Relay servers protected with token: both peers need token, or just one?

Question about relay servers configured to use a token: If I configure my local syncthing with a token-protected relay server, will other nodes that don’t have the token be able to relay traffic through that server after initiating a connection with me? Or, do all nodes connecting through the relay require the token?

e.g. if my friends aren’t configured to use the relay, but I am, will they relay traffic through the relay server to me?

Also, thanks for syncthing. This is the best software!

1 Like

IIRC, the current relay implementation requires the “permanent” device to provide the token. That is, the syncthing client that is (manually) configured to connect to the relay via its listen address configuration. Joining the relay without the token should fail.

However, peers connecting to you via the relay (those getting a session invitation) (the “temporary protocol submode”) don’t need to provide the token last time I checked.

So I believe that if you configure your own syncthing instance to join your custom relay (with a token configured), your friends don’t need any special configuration at all. As long as the relay information is exchanged via discovery servers (i.e. you’re all talking to the same discovery server), it should just work.