VoIP Routing Loop

The other day my boss and I managed to create a call routing loop between two of our phone systems. It was kinda fun, in one of those painful ways. Here's how it went down.

Phone system A has extensions in the range of 2XXX. Phone system B has extensions in the rage of 1XXX. The PBXes have an IAX2 trunk between them to allow direct dialing. The phones themselves have a dialplan which recognizes 1XXX and 2XXX as patterns, which allows for faster dialing. Users must dial a 9 to reach an outside line.

There was just a slight problem. Due to a misconfiguration on my part, B was set up to route any unknown 1XXX extensions back over to A. For a real extension, say 1000, the rule wouldn't match because B would know to send that call to the local user. But let's say that somebody's boss forgot to dial a 9 when dialing a long distance number. So the phone sees the first 4 digits, 1 + area code, and assumes it's an extension. A sends the call to B. Well, that extension didn't exist so B sent the call back to A. That would be the point when the fun began.

I would have thought that the PBXes would create a whirlwind of calls until the original call eventually timed out and broke the chain, thus bringing all the calls to a halt. But somehow that isn't what happened. The system stabilized at 400 or so active channels. Sat that way for a few hours I believe. What finally did stop it was my removing the rule to allow 1XXX over the IAX2 trunk from B to A. Within just a few seconds all the calls came to a grinding halt (in a good way).

I've decided then that having local extensions that start with a 1 is a less than desirable thing. It's not the end of the world, but avoiding it can relieve some potential headaches so I intend to eschew it where possible.


Absentee Voting

According to this AP story, about 1/3 of Idaho voters this election cast their ballot absentee. I'm actually surprised that it's that high, but not because I think it's a bad idea. Quite the opposite, in fact. See, I grew up in Oregon and cast my first ballot there via mail, as all elections have been for at least 15 years I believe.

In Idaho it's a bit harder than in Oregon, since voting by mail isn't the default. To mark my ballot I had to use a toothpick to punch out a paper ballot. But it wasn't terrible either and I think most people could manage it, possibly even some Floridians.

But also mentioned in that article is that some state representatives think the high number of absentee voters is a bad thing. These are the people we like to call "misinformed" and "crazy". Why would it not be a good thing? Instead of spending an hour of my business day in a school gym, I can vote at my home. Instead of trying to pawn my kids off somewhere, I can leave them be in the house. Instead of standing in long lines, I can vote whenever I've got time. Instead of being rushed to pick between two people I've never heard of, I can sit down and read about them on the Internet. That makes it a win-win-win-win.

I just don't understand why everybody hasn't moved to voting by mail.


Asterisk - Call Progress And Early Media

When you make a phone call, say to your grandma, you hear her phone ringing. It's called ringback and its purpose is fairly obvious. But have you ever wondered where it comes from? As a kid I assumed I was hearing grandma's phone ringing which, if you think about long enough, is kinda ludicrous. I haven't read up enough to know where it actually came from but I can tell you where it comes from in a SIP environment. There are basically two options.

First of all, the called party sends a 183 Ringing message to the caller. That's how your phone knows that grandma's is ringing. Your phone also then plays some sort of ring noise to let you know.

There's another possibility though. Instead of just saying 183 and being done, the callee can send back an RTP stream with the ringing noise of its choosing. I'm sure you've heard different types of ringback before (different pitch, different frequency, different volume) and that's because voice switches each have slight variations on the same theme.

Now, take that one step further and consider that an RTP stream is just an RTP stream and doesn't have to conform to some traditional ringing sound. It could be beeping, or honking, or whatever you want. Screeching monkeys, did I hear you say? Oh yeah. But probably more useful is the ability to send music. Here is how to set it up in Asterisk. (BTW, this will work with SIP, IAX2, or PRI. Basically any of the cool signaling methods, but it won't work with analog POTS.)

First we set up a music on hold class which is our ring noise. This can contain any file you want, but since Asterisk will play it from the beginning each time, best to be something that sounds cool immediately. Or pull it up in Audacity and trim out your favorite 60 seconds.



Then in our dialplan we use it. First we play a message to the caller that we're trying to find the user, otherwise they might get confused as to why they are hearing music. Then we pass the "m" option to Dial which specifies our music on hold class. It's really as easy as that.


exten => s,1,Progress
exten => s,n,Playback(followme/pls-hold-while-try)
exten => s,n,Dial(SIP/you||m(ring1))


Bluefin Tuna

The BBC is reporting that the bluefin tuna fishery in the Mediterranean may soon be shut down. That would be a Good Thing™. For full details I recommend watching the Deep Crisis episode of Scientific American Frontiers with the adorable Alan Alda or listening to this episode of Science Friday. The gist of it is that Mediterranean fisherman are harvesting way too many tuna and unless we make a change, we're bound to do to tuna what we did to atlantic cod. You've heard of Cape Cod, right? Just try to find a cod there and you'll understand the consequences.

I've been mulling over an essay about wolves which fits in very nicely to this topic, but I think it's deserving of a much longer post so I'll hold my tongue until then. I will just say that to date we as humans have been very ignorant of our place in our ecosystem. Somehow we imagine that because we're intelligent, we're immune from changes we make to our environment. Sadly we've been grossly mistaken and unless we learn to treat our resources wisely and with respect, we may not have them much longer.


Ma Bell Innovates?

It appears that Qwest is adding some actual features to their phone service. The new service "allows users to see who’s calling their home phone, listen to voicemail, forward messages, manage their contacts and place a phone call." Actually sounds pretty cool. It's nice to see that a 800lb gorilla out there isn't just resting on its laurels. Still isn't enough to convince me to switch back though.



CNet is reporting that there is a crackdown on so called "scamware", software that tells you that something is wrong with your computer and thus you need to buy some software which they conveniently will sell to you. I think my wife ran into some of that today. She was looking for info on how to fix the rear wiper of our van (pop the cover and tighten the 10mm nut, if you were wondering). One of the sites popped up another that said she had some Win32 virus and she needed to install their anti-virus software. Well, since she was on an Ubuntu machine there was exactly 0% chance that she really had the virus, so something was definitely awry. No clue if that particular software is from the vendors that Washington state is targeting, but it sure was interesting to run across the story on the same day.


VoteGopher.com: Getting Down To The Real Issues

For a while now I've wanted to create a full list of all the political topics being debated and how the various candidates feel about them. See then I could rank them and come up with an algorithm to figure out who most aligns with my view. Luckily, I decided to google around first and I found somebody already did it: Vote Gopher.

Vote Gopher is a non-partisan site devoted to getting facts out, without any spin. I've only been browsing around for a few hours tonight but so far I'm impressed. I compared their candidate position statements with some I found at other places around the net and they appear to all agree, so from what I see their information is accurate. I've also been giving them a very critical eye regarding neutrality and thus far I see no reason to doubt them.

What I find most refreshing about the site is that it skips past all the mumbo jumbo and gets straight to the details. No more yammering about how old McCain is or whether Obama is wearing a US flag pin, as if those things really matter. The real questions are what will the next President do and they have extensive statements from each candidate on that.

So far I've found that I'm pretty split on both candidates. In fact, both candidates are surprisingly similar in many areas, such as stem cell research (both favor) or carbon cap-and-trade (both favor). What's nice is that generally the areas they agree on are the ones which align with my views (and I suspect most American's, hence the concensus).

Don't wait. Run over right now and sign up for an account. Start tallying up your issue votes and see who you really support.



My first day at the Utah Open Source Conference is just about done. I really need to get to bed so I don't fall asleep during my presentation tomorrow. That would be embarrassing. I only made it down at 6:30pm for the dinner and keynotes, which I'm glad I attended. Mac's talk was great and so was Paul's, although it did seem to drag on. Maybe that's because I needed to go to the bathroom. I also had a chance to visit with a few Linux newbies at my table, which is always fun. But the highlight of my day had to be meeting Harleypig. Thankfully, no speedos were involved.


The Truth Comes Out

I have long been a critic of many things our current government, as faithful readers are aware. I came across a very insightful interview with Michael Chertoff which I found both surprising and depressing.

The good news is that in some ways, Chertoff has some good ideas. For example,

The larger challenge -- and frankly one that is further out -- is to find a way to partner with the private sector to enable and encourage them with some to the capabilities that we have to increase their defensive capacities, but on a voluntary basis, meaning not making them do it or regulating them into doing it. But instead offering them the opportunity -- much the same in the non-cyber-world, we go to people who run power plants and dams and we share information and best practices that they can use to defend their own assets.

That's a great use of government resources. It's not in private industry's interest to make security a priority, since security is a cost with no immediate return. The government can fund research, encourage secure practices and require security. That makes us all better off and combines the advantages of legislation and free markets.

Next he addresses the recent hubbub about laptop seizures,

The only thing that happened recently is that I ordered the policy to be put online in the interests of openness and transparency. We get about 80 million people a year coming to our airports, and a very small number are put into secondary inspection and that's based on some suspicion that the inspector has about the person.

It is that pool of people in secondary that have their things gone through, they can have their luggage and documents gone through. And nowadays because you can bring contraband through on a laptop, they can have their laptop looked at.

