[OpenSIPS-Users] Opensips stops responding to TLS
L S
efes99999 at gmail.com
Thu Feb 16 19:36:50 UTC 2023
Hi Răzvan,
Just saw your response.
> Does it stop to any TLS operation, even for new ones?
All TLS operations stop, no TLS traffic on Wireshark.
We are using openssl 1.1.1q on Centos 7.
We wanted to try wolfssl, but we had issues installing it on Centos 7. If
it is more stable than openssl, we can give it another shot.
Thanks,
Matt
On Thu, Feb 2, 2023, 6:18 AM Răzvan Crainea <razvan at opensips.org> wrote:
> Hello!
>
> Does it stop to any TLS operation, even for new ones? What TLS lib are
> you using, openssl or wolfssl?
> Are there any errors in the logs related to TLS?
>
> Best regards,
>
> Răzvan Crainea
> OpenSIPS Core Developer
> http://www.opensips-solutions.com
>
> On 12/30/22 16:00, L S wrote:
> > One more thing:
> >
> > log_level=4
> > open_files_limit=32768
> >
> > At the time Opensips stops responding to TLS, it seems like it stops
> > writing to log file too even though it continues handling the non-TLS
> SIP.
> >
> > Thanks.
> >
> > On Thu, Dec 29, 2022, 5:51 PM L S <efes99999 at gmail.com
> > <mailto:efes99999 at gmail.com>> wrote:
> >
> > Just wanted to add the traffic between the client and Opensips
> > below. It seems Opensips keeps on sending RESET.
> >
> > We have the tcp_max_connections at default value. That value (2048)
> > works fine in 1.11.5.
> >
> > Thanks.
> >
> > client opensipsSSL142Client Hello
> > client opensipsSSL142[TCP Retransmission] Client Hello
> > opensipsclient TCP54sips > 5071 [RST] Seq=1 Win=0 Len=0
> > client opensipsSSL142[TCP Retransmission] Client Hello
> > opensipsclient TCP54sips > 5064 [RST] Seq=1 Win=0 Len=0
> > client opensipsTCP74[TCP Port numbers reused] 5071 > sips [SYN]
> > Seq=0 Win=8192 Len=0 MSS=1460 WS=1
> > opensipsclient TCP54sips > 5071 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0
> > client opensipsTCP74[TCP Port numbers reused] 5064 > sips [SYN]
> > Seq=0 Win=8192 Len=0 MSS=1460 WS=1
> > opensipsclient TCP54sips > 5064 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0
> > client opensipsTCP74[TCP Port numbers reused] 5080 > sips [SYN]
> > Seq=0 Win=8192 Len=0 MSS=1460 WS=1
> >
> > On Thu, Dec 29, 2022, 9:27 AM L S <efes99999 at gmail.com
> > <mailto:efes99999 at gmail.com>> wrote:
> >
> > Hi,
> >
> > We are in the process of migrating from 1.11.5 tls to 3.2.9, and
> > we are running into an issue with TLS.
> >
> > Opensips stops handling TLS within a few minutes after it is
> > started; e.g. stops responding to Client Hellos. There is no
> > more outgoing TLS traffic from the Opensips server. When we
> > restart Opensips, it goes back to normal for a while, then stops
> > responding to TLS requests again.
> >
> > I don't see any errors in logs.
> > The server runs Centos 7, openssl 1.1.1q.
> >
> > 1.11.5 works fine.
> >
> > Can this be a memory issue? We use S_memory 512 and P_memory 8.
> > Opensips 1.11.5 works fine with the same settings. TCP
> > parameters have their default values.
> >
> > How can we debug this? Any suggestions would be appreciated.
> >
> > Thanks,
> > Matt
> >
> >
> > _______________________________________________
> > Users mailing list
> > Users at lists.opensips.org
> > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20230216/9e51ca85/attachment.html>
More information about the Users
mailing list