shallowz Posted May 15, 2013 Report Share Posted May 15, 2013 we have 6 domain controller servers under one domaincomputers connected the domain controller site sync with each other no issueBut between sites the sync software does not see each other. why?cant be a firewall issue because the computer talk to each other at that site without any adjustment of our domain firewall. the only issue is if PC from Site A does not see PC from Site B in the BitTorrent Sync software.why?how do i get these computers to talk to each other? Quote Link to comment Share on other sites More sharing options...
rdebath Posted May 15, 2013 Report Share Posted May 15, 2013 It's a firewall issue.http://forum.bittorr...dpost&pid=49550 Quote Link to comment Share on other sites More sharing options...
shallowz Posted May 21, 2013 Author Report Share Posted May 21, 2013 How could it be a firewall issue if computer inside the same domain controller can see each other? Quote Link to comment Share on other sites More sharing options...
eseelke Posted May 21, 2013 Report Share Posted May 21, 2013 A firewall doesn't block computer A from seeing Computer B. It blocks certain ports and/or programs.Even though your computers can see each other, they could still be blocking BitTorrent Sync if it's not setup in the firewall. Quote Link to comment Share on other sites More sharing options...
eseelke Posted May 21, 2013 Report Share Posted May 21, 2013 One way to test this is to disable the firewall on both computers (all profiles). If BitTorrent Sync starts syncing, you know it's the firewall. Quote Link to comment Share on other sites More sharing options...
rdebath Posted May 21, 2013 Report Share Posted May 21, 2013 How could it be a firewall issue if computer inside the same domain controller can see each other?The firewalls are routing traffic between the sites, presumably over a VPN. But, as I said in the linked message, peers on a local lan find each other by using multicast packets. It's very unlikely that you've got the multicast routing right for the peers to see each other between sites over your VPN. Therefore they will have to communicate over the internet by hole punching through your firewalls. As this isn't working it's a firewall issue. (Probably the firewall is blocking all UDP traffic)If you add the peers as known hosts through the VPN tunnel they'll probably be able to sync with each other that way.Note: BTSync does not register the internal IP addresses with the tracker so even if they can both communicate with the tracker the data will not be routed through the VPN.Note: it could also be the Windows firewall on the PC as this does know the difference between local lan and everywhere else. This is unlikely though because the BTSync installer adds the proper rules to the windows firewall on the PC it's installed on.PS: Windows domain controllers have absolutely nothing to do with it. Quote Link to comment Share on other sites More sharing options...
shallowz Posted May 22, 2013 Author Report Share Posted May 22, 2013 The Windows firewall is turned off on all our computers. We have a corporate firewall to the outside world traffic. I guess i am asking for a simple answer if it is possiblewhat do i tell our IT Firewall people to open up so that the computers can talk to each other between the domain controllers? Quote Link to comment Share on other sites More sharing options...
Disappointed Cat Posted May 22, 2013 Report Share Posted May 22, 2013 Note: BTSync does not register the internal IP addresses with the tracker so even if they can both communicate with the tracker the data will not be routed through the VPN.Are you sure about this? Multicasting for some reason doesn't work between my desktop and laptop (bridge, WiFi AP, firewalls, who knows why..) but if both PCs communicate with the tracker they can find eachother.I did have to disable the relays though. Quote Link to comment Share on other sites More sharing options...
rdebath Posted May 22, 2013 Report Share Posted May 22, 2013 I just checked the packet sent to the tracker; it's in bencode and the "la" is a local address which matches the internal IP and port for my client.la = $(6,"c0a88b0c98d0")m = 4peer = $(20,"91aaffb2463df40c6ca21a281470ec915e31b2f7")share = <<<: 00 87 10 4f 34 0d da 84 95 8c a9 01 4f 49 ad d9 ...O4.......OI..: 60 c2 e7 69 f2 c4 b4 e8 f8 c1 67 f9 81 3c 81 a2 `..i......g..<..>>>So you're right, the tracker does know the internal address and so can aid in your setup. It seems the reason it didn't work for me was that it only has one internal address, the NAT address, but not the internal VPN address. Quote Link to comment Share on other sites More sharing options...
rdebath Posted May 22, 2013 Report Share Posted May 22, 2013 I guess i am asking for a simple answer if it is possiblewhat do i tell our IT Firewall people to open up so that the computers can talk to each other between the domain controllers?Try this post.Absolute minimum is opening to the tracker and relay on UDP port 3000, but best would be a rule something like "All UDP outbound with port numbers over 1024, with solicited replies inbound." This would in fact make it the same as normal TCP configurations. Though, you can configure the range of ports if you have control over all the peers. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.