Friday, May 7, 2010

Disconnect calls in cisco AS5400 gateways

;Disconnect calls in cisco AS5400 gateways
;IOS Version 12.4(25a)


:Method 1
;Inspect the as5400 for dead or stuck calls
gateway#show call active voice compact
A/O FAX T Codec type Peer Address IP R:
Total call-legs: 2
6970 ANS T164506 g711ulaw TELE P5000
6971 ORG T164506 g711ulaw VOIP P1000 192.168.1.2:18876
;T164506 = 164506 seconds (call duration)

;Look into the details of the call
gateway#show call activce voice brief
B03 : 6970 467365190ms.1 +2220 pid:1 Answer 5000 active
dur 1d21h tx:4584734/709292132 rx:8261947/1321911520
Tele 7/7:D (6970) [7/7.1] tx:165238945/368000/0ms g711ulaw
noise:-71 acom:80 i/0:-56/-55 dBm

B03 : 6971 467365200ms.1 +2210 pid:2 Originate 1000 active
dur 1d21h tx:8261947/1321911520 rx:4584734/709292132
IP 192.168.1.2:18876 SRTP: off rtt:155ms pl:106228000/0ms
lost:0/205/0 delay:60/40/105ms g711ulaw
media inactive detected:n media contrl rcvd:n/a timestamp:n/a

;Disconnect the call
gateway#clear call voice causecode 10 id B03



;Method 2
gateway#show call active voice id B03
-------strip----------
OriginalCallingNumber=5000
OriginalCalledNumber=1000
TranslatedCallingNumber=5000
TranslatedCalledNumber=1000
GwReceivedCalledNumber=1000
GwReceivedCallingNumber=5000
DSPIdentifier=2/4:1
;The above indicate the calling/called number and dsp being used

;Inspect the spe
SPE# Port # State Busyout Shut Crash State Type
2/03 0018-0023 ACTIVE 0 0 0 ______ ______
2/04 0024-0029 ACTIVE 0 0 0 _a____ _v____

;Disconnect the call
gateway#clear spe 2/04
;This will clear all calls within 2/04 spe

Asterisk custom context

Asterisk 1.4.22 / Freepbx 2.5 - Create custom contexts and extensions

Why create a different context other than the default?
Contexts allow us to partition peers and extensions, creating
dial policies for individials or groups.

For example, in a corporate office, you may want regular
employees to only reach HR department extensions, while
HR personnel are allowed to reach everyone (billing deparment,
regular employees..etc)

Freepbx's default context used by internal extensions are
"from-internal" and "from-internal-custom". The latter
is used to include custom contexts. This means that any user
under the "from-internal" context can reach our custom context
but not the other way around.

; Here's our example
; sip_additional.conf ----------------------------
; All extensions were added using freepbx's gui.
; This makes configuration, enabling features easier (Recording, VM..etc)
; Take note that we applied the appropriate contexts for each.

[1001]
;regular employee
type=friend
secret=ext1001
qualify=yes
port=5060
nat=yes
mailbox=1001@device
host=dynamic
dtmfmode=rfc2833
dial=SIP/1001
context=from-internal-employee
canreinvite=no
callerid=device <1001>
call-limit=50

[2001]
;HR
type=friend
secret=ext2001
qualify=yes
port=5060
nat=yes
mailbox=2001@device
host=dynamic
dtmfmode=rfc2833
dial=SIP/2001
context=from-internal
canreinvite=no
callerid=device <2001>
call-limit=50

[3001]
;billing department
type=friend
secret=ext3001
qualify=yes
port=5060
nat=yes
mailbox=3001@device
host=dynamic
dtmfmode=rfc2833
dial=SIP/3001
context=from-internal
canreinvite=no
callerid=device <3001>
call-limit=50

;extensions_custom.conf ----------------------------

[from-internal-custom]
;enables call transfer to PSTN using the sip client's features
;not the freepbx internal transfer function
include => from-internal-employee-pstn

;for regular employees, create main and sub context:
;put local extension routes under their main context
;place outbound PSTN routes under their main context's subcontext

[from-internal-employee]
;regular employee extensions
include => from-internal-employee-pstn
exten => _100X,1,Macro(user-callerid)
exten => _100X,n,Macro(record-enable,${AMPUSER},OUT,)
exten => _100X,n,Dial(Local/${EXTEN}@from-internal/n)
exten => _100X,n,Hangup

