search

redis / ioredis

🚀 A robust, performance-focused, and full-featured Redis client for Node.js.
MIT License
14.4k stars 1.2k forks source link

Redis connection errors using gateway server / load balancer. "Please report this" #1696

Closed ferbs closed 1 year ago

ferbs commented 1 year ago

I'm trying to connect IORedis v5.2.4 to a redis server behind a gateway (Caddy v2.5.1). All seems to work fine without SSL/TLS but IORedis can't connect when using either a "redis://" schema or with tls config options.

rediss:// schema attempt:

process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
const redis = new IORedis(`rediss://redis-admin:abc123@localhost:6321`);
await redis.ping();

...results in:

Redis connection error Error: Client network socket disconnected before secure TLS connection was established
    at connResetException (node:internal/errors:692:14)
    at TLSSocket.onConnectEnd (node:_tls_wrap:1587:19)
    at TLSSocket.emit (node:events:539:35)
    at TLSSocket.emit (node:domain:475:12)
    at endReadableNT (node:internal/streams/readable:1345:12)
    at processTicksAndRejections (node:internal/process/task_queues:83:21) {
  code: 'ECONNRESET',
  path: undefined,
  host: 'localhost',
  port: 6321,
  localAddress: undefined
}

....with strange TLS handshake problems reported by the gateway:

{"level":"debug","ts":1672441488.2447333,"logger":"tls.handshake","msg":"no matching certificates and no custom selection logic","identifier":"172.25.0.2"}
{"level":"debug","ts":1672441488.2447736,"logger":"tls.handshake","msg":"all external certificate managers yielded no certificates and no errors","sni":""}
{"level":"debug","ts":1672441488.2448027,"logger":"tls.handshake","msg":"no certificate matching TLS ClientHello","server_name":"","remote":"172.25.0.1:35082","identifier":"172.25.0.2","cipher_suites":[4866,4867,4865,49199,49195,49200,49196,158,49191,103,49192,107,163,159,52393,52392,52394,49327,49325,49315,49311,49245,49249,49239,49235,162,49326,49324,49314,49310,49244,49248,49238,49234,49188,106,49187,64,49162,49172,57,56,49161,49171,51,50,157,49313,49309,49233,156,49312,49308,49232,61,60,53,47,255],"cert_cache_fill":0.0001,"load_if_necessary":true,"obtain_if_necessary":true,"on_demand":false}
{"level":"debug","ts":1672441488.2449312,"logger":"http.stdlib","msg":"http: TLS handshake error from 172.25.0.1:35082: no certificate available for '172.25.0.2'"}

TLS-options attempt:

const redis = new IORedis({
  host: 'localhost',
  port: 6321,
  username: 'redis-admin',
  password: 'abc123',
  tls: {
    rejectUnauthorized: false,
    servername: 'localhost',    
  }
});
await redis.ping();

...results in:

Redis connection error ParserError: Protocol error, got "H" as reply type byte. Please report this.
    at handleError (/home/ferbs/repos/repos-plurr/plurr/node_modules/.pnpm/redis-parser@3.0.0/node_modules/redis-parser/lib/parser.js:190:15)
    at parseType (/home/ferbs/repos/repos-plurr/plurr/node_modules/.pnpm/redis-parser@3.0.0/node_modules/redis-parser/lib/parser.js:304:14) {
  offset: 1,
  buffer: '{"type":"Buffer","data":[72,84,84,80,47,49,46,49,32,52,48,48,32,66,97,100,32,82,101,113,117,101,115,116,13,10,67,111,110,116,101,110,116,45,84,121,112,101,58,32,116,101,120,116,47,112,108,97,105,110,59,32,99,104,97,114,115,101,116,61,117,116,102,45,56,13,10,67,111,110,110,101,99,116,105,111,110,58,32,99,108,111,115,101,13,10,13,10,52,48,48,32,66,97,100,32,82,101,113,117,101,115,116]}'
}

...but with no TLS problems reported by the gateway:

{"level":"debug","ts":1672441703.3973467,"logger":"tls.handshake","msg":"choosing certificate","identifier":"localhost","num_choices":1}
{"level":"debug","ts":1672441703.3973958,"logger":"tls.handshake","msg":"default certificate selection results","identifier":"localhost","subjects":["localhost"],"managed":true,"issuer_key":"local","hash":"a7d0d4c9d08ddb0d3417b1e5f655a55b1c03b44df52d5d3a1a8ff0708d0bc704"}
{"level":"debug","ts":1672441703.397411,"logger":"tls.handshake","msg":"matched certificate in cache","subjects":["localhost"],"managed":true,"expiration":1672466287,"hash":"a7d0d4c9d08ddb0d3417b1e5f655a55b1c03b44df52d5d3a1a8ff0708d0bc704"}
A tcpdump confirms traffic is ciphertext 17:44:18.959090 lo In IP 127.0.0.1.55234 > 127.0.0.1.6321: Flags [S], seq 1717281641, win 65495, options [mss 65495,sackOK,TS val 1324065157 ecr 0,nop,wscale 7], length 0 E..<.9@.@.K.............f[.i.........0......... N........... 17:44:18.959101 lo In IP 127.0.0.1.6321 > 127.0.0.1.55234: Flags [S.], seq 2087445893, ack 1717281642, win 65483, options [mss 65495,sackOK,TS val 1324065157 ecr 1324065157,nop,wscale 7], length 0 E..<..@.@.<.............|k..f[.j.....0......... N...N....... 17:44:18.959108 lo In IP 127.0.0.1.55234 > 127.0.0.1.6321: Flags [.], ack 1, win 512, options [nop,nop,TS val 1324065157 ecr 1324065157], length 0 E..4.:@.@.K.............f[.j|k.......(..... N...N... 17:44:18.959311 lo In IP 127.0.0.1.55234 > 127.0.0.1.6321: Flags [P.], seq 1:364, ack 1, win 512, options [nop,nop,TS val 1324065157 ecr 1324065157], length 363 E....;@.@.J.............f[.j|k............. N...N.......f...b..C"F...HX(.LQ.Y&..v...X..O _.O? $ e>.j.i..%V...RP]..%...3\..y,.U'..v......./.+.0.,...'.g.(.k...................].a.W.S...........\.`.V.R.$.j.#.@. ...9.8. ...3.2.......Q.......P.=.<.5./.............. localhost......... ... ...........#.............0............. . .................................+........-.....3.&.$... ....\..VQ^ |.fH(...!.+e9.{.e...k 17:44:18.959316 lo In IP 127.0.0.1.6321 > 127.0.0.1.55234: Flags [.], ack 364, win 509, options [nop,nop,TS val 1324065157 ecr 1324065157], length 0 E..4Na@.@..`............|k..f[.......(..... N...N... 17:44:18.959762 lo In IP 127.0.0.1.6321 > 127.0.0.1.55234: Flags [P.], seq 1:1423, ack 364, win 512, options [nop,nop,TS val 1324065158 ecr 1324065157], length 1422 E...Nb@.@...............|k..f[............. N...N.......z...v..nf6.9.{.......I...S........q.m.. e>.j.i..%V...RP]..%...3\..y,.U'.......+.....3.$... 8.\.P.; @.qc..W.M....d....Uf...]............{..{.k..8..6.. cLNW..=.......bFxL.O?_.b{.....5@._4....a..$on....an....'O..:.9........S}....W...@........{.... .......9.2....>xp....P.#W_U;!BT......,<&}.5... ......(..[].o......uj....wr...^:5%.....x.cs.D.. .;..#....4........Z..y.TL.......x......IG....tZ.O..C........*z.n..i...-. Q.v..S|gq....`J.eA....X.|E..=.i...[dn.I..~...BY..<.....v.C.t..Y.h.[>... ..0.......l...$... ...9.."b^.Ss...-.$R<..f.^.0..@....N.).T..<.D!..mif.....98.|.Nf. T`.z.D....7.|.=l...J.{S.C.B...=.`rK..`.....cCB[ID.6.lI..........f...1.3...22...!.......:m..)..[.n.C.7E...0h..V.. .Zw^.A4..:........G#.Z...zI..E..........j:... ^.., ........2....F...-... .Ix.5...1....Y.ZS.....a.5......w.....0pN@..q....8...>.[qn.z.pE.....%l**[...:.+4!...3.~.'...0..aD{.s....Y...`+M..F..3M...q*..H....p..7.D..e..k.zr.l.Z....^zQ.}....OE ...S.... >.......xQ...q....KO..A...k.J%/....5+s..z.U.z~M...d.m.(8.0.s.:R.L...O.>%s}.~U.7.,t q.d.C}......|.2r`.k#.R#bf,3..b.>..(.8>.%D<.I....?z....(3.}0.s .Q......W......C.s..........K..30..........E.Y5. ....dx.F<... [n...0......`....!.....2....q..... 17:44:18.959768 lo In IP 127.0.0.1.55234 > 127.0.0.1.6321: Flags [.], ack 1423, win 502, options [nop,nop,TS val 1324065158 ecr 1324065158], length 0 E..4.<@.@.K.............f[..|k.......(..... N...N... 17:44:18.960477 lo In IP 127.0.0.1.55234 > 127.0.0.1.6321: Flags [P.], seq 364:513, ack 1423, win 512, options [nop,nop,TS val 1324065158 ecr 1324065158], length 149 E....=@.@.J.............f[..|k............. N...N.............5..(S$8.d.m..L.v......>.}..V.....{Y.E}*....p...J=...%.....Pqo>kK..7d..p...|i. f....xFtx...E.....~........Rj....c....P..I....'.j.Z.q........ 17:44:18.960481 lo In IP 127.0.0.1.6321 > 127.0.0.1.55234: Flags [.], ack 513, win 511, options [nop,nop,TS val 1324065158 ecr 1324065158], length 0 E..4Nc@.@..^............|k..f[.j.....(..... N...N... 17:44:18.960726 lo In IP 127.0.0.1.6321 > 127.0.0.1.55234: Flags [P.], seq 1423:1572, ack 513, win 512, options [nop,nop,TS val 1324065159 ecr 1324065158], length 149 E...Nd@.@...............|k..f[.j........... N...N.......xm..K.e.f.pjP....d.J.!