Step one: the outbound flow triggers a SNIPPET action to serialize call metadata before handing off to a BYOC internal scoring engine. The environment runs CXone 23.11 with Edge Gateway 2.4.1 deployed in a eu-west-2 private VPC. The SNIPPET block grabs {{conversation.id}} and {{participant.phone_number}}, wraps it in a JSON payload, and sends a POST to /api/v2/broc/scoring. Step two: the REST Proxy forwards the request through the edge tunnel. Response code sits at 200 for the first two test runs. Step three: once the queue ramps past 15 concurrent sessions, the edge node starts dropping packets. Studio debug logs show ERR_CONNECTION_RESET right after the TLS handshake completes. The payload isn’t even hitting the internal gateway.
Checked the edge firewall rules. Nothing blocking port 443. The SNIPPET action timeout is set to 8000ms, which should be plenty for a local BYOC endpoint. Swapped the REST Proxy to use application/x-www-form-urlencoded just to rule out JSON parsing hiccups on the edge router. Didn’t help. The connection still drops mid-stream. Makes zero sense given the local latency sits at 4ms.
Looks like the edge tunnel is throttling outbound SNIPPET traffic when the session count spikes. The X-Forwarded-For header gets stripped somewhere between the Studio runtime and the edge proxy, so the internal WAF flags it as suspicious. Adding a custom header X-Edge-Source: studio in the SNIPPET config didn’t bypass the drop. The WAF rules don’t even log the drop.
Payload config sits at: {"method": "POST", "url": "/api/v2/broc/scoring", "headers": {"Content-Type": "application/json", "X-Edge-Source": "studio"}, "body": "{{payload.serialized}}"}
Debug trace shows the TCP SYN-ACK never returns from the edge node after the third retry. The edge health dashboard reports healthy across all three availability zones. Packet capture shows the RST flag originates from 10.0.4.22.