If things are really as he describes, it really doesn't sound that outrageous. What I think is that the policy they posted is written poorly and doesn't indicate what's actually going on. So if this policy only applies to those who are suspected of something and therefore brought in for secondary screening, put that in the policy already! This whole flap would have been avoided.

Now, on for the more interesting bits. Wired asked him about the huge mess knows as the no-fly list. He says,

In the airport environments, supposing there is a terrorist Jim Smith and that person should be on the watch list, the question is how do you distinguish them from the other Jim Smiths and the answer is you need an additional bit of data, such as a birthday.

That would override or eliminate most false positives.

So the solution to a bloated list is to make the list even bigger? Mr. Chertoff, when you realize you're at the bottom of a 10 foot hole, the first thing to do is stop digging. There is no way that 1,000,000+ terrorists are walking around in this country just chomping at the bit for their chance to hop on an airplane and blow it up. It's not realistic. Given that 99% or more of that list is cruft, of course you're going to have false positives. That's all you're going to have and even in the off chance you find a bad guy, everybody will assume it's just another incorrect assessment. The whole no-fly list needs to be junked.

And then the shoe drops. He reveals the true motive for most of the "security" measures deployed of late.

If you stopped using the watch list and basically anybody could get on a plane without knowing their identity, sooner or later something would happen -- and people would lose their lives, and then there would be another 9/11 Commission and we'd hear about how you had this system and you would have kept them off and these people lost their loved ones on a plane.

Let me rephrase that for you. "If something happens, even if I had no way of actually preventing it, my butt is going to be dragged before Congress. I would rather inconvenience hundreds of millions of innocent people than risk that to happen. At least then I would be able to say I had 'done something'."

What we really lack here is a way to effectively measure how well security mechanisms are working because terrorist events are very rare. Between the time the World Trade Center was bombed the first time and when it was attacked on 9/11, we very well could have said "whatever it is we're doing, it must be working". Well clearly it wasn't but how would we know that? Chertoff even gives us a great example of this,

I don't know if they do it anymore, but when I was a kid we all had polio shots, and after a while, you just don't know anyone with polio. And the question was raised was, why are we taking these shots? There's not that much polio around. And one of the reasons there's not that much polio around is that everyone is getting inoculated.

It's very easy to measure whether a polio vaccine is working because it was so widespread and results were quickly available. It's simple to see that spending money on the polio vaccine is worth the money. The same is definitely not true of terrorism. We can spend billions (as we have) and still not know whether we've actually made a difference or not. That's money wasted for no appreciable amount of security, and that folks is the current motto for the Department of Homeland Security.


Recovering After a MySQL Replication Failure

I just solved a weird MySQL replication problem and thought I would share with you all. First, the background. I have a master and slave running with one-way replication. The slave just sits by waiting for his time to shine, but otherwise doesn't do anything. Well, last week the master had a problem with the filesystem. I can't recall exactly what it was, out of space or something. It confused the heck out of the master and so it basically shut down. One of my co-workers fixed the problem and got the master running again, but the slave was in a pickle. Here is the error it was showing:

Relay_Master_Log_File: mysql-bin.031
     Slave_IO_Running: Yes
    Slave_SQL_Running: No
           Last_errno: 0
           Last_error: Query 'DELETE FROM foo WHERE bar = 1' caused different errors on master and slave.
                       Error on master: 'Got error %d from table handler' (1030), Error on slave:
                       'no error' (0). Default database: 'baz'
  Exec_master_log_pos: 118871

Because it thought the command failed on the master, it refused to continue. I can't say it's an altogether bad plan since data integrity is generally the main theme of a database (yes, cue the jokes about my using MySQL in the first place). The question became, how do I get the slave to start up again. "SLAVE STOP; SLAVE START" didn't have any effect.

The trick was suggested to me by a post at mysql.com which pointed out a tool new to me, mysqlbinlog. See I figured the simplest thing would be to restart replication at the step just after the "failed" transaction, since I knew that transaction had actually succeeded. But I have no idea how the binlog counters work, so I couldn't just make up numbers. It's some kind of binary offset. Well, mysqlbinlog will show it to you.

# mysqlbinlog mysql-bin.031 -j 118871 |less

Which of course showed me this:

# at 118955
#080605 18:59:09 server id 1  log_pos 118955    Query   thread_id=3218  exec_time=0     error_code=0

So on my slave I restarted replication at offset 118955 and like magic, the slave ripped through the binlogs and caught up in practically no time at all.



Subscribe to zmonkey.org RSS Subscribe to zmonkey.org - All comments