Using Syncthing without revealing IP address?


I set up Syncthing on a Raspberry Pi and a Windows machine today, so far only available within my local network, UPnP disabled.

I’d like to include machines outside the local network as well, but since I’m not familiar with the BT-protocoll, I am a bit afraid of activating port-forwarding to my Rasperry Pi. Wouldn’t this reveal my IP address through the Global Discovery-service? I don’t wanna draw attention to my RPi, because I have other stuff running there like home automation and VPN.

Would it be better to use an external vHost and set up Syncthing there?


Reveal to whom?

But generally, you’ll need to use a VPN service of some sort to hide your IP address from the world at large, regardless of what file sharing or synchronization protocol you use.

You might want to run your own global discovery service.

I think I got the discovery service wrong. You will only get the IP address if you request the correct device ID, right?

One additional question: I’d like to use the Raspberry Pi as an “always on”-syncthing device, so that other clients only need to sync with the RPi. Also, port forwarding should only be activated to the RPi but not for clients in other networks. Is this going to work, or do all clients need port forwarding in order to connect to each other?

And if the RPi is using DDNS, do I need the discovery service at all?


All others connecting to the Pi only is fine.

Nope, in that case you can disable global discovery and enter the name instead. You might still want local discovery for when all devices are home.

1 Like

If you are planing to sync Android devices, you will have to keep global discovery enabled for now.

The DNS Resolution in Go for Android is broken in the version which is used and I think the attempt to use a version where it is not broken, broke syncthing on a lot of devices.

1 Like

This is correct! However, I know how to fix it;) Nevertheless, I’m focusing on Syncthing and the android-silk client for the moment. This client uses the experimental compilation method (thus fixing DNS resolution) by default.