Node TLS handshake performance

[StefanHaring]

Hi,

it takes about 3 seconds to establish the TLS connection. Is that normal? I analysed the code but I didn't found any possibilities to speed that up.

Best regads Stefan

[PLCHome]

Yes, that's fact. The KLF200 needs more then a second to send the key and more then a second for the "change cipher spec". 192.168.2.15 is the KLF and 192.168.2.62 is the client. The client responds quickly.

You can write to velux.

But they are not very interested in error messages. I have communicated several errors. Nothing was corrected. If you use the house monitor there come wrong timestamp. If the connection breaks down with switched on house monitor, the KLF will no longer perform a change cipher spec, so there is noc connection possible. There were a few small things left.

[StefanHaring]

I already got in touch with Velux Austria support. But the guy didn't even know what TLS is and the won't provide any support regarding the network interface.

Thanks for the wireshark screenshot, that was what I wanted to take a look at today. In that case I won't be able to use the klf because 3 seconds is too long for me.

Another approach didn't work: I tried to use "net" instead of "tls" for creating the socket in order to check if the klf also supports unencrypted communication, however I had no luck. In that case at least the specs seems to be correct that a TLS handshake has to be performed in order to login and send requests.

[PLCHome]

Of course I do not know your application but maybe you can keep the connection open. In the Nodered implementation, I keep the connection open. However, there must be a timer that polls every 10 minutes.

Development and product management are located in Denmark VELUX A/S Global Product Management Industrivej 12, DK-8752 Østbirk www.velux.com

[StefanHaring]

Thanks for your reply. I also thought about that, but I already have a wired connection to 3 KLF 100 and will most propably keep that. I wanted to replace that solution to get free outpus of my plc.

I will also get in touch with the development team. I would prefer that there is an unencrypted interface as well, were I don't have to wait 3 seconds for the handshake.

[PLCHome]

I know, I have solved the PLC communication via node red. One node communicates with the PLC the other with the KLF. The advantage is that, provided there is a node, you only have to parameterize. A Zigbee coupling is also implemented in Node Red as well as the connection of the heating via Ebus and the Smoke Detector with an knx bus. The programms ar runing in some Docker container on a raspberry right next to the PLC. The stupid thing was, I had to write the note for the klf200 and the PLC myself