[SR-Users] [SOLVED]: rtpengine no voice when working between DTLS-SRTP endpoints
Aqs Younas
aqsyounas at gmail.com
Wed Apr 11 17:18:28 CEST 2018
DTLS=passive solved it.
Thanks guys.
On Tue, 10 Apr 2018, 11:37 pm Aqs Younas, <aqsyounas at gmail.com> wrote:
> Sometimes, I see below logs in RTP engine.
>
>
> Apr 10 17:59:21 centos-1024mb-nyc-02 rtpengine[65101]: INFO:
> [24b95195-3da3-4e12-8400-5fcf908183e5]: Received command 'answer' from
> 127.0.0.1:44933
> Apr 10 17:59:21 centos-1024mb-nyc-02 rtpengine[65101]: INFO:
> [24b95195-3da3-4e12-8400-5fcf908183e5]: answer time = 0.000163 sec
> Apr 10 17:59:21 centos-1024mb-nyc-02 rtpengine[65101]: INFO:
> [24b95195-3da3-4e12-8400-5fcf908183e5]: Replying to 'answer' from
> 127.0.0.1:44933
> [1523383161.279950] ERR: [24b95195-3da3-4e12-8400-5fcf908183e5 port
> 8268]: SRTP output wanted, but no crypto suite was negotiated
> Apr 10 17:59:21 centos-1024mb-nyc-02 rtpengine[65101]: ERR:
> [24b95195-3da3-4e12-8400-5fcf908183e5 port 8268]: SRTP output wanted, but
> no crypto suite was negotiated
> Apr 10 17:59:25 centos-1024mb-nyc-02 rtpengine[65101]: INFO:
> [24b95195-3da3-4e12-8400-5fcf908183e5 port 8268]: Confirmed peer address
> as 72.214.35.171:64834
> [1523383171.481023] ERR: [24b95195-3da3-4e12-8400-5fcf908183e5 port
> 8269]: SRTCP output wanted, but no crypto suite was negotiated
> Apr 10 17:59:31 centos-1024mb-nyc-02 rtpengine[65101]: ERR:
> [24b95195-3da3-4e12-8400-5fcf908183e5 port 8269]: SRTCP output wanted, but
> no crypto suite was negotiated
> Apr 10 17:59:31 centos-1024mb-nyc-02 rtpengine[65101]: INFO:
> [24b95195-3da3-4e12-8400-5fcf908183e5 port 8269]: Confirmed peer address
> as 72.214.35.171:50108
> [1523383176.025296] ERR: [24b95195-3da3-4e12-8400-5fcf908183e5 port
> 8268]: SRTP output wanted, but no crypto suite was negotiated
> Apr 10 17:59:36 centos-1024mb-nyc-02 rtpengine[65101]: ERR:
> [24b95195-3da3-4e12-8400-5fcf908183e5 port 8268]: SRTP output wanted, but
> no crypto suite was negotiated
> [1523383186.000280] ERR: [02d8ccfb-831e-4a81-bd2b-09b007d39209]: DTLS
> error: 1 (read timeout expired)
> [1523383186.000335] ERR: [02d8ccfb-831e-4a81-bd2b-09b007d39209]: DTLS
> error on local port 8248
> [1523383186.000419] ERR: [02d8ccfb-831e-4a81-bd2b-09b007d39209]: DTLS
> error: 1 (read timeout expired)
> [1523383186.000429] ERR: [02d8ccfb-831e-4a81-bd2b-09b007d39209]: DTLS
> error on local port 8249
> *Apr 10 17:59:46 centos-1024mb-nyc-02 rtpengine[65101]: ERR:
> [02d8ccfb-831e-4a81-bd2b-09b007d39209]: DTLS error: 1 (read timeout
> expired)*
> *Apr 10 17:59:46 centos-1024mb-nyc-02 rtpengine[65101]: ERR:
> [02d8ccfb-831e-4a81-bd2b-09b007d39209]: DTLS error on local port 8248*
