Sunday, December 28, 2008

Adding Speex codec on Asterisk Installation

During the installation before compiling asterisk (this can be done after dadhi and libpri) download the souce of speex from into /usr/src/

The installation is quite simple:

tar -xzvf speex-1.2rc1.tar.gz
cd speex-1.2rc1
./configure --prefix=/usr
make install
cd ..

Friday, December 26, 2008

Dadhi installation

New asterisk install, this time zaptel is replaced by dahdi. The installation is quite simple just download the files from on /usr/src, untar files and run the following:

cd /usr/src/dahdi-linux-
make clean
make install

cd /usr/src/dahdi-tools-
make install
make config

Two files to check /etc/dahdi/system.conf and /etc/dahdi/init.conf. On the fist one change zone to UK.

After this as I am not running any voice hardware you can run:

modprobe dadhi
modprobe dadhi-dummy

And a lsmod | more will show the following output:

Module Size Used by
dahdi_dummy 5224 0
dahdi 186280 1 dahdi_dummy

Dadhi README notes available at:

Thursday, December 25, 2008

Error on Cisco 805 boot (boot#..)

I use a small Cisco 805 as dhcp server in my house. After a power failure the system started with the following prompt:

user@user-desktop:~$ minicom

Welcome to minicom 2.3-rc1

Compiled on Dec 10 2007, 10:36:19.
Port /dev/ttyS0

Press CTRL-A Z for help on special keys

TinyROM version 1.4(1)
19:37 11/07/00
Copyright (c) 1998-2000 by cisco Systems, Inc.
All rights reserved.

POST .............. OK. 16MB DRAM, 12MB Flash.


Honestly don't know what this is and the commands available were:

boot# help
boot Execute image or CLI command script.
delete Deletes file-name from flash (8th delete is permanent).
disable Disable privileged commands.
echo Display arguments (to test CLI behavior).
enable Enable privileged or debug commands.
erase Erase deleted and invalid files from flash.
help Display help for command (* for all).
list List files currently in ram and saved in flash.
load Load saved boot environment from flash.
passwd Set or change the ROM password.
reset Reset console port to current parameters.
set Set boot environment values.
save Save boot environment or loaded file to flash.
show Show current or saved boot environment.
upload Load image or configuration data into RAM.
undelete Undelete file-name (maximum of 8 deletes & undeletes).

Luckily googling around I found this page from cisco: that shows what to do to recover the system.

The command "set" will show the device config and which file it will be use to boot. The output of the set command show that I didn't have any boot image.

boot# set
set baud =9600
set data-bits =8
set parity =none
set stop-bits =1
set console-flags =0
set mac-address =000B.BE48.D887
set unit-ip =
set serv-ip =
set netmask =
set gate-ip =
set pkt-timeout =4
set tftp-timeout =16
set boot-action =none
set file-name =""
set watchdog =off
set prompt ="boot"
set ios-conf =0xA0

The second command to use is "list" that shows what you have saved on the ROM. I could find the ios image preset to boot from. Using the "set" command you configure the router to boot using the cisco image like follows:

boot# list
Status Size Dev Name
------ 48K flash TinyROM-1.4(1)
---r-- 911 flash full-config
---r-x 7529K flash c805-xxxx-5.bin
4480K free 12288K total

The list showed the c805-xxxx.bin being present, using set I change the boot-action and file-name settings:

boot# set boot-action=flash
boot# set file-name="c805-xxxx-5.bin

Once done just use the "save" command to (guess...) save the configuration and finally "boot" to load the ios into memory.

boot# save
save: succeeded (0 seconds).
boot# boot
Accessing flash:c805-xxxx-5.bin

Booting "c805-xxxx-5.bin" ...,

After the "Booting c805......" message the system starts as normal.

Monday, December 01, 2008

H.323 delay in outbound dialling

Last week users reported a long delay when dialling out from their SIP extensions. My setup is quite simple.

Avaya PBX connected to the outside world - H323 Trunk to Asterisk - Asterisk connected to SIP users using softphones from their macs/linux laptops (all this because Avaya don't have a decent softphone for macs/linux yet).

The logs for a few test calls showed a 60+ seconds delay from the time the call was dialled to the time the call was placed over the H323 ip trunk between Avaya and Asterisk.

After checking that it was not a sip problem, dialling problem, h323 trunk problem by checking logs, tcpdump, avaya trunk side, etc. I concluded the problem was on the h323 setup on Asterisk.

Googling around I found only 1 case of a user asking on the asterisk user list about a similar problem and that he fixed the problem by "disable h323 srv lookups".

I honestly didn't have about srv-enum-etc but helped me find out the problem. My DNS was not resolving any request because it was down. It didn't matter that on /etc/resolve.conf I had 4 dns entries, the first one was down and it was enough to stop this.

It seems h323 does a srv lookup for enum information before dialing out and possible it can be disabled. I couldn't find how unfortunately so to fix this I had to point the box to another dns server on my network. Once this was done all starting working again.

Just in case I am copying some logs of what I was seeing when the problem was present.

