See the latest in tech at FOSE / GOVSEC 2010 – March 23-25, Washington, D.C.

Last year, I had the pleasure of attending FOSE/GOVSEC 2009 in D.C. and I look forward to attending again this year. Last year’s exhibit floors were packed with some very nice gear and it was exciting to see emerging trends and get hands-on with some of the latest and greatest gadgets relating to gov’t information technology.

Simply put, FOSE is the largest gov’t IT trade show in the United States. GOVSEC focuses on government security and has an exhibit floor, as well as a series of conferences that may be limited to security-cleared persons. Last year’s show floors exhibited everything from high speed data capture devices, to mobile device security, armored vehicles, mobile computing and power generation, as well as high-tech weaponry.

So, what can we expect from FOSE 2010 and GOVSEC 2010? Here are a few highlights:

  • 3 days of exhibits for thousands of products
  • 2 full conference days aimed at educating attendees on emerging tech, trends and new improvements in the industry
  • Focus on: Digital Forensics, Cybersecurity and Terrorism, Cloud Computing, Virtualization, DNSSEC and more

The show is free to attend for government, government contractors and military and $50 for others.

You can also follow FOSE and GOVSEC online:

I lhad a great time last year and I ook forward to seeing you there this time around!

Wireless Coverage Maps: Thinking about switching carriers? Check these out.

If you are thinking of switching wireless carriers and wonder what their coverage is like in your area OR if you are having issues and wonder if it is just your phone, you might want check out these helpful web sites. These sites do not seem to have a lot of data for rural areas like mine, but perhaps that is because you need to sign up and start helping your fellow cell phone users! 🙂

Thanks for where I picked this info up. If you don’t read already, check it out!

Taking Back Your Phone System with VoIP & Asterisk: an overview

I will be giving a short talk this evening for CPLUG on VoIP and Asterisk: “Taking Back Your Phone System with VoIP & Asterisk: an overview”. John will be talking about Dropbox and John Place will be giving us an overview of Rackspace Cloud. I hear that Ubuntu One will be discussed too.

It should be a fun time and if you are able, you ought to come out. Directions and information is available at the CPLUG web site.

Download my slides here

Follow-up: Digium AA50 Reboot Issues — A Temporary Work-around

This is a follow-up my original blog post here: Digium Confirms Major Issues with AA50 VoIP Appliance: Spotaneous Reboots and Memory Card Write-Lock, A Review

Since I originally posted, I seem to have found a band-aid fix that is getting our AA50 through the days without spontaneous reboots and dropped calls in the process. I thought others might find this helpful too. Although not ideal, I am currently rebooting the AA50 shortly before it starts seeing steady use each day and thus far (knock on wood), the unit has not rebooted unexpectedly; we are going on 5 days since I put this reboot process in place.

A little bit of background before I present my work-around: The unit in question utilizes a custom “office closed” greeting that is played before all other greetings on off-hours. We deliberately set up the system to clear all of these types of messages (we call them “pre-greetings”) after a reboot. Accordingly, if the unit reboots and the office is not open, callers may not know that fact and expect a quick reply back. In order to minimize the number of cases where someone calls the office and does not hear the “office closed” pre-greeting, I reboot the phone system each Monday-Friday at 8:40 am. The office opens at 9:00 am and the receptionist routinely arrives early to listen to messages before the day starts; it is important for everything to be rebooted and ready when she arrives.

Although I do have OpenVPN access to this network, SSH with a strong password direct to the box is how this example is presented as I realize many of you might not have this luxury. I recommend that you port-forward some port other than 22 to prevent the most basic of attacks and most certainly use a strong password; if possible, restrict your origination networks as well. I based my solution on the expect package for Linux and it is working quite well.

A note on syntax: In the below examples, I use brackets [ ] to contain arguments that you will need to change to match your particular situation. For example, if your AA50’s password is 1s3curedb0x!, you would replace “[your_password]” with “1s3curedb0x!” in the below examples.

A note on requirements: My examples require the expect package and assume you are using Linux for this exercise. On a stock install of Ubuntu, you can simply “sudo apt-get install expect” to get what you need.

