[prev in list] [next in list] [prev in thread] [next in thread]
List: freeswitch-users
Subject: Re: [Freeswitch-users] SRTP breaks my TLS session
From: Emrah <lists () kavun ! ch>
Date: 2016-02-28 18:33:49
Message-ID: 14EF2D3F-9034-4D59-BC37-16B6E20BAEE8 () kavun ! ch
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hello there,
I can confirm that a PCAP gives me a bunch of TLS packets.
How do you suggest debugging this?
Thanks!
> On Feb 26, 2016, at 10:36 AM, Emrah <lists@kavun.ch> wrote:
>
> Thanks for this.
>
> This isn't just a yealink thing. I've encountered sporadic issues with soft phones \
> and other desk phones as well.
> I didn't use the PCap capture feature because I had assumed it would give me a \
> bunch of TLS packets. I'll test that and revert back.
> How can we explain that I have more calls failing if I register multiple accounts?
>
> Emrah
>
> > On Feb 26, 2016, at 6:37 AM, Mario G <mario_fs@mgtech.com \
> > <mailto:mario_fs@mgtech.com>> wrote:
> > You may want to run a pcap trace on the Yealink. It's under \
> > settings->Configuration. Start/test/export.
> > > On Feb 25, 2016, at 3:35 PM, Brian West <brian@freeswitch.org \
> > > <mailto:brian@freeswitch.org>> wrote:
> > > Sounds like there may be a bug in the yealink if packet size is of issue on \
> > > TCP/TLS connections.
> > > On Thu, Feb 25, 2016 at 5:13 PM, Emrah <lists@kavun.ch <mailto:lists@kavun.ch>> \
> > > wrote: Hello list,
> > > I thought I had solved this issue by reducing my codec list to a minimum, but \
> > > it still persists, unfortunately. This was to reduce the TLS packet size. \
> > > Anytime I enable SRTP on my phones, outgoing calls will randomly fail. The \
> > > problem goes away when I disable SRTP. I only work over TLS. Incoming calls \
> > > work reliably with or without SRTP.
> > > How do you suggest debugging this?
> > > I tried setting up a fresh instance of FS but the issue persists.
> > > Now. It should be noted that calls fail sensibly more often when I have more \
> > > than one account registered on the same server with the same device.
> > > Any suggestion is welcome. Have you experienced this?
> > >
> > > I'm running FreeSWITCH Version 1.6.5 on Debian. My phone in this case is a \
> > > Yealink SIP-T46G running firmware 28.80.0.95.
> > > E
> > >
> > > _________________________________________________________________________
> > > Professional FreeSWITCH Consulting Services:
> > > consulting@freeswitch.org <mailto:consulting@freeswitch.org>
> > > http://www.freeswitchsolutions.com <http://www.freeswitchsolutions.com/>
> > >
> > > Official FreeSWITCH Sites
> > > http://www.freeswitch.org <http://www.freeswitch.org/>
> > > http://confluence.freeswitch.org <http://confluence.freeswitch.org/>
> > > http://www.cluecon.com <http://www.cluecon.com/>
> > >
> > > FreeSWITCH-users mailing list
> > > FreeSWITCH-users@lists.freeswitch.org \
> > > <mailto:FreeSWITCH-users@lists.freeswitch.org> \
> > > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users \
> > > <http://lists.freeswitch.org/mailman/listinfo/freeswitch-users> \
> > > UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users \
> > > <http://lists.freeswitch.org/mailman/options/freeswitch-users> \
> > > http://www.freeswitch.org <http://www.freeswitch.org/>
> > >
> > >
> > > --
> > > Brian West
> > > brian@freeswitch.org <mailto:brian@freeswitch.org>
> > >
> > > Twitter: @FreeSWITCH , @briankwest
> > > http://www.freeswitchbook.com <http://www.freeswitchbook.com/>
> > > http://www.freeswitchcookbook.com <http://www.freeswitchcookbook.com/>
> > > Got Bugs? Report them here <https://freeswitch.org/jira>! | Reddit: \
> > > /r/freeswitch <https://www.reddit.com/r/freeswitch> T:+19184209001 | \
> > > F:+19184209002 | M:+1918424WEST (9378) iNUM:+883 5100 1420 9001 | ISN:410*543 | \
> > > Skype:briankwest
> > > _________________________________________________________________________
> > > Professional FreeSWITCH Consulting Services:
> > > consulting@freeswitch.org <mailto:consulting@freeswitch.org>
> > > http://www.freeswitchsolutions.com <http://www.freeswitchsolutions.com/>
> > >
> > > Official FreeSWITCH Sites
> > > http://www.freeswitch.org
> > > http://confluence.freeswitch.org
> > > http://www.cluecon.com
> > >
> > > FreeSWITCH-users mailing list
> > > FreeSWITCH-users@lists.freeswitch.org
> > > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> > > UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> > > http://www.freeswitch.org
> >
> > _________________________________________________________________________
> > Professional FreeSWITCH Consulting Services:
> > consulting@freeswitch.org <mailto:consulting@freeswitch.org>
> > http://www.freeswitchsolutions.com
> >
> > Official FreeSWITCH Sites
> > http://www.freeswitch.org
> > http://confluence.freeswitch.org
> > http://www.cluecon.com
> >
> > FreeSWITCH-users mailing list
> > FreeSWITCH-users@lists.freeswitch.org
> > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> > UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> > http://www.freeswitch.org
>
[Attachment #5 (unknown)]
<html><head><meta http-equiv="Content-Type" content="text/html \
charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; \
-webkit-line-break: after-white-space;" class="">Hello there,<div class="">I can \
confirm that a PCAP gives me a bunch of TLS packets.</div><div class="">How do you \
suggest debugging this?</div><div class=""><br class=""></div><div \
class="">Thanks!</div><div class=""><div><blockquote type="cite" class=""><div \
class="">On Feb 26, 2016, at 10:36 AM, Emrah <<a href="mailto:lists@kavun.ch" \
class="">lists@kavun.ch</a>> wrote:</div><br \
class="Apple-interchange-newline"><div class=""><meta http-equiv="Content-Type" \
content="text/html charset=utf-8" class=""><div style="word-wrap: break-word; \
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div \
class="">Thanks for this. </div><div class=""><br class=""></div><div \
class="">This isn't just a yealink thing. I've encountered sporadic issues with soft \
phones and other desk phones as well.</div><div class=""><br class=""></div><div \
class="">I didn't use the PCap capture feature because I had assumed it would give me \
a bunch of TLS packets. I'll test that and revert back.</div><div class=""><br \
class=""></div><div class="">How can we explain that I have more calls failing if I \
register multiple accounts?</div><div class=""><br class=""></div><div \
class="">Emrah</div><div class=""><br class=""><div class=""><blockquote type="cite" \
class=""><div class="">On Feb 26, 2016, at 6:37 AM, Mario G <<a \
href="mailto:mario_fs@mgtech.com" class="">mario_fs@mgtech.com</a>> \
wrote:</div><br class="Apple-interchange-newline"><div class=""><meta \
http-equiv="Content-Type" content="text/html charset=utf-8" class=""><div \
style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: \
after-white-space;" class="">You may want to run a pcap trace on the Yealink. It's \
under settings->Configuration. Start/test/export.<div class=""><br class=""><div \
class=""><blockquote type="cite" class=""><div class="">On Feb 25, 2016, at 3:35 PM, \
Brian West <<a href="mailto:brian@freeswitch.org" \
class="">brian@freeswitch.org</a>> wrote:</div><br \
class="Apple-interchange-newline"><div class=""><div dir="ltr" class="">Sounds like \
there may be a bug in the yealink if packet size is of issue on TCP/TLS \
connections.</div><div class="gmail_extra"><br class=""><div class="gmail_quote">On \
Thu, Feb 25, 2016 at 5:13 PM, Emrah <span dir="ltr" class=""><<a \
href="mailto:lists@kavun.ch" target="_blank" class="">lists@kavun.ch</a>></span> \
wrote:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 \
.8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word" \
class="">Hello list,<div class="">I thought I had solved this issue by reducing my \
codec list to a minimum, but it still persists, unfortunately. This was to \
reduce the TLS packet size.</div><div class="">Anytime I enable SRTP on my phones, \
outgoing calls will randomly fail. The problem goes away when I disable SRTP. I only \
work over TLS.</div><div class="">Incoming calls work reliably with or without \
SRTP.</div><div class=""><br class=""></div><div class="">How do you suggest \
debugging this?</div><div class="">I tried setting up a fresh instance of FS but the \
issue persists.</div><div class="">Now. It should be noted that calls fail sensibly \
more often when I have more than one account registered on the same server with the \
same device.</div><div class=""><br class=""></div><div class="">Any suggestion is \
welcome. Have you experienced this? </div><div class=""><br class=""></div><div \
class="">I'm running <span style="font-family:Menlo;font-size:11px" \
class="">FreeSWITCH Version 1.6.5 on Debian. My phone in this case is a Yealink \
SIP-T46G running firmware </span><font face="Menlo" class=""><span \
style="font-size:11px" class="">28.80.0.95.</span></font></div><span \
class="HOEnZb"><font color="#888888" class=""><div class=""><font face="Menlo" \
class=""><span style="font-size:11px" class=""><br class=""></span></font></div><div \
class=""><font face="Menlo" class=""><span style="font-size:11px" \
class="">E</span></font></div></font></span></div><br \
class="">_________________________________________________________________________<br \
class=""> Professional FreeSWITCH Consulting Services:<br class="">
<a href="mailto:consulting@freeswitch.org" class="">consulting@freeswitch.org</a><br \
class=""> <a href="http://www.freeswitchsolutions.com/" rel="noreferrer" \
target="_blank" class="">http://www.freeswitchsolutions.com</a><br class=""> <br \
class=""> Official FreeSWITCH Sites<br class="">
<a href="http://www.freeswitch.org/" rel="noreferrer" target="_blank" \
class="">http://www.freeswitch.org</a><br class=""> <a \