[Nov 28 15:34:09] VERBOSE[10584] logger.c: -- Executing [myavayaextension@default:1] Dial("SIP/myasteriskextension-081b5bc8", "H323/myavayaextension@Avaya") in new stack
[Nov 28 15:34:09] VERBOSE[10584] logger.c: -- Requested transfer capability: 0x00 - SPEECH
------------------- 64 seconds delay -----------------
[Nov 28 15:35:13] VERBOSE[10584] logger.c: -- Called myavayaextension@Avaya
[Nov 28 15:35:13] VERBOSE[10584] logger.c: -- H323/Avaya-31 is making progress passing it to SIP/myasteriskextension-081b5bc8
[Nov 28 15:35:13] VERBOSE[10584] logger.c: -- H323/Avaya-31 is ringing
[Nov 28 15:35:17] VERBOSE[10584] logger.c: -- H323/Avaya-31 answered SIP/myasteriskextension-081b5bc8
[Nov 28 15:35:18] VERBOSE[10584] logger.c: == Spawn extension (default, myavayaextension, 1) exited non-zero on 'SIP/myasteriskextension-081b5bc8'

[Nov 28 15:19:52] VERBOSE[10551] logger.c: -- Executing [myavayaextension@default:1] Dial("SIP/myasteriskextension-081b5bc8", "H323/myavayaextension@Avaya") in new stack
[Nov 28 15:19:52] DEBUG[10551] chan_h323.c: type=H323, format=8, data=myavayaextension@Avaya.
[Nov 28 15:19:52] DEBUG[10551] chan_h323.c: Extension: myavayaextensionHost: Avaya
[Nov 28 15:19:52] DEBUG[10551] chan_h323.c: Calling to myavayaextension@Avaya on H323/Avaya-30
[Nov 28 15:19:52] VERBOSE[10551] logger.c: -- Requested transfer capability: 0x00 - SPEECH
[Nov 28 15:19:52] DEBUG[10551] chan_h323.c: Placing outgoing call to myavayaextension@, 101
[Nov 28 15:19:52] VERBOSE[10551] logger.c: -- Making call to myavayaextension@ without gatekeeper.
[Nov 28 15:19:52] VERBOSE[10551] logger.c: Using for outbound call
------------------- 64 seconds delay -----------------
[Nov 28 15:20:56] VERBOSE[10551] logger.c: == New H.323 Connection created.
[Nov 28 15:20:56] VERBOSE[10551] logger.c: -- root is calling host myavayaextension@
[Nov 28 15:20:56] VERBOSE[10551] logger.c: -- Call token is ip$localhost/9446
[Nov 28 15:20:56] VERBOSE[10551] logger.c: -- Call reference is 9446
[Nov 28 15:20:56] VERBOSE[10551] logger.c: -- DTMF Payload is [pt=101]
[Nov 28 15:20:56] VERBOSE[10551] logger.c: -- Called myavayaextension@Avaya

myavayaextension = my 5 digit extension on the avaya pbx.

Sunday, June 15, 2008

Start asterisk on boot

I always forget how to start asterisk manually. The steps after installation are:

myserver:/etc/init.d# cp /usr/src/asterisk-1.4.21/contrib/init.d/rc.debian.asterisk /etc/init.d/asterisk

myserver:/etc/init.d# cd /etc/init.d/

myserver:/etc/init.d# ls asterisk

myserver:/etc/init.d# chmod 755 asterisk

myserver:/etc/init.d# update-rc.d asterisk defaults
Adding system startup for /etc/init.d/asterisk ...
/etc/rc0.d/K20asterisk -> ../init.d/asterisk
/etc/rc1.d/K20asterisk -> ../init.d/asterisk
/etc/rc6.d/K20asterisk -> ../init.d/asterisk
/etc/rc2.d/S20asterisk -> ../init.d/asterisk
/etc/rc3.d/S20asterisk -> ../init.d/asterisk
/etc/rc4.d/S20asterisk -> ../init.d/asterisk
/etc/rc5.d/S20asterisk -> ../init.d/asterisk


Private network with Ubuntu and Cisco router as dhcp server

I share my internet connection at my house and I wanted to set up my own network to connect my laptops with the desktops. Using the wireless was not the best option to transfer large files between systems therefore I set up a small network.

The "house" network is on the and connects to the internet, my private network is on the The devices are connected through a 10/100 switch and except one PC the ip are set by a dhcp server (I don't have more than 5 pcs at the time).

My main pc is an Ubuntu desktop with 2 network cards.
wlan0 - connects to the internet through a wireless router. Uses network
eth0 - ethernet card to use on my private network. Uses network

First check your iptables.. run the command iptables -L

user@pc:~$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

This shows the table is empty. Now to enable internet sharing on the Desktop PC I run the following rules:

$sudo iptables -A FORWARD -i wlan0 -o eth0 -s -m state --state NEW -j ACCEPT
$sudo iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
$sudo iptables -A POSTROUTING -t nat -j MASQUERADE

rule1 allows forwarded packets (initial ones)
rule2 allows forwarding of established connection packets (and those related to ones that started)
rule3 does the NAT

Running iptables -L now shows the following:

user@pc:/home$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere state NEW
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

This change is only valid until next reboot, therefore we need to make it permanent. Read the links at the of this post but what I did was the following.

a. First save the current configuration on a local file by running:

sudo sh -c "iptables-save > /home//iptables.rules" 

Many post I read suggest saving the file on /etc/iptables.rules but in my case the file was not being saved at all. Checking logs I found messages of "permission denied" when the system was trying to save the file therefore I used my own directory that I guess is not the best option regarding security.

Another note found was that this process was done on every shutdown. I my case I did it once and will use the same file for every reboot. If I need to change something I will do it live and save the file again.

b. Second set a small script to load the file save with the iptables configuration on boot. This can be done by creating a little shell on the /etc/network/if-pre-up.d directory named iptaload.

user@pc:/etc/network/if-pre-up.d$ ls -l
-rwxr-xr-x 1 root root 65 2009-01-06 20:46 iptaload

The file iptload reads as follows:

user@pc:/etc/network/if-pre-up.d$ more iptaload
iptables-restore < /home//iptables.rules
exit 0

Now at this stage you changed your iptables and should work on every reboot.