[from-internal-employee-pstn]
;regular employee pstn routes
exten => _1XXXXXXXXXX,1,Macro(user-callerid)
exten => _1XXXXXXXXXX,n,Macro(record-enable,${AMPUSER},OUT,)
exten => _1XXXXXXXXXX,n,Dial(SIP/pstn-gw/${EXTEN})
exten => _1XXXXXXXXXX,n,Hangup


;The macros used here are internal to freepbx and should be
;used to provide known system features to these custom routes
;(call recording, caller id passing, voicemail..etc
;
;Macro(record-enable,${AMPUSER},OUT,)
;Macro(user-callerid)
;Dial(Local/${EXTEN}@from-internal/n)

;Since HR needs both access to regular employees and billing,
;we only need to create HR extensions in freepbx with a
;default context.


Asterisk 1.4.22 / Freepbx 2.5 - Create custom contexts and extensions


Why create a different context other than the default?
Contexts allow us to partition peers and extensions, creating
dial policies for individials or groups.

For example, in a corporate office, you may want regular
employees to only reach HR department extensions, while
HR personnel are allowed to reach everyone (billing deparment,
regular employees..etc)

Freepbx's default context used by internal extensions are
"from-internal" and "from-internal-custom". The latter
is used to include custom contexts. This means that any user
under the "from-internal" context can reach our custom context
but not the other way around.

; Here's our example
; sip_additional.conf ----------------------------
; All extensions were added using freepbx's gui.
; This makes configuration, enabling features easier (Recording, VM..etc)
; Take note that we applied the appropriate contexts for each.

[1001]
;regular employee
type=friend
secret=ext1001
qualify=yes
port=5060
nat=yes
mailbox=1001@device
host=dynamic
dtmfmode=rfc2833
dial=SIP/1001
context=from-internal-employee
canreinvite=no
callerid=device <1001>
call-limit=50

[2001]
;HR
type=friend
secret=ext2001
qualify=yes
port=5060
nat=yes
mailbox=2001@device
host=dynamic
dtmfmode=rfc2833
dial=SIP/2001
context=from-internal
canreinvite=no
callerid=device <2001>
call-limit=50

[3001]
;billing department
type=friend
secret=ext3001
qualify=yes
port=5060
nat=yes
mailbox=3001@device
host=dynamic
dtmfmode=rfc2833
dial=SIP/3001
context=from-internal
canreinvite=no
callerid=device <3001>
call-limit=50

;extensions_custom.conf ----------------------------

[from-internal-custom]
;enables call transfer to PSTN using the sip client's features
;not the freepbx internal transfer function
include => from-internal-employee-pstn

;for regular employees, create main and sub context:
;put local extension routes under their main context
;place outbound PSTN routes under their main context's subcontext

[from-internal-employee]
;regular employee extensions
include => from-internal-employee-pstn
exten => _100X,1,Macro(user-callerid)
exten => _100X,n,Macro(record-enable,${AMPUSER},OUT,)
exten => _100X,n,Dial(Local/${EXTEN}@from-internal/n)
exten => _100X,n,Hangup

[from-internal-employee-pstn]
;regular employee pstn routes
exten => _1XXXXXXXXXX,1,Macro(user-callerid)
exten => _1XXXXXXXXXX,n,Macro(record-enable,${AMPUSER},OUT,)
exten => _1XXXXXXXXXX,n,Dial(SIP/pstn-gw/${EXTEN})
exten => _1XXXXXXXXXX,n,Hangup


;The macros used here are internal to freepbx and should be
;used to provide known system features to these custom routes
;(call recording, caller id passing, voicemail..etc
;
;Macro(record-enable,${AMPUSER},OUT,)
;Macro(user-callerid)
;Dial(Local/${EXTEN}@from-internal/n)

;Since HR needs both access to regular employees and billing,
;we only need to create HR extensions in freepbx with a
;default context.

Asterisk call recording using Ramdisk

Asterisk 1.4.22 / Freepbx 2.5 - Call recording using Ramdisk


Ramdisk is a portion of the computer's physical memory which
you can use to store files temporarily. Since memory is faster
than hard disk, ramdisk increases computer performance during
file operations.

We can set up asterisk to store ongoing call recordings in
ramdisk and then move these files to a permanent storage once
recording has finished.

In freepbx's general settings, you can assign a directory
for saving call recordings, "Recording Location:". We'll define
ramdisk as the destination folder.

