tcping server will result in an attempt to connect to the server

[NimaQu]

Describe the bug To optimize my mumble server, I use relay servers in different regions. To monitor the status of the relay servers, I used the health check feature of Amazon Route 53 to perform a health check on port 64738 of the mumble server using TCP.

I soon found that my server could not connect and checked the logs to see that my relay server IP had been banned. This was because every time a tcp test was performed, the mumble server seemed to think it was going to make a connection and triggered the automatic ban setting.

The only solution seems to be to disable the auto-ban, but this still leaves a lot of trash in the log file.

Steps to Reproduce Steps to reproduce the behavior: just tcping serveripaddr:64738

Expected behavior A clear and concise description of what you expected to happen.

Mumble server not think tcping is a server connection.

Screenshots If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information): Additional context Add any other context about the problem here.

[davidebeatrici]

"Pinging" a TCP port effectively means opening a connection and the server cannot know that it's not the Mumble protocol before establishing a TLS/SSL session, because we don't transport anything outside of the encrypted layer.

What we can do is implement a feature to disable log messages and flood control for specific IP addresses (and additionally ports, for more granular control).

[Krzmbrzl]

Couldn't you just send your pings to a different port? Or if you want to explicitly ping the Mumble server, you could send a UDP ping (keep sending until one is returned). For that you could use the same ping format that the server browser in the Mumble client uses (assuming you didn't disable pinging in your server's setting).

[NimaQu]

@Krzmbrzl I'm using Amazon route53's health check feature to ensure that I can automatically switch to another relay server when the relay server dies. Unfortunately, it only supports http(s) or TCP tests, so if I choose a different port such as 22, I only know that the connection from the internet to the relay server is OK, not the connection from the relay server to the mumble server.

[Krzmbrzl]

Okay then.

I am voting against integrating any changes into the server that start messing with the connection logic. If we are receiving a TCP connection on the port that is specifically opened for connecting to the server, then that should initiate a connection. Everything else is just prone to getting messy.

The only thing I could imagine would be to introduce a secondary port that the server is listening to and that is dedicated to handling TCP pings. But then again: We already have a system for UDP pings that is already well established and is used to obtain server-details (e.g. connected users), so I am not convinced that it is worth it to have a secondary channel for that...

[stale[bot]]

This support-issue has been automatically marked as stale because it has not had recent activity. If no further activity occurs, the issue will be automatically closed as we'll assume your problem to be fixed.