Hello

I've just finish documenting "How to Build Elastix-1.6.0 High Availability Clusters with
DRBD and Heartbeat" It's from A-Z

www.jabali.levenbert.com/files/Elastix-Clustering.pdf
www.jabali.levenbert.com/files/Conf-files.rar

This work comes out of my reading for several tutorials and my own installation experience.

Waiting for my foneBRIDGE2 to arrive and then i will add the rest of the Documentation.

Hope it will help you guys

Jabali

Thanks for the files, this is the way that the comunity growth every day.

Hi,

I'm taking a look for your conf files and the document, and i have a couple advices for you:
1. Heartbeat must take control over these services: fonulator, dahdi, mysql, asterisk, http.

2. Read this topic in the support site of red-fone.com (This bug and the solution was find in my first fonebridge implementation. This is the link : support.red-fone.com/index.php?_m=knowle...ticleid=34&nav=0

3. The fonebridge also can be attached in a third eth card. The fb1 port must be attached with straight utp patchcord to ethX card of node 1, and fb2 port in the same way to ethX card on node 2. Also you can use a switch if you want more than 2 servers in the cluster, and connect all the servers and the fonebridge in the same broadcast domain.

4. Remember: in the both servers you must have one redfone.conf file, with the right data. And the system.conf files must be different in the both servers.

5. Another tip: it's better work with an indepent ethernet card for drbd and heartbeat communication, with cross-over cable linked to the machines. It's no imperative. The alias eth0:0 works fine, but if your servers have available pci slots, works better. It's your choice.

So, please update us when your fb arrives, and the results of your testings and impressions. This topic captures my full attention.

Regards,


TylerD

Great work, maybe we can come out with an article for the Eastix Blog .

Best regards and hope to see you more often around the community.

Rafael

rafael escribió:
Great work, maybe we can come out with an article for the Eastix Blog .

Best regards and hope to see you more often around the community.

Rafael

You bet! The time for write is so elusive for me right now, my friend; but you will see this scenario fully proved and documented in the elastix blogs very soon. With the help of Jabalí, of course, if he want to. I owe you the a2billing-1.6 update's one. But there is so much info in the the forum about this topic, so..

But this, its different for the implications. It's a real challenge can run this conf with the enough stability y reliability. (actually, i have a draft almost ready.)I'll wait for jabali, for share impressions and produce the article without errors and well unified.

For Jabali: Are you agree?

See you soon.

My best regards for all of you, Elastix people.

TylerD

Just for continuity and FWIW I posted elsewhere on this same topic:

www.elastix.org/component/kunena/3-help/...m.html?lang=en#53859

Hi all

Thank you all for your nice comments and advices, I'm sorry for my late reply. I was out and busy with my exams.

@ tylerd and rafael: Actually when I've finished writing the document i was looking how to post a topic in the blog, i was in a hurry so i didn't notice that i have to email it to Elastix, anyway i'm ready and welling and with Pleasure to write the blog, I was just thinking to wait so we could have a full documentation with foneBRIDGE2. so guys give me some time till i get my fb2.

@dicko, Megabyte and tylerd: Thanks for you adding and advices, I will come back to you with some questions later on.

I'm working with Mini Servers, Intel Atom CPU 1.6GHz and 2GB ram with two Ethernet interfaces, where i'm thinking to dedicate one of them for DRBD and heartbeat and the other one for fb2 and network traffic.

I'm not sure how those servers will perform and how many concurrent calls they can handle.


Jabali

Hey dicko, thanks for the info .

Remember you are always welcome to became an Elstix Blogger

Jabali,

There is no hurry, take your time. Every contribution to the project is really apreciated and sharing your knowledge is always a great way to contribute .

Best regards,

Rafael

jad.jabali

In my deployments, I take this philosophy:

I think you need more than two network interfaces for effective command and control, (but we can do this economically on two physical nic's)

one for outward facing services,
one for inward facing services
one for syncing
one for management
and one for layer two for redfone if using it

The outward facing should be off on boot in ifcfg-eth0 , this interface will be controlled by IPaddr2 (not IPaddr for many reasons) in hareresources and another script that will give it a gateway when Primary. This interface will carry all VSP and external extension registrations, your IMAP/POP3/SMTP servers if appropriate, http services like fax and user portal and anything else you need access to (ssh on a port other than 22 for example, but we will argue about that elsewhere). The advantage here is that it exposes just one IP to protect/stroke, firewall, IDS and QOS/TOS wise (it can be either real or natted) Lets call it eth0.

The rest are all on the other interface, first off the Redfone stuff is layer two and needs roughly 2 Mb/s for each of its E1/T1 interfaces, It is important to not "crowd" this traffic with a modern 100mb/s or better a giga switch you probably wont. Lets call this guy eth1.

The rest are virtualized on eth1,

IP phones should be on a VLAN (/dev/eth1.512 by Cisco convention). This is just my preference but allows traffic shaping really quite easily, and most good phones have this built in complete with their own QOS/TOS (not soft-phones on Windows of course, but that is obvious)

The drbd/heartbeat sync processes are pretty low impact while everything is working, but limit the syncer rate to something reasonable like 3M on a 100mb/s network in /etc/drbd.conf (that's MegaBytes, be careful) for when and if drbd needs to do a big resync. you can leave that on eth1 if you want or add another VLAN for that process if you are security paranoid (not a bad thing).

Management, is IMHO yet another VLAN, this is my recommended way to get into both machines from the LAN, but of course you will probably precluded from using windowboxes here, but maybe they learnt how to do VLAN's since I last looked.

None of these interface on eth1 should have a gateway and the cluster itself should not try and forward (route ) IP traffic for security reasons, THIS IS IMPORTANT.

I recommend you let an external router handle the hosts plugged into the back of the phones on the untagged port (or tag it as appropriate and avail youRself of the routers's QOS EFFECTIVELY) which will be just bridged through eth1 for those hosts, but I guess you can see that you also have a perfect "node" here if you wanted to do a one(two) piece, router/firewall appliance type thingy for a smaller client.

So what we have here is system that while working is fully manageable from the inside but looks exactly like one machine from the outside. (there is a caveat as some routers will screw you up if you don't also alias the MAC address with IPaddr2, and the ARP tables get messed up.)

Also don't forget to do another IPaddr2 call in hareresources for the internal voip vlan eth1.512, extensions and services, and for the host machines if using FOP/user portal etc.

Further you need to edit /etc/amportal.conf and replace any references to the symlinks with the real locations if you want the FreePBX backup/restore process to continue to work (not doing so will definitely bite you in the ass sooner or later ).

dicko


p.s. 2 or 4 E1/T1's on a redfone might well stretch your atom machines especially if transcoding , but after doing the standard dimensioning thingy, only experience will show you how that puppy stands up to "real world" situation.

p.p.s

Rafael, I know, but that would make me have to use formatting and such. , Look at bob and mbit's (and the rest) stuff, I could never make it look that pretty.