Menu
▾
▴
astlinux-users — AstLinux Users Mailing List
You can subscribe to this list here.
| 2006 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(1) |
Jul
(1) |
Aug
|
Sep
|
Oct
(2) |
Nov
(1) |
Dec
(20) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2007 |
Jan
(91) |
Feb
(111) |
Mar
(226) |
Apr
(65) |
May
(197) |
Jun
(202) |
Jul
(92) |
Aug
(87) |
Sep
(120) |
Oct
(133) |
Nov
(89) |
Dec
(155) |
| 2008 |
Jan
(251) |
Feb
(136) |
Mar
(174) |
Apr
(149) |
May
(56) |
Jun
(32) |
Jul
(36) |
Aug
(171) |
Sep
(245) |
Oct
(244) |
Nov
(218) |
Dec
(272) |
| 2009 |
Jan
(113) |
Feb
(119) |
Mar
(192) |
Apr
(117) |
May
(93) |
Jun
(46) |
Jul
(80) |
Aug
(54) |
Sep
(109) |
Oct
(70) |
Nov
(145) |
Dec
(110) |
| 2010 |
Jan
(137) |
Feb
(87) |
Mar
(45) |
Apr
(157) |
May
(58) |
Jun
(99) |
Jul
(188) |
Aug
(136) |
Sep
(101) |
Oct
(100) |
Nov
(61) |
Dec
(60) |
| 2011 |
Jan
(84) |
Feb
(43) |
Mar
(70) |
Apr
(17) |
May
(69) |
Jun
(28) |
Jul
(43) |
Aug
(21) |
Sep
(151) |
Oct
(120) |
Nov
(84) |
Dec
(101) |
| 2012 |
Jan
(119) |
Feb
(82) |
Mar
(70) |
Apr
(115) |
May
(66) |
Jun
(131) |
Jul
(70) |
Aug
(65) |
Sep
(66) |
Oct
(86) |
Nov
(197) |
Dec
(81) |
| 2013 |
Jan
(65) |
Feb
(48) |
Mar
(32) |
Apr
(68) |
May
(98) |
Jun
(59) |
Jul
(41) |
Aug
(52) |
Sep
(42) |
Oct
(37) |
Nov
(10) |
Dec
(27) |
| 2014 |
Jan
(61) |
Feb
(34) |
Mar
(30) |
Apr
(52) |
May
(45) |
Jun
(40) |
Jul
(28) |
Aug
(9) |
Sep
(39) |
Oct
(69) |
Nov
(55) |
Dec
(19) |
| 2015 |
Jan
(13) |
Feb
(21) |
Mar
(5) |
Apr
(14) |
May
(30) |
Jun
(51) |
Jul
(31) |
Aug
(12) |
Sep
(29) |
Oct
(15) |
Nov
(24) |
Dec
(16) |
| 2016 |
Jan
(62) |
Feb
(76) |
Mar
(30) |
Apr
(43) |
May
(46) |
Jun
(62) |
Jul
(21) |
Aug
(49) |
Sep
(67) |
Oct
(27) |
Nov
(26) |
Dec
(38) |
| 2017 |
Jan
(7) |
Feb
(12) |
Mar
(69) |
Apr
(59) |
May
(54) |
Jun
(40) |
Jul
(76) |
Aug
(82) |
Sep
(92) |
Oct
(51) |
Nov
(32) |
Dec
(30) |
| 2018 |
Jan
(22) |
Feb
(25) |
Mar
(34) |
Apr
(35) |
May
(37) |
Jun
(21) |
Jul
(69) |
Aug
(55) |
Sep
(17) |
Oct
(67) |
Nov
(9) |
Dec
(5) |
| 2019 |
Jan
(19) |
Feb
(12) |
Mar
(15) |
Apr
(19) |
May
|
Jun
(27) |
Jul
(27) |
Aug
(25) |
Sep
(25) |
Oct
(27) |
Nov
(10) |
Dec
(14) |
| 2020 |
Jan
(22) |
Feb
(20) |
Mar
(36) |
Apr
(40) |
May
(52) |
Jun
(35) |
Jul
(21) |
Aug
(32) |
Sep
(71) |
Oct
(27) |
Nov
(11) |
Dec
(16) |
| 2021 |
Jan
(16) |
Feb
(21) |
Mar
(21) |
Apr
(27) |
May
(17) |
Jun
|
Jul
(2) |
Aug
(22) |
Sep
(23) |
Oct
(7) |
Nov
(11) |
Dec
(28) |
| 2022 |
Jan
(23) |
Feb
(18) |
Mar
(9) |
Apr
(15) |
May
(15) |
Jun
(7) |
Jul
(8) |
Aug
(15) |
Sep
(1) |
Oct
|
Nov
(11) |
Dec
(10) |
| 2023 |
Jan
(14) |
Feb
(10) |
Mar
(11) |
Apr
(13) |
May
(2) |
Jun
(30) |
Jul
(1) |
Aug
(15) |
Sep
(13) |
Oct
(3) |
Nov
(25) |
Dec
(5) |
| 2024 |
Jan
(3) |
Feb
(10) |
Mar
(9) |
Apr
|
May
(1) |
Jun
(15) |
Jul
(7) |
Aug
(10) |
Sep
(3) |
Oct
(8) |
Nov
(6) |
Dec
(15) |
| 2025 |
Jan
(3) |
Feb
(1) |
Mar
(7) |
Apr
(5) |
May
(13) |
Jun
(16) |
Jul
(1) |
Aug
(6) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Cody A. <ald...@gm...> - 2018-07-12 04:11:52
|
Lonnie, Everything I have been reading indicates to use the full address, but I tried it without as you indicates. Note that I saved the settings and rebooted. Still same message when attempting to test the SMTP relay. Maybe Gmail has changed something other than need to turn on allow access to less secure apps? I'll try another email server in the morning. So far nothing is working to get it functional again. Thanks all for your help. Cody On Wed, Jul 11, 2018 at 7:37 AM, Lonnie Abelbeck <li...@lo...> wrote: > > > On Jul 11, 2018, at 3:28 AM, Michael Keuter <li...@mk...> > wrote: > > > > > >> Am 11.07.2018 um 07:14 schrieb Cody Alderson <ald...@gm...>: > >> > >> Hi, > >> > >> I changed my Gmail password and updated it using the Network tab and > Outbound SMTP Mail Relay in Astlinux. I did not change anything else in > Astlinux except the updating to the correct password, saving the settings > and rebooting. > >> > >> These are my settings. For purposes of this email, I put "nothing > entered in this field" where the field is blank, and I only explain what is > in the username/password fields for security reasons. > >> > >> SMTP Server: smtp.gmail.com > >> SMTP Domain: nothing entered in this field > >> SMTP Authentication: login > >> SMTP Port: 465 > >> SMTP Encryption: SSL/SMTP – Ignore Cert > >> SMTP Cert File: nothing entered in this field > >> SMTP Username: my full gmail email address > >> SMTP Password: my password > >> > >> When I press Test SMTP Mail Relay and then Send Test Email, I get > "invalid email address." > >> > >> Any suggestions as to the cause? Could it have anything to do with > Gmail's "access to less secure apps" setting? > >> > >> Thank you, > >> > >> Cody > > > > Hi Cody, > > > > try using in your user.conf: > > > > SMTP_FROM="your-gmail-address" > > > > also: > > SMTP Domain: gmail.com > > > > You could also try TLS on port 587 (and check the cert). > > Yes, I guess the "access to less secure apps" setting may need to be > enabled. > > > > https://www.lifewire.com/what-are-the-gmail-smtp-settings-1170854 > > > > Michael > > Here is another reference, look for "Gmail SMTP server" > https://support.google.com/a/answer/176600?hl=en > > My hunch is for "SMTP Username" you are using your full fo...@gm... > address, but it only wants "foobar" > > Lonnie > |
|
From: Lonnie A. <li...@lo...> - 2018-07-11 12:16:16
|
Hi Michael, > Im just wondering whether there was any advantage in forcing the VPN to be across the 4G connection all the time? I started out with the WireGuard (WG) VPN over 4G connection all the time ... the LTE IP address was less dynamic, usually stayed with the same address, and if your LTE was iffy you could monitor the WG VPN and report if it was down. If using "Bridge Mode" on the LTE modem this method offers a stable DHCP client address. But, I now (David Kerr and I discussed this) dynamically switch the WG VPN from using the PRIMARY (default, wired) route to the SECONDARY route. One advantage here is my SECONDARY endpoint (Linode KVM) can be reached over a wired path when not on failover so it does not count on my LTE bill. This is what I use: -- /mnt/kd/wan-failover.script snippet -- SECONDARY) ## Switched to Failover using secondary WAN link ip route add "$linode_ip" dev $EXT2IF fping -q -t 1000 "$secondary_gw" asterisk -rx "sip reload" >/dev/null ;; PRIMARY) ## Switched back to normal using primary WAN link ip route del "$linode_ip" dev $EXT2IF fping -q -t 1000 "$secondary_gw" asterisk -rx "sip reload" >/dev/null ;; -- Note, this requires a static "$linode_ip" which is what I have. I also have my LB1121 LTE modem set to router mode, using the WireGuard VPN it does not care if there is one or many levels of NAT involved. I have been very pleased with this LTE failover solution, and the base cost is $11 per month (no failover data) including the cost of the Linode KVM instance, which I expect I will use for other things as well. Running AstLinux on Linode is quite cool. Lonnie > On Jul 11, 2018, at 5:08 AM, Michael Knill <mic...@ip...> wrote: > > Hi Lonnie > > Im just wondering whether there was any advantage in forcing the VPN to be across the 4G connection all the time? > I set it up so it uses the Primary WAN under normal circumstances and it then re-establishes when it fails over to the 4G connection. It takes about a second or less to re-establish! > > Pretty cool setup actually. Im looking forward to testing it out in production. > > Regards > Michael Knill > > On 6/6/18, 2:03 am, "Lonnie Abelbeck" <li...@lo...> wrote: > > I have now more completely tested my WAN Failover using 4G/LTE over WireGuard ...and now works perfectly with Asterisk with a configuration change. > > My 4G/LTE over WireGuard tunnel endpoint is with AstLinux on a Linode KVM (as documented previously). The AstLinux on the Linode KVM instance is not running Asterisk. > > Previously my local Asterisk was configured with nat=no and since I have a static IPv4 address my SIP provider has an option to authenticate using the static address (no registration). If I added the static IPv4 of my Linode KVM instance it mostly worked for outbound calls during failover but would require failover call configuration at the SIP provided end to handle inbound calls. > > Instead, I switched my SIP provider configuration to require registration and removed my static IPv4 authentication. In order to force a quick registration update on the switch I use the wan-failover.script to reload sip: > > -- /mnt/kd/wan-failover.script snippet -- > SECONDARY) > ## Switched to Failover using secondary WAN link > asterisk -rx "sip reload" >/dev/null > ;; > > PRIMARY) > ## Switched back to normal using primary WAN link > asterisk -rx "sip reload" >/dev/null > ;; > -- > > Almost there, but when failover occurs the registration is NAT'ed at the AstLinux on Linode KVM end, so for my SIP provider all it took was to configure my SIP account to support NAT. Even though my Asterisk is still configured with nat=no, the registration via the failover tunnel now works. > > Inbound and outbound SIP calls work perfectly over the 4G/LTE failover. > > Most interestingly, the calls keep working during the failover switch and back again ... I was not expecting that, and I am still scratching my head over that. The active calls do not miss a beat as I see data over my 4G/LTE and then no data over 4G/LTE, the call continues perfectly. I even have directmedia=no in my provider peer's sip.conf. > > Lonnie > > > >> On May 28, 2018, at 8:30 PM, Michael Knill <mic...@ip...> wrote: >> >> I decided today the architecture I want to test. >> I will be setting up a DR Astlinux box running Asterisk and having a SIP Trunk with a 100 Block number range on it for indial. >> All Astklinux boxes configured for failover will establish a VPN to this box and a SIP Trunk to the DR server will be second choice for outgoing calls. I can set the Caller ID to be anything I want for DR outgoing so no issues there. Billing should be fine also as long as the Originating Caller ID is correct. >> All my providers allow the setting of a call forward on busy (and unreachable) to forward to one of the numbers in the 100 block which is redirected to the associated Astlinux box. So incoming calls are sorted also. If it's the same provider, then all forwarded calls are free. >> >> I think it should work with no manual intervention required. >> >> Regards >> Michael Knill >> >> On 29/5/18, 10:07 am, "Lonnie Abelbeck" <li...@lo...> wrote: >> >> Hey Michael, >> >> Currently my "cloud" AstLinux Linode KVM (4G/LTE over VPN endpoint) has Asterisk disabled, ASTERISK_DAHDI_DISABLE="yes" so when my main AstLinux box goes to failover the SIP packets originate from my "home" WireGuard private 10.0.0.0/24 address and are NAT'ed at the Linode end. Normally there is no NAT and SIP packets originate with my public IP. >> >> Surprisingly outbound calls work without any changes, though a remote hangup BYE is not received. Inbound failover could be handled on my SIP provider's platform. >> >> I could enable Asterisk at the Linode end and use it as a proxy of sorts. >> >> Possibly better, per what you suggested, is to implement an outbound call failover in the "main" Asterisk regardless of the WAN Failover status ... if the standard outbound call fails it tries the call over the 4G/LTE VPN path. >> >> I'm still pondering my options. The exact solution is somewhat dependent on the user's SIP provider. >> >> Lonnie >> >> >> >> >>> On May 28, 2018, at 5:08 PM, Michael Knill <mic...@ip...> wrote: >>> >>> Hi Lonnie >>> >>> So what are you trying to solve with Asterisk failover? >>> >>> Regards >>> Michael Knill >>> >>> On 28/5/18, 10:00 pm, "Lonnie Abelbeck" <li...@lo...> wrote: >>> >>> Hi Michael, >>> >>> Yes, you can use OpenVPN and WireGuard at the same time, no problem. I do. >>> >>> WireGuard is much faster / more efficient than OpenVPN, mostly since it resides in the kernel and can use multiple cores. Here are some benchmarks I posted to the WireGuard mailing list: >>> >>> https://lists.zx2c4.com/pipermail/wireguard/2017-December/002204.html >>> >>> There are user-space implementations of WireGuard, written in Golang, starting to appear for testing, but for non-Linux endpoints I would stick with OpenVPN for now. >>> >>> BTW, I currently have WAN Failover on my production AstLinux box using the Netgear LB1121 4G/LTE over WireGuard VPN to a Linode KVM running AstLinux. Working is dual stack IPv4/IPv6 failover for the AstLinux box itself and any internal network of my choosing. I have outbound Asterisk failover working, but that is still a work in progress, not sure the best method yet. >>> >>> Lonnie >>> >>> >>> >>> >>>> On May 28, 2018, at 5:03 AM, Michael Knill <mic...@ip...> wrote: >>>> >>>> Hi group >>>> >>>> Im ready to do some testing. >>>> I have a number of sites that are set up as OpenVPN Servers. Should there be any issues using Wireguard as well? >>>> PS I just looked up Wireguard and I cant believe the difference in benchmarks to Open VPN. That's crazy! >>>> >>>> Regards >>>> Michael Knill >>>> >>>> On 24/5/18, 9:23 am, "Michael Knill" <mic...@ip...> wrote: >>>> >>>> Thanks Lonnie. I don't have a specific scenario yet but handy to know its possible. >>>> >>>> Regards >>>> Michael Knill >>>> >>>> On 24/5/18, 8:54 am, "Lonnie Abelbeck" <li...@lo...> wrote: >>>> >>>> Michael, >>>> >>>>> So are you saying that you can configure a second external interface and the associated routing to it with the Failover Tab but just leave Failover disabled? >>>> >>>> Yes, "External Failover Destination Routes:" automatically defines static routes, automatically removed and added for DHCP changes. >>>> >>>> >>>>> If so, I assume it uses the same EXT firewall rules? >>>> >>>> Yes. There is a way to treat EXTIF and EXT2IF firewall rules differently, but the same is usually OK. >>>> >>>> Lonnie >>>> >>>> >>>> >>>>> On May 23, 2018, at 5:17 PM, Michael Knill <mic...