ZET random loss of connection during usage

Tunneler Apps Ziti Edge Tunnel
1

In our deployment, Ziti edge tunneler appears to lose connectivity and break the communication between endpoints when bandwidth utilization either on the remote ZET machine or through the tunnel is high. Can anyone suggest some tuning that might be required here to address this?

In this PoC we have a Ziti controller, public router and ziti-edge-tunneler (ZET) on machine A. We opted to use ZET instead of just the router in tproxy mode because the DNS requirements for tproxy mode where the router must be the primary DNS provider and there doesn’t seem to be an option to provide an upstream resolver like with the ZET or split DNS, making it incompatible with our use case. I did see an option for fulfilling the tproxy router mode with a file base DNS option which might work for us, but I haven’t tested that, don’t know what the downside might be and so we stuck with using a ZET in place of the tproxy router mode for now.

This machine A with controller, public router, ZET is acting as a gateway (ZTNA) and is receiving LAN traffic to send to machine B on the other side of the ZET service tunnel.

Machine B has a ZET installed directly on it for host access mode (ZTHA) and receives tunnel data from ZET on machine A.

What we are observing from client software in the LAN utilizing the ZTNA of machine A is that the remote ZET (machine B) is randomly disconnecting in the middle of high bandwidth usage. This is causing breakage in, for example, long running CI jobs where a CI client will get halfway through a batch transfer of files required for some CI action and the result is a pipeline build failure. Example output as seen from the client; note in this case, the file transfers occurring in the logs are not through the Ziti tunnel, but being pulled locally on the remote machine at 192.168.3.1:

2022-11-22T08:12:46.173993659+00:00 stderr F github-required> copying path '/nix/store/k4s57mhixpyqr8vqhbx4gaa2f93gd5dc-flat-lib-flat-0.5.2' from 'http://192.168.3.1:8081'...
2022-11-22T08:12:46.540767006+00:00 stderr F github-required> Connection to 10.10.0.1 closed by remote host.
2022-11-22T08:12:46.545284558+00:00 stderr F error: unexpected end-of-file
2022-11-22T08:12:46.725614902+00:00 stderr F error: builder for '/nix/store/v3h24ckjln19z65wikafldg7wfw684qj-github-required.drv' failed with exit code 1

On the Machine B ZET logs, which is where the logs above indicate the connection closure is occurring from, we see at this matching time, we have the following:

Nov 22 08:12:02 MACHINE_B ziti-edge-tunnel[4014516]: (4014516)[  1213091.773]    WARN ziti-sdk:channel.c:815 channel_alloc_cb() can't alloc message
Nov 22 08:12:02 MACHINE_B ziti-edge-tunnel[4014516]: (4014516)[  1213091.784]    WARN ziti-sdk:channel.c:815 channel_alloc_cb() can't alloc message
Nov 22 08:12:02 MACHINE_B ziti-edge-tunnel[4014516]: (4014516)[  1213091.796]    WARN ziti-sdk:channel.c:815 channel_alloc_cb() can't alloc message
Nov 22 08:12:02 MACHINE_B ziti-edge-tunnel[4014516]: (4014516)[  1213091.807]    WARN ziti-sdk:channel.c:815 channel_alloc_cb() can't alloc message
Nov 22 08:12:03 MACHINE_B ziti-edge-tunnel[4014516]: (4014516)[  1213092.870]    INFO ziti-sdk:ziti.c:1415 ziti_set_api_session() ztx[1] api session set, setting api_sess
ion_timer to 1740s
Nov 22 08:12:10 MACHINE_B ziti-edge-tunnel[4014516]: (4014516)[  1213099.211]    INFO ziti-sdk:ziti.c:1415 ziti_set_api_session() ztx[0] api session set, setting api_sess
ion_timer to 1740s
Nov 22 08:12:46 MACHINE_B ziti-edge-tunnel[4014516]: (4014516)[  1213135.418]    INFO tunnel-cbs:ziti_tunnel_ctrl.c:804 on_ziti_event() ztx[MACHINE_B.ziti] router $CONTROLLER_FQDN@tls://$CONTROLLER_FQDN:3022 disconnected
Nov 22 08:12:46 MACHINE_B ziti-edge-tunnel[4014516]: (4014516)[  1213135.418]    INFO ziti-sdk:channel.c:739 reconnect_channel() ch[0] reconnecting in 8558 ms (attempt = 1)
Nov 22 08:12:47 MACHINE_B ziti-edge-tunnel[4014516]: (4014516)[  1213135.985]    INFO ziti-sdk:channel.c:742 reconnect_channel() ch[0] reconnecting NOW
Nov 22 08:12:47 MACHINE_B ziti-edge-tunnel[4014516]: (4014516)[  1213136.530]   ERROR ziti-sdk:channel.c:485 dispatch_message() ch[0] received unexpected message ct[ED72] in Connecting state
Nov 22 08:12:47 MACHINE_B ziti-edge-tunnel[4014516]: (4014516)[  1213136.530]   ERROR ziti-sdk:channel.c:496 dispatch_message() ch[0] received message without conn_id or for unknown connection ct[ED72] conn_id[4857]
Nov 22 08:12:47 MACHINE_B ziti-edge-tunnel[4014516]: (4014516)[  1213136.530]   ERROR ziti-sdk:channel.c:485 dispatch_message() ch[0] received unexpected message ct[ED72] in Connecting state

In machine B’s ZET logs, we first see can’t alloc message WARNs which seem to be logged in significant quantity whenever network bandwidth is high, followed by a disconnection message to the Ziti controller after which automatic reconnection is attempted and does succeed after a second or two. Unfortunately, though, the software utilizing the tunnel during this event breaks (ex: the CI jobs mentioned above).

On the machine A side, the ZET systemd service does not have any logs of significance at this timestamp. On the ziti-router and ziti-controller systemd services, logs of relevance at this timestamp are:

# Router logs on machines A:
Nov 22 08:12:46 zt ziti-router[271796]: {"file":"github.com/openziti/edge@v0.24.12/router/xgress_edge/fabric.go:74","func":"github.com/openziti/edge/router/xgress_edge.(*edgeTerminator).close","level":"info","msg":"removing terminator on controller","terminatorId":"4l5VOO3g3XPZ0tp8vOFQg3","time":"2022-11-22T08:12:46.537Z","token":"$TOKEN1"}
Nov 22 08:12:46 zt ziti-router[271796]: {"_context":"ch{edge}-\u003eu{classic}-\u003ei{bkDW}","file":"github.com/openziti/edge@v0.24.12/router/xgress_edge/listener.go:114","func":"github.com/openziti/edge/router/xgress_edge.(*edgeClientConn).HandleClose","level":"warning","msg":"failed to remove terminator for session on channel close","terminatorId":"4l5VOO3g3XPZ0tp8vOFQg3","time":"2022-11-22T08:12:46.540Z","token":"$TOKEN1"}
Nov 22 08:12:47 zt ziti-router[271796]: {"_context":"ch{edge}-\u003eu{classic}-\u003ei{koeO}","chSeq":1,"connId":0,"edgeSeq":0,"file":"github.com/openziti/edge@v0.24.12/router/xgress_edge/listener.go:302","func":"github.com/openziti/edge/router/xgress_edge.(*edgeClientConn).processBind","level":"info","msg":"created terminator","routerId":"HhEiZMAet","sessionId":"b8ab1333-b61b-4cc3-aec8-cfacb52d575b","terminatorId":"","time":"2022-11-22T08:12:47.663Z","type":"EdgeBindType","uuid":"invalid-uuid-size-of-0-bytes"}

# Controller logs on machines A:
Nov 22 08:12:46 zt ziti-controller[271702]: {"file":"github.com/openziti/edge@v0.24.12/controller/handler_edge_ctrl/remove_terminator.go:118","func":"github.com/openziti/edge/controller/handler_edge_ctrl.(*removeTerminatorHandler).RemoveTerminator","level":"info","msg":"removed terminator","routerId":"HhEiZMAet","serviceId":"7LBEyG0NFDL2hY1dAWZ701","terminator":"4l5VOO3g3XPZ0tp8vOFQg3","time":"2022-11-22T08:12:46.539Z","token":"$TOKEN2"}
Nov 22 08:12:46 zt ziti-controller[271702]: {"error":"invalid terminator: not found","file":"github.com/openziti/edge@v0.24.12/controller/handler_edge_ctrl/common.go:318","func":"github.com/openziti/edge/controller/handler_edge_ctrl.(*baseSessionRequestContext).verifyTerminator","level":"error","msg":"terminator not found","operation":"remove.terminator","terminatorId":"4l5VOO3g3XPZ0tp8vOFQg3","time":"2022-11-22T08:12:46.540Z"}
Nov 22 08:12:46 zt ziti-controller[271702]: {"_context":"ch{HhEiZMAet}-\u003eu{classic}-\u003ei{erpQ}","error":"invalid terminator: not found","file":"github.com/openziti/edge@v0.24.12/controller/handler_edge_ctrl/common.go:75","func":"github.com/openziti/edge/controller/handler_edge_ctrl.(*baseRequestHandler).returnError","level":"error","msg":"responded with error","operation":"remove.terminator","routerId":"HhEiZMAet","time":"2022-11-22T08:12:46.540Z","token":"$TOKEN2"}
Nov 22 08:12:47 zt ziti-controller[271702]: {"_context":"ch{HhEiZMAet}-\u003eu{classic}-\u003ei{erpQ}","file":"github.com/openziti/edge@v0.24.12/controller/handler_edge_ctrl/create_terminator.go:122","func":"github.com/openziti/edge/controller/handler_edge_ctrl.(*createTerminatorHandler).CreateTerminator","level":"info","msg":"created terminator","routerId":"HhEiZMAet","service":"MACHINE_B","serviceId":"7LBEyG0NFDL2hY1dAWZ701","terminator":"4v7NZmXgXeU3BsI8kuZl0x","time":"2022-11-22T08:12:47.662Z","token":"b8ab1333-b61b-4cc3-aec8-cfacb52d575b"}

The service is super simple for host and intercept:

# Intercept assigned to machine A (ZTNA)
{
    "addresses": [
        "10.10.0.1/32"
    ],
    "portRanges": [
        {
            "high": 22,
            "low": 22
        }
    ],
    "protocols": [
        "tcp"
    ]
}

# Host assigned to machine B (ZTHA)
{
    "address": "192.168.3.2",
    "port": 22,
    "protocol": "tcp"
}

I think maybe the first thing I’ll try is to increase the CONNECT TIMEOUT SECONDS option significantly in the dialOptions of the intercept config and see if that helps with the issue. I don’t see a similar timeout option in the host configuration, at least in the web UI, and that seems like it would probably be where we need it since it appears to be the Machine B with the host config that is doing the disconnecting from the controller.

Does anyone have other ideas on how to resolve this?

Versions in use at the moment are:

NAME             VERSION
ziti             v0.26.10
ziti-controller  v0.26.10
ziti-prox-c      not installed
ziti-router      v0.26.10
ziti-tunnel      v0.26.10
ziti-edge-tunnel v0.20.6
2

A couple of questions:

  • Machine A uploads/sends a large file to Machine B via ssh/scp – is this correct?
  • Machine B seems to have two identities (based on the log – ztx[0],ztx[1]) – is this by design?

I am looking into the possible paths that may cause these. Is there any chance you can provide a more detailed log for ZET around the time of connection drops?

1 Like
3

Hi @ekoby, thank you for the response.

  1. Yes, machine A will transfer a large file to machine B via ssh/scp. To expand on this comment a little: machine B is acting as a build server that requires various file dependencies which are supplied both through the ZET tunnel, and also through the local LAN that machine B is on. The files vary in size and quantity depending on build job.

  2. Yes, Machine B was acting as a shared resources for two different deployments with each deployment having its own Ziti network, and consequently Machine B had identity membership to both.

To simplify debugging, I’ve removed the second identity from Machine B and have left only the identity for the Ziti network we care the most about. I’ve also turned up the logging verbosity to 6 on Machine B and restarted the ZET systemd service.

Also, there is another machine C, which is configured identical to B with just a different intercept IP which is also experiencing the same problem. It is also a ZTHA machine, has the same relationship to machine A that machine B does and is also functioning as a shared build server.

I mention machine C because the problem has re-occurred on it already with just the one network identity and I can provide the detailed logs for it now. The ZET detailed logs seen from machine C with just one identity, with a disconnect event at timestamp Nov 22 21:42:05 are:

Nov 22 21:08:34 MACHINE_C systemd[1]: Started ziti-edge-tunnel.service.
Nov 22 21:08:34 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.000]   TRACE ziti-edge-tunnel:instance-config.c:77 load_tunnel_status_from_file() config path exists at /var/lib/ziti
Nov 22 21:08:34 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.000]    INFO ziti-edge-tunnel:instance-config.c:86 load_tunnel_status_from_file() Loading config file from /var/lib/ziti/config.json
Nov 22 21:08:34 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.000]    INFO ziti_log_set_level set log level: root=3
Nov 22 21:08:34 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.000]    INFO tunnel-sdk:ziti_tunnel.c:60 create_tunneler_ctx() Ziti Tunneler SDK (v0.20.6)
Nov 22 21:08:34 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.000]    INFO tunnel-cbs:ziti_dns.c:171 seed_dns() DNS configured with range 100.64.0.0 - 100.95.255.255 (2097150 ips)
Nov 22 21:08:34 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.000]    INFO tunnel-cbs:ziti_dns.c:232 ziti_dns_set_upstream() DNS upstream is set to 127.0.0.1:53
Nov 22 21:08:34 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.000]    INFO ziti-edge-tunnel:ziti-edge-tunnel.c:1595 run_tunneler_loop() Loading identity files from identity
Nov 22 21:08:34 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.000]    INFO ziti-edge-tunnel:ziti-edge-tunnel.c:1092 load_identities() loading identity file: $IDENTITY_NAME.json
Nov 22 21:08:34 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.020]    INFO ziti-edge-tunnel:resolvers.c:66 init_libsystemd() Initializing libsystemd
Nov 22 21:08:34 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.020]    INFO tunnel-cbs:ziti_tunnel_ctrl.c:864 load_ziti_async() attempting to load ziti instance from file[identity/$IDENTITY_NAME.json]
Nov 22 21:08:34 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.020]    INFO tunnel-cbs:ziti_tunnel_ctrl.c:871 load_ziti_async() loading ziti instance from /var/lib/ziti/identity/$IDENTITY_NAME.json
Nov 22 21:08:34 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.020]    INFO ziti_log_set_level set log level: root=3
Nov 22 21:08:34 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.020]    INFO ziti-edge-tunnel:ziti-edge-tunnel.c:1107 load_id_cb() identity[identity/$IDENTITY_NAME.json] loaded
Nov 22 21:08:34 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.024]    INFO ziti-sdk:ziti.c:425 ziti_init_async() ztx[0] Ziti C SDK version 0.30.2 @040c4dd(HEAD) starting at (2022-11-22T21:08:34.619)
Nov 22 21:08:34 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.024]    INFO ziti-sdk:ziti.c:426 ziti_init_async() ztx[0] using uv_mbed[v0.14.11], tls[mbed TLS 3.2.1]
Nov 22 21:08:34 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.024]    INFO ziti-sdk:ziti.c:427 ziti_init_async() ztx[0] Loading from config[identity/$IDENTITY_NAME.json] controller[https://$CTRL_FQDN:1280]
Nov 22 21:08:34 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.024]    INFO ziti-sdk:ziti_ctrl.c:401 ziti_ctrl_init() ctrl[$CTRL_FQDN] ziti controller client initialized
Nov 22 21:08:34 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.024]    INFO ziti-sdk:ziti.c:860 ziti_re_auth_with_cb() ztx[0] starting to re-auth with ctlr[https://$CTRL_FQDN:1280] api_session_status[0] api_session_expired[TRUE]
Nov 22 21:08:34 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.029]    WARN ziti-edge-tunnel:tun.c:255 find_dns_updater() Adding ziti resolver to /etc/resolv.conf. Ziti DNS functionality may be impaired
Nov 22 21:08:35 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.555]    INFO ziti-sdk:ziti.c:1525 version_cb() ztx[0] connected to controller https://$CTRL_FQDN:1280 version v0.26.10(72978b5aa932 2022-10-13T15:31:04Z)
Nov 22 21:08:35 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.693]    INFO ziti-sdk:ziti.c:1415 ziti_set_api_session() ztx[0] api session set, setting api_session_timer to 1740s
Nov 22 21:08:35 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.693]    INFO tunnel-cbs:ziti_tunnel_ctrl.c:726 on_ziti_event() ziti_ctx[$IDENTITY_NAME] connected to controller
Nov 22 21:08:45 MACHINE_C ziti-edge-tunnel[448251]: (448251)[        0.693]    INFO ziti-edge-tunnel:ziti-edge-tunnel.c:1137 on_event() ztx[identity/$IDENTITY_NAME.json] context event : status is OK
Nov 22 21:08:45 MACHINE_C ziti-edge-tunnel[448251]: (448251)[       10.721]    INFO ziti-sdk:posture.c:204 ziti_send_posture_data() ztx[0] first run or potential controller restart detected
Nov 22 21:08:45 MACHINE_C ziti-edge-tunnel[448251]: (448251)[       11.332]    INFO ziti-sdk:channel.c:231 new_ziti_channel() ch[0] ($CTRL_FQDN@tls://$CTRL_FQDN:3022) new channel for ztx[0] identity[MACHINE_C.ziti]
Nov 22 21:08:45 MACHINE_C ziti-edge-tunnel[448251]: (448251)[       11.332]    INFO tunnel-cbs:ziti_tunnel_ctrl.c:797 on_ziti_event() ztx[MACHINE_C.ziti] added edge router $CTRL_FQDN@tls://$CTRL_FQDN:3022@$CTRL_FQDN
Nov 22 21:08:50 MACHINE_C ziti-edge-tunnel[448251]: (448251)[       11.332]    INFO ziti-sdk:channel.c:742 reconnect_channel() ch[0] reconnecting NOW
Nov 22 21:08:51 MACHINE_C ziti-edge-tunnel[448251]: (448251)[       16.850]    INFO tunnel-cbs:ziti_tunnel_ctrl.c:701 on_service() hosting server_address[tcp:192.168.3.2:22] service[$SERVICE_NAME]
Nov 22 21:08:51 MACHINE_C ziti-edge-tunnel[448251]: (448251)[       16.850]    INFO ziti-edge-tunnel:ziti-edge-tunnel.c:1262 on_event() =============== service event (added) - $SERVICE_NAME:2BCKhx4bak87gejQCbFPfZ ===============
Nov 22 21:08:51 MACHINE_C ziti-edge-tunnel[448251]: (448251)[       16.850]    INFO ziti-edge-tunnel:tun.c:174 tun_commit_routes() starting 1 route updates
Nov 22 21:08:51 MACHINE_C ziti-edge-tunnel[448251]: (448251)[       16.853]    INFO ziti-edge-tunnel:tun.c:118 route_updates_done() route updates[1]: 0/OK
Nov 22 21:08:51 MACHINE_C ziti-edge-tunnel[448251]: (448251)[       16.860]    INFO ziti-sdk:channel.c:640 hello_reply_cb() ch[0] connected. EdgeRouter version: v0.26.10|72978b5aa932|2022-10-13T15:31:04Z|linux|amd64
Nov 22 21:08:51 MACHINE_C ziti-edge-tunnel[448251]: (448251)[       16.860]    INFO tunnel-cbs:ziti_tunnel_ctrl.c:801 on_ziti_event() ztx[MACHINE_C.ziti] router $CTRL_FQDN@tls://$CTRL_FQDN:3022 connected
Nov 22 21:18:28 MACHINE_C ziti-edge-tunnel[448251]: (448251)[      593.830]    INFO tunnel-cbs:ziti_hosting.c:611 on_hosted_client_connect() hosted_service[$SERVICE_NAME], client[zt-zet.ziti] dst_addr[tcp:10.10.0.2:22]: incoming connection
Nov 22 21:18:30 MACHINE_C ziti-edge-tunnel[448251]: (448251)[      596.367]    INFO tunnel-cbs:ziti_hosting.c:611 on_hosted_client_connect() hosted_service[$SERVICE_NAME], client[zt-zet.ziti] dst_addr[tcp:10.10.0.2:22]: incoming connection
Nov 22 21:18:32 MACHINE_C ziti-edge-tunnel[448251]: (448251)[      598.090]    INFO tunnel-cbs:ziti_hosting.c:611 on_hosted_client_connect() hosted_service[$SERVICE_NAME], client[zt-zet.ziti] dst_addr[tcp:10.10.0.2:22]: incoming connection
Nov 22 21:18:34 MACHINE_C ziti-edge-tunnel[448251]: (448251)[      600.016]    INFO tunnel-cbs:ziti_hosting.c:611 on_hosted_client_connect() hosted_service[$SERVICE_NAME], client[zt-zet.ziti] dst_addr[tcp:10.10.0.2:22]: incoming connection
Nov 22 21:18:36 MACHINE_C ziti-edge-tunnel[448251]: (448251)[      601.961]    INFO tunnel-cbs:ziti_hosting.c:611 on_hosted_client_connect() hosted_service[$SERVICE_NAME], client[zt-zet.ziti] dst_addr[tcp:10.10.0.2:22]: incoming connection
Nov 22 21:18:39 MACHINE_C ziti-edge-tunnel[448251]: (448251)[      605.260]    INFO tunnel-cbs:ziti_hosting.c:611 on_hosted_client_connect() hosted_service[$SERVICE_NAME], client[zt-zet.ziti] dst_addr[tcp:10.10.0.2:22]: incoming connection
Nov 22 21:18:41 MACHINE_C ziti-edge-tunnel[448251]: (448251)[      607.097]    INFO tunnel-cbs:ziti_hosting.c:611 on_hosted_client_connect() hosted_service[$SERVICE_NAME], client[zt-zet.ziti] dst_addr[tcp:10.10.0.2:22]: incoming connection
Nov 22 21:20:24 MACHINE_C ziti-edge-tunnel[448251]: (448251)[      710.175]    INFO tunnel-cbs:ziti_hosting.c:611 on_hosted_client_connect() hosted_service[$SERVICE_NAME], client[zt-zet.ziti] dst_addr[tcp:10.10.0.2:22]: incoming connection
Nov 22 21:37:35 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     1741.056]    INFO ziti-sdk:ziti.c:1415 ziti_set_api_session() ztx[0] api session set, setting api_session_timer to 1740s
Nov 22 21:39:12 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     1837.907]    INFO tunnel-cbs:ziti_hosting.c:611 on_hosted_client_connect() hosted_service[$SERVICE_NAME], client[zt-zet.ziti] dst_addr[tcp:10.10.0.2:22]: incoming connection
Nov 22 21:41:47 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     1993.089]    WARN ziti-sdk:channel.c:815 channel_alloc_cb() can't alloc message
Nov 22 21:41:47 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     1993.094]    WARN ziti-sdk:channel.c:815 channel_alloc_cb() can't alloc message
Nov 22 21:41:47 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     1993.097]    WARN ziti-sdk:channel.c:815 channel_alloc_cb() can't alloc message
Nov 22 21:41:47 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     1993.100]    WARN ziti-sdk:channel.c:815 channel_alloc_cb() can't alloc message
Nov 22 21:41:47 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     1993.103]    WARN ziti-sdk:channel.c:815 channel_alloc_cb() can't alloc message
Nov 22 21:41:47 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     1993.103]    WARN ziti-sdk:channel.c:815 channel_alloc_cb() can't alloc message
Nov 22 21:41:47 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     1993.107]    WARN ziti-sdk:channel.c:815 channel_alloc_cb() can't alloc message
Nov 22 21:41:47 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     1993.110]    WARN ziti-sdk:channel.c:815 channel_alloc_cb() can't alloc message
Nov 22 21:41:47 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     1993.113]    WARN ziti-sdk:channel.c:815 channel_alloc_cb() can't alloc message
Nov 22 21:41:47 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     1993.113]    WARN ziti-sdk:channel.c:815 channel_alloc_cb() can't alloc message
Nov 22 21:41:47 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     1993.117]    WARN ziti-sdk:channel.c:815 channel_alloc_cb() can't alloc message
Nov 22 21:41:47 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     1993.120]    WARN ziti-sdk:channel.c:815 channel_alloc_cb() can't alloc message
Nov 22 21:41:47 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     1993.124]    WARN ziti-sdk:channel.c:815 channel_alloc_cb() can't alloc message
Nov 22 21:41:47 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     1993.127]    WARN ziti-sdk:channel.c:815 channel_alloc_cb() can't alloc message
Nov 22 21:41:47 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     1993.130]    WARN ziti-sdk:channel.c:815 channel_alloc_cb() can't alloc message
Nov 22 21:42:05 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     2010.950]    INFO tunnel-cbs:ziti_tunnel_ctrl.c:804 on_ziti_event() ztx[MACHINE_C.ziti] router $CTRL_FQDN@tls://$CTRL_FQDN:3022 disconnected
Nov 22 21:42:05 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     2010.950]    INFO ziti-sdk:channel.c:739 reconnect_channel() ch[0] reconnecting in 9628 ms (attempt = 1)
Nov 22 21:42:05 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     2011.310]    INFO ziti-sdk:channel.c:742 reconnect_channel() ch[0] reconnecting NOW
Nov 22 21:42:06 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     2011.846]   ERROR ziti-sdk:channel.c:485 dispatch_message() ch[0] received unexpected message ct[ED72] in Connecting state
Nov 22 21:42:06 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     2011.846]   ERROR ziti-sdk:channel.c:496 dispatch_message() ch[0] received message without conn_id or for unknown connection ct[ED72] conn_id[9]
Nov 22 21:42:06 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     2011.846]   ERROR ziti-sdk:channel.c:485 dispatch_message() ch[0] received unexpected message ct[ED72] in Connecting state
Nov 22 21:42:06 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     2011.846]   ERROR ziti-sdk:channel.c:496 dispatch_message() ch[0] received message without conn_id or for unknown connection ct[ED72] conn_id[9]
Nov 22 21:42:06 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     2011.846]   ERROR ziti-sdk:channel.c:485 dispatch_message() ch[0] received unexpected message ct[ED72] in Connecting state
Nov 22 21:42:06 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     2011.846]   ERROR ziti-sdk:channel.c:496 dispatch_message() ch[0] received message without conn_id or for unknown connection ct[ED72] conn_id[9]
Nov 22 21:42:06 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     2011.846]   ERROR ziti-sdk:channel.c:485 dispatch_message() ch[0] received unexpected message ct[ED72] in Connecting state

