[OpenSIPS-Users] Opensips + rtpengine + Sipml5 webrtc

John Nash john.nash778 at gmail.com
Thu Jun 23 21:42:14 CEST 2016 

Actually the issue is i hear no audio on either side and just after session
progress (I guess when media starts coming from remote media server) i see
error  "SRTP output wanted, but no crypto suite was negotiated"

I had also checked media logs i could see RTP packets being sent from
freeswitch to RTPengine IP but there was no packet at all just after that.
Ideally after RTP packet from freeswitch to rtpengine, Rtpengine should
send that packet to browser using wss?

On Fri, Jun 24, 2016 at 1:05 AM, Eric Tamme <eric at uphreak.com> wrote:

> So - i dont see a problem here - Chrome is getting UDP/TLS/RTP/SAVPF and
> Freeswitch is getting RTP/AVP.  Freeswitch responded to the offer in the
> invite with an answer in the 183, and in the 200.  What is the failure you
> are seeing, and where is it happening (in freeswitch? in the browser?)
>
> The only thing that looks bad is that you are retransmitting the ACK which
> FS either ... doesnt like, or is never getting,  because it keeps
> retransmitting the 200, which is why you get a 481 when you send BYE.
>
> -Eric
>
>
> On 06/23/2016 01:24 PM, John Nash wrote:
>
> OK here is the log
> https://gist.github.com/johnnash13/0d2cb5238f3551cd3a8c6b4e638dd744
>
> Sorry took me a while to convert wireshark trace to text file.
>
> My freeswitch is running on private IP (127.0.0.1) and opensips I run on
> both public and private so that for outside world opensips is the only
> public IP they see. In proxy log I pasted Opensips ===> Freeswitch logs and
> back.
>
>
>
>
>
>
> On Fri, Jun 24, 2016 at 12:43 AM, Eric Tamme <eric at uphreak.com> wrote:
>
>> No - it's annoying to look at a trace that's had information removed and
>> try and piece together whats happening.  Your paranoid side is wrong, sorry.
>>
>> -Eric
>>
>>
>> On 06/23/2016 01:06 PM, Patrick Wakano wrote:
>>
>> my paranoic side would recommend to hide/change private informations,
>> specially any authentication line that might appear... this is certainly a
>> sort of social engineering threat we should worry...
>> better be safe than sorry....
>>
>>
>> On Thu, Jun 23, 2016 at 3:31 PM, Eric Tamme < <eric at uphreak.com>
>> eric at uphreak.com> wrote:
>>
>>> I mean you can use a private gist, but you will be publishing the link
>>> in a public email list.  In general I personally dont believe revealing ip
>>> addresses etc. is any problem - to put my money where my mouth is here is a
>>> gist link to an unaltered SIP trace on my server :)
>>>
>>> https://gist.github.com/etamme/b864010448a29007b7e0457682e81d52
>>>
>>> -Eric
>>>
>>>
>>> On 06/23/2016 12:23 PM, John Nash wrote:
>>>
>>> Ok i am ready with logs. About gist may I use private option as traces
>>> have our IPs, user
>>>
>>> On Thu, Jun 23, 2016 at 10:32 PM, Eric Tamme < <eric at uphreak.com>
>>> eric at uphreak.com> wrote:
>>>
>>>> Hey John,
>>>>
>>>> Please paste a full UNALTERED sip trace into a gist (gist.github.com)
>>>> from the proxy servers perspective and provide a link so that we can see
>>>> what comes in, and what goes out from both sides.
>>>>
>>>> EG: ngrep -qtd any -W byline port 5060
>>>>
>>>> This will show us the traffic that is leaving the proxy destined for
>>>> the Freeswitch box, and what the freeswitch box sends back.
>>>>
>>>> Also - you can look in your browsers console log and provide the SIP
>>>> trace from there in a seperate gist, so that we can see what opensips sends
>>>> back up to your browser.
>>>>
>>>> -Eric
>>>>
>>>>
>>>> Am I using correct sip.js example? I copied it to my server and
>>>> accessing it using https: (used letsencrypt)
>>>>
>>>> On Thu, Jun 23, 2016 at 7:58 PM, Eric Tamme < <eric at uphreak.com>
>>>> eric at uphreak.com> wrote:
>>>>
>>>>> 1. I would suggest using SIP.js - <https://github.com/onsip/SIP.js>
>>>>> https://github.com/onsip/SIP.js it is a much more active project that
>>>>> sipml5.
>>>>>
>>>>> 2. Im guessing that you are not properly passing flags to RTPEngine.
>>>>> If you want to have DTLS-SRTP between the browser, and plain RTP/AVP
>>>>> between RTPEngine and freeswitch, you need to "offer" rtp/avp to
>>>>> freeswitch, and "answer" dtls-srtp back up to the browser.
>>>>>
>>>>> the offer to freeswitch would be:
>>>>>
>>>>>         $var(rtpengine_flags) = "RTP/AVP replace-session-connection replace-origin ICE=remove";
>>>>>
>>>>>
>>>>> and the answer back up to the browswer would be:
>>>>>
>>>>>         $var(rtpengine_flags) = "UDP/TLS/RTP/SAVPF ICE=force";
>>>>>
>>>>>
>>>>> -Eric
>>>>>
>>>>>
>>>>>
>>>>> On 06/23/2016 08:20 AM, John Nash wrote:
>>>>>
>>>>> I am following
>>>>> <http://www.opensips.org/Documentation/Tutorials-WebSocket-2-2>
>>>>> http://www.opensips.org/Documentation/Tutorials-WebSocket-2-2 and
>>>>> trying to test a call
>>>>>
>>>>> sipml5 ----------->Opensips + rtpengine --------> SIP end point
>>>>> (Freeswitch)
>>>>>
>>>>> But I do not have any audio on both sides. I see this error at
>>>>> rtpengine log "SRTP output wanted, but no crypto suite was negotiated"
>>>>>
>>>>> Anyone tested this scenario positive?
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Users mailing listUsers at lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Users mailing list
>>>>> <Users at lists.opensips.org>Users at lists.opensips.org
>>>>> <http://lists.opensips.org/cgi-bin/mailman/listinfo/users>
>>>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>>>>
>>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Users mailing listUsers at lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Users mailing list
>>>> Users at lists.opensips.org
>>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>>>
>>>>
>>>
>>>
>>> _______________________________________________
>>> Users mailing listUsers at lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>>
>>>
>>>
>>> _______________________________________________
>>> Users mailing list
>>> Users at lists.opensips.org
>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>>
>>>
>>
>>
>> _______________________________________________
>> Users mailing listUsers at lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>>
>
>
> _______________________________________________
> Users mailing listUsers at lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20160624/593190a8/attachment-0001.htm>

More information about the Users mailing list