@ip...> wrote: >>>>> >>>>> Hi Lonnie >>>>> >>>>> So are you saying that you can configure a second external interface and the associated routing to it with the Failover Tab but just leave Failover disabled? >>>>> If so, I assume it uses the same EXT firewall rules? >>>>> >>>>> Regards >>>>> Michael Knill >>>>> >>>>> On 22/5/18, 8:59 am, "Lonnie Abelbeck" <li...@lo...> wrote: >>>>> >>>>> Hi Michael, >>>>> >>>>>> I noticed you also pass the VPN traffic to the site LAN >>>>> >>>>> Yes, I tried to implement the general case, easy to remove stuff. >>>>> >>>>>> the VPN would normally just be used for voice traffic and management only. >>>>> >>>>> In that case "External Failover Destination Routes: IPv4 Routes:" could define all the destination routes you need without "Failover" enabled ... and let Asterisk dynamically choose the SIP route. Handling inbound calls over the 4G/LTE VPN would also be possible. >>>>> >>>>> >>>>> All seems to work well, the only fundamental issue may be the latency of 4G/LTE for SIP traffic ... though clearly much better than no traffic. >>>>> >>>>> Lonnie >>>>> >>>>> >>>>> >>>>> >>>>>> On May 21, 2018, at 5:36 PM, Michael Knill <mic...@ip...> wrote: >>>>>> >>>>>> Thanks Lonnie you beat me to it. >>>>>> Interestingly one of my partners is using Asterisk as their Softswitch and they were thinking of setting up a single VPN Tunnel to the SoftSwitch for voice traffic and so everything still works on both the primary and failover links. There should be no failover scripts required! >>>>>> >>>>>> I noticed you also pass the VPN traffic to the site LAN but this would not actually be required in practice as the VPN would normally just be used for voice traffic and management only. On all VPN connections that run voice traffic I set directmedia=no in sip.conf. PS I actually now use a directmedia ACL on the VPN subnet so I don't need to configure anything. E.g. >>>>>> >>>>>> directmedia=yes >>>>>> directmediapermit=0.0.0.0/0 >>>>>> directmediadeny=<VPN Subnet> >>>>>> >>>>>> Thanks again Lonnie for testing. Im looking forward to implementing it. >>>>>> >>>>>> Regards >>>>>> Michael Knill >>>>>> >>>>>> On 22/5/18, 6:59 am, "Lonnie Abelbeck" <li...@lo...> wrote: >>>>>> >>>>>> Followup, Enabling Failover using a Netgear LB1121-100NAS (review below): >>>>>> >>>>>> The basic failover configuration is documented here: >>>>>> >>>>>> WAN Failover >>>>>> https://doc.astlinux-project.org/userdoc:tt_wan_failover >>>>>> >>>>>> Since most 4G/LTE providers only support outbound-only (NAT'ed), IPv4-only, dynamic IPv4 address networks, any basic failover configuration over 4G/LTE must deal with those constraints. >>>>>> >>>>>> But, there is another way ... >>>>>> >>>>>> Enhanced WAN Failover using WireGuard: >>>>>> >>>>>> If you are able to run a second AstLinux instance (or most any distro with WireGuard) on a static IPv4 address you can establish an always-up WireGuard VPN over the 4G/LTE connection. When idle the VPN consumes less than 0.5 MB/day of data. >>>>>> >>>>>> With this setup, both IPv4 and IPv6 can be supported as well as allowing inbound traffic to the failover. When failover occurs, all the IPv4/IPv6 traffic is sent over the WireGuard VPN to the "Static" WireGuard endpoint. >>>>>> >>>>>> To be clear, while the WireGuard VPN is established over IPv4-only, the tunnel can simultaneously transport IPv4 and IPv6. >>>>>> >>>>>> Example: >>>>>> >>>>>> AstLinux "4G/LTE": Cable/DSL Modem on external interface and 4G/LTE Modem on failover interface. >>>>>> -- >>>>>> Internal 1st LAN IPv4: 192.168.101.1/255.255.255.0 >>>>>> Internal 1st LAN IPv6: fda6:a6:a6:d2::1/64 >>>>>> WireGuard IPv4: 10.4.1.10/255.255.255.0 >>>>>> WireGuard IPv6: fda6:a6:a6:ff::10/64 >>>>>> IPv6 ULA/NPTv6: fda6:a6:a6::/56 >>>>>> >>>>>> AstLinux "Static": Static IPv4 (or IPv4/IPv6) on external interface. >>>>>> -- >>>>>> Routable Public IPv4: 1.2.3.4 >>>>>> WireGuard IPv4: 10.4.1.1/255.255.255.0 >>>>>> WireGuard IPv6: fda6:a6:a6:ff::1/64 >>>>>> IPv6 ULA/NPTv6: fda6:a6:a6::/56 >>>>>> >>>>>> >>>>>> == AstLinux "4G/LTE" Endpoint Configuration >>>>>> >>>>>> Network tab -> WireGuard Configuration: >>>>>> Tunnel Options: >>>>>> IPv4 Address: 10.4.1.10 >>>>>> IPv4 NetMask: 255.255.255.0 >>>>>> IPv6/nn Address: fda6:a6:a6:ff::10/64 >>>>>> >>>>>> -- /mnt/kd/wireguard/peer/wg0.peer snippet -- >>>>>> [Peer] >>>>>> ## 4G/LTE Endpoint >>>>>> PublicKey = <For Static Endpoint> >>>>>> Endpoint = 1.2.3.4:51820 >>>>>> AllowedIPs = 0.0.0.0/0, ::/0 >>>>>> PersistentKeepalive = 25 >>>>>> -- >>>>>> >>>>>> Network tab -> WAN Failover Configuration: >>>>>> WAN Failover: >>>>>> Failover: [enabled] >>>>>> Secondary Gateway IPv4: 10.4.1.1 >>>>>> Secondary Gateway IPv6: fda6:a6:a6:ff::1 >>>>>> >>>>>> External Failover Interface: >>>>>> Connection Type: [DHCP] >>>>>> >>>>>> External Failover Destination Routes: >>>>>> IPv4 Routes: 192.168.5.0/24 1.2.3.4 >>>>>> >>>>>> >>>>>> Network tab -> Firewall Configuration: >>>>>> Firewall Options: >>>>>> _x_ Allow WireGuard VPN tunnel to the [1st] LAN Interface(s) >>>>>> >>>>>> >>>>>> == AstLinux "Static" Endpoint Configuration >>>>>> >>>>>> Network tab -> WireGuard Configuration: >>>>>> Tunnel Options: >>>>>> IPv4 Address: 10.4.1.1 >>>>>> IPv4 NetMask: 255.255.255.0 >>>>>> IPv6/nn Address: fda6:a6:a6:ff::1/64 >>>>>> >>>>>> >>>>>> -- /mnt/kd/wireguard/peer/wg0.peer snippet -- >>>>>> [Peer] >>>>>> ## Static Endpoint >>>>>> PublicKey = <For 4G/LTE Endpoint> >>>>>> AllowedIPs = 10.4.1.10/32, 192.168.101.0/24, fda6:a6:a6:ff::10/128, fda6:a6:a6:d2::/64 >>>>>> -- >>>>>> >>>>>> -- /mnt/kd/rc.conf.d/user.conf snippet -- >>>>>> NAT_FOREIGN_NETWORK="192.168.101.0/24" >>>>>> -- >>>>>> >>>>>> == >>>>>> >>>>>> I personally tested this scenario and it worked as expected. >>>>>> >>>>>> Note that one AstLinux "Static" server can support many remote failover AstLinux "4G/LTE" boxes. >>>>>> >>>>>> Tip: if you have shell access to AstLinux "Static", 'ssh root@10.4.1.10' will access AstLinux "4G/LTE" over the VPN connection, regardless if failover is active. >>>>>> >>>>>> Lonnie >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> ================================== >>>>>> Per a post by Michael Knill "4G backup" I purchased a Netgear LB1121-100NAS (North America) supporting PoE and includes a power adapter. >>>>>> >>>>>> LTE Modem LB1120 and LB1121 User Manual >>>>>> https://www.downloads.netgear.com/files/GDC/LB1120/LB112x_UM_EN.pdf >>>>>> >>>>>> Overall, I'm pleased with the LB1121, the PoE is good to have, makes easy positioning for good reception. >>>>>> >>>>>> I also tested the Netgear 6000450 MIMO Antenna, it can add 1-bar, but with no antenna and 4 out of 5 bars sitting on the lab bench I was able to get 90/20 Mbps (down/up) on a speed test. >>>>>> >>>>>> If a person were to mount the modem on a wall next to a window, the antenna would be useful to reach over and place on the glass. >>>>>> >>>>>> I tested with "Ting" a MVNO (Mobile Virtual Network Operator) for T-Mobile's GSM network. I ordered a GSM SIM card from Ting, the Netgear LB1121 comes with an empty SIM slot. >>>>>> >>>>>> I connected the Netgear LB1121 to a spare ethernet interface, Network tab -> Failover Interface: [eth2] and also ... >>>>>> -- Network tab -> WAN Failover Configuration: -- >>>>>> External Failover Interface: >>>>>> Connection Type: [DHCP] >>>>>> >>>>>> External Failover Destination Routes: >>>>>> IPv4 Routes: 192.168.5.0/24 >>>>>> -- >>>>>> If you change the LB1121's IPv4 address, also change the above IPv4 Routes: as this is required when the LB1121 is set to "Bridge Mode". >>>>>> Note: WAN Failover is disabled at this point in time. We are now simply defining a 2nd external interface. >>>>>> >>>>>> With Ting I needed to edit the APN ... >>>>>> -- >>>>>> Ting (GSM) T-Mobile >>>>>> APN: wholesale >>>>>> -- >>>>>> and the LB1121 easily allows for that via the web interface, which defaults to http://192.168.5.1 >>>>>> >>>>>> Firmware updates are via the web interface, but you must have a SIM card activated and installed to perform an upgrade over the GSM network. >>>>>> >>>>>> Web interface password changes don't ask for a match, so a typo requires a reset to factory defaults to fix it. But overall, the web interface is nicely done. >>>>>> >>>>>> After I got the LB1121 configured as desired, working, and firmware upgraded, I then switched to "Bridge Mode", depending on your 4G/LTE carrier your DHCP will acquire a publicly routable IPv4 address or an address that looks public but is actually behind NAT. >>>>>> BTW: Ting/T-Mobile uses odd "private" address ranges like 25.0.0.0/8 (UK Ministry of Defense) and 100.128.0.0/9 (T-Mobile), they look publicly routable, but they are NAT'ed to a different public address :-( >>>>>> >>>>>> On a PoE 802.3af switch, the LB1121 draws 1.1 Watts, cool to the touch. >>>>>> >>>>>> The main issues are the 4G/LTE networks, the Ting MVNO for T-Mobile is IPv4 only, and NAT'ed even when in bridge mode. So a true failover is difficult to do, but by limiting your failover requirements this can still be useful. Below is one such technique using WireGuard VPN. >>>>>> >>>>>> I have a test AstLinux box talking to my main AstLinux box over WireGuard over 4G/LTE ... works nicely. Though "PersistentKeepalive = 25" is required to deal with the NAT and dynamic addressing. >>>>>> >>>>>> FYI: Interestingly, the WireGuard overhead even with a keepalive every 25 seconds results in 454 KB/day of data, which at $10/GB is only 0.00454 $/day. >>>>>> >>>>>> == Dynamic 4G/LTE Modem Endpoint >>>>>> >>>>>> -- WireGuard IPv4 10.4.1.10/255.255.255.0 -- >>>>>> [Peer] >>>>>> ## 4G/LTE Endpoint >>>>>> PublicKey = <For Static Endpoint> >>>>>> Endpoint = 1.2.3.4:51820 >>>>>> AllowedIPs = 10.4.1.1/32 >>>>>> PersistentKeepalive = 25 >>>>>> -- >>>>>> >>>>>> -- Network tab -> WAN Failover Configuration: -- >>>>>> External Failover Interface: >>>>>> Connection Type: [DHCP] >>>>>> >>>>>> External Failover Destination Routes: >>>>>> IPv4 Routes: 192.168.5.0/24 1.2.3.4 >>>>>> -- >>>>>> >>>>>> == Static IPv4 1.2.3.4 Endpoint >>>>>> >>>>>> -- WireGuard IPv4 10.4.1.1/255.255.255.0 -- >>>>>> [Peer] >>>>>> ## Static Endpoint >>>>>> PublicKey = <For 4G/LTE Endpoint> >>>>>> AllowedIPs = 10.4.1.10/32 >>>>>> -- >>>>>> >>>>>> iperf3 test across the VPN ... >>>>>> >>>>>> 4G/LTE ~ # iperf3 -s >>>>>> >>>>>> Static ~ # iperf3 -c 10.4.1.10 -u >>>>>> Connecting to host 10.4.1.10, port 5201 >>>>>> [ 5] local 10.4.1.1 port 37415 connected to 10.4.1.10 port 5201 >>>>>> [ ID] Interval Transfer Bitrate Total Datagrams >>>>>> [ 5] 0.00-1.00 sec 128 KBytes 1.05 Mbits/sec 96 >>>>>> ... >>>>>> [ 5] 9.00-10.00 sec 128 KBytes 1.05 Mbits/sec 96 >>>>>> - - - - - - - - - - - - - - - - - - - - - - - - - >>>>>> [ ID] Interval Transfer Bitrate Jitter Lost/Total Datagrams >>>>>> [ 5] 0.00-10.00 sec 1.25 MBytes 1.05 Mbits/sec 0.000 ms 0/959 (0%) sender >>>>>> [ 5] 0.00-10.16 sec 1.25 MBytes 1.03 Mbits/sec 2.543 ms 0/959 (0%) receiver >>>>>> >>>>>> >>>>>> Typical ping times: 100-400 ms >>>>>> >>>>>> Note that without the VPN there would be no way to reach "4G/LTE" from "Static" with the network NAT issues described above. >>>>>> >>>>>> So with a Netgear LB1121 4G/LTE Modem, by using this WireGuard VPN technique on the "Failover Interface" (2nd External) your public server on 1.2.3.4 will be able to access a remote AstLinux box via 4G/LTE. >>>>>> >>>>>> >>>>>> Lonnie >>>>>> >>>>>> >>>>>> ------------------------------------------------------------------------------ >>>>>> Check out the vibrant tech community on one of the world's most >>>>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot >>>>>> _______________________________________________ >>>>>> Astlinux-users mailing list >>>>>> Ast...@li... >>>>>> https://lists.sourceforge.net/lists/listinfo/astlinux-users >>>>>> >>>>>> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... >>>>>> >>>>>> >>>>>> ------------------------------------------------------------------------------ >>>>>> Check out the vibrant tech community on one of the world's most >>>>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot >>>>>> _______________________________________________ >>>>>> Astlinux-users mailing list >>>>>> Ast...@li... >>>>>> https://lists.sourceforge.net/lists/listinfo/astlinux-users >>>>>> >>>>>> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... >>>>> >>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Check out the vibrant tech community on one of the world's most >>>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot >>>>> _______________________________________________ >>>>> Astlinux-users mailing list >>>>> Ast...@li... >>>>> https://lists.sourceforge.net/lists/listinfo/astlinux-users >>>>> >>>>> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... >>>>> >>>>> ------------------------------------------------------------------------------ >>>>> Check out the vibrant tech community on one of the world's most >>>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot >>>>> _______________________________________________ >>>>> Astlinux-users mailing list >>>>> Ast...@li... >>>>> https://lists.sourceforge.net/lists/listinfo/astlinux-users >>>>> >>>>> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... >>>> >>>> >>>> ------------------------------------------------------------------------------ >>>> Check out the vibrant tech community on one of the world's most >>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot >>>> _______________________________________________ >>>> Astlinux-users mailing list >>>> Ast...