Hello,
I relaxed that condition to not connect on forwarding only for initial requests going though nat. Can you test with latest master and see how is going for your use case?
Cheers,
Daniel
In preparation for the 5.3 release, I've been testing the following configuration change for TCP/TLS connections: https://github.com/kamailio/kamailio/commit/ 8bba208fe6ae7ccb4c92362b8c33f1530b9f56da route[REQINIT] { # no connect for sending replies set_reply_no_connect(); if(has_totag()) { # no connect for requests within dialog set_forward_no_connect(); } This change creates issues when a UAC TLS INVITE routes to an upstream gateway using TLS to port 5061 (via the LCR module). Kamailio sends the initial outbound TLS connection from a local ephemeral port. The TCPOPS tcp_keepalive_enable function issues keepalives from the local ephemeral port to the gateway port 5061: https://kamailio.org/docs/modules/stable/modules/ tcpops#tcpops.f.tcp_keepalive_enable Even so, the TLS connection eventually times out, after which in-dialog requests from the UAC are no longer able to reach the upstream gateway. ERROR: tm [../../core/forward.h:293]: msg_send_buffer(): tcp_send failed WARNING: tm [t_fwd.c:1570]: t_send_branch(): sending request on branch 0 failed ERROR: sl [sl_funcs.c:372]: sl_reply_error(): stateless error reply used: Unfortunately error on sending to next hop occurred (477/SL) I figure I must be doing something wrong with my TCPOPS here. Is a TLS connection to an upstream gateway supposed to be maintained throughout the duration of a call?
_______________________________________________ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda