Today was a very productive day. For those who don't know, I have coded a DNS plugin that works with PowerDNS that allows FusionPBX (and FreeSWITCH of course) to run in load balanced mode. This will allow in a PBX network to have many servers across the globe and your customers will connect to them depending on some network metrics. I should say that this approach doesn't need any SIP proxy servers in front of VoIP the servers (many people use Kamailio for this). The magic happens in the VoIP servers. They know where to bridge the call and all the logic happens within the FreeSWITCH, which it is very cool if you ask me.
The big difference about my software against others is that the network decision is based on the actual network metrics (traceroutes, pings) and not just a geolocalization like most part of load balancing services such as Amazon WS DNS service.
The new release I am working on is the 1.2.3. Among the bug fixing I have been doing, it has NAPTR record support. Some IP phones such as Polycom needs NAPTR records in order to know what SRV records it should use.
Another cool capability that was requested from a customer of mine is the ability to do server groups. Grouping is very useful, for example, all servers in the same datacenter should belong to the same group. With this, all metrics shouldn't be done as metric for server A would be almost the same for server B if they are in the same location. This was though to get around of data centers that have blocked the traffic, such as Azure where you can not do traceroutes or pings.
If you want to read more about this plugin, you can visit the official PowerDNS Add-on page for High Availability and Load Balancing page.
This is new to me. Since CentOS 7.3, there have been some security changes. Among those changes, it is the use of the PrivateTmp flag in many services, and of course, Apache is one of them. For those who are more curious about what this flag means, here it is the manual text:
Takes a boolean argument. If true, sets up a new file system namespace for the executed processes and mounts private /tmp and /var/tmp directories inside it that is not shared by processes outside of the namespace. This is useful to secure access to temporary files of the process, but makes sharing between processes via /tmp or /var/tmp impossible. If this is enabled, all temporary files created by a service in these directories will be removed after the service is stopped. Defaults to false. It is possible to run two or more units within the same private /tmp and /var/tmp namespace by using the JoinsNamespaceOf= directive, see systemd.unit(5) for details. Note that using this setting will disconnect propagation of mounts from the service to the host (propagation in the opposite direction continues to work). This means that this setting may not be used for services which shall be able to install mount points in the main mount namespace.
I am going to explain an Issue I had with one of my customer's PBX.
In the VoIP world, many companies have started to offer you what they call hybrid PBX systems. In general terms, a hybrid system is one that uses VoIP and PSTN (traditional telephony) at the same times. The strategy is not always important, some will suggest a fallback strategy others will suggest a least cost route strategy. Whatever the strategy is, it is just dial-plan configuration.
I will talk how a customer with a little of my assistance was able to configure his ATA Cisco/SPA8800-6.1.7(GW) to be able to route calls through the PSTN network without acquiring those very expensive and not less difficult to configure SFO'es. I won't talk about how to configure the ATA, in this specific case he must wait 1 second, then dial the number and it must end with a # for at least 150 ms. Note that this is a very specific configuration of this particular ATA, you should read the manual to know how to configure your PSTN dial-out sequence in your own device.
When you live in multi-lingual countries such as Canada, there are some laws that enforce multiple language support. Therefore, it is very common you have in the same tenant people who prefers one language over the other. Well, you are not alone, this is not the first time I get asked about this.
Last week, one of my very best customers asked me to do a dial plan that forwards an incoming call to an external server. So far, that can be done with a bridge statement pointing to sofia/internal/xxxx@server. But it was more complex as it seemed. The system administrator of the remote server claimed that no calls were arriving.
I did put a sniffer with tcpdump and found the SIPI INVITE signal as follows:
23:01:05.856957 IP (tos 0x0, ttl 64, id 8448, offset 0, flags [none], proto UDP (17), length 1541)
999.999.999.999.sip > 888.888.888.888.sip: SIP, length: 1513
Via: SIP/2.0/UDP 999.999.999.999;rport;branch=
CSeq: 102235968 INVITE
Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE, REGISTER, REFER, NOTIFY, PUBLISH, SUBSCRIBE
Supported: timer, path, replaces
Allow-Events: talk, hold, conference, presence, as-feature-event, dialog, line-seize, call-info, sla, include-session-description, presence.winfo, message-summary, refer
o=FreeSWITCH 1485122965 1485122966 IN IP4 999.999.999.999
c=IN IP4 999.999.999.999
m=audio 21100 RTP/AVP 0 102 103 9 8 3 101 13
So far so good this seemed pretty wel. However, after some retries, I found this:
23:01:11.683409 IP (tos 0x0, ttl 54, id 29990, offset 0, flags [none], proto ICMP (1), length 576)
888.888.888.888 > 999.999.999.999: ICMP ip reassembly time exceeded, length 556
IP (tos 0x0, ttl 54, id 8445, offset 0, flags [+], proto UDP (17), length 1500)
You do not need to be very smart to realize that this issue is related to IP fragmentation. As I didn't have access to the remote server or any kind of communication, I decided to do the minimizing approach.