max302 Posted December 26, 2014 Report Share Posted December 26, 2014 Hey guys, I had a problem that I fixed myself and figured that I'd share the solution. I have a Freenas box running a jailed instance of BTSync 1.4.103 behind of a PFSense router on one site, and another freenas box running 1.4.103 behind a regular consumer-grade Linksys router. My setup is configured to replicate certain shares across sites to provide easy on-site and off-site backups. Both servers would initially not sync up. At first I thought the network configuration in either my servers or my jails were incorrect, but they checked out to be ok. Both from within the jail and in the server, DNS was resolving and remote hosts could be reached. UPnP was working fine, I could see the ports opened on each edge device. Still, no sync. As it turns out, PFSense is configured by default to bloc off ICMP messages from WAN. After creating a firewall rule to let them pass through, everything started working just fine. Ports 3000 to the tracking and the incoming port required for each server are well documented, but I did not see anything relating to ICMP being necessary for BTSync to function well. How does it work? Does one node trying pinging a peer before connecting to determine if it is up? Also how can I lock down my WAN without breaking BTSync short of a VPN? Can I just enable echo reply? Thanks. Quote Link to comment Share on other sites More sharing options...
Guest proactiveservices Posted January 8, 2015 Report Share Posted January 8, 2015 ICMP is necessary for a network to function reliably - it's the Internet Control Message Protocol. If you're blocking this anywhere on your network then erratic behaviour is expected. Quote Link to comment Share on other sites More sharing options...
RomanZ Posted January 12, 2015 Report Share Posted January 12, 2015 @max302Sync does not operate ICMP directly, though ICMP is widely used by network entities (like gateways, routers, etc.) to error report and control what happens to IP packets in network. So, as @proactiveservices mentioned, it is not recommended to disable / block ICMP if you want your network work smoothly. See here more for details. Quote Link to comment Share on other sites More sharing options...
max302 Posted January 12, 2015 Author Report Share Posted January 12, 2015 (edited) I'm not denying that ICMP serves a purpose. Rather, I've observed that blocking off ICMP inbound from WAN is a common practice, a default setting on lots of networking equipment in fact (including on PFSense and some Cisco security devices), and that BTSync will not work in this condition. I'll be blocking off ICMP commands one by one and I'll report my findings. Does BTSync use a timestamp command to determine time-based syncing with peers? Or does it us any OS-provided method or library which would use it? Edited January 12, 2015 by max302 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.