<h3>Description</h3>

<p>Kamailio frequently terminates tls connections to sip clients, if db_mongodb database driver is used and one mongodb cluster member becomes unavailable.</p>

<p>If one mongodb secondary is shutdown (or the primary and a promotion takes place) kamailio will terminate the tls connection to a sip-client (sends a FIN/ACK) after a short period of time (differs 20s to 180s). If a sip client reconnects, registration will succeed (so mongodb access is fine) but kamailio will terminate the tls connection shortly after.<br>

This situation happens as well if only the connection between kamailio and a secondary is blocked (the cluster members can still communicate with each other).</p>

<p>I assume that the mongo-c's server discovery might be the culprit. Mongoc iteratively tries to connect to all servers in the mongoc-uri to update their status (<code>mongodb://mongodb-cluster2:27017,mongodb-cluster1:27017,mongodb-cluster0:27017/kamailio?authMechanism=MONGODB-X509&replicaSet=rs1&ssl=true&sslcertificateauthorityfile=mongo.ca&sslclientcertificatekeyfile=mongo.certkey</code>).<br>

Nonethless, mongoc's server discovery should be transparent to the kamailio client as long as a primary exists (and this is the case). No reason to terminate tls client connections.</p>

<h3>Troubleshooting</h3>

<h4>Reproduction</h4>

<ol>

<li>Setup a mongodb cluster with 3 members.</li>

<li>Setup kamailio with tls using db-mongodb via tls.<br>

Note: The mongodb-uri must contain all three members, e.g. <code>mongodb://mongodb-cluster2:27017,mongodb-cluster1:27017,mongodb-cluster0:27017/kamailio?ssl=true</code>)</li>

<li>Connect/register a sip client via tls.</li>

<li>Stop one member.</li>

<li>Clients will receive a ready error on its tls connection.</li>

</ol>

<h4>Log Messages</h4>

<p>The db_mongodb kamailio logs don't reveal any errors. Operations are normal. The only thing which is shown in the logs is TLS read:error. As seen below.</p>

<pre><code>Jul 23 14:22:09 bda3e8fce481 /usr/local/sbin/kamailio[318]: ERROR: tls [tls_util.h:42]: tls_err_ret(): TLS read:error:140E0197:SSL routines:SSL_shutdown:shutdown while in init

Jul 23 14:22:09 bda3e8fce481 /usr/local/sbin/kamailio[318]: ERROR: <core> [core/tcp_read.c:1485]: tcp_read_req(): ERROR: tcp_read_req: error reading - c: 0x7fa9b6343210 r: 0x7fa9b6343290

</code></pre>

<p>A wireshark trace reveals that kamailio closes the tcp connection (FIN/ACK). The client receives a "stream truncated".</p>

<h3>Additional Information</h3>

<ul>

<li><strong>Kamailio Version</strong> - output of <code>kamailio -v</code></li>

</ul>

<pre><code>version: kamailio 5.1.4 (x86_64/linux) 

flags: STATS: Off, USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MEM, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLACKLIST, HAVE_RESOLV_RES

ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB

poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.

id: unknown 

compiled on 13:39:15 Jul 23 2018 with gcc 6.3.0

</code></pre>

<ul>

<li><strong>mongoc-version</strong></li>

</ul>

<pre><code>mongoc-1.11.0 (built with cmake ../ -DENABLE_AUTOMATIC_INIT_AND_CLEANUP=OFF)

</code></pre>

<ul>

<li><strong>Operating System</strong>:</li>

</ul>

<pre><code>Debian 9.5 docker image running on CentOS 7 (kernel 3.10.0-514.6.1.el7.x86_64)

</code></pre>

<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br />You are receiving this because you are subscribed to this thread.<br />Reply to this email directly, <a href="https://github.com/kamailio/kamailio/issues/1599">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/AF36ZUZSvcfkYaoPsmIL3gUmvc1Fqva_ks5uJvpDgaJpZM4VcgJt">mute the thread</a>.<img src="https://github.com/notifications/beacon/AF36ZewTalogHaAx1lEcRUdV1Ntbe9Hsks5uJvpDgaJpZM4VcgJt.gif" height="1" width="1" alt="" /></p>

<script type="application/json" data-scope="inboxmarkup">{"api_version":"1.0","publisher":{"api_key":"05dde50f1d1a384dd78767c55493e4bb","name":"GitHub"},"entity":{"external_key":"github/kamailio/kamailio","title":"kamailio/kamailio","subtitle":"GitHub repository","main_image_url":"https://assets-cdn.github.com/images/email/message_cards/header.png","avatar_image_url":"https://assets-cdn.github.com/images/email/message_cards/avatar.png","action":{"name":"Open in GitHub","url":"https://github.com/kamailio/kamailio"}},"updates":{"snippets":[{"icon":"DESCRIPTION","message":"tls connection terminated frequently when mongodb cluster member becomes unavailable (#1599)"}],"action":{"name":"View Issue","url":"https://github.com/kamailio/kamailio/issues/1599"}}}</script>

<script type="application/ld+json">[

{

"@context": "http://schema.org",

"@type": "EmailMessage",

"potentialAction": {

"@type": "ViewAction",

"target": "https://github.com/kamailio/kamailio/issues/1599",

"url": "https://github.com/kamailio/kamailio/issues/1599",

"name": "View Issue"

},

"description": "View this Issue on GitHub",

"publisher": {

"@type": "Organization",

"name": "GitHub",

"url": "https://github.com"

}

},

{

"@type": "MessageCard",

"@context": "http://schema.org/extensions",

"hideOriginalBody": "false",

"originator": "AF6C5A86-E920-430C-9C59-A73278B5EFEB",

"title": "tls connection terminated frequently when mongodb cluster member becomes unavailable (#1599)",

"sections": [

{

"text": "",

"activityTitle": "**flo-eyeson-team**",

"activityImage": "https://assets-cdn.github.com/images/email/message_cards/avatar.png",

"activitySubtitle": "@flo-eyeson-team",

"facts": [

{

"name": "Repository: ",

"value": "kamailio/kamailio"

},

{

"name": "Issue #: ",

"value": 1599

}

]

}

],

"potentialAction": [

{

"name": "Add a comment",

"@type": "ActionCard",

"inputs": [

{

"isMultiLine": true,

"@type": "TextInput",

"id": "IssueComment",

"isRequired": false

}

],

"actions": [

{

"name": "Comment",

"@type": "HttpPOST",

"target": "https://api.github.com",

"body": "{\n\"commandName\": \"IssueComment\",\n\"repositoryFullName\": \"kamailio/kamailio\",\n\"issueId\": 1599,\n\"IssueComment\": \"{{IssueComment.value}}\"\n}"

}

]

},

{

"name": "Close issue",

"@type": "HttpPOST",

"target": "https://api.github.com",

"body": "{\n\"commandName\": \"IssueClose\",\n\"repositoryFullName\": \"kamailio/kamailio\",\n\"issueId\": 1599\n}"

},

{

"targets": [

{

"os": "default",

"uri": "https://github.com/kamailio/kamailio/issues/1599"

}

],

"@type": "OpenUri",

"name": "View on GitHub"

},

{

"name": "Unsubscribe",

"@type": "HttpPOST",

"target": "https://api.github.com",

"body": "{\n\"commandName\": \"MuteNotification\",\n\"threadId\": 359793261\n}"

}

],

"themeColor": "26292E"

}

]</script>