXXXXXXXXXXXXXXXXXXX 2015/12/08 11:27:29 listener.go:105: Message protocol.Pong from O275INB-XXXXXXXXXXXXXXXXXXXXXXXXXXX 2015/12/08 11:28:29 listener.go:105: Message protocol.Pong from O275INB-XXXXXXXXXXXXXXXXXXXXXXXXXXX 2015/12/08 11:29:29 listener.go:105: Message protocol.Pong from O275INB-XXXXXXXXXXXXXXXXXXXXXXXXXXX 2015/12/08 11:30:29 listener.go:105: Message protocol.Pong from O275INB-XXXXXXXXXXXXXXXXXXXXXXXXXXX 2015/12/08 11:31:29 listener.go:105: Message protocol.Pong from O275INB-XXXXXXXXXXXXXXXXXXXXXXXXXXX 2015/12/08 11:32:29 listener.go:105: Message protocol.Pong from O275INB-XXXXXXXXXXXXXXXXXXXXXXXXXXX 2015/12/08 11:33:29 listener.go:105: Message protocol.Pong from O275INB-XXXXXXXXXXXXXXXXXXXXXXXXXXX 2015/12/08 11:34:29 listener.go:105: Message protocol.Pong from O275INB-XXXXXXXXXXXXXXXXXXXXXXXXXXX 2015/12/08 11:35:09 listener.go:46: Listener accepted connection from 121.xx.xx.xx:19016 tls true 2015/12/08 11:35:10 listener.go:105: Message protocol.JoinRelayRequest from Q5R7HJG-XXXXXXXXXXXXXXXXXXXXXXXXXXXXX 2015/12/08 11:35:29 listener.go:105: Message protocol.Pong from O275INB-XXXXXXXXXXXXXXXXXXXXXXXXXXX 2015/12/08 11:36:10 listener.go:105: Message protocol.Pong from Q5R7HJG-XXXXXXXXXXXXXXXXXXXXXXXXXXXXX 2015/12/08 11:36:29 listener.go:105: Message protocol.Pong from O275INB-XXXXXXXXXXXXXXXXXXXXXXXXXXX 2015/12/08 11:37:10 listener.go:105: Message protocol.Pong from Q5R7HJG-XXXXXXXXXXXXXXXXXXXXXXXXXXXXX 2015/12/08 11:37:29 listener.go:105: Message protocol.Pong from O275INB-XXXXXXXXXXXXXXXXXXXXXXXXXXX 2015/12/08 11:38:10 listener.go:105: Message protocol.Pong from Q5R7HJG-XXXXXXXXXXXXXXXXXXXXXXXXXXXXX 2015/12/08 11:38:29 listener.go:105: Message protocol.Pong from O275INB-XXXXXXXXXXXXXXXXXXXXXXXXXXX 2015/12/08 11:39:10 listener.go:105: Message protocol.Pong from Q5R7HJG-XXXXXXXXXXXXXXXXXXXXXXXXXXXXX 2015/12/08 11:39:29 listener.go:105: Message protocol.Pong from O275INB-XXXXXXXXXXXXXXXXXXXXXXXXXXX 2015/12/08 11:40:10 listener.go:105: Message protocol.Pong from Q5R7HJG-XXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Are both of your devices set up to use the same (set of) discovery server(s)? Setting STTRACE to discover on the devices may provide useful information here.

Yes, I’ve just checked and they’re both using the same discovery servers:

client1:

[Q5R7H] 2015/12/08 22:42:15.040368 main.go:734: INFO: Using discovery server https://discovery-v4-1.syncthing.net/?id=SR7AARM-TCBUZ5O-VFAXY4D-CECGSDE-3Q6IZ4G-XG7AH75-OBIXJQV-QJ6NLQA [Q5R7H] 2015/12/08 22:42:15.040685 main.go:734: INFO: Using discovery server https://discovery-v4-2.syncthing.net/?id=DVU36WY-H3LVZHW-E6LLFRE-YAFN5EL-HILWRYP-OC2M47J-Z4PE62Y-ADIBDQC [Q5R7H] 2015/12/08 22:42:15.040845 main.go:734: INFO: Using discovery server https://discovery-v4-3.syncthing.net/?id=VK6HNJ3-VVMM66S-HRVWSCR-IXEHL2H-U4AQ4MW-UCPQBWX-J2L2UBK-NVZRDQZ [Q5R7H] 2015/12/08 22:42:15.041030 main.go:734: INFO: Using discovery server https://discovery-v6-1.syncthing.net/?id=SR7AARM-TCBUZ5O-VFAXY4D-CECGSDE-3Q6IZ4G-XG7AH75-OBIXJQV-QJ6NLQA [Q5R7H] 2015/12/08 22:42:15.041201 main.go:734: INFO: Using discovery server https://discovery-v6-2.syncthing.net/?id=DVU36WY-H3LVZHW-E6LLFRE-YAFN5EL-HILWRYP-OC2M47J-Z4PE62Y-ADIBDQC [Q5R7H] 2015/12/08 22:42:15.041375 main.go:734: INFO: Using discovery server https://discovery-v6-3.syncthing.net/?id=VK6HNJ3-VVMM66S-HRVWSCR-IXEHL2H-U4AQ4MW-UCPQBWX-J2L2UBK-NVZRDQZ

client2:

