<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Hi,<div class=""><br class=""></div><div class="">We are seeing STUN packets. The code I was referring to earlier is this in switch_rtp_activate_ice:</div><div class=""><span class="keyword" style="font-weight: bold; color: rgb(0, 0, 128); line-height: 15px; font-family: monospace; white-space: pre; background-color: rgb(255, 255, 255);">if</span><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class=""> ((type & ICE_VANILLA)) {</span><br style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class=""><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class=""> switch_snprintf(ice_user, </span><span class="keyword" style="font-weight: bold; color: rgb(0, 0, 128); line-height: 15px; font-family: monospace; white-space: pre; background-color: rgb(255, 255, 255);">sizeof</span><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class="">(ice_user), </span><span class="string" style="color: rgb(0, 128, 0); font-weight: bold; line-height: 15px; font-family: monospace; white-space: pre; background-color: rgb(255, 255, 255);">"%s:%s"</span><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class="">, login, rlogin);</span><br style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class=""><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class=""> switch_snprintf(user_ice, </span><span class="keyword" style="font-weight: bold; color: rgb(0, 0, 128); line-height: 15px; font-family: monospace; white-space: pre; background-color: rgb(255, 255, 255);">sizeof</span><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class="">(user_ice), </span><span class="string" style="color: rgb(0, 128, 0); font-weight: bold; line-height: 15px; font-family: monospace; white-space: pre; background-color: rgb(255, 255, 255);">"%s:%s"</span><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class="">, rlogin, login);</span><br style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class=""><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class=""> switch_snprintf(luser_ice, </span><span class="keyword" style="font-weight: bold; color: rgb(0, 0, 128); line-height: 15px; font-family: monospace; white-space: pre; background-color: rgb(255, 255, 255);">sizeof</span><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class="">(user_ice), </span><span class="string" style="color: rgb(0, 128, 0); font-weight: bold; line-height: 15px; font-family: monospace; white-space: pre; background-color: rgb(255, 255, 255);">"%s%s"</span><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class="">, rlogin, login);</span><br style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class=""><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class=""> ice->ready = ice->rready = </span><span class="number" style="color: rgb(0, 0, 255); line-height: 15px; font-family: monospace; white-space: pre; background-color: rgb(255, 255, 255);">0</span><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class="">;</span><br style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class=""><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class=""> } </span><span class="keyword" style="font-weight: bold; color: rgb(0, 0, 128); line-height: 15px; font-family: monospace; white-space: pre; background-color: rgb(255, 255, 255);">else</span><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class=""> {</span><br style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class=""><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class=""> switch_snprintf(ice_user, </span><span class="keyword" style="font-weight: bold; color: rgb(0, 0, 128); line-height: 15px; font-family: monospace; white-space: pre; background-color: rgb(255, 255, 255);">sizeof</span><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class="">(ice_user), </span><span class="string" style="color: rgb(0, 128, 0); font-weight: bold; line-height: 15px; font-family: monospace; white-space: pre; background-color: rgb(255, 255, 255);">"%s%s"</span><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class="">, login, rlogin);</span><br style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class=""><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class=""> switch_snprintf(user_ice, </span><span class="keyword" style="font-weight: bold; color: rgb(0, 0, 128); line-height: 15px; font-family: monospace; white-space: pre; background-color: rgb(255, 255, 255);">sizeof</span><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class="">(user_ice), </span><span class="string" style="color: rgb(0, 128, 0); font-weight: bold; line-height: 15px; font-family: monospace; white-space: pre; background-color: rgb(255, 255, 255);">"%s%s"</span><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class="">, rlogin, login);</span><br style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class=""><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class=""> ice->ready = ice->rready = </span><span class="number" style="color: rgb(0, 0, 255); line-height: 15px; font-family: monospace; white-space: pre; background-color: rgb(255, 255, 255);">1</span><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class="">;</span><br style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class=""><span style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class=""> }</span><br style="font-family: monospace; line-height: 18px; white-space: pre; background-color: rgb(255, 255, 255);" class=""><div><br class=""></div><div>It appears that we are getting ICE_VANILLA. In that case, ice.ready and ice.rready are both set to 0 and DTLS negotiation cannot proceed until ice.ready and ice.rready are 1. Can ice.ready be set to 1 elsewhere (I noticed in rtp_common_read for example). However, it is not clear whether that can happen since it requires ice negotiation to start the media flow in the first place. Please confirm whether switch_rtp_activate_ice requires non ICE_VANILLA in order for ice activation to occur (will switch_rtp_activate_ice be called multiple times until this happens)?