Integrate Asterisk with SIP enabled Wireless phone: Polycom SpectraLink 8030

If you are looking for SIP and 802.11a/b/g compatible wireless phone, SpectraLink 8030 can be one of your choices. It is compatible with Asterisk.  It has also Push-To-Talk (PTT) functionality that allows group communication just like Walky Talky.

Product information of SpectraLink 8030 can be found at
http://www.polycom.com/products/voice/wireless_solutions/wifi_communications/handsets/spectralink_8030_wireless.html

Software and documents for SpectraLink 8030 can be downloaded from following link from Polycom
http://support.polycom.com/PolycomService/support/us/support/voice/wi-fi/spectralink_8030_wireless.html

If you are using Polycom SpectraLink VIEW certified Wireless Access Point, you can call 1-800-Polycom and get the support. If not, there is no luck to get any kind of support from them.

In my case, we have

• DHCP , DNS, NTP and TFTP server running on Linux
• Xirrus Array - XN4, XN8   (Make sure your wireless AP supports WMM- Wi-Fi Multimedia; sometime you might have to upgrade to the latest firmware. Contact your  Wireless AP vendor if your AP doesn't have WMM enabled)
• Asterisk Server (SIP server + PBX) : IP address 192.168.1.10
• SpectraLink 8030 ( one has an extension 2000 and other has an extension 3000)
• Voicemail (Extension 2100)

In this article, I am not going to show you how to configure DHCP, DNS, NTP, TFTP server. If you need any help, contact your Server Administrator or look for online help.

Step1: Publish the required firmwares and configs to  TFTP server
Download SIP software of SpectraLink 8030 from above link  
Unzip it and publish the content to TFTP server

You will see various .bin files and .cfg files.

In my case, I have following files
#tftpshare
 MIBs
 pd14csi.bin
 pd14odsi.bin
 pd14shim.bin
 pd14shsi.bin
 pd14udsi.bin
 pi1400si.bin
settings.txt
slnk_cfg.cfg

sip_allusers.cfg
sip_2000.cfg

sip_3000.cfg

You don't have to touch .bin files.  You don't even have to touch slnk_cfg.cfg file

All you need to do is edit sip_allusers.cfg and create the config files for individual extensions (in my case I have two SpectraLink. I want to extensions: 2000 and 3000)


#vi sip_allusers.cfg
#--------Configuration for Asterisk based system-------------
PROXY1_TYPE            = Asterisk
PROXY1_ADDR            = 192.168.1.10:5060  #IP address of Asterisk Server
PROXY1_KEYPRESS_2833   = enable
PROXY1_KEYPRESS_INFO   = disable
PROXY1_HOLD_IP0        = disable
PROXY1_PRACK           = enable
PROXY1_REREG_SECS      = 3600
PROXY1_KEEPALIVE_SECS  = 14
PROXY1_CALLID_PER_LINE = disable
PROXY1_MAIL_ACCESS     = 2100


Create a config file for an extension 2000
#vi sip_2000.cfg
LINE1         = 2000
LINE1_PROXY   = 1
LINE1_CALLID  = Spectralink x2000
LINE1_AUTH    = 2000; myp@ssw0rd

#Note- Password follows extension in LINE1_AUTH line


Similarly create a config file for an extension 3000

#vi sip_3000.cfg
LINE1         = 3000
LINE1_PROXY   = 1
LINE1_CALLID  = Spectralink x3000
LINE1_AUTH    = 3000; myp@ssw0rd
#Note- Password follows extension in LINE1_AUTH line


Step2: Configure Asterisk Server

Spectralink 8030 wouldn't register to Asterisk server. I have to go thru' rigorous troubleshooting before I could figure out the fact that SpectraLink 8030's latest SIP software is still based on the original SIP RFC 2543. [ Polycom support didn't want to talk about anything as I wasn't using their VIEW certified AP. ]

[Please read about fundamental SIP request header if you haven't done so far]

However Asterisk is designed on the basis of latest SIP RFC 3261. Asterisk server drops the REGISTER request coming from SpectraLink 8030 because as per RFC 2543 standard SpectraLink doesn't send tag id in SIP REQUEST FROM header.

