Tải bản đầy đủ - 0 (trang)
22 Using AsteriskNOW, “Asterisk in 30 Minutes”

22 Using AsteriskNOW, “Asterisk in 30 Minutes”

Tải bản đầy đủ - 0trang


There is indeed, and it is a product of Digium itself. AsteriskNOW is a software

appliance that includes the operating system, Asterisk, and good web-based graphical interfaces for the Asterisk server and the operating system.

Visit AsteriskNOW.org (http://www.asterisknow.org/) to download the installation

image. You’ll have a choice of several different images, including x86-32 and x86-64,

a Xen guest image, a VMWare guest image, and a liveCD image.

The installer will look for a DHCP server. Log on to the server to find its IP address

with the username admin, password password. It should tell you the IP address right

on the console. If it doesn’t, because gosh knows Asterisk is evolving faster than science fiction critters, use the ifconfig command.

Alt-F9 takes you to the familiar Asterisk CLI, and Alt-F1 takes you back to the

console menu.

Then, log in to the web administration interface from a neighboring PC. Fire up a

Firefox web browser, and go to https://[ip address]. You’ll get a bunch of scary warnings about the server certificate. Accept the certificate, and continue. Log in with

admin, password. This is not the same admin user as on the server console, but the

web GUI admin user. You’ll be required to change the password, then relog in and

run a setup wizard before you can do anything else. You can quickly skip through

the setup wizard if you want to get right into exploring the interface.

On the top right of the AsteriskNOW web GUI, click System Configuration to get

into the rPath Linux control panel. This has yet a third separate admin user.

An SSH server runs by default, so you can log in remotely this way:

$ ssh admin@[ip address]

AsteriskNOW does not come with a root password. You can use sudo for most

chores, but you should still have a root password on the server. On the AsteriskNOW console, create one this way:

[admin@localhost ~]$ sudo passwd root


Using sudo in the way AsteriskNOW has it setup is convenient. You only have to

remember one password, and all sudo commands are logged. But, you still need a

real root password. Not all commands work with sudo because some commands and

scripts don’t know how to handle sudo asking for a password. And, perhaps more

importantly, the Ext3 filesystem reserves 5 percent of the filesystem exclusively for

the root user. This makes it possible for root to recover a system when user processes

have have gone berserk and completely filled up the filesystem.


Using AsteriskNOW, “Asterisk in 30 Minutes” |


AsteriskNOW comes with one-click purchase and provisioning of Polycom IP phones,

one-click setup with VoicePulse, and you can upgrade from the free AsteriskNOW to

the supported Asterisk Business Edition. Watch for more integration with hardware

and service vendors with new AsteriskNOW releases and upgrades.

See Also

• Here be Wikis, forums, and all manner of usefulness:

AsteriskNOW support: http://www.asterisknow.org/support

5.23 Installing and Removing Packages on



Even though AsteriskNOW runs on Linux, it’s not the Linux you know. It looks

somewhat like Red Hat, but there are no RPM or Yum commands for installing and

removing packages. It uses the familiar Bash shell, and /bin and /sbin contain all the

familiar Linux commands. So, how do you manage the software?


AsteriskNOW uses rPath Linux, which is a specialized Linux distribution designed

for building software appliances like AsteriskNOW. It’s designed to be easily customizable and efficient, containing only the packages needed to run your appliance.

It uses the Conary build system, which includes custom package repositories and


These commands show short and extended help lists:

[admin@localhost ~]$ conary

[admin@localhost ~]$ conary help

You can see a list of all packages installed on your system:

[admin@localhost ~]$ conary query | less

grep helps you find a specific installed program:

[admin@localhost ~]$ conary query | grep speex


Get information on an installed package:

admin@localhost ~]$ conary q speex --info

Conary calls dependencies and related packages troves. View installed troves with

this command:

admin@localhost ~]$ conary q speex --troves



Chapter 5: Building a VoIP Server with Asterisk

This command shows all troves, including those that are not installed:

[admin@localhost ~]$ conary q speex --all-troves

This command displays dependencies:

[admin@localhost ~]$ conary q speex --deps

You can see what is available to install:

[admin@localhost ~]$ conary rq | less

This command installs a new package or updates an installed package:

[admin@localhost ~]# conary update [packagename]

This command removes a package:

[admin@localhost ~]# conary erase [packagename]

This command updates the whole system:

[admin@localhost ~]# conary updateall


The rPath web control panel controls network configuration, backups, system

updates, admin password, and the time and date. You’ll need the CLI commands for

everything else.

