Telium Support Group

Using the telnet interface to SecAst you can issue commands to communicate with Telium’s Fraud Database. (Use the ‘help frauddb’ command to see the exact syntax. ) For example:

SecAst>frauddb check 1234567890

Note that you must have a valid maintenance agreement in place to access the Fraud Database. If your maintenance agreement has expired then SecAst will continue to operate normally but without use of the Fraud Database.

There are several potential causes for this problem, but the most likely is that a switch somewhere between your PBX’s and your default gateway is not updating its ARP table. The ARP table associates your IP address with your MAC address, so it’s still trying to send traffic for the shared IP address to the old PBX’s MAC address (which is no longer active)

When sharing an IP you should configure HAAst to issue ‘ARP Updates’ every time the shared IP address moves. This is configured in the haast.conf file in the ‘voipnic’ stanza, with the ‘arpupdate ‘ key setting (set it to true). Once set to true, HAAst will broadcast to all switches, routers, etc. that the IP address has moved and is now associated with a new MAC address.

This setting solves the problem 99% of the time; however, your switch may be ignoring the update. This might happen for one of several reasons:

1. Switch Security Lockdown: To prevent malicious ARP attacks some switches have locked ARP tables. This means that the network administrator must allow the switch to accept ARP updates for the IP in question.
2. Switch Security Limits: Some switches limit the number of ARP updates to X per minute. If you are experimenting with failover you may have reached the security limit of your switch. Again, the network administrator has to allow more frequent ARP updates for that IP/MAC.
3. Buggy Switch Firmware: Some (particularly old HP or cheap no-name) switches do not handle ARP updates properly. The only solution is to update the switch firmware or look for a new switch.

If you are running HAAst in a cloud/hosting data center, it is common for the data center to lock down ARP tables to prevent malicious/misbehaving clients from affecting their general network. In such cases you will have to notify the data center admin of why you need to permit ARP updates, and possibly for which MAC/IP addresses. Most commercial data centers understand high availability and will have no problem accommodating your request.

Seeing a status from systemctl that the Asterisk service is dead is not necessarily a problem. Systemd reports on services it starts & stops; and since HAAst does not start/stop Asterisk through systemd it’s normal to see a message like this. More specifically, the Linux distro + FreePBX distro + Asterisk combination will report different status results for individual services. So seeing a systemctl status report that something is dead/not started/started may be misleading.

If you are sure that the Asterisk service should be stopped (based on the status of the peer), then we recommend paring back your environment to a single simple PBX (strip down the layers). This will let you trace the problem down to a single cause:

1. Disable HAAst layer
   1. Power down the remote PBX (peer). Now we’re working with only the local peer (less variables to check)
   2. Disable the haast service and reboot the local peer
   3. After reboot check if Asterisk is running
   4. Check the haast log to ensure it did not start
   5. If HAAst and Asterisk are stopped lets try operating on FreePBX directly. (Proceed to step 2)
   6. If you got here that means you forgot to disable automatic start of Asterisk/FreePBX as outlined in the installation guide.
2. Test FreePBX layer directly
   1. Start FreePBX with ‘fwconsole start’.
   2. Were there any warnings?
   3. Is Asterisk running normally?
   4. Now stop FreePBX with ‘fwconsole stop’
   5. Were there any warnings?
   6. Is Asterisk stopped?
   7. If you see FreePBX errors correct them and reboot the PBX and return to step 2A
   8. if you don’t see any errors then HAAst is having trouble controlling FreePBX. Check the ‘distribution’ setting in the haast.conf file
   9. If haast.conf settings are correct test the Asterisk layer directly
3. Test Asterisk layer directly
   1. Ensure the FreePBX service / start command is disabled as per the HAAst installation guide
   2. Reboot the PBX
   3. If asterisk is started that means you forgot to disable automatic start of Asterisk/FreePBX as outlined in the installation guide.
   4. Start and stop the asterisk service using ‘service’ or ‘systemctl’ commands appropriate for your distribution. Did this show an error?
   5. If you got to this point contact Telium support for assistance through SSH.

