After Hours

General discussion


Linux Zeitgeist

By spector ·
Tags: Off Topic
blog root

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

System Performance Monitoring with Ganglia

by spector In reply to Linux Zeitgeist

<a href="img">"><img src="" style="border-style: none"/></a>

<br />

<a href="">Ganglia Image Gallery</a>

<br />
In a recent role working in engineering at one of the world?s larger financial firms, I was asked by the head of systems engineering to find a way to create a lightweight system for monitoring system performance and gathering trend analysis of overall system utilization.

<br /><br />The firm had a large collection of mostly home-grown scripts for data collection but they were limited in terms of the kind and depth of metrics they could collect, they only could be run once per day, their output was not very informative in terms of graphs and charts, and they only ran on a limited number of older Unix systems. There had to be something better.

<br /><br />The goals were two-fold: first, to help out developers in terms of seeing how well their systems we performing in general on a day-to-day basis, and especially after code upgrades. Second, to allow business unit managers to understand if their investment in hardware was being under- or over-utilized, and to help them determine when they were getting close to needing to invest in additional hardware.

<br /><br /><h2>The Job

</h2><br />My task was to find a tool that could provide a much more dynamic experience that could meet a number of goals simultaneously: <br /><br /><ul><li>Provide more dynamic, richer graphics</li><li>Able to show short, medium and long-term trends (from hours to 1 year)</li><li>Provide many diverse performance metrics</li><li>Ability to group/cluster hosts</li><li>Light-weight / non-service-impacting to hosts being monitored </li><li>Network friendly</li><li>Near-real-time (seconds between updates, not hours)</li><li>Distributed data for fault tolerance</li><li>Results viewable in a browser without plug-ins</li><li>Cross platform (Unix/Linux/Windows/MacOSX)</li><li>Extensible without re-compilation or specialized tools.

</li></ul>Of course, the other implicit sub-goal was cost-containment. Every dollar spent on software/services or even hardware is a dollar off the bottom line ? so a major concern was both the licensing cost of any potential tool as well as the cost to deploy it.

<br /><br /><h2>The Tool

</h2>After looking at a large number of commercial packages I was found quite a few tools that met at least 5 of the primary goals, but they were always missing some large element (usually the cross platform piece) that crossed them off the list. Then there was the cost: many commercial products can cost $30-$100 per CPU without a site license, and unless you?re a larger enterprise, site licenses are often out of the question.

<br /><br />After exhausting the commercial possibilities I looked to an Open Source system I?d used when designing large Beowulf-style supercomputer clusters: <a href="">Ganglia</a>.

<br /><br />Ganglia is a lightweight system performance monitoring package based on a data logging and graphing tool called ?<a href="">RRDTool</a>? that runs on almost every version of Unix, Linux, Windows and even MacOSX. Ganglia is distributed as a client agent that runs on each host to be monitored. These client agents talk to a web back-end that can run on either Apache or IIS and uses PHP to present over a dozen metrics of system performance ranging from CPU and memory utilization to inbound/outbound packet rates over all of the network interfaces on a machine.

<br /><br />One of Ganglia?s most common uses is monitoring the performance of large-scale super-computer clusters. And, on Gaglia?s homepage there are links to live demos showing Ganglia in action on clusters that contain hundred and even thousands of individual nodes. So clearly this package will scale from the small office networks to the large enterprise.

<br /><br /><h2>Putting Ganglia to the Test</h2>

<br /><br />Ganglia is available from <a href="">SourceForge</a>, the large collaborative development site that hosts many thousands of Open Source projects, the site has sources and binaries for Unix/Linux and Windows, and the source code can be compiled very quickly for most other platforms.

<br /><br />The Unix/Linux client uses native packaging tools, and on Windows it uses a standard MSI-style installer. The entire process takes only minutes and the only editing is to a configuration file to tell the agent where to send data. The Ganglia web back-end can be set up to show a long list of individual machines, or you can aggregate machines into groups or clusters and get a top-line graphics summary about the performance those machines as a group. Clicking on a group will let you drill down to find out more about the performance of a given host, down to graphs detailing individual system metrics.

<br /><br />Ganglia also has the ability to be customized thought the use of scripting languages such as Python or Perl to measure any kind of activity that can put represented by a time-series graph. So, if you wanted to not only track the CPU and network utilization of your corporate mail gateway, but display how many mail messages per hour/day/week/month/year it was processing Ganglia can handle that too. You could even graph the temperature sensors inside your servers.

<br /><br />The images from the Ganglia demo sites in the gallery associated with this article gives a good feel for the depth and breadth of what Ganglia has to offer and how well this system can scale.

<br /><br /><h2>The Right Tool for the Right Job?</h2>

<br /><br />I have used Ganglia to monitor large collections of machines being used as a compute clusters in past jobs, and at the large financial firm we designed our implementation to be able to monitor thousands of UNIX, Linux and Windows servers that were used by thousands of traders and others 24x7.