See Also

• You’ll find a complete administration manual at Conary system administration:


5.24 Connecting Road Warriors and Remote Users


You want your traveling staff to be able to log in to your Asterisk server from wherever they may roam, or you have far-flung friends and family that you wish to share

your server with so you can keep in touch and avoid toll charges.


They will need SIP or IAX accounts on your server, broadband Internet, and your

server must be Internet-accessible. Then they will need either a soft IP phone, an analog telephone adapter like Digium’s IAXy (pronounced eek-see) or the Linksys Sipura

SPA-1001, or a hard IP phone. The IAXy and SPA-1001 are finicky to configure, but

easy for your users.


Connecting Road Warriors and Remote Users |


Using softphones means your users will need their own computers with sound gear

and access to broadband Internet. And, if they are behind firewalls, they’ll need

those configured to allow their VoIP traffic. Follow Recipe 5.6. Make sure your

server has a proper, publicly routable IP address.

The IAXy and the SPA-1001 are very small, so users can easily travel with them.

They’ll need analog phones and broadband Internet to use these. The IAXy uses the

IAX protocol, and costs around $100. The SPA-1001 is a SIP device, and is about

$70. Both come with good configuration instructions. Your Asterisk server supports

IAX and SIP, so either device works fine.

Good-quality hard phones start around $100. These are usually big, multiline desk

phones, and not very portable for road warriors. But, they might be nice for Mom and

Dad. They’ll be easy to use, and have good sound quality. Not many hardphones support IAX, so you’ll probably have to set up a SIP account for Mom and Dad.


You’ll want to configure these remote accounts carefully, so that you are not exposing internal or outbound calling services to the world. If you have PSTN termination

on your server, your remote users will have your local calling area for free, and any

other services you give them access to. The recipes in this chapter show you how to

separate services and privileges.

See Also

• Search VoIP-info.org (http://voip-info.org/wiki/) and the Asterisk mailing lists

(http://www.voip-info.org/wiki-Asterisk+Mailing+Lists) for information and user

reviews on specific products

• These are some sites to get you started on shopping:

VoIP Supply: http://www.voipsupply.com

Telephonyware.com: http://www.telephonyware.com/



Chapter 5: Building a VoIP Server with Asterisk

Chapter 6


Routing with Linux



Linux on ordinary commodity hardware can handle small to medium routing needs

just fine. The low- to mid-range commercial routers use hardware comparable to

ordinary PC hardware. The main difference is form factor and firmware. Routers that

use a real-time operating system, like the Cisco IOS, perform a bit better under heavy

loads than Linux-based routers. Big companies with large, complex routing tables

and ISPs need the heavy-duty gear. The rest of us can get by on the cheap just fine.

You don’t want poor-quality hardware; that’s always a bad idea. You just don’t need

to spend the moon for simple routing like this chapter covers.

The highest-end routers use specialized hardware that is designed to move the maximum number of packets per second. They come with multiple fat data buses, multiple

CPUs, and Ternary Content Addressable Memory (TCAM) memory. TCAM is several

times faster than the fastest system RAM, and many times more expensive. TCAM is

not used in lower-cost devices, and no software can shovel packets as fast as TCAM.

But, for the majority of admins, this is not an issue because you have an ISP to do the

heavy lifting. Your routing tables are small because you’re managing only a few networks that are directly under your care.

In this chapter, we’re going to perform feats of static routing using the route and ip

commands, and dynamic routing using two interior routing protocols, Routing Information Protocol (RIP) and Open Shortest Path First (OSPF).

How do you know which one to use? RIP is the simplest to implement. Every 30 seconds it multicasts its entire routing table to your whole network, and all RIP routers

update their routing tables accordingly. RIP is known as a distance-vector routing

algorithm because it measures the distance of a route by the number of hops, and it

calls the path to the next hop a vector. RIP is limited to 15 hops; if any destination is

farther than that, RIP thinks it is unreachable.