Most users find a FreePBX internal problem (eg: ) and upon resolution all works fine again. If you are new to FreePBX you will discover (google) that these types of problems are with FreePBX are well documented. FreePBX may fail to start, fail to stop, etc. which also blocks the Asterisk process from starting/stopping. There is nothing Telium/HAAst can do about this (i.e. FreePBX issue). But if you encounter symptoms as described in the original question then try this procedure to help diagnose the problem.

Telium can offer some suggestions on diagnosing such FreePBX issues but tracking down the cause of FreePBX error messages can be time consuming. Please note that other distributions such as xCALLY Motion do not encounter this type of problem.

Asterisk should not be running after a peer has switched to the standby state. This problem usually occurs if the wrong distribution number is selected in the [asterisk] stanza of haast.conf

Please ensure that you are using the correct distribution number in haast.conf. If you change the distribution number then you must restart the computer (since some poorly written configuration generators remain in an unstable state if not shut down the way they want to).

Yes – we have created tools which use the REST API/web interface of phones (and base stations) to force immediate re-registration following a failover of the cluster. This solution is implementation specific however (make and model of phone, where phone IP data is stored, etc), so please contact Telium professional services who can design a solution for your specific needs.

This tool should be placed into Asterisk post-start event handler (in HAAst), which will cause the nurse phones to immediately reconnect to the active peer following cluster failover.

You don’t mention if you are using a configuration generator (eg: xCally Motion, FreePBX, Elastix, etc), so I’ll provide two answers:

Using A Configuration Generator
If you are using a configuration generator, then the easiest way to setup synchronization is to copy the appropriate sample sync config files into your HAAst configuration directory. For example, if you are using xCALLY Motion then you will need both the basic Asterisk configuration synchronization, as well as the xCALLY Motion configuration synchronization. So copy the following files:

• asteriskconfig.sync.conf
• xcally_motion.sync.conf

from the sample_files/synchronizations directory to the /etc/xdg/telium/haast.conf.d directory and then restart HAAst. (Do so on both peers). Your files and databases will start to synchronize now. (If you are using some other configuration generator, just replace the xCALLY Motion file with the most appropriate sample for your configuration generator).

Using Only Asterisk
If you are not using a configuration generator (as is often the case with large Asterisk installations of 1000 or more phone sets), then the easiest way to setup synchronization is to use one or more sample synchronization files as a starting point. To being with, copy the following file:

• asteriskconfig.sync.conf

from the sample_files/synchronizations directory to the /etc/xdg/telium/haast.conf.d directory (on both peers) for basic synchronization of the /etc/asterisk folder contents, ASTdb, and voicemail. After that, have a look at the sample *.sync.conf files for ideas of what else you can sync.

Customizing The Data Sent To The Standby Peer
If you need to customize content that is synchronized in (eg: to modify the dialplan/trunks/tftp files/etc for the local machine) then have a look at the sample_files/events directory for sample sync.stop.post* files which demonstrate how to perform post-sync customization. You can copy any of these sample files to your /usr/local/haast/events directory to enable them, but be sure to edit each event handler to match your unique system and needs. Note that the name of the event handler file must match the name of the sync job in order to be associated as a related event handler. (e.g. sync job ‘mysql’ would look for a file called ‘sync.stop.post.mysql’ to be linked as the post-sync event handler).

HAAst is load tested to approximately 50 call setups per second (3000 call setups per minute) – so that should not be a problem. The constraint will most likely be the hardware upon which you run Asterisk. HAAst is written entirely in C++ and CPU requirements are generally very low. If in doubt conduct a HAAst trial and monitor CPU load and memory utilization to determine how many setups per minute your hardware can handle.

If you need assistance determining the call volume capacity of your hardware please contact Telium support for assistance.

You are welcome to download the latest software from the Telium website, and overwrite your installation. Please be sure to carefully compare the included config file to check for changes in stanzas, key names, new keys, etc.

If you are running the Free Edition the new software will work immediately. If you have an active maintenance agreement then the upgrade will work as well.

However, if your maintenance agreement has expired then the upgrade will revert to the Free Edition. Since you cannot extend a maintenance agreement that has expired you would have to purchase a new license.

If your maintenance agreement is still active then you can extend it for as long as you like (purchased in 1 year increments from the BUY tab on the Telium web site).