{..R..{X.@....z..M.r.My......... 89....@...~*....io...+.2AC..]1<.&.....u.c.q.Y.g...=i..k..y....u;.e........X.V...:8._..(5#. 17:44:18.960729 lo In IP 127.0.0.1.55234 > 127.0.0.1.6321: Flags [.], ack 1572, win 511, options [nop,nop,TS val 1324065159 ecr 1324065159], length 0 E..4.>@.@.K.............f[.j|k.......(..... N...N... 17:44:18.960746 lo In IP 127.0.0.1.6321 > 127.0.0.1.55234: Flags [F.], seq 1572, ack 513, win 512, options [nop,nop,TS val 1324065159 ecr 1324065159], length 0 E..4Ne@.@..\............|k..f[.j.....(..... N...N... 17:44:18.960983 lo In IP 127.0.0.1.55234 > 127.0.0.1.6321: Flags [P.], seq 513:549, ack 1573, win 511, options [nop,nop,TS val 1324065159 ecr 1324065159], length 36 E..X.?@.@.K^............f[.j|k.......L..... N...N........1G+.&P..$.1.9.U...}..^.be.....9 17:44:18.960989 lo In IP 127.0.0.1.6321 > 127.0.0.1.55234: Flags [.], ack 549, win 512, options [nop,nop,TS val 1324065159 ecr 1324065159], length 0 E..4Nf@.@..[............|k..f[.......(..... N...N... 17:44:18.963402 lo In IP 127.0.0.1.55234 > 127.0.0.1.6321: Flags [P.], seq 549:573, ack 1573, win 512, options [nop,nop,TS val 1324065161 ecr 1324065159], length 24 E..L.@@.@.Ki............f[..|k.......@..... N...N........z....=....&h....... 17:44:18.963407 lo In IP 127.0.0.1.6321 > 127.0.0.1.55234: Flags [.], ack 573, win 512, options [nop,nop,TS val 1324065161 ecr 1324065161], length 0 E..4Ng@.@..Z............|k..f[.......(..... N...N... 17:44:18.964098 lo In IP 127.0.0.1.55234 > 127.0.0.1.6321: Flags [F.], seq 573, ack 1573, win 512, options [nop,nop,TS val 1324065162 ecr 1324065161], length 0 E..4.A@.@.K.............f[..|k.......(..... N...N... 17:44:18.964102 lo In IP 127.0.0.1.6321 > 127.0.0.1.55234: Flags [.], ack 574, win 512, options [nop,nop,TS val 1324065162 ecr 1324065162], length 0 E..4..@.@.<.............|k..f[......1B..... N...N... 17:44:19.018231 lo In IP 127.0.0.1.55242 > 127.0.0.1.6321: Flags [S], seq 1764005864, win 65495, options [mss 65495,sackOK,TS val 1324065216 ecr 0,nop,wscale 7], length 0 E..<..@.@.\.............i$...........0......... N........... 17:44:19.018250 lo In IP 127.0.0.1.6321 > 127.0.0.1.55242: Flags [S.], seq 1117529082, ack 1764005865, win 65483, options [mss 65495,sackOK,TS val 1324065216 ecr 1324065216,nop,wscale 7], length 0 E..<..@.@.<.............B.#.i$.......0......... N...N....... 17:44:19.018264 lo In IP 127.0.0.1.55242 > 127.0.0.1.6321: Flags [.], ack 1, win 512, options [nop,nop,TS val 1324065216 ecr 1324065216], length 0 E..4..@.@.\.............i$..B.#......(..... N...N... 17:44:19.018496 lo In IP 127.0.0.1.55242 > 127.0.0.1.6321: Flags [P.], seq 1:364, ack 1, win 512, options [nop,nop,TS val 1324065216 ecr 1324065216], length 363 E.....@.@.[z............i$..B.#............ N...N.......f...b..jNt....8Yz|.s.vx.....w...i.[\... &.x.!..FA.0H8}#..Y.d9t...y..j..[.v......./.+.0.,...'.g.(.k...................].a.W.S...........\.`.V.R.$.j.#.@. ...9.8. ...3.2.......Q.......P.=.<.5./.............. localhost......... ... ...........#.............0............. . .................................+........-.....3.&.$... 9<.7.nq........n..i;sQ~g3t..m.K{ 17:44:19.018509 lo In IP 127.0.0.1.6321 > 127.0.0.1.55242: Flags [.], ack 364, win 509, options [nop,nop,TS val 1324065216 ecr 1324065216], length 0 E..4|.@.@...............B.#.i$.T.....(..... N...N... 17:44:19.019476 lo In IP 127.0.0.1.6321 > 127.0.0.1.55242: Flags [P.], seq 1:1425, ack 364, win 512, options [nop,nop,TS val 1324065217 ecr 1324065216], length 1424 E...|.@.@...............B.#.i$.T........... N...N.......z...v..P......Z.......t.,.U&rg..C...9#. &.x.!..FA.0H8}#..Y.d9t...y..j..[......+.....3.$... ...[....[-OD.D0.*F....... ...'SY...............?F^.'y.|N...%^.0.O........j..+.....A.;Y...<[........3B.l.M..s....r.K...sO.....w...w...QT.0D..P._.H..k..Yy.!k.......+.[Q.:......V....{.6.E...W.....<-Z.a2...Pc....`.Z.<...\.....>EF._a..b.S./..CKxb...n.O=.b...3 F6.?...n.c-4....jQT.M...u....v......Z...@.".(c...+R..^....<.x.Y.....GjA0.<.V..p.V.K0`R"..Yt.6b.....).=hV.......8..F6......t..'.n.4o...C.1.M.0.......MG.0UGg..Vy.F.A)>6.^7d..GQ..|#.S...s>...}...n.Q9c..9 ..0W75....._k.....t-......5".....)...Z...5Yb..^.J../.q....fC..f=CE...O9#.z..8O..`...[......fg.."C....Z...l...Q>#....%$eT......T&'.t>.]C...7..\...e..0..t.].Rt:yK.|2 l.RL.%..8.a. .T.5...I.F.w.w...t.^|.M+.?..4a{+.C.....E....Hl.F....jd.....H1.....#.ry..:.m..Idq.......!h5.tN;....oz*IO..WB..M.B.\.A.vl.v.(.Q.\..B{.....s......?...a.^..3.R...@..,x.U8"........Q...(..[..L....m..!.".Tvw.......@...5.... .{.....2X`..1F?=.....[,=..w..&[.