Thanks Michael yes that's my plan ☺
Regards
Michael Knill
From: Michael Keuter <li...@mksolutions.info>
Reply-To: AstLinux List <astlinux-users@lists.sourceforge.net>
Date: Friday, 9 February 2018 at 8:56 am
To: AstLinux List <astlinux-users@lists.sourceforge.net>
Subject: Re: [Astlinux-users] Network connectivity and DNS issues
Am 08.02.2018 um 22:04 schrieb Michael Knill
<michael.kn...@ipcsolutions.com.au<mailto:michael.kn...@ipcsolutions.com.au>>:
Thanks Lonnie
I will give Monit a try and let you know how I go.
I will only turn on for some sites.
Regards
Michael Knill
Hi Michael,
in Monit you can run your own programs/scripts and then react on the
return/exit value of that program. E.g.
----
check program CPU-0_Temp with path "/mnt/kd/bin/monit/sensors_temp.sh 'Core 0'"
if status > 70 then alert
----
On 9/2/18, 2:49 am, "Lonnie Abelbeck"
<li...@lonnie.abelbeck.com<mailto:li...@lonnie.abelbeck.com>> wrote:
Michael,
So my questions are:
1) What frequency of registrations or SIP OPTIONS are actually required to keep
the firewall translation is place
Depends on the network hardware in the path and the shortest firewall UDP TTL
setting, AstLinux defaults to a 180 second UDP TTL for
netfilter.ip_conntrack_udp_timeout_stream states.
By default, in sip.conf, qualifyfreq=60 which sends SIP OPTIONS every 60
seconds. This should work for most situations.
But, it seems in your situation the transient case with network issues can
cause problems. Possibly setting qualify to something large like 64000 ms,
qualify=64000 would enable the qualify feature but would not normally fail.
Possibly mixed with qualifyfreq=30 . Warning, I have never tested or tried
this.
2) Would it be feasible for Monit to check 'sip show peers' that if a trunk
peer has a Host IP Address but is a Status of UNKNOWN then do a 'module reload
chan_sip.so' and report it?
Personally I don't use Monit, but in theory it may be possible.
Lonnie
On Feb 8, 2018, at 12:54 AM, Michael Knill
<michael.kn...@ipcsolutions.com.au<mailto:michael.kn...@ipcsolutions.com.au>>
wrote:
Sorry all I am dredging up this thread again. Thanks Lonnie for the info below.
Although my main provider uses an IP Address based trunk which makes this
problem go away, I have some providers that require registration via a DNS name.
I have now activated dnsmgr which is good in that it will update the IP Address
on the peer so it can reregister, HOWEVER the OPTIONS pings will not start up
again if down after a reboot.
I can turn off SIP OPTIONS (qualify=no) and put in a specific firewall rule I
suppose but I would still rather have qualify=yes
So my questions are:
1) What frequency of registrations or SIP OPTIONS are actually required to keep
the firewall translation is place
2) Would it be feasible for Monit to check 'sip show peers' that if a trunk
peer has a Host IP Address but is a Status of UNKNOWN then do a 'module reload
chan_sip.so' and report it?
Thanks all.
Regards
Michael Knill
On 13/1/18, 6:38 am, "Michael Knill"
<michael.kn...@ipcsolutions.com.au<mailto:michael.kn...@ipcsolutions.com.au>>
wrote:
Thanks Lonnie
I have confirmed with my main provider that their IP Address will likely never
change to I will be putting the IP Address in sip.conf so I don't even need to
set a static host.
I do like to know the reachability of my trunks so I will keep the OPTIONS
pings going.
Thanks so much again for your help.
Regards
Michael Knill
On 13/1/18, 2:42 am, "Lonnie Abelbeck"
<li...@lonnie.abelbeck.com<mailto:li...@lonnie.abelbeck.com>> wrote:
Hi Michael,
The easiest way to always make sure a DNS name resolves is to define
static IP addresses in:
Network tab -> Network Services: -> DNS Forwarder & DHCP Server: {
Configure DNS Hosts }
There you can statically define DNS host names without requiring any
changes to your Asterisk configuration. Of course if your SIP provider makes
changes you will have to reconfigure the DNS IP's like a bunny.
Another approach, or in tandem, is to not depend on OPTIONS pings
(qualify=yes) to keep firewall ports open, instead (qualify=no) use very
specific (secure) firewall rules for inbound SIP calls.
To be clear, it is not recommended to do either of the above as a general
practice, but you do what you have to do.
Lonnie
On Jan 11, 2018, at 10:50 PM, Michael Knill
<michael.kn...@ipcsolutions.com.au<mailto:michael.kn...@ipcsolutions.com.au>>
wrote:
Hi Group
I have started a new thread although this is a continuation of my intermittent
issues with sip trunks not coming back after a network outage.
After some testing in the lab I have realised that most of these problems are
related to DNS resolution.
Basically I am using sip domain names for all my providers so DNS resolution is
necessary. What I have found is that if for some reason DNS resolution is not
possible (e.g. network is down), if the system is rebooted or Asterisk loses
the resolved address, it no longer sends the OPTIONS pings as it cant find the
address obviously.
Yes that makes sense however the problem arises when the network is restored,
Asterisk is completely unaware and therefore makes no attempt in resolving the
address.
I believe this is what is causing my intermittent issues which is easily
resolved by doing an Asterisk Reload when network connectivity is restored. I
have also enabled the Asterisk dnsmgr which does not fix the problem. I suspect
that if it couldn't initially resolve it then it gives up totally.
So what is the fix. Here are some of my options:
• Don't use DNS but just use the IP Address instead. This will most certainly
resolve the issue but is it the best way? Something in the Hosts file maybe?
• Perform sip monitoring using the SIP Monitor script or Monit. If the SIP URL
is resolvable but the status is UNKNOWN then issue a module reload of chan_sip
• Something else
PS the SIP Monitor does not seem to work for me. It only sends me an email when
the system is rebooted.
Thanks all.
Regards
Michael Knill
Michael
http://www.mksolutions.info
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
pay...@krisk.org.