<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Asterisk is on public IP (as described in the first email)</p>
<p>i have 10 years experience in voip, 4 years webrtc in production.
i know about ICE/STUN/DTLS-SRTP. yes, not every detail but the
basic mechanism<br>
</p>
<p>but i confess. i dont understand WHY Asterisk SOMETIMES switches
destination IP in RTP. this is not only about ICE. its about RTP
engine too which is Asterisk specific<br>
</p>
<p>and Asterisk DEBUG is not helping</p>
<p><br>
</p>
<p>... going back to read res_rtp_asterisk.c & decrypting pcaps
with wireshark<br>
</p>
<p><br>
</p>
<div class="moz-cite-prefix">Dne 12/12/2019 v 13:02 Joshua C. Colp
napsal(a):<br>
</div>
<blockquote type="cite"
cite="mid:CAM0A2Z3+UeD-TrZmgkz941-hL++zgFzbhcXZTYgoZoPkGB2y0A@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">
<div dir="ltr">On Thu, Dec 12, 2019 at 7:57 AM marek <<a
href="mailto:cervajs64@gmail.com" moz-do-not-send="true">cervajs64@gmail.com</a>>
wrote:<br>
</div>
<div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF">
<p>with wireshark i need decrypt traffic every call which
is time consuming. get debug from pjnat through asterisk
is not possible because of technical reasons or nobody
did it?</p>
<p><br>
</p>
<p>in my case its strange that ice candidates are the same</p>
<p>good call<br>
</p>
<p>v=0<br>
o=- 3669976329745317845 2 IN IP4 127.0.0.1<br>
s=-<br>
t=0 0<br>
a=msid-semantic: WMS
EoNIdKcMZvWBLULGqGPJTDe12ujjFEemeapo<br>
m=audio 52421 RTP/SAVPF 8 0 101<br>
c=IN IP4 10.2.152.36<br>
a=rtcp:9 IN IP4 0.0.0.0<br>
a=candidate:3607370648 1 udp 2122260223 10.2.152.36
52421 typ host generation 0 network-id 1 network-cost 10<br>
a=candidate:2575820648 1 tcp 1518280447 10.2.152.36 9
typ host tcptype active generation 0 network-id 1
network-cost 10<br>
</p>
<p>bad call<br>
</p>
<p>v=0<br>
o=- 2602173234285924157 2 IN IP4 127.0.0.1<br>
s=-<br>
t=0 0<br>
a=msid-semantic: WMS
aDrO7zRNTqNWKodpSG62Co1IDoHReEpT8Ga3<br>
m=audio 63249 RTP/SAVPF 8 0 101<br>
c=IN IP4 10.2.152.36<br>
a=rtcp:9 IN IP4 0.0.0.0<br>
a=candidate:3607370648 1 udp 2122260223 10.2.152.36
63249 typ host generation 0 network-id 1 network-cost 10<br>
a=candidate:2575820648 1 tcp 1518280447 10.2.152.36 9
typ host tcptype active generation 0 network-id 1
network-cost 10<br>
</p>
<p><br>
</p>
<p>but RTP looks like</p>
<p>bad call (1.1.1.1 is "public" ip of PSTN SIP GW)<br>
</p>
<p>Got RTP packet from <a href="http://1.1.1.1:13460"
target="_blank" moz-do-not-send="true">1.1.1.1:13460</a>
(type 08, seq 002433, ts 000160, len 000160)<br>
Sent RTP packet to <a
href="http://10.2.152.36:63249" target="_blank"
moz-do-not-send="true">10.2.152.36:63249</a> (type 08,
seq 022470, ts 000160, len 000160)<br>
Got RTP packet from <a href="http://1.1.1.1:13460"
target="_blank" moz-do-not-send="true">1.1.1.1:13460</a>
(type 08, seq 002434, ts 000320, len 000160)<br>
Sent RTP packet to <a
href="http://10.2.152.36:63249" target="_blank"
moz-do-not-send="true">10.2.152.36:63249</a> (type 08,
seq 022471, ts 000320, len 000160)<br>
Got RTP packet from <a href="http://1.1.1.1:13460"
target="_blank" moz-do-not-send="true">1.1.1.1:13460</a>
(type 08, seq 002435, ts 000480, len 000160)<br>
</p>
<p>good call (1.1.1.1 is "public" ip of PSTN SIP GW,
2.2.2.2 is public IP of router)</p>
<p>Got RTP packet from <a href="http://1.1.1.1:15026"