-'.g..A...u& 8X.s...n.k..[.N....97...l._....u...=........`n.....0.p.&-$...84P;..:.2.^@G.*t...i..)7#*.....4CKjq....h....hE,[.8>k . .Tp+.....a.a...:..{.#6...6...s...E .....s#.BsT....^....vt.......X.*.Y..xB.c....BfS.V..tw~.0...".T..r..Ng..Y....53 .....S.B.....S.4`l..63ro...k.....j}......0.<......d...... 127.0.0.1.6321: Flags [.], ack 1425, win 502, options [nop,nop,TS val 1324065217 ecr 1324065217], length 0 E..4..@.@.\.............i$.TB.)......(..... N...N... 17:44:19.020624 lo In IP 127.0.0.1.55242 > 127.0.0.1.6321: Flags [P.], seq 364:513, ack 1425, win 512, options [nop,nop,TS val 1324065219 ecr 1324065217], length 149 E.....@.@.\N............i$.TB.)............ N...N.............5.&.....m.... Y.I/0_u._. 2.j.y3....tYU.Pl9..E.7O...<.S....P...k.>..m..z.{.~x.MY..61.s9.rv.r...3X.............-J..s ..o...u.rv.F...c..@.,cg. 17:44:19.020642 lo In IP 127.0.0.1.6321 > 127.0.0.1.55242: Flags [.], ack 513, win 511, options [nop,nop,TS val 1324065219 ecr 1324065219], length 0 E..4|.@.@...............B.).i$.......(..... N...N... 17:44:19.020986 lo In IP 127.0.0.1.55242 > 127.0.0.1.6321: Flags [P.], seq 513:549, ack 1425, win 512, options [nop,nop,TS val 1324065219 ecr 1324065219], length 36 E..X..@.@.\.............i$..B.)......L..... N...N........ . ....D.y..0.D.._v;[.....m!3W. 17:44:19.020991 lo In IP 127.0.0.1.6321 > 127.0.0.1.55242: Flags [.], ack 549, win 511, options [nop,nop,TS val 1324065219 ecr 1324065219], length 0 E..4|.@.@...............B.).i$.......(..... N...N... 17:44:19.021097 lo In IP 127.0.0.1.6321 > 127.0.0.1.55242: Flags [P.], seq 1425:1574, ack 549, win 511, options [nop,nop,TS val 1324065219 ecr 1324065219], length 149 E...|.@.@...............B.).i$............. N...N.......x.{GQ....fD..f.....2...D9T.#3..6......#Z.{.#.F...W.....v7'./..Y..p%...FN_H.1. .I6Hm..89.qvW!}..bA...);...7.d.....".l.(..f.......36....[..B4....E 17:44:19.021110 lo In IP 127.0.0.1.55242 > 127.0.0.1.6321: Flags [.], ack 1574, win 511, options [nop,nop,TS val 1324065219 ecr 1324065219], length 0 E..4..@.@.\.............i$..B.* .....(..... N...N... 17:44:19.021135 lo In IP 127.0.0.1.6321 > 127.0.0.1.55242: Flags [F.], seq 1574, ack 549, win 511, options [nop,nop,TS val 1324065219 ecr 1324065219], length 0 E..4|.@.@...............B.* i$.......(..... N...N... 17:44:19.021999 lo In IP 127.0.0.1.55242 > 127.0.0.1.6321: Flags [P.], seq 549:573, ack 1575, win 511, options [nop,nop,TS val 1324065220 ecr 1324065219], length 24 E..L..@.@.\.............i$..B.*!.....@..... N...N........,Fj\.FBi..*...K.... 17:44:19.022015 lo In IP 127.0.0.1.6321 > 127.0.0.1.55242: Flags [.], ack 573, win 511, options [nop,nop,TS val 1324065220 ecr 1324065220], length 0 E..4|.@.@...............B.*!i$.%.....(..... N...N... 17:44:19.022552 lo In IP 127.0.0.1.55242 > 127.0.0.1.6321: Flags [F.], seq 573, ack 1575, win 512, options [nop,nop,TS val 1324065220 ecr 1324065220], length 0 E..4..@.@.\.............i$.%B.*!.....(..... N...N... 17:44:19.022567 lo In IP 127.0.0.1.6321 > 127.0.0.1.55242: Flags [.], ack 574, win 511, options [nop,nop,TS val 1324065220 ecr 1324065220], length 0 E..4..@.@.<.............B.*!i$.&....4...... N...N... 17:44:19.128045 lo In IP 127.0.0.1.55256 > 127.0.0.1.6321: Flags [S], seq 3916421631, win 65495, options [mss 65495,sackOK,TS val 1324065326 ecr 0,nop,wscale 7], length 0 E..<3.@.@................o...........0......... N........... 17:44:19.128071 lo In IP 127.0.0.1.6321 > 127.0.0.1.55256: Flags [S.], seq 411690038, ack 3916421632, win 65483, options [mss 65495,sackOK,TS val 1324065326 ecr 1324065326,nop,wscale 7], length 0 E..<..@.@.<................6.o.......0......... N...N....... 17:44:19.128093 lo In IP 127.0.0.1.55256 > 127.0.0.1.6321: Flags [.], ack 1, win 512, options [nop,nop,TS val 1324065326 ecr 1324065326], length 0 E..43.@.@................o.....7.....(..... N...N... 17:44:19.128505 lo In IP 127.0.0.1.55256 > 127.0.0.1.6321: Flags [P.], seq 1:364, ack 1, win 512, options [nop,nop,TS val 1324065326 ecr 1324065326], length 363 E...3.@.@..h.............o.....7........... N...N.......f...b...+j^........0J...........H.<.... ...2..O....`)6...{.S.t.`......r..v......./.+.0.,...'.g.(.k...................].a.W.S...........\.`.V.R.$.j.#.@. ...9.8. ...3.2.......Q.......P.=.<.5./.............. localhost......... ... ...........#.............0............. . .................................+........-.....3.&.$... .g...R..;....IP..E..yc.c-.FD.P?. 17:44:19.128525 lo In IP 127.0.0.1.6321 > 127.0.0.1.55256: Flags [.], ack 364, win 509, options [nop,nop,TS val 1324065326 ecr 1324065326], length 0 E..4=]@.