</div><div><br class=""></div><div><br class=""></div><div><br class=""></div><div>Thanks.</div><div><br class=""></div><div>-Jon</div><div><br class=""><blockquote type="cite" class=""><div class="">On Jun 1, 2015, at 12:43 PM, Anthony Minessale <<a href="mailto:anthony.minessale@gmail.com" class="">anthony.minessale@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class="">tshark -Y stun<div class=""><br class=""></div><div class="">Look on the wire for stun packets being sent to/from your client and your box.</div><div class=""><br class=""></div></div><div class="gmail_extra"><br class=""><div class="gmail_quote">On Mon, Jun 1, 2015 at 11:23 AM, Michael Jerris <span dir="ltr" class=""><<a href="mailto:mike@jerris.com" target="_blank" class="">mike@jerris.com</a>></span> wrote:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word" class="">make sure you are using latest code from git master.<div class=""><div class="h5"><div class=""><br class=""><div class=""><blockquote type="cite" class=""><div class="">On Jun 1, 2015, at 12:07 PM, Jon Lederman <<a href="mailto:jonlederman@gmail.com" target="_blank" class="">jonlederman@gmail.com</a>> wrote:</div><br class=""><div class=""><div style="word-wrap:break-word" class="">Yes. This is webrtc on chrome latest version. We are pretty certain packets making it to FS and will do a wireshark trace to confirm. ICE setup is failing and the ice.ready remains false for reasons we don’t understand. However, packets are flowing. <br class=""><div class=""><blockquote type="cite" class=""><div class="">On Jun 1, 2015, at 12:03 PM, Michael Jerris <<a href="mailto:mike@jerris.com" target="_blank" class="">mike@jerris.com</a>> wrote:</div><br class=""><div class=""><div style="word-wrap:break-word" class="">What is the client? Is this webrtc? Did you confirm that the packets are actually making it to freeswitch like I reccomended?<div class=""><br class=""><div class=""><blockquote type="cite" class=""><div class="">On Jun 1, 2015, at 11:57 AM, Jon Lederman <<a href="mailto:jonlederman@gmail.com" target="_blank" class="">jonlederman@gmail.com</a>> wrote:</div><br class=""><div class=""><div style="word-wrap:break-word" class="">Hi,<div class=""><br class=""></div><div class="">The problem we are encountering is that ICE is never established and/or ready. </div><div class="">In the function switch_rtp_activate_ice in switch_rtp.c, we notice that it detects VANILLA ICE and thus sets ice.ready=0. As far as we can tell, there are only a handful other places where ice.ready (or ice.rready for RTCP) can be set to true including the function rtp_common_read. However, in rtp_common_read, *bytes is 0 and therefore ice.ready remains 0. Further, is it true that ICE must be ready and negotiated before RTP packets can even begin to flow via rtp_common_read?</div><div class=""><br class=""></div><div class="">The main questions are:</div><div class=""><br class=""></div><div class="">1) Is this VANILLA ICE detection, which causes ice.ready to be 0 in switch_rtp_activate_ice problematic? That is, is the 1.6 branch operative with VANILLA ICE and what is causing VANILLA ICE to be negotiated? Do we need to change something in the SDP for example?</div><div class=""><br class=""></div><div class="">2) It appears switch_rtp_activate_ice is called multiple times to no avail, as ice.ready remains 0. Must ICE establishment and setup be achieved in switch_rtp_activate_ice before any media can flow OR can ice.ready be set to true later somehow?</div><div class=""><br class=""></div><div class="">3) If ICE is not being activated properly, what would be your recommendations on debugging why this is? </div><div class=""><br class=""></div><div class="">Thanks in advance.</div><div class=""><br class=""></div><div class="">-Jon</div><div class=""><div class=""><div class=""><blockquote type="cite" class=""><div class="">On Jun 1, 2015, at 10:38 AM, Anthony Minessale <<a href="mailto:anthony.minessale@gmail.com" target="_blank" class="">anthony.minessale@gmail.com</a>> wrote:</div><br class=""><div class="">Ice must negotiate, then dtls. The ice is not encrypted.<div class=""><span class=""></span><br class=""><br class="">On Sunday, May 31, 2015, Michael Jerris <<a href="mailto:mike@jerris.com" target="_blank" class="">mike@jerris.com</a>> wrote:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Typically this happens when the traffic isn't making it back to FreeSWITCH.<span class=""></span><br class=""><br class="">On Sunday, May 31, 2015, Jon Lederman <<a class="">jonlederman@gmail.com</a>> wrote:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi,<br class="">
<br class="">
We are having trouble getting WebRTC working with 1.6. I have tracked the problem down to the do_dtls function in switch_rtp.c (shown partially below). Two things we have noticed:<br class="">
<br class="">
1) It appears that ice.ready and ice.ready are always 0.<br class="">
2) DTLS negotiation never completes the handshake.<br class="">
<br class="">
Does ice have to be operative in order for dtls negotiation to proceed or the other way around? What should I look for, which may prevent the ice setup and/or dtls handshake.<br class="">
We are running on google cloud. Are there networking/NAT issues running on cloud servers that might interfere with either ICE or DTLS?<br class="">
<br class="">
Thanks in advance.<br class="">
<br class="">
-Jon<br class="">
<br class="">
<br class="">
static int do_dtls(switch_rtp_t *rtp_session, switch_dtls_t *dtls)<br class="">
{<br class="">
int r = 0, ret = 0, len;<br class="">
switch_size_t bytes;<br class="">
unsigned char buf[4096] = "";<br class="">
int ready = rtp_session->ice.ice_user ? (rtp_session->ice.rready && rtp_session->ice.ready) : 1;<br class="">
<br class="">
<br class="">
<br class="">
if (!dtls->bytes && !ready) {<br class="">
//switch_log_printf(SWITCH_CHANNEL_SESSION_LOG(rtp_session->session), SWITCH_LOG_ALERT, "Ice not ready");<br class="">
return 0;<br class="">
}<br class="">
<br class="">
…<br class="">
<br class="">
<br class=""></blockquote></blockquote></div></div></blockquote></div></div></div></div></div></blockquote></div></div></div></div></blockquote></div></div></div></blockquote></div><br class=""></div></div></div></div><br class="">_________________________________________________________________________<br class="">
Professional FreeSWITCH Consulting Services:<br class="">
<a href="mailto:consulting@freeswitch.org" class="">consulting@freeswitch.org</a><br class="">
<a href="http://www.freeswitchsolutions.com/" target="_blank" class="">http://www.freeswitchsolutions.com</a><br class="">
<br class="">
Official FreeSWITCH Sites<br class="">
<a href="http://www.freeswitch.org/" target="_blank" class="">http://www.freeswitch.org</a><br class="">
<a href="http://confluence.freeswitch.org/" target="_blank" class="">http://confluence.freeswitch.org</a><br class="">
<a href="http://www.cluecon.com/" target="_blank" class="">http://www.cluecon.com</a><br class="">
<br class="">
FreeSWITCH-users mailing list<br class="">
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" class="">FreeSWITCH-users@lists.freeswitch.org</a><br class="">
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank" class="">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br class="">
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank" class="">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br class="">
<a href="http://www.freeswitch.org/" target="_blank" class="">http://www.freeswitch.org</a><br class=""></blockquote></div><br class=""><br clear="all" class=""><div class=""><br class=""></div>-- <br class=""><div class="gmail_signature"><div dir="ltr" class=""><div class=""><div dir="ltr" class=""><div class=""><div dir="ltr" class="">Anthony Minessale II ♬ @anthmfs ♬ @FreeSWITCH ♬<div class=""><br class=""><div class="">☞ <a href="http://freeswitch.org/" target="_blank" class="">http://freeswitch.org/</a> ☞ <a href="http://cluecon.com/" target="_blank" class="">http://cluecon.com/</a> ☞ <a href="http://twitter.com/FreeSWITCH" target="_blank" class="">http://twitter.com/FreeSWITCH</a></div><div class=""><div class="">☞ <a href="http://irc.freenode.net/" target="_blank" class="">irc.freenode.net</a> #freeswitch ☞ <u class=""><a href="http://freeswitch.org/g+" target="_blank" class="">http://freeswitch.org/g+</a></u><br class=""><br class=""></div><div class="">ClueCon Weekly Development Call <br class=""></div><div class="">☎ <a href="mailto:sip%3A888@conference.freeswitch.org" target="_blank" class="">sip:888@conference.freeswitch.org</a> ☎ +19193869900 </div><div class=""><br class=""></div></div></div><div class=""><a href="https://www.youtube.com/watch?v=9XXgW34t40s" style="color:rgb(17,85,204);font-size:12.8000001907349px" target="_blank" class="">https://www.youtube.com/watch?v=9XXgW34t40s</a></div><div class=""><a href="https://www.youtube.com/watch?v=NLaDpGQuZDA" target="_blank" class="">https://www.youtube.com/watch?v=NLaDpGQuZDA</a><br class=""></div></div></div></div></div></div></div>
</div>
_________________________________________________________________________<br class="">Professional FreeSWITCH Consulting Services: <br class=""><a href="mailto:consulting@freeswitch.org" class="">consulting@freeswitch.org</a><br class="">http://www.freeswitchsolutions.com<br class=""><br class="">Official FreeSWITCH Sites<br class="">http://www.freeswitch.org<br class="">http://confluence.freeswitch.org<br class="">http://www.cluecon.com<br class=""><br class="">FreeSWITCH-users mailing list<br class="">FreeSWITCH-users@lists.freeswitch.org<br class="">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users<br class="">UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users<br class="">http://www.freeswitch.org</div></blockquote></div><br class=""></div></body></html>