Monitor calls in asterisk using Cacti or MRTG.
Requirements:
1) install net-snmp on linux
2) recompile asterisk. make sure res_snmp in resource module is enabled
#make menuselect
[*] 13. res_odbc
[*] 14. res_smdi
[*] 15. res_snmp
[*] 16. res_speech
3) install asterisk
4) configure asterisk and enable snmp.
# vi /etc/asterisk/res_snmp.conf
[general]
subagent = yes
enabled = yes
5) enable snmpd on linux
# vi /etc/snmp/snmpd.conf
# First, map the community name (COMMUNITY) into a security name
# (local and mynetwork, depending on where the request is coming
# from):
# sec.name source community
com2sec mymrtg 192.168.1.10 MyCOMMUNITY
com2sec mymrtg 192.168.1.11 MyCOMMUNITY
com2sec mymrtg localhost MyCOMMUNITY
####
# Second, map the security names into group names:
# sec.model sec.name
group networkmon v1 mymrtg
group networkmon v2c mymrtg
group networkmon usm mymrtg
group networkmon local mymrtg
####
# Third, create a view for us to let the groups have rights to:
# incl/excl subtree mask
view all included .iso
####
# Finally, grant the group access
# context sec.model sec.level match read write notif
access networkmon "" any noauth exact all none none
# Asterisk configuration
master agentx
agentXSocket /var/agentx/master
agentXPerms 0660 0550 nobody asterisk
6) copy asterisk MIB files to snmp mib directory
# cp doc/asterisk-mib.txt /usr/share/snmp/mibs
# cp doc/digium-mib.txt /usr/share/snmp/mibs
7) restart snmpd and set agentx permission
# /etc/init.d/snmpd restart
# chmod 755 /var/agentx
8) restart asterisk
# amportal restart <-- if you are using freepbx to start asterisk
9) Test it locally
# export MIBS=+ASTERISK-MIB
# snmpwalk -c MyCOMMUNITY -v 1 localhost asterisk
10) You can use the OID equivalant if you want.
# MIB equivalent (Asterisk 1.4.22 version)
ASTERISK-MIB::astChanTypeName.1 = STRING: Phone
ASTERISK-MIB::astChanTypeName.2 = STRING: Local
ASTERISK-MIB::astChanTypeName.3 = STRING: IAX2
ASTERISK-MIB::astChanTypeName.4 = STRING: Skinny
ASTERISK-MIB::astChanTypeName.5 = STRING: SIP <---- SIP MIB ID
ASTERISK-MIB::astChanTypeName.6 = STRING: MGCP
ASTERISK-MIB::astChanTypeName.7 = STRING: DAHDI
ASTERISK-MIB::astChanTypeName.8 = STRING: Agent
ASTERISK-MIB::astChanTypeName.9 = STRING: OOH323
ASTERISK-MIB::astChanTypeChannels.1 = Gauge32: 0
ASTERISK-MIB::astChanTypeChannels.2 = Gauge32: 0
ASTERISK-MIB::astChanTypeChannels.3 = Gauge32: 0
ASTERISK-MIB::astChanTypeChannels.4 = Gauge32: 0
ASTERISK-MIB::astChanTypeChannels.5 = Gauge32: 0 <---- SIP channel value
ASTERISK-MIB::astChanTypeChannels.6 = Gauge32: 0
ASTERISK-MIB::astChanTypeChannels.7 = Gauge32: 0
ASTERISK-MIB::astChanTypeChannels.8 = Gauge32: 0
ASTERISK-MIB::astChanTypeChannels.9 = Gauge32: 0
# Get OID equivalent
# snmpwalk -On -c MyCOMMUNITY -v 1 localhost ASTERISK-MIB::astChanTypeChannels.5
.1.3.6.1.4.1.22736.1.5.4.1.7.5 = Gauge32: 0 <---- oid that can be used in cacti
11) open cacti and use the generic snmp template for the device
you want to create the graph for, then define the OID. Same method applies
for mrtg users.
Tuesday, August 31, 2010
Wednesday, August 25, 2010
Asterisk clock source
You may need to change your Linux server's clock source in order for
Asterisk's conference bridge to perform properly.
Requirements: Asterisk 1.4 and Dahdi
1) First verify what clock sources are available in Linux.
#cat /sys/devices/system/clocksource/clocksource0/available_clocksource
acpi_pm jiffies tsc pit
2) Some distributions may have hpet (newer kernels). Set the clock source
to next best thing, "acpi_pm". Edit grub.conf and insert the following:
clocksource=acpi_pm
Here's an example.
