[OpenSIPS-Users] tls blocking question

sagar malam sagarmalam at gmail.com
Wed Feb 20 09:49:55 EST 2019

Try Keepalives,


On Wed, Feb 20, 2019 at 12:24 AM Ryan Delgrosso <ryandelgrosso at gmail.com>

> So I have a situation where 100% of my endpoints are TLS behind NAT
> bridging to UDP in core.
> I have tcp_async enabled and have set tcp_no_new_conn_bflag on packets
> coming from UDP side to TLS side, as well as setting it on the
> registered AOR's in mid-registrar.
> Setting up test scenarios I always seem to hit a wall where opensips
> stops passing packets where it seems to be waiting for some kind of
> timeout.
> I am also seeing these messages:
> Feb 19 18:46:16 sbc2 /opt/ringrx_edge_proxy/sbin/opensips[20755]:
> ERROR:proto_tls:tls_write: TLS write error:
> Feb 19 18:46:16 sbc2 /opt/ringrx_edge_proxy/sbin/opensips[20755]:
> ERROR:proto_tls:tls_blocking_write: TLS failed to send data
> Feb 19 18:46:16 sbc2 /opt/ringrx_edge_proxy/sbin/opensips[20755]:
> ERROR:proto_tls:proto_tls_send: failed to send
> Feb 19 18:46:16 sbc2 /opt/ringrx_edge_proxy/sbin/opensips[20755]:
> ERROR:sl:msg_send: send() to for proto tls/3 failed
> The IP is outside so its from a UDP to TCP flow. Is there another flag I
> need to set to prevent packets from originating new TLS sessions when
> none exist?
> Once it gets into this state it takes 30s or so before it starts passing
> packets again, but it does so from a buffer it seems since i can stop my
> tls generator, wait 30s and the core side sipp instance will again begin
> receiving packets.
> How can I prevent opensips from blocking like this on TLS sessions?
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20190220/f0921725/attachment.html>

More information about the Users mailing list