Asterisk Pjsip Webrtc Rtp To Private IP

Home » Asterisk Users » Asterisk Pjsip Webrtc Rtp To Private IP
Asterisk Users 10 Comments

hi,

i have following topology

PSTN – Asterisk —- internet —–  router – jssip client (wss)

Asterisk 13.29.1 on public IP, chan_pjsip for wss, chan_sip/udp for SIP
connection to PSTN

router – public IP/private IP (NAT)

jssip client – private IP – sip over websocket to Asterisk PJSIP

~30% of calls has problem with no audio. reason is that Asterisk is sending RTP to private IP of jssip

SDP looks the same for good call and bad call too

i searched through res_rtp_asterisk.c but i’m not sure where to put DEBUG info about which IP and why Asterisk pick for RTP

any hint?

is it possible debug Asterisk STUN request/response ? or is it hidden in pjsip internals?

Marek

10 thoughts on - Asterisk Pjsip Webrtc Rtp To Private IP

  • ICE is performed using pjnath, which is part of pjproject and not Asterisk itself. Looking at the SDP and the ICE candidates can tell you the possibilities for the paths, and a wireshark capture can show you the actual traffic going back and forth and what is being attempted.

  • with wireshark i need decrypt traffic every call which is time consuming. get debug from pjnat through asterisk is not possible because of technical reasons or nobody did it?

    in my case its strange that ice candidates are the same

    good call

    v=0
    o=- 3669976329745317845 2 IN IP4 127.0.0.1
    s=-
    t=0 0
    a=msid-semantic: WMS EoNIdKcMZvWBLULGqGPJTDe12ujjFEemeapo m=audio 52421 RTP/SAVPF 8 0 101
    c=IN IP4 10.2.152.36
    a=rtcp:9 IN IP4 0.0.0.0
    a

  • You need to look at the ICE candidates given by Asterisk as well, and ensure that if it is behind NAT it is configured in rtp.conf to do some mapping of candidates, as well as ensuring the firewall is open. The wireshark capture like I said will provide insight into what ICE is doing.

    ICE is what is used to figure out the path and determine the IP
    address/port to use. If that fails, then it won’t work.

    I would also urge you to learn more about the lower level details of WebRTC
    if you plan on deploying it. You really need some understanding of ICE/STUN/DTLS-SRTP if deploying, as those are fundamental aspects and stuff doesn’t just work in all cases. Digging into why it’s not working takes you down to those.

  • Asterisk is on public IP (as described in the first email)

    i have 10 years experience in voip, 4 years webrtc in production. i know about ICE/STUN/DTLS-SRTP. yes, not every detail but the basic mechanism

    but i confess. i dont understand WHY Asterisk SOMETIMES switches destination IP in RTP. this is not only about ICE. its about RTP engine too which is Asterisk specific

    and Asterisk DEBUG is not helping

    … going back to read res_rtp_asterisk.c & decrypting pcaps with wireshark

    Dne 12/12/2019 v 13:02 Joshua C. Colp napsal(a):

  • RTP traffic is given to pjnath to send using ICE, if this fails then it uses the c= line. If you don’t see (via ICE) then the fallback has occurred and pjnath didn’t send it via ICE, which most likely means ICE negotiation failed for some reason. ICE and STUN is not encrypted in Wireshark, so it can be seen there easily. You can enable debug in logger.conf to go to console, and also increase the log_level in pjproject.conf to a high amount to see some pjnath messages.

    The learning phase doesn’t impact outgoing. It’s for locking on to a source of media so other sources can be ignored, preventing hijacking.

  • thank you very much. this is exactly whats needed for debug

    example output for your info

    [Dec 12 15:39:19] DEBUG[2182][C-00000000]: pjproject: :        
    icess0x7f5d44081e88 .Added new remote candidate from the request:
    2.2.2.2:57536
    [Dec 12 15:39:19] DEBUG[2182][C-00000000]: pjproject: :        
    icess0x7f5d44081e88 .New triggered check added: 1
    [Dec 12 15:39:19] DEBUG[2182][C-00000000]: pjproject: :        
    icess0x7f5d44081e88 ..Sending connectivity check for check 1: [1]
    1.1.1.1:17728–>2.2.2.2:57536
    [Dec 12 15:39:19] DEBUG[2182][C-00000000]: pjproject: :        
    icess0x7f5d44081e88 …Check 1: [1] 1.1.1.1:17728–>2.2.2.2:57536: state changed from Waiting to In Progress
    [Dec 12 15:39:19] DEBUG[2182][C-00000000]: pjproject: :        
    icess0x7f5d44081e88 .Check 1: [1] 1.1.1.1:17728–>2.2.2.2:57536
    (nominated): connectivity check SUCCESS
    [Dec 12 15:39:19] DEBUG[2182][C-00000000]: pjproject: :        
    icess0x7f5d44081e88 .Check 1: [1] 1.1.1.1:17728–>2.2.2.2:57536: state changed from In Progress to Succeeded
    [Dec 12 15:39:19] DEBUG[2182][C-00000000]: pjproject: :        
    icess0x7f5d44081e88 .Check 1 is successful  and nominated
    [Dec 12 15:39:19] DEBUG[2182][C-00000000]: pjproject: :        
    icess0x7f5d44081e88 .Cancelling check 0: [1]
    1.1.1.1:17728–>10.128.3.150:57536 (In Progress)
    [Dec 12 15:39:19] DEBUG[2182][C-00000000]: pjproject: :        
    icess0x7f5d44081e88 .Check 0: [1] 1.1.1.1:17728–>10.128.3.150:57536:
    state changed from In Progress to Failed
    [Dec 12 15:39:19] DEBUG[2182][C-00000000]: pjproject: :        
    icess0x7f5d44081e88 .ICE process complete, status=Success
    [Dec 12 15:39:19] DEBUG[2182][C-00000000]: pjproject: :        
    icess0x7f5d44081e88 .Valid list
    [Dec 12 15:39:19] DEBUG[2182][C-00000000]: pjproject: :        
    icess0x7f5d44081e88 . 0: [1] 1.1.1.1:17728–>2.2.2.2:57536 (nominated, state=Succeeded)

    1.1.1.1 is asterisk on “public” ip

    2.2.2.2 is router on “public” ip (jssip is behind it on private ip
    10.128.3.150)

    our specific case

    we found problem in customers internet provider

    we dont know yet what technology is the problem but “sometimes” respond ip of some core router ( ISP – isp core/edge router ip – customers router ip – customers private ip ) to stun request

    pjsproject debug config

    pjproject.conf

    [startup]
    log_level=4
    type=startup

    btw some examples will be very helpfull

    Marek

    Dne 12/12/2019 v 14:05 Joshua C. Colp napsal(a):

  • examples of “interesting” information like ICE result and howto make
    “minimal” configuration of pjproject.conf

    i.e.

    for  debugging app_queue.so

    core set debug 5 app_queue.so

    for debugging RTP

    core set debug 10 rtp_engine core set debug 10 res_rtp_asterisk

    rtp set debug on

    logger.conf

    rtp => debug,verbose(5)

    so i mean

    in https://github.com/asterisk/asterisk/blob/master/configs/samples/pjproject.conf.sample

    by few examples try to explain  what usefull info i can get

    set

    [startup]
    log_level=6
    type=startup

    and dig what’s usefull is not very productive

    btw we are using tools like sipcapture.org,voipmonitor.org, callstats.io, elasticsearch+filebeat, … but without informations whats happening inside asterisk is harder to solve problems

    Dne 12/12/2019 v 16:00 Joshua C. Colp napsal(a):