<br /><br />The capabilities were determined to be a big win for everyone involved: the engineering team got a better tool to help troubleshoot infrastructure problems, Developers got a new view into the performance of their code, and business unit managers got a better understanding of what their investment in hardware was getting them in terms of ROI.

<br /><br />The cost of the software was free; the system itself met a timely need, and could be expanded to meet new needs/challenges without great expense in terms of time or tools. The only cost was rolling out the software which could be easily handled by the existing software distribution system.

All in all, definitely the right tool for the right job, and at a great price point.

<br /><br /><br />

<b>Write your own review</b><br />
If you've found the perfect tool for the job, we want to hear about it. <a href="">Send us an e-mail</a> describing the product and the job you're using it for. If we feature the product in The Right Tool for the Job? blog, you'll earn a little cash and be featured across the TechRepublic Web site and in our newsletters.

Collapse -

System Performance Monitoring with Ganglia

by Lovs2look In reply to System Performance Monito ...

Sounds great, so I went to try and download...boy what a mess.<br />Please Ganglia developers, package it up for windows into a single download.

Collapse -

M0n0wall and Soekris embedded firewall and VPN solution

by spector In reply to Linux Zeitgeist

<p><a href="img">"><img src="" style="border-style: none"></a> </p>

<br />

<a href="">M0n0wall Image Gallery</a>

<br />
part of my consulting practice I am often asked to help businesses figure
out ways to solve interesting remote access problems: everything from telecommuting
and remote office applications, through firewalls for co-location facilities
or between businesses where there is some data sharing application that needs
a secure, dedicated point-to-point network.</p>
<p> As one can imagine, the costs of deployment and management of firewalls and
VPNs are always high on the list of concerns for businesses. An easy answer
to go with some very well known high-end VPN hardware or Firewall vendor,
but more often than not, most of the well know solutions are both not the
best choice, and well out of range from a IT budget perspective. Then there?s
the speed of deployment and delivery, the lead times involved software license
negotiations and hardware purchase lead times can take the wind of the sails
of time-sensitive initiative pretty quickly. Fortunately, like anything in
the IT business, there?s more than one way to get something done.</p>