@li... >>>> https://lists.sourceforge.net/lists/listinfo/astlinux-users >>>> >>>> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... >>>> >>>> ------------------------------------------------------------------------------ >>>> Check out the vibrant tech community on one of the world's most >>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot >>>> _______________________________________________ >>>> Astlinux-users mailing list >>>> Ast...@li... >>>> https://lists.sourceforge.net/lists/listinfo/astlinux-users >>>> >>>> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... >>>> >>>> ------------------------------------------------------------------------------ >>>> Check out the vibrant tech community on one of the world's most >>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot >>>> _______________________________________________ >>>> Astlinux-users mailing list >>>> Ast...@li... >>>> https://lists.sourceforge.net/lists/listinfo/astlinux-users >>>> >>>> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... >>> >>> >>> ------------------------------------------------------------------------------ >>> Check out the vibrant tech community on one of the world's most >>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot >>> _______________________________________________ >>> Astlinux-users mailing list >>> Ast...@li... >>> https://lists.sourceforge.net/lists/listinfo/astlinux-users >>> >>> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... >>> >>> ------------------------------------------------------------------------------ >>> Check out the vibrant tech community on one of the world's most >>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot >>> _______________________________________________ >>> Astlinux-users mailing list >>> Ast...@li... >>> https://lists.sourceforge.net/lists/listinfo/astlinux-users >>> >>> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... >> >> >> ------------------------------------------------------------------------------ >> Check out the vibrant tech community on one of the world's most >> engaging tech sites, Slashdot.org! http://sdm.link/slashdot >> _______________________________________________ >> Astlinux-users mailing list >> Ast...@li... >> https://lists.sourceforge.net/lists/listinfo/astlinux-users >> >> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... >> >> ------------------------------------------------------------------------------ >> Check out the vibrant tech community on one of the world's most >> engaging tech sites, Slashdot.org! http://sdm.link/slashdot >> _______________________________________________ >> Astlinux-users mailing list >> Ast...@li... >> https://lists.sourceforge.net/lists/listinfo/astlinux-users >> >> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... |
|
From: Lonnie A. <li...@lo...> - 2018-07-11 11:37:14
|
> On Jul 11, 2018, at 3:28 AM, Michael Keuter <li...@mk...> wrote: > > >> Am 11.07.2018 um 07:14 schrieb Cody Alderson <ald...@gm...>: >> >> Hi, >> >> I changed my Gmail password and updated it using the Network tab and Outbound SMTP Mail Relay in Astlinux. I did not change anything else in Astlinux except the updating to the correct password, saving the settings and rebooting. >> >> These are my settings. For purposes of this email, I put "nothing entered in this field" where the field is blank, and I only explain what is in the username/password fields for security reasons. >> >> SMTP Server: smtp.gmail.com >> SMTP Domain: nothing entered in this field >> SMTP Authentication: login >> SMTP Port: 465 >> SMTP Encryption: SSL/SMTP – Ignore Cert >> SMTP Cert File: nothing entered in this field >> SMTP Username: my full gmail email address >> SMTP Password: my password >> >> When I press Test SMTP Mail Relay and then Send Test Email, I get "invalid email address." >> >> Any suggestions as to the cause? Could it have anything to do with Gmail's "access to less secure apps" setting? >> >> Thank you, >> >> Cody > > Hi Cody, > > try using in your user.conf: > > SMTP_FROM="your-gmail-address" > > also: > SMTP Domain: gmail.com > > You could also try TLS on port 587 (and check the cert). > Yes, I guess the "access to less secure apps" setting may need to be enabled. > > https://www.lifewire.com/what-are-the-gmail-smtp-settings-1170854 > > Michael Here is another reference, look for "Gmail SMTP server" https://support.google.com/a/answer/176600?hl=en My hunch is for "SMTP Username" you are using your full fo...@gm... address, but it only wants "foobar" Lonnie |
|
From: Cody A. <ald...@gm...> - 2018-07-11 10:49:53
|
Michael, Since it is a personal and not a production system, I just saved and rebooted. Just checked my settings again, and even restarted SMTP in Edit Tab. Still same result when sending a test email. Cody On Wed, Jul 11, 2018 at 6:30 AM, Michael Keuter <li...@mk...> wrote: > To make the user.conf setting work, you'll have to restart the SMTP Mail > service in the Edit tab. > > > |
|
From: Michael K. <li...@mk...> - 2018-07-11 10:31:14
|
To make the user.conf setting work, you'll have to restart the SMTP Mail service in the Edit tab. Am 11. Juli 2018 12:21:03 MESZ schrieb Cody Alderson <ald...@gm...>: >Michael, > >I set the user.conf as suggested with my email address. I set the smtp >domain to gmail.com. I tried TLS on port 587 (and check the cert). I >enabled access to less secure apps. Still get the same "invalid email >address" when testing relay. Yes, I confirmed several times that my >email >address is correct. Confirmed password too. > >Any suggestions as to what to try next? > >Thanks, > >Cody > >On Wed, Jul 11, 2018 at 4:28 AM, Michael Keuter ><li...@mk...> >wrote: > >> >> > Am 11.07.2018 um 07:14 schrieb Cody Alderson ><ald...@gm...>: >> > >> > Hi, >> > >> > I changed my Gmail password and updated it using the Network tab >and >> Outbound SMTP Mail Relay in Astlinux. I did not change anything else >in >> Astlinux except the updating to the correct password, saving the >settings >> and rebooting. >> > >> > These are my settings. For purposes of this email, I put "nothing >> entered in this field" where the field is blank, and I only explain >what is >> in the username/password fields for security reasons. >> > >> > SMTP Server: smtp.gmail.com >> > SMTP Domain: nothing entered in this field >> > SMTP Authentication: login >> > SMTP Port: 465 >> > SMTP Encryption: SSL/SMTP – Ignore Cert >> > SMTP Cert File: nothing entered in this field >> > SMTP Username: my full gmail email address >> > SMTP Password: my password >> > >> > When I press Test SMTP Mail Relay and then Send Test Email, I get >> "invalid email address." >> > >> > Any suggestions as to the cause? Could it have anything to do with >> Gmail's "access to less secure apps" setting? >> > >> > Thank you, >> > >> > Cody >> >> Hi Cody, >> >> try using in your user.conf: >> >> SMTP_FROM="your-gmail-address" >> >> also: >> SMTP Domain: gmail.com >> >> You could also try TLS on port 587 (and check the cert). >> Yes, I guess the "access to less secure apps" setting may need to be >> enabled. >> >> https://www.lifewire.com/what-are-the-gmail-smtp-settings-1170854 >> >> Michael >> -- Sent via a tiny mobile device. |
|
From: Cody A. <ald...@gm...> - 2018-07-11 10:21:11
|
Michael, I set the user.conf as suggested with my email address. I set the smtp domain to gmail.com. I tried TLS on port 587 (and check the cert). I enabled access to less secure apps. Still get the same "invalid email address" when testing relay. Yes, I confirmed several times that my email address is correct. Confirmed password too. Any suggestions as to what to try next? Thanks, Cody On Wed, Jul 11, 2018 at 4:28 AM, Michael Keuter <li...@mk...> wrote: > > > Am 11.07.2018 um 07:14 schrieb Cody Alderson <ald...@gm...>: > > > > Hi, > > > > I changed my Gmail password and updated it using the Network tab and > Outbound SMTP Mail Relay in Astlinux. I did not change anything else in > Astlinux except the updating to the correct password, saving the settings > and rebooting. > > > > These are my settings. For purposes of this email, I put "nothing > entered in this field" where the field is blank, and I only explain what is > in the username/password fields for security reasons. > > > > SMTP Server: smtp.gmail.com > > SMTP Domain: nothing entered in this field > > SMTP Authentication: login > > SMTP Port: 465 > > SMTP Encryption: SSL/SMTP – Ignore Cert > > SMTP Cert File: nothing entered in this field > > SMTP Username: my full gmail email address > > SMTP Password: my password > > > > When I press Test SMTP Mail Relay and then Send Test Email, I get > "invalid email address." > > > > Any suggestions as to the cause? Could it have anything to do with > Gmail's "access to less secure apps" setting? > > > > Thank you, > > > > Cody > > Hi Cody, > > try using in your user.conf: > > SMTP_FROM="your-gmail-address" > > also: > SMTP Domain: gmail.com > > You could also try TLS on port 587 (and check the cert). > Yes, I guess the "access to less secure apps" setting may need to be > enabled. > > https://www.lifewire.com/what-are-the-gmail-smtp-settings-1170854 > > Michael > |
|
From: Michael K. <mic...@ip...> - 2018-07-11 10:09:02
|
Hi Lonnie
Im just wondering whether there was any advantage in forcing the VPN to be across the 4G connection all the time?
I set it up so it uses the Primary WAN under normal circumstances and it then re-establishes when it fails over to the 4G connection. It takes about a second or less to re-establish!
Pretty cool setup actually. Im looking forward to testing it out in production.
Regards
Michael Knill
On 6/6/18, 2:03 am, "Lonnie Abelbeck" <li...@lo...> wrote:
I have now more completely tested my WAN Failover using 4G/LTE over WireGuard ...and now works perfectly with Asterisk with a configuration change.
My 4G/LTE over WireGuard tunnel endpoint is with AstLinux on a Linode KVM (as documented previously). The AstLinux on the Linode KVM instance is not running Asterisk.
Previously my local Asterisk was configured with nat=no and since I have a static IPv4 address my SIP provider has an option to authenticate using the static address (no registration). If I added the static IPv4 of my Linode KVM instance it mostly worked for outbound calls during failover but would require failover call configuration at the SIP provided end to handle inbound calls.
Instead, I switched my SIP provider configuration to require registration and removed my static IPv4 authentication. In order to force a quick registration update on the switch I use the wan-failover.script to reload sip:
-- /mnt/kd/wan-failover.script snippet --
SECONDARY)
## Switched to Failover using secondary WAN link
asterisk -rx "sip reload" >/dev/null
;;
PRIMARY)
## Switched back to normal using primary WAN link
asterisk -rx "sip reload" >/dev/null
;;
--
Almost there, but when failover occurs the registration is NAT'ed at the AstLinux on Linode KVM end, so for my SIP provider all it took was to configure my SIP account to support NAT. Even though my Asterisk is still configured with nat=no, the registration via the failover tunnel now works.
Inbound and outbound SIP calls work perfectly over the 4G/LTE failover.
Most interestingly, the calls keep working during the failover switch and back again ... I was not expecting that, and I am still scratching my head over that. The active calls do not miss a beat as I see data over my 4G/LTE and then no data over 4G/LTE, the call continues perfectly. I even have directmedia=no in my provider peer's sip.conf.
Lonnie
> On May 28, 2018, at 8:30 PM, Michael Knill <mic...@ip...> wrote:
>
> I decided today the architecture I want to test.
> I will be setting up a DR Astlinux box running Asterisk and having a SIP Trunk with a 100 Block number range on it for indial.
> All Astklinux boxes configured for failover will establish a VPN to this box and a SIP Trunk to the DR server will be second choice for outgoing calls. I can set the Caller ID to be anything I want for DR outgoing so no issues there. Billing should be fine also as long as the Originating Caller ID is correct.
> All my providers allow the setting of a call forward on busy (and unreachable) to forward to one of the numbers in the 100 block which is redirected to the associated Astlinux box. So incoming calls are sorted also. If it's the same provider, then all forwarded calls are free.
>
> I think it should work with no manual intervention required.
>
> Regards
> Michael Knill
>
> On 29/5/18, 10:07 am, "Lonnie Abelbeck" <li...@lo...> wrote:
>
> Hey Michael,
>
> Currently my "cloud" AstLinux Linode KVM (4G/LTE over VPN endpoint) has Asterisk disabled, ASTERISK_DAHDI_DISABLE="yes" so when my main AstLinux box goes to failover the SIP packets originate from my "home" WireGuard private 10.0.0.0/24 address and are NAT'ed at the Linode end. Normally there is no NAT and SIP packets originate with my public IP.
>
> Surprisingly outbound calls work without any changes, though a remote hangup BYE is not received. Inbound failover could be handled on my SIP provider's platform.
>
> I could enable Asterisk at the Linode end and use it as a proxy of sorts.
>
> Possibly better, per what you suggested, is to implement an outbound call failover in the "main" Asterisk regardless of the WAN Failover status ... if the standard outbound call fails it tries the call over the 4G/LTE VPN path.
>
> I'm still pondering my options. The exact solution is somewhat dependent on the user's SIP provider.
>
> Lonnie
>
>
>
>
>> On May 28, 2018, at 5:08 PM, Michael Knill <mic...@ip...> wrote:
>>
>> Hi Lonnie
>>
>> So what are you trying to solve with Asterisk failover?
