I use Eclipse Milo Client SDK 0.2.2 against a KEPServerEX version 5.2 and I sometimes lose the connection. In my log I got these stacktraces:
ERROR 5048 --- [hared-pool-1693] o.e.m.o.s.c.h.UaTcpClientMessageHandler : Error decoding asymmetric message: expected sequence number 1140680 but received 1140681
org.eclipse.milo.opcua.stack.core.UaException: expected sequence number 1140680 but received 1140681
at org.eclipse.milo.opcua.stack.core.channel.ChunkDecoder$AbstractDecoder.decode(ChunkDecoder.java:166)
at org.eclipse.milo.opcua.stack.core.channel.ChunkDecoder.decode(ChunkDecoder.java:83)
at org.eclipse.milo.opcua.stack.core.channel.ChunkDecoder.decodeAsymmetric(ChunkDecoder.java:63)
at org.eclipse.milo.opcua.stack.client.handlers.UaTcpClientMessageHandler.lambda$onOpenSecureChannel$6(UaTcpClientMessageHandler.java:492)
at org.eclipse.milo.opcua.stack.core.channel.SerializationQueue.lambda$decode$1(SerializationQueue.java:64)
at org.eclipse.milo.opcua.stack.core.util.ExecutionQueue$PollAndExecute.run(ExecutionQueue.java:107)
ERROR 5048 --- [hared-pool-1677] o.e.m.o.s.c.h.UaTcpClientMessageHandler : Error validating chunk headers: received unknown secure channel token: tokenId=57 currentTokenId=56 previousTokenId=55
org.eclipse.milo.opcua.stack.core.UaException: received unknown secure channel token: tokenId=57 currentTokenId=56 previousTokenId=55
at org.eclipse.milo.opcua.stack.client.handlers.UaTcpClientMessageHandler.validateChunkHeaders(UaTcpClientMessageHandler.java:704)
at org.eclipse.milo.opcua.stack.client.handlers.UaTcpClientMessageHandler.lambda$onSecureMessage$10(UaTcpClientMessageHandler.java:621)
at org.eclipse.milo.opcua.stack.core.channel.SerializationQueue.lambda$decode$1(SerializationQueue.java:64)
at org.eclipse.milo.opcua.stack.core.util.ExecutionQueue$PollAndExecute.run(ExecutionQueue.java:107)
I have a thread in my code that keeps the session open forever by polling a specific tag on the server each 5 minutes. The read timeouts started to happen exactly one hour after the token error. I suspect that I'm not allowed to renew/extend the session length after the token error occured. After that I was not able to use the session anymore.
Is this expected behaviour from an OPC server and should I handle it?
I know I can handle the timeout in my keep-session-open-thread, maybe disconnect and create a new session, but is there a more elegant way to do this?
There's nothing (in code) you should have to do here.
You may need to upgrade KEPServerEX to a more recent version. There's also a more recent version of Milo available (0.2.4) but I don't think there's been any issue like this identified or fixed.
It looks like what is happening is either:
1) KSE spuriously sends a chunk secured with a token from the future.
2) KSE receives a secure channel renewal request and before it has sent the response it uses the new token to secure a chunk. (this is more likely to be the cause, and actually sounds vaguely familiar)