Client immediate disconnect from TLS-TCP connection (sending FIN) when running on docker container

Question

I'm trying to connect to a remote FIX server from my FIX client. client is implemented using Nodejs (version 16.5), using Fixparser library. The connection is done via a TLS-TCP.

When running the FIX client from my local environment the communication works well. I noticed (via tcpdump) that when the FIX client is running on the docker environment it initiates the termination of the connection (sending FIN message), it is not happening when running locally (not on a docker).

any idea what can be the issue?

below tcpdump output from local and docker enviroments.

tcpdump from local run

14:05:42.637329 IP zivs-mbp.localdomain.54373 > **************.11501: Flags [S], seq 1574820944, win 65535, options [mss 1460,nop,wscale 6,nop,nop,TS val 852213485 ecr 0,sackOK,eol], length 0
14:05:42.645653 IP **************.11501 > zivs-mbp.localdomain.54373: Flags [S.], seq 2703661640, ack 1574820945, win 65160, options [mss 1400,sackOK,TS val 2245376940 ecr 852213485,nop,wscale 13], length 0
14:05:42.645795 IP zivs-mbp.localdomain.54373 > **************.11501: Flags [.], ack 1, win 2060, options [nop,nop,TS val 852213494 ecr 2245376940], length 0
14:05:42.645907 IP zivs-mbp.localdomain.54373 > **************.11501: Flags [P.], seq 1:346, ack 1, win 2060, options [nop,nop,TS val 852213494 ecr 2245376940], length 345
14:05:42.650097 IP **************.11501 > zivs-mbp.localdomain.54373: Flags [.], ack 346, win 7, options [nop,nop,TS val 2245376947 ecr 852213494], length 0
14:05:43.100363 IP **************.11501 > zivs-mbp.localdomain.54373: Flags [P.], seq 1:1309, ack 346, win 8, options [nop,nop,TS val 2245377347 ecr 852213494], length 1308
14:05:43.100375 IP **************.11501 > zivs-mbp.localdomain.54373: Flags [P.], seq 1309:2084, ack 346, win 8, options [nop,nop,TS val 2245377347 ecr 852213494], length 775
14:05:43.100377 IP **************.11501 > zivs-mbp.localdomain.54373: Flags [P.], seq 1309:2084, ack 346, win 8, options [nop,nop,TS val 2245377363 ecr 852213494], length 775
14:05:43.100617 IP zivs-mbp.localdomain.54373 > **************.11501: Flags [.], ack 2084, win 2027, options [nop,nop,TS val 852213948 ecr 2245377347], length 0
14:05:43.100824 IP zivs-mbp.localdomain.54373 > **************.11501: Flags [.], ack 2084, win 2027, options [nop,nop,TS val 852213948 ecr 2245377363,nop,nop,sack 1 {1309:2084}], length 0
14:05:43.105797 IP zivs-mbp.localdomain.54373 > **************.11501: Flags [P.], seq 346:688, ack 2084, win 2048, options [nop,nop,TS val 852213954 ecr 2245377363], length 342
14:05:43.111169 IP **************.11501 > zivs-mbp.localdomain.54373: Flags [.], ack 688, win 7, options [nop,nop,TS val 2245377407 ecr 852213954], length 0
14:05:43.312914 IP **************.11501 > zivs-mbp.localdomain.54373: Flags [P.], seq 2084:2159, ack 688, win 8, options [nop,nop,TS val 2245377609 ecr 852213954], length 75
14:05:43.313132 IP zivs-mbp.localdomain.54373 > **************.11501: Flags [.], ack 2159, win 2046, options [nop,nop,TS val 852214161 ecr 2245377609], length 0
14:05:43.319529 IP zivs-mbp.localdomain.54373 > **************.11501: Flags [P.], seq 688:885, ack 2159, win 2048, options [nop,nop,TS val 852214167 ecr 2245377609], length 197
14:05:43.324841 IP **************.11501 > zivs-mbp.localdomain.54373: Flags [.], ack 885, win 7, options [nop,nop,TS val 2245377621 ecr 852214167], length 0
14:05:43.526019 IP **************.11501 > zivs-mbp.localdomain.54373: Flags [P.], seq 2159:2324, ack 885, win 8, options [nop,nop,TS val 2245377822 ecr 852214167], length 165
14:05:43.526208 IP zivs-mbp.localdomain.54373 > **************.11501: Flags [.], ack 2324, win 2045, options [nop,nop,TS val 852214374 ecr 2245377822], length 0

When running the client from docker container / k8s POD the connection is terminated by my client, my client sends a FIN message.

16:08:03.787854 IP zivs-mbp.localdomain.63864 > **************.11501: Flags [S], seq 3842572717, win 65535, options [mss 1460,nop,wscale 6,nop,nop,TS val 3635174646 ecr 0,sackOK,eol], length 0
16:08:03.808631 IP **************.11501 > zivs-mbp.localdomain.63864: Flags [S.], seq 303091793, ack 3842572718, win 65160, options [mss 1400,sackOK,TS val 2881452965 ecr 3635174646,nop,wscale 13], length 0
16:08:03.808782 IP zivs-mbp.localdomain.63864 > **************.11501: Flags [.], ack 1, win 2060, options [nop,nop,TS val 3635174667 ecr 2881452965], length 0
16:08:03.811658 IP zivs-mbp.localdomain.63861 > **************.11501: Flags [P.], seq 937292396:937292745, ack 2651197897, win 2060, options [nop,nop,TS val 2622543796 ecr 686022571], length 349

16:08:03.834361 IP **************.11501 > zivs-mbp.localdomain.63861: Flags [.], ack 349, win 7, options [nop,nop,TS val 686029400 ecr 2622543796], length 0
16:08:04.031762 IP **************.11501 > zivs-mbp.localdomain.63861: Flags [P.], seq 1:1309, ack 349, win 8, options [nop,nop,TS val 686029607 ecr 2622543796], length 1308
16:08:04.031766 IP **************.11501 > zivs-mbp.localdomain.63861: Flags [P.], seq 1309:2084, ack 349, win 8, options [nop,nop,TS val 686029607 ecr 2622543796], length 775
16:08:04.031968 IP zivs-mbp.localdomain.63861 > **************.11501: Flags [.], ack 2084, win 2027, options [nop,nop,TS val 2622544016 ecr 686029607], length 0

16:08:04.037704 IP zivs-mbp.localdomain.63861 > **************.11501: Flags [P.], seq 349:691, ack 2084, win 2048, options [nop,nop,TS val 2622544022 ecr 686029607], length 342
16:08:04.043687 IP **************.11501 > zivs-mbp.localdomain.63861: Flags [.], ack 691, win 7, options [nop,nop,TS val 686029623 ecr 2622544022], length 0
16:08:04.254646 IP **************.11501 > zivs-mbp.localdomain.63861: Flags [P.], seq 2084:2159, ack 691, win 8, options [nop,nop,TS val 686029833 ecr 2622544022], length 75
16:08:04.254849 IP zivs-mbp.localdomain.63861 > **************.11501: Flags [.], ack 2159, win 2046, options [nop,nop,TS val 2622544239 ecr 686029833], length 0

16:08:04.266238 IP zivs-mbp.localdomain.63861 > **************.11501: Flags [P.], seq 691:941, ack 2159, win 2048, options [nop,nop,TS val 2622544250 ecr 686029833], length 250
**16:08:04.266489 IP zivs-mbp.localdomain.63861 > **************.11501: Flags [F.], seq 941, ack 2159, win 2048, options [nop,nop,TS val 2622544250 ecr 686029833], length 0**
16:08:04.272919 IP **************.11501 > zivs-mbp.localdomain.63861: Flags [.], ack 941, win 7, options [nop,nop,TS val 686029854 ecr 2622544250], length 0
16:08:04.314057 IP **************.11501 > zivs-mbp.localdomain.63861: Flags [.], ack 942, win 8, options [nop,nop,TS val 686029895 ecr 2622544250], length 0

16:08:04.482047 IP **************.11501 > zivs-mbp.localdomain.63861: Flags [F.], seq 2159, ack 942, win 8, options [nop,nop,TS val 686030060 ecr 2622544250], length 0
16:08:04.482372 IP zivs-mbp.localdomain.63861 > **************.11501: Flags [.], ack 2160, win 2048, options [nop,nop,TS val 2622544466 ecr 686030060], length 0

on the docker environment I tried:

1. Upgrade the Nodejs version to 20 - there is a TLS issue on Nodejs 16.5
2. Change the base image from bullseye to alpine - maybe there are different tcp settings.
3. Try to run the image using the host network (--network=host) - make sure all ports are open.
4. tried to reduce the docker default mtu (on docker daemon.json) to 1200.