[Freeswitch-users] Problem with SRTP in HA

Giovanni Maruzzelli gmaruzz at gmail.com
Fri Jul 5 13:26:40 UTC 2019


I do not think you can just continue an SRTP call on another machine... If
you do not rebuild all the crypto context (key exchange, etc)...

Anyone else knows more?

-giovanni

On Fri, Jul 5, 2019 at 2:59 PM Francisco Carmona Ramírez <
franciscocarmona777 at gmail.com> wrote:

> Hi, i have some issues trying to make a HA with SRTP, i have that dialplan
>
>
>         <extension name="salientes">
>                 <condition field="destination_number"
> expression="^(\d{9})$">
>                          <action application="set"
> data="ringback=${es-ring}"/>
>                          <action application="set"
> data="transfer_rinback=$${hold_music}"/>
>                          <action application="set" data="call_timeout=30"
> />
>                          <action application="set"
> data="hangup_after_bridge=true"/>
>                          <action application="set"
> data="continue_on_fail=true"/>
>                          <action application="export"
> data="rtp_secure_media=optional"/>
>                          <action application="export"
> data="rtp_secure_media_outbound=forbidden"/>
>                          <action application="bridge"
> data="sofia/gateway/providerExt/$1"/>
>                          <action application="hangup"/>
>                  </condition>
>         </extension>
>
> When i make a normal call in my FS1 it goes well, same when i do a normal
> call in a FS2, then the problem that i find is when i do a normal call in
> my FS1 (it takes AES_CM_128_HMAC_SHA1_32) and i do a "fsctl crash" in my
> "fs_cli", when the FS2 recovery the call, the audio drops in both ways, and
> if I use sngrep to see what is sending in the invite, i see that the crypto
> is "AES_CM_NULL_AUTH", in addition in the fs_cli on FS2 y found that error
>
> 2019-07-04 10:37:38.286877 [ERR] switch_core_media.c:1554 Error! No crypto
> to parse
> 2019-07-04 10:37:38.286877 [INFO] switch_rtp.c:4104 Activating audio
> Secure RTP SEND
> 2019-07-04 10:37:38.286877 [DEBUG] switch_core_sqldb.c:2617 Secure Type:
> srtp:sdes:AES_CM_128_HMAC_SHA1_32
> 2019-07-04 10:37:38.286877 [INFO] switch_rtp.c:4082 Activating audio
> Secure RTP RECV
> 2019-07-04 10:37:38.286877 [DEBUG] switch_core_sqldb.c:2617 Secure Type:
> srtp:sdes:AES_CM_128_HMAC_SHA1_32
>
> Can someone give me some clarity about that problem? How I can solve this?
> _________________________________________________________________________
>
> The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
> Enhance your FreeSWITCH install with disruptive priced SMS and PSTN
> services.
> Build your next product on our scalable cloud platform.
>
> Join our online community to chat in real time
> https://signalwire.community
>
> Professional FreeSWITCH Services
> sales at freeswitch.com
> https://freeswitch.com
>
> Official FreeSWITCH Sites
> https://freeswitch.com/oss
> https://freeswitch.org/confluence
> https://cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> https://freeswitch.com



-- 
Sincerely,

Giovanni Maruzzelli
OpenTelecom.IT
cell: +39 347 266 56 18
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20190705/e11fc2bd/attachment-0001.html>


More information about the FreeSWITCH-users mailing list