[RBWQS] 2015/12/08 12:54:51.773162 main.go:734: INFO: Using discovery server https://discovery-v4-1.syncthing.net/?id=SR7AARM-TCBUZ5O-VFAXY4D-CECGSDE-3Q6IZ4G-XG7AH75-OBIXJQV-QJ6NLQA [RBWQS] 2015/12/08 12:54:51.773302 main.go:734: INFO: Using discovery server https://discovery-v4-2.syncthing.net/?id=DVU36WY-H3LVZHW-E6LLFRE-YAFN5EL-HILWRYP-OC2M47J-Z4PE62Y-ADIBDQC [RBWQS] 2015/12/08 12:54:51.773412 main.go:734: INFO: Using discovery server https://discovery-v4-3.syncthing.net/?id=VK6HNJ3-VVMM66S-HRVWSCR-IXEHL2H-U4AQ4MW-UCPQBWX-J2L2UBK-NVZRDQZ [RBWQS] 2015/12/08 12:54:51.773503 main.go:734: INFO: Using discovery server https://discovery-v6-1.syncthing.net/?id=SR7AARM-TCBUZ5O-VFAXY4D-CECGSDE-3Q6IZ4G-XG7AH75-OBIXJQV-QJ6NLQA [RBWQS] 2015/12/08 12:54:51.773571 main.go:734: INFO: Using discovery server https://discovery-v6-2.syncthing.net/?id=DVU36WY-H3LVZHW-E6LLFRE-YAFN5EL-HILWRYP-OC2M47J-Z4PE62Y-ADIBDQC [RBWQS] 2015/12/08 12:54:51.773721 main.go:734: INFO: Using discovery server https://discovery-v6-3.syncthing.net/?id=VK6HNJ3-VVMM66S-HRVWSCR-IXEHL2H-U4AQ4MW-UCPQBWX-J2L2UBK-NVZRDQZ

I’m also interested in the results they get back from the discovery servers when doing device lookups. Search for lookup results for.

Why are you willing to open relays to the public internet, but not syncthing?

… bearing in mind that opening Syncthing to the wider world means that other devices can try and connect (if they know the IP), but will fail. Opening a relay to the wider world means that other devices can connect (if they know the IP) and relay their own traffic through your server without restriction.

Why are you willing to open relays to the public internet, but not syncthing?

The difference is that the syncthing process necessarily has access to all the files being synced, so if it’s compromised then the attacker gets all those files - potentially gigabytes of personal files.

The relaysrv however can be run as any non-privileged user (e.g. relaysrv), which has very little access to anything, so the damage from a compromise is less. Also, once I get relaysrv working I plan to try and move it into an LXC container so anyone who hacks it really won’t get access to much.

As for what canton7 mentioned that the relaysrv will be open to anyone to use, this isn’t necessarily a problem since it’ll be running on a VPS in a datacenter with up to 80mbit available and unlimited bandwidth.

Here’s the output from STTRACE=discovery syncthing on the VPS:

steffi@timvps:~$ STTRACE=discovery syncthing [monitor] 2015/12/09 00:06:31.430562 monitor.go:90: INFO: Starting syncthing [O275I] 2015/12/09 00:06:31.460841 main.go:519: INFO: syncthing v0.12.7 "Beryllium Bedbug" (go1.5.2 linux-amd64 default) jenkins@build2.syncthing.net 2015-12-06 12:09:22 UTC [O275I] 2015/12/09 00:06:31.461031 main.go:520: INFO: My ID: O275INB-xxxxxx.xxxx.xxx.xxxx.xxx [O275I] 2015/12/09 00:06:31.778880 main.go:856: INFO: Single thread hash performance is ~137 MB/s [O275I] 2015/12/09 00:06:32.688004 model.go:192: OK: Ready to synchronize someone's Windows User Profile Folder (read-write) [O275I] 2015/12/09 00:06:32.688962 model.go:192: OK: Ready to synchronize default (read-write) [O275I] 2015/12/09 00:06:32.689146 main.go:734: INFO: Using discovery server https://discovery-v4-1.syncthing.net/?id=SR7AARM-TCBUZ5O-VFAXY4D-CECGSDE-3Q6IZ4G-XG7AH75-OBIXJQV-QJ6NLQA [O275I] 2015/12/09 00:06:32.689233 main.go:734: INFO: Using discovery server https://discovery-v4-2.syncthing.net/?id=DVU36WY-H3LVZHW-E6LLFRE-YAFN5EL-HILWRYP-OC2M47J-Z4PE62Y-ADIBDQC [O275I] 2015/12/09 00:06:32.689283 main.go:734: INFO: Using discovery server https://discovery-v4-3.syncthing.net/?id=VK6HNJ3-VVMM66S-HRVWSCR-IXEHL2H-U4AQ4MW-UCPQBWX-J2L2UBK-NVZRDQZ [O275I] 2015/12/09 00:06:32.689336 main.go:734: INFO: Using discovery server https://discovery-v6-1.syncthing.net/?id=SR7AARM-TCBUZ5O-VFAXY4D-CECGSDE-3Q6IZ4G-XG7AH75-OBIXJQV-QJ6NLQA [O275I] 2015/12/09 00:06:32.689376 main.go:734: INFO: Using discovery server https://discovery-v6-2.syncthing.net/?id=DVU36WY-H3LVZHW-E6LLFRE-YAFN5EL-HILWRYP-OC2M47J-Z4PE62Y-ADIBDQC [O275I] 2015/12/09 00:06:32.689425 main.go:734: INFO: Using discovery server https://discovery-v6-3.syncthing.net/?id=VK6HNJ3-VVMM66S-HRVWSCR-IXEHL2H-U4AQ4MW-UCPQBWX-J2L2UBK-NVZRDQZ [O275I] 2015/12/09 00:06:32.690585 main.go:784: INFO: Device O275INB-xxxxxx.xxxx.xxx.xxxx.xxx is "myvps.domain.com" at [dynamic] [O275I] 2015/12/09 00:06:32.690702 main.go:784: INFO: Device Q5R7HJG-xxxxxx.xxxx.xxx.xxxx.xxx is "mylaptop.domain.com" at [dynamic] [O275I] 2015/12/09 00:06:32.690780 main.go:784: INFO: Device 5RD57AI-UGBLKP4-LWP3KN3-36NEUHA-YARWSUD-KM4XX3S-A5ZFMR4-WXAMDAB is "someonetop" at [dynamic] [O275I] 2015/12/09 00:06:32.694922 usage_report.go:273: INFO: Starting usage reporting [O275I] 2015/12/09 00:06:32.721122 gui.go:231: INFO: API listening on 127.0.0.1:8384 [O275I] 2015/12/09 00:06:32.721173 gui.go:232: INFO: GUI URL is http://127.0.0.1:8384/ [O275I] 2015/12/09 00:06:32.722389 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":null} [O275I] 2015/12/09 00:06:32.724273 local.go:172: DEBUG: discover: Received local announcement from 10.8.0.1:43320 for O275INB-xxxxxx.xxxx.xxx.xxxx.xxx [O275I] 2015/12/09 00:06:32.724955 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":null} [O275I] 2015/12/09 00:06:32.725262 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":null} [O275I] 2015/12/09 00:06:32.725531 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":null} [O275I] 2015/12/09 00:06:32.725912 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":null} [O275I] 2015/12/09 00:06:32.726311 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":null} [O275I] 2015/12/09 00:06:32.740280 global.go:232: DEBUG: announce POST: Post https://discovery-v6-2.syncthing.net/: dial tcp [2604:a880:800:10::182:a001]:443: connect: network is unreachable [O275I] 2015/12/09 00:06:32.740455 global.go:232: DEBUG: announce POST: Post https://discovery-v6-3.syncthing.net/: dial tcp [2400:6180:0:d0::d9:d001]:443: connect: network is unreachable [O275I] 2015/12/09 00:06:32.741060 global.go:232: DEBUG: announce POST: Post https://discovery-v6-1.syncthing.net/: dial tcp [2001:470:28:4d6::5]:443: connect: network is unreachable [O275I] 2015/12/09 00:06:32.742168 rwfolder.go:329: INFO: Completed initial scan (rw) of folder default [O275I] 2015/12/09 00:06:32.880034 cache.go:107: DEBUG: lookup for Q5R7HJG-xxxxxx.xxxx.xxx.xxxx.xxx at global@https://discovery-v4-1.syncthing.net/ [O275I] 2015/12/09 00:06:32.880308 cache.go:108: DEBUG: direct: [tcp://120.19.7.18:22000] [O275I] 2015/12/09 00:06:32.880457 cache.go:109: DEBUG: relays: [{relay://myvps.domain.com:22067/?id=TK647X2-22U6ROT-XXXXXXX-XXXXXX-XXXXX 568}] [O275I] 2015/12/09 00:06:32.897985 global.go:237: DEBUG: announce POST: 204 No Content [O275I] 2015/12/09 00:06:32.898047 global.go:264: DEBUG: announce Reannounce-After: 1800 <nil> [O275I] 2015/12/09 00:06:33.144774 global.go:237: DEBUG: announce POST: 204 No Content [O275I] 2015/12/09 00:06:33.144828 global.go:264: DEBUG: announce Reannounce-After: 1800 <nil> [O275I] 2015/12/09 00:06:33.232370 cache.go:107: DEBUG: lookup for Q5R7HJG-xxxxxx.xxxx.xxx.xxxx.xxx at global@https://discovery-v4-2.syncthing.net/ [O275I] 2015/12/09 00:06:33.232423 cache.go:108: DEBUG: direct: [tcp://120.19.7.18:22000] [O275I] 2015/12/09 00:06:33.232438 cache.go:109: DEBUG: relays: [{relay://myvps.domain.com:22067/?id=TK647X2-22U6ROT-XXXXXXX-XXXXXX-XXXXX 568}] [O275I] 2015/12/09 00:06:33.564661 global.go:237: DEBUG: announce POST: 204 No Content [O275I] 2015/12/09 00:06:33.564719 global.go:264: DEBUG: announce Reannounce-After: 1800 <nil> [O275I] 2015/12/09 00:06:34.015183 rwfolder.go:329: INFO: Completed initial scan (rw) of folder someone's Windows User Profile Folder [O275I] 2015/12/09 00:06:34.040102 global.go:150: DEBUG: globalClient.Lookup https://discovery-v4-3.syncthing.net/?device=Q5R7HJG-xxxxxx.xxxx.xxx.xxxx.xxx 404 Not Found [O275I] 2015/12/09 00:06:34.043892 global.go:145: DEBUG: globalClient.Lookup https://discovery-v6-1.syncthing.net/?device=Q5R7HJG-xxxxxx.xxxx.xxx.xxxx.xxx Get https://discovery-v6-1.syncthing.net/?device=Q5R7HJG-xxxxxx.xxxx.xxx.xxxx.xxx: dial tcp [2001:470:28:4d6::5]:443: connect: network is unreachable [O275I] 2015/12/09 00:06:34.045099 global.go:145: DEBUG: globalClient.Lookup https://discovery-v6-2.syncthing.net/?device=Q5R7HJG-xxxxxx.xxxx.xxx.xxxx.xxx Get https://discovery-v6-2.syncthing.net/?device=Q5R7HJG-xxxxxx.xxxx.xxx.xxxx.xxx: dial tcp [2604:a880:800:10::182:a001]:443: connect: network is unreachable [O275I] 2015/12/09 00:06:34.046233 global.go:145: DEBUG: globalClient.Lookup https://discovery-v6-3.syncthing.net/?device=Q5R7HJG-xxxxxx.xxxx.xxx.xxxx.xxx Get https://discovery-v6-3.syncthing.net/?device=Q5R7HJG-xxxxxx.xxxx.xxx.xxxx.xxx: dial tcp [2400:6180:0:d0::d9:d001]:443: connect: network is unreachable [O275I] 2015/12/09 00:06:34.046354 cache.go:107: DEBUG: lookup for Q5R7HJG-xxxxxx.xxxx.xxx.xxxx.xxx at IPv4 local [O275I] 2015/12/09 00:06:34.046390 cache.go:108: DEBUG: direct: [] [O275I] 2015/12/09 00:06:34.046401 cache.go:109: DEBUG: relays: [] [O275I] 2015/12/09 00:06:34.046662 cache.go:107: DEBUG: lookup for Q5R7HJG-xxxxxx.xxxx.xxx.xxxx.xxx at IPv6 local [O275I] 2015/12/09 00:06:34.046688 cache.go:108: DEBUG: direct: [] [O275I] 2015/12/09 00:06:34.046696 cache.go:109: DEBUG: relays: [] [O275I] 2015/12/09 00:06:34.046779 cache.go:136: DEBUG: lookup results for Q5R7HJG-xxxxxx.xxxx.xxx.xxxx.xxx [O275I] 2015/12/09 00:06:34.046807 cache.go:137: DEBUG: direct: [tcp://120.19.7.18:22000] [O275I] 2015/12/09 00:06:34.046876 cache.go:138: DEBUG: relays: [{relay://myvps.domain.com:22067/?id=TK647X2-22U6ROT-XXXXXXX-XXXXXX-XXXXX 568}] [O275I] 2015/12/09 00:06:42.689630 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":[{"url":"relay://37.xx.xx.xx:22067/?id=TK647X2-22U6ROT-XXXXXXX-XXXXXX-XXXXX","latency":2}]} [O275I] 2015/12/09 00:06:42.690391 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":[{"url":"relay://37.xx.xx.xx:22067/?id=TK647X2-22U6ROT-XXXXXXX-XXXXXX-XXXXX","latency":2}]} [O275I] 2015/12/09 00:06:42.691146 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":[{"url":"relay://37.xx.xx.xx:22067/?id=TK647X2-22U6ROT-XXXXXXX-XXXXXX-XXXXX","latency":2}]} [O275I] 2015/12/09 00:06:42.691411 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":[{"url":"relay://37.xx.xx.xx:22067/?id=TK647X2-22U6ROT-XXXXXXX-XXXXXX-XXXXX","latency":2}]} [O275I] 2015/12/09 00:06:42.691630 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":[{"url":"relay://37.xx.xx.xx:22067/?id=TK647X2-22U6ROT-XXXXXXX-XXXXXX-XXXXX","latency":2}]} [O275I] 2015/12/09 00:06:42.691802 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":[{"url":"relay://37.xx.xx.xx:22067/?id=TK647X2-22U6ROT-XXXXXXX-XXXXXX-XXXXX","latency":2}]} [O275I] 2015/12/09 00:06:42.694870 global.go:232: DEBUG: announce POST: Post https://discovery-v6-1.syncthing.net/: dial tcp [2001:470:28:4d6::5]:443: connect: network is unreachable [O275I] 2015/12/09 00:06:42.695189 global.go:232: DEBUG: announce POST: Post https://discovery-v6-2.syncthing.net/: dial tcp [2604:a880:800:10::182:a001]:443: connect: network is unreachable [O275I] 2015/12/09 00:06:42.695456 global.go:232: DEBUG: announce POST: Post https://discovery-v6-3.syncthing.net/: dial tcp [2400:6180:0:d0::d9:d001]:443: connect: network is unreachable [O275I] 2015/12/09 00:06:42.721646 upnpsvc.go:58: INFO: No UPnP device detected [O275I] 2015/12/09 00:06:42.725417 global.go:237: DEBUG: announce POST: 204 No Content [O275I] 2015/12/09 00:06:42.725455 global.go:264: DEBUG: announce Reannounce-After: 1800 <nil> [O275I] 2015/12/09 00:06:42.784712 global.go:237: DEBUG: announce POST: 204 No Content [O275I] 2015/12/09 00:06:42.784885 global.go:264: DEBUG: announce Reannounce-After: 1800 <nil> [O275I] 2015/12/09 00:06:42.893370 global.go:237: DEBUG: announce POST: 204 No Content [O275I] 2015/12/09 00:06:42.893460 global.go:264: DEBUG: announce Reannounce-After: 1800 <nil> [O275I] 2015/12/09 00:07:02.710839 local.go:172: DEBUG: discover: Received local announcement from 10.8.0.1:43320 for O275INB-xxxxxx.xxxx.xxx.xxxx.xxx [O275I] 2015/12/09 00:07:32.692727 local.go:172: DEBUG: discover: Received local announcement from 10.8.0.1:43320 for O275INB-xxxxxx.xxxx.xxx.xxxx.xxx [O275I] 2015/12/09 00:08:02.691246 local.go:172: DEBUG: discover: Received local announcement from 10.8.0.1:43320 for O275INB-xxxxxx.xxxx.xxx.xxxx.xxx