Next configure the gateway for routing between two interfaces by enabling IP forwarding. First check the current state using:

cat /proc/sys/net/ipv4/ip_forward

It will show either a 0 or a 1 where:


If the value is 0 to enable it run the following command:

sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"

Many webpages mention that to make the above change permanent you need to edit /etc/sysctl.conf and add these lines:


And run the command:

sudo sysctl -p

That gives the following output:

user@pc:~$ sudo sysctl -p
kernel.printk = 4 4 1 7
kernel.maps_protect = 1
fs.inotify.max_user_watches = 524288
vm.mmap_min_addr = 65536
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1

You should now see new forward state using cat /proc/sys/net/ipv4/ip_forward and the change should persist after reboot but the sysctl -p didn't work on my case.

Again another trick, I edited the /etc/rc.local file to execute the change of the ip_forward value on boot. Some people run this with cron every x minutes.. don't know why so often. The rc.local file looks as follows:

user@pc:/etc$ more rc.local
#!/bin/sh -e

sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
exit 0

At this stage you should have a pc that can forward packets from your eth0 that is the private network to your wlan0 that is the "public" network, but remember that your pc does not do DHCP or DNS (at least mine, you can set that up too) so I also set up a DHCP server on an old Cisco 805 router, set the IP of the router to and added a dhcp server config as follows:

ip dhcp excluded-address
ip dhcp excluded-address
ip dhcp pool mynetwork

Where is the ip of my Ubuntu PC and is the ip assigned to the Cisco router.

Why use the Cisco switch? Is it really necessary? No it is not. I know that the ubuntu desktop could also be the dhcp server, and dns server or forward the dns setup of my isp but this gives me a reason to start playing with cisco routers. Next plan is to connect it to a 1700, a pc on that end access the internet from it.

The following link - where I copied this from - shows the step mentioned above and gives more examples and a better explanation about it:


Tuesday, May 06, 2008

Cisco Switch 3500XL: password recovery

I found one Cisco Catalyst 3500 XL on the storage room, haven't been used for a while therefore we will play with it. After reboot I noticed it has a password (as it should) on it so the first step is to change it (I am sure the networking guys would not mind :) )

The process is as follows:
Cisco official information:

My notes:
Turn on the power of the Catalyst 3500XL while pressing the "MODE" button. Wait until the light on port 1 is off (and the rest still on). You should see the following information:

C3500XL Boot Loader (C3500-HBOOT-M) Version 12.0(5.2)XU, MAINTENANCE INTERIM SOF
Compiled Mon 17-Jul-00 18:42 by ayounes
Base ethernet MAC Address: 00:04:c1:c4:ed:10
Xmodem file system is available.

The system has been interrupted prior to initializing the
flash filesystem. The following commands will initialize
the flash filesystem, and finish loading the operating
system software:


switch: flash_init --------------> run the "flash_init" command
Initializing Flash...
flashfs[0]: 112 files, 3 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 3612672
flashfs[0]: Bytes used: 2776576
flashfs[0]: Bytes available: 836096
flashfs[0]: flashfs fsck took 3 seconds.
...done Initializing Flash.
Boot Sector Filesystem (bs:) installed, fsid: 3
Parameter Block Filesystem (pb:) installed, fsid: 4
switch: load_helper --------------> run the "load_helper" command
switch: dir flash: --------------> run the "dir flash:" command (colon included)
Directory of flash:/

2 -rwx 1645807 c3500XL-c3h2s-mz-120.5.2-XU.bin ----> current image loaded
3 -rwx 94680 c3500XL-diag-mz-120.5.2-XU
4 drwx 6784 html
111 -rwx 272 env_vars
112 -rwx 1020 vlan.dat
114 -rwx 25 snmpengineid
115 -rwx 5606 config.txt
116 -rwx 3436 config.text ----> configuration file loaded

836096 bytes available (2776576 bytes used)
switch: rename flash:config.text flash:config.old -----------> backup the current configuration file
switch: dir flash:
Directory of flash:/

2 -rwx 1645807 c3500XL-c3h2s-mz-120.5.2-XU.bin
3 -rwx 94680 c3500XL-diag-mz-120.5.2-XU
4 drwx 6784 html
111 -rwx 272 env_vars
112 -rwx 1020 vlan.dat
114 -rwx 25 snmpengineid
115 -rwx 5606 config.txt
116 -rwx 3436 config.old

836096 bytes available (2776576 bytes used)

switch: boot -----------> run the "boot" to initialize the system. The image will be loaded but no configuration file will be found forcing the system to enter into setup mode.

Loading "flash:c3500XL-c3h2s-mz-120.5.2-XU.bin"...##############################

File "flash:c3500XL-c3h2s-mz-120.5.2-XU.bin" uncompressed and installed, entry p
oint: 0x3000

Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706

Cisco Internetwork Operating System Software
IOS (tm) C3500XL Software (C3500XL-C3H2S-M), Vers
Copyright (c) 1986-2000 by cisco Systems, Inc.
Compiled Mon 17-Jul-00 18:29 by ayounes
Image text-base: 0x00003000, data-base: 0x00301F3C

Initializing C3500XL flash...
flashfs[1]: 112 files, 3 directories
flashfs[1]: 0 orphaned files, 0 orphaned directories
flashfs[1]: Total bytes: 3612672
flashfs[1]: Bytes used: 2776576
flashfs[1]: Bytes available: 836096
flashfs[1]: flashfs fsck took 3 seconds.
flashfs[1]: Initialization complete.
...done Initializing C3500XL flash.
C3500XL POST: System Board Tes
C3500XL POST: Daughter Card Test: Passed
C3500XL POST: CPU Buffer Test: Passed
C3500XL POST: CPU Notify RAM Test: Passed
C3500XL POST: CPU Interface Test: Passed
C3500XL POST: Testing Switch Core: Passed
C3500XL POST: Testing Buffer Table: Passed
C3500XL POST: Data Buffer Test: Passed
C3500XL POST: Configuring Switch Parameters: Passed
C3500XL POST: Ethernet Controller Test: Passed
C3500XL POST: MII Test: Passed
cisco WS-C3548-XL (PowerPC403) processor (revision 0x01) with 16384K/1024K bytes
of memory.
Processor board ID XXXHNNHHXXX, with hardware revision 0x00
Last reset from power-on

