We are upgrading Stu’s phone from the Sipura 841 to a Cisco 7960 IP Phone due to the better speaker phone and his high call volume. I first ordered from Compu-America since they had a great price ($263) and said on their site that they shipped in ~24hrs. After a week I called them and they told me that “Oh, we ran out them the day you called.” I pointed out that the website still said “Usually ships in 24hrs” and he muttered. I then asked when I should expect my phone to which he replied that they would get them in in 7 days and then ship it out, making my total time 3 weeks. I canceled my order.

I then called Volt Depot who had the phone for $270 and spoke to “Frosty”. He went over the differences between the 7960G-CH1 and the 7960. He also pointed out that they don’t come with a powersupply and had one for $15 (Not $40). He also offered to ship it out overnight AND sent me the SIP firmware and instructions.

Guess who’s going to get our future Cisco IP phone business?

This is the script I’ve put together to do my QoS on my Asterisk PBX server and my Apache Webserver. It sets VOIP as the highest priority, then HTTP with mail and other stuff falling into 30 or 40. Feel free to use it if you would like. Feedback is always welcome.

IPT=/sbin/iptables
IP=/sbin/ip
TC=/sbin/tc

# Specify ethernet device, Queue length, and MTU size
# ((qlen * mtu) / rate) / 1024 = time
DEV=eth0
OUT_QLEN=100
MTU=1492

# Set to ~80% of tested maximum bandwidth
UPLINK=10000000

# specify class rates - We grant each class at LEAST its “fair share” of
# bandwidth. this way no class will ever be starved by another class.
UPLINK_1_R=512 # VOIP only
UPLINK_2_R=256 # Interactive services (HTTP)
UPLINK_3_R=256 # Default
UPLINK_4_R=128 # Bulk

# Each class is also permitted to consume all of the available bandwidth
# if no other classes are in use.
UPLINK_1_C=${UPLINK}
UPLINK_2_C=${UPLINK}
UPLINK_3_C=${UPLINK}
UPLINK_4_C=${UPLINK}

# remove old qdiscs
$TC qdisc del dev $DEV root 2> /dev/null > /dev/null
$TC qdisc del dev $DEV ingress 2> /dev/null > /dev/null

# reset iptables rules
$IPT -t mangle -D POSTROUTING -o $DEV -j MYOUT
echo “first”
#$IPT -t mangle -D PREROUTING -o $DEV -j MYOUT
$IPT -t mangle -F MYOUT
$IPT -t mangle -X MYOUT

# set outgoing queue length
#$IP link set dev $DEV qlen ${OUT_QLEN}

# lower the MTU to decrease latency
#$IP link set dev $DEV mtu $MTU

# Create HTB root qdisc with an htb default of 30
$TC qdisc add dev $DEV root handle 1: htb default 40

# create main rate limit class
$TC class add dev $DEV parent 1: classid 1:1 htb rate ${UPLINK}kbit

# create leaf rate limit classes
$TC class add dev $DEV parent 1:1 classid 1:10 htb rate ${UPLINK_1_R}kbit ceil ${UPLINK_1_C}kbit prio 0
$TC class add dev $DEV parent 1:1 classid 1:20 htb rate ${UPLINK_2_R}kbit ceil ${UPLINK_2_C}kbit prio 1
$TC class add dev $DEV parent 1:1 classid 1:30 htb rate ${UPLINK_3_R}kbit ceil ${UPLINK_3_C}kbit prio 2
$TC class add dev $DEV parent 1:1 classid 1:40 htb rate ${UPLINK_4_R}kbit ceil ${UPLINK_4_C}kbit prio 3

# attach qdisc to leaf classes - here we at SFQ to each priority class. SFQ
# insures that within each class connections will be treated (almost) fairly.
$TC qdisc add dev $DEV parent 1:10 handle 10: sfq perturb 10
$TC qdisc add dev $DEV parent 1:20 handle 20: sfq perturb 10
$TC qdisc add dev $DEV parent 1:30 handle 30: sfq perturb 10
$TC qdisc add dev $DEV parent 1:40 handle 40: sfq perturb 10

# add MYOUT chain to the mangle table in $IPT - this sets up the table
# we use to filter and mark packets.
$IPT -t mangle -N MYOUT
echo “second”
$IPT -t mangle -I POSTROUTING -o $DEV -j MYOUT
echo “third”

# add fwmark entries to classify different types of traffic - Set fwmark from
# 10-40 according to desired class. 10 is highest prio.
$IPT -t mangle -A MYOUT -j MARK –set-mark 30

