Home › Forums › HAast (High Availability for Asterisk) › Configuration & Optimization › How to configure AWS based cluster for shared VoIP NIC
-
AuthorPosts
-
I want to setup my cluster to run on AWS Lightsail in the same AWS region. I’m new to AWS but have a reasonable understanding of networking. Will you set this up for me, or tell me how to do it? I want to share a single VoIP IP address between nodes.
First of all, AWS Lightsail has hidden access to some features that you will need to make this work, so you will instead need to setup a couple of EC2 instances. Since you want to share a VoIP NIC (shared IP) between nodes, your two nodes must reside in the same region but can reside in different Availability Zones (AZ’s).
Since (in most configurations) each node will have two IP addresses, and each address cannot be in the same subnet as the other (basic routing limitation), you must create 2 subnets within your VPC. If you want your two nodes to reside in separate AZ’s, then you will have to create 2 subnets per AZ (since subnets cannot span AZ’s). You might have to manually ad private IP(s) to NIC(s) in Linux depending on your design. You must then setup a security group encompassing both nodes, which allows SSH traffic into the management IP, and VoIP traffic in/out of the VoIP IP.
And finally you have some choices around how many NIC’s and public addresses your want in your setup. The more you want, the more complex the setup. We have created four basic designs you can chose from (but there are more):
- Dual NIC, Dual public IP
- Single NIC, Dual public IP
- Dual NIC, Dual Private IP, Single public IP
- Single NIC, Single Private IP, Single public IP.
The first option is the one we normally implement as it is easy to manage, separates traffic across NIC based on traffic type, avoid loss of management connection in case of VoIP IP issues, etc. But this is also the hardest to implement for AWS EC2 novices. As well, setting up routing rules can be a challenge for someone who doesn’t do network management as part of their job. We also prefer only a single VoIP IP (not dual public VoIP IP’s).
The fourth option is by far the simplest (almost trivial) to setup and you won’t have to worry about routing rules, but you will NOT have external access to the management IP’s of your nodes. To work around this you would either have to create a VPN into your VPC, or setup a third host whose sole purpose is to allow SSH relay to the internal hosts (management IP’s). We can also swap public IP’s between nodes if this makes life easier – to ensure continued direct external access to both nodes (but this is painful to use during setup).
Here’s an overview of the four designs:
1. Dual NIC, Dual public IP
2. Single NIC, Dual public IP
3. Dual NIC, Dual Private IP, Single public IP
4. Single NIC, Single Private IP, Single public IP
The above is a general guideline, not a detailed instruction manual on how to use and setup AWS, nor is it an instruction manual on networking. Setup and configuration of multi-homed networks is where most users get stuck. The Telium support group can offer assistance for specific problems, but we cannot offer instructions on the basics of networks, multi-homing, routes, ARP, AWS EC2, EIP, ENI, etc.
Keep in mind that the support team can help you install HAAst on top of your platform, but you need to have a working Asterisk/FreePBX implementation with properly configured networks before Telium support staff can begin. (As a matter of policy Telium support staff cannot change NIC configurations, routes, rules, etc. on your nodes)
-
AuthorPosts
- You must be logged in to reply to this topic.