Thus you have to tell Asterisk to ignore the tags in SIP request headers. You can do that by using global option in sip.conf

Asterisk 1.8 has pedantic=yes by default

;pedantic=yes ; Enable checking of tags in headers,
                                ; international character conversions in URIs
                                ; and multiline formatted headers for strict
                                ; SIP compatibility (defaults to "yes")

You have to use   pedantic=no  for SpectraLink 8030 to work with Asterisk

#vi sip.conf

[general]

bindport=5060
bindaddr=192.168.1.10
canreinvite=no
dtmfmode=auto
pedantic=no

 [2000]
type=friend
host=dynamic
context=YourContextinDialplan

username=2000
callerid="Dave One" <2000>
secret=myp@ssw0rd
mailbox=2000

 [3000]
type=friend
host=dynamic
context=YourContextinDialplan

username=3000
callerid="John One" <3000>
secret=myp@ssw0rd
mailbox=3000

Step3: Configure AP 
Different APs have different tools for wireless configuration. Make sure you are using 802.11a/b/g wireless APs. AP must be configured as WMM-PowerSave. Please go thru' the product guide that came along with your AP to enable WMM-PowerSave.

Create a SSID for your voice network. [You many not want to broadcast this SSID to minimize easy access to SSID by intruders]

You can use any kind of encryption you want to. I prefer WPA2 as it uses Pre-Shared Key(PSK) and it allows user to manually enter keys to initiate WPA security.

Example: 
SSID: spectralinknetwork
WPA2 passphrase: myp@ssword

Make sure various Radio bands are available  for use. I have enabled a/g band and I am going to use '802.11a standard'  for my SpectraLink phones. 

BONUS INFORMATION: Brief introduction on various wireless standards:

• 802.11a standard operates in 5GHz band with maximum data rate of 54Mbps. It's range is lower than the range of 802.11b but offers higher number of channels and also higher data rate.
• 802.11b standard operates in 2.4GHz band with maximum data rate of 11Mbps. It's range is higher range than 802.11a but it suffers interference from other devices like Bluetooth, cordless telephonesc etc operating at 2.4 GHz. Data rate offered is less than 802.11a.
• 802.11g standard operates in 2.4GHz just like 802.11b, but operates at maximum data rate of 54Mbps. 
• 802.11n standard operates in 5GHz and/or 2.4GHz using MIMO technology. 

Step4: Use SIP HAT(Handset Administration Tool) provided by Polycom to configure the initial configuration for SpectraLink 8030. You can download SIP HAT from above provided link 





Network Configuration of SpectraLink via SIP HAT Tool

• Enable DHCP
• Use SSID:spectralinknetwork  and WPA2 passphrase: myp@ssword and click on 'Generate PSK from Passphrase + SSID' button
• Use QoS Type 'Wi-Fi Standard'
• Admission Control: Optional
• 802.11 Config: a
• Enable the bands you want to use

SIP configuration and others via SIP HAT Tool

• Change the TimeZone as required
• Enter the SIP username: 3000 and password: myp@ssword

Follow the procedure as per instructed by SIP HAT Software to write the settings to SpectraLink 8030 handset. It might prompt for the password before you can write the settings to the handset. Default password is '123456'. Ignore any minor errors while writing the settings to handset as handset will download the latest firmware from your TFTP server anyway.

 Step5: Powercycle the handset. If your ducks are in row, it will work without hassle. If come across any issues, follow the SpectraLink 8020/8030 Wireless Telephone Administration Guide for SIP.

SpectraLink 8030 displays Startup Sequence: 1 thru' 9.  Let's say your handset is stuck at '1234567', it means it has successfully gone thru '8' and '9', but it is stuck at '7'. If you look on the administrative guide, '1234567' means DHCP response with bad DNS server configuration. So, you have to fix possible DNS/DHCP server issue.


If you need further help, you can email me at erdevendra@gmail.com or simply post the comment.

NS2 simulation for PIM-SM multicasting

I am going to show you how to perform traditional PIM-SM simulation in NS2. For those who doesn't know PIM-SM (Protocol Independent Multicast - Sparse Mode) check the RFC 4601.

Definition extracted from RFCs:
PIM-DM (RFC3973) is a multicast routing protocol that uses the underlying unicast routing information base to flood multicast datagrams to all multicast routers. Prune messages are used to prevent future messages from propagating to routers without group membership information.