RIP works fine for managing stable, less-complex networks.

OSPF is a link-state algorithm, which means a router multicasts its information when

changes have occurred, and routine updates every 30 minutes. Each OSPF router

contains the entire topology for the network, and is able to calculate on its own the

best path through the network.

As your network grows, it becomes apparent that updates are the bottlenecks. When

you’re riding herd on 50 or 100 or more routers, they’re going to spend a lot of time

and bandwidth talking to each other. OSPF solves this problem by allowing you to

divide your network into areas. These must all be connected to a common backbone, and then the routers inside each area only need to contain the topology for

that area, and the border routers communicate between each area.

Exterior Protocols

You’ve probably heard of exterior routing protocols like Border Gateway Protocol

(BGP) and Exterior Gateway Protocol (EGP). Quagga supports BGP. We’re not

going to get into these in this chapter because if you need BGP, you’ll have a service

provider to make sure you’re set up correctly. When do you need BGP? When you’re

a service provider yourself, or when you have two or more transit providers, and you

want them configured for failover and redundancy. For example, ISPs boast of things

like “four Tier-One Internet connectivity providers...multiple connections, managed with Border Gateway Protocol to optimize routing across connections, ensures

low-latency delivery to users worldwide.”

If you’re in a situation where you need high-availability and no excuses, you might

first consider using a hosting service instead of self-hosting. Then someone else has

all the headaches of security, maintaining equipment, providing bandwidth, and


There are all kinds of excellent specialized router Linux distributions. See the Introduction to Chapter 3 for a partial list.

Linux Routing and Networking Commands

You’ll need to know several similar methods for doing the same things. The net-tools

package is the old standby for viewing, creating and deleting routes, viewing information on interfaces, assigning addresses to interfaces, bringing interfaces up and

down, and viewing or setting hostnames. The netstat command is a utility you’ll use

a lot for displaying routes, interface statistics, and showing listening sockets and

active network connections. These are the commands that come with net-tools:

• ifconfig

• nameif



Chapter 6: Routing with Linux

• plipconfig

• rarp

• route

• slattach

• ipmaddr

• iptunnel

• mii-tool

• netstat

• hostname

Debian puts hostname in a separate package. dnsdomainname, domainname,

nisdomainname, and ypdomainname are all part of hostname.

In fact, the different Linux distributions all mess with net-tools in various ways, so

yours may include some different commands.

iproute2 is supposed to replace net-tools, but it hasn’t, and probably never will.

iproute2 is for policy routing and traffic shaping, plus it has some nice everyday features not found in net-tools, and it has the functionality of net-tools. It includes these


• rtmon

• ip

• netbug

• rtacct

• ss

• lnstat

• nstat

• cbq

• tc

• arpd

ip and tc are the most commonly used iproute2 commands. ip does the same jobs as

route, ifconfig, iptunnel, and arp. Just like net-tools, iproute2 varies between distributions. tc is for traffic-shaping.

It would be lovely to have to know only one of these, but you’re going to encounter

both, so you might as well get familiar with all of them.

6.0 Introduction |



Calculating Subnets with ipcalc


You often see documentation with instructions like “you must use different subnets

for this to work,” or “be sure your hosts are all on the same network.” But, you’re a

bit hazy on what this means, and how to make the address calculations—is there a

tool to help you?


There is indeed: ipcalc. This is a standard program available for any Linux. This

command shows you everything you need to know for a single network:

$ ipcalc


Netmask: = 24







Hosts/Net: 254

11000000.10101000.00001010. 00000000

11111111.11111111.11111111. 00000000

00000000.00000000.00000000. 11111111





Class C, Private Internet





So, here you see the old-fashioned dotted-quad notation, the newfangled CIDR notation, the available host address range, the number of hosts you can have on this

network, and the binary addresses. ipcalc shows the network portion of the address,

which is 192.168.10, and the host portion, which is 1–254. And it’s a nice visual aid

for understanding netmasks.

On Fedora, ipcalc is very different, and not nearly as helpful as the real

ipcalc. You can install the real ipcalc from source, which you can

download from http://freshmeat.net/projects/ipcalc/, or try whatmask.

whatmask is similar to ipcalc, and it is in the Fedora repositories, so

you can install it with yum install whatmask.

