Long call delays after enabling sRTP


Our customer is running Asterisk 16.3.0 using SIP with sRTP enabled. However their config did not have encrypted=yes as all the phones were running just TLS. Calls have been working fine for months. They decided to configure two of their DX-80s to support sRTP. If the phones call each other directly, the phones show the lock icon, say the call is encrypted - works great. If they call the asterisk, there is a long delay (somewhere between 5 seconds and 50 seconds) before the call is connected. The delay is variable, not always the same time, but the call will eventually connect and show the lock icon and say the call is encrypted. Looking at the CUCM logs and the asterisk logs I see the initial invite is sent from the CUCM at time X, the Asterisk log shows it being received at time X+20 to X+35, then the Asterisk sends a 100-Trying at time Y, but the CUCM shows it being received at time Y+1 to Y+4. After that all the messages show no delay. I verified the box the Asterisk is running on the nsswitch.conf file is set to dns files. resolve.conf is empty. i.e. they don’t use dns, just /etc/hosts. Any ideas what else to look at?

Thanks, Wray

Is something set to check for certificate revocation?

That is a really good idea, I will ask. But wouldn’t a timeout on revocation check also impact the TLS calls?

Thanks, Wray

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.