PIM-SM (RFC4601) is a multicast routing protocol that can use the underlying unicast routing information base or a separate multicast-capable routing information base. It builds unidirectional shared trees rooted at a Rendezvous Point (RP) per group, and optionally creates shortest-path trees per source.

In simple language, -->PIM-DM uses a push model to flood multicast traffic to every corner of the network. This process is considered to be very “heavy”, since it floods its message to all sub-networks. In PIM-SM environments only sub-networks that have active receivers that have explicitly requested the data will be forwarded the multicast traffic. PIM-SM introduces the concept of Rendezvous Point (RP). The RP it is a appointed router where all the multicast messages flow and from witch it forward through the multipoint tree.

-->The Network Simulator2 (NS-2) is the most popular simulator in the scientific field and in the great telecommunications companies, allowing the creation of any network topology and analyze any kind of protocol.

SIMULATION SCENARIO:
-->

This simulation simulates PIM-SM environment based IP infrastructure with one multicast source, one group address and two nodes joining the group. Node0 thru Node7 are all routers. Source1 is attached to Router0. Receiver1 and Receiver2 are attached to Router6 and Router7 respectively. Router1 is defined as Rendezvous Point (RP).

Source1 starts at 0.5 sec

Receiver1 joins the group at 1.0 sec

Receiver2 joins the group at 1.5 sec

Receiver1 leaves the group at 6.0 sec

Receiver2 leaves the group at 6.5 sec

Source1 stops at 9.5 sec

Network Topology for multicast simulation


File: mulicast.tcl
-->

#//////////////////CODE STARTS HERE/////////////////////////////////

#Create an event scheduler wit multicast turned on

set ns [new Simulator -multicast on]

#$ns multicast

#Turn on Tracing

set tf [open output.tr w]

$ns trace-all $tf

# Turn on nam Tracing

set fd [open mcast.nam w]

$ns namtrace-all $fd

# Create nodes

set n0 [$ns node]

set n1 [$ns node]

set n2 [$ns node]

set n3 [$ns node]

set n4 [$ns node]

set n5 [$ns node]

set n6 [$ns node]

set n7 [$ns node]

# Create links

$ns duplex-link $n0 $n1 1.5Mb 10ms DropTail

$ns duplex-link $n1 $n2 1.5Mb 10ms DropTail

$ns duplex-link $n2 $n3 1.5Mb 10ms DropTail

$ns duplex-link $n3 $n4 1.5Mb 10ms DropTail

$ns duplex-link $n1 $n4 1.5Mb 10ms DropTail

$ns duplex-link $n3 $n5 1.5Mb 10ms DropTail

$ns duplex-link $n5 $n6 1.5Mb 10ms DropTail

$ns duplex-link $n5 $n7 1.5Mb 10ms DropTail

# Allocate group addresses

set group1 [Node allocaddr]

set group2 [Node allocaddr]

# Routing protocol: PIM-SM

$ns mrtproto BST

BST set RP_($group1) $n1

# UDP Transport agent for the traffic source

set udp0 [new Agent/UDP]

$ns attach-agent $n0 $udp0

$udp0 set dst_addr_ $group1

$udp0 set dst_port_ 0

set cbr1 [new Application/Traffic/CBR]

$cbr1 set packetSize_ 210

$cbr1 set rate_ 1000k

$cbr1 attach-agent $udp0

# Create receiver

set rcvr1 [new Agent/Null]

$ns attach-agent $n6 $rcvr1

set rcvr2 [new Agent/Null]

$ns attach-agent $n7 $rcvr2

$ns at 1.0 "$n6 join-group $rcvr1 $group1"

$ns at 1.5 "$n7 join-group $rcvr2 $group1"

$ns at 6.0 "$n6 leave-group $rcvr1 $group1"

$ns at 6.5 "$n7 leave-group $rcvr2 $group1"

# Schedule events

$ns at 0.5 "$cbr1 start"

$ns at 9.5 "$cbr1 stop"

