Forum Replies Created

Viewing 15 posts - 16 through 30 (of 254 total)
  • Author
    Posts
  • Avatar photoTelium Support Group
    Member
    Post count: 258

    No! Unlike most of the other configuration generators, FreePBX does something a little unusual. Every time you add a module (or even upgrade a module) to your system FreePBX might change the structure of the database / add tables to hold the additional data.

    So if you now sync from your primary node to your secondary node, settings would be lost because the associated tables/fields are missing on the secondary node. Conversely, if you now sync from your secondary node to your primary node, settings would be missing because the necessary source settings are absent. (See image below). This is why the HAAst installation guide and maintenance manual provide specific installation/upgrade instructions relating to FreePBX. Every year we have at least one customer that damages their FreePBX cluster because they did not follow the installation/maintenance guides.

    Similarly, updating a module might change table structure, and that’s why we say to disable any automatic updates in FreePBX. Most other configuration generators are smart enough to detect a configuration mismatch between versions/modules, but FreePBX does not and will probably break (dialplan failure) unless the two nodes are kept identical (in terms of modules enabled/installed/versions).

    FreePBX Synchronization

    Even if HAAst were to copy the metadata (table structure) as well, you would still have problems since the PHP code which makes up FreePBX will not understand the settings (if the code version doesn’t match the settings version). This may result in the PBX failing to process calls as the dialplan crashes, and/or failure to configure, and/or failing to complete an APPLY button push.

    To read more about how to properly setup your nodes with FreePBX see sections 3.6 and 10.1.5 of the Detailed Installation Guide, and sections 7 and 8 of the Maintenance and Operations Guide.

    If you have already corrupted your FreePBX setup and your cluster won’t process calls (due to dialplan fialure) see this forum post

    Avatar photoTelium Support Group
    Member
    Post count: 258

    HAAst is written entirely in C/C++, so it is highly efficient with a minimal footprint. Since HAAst runs on the same hardware platform as Asterisk, we cannot describe HAAst’s minimum requirements in absolute terms (since HAAst alone on a server makes no sense).

    However, if you have a properly sized server (for the target Asterisk volume), HAAst will consume:

    • Maximum 2% of available CPU
    • 400MB of memory (in use, not swapped)
    • 50MB of disk storage

    In case you meant from a hardware compatibility standpoint, HAAst can run with many different CPU’s and system boards/chipsets. Since HAAst communicates with the system board to determine health, check with our support team if you are using a non X86/X86_64 standard PC motherboard. As well, releases for non-X86/X86_64 CPU’s are targeted at specific processors for optimization/power management reasons, so please check with our support team for the specific CPU you are targeting.

    For more information see FAQ 1070

    Avatar photoTelium Support Group
    Member
    Post count: 258

    Since Red Hat 8 uses SystemD, the best way to delay HAAst start is with a service timer. Create the file haast.timer in the /etc/systemd/system directory with the following contents

    [Unit]
    Description=Delay HAAst start by 1 minute on bootup
    
    [Timer]
    OnBootSec=1min
    Unit=haast.service
    
    [Install]
    WantedBy=basic.target

    Then, enable the HAAst timer and disable the service:

    systemctl enable haast.timer
    systemctl disable haast.service

    And finally, in your haast.service file change the WantedBy line to read:

    [Install]
    WantedBy=haast.timer

    Next inform systemd of your changes:

    systemctl daemon-reload

    And your HAAst start will delay by 1 minute on bootup. You can adjust the delay as you need.

    Avatar photoTelium Support Group
    Member
    Post count: 258

    You don’t mention the version of FreePBX you are running but we can guess the cause; based on the timing of your message we are aware of a particular corrupt SIP packet attack which appeared in June 2020.

    Please upgrade your SecAst to version 1.7.1 and your system will no longer be vulnerable to this attack. If you want want to send us detailed Asterisk/SecAst/Firewall logs we can help you confirm the cause and the resolution. (Please send by email, don’t post in the forum)

    Avatar photoTelium Support Group
    Member
    Post count: 258
    in reply to: Qt_5 not defined #14335

    This error is the result of incompatibilities between the Qt library expected by SecAst, and the Qt library installed on your system (or possibly because you are missing the Qt library altogether). SecAst version 1.7.0 is built against Qt version 5.9.8, so that is the library version you should install (at this date).

    There is often a gap between the Qt version we use for a software release, and what is available across all Linux distributions / repos. (Each distribution / repo makes a slightly different version available). This problem should resolve itself once the repos catch caught up. Note that even version 5.9.8 is many releases behind the most current Qt version, so we are staying well away from leading edge.

    As of July 13 2020 the Qt library available from Ubuntu 18’s official repos is 5.9.5. If you are a customer with a SecAst maintenance agreement we can build a release for you using Qt library 5.9.5 (or whatever version you need) at no charge. If you are using the free edition you can either wait (for your repo to catch up), or install the Qt open source libraries from: http://www.qt.io/download-open-source as those will always offer the very latest libraries

    Avatar photoTelium Support Group
    Member
    Post count: 258

    Files with “debuglog” and “debuglog.tef” extensions contain diagnostic information to do with the operation of the services. (Eg: SecAst, HAAst, PBXsync, etc)

    Files with “debuglog” extension are plain text, and you can view them in any editor or from the command prompt using the ‘cat’ command.

