Syncthing device address: Meaning of "dynamic"

Hi,

I’m currently on Syncthing v1.20.3 64-Bit Linux AMD. Devices are A and B. A and B both have all discovery methods disabled as I don’t need them.

They are known remote device to each other and share a folder.

Remote device view on A: image

Remote device view on B: image

I set this up so device A should connect to device B. (And B always sit there idle and wait for the connection originating from device A.)

This works well since years between the two. But I’ve additionally noticed in my firewall logs that device B also attempts connection to device A and I’d like to ask you why this happens.

15:07:19 NAT rule 4 TCP 109.250.xx.xx : 55103 > 192.168.178.254 : 22000 [SYN] len=52 ttl=111 tos=0x02

I’ve shut down all my Syncthing instances except the two devices to make sure, the traffic logged near device A is really originating from device B. Syncthing must have auto-detected(?) or sent(?) what the WAN IP of device A is and B is attempting to connect via WAN (which is not intended to be so and blocked).

TLDR; device A —> device B (intended way to connect → connection okay) device B —> device A (I don’t know why this happens as all discovery methods are turned off - maybe the word “dynamic” is the culprit?)

Can I also remove “dynamic” and let the deviceAddress field empty at B in case I just want device A to initiate the connection?

I’ve double checked that I don’t have DynDNS names or WAN IPs in both of the Syncthing configs.

Remarks: Don’t wonder about the 192.168.178.254 address - it’s a NAT-to-NAT WAN setup near device A.

Maybe someone can sched some light.

Kind regards, Catfriend1

dynamic means use discovery.

Not sure where its getting the address from assuming all discovery mechanisms are disabled on both sides.

You can enable connection/discovery logging to track that down.

1 Like

Maybe Syncthing remembers the address, because it was used during a previous incoming connection? As I understand it, “dynamic” means “use any address we know”.

1 Like

It sounds to me like the packet is from the internet, and you’re assuming it’s from your device B via the WAN gateway? Might it in fact be from something entirely different on the internet?

But, what Audrius says - logging on B will have it explain what it’s doing.

1 Like

Thanks for your replies, I’ll check on monday and report back :slight_smile:

My bad… I’ve investigated all my Syncthing nodes and found out that it was NOT Syncthing responsible for those WAN connects. It was my monitoring server which had a sensor set-up checking if it’s able to connect to the Syncthing TCP port 22000.

Btw, enabling the discovery log facility really helped to see what’s going on when Syncthing tries to find out the IP addresses of paired devices.

The topic can be closed.

Thank you for helping me.

1 Like