<h2> The Job</h2>
<p>The problems I am asked to solve in this space usually fall into three
general classes: </p>
<li>The need to deploy a secure firewall to a small- to medium-office to
the Internet or to connect satellite offices to a central office or facility.</li>
need to deploy a fast, secure, inexpensive VPN system to support telecommuters
on broadband connections. </li>
<li> The need to deploy a firewall than can deliver Quality of Service for
Internet applications. </li>
<p>Whole industries have been built on the creation of massive hardware and
software systems to perform these functions, and if you?re running a massive enterprise,
like a Fortune500 company with dozens of T-3 lines, and 5,000 person offices
in each of 100 countries, these solutions are just the ticket. Is there another
way? </p>
<h2>The Tool</h2>
<p>Lets make some assumptions about what kind of features and capabilities one
might look for in a well designed, yet budget conscious firewall or VPN system:</p>
<li> Based on a robust operating oystem with a track record of use in secure
<li>Advanced, stateful packet filters and rule sets </li>
<li>Support for Traffic Shaping</li>
<li>Support for 802.1Q VLANs</li>
<li>Support for both inbound and outbound NAT/PAT (Network
Address Translation / Port Address Translation)</li>
<li>Support open standards (like
RADIUS, IPSec and PPTP)</li>
<li>Support for 16 user VPN ? Support for IPSec/IKE</li>
<li>Support for wireless (802.11)
<li>Support for Quality of Service (QoS) for any application/packet type</li>
for logging and auditing</li>
<li>Support for VPN encryption acceleration hardware</li>
<li>Real-time traffic graphing</li>
<li>Easy to use, web-driven management console</li>
<p>This is a short list, but these are very important features. Would you believe
its possible to deliver such a system for under $300..?
Well, in fact, you can. </p>
<p>This is possible with an embedded Unix system called ?<a href="%E2%80%9D">M0n0wall</a>? (yes,
those are ?zeros? instead of ?ohs?).</p>
<h3>Why Unix? </h3>
<p>Unix has long been the choice for IT Security professionals for
the development secure systems like firewalls and VPN servers
for three very simple reasons: </p>
<li>The source code is generally available so code can
be examined and any vulnerability that comes up can be quickly
and easily
addressed. </li>
<li> Unix systems are extremely modular and can be stripped down
to create a secure profile easily and effectively. </li>
<li> Unix can be run on an incredible range of hardware,
from supercomputers all the way down to embedded systems (like
the one we?ll
discuss in a moment). </li>
<p>The developer of M0n0wall, Manuel Kasper developed this
system using these features of Unix so that he could make
a secure
system based
on readily available
components that could be hosted on very inexpensive (yet
high performance) commodity systems. </p>
<h2>Putting M0n0Wall to the Test </h2>
<p>Now, having just said that M0n0wall was an embedded firewall
and VPN platform, let me backtrack just a little and say
that using and
system is
the way most people use the package, but its not the <em>only</em> way.</p>
<h3>What hardware?</h3>
<p>M0n0wall is designed to run on several forms of x86 boxes.
You can run it one a regular old PC if you want to. All you need is a x386 or higher system and two (or more) network cards.</p>
<p>A more common way to set it up is on an embedded system known as a ?Soekris box,? which is a x86 based system available from <a href="%E2%80%9D">Soekris Engineering</a>.
Soekris makes several different kinds of embedded systems
but they?re
all about the size of a medium hard-cover book.</p>
<p>For most uses the soekris <a href="%E2%80%9D""">net4801</a> is
a good choice; it has 3 network ports, and can be equipped
with a encryption accelerator to speed up VPN access. (if
you wanted
create a firewall
for a wireless network, the <a href="%E2%80%9D""">Soekris
net4521</a> has
two PCCard slots that you can put wireless cards in ? and
the M0n0wal software will know what to do).</p>
<p>Once the software is installed (which on a regular PC can
be done with a CD-ROM; on the Soekris embedded system you
the software
on a 16MB compact
flash card) the operation of the software is exactly the
same. </p>
<h3>How does it work?</h3>
<p>The M0n0wall system first and foremost is a firewall.
It will apply rules at a host, port or packet level. The
can be
as simple as ?Block
all traffic from non-routable networks? to as complicated
as setting up multiple rules for http (web) traffic from
an arbitrary
of sources out on the Internet to
an arbitrary number hosts on your internal (protected) network.
It will also allow you to provide quality of service rules
to traffic as well
as created dedicated
pipes and queues to apportion traffic for specific applications,
such as VoIP.</p>
<p>On top of the rules engine a VPN system is available that you can
use to both allow external users to connect to the M0n0wall
of remove users accessing a satellite office) or even use
the M0n0wall to
allow the remote
office itself to be part of a larger VPN using an IPSec
(Secure IP) tunnel. The VPN can speak to most commercial firewalls
and uses standard
so integration into larger networks is seamless. I have
a number of clients who use m0n0wall as an alternative to expensive
Windows terminal
It will
happily speak to client that can</p>
<p>The management of the whole system is done through a regular
web browser. (See the gallery for a large number of pictures
of the
M0n0wall in
action). The connection
can be with vanilla HTTP, or though a secure SSL connection
if more security is required.
Finally, the M0n0wall allows for both real-time traffic
graphic so an administrator can see exactly what?s going on, and
the system can log events, errors, security alerts to another
the network
help with auditing and security
<h2>The Right Tool for the Right Job?</h2>
<p>In a time when information security is in the news almost every day, but budgets
are not exactly overflowing with excess, IT and Security
administrators need to take advantage of good opportunities
whenever they
can find them. M0n0wall
is an amazing little package that gives even large scale
commercial firewall/security packages a run for their
money. If you have a small- to ?medium sized business or are
a larger organization looking for a very cost effective
to connect
telecommuters to
regional/satellite offices, then M0n0wall is <em>definitely</em> the Right
Tool for the Right Job. </p>
<p><br /><b>Write your own review</b><br />
If you've found the perfect tool for the job, we want to hear about it. <a href="">Send us an e-mail</a> describing the product and the job you're using it for. If we feature
the product in The Right Tool for the Job? blog, you'll earn a little cash and be featured across the TechRepublic Web site and in our newsletters. </p>

Collapse -

M0n0wall and Soekris embedded firewall and VPN solution

by bsr19 In reply to M0n0wall and Soekris embe ...

I think I am in need of a VPN for only one directory on a PC (which
could be replaced if nessecary) with changing files that need to be
immediatly (with-in an hour) accessed from four or five remote
computers. I am currently using "foldershare", but am interested in a
better solution if there is one. It sounds as though you are a person
who would know if there is a better solution. I do not need the remote
computers to be able to execute any programs, only send two different
file types both ways. ds

Collapse -

M0n0wall and Soekris embedded firewall and VPN solution

by lastchip In reply to M0n0wall and Soekris embe ...

Excellent blog - thanks.<br /><br />Just goes to show what's out there if you look hard enough.<br /><br />No-one can say it's not cost effective!

Collapse -

M0n0wall and Soekris embedded firewall and VPN solution

by dawgit In reply to M0n0wall and Soekris embe ...

<p>Good Blog, good stuff.  I will say that the M0n0Wall program is very well documented, it shows that a lot of work went to the program.  That only means one thing; Good work in = Good program out.  I do have one question however,  it's made to run on Open BSD, but mentions a totaly different boot configuration.  I'm just a little confused on that point (PHP boot? in XML?)   But it sounds like it could be the answer to many firms networking tasks, better than just another Gateway appliance. </p>

Collapse -

M0n0wall and Soekris embedded firewall and VPN solution

by britgroup In reply to M0n0wall and Soekris embe ...

<p>A free VPN utility is available at <a href=""></a>  Try it out, worked well for me for quick file sharing and it is password protected.</p>

Collapse -

FreeNAS: Network Attached Storage for The Rest of Us

by spector In reply to Linux Zeitgeist

<a href="img">"><img src="" style="border-style: none"></a><p>

<a href="">FreeNAS Image gallery</a></p>

<p>Remember the good old days when you could keep all your data on a
'mess of 5.25" floppy disks? </p>

Too long ago?</p><p> Okay, How about all your data on a single hard drive? </p><p> No?

</p><p> Well, how about on several drives spread across a few machines in
your office? You see where this is going... Things have gotten quite
complicated in the Information Age, and like it or not, we're all
using more and more storage and it's getting harder and harder to

<p>The good news is that disks are getting cheaper, the bad news is that
unlike the "good old days" businesses and even individuals can no
longer afford to have their information storage spread out all over
the place and not to have a coherent plan to manage it all.

<h2>The Job</h2>

Short of investing in a commercial NAS or SAN system, is there a way
to create an in-house common data storage system that's
</li><li>standards based
</li><li>easily managed

without breaking the bank? Of course. Just give <a href="">FreeNAS</a> a try.

<h2>The Tool</h2>

<p>FreeNAS is, in essence, an embedded system for Network Attached
Storage. It's so small it can fit on a USB "thumb drive" or a
CompactFlash card, yet powerful enough to support as many disks as you
can put into a system. It's got very low overhead, and can be managed
from any web browser.</p>

<h3>Does this Look Familiar?</h3>

<p>If you're looking at the gallery and saying to yourself
"<em>Hmmm.... this software looks suspiciously like the M0n0wall
firewall system he talked about in the last article...</em>" ...well,
you'd be correct. Even though FreeNAS is a totally different project,
done by a different set of developers, FreeNAS uses the M0n0wall code
(stripped down FreeBSD, mini-HTTPD, Perl, PHP, etc.) as its starting
point. </p>

<p>This is one of the interesting aspects of many successful Open Source
projects: developers stand on the shoulders of those who came before
them. In this case, the stripped down FreeBSD code and web services
layer that makes M0n0wall work so well, would seem to make a great
base for a slimmed down, and high-performance storage management
<p>Lead developer Olivier Cochard and his team have developed a very
useful system that can really make a difference if your office (or
your home) data collection is getting out of hand.</p>

<p>FreeNAS supports the all of the standards you'd need, even in a
multi-OS (Windows, Mac, Unix/Linux) environment:</p>
<li>CIFS/SMB (Samba -- also known as "Windows File Sharing")</li>
<li>The Network File System (NFS)</li>
<li>The Apple Filing Protocol (AFP)</li>
<li>RSYNC protocols</li>
<li>Local and Microsoft domain user authentication</li>
<li>Software RAID (0,1,5)</li>
<li>Support for ATA/SATA, SCSI, FireWire and USB Drives.</li>
<li>WEB configuration interface.</li>

<p>FreeNAS takes less than 16MB of space and can be installed on Compact Flash, hard drive or USB key.</p>

Let's see how well it works...<br>

<h2>Putting FreeNAS to the Test</h2>

<p>FreeNAS is an embedded system for storage management. It can run on
any x86 compatible system from an embedded system all the way up to
the latest motherboard with SATA, FireWire and USB2 interfacese.</p>

<p>The system I used was a 2.4GHz Pentium IV with 1GB of memory, and 5
120GB SATA Disks. I decided to use all of the disks for storage since
the FreeNAS itself can fit on a USB Flash thumb drive.</p>

<p>The software can be run from hard disk, or from a USB thumb drive. I
decided it might be interesting to see how easily I could get a thumb
drive system up and running.</p>

<p>Installing the system on either device is simply a matter of
downloading the FreeNAS ISO image, buring it to a CD-ROM. Put the
CD-ROM into the system you want to use as your storage server, and
boot up. The CD-ROM installer then gives you the option of installing
FreeNAS onto the hard disk or a USB drive. Once you have done that
(and in the case of USB thumb drives, ensure that the BIOS will allow
you to boot from USB), just reboot the system with the tumb drive in a
USB socket and without the CD-ROM distribution disk.</p>

<p>Once the system was booting from USB device, it was simply a matter of
simple configuration. Just like the M0n0wall distribution its based
on, FreeNAS starts out with a text-based setup where you tell the
system what network interfaces to use (if there's more than one),
assign its network address.</p>

<p>Once the basics are out of the way, fire up a web browser on another
machine, enter the address of your server and log into the admin
console. Once the console is up, you can add disks (which will show
you available disks installed on the system), partition them and so on
until you have created the configuration you want. </p>

<p>I won't take up unnecessary space by detailing the step-by-step
partitioning and file systems allocation, but suffice it to say (and
as you'll see in the gallery) its really a snap to do. The draft user
manual is pretty well done and gives good step-by-step instructions on
creating a NAS system, from the initialization of the disks, to
carving them up into whatever sized paritions you need to suit your
business needs.</p>
<p>Once you have the disks patitioned and shares allocated, add user ids
so your users can connect to the file shares, and you're all set.</p>

<p>What's most intersting is how fast the whole system is. Like
M0n0wall, this is a rstripped down BSD Unix system -- all unecessary
services are not even available on the system. The entire power of
the system is dedicated to serving up filesystems, and the I/O
throughput is pretty much limited to the speed of the I/O card (in
this case a SATA controller, the latency of the disks and the speed of
the network. </p>

<h2>The Right Tool for the Right Job</h2>

<p>FreeNAS is a very exciting and useful project. It addresses a need
that most businesses (and even individuals) have, that is the need for
a simple yet complete storage managent system that won't wreak havoc
with budgets.</p>

<h3>Short comings:</h3>

<p>FreeNAS is still a work in progress -- a very functional work in
progress -- but nonetheless, it's still growing project. There are a
few areas, that need to be addressed:</p>

<li>LDAP or Active Directory Authentication: For many users isn't an
issue, but this is a feature that needs to be developed so that
FreeNAS can support larger enterprises that make use of these
technologies to store user credentials. However, these are solved
problems in both Linux and other BSD implementations, so it's only a
matter of time before this capability arrives in FreeNAS.</li>
<li>Hotswap: At the moment, FreeNAS doesn't support hot-swappable
disks. This is a minor annoyance, meaning that you have to explicitly
un-mount a disk (such as a USB or firewire drive) before removing it
from the system. This will probably only affect you if you use these
devices to do your regular backups.</li>
<li>Backups: How, besides the built-in RSYNC capability, you back up
the system. Of course, there's nothing stopping you from connecting a
tape drive to the system, or even removable storage (the hotswap issue
not withstanding) for long term use a good backup/recovery plan is a

<p>If you need to take control of your small-business or home storage,
FreeNAS might be a great startig point that solves your immedia
problem, and will certainly get better and more capable as this
project progresses.</p>

<b>Write your own review</b><br />
If you've found the perfect tool for the job, we want to hear about
it. <a href="">Send us an
e-mail</a> describing the product and the job you're using it for. If
we feature the product in The Right Tool for the Job? blog, you'll
earn a little cash and be featured across the TechRepublic Web site
and in our newsletters. </p>

Collapse -

Asterisk - Be your <em>own</em> Phone Company

by spector In reply to Linux Zeitgeist

<a href="img">"><img src="" style="border-style: none"></a><p>

<a href="">Asterisk Image gallery</a><p>
<h2>Asterisk - Be Your <em>Own</em> Phone Company</h2>

<P>Back in the 1960s there was a rallying cry that defined a lot about
that decade, that cry was "<em>Power To the People!!!</em>" </P> If
the Internet is nothing else, it has been an exceptionally disruptive
force in terms of taking control away from old, established companies
and institutions and pushing the power, authority and control right
down into the laps of the customers. Don't like your Acme brand computer?
There are hundreds of others. Tired of Windows? Well, how about
MacOSX, or Linux? Don't like the Op-Ed pages in your local paper?
Start a blog.</P

<P>The last everyday bastion of instutional control -- the telephone
itself -- has finally come clearly into the cross-hairs of the Internet

<P>Techies have been experimenting
with placing calls over the Internet since the early 1990s, pioneers
like <a href="">Jeff
Pulver</a> and discount "minutes" companies like <a
href="">Net2Phone</a> were trail-blazers in
developing technology and using the Internet as a transport mechanism
to connect traditional phones, but it wasn't until <a
href="">Vonage</a> found the right pricing and
distribution formula a couple of years ago that the market for
broadband phones exploded.</P>

<P>VoIP, the <b>V</b>oice <b>o</b>ver <b>I</b>nternet <b>P</b>rotocol,
is probably the hottest thing to take hold on the Internet since,
well.. since the Web Browser. First there was <a
href="">Free World Dial-up</a> (started
by Jeff Pulver), then there was Vonage, and then <a
href="">Packet8</a>, and every Cable company ... and now even Verizon
and the rest of the not-so-much-babies-anymore Bell's like SBC/ATT and
Verizon are offering broadband phone services in an attempt to get
into this game before all their customers fly the coop.</P>

<P>Even though VoIP/Broadband phones may seem like the the hot new
thing, an even more profound technology is about to take broadband
phones and telephony to a whole new level bring voice, data and fax
integration to small offices and even home users.</P>

<h2>The Tool</h2>

Having a broadband phone line is one thing, but there are ways to go
well beyond a simple VoIP phone -- in fact if you are in business (or
even have a home office) there are ways to radically change how your
company works using <a href="">Asterisk</a>.

<h3>What it is... </h3>

<p>Asterisk is a software based telephony switch that brings the power of
a telco switching complex into a commodity PC. It does it in such a
way that almost anyone can set one up (and if it's beyond your skills,
there are a lot of qualified consultants around too) and among the
amazingly long list of features it provides are:<p>

<li>Detailed Calling Records</li>
<li>Call Forward on Busy</li>
<li>Call Forward on No Answer</li>
<li>Call Forward Variable</li>
<li>Call Monitoring and/or Recording</li>
<li>Call Parking</li>
<li>Call Queuing</li>
<li>Call Retrieval</li>
<li>Call Routing both in-bound and out-bound (for picking a lowest cost service, for example)</li>
<li>Call Transfer</li>
<li>Call Waiting</li>
<li>Caller ID</li>
<li>Caller ID Blocking</li>
<li>Caller ID on Call Waiting</li>
<li>Calling Cards</li>
<li>Conference Bridging</li>
<li>Dial by Name</li>
<li>Distinctive Ring</li>
<li>Fax Transmit and Receive integration (via a 3rd Party OSS Package)</li>
<li>Interactive Voice Response (IVR)</li>
<li>Local and Remote Call Agents</li>
<li>Music On Hold and/or Transfers</li>
<li>Predictive Dialer</li>
<li>Open Settlement Protocol (OSP) for integrating with other phone switches</li>
<li>Overhead Paging</li>
<li>Remote Call Pickup</li>
<li>Remote Office Support</li>
<li>Roaming Extensions</li>
<li>Route by Caller ID</li>
<li>SMS Messaging</li>
<li>Streaming Media Access</li>
<li>Text-to-Speech (via the Festival text-to-speech system)</li>
<li>Three-way Calling</li>
<li>Trunking (the ability to bundle phone lines together)</li>
<li>VoIP Gateways</li>

...and this is the <b>short list</b>.

<p>Asterisk has the ability to build a complete switching system out of a
PC (a typical hardware configuration is listed below) that can
integrate traditional phone lines (also knows as "POTS lines" short
for "Plain Old Telephone Service"), VoIP services, Broadband phone,
faxes and much, much more.</p>

<h2>Putting Asterisk to the Test</h2>

<p>Before we get too far along, let's define a few terms:</p>

<p><b>VoIP</b> -The Voice of Internet Protocol which allows voice
streams to by sent over the Internet </p>

<p><b>SIP</b> - The Session Initiation Protocol; a protocol for
starting services (like a VoIP session) between two end-points on a
network. SIP is the starting point for VoIP calls but can used to
start up almost any kind of computer-to-computer communications </p>

<p><b>Trunks</b> - outside connections to the Telephone Network, either
by a regular (POTS) phone line, a VoIP adaptor or a more
sophisticated connection like a T1 connection that has been
provisioned for voice channels.</p>

<p><b>Extensions</b> - your phones in your office or home. </p>

<p><b>FXO</b> - Foreign Exchange Office. From the telephone switches
perspective, a telephone network that is foreign to the local switch
(i.e., the Asterisk system); in this case that's your connection to the
outside phone network.</p>

<p><b>FXS</b> - Foreign Exchange Stations. Dial-able phones that are managed by Asterisk. </p>

<p><b>Routing</b> - The mechanism that determines how an incoming call
is routed to whomever is supposed to receive it.. For example, a call
could be sent directly to an extension and if no one answer it could
be sent to voice-mail. Or, if no one answers it could be routed to a
queue where the caller wait until someone is available to answer to
call. </p>

<p><b>Dial Plan</b> - A set of rules that describe how calls placed
from an extension are handled. For example, a dial plan may say that
"any 4 digit number dialed starting with '6' is an internal call, just
send it to the right extension." The same dialing plan may have a rule
that says "all non 800/888/877 number calls dialed should go through
the cheap broadband connection and not through the expensive POTS
lines." </p>

<h3>What You Need</h3>
Asterisk can run in surprisingly light (by current standards) hardware. You'll need:

<li>Minimum of a PIII @ 500 MHZ x86 machine with a hard drive (80GB
will be fine), 1GB of memory, CD-ROM, and a network interface</li>

<li>An Asterisk Developers Kit from <a
href="">Digium</a> which includes a TDM400P
4-port card. The basic kit includes on FXO and one FXS daughter cards
which can handle one FXS (e.g. your desk phone) and one FXO or external
trunk (e.g. your POTS line).. If you want to be able to, for example
use your POTS line for your local calls and a broadband phone for your
long distance, you will want to add one more FXO daughter card to your

<li>A copy of the <a
href="">Asterisk@HOME</a> CD-ROM
ISO image that has been burned to a CD-ROM</li>


<h3>Installing the software</h3>

<p>I found the easiest way to get started is with the Asterisk@Home
CD-ROM image. This will delete any existing system -- so I used a
machine that I dedicated to this purpose, or a test machine that has
nothing of value on it. Alternatively, you can install Asterisk and
its companion applications by hand, but that is a much, much more
involved process which is covered in great detail on the Asterisk web

<h3>Configuring the System</h3>

<p>Once the system finishes installing and building (about 30 mins) the
system is ready to be configured. All of the default passwords on the
system and the basic "quick-start" installation instructions can be
found on the <a

<p>The actual system configuration consists of connecting the phone
lines and your extensions into the Asterisk hardware, telling the
system which lines/extensions are which and lastly telling Asterisk
how you want to provision the lines.</p>

<p>Setting up the physical hardware is easy: On the Digium card the
FXS modules are green -- you plug your phones (extensions) into these.
The red modules are the connections to service providers (hence the
term "foreign exchange office"); plug your POTS line or broadband
phone connection into these. Next, Asterisk has to be told about the
extensions and the outside connections. </p>

<p>Configuring the actual lines is done very easily through a
browser-based software package included in the install called <a
href="">FreePBX</a>. FreePBX allows you to
control almost all aspects of the Asterisk configuration. In order to
set up the system all you need to do is identify your extensions (the
FXS connections) and the Trunk links (the FXO connections) and tell
Asterisk how it should route in-bound calls and what "dialing plan" should
be used on any of the external connections.</p>

<p>There are a number of screen-shots in the gallery that show they
main FreePBX interfaces you need to set up in order to get Asterisk
running. With the exception of your extensions and the connections to
the phone network, everything else is set up with reasonable defaults.
Oh, of course you will want to create voice-mailboxes and passwords,
but that too is covered by a web page in FreePBX.</p>

<h2>The Right Tool for the Right Job</h2>

<p>This is one of those DIY projects that is at once very scary
(building your own phone switch a bit on an little off the wall
concept for most people) and incredibly liberating in that you can
take control of your company's telecom system and really save yourself
potentially hundreds of thousands of dollars per year.</p>

<p> At one level you're taking a relatively low-powered PC, and simply
putting about $300 worth of hardware in it and running some Open Source
software, and at another level you're threatening the profits of your
local telephone monopoly all in one fell swoop.

<p>There is a lot more that comes with the Asterisk@HOME package; this is
only the barest of beginnings. The Asterisk web site has a large volume
of information about how to set up very sophisticated systems that
allow you to mix and match all sorts of different systems from
POTS lines and T1s to SIP based Internet dial-up systems and even how to
connect multiple Asterisk system together to create entire private
phone exchanges over the Internet.</p>

<p>If your company is looking for more ways to control your expenses,
this is clearly the right tool for the right job! Asterisk provides a
level of control over your telecommunications capabilities and costs
that used to cost around $50,000 just for the bare-bones switch. With
the features available in Asterisk, and the networking capabilities
available to even the smallest of businesses, this tool really levels
the playing field for small and medium sized businesses.</p>

<b>Write your own review</b></br>
<p>If you've found the perfect tool for the job, we want to hear about
it. <a href="">Send us an
e-mail</a> describing the product and the job you're using it for. If
we feature the product in The Right Tool for the Job? blog, you'll
earn a little cash and be featured across the TechRepublic Web site
and in our newsletters.</p>

Collapse -

Asterisk - Be your <em>own</em> Phone Company

by mikatrob In reply to Asterisk - Be your <em>ow ...

<p class="MsoNormal">We say ?Free? well Free is ?Free if you can configure it?
and then maintain it afterwards.</p>

<p class="MsoNormal"><!--[if !supportEmptyParas]-->

<p class="MsoNormal">Licenses is really all we?re talking about in the free
section, until you really ?pop the hood?</p>

<p class="MsoNormal"><!--[if !supportEmptyParas]-->

<p class="MsoNormal">Example we handle Northern Telcom (Nortel) they have systems
under many different names anyways, We very easily can install a northern
system with symposium, predictive dial, voice mail, etc.. If you have the cash
Nortel has the Keycode to unlock their equipment and it?s pretty stable as it
has always been.</p>