>>
>> Regards
>> Michael Knill
>>
>> On 28/5/18, 10:00 pm, "Lonnie Abelbeck" <li...@lo...> wrote:
>>
>> Hi Michael,
>>
>> Yes, you can use OpenVPN and WireGuard at the same time, no problem. I do.
>>
>> WireGuard is much faster / more efficient than OpenVPN, mostly since it resides in the kernel and can use multiple cores. Here are some benchmarks I posted to the WireGuard mailing list:
>>
>> https://lists.zx2c4.com/pipermail/wireguard/2017-December/002204.html
>>
>> There are user-space implementations of WireGuard, written in Golang, starting to appear for testing, but for non-Linux endpoints I would stick with OpenVPN for now.
>>
>> BTW, I currently have WAN Failover on my production AstLinux box using the Netgear LB1121 4G/LTE over WireGuard VPN to a Linode KVM running AstLinux. Working is dual stack IPv4/IPv6 failover for the AstLinux box itself and any internal network of my choosing. I have outbound Asterisk failover working, but that is still a work in progress, not sure the best method yet.
>>
>> Lonnie
>>
>>
>>
>>
>>> On May 28, 2018, at 5:03 AM, Michael Knill <mic...@ip...> wrote:
>>>
>>> Hi group
>>>
>>> Im ready to do some testing.
>>> I have a number of sites that are set up as OpenVPN Servers. Should there be any issues using Wireguard as well?
>>> PS I just looked up Wireguard and I cant believe the difference in benchmarks to Open VPN. That's crazy!
>>>
>>> Regards
>>> Michael Knill
>>>
>>> On 24/5/18, 9:23 am, "Michael Knill" <mic...@ip...> wrote:
>>>
>>> Thanks Lonnie. I don't have a specific scenario yet but handy to know its possible.
>>>
>>> Regards
>>> Michael Knill
>>>
>>> On 24/5/18, 8:54 am, "Lonnie Abelbeck" <li...@lo...> wrote:
>>>
>>> Michael,
>>>
>>>> So are you saying that you can configure a second external interface and the associated routing to it with the Failover Tab but just leave Failover disabled?
>>>
>>> Yes, "External Failover Destination Routes:" automatically defines static routes, automatically removed and added for DHCP changes.
>>>
>>>
>>>> If so, I assume it uses the same EXT firewall rules?
>>>
>>> Yes. There is a way to treat EXTIF and EXT2IF firewall rules differently, but the same is usually OK.
>>>
>>> Lonnie
>>>
>>>
>>>
>>>> On May 23, 2018, at 5:17 PM, Michael Knill <mic...@ip...> wrote:
>>>>
>>>> Hi Lonnie
>>>>
>>>> So are you saying that you can configure a second external interface and the associated routing to it with the Failover Tab but just leave Failover disabled?
>>>> If so, I assume it uses the same EXT firewall rules?
>>>>
>>>> Regards
>>>> Michael Knill
>>>>
>>>> On 22/5/18, 8:59 am, "Lonnie Abelbeck" <li...@lo...> wrote:
>>>>
>>>> Hi Michael,
>>>>
>>>>> I noticed you also pass the VPN traffic to the site LAN
>>>>
>>>> Yes, I tried to implement the general case, easy to remove stuff.
>>>>
>>>>> the VPN would normally just be used for voice traffic and management only.
>>>>
>>>> In that case "External Failover Destination Routes: IPv4 Routes:" could define all the destination routes you need without "Failover" enabled ... and let Asterisk dynamically choose the SIP route. Handling inbound calls over the 4G/LTE VPN would also be possible.
>>>>
>>>>
>>>> All seems to work well, the only fundamental issue may be the latency of 4G/LTE for SIP traffic ... though clearly much better than no traffic.
>>>>
>>>> Lonnie
>>>>
>>>>
>>>>
>>>>
>>>>> On May 21, 2018, at 5:36 PM, Michael Knill <mic...@ip...> wrote:
>>>>>
>>>>> Thanks Lonnie you beat me to it.
>>>>> Interestingly one of my partners is using Asterisk as their Softswitch and they were thinking of setting up a single VPN Tunnel to the SoftSwitch for voice traffic and so everything still works on both the primary and failover links. There should be no failover scripts required!
>>>>>
>>>>> I noticed you also pass the VPN traffic to the site LAN but this would not actually be required in practice as the VPN would normally just be used for voice traffic and management only. On all VPN connections that run voice traffic I set directmedia=no in sip.conf. PS I actually now use a directmedia ACL on the VPN subnet so I don't need to configure anything. E.g.
>>>>>
>>>>> directmedia=yes
>>>>> directmediapermit=0.0.0.0/0
>>>>> directmediadeny=<VPN Subnet>
>>>>>
>>>>> Thanks again Lonnie for testing. Im looking forward to implementing it.
>>>>>
>>>>> Regards
>>>>> Michael Knill
>>>>>
>>>>> On 22/5/18, 6:59 am, "Lonnie Abelbeck" <li...@lo...> wrote:
>>>>>
>>>>> Followup, Enabling Failover using a Netgear LB1121-100NAS (review below):
>>>>>
>>>>> The basic failover configuration is documented here:
>>>>>
>>>>> WAN Failover
>>>>> https://doc.astlinux-project.org/userdoc:tt_wan_failover
>>>>>
>>>>> Since most 4G/LTE providers only support outbound-only (NAT'ed), IPv4-only, dynamic IPv4 address networks, any basic failover configuration over 4G/LTE must deal with those constraints.
>>>>>
>>>>> But, there is another way ...
>>>>>
>>>>> Enhanced WAN Failover using WireGuard:
>>>>>
>>>>> If you are able to run a second AstLinux instance (or most any distro with WireGuard) on a static IPv4 address you can establish an always-up WireGuard VPN over the 4G/LTE connection. When idle the VPN consumes less than 0.5 MB/day of data.
>>>>>
>>>>> With this setup, both IPv4 and IPv6 can be supported as well as allowing inbound traffic to the failover. When failover occurs, all the IPv4/IPv6 traffic is sent over the WireGuard VPN to the "Static" WireGuard endpoint.
>>>>>
>>>>> To be clear, while the WireGuard VPN is established over IPv4-only, the tunnel can simultaneously transport IPv4 and IPv6.
>>>>>
>>>>> Example:
>>>>>
>>>>> AstLinux "4G/LTE": Cable/DSL Modem on external interface and 4G/LTE Modem on failover interface.
>>>>> --
>>>>> Internal 1st LAN IPv4: 192.168.101.1/255.255.255.0
>>>>> Internal 1st LAN IPv6: fda6:a6:a6:d2::1/64
>>>>> WireGuard IPv4: 10.4.1.10/255.255.255.0
>>>>> WireGuard IPv6: fda6:a6:a6:ff::10/64
>>>>> IPv6 ULA/NPTv6: fda6:a6:a6::/56
>>>>>
>>>>> AstLinux "Static": Static IPv4 (or IPv4/IPv6) on external interface.
>>>>> --
>>>>> Routable Public IPv4: 1.2.3.4
>>>>> WireGuard IPv4: 10.4.1.1/255.255.255.0
>>>>> WireGuard IPv6: fda6:a6:a6:ff::1/64
>>>>> IPv6 ULA/NPTv6: fda6:a6:a6::/56
>>>>>
>>>>>
>>>>> == AstLinux "4G/LTE" Endpoint Configuration
>>>>>
>>>>> Network tab -> WireGuard Configuration:
>>>>> Tunnel Options:
>>>>> IPv4 Address: 10.4.1.10
>>>>> IPv4 NetMask: 255.255.255.0
>>>>> IPv6/nn Address: fda6:a6:a6:ff::10/64
>>>>>
>>>>> -- /mnt/kd/wireguard/peer/wg0.peer snippet --
>>>>> [Peer]
>>>>> ## 4G/LTE Endpoint
>>>>> PublicKey = <For Static Endpoint>
>>>>> Endpoint = 1.2.3.4:51820
>>>>> AllowedIPs = 0.0.0.0/0, ::/0
>>>>> PersistentKeepalive = 25
>>>>> --
>>>>>
>>>>> Network tab -> WAN Failover Configuration:
>>>>> WAN Failover:
>>>>> Failover: [enabled]
>>>>> Secondary Gateway IPv4: 10.4.1.1
>>>>> Secondary Gateway IPv6: fda6:a6:a6:ff::1
>>>>>
>>>>> External Failover Interface:
>>>>> Connection Type: [DHCP]
>>>>>
>>>>> External Failover Destination Routes:
>>>>> IPv4 Routes: 192.168.5.0/24 1.2.3.4
>>>>>
>>>>>
>>>>> Network tab -> Firewall Configuration:
>>>>> Firewall Options:
>>>>> _x_ Allow WireGuard VPN tunnel to the [1st] LAN Interface(s)
>>>>>
>>>>>
>>>>> == AstLinux "Static" Endpoint Configuration
>>>>>
>>>>> Network tab -> WireGuard Configuration:
>>>>> Tunnel Options:
>>>>> IPv4 Address: 10.4.1.1
>>>>> IPv4 NetMask: 255.255.255.0
>>>>> IPv6/nn Address: fda6:a6:a6:ff::1/64
>>>>>
>>>>>
>>>>> -- /mnt/kd/wireguard/peer/wg0.peer snippet --
>>>>> [Peer]
>>>>> ## Static Endpoint
>>>>> PublicKey = <For 4G/LTE Endpoint>
>>>>> AllowedIPs = 10.4.1.10/32, 192.168.101.0/24, fda6:a6:a6:ff::10/128, fda6:a6:a6:d2::/64
>>>>> --
>>>>>
>>>>> -- /mnt/kd/rc.conf.d/user.conf snippet --
>>>>> NAT_FOREIGN_NETWORK="192.168.101.0/24"
>>>>> --
>>>>>
>>>>> ==
>>>>>
>>>>> I personally tested this scenario and it worked as expected.
>>>>>
>>>>> Note that one AstLinux "Static" server can support many remote failover AstLinux "4G/LTE" boxes.
>>>>>
>>>>> Tip: if you have shell access to AstLinux "Static", 'ssh root@10.4.1.10' will access AstLinux "4G/LTE" over the VPN connection, regardless if failover is active.
>>>>>
>>>>> Lonnie
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ==================================
>>>>> Per a post by Michael Knill "4G backup" I purchased a Netgear LB1121-100NAS (North America) supporting PoE and includes a power adapter.
>>>>>
>>>>> LTE Modem LB1120 and LB1121 User Manual
>>>>> https://www.downloads.netgear.com/files/GDC/LB1120/LB112x_UM_EN.pdf
>>>>>
>>>>> Overall, I'm pleased with the LB1121, the PoE is good to have, makes easy positioning for good reception.
>>>>>
>>>>> I also tested the Netgear 6000450 MIMO Antenna, it can add 1-bar, but with no antenna and 4 out of 5 bars sitting on the lab bench I was able to get 90/20 Mbps (down/up) on a speed test.
>>>>>
>>>>> If a person were to mount the modem on a wall next to a window, the antenna would be useful to reach over and place on the glass.
>>>>>
>>>>> I tested with "Ting" a MVNO (Mobile Virtual Network Operator) for T-Mobile's GSM network. I ordered a GSM SIM card from Ting, the Netgear LB1121 comes with an empty SIM slot.
>>>>>
>>>>> I connected the Netgear LB1121 to a spare ethernet interface, Network tab -> Failover Interface: [eth2] and also ...
>>>>> -- Network tab -> WAN Failover Configuration: --
>>>>> External Failover Interface:
>>>>> Connection Type: [DHCP]
>>>>>
>>>>> External Failover Destination Routes:
>>>>> IPv4 Routes: 192.168.5.0/24
>>>>> --
>>>>> If you change the LB1121's IPv4 address, also change the above IPv4 Routes: as this is required when the LB1121 is set to "Bridge Mode".
>>>>> Note: WAN Failover is disabled at this point in time. We are now simply defining a 2nd external interface.
>>>>>
>>>>> With Ting I needed to edit the APN ...
>>>>> --
>>>>> Ting (GSM) T-Mobile
>>>>> APN: wholesale
>>>>> --
>>>>> and the LB1121 easily allows for that via the web interface, which defaults to http://192.168.5.1
>>>>>
>>>>> Firmware updates are via the web interface, but you must have a SIM card activated and installed to perform an upgrade over the GSM network.
>>>>>
>>>>> Web interface password changes don't ask for a match, so a typo requires a reset to factory defaults to fix it. But overall, the web interface is nicely done.
>>>>>
>>>>> After I got the LB1121 configured as desired, working, and firmware upgraded, I then switched to "Bridge Mode", depending on your 4G/LTE carrier your DHCP will acquire a publicly routable IPv4 address or an address that looks public but is actually behind NAT.
>>>>> BTW: Ting/T-Mobile uses odd "private" address ranges like 25.0.0.0/8 (UK Ministry of Defense) and 100.128.0.0/9 (T-Mobile), they look publicly routable, but they are NAT'ed to a different public address :-(
>>>>>
>>>>> On a PoE 802.3af switch, the LB1121 draws 1.1 Watts, cool to the touch.
>>>>>
>>>>> The main issues are the 4G/LTE networks, the Ting MVNO for T-Mobile is IPv4 only, and NAT'ed even when in bridge mode. So a true failover is difficult to do, but by limiting your failover requirements this can still be useful. Below is one such technique using WireGuard VPN.
>>>>>
>>>>> I have a test AstLinux box talking to my main AstLinux box over WireGuard over 4G/LTE ... works nicely. Though "PersistentKeepalive = 25" is required to deal with the NAT and dynamic addressing.
>>>>>
>>>>> FYI: Interestingly, the WireGuard overhead even with a keepalive every 25 seconds results in 454 KB/day of data, which at $10/GB is only 0.00454 $/day.
>>>>>
>>>>> == Dynamic 4G/LTE Modem Endpoint
>>>>>
>>>>> -- WireGuard IPv4 10.4.1.10/255.255.255.0 --
>>>>> [Peer]
>>>>> ## 4G/LTE Endpoint
>>>>> PublicKey = <For Static Endpoint>
>>>>> Endpoint = 1.2.3.4:51820
>>>>> AllowedIPs = 10.4.1.1/32
>>>>> PersistentKeepalive = 25
>>>>> --
>>>>>
>>>>> -- Network tab -> WAN Failover Configuration: --
>>>>> External Failover Interface:
>>>>> Connection Type: [DHCP]
>>>>>
>>>>> External Failover Destination Routes:
>>>>> IPv4 Routes: 192.168.5.0/24 1.2.3.4
>>>>> --
>>>>>
>>>>> == Static IPv4 1.2.3.4 Endpoint
>>>>>
>>>>> -- WireGuard IPv4 10.4.1.1/255.255.255.0 --
>>>>> [Peer]
>>>>> ## Static Endpoint
>>>>> PublicKey = <For 4G/LTE Endpoint>
>>>>> AllowedIPs = 10.4.1.10/32
>>>>> --
>>>>>
>>>>> iperf3 test across the VPN ...