Since ramdisk is a temporary storage, any files located in it
will be removed when the computer restarts. This is where the
"Run After Record" comes in handy. We can define a script to
move the recordings once asterisk has finished writing them.
Freepbx allows us to push asterisk arguments to the script,
which we can use to specify recording file names.

In this example, we set /temp_rec as our recording location.
This is our ramdisk. Do the following to create our
temporary storage.


;Specify how big is our ramdisk going to be.
;Do this in /etc/grub.conf
;ramdisk_size is in KB
;Here we are configured for 2GB
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.18-128.el5)
root (hd0,0)
kernel /vmlinuz-2.6.18-128.el5 ro root=/dev/VolGroup00/LogVol00 ramdisk_size=2000000
initrd /initrd-2.6.18-128.el5.img


;Put this in rc.local to create ramdisk during bootup
/sbin/mke2fs -m 0 /dev/ram0
/bin/mount /dev/ram0 /temp_rec
/bin/mkdir /temp_rec/monitor
/bin/mkdir /temp_rec/system
/bin/mkdir /temp_rec/tmp
/bin/chown -R asterisk.asterisk /temp_rec
;For more infor on ramdisk:
;http://www.vanemery.com/Linux/Ramdisk/ramdisk.html


;Link asterisk's default folders to our ramdisk
/bin/ln -s /temp_rec/system /var/spool/asterisk
/bin/ln -s /temp_rec/tmp /var/spool/asterisk
/bin/ln -s /temp_rec/monitor /var/spool/asterisk


;Create script move_recordings.sh
;nfs_disk is a nfs server
#! /bin/bash
# ARGUMENT INPUT ORDER ^{MIXMON_DIR} ^{CALLFILENAME} ^{MIXMON_FORMAT}
# MOVE EXTENSION RECORDINGS
/bin/mv $1/$2.$3 /nfs_disk


;Now the general settings should look like this:
Recording location:
/var/spool/asterisk/monitor/

Run after record:
/var/spool/asterisk/scripts/move_recordings.sh ^{MIXMON_DIR} ^{CALLFILENAME} ^{MIXMON_FORMAT}


;create nfs entries in fstab
;192.168.0.2 is our nfs server
192.168.0.2:/data/rec /nfs_disk nfs rw,soft,intr,bg,nolock,rsize=8192,wsize=8192,udp 0 0


Below are the figures and specifications I used to
test everything we've discussed.

Asterisk server:
Quad Xeon 2.40GHz
4GB RAM

Pjsip / Pjsua server - for emulating (multiple calls) 60 extensions
logged into asterisk's queue. You can set them to auto-answer,
automatically play audio and disconnect after 10 minutes.

Vicidial server - for conducting 60 simultaneous calls to asterisk
(with audio playing) and redialing each time pjsip extensions
disconnect (10 minutes). Vicidial made 500 calls during the test.

Asterisk with 60 simultaneous incoming calls being recorded for 10
minutes at any given time. Finishing off with 500 calls in total.

I used sync in crontab to clear the memory cache from
time to time. But it is best to put in additional physical
RAM if recording eats up more memory.

*/30 * * * * /bin/sync; echo 3 > /proc/sys/vm/drop_caches

Access List on a Cisco CUBE / SBC

;Access-list on a Cisco CUBE / SBC


A commonly used design is to put voip servers (callmanager, asterisk...etc)
behind the CUBE by using private addresses. With this set up, our voip
servers are secured from outside, non-trusted networks.

But how do we protect the cube? One of many ways is to put an ACL on its public
interface, only allowing voice traffic from trusted networks.

In this example, we have two interfaces, the public and private interfaces.
Our callmanager sits on the private network.


interface FastEthernet0/1
description callmanager and ip phone segment
ip address 192.168.0.1 255.255.255.0

interface FastEthernet0/1
description public interface
ip address 198.198.198.1 255.255.255.252
ip access-group OUTSIDE_INTERFACE in

ip access-list extended OUTSIDE_INTERFACE
10 permit ip [define allowed public networks here] any
25 permit ip 192.168.0.0 0.0.0.255 192.168.0.0 0.0.0.255
100 deny ip any any log


on line 25, you need specify the private network or you will encounter
one-way audio.

IOS version used on this example is c2600-js2-mz.123-13a.bin



;CUBE, multi-service IP-to-IP gateway or SBC