Reloading res_pjsip causes unsupported transport errors

I am trying to reload res_pjsip.so to apply config changes. I have made certain transports reloadable as my understanding of the docs is that reloading those might cause dropped calls if they are reloaded but there shouldn’t be any other issues.

However, I am seeing this after doing a reload:

Asterisk*CLI> module reload res_pjsip.so
Module 'res_pjsip.so' reloaded successfully.
[Nov 12 15:04:14] NOTICE[4025]: sorcery.c:1348 sorcery_object_load: Type 'system' is not reloadable, maintaining previous values
[Nov 12 15:04:16] ERROR[4025]: res_pjsip.c:1621 endpt_send_request: Error 171060 'Unsupported transport (PJSIP_EUNSUPTRANSPORT)' sending OPTIONS request to endpoint IP-Phone-1

Is this “normal”/intended? The endpoint in question seems to switch to “Unavailable” when I check with pjsip show endpoints so I believe I effectively knocked offline that endpoint? It seems to only affect UDP transports as far as I can see.

There is a race condition which can cause transports to not be recreated - which is why it’s disabled by default and it is recommended to not enable it. These days most things of a transport can be reloaded - such as local_net, external_*. Bind can’t though, or the port.

But for a TLS transport it’s needed on certificate changes, right? So it should be disabled on all transport except TLS transports, correct? And even then there’s a small risk of that race condition causing issues? The transport was still listed in the pjsip show transports, so is there any chance to detect it and re-try a reload if it failed? Or are there plans to somehow fix the race condition?

It already tries to work around the race condition. There is no fixing it, without changing how PJSIP itself handles transports. It’s not an Asterisk side limitation.

And no, recent versions do not require allow_reload in order to reload certificates[1].

[1] [ASTERISK-30186] res_pjsip: Add support for reloading TLS certificate and key information - Digium/Asterisk JIRA

I found that issue ticket aswell but for me it wasn’t clear that it’s actually about a non-reloadable transport or being able to replace certificates in general. Maybe that could be clarified in the ticket (or somewhere else) so others don’t misunderstand it.