Hello All,
I have installed kamailio with TLS module together with siremis on server and all seems works fine except that sometimes appear in syslog file the following errors:
/usr/sbin/kamailio[3266]: ERROR: <core> [tcp_read.c:289]: tcp_read_data(): error reading: Connection timed out (110)
/usr/sbin/kamailio[3266]: ERROR: <core> [tcp_read.c:1281]: tcp_read_req(): ERROR: tcp_read_req: error reading
/usr/sbin/kamailio[3268]: ERROR: <core> [tcp_read.c:289]: tcp_read_data(): error reading: Connection reset by peer (104)
Some part of syslog please you find enclosed.
I don't know where I should search for the cause of these errors and how to debug and remove them. I don't know if these errors are caused by incorrect kamailio configuration or are caused on client's side.
Thank you for your opinions and help in advance
Regards,
Petr
Hello,
the errors can be because of various reasons such as: - requiring a tls method not supported (tlsv1, ...) - not having a common cypher - requiring certificate, but the other party not providing one - requiring a valid certificate, but the validation fails
Try to run with debug=3 and see if you can spot further hints from the debug messages.
Cheers, Daniel
On 06/10/14 10:44, Petr.Wozniak@seznam.cz wrote:
Hello All,
I have installed kamailio with TLS module together with siremis on server and all seems works fine except that sometimes appear in syslog file the following errors:
/usr/sbin/kamailio[3266]: ERROR: <core> [tcp_read.c:289]: tcp_read_data(): error reading: Connection timed out (110)
/usr/sbin/kamailio[3266]: ERROR: <core> [tcp_read.c:1281]: tcp_read_req(): ERROR: tcp_read_req: error reading
/usr/sbin/kamailio[3268]: ERROR: <core> [tcp_read.c:289]: tcp_read_data(): error reading: Connection reset by peer (104)
Some part of syslog please you find enclosed.
I don't know where I should search for the cause of these errors and how to debug and remove them. I don't know if these errors are caused by incorrect kamailio configuration or are caused on client's side.
Thank you for your opinions and help in advance
Regards,
Petr
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
I also see a lot of those errors in my log files but I attributed them to simple connection issues with mobile clients instead of anything specific to TLS.
My reasoning is that if a mobile UAC changes networks, moves out of range, etc, then TCP connections to that previous IP:port combo will fail, leading to the error messages in the logs. This shouldn't really affect performance much since the UAC will re-register soon enough with its new network info.
After reading Daniel's response, I started to wonder if maybe my assumptions are wrong. However, I don't think any of Daniel's scenarios apply in my case.
- requiring a tls method not supported (tlsv1, ...)
In my network this is not the case. Clients and kamailio support TLS 1.0
- not having a common cypher
Hmmm, if both client and kamailio use the same version of openSSL, and both are configured to use TLS 1.0, this should not happen.
- requiring certificate, but the other party not providing one
Nope. I don't use client certificates in my setup
- requiring a valid certificate, but the validation fails
I'm using a valid certificate issued and signed by StartCom, so this should not be an issue either. But I have heard anecdotal evidence that StartCom's certificates sometimes don't play well with Kamailio. Has anyone heard of issues like these?
Peter
On Tue, Oct 7, 2014 at 9:01 AM, Daniel-Constantin Mierla miconda@gmail.com wrote:
Hello,
the errors can be because of various reasons such as:
- requiring a tls method not supported (tlsv1, ...)
- not having a common cypher
- requiring certificate, but the other party not providing one
- requiring a valid certificate, but the validation fails
Try to run with debug=3 and see if you can spot further hints from the debug messages.
Cheers, Daniel
On 06/10/14 10:44, Petr.Wozniak@seznam.cz wrote:
Hello All,
I have installed kamailio with TLS module together with siremis on server and all seems works fine except that sometimes appear in syslog file the following errors:
/usr/sbin/kamailio[3266]: ERROR: <core> [tcp_read.c:289]: tcp_read_data(): error reading: Connection timed out (110)
/usr/sbin/kamailio[3266]: ERROR: <core> [tcp_read.c:1281]: tcp_read_req(): ERROR: tcp_read_req: error reading
/usr/sbin/kamailio[3268]: ERROR: <core> [tcp_read.c:289]: tcp_read_data(): error reading: Connection reset by peer (104)
Some part of syslog please you find enclosed.
I don't know where I should search for the cause of these errors and how to debug and remove them. I don't know if these errors are caused by incorrect kamailio configuration or are caused on client's side.
Thank you for your opinions and help in advance
Regards,
Petr
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing listsr-users@lists.sip-router.orghttp://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
-- Daniel-Constantin Mierlahttp://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
-
Daniel-Constantin Mierla -
Peter Villeneuve -
Petr.Wozniak@seznam.cz