From 11d0b1a6097d9460453622adab2d4122c1311324 Mon Sep 17 00:00:00 2001 From: Jakob Borg Date: Wed, 4 Nov 2015 17:24:37 +0000 Subject: [PATCH] Firewall update for v0.12 --- users/firewall.rst | 9 ++++++--- users/relaying.rst | 4 ++-- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/users/firewall.rst b/users/firewall.rst index 555d4e6af..a4c8936dc 100644 --- a/users/firewall.rst +++ b/users/firewall.rst @@ -22,16 +22,19 @@ Communication in Syncthing works both ways. Therefore if you set up port forwards for one device, other devices will be able to connect to it even when they are behind a NAT network or firewall. +In the absence of port forwarding, :ref:`relaying` may work well enough to get +devices connected and synced, but will perform poorly in comparison to a +direct connection. + Local Firewall -------------- If your PC has a local firewall, you will need to open the following ports for -incoming traffic: +incoming and outgoing traffic: - Port **22000/TCP** (or the actual listening port if you have changed the *Sync Protocol Listen Address* setting.) -- Port **21025/UDP** (for discovery broadcasts on IPv4) -- Port **21026/UDP** (for discovery multicasts on IPv6) +- Port **21027/UDP** (for discovery broadcasts on IPv4 and multicasts on IPv6) Remote Web GUI -------------- diff --git a/users/relaying.rst b/users/relaying.rst index 3ff07e6f5..4c15adffc 100644 --- a/users/relaying.rst +++ b/users/relaying.rst @@ -1,10 +1,10 @@ .. _relaying: -.. versionadded:: 0.12.0 - Relaying ======== +.. versionadded:: 0.12.0 + Syncthing can bounce traffic via a *relay* when it's not possible to establish a direct connection between two devices. There are a number of public relays available for this purpose. The advantage is that it makes a connection