target="_blank" moz-do-not-send="true">1.1.1.1:15026</a>
(type 08, seq 021197, ts 000160, len 000160)<br>
Sent RTP packet to <b><a
href="http://10.2.152.36:52421" target="_blank"
moz-do-not-send="true">10.2.152.36:52421</a> (type
08, seq 032328, ts 000160, len 000160)</b></p>
<p>[Dec 11 16:59:53] DEBUG[44360]: res_rtp_asterisk.c:6049
ast_rtp_remote_address_set: Setting RTCP address on RTP
instance '0x7faa14005408'</p>
<p>Got RTP packet from <a href="http://1.1.1.1:15026"
target="_blank" moz-do-not-send="true">1.1.1.1:15026</a>
(type 08, seq 021198, ts 000320, len 000160)<br>
Sent RTP packet to <a href="http://2.2.2.2:52421"
target="_blank" moz-do-not-send="true">2.2.2.2:52421</a>
(via ICE) (type 08, seq 032329, ts 000320, len 000160)<br>
Got RTP packet from <a href="http://1.1.1.1:15026"
target="_blank" moz-do-not-send="true">1.1.1.1:15026</a>
(type 08, seq 021199, ts 000480, len 000160)<br>
Sent RTP packet to <a href="http://2.2.2.2:52421"
target="_blank" moz-do-not-send="true">2.2.2.2:52421</a>
(via ICE) (type 08, seq 032330, ts 000480, len 000160)<br>
Got RTP packet from <a href="http://1.1.1.1:15026"
target="_blank" moz-do-not-send="true">1.1.1.1:15026</a>
(type 08, seq 021200, ts 000640, len 000160)<br>
Sent RTP packet to <a href="http://2.2.2.2:52421"
target="_blank" moz-do-not-send="true">2.2.2.2:52421</a>
(via ICE) (type 08, seq 032331, ts 000640, len 000160)<br>
Got RTP packet from <a href="http://1.1.1.1:15026"
target="_blank" moz-do-not-send="true">1.1.1.1:15026</a>
(type 08, seq 021201, ts 000800, len 000160)<br>
<br>
</p>
<p>looking for the part where RTP engine switch from <b>10.2.152.36
to </b><b>2.2.2.2</b></p>
<p>it looks like<b> </b>its somewhere in the learning
phase</p>
</div>
</blockquote>
<div><br>
</div>
<div>You need to look at the ICE candidates given by Asterisk
as well, and ensure that if it is behind NAT it is
configured in rtp.conf to do some mapping of candidates, as
well as ensuring the firewall is open. The wireshark capture
like I said will provide insight into what ICE is doing.</div>
<div><br>
</div>
<div>ICE is what is used to figure out the path and determine
the IP address/port to use. If that fails, then it won't
work.</div>
<div><br>
</div>
<div>I would also urge you to learn more about the lower level
details of WebRTC if you plan on deploying it. You really
need some understanding of ICE/STUN/DTLS-SRTP if deploying,
as those are fundamental aspects and stuff doesn't just work
in all cases. Digging into why it's not working takes you
down to those.</div>
</div>
<div><br>
</div>
-- <br>
<div dir="ltr" class="gmail_signature">
<div dir="ltr">
<div>
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div style="font-family:tahoma,sans-serif"><font
color="#073763">Joshua C. Colp</font></div>
<div style="font-family:tahoma,sans-serif"><font
color="#073763">Senior Software Developer</font></div>
<div style="font-family:tahoma,sans-serif"><font
color="#073763">Sangoma Technologies</font></div>
<div style="font-family:tahoma,sans-serif"><font
color="#073763">Check us out at <a
href="http://www.sangoma.com"
target="_blank" moz-do-not-send="true">www.sangoma.com</a>
and <a href="http://www.asterisk.org"
target="_blank" moz-do-not-send="true">www.asterisk.org</a></font><br>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
</blockquote>
</body>
</html>