One Less Asterisk & Poo Cloud
What’s changed in a month? My home network, things with the server, my current favorite distro, my income situation, and probably other junk.
So I got on here a little bit ago to write this long delayed post; but I had a problem. My server was holding 1.00 load with nothing using the CPU. To make matters worse, it was only getting worse the more I picked at it. It literally got to the point where ssh wasn’t responding and neither was tty1 on my XO interface. I issued a hard-reboot from XO; and it booted right back up with a 1.0 solid load. So…I made a couple of changes.
- disabled Asterisk
- disabled wireguard
- disabled associated scripts
I’m not sure what in that chain combined with a healthy round of updates did it. Needless to say; it’s back to normal.
The Asterisk being disabled is not a huge deal. To a degree, it served it’s purpose. I have no current interest in accessing my PBX from the outside, which was it’s original intention. I didn’t want to open 5060 at home; so I was going to somehow trunk back. For the last few months, it’s basically been directing all incoming calls back down an IAX trunk to home. So…the DID now just redirects to home PBX where I just mimic’d the behavior.
It’s called the PooCloud because it’s a bunch of old shit. For a while I tossed around the idea of running pfSense; I just didn’t want to do it in a VM as I felt that probably was just asking for trouble. Well, things changed recently when I discovered two things. First, Verizon finally activated IPv6 in my area. The second is that SIP ALG was hard-coded in to Verizon’s shitty router. This causes problems if you’re trying to pass SIP directly through the thing. To be honest, I’m surprised the SIP trunk even worked. SIP ALG on the Verizon router is so horribly broken when trying to do standard phone SIP over it. The IPv6 behavior was also equally as stupid. I get issued a /56; the router only issued a /64. On top of that….you couldn’t open ports to hosts on v6, just pinholes. Pinholes required a destination and source address.
Okay, nope. Bye.
So I started pieceing together another system out of the remaining servers I had. I ultimately wound up with a quad core Xeon w/ 16gb ram on some Intel server board. I slapped a dual-port card to bring it up to four interfaces. So…I went through the hassle of reworking all my network organization and now run pfSense in that VM. It was quite the learning curve. pfSense pretty much taught me I knew nothing about firewalls. From having to make all kinds of rules just to get to interfaces on a bridge to talk; to figuring out how to create port-forward rules based on source IPs. It was kind of fun.
But I still had this problem that I needed something to run the Jitsi. So guess what? The 11th gen Celeron NUC/miniPC became a Xen host. I swapped it out for my other one, which had the dual ram slots I thought the other had. It took some dicking with xcp-ng to get it installed; but it does at least have two SSDs. It…gets the job done.
Oh…but that’s not all. The third Xen host shouldn’t even exist. It’s an old HP quad-core Pentium N3710 laptop. 8 gigs of DDR3, 240gb SSD, and a whopping two extra fans for an undetermined percentage extra fans…becuase 2 more than 0 comes out to 0% because of multiplcation by 0 and junk. It’s also got a 100mbit port.
The old HP does come in handy for running the low-resource stuff; Asterisk, PiHole, and XenOrchestra (from sources). The NUC primarily runs the nginx/jitsi VM as well as any “lab” stuff I’m spinning up. The one running pfsense…primarily runs pfsense. I really should run that bare-metal; but I do have a couple of other things on that host. Torrent box as well as a simple network bridge. I bridged in a small VM rather than pfSense because….I could hear jitter when refreshing the firewall rules.
I’ve been using Ubuntu since apparently sometime around their first release. It was sometime around 2005 when I fired it up on an old iMac and, for the first time, had two systems side-by-side. It really helped me figure out things I “didn’t have time” for in the past for the sake of getting a machine on.
But, I’ve left it. I’d gotten annoyed at some of the stuff they’d been doing with the server install and the live CD was pretty much the last straw.
So…I started playing around with Alpine. I enjoyed it so much it’s pretty much replaced all my VMs here.
Okay….I think I’ve beaten the insomnia. I’d planned to write more..and in detail…but PowerShell Terminal is doing this funky thing with the screen going crazy every time I scroll off screen…or newline..or anything. Plus I spent longer than I thought trying to fix the server. I’ll probably delete this tomorrow and rewrite it.Posted on: 29-OCT-2022