The reboot script: This is the main reboot script that gets called each morning. This script will remotely connect to an AA50, gracefully restart Asterisk (i.e. do not reboot in the middle of a call) and then immediately reboot the AA50. script is available here

Automated log move and download scripts: If you have full logging enabled on the AA50, it does not get saved long-term so far as I can tell; it appears that the log is only stored in volatile RAM which is cleared on each reboot. Accordingly, I download my debug logs just before rebooting. I assume that if you have an AA50, you probably do not have a super high-trafficked system, but do be aware that the way I do this leaves behind events that you will not have logged right around the few seconds that it takes to login to the unit, download the log and then reboot the AA50.

Also note that this would be a much better solution if I did everything in one script. Alas, I did this piecemeal and have not yet compiled everything into one script. If you would like to do so and post it for everyone else to see, please do, but I do not have time at the moment. script (moves the last full log downloaded to a file with the timestamp  of now before we download the newest log to replace it): is available here (download the current full log from the remote AA50 to our local machine before we reboot): is available here

The cron job: This is really simple, and if you have never set up a cron job before, do a search for “crontab generator” and you will find all of the help you need.

#call the following three scripts every M-F @ 0840
40 8 * * 1-5 ; ;

There you have it. It is not pretty, but it works for me. If you have a similar problem with your AA50 and are not sure how to remedy the problem yourself, please get in touch with me at and I will be happy to help.

Disclaimer: I am not a programmer, so use this at your own risk.

Digium Confirms Major Issues with AA50 VoIP Appliance: Spotaneous Reboots and Memory Card Write-Lock, A Review

Let me begin by saying that I am a big fan of Digium in general. All of their products that I have used thus far in several IP telephony / VoIP installations have worked tremendously well.

Background: Doug and I recently integrated a Digium AA50 phone system appliance with Polycom IP telephones for a small business with moderate call volume (approximately 50-60 outgoing long-distance calls daily and many more incoming calls). The system is attached to 3 analog Embarq telephone lines (with rollover from one main number) via the AA50’s FXO ports and a 2-call limit VoIP trunk with CallCentric.

The phone network is powered, VLAN’d and QoS’d by a Dell PowerConnect 3548P that is capable of delivering Power-over-Ethernet (PoE) to all 48 ports. Users of the system can plug their laptops into the provided and automatically VLAN’d Ethernet pass-thru on both the SoundPoint IP601 and IP331 phones; this is a really nice feature of the SoundPoint models we use and allows you to only have one jack for two devices while still keeping voice and data on separate VLANs. The 3548P switch is really slick in that it came with multiple VoIP provider VLANs programmed in already (based on MAC address); any devices from those manufacturers are automatically placed into the voice VLAN on the switch. Oddly enough, the Dell switch did NOT have an entry for Polycom, though it did come with presets for Cisco, Aastra, Avaya and a handful of others.

The AA50 phone switch, Dell 3548P and associated firewall (a Linksys WRT54GL running OpenWRT for VPN, QoS and VLAN capability) and DSL modem are all backed up by an APC UPS SUA750XL that, at current load, gives the customer about 90 minutes of runtime during a power outage.

We utilize the licensed g729.a codec internally and over our VoIP trunks with CallCentric to minimize bandwidth consumption.

The AA50 appliance is used with (3) Polycom SoundPoint IP601 with sidecars for receptionists, (1) Polycom SoundPoint IP6000 conference phone and (10) Polycom SoundPoint IP331 phones. Having worked with interfacing Avaya, Aastra and Polycom phones to Asterisk in the past (trixbox, Asterisk Business Edition and the like), I will continue to pick Polycom hands-down for interoperability with Asterisk, with Aastra as my second choice. Avaya makes amazing systems, but they add so much proprietary stuff on top of SIP that I have found that the phones are more trouble to work with than Polycom or Aastra, which adhere much more closely to established standards.

Review: On the AA50, usability would have received 5 stars, except that some advanced setup functions still require getting under the hood and modifying config files by hand. One setting that should be built into the GUI is a limit for number of simultaneous calls on a given trunk; to do so requires editing users.conf by hand. I do not believe that it is possible to add more than one VoIP trunk provider via the web GUI at this time either, but perhaps I missed something.

Another thing that hurt usability is the location of stored config files on the system. Because this system uses a CF card, files are not located in the places you would expect to find them on an Asterisk system. Once you figure out that the CF card is mounted in /var/lib/asterisk/sounds/, you are good to go. It is important to note that some normal Asterisk functionality (such as CDR) does not appear to be functional because of CF card limitations.