    Files with “debuglog.tef” extension are binary files, (TEF stands for Telium Engineering Format). These files are read by our diagnostic tools to help diagnose a problem. You cannot view the contents of these files as you would require our engineering tools to do so.

    Avatar photoTelium Support Group
    Member
    Post count: 258

    Many configuration generators are trying to compete with one another on secondary features – covering everything from security, faxing, messaging, email, router, SBC, security, high availability, and more. Most users disable/ignore these add-ons as they can be poorly designed or integrated (the real strength of configuration generators is in managing the Asterisk configuration files). If you are planning to use their add-ons compare each carefully to stand alone products so you know what you are getting. (You may even find that a commercial module that you are buying is just a collection of open source packages).

    Next there are more sophisticated PBX’s which use Asterisk as the media engine/call processing engine but extend the functionality using a variety of other programs. PBX’s like Amtelco’s Genesis / ISS fall into this category. Telium is also pleased to work directly with manufacturers of more sophisticated PBX’s suchs as Amtelco Genesis / ISS to ensure full compatibility and deep product integration.

    And finally there are some ‘closed’ PBX’s which are Asterisk based, but according to their vendors they are not compatible with ANY add-ons (unless sold from that same manufacturer). In reality we have helped customers install HAAst/SecAst/and many other 3rd party products onto these systems. However, we don’t want to upset these vendors so we leave it up to the customer to determine if they can/want to reset the root password and install other products. (It’s your product, so you probably have a right to modify it as you see fit). But we don’t offer any assistance that might violate the DMCA in the USA, or similar laws in other countries. (e.g. you can find instructions on how to unlock/remove vendor protections on the internet, but we can’t give those instructions to you). Also if you are an authorized vendor of such closed systems read your reseller agreement carefully; your customer can do what he wants with the PBX but you might violate your reseller agreement if you unlock the box for them.

    HAAst tries to work well with every configuration generator. We are pleased to add support for new products/databases, but we also deprecate support for little used configuration generators / databases / features. If you are a large corporation or critical call center using Asterisk directly (no configuration generator) then HAAst can fully support you as well. You don’t need a configuration generator or add-on to use HAAst, SecAst, etc.

    So if you are designing a telephony solution we recommend:

    1. Pure asterisk (no configuration generator) if you are ok doing some basic diaplan coding
    2. If you need a configuration generator pick one that is fully open source (avoid anything with ‘distro’ in the name)
    3. Use flat-files to hold config information
    4. If you need a database (or your config generator needs a database) insist on MariaDB/MySQL

    If you need to stray from this advice be sure to understand the compromises you are making

    Avatar photoTelium Support Group
    Member
    Post count: 258

    The problem you are encountering has nothing to do with HAAst, and everything to do with the basics of networking. You have setup 2 NIC’s in each PC, but they are on the same subnet! That means that Linux has no idea where (out which NIC) to route traffic for your 192.168.1.0/24 subnet. You should not do this as it confuses Linux. This topic is part of what’s known as “multihoming”, and I would suggest you research this topic a bit further before you continue to setup your networks. As well, reread the HAAst installation guide – there’s a bit more information on this topic there. (This isn’t the first time we’ve seen this issue in the support group).

    By shutting down NIC1 on either PC you allow Linux to figure out how to properly route, but then your management NIC is gone so the cluster fails over.

    The solution (for 2 NIC’s per PBX) is to ensure that each NIC is on it’s own subnet. For example:

    Incorrect

    Correct

    For advanced users only: It is possible to use a single subnet for management and VoIP, and move a shared IP address between nodes. However, setup is beyond the scope of included technical support (i.e. not officially supported). If you an advanced user and want to experiment independently, you can learn more here.

    Avatar photoTelium Support Group
    Member
    Post count: 258

    I should start by saying that we don’t officially support this design because some of the steps involved are beyond the skill of an average administrator.

    If you are very comfortable with networking, iptables, and routing then the answer is YES this can be done. (But our support team cannot assist you further with this topic).

    Suppose you have

    • one NIC in each node
    • a single subnet 192.168.1.0/24 (i.e. 255.255.255.0 subnet) used by each NIC
    • Node A uses 192.168.1.1, and Node B uses 192.168.1.2

    and you wish to have HAAst add 192.168.1.3 to the active node (while leaving the management IP accessible). The steps to do so are:

    • Setup the OS to assign the static address 192.168.1.1 and 192.168.1.2 to their respective nodes
    • Setup haast.conf to enable the VoIP NIC feature, and tell HAAst to use 192.168.1.3 as the shared IP
    • Setup the HAAst pre-start event handler to add the following postrouting rules in the NAT chain to source-NAT all outgoing voice traffic (5060 + RTP ports) as the shared IP:
      iptables -A POSTROUTING -t nat -p udp –dport 5060 -j SNAT –to-source 192.168.1.3
      iptables -A POSTROUTING -t nat -p udp –dport 10000:32768 -j SNAT –to-source 192.168.1.3
    • Setup the HAAst post-stop event handler to remove the above rules.

