[OpenSIPS-Devel] Server trying outgoing TCP (TLS) connection, gets blocked

Ivan Genov ivangg_q at yahoo.com
Mon Jun 22 21:38:05 CEST 2009 

Hi,
 
We have noticed that the server tries to connect to user's contact IP:port when there is no existing TCP connection with the client. This can happen when the client-server TLS connection brakes for some reason (for example flaky Internet). After that when consequent requests need to be proxied to that user (NOTIFYs, SUBSCRIBEs) we can see in the logs that the server tries to connect to the user's IP and port because there is not existing TCP (TLS) connection with it. In our setup though the cients are behind NAT and the serveer is in the public Internet.
 
In most such cases the server fails "normally" after 10 seconds and during that time if the same client tries to REGISTER, the REGISTER packets are processed on the server by the same process that has been blocked for 10 seconds, after the blocking 10 secs have elapsed. In effect this makes it harder for the clent to re-REGISTER when the connection has been broken.
 
There are cases though, when we can see in the server logs that there are no logs for more than 3 minutes and we can see that two server processes have been trying outgoing connection to the old client's IP:port for more than 3 minutes and we can see how both processes report unsuccessfull tcp blocking connect to the client after the logs resume after more than 3 minutes have elapsed. During such cases the server simply doesn't respond to client's attempts to REGISTER and is in effect blocked.
 
We have no clue as to why the server is blocked for more than 3 minutes since the tcp connect timeout seems to be just 10 seconds.
 
What we think is best is if we can configure the server to not try outgoing TCP connections to clients (when TCP conenction doesn't exist)? Is there a configration setting for that? If there is no configuration for that, what is the best place in code to make this change in the code? If this is not easy or not recommended, can we set the server's timeout for outgoing TCP connection to something smaller, for example 1-2 seconds, or even 0 seconds? We feel in our setup it will be better if the server does not try to connect at all, becasue anyway the connection attempt will fail.
 

Any information will be appreciated.
 

Thanks in advance,
Ivan

More information about the Devel mailing list