I would have liked to have seen in the web GUI and documentation a better reference to the “advanced options” switch that allows you to do such things as modify config files using the web GUI. This option is hidden in the menu until you explicitly enable advanced options, which is annoying.

Pricing is ok on the AA50 if you are not able or willing to put together your own whitebox solution. If you know what you are doing, hindsight tells me that I would now recommend going the whitebox route; you can build two systems and have one for a spare for the retail price that the AA50 sells at.

Unfortunately, the AA50 does not support sending syslog events to a remote syslog server. SNMP is not available that I am aware of and enabling the “full logging” in logger.conf is futile; the full log gets wiped when the AA50 reboots because the log is stored in volatile RAM and not on the CF card; there is no way to redirect the log that I am aware of. Currently, I have a cron process that logs into the AA50 every few minutes and grabs the latest log information.

***ISSUES: As of the date of this writing (02 Nov 2009), we have two major issues which Digium has confirmed are issues for multiple customers: Issue 1) The system spontaneously reboots, whether or not calls are currently in progress. Fortunately, the system reboots very quickly (~20-30 seconds) and it is almost unnoticeable if you have low call volume. It takes phones a few seconds to re-register with the server though and so phones are out of service for upwards of a minute when a spontaneous reboot happens. Apparently this spontaneous reboot situation is attributed to a memory leak, but Digium is not aware of the exact problem and does not have a resolution as of yet. I am told by Digium that they previously had a memory leak issue and remedied it quickly, but are having a harder time tracking it down this time.

Issue 2) The CF memory card will spontaneously change to read-only mode while the phone system is in operation. As the “hard drive” and only permanent storage in the system, this is a huge issue because when the CF card is mounted read-only, you cannot leave or delete voicemails. The system will function as if nothing is wrong, but then fail to actually write or delete voicemail. At that time, you have to umount the CF card and remount it using the command line or reboot using the web interface. Another related symptom: If the CF card goes to read-only mode while someone is leaving a voicemail, that voicemail will be corrupted and you will not be able to delete or use the space occupied by the voicemail until you delete the file manually using the command line.

Another really quirky issue with the AA50 is that the WAN and LAN ports both share the same MAC address and there is no way that we could figure out to override this permanently. This makes things really interesting when you plug the WAN and LAN ports into the same VLAN’d switch; trust me, it is not pretty. We ended up routing all traffic via the LAN port and do not use the WAN port for anything. This required a little creativity and I would be happy to share our config if anyone is interested.

We purchased a Gold support contract with Digium because it provides advanced hardware replacement in the event of failure and it took several weeks to actually receive the support certificate for some unknown reason. Digium even told me at one point that they did not even sell support for the AA50 any more, even though they still showed this offering for sale on their own web site! Not receiving the certificate might have prevented us from getting support from Digium, but the tech I ran across was kind enough to give us a pass and address our issue even though he could not verify that I had purchased support.

Overall, support from Digium has been better than what you would receive from a typical tech company, but it has not been stellar. Techs have followed up with me while I have an open ticket, but it takes them quite a while to do so and this does not seem to be standard practice, but more just getting a good tech (i.e. it might not be policy).

When I call Digium support, I always get someone right away, but I am usually told that I will be put into a callback queue after my contact and issue details have been taken. It seems that Digium has little resources dedicated to supporting the AA50 appliance and not many Digium techs I have spoken with seem as comfortable with this unit as they are with the Switchvox product line. As a matter of fact, it often seems that I know just about as much about this unit as Digium does and that is not comforting. Typically, I receive a callback within 1 hour, but this can be an eternity if you have a terribly broken system and can not take or make calls. For the high cost of the support agreements, better service should be afforded to the customer.

I will wrap up by saying that our reseller, VoIP Supply (Arthur Miller in particular) have been stellar. Arthur was tremendously helpful during pre-sales, ushered and expedited our order after-hours when we needed equipment ASAP (and called at the 11th hour) and he even helped to escalate these issues with Digium. Arthur has done a tremendous job and I can wholeheartedly recommend VoIP Supply to others. If you would like to contact Arthur for purchases, please let me know and I will send you a private message with his contact details.

I will update with another review when we have a resolution to these issues.