<p class="MsoNormal"><!--[if !supportEmptyParas]-->

<p class="MsoNormal">Now of course being that we play with Northern equipment and
see the initial cost of a Option 11 with voice mail with 20 phones run about
11k ? then with software upgrades that remove ? Yes, remove options that once
worked and now are licensed (VM for example) Now after changing to the ?new?
and seemingly ?free? upgrade from Northern customers find while they purchased
a switch and a phone and VM (voice mail) they now have to purchase an
additional ?Seat?/?License? to access the voice mail that ?used to work? It
makes me wonder if Northern is looking to do themselves in.</p>

<p class="MsoNormal"><!--[if !supportEmptyParas]-->

<p class="MsoNormal">Sorry for the ramble, we began tinkering with Asterisk and
combining these systems with existing Northern switches ? to allow the Asterisk
server to handle ALL VM, and also add conference calling capability ?without
cost of license? we became very interested in how far it could be taken, and to
be honest ? We have always been a strict Northern shop ? Before but after much
time and watching the development of this software and the hardware
capabilities that Digium provides ? we run our own PBX now across Asterisk and
use it with blinding saves (in comparison) down time is scheduled and we do run
a fault tolerance system (voice is critical) Many people and shops have a
misunderstanding upon getting into Asterisk about the cost ? It can be setup on
cheap hardware but then again so can the entire network (without redundancy
etc?) but when the rubber hits the road ? hardware and good common sense cost
real money ? why do we not only pay 500.00 for our file servers? Because we
have learned via failures ? cheap cost to much.</p>

<p class="MsoNormal"><!--[if !supportEmptyParas]-->

<p class="MsoNormal">Even though this article does only describe the bare bones
(1 FXO/1FXS) port being about 500.00 it is strange that companies think that
same thing applies to them and then become unset to find ? once they order 20
Cisco 7960 phone and the Single span T card and a Real Server each having SLA?s
and warranty ? that the cost come to about 15k.</p>

<p class="MsoNormal"><!--[if !supportEmptyParas]-->

<p class="MsoNormal">The ground shakes and these people miss the boat entirely
about what it is they are doing and the limitless possibilities this system
(and others) provide. The average Northern switch with the ?free and built-in?
modules of Asterisk (conference, VM, hotel ? Wake up call etc..) cost well over
60,000.00 ? Fully ported out (Northern port by port basis) now that small
investment of 15k does not sound so bad after all, then get to the meat of it ?
when adding a phone- simply buy the next Cisco 7960 phone and add it?s mac
address to the Asterisk switch and dial on ? getting VM, Conferencing, on
demand recording, predictive dial etc.. for the cost of the phone only ? 250.00
today?s price.</p>

<p class="MsoNormal"><!--[if !supportEmptyParas]-->

<p class="MsoNormal">Now in comparison on our Northern systems with the same
feature set(s) we add a phone ? Hold on we have to make sure the switch has
that many phones allowed to access it (provisioned) if not back to Northern to
get a new Keycode so we can add that new phone and not to mention the cost
involved because of everyone called to accomplish this simplest of simple task.</p>

<p class="MsoNormal"><!--[if !supportEmptyParas]-->

<p class="MsoNormal">Education in what is free and what is prudent and wise
(again, Voice is mission critical) so the hardware is not something you?d pull
out of the garage and ?junk together? but it seems today many pie in the sky
managers have this idea ? and while I have little problem with ?if they buy it,
We?ll install it? the understanding (education) of what they built their PBX on
is junk ?so do hold me responsible when the ?junk? breaks and you are down all
day without a backup plan.</p>

<p class="MsoNormal"><!--[if !supportEmptyParas]-->

<p class="MsoNormal">This systems really is rocking and I?m not completely down
on Northern either -we have dyed in the
wool Northern people and it does work, but the amount of options they miss out
on is tremendous ? shops need to expand and it?d be wise to have ?in-house?
techs try this out and see as it does work well and it is stable in-fact we do
more work on our Northern customers than our Asterisk customers networks.</p>

<p class="MsoNormal"><!--[if !supportEmptyParas]-->

<p class="MsoNormal">Some of the complexities can be rather mind numbing and many IT guys turn away ? fear or what not
or an desire to remain the same ? what ever it may be ? it to bad as it short slightness
on the IT individuals behalf to ?not continue learning? while it removes cash
flow from the bottom line of business.</p>

<p class="MsoNormal"><!--[if !supportEmptyParas]-->

<p class="MsoNormal">This is a mixed review upon people, understanding and preconceive
notions, but where there is no confusion over here ? again we are a Northern
shop ? Asterisk is honestly blowing our Northern equipment offerings out of the
water and adding to the bottom line.</p>

<p class="MsoNormal"><!--[if !supportEmptyParas]-->

Cheers and Enjoy Playing!

Related Discussions

Related Forums