DTLS No response for Server Hello after Client Hello

[Dan Foxley]

Hoping I can please be pointed in the right direction for this WebRTC / T-Mobile IPv6 issue.

Our WebRTC client,
- on T-Mobile (IPv6)
- no issue on Wi-Fi or forced IPv4 APN on T-Mobile
- has no issue with STUN, or DNS (other UDP based traffic)

DTLS Client Hello is sent, but WebRTC client does not respond to Server Hello as seen in Wireshark. 

Screenshot shows:

- STUN (UDP also) using IPv6 pairs successfully.

- Client sends DTLS  Client Hello

- Receives Server Hello but continues sending Client Hello with exponential back off.

- Client does not respond to the received Server Hello.

Thanks,

Dan

[Harald Alvestrand]

Your log shows Certificate (fragment) for the server hello, followed by "Reassembly error".

This may be a DTLS fragmentation/reassembly issue.

--
This list falls under the WebRTC Code of Conduct - https://webrtc.org/support/code-of-conduct.
---
You received this message because you are subscribed to the Google Groups "discuss-webrtc" group.
To unsubscribe from this group and stop receiving emails from it, send an email to discuss-webrt...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/discuss-webrtc/a3e4deaa-f5d7-45f4-b425-02f2a45b4cabn%40googlegroups.com.

[Philipp Hancke]

Also this shows a series of certificates (which generally isn't required in DTLS-SRTP) and a packet size of 1472 which is the IPv4 MTU.

I'd try reducing the number of certificates and ideally using ECDSA ones which are small. This avoids a lot of headache.

To view this discussion on the web visit https://groups.google.com/d/msgid/discuss-webrtc/CAOqqYVGOtMUzvcjRxgs%3DMUDAgSKa7aO%2BOXSEqip27ekATq7_nA%40mail.gmail.com.