You need to specify the netmask if it’s not /24 (or The more

common CIDR netmasks are:




Or, their dotted-quad equivalents:



Chapter 6: Routing with Linux

Use netmasks to differentiate the network part of the address and the host address

part. These are the private IPv4 private address ranges:–––

The first one,–, gives you the most possible addresses. If you

use the first quad for the network address, and the last three for host addresses,

you’ll have 16,777,214 addresses to play with, all in one giant network, which you

can see for yourself:

$ ipcalc


Netmask: = 8







Hosts/Net: 16777214

00001010. 00000000.00000000.00000000

11111111. 00000000.00000000.00000000

00000000. 11111111.11111111.11111111





Class A,





Private Internet

A 16,777,214-host network all in one subnet probably isn’t what you want, so you

can whittle it down into smaller subnets. This example show three subnets that use

the first two quads (in bold) for the network portion of the address:

$ ipcalc

$ ipcalc

$ ipcalc

You could number these all the way up to You can make even smaller

subnets with a bigger netmask:

$ ipcalc

$ ipcalc

$ ipcalc

All the way up to

The host address portions number from 1–254. Remember, the broadcast address is

always the highest in the subnet.

ipcalc has one more excellent trick: calculating multiple subnets with one command.

Suppose you want to divide a network into three subnets for 100 total

hosts. Just tell ipcalc your netmask, and how many hosts you want in each segment:

$ ipcalc --s 25 25 50

ipcalc then spells it all out for you, and even shows your unused address ranges.


Calculating Subnets with ipcalc |



ipcalc has a few simple options, which you can see by running:

$ ipcalc --help

Classless Inter-Domain Routing (CIDR) notation is compact, and lets you slice and

dice your networks finely, all the way down to a single host, which is /32. It is

supposed to replace the old dotted-quad netmask notation, but you’ll find you need

to know both because there are applications that still don’t support CIDR.

See Also

• man 1 ipcalc

• RFC 1597—Address Allocation for Private Internets


Setting a Default Gateway


You’re a bit confused on the concepts of gateways and default gateways. When do

you need them? What are they for? How do you configure them?


Gateways forward traffic between different networks, like different subnets, or your

local network and the Internet. Another way to think of them is next hop routers.

The default gateway contains the default route out of your network. Any host that is

allowed access outside of the local network needs a default gateway.

Suppose your network is set up like this:

• Your LAN is on

• You have a single shared Internet connection with a static WAN address of 208.


• Your ISP has assigned you a default gateway of

You’ll need to configure two gateways: from your individual LAN hosts to your

router, and then from your router to your ISP. Figure 6-1 illustrates this network


There are several different ways of configuring gateways on your LAN hosts. One

way is with route:

# route add default gw

Another way is with iproute2:

# ip route add default via



Chapter 6: Routing with Linux


Lan switch


Your border


ISP gateway


Figure 6-1. LAN, router, and ISP gateway

If your PC has more than one network interface, you can specify a single one:

# route add default gw eth2

# ip route add default via dev eth2

But, these will not survive a reboot. Debian users have /etc/network/interfaces for permanent network configurations. For hosts with static IP addresses, add a gateway

line to your interface stanzas:


Fedora users have individual configuration files for each interface in /etc/sysconfig/

network-scripts, like ifcfg-eth0:


Your router then needs a gateway statement in the configuration for its

WAN interface to get Internet access.

Use these commands to remove gateways:





route del default

route del default gw

ip route del default

ip route del default via

ip will not let you set more than one default gateway, which route will let you do.

There can be only one.


Gateways cannot have addresses outside of their own networks. The example used in

this recipe demonstrates this—the WAN interface,, is on the same

network as the ISP, The LAN gateway interface is on the LAN


How do you decide which route to make your default gateway? By the number of

routes it serves. Your Internet gateway leads you to hundreds of thousands of routes,

while you’re going to have just a few local routes.

6.2 Setting a Default Gateway |


Tài liệu bạn tìm kiếm đã sẵn sàng tải về

22 Using AsteriskNOW, “Asterisk in 30 Minutes”

Tải bản đầy đủ ngay(0 tr)