# outgoing VOIP rules - trumps everything else
#$IPT -t mangle -A MYOUT -p udp –sport 5060:5063 -j CLASSIFY –set-class 1:10
#$IPT -t mangle -A MYOUT -p udp –dport 5060:5063 -j CLASSIFY –set-class 1:10
#$IPT -t mangle -A MYOUT -p udp –sport 4569:4569 -j CLASSIFY –set-class 1:10
#$IPT -t mangle -A MYOUT -p udp –dport 4569:4569 -j CLASSIFY –set-class 1:10
#$IPT -t mangle -A MYOUT -p udp –sport 5036:5036 -j CLASSIFY –set-class 1:10
#$IPT -t mangle -A MYOUT -p udp –dport 5036:5036 -j CLASSIFY –set-class 1:10
$IPT -t mangle -A MYOUT -p udp –sport 4569 -j MARK –set-mark 10
$IPT -t mangle -A MYOUT -p udp –dport 4569 -j MARK –set-mark 10
$IPT -t mangle -A MYOUT -p udp –sport 5060:5070 -j MARK –set-mark 10
$IPT -t mangle -A MYOUT -p udp –dport 5060:5070 -j MARK –set-mark 10
$IPT -t mangle -A MYOUT -p udp –sport 16000:17000 -j MARK –set-mark 10
$IPT -t mangle -A MYOUT -p udp –dport 16000:17000 -j MARK –set-mark 10

# default for outgoing interactive ports rules
#$IPT -t mangle -A MYOUT -p tcp –sport 0:1024 -j CLASSIFY –set-class 1:20
#$IPT -t mangle -A MYOUT -p tcp –dport 0:1024 -j CLASSIFY –set-class 1:20
#$IPT -t mangle -A MYOUT -p tcp –sport 0:1024 -j MARK –set-mark 20
#$IPT -t mangle -A MYOUT -p tcp –dport 0:1024 -j MARK –set-mark 20
$IPT -t mangle -A MYOUT -p tcp –sport smtp -j MARK –set-mark 40
$IPT -t mangle -A MYOUT -p tcp –dport smtp -j MARK –set-mark 40
$IPT -t mangle -A MYOUT -p tcp –sport rsync -j MARK –set-mark 40
$IPT -t mangle -A MYOUT -p tcp –dport rsync -j MARK –set-mark 40

# the ack rule ¿ for ack packets smaller than 64 bytes –it must be
#added using
# tc filter instead of iptables for now because the length module appears to be
# broken and/or missing from the wrt54g iptables
$TC filter add dev $DEV parent 1:0 prio 1 protocol ip u32 match ip protocol 6 0xff match u16 0×0000 0xffc0 at 2 match u8 0×10 0xff at 33 flowid 1:10
$TC filter add dev $DEV parent 1:0 prio 1 protocol ip u32 match ip protocol 6 0xff match u16 0×0000 0xffc0 at 2 match u8 0×60 0xff at 33 flowid 1:10
$TC filter add dev $DEV parent 1:0 prio 1 protocol ip u32 match ip protocol 6 0xff match u16 0×0000 0xffc0 at 2 match u8 0xb8 0xff at 33 flowid 1:10

# outgoing DNS rule
#$IPT -t mangle -A MYOUT -p udp –dport domain -j CLASSIFY –set-class 1:20
$IPT -t mangle -A MYOUT -p udp –dport domain -j MARK –set-mark 20

# cheap outgoing ping rule
#$IPT -t mangle -A MYOUT -p icmp -j CLASSIFY –set-class 1:20

# outgoing ssh connection rule
#$IPT -t mangle -A MYOUT -p tcp –sport ssh -j CLASSIFY –set-class 1:20
#$IPT -t mangle -A MYOUT -p tcp –dport ssh -j CLASSIFY –set-class 1:20
$IPT -t mangle -A MYOUT -p tcp –sport ssh -j MARK –set-mark 20
$IPT -t mangle -A MYOUT -p tcp –dport ssh -j MARK –set-mark 20
$IPT -t mangle -A MYOUT -p tcp –sport 2545 -j MARK –set-mark 20
$IPT -t mangle -A MYOUT -p tcp –dport 2545 -j MARK –set-mark 20

#
# Web
#
$IPT -t mangle -A MYOUT -p tcp –sport http -j MARK –set-mark 20
$IPT -t mangle -A MYOUT -p tcp –dport http -j MARK –set-mark 20
$IPT -t mangle -A MYOUT -p tcp –sport https -j MARK –set-mark 20
$IPT -t mangle -A MYOUT -p tcp –dport https -j MARK –set-mark 20

# outgoing P2P rules ¿ these are close to last b/c they use relatively costly layer 7 matching
#$IPT -t mangle -A MYOUT -m layer7 –l7dir /etc/l7-protocols/protocols –l7proto directconnect -j CLASSIFY –set-class 1:40
#$IPT -t mangle -A MYOUT -m layer7 –l7dir /etc/l7-protocols/protocols –l7proto fasttrack -j CLASSIFY –set-class 1:40