Central Pennsylvania Open Source Conference – October 17, 2009

Attention all techies! If you are not yet registered for the 2009 Central Pennsylvania Open Source Conference, today is the last day registration will be open! It was a great learning experience last year and promises to be the same this year as well. You can check out the schedule and register here:

Linksys EG1032 v3 works in gigabit mode on Openfiler 2.3

Just a quick follow-up on my previous post regarding the Linksys EG1032 and Openfiler 2.3: We have confirmed that the v3 of the Linksys EG1032 does work in gigabit mode on Openfiler 2.3 when provided with a gigabit uplink.

I have also tried the EG1032 v3 with ESX 3.5 on a Dell PowerEdge 2600 without any luck as of yet. The card is not recognized by the operating system with a default install.

Linksys EG1032 v3 works on Openfiler 2.3

A friend and I have been experimenting with Openfiler 2.3 recently and tried the Linksys EG1032 v3 gigabit network card in an installation.

While the card was not autodetected after an install was already made (we tried swapping cards and changing config), it does work with a new install of OpenFiler 2.3; we did not have much configured, so we decided to just try a fresh install instead of monkeying around with the rPath O/S. The card was autodetected during installation. I have yet to verify that the EG1032 v3 is being utilized in gigabit mode and will provide any update once I do.

It is important to note that different verisons of this card work differently under Linux and may not work at all under OpenFiler. We successfully used a v3 card which uses the RT8169 drivers. Version 2 of the card apparently uses the SKGE driver and at least one user has reported that the card did not work with OpenFiler 2.3beta. I am not sure of the compatibility of v2 of the EG1032 with the released Openfiler 2.3, so I just made sure I picked up a v3 card.

By the way, I do not see any way to tell from the Linksys packaging which version of the card you are getting. When shopping for cards at my local Staples, I found that the product image on the front of the box used a card with “v3” markings near the card’s cover plate and model number markings. I am sure that is NOT a great way to make sure you get a v3, but I decided to take a chance and lucked out.

Hulu Really IS More Valuable than Prime-time TV

Several weeks ago, I wrote about how much more effective Hulu is than conventional TV at getting me to watch commercials. PC World recently caught on too and wrote an interesting article on the subject this week. It turns out that advertisers are paying 1.5 – 3 times more (per thousand viewers) for ads shown on Hulu than on prime-time television:

The Simpsons: Worth More on Hulu than Fox

As one commenter, chuckchuck, to the PC World article puts it:

“watching shows online is beneficial to the viewer because it’s when we want it, with few (if any interruptions) – take the basic 15-30 second commerical on sites like HULU and increase it, and it’s back to downloading illegally – think people! When you’ve got something good, don’t screw it up!”

I agree wholeheartedly. Should Hulu decide to lengthen commercial spots, allowing me time to actually make it to the fridge and back, I am lost and the commercial has zero value. Hulu knows exactly the same thing that Google does: Show people ads in an unobtrusive way and we will react more positively overall. Hulu IS turning our brains to mush… and making a good buck at it too!

UPDATE: Receiving faxes with Callcentric, or not

This is an update to my April, 2009 post about using Callcentric to receive incoming faxes.

Back in April, I recommended using Callcentric’s fax reception feature as a cost-effective way to receive incoming faxes. In the past few days, I have had several people report that they were unable to send me faxes; both senders received messages related to poor line condition after a failure to transmit faxes to me. This seemed unusual since both fax machines are connected to regular phone lines (ie: no VoIP problems to blame) and both faxes were able to transmit faxes to other machines without issue. Additionally, each fax machine is in a different state and connected to a different telephone provider, making issues with service on the other end seem unlikely.

I started by looking for help on Callcentric’s web site to make sure I was not doing something wrong. During my search, I found this page on Callcentric’s site that states that fax reception is currently unsupported, but it sounded to me like perhaps only receiving faxes to regular machines connected to a VoIP telephone adapter were unsupported. When I wrote my post in April, the warning about fax reception was not on the page.

Unfortunately, Callcentric support has confirmed that any fax reception using their service is unsupported at this time, though they continue to tweak the service regularly; even faxes received using Callcentric’s own fax-to-PDF function (what I was using) are unsupported as of this moment.

Boo. Hiss. According to Callcentric’s support team, the fax reception feature is still being developed fully and they are unable to say when they might support fax reception again.