On Thu, Sep 07, 2017 at 11:03:49AM +0300, Donat Zenichev wrote: [snip]
ERROR: <core> [tcp_main.c:4070]: handle_tcpconn_ev(): connect XXX.XXX.XXX.XXX:52185 failed
The port that kamailio2 tries to use to relay the ACK, is port that endpoint used to establish the dialog with kamailio1 and actually his TCP connection is now established with kamailio1. So kamailio2 tries to use the same port and gets the error.
And this is proper behavior I think.
There is no problem with UDP transport.
This problem also exists with UDP when NAT is involved. I don't think there is anything you could do to solve this problem with TCP/TLS connections, especially with NAT.
Having a similar setup with failover for the loadbalancers, I take for granted that TCP/TLS will fail in case of a failover (but UDP will keep working after failover due to the stateless nature of it). Luckily kamailio is rock solid and the only reason the TCP sockets fail is a restart of kamailio on config change.