>>>>>
>>>>> 4G/LTE ~ # iperf3 -s
>>>>>
>>>>> Static ~ # iperf3 -c 10.4.1.10 -u
>>>>> Connecting to host 10.4.1.10, port 5201
>>>>> [ 5] local 10.4.1.1 port 37415 connected to 10.4.1.10 port 5201
>>>>> [ ID] Interval Transfer Bitrate Total Datagrams
>>>>> [ 5] 0.00-1.00 sec 128 KBytes 1.05 Mbits/sec 96
>>>>> ...
>>>>> [ 5] 9.00-10.00 sec 128 KBytes 1.05 Mbits/sec 96
>>>>> - - - - - - - - - - - - - - - - - - - - - - - - -
>>>>> [ ID] Interval Transfer Bitrate Jitter Lost/Total Datagrams
>>>>> [ 5] 0.00-10.00 sec 1.25 MBytes 1.05 Mbits/sec 0.000 ms 0/959 (0%) sender
>>>>> [ 5] 0.00-10.16 sec 1.25 MBytes 1.03 Mbits/sec 2.543 ms 0/959 (0%) receiver
>>>>>
>>>>>
>>>>> Typical ping times: 100-400 ms
>>>>>
>>>>> Note that without the VPN there would be no way to reach "4G/LTE" from "Static" with the network NAT issues described above.
>>>>>
>>>>> So with a Netgear LB1121 4G/LTE Modem, by using this WireGuard VPN technique on the "Failover Interface" (2nd External) your public server on 1.2.3.4 will be able to access a remote AstLinux box via 4G/LTE.
>>>>>
>>>>>
>>>>> Lonnie
>>>>>
>>>>>
>>>>> ------------------------------------------------------------------------------
>>>>> Check out the vibrant tech community on one of the world's most
>>>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>>> _______________________________________________
>>>>> Astlinux-users mailing list
>>>>> Ast...@li...
>>>>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>>>>>
>>>>> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
>>>>>
>>>>>
>>>>> ------------------------------------------------------------------------------
>>>>> Check out the vibrant tech community on one of the world's most
>>>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>>> _______________________________________________
>>>>> Astlinux-users mailing list
>>>>> Ast...@li...
>>>>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>>>>>
>>>>> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
>>>>
>>>>
>>>> ------------------------------------------------------------------------------
>>>> Check out the vibrant tech community on one of the world's most
>>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>> _______________________________________________
>>>> Astlinux-users mailing list
>>>> Ast...@li...
>>>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>>>>
>>>> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
>>>>
>>>> ------------------------------------------------------------------------------
>>>> Check out the vibrant tech community on one of the world's most
>>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>> _______________________________________________
>>>> Astlinux-users mailing list
>>>> Ast...@li...
>>>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>>>>
>>>> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Check out the vibrant tech community on one of the world's most
>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>> _______________________________________________
>>> Astlinux-users mailing list
>>> Ast...@li...
>>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>>>
>>> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
>>>
>>> ------------------------------------------------------------------------------
>>> Check out the vibrant tech community on one of the world's most
>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>> _______________________________________________
>>> Astlinux-users mailing list
>>> Ast...@li...
>>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>>>
>>> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
>>>
>>> ------------------------------------------------------------------------------
>>> Check out the vibrant tech community on one of the world's most
>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>> _______________________________________________
>>> Astlinux-users mailing list
>>> Ast...@li...
>>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>>>
>>> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
>>
>>
>> ------------------------------------------------------------------------------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> _______________________________________________
>> Astlinux-users mailing list
>> Ast...@li...
>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>>
>> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
>>
>> ------------------------------------------------------------------------------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> _______________________________________________
>> Astlinux-users mailing list
>> Ast...@li...
>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>>
>> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Astlinux-users mailing list
> Ast...@li...
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Astlinux-users mailing list
> Ast...@li...
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Astlinux-users mailing list
Ast...@li...
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
|
|
From: Michael K. <li...@mk...> - 2018-07-11 08:28:32
|
> Am 11.07.2018 um 07:14 schrieb Cody Alderson <ald...@gm...>: > > Hi, > > I changed my Gmail password and updated it using the Network tab and Outbound SMTP Mail Relay in Astlinux. I did not change anything else in Astlinux except the updating to the correct password, saving the settings and rebooting. > > These are my settings. For purposes of this email, I put "nothing entered in this field" where the field is blank, and I only explain what is in the username/password fields for security reasons. > > SMTP Server: smtp.gmail.com > SMTP Domain: nothing entered in this field > SMTP Authentication: login > SMTP Port: 465 > SMTP Encryption: SSL/SMTP – Ignore Cert > SMTP Cert File: nothing entered in this field > SMTP Username: my full gmail email address > SMTP Password: my password > > When I press Test SMTP Mail Relay and then Send Test Email, I get "invalid email address." > > Any suggestions as to the cause? Could it have anything to do with Gmail's "access to less secure apps" setting? > > Thank you, > > Cody Hi Cody, try using in your user.conf: SMTP_FROM="your-gmail-address" also: SMTP Domain: gmail.com You could also try TLS on port 587 (and check the cert). Yes, I guess the "access to less secure apps" setting may need to be enabled. https://www.lifewire.com/what-are-the-gmail-smtp-settings-1170854 Michael http://www.mksolutions.info |
|
From: Cody A. <ald...@gm...> - 2018-07-11 05:14:55
|
Hi, I changed my Gmail password and updated it using the Network tab and Outbound SMTP Mail Relay in Astlinux. I did not change anything else in Astlinux except the updating to the correct password, saving the settings and rebooting. These are my settings. For purposes of this email, I put "nothing entered in this field" where the field is blank, and I only explain what is in the username/password fields for security reasons. SMTP Server: smtp.gmail.com SMTP Domain: nothing entered in this field SMTP Authentication: login SMTP Port: 465 SMTP Encryption: SSL/SMTP – Ignore Cert SMTP Cert File: nothing entered in this field SMTP Username: my full gmail email address SMTP Password: my password When I press Test SMTP Mail Relay and then Send Test Email, I get "invalid email address." Any suggestions as to the cause? Could it have anything to do with Gmail's "access to less secure apps" setting? Thank you, Cody |
|
From: Lonnie A. <li...@lo...> - 2018-07-10 13:31:12
|
> My dream single-board gateway would have 4-6 NIC's and most of them with built in PoE injectors. But I have not come across any such board yet. They exist [1] for about $500 USD, but are specialized (ex. Network Video Recording w/PoE cameras), hence very expensive. If you are looking to power your LB1121 LTE modem, IMO, a PoE injector with standard hardware (ex. Qotom) would be the best. I use this [2] PoE+ injector for WiFi AP's, and works well. Lonnie [1] Jetway POE Fanless Embedded Barebone / J1900 / 2 Intel GbE LAN / 4 GbE POE (25W) http://jetwaycomputer.com/spec/JBC512F3DG.pdf https://www.amazon.com/dp/B011DKV15I/ (wacky power connection) [2] TRENDnet Gigabit Power over Ethernet Plus (PoE+) Injector https://www.amazon.com/gp/product/B00BK4W8TQ/ > On Jul 10, 2018, at 4:35 AM, David Kerr <Da...@Ke...> wrote: > > Yes UPS load plus why waste 3 NIC ports. However my current problem with limiting UPS load is that I am powering the LB1121 LTE modem PoE which is coming from my 24-port switch. so I can't cut it off the big UPS. > > My dream single-board gateway would have 4-6 NIC's and most of them with built in PoE injectors. But I have not come across any such board yet. > > David > > On Mon, Jul 9, 2018 at 10:04 AM, Lonnie Abelbeck <li...@lo...> wrote: > Hi David, > > > but is it as simple as adding... > > > > BRIDGE0="eth2 eth3 eth4 eth5" > > Yes, you can bridge as many NIC's as you want to br0 . > > Personally I prefer to use a switch for such purposes, but if you want to keep your UPS load as small as possible for critical stuff ... > > Lonnie > > > > > On Jul 9, 2018, at 4:12 AM, David Kerr <Da...@Ke...> wrote: > > > > So with 6 NIC's I would probably want eth0/eth1 as WAN and WAN failover. Then bridge eth2/3/4/5 into a single br0 interface. Astlinux comes with support for 3 NIC's and bridges out of the box, but is it as simple as adding... > > > > BRIDGE0="eth2 eth3 eth4 eth5" > > > > to user.conf to create the br0, or is there more to it in order to have eth3/4/5 available? > > > > Thanks > > David > > > > > > On Sun, Jul 8, 2018 at 9:32 PM, Lonnie Abelbeck <li...@lo...> wrote: > > You are welcome, Michael. > > > > > Double the performance of the Q190G4N-S07 which is already fast. > > > > Actually, the Qotom Q530G6 averages 3.3x the single-core performance compared to the Q190G4N-S07 in my tests. > > > > > In fact I cant see why I wouldn't just use both of these for all use cases other than I don't know their reliability. > > > > Yes, no matter which board vendor you choose there are reliability risks. At least with Qotom you can afford to have a few spares, and testing is the key. > > > > Lonnie > > > > > > > > > On Jul 8, 2018, at 6:53 PM, Michael Knill <mic...@ip...> wrote: > > > > > > Thanks Lonnie. Im looking forward to using it. > > > Double the performance of the Q190G4N-S07 which is already fast. It should be able to handle my largest systems no problems at all! > > > In fact I cant see why I wouldn't just use both of these for all use cases other than I don't know their reliability. > > > > > > Regards > > > Michael Knill > > > > > > On 9/7/18, 9:05 am, "Lonnie Abelbeck" <li...@lo...> wrote: > > > > > > A newly released hardware description and configuration has been added to the AstLinux documentation: > > > > > > Qotom Q530G6 Core i3-6100U Fanless Appliance > > > https://doc.astlinux-project.org/userdoc:board_qotom_q530g6 > > > > > > I personally purchased a Qotom Q530G6 (4G RAM, 32G mSATA SSD, No WiFi) via AliExpress: > > > > > > 6 Gigabit Nic Fanless Mini PC Qotom Q530G6 Core i3-6100U ... > > > https://www.aliexpress.com/item/6-Gigabit-Nic-Fanless-Mini-PC-Qotom-Q530G6-Q550G6-Core-i3-6100U-i5-6200U-1-8Ghz/32890614694.html > > > > > > $227.00 USD -- Barebone Q530G6, No WiFi > > > > > > $ 61.00 USD -- 4G RAM, 32G mSATA SSD (I added since it uses DDR4 RAM) > > > > > > $ 30.00 USD -- Shipping to central USA > > > > > > The Qotom Q530G6 is the fastest bare-metal hardware I have tested for AstLinux, 4.7x single-core performance compared to the legacy Intel Atom D525 workhorse, and 7.4x single-core performance compared to the PC Engines APU2. > > > > > > The Qotom Q530G6 is about twice the cost of the Qotom-Q190G4N-S07 or PC Engines APU2. > > > > > > Given the performance, the power consumption is surprisingly low, idles at 6 W, 10 W under load (HDMI disconnected). And runs cool, coretemp reports 41 degC CPU and SATA 2.5" SSD reports 43 degC (ambient temp is 26 degC / 79 degF). The supplied Hoodisk brand mSATA SSD does not report temp. The case is only barely warm to the touch. > > > > > > The Qotom Q530G6 offers everything an AstLinux user wants: > > > -- Supports Serial or Video (HDMI) Console > > > -- Supports either mSATA SSD or 2.5" SSD (SATA cable pre-attached) > > > -- 6x Intel i211 NIC's > > > -- Fanless, first-class machined aluminum black case > > > -- Internal piezo buzzer for startup/shutdown sounds. > > > -- Power button > > > > > > The Qotom Q530G6 requires DDR4 RAM, single 260-pin SO-DIMM, 4GB to 16GB supported. > > > > > > No surprise, line-speed 1Gbps network routing and line-speed WireGuard VPN with headroom. OpenVPN tested at 310 Mbps. > > > > > > I placed my order on a Saturday via AliExpress, it shipped on the following Tuesday morning and I signed for the package Thursday noon. Quite amazing ! > > > > > > Note: Shipped via DHL which required a signature on delivery. > > > > > > I like the way a SATA 2.5" SSD is attached (4x screws are supplied) to the lower cover, somewhat lower temps away from the motherboard. Currently on Amazon, "Industrial" 2.5" SATA SSD's (32GB-64GB) are available for $30-$40 USD. A 2.5" SSD is a good option for this box. > > > > > > In testing I found the Qotom Q530G6's serial port was sensitive to EMI generated with a dangling (inactive) serial cable, as such it would sometimes fail to boot properly (hang until cable was removed). Though a connected (active) serial cable, or no serial cable always booted reliably. I retested with a new [1], quality shielded serial cable and that solved the observed EMI issues with a dangling (inactive) serial cable. The original null-modem cable was probably 20 years old that came with a switch or some other product, and was longer than I needed. EMI on RS232 is something to keep in mind. > > > > > > Clearly there is no one best AstLinux hardware solution, but in my limited testing, the Qotom Q530G6 is a great fit for AstLinux. > > > > > > The Qotom Q530G6 has run solidly for a few days, further updates as needed. > > > > > > Lonnie > > > > > > [1] StarTech.com SCNM9FF1MBK https://www.amazon.com/gp/product/B00QM8ZP5E/ > > > > > > > > > ------------------------------------------------------------------------------ > > Check out the vibrant tech community on one of the world's most > > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > > _______________________________________________ > > Astlinux-users mailing list > > Ast...@li... > > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... > > > > ------------------------------------------------------------------------------ > > Check out the vibrant tech community on one of the world's most > > engaging tech sites, Slashdot.org! http://sdm.link/slashdot_______________________________________________ > > Astlinux-users mailing list > > Ast...@li... > > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot_______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... |
|
From: David K. <da...@ke...> - 2018-07-10 09:36:16
|
Yes UPS load plus why waste 3 NIC ports. However my current problem with limiting UPS load is that I am powering the LB1121 LTE modem PoE which is coming from my 24-port switch. so I can't cut it off the big UPS. My dream single-board gateway would have 4-6 NIC's and most of them with built in PoE injectors. But I have not come across any such board yet. David On Mon, Jul 9, 2018 at 10:04 AM, Lonnie Abelbeck <li...@lo...> wrote: > Hi David, > > > but is it as simple as adding... > > > > BRIDGE0="eth2 eth3 eth4 eth5" > > Yes, you can bridge as many NIC's as you want to br0 . > > Personally I prefer to use a switch for such purposes, but if you want to > keep your UPS load as small as possible for critical stuff ... > > Lonnie > > > > > On Jul 9, 2018, at 4:12 AM, David Kerr <Da...@Ke...> wrote: > > > > So with 6 NIC's I would probably want eth0/eth1 as WAN and WAN > failover. Then bridge eth2/3/4/5 into a single br0 interface. Astlinux > comes with support for 3 NIC's and bridges out of the box, but is it as > simple as adding... > > > > BRIDGE0="eth2 eth3 eth4 eth5" > > > > to user.conf to create the br0, or is there more to it in order to have > eth3/4/5 available? > > > > Thanks > > David > > > > > > On Sun, Jul 8, 2018 at 9:32 PM, Lonnie Abelbeck < > li...@lo...> wrote: > > You are welcome, Michael. > > > > > Double the performance of the Q190G4N-S07 which is already fast. > > > > Actually, the Qotom Q530G6 averages 3.3x the single-core performance > compared to the Q190G4N-S07 in my tests. > > > > > In fact I cant see why I wouldn't just use both of these for all use > cases other than I don't know their reliability. > > > > Yes, no matter which board vendor you choose there are reliability > risks. At least with Qotom you can afford to have a few spares, and > testing is the key. > > > > Lonnie > > > > > > > > > On Jul 8, 2018, at 6:53 PM, Michael Knill <michael.knill@ipcsolutions. > com.au> wrote: > > > > > > Thanks Lonnie. Im looking forward to using it. > > > Double the performance of the Q190G4N-S07 which is already fast. It > should be able to handle my largest systems no problems at all! > > > In fact I cant see why I wouldn't just use both of these for all use > cases other than I don't know their reliability. > > > > > > Regards > > > Michael Knill > > > > > > On 9/7/18, 9:05 am, "Lonnie Abelbeck" <li...@lo...> > wrote: > > > > > > A newly released hardware description and configuration has been > added to the AstLinux documentation: > > > > > > Qotom Q530G6 Core i3-6100U Fanless Appliance > > > https://doc.astlinux-project.org/userdoc:board_qotom_q530g6 > > > > > > I personally purchased a Qotom Q530G6 (4G RAM, 32G mSATA SSD, No > WiFi) via AliExpress: > > > > > > 6 Gigabit Nic Fanless Mini PC Qotom Q530G6 Core i3-6100U ... > > > https://www.aliexpress.com/item/6-Gigabit-Nic-Fanless- > Mini-PC-Qotom-Q530G6-Q550G6-Core-i3-6100U-i5-6200U-1-8Ghz/32890614694.html > > > > > > $227.00 USD -- Barebone Q530G6, No WiFi > > > > > > $ 61.00 USD -- 4G RAM, 32G mSATA SSD (I added since it uses DDR4 > RAM) > > > > > > $ 30.00 USD -- Shipping to central USA > > > > > > The Qotom Q530G6 is the fastest bare-metal hardware I have tested > for AstLinux, 4.7x single-core performance compared to the legacy Intel > Atom D525 workhorse, and 7.4x single-core performance compared to the PC > Engines APU2. > > > > > > The Qotom Q530G6 is about twice the cost of the Qotom-Q190G4N-S07 > or PC Engines APU2. > > > > > > Given the performance, the power consumption is surprisingly low, > idles at 6 W, 10 W under load (HDMI disconnected). And runs cool, coretemp > reports 41 degC CPU and SATA 2.5" SSD reports 43 degC (ambient temp is 26 > degC / 79 degF). The supplied Hoodisk brand mSATA SSD does not report > temp. The case is only barely warm to the touch. > > > > > > The Qotom Q530G6 offers everything an AstLinux user wants: > > > -- Supports Serial or Video (HDMI) Console > > > -- Supports either mSATA SSD or 2.5" SSD (SATA cable pre-attached) > > > -- 6x Intel i211 NIC's > > > -- Fanless, first-class machined aluminum black case > > > -- Internal piezo buzzer for startup/shutdown sounds. > > > -- Power button > > > > > > The Qotom Q530G6 requires DDR4 RAM, single 260-pin SO-DIMM, 4GB to > 16GB supported. > > > > > > No surprise, line-speed 1Gbps network routing and line-speed > WireGuard VPN with headroom. OpenVPN tested at 310 Mbps. > > > > > > I placed my order on a Saturday via AliExpress, it shipped on the > following Tuesday morning and I signed for the package Thursday noon. > Quite amazing ! > > > > > > Note: Shipped via DHL which required a signature on delivery. > > > > > > I like the way a SATA 2.5" SSD is attached (4x screws are supplied) > to the lower cover, somewhat lower temps away from the motherboard. > Currently on Amazon, "Industrial" 2.5" SATA SSD's (32GB-64GB) are available > for $30-$40 USD. A 2.5" SSD is a good option for this box. > > > > > > In testing I found the Qotom Q530G6's serial port was sensitive to > EMI generated with a dangling (inactive) serial cable, as such it would > sometimes fail to boot properly (hang until cable was removed). Though a > connected (active) serial cable, or no serial cable always booted > reliably. I retested with a new [1], quality shielded serial cable and > that solved the observed EMI issues with a dangling (inactive) serial > cable. The original null-modem cable was probably 20 years old that came > with a switch or some other product, and was longer than I needed. EMI on > RS232 is something to keep in mind. > > > > > > Clearly there is no one best AstLinux hardware solution, but in my > limited testing, the Qotom Q530G6 is a great fit for AstLinux. > > > > > > The Qotom Q530G6 has run solidly for a few days, further updates as > needed. > > > > > > Lonnie > > > > > > [1] StarTech.com SCNM9FF1MBK https://www.amazon.com/gp/ > product/B00QM8ZP5E/ > > > > > > > > > ------------------------------------------------------------ > ------------------ > > Check out the vibrant tech community on one of the world's most > > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > > _______________________________________________ > > Astlinux-users mailing list > > Ast...@li... > > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > > > Donations to support AstLinux are graciously accepted via PayPal to > pa...@kr.... > > > > ------------------------------------------------------------ > ------------------ > > Check out the vibrant tech community on one of the world's most > > engaging tech sites, Slashdot.org! http://sdm.link/slashdot______ > _________________________________________ > > Astlinux-users mailing list > > Ast...@li... > > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > > > Donations to support AstLinux are graciously accepted via PayPal to > pa...@kr.... > > > ------------------------------------------------------------ > ------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > pa...@kr.... |
|
From: Lonnie A. <li...@lo...> - 2018-07-09 14:33:51
|
FYI, this box was added to Amazon a week ago, though costs a few dollars more than via AliExpress ... Qotom Q530G6 Barebone https://www.amazon.com/dp/B07F5NHHXL/ Qotom Q530G6 4G DDR4 RAM, 32G mSATA, No WiFi https://www.amazon.com/dp/B07F3VVV5C/ Good to have shopping choices. Lonnie > On Jul 8, 2018, at 6:05 PM, Lonnie Abelbeck <li...@lo...> wrote: > > A newly released hardware description and configuration has been added to the AstLinux documentation: > > Qotom Q530G6 Core i3-6100U Fanless Appliance > https://doc.astlinux-project.org/userdoc:board_qotom_q530g6 > > I personally purchased a Qotom Q530G6 (4G RAM, 32G mSATA SSD, No WiFi) via AliExpress: > > 6 Gigabit Nic Fanless Mini PC Qotom Q530G6 Core i3-6100U ... > https://www.aliexpress.com/item/6-Gigabit-Nic-Fanless-Mini-PC-Qotom-Q530G6-Q550G6-Core-i3-6100U-i5-6200U-1-8Ghz/32890614694.html > > $227.00 USD -- Barebone Q530G6, No WiFi > > $ 61.00 USD -- 4G RAM, 32G mSATA SSD (I added since it uses DDR4 RAM) > > $ 30.00 USD -- Shipping to central USA > > The Qotom Q530G6 is the fastest bare-metal hardware I have tested for AstLinux, 4.7x single-core performance compared to the legacy Intel Atom D525 workhorse, and 7.4x single-core performance compared to the PC Engines APU2. > > The Qotom Q530G6 is about twice the cost of the Qotom-Q190G4N-S07 or PC Engines APU2. > > Given the performance, the power consumption is surprisingly low, idles at 6 W, 10 W under load (HDMI disconnected). And runs cool, coretemp reports 41 degC CPU and SATA 2.5" SSD reports 43 degC (ambient temp is 26 degC / 79 degF). The supplied Hoodisk brand mSATA SSD does not report temp. The case is only barely warm to the touch. > > The Qotom Q530G6 offers everything an AstLinux user wants: > -- Supports Serial or Video (HDMI) Console > -- Supports either mSATA SSD or 2.5" SSD (SATA cable pre-attached) > -- 6x Intel i211 NIC's > -- Fanless, first-class machined aluminum black case > -- Internal piezo buzzer for startup/shutdown sounds. > -- Power button > > The Qotom Q530G6 requires DDR4 RAM, single 260-pin SO-DIMM, 4GB to 16GB supported. > > No surprise, line-speed 1Gbps network routing and line-speed WireGuard VPN with headroom. OpenVPN tested at 310 Mbps. > > I placed my order on a Saturday via AliExpress, it shipped on the following Tuesday morning and I signed for the package Thursday noon. Quite amazing ! > > Note: Shipped via DHL which required a signature on delivery. > > I like the way a SATA 2.5" SSD is attached (4x screws are supplied) to the lower cover, somewhat lower temps away from the motherboard. Currently on Amazon, "Industrial" 2.5" SATA SSD's (32GB-64GB) are available for $30-$40 USD. A 2.5" SSD is a good option for this box. > > In testing I found the Qotom Q530G6's serial port was sensitive to EMI generated with a dangling (inactive) serial cable, as such it would sometimes fail to boot properly (hang until cable was removed). Though a connected (active) serial cable, or no serial cable always booted reliably. I retested with a new [1], quality shielded serial cable and that solved the observed EMI issues with a dangling (inactive) serial cable. The original null-modem cable was probably 20 years old that came with a switch or some other product, and was longer than I needed. EMI on RS232 is something to keep in mind. > > Clearly there is no one best AstLinux hardware solution, but in my limited testing, the Qotom Q530G6 is a great fit for AstLinux. > > The Qotom Q530G6 has run solidly for a few days, further updates as needed. > > Lonnie > > [1] StarTech.com SCNM9FF1MBK https://www.amazon.com/gp/product/B00QM8ZP5E/ > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... > > |
|
From: Lonnie A. <li...@lo...> - 2018-07-09 14:04:58
|
Hi David, > but is it as simple as adding... > > BRIDGE0="eth2 eth3 eth4 eth5" Yes, you can bridge as many NIC's as you want to br0 . Personally I prefer to use a switch for such purposes, but if you want to keep your UPS load as small as possible for critical stuff ... Lonnie > On Jul 9, 2018, at 4:12 AM, David Kerr <Da...@Ke...> wrote: > > So with 6 NIC's I would probably want eth0/eth1 as WAN and WAN failover. Then bridge eth2/3/4/5 into a single br0 interface. Astlinux comes with support for 3 NIC's and bridges out of the box, but is it as simple as adding... > > BRIDGE0="eth2 eth3 eth4 eth5" > > to user.conf to create the br0, or is there more to it in order to have eth3/4/5 available? > > Thanks > David > > > On Sun, Jul 8, 2018 at 9:32 PM, Lonnie Abelbeck <li...@lo...> wrote: > You are welcome, Michael. > > > Double the performance of the Q190G4N-S07 which is already fast. > > Actually, the Qotom Q530G6 averages 3.3x the single-core performance compared to the Q190G4N-S07 in my tests. > > > In fact I cant see why I wouldn't just use both of these for all use cases other than I don't know their reliability. > > Yes, no matter which board vendor you choose there are reliability risks. At least with Qotom you can afford to have a few spares, and testing is the key. > > Lonnie > > > > > On Jul 8, 2018, at 6:53 PM, Michael Knill <mic...@ip...> wrote: > > > > Thanks Lonnie. Im looking forward to using it. > > Double the performance of the Q190G4N-S07 which is already fast. It should be able to handle my largest systems no problems at all! > > In fact I cant see why I wouldn't just use both of these for all use cases other than I don't know their reliability. > > > > Regards > > Michael Knill > > > > On 9/7/18, 9:05 am, "Lonnie Abelbeck" <li...@lo...> wrote: > > > > A newly released hardware description and configuration has been added to the AstLinux documentation: > > > > Qotom Q530G6 Core i3-6100U Fanless Appliance > > https://doc.astlinux-project.org/userdoc:board_qotom_q530g6 > > > > I personally purchased a Qotom Q530G6 (4G RAM, 32G mSATA SSD, No WiFi) via AliExpress: > > > > 6 Gigabit Nic Fanless Mini PC Qotom Q530G6 Core i3-6100U ... > > https://www.aliexpress.com/item/6-Gigabit-Nic-Fanless-Mini-PC-Qotom-Q530G6-Q550G6-Core-i3-6100U-i5-6200U-1-8Ghz/32890614694.html > > > > $227.00 USD -- Barebone Q530G6, No WiFi > > > > $ 61.00 USD -- 4G RAM, 32G mSATA SSD (I added since it uses DDR4 RAM) > > > > $ 30.00 USD -- Shipping to central USA > > > > The Qotom Q530G6 is the fastest bare-metal hardware I have tested for AstLinux, 4.7x single-core performance compared to the legacy Intel Atom D525 workhorse, and 7.4x single-core performance compared to the PC Engines APU2. > > > > The Qotom Q530G6 is about twice the cost of the Qotom-Q190G4N-S07 or PC Engines APU2. > > > > Given the performance, the power consumption is surprisingly low, idles at 6 W, 10 W under load (HDMI disconnected). And runs cool, coretemp reports 41 degC CPU and SATA 2.5" SSD reports 43 degC (ambient temp is 26 degC / 79 degF). The supplied Hoodisk brand mSATA SSD does not report temp. The case is only barely warm to the touch. > > > > The Qotom Q530G6 offers everything an AstLinux user wants: > > -- Supports Serial or Video (HDMI) Console > > -- Supports either mSATA SSD or 2.5" SSD (SATA cable pre-attached) > > -- 6x Intel i211 NIC's > > -- Fanless, first-class machined aluminum black case > > -- Internal piezo buzzer for startup/shutdown sounds. > > -- Power button > > > > The Qotom Q530G6 requires DDR4 RAM, single 260-pin SO-DIMM, 4GB to 16GB supported. > > > > No surprise, line-speed 1Gbps network routing and line-speed WireGuard VPN with headroom. OpenVPN tested at 310 Mbps. > > > > I placed my order on a Saturday via AliExpress, it shipped on the following Tuesday morning and I signed for the package Thursday noon. Quite amazing ! > > > > Note: Shipped via DHL which required a signature on delivery. > > > > I like the way a SATA 2.5" SSD is attached (4x screws are supplied) to the lower cover, somewhat lower temps away from the motherboard. Currently on Amazon, "Industrial" 2.5" SATA SSD's (32GB-64GB) are available for $30-$40 USD. A 2.5" SSD is a good option for this box. > > > > In testing I found the Qotom Q530G6's serial port was sensitive to EMI generated with a dangling (inactive) serial cable, as such it would sometimes fail to boot properly (hang until cable was removed). Though a connected (active) serial cable, or no serial cable always booted reliably. I retested with a new [1], quality shielded serial cable and that solved the observed EMI issues with a dangling (inactive) serial cable. The original null-modem cable was probably 20 years old that came with a switch or some other product, and was longer than I needed. EMI on RS232 is something to keep in mind. > > > > Clearly there is no one best AstLinux hardware solution, but in my limited testing, the Qotom Q530G6 is a great fit for AstLinux. > > > > The Qotom Q530G6 has run solidly for a few days, further updates as needed. > > > > Lonnie > > > > [1] StarTech.com SCNM9FF1MBK https://www.amazon.com/gp/product/B00QM8ZP5E/ > > > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot_______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... |