# cat /etc/grub.conf
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd0,0)
# kernel /vmlinuz-version ro root=/dev/VolGroup00/LogVol00
# initrd /initrd-version.img
#boot=/dev/hda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.18-92.el5)
root (hd0,0)
kernel /vmlinuz-2.6.18-92.el5 ro root=/dev/VolGroup00/LogVol00 clocksource=acpi_pm
initrd /initrd-2.6.18-92.el5.img
3) Reboot your server. In my case, starting asterisk before dahdi produced
more accurate measurements. I'm using old Intel P4 servers, 3.0Ghz CPU / 1G Ram.
4) Verify your new setting.
# cat /sys/devices/system/clocksource/clocksource0/current_clocksource
5) Use the dahdi_test command to measure the accuracy.
# dahdi_test
Opened pseudo dahdi interface, measuring accuracy...
99.950882% 99.961235% 99.948433% 99.956535% 99.948242% 99.956253% 99.956741%
Before, I had 99.8s and 99.9s. Now it's all 99.9s
Asterisk's conference bridge to perform properly.
Requirements: Asterisk 1.4 and Dahdi
1) First verify what clock sources are available in Linux.
#cat /sys/devices/system/clocksource/clocksource0/available_clocksource
acpi_pm jiffies tsc pit
2) Some distributions may have hpet (newer kernels). Set the clock source
to next best thing, "acpi_pm". Edit grub.conf and insert the following:
clocksource=acpi_pm
Here's an example.
# cat /etc/grub.conf
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd0,0)
# kernel /vmlinuz-version ro root=/dev/VolGroup00/LogVol00
# initrd /initrd-version.img
#boot=/dev/hda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.18-92.el5)
root (hd0,0)
kernel /vmlinuz-2.6.18-92.el5 ro root=/dev/VolGroup00/LogVol00 clocksource=acpi_pm
initrd /initrd-2.6.18-92.el5.img
3) Reboot your server. In my case, starting asterisk before dahdi produced
more accurate measurements. I'm using old Intel P4 servers, 3.0Ghz CPU / 1G Ram.
4) Verify your new setting.
# cat /sys/devices/system/clocksource/clocksource0/current_clocksource
5) Use the dahdi_test command to measure the accuracy.
# dahdi_test
Opened pseudo dahdi interface, measuring accuracy...
99.950882% 99.961235% 99.948433% 99.956535% 99.948242% 99.956253% 99.956741%
Before, I had 99.8s and 99.9s. Now it's all 99.9s
Tuesday, August 3, 2010
Chillispot on DD-WRT and remote radius / https server for authentication
This will force users to login (via a captive portal web-page).
Info:
From a previous blog, we used chillispot on a server which
served as our router and captive portal. Radius and Apache
were also installed on the same server.
This time, we will use DD-WRT which is installed on our access
point. DD-WRT has chillispot built-in. Our radius and http services
will remain on the Linux server. This scenario configures chillispot
to authenticate clients (Wireless or Wired) from a remote server.
Same as before, chillispot on DD-WRT creates the virtual tunnel and
other processes as it does on the Linux server. It directs
unauthenticated users to the remote https and radius server.
Again, the steps to be done are the same when you configure radius,
apache and chillispot on CentOS 5. This time, chillispot is not on
the server but on the access point.
1) Install, configure apache to support SSL and update the
hotspotlogin.cgi script
2) Install Radius and update all user and password required
3) Enable chillispot on DD-WRT and supply the required parameters:
uamserver / redirect https://192.168.182.1/cgi-bin/hotspotlogin.cgi
uamsecret ht2eb8ej6s4et3rg1ulp
4) By default, chillispot uses 192.168.182.0/24 as its dhcp range.
You can change this under the "hotspot" menu and supply another
ip range at the "remote network" field. Try putting
192.168.185.0/24 renew your laptop's address.
Info:
From a previous blog, we used chillispot on a server which
served as our router and captive portal. Radius and Apache
were also installed on the same server.
This time, we will use DD-WRT which is installed on our access
point. DD-WRT has chillispot built-in. Our radius and http services
will remain on the Linux server. This scenario configures chillispot
to authenticate clients (Wireless or Wired) from a remote server.
Same as before, chillispot on DD-WRT creates the virtual tunnel and
other processes as it does on the Linux server. It directs
unauthenticated users to the remote https and radius server.
Again, the steps to be done are the same when you configure radius,
apache and chillispot on CentOS 5. This time, chillispot is not on
the server but on the access point.
1) Install, configure apache to support SSL and update the
hotspotlogin.cgi script
2) Install Radius and update all user and password required
3) Enable chillispot on DD-WRT and supply the required parameters:
uamserver / redirect https://192.168.182.1/cgi-bin/hotspotlogin.cgi
uamsecret ht2eb8ej6s4et3rg1ulp
4) By default, chillispot uses 192.168.182.0/24 as its dhcp range.
You can change this under the "hotspot" menu and supply another
ip range at the "remote network" field. Try putting
192.168.185.0/24 renew your laptop's address.
Subscribe to:
Posts (Atom)