#post-processing

$ns at 10.0 "finish"

proc finish {} {

global ns tf

$ns flush-trace

close $tf

exec nam mcast.nam &

exit 0

}

# For nam

#Colors for packets from mcast packets

$ns color 10 red

#udp0 traffic has flow ID 10

# Group 0 source

$udp0 set fid_ 10

$n0 color red

$n0 label "Source 1"

$n6 label "Receiver 1"

$n6 color blue

$n7 label "Receiver 2"

$n7 color blue

# Animation rate

$ns set-animation-rate 3.0ms

$ns run

#//////////////////CODE ENDS HERE/////////////////////////////////

Make sure that you make your .tcl file executable

#chmod 700 multicast.tcl

Execute the .tcl file as

#ns multicast.tcl

If you run into any issues, refer to NS2 documentation. It's really nice documentation.

Apache2.2: Defining Virtual Hosts, Re-direction and LDAP authentication uncovered

I usually put references at the bottom of the article. But this time I want to put it in the beginning of the article. If you are Apache beginner, trust me you want to go through these references before you start doing anything.

References:
Apache Directives: http://httpd.apache.org/docs/2.2/mod/directive-dict.html#Context
Name-Based Virtual Hosts: http://httpd.apache.org/docs/2.2/vhosts/name-based.html
LDAP directory for authentication: http://httpd.apache.org/docs/2.3/mod/mod_authnz_ldap.html
LDAP and Active Directory Terminologies: http://rapidtechguide.blogspot.com/2011/07/directories-terminology-active.html


Practice Scenario:

Windows Server
Web Server: Apache2.2
IP add: 192.168.1.10
Port: 80
Websites hosted:
www1.test.org
www.mytest.org
www.urtest.org
www.ourtest.org
www.everyonetest.org
www.lovetest.org


Before you start testing your apache setup make sure that DNS is configured properly, hosts file is configured properly.

STEP1:
File: C:\Windows\System32\drivers\etc\hosts
192.168.1.10 www1.test.org
192.168.1.10 www.mytest.org
192.168.1.10 www.urtest.org
192.168.1.10 www.ourtest.org
192.168.1.10 www.everyonetest.org
192.168.1.10 www.lovetest.org

#everyonetest.org and lovetest.org are alias of ourtest.org

STEP2:
Configure DNS server to point those domains 'mytest.org, urtest.org, ourtest.org,everyonetest.org,lovetest.org' to 192.168.1.10. You can contact your DNS administrator

STEP3:
Say Apache2.2 is installed in C: drive
C:\apache

and you are publishing your web contents at C:\website
C:\website\mytest
C:\website\urtest
C:\website\ourtest

STEP4:
C:\apache\conf\httpd.conf# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.
Listen 192.168.1.10:80

#uncomment these for LDAP authentication support
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule ldap_module modules/mod_ldap.so

ServerName www1.test.org

#
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
#
<IfModule dir_module>
DirectoryIndex index.htm index.html index.shtml index.html.var index.php index.pl default.html default.htm
</IfModule>

#Set LogLevel to debug if you are configuring Apache for first time so that you can collect enough logging information for troubleshooting purpose
LogLevel debug

<IfModule mime_module>
#Uncomment this line to have shtml MIME support
AddType text/html .shtml
</IfModule>

# Uncomment following line to add Virtual hosts in different file
Include conf/extra/httpd-vhosts.confSTEP5:
C:\conf\extra\httpd-vhosts.conf#
# Use name-based virtual hosting.
#
NameVirtualHost 192.168.1.10:80#Regular Virtual Host Configuration Example# WWW.MYTEST.ORG BEGIN
# mytest.org is published at C:/website/mytest

<VirtualHost 192.168.1.10:80>
ServerName www.mytest.org
DocumentRoot C:/website/mytest

<Directory C:/website/mytest>
AllowOverride None
Order deny,allow
Allow from all
</Directory>

ErrorLog "logs/www.mytest.org-error.log"
CustomLog "logs/www.mytest.org-access.log" common

ErrorDocument 401 /unauth.shtml
ErrorDocument 403 /forbid.shtml
ErrorDocument 404 /notfound.shtml
ErrorDocument 500 /error.shtml
</VirtualHost>

# WWW.MYTEST.ORG END#Re-Direction Configuration Example
# WWW.URTEST.ORG BEGIN
# urtest.org is simply re-directed to www.wikipedia.org

