Hi all,
I noticed some strange behavior during some testing of our OPCUA server using UaExpert (version 1.4.4).
The server runs the UnifiedAutomation High Performance server stack.
Sometimes the connection to the server is lost. UaExpert is complaining about invalid sequence numbers. Please see the attached image of the UaExpert log.
Further investigations on the topic we're made using Wireshark. Please see the the following information.
- UaExperts client stack polls the server status node every 5 seconds (that's fine)
- The secure channel is renewed every 270 seconds (that's also fine)
- Since the server is an embedded device it takes quite long to process the secure channel renewal message (like close to 1sec)
- The polling of the server status and the secure channel renewal do not seem to be synchronized (seems to be problematic)
- So sometimes it happens that the client sends the secure channel renewal and right afterwards a server status read request (before receiving the secure channel renewal response, see attached Wireshark log)
- This seems to mess up the sequence numbers, since the read response is received before the secure channel renewal response (Wireshark packet #668 has sequency number 190, which is the sequence number UaExpert is complaining about)
I'd guess that the polling of the server status should be paused until the secure channel was successfully renewed...
Have you ever noticed this issue? This could probably happen with every server but of course the chance drastically increases when the server takes a long time to process the renewal message.
I'd be glad if someone could give me some pointers regarding the issue. Thanks in advance.
_______________
Edit: Unfortunately i'm not able to add any attachements ["Sorry, the board attachment quota has been reached"].
Please see this links for the images:
https://picload.org/view/dgrawlpa/uaexpert-log.png.html
https://picload.org/view/dgrawlpl/wireshark.png.html
Invalid sequence number during secure channel renewal
Moderator: uaexpert
-
dspindle1
- Jr. Member
- Posts: 1
- Joined: 12 Sep 2017, 07:39
-
Support Team
- Hero Member
- Posts: 3068
- Joined: 18 Mar 2011, 15:09
Re: Invalid sequence number during secure channel renewal
Hello,
this is a known problem that we are working on.
This will be fixed in the release of V1.1.0.
this is a known problem that we are working on.
This will be fixed in the release of V1.1.0.
Best regards
Unified Automation Support Team
Unified Automation Support Team