> *Apr 10 17:59:46 centos-1024mb-nyc-02 rtpengine[65101]: ERR:
> [02d8ccfb-831e-4a81-bd2b-09b007d39209]: DTLS error: 1 (read timeout
> expired)*
> *Apr 10 17:59:46 centos-1024mb-nyc-02 rtpengine[65101]: ERR:
> [02d8ccfb-831e-4a81-bd2b-09b007d39209]: DTLS error on local port 8249*
> *Apr 10 18:00:41 centos-1024mb-nyc-02 rtpengine[65101]: INFO:
> [24b95195-3da3-4e12-8400-5fcf908183e5]: Closing call due to timeout*
> Apr 10 18:00:41 centos-1024mb-nyc-02 rtpengine[65101]: INFO:
> [24b95195-3da3-4e12-8400-5fcf908183e5]: Final packet stats:
> Apr 10 18:00:41 centos-1024mb-nyc-02 rtpengine[65101]: INFO:
> [24b95195-3da3-4e12-8400-5fcf908183e5]: --- Tag
> 'f6d2237d-f960-4542-b138-f39a7fb52770', created 1:32 ago for branch '', in
> dialogue with '6bdf30d1-2da6-4b6d-b917-aaa720c9c1fa'
> Apr 10 18:00:41 centos-1024mb-nyc-02 rtpengine[65101]: INFO:
> [24b95195-3da3-4e12-8400-5fcf908183e5]: ------ Media #1 (audio over
> UDP/TLS/RTP/SAVP) using unknown codec
> *Apr 10 18:00:41 centos-1024mb-nyc-02 rtpengine[65101]: INFO:
> [24b95195-3da3-4e12-8400-5fcf908183e5]: --------- Port 209.182.216.71:8288
> <http://209.182.216.71:8288> <> 100.84.103.245:4002
> <http://100.84.103.245:4002> , SSRC 0, 0 p, 0 b, 0 e, 92 ts*
> *Apr 10 18:00:41 centos-1024mb-nyc-02 rtpengine[65101]: INFO:
> [24b95195-3da3-4e12-8400-5fcf908183e5]: --------- Port 209.182.216.71:8289
> <http://209.182.216.71:8289> <> 100.84.103.245:4003
> <http://100.84.103.245:4003> (RTCP), SSRC 0, 0 p, 0 b, 0 e, 92 ts*
> Apr 10 18:00:41 centos-1024mb-nyc-02 rtpengine[65101]: INFO:
> [24b95195-3da3-4e12-8400-5fcf908183e5]: --- Tag
> '6bdf30d1-2da6-4b6d-b917-aaa720c9c1fa', created 1:32 ago for branch '', in
> dialogue with 'f6d2237d-f960-4542-b138-f39a7fb52770'
> Apr 10 18:00:41 centos-1024mb-nyc-02 rtpengine[65101]: INFO:
> [24b95195-3da3-4e12-8400-5fcf908183e5]: ------ Media #1 (audio over
> UDP/TLS/RTP/SAVP) using G722/8000
> Apr 10 18:00:41 centos-1024mb-nyc-02 rtpengine[65101]: INFO:
> [24b95195-3da3-4e12-8400-5fcf908183e5]: --------- Port
> 209.182.216.71:8268 <> 72.214.35.171:64834, SSRC 653128b4, 935 p,
> 160820 b, 0 e, 60 ts
> Apr 10 18:00:41 centos-1024mb-nyc-02 rtpengine[65101]: INFO:
> [24b95195-3da3-4e12-8400-5fcf908183e5]: --------- Port
> 209.182.216.71:8269 <> 72.214.35.171:50108 (RTCP), SSRC 653128b4, 3 p,
> 278 b, 0 e, 60 ts
>
>
> Any suggestion what might be happening?
>
> Br, Aqs.
>
> On 10 April 2018 at 22:59, Aqs Younas <aqsyounas at gmail.com> wrote:
>
>> I could see SRTP packets coming from one device but they never leave
>> rtpeninge.
>>
>> I put a link to Pastebin containing a call trace with the hope that
>> someone might help me out.
>>
>> I could provide more info if required.