<...snip the two above repeating log lines, occuring about 50 more times...>

Nov 22 21:42:06 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     2011.846]   ERROR ziti-sdk:channel.c:496 dispatch_message() ch[0] received message without conn_id or for unknown connection ct[ED72] conn_id[9]
Nov 22 21:42:06 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     2011.846]   ERROR ziti-sdk:channel.c:485 dispatch_message() ch[0] received unexpected message ct[ED72] in Connecting state
Nov 22 21:42:06 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     2011.846]   ERROR ziti-sdk:channel.c:496 dispatch_message() ch[0] received message without conn_id or for unknown connection ct[ED72] conn_id[9]
Nov 22 21:42:06 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     2011.846]   ERROR ziti-sdk:channel.c:485 dispatch_message() ch[0] received unexpected message ct[ED72] in Connecting state
Nov 22 21:42:06 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     2011.846]   ERROR ziti-sdk:channel.c:496 dispatch_message() ch[0] received message without conn_id or for unknown connection ct[ED72] conn_id[9]
Nov 22 21:42:06 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     2011.846]   ERROR ziti-sdk:channel.c:474 dispatch_message() ch[0] could not find waiter for reply_to = 80982
Nov 22 21:42:06 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     2011.846]    WARN ziti-sdk:channel.c:479 dispatch_message() ch[0] lost hello reply waiter
Nov 22 21:42:06 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     2011.846]    INFO ziti-sdk:channel.c:640 hello_reply_cb() ch[0] connected. EdgeRouter version: <unknown>
Nov 22 21:42:06 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     2011.846]    INFO tunnel-cbs:ziti_tunnel_ctrl.c:801 on_ziti_event() ztx[MACHINE_C.ziti] router $CTRL_FQDN@tls://$CTRL_FQDN:3022 connected
Nov 22 21:42:06 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     2011.846]    INFO ziti-sdk:channel.c:640 hello_reply_cb() ch[0] connected. EdgeRouter version: v0.26.10|72978b5aa932|2022-10-13T15:31:04Z|linux|amd64
Nov 22 21:42:06 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     2011.846]    INFO tunnel-cbs:ziti_tunnel_ctrl.c:801 on_ziti_event() ztx[MACHINE_C.ziti] router $CTRL_FQDN@tls://$CTRL_FQDN:3022 connected
Nov 22 22:06:36 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     3481.477]    INFO ziti-sdk:ziti.c:1415 ziti_set_api_session() ztx[0] api session set, setting api_session_timer to 1740s
Nov 22 22:25:29 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     4615.320]    INFO tunnel-cbs:ziti_hosting.c:611 on_hosted_client_connect() hosted_service[$SERVICE_NAME], client[zt-zet.ziti] dst_addr[tcp:10.10.0.2:22]: incoming connection
Nov 22 22:25:32 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     4618.127]    INFO tunnel-cbs:ziti_hosting.c:611 on_hosted_client_connect() hosted_service[$SERVICE_NAME], client[zt-zet.ziti] dst_addr[tcp:10.10.0.2:22]: incoming connection
Nov 22 22:25:34 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     4619.667]    INFO tunnel-cbs:ziti_hosting.c:611 on_hosted_client_connect() hosted_service[$SERVICE_NAME], client[zt-zet.ziti] dst_addr[tcp:10.10.0.2:22]: incoming connection
Nov 22 22:25:37 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     4622.590]    INFO tunnel-cbs:ziti_hosting.c:611 on_hosted_client_connect() hosted_service[$SERVICE_NAME], client[zt-zet.ziti] dst_addr[tcp:10.10.0.2:22]: incoming connection
Nov 22 22:25:39 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     4625.293]    INFO tunnel-cbs:ziti_hosting.c:611 on_hosted_client_connect() hosted_service[$SERVICE_NAME], client[zt-zet.ziti] dst_addr[tcp:10.10.0.2:22]: incoming connection
Nov 22 22:25:41 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     4626.805]    INFO tunnel-cbs:ziti_hosting.c:611 on_hosted_client_connect() hosted_service[$SERVICE_NAME], client[zt-zet.ziti] dst_addr[tcp:10.10.0.2:22]: incoming connection
Nov 22 22:25:42 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     4628.379]    INFO tunnel-cbs:ziti_hosting.c:611 on_hosted_client_connect() hosted_service[$SERVICE_NAME], client[zt-zet.ziti] dst_addr[tcp:10.10.0.2:22]: incoming connection
Nov 22 22:25:44 MACHINE_C ziti-edge-tunnel[448251]: (448251)[     4630.111]    INFO tunnel-cbs:ziti_hosting.c:611 on_hosted_client_connect() hosted_service[$SERVICE_NAME], client[zt-zet.ziti] dst_addr[tcp:10.10.0.2:22]: incoming connection

Edit:

  • I also tried bumping the service host configuration to a timeout of 7200 seconds, just as a shot in the dark with something to try, but it did not resolve the problem
4

Thank you for the update. It is definitely a bug.

I’ve added the github issue for it. Edge Router connection drops during large transfer · Issue #478 · openziti/ziti-sdk-c · GitHub

if you don’t mind, please attach verbose log to that issue

1 Like
5

Done! Thank you very much for digging into this!