href="http://confluence.freeswitch.org/" rel="noreferrer" target="_blank" \
class="">http://confluence.freeswitch.org</a><br class=""> <a \
href="http://www.cluecon.com/" rel="noreferrer" target="_blank" \
class="">http://www.cluecon.com</a><br class=""> <br class="">
FreeSWITCH-users mailing list<br class="">
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" \
class="">FreeSWITCH-users@lists.freeswitch.org</a><br class=""> <a \
href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" \
target="_blank" class="">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br \
class=""> UNSUBSCRIBE:<a \
href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" \
target="_blank" class="">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br \
class=""> <a href="http://www.freeswitch.org/" rel="noreferrer" target="_blank" \
class="">http://www.freeswitch.org</a><br class=""></blockquote></div><br \
class=""><br clear="all" class=""><div class=""><br class=""></div>-- <br \
class=""><div class="gmail_signature"><div dir="ltr" class=""><div class=""><div \
dir="ltr" class=""><div class=""><div dir="ltr" class=""><div class=""><div dir="ltr" \
class=""><div class=""><div dir="ltr" class=""><p class=""><font face="courier new, \
monospace" class=""><b class=""><i class=""><font size="4" class="">Brian \
West</font></i></b><br class=""><span style="font-size:x-small" class=""><a \
href="mailto:brian@freeswitch.org" target="_blank" \
class="">brian@freeswitch.org</a></span></font></p><p class=""><font size="1" \
face="courier new, monospace" class=""><img \
src="http://billing.freeswitch.org/templates/default/img/whmcslogo.png" class=""><br \
class=""></font></p><p class=""><font size="2" face="monospace, monospace" \
class=""><b class=""><i class="">Twitter: @FreeSWITCH , @briankwest</i></b><br \
class=""><a href="http://www.freeswitchbook.com/" target="_blank" \
class="">http://www.freeswitchbook.com</a><br class=""><a \
href="http://www.freeswitchcookbook.com/" target="_blank" \
class="">http://www.freeswitchcookbook.com</a></font></p><p class=""><font \
face="monospace, monospace" class="">Got Bugs? Report them <a \
href="https://freeswitch.org/jira" target="_blank" class="">here</a>! | \
Reddit: <a href="https://www.reddit.com/r/freeswitch" target="_blank" \
class="">/r/freeswitch</a></font></p><p class=""><font size="2" face="monospace, \
monospace" class=""><b class="">T:</b>+19184209001 | <b class="">F:</b>+19184209002 | \
<b class="">M:</b>+1918424WEST (9378)<br class=""><b class="">iNUM:</b>+883 5100 1420 \
9001 | <b class="">ISN:</b>410*543 | <b \
class="">Skype:</b>briankwest</font></p></div></div></div></div></div></div></div></div></div></div>
</div>
_________________________________________________________________________<br \
class="">Professional FreeSWITCH Consulting Services: <br class=""><a \
href="mailto:consulting@freeswitch.org" class="">consulting@freeswitch.org</a><br \
class=""><a href="http://www.freeswitchsolutions.com/" \
class="">http://www.freeswitchsolutions.com</a><br class=""><br class="">Official \
FreeSWITCH Sites<br class=""><a href="http://www.freeswitch.org" \
class="">http://www.freeswitch.org</a><br \
class="">http://confluence.freeswitch.org<br class="">http://www.cluecon.com<br \
class=""><br class="">FreeSWITCH-users mailing list<br \
class="">FreeSWITCH-users@lists.freeswitch.org<br \
class="">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users<br \
class="">UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users<br \
class="">http://www.freeswitch.org</div></blockquote></div><br \
class=""></div></div>_________________________________________________________________________<br \
class="">Professional FreeSWITCH Consulting Services: <br class=""><a \
href="mailto:consulting@freeswitch.org" class="">consulting@freeswitch.org</a><br \
class=""><a href="http://www.freeswitchsolutions.com" \
class="">http://www.freeswitchsolutions.com</a><br class=""><br class="">Official \
FreeSWITCH Sites<br class="">http://www.freeswitch.org<br \
class="">http://confluence.freeswitch.org<br class="">http://www.cluecon.com<br \
class=""><br class="">FreeSWITCH-users mailing list<br \
class="">FreeSWITCH-users@lists.freeswitch.org<br \
class="">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users<br \
class="">UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users<br \
class="">http://www.freeswitch.org</div></blockquote></div><br \
class=""></div></div></div></blockquote></div><br class=""></div></body></html>
_________________________________________________________________________
Professional FreeSWITCH Consulting Services:
consulting@freeswitch.org
http://www.freeswitchsolutions.com
Official FreeSWITCH Sites
http://www.freeswitch.org
http://confluence.freeswitch.org
http://www.cluecon.com
FreeSWITCH-users mailing list
FreeSWITCH-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic