Why kcp/NAT is operating even it has been disabled in settings?

I have disabled the following options in Syncthing/SyncTrayzor settings:

  • Enable NAT traversal
  • Global Discovery
  • Enable Relaying

and left only Local Discovery enabled. Yet Syncthing Console reports:

[XXXX] 10:24:39 INFO: kcp:// detected NAT type: Port restricted NAT
[XXXX] 10:24:39 INFO: kcp:// resolved external address kcp:// (via stun.sipgate.net:10000)

Why is the external discovery still happening even I have disabled it in settings? I am too paranoid to leave any file sync happening over Internet. I use sync over SSH tunnel for that purpose. How can I really disable the external port discovery.


This is nothing todo with any of the settings you disabled. Search for existing threads on the forum on this.

The bit unintuitive trick is to go to Advanced Settings and set:

Stun Keepalive Seconds = 0

Agreed, see https://github.com/syncthing/syncthing/issues/4518 and resolved external address?? (new in .v0.14.40).

I’m paranoid too and I use these settings. I really didn’t like the implementation of KCP without being able to fully disable it too. I use fixed IP addresses too. For the future, now that I understand and can config syncthing pretty good, I plan to use my first internet connected device at work to my home server.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.