And the STTRACE=discovery syncthing output from the laptop:

tim@timcb:~$ STTRACE=discovery syncthing [monitor] 2015/12/09 10:14:45.936192 monitor.go:90: INFO: Starting syncthing [Q5R7H] 2015/12/09 10:14:45.965256 main.go:519: INFO: syncthing v0.12.7 "Beryllium Bedbug" (go1.5.2 linux-amd64 default) jenkins@build2.syncthing.net 2015-12-06 12:09:22 UTC [Q5R7H] 2015/12/09 10:14:45.965414 main.go:520: INFO: My ID: Q5R7HJG-xxxxxxx-xxxxxxxxxxxx-xxxxxx [Q5R7H] 2015/12/09 10:14:46.320741 main.go:856: INFO: Single thread hash performance is ~78 MB/s [Q5R7H] 2015/12/09 10:14:46.328952 model.go:192: OK: Ready to synchronize default (read-write) [Q5R7H] 2015/12/09 10:14:46.329067 main.go:734: INFO: Using discovery server https://discovery-v4-1.syncthing.net/?id=SR7AARM-TCBUZ5O-VFAXY4D-CECGSDE-3Q6IZ4G-XG7AH75-OBIXJQV-QJ6NLQA [Q5R7H] 2015/12/09 10:14:46.329190 main.go:734: INFO: Using discovery server https://discovery-v4-2.syncthing.net/?id=DVU36WY-H3LVZHW-E6LLFRE-YAFN5EL-HILWRYP-OC2M47J-Z4PE62Y-ADIBDQC [Q5R7H] 2015/12/09 10:14:46.329257 main.go:734: INFO: Using discovery server https://discovery-v4-3.syncthing.net/?id=VK6HNJ3-VVMM66S-HRVWSCR-IXEHL2H-U4AQ4MW-UCPQBWX-J2L2UBK-NVZRDQZ [Q5R7H] 2015/12/09 10:14:46.329321 main.go:734: INFO: Using discovery server https://discovery-v6-1.syncthing.net/?id=SR7AARM-TCBUZ5O-VFAXY4D-CECGSDE-3Q6IZ4G-XG7AH75-OBIXJQV-QJ6NLQA [Q5R7H] 2015/12/09 10:14:46.329380 main.go:734: INFO: Using discovery server https://discovery-v6-2.syncthing.net/?id=DVU36WY-H3LVZHW-E6LLFRE-YAFN5EL-HILWRYP-OC2M47J-Z4PE62Y-ADIBDQC [Q5R7H] 2015/12/09 10:14:46.329446 main.go:734: INFO: Using discovery server https://discovery-v6-3.syncthing.net/?id=VK6HNJ3-VVMM66S-HRVWSCR-IXEHL2H-U4AQ4MW-UCPQBWX-J2L2UBK-NVZRDQZ [Q5R7H] 2015/12/09 10:14:46.331552 main.go:784: INFO: Device O275INB-XXXXXXX-XXXXXXXXXX-XXXXXXXXXX is "myvps.domain.com" at [dynamic] [Q5R7H] 2015/12/09 10:14:46.331764 main.go:784: INFO: Device Q5R7HJG-xxxxxxx-xxxxxxxxxxxx-xxxxxx is "mylaptop.domain.com" at [dynamic] [Q5R7H] 2015/12/09 10:14:46.336185 usage_report.go:273: INFO: Starting usage reporting [Q5R7H] 2015/12/09 10:14:46.340935 rwfolder.go:329: INFO: Completed initial scan (rw) of folder default [Q5R7H] 2015/12/09 10:14:46.341842 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":null} [Q5R7H] 2015/12/09 10:14:46.341969 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":null} [Q5R7H] 2015/12/09 10:14:46.342518 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":null} [Q5R7H] 2015/12/09 10:14:46.342923 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":null} [Q5R7H] 2015/12/09 10:14:46.343331 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":null} [Q5R7H] 2015/12/09 10:14:46.343730 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":null} [Q5R7H] 2015/12/09 10:14:46.382094 gui.go:231: INFO: API listening on 127.0.0.1:8384 [Q5R7H] 2015/12/09 10:14:46.382365 gui.go:232: INFO: GUI URL is http://127.0.0.1:8384/ [Q5R7H] 2015/12/09 10:14:46.390380 global.go:232: DEBUG: announce POST: Post https://discovery-v6-1.syncthing.net/: dial tcp [2001:470:28:4d6::5]:443: connect: network is unreachable [Q5R7H] 2015/12/09 10:14:46.390483 global.go:232: DEBUG: announce POST: Post https://discovery-v6-2.syncthing.net/: dial tcp [2604:a880:800:10::182:a001]:443: connect: network is unreachable [Q5R7H] 2015/12/09 10:14:46.392170 global.go:232: DEBUG: announce POST: Post https://discovery-v6-3.syncthing.net/: dial tcp [2400:6180:0:d0::d9:d001]:443: connect: network is unreachable [Q5R7H] 2015/12/09 10:14:47.517571 global.go:237: DEBUG: announce POST: 204 No Content [Q5R7H] 2015/12/09 10:14:47.517603 global.go:264: DEBUG: announce Reannounce-After: 1800 <nil> [Q5R7H] 2015/12/09 10:14:47.570167 global.go:237: DEBUG: announce POST: 204 No Content [Q5R7H] 2015/12/09 10:14:47.570200 global.go:264: DEBUG: announce Reannounce-After: 1800 <nil> [Q5R7H] 2015/12/09 10:14:48.041508 cache.go:107: DEBUG: lookup for O275INB-XXXXXXX-XXXXXXXXXX-XXXXXXXXXX at global@https://discovery-v4-1.syncthing.net/ [Q5R7H] 2015/12/09 10:14:48.041544 cache.go:108: DEBUG: direct: [tcp://37.xx.xx.xx:22000] [Q5R7H] 2015/12/09 10:14:48.041562 cache.go:109: DEBUG: relays: [{relay://37.xx.xx.xx:22067/?id=TK647X2-XXXXX-XXXXXXXX-XXXXXXX-XXXXX 2}] [Q5R7H] 2015/12/09 10:14:48.042778 global.go:237: DEBUG: announce POST: 204 No Content [Q5R7H] 2015/12/09 10:14:48.042806 global.go:264: DEBUG: announce Reannounce-After: 1800 <nil> [Q5R7H] 2015/12/09 10:14:49.308323 cache.go:107: DEBUG: lookup for O275INB-XXXXXXX-XXXXXXXXXX-XXXXXXXXXX at global@https://discovery-v4-2.syncthing.net/ [Q5R7H] 2015/12/09 10:14:49.308359 cache.go:108: DEBUG: direct: [tcp://37.xx.xx.xx:22000] [Q5R7H] 