Archive

Archive for the ‘VoIP’ Category

IPCOP traffic shaping for simple, effective qos

August 4, 2009 Leave a comment

Using the default traffic shaper works really well for simple qos needs. Set your defined rtp ports (e.g. udp 3000 and 3001) and udp 5060 and udp 4569 as high priority. Add any offending traffic (e.g. gotomeeting at udp 8200) as low or medium. Takes about 5 minutes and works like a charm!

Advertisements
Categories: Asterisk, ipcop, networking, VoIP

1:1 NAT (SNAT) with IPCop or other IPTables firewalls.

November 27, 2007 Leave a comment

This could be needed for any number of reasons, but I needed to do this to have two trixbox Pro servers live next to each other on the same LAN behind an IPCop firewall. They were reporting back the same IP address to the hybrid hosting source, so inbound connections to both were routing to the one server. Normally this is remedied manually by changing the externip in sip.conf, but that is set automatically with trixbox pro, and not an option.

You need to log into the firewall at the console or via ssh. You need to comment out one line to disable masquerading, and add a few more in its place:

nano /etc/rc.d/rc.firewall

#Individual machine on GREEN
/sbin/iptables -t nat -A POSTROUTING -s 10.0.1.99 -j SNAT --to-source 1.2.3.5
#all other machines on GREEN
/sbin/iptables -t nat -A POSTROUTING -s 10.0.1.0/24 -j SNAT --to-source 1.2.3.4
#all other machines on ORANGE
/sbin/iptables -t nat -A POSTROUTING -s 10.0.2.0/24 -j SNAT --to-source 1.2.3.4
#DISABLE MASQUERADE
# /sbin/iptables -t nat -A REDNAT -o $IFACE -j MASQUERADE

TFTP through IPCOP or other iptables firewalls

November 25, 2007 1 comment

TFTP uses UDP packets. The client connects from a random port to port 69, then the server connects back to the original port. This does not survive NAT (network address translation), possibly not on either end. trixbox pro and many other phone systems use TFTP for provisioning phones, so this is a problem for remote phones. Here is a fix that allows tftp traffic through an iptables based firewall (IPCop in this example).

You will need to enable ssh on the firewall and connect a session. IPCop uses non-standard port 222, and can usually only be connected to from the internal (green) network.

nano /etc/rc.d/rc.network

add these two lines:
modprobe ip_conntrack_tftp
modprobe ip_nat_tftp

Save and exit.

For immediate effect, repeat the two lines at the command prompt, or reboot the firewall. I had to repeat this on both firewalls, as IPCop firewalls were on both ends.

If using trixbox pro, you also need to make a few minor changes to the configuration files for the phones in order for the phone to try the correct server. Change the sNNNN.trixbox.fonality.com settings to sNNNNx.trixbox.fonality.com where NNNN is your server number. I modified the file itself. Fonality recommends modifying the phone config on the phone once it is initially configured.

Phone headset adapter for Grandstream Phones

About my only problem with the Grandstream BT-101 IP phone (other than the dreadful speaker phone) is the odd sized port for the headset. After looking pretty hard for an affordable adapter solution I finally find one at the local Radio Shack. It works just fine for $3.99.

Part # 274-0397

Categories: Asterisk, VoIP

gnudialer

January 31, 2007 Leave a comment

At SSG we’ve recently implemented their first outbound call center. It is based on Gnudialer, an asterisk based outbound dialing system. Gnudialer is a little tricky to set up initially, but works very well, and the developers are quite helpful via their irc channel. The trick is to read all the readme files, and read them again.
The system runs on flat mySQL tables, which makes it pretty easy to report on. It also includes a rudimentary crm that does the trick. You can customize the script the agents see, including updatable data from the crm.

The initial trial was successful, and they will be ramping up to 60 agents within the next few months.

Categories: Asterisk, Clients, VoIP

Automatic Asterisk startup on Debian

October 20, 2006 1 comment

Getting asterisk to start properly on Debian is pretty simple. I had a hard time with various methods described elsewhere, though.
In a terminal session:
sudo nano /etc/rc.local
# add the following BEFORE the last line (exit 0):

mkdir /var/run/asterisk
chown asterisk:asterisk /var/run/asterisk
/usr/sbin/amportal start

Exact configuration details: Ubuntu 6.06 (kernel 2.6.15-26-server) within VMWare server on Xeon hardware. Asterisk 1.2.9.1 Freepbx 2.1.3

Categories: Asterisk, DIY, Software, ubuntu, VoIP

Polycom phones and NAT

October 11, 2006 1 comment

I have seen complaints that Polycom SoundPoint IP phones do not work well with NAT. The problem is the port used for RTP gets closed on the firewall after a while and the phone doesn’t know about it. Then calls go through, but the user gets dead air. A relatively harmless workaround is to have the phone re-register every 30 seconds. Then the port refreshes at an interval low enough that the firewall never closes it.

I found a reference to a very simple fix and have had success with it: Simply edit the .cfg file for the phone (assuming the phone is getting its settings from TFTP or FTP) and change the following value: reg.1.server.1.expires=”” to reg.1.server.1.expires=”30″

If you have other configured lines, then you’ll also need to change reg.2.server.1.expires, reg.3.server.1.expires, etc.

I’ve also had problems with the RTP ports being used falling outside of the range specified on the firewall’s port mapping, which caused the same symptoms. The phone started at port 16844. I just just adjusted the firewall, but there are also settings on the phone to force the RTP port or port range used.

This worked for a Polycom 501, but should be the same for any of the SoundPoint IP models: 300, 301, 500, 501, 600, 601.

Categories: Asterisk, networking, VoIP