@..d...............7.o.k.....(..... N...N... 17:44:19.129992 lo In IP 127.0.0.1.6321 > 127.0.0.1.55256: Flags [P.], seq 1:1425, ack 364, win 512, options [nop,nop,TS val 1324065328 ecr 1324065326], length 1424 E...=^@.@..................7.o.k........... N..0N.......z...v..f.~..P.!.i...~PW....A1.......... ...2..O....`)6...{.S.t.`......r.......+.....3.$... ....V.~.. .$...up6...u.....$$..0...........#.1.K$..k.L...I...S...................+>..i..<.X.7o..~...OX.)..xg..z..z.8.C..@.\{9}.Io....H,......V.....{.n...C....T.,u....Fa@...f^~b4.....Ip.]IP}.pAV..\"..ah`:....seA.P.p.^.C....L7 .Ts....(.u..-.Csv..:.)]..Vv...q.n a...7q0..y#.......x..p>om..It.q._....u>x.w...{.|......z.sW...{_...$A.0...L..r.....^.0y....Xr}v..zs..h.8....... ...R....7.Z.#..a..`|....E...j...^...W.@l....J[......o...ql...6.........)H6S.!GcOjv.o)...`B.$.x.4.S.........o].....\P....'.6u9]... 7.my.&...W.xKX.......].....>..@.'......~..Mp.........BG.,j..B..$.@q.....2.......=..#.&.#A..X.,..h.......f.<...b...I./..~.........`...c..h4.Mz.{owK.&..]...,.x. +.;........Y....nz2..e......O.E...>.@!.C4.d.r.....e.L.....Yl.i....CKH..... .....f.&....*...$.6b.CF....*...R#...S.(.\>.}...n....qv.?l...,...........q a...}P....N.v.S..Ar7.%2..v......."j......K.5.kj.E...7L.*...D..+...kK...t|....o..$ ..Cb...T-..1N......(.....v.K]u.5.........k".Hz.s....r...sr......a.........|W.)P;.Z..-:......6]f9.T..C.\.x.% .....63........2p.#v.^..(.....jR. ..........@j2.vrF..t....5...nT.0.N...Q......Qs.K.......v..XZ..Re:`......^7.l........r0.i...%(...F..t.h..I.....Q../ ..%.L..<..W/;.B'...O.. -}..z...|.V..V9~....->.X...t..#Y.a .5p..G@.W....d.Y.X.....}.;....4..d..f.G)1...$.%..A(..... 17:44:19.130011 lo In IP 127.0.0.1.55256 > 127.0.0.1.6321: Flags [.], ack 1425, win 502, options [nop,nop,TS val 1324065328 ecr 1324065328], length 0 E..43.@.@................o.k.........(..... N..0N..0 17:44:19.131678 lo In IP 127.0.0.1.55256 > 127.0.0.1.6321: Flags [P.], seq 364:513, ack 1425, win 512, options [nop,nop,TS val 1324065330 ecr 1324065328], length 149 E...3.@.@..<.............o.k............... N..2N..0..........5sv_.tt..o..E....x.Y ....&_...... ...{.B._..b!.w..........PK.N..v...AO.......Q8.P>|-...]s../K...i...."..nH_!.m".....f......p.[Eg.=.......JD 17:44:19.131704 lo In IP 127.0.0.1.6321 > 127.0.0.1.55256: Flags [.], ack 513, win 511, options [nop,nop,TS val 1324065330 ecr 1324065330], length 0 E..4=_@.@..b.................o.......(..... N..2N..2 17:44:19.132121 lo In IP 127.0.0.1.55256 > 127.0.0.1.6321: Flags [P.], seq 513:549, ack 1425, win 512, options [nop,nop,TS val 1324065330 ecr 1324065330], length 36 E..X3.@.@................o...........L..... N..2N..2........6.2.M..^-.....v...x....V/-!. 17:44:19.132129 lo In IP 127.0.0.1.6321 > 127.0.0.1.55256: Flags [.], ack 549, win 511, options [nop,nop,TS val 1324065330 ecr 1324065330], length 0 E..4=`@.@..a.................o.$.....(..... N..2N..2 17:44:19.132399 lo In IP 127.0.0.1.6321 > 127.0.0.1.55256: Flags [P.], seq 1425:1574, ack 549, win 512, options [nop,nop,TS val 1324065330 ecr 1324065330], length 149 E...=a@.@....................o.$........... N..2N..2....x.h..<...p..].r.*....wvK.f.....]S...K.8...%:..._...g.Y.3..*7Q..948"...z.W.....G.nn....u.X7..5"n.8X8{.f.4.....i.C7].....g........ v{.....0.KuD.g.. 17:44:19.132421 lo In IP 127.0.0.1.55256 > 127.0.0.1.6321: Flags [.], ack 1574, win 511, options [nop,nop,TS val 1324065330 ecr 1324065330], length 0 E..43.@.@................o.$...\.....(..... N..2N..2 17:44:19.132455 lo In IP 127.0.0.1.6321 > 127.0.0.1.55256: Flags [F.], seq 1574, ack 549, win 512, options [nop,nop,TS val 1324065330 ecr 1324065330], length 0 E..4=b@.@.._...............\.o.$.....(..... N..2N..2 17:44:19.134089 lo In IP 127.0.0.1.55256 > 127.0.0.1.6321: Flags [P.], seq 549:573, ack 1575, win 512, options [nop,nop,TS val 1324065332 ecr 1324065330], length 24 E..L3.@.@................o.$...].....@..... N..4N..2.......mX...J..n./JN..._ 17:44:19.134117 lo In IP 127.0.0.1.6321 > 127.0.0.1.55256: Flags [.], ack 573, win 512, options [nop,nop,TS val 1324065332 ecr 1324065332], length 0 E..4=c@.@..^...............].o.<.....(..... N..4N..4 17:44:19.135356 lo In IP 127.0.0.1.55256 > 127.0.0.1.6321: Flags [F.], seq 573, ack 1575, win 512, options [nop,nop,TS val 1324065333 ecr 1324065332], length 0 E..43.@.@................o.<...].....(..... N..5N..4 17:44:19.135373 lo In IP 127.0.0.1.6321 > 127.0.0.1.55256: Flags [.], ack 574, win 512, options [nop,nop,TS val 1324065333 ecr 1324065333], length 0 E..4..@.@.<................].o.