<VirtualHost 192.168.1.10:80>
ServerName www.urtest.org
Redirect permanent / https://www.wikipedia.org
</VirtualHost>

# WWW.URTEST.ORG END


#LDAP Authentication Configuration Example
# WWW.OURTEST.ORG BEGIN
# ourtest.org is published at C:/website/ourtest
# LDAP authentication is required to access the conents of C:/website/ourtest

<VirtualHost 192.168.1.10:80>
ServerName www.ourtest.org
ServerAlias everyonetest.org lovetest.org
DocumentRoot C:/website/mytest

<Directory C:/website/mytest>
AllowOverride None
Order deny,allow
Allow from all

AuthType Basic
AuthBasicProvider ldap
AuthzLDAPAuthoritative on

AuthLDAPBindDN "cn=ldapuser,ou=\"Super Accounts\",DC=ad,DC=test,DC=org"
AuthLDAPBindPassword ipassword

AuthName "Only for registered users"

AuthLDAPURL "ldap://ldap.test.org:389/ou=students,ou=toefl,dc=ad,dc=test,dc=org?name"

#Syntax for AuthLDAPRUL ldap://host:port/basedn?attribute?scope?filter

#For more info refer to page 3 of https://www.ietf.org/rfc/rfc2255.txt

require valid-user
</Directory>

ErrorLog "logs/www.mytest.org-error.log"
CustomLog "logs/www.mytest.org-access.log" common

ErrorDocument 401 /unauth.shtml
ErrorDocument 403 /forbid.shtml
ErrorDocument 404 /notfound.shtml
ErrorDocument 500 /error.shtml
</VirtualHost>

# WWW.OURTEST.ORG END
Some other tips:
I would prefer to use Internet Explorer(IE) for testing webpages as lots of users are using IE. In IE go to Tools--> Internet Options and Check 'Delete Browsing History on Exit". Sometimes Internet Browser displays webpages from it's temp files, so even if your apache/web server is stopped you might see webpages working (I have seen it and it took me quite a time to get around with it). Or sometimes if you make some content changes, your browser may not reflect those changes. So, while perfoming apache setup and testing 'Delete Browsing History' really helps. Close the browser. Re-open the browser and see if you got ur desired output.
Sometime you might have to flush local DNS cache. If you have to you can use following command
> ipconfig /flushdns

Good Luck!!!

Additional References:
http://www.yolinux.com/TUTORIALS/LinuxTutorialApacheAddingLoginSiteProtection.html

Also read per-User web directories documentation from Apache
http://httpd.apache.org/docs/2.0/howto/public_html.html

Write Startup scripts in Linux Environment?

Explanation is based on SLES (SUSE Enterprise Linux). It could be related to other distributions of Linux as well.
There are various situations where you write your own script and want it to run at system startup. In Linux environment you have to place your script in /etc/init.d and use 'insserv' command or 'chkconfig' config to insert those script in various runlevels.

[By default, insserv insert the script in runlevel 3 and 5. You can check that by running #chkconfig --list ]

Let's say I want to run 'asterisk' program automatically at startup and I want to make sure that it starts only when all the services of OS are up.

• 'which' command returns me the location of the program or application#which asterisk

/usr/bin/asterisk

• Create a script file in /etc/init.d directory
  

#vi /etc/init.d/asteriskStartupScript
#!/bin/bash
#Copyright (c) 2011 DShah
# All rights reserved
#
#Author: DShah, 2011
# /etc/init.d/asterisk
#PLEASE READ /etc/init.d/skeleton to understand various parameters in startup scripts
#
### BEGIN INIT INFO
# Provides: asterisk
# Required-Start: $ALL
# Required-Stop:
# Default-Start: 3 5
# Default-Stop: 0 1 2 6
# Short-Description: Starts Asterisk
### END INIT INFO

#Start service
/usr/sbin/asterisk

Save and close the script file.

• 'chmod' command can be use to add executable permission

#chmod 744 /etc/init.d/aseriskStartupScript

• 'insserv' command can be used to insert the script in desired runlevel as specified in script file

#insserv asteriskStartupScript

• 'chkconfig' command can be used to check if the script will run in next startup

#chkconfig --list asteriskStartupScript


Reference:
http://www.novell.com/coolsolutions/feature/15380.html

PERL scripting: Export data from MySQL database in XML format

I have a MySQL database containing all the data but the application I am trying to use only supports XML. How can I export data from MySQL database in XML format?