# outgoing default rule - unmarked packets get schleped into lowest prio
#$IPT -t mangle -A MYOUT -m mark –mark 0 -j CLASSIFY –set-class 1:30

# No Classify, so we need to assign them
tc filter add dev eth0 parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10
tc filter add dev eth0 parent 1:0 prio 0 protocol ip handle 20 fw flowid 1:20
tc filter add dev eth0 parent 1:0 prio 0 protocol ip handle 30 fw flowid 1:30
tc filter add dev eth0 parent 1:0 prio 0 protocol ip handle 40 fw flowid 1:40

# All done, exit ok
exit 0

Now that I have our VOIP implementation working, I’m off to my next adventure. I see that I need to do some work on our QoS policies due to having our PBX also being a webserver and a rsync mirror for CentOS. So I’ve jumped off into the next thing with the goal of priortizing our VOIP traffic to be higher than everything else so as to give excellent VOIP performance first, other traffic second.

Here are a few links I have found that seem to be related to what I want to do. I don’t have the CLASSIFY option available to me as I want to run stock kernels on the router boxes, so I’ll have to do some munging and testing to see if I can get things working the way I want.

Links:

Asterisk QoS
IPTables + tc shaping
NetworkQoS
Linux Traffic Shaping - Examples

Well, my Sipura SPA-841’s finally arrived last week and I spent a couple of days testing on my local gentoo box before I rolled to our colo’ed server. The phones work wonderfully, but I’m not sure it’s really that the phones are that nice, but the the Asterisk PBX and IAX2 infrastructure is so well implemented. I did run into one serious problem that I attributed to NAT, but turned out to be a simple error on my part where I had an invalid Caller ID string. It took me 2 days to figure it out and in the end I was kicking myself. I finally found it when I broke out Ethereal out and looked at the packets and saw that my packets were getting across the Firewall + NAT. This ment that the issue had to be at the device, so I started poking around and it was indeed something simple.

We have our DID lines through IAX.cc/SixTel and our outgoing via VOIPJet. We setup one incoming toll-free for $0.02/min, one local Houston DID for $0.0143/min and our outbound for $0.013/min.

I’ve delivered one of the phones to one of my partners in Houston and we now have real office extension, conference rooms, multi-line, transfers in our homes…VERY cool stuff.

I got an email today saying that my SPA-841 SIP phones have been delayed until January. Ouch, I wanted to play with them over the holidays.

In other VOIP news, I’m starting to consider iax.cc as my DID service, they look pretty reasonable and have the area codes I need. If anyone out there has used them and has some experience with them, I’d love to hear from you.

I’ve taken the plunge and ordered two hardphones for a VOIP test with Asterisk OSS PBX. I’ve ordered two Sipura SPA-841’s from Atacomm after extensive conversations with folks on the Asterisk IRC channel. The phones won’t be in for a week or so as they have just been released, but initial information is very encouraging.

I also put down $5.00 with VoipJet as a IAX termination service (PBX speak for outbound provider). The $5.00 gets us about 380minutes of US talktime, which should be enough for a good test.

Once I get the devices and have them configured, I’ll be sending them to my partners for testing and we’ll see how this VOIP/Virtual office is going to work for us.

I spent some time last night and got my Asterisk PBX up and running. I’m currently using Xten’s X-Lite phone with my Logitech USB headset and it works great! I was able to leave myself voicemail and go through the demo extensions and actually contact Digium’s IAX PBX. Very cool stuff! On top of that, I found that VOIPJet has a free $0.25 account you can setup and I made several calls on it. With their rate of $0.013/min, it’s quite economical. I’ll be doing more tests and see about getting some of my partners setup for a pilot program.

It’s worth noting that Gentoo comes with Asterisk in portage, so all you have to do is emerge asterisk and you are off and running.

I’ve read Asterisk before, but really didn’t see where it would play with my requirements. Well, now I do. With our small business and with our home offices it looks like Asterisk or IAX/SIP provider might be exactly what we need. The way I see it now, there are a couple of options that would work for us, after we each get a SIP phone:

• Go out and find a provider (Packet8) who will handle our current number and be able to add virtual numbers. This has a monthly rate attached to it in the rage of $20-$40/mo per line. They also charge for other features on a monthly basis. So we are looking at around $200/mo for 4 of us. That might or might not include long distance.
• Build a Asterisk machine myself and put a two port card (I think that’s a FXO) so we can have a single inbound line and a single outbound line for local calls. This would give us complete control of the the PBX, but we’d need an upstream provider to handle our long distance and to route ‘virtual numbers’ to us. I’m not sure how you go about doing that right now.
• Just do Vonage, they supply the Phone to SIP converter and all that jazz, not sure what price advantage or service advantage we would see from vonage.

I’ll keep looking and thinking on this subject, as it sure would be nice to have easy dialing between us, even with a soft SIP phone.