=.....Z..... N..5N..5 17:44:19.290744 lo In IP 127.0.0.1.55272 > 127.0.0.1.6321: Flags [S], seq 1136915761, win 65495, options [mss 65495,sackOK,TS val 1324065489 ecr 0,nop,wscale 7], length 0 E..<..@.@.?.............C..1.........0......... N........... 17:44:19.290771 lo In IP 127.0.0.1.6321 > 127.0.0.1.55272: Flags [S.], seq 394292416, ack 1136915762, win 65483, options [mss 65495,sackOK,TS val 1324065489 ecr 1324065489,nop,wscale 7], length 0 E..<..@.@.<...............l.C..2.....0......... N...N....... 17:44:19.290794 lo In IP 127.0.0.1.55272 > 127.0.0.1.6321: Flags [.], ack 1, win 512, options [nop,nop,TS val 1324065489 ecr 1324065489], length 0 E..4. @.@.?.............C..2..l......(..... N...N... 17:44:19.291210 lo In IP 127.0.0.1.55272 > 127.0.0.1.6321: Flags [P.], seq 1:364, ack 1, win 512, options [nop,nop,TS val 1324065489 ecr 1324065489], length 363 E....!@.@.>5............C..2..l............ N...N.......f...b..A.Ie...1.\U.....egh.E...{x].$1.. ..{......&..*O.r.>...U...R.h.....v......./.+.0.,...'.g.(.k...................].a.W.S...........\.`.V.R.$.j.#.@. ...9.8. ...3.2.......Q.......P.=.<.5./.............. localhost......... ... ...........#.............0............. . .................................+........-.....3.&.$... .0...G......){......6..SN?..u..D 17:44:19.291236 lo In IP 127.0.0.1.6321 > 127.0.0.1.55272: Flags [.], ack 364, win 509, options [nop,nop,TS val 1324065489 ecr 1324065489], length 0 E..4n^@.@..c..............l.C........(..... N...N... 17:44:19.292732 lo In IP 127.0.0.1.6321 > 127.0.0.1.55272: Flags [P.], seq 1:1425, ack 364, win 512, options [nop,nop,TS val 1324065491 ecr 1324065489], length 1424 E...n_@.@.................l.C.............. N...N.......z...v...i.........fp. 0x[u5}.m..1`..[^. ..{......&..*O.r.>...U...R.h..........+.....3.$... q..wd..a.3Hn.Re.l..#.......B0..`.................h.:...q..cp`."........O.uL....e^Z..U...Es9B.......YPY..~!4...........P3....J....z..j.o"@...z}J8).......,.L,...H.M.Ca_.?..].....D_..X.. ..>}..{.o..Y.......- ...Kv.c.7..........O@...y. .........vcXs...k.O....4....fI`v..3Y|8.NW ..Y..2. s@.qQ.E@t.p.....f...j._..,/.t.3g...1.2....Y.1`A..M......w....]..-!..1#7.....o6C...x.....NlY8..=..> -q..m. J.>..3l..Z...eVZ.W.(.......q..sld{'Dt.h...\.......y{....e..Q5mU..%.........%<.......L..S....(vD.......k.i+27A..}.....Q..`....3qk.w......v..<.N.m..p...=...(W...|c.}.+q.O/....&.n.?...9[sD..:...-..oF.o...E...<.'...v...O..../......3.mm.).ZLq...@.....$.V?(.._.......K.4 .vk.....^2.._.....e....-.Y....1......./...\...G..;.|.........f3N......."....+>.Q.Pq.....GY;.1..5)..t..%..1h..E..v.v......w2...s../.;..2.......Y.p.....BU..r.:/.bWW... ..../B..g...y|....J"...X.l.....@........U.......[.@euM.=.tg.......;,.@.N...V.....X.....^p1."..T.@....P.0....`..gw.FP.K...A..w.R48a.W.)U0.>.Hh.$I.......+..v...(x<..K........S.....VU..IZIL.1...N..p.,.....a..f._/............TW..S....=K....uT..;.dCbx".y+[M,..J.u...R...6..\.....L.. .t..>p(..vgD>_.[.J}%......54..gg..}......vw..l.......e|.]3.0.....BG.... ..s..D.......r.n...'......X...@.k..(k|%......l<.....7...pJ. .ln......jmK....lS...@X...Kt..e..".v04)w.0K. 127.0.0.1.6321: Flags [.], ack 1425, win 502, options [nop,nop,TS val 1324065491 ecr 1324065491], length 0 E..4."@.@.?.............C.....rQ.....(..... N...N... 17:44:19.294487 lo In IP 127.0.0.1.55272 > 127.0.0.1.6321: Flags [P.], seq 364:513, ack 1425, win 512, options [nop,nop,TS val 1324065492 ecr 1324065491], length 149 E....#@.@.? ............C.....rQ........... N...N.............5^C.._.$mlrs.,.=..0.[...a.M....,.4B...E.ND7sv.+..Fl.[~....PO....\..[. A.fp4. .x..=.rq...I...U.Uc........m....A..F.!(!.....A..l.nq.nT....... 17:44:19.294511 lo In IP 127.0.0.1.6321 > 127.0.0.1.55272: Flags [.], ack 513, win 511, options [nop,nop,TS val 1324065492 ecr 1324065492], length 0 E..4n`@.@..a..............rQC..2.....(..... N...N... 17:44:19.294921 lo In IP 127.0.0.1.6321 > 127.0.0.1.55272: Flags [P.], seq 1425:1550, ack 513, win 512, options [nop,nop,TS val 1324065493 ecr 1324065492], length 125 E...na@.@.................rQC..2........... N...N.......x.m}.S.U.uD.o.....~...hy...$d..PkYG..__..+.unF......E.^..uO..\ ....&Rc.(f[....#...fv.+(...NC._I.._Z...J.a....?b...\-..x.. 17:44:19.294930 lo In IP 127.0.0.1.55272 > 127.0.0.1.6321: Flags [.], ack 1550, win 512, options [nop,nop,TS val 1324065493 ecr 1324065493], length 0 E..4.$@.@.?.............C..2..r......(..... N...N... 17:44:19.294945 lo In IP 127.0.0.1.6321 > 127.0.0.1.55272: Flags [P.], seq 1550:1574, ack 513, win 512, options [nop,nop,TS val 1324065493 ecr 1324065493], length 24 E..Lnb@.@..G..............r.C..2.....@..... N...N........... .*=.J7......EE9 17:44:19.294950 lo In IP 127.0.0.1.55272 > 127.0.0.1.6321: Flags [.], ack 1574, win 512, options [nop,nop,TS val 1324065493 ecr 1324065493], length 0 E..4.%@.@.?.............C..2..r......(..... N...N... 17:44:19.295050 lo In IP 127.0.0.1.6321 > 127.0.0.1.55272: Flags [F.], seq 1574, ack 513, win 512, options [nop,nop,TS val 1324065493 ecr 1324065493], length 0 E..4nc@.@..^..............r.C..2.....(..... N...N... 17:44:19.295124 lo In IP 127.0.0.1.55272 > 127.0.0.1.6321: Flags [P.], seq 513:549, ack 1575, win 512, options [nop,nop,TS val 1324065493 ecr 1324065493], length 36 E..X.&@.@.?w............C..2..r......L..... N...N........%A...E...f..L..}..'2+..od....~l 17:44:19.295144 lo In IP 127.0.0.1.6321 > 127.0.0.1.55272: Flags [.], ack 549, win 512, options [nop,nop,TS val 1324065493 ecr 1324065493], length 0 E..4nd@.@..]..............r.C..V.....(..... N...N... 17:44:19.296636 lo In IP 127.0.0.1.55272 > 127.0.0.1.6321: Flags [P.], seq 549:573, ack 1575, win 512, options [nop,nop,TS val 1324065495 ecr 1324065493], length 24 E..L.'@.@.?.............C..V..r......@..... N...N........Ts...V.., . ..d.... 17:44:19.296656 lo In IP 127.0.0.1.6321 > 127.0.0.1.55272: Flags [.], ack 573, win 512, options [nop,nop,TS val 1324065495 ecr 1324065495], length 0 E..4ne@.@..\..............r.C..n.....(..... N...N... 17:44:19.297397 lo In IP 127.0.0.1.55272 > 127.0.0.1.6321: Flags [F.], seq 573, ack 1575, win 512, options [nop,nop,TS val 1324065495 ecr 1324065495], length 0 E..4.(@.@.?.............C..n..r......(..... N...N... 17:44:19.297414 lo In IP 127.0.0.1.6321 > 127.0.0.1.55272: Flags [.], ack 574, win 512, options [nop,nop,TS val 1324065495 ecr 1324065495], length 0 E..4..@.@.<...............r.C..o........... N...N... 17:44:19.502867 lo In IP 127.0.0.1.55284 > 127.0.0.1.6321: Flags [S], seq 3365681196, win 65495, options [mss 65495,sackOK,TS val 1324065701 ecr 0,nop,wscale 7], length 0 E..<..@.@.................8,.........0......... N........... 17:44:19.502895 lo In IP 127.0.0.1.6321 > 127.0.0.1.55284: Flags [S.], seq 3964310087, ack 3365681197, win 65483, options [mss 65495,sackOK,TS val 1324065701 ecr 1324065701,nop,wscale 7], length 0 E..<..@.@.<..............J.G..8-.....0......... N...N....... 17:44:19.502917 lo In IP 127.0.0.1.55284 > 127.0.0.1.6321: Flags [.], ack 1, win 512, options [nop,nop,TS val 1324065701 ecr 1324065701], length 0 E..4..@.@.................8-.J.H.....(..... N...N... 17:44:19.503334 lo In IP 127.0.0.1.55284 > 127.0.0.1.6321: Flags [P.], seq 1:364, ack 1, win 512, options [nop,nop,TS val 1324065701 ecr 1324065701], length 363 E.....@.@..c..............8-.J.H........... N...N.......f...b......A%>.=./~.v.. ..p(wA..VE~.. Q .........,ON_...)....J....{......v......./.+.0.,...'.g.(.k...................].a.W.S...........\.`.V.R.$.j.#.@. ...9.8. ...3.2.......Q.......P.=.<.5./.............. localhost......... ... ...........#.............0............. . .................................+........-.....3.&.$... .~X.yb7`:.+r.B@.+..p?....C.u.... 17:44:19.503348 lo In IP 127.0.0.1.6321 > 127.0.0.1.55284: Flags [.], ack 364, win 509, options [nop,nop,TS val 1324065701 ecr 1324065701], length 0 E..4,.@.@..=.............J.H..9......(..... N...N... 17:44:19.504791 lo In IP 127.0.0.1.6321 > 127.0.0.1.55284: Flags [P.], seq 1:1425, ack 364, win 512, options [nop,nop,TS val 1324065703 ecr 1324065701], length 1424 E...,.@.@. ..............J.H..9............ N...N.......z...v....4.tD..]..}...Y~.FCs..@.J...f?. .........,ON_...)....J....{...........+.....3.$... ...T...u ..A!r.."%....q.h.i.~..K...........U.).K....G....Js.|;..5........}f3..>..o.h..9....=P..O[....C...[.....$.,."..j,)_........>.......G.D.8.. ..E.a....-.C...O.Y.zo....3...g.]NB.......;......."s.>k.}.....3"...V.].g..=...UN.0nd.P&.8...6...2d%=.Qp.8.09..v...c!]o.".-.Y..n.v.|.s.....Eh..:...w`u.&`E 8B...|....e....=1{.....2- .[..P..\g..x....6.q.% ...!...$.Q.*...t..l.W.... .s..J.c....#.Sx.X.}5....O.\...F..I..16h...k..l{....xb...;.Q>.."Y.>x. C....6..~`V4/.g=..9F..T.6gM.........C.AC .A.\y.....pP............... ZB. ....;...:2L...pY-3L...@.K-&.r.......9.....fW...p.../... 0}u.~.X.#.#..jB7.._..&..*.L_.......{_. e.A.6G.....D........w..2E\IEx.&791.#..L.Z....i......[H. .dGO.5....N.bO9b..!....9.....w..z.......28.oq}..(..w.3.|.D.Y^......[.....15....!...L.G,q..Cf(@.... ....}.$....Z._n...9O...T.....u........x;K....+.TP..]w......+T.ne....G1 ..Vn/.'j.x..P.Y.... Iu7....A.R..^n=F]q..6F....Z..JQcIJ...... Gj..? !.....sj....4.....s..(*..QG.>..2....*t.=2Y.. ..%u_w..C.#....W|.i....(!..V.].,.@..}S...:.0.......3=/.......L"VA.8'....a....nP.bQ2...|.D..&{5k'.=...:^)...6...LGb..5.......Q...11.