Here is your answer. You need to select a programming language that support MySQL connection and does pretty good string manipulation. I found PERL programming very easy and powerful doing both MySQL connection and String Manipulation.

Assumptions: I will be running my PERL script on the same server with MySQL database. MySQL Username and Password are 'username' and 'password' respectively. Database name is 'phonesDB' and table name is 'phones'.

MySQL
Database:	phonesDB
Table:	phones
full_name	phone_number	department
Peter Griffin	25962	Technology
Stewie Griffin	25963	Finance
Sam Burns	25234	HR

You should have some basic concept of XML, MySQL and PERL programming knowledge.

[Note: Make sure that you have perl-DBD-mysql, perl-DBI and perl installed. If those package are missing, you can use YaST, YUM, ZYPPER, APT-GET to install those missing packages based on your distro.]

Let's write the PERL script that will access our MySQL database and generate XML file for us.

#vi myPerlscript.pl
#!/usr/bin/perl
use strict;
use DBI;
use DBD::mysql;

#connect to the database phonesDB using login credentials
my $dbh = DBI->connect("DBI:mysql:phonesDB","username","password",{RaiseError => 1, PrintError => 0});

#run the SELECT query
my $sth = $dbh->prepare("SELECT full_name,phone_number,department FROM phones");
$sth->execute();

print "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n";
print "<directory>\n";
print " <local>true</local>\n";
print " <sorted>true</sorted>\n";
print " <name>Company_Name</name>\n";
while (my ($full_name,$phone_number,$department) = $sth->fetchrow_array ())
{

print " <user>\n";

#Using string manipulation techniques available in PERL scripting
#Extract first and last name from full name
#index() function returns the occurrence of $myspace in $full_name
#substr() function allows to copy part of a string from another by specifying beginning position and the length of string my $myspace =" ";
my $myindex =index($full_name,$myspace);
my $last_name=substr($full_name,$myindex+1);
my $first_name=substr($full_name,0,$myindex);

print " <name>$last_name, $first_name</name>\n";
print " <company>$site_name</company>\n";
print " <contact>\n";
print " <type>phone</type>\n";
print " <uri>sip:$phone_number</uri>\n";
print " </contact>\n";
print " </user>\n";
}

#Disconnect the database connection
$dbh->disconnect ();
print "</directory>\n";


Let's make the script executable
#chmod u+w myPerlscript.pl

Now run the script, you will get output in XML format
#./myPerlscript.pl

If you want to save the output of the script to the file,
#./myPerlscript.pl > myXMLfile.xml


Output:

References:
MySQL connection using PERL
String Manipulation using PERL

Configured server with multiple NICs on different subnet. Can't PING IP add on second NIC? Here's the solution

Let's say you have a network access problem as shown below (User can't access 10.1.1.10 from the workstation. User fails to ping 10.1.1.10 from workstation):


Note: In Linux, usually NIC1 is presented as eth0 and NIC2 is presented as eth1

How to fix the problem associated with accessing 10.1.1.10 from workstation?

You must configure multiple default routes in the server.
You can possibly achieve this in different ways, however I prefer the use of IP ROUTE and IP RULES. It's easy to implement and understand.

Step 1: Create a new policy routing table
# echo "1 TenNetwork" >> /etc/iproute2/rt_tables

Routing tables are declared in rt_tables. Here we declared TenNetwork table as we are going to write a set of rules associated with 10 network. You can give it any name you want.

Step2: Define routes in the table
#ip route add 10.1.0.0/16 dev eth1 src 10.1.1.10 table TenNetwork

#ip route add default via 10.1.1.1 dev eth1 table TenNetwork

Here we simply declared that NIC2(eth1) is associated with 10.1.0.0 subnet and it's IP address is 10.1.1.10. We also defined the default route via 10.1.1.1 on eth1 interface. (This is second default route. The first one is defined in 'main' routing table and the default route is via 192.168.2.1 on eth0 interface. OS automatically picks the first default route from eth0. You can check that by executing #ip rule show or #netstat -anr command)

#ip rule show

Since we haven't defined any rule associated with TenNetwork table yet, we can't see TenNetwork table in the rules.

Step3: Define the rules associated with TenNetwork table

#ip rule add from 10.1.1.10/32 table TenNetwork
#ip rule add to 10.1.1.10/32 table TenNetwork

Here we are defining a rule that says, if any packet is FROM/TO to 10.1.1.10, lookup the TenNetwork table.

#ip rule show
#netstat -anr

Now you can see the active routing rules associated with TenNetwork table as well.

You should be able to ping 10.1.1.10 from workstation now.

Run WireShark on the server before and after applying the rule. You can visualize the problem and see how the problem is resolved.


Warning!!!! :
1. Restarting the server will cause the configuration loss
2. Restarting the network will cause the configuration loss

Let's solve this configuration loss issue associated with restarting the server/network. We will write a startup script.

#vi /etc/init.d/TenNetwork
#!/bin/bash
#Copyright (c) 2011 DShah
# All rights reserved
#
#Author: DShah, 2011
# /etc/init.d/TenNetwork
#PLEASE READ /etc/init.d/skeleton to understand various parameters in startup scripts
#
### BEGIN INIT INFO
# Provides: TenNetwork
# Required-Start: $network
# Required-Stop:
# Default-Start: 3 5
# Default-Stop: 0 1 2 6
# Short-Description: Fixes 10 Network routing issue
### END INIT INFO

$logFile=/var/log/ten-network-log
ip route add 10.1.0.0/16 dev eth1 src 10.1.1.10 table TenNetwork
ip route add default via 10.1.1.1 dev eth1 table TenNetwork
ip route show 2>&1 >> $logFile
ip rule add from 10.1.1.10/32 table TenNetwork
ip rule add to 10.1.1.10/32 table TenNetwork
ip rule show 2>&1 >> $logFile
ip route show 2>&1 >> $logFile

Save and close the file

#chmod 700 /etc/init.d/TenNetwork

'insserv' command can be used to insert the script in desired runlevel as specified in script file
# insserv TenNetwork

You can go to /etc/init.d/rc3.d and /etc/init.d/rc5.d and look the startup order of TenNetwork.

Restart your server and see if it is working as you expected.


Updated info on 03/28/13 [Easy fix ]:

Multiple NICs routing issue can be resolved by making some modification in systctl.conf

/etc/sysctl.conf

# Disable response to broadcasts.

# You don't want yourself becoming a Smurf amplifier.

net.ipv4.icmp_echo_ignore_broadcasts = 1

# Disable route verification on all interfaces

net.ipv4.conf.all.rp_filter = 0

# enable ipV6 forwarding

#net.ipv6.conf.all.forwarding = 1

# increase the number of possible inotify(7) watches

fs.inotify.max_user_watches = 65536

# avoid deleting secondary IPs on deleting the primary IP

net.ipv4.conf.default.promote_secondaries = 1

net.ipv4.conf.all.promote_secondaries = 1

#sysctl -p   (to reload the changes done on the sysctl config)

Reference:
http://www.policyrouting.org/PolicyRoutingBook/ONLINE/TOC.html

How to install flash player for firefox/mozilla in Linux (CentOS, RedHat, SuSE, SLES etc)

Just installed linux and can't play YOUTUBE or other flash based programs...... No more scratching heads.
Go to adobe website to download the flashplayer: http://get.adobe.com/flashplayer/

Download the appropriate file based on your OS. (32-bit or 64-bit linux).

I would recommend you to download .tar.gz file of the flashplayer.

Once the file is downloaded, you simply need to extract it. Extract is within the folder.

#mkdir myFlashdir
#cd myFlashdir

copy flashplayer.tar.gz in this folder

#tar xvzf flashplayer.tar.gz

Now you will see libflashplyer.so plugin-file for mozilla. You simply need to copy this file to

/usr/lib64/mozilla/plugins ==> If your linux is 64-bit

/usr/lib/mozilla/plugins ==> If your linux is 32-bit

#cp libflasplayer.so /usr/lib64/mozilla/plugins


You are done. Now have fun with you Youtube or other flash programs.


You can check the plugins installed by typing following in the URL field.

about:plugins