All of a sudden today I noticed that the direct tunnel (rock solid for years) has noiw turned into a relayed tunnel with no apparent reason?
I have a static port mapping with relevant firewall riules on the router and none of this has changed.
I can see from the client log file that it is creating a direct tunnel and then falling back to a relayed tunnel.
Seems to fallback when the client attempts a quick burst of UDP connection requests to the peer using ports which seem to be entirely random and obviously will not work as they are not forwarded in the router at the remote/peer end.
Hamachi should try to default to these ports : TCP 12975 (initiator port) TCP 32976 (session port) If the above ports cannot be used to achieve a connection, Hamachi will try again using SSL (TCP 443). And the UDP is UDP 17771 (relay connection port)
Seems I was chasing my tail in attempting to resolve what was broken.
As it turns out, the router had stopped forwarding packets from WAN to LAN, although there was nothing obvious being reported in any logs and the firewall logs were reporting no blocking of the incoming packets which should have been NAT port forwarded.
Rebooted the pfSense router and all came good - first time this router solution had caused any problem.