[OpenSIPS-Users] OpenSIPS does not reuse existingTLS-connections on outbound requests

[Bogdan-Andrei Iancu]

Hi Franz,

Franz Edler wrote:
> Hi Bogdan and all,
>
>   
>> I will post the issue at the eyebeam support forum.
>>     
>
> After many struggles I now come back to the OpenSIPS mailing list, because I
> think now that it is a problem of OpenSIPS and not that of the SIP clients.
>
> The problem is, that the clients use an ephemeral port for outgoing TCP
> connections which is (as far as I have seen always) different from the port
> they advertise for incoming connections. The problem for the inbound proxy
> is to setup a separate TCP connection in this case. I did not have a NAT
> environment; therefore the existing connection has not been re-used.
>
>   
I agree with you, but the question is where is the error? because from 
proxy point of view, the inbound connection came from port A  (ephemeral 
port) and the outbound connection needs to go to port B (registered 
contact). Logically speaking, you can reuse the connection, but 
realistically speaking you have no idea about the mapping between the 
portA and portB ...
> The problem gets obviously an additional complexity as in case of TLS a
> separate TLS connection has to be setup (now in the reverse direction).
> OpenSIPS in this case has problems to setup this second TLS connection
> showing:
> 	ERROR:core:tls_blocking_write: too many retries with no operation
> 	ERROR:core:tcp_send: failed to send
> 	ERROR:tm:msg_send: tcp_send failed
> 	ERROR:tm:t_forward_nonack: sending request failed
>   
Actually the error is for writing and not for setting up the new TLS 
connection. The mysterious "SSL_ERROR_WANT_WRITE" error.....
Can you check what is the the status of the connection ? init done? 
still in init phase?

Thanks and regards,
Bogdan
> I think now, that this is still an open issue in the implementation.
>
> regards
> Franz
>
>
>