TLS Handshake failure

Hi,

I’m getting a TLS handshake failure for the past day or so on my bespoke Piaware setup. I responded to the auto alert I got from the site and was told nothing’s wrong on the server side, but nothing’s changed at my end either. Here’s the log of when it popped:

02/15/2017 03:22:20 64092298 msgs recv’d from dump1090-mutabi (2165 in last 5m); 63842431 msgs sent to FlightAware
02/15/2017 03:25:03 mlat-client(20212): Receiver status: connected
02/15/2017 03:25:03 mlat-client(20212): Server status: synchronized with 3 nearby receivers
02/15/2017 03:25:03 mlat-client(20212): Receiver: 257.7 msg/s received 87.6 msg/s processed (34%)
02/15/2017 03:25:03 mlat-client(20212): Server: 0.0 kB/s from server 0.0kB/s TCP to server 0.4kB/s UDP to server
02/15/2017 03:25:03 mlat-client(20212): Aircraft: 1 of 14 Mode S, 5 of 30 ADS-B used
02/15/2017 03:26:47 timed out waiting for alive message from FlightAware, reconnecting…
02/15/2017 03:26:47 multilateration data no longer required, disabling mlat client
02/15/2017 03:26:48 fa-mlat-client exited normally
02/15/2017 03:26:48 reconnecting in 61 seconds…
02/15/2017 03:26:48 mlat-client(20212): Disconnecting from localhost:30005: Lost connection to multilateration server, no need for input data
02/15/2017 03:26:48 mlat-client(20212): Exiting on connection loss
02/15/2017 03:27:20 64094204 msgs recv’d from dump1090-mutabi (1906 in last 5m); 63844126 msgs sent to FlightAware
02/15/2017 03:27:49 Connecting to FlightAware adept server at piaware.flightaware.com/1200
02/15/2017 03:27:50 Connection with adept server at piaware.flightaware.com/1200 established
02/15/2017 03:27:50 TLS handshake with adept server at piaware.flightaware.com/1200 failed: handshake failed: connection reset by peer
02/15/2017 03:27:50 reconnecting in 69 seconds…

I have no connectivity problems, uploads to other sites are working fine and so is dump1090-mutability (running v1.15 dev)

Does anyone have any idea what’s gone wrong? I did a manual update from 3.1.0 TO 3.3.0 via the repositories/apt-get, but that hasn’t solved anything. Any suggestions are welcome.

Thanks
Jayant

How interesting. I came to the forum this morning to see if there had been a piaware server outage as I had the same anomaly at 08:18 UTC today, 2/16/2017.

Cutting to the chase, I have concluded that there was a failure of my wireless connection at that hour, rare in my system as it has been extremely stable for over two years. I looked at other status pages of those in my area and saw that their connections were uninterrupted. I also found that I had not been communicating with Flightradar24 so that convinced me that I had a local issue. Power cycling my pi restored everything to normal

Are you communicating with your Pi via SSH or through a keyboard and monitor? Can you ping the piaware server or other places on the WAN from your Pi? You may want to traceroute to the piaware server to see if there is a routing issue from your location.

Good luck!

TD

I run a headless Pi, so I do use SSH to get into it. Never had a monitor or keyboard on it. And yes, I tried powercycling the Pi - killed my 126 day uptime! :frowning:
I’m able to communicate perfectly with it, it’s able to connect to NTP, uploads to other radar sites are fine. Doesn’t seem to be a network issue at this end.

Also doesn’t seem to be a routing issue, since it connects to the FA server, but can’t negotiate the TLS handshake. Maybe I need to look at the authentication:

02/15/2017 03:27:50 Connection with adept server at piaware.flightaware.com/1200 established

Will try to traceroute the FA servers from my Pi tomorrow. Don’t have remote access to it from where I am right now. This one has me stumped for now!

If it’s a persistent thing it may be a path MTU discovery issue somewhere between your Pi and the FA servers.

Last we saw of your Pi was a connection timeout at Feb 15 03:27:08 UTC and nothing since. I don’t see any connection attempts subsequently from the same IP (not even pre-TLS-handshake). That actually kinda rules out path MTU. Maybe your ISP has decided to start blocking things…

Thanks Oliver. I’m going to try a traceroute when I can get into my Pi tomorrow sometime. I’m a little perplexed because everything else is still working fine on the Pi. No anomalies with Planefinder or FR24.

I have a static IP so any subsequent connections should come from the same address.

Sent from my ONE A2003 using Tapatalk

Update: Not sure what happened, but it seems to have fixed itself:

Feb 17 03:32:23 minibian piaware[1474]: Connection with adept server at 70.42.6.197/1200 established
Feb 17 03:32:23 minibian piaware[1474]: TLS handshake with adept server at 70.42.6.197/1200 failed: handshake failed: connection reset by peer
Feb 17 03:32:23 minibian piaware[1474]: reconnecting in 55 seconds…
Feb 17 03:33:18 minibian piaware[1474]: Connecting to FlightAware adept server at 70.42.6.198/1200
Feb 17 03:33:18 minibian piaware[1474]: Connection with adept server at 70.42.6.198/1200 established
Feb 17 03:33:19 minibian piaware[1474]: TLS handshake with adept server at 70.42.6.198/1200 completed
Feb 17 03:33:19 minibian piaware[1474]: FlightAware server certificate validated
Feb 17 03:33:19 minibian piaware[1474]: encrypted session established with FlightAware

Best
Jayant