|
From: David K. <da...@ke...> - 2018-07-09 09:12:54
|
So with 6 NIC's I would probably want eth0/eth1 as WAN and WAN failover. Then bridge eth2/3/4/5 into a single br0 interface. Astlinux comes with support for 3 NIC's and bridges out of the box, but is it as simple as adding... BRIDGE0="eth2 eth3 eth4 eth5" to user.conf to create the br0, or is there more to it in order to have eth3/4/5 available? Thanks David On Sun, Jul 8, 2018 at 9:32 PM, Lonnie Abelbeck <li...@lo...> wrote: > You are welcome, Michael. > > > Double the performance of the Q190G4N-S07 which is already fast. > > Actually, the Qotom Q530G6 averages 3.3x the single-core performance > compared to the Q190G4N-S07 in my tests. > > > In fact I cant see why I wouldn't just use both of these for all use > cases other than I don't know their reliability. > > Yes, no matter which board vendor you choose there are reliability risks. > At least with Qotom you can afford to have a few spares, and testing is the > key. > > Lonnie > > > > > On Jul 8, 2018, at 6:53 PM, Michael Knill <michael.knill@ipcsolutions. > com.au> wrote: > > > > Thanks Lonnie. Im looking forward to using it. > > Double the performance of the Q190G4N-S07 which is already fast. It > should be able to handle my largest systems no problems at all! > > In fact I cant see why I wouldn't just use both of these for all use > cases other than I don't know their reliability. > > > > Regards > > Michael Knill > > > > On 9/7/18, 9:05 am, "Lonnie Abelbeck" <li...@lo...> > wrote: > > > > A newly released hardware description and configuration has been > added to the AstLinux documentation: > > > > Qotom Q530G6 Core i3-6100U Fanless Appliance > > https://doc.astlinux-project.org/userdoc:board_qotom_q530g6 > > > > I personally purchased a Qotom Q530G6 (4G RAM, 32G mSATA SSD, No > WiFi) via AliExpress: > > > > 6 Gigabit Nic Fanless Mini PC Qotom Q530G6 Core i3-6100U ... > > https://www.aliexpress.com/item/6-Gigabit-Nic-Fanless- > Mini-PC-Qotom-Q530G6-Q550G6-Core-i3-6100U-i5-6200U-1-8Ghz/32890614694.html > > > > $227.00 USD -- Barebone Q530G6, No WiFi > > > > $ 61.00 USD -- 4G RAM, 32G mSATA SSD (I added since it uses DDR4 RAM) > > > > $ 30.00 USD -- Shipping to central USA > > > > The Qotom Q530G6 is the fastest bare-metal hardware I have tested for > AstLinux, 4.7x single-core performance compared to the legacy Intel Atom > D525 workhorse, and 7.4x single-core performance compared to the PC Engines > APU2. > > > > The Qotom Q530G6 is about twice the cost of the Qotom-Q190G4N-S07 or > PC Engines APU2. > > > > Given the performance, the power consumption is surprisingly low, > idles at 6 W, 10 W under load (HDMI disconnected). And runs cool, coretemp > reports 41 degC CPU and SATA 2.5" SSD reports 43 degC (ambient temp is 26 > degC / 79 degF). The supplied Hoodisk brand mSATA SSD does not report > temp. The case is only barely warm to the touch. > > > > The Qotom Q530G6 offers everything an AstLinux user wants: > > -- Supports Serial or Video (HDMI) Console > > -- Supports either mSATA SSD or 2.5" SSD (SATA cable pre-attached) > > -- 6x Intel i211 NIC's > > -- Fanless, first-class machined aluminum black case > > -- Internal piezo buzzer for startup/shutdown sounds. > > -- Power button > > > > The Qotom Q530G6 requires DDR4 RAM, single 260-pin SO-DIMM, 4GB to > 16GB supported. > > > > No surprise, line-speed 1Gbps network routing and line-speed > WireGuard VPN with headroom. OpenVPN tested at 310 Mbps. > > > > I placed my order on a Saturday via AliExpress, it shipped on the > following Tuesday morning and I signed for the package Thursday noon. > Quite amazing ! > > > > Note: Shipped via DHL which required a signature on delivery. > > > > I like the way a SATA 2.5" SSD is attached (4x screws are supplied) > to the lower cover, somewhat lower temps away from the motherboard. > Currently on Amazon, "Industrial" 2.5" SATA SSD's (32GB-64GB) are available > for $30-$40 USD. A 2.5" SSD is a good option for this box. > > > > In testing I found the Qotom Q530G6's serial port was sensitive to > EMI generated with a dangling (inactive) serial cable, as such it would > sometimes fail to boot properly (hang until cable was removed). Though a > connected (active) serial cable, or no serial cable always booted > reliably. I retested with a new [1], quality shielded serial cable and > that solved the observed EMI issues with a dangling (inactive) serial > cable. The original null-modem cable was probably 20 years old that came > with a switch or some other product, and was longer than I needed. EMI on > RS232 is something to keep in mind. > > > > Clearly there is no one best AstLinux hardware solution, but in my > limited testing, the Qotom Q530G6 is a great fit for AstLinux. > > > > The Qotom Q530G6 has run solidly for a few days, further updates as > needed. > > > > Lonnie > > > > [1] StarTech.com SCNM9FF1MBK https://www.amazon.com/gp/ > product/B00QM8ZP5E/ > > > > > ------------------------------------------------------------ > ------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > pa...@kr.... |
|
From: Lonnie A. <li...@lo...> - 2018-07-09 01:32:29
|
You are welcome, Michael. > Double the performance of the Q190G4N-S07 which is already fast. Actually, the Qotom Q530G6 averages 3.3x the single-core performance compared to the Q190G4N-S07 in my tests. > In fact I cant see why I wouldn't just use both of these for all use cases other than I don't know their reliability. Yes, no matter which board vendor you choose there are reliability risks. At least with Qotom you can afford to have a few spares, and testing is the key. Lonnie > On Jul 8, 2018, at 6:53 PM, Michael Knill <mic...@ip...> wrote: > > Thanks Lonnie. Im looking forward to using it. > Double the performance of the Q190G4N-S07 which is already fast. It should be able to handle my largest systems no problems at all! > In fact I cant see why I wouldn't just use both of these for all use cases other than I don't know their reliability. > > Regards > Michael Knill > > On 9/7/18, 9:05 am, "Lonnie Abelbeck" <li...@lo...> wrote: > > A newly released hardware description and configuration has been added to the AstLinux documentation: > > Qotom Q530G6 Core i3-6100U Fanless Appliance > https://doc.astlinux-project.org/userdoc:board_qotom_q530g6 > > I personally purchased a Qotom Q530G6 (4G RAM, 32G mSATA SSD, No WiFi) via AliExpress: > > 6 Gigabit Nic Fanless Mini PC Qotom Q530G6 Core i3-6100U ... > https://www.aliexpress.com/item/6-Gigabit-Nic-Fanless-Mini-PC-Qotom-Q530G6-Q550G6-Core-i3-6100U-i5-6200U-1-8Ghz/32890614694.html > > $227.00 USD -- Barebone Q530G6, No WiFi > > $ 61.00 USD -- 4G RAM, 32G mSATA SSD (I added since it uses DDR4 RAM) > > $ 30.00 USD -- Shipping to central USA > > The Qotom Q530G6 is the fastest bare-metal hardware I have tested for AstLinux, 4.7x single-core performance compared to the legacy Intel Atom D525 workhorse, and 7.4x single-core performance compared to the PC Engines APU2. > > The Qotom Q530G6 is about twice the cost of the Qotom-Q190G4N-S07 or PC Engines APU2. > > Given the performance, the power consumption is surprisingly low, idles at 6 W, 10 W under load (HDMI disconnected). And runs cool, coretemp reports 41 degC CPU and SATA 2.5" SSD reports 43 degC (ambient temp is 26 degC / 79 degF). The supplied Hoodisk brand mSATA SSD does not report temp. The case is only barely warm to the touch. > > The Qotom Q530G6 offers everything an AstLinux user wants: > -- Supports Serial or Video (HDMI) Console > -- Supports either mSATA SSD or 2.5" SSD (SATA cable pre-attached) > -- 6x Intel i211 NIC's > -- Fanless, first-class machined aluminum black case > -- Internal piezo buzzer for startup/shutdown sounds. > -- Power button > > The Qotom Q530G6 requires DDR4 RAM, single 260-pin SO-DIMM, 4GB to 16GB supported. > > No surprise, line-speed 1Gbps network routing and line-speed WireGuard VPN with headroom. OpenVPN tested at 310 Mbps. > > I placed my order on a Saturday via AliExpress, it shipped on the following Tuesday morning and I signed for the package Thursday noon. Quite amazing ! > > Note: Shipped via DHL which required a signature on delivery. > > I like the way a SATA 2.5" SSD is attached (4x screws are supplied) to the lower cover, somewhat lower temps away from the motherboard. Currently on Amazon, "Industrial" 2.5" SATA SSD's (32GB-64GB) are available for $30-$40 USD. A 2.5" SSD is a good option for this box. > > In testing I found the Qotom Q530G6's serial port was sensitive to EMI generated with a dangling (inactive) serial cable, as such it would sometimes fail to boot properly (hang until cable was removed). Though a connected (active) serial cable, or no serial cable always booted reliably. I retested with a new [1], quality shielded serial cable and that solved the observed EMI issues with a dangling (inactive) serial cable. The original null-modem cable was probably 20 years old that came with a switch or some other product, and was longer than I needed. EMI on RS232 is something to keep in mind. > > Clearly there is no one best AstLinux hardware solution, but in my limited testing, the Qotom Q530G6 is a great fit for AstLinux. > > The Qotom Q530G6 has run solidly for a few days, further updates as needed. > > Lonnie > > [1] StarTech.com SCNM9FF1MBK https://www.amazon.com/gp/product/B00QM8ZP5E/ > |
|
From: Michael K. <mic...@ip...> - 2018-07-08 23:54:03
|
Thanks Lonnie. Im looking forward to using it.
Double the performance of the Q190G4N-S07 which is already fast. It should be able to handle my largest systems no problems at all!
In fact I cant see why I wouldn't just use both of these for all use cases other than I don't know their reliability.
Regards
Michael Knill
On 9/7/18, 9:05 am, "Lonnie Abelbeck" <li...@lo...> wrote:
A newly released hardware description and configuration has been added to the AstLinux documentation:
Qotom Q530G6 Core i3-6100U Fanless Appliance
https://doc.astlinux-project.org/userdoc:board_qotom_q530g6
I personally purchased a Qotom Q530G6 (4G RAM, 32G mSATA SSD, No WiFi) via AliExpress:
6 Gigabit Nic Fanless Mini PC Qotom Q530G6 Core i3-6100U ...
https://www.aliexpress.com/item/6-Gigabit-Nic-Fanless-Mini-PC-Qotom-Q530G6-Q550G6-Core-i3-6100U-i5-6200U-1-8Ghz/32890614694.html
$227.00 USD -- Barebone Q530G6, No WiFi
$ 61.00 USD -- 4G RAM, 32G mSATA SSD (I added since it uses DDR4 RAM)
$ 30.00 USD -- Shipping to central USA
The Qotom Q530G6 is the fastest bare-metal hardware I have tested for AstLinux, 4.7x single-core performance compared to the legacy Intel Atom D525 workhorse, and 7.4x single-core performance compared to the PC Engines APU2.
The Qotom Q530G6 is about twice the cost of the Qotom-Q190G4N-S07 or PC Engines APU2.
Given the performance, the power consumption is surprisingly low, idles at 6 W, 10 W under load (HDMI disconnected). And runs cool, coretemp reports 41 degC CPU and SATA 2.5" SSD reports 43 degC (ambient temp is 26 degC / 79 degF). The supplied Hoodisk brand mSATA SSD does not report temp. The case is only barely warm to the touch.
The Qotom Q530G6 offers everything an AstLinux user wants:
-- Supports Serial or Video (HDMI) Console
-- Supports either mSATA SSD or 2.5" SSD (SATA cable pre-attached)
-- 6x Intel i211 NIC's
-- Fanless, first-class machined aluminum black case
-- Internal piezo buzzer for startup/shutdown sounds.
-- Power button
The Qotom Q530G6 requires DDR4 RAM, single 260-pin SO-DIMM, 4GB to 16GB supported.
No surprise, line-speed 1Gbps network routing and line-speed WireGuard VPN with headroom. OpenVPN tested at 310 Mbps.
I placed my order on a Saturday via AliExpress, it shipped on the following Tuesday morning and I signed for the package Thursday noon. Quite amazing !
Note: Shipped via DHL which required a signature on delivery.
I like the way a SATA 2.5" SSD is attached (4x screws are supplied) to the lower cover, somewhat lower temps away from the motherboard. Currently on Amazon, "Industrial" 2.5" SATA SSD's (32GB-64GB) are available for $30-$40 USD. A 2.5" SSD is a good option for this box.
In testing I found the Qotom Q530G6's serial port was sensitive to EMI generated with a dangling (inactive) serial cable, as such it would sometimes fail to boot properly (hang until cable was removed). Though a connected (active) serial cable, or no serial cable always booted reliably. I retested with a new [1], quality shielded serial cable and that solved the observed EMI issues with a dangling (inactive) serial cable. The original null-modem cable was probably 20 years old that came with a switch or some other product, and was longer than I needed. EMI on RS232 is something to keep in mind.
Clearly there is no one best AstLinux hardware solution, but in my limited testing, the Qotom Q530G6 is a great fit for AstLinux.
The Qotom Q530G6 has run solidly for a few days, further updates as needed.
Lonnie
[1] StarTech.com SCNM9FF1MBK https://www.amazon.com/gp/product/B00QM8ZP5E/
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Astlinux-users mailing list
Ast...@li...
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
|
|
From: Lonnie A. <li...@lo...> - 2018-07-08 23:05:26
|
A newly released hardware description and configuration has been added to the AstLinux documentation: Qotom Q530G6 Core i3-6100U Fanless Appliance https://doc.astlinux-project.org/userdoc:board_qotom_q530g6 I personally purchased a Qotom Q530G6 (4G RAM, 32G mSATA SSD, No WiFi) via AliExpress: 6 Gigabit Nic Fanless Mini PC Qotom Q530G6 Core i3-6100U ... https://www.aliexpress.com/item/6-Gigabit-Nic-Fanless-Mini-PC-Qotom-Q530G6-Q550G6-Core-i3-6100U-i5-6200U-1-8Ghz/32890614694.html $227.00 USD -- Barebone Q530G6, No WiFi $ 61.00 USD -- 4G RAM, 32G mSATA SSD (I added since it uses DDR4 RAM) $ 30.00 USD -- Shipping to central USA The Qotom Q530G6 is the fastest bare-metal hardware I have tested for AstLinux, 4.7x single-core performance compared to the legacy Intel Atom D525 workhorse, and 7.4x single-core performance compared to the PC Engines APU2. The Qotom Q530G6 is about twice the cost of the Qotom-Q190G4N-S07 or PC Engines APU2. Given the performance, the power consumption is surprisingly low, idles at 6 W, 10 W under load (HDMI disconnected). And runs cool, coretemp reports 41 degC CPU and SATA 2.5" SSD reports 43 degC (ambient temp is 26 degC / 79 degF). The supplied Hoodisk brand mSATA SSD does not report temp. The case is only barely warm to the touch. The Qotom Q530G6 offers everything an AstLinux user wants: -- Supports Serial or Video (HDMI) Console -- Supports either mSATA SSD or 2.5" SSD (SATA cable pre-attached) -- 6x Intel i211 NIC's -- Fanless, first-class machined aluminum black case -- Internal piezo buzzer for startup/shutdown sounds. -- Power button The Qotom Q530G6 requires DDR4 RAM, single 260-pin SO-DIMM, 4GB to 16GB supported. No surprise, line-speed 1Gbps network routing and line-speed WireGuard VPN with headroom. OpenVPN tested at 310 Mbps. I placed my order on a Saturday via AliExpress, it shipped on the following Tuesday morning and I signed for the package Thursday noon. Quite amazing ! Note: Shipped via DHL which required a signature on delivery. I like the way a SATA 2.5" SSD is attached (4x screws are supplied) to the lower cover, somewhat lower temps away from the motherboard. Currently on Amazon, "Industrial" 2.5" SATA SSD's (32GB-64GB) are available for $30-$40 USD. A 2.5" SSD is a good option for this box. In testing I found the Qotom Q530G6's serial port was sensitive to EMI generated with a dangling (inactive) serial cable, as such it would sometimes fail to boot properly (hang until cable was removed). Though a connected (active) serial cable, or no serial cable always booted reliably. I retested with a new [1], quality shielded serial cable and that solved the observed EMI issues with a dangling (inactive) serial cable. The original null-modem cable was probably 20 years old that came with a switch or some other product, and was longer than I needed. EMI on RS232 is something to keep in mind. Clearly there is no one best AstLinux hardware solution, but in my limited testing, the Qotom Q530G6 is a great fit for AstLinux. The Qotom Q530G6 has run solidly for a few days, further updates as needed. Lonnie [1] StarTech.com SCNM9FF1MBK https://www.amazon.com/gp/product/B00QM8ZP5E/ |
|
From: Michael K. <mic...@ip...> - 2018-07-06 07:29:36
|
The following seems to work well to clear the Asterisk database:
service asterisk stop
sqlite3 /mnt/kd/astdb.sqlite3 'delete from astdb;'
service asterisk start
Easy to clear out the cdr database the same way (not sure if you need to stop Asterisk though)
sqlite3 /mnt/kd/cdr-sqlite3/cdr-odbc.sqlite3 'delete from cdr;'
sqlite3 /mnt/kd/cdr-sqlite3/cdr-odbc.sqlite3 'VACUUM;'
Thanks!
Regards
Michael Knill
On 5/7/18, 9:51 am, "Michael Knill" <mic...@ip...> wrote:
Thanks Lonnie. Simple!
Add 'service asterisk stop' to any restore or factory reset script and all is resolved after a reboot.
Regards
Michael Knill
On 5/7/18, 9:24 am, "Lonnie Abelbeck" <li...@lo...> wrote:
> On Jul 4, 2018, at 5:23 PM, Michael Knill <mic...@ip...> wrote:
>
> Does anyone know if there is an issue with writing or deleting entries directly in the astdb.sqlite3 database rather than via Asterisk?
> It would only be used for backup/restore/factory reset purposes.
I would not do that if Asterisk is running.
If you need to change astdb.sqlite3 entries, do it via Asterisk.
As part of my tarsnap daily backups, my /mnt/kd/tarsnap-backup.script contains ...
--
sqlite3 /mnt/kd/astdb.sqlite3 .dump > "$CUSTOM_BACKUP_DIR/astdb.sqlite3.dump"
--
Ref: https://doc.astlinux-project.org/userdoc:tt_tarsnap_online_backup#optional_action_script
Then any restore would need to be done when Asterisk is not running.
Lonnie
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Astlinux-users mailing list
Ast...@li...
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Astlinux-users mailing list
Ast...@li...
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
|
|
From: Lonnie A. <li...@lo...> - 2018-07-05 14:08:29
|
Announcing Pre-Release Version: astlinux-1.3-3800-b752f5 The AstLinux Team is regularly upgrading packages containing security and bug fixes as well as adding new features of our own. -- Linux Kernel 3.16.57, security and bug fixes. -- Asterisk 13 version bump to 13.21.1 New Documentation Topics: Linode KVM -- https://doc.astlinux-project.org/userdoc:hosted_guest_vm_linode Updated Documentation Topics: WAN Failover -- https://doc.astlinux-project.org/userdoc:tt_wan_failover#example4g_lte_modem_failover These pre-release images are for those who would like to take advantage of the AstLinux development before the next official release, as well as providing testing for the project. The "AstLinux Pre-Release ChangeLog" and "Repository URL" entries can be found under the "Development" tab of the AstLinux Project web site ... AstLinux Project -> Development https://www.astlinux-project.org/dev.html While these images are considered 'stable', the lack of testing will not make these images suitable for critical production systems. If you should come across an issue, please report back here. AstLinux Team |
|
From: Michael K. <mic...@ip...> - 2018-07-04 23:51:35
|
Thanks Lonnie. Simple!
Add 'service asterisk stop' to any restore or factory reset script and all is resolved after a reboot.
Regards
Michael Knill
On 5/7/18, 9:24 am, "Lonnie Abelbeck" <li...@lo...> wrote:
> On Jul 4, 2018, at 5:23 PM, Michael Knill <mic...@ip...> wrote:
>
> Does anyone know if there is an issue with writing or deleting entries directly in the astdb.sqlite3 database rather than via Asterisk?
> It would only be used for backup/restore/factory reset purposes.
I would not do that if Asterisk is running.
If you need to change astdb.sqlite3 entries, do it via Asterisk.
As part of my tarsnap daily backups, my /mnt/kd/tarsnap-backup.script contains ...
--
sqlite3 /mnt/kd/astdb.sqlite3 .dump > "$CUSTOM_BACKUP_DIR/astdb.sqlite3.dump"
--
Ref: https://doc.astlinux-project.org/userdoc:tt_tarsnap_online_backup#optional_action_script
Then any restore would need to be done when Asterisk is not running.
Lonnie
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Astlinux-users mailing list
Ast...@li...
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
|
|
From: Michael K. <mic...@ip...> - 2018-07-04 23:44:09
|
Thanks Lonnie. Good call. That will be my next test.
PS IP Address stays the same.
Regards
Michael Knill
On 5/7/18, 9:14 am, "Lonnie Abelbeck" <li...@lo...> wrote:
Michael,
My theory has always been your problem is with an upstream firewall.
Stopping asterisk for a period of time may allow upstream firewall states to expire.
By rebooting AstLinux you will do the same (stop/start Asterisk) and if you have PPPoE you may pull a different IP address which will bypass any upstream states.
From all you have described, this looks to me to be an upstream issue relative to AstLinux.
Lonnie
> On Jul 4, 2018, at 4:56 PM, Michael Knill <mic...@ip...> wrote:
>
> And yes good test. Of course a firewall restart does not clear translations.
> Am I able to clear firewall translations without waiting for them to time out which is what I assume you are doing here?
> It would have to be dome from a remote session as well e.g. through the firewall.
>
> Regards
> Michael Knill
>
> On 4/7/18, 10:41 pm, "Lonnie Abelbeck" <li...@lo...> wrote:
>
>> So my questions are:
>> • Is tcpdump BEFORE the firewall?
>
> For incoming packets tcpdump is before the firewall, for outgoing packets tcpdump is after the firewall, ie.
> --
> wire -> NIC -> tcpdump -> netfilter/firewall
>
> netfilter/firewall -> tcpdump -> NIC -> wire
> --
> so tcpdump does not see outbound packets blocked by the firewall.
>
>
>> • What tests should I do next?
>
> Have you ever tried ...
> --
> service asterisk stop
> sleep 90
> service asterisk init
> --
>
>
> Lonnie
>
>
>
>
>
>> On Jul 3, 2018, at 10:19 PM, Michael Knill <mic...@ip...> wrote:
>>
>> Back to the ongoing saga of SIP Options ping not working. This one is a bit different though. Here is the scenario:
>>
>> • Can SSH into box fine and network connectivity is fine
>> • Find IP Address based SIP Trunk is UNREACHABLE. Can ping provider from the box
>> • Asterisk SIP Debug shows SIP Options sent but none received. This is also the case using tcpdump on the ppp0 interface
>> • Asterisk reload and Firewall restart did not fix the problem. The system needed a full reboot for the trunk to be REACHABLE
>>
>> So my questions are:
>> • Is tcpdump BEFORE the firewall?
>> • Can you think of what the issue could be?
>> • What tests should I do next?
>>
>> Unfortunately (or fortunately) this happens very infrequently so the fix will be a long confirmation period.
>>
>> Thanks all!
>>
>> Regards
>> Michael Knill
>> ------------------------------------------------------------------------------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot_______________________________________________
>> Astlinux-users mailing list
>> Ast...@li...
>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>>
>> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Astlinux-users mailing list
> Ast...@li...
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Astlinux-users mailing list
> Ast...@li...
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Astlinux-users mailing list
Ast...@li...
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to pa...@kr....
|
|
From: Lonnie A. <li...@lo...> - 2018-07-04 23:24:09
|
> On Jul 4, 2018, at 5:23 PM, Michael Knill <mic...@ip...> wrote: > > Does anyone know if there is an issue with writing or deleting entries directly in the astdb.sqlite3 database rather than via Asterisk? > It would only be used for backup/restore/factory reset purposes. I would not do that if Asterisk is running. If you need to change astdb.sqlite3 entries, do it via Asterisk. As part of my tarsnap daily backups, my /mnt/kd/tarsnap-backup.script contains ... -- sqlite3 /mnt/kd/astdb.sqlite3 .dump > "$CUSTOM_BACKUP_DIR/astdb.sqlite3.dump" -- Ref: https://doc.astlinux-project.org/userdoc:tt_tarsnap_online_backup#optional_action_script Then any restore would need to be done when Asterisk is not running. Lonnie |
|
From: Lonnie A. <li...@lo...> - 2018-07-04 23:14:18
|
Michael, My theory has always been your problem is with an upstream firewall. Stopping asterisk for a period of time may allow upstream firewall states to expire. By rebooting AstLinux you will do the same (stop/start Asterisk) and if you have PPPoE you may pull a different IP address which will bypass any upstream states. From all you have described, this looks to me to be an upstream issue relative to AstLinux. Lonnie > On Jul 4, 2018, at 4:56 PM, Michael Knill <mic...@ip...> wrote: > > And yes good test. Of course a firewall restart does not clear translations. > Am I able to clear firewall translations without waiting for them to time out which is what I assume you are doing here? > It would have to be dome from a remote session as well e.g. through the firewall. > > Regards > Michael Knill > > On 4/7/18, 10:41 pm, "Lonnie Abelbeck" <li...@lo...> wrote: > >> So my questions are: >> • Is tcpdump BEFORE the firewall? > > For incoming packets tcpdump is before the firewall, for outgoing packets tcpdump is after the firewall, ie. > -- > wire -> NIC -> tcpdump -> netfilter/firewall > > netfilter/firewall -> tcpdump -> NIC -> wire > -- > so tcpdump does not see outbound packets blocked by the firewall. > > >> • What tests should I do next? > > Have you ever tried ... > -- > service asterisk stop > sleep 90 > service asterisk init > -- > > > Lonnie > > > > > >> On Jul 3, 2018, at 10:19 PM, Michael Knill <mic...@ip...> wrote: >> >> Back to the ongoing saga of SIP Options ping not working. This one is a bit different though. Here is the scenario: >> >> • Can SSH into box fine and network connectivity is fine >> • Find IP Address based SIP Trunk is UNREACHABLE. Can ping provider from the box >> • Asterisk SIP Debug shows SIP Options sent but none received. This is also the case using tcpdump on the ppp0 interface >> • Asterisk reload and Firewall restart did not fix the problem. The system needed a full reboot for the trunk to be REACHABLE >> >> So my questions are: >> • Is tcpdump BEFORE the firewall? >> • Can you think of what the issue could be? >> • What tests should I do next? >> >> Unfortunately (or fortunately) this happens very infrequently so the fix will be a long confirmation period. >> >> Thanks all! >> >> Regards >> Michael Knill >> ------------------------------------------------------------------------------ >> Check out the vibrant tech community on one of the world's most >> engaging tech sites, Slashdot.org! http://sdm.link/slashdot_______________________________________________ >> Astlinux-users mailing list >> Ast...@li... >> https://lists.sourceforge.net/lists/listinfo/astlinux-users >> >> Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Astlinux-users mailing list > Ast...@li... > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... |
|
From: The C. K. <eld...@ya...> - 2018-07-04 23:13:27
|
I’ve done it and it didn’t seem to hurt though I’d never do it in production. I’m not sure how much data is cached by asterisk so I end up always handling the DB through AMI Christopher
On Wednesday, July 4, 2018, 6:23:56 PM EDT, Michael Knill <mic...@ip...> wrote:
Does anyone know if there is an issue with writing or deleting entries directly in the astdb.sqlite3 database rather than via Asterisk?
It would only be used for backup/restore/factory reset purposes.
Regards
Michael Knill
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot_______________________________________________
Astlinux-users mailing list
Ast...@li...
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to pa...@kr.... |
|
From: Michael K. <mic...@ip...> - 2018-07-04 22:23:38
|
Does anyone know if there is an issue with writing or deleting entries directly in the astdb.sqlite3 database rather than via Asterisk? It would only be used for backup/restore/factory reset purposes. Regards Michael Knill |
63 messages has been excluded from this view by a project administrator.