2015/12/09 10:14:49.308374 cache.go:109: DEBUG: relays: [{relay://37.xx.xx.xx:22067/?id=TK647X2-XXXXX-XXXXXXXX-XXXXXXX-XXXXX 2}] [Q5R7H] 2015/12/09 10:14:50.601876 cache.go:107: DEBUG: lookup for O275INB-XXXXXXX-XXXXXXXXXX-XXXXXXXXXX at global@https://discovery-v4-3.syncthing.net/ [Q5R7H] 2015/12/09 10:14:50.601908 cache.go:108: DEBUG: direct: [tcp://37.xx.xx.xx:22000] [Q5R7H] 2015/12/09 10:14:50.601923 cache.go:109: DEBUG: relays: [{relay://37.xx.xx.xx:22067/?id=TK647X2-XXXXX-XXXXXXXX-XXXXXXX-XXXXX 2}] [Q5R7H] 2015/12/09 10:14:50.644068 global.go:145: DEBUG: globalClient.Lookup https://discovery-v6-1.syncthing.net/?device=O275INB-XXXXXXX-XXXXXXXXXX-XXXXXXXXXX Get https://discovery-v6-1.syncthing.net/?device=O275INB-XXXXXXX-XXXXXXXXXX-XXXXXXXXXX: dial tcp [2001:470:28:4d6::5]:443: connect: network is unreachable [Q5R7H] 2015/12/09 10:14:50.692205 global.go:145: DEBUG: globalClient.Lookup https://discovery-v6-2.syncthing.net/?device=O275INB-XXXXXXX-XXXXXXXXXX-XXXXXXXXXX Get https://discovery-v6-2.syncthing.net/?device=O275INB-XXXXXXX-XXXXXXXXXX-XXXXXXXXXX: dial tcp [2604:a880:800:10::182:a001]:443: connect: network is unreachable [Q5R7H] 2015/12/09 10:14:50.749251 global.go:145: DEBUG: globalClient.Lookup https://discovery-v6-3.syncthing.net/?device=O275INB-XXXXXXX-XXXXXXXXXX-XXXXXXXXXX Get https://discovery-v6-3.syncthing.net/?device=O275INB-XXXXXXX-XXXXXXXXXX-XXXXXXXXXX: dial tcp [2400:6180:0:d0::d9:d001]:443: connect: network is unreachable [Q5R7H] 2015/12/09 10:14:50.749398 cache.go:107: DEBUG: lookup for O275INB-XXXXXXX-XXXXXXXXXX-XXXXXXXXXX at IPv4 local [Q5R7H] 2015/12/09 10:14:50.749425 cache.go:108: DEBUG: direct: [] [Q5R7H] 2015/12/09 10:14:50.749434 cache.go:109: DEBUG: relays: [] [Q5R7H] 2015/12/09 10:14:50.749517 cache.go:107: DEBUG: lookup for O275INB-XXXXXXX-XXXXXXXXXX-XXXXXXXXXX at IPv6 local [Q5R7H] 2015/12/09 10:14:50.749526 cache.go:108: DEBUG: direct: [] [Q5R7H] 2015/12/09 10:14:50.749534 cache.go:109: DEBUG: relays: [] [Q5R7H] 2015/12/09 10:14:50.749630 cache.go:136: DEBUG: lookup results for O275INB-XXXXXXX-XXXXXXXXXX-XXXXXXXXXX [Q5R7H] 2015/12/09 10:14:50.749643 cache.go:137: DEBUG: direct: [tcp://37.xx.xx.xx:22000] [Q5R7H] 2015/12/09 10:14:50.749656 cache.go:138: DEBUG: relays: [{relay://37.xx.xx.xx:22067/?id=TK647X2-XXXXX-XXXXXXXX-XXXXXXX-XXXXX 2}] [Q5R7H] 2015/12/09 10:14:56.329998 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":[{"url":"relay://myvps.domain.com:22067/?id=TK647X2-XXXXX-XXXXXXXX-XXXXXXX-XXXXX","latency":430}]} [Q5R7H] 2015/12/09 10:14:56.330058 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":[{"url":"relay://myvps.domain.com:22067/?id=TK647X2-XXXXX-XXXXXXXX-XXXXXXX-XXXXX","latency":430}]} [Q5R7H] 2015/12/09 10:14:56.330214 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":[{"url":"relay://myvps.domain.com:22067/?id=TK647X2-XXXXX-XXXXXXXX-XXXXXXX-XXXXX","latency":430}]} [Q5R7H] 2015/12/09 10:14:56.330360 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":[{"url":"relay://myvps.domain.com:22067/?id=TK647X2-XXXXX-XXXXXXXX-XXXXXXX-XXXXX","latency":430}]} [Q5R7H] 2015/12/09 10:14:56.330683 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":[{"url":"relay://myvps.domain.com:22067/?id=TK647X2-XXXXX-XXXXXXXX-XXXXXXX-XXXXX","latency":430}]} [Q5R7H] 2015/12/09 10:14:56.330758 global.go:228: DEBUG: Announcement: {"direct":["tcp://0.0.0.0:22000"],"relays":[{"url":"relay://myvps.domain.com:22067/?id=TK647X2-XXXXX-XXXXXXXX-XXXXXXX-XXXXX","latency":430}]} [Q5R7H] 2015/12/09 10:14:56.333791 upnpsvc.go:58: INFO: No UPnP device detected [Q5R7H] 2015/12/09 10:14:56.390398 global.go:232: DEBUG: announce POST: Post https://discovery-v6-1.syncthing.net/: dial tcp [2001:470:28:4d6::5]:443: connect: network is unreachable [Q5R7H] 2015/12/09 10:14:56.390498 global.go:232: DEBUG: announce POST: Post https://discovery-v6-2.syncthing.net/: dial tcp [2604:a880:800:10::182:a001]:443: connect: network is unreachable [Q5R7H] 2015/12/09 10:14:56.390525 global.go:232: DEBUG: announce POST: Post https://discovery-v6-3.syncthing.net/: dial tcp [2400:6180:0:d0::d9:d001]:443: connect: network is unreachable [Q5R7H] 2015/12/09 10:14:56.592758 global.go:237: DEBUG: announce POST: 204 No Content [Q5R7H] 2015/12/09 10:14:56.592798 global.go:264: DEBUG: announce Reannounce-After: 1800 <nil> [Q5R7H] 2015/12/09 10:14:56.664020 global.go:237: DEBUG: announce POST: 204 No Content [Q5R7H] 2015/12/09 10:14:56.664057 global.go:264: DEBUG: announce Reannounce-After: 1800 <nil> [Q5R7H] 2015/12/09 10:14:56.714131 global.go:237: DEBUG: announce POST: 204 No Content [Q5R7H] 2015/12/09 10:14:56.714166 global.go:264: DEBUG: announce Reannounce-After: 1800 <nil>

