- How come this setting causes BYOC Edge connectivity drops during Zendesk voice migration? We are currently migrating our Zendesk Talk infrastructure to Genesys Cloud using a Bring Your Own Cloud (BYOC) deployment with an AWS Edge. The environment is set up in the eu-west-1 region to align with our Paris-based operations. In Zendesk, the voice channel was stable, but here we face significant jitter and dropped registrations.
- The specific issue occurs when the Edge attempts to register with the Genesys Cloud Control Plane. We see intermittent 503 Service Unavailable errors in the Edge logs. The logs indicate a handshake failure between the Edge and the GC platform. This happens roughly every 15 minutes. It disrupts the agent availability status. Agents show as offline in the GC interface even though they are logged in.
- We are using the Genesys Cloud Edge version 2023-12.1. The Zendesk integration relies on the standard SIP trunking model. We mapped the Zendesk phone numbers to GC SIP trunks. The routing rules are straightforward. We do not use complex predictive routing at this stage. The problem seems isolated to the network connectivity layer.
- The error message in the Edge console reads: “Connection reset by peer during TLS handshake.” This suggests a network or certificate issue. However, the certificates are valid. The AWS security groups allow traffic on ports 443 and 5060-5080. We have verified the inbound and outbound rules multiple times.
- In Zendesk, we did not manage edge nodes or TLS handshakes manually. The platform handled it. Now, as a beginner in GC admin, I am struggling with the infrastructure side. The documentation mentions checking the clock skew. We have synced the NTP on the EC2 instances hosting the Edge. The time difference is less than 100 milliseconds.
- I suspect the issue might be related to the VPC configuration. The Edge is in a private subnet. It uses a NAT gateway for outbound traffic. The Zendesk migration guide does not cover NAT gateway configurations for BYOC. Is there a specific DNS resolution requirement for the Edge? We are using AWS Route53 for internal DNS.
- Any advice on troubleshooting the TLS handshake failure would be appreciated. We need to stabilize the connection before going live with the full agent team. The current setup is too unstable for production use.