    The end result will be that all voice related traffic will have their headers rewritten to show 192.168.1.3 instead of 192.168.1.1 (or 192.168.1.2). Depending on the VoIP protocols you use, TCP vs UDP selection, and other socket services you offer you may have to expand on or customize these rules. But the above should be sufficient to show how to accomplish what you want.

    Avatar photoTelium Support Group
    Member
    Post count: 258
    in reply to: Constant failover #6856

    If the Asterisk control file (wrapper) is exiting with code 3, that means Asterisk is taking too long to start. I recommend you disable the HAAst service and manually try to start the Asterisk service directly.

    I suspect you will see a long and slow (or errored) start of Asterisk. The systemd service file included with Asterisk is not ideal for cluster use and can cause slow startup. If you are using systemd please try the service file offered by Telium here:

    https://autocommander.aws2.ocg.ca/topic/cant-start-asterisk-exit-code-158/

    • This reply was modified 4 years, 11 months ago by WebMaster.
    Avatar photoTelium Support Group
    Member
    Post count: 258

    Note that Sangoma made a change to FreePBX in late-2019 (release 1904 or later) that could cause incomplete synchronization or other failure. We recommend that all customers using FreePBX with HAAst upgrade to HAAst version 2.5.9 or later to ensure critical issues are addressed. (Now even tables with invalid structures will sync)

    For further details of updates and fixes please see the ‘changelog’ file included with the distribution package.

    Avatar photoTelium Support Group
    Member
    Post count: 258

    Telium has certified hardware which allow users to plug USB dongles into a stand-alone device and connect to that device over the network. This allows USB dongles to be plugged into one device on the network and appear local to another device (physical computer/virtual machine/container).

    CoolGear USB-NET-4A USB over IP hub
    The USB-NET-4A is available directly from CoolGear here: https://www.coolgear.com/product/usb-2-0-over-ip-network-4-port-hub-share-any-usb-device-over-tcpip-network or from Telium. This device is suitable for small and simple networks, and provides a budget dongle over IP solution. This device supports up to 4 dongles.

    4 Port USB over IP adapter

    DongleServer from SEH Technology (** CURRENTLY UNDER REVIEW, NOT YET CERTIFIED **)
    The DongleServer Pro/Max is available from retailers and distributors worldwide. For more information visit https://www.seh-technology.com/products/usb-dongleserver.html. This device is suitable for up to 20 dongles (per DongleServer), and offers a greater number of management and control options.

    20 Port USB Dongle over IP adapter

    If any product is purchased from Telium then we include support for the device as described in FAQ 1075. If you chose to purchase the device elsewhere then we cannot answer any questions about the devices’ functionality, compatibility, drivers, etc. (Please direct those questions to your retailer of choice). If you would like Telium to support your device, including configuration, setup, connectivity to the guest, etc. when purchased elsewhere then you would have to purchase support from Telium as described in the above FAQ. Please ensure your design considers compatibility between all software/firmware/hardware in your project as Telium is not responsible for third party devices or vendors.

    • This reply was modified 4 years, 11 months ago by WebMaster.
    • This reply was modified 4 years, 11 months ago by WebMaster.
    • This reply was modified 4 years, 11 months ago by WebMaster.
    Avatar photoTelium Support Group
    Member
    Post count: 258

    The Free Edition is more for testing compatibility and basic functionality. It’s also (surprisingly) popular with small office / home office installations. It’s not meant to be a platform for capacity testing / full load testing.

    We do offer a full-featured trial (Commercial Unlimited edition) for larger installations, see our FAQ at https://autocommander.aws2.ocg.ca/faq1001 for more details.

    UPDATE: As of August 2020 we now off subscriptions (monthly or annual) which might need your needs. It can be cheaper if you just want a quick trial but don’t plan to buy. (If you plan to buy then the trial edition may be cheaper)

    If you want to contact sales@autocommander.aws2.ocg.ca they can help you get started with a full-featured trial.

    • This reply was modified 4 years, 10 months ago by WebMaster.
    Avatar photoTelium Support Group
    Member
    Post count: 258

    Once RedHat 8 was released we stopped building releases for RedHat 6 (and the same applies to CentOS). Similarly once Ubuntu 19 was released we stopped building for Ubuntu 13.

    We have to build for 16 different Linux version-distro-architecture combinations, and supporting old operating systems is becoming very expensive. We continue to support the older releases of SecAst but we aren’t creating new releases for old platforms.

    Avatar photoTelium Support Group
    Member
    Post count: 258

    The Free Edition of SecAst will monitor systems with up to, and including, 3 simultaneous calls. The Free Edition is not designed to handle larger systems (and that’s also what causes the license violation & shutdown). For larger systems you would have to upgrade to the Flex Edition, or Unlimited Edition.

    If you look at the Editions tab of the SecAst web page, you will see the differences in limitations. As well the notes on the right explain further.

    We remove features and capacity from the lower editions (including Free Edition) to create lower price points.

Viewing 15 posts - 16 through 30 (of 254 total)