>>
>> https://pastebin.com/tYVpFQAh
>>
>> Br, Aqs.
>>
>>
>> On 10 April 2018 at 01:39, Aqs Younas <aqsyounas at gmail.com> wrote:
>>
>>> Greetings list,
>>>
>>> I am trying to make two endpoints talking on DTLS-SRTP. But I hear on
>>> audio.
>>>
>>> Things work perfectly fine if I use RTP or SRTP with TLS.
>>>
>>> Endpoints are pjsip based application not webrtc based clients.
>>>
>>>
>>> Below are logs from rtpengine. I hope someone could point out amiss.
>>>
>>> Apr 9 20:02:43 centos-1024mb-nyc-02 rtpengine[58438]: INFO:
>>> [66d2da58-21fe-48bd-9999-a1f3a22afa6d]: --------- Port
>>> 209.182.216.71:8176 <> 72.214.35.171:63577, SSRC 1234c6eb, 641 p,
>>> 110252 b, 0 e, 60 ts
>>> Apr 9 20:02:43 centos-1024mb-nyc-02 rtpengine[58438]: INFO:
>>> [66d2da58-21fe-48bd-9999-a1f3a22afa6d]: --------- Port
>>> 209.182.216.71:8177 <> 72.214.35.171:63056 (RTCP), SSRC 1234c6eb, 4
>>> p, 372 b, 0 e, 60 ts
>>> Apr 9 20:12:24 centos-1024mb-nyc-02 rtpengine[58438]: INFO: Version
>>> git-master-3ef300b shutting down
>>> Apr 9 20:12:37 centos-1024mb-nyc-02 rtpengine[58958]: INFO: Generating
>>> new DTLS certificate
>>> Apr 9 20:12:37 centos-1024mb-nyc-02 rtpengine[58959]: INFO: Startup
>>> complete, version git-master-3ef300b
>>> Apr 9 20:13:43 centos-1024mb-nyc-02 rtpengine[58959]: INFO:
>>> [a5ca8335-84d2-4daf-a0e2-6465e72b6d08]: Received command 'offer' from
>>> 127.0.0.1:57645
>>> Apr 9 20:13:43 centos-1024mb-nyc-02 rtpengine[58959]: NOTICE:
>>> [a5ca8335-84d2-4daf-a0e2-6465e72b6d08]: Creating new call
>>> Apr 9 20:13:43 centos-1024mb-nyc-02 rtpengine[58959]: INFO:
>>> [a5ca8335-84d2-4daf-a0e2-6465e72b6d08]: offer time = 0.002612 sec
>>> Apr 9 20:13:43 centos-1024mb-nyc-02 rtpengine[58959]: INFO:
>>> [a5ca8335-84d2-4daf-a0e2-6465e72b6d08]: Replying to 'offer' from
>>> 127.0.0.1:57645
>>> Apr 9 20:13:56 centos-1024mb-nyc-02 rtpengine[58959]: INFO:
>>> [a5ca8335-84d2-4daf-a0e2-6465e72b6d08]: Received command 'answer' from
>>> 127.0.0.1:42309
>>> Apr 9 20:13:56 centos-1024mb-nyc-02 rtpengine[58959]: INFO:
>>> [a5ca8335-84d2-4daf-a0e2-6465e72b6d08]: answer time = 0.000220 sec
>>> Apr 9 20:13:56 centos-1024mb-nyc-02 rtpengine[58959]: INFO:
>>> [a5ca8335-84d2-4daf-a0e2-6465e72b6d08]: Replying to 'answer' from
>>> 127.0.0.1:42309
>>> Apr 9 20:13:56 centos-1024mb-nyc-02 rtpengine[58959]: INFO:
>>> [a5ca8335-84d2-4daf-a0e2-6465e72b6d08 port 8000]: DTLS: Peer certificate
>>> accepted
>>> Apr 9 20:13:56 centos-1024mb-nyc-02 rtpengine[58959]: INFO:
>>> [a5ca8335-84d2-4daf-a0e2-6465e72b6d08 port 8000]: DTLS-SRTP successfully
>>> negotiated
>>> Apr 9 20:13:57 centos-1024mb-nyc-02 rtpengine[58959]: ERR:
>>> [a5ca8335-84d2-4daf-a0e2-6465e72b6d08 port 8000]: SRTP output wanted, but
>>> no crypto suite was negotiated
>>> Apr 9 20:14:00 centos-1024mb-nyc-02 rtpengine[58959]: INFO:
>>> [a5ca8335-84d2-4daf-a0e2-6465e72b6d08 port 8000]: Confirmed peer address
>>> as 72.214.35.171:58634
>>> Apr 9 20:14:07 centos-1024mb-nyc-02 rtpengine[58959]: ERR:
>>> [a5ca8335-84d2-4daf-a0e2-6465e72b6d08 port 8001]: SRTCP output wanted, but
>>> no crypto suite was negotiated
>>> Apr 9 20:14:07 centos-1024mb-nyc-02 rtpengine[58959]:
>>> [a5ca8335-84d2-4daf-a0e2-6465e72b6d08] version=2, padding=0, count=1,
>>> payloadtype=200, length=12, ssrc=2045607967, ntp_sec=1379282714,
>>> ntp_fractions=439054259, rtp_ts=1838072137, sender_packets=3366262813,
>>> sender_bytes=2383498210, ssrc=815258372, fraction_lost=96,
>>> packet_loss=13713522, last_seq=3314313929, jitter=2878956247,
>>> last_sr=2456273253, delay_since_last_sr=3351655681
>>> Apr 9 20:14:07 centos-1024mb-nyc-02 rtpengine[58959]: INFO:
>>> [a5ca8335-84d2-4daf-a0e2-6465e72b6d08 port 8001]: Confirmed peer address
>>> as 72.214.35.171:57732
>>> Apr 9 20:14:12 centos-1024mb-nyc-02 rtpengine[58959]: ERR:
>>> [a5ca8335-84d2-4daf-a0e2-6465e72b6d08 port 8000]: SRTP output wanted, but
>>> no crypto suite was negotiated
>>> Apr 9 20:14:17 centos-1024mb-nyc-02 rtpengine[58959]:
>>> [a5ca8335-84d2-4daf-a0e2-6465e72b6d08] version=2, padding=0, count=1,
>>> payloadtype=200, length=12, ssrc=2045607967, ntp_sec=2811881700,
>>> ntp_fractions=4080266212, rtp_ts=371429680, sender_packets=958830616,
>>> sender_bytes=2579186043, ssrc=1909756377, fraction_lost=174,
>>> packet_loss=11416637, last_seq=3106722675, jitter=758758394,
>>> last_sr=2663618457, delay_since_last_sr=1399181077
>>> Apr 9 20:14:27 centos-1024mb-nyc-02 rtpengine[58959]: ERR:
>>> [a5ca8335-84d2-4daf-a0e2-6465e72b6d08 port 8000]: SRTP output wanted, but
>>> no crypto suite was negotiated
>>> Apr 9 20:14:27 centos-1024mb-nyc-02 rtpengine[58959]: ERR:
>>> [a5ca8335-84d2-4daf-a0e2-6465e72b6d08 port 8001]: SRTCP output wanted, but
>>> no crypto suite was negotiated
>>> Apr 9 20:14:27 centos-1024mb-nyc-02 rtpengine[58959]:
>>> [a5ca8335-84d2-4daf-a0e2-6465e72b6d08] version=2, padding=0, cou
>>>
>>>
>>> It is how I have programmed it in my Kamailio configuration.
>>>
>>> ON INVITE
>>>
>>> rtpengine_offer("replace-origin replace-session-connection ICE=remove
>>> UDP/TLS/RTP/SAVP");
>>>
>>> ON 200-ok
>>>
>>> rtpengine_answer("replace-origin replace-session-connection ICE=remove
>>> UDP/TLS/RTP/SAVP");
>>>
>>>
>>> Best Regards,
>>>
>>> Aqs Younas
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20180411/47d51eb7/attachment.html>
More information about the sr-users
mailing list