(.V..{.....,+..>..A..7D#j........U.{.......5... ......O.4...}......)....4W.\57s..x.6d.i6.z...............-.,.|{y...z.I.w.6....M+..cG...Pthv...%.\.`.T...P%..7............2+.cws.nf.7.. r@.i;b.K.L.P.D.b9.~.(.........,.?R.......n..UED..>"w./,..|\.i.o'\m 17:44:19.504813 lo In IP 127.0.0.1.55284 > 127.0.0.1.6321: Flags [.], ack 1425, win 502, options [nop,nop,TS val 1324065703 ecr 1324065703], length 0 E..4..@.@.................9..J.......(..... N...N... 17:44:19.506477 lo In IP 127.0.0.1.55284 > 127.0.0.1.6321: Flags [P.], seq 364:513, ack 1425, win 512, options [nop,nop,TS val 1324065704 ecr 1324065703], length 149 E.....@.@..7..............9..J............. N...N.............5...q=..b..`.....N.83.~V...!2..9..D...ojD.....l.R. .......Py........&+t=:...Y..x$......--K.....~..$....D......5[...q:_#.X..P.UvG.`U...J.... 17:44:19.506502 lo In IP 127.0.0.1.6321 > 127.0.0.1.55284: Flags [.], ack 513, win 511, options [nop,nop,TS val 1324065704 ecr 1324065704], length 0 E..4,.@.@..;.............J....:-.....(..... N...N... 17:44:19.507006 lo In IP 127.0.0.1.6321 > 127.0.0.1.55284: Flags [P.], seq 1425:1550, ack 513, win 512, options [nop,nop,TS val 1324065705 ecr 1324065704], length 125 E...,.@.@................J....:-........... N...N.......x........d.....@.w.=...DT....C..p=.zm..nL...Q...I."'!Y]...yag.....g..H..Q....s-TuC.0.+.|I.G.H`w......%....H.U....:...1.e. 17:44:19.507014 lo In IP 127.0.0.1.55284 > 127.0.0.1.6321: Flags [.], ack 1550, win 512, options [nop,nop,TS val 1324065705 ecr 1324065705], length 0 E..4..@.@.................:-.J.U.....(..... N...N... 17:44:19.507140 lo In IP 127.0.0.1.55284 > 127.0.0.1.6321: Flags [P.], seq 513:549, ack 1550, win 512, options [nop,nop,TS val 1324065705 ecr 1324065705], length 36 E..X..@.@.................:-.J.U.....L..... N...N........T..GK.....$...*...Q..."y.../~_. 17:44:19.507149 lo In IP 127.0.0.1.6321 > 127.0.0.1.55284: Flags [.], ack 549, win 512, options [nop,nop,TS val 1324065705 ecr 1324065705], length 0 E..4,.@.@..9.............J.U..:Q.....(..... N...N... 17:44:19.507180 lo In IP 127.0.0.1.6321 > 127.0.0.1.55284: Flags [P.], seq 1550:1574, ack 549, win 512, options [nop,nop,TS val 1324065705 ecr 1324065705], length 24 E..L,.@.@.. .............J.U..:Q.....@..... N...N........<....wQ.w.x ......r 17:44:19.507193 lo In IP 127.0.0.1.55284 > 127.0.0.1.6321: Flags [.], ack 1574, win 512, options [nop,nop,TS val 1324065705 ecr 1324065705], length 0 E..4..@.@.................:Q.J.m.....(..... N...N... 17:44:19.507220 lo In IP 127.0.0.1.6321 > 127.0.0.1.55284: Flags [F.], seq 1574, ack 549, win 512, options [nop,nop,TS val 1324065705 ecr 1324065705], length 0 E..4,.@.@..7.............J.m..:Q.....(..... N...N... 17:44:19.508642 lo In IP 127.0.0.1.55284 > 127.0.0.1.6321: Flags [P.], seq 549:573, ack 1575, win 512, options [nop,nop,TS val 1324065707 ecr 1324065705], length 24 E..L..@.@.................:Q.J.n.....@..... N...N...........0..b@.......F.*. 17:44:19.508666 lo In IP 127.0.0.1.6321 > 127.0.0.1.55284: Flags [.], ack 573, win 512, options [nop,nop,TS val 1324065707 ecr 1324065707], length 0 E..4,.@.@..6.............J.n..:i.....(..... N...N... 17:44:19.509482 lo In IP 127.0.0.1.55284 > 127.0.0.1.6321: Flags [F.], seq 573, ack 1575, win 512, options [nop,nop,TS val 1324065707 ecr 1324065707], length 0 E..4..@.@.................:i.J.n.....(..... N...N... 17:44:19.509499 lo In IP 127.0.0.1.6321 > 127.0.0.1.55284: Flags [.], ack 574, win 512, options [nop,nop,TS val 1324065707 ecr 1324065707], length 0 E..4..@.@.<..............J.n..:j.....'..... N...N...

I confirmed regular https traffic is fine using a similar gateway config on localhost.

Any suggestions?

farisam commented 1 year ago

hi @ferbs , what are you doing to fix the issue?

ferbs commented 1 year ago

I had been trying it in Caddy using a "rediss:" site block protocol, which it seemed to accept. Turns out it wasn't actually applying their L4 proxy, it was treating it as an http/L7 endpoint. My impression is that their L4 proxy is experimental but under active development, so I'm waiting. If I run out of time waiting, I might try to apply the Caddy-managed acme certs to redis, or else move it to a subdomain and figure out some other proxy, maybe stunnel, their separate L4 app, or something else.

On 1 Aug 2023, at 1:43, farisam wrote:

hi @ferbs , what are you doing to fix the issue?

-- Reply to this email directly or view it on GitHub: https://github.com/redis/ioredis/issues/1696#issuecomment-1659603432 You are receiving this because you were mentioned.

Message ID: @.***>