I’ve just noticed that there are messages about ‘received local announcement’ for discover on the OpenVPN tun0 device from my VPS (the VPS is also an OpenVPN server):

[O275I] 2015/12/09 00:20:57.151509 local.go:172: DEBUG: discover: Received local announcement from 10.8.0.1:52930 for O275INB-NYNTCHW-ZXSIP2K-HYTF565-PN4RGZN-IGEU3VU-KBFA3WD-SF4DHQA [O275I] 2015/12/09 00:21:27.149974 local.go:172: DEBUG: discover: Received local announcement from 10.8.0.1:52930 for O275INB-NYNTCHW-ZXSIP2K-HYTF565-PN4RGZN-IGEU3VU-KBFA3WD-SF4DHQA [O275I] 2015/12/09 00:21:57.150987 local.go:172: DEBUG: discover: Received local announcement from 10.8.0.1:52930 for O275INB-NYNTCHW-ZXSIP2K-HYTF565-PN4RGZN-IGEU3VU-KBFA3WD-SF4DHQA

Could this have something to do with it? How do I tell syncthing not to use the tun0 device?

Listen to a specific interface address.

Can you run STTRACE=relay,dialer too, so see if they both are joining relays?

Bear in mind that someone talking to Syncthing via a relay can say exactly the same things as someone connecting to Syncthing directly. It’s a bit like saying that you computer is unhackable because you’ve put it behind an ethernet switch (with no NAT or firewall).

Yeah, I guess it’s not much extra security, so I’ve given up on the relay and gone with that - just opening port 22000 on the VPS. It works perfectly between my laptop (Ubuntu Linux) and the VPS. But for some reason only works about 1 out of every 3 or 4 times when using SyncTrayzor on my wife’s laptop, I’ll start another thread asking about that.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.