Testing 21.04 Failover
30 views
Skip to first unread message
Peter Krautle
Jan 4, 2022, 7:55:26 AM1/4/22
to sipxcom-users
I've been testing 21.04 and have created a three node system, primary, secondary, and arbiter - hung some test phones off the system. The registrations page correctly displays the server that phones are registered to. The primary server is powered down, and all registrations to the phones drop. Upon analysis, the issue was pinpointed to DNS on the secondary server not responding to DNS queries from the phones. The cluster is on the 10.20.6.x subnet and test phones are on the 10.20.4.x subnetwork. When iptables is turned off on the secondary server, then the secondary DNS server responds to queries and phones register as well as place calls. I checked the Internet Calling menu, and the 10.0.0.0/8 rule is in place. Is there an iptables rule that is missing - any guidance is appreciated. Peter
Iuliu Blaga
Jan 4, 2022, 4:48:19 PM1/4/22
to Peter Krautle, sipxcom-users
Hi, all rules should be configured automatically if you do NOT check the "unmanaged" option in the firewall if the DNS service is active on the secondary. Also, the only real supported configuration is with only one active network interface.
--
In system security firewall rules DNS should be set to public. DNS port is 53 both UDP ans TCP
I've been testing 21.04 and have created a three node system, primary, secondary, and arbiter - hung some test phones off the system. The registrations page correctly displays the server that phones are registered to. The primary server is powered down, and all registrations to the phones drop. Upon analysis, the issue was pinpointed to DNS on the secondary server not responding to DNS queries from the phones. The cluster is on the 10.20.6.x subnet and test phones are on the 10.20.4.x subnetwork. When iptables is turned off on the secondary server, then the secondary DNS server responds to queries and phones register as well as place calls. I checked the Internet Calling menu, and the 10.0.0.0/8 rule is in place. Is there an iptables rule that is missing - any guidance is appreciated. Peter
--
You received this message because you are subscribed to the Google Groups "sipxcom-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sipxcom-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sipxcom-users/d97f70fa-df44-4d0c-92be-5b91f06aaba7n%40googlegroups.com.
--
|
||||||||||||
|
Michael Picher
Jan 5, 2022, 8:41:13 AM1/5/22
to Iuliu Blaga, Peter Krautle, sipxcom-users
The firewall settings, DHCP settings, network card settings are much less automated than other things. So, if you're building out something more than a single network system, it's likely you'll need to manually configure some services.
On Tue, Jan 4, 2022 at 4:48 PM Iuliu Blaga <ibl...@coredial.com> wrote:
Hi, all rules should be configured automatically if you do NOT check the "unmanaged" option in the firewall if the DNS service is active on the secondary. Also, the only real supported configuration is with only one active network interface.
In system security firewall rules DNS should be set to public. DNS port is 53 both UDP ans TCP
On Tuesday, January 4, 2022, Peter Krautle <pmkr...@gmail.com> wrote:
I've been testing 21.04 and have created a three node system, primary, secondary, and arbiter - hung some test phones off the system. The registrations page correctly displays the server that phones are registered to. The primary server is powered down, and all registrations to the phones drop. Upon analysis, the issue was pinpointed to DNS on the secondary server not responding to DNS queries from the phones. The cluster is on the 10.20.6.x subnet and test phones are on the 10.20.4.x subnetwork. When iptables is turned off on the secondary server, then the secondary DNS server responds to queries and phones register as well as place calls. I checked the Internet Calling menu, and the 10.0.0.0/8 rule is in place. Is there an iptables rule that is missing - any guidance is appreciated. Peter
--
You received this message because you are subscribed to the Google Groups "sipxcom-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sipxcom-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sipxcom-users/d97f70fa-df44-4d0c-92be-5b91f06aaba7n%40googlegroups.com.
--
Iuliu Blaga Sr. Support Engineer
The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer.
--
You received this message because you are subscribed to the Google Groups "sipxcom-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sipxcom-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sipxcom-users/CAGa-GoApRCB93gnybeBErxitdHj%2BHBiMkGb7wTEuky_DOVso%3DQ%40mail.gmail.com.
Peter Krautle
Jan 6, 2022, 9:54:49 AM1/6/22
to sipxcom-users
Thanks Luliu and Mike - I found the issue. In my attempt to permanently keep iptables disabled. I turned off Firewall as a core service. When the firewall service was enabled again, then DNS on the secondary server responded again to query requests when the primary server was powered off. I left the test system running for two days and primary server powered off with no loss of phone registrations and was able to successfully place basic calls. Appreciate the support. Peter
Reply all
Reply to author
Forward
0 new messages