Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[leshan-dev] lwm2m servers load balancing DTLS with nginx.

Hi guys!

We are currently trying to configure LB on nginx for  LWM2M servers.

We have successfully managed to configure it for COAP connections. Clients are connecting and being distributed among servers.

However, when we are trying to connect clients via Coaps if fails. It seems that handshake stages are distributed among servers and it causes this:

Jan 30, 2017 10:23:24 AM org.eclipse.californium.scandium.dtls.Record decryptAEAD
FINE: The explicit nonce used by the sender does not match the values provided in the DTLS record
Used    : 00 01 00 00 00 00 00 00
Expected: 00 01 00 00 00 00 00 01
Jan 30, 2017 10:23:24 AM com.verizon.lwm2m.server.CustomDtlsConnector discardRecord
FINE: Discarding Handshake (22) record from peer [/172.17.0.4:33924]: MAC validation failed
Jan 30, 2017 10:23:25 AM com.verizon.lwm2m.server.CustomDtlsConnector handleTimeout
FINE: Re-transmitting flight for [/172.17.0.4:33924], [2] retransmissions left
Jan 30, 2017 10:23:29 AM com.verizon.lwm2m.server.CustomDtlsConnector handleTimeout
FINE: Re-transmitting flight for [/172.17.0.4:33924], [1] retransmissions left
Jan 30, 2017 10:23:30 AM com.verizon.lwm2m.server.CustomDtlsConnector processHandshakeRecord
FINE: Received Handshake (22) record from peer [/172.17.0.4:33924]
Jan 30, 2017 10:23:30 AM org.eclipse.californium.scandium.dtls.Record decryptHandshakeMessage
FINE: Parsing message without a session
Jan 30, 2017 10:23:30 AM com.verizon.lwm2m.server.CustomDtlsConnector processHandshakeRecord
FINE: Received Handshake (22) record from peer [/172.17.0.4:33924]
Jan 30, 2017 10:23:30 AM org.eclipse.californium.scandium.dtls.Record decryptAEAD
FINE: The explicit nonce used by the sender does not match the values provided in the DTLS record
Used    : 00 01 00 00 00 00 00 00
Expected: 00 01 00 00 00 00 00 03
Jan 30, 2017 10:23:30 AM com.verizon.lwm2m.server.CustomDtlsConnector discardRecord

We have tried different nginx load balancing methods, including 

hash $remote_addr:remote_port consistent;

Also worth to mention, if there is only 1 server behind nginx UDP loadbanacer, then everything works.
Any help on this is much appreciated.  




Back to the top