Processor is running Enterprise Edition Software
Cluster command switch capable
Cluster member switch capable
48 FastEthernet/IEEE 802.3 interface(s)
2 Gigabit Ethernet/IEEE 802.3 interface(s)

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:04:c1:c4:ed:10
Motherboard assembly number: 73-3903-07
Power supply part number: 34-0971-01
Motherboard serial number: XXXNNNNNXXX
Motherboard serial number: XXXNNNNNXXX
Model revision number: A0
Motherboard revision number: B0
Model number: WS-C3548-XL-EN
System serial number: XXXHNNHHXXX
C3500XL INIT: Complete

00:00:34: %SYS-5-RESTART: System restarted --
Cisco Internetwork Operating System Software
IOS (tm) C3500XL Software (C3500XL-C3H2S-M), Version 12.0(5.2)XU, MAINTENANCE IN
Copyright (c) 1986-2000 by cisco Systems, Inc.
Compiled Mon 17-Jul-00 18:29 by ayounes

--- System Configuration Dialog ---

At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.

Continue with configuration dialog? [yes/no]: n -----------> Enter "n" to not use the configuration dialog
Press RETURN to get started. -----------> PRESS ENTER

Switch>enable -----------> Run the "enable" command to go into Privileged mode.
Switch#dir flash: -----------> Check the flash to see the "config.old" file is there.
Directory of flash:/

2 -rwx 1645807 Jul 18 2000 01:47:40 c3500XL-c3h2s-mz-120.5.2-XU.bin
3 -rwx 94680 Jul 18 2000 01:47:40 c3500XL-diag-mz-120.5.2-XU
4 drwx 6784 Jul 18 2000 01:47:41 html
111 -rwx 272 Jan 01 1970 00:00:21 env_vars
112 -rwx 1020 Mar 08 1993 04:11:03 vlan.dat
114 -rwx 25 Mar 17 2005 13:29:07 snmpengineid
115 -rwx 5606 Mar 01 1993 00:39:03 config.txt
116 -rwx 3436 Mar 08 1993 02:48:59 config.old

3612672 bytes total (836096 bytes free)
Switch#rename flash:config.old flash:config.text -----------> Restore the config.old to config.text
Destination filename [config.text]? -----------> PRESS ENTER

Switch#rename flash:config.old flash:config.text
Destination filename [config.text]?
Switch#copy flash:config.text system:running-config -----------> Copy the configuration file into memory
Destination filename [running-config]? -----------> PRESS ENTER

Switch# -----------> At this point you can run a "show running" command to check the configuration of the switch

witch#config t -----------> Enter the "config t" command to enter the configuration global mode.
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#enable secret secret -----------> change the enable password
Switch(config)#enable password password -----------> change the password password
Switch(config)#line vty 0 15 -----------> change the telnet password
Switch(config-line)#password telnet
Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#line con 0
Switch(config-line)#password console -----------> change the console password
Switch#write memory -----------> Save configuration into memory
Building configuration...

Done, reboot the switch and now you have full access.

Cisco Routers - Basic notes

I am playing with Cisco routers now, this are be my notes:

Internal Components:
  • RAM. Random access memory. This is the working buffer memory.
  • ROM. Read only memory. contains bootstrap process and basic (most of times) IOS for basic functionality (as recover password)
  • FLASH MEMORY. Stores full image of IOS.--
  • NVRAN. non valitle RAM. Does not loose power when turn off.
  • - start up configuration file

Boot process:
  • a. Power on
  • b. Power on Self Test (POST) (check memory, and cards).
  • c. bootstrap from ROM
  • d. looks in FLASH for IOS
  • e. loads the IOS into RAM from FLASH
  • f. IOS looks for configuration in NVRAM
  • f.1 If found it load the IOS into FLASH Memory
  • f.2 If not found executes teh auto setup mode (menu driven system).

router> ----> user mode (show config, telnet, basic)
router# ----> priviliged mode (show commands, pings, save config, backup)
router(config)# ----> global configuraiton mode (configuration interfaces, security, hostname)
Control - Z is to move from global configuration mode to priviliged mode.

console port password -----> line con 0
auxiliary port password ---> line aux 0
telnet password -----------> line vty 0 4

Set up a passwords:
On the glboal configuration mode run the following commands to set up a password for the enable command:

router(config)# enable password xxxxxxxxxxx (sets the password but it is shown on screen)
router(config)# enable secret xxxxxxxxxxxxx (sets an encrypted enable password, once secret is enabled password by itself don't work anymore)

To set up password for different access:

router(config)#line console 0 | line auxiliary 0 | line vty 0 4
router(config-line)# login (to ask for prompt)
router(config-line)# password xxxxxxxxxxxxx (to set up the passwod)

To encrypt all passwords runt the following command:
router(config)service password-encryption

To set up a banner:
router(config)#banner motd $ message message message $
(Note $ is the delimeter and can be anything, just check to have spaces at the end and beginning)

Setting up an IP on an ehternet port:
A show running-config shows that I have one fastethernet port not configured, set as:
interface FastEthernet0
no ip address
speed auto

I will change it to:

interface FastEthernet0
no ip address
speed auto

To do this run:

1721-router#config t ---------> to enter global configuraiton mode
Enter configuration commands, one per line. End with CNTL/Z.
1721-router(config)#interface f0 ----> to enter configuration of fastethernet 0
1721-router(config-if)#ip address
1721-router(config-if)#no shutdown ----> to activate
*Mar 1 07:56:30.838: %LINK-3-UPDOWN: Interface FastEthernet0, changed state top ----> that means I have physical connectivity
*Mar 1 07:56:31.838: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEther,change to up ------> shows I have encapsulation. Connections to another host.
1721-router#ping ----> to test that is working I ping a pc on the network
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to, timeout is 2 seconds:
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/1 ms

To save the configuration:
router#copy running-config start-config ----> for IOS version 12 and above
router#write memmory ---------> before IOS version 12

1721-router#copy run star
Destination filename [startup-config]?
Building configuration...

To backup config:
router#copy run tftp --> this copy the running configuration TO the tftp server (will ask for details)
router#copy tftp run/start --> this copy the running configuration FROM the tftp server (will ask for details)

my passwords:
enable password/secret
console console
aux aux
telnet1-4 telnet
telnet0 telnet0

Sunday, May 04, 2008

Notes on my D-Link DWL-G520+ with Ubuntu 8.04

Don't recall how I install the board, I think that I just plug it in and Ubuntu did it's magic (long gone the days of having to install modules, recompile kernels, etc).

So the board was recognized but when I tried to log into my wireless network my pc froze, halted, stop working, didn't answer, etc. . The process was quite simple, turn on the pc and on the nm-applet select the essid of my home network. Enter the key or passphrase and done.

The problem starts at this moment, the pc is complete frozen. No mouse, ctrl-alt-backspace, ast-f1/f9, ssh to it, nothing.. no response at all. Therefore the next step was to unplug it and start again but after the 3rd attempt it was obvious that there was a problem somewhere.

My guess is that the nm-applet is trying to execute itself without sudo therefore a pop up asking for the password should appear but that never happened and the pc goes into frozen mode waiting for somebody/something to enter the sudo password to continue. (at least that is my theory). To go around this what I did was to add the details manually on the configuration file. The steps are below:

The D-Link DWL-G520+ is recoganized as follows:
richard:/etc/network$ lspci
05:09.0 Network controller: Texas Instruments ACX 111 54Mbps Wireless Interface
40:00.0 Ethernet controller: Broadcom Corporation NetXtreme BCM5751 Gigabit Ethernet PCI Express (rev 01)

on /etc/network/interfaces you enter the following settings for your wlan0.

richard:/etc/network$ more interfaces
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static

auto wlan0
iface wlan0 inet dhcp

Finally you restart you network devices:

sudo /etc/init.d/networking restart

and done.. that connects you to your home wireless network. (forget about the eht0, that is for something else).

If somebody reads this, follow it as last resource. Google quite a lot first and when you find the correct solution let me know.

good luck.

Tips to register to freenode irc (ubuntu and asterisk)

Notes from

1. Join the Freenode network. Open your favorite IRC client and type:

2. Idintfiy your nick.
/msg NickServ IDENTIFY

3. Change your user name to the user name you have chosen. Suppose you chose the nick "rocketship". Type the following in the window titled Freenode:
/nick rocketship

4. Register your nick or user name. Type the following command and replace "your_password" with a password that will be easy to remember.
/msg nickserv register your_password

5. Associate a valid email address with your user name. This step is important because it will allow you to assign a new password in case you forget the current one. Type the following:
/msg nickserv set email your-email

If you want your email address to remain private, use the following command:
/msg nickserv set hide email on

6. Register an alternate nickname using the same password. If you would like to register an alternate nickname, repeat the same procedure, using steps 2 to 4.

7. Link your two user names. This will make your two nicknames function as one in various ways. For example, you will not have to sign in each time you wish to change your nickname. Many people change their nicknames to a variant that indicates that they are absent. The linked nicknames will also share memos (messages sent through MemoServ), access to channels, etc. Type the following, when you are using your secondary nickname:
/msg nickserv link your_primary_nick your_password

8. Identify with Nickserv. Each time you connect, you should sign in, or "identify" yourself, using the following command:
/msg nickserv identify your_password


Sunday, April 27, 2008

How to Play Encrypted DVDs in Hardy

In order to play DVDs you need to install the Medibuntu Repository and a couple of packages.

This will add the Medibuntu repository to your repository lists
In a terminal type:
sudo wget -O /etc/apt/sources.list.d/medibuntu.list

Then you have to add the GPG Key to authentic the packages
In a terminal type:
wget -q -O- | sudo apt-key add -

Now update your system to load the Medibuntu repository into your apt-get sources
sudo apt-get update

Download the DVDs playback packages
In a terminal type:
sudo apt-get install libdvdcss2 libdvdread3

Friday, April 25, 2008

Read usb pen drive on ubuntu server

Insert pen drive and cehck the file below to see how the USB stick is being recognized:

sudo vi /var/log/messages

Apr 25 17:46:29 lmnuknet03 kernel: [19465.773928] usb 4-5: new high speed USB device using ehci_hcd and address 2
Apr 25 17:46:29 lmnuknet03 kernel: [19465.927909] usb 4-5: configuration #1 chosen from 1 choice
Apr 25 17:46:29 lmnuknet03 kernel: [19465.993713] usbcore: registered new interface driver libusual
Apr 25 17:46:29 lmnuknet03 kernel: [19466.008173] Initializing USB Mass Storage driver...
Apr 25 17:46:29 lmnuknet03 kernel: [19466.010379] scsi4 : SCSI emulation for USB Mass Storage devices
Apr 25 17:46:29 lmnuknet03 kernel: [19466.011834] usbcore: registered new interface driver usb-storage
Apr 25 17:46:29 lmnuknet03 kernel: [19466.011843] USB Mass Storage support registered.
Apr 25 17:46:34 lmnuknet03 kernel: [19470.992039] scsi 4:0:0:0: Direct-Access Kingston DataTraveler 2.0 PMAP PQ: 0 ANSI: 0 CCS
Apr 25 17:46:35 lmnuknet03 kernel: [19471.530326] sd 4:0:0:0: [sdb] 977664 512-byte hardware sectors (501 MB)
Apr 25 17:46:35 lmnuknet03 kernel: [19471.531203] sd 4:0:0:0: [sdb] Write Protect is off
Apr 25 17:46:35 lmnuknet03 kernel: [19471.533813] sd 4:0:0:0: [sdb] 977664 512-byte hardware sectors (501 MB)
Apr 25 17:46:35 lmnuknet03 kernel: [19471.534442] sd 4:0:0:0: [sdb] Write Protect is off
Apr 25 17:46:35 lmnuknet03 kernel: [19471.534473] sdb: sdb1
Apr 25 17:46:35 lmnuknet03 kernel: [19471.535263] sd 4:0:0:0: [sdb] Attached SCSI removable disk
Apr 25 17:46:35 lmnuknet03 kernel: [19471.535315] sd 4:0:0:0: Attached scsi generic sg2 type 0

Create a directory where to mount the drive. Example is:
$mkdir /tmp/pen

Mount the pen drive on the new directory:
$sudo mount /dev/sdb1 -t auto /tmp/pen

Access the files:
$cd /tmp/pen

Tftp server ubuntu

Install TFTT application:

apt-get install tftpd-hpa

Edit the following file as follows:

$sudo vi /etc/default/tftpd-hpa
# /etc/default/tftpd-hpa
OPTIONS="-l -s /home/pxetero/"

Start the process:

$sudo /etc/init.d/tftpd-hpa start

Check the application is set up:

$sudo /etc/inted.conf
#:BOOT: TFTP Service is provided primarly for booting. Most sites
# run this only on machines as "boot servers".
tftp dgram udp wait root /usr/sbin/in.tftpd /usr/sbin/in.tftpd -s /var/lib/tftpboot

Thursday, April 17, 2008


Just a couple of notes..

Nagios --> after changes run:

582 /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
583 /etc/init.d/nagios restart

Ntpdate --> run

595 ntpdate

Nagios --> Configure Nagios to automatically start when the system boots.

#ln -s /etc/init.d/nagios /etc/rcS.d/S99nagios

Nagios --> add users
a) create the user
htpasswd /usr/local/nagios/etc/htpasswd.users username
b) give rights to see hosts/services/etc.
vi /usr/local/nagios/etc/cfig.cfg

Thursday, February 14, 2008

Asterisk TTS example on 1.4

Following previous posts the following examples can be use to test the usage of TTS from the dialplan in Asterisk.

Example 1:
We set up small script that will be executed from the Asterisk dialplan. This script will take as parameter the text that will be transform to a wav file to later be played.

On extensions.conf configure the following extensions:

exten => 1222,1,Answer()
exten => 1222,n,Set(TEST="Welcome to TTS example")
exten => 1222,n,System(/tmp/ ${TEST})
exten => 1222,n,Playback(/tmp/test)
exten => 1222,n,Hangup()

On /tmp/ (add necessary rights to the file) configure the following shell script:

#delete any previous file
/bin/rm -rf /tmp/test.wav

#Convert the text to a wav file
/opt/swift/bin/swift -o /tmp/test.wav -p audio/sampling-rate=8000,audio/channels=1 " $@"

#Don't run sox until swift is done
/usr/bin/sox /tmp/test.wav /tmp/newtest.wav trim 7.5

#copy the old file with the trimmed file
/bin/cp /tmp/newtest.wav /tmp/test.wav

Sox is an application that allows you manipulate/convert audio files from the command line. The page with information about it is The installation is quite simple on Debian "apt-get install sox".

The content of the asterisk variable ${TEST} is send as parameters of the shell script. The script uses $1...$n as parameters but you can use $@ to use all the parameters sent. (there must be a better way!! to do this). The following line convert the text into a wav file and save it as /tmp/test.wav.

/opt/swift/bin/swift -o /tmp/test.wav -p audio/sampling-rate=8000,audio/channels=1 " $@"

Once we run it we use sox to trim the first 7.5 seconds of the file that we don't need for this test. This creates a new file named newtest.wav (original no?)

Finally we rename the file to the original name and is later played by asterisk dialplan with the command "exten => 1222,n,Playback(/tmp/test)"

Note this is just a demo/test/proof of concept. For production you should buy some licenses and evaluate the usage of the app_swift from Asterisk to improve this.

Using the example below we create a demo "time of the day" service.

The configuration of the extensions.conf file is pretty much the same but we remove the commands to send a text to it.

exten => 1222,1,Answer()
exten => 1222,n,System(/tmp/
exten => 1222,n,Playback(/tmp/test)
exten => 1222,n,Hangup()

The script only has the details to get the different elements of the date from the unix system and concatenate them on a single string to be converted to wav file later by swift. The shell looks like this:

hour=`date +'%l'`
am=`date +'%p'`
minute=`date +'%M'`
day=`date +'%d'`
month=`date +'%B'`
year=`date '+20%y'`

texto="The current time is $hour:$minute $am . Today is the $month-$day-$year "

#delete any previous file
/bin/rm -rf /tmp/test.wav

#Convert the text to a wav file
/opt/swift/bin/swift -o /tmp/test.wav -p audio/sampling-rate=8000,audio/channels=1 " $texto"

#Don't run sox until swift is done
/usr/bin/sox /tmp/test.wav /tmp/newtest.wav trim 7.5

#copy the old file with the trimmed file
/bin/cp /tmp/newtest.wav /tmp/test.wav

The played TTS can be improved to make it more user friendly.

Other date options:
man strftime
%A is replaced by the locale's full weekday name.
%a is replaced by the locale's abbreviated weekday name.
%B is replaced by the locale's full month name.
%b or %h is replaced by the locale's abbreviated month name.
%C is replaced by the century (a year divided by 100 and truncated to an integer) as a decimal number (00-99).
%c is replaced by the locale's appropriate date and time representation.
%D is replaced by the date in the format ``%m/%d/%y''.
%d is replaced by the day of the month as a decimal number (01-31).
%e is replaced by the day of month as a decimal number (1-31); single digits are preceded by a blank.
%H is replaced by the hour (24-hour clock) as a decimal number (00-23).
%I is replaced by the hour (12-hour clock) as a decimal number (01-12).
%j is replaced by the day of the year as a decimal number (001-366).
%k is replaced by the hour (24-hour clock) as a decimal number (0-23); single digits are preceded by a blank.
%l is replaced by the hour (12-hour clock) as a decimal number (1-12); single digits are preceded by a blank.
%M is replaced by the minute as a decimal number (00-59).
%m is replaced by the month as a decimal number (01-12).
%n is replaced by a newline.
%p is replaced by the locale's equivalent of either ``AM'' or ``PM''.
%R is replaced by the time in the format ``%H:%M''.
%r is replaced by the locale's representation of 12-hour clock time using AM/PM notation.
%T is replaced by the time in the format ``%H:%M:%S''.
%t is replaced by a tab.
%S is replaced by the second as a decimal number (00-60).
%s is replaced by the number of seconds since the Epoch, UCT (seemktime(3)).
%U is replaced by the week number of the year (Sunday as the first day of the week) as a decimal number (00-53).
%u is replaced by the weekday (Monday as the first day of the week) as a decimal number (1-7).
%V is replaced by the week number of the year (Monday as the first day of the week) as a decimal number (01-53). If the week containing January 1 has four or more days in the new year, then it is week 1; otherwise it is week 53 of the previous year, and the next week is week 1.
%W is replaced by the week number of the year (Monday as the first day of the week) as a decimal number (00-53).
%w is replaced by the weekday (Sunday as the first day of the week) as a decimal number (0-6).
%X is replaced by the locale's appropriate time representation.
%x is replaced by the locale's appropriate date representation.
%Y is replaced by the year with century as a decimal number.
%y is replaced by the year without century as a decimal number (00-99).
%Z is replaced by the time zone name.
%% is replaced by `%'.

Cepstral Allison on Asterisk 1.4 Test

Download the Ceptrals voice of your preference and system. I like Allison particularly better than the UK one.

Do the download on /usr/src.

lmntel01:/usr/src# wget
=> `Cepstral_Allison_i386-linux_4.2.1.tar.gz'
Connecting to||:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 107,474,833 (102M) [application/x-tar]

100%[========================================>] 107,474,833 1.15M/s ETA 00:00

22:03:26 (1.03 MB/s) - `Cepstral_Allison_i386-linux_4.2.1.tar.gz' saved [107474833/107474833]


Untar the file and enter the directory:

lmntel01:/usr/src#tar -xzvf Cepstral_Allison_i386-linux_4.2.1.tar.gz
lmntel01:/usr/src#cd Cepstral_Allison_i386-linux_4.2.1

Execute the installation script:


The installation process goes like this:

Do you agree to these terms? Enter -yes- to continue: yes

Install into what directory? [/opt/swift]

Swift will be installed in the following directories:

Voices in /opt/swift/voices
Shared libraries in /opt/swift/lib
Binaries in /opt/swift/bin
Configuration file in /opt/swift/etc
Header files in /opt/swift/include
Examples in /opt/swift/examples
Sound effects filters in /opt/swift/sfx
Documentation in /opt/swift/doc

Is this acceptable? Enter 'yes' to continue: yes

Installing libraries...

If you are installing Swift system-wide, you may need to add the following
line to /etc/ and run ldconfig as root:


(Otherwise, you will need to add it to the LD_LIBRARY_PATH environment
variable in order to run programs linked against the Swift libraries.)

Installing voice Allison...

Creating configuration...

Installing binaries...
Installing symbolic link to swift...
Installing man page...

Setting permissions...

Testing the installed swift binary...
/opt/swift/bin/swift -o /dev/null 'hello world'

****************** Installation Completed Successfully! *******************


After this you must restart Asterisk and after the reboot to confirm the installation run the command below and check the outpu.

lmntel01:/usr/src/Cepstral_Allison_i386-linux_4.2.1/#asterisk -rx "core show application swift"

-= Info about application 'Swift' =-

Speak text through Swift text-to-speech engine.

Swift(text) Speaks the given text through the Swift TTS engine.
Returns -1 on hangup or 0 otherwise. User can exit by pressing any key.

-- Remote UNIX connection

Also you can generate a TTS wav file on the command line by running:

To test the installation you can:
/opt/swift/bin/swift -o /tmp/test.wav -p audio/sampling-rate=8000,audio/channels=1 "This is a test."

And finally just create an extension on the context of your choice to play it:

exten => 1234,1,Answer()
exten => 1234,2,Playback(/tmp/test)
exten => 1234,3,Hangup()

You will notice that as there is not a license for this package you will hear an introduction message asking you to buy a license on Cepstral web site.

Saturday, February 09, 2008

Asterisk Voicemail - Quick Exim4 notes

After installing asterisk I set up the voicemail configuration. First un apt-get install exim4 and then run pkg-reconfigure exim4-config and follow the instructions.

After the configuration exim4 should restart itself but if not use /etc/init.d/exim4 restart.

Configure the voicemail.conf file as follows:

emailbody=Dear ${VM_NAME}:\n\n\tjust wanted to let you know you were just left a ${VM_DUR} long message (number ${VM_MSGNUM})\nin mailbox ${VM_MAILBOX} from ${VM_CALLERID}, on ${VM_DATE}. The message is attached. Thanks!\n\n\t\t\t\t\n
emaildateformat=%A, %B %d, %Y at %r

eastern=America/New_York|'vm-received' Q 'digits/at' IMp
central=America/Chicago|'vm-received' Q 'digits/at' IMp
central24=America/Chicago|'vm-received' q 'digits/at' H N 'hours'
military=Zulu|'vm-received' q 'digits/at' H N 'hours' 'phonetic/z_p'
european=Europe/Copenhagen|'vm-received' a d b 'digits/at' HM

89300 => 89300,User1,

Now on Sip.con add the mailbox line (mailbox account and context of voicemail.conf)

callerid="User1" <89300>

Finally on extensions.conf set each SIP extensions (will use macros later) to wait for 20 seconds and go to Voicemails as follows:

exten => 89300,1,Dial(SIP/89300,20)
exten => 89300,2,VoiceMail(89300@default)
exten => 89300,3,PlayBack(vm-goodbye)
exten => 89300,4,HangUp()

Friday, February 08, 2008

Set H323 trunk between Asterisk and Avaya

Once asterisk and H323 is installed (previous post) follow the below configuration files to have the ip trunk up and running do the following configuration:

Setup h323.conf, sip.conf and extensions.conf as the examples below:

The h323.conf just defines the link between the Avaya and the Asterisk server.

; The NuFone Network's ;
Open H.323 driver configuration

port = 1720

bindaddr =


gatekeeper = DISABLE

progress_setup = 8
progress_alert = 8





On sip.conf I set two demo extensions 89301 and 89300. This are numbers similar to my Avaya extension range and they also match a DDI range.








callerid="User1" <89300>







callerid="User2" <89301>







On extensions.con I set up a basic dial plan to send sip calls to each sip phone and calls from the sip phones to the Avaya system.


; extensions.conf - the Asterisk dial plan


;Simple direct to sip extensions
exten => 89300,1,Dial(SIP/89300)
exten => 89301,1,Dial(SIP/89301)

;Simple rule to divert all calls from Sip extensions to Avaya extensions and External numbers on PSTN.

exten => _8XXXX,1,Dial(H323/${EXTEN}@Avaya); Avaya Extension
exten => _90ZXXXXXXXXX,1,Dial(H323/${EXTEN}@Avaya); External National UK Number

Configure the Avaya side:

The first thing to check is to see if you have the following:
a. On system-parameters customer-options in the second page you must have enough Maximum Administered H.323 Trunks to use.
b. A CLAN to use.
b. A MEDPRO to use.

Note that my Avaya PBX is a CM version 3.1.2, there might be other requirements that I might be missing.

1) Set up the names of the Avaya CLAN and the Asterisk server on node-names ip
(in the image below lmntel01 would be my Asterisk ip address and my clan address)

2) Below are the details of my CLAN, note the network region defined. In this case 6.

3) The configuration of the CLAN is shown below:

4) The network region 6 has the following configuration:

c) The network region 6 has defined ip-codec 6 taht has the following codecs (NOTE: the use of this codecs is due system configuration/hardware limitiations. You should try to use something else than G729)

d) Now you have to define the IP Trunk and IP Signaling group. You have to create both on sync, below just the final output.

Note that the Supplementary Service Protocol needs to be set to "a" to allow the passing of call info (extension number, name, etc) from and to the two systems. This will be shown at the end of this post in an Avaya to Asterisk extension call.

e) At this stage you should have the H323 IP trunk up and running between the two systems. You might require a busyout of signalig group/trunk to bring it up.

f) The next step is to define the routing off calls from the Avaya to the Asterisk box using the new trunk created.

First I set up on the uniform-dial-plan that all my extensions begining wiht 893xx and 5 digits should use the ARS table. My Avaya dial plan is of 5 digits, and I do an inc-call-handling-trmt to change external DDI to an internal extension. For example 02070189301 is set to the internal number 89301, note that 89301 is NOT an extension that is defined on the Avaya system.

Then on the ARS analysis table I defined that the 893xx range should use the route pattern 66. (not sure which call type I have to use, on my test the last one was natl therefore it was left like that).

Finally the route-pattern 66 is defined using the trunk 66 previously created and that would be all the configuration needed.

One final step that I had to do was to complete my public-unknown-numbering table. I found on the test that while the extension name was sent to the asterisk server the extension name was not. External calls to the DDI worked fine and the caller number was passed but when calling from an internal extension there was a problem.

After googling and checking this I found that by setting the first digits of my Avaya extensions and the trunk all the Avaya extensions sent the number to the Asterisk server and were display on the IPSoftphone being used for testing.

An example of a call using X-Lite sofphone is below. From extension 84562 on my Avaya PBX I placed a call to extension 89300 on the Asterisk server. The configuration of 84562 is below:

You can see on the result that the name and the extension number is sent to Asterisk. This is due using Supplementary Service Protocol a on the second page of the trunk 66 definition as mentioned before.

Installing Asterisk Again with H323 support

I never put live my old installation, then a few weeks later I lost the machine where it was and then I just simple forget. Now after playing a little here are the details for the installation (again).

(this was compiled from a few sites and my notes)

I located all my files on /usr/src


(you will need to untar the files -- tar -xzvf -- )

cd /usr/src

Install Zaptel
cd zaptel-
make menuselect
make install ---> as root
make config ---> as root
cd ..

make config Note:
If you have any zaptel hardware it is now recommended to edit /etc/default/zaptel or /etc/sysconfig/zaptel and set there an optimal value for the variable MODULES .

Install Libpri
cd libpri-1.4.1
make install ---> as root
cd ..

Install pwlib
cd pwlib_v1_10_3
./configure --prefix=/usr
make opt
make install

export PWLIBDIR=/usr/src/pwlib_v1_10_3
cp $PWLIBDIR/lib/ /usr/lib
cd ..

We copy the shared library manually into the system folder.

It is very important that you set the PWLIBDIR to your path, othewise OpenH323 will not find it.

Install openh323
cd openh323_v1_18_0
./configure --prefix=/usr./configