Hi Guys,
I will try and find some time to play around with this. Failover with
Astlinux has been a pain point for us since we have pfSense on our edge and
there is NAT involved. At the sites we have secondary connections we end up
needing to change sip.conf and reload asterisk.
We utilize some Verizon GX440s for some of the secondary connections and we
have a couple extras around. I will try plugging one directly into AstLinux
for testing. The issue we run into with Verizon this that they don't offer
public addresses.
--
Ryan Bantz
MRB Networks
P: 952-856-6245
F: 888-292-3266
E: ryanba...@mrbnetworks.com
On Wed, Nov 12, 2014 at 3:17 PM, Michael Knill <
michael.kn...@ipcsolutions.com.au> wrote:
> Yes OpenDNS or Dyn Internet Guide activated on the Backup link can be
> fairly granular.
>
> Regards
> Michael Knill
>
>
>
>
> On 13 Nov 2014, at 4:43 am, Michael Keuter <li...@mksolutions.info> wrote:
>
>
> Am 12.11.2014 um 18:31 schrieb Lonnie Abelbeck <li...@lonnie.abelbeck.com
> >:
>
> > Hi David,
> >
> > Yes, I think we have the flexibility to do something along the lines you
> want using /mnt/kd/wan-failover.script .
> >
> > The first step is to keep things working smoothly after a switch to the
> secondary WAN link, depending on any different NAT situations between the
> primary and secondary WAN links, that will take some testing, and may not
> be as 'clean' as you would hope other than maintaining two separate
> sip.conf files and swapping them and restarting asterisk on the switch.
> >
> > Lasting blocking data hogs, is not so easy. The Pepwave Surf OTG has a
> data quote feature (again from the data sheet) to stop forwarding data when
> the quota is exceeded.
> >
> > There is a status log file: /var/log/wan-failover-status.log
> > which contains the line
> > --
> > WAN Link: PRIMARY
> > -- or --
> > WAN Link: SECONDARY
> > --
> > if you were adding any custom firewall rules. But blocking the high
> bandwidth connections is difficult unless you know the IP address.
> >
> > Lonnie
>
> Maybe this could be done with DNS by swapping the "/etc/hosts" file (where
> e.g. youtube.com is blocked). Or with our tinyproxy package …
>
> > On Nov 12, 2014, at 10:41 AM, David Kerr <da...@kerr.net> wrote:
> >
> >> This feels like a useful and helpful feature. As I have thought about
> this in the past one of the issues that concerned me is how to throttle
> traffic when in failover mode. One could very quickly run through 3G/4G
> wireless quota if I just let internet traffic run as usual and start
> incurring $$$'s per MB. For example I have a NAS with an offsite backup
> daemon running... uploads to CrashPlan servers. While on backup I can live
> without offsite backup sync. Similarly I would want to consider blocking
> YouTube, Netflix or other video sites. Basically anything that would be a
> large data hog, but still leave general web browsing, VoIP, email
> retrieval, etc working.
> >>
> >> So, any thoughts about how best to do this? Presumably some sort of
> script that would run before/after failover that could add specific rules
> to the firewall to block certain traffic either by source or destination
> (or type? -- can a firewall tell "video" from something else?).
> >>
> >> Thanks
> >> David
> >>
> >> On Wed, Nov 12, 2014 at 11:10 AM, Lonnie Abelbeck <
> li...@lonnie.abelbeck.com> wrote:
> >> Resurrecting Michael's post...
> >>
> >> The next release of AstLinux 1.2.1 will have a web interface
> configurable "WAN Failover" functionality...
> >>
> >> WAN Failover
> >> http://doc.astlinux.org/userdoc:tt_wan_failover
> >>
> >> (Much thanks to Michael Keuter)
> >>
> >> All of the EXT2* rc.conf variables are now supported in the web
> interface.
> >>
> >> This seemingly simple feature, is not, to get all the edge conditions
> covered.
> >>
> >> Anyone interested in this feature is encouraged to to build from the
> SVN or use http://build.astlinux.org to get the latest SVN builds.
> >>
> >> I personally have tested this (somewhat old) WiFi-client, Netgear
> WNCE2001 N300
> >>
> http://www.amazon.com/NETGEAR-Universal-Ethernet-Adapter-WNCE2001/dp/B003KPBRRW/
> >>
> >> as the Failover Interface and WiFi connected to my iPad w/LTE and
> Personal Hotspot enabled.
> >>
> >> I also have ordered a gizmo (for $99 USD)...
> >>
> >> Pepwave Surf On-The-Go (SUS-AGN1)
> >> http://www.peplink.com/products/pepwave-surf-on-the-go/
> >>
> >> that should arrive today, but seems it could be configured ethernet ->
> to either an iPad w/LTE or a USB data modem from your wireless provider.
> >>
> >> If course a dedicated wired Failover WAN link would also work.
> >>
> >> Lonnie
> >>
> >>
> >> On Jun 16, 2014, at 9:42 PM, Michael Knill <
> michael.kn...@ipcsolutions.com.au> wrote:
> >>
> >>> Hi group
> >>>
> >>> I am looking at setting up a backup 4G/LTE connection for a customer
> (and provide it as a product offering) and just wondering the best way to
> provide it in Astlinux.
> >>> The 4G router can support bridge mode so ideally I would like to have
> dual PPPoE connections but I don’t think this is easily done in Astlinux? I
> am happy (and would prefer) to manually switch the routing over to a backup
> connection.
> >>>
> >>> Currently Astlinux’s EXT2IF requires a static address which would mean
> double NAT for me (I assume) as I would need to route rather than bridge on
> both firewall external interfaces. Should this be a problem? Could I
> disable NAT but do IP Tables on Astlinux and do NAT on a router? If I have
> a good enough router (who can you trust?), I could just turn off the
> Astlinux firewall and make it a telephony server and router only?
> >>>
> >>> I was thinking that worst case, I could put the 4G router on the DMZ
> or internal network and just change the default route on Astlinux to point
> to it on failover.
> >>>
> >>> Any ideas?
> >>>
> >>> Regards
> >>> Michael Knill
>
>
> Michael
>
> http://www.mksolutions.info
>
>
>
>
>
>
> ------------------------------------------------------------------------------
> Comprehensive Server Monitoring with Site24x7.
> Monitor 10 servers for $9/Month.
> Get alerted through email, SMS, voice calls or mobile push notifications.
> Take corrective actions from your mobile device.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk
> _______________________________________________
> Astlinux-users mailing list
> Astlinux-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to
> pay...@krisk.org.
>
>
>
> ------------------------------------------------------------------------------
> Comprehensive Server Monitoring with Site24x7.
> Monitor 10 servers for $9/Month.
> Get alerted through email, SMS, voice calls or mobile push notifications.
> Take corrective actions from your mobile device.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk
> _______________________________________________
> Astlinux-users mailing list
> Astlinux-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to
> pay...@krisk.org.
>
------------------------------------------------------------------------------
Comprehensive Server Monitoring with Site24x7.
Monitor 10 servers for $9/Month.
Get alerted through email, SMS, voice calls or mobile push notifications.
Take corrective actions from your mobile device.
http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk
_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
pay...@krisk.org.
