VPN Network Issues

I have multiple devices in different states that connect to a central VPN network. When I pull up the main server and the remote one they say that they are both disconnected from each other. Should it be doing the local discovery on all interfaces? What else would be causing a disconnection? Everything works fine if both devices are on the local network through eth1 interface.

I have it setup for… DEFAULT - Sync Protocol Listen Addresses NO - Enable NAT traversal YES - Local Discovery NO - Global Discovery NO - Enable Relaying

Local discovery won’t work over a VPN, and most likely neither will global. I’d recommend using internal DNS (AD, perhaps), static IPs, or an internal discovery service.

If I did static IP’s where would I put that information?

Also out of curiosity why wouldn’t I be able to make it listen on a certain interface?

In the device address, where it currently says dynamic, make it tcp://192.0.2.42, dynamic or so to try the address in question and, if that doesn’t connect, the normal discovery methods.

Not sure what you mean about listen on a certain interface. You can certainly make Syncthing listen on a certain interface. The reason local discovery (usually) doesn’t work over VPN connections is that those (usually) aren’t broadcast mediums that the other devices are also directly connected to.

How do i make it listen on certain interfaces?

It didnt work to do static ip address

You should give us something more to work with if you want more help. What did you do, what happened, what did you expect to happen instead - the usual.

I was actually able to get this working with the VPN IP addresses. The odd thing now is how long it is taking to transfer the data.

I have a VPN setup between a server and a RPI 36804 items, ~287 GiB is synced and scanned on the server. This data is hosted by a NAS (mapped network) drive that is on the same network as the server. The Rasberry PI is also on the same network and taken over 4 days to sync and still running. When I check on it after a day it looks like not only is it not transferring any files its showing as disconnected on the server gui. Even though the machine can still ping it and such.

I think the program might be locking up. Today the CPU was only using like 6% (so not doing anything). O

If it’s disconnected, it’s not transferring files. As for performance, if you want acecptable performance, use at least a reasonable device.

No s*** sherlock… Thanks for the obvious answer of “If it’s disconnected, it’s not transferring files.”

I am wondering if the software is locking up for something reason and if we can diagnose that. It works for a while (1-3 hrs) and then nothing.

I accept that it might be crappy performance for the 1st sync but not completely lockup and die.

You van enable STTRACE=connections env var which will log connection attempts and check the log for the disconnection reason, I don’t think its any locking issue as we’d have more reports of this. I think whatever magical setup you have probably stops working or stops being a valid path in the discovery results.

If by magical you mean setting up a VPN network and setting up the Sync Protocol Listen Addresses “static ip/port” sure…

I have already verified that the VPN server never losses the connection with the clients so that isn’t the issue. I do imagine that the software would recognize disconnects though and just resume when it reconnects. Doesn’t quit/lockup all together.

I have it running in VERBOSE mode right now so we will see when in hangs up next.

Thanks for all your help

Depends on how the VPN disconnects are translated by the OS layer. Anyways, if it’s disconnected, you’ll see reconnect attempts if you set that env var. Verbose won’t show you that.

Like I said it isn’t getting disconnected though.

How do you set that env var setting?

Make up your mind. You can google how to set an env var.

I was saying it isn’t getting disconnected on VPN in response to your “Depends on how the VPN disconnects are translated by the OS layer.”

Got to say I love open source and usually the great communities behind them but not receiving any help from you Andrius. All I am getting from you is smart a** comments like “Google it”

Top tip: if you want free help, don’t annoy one of the two people on this project capable of giving it. Also, be respectful: if something is googlable, google it. If you’re told to google something, do that. Sometimes you have to swallow your ego if you need that free help.

One of the things open source should bring is open and honest communication. I was told to make up my mind and google it myself.

I wouldn’t be here asking on a forum if I didn’t know how to do it. I came here asking for the expert advice you guys have.

If you don’t want to help don’t answer. Leave it to someone that wants to help.

We are trying to help, yet we leave the non-domain (non-syncthing) questions for you to solve yourself, otherwise we’d be expected to be an expert in each operating system, each firewall, each shell that every potential user might use which is simply unfeasible and not really productive either.

I’d rather answer more questions with less details and leave the non-domain bits for people to solve themselves, than write a single 3 page article for a given support request, and yet be able to only answer one request a day.

Just a hint it is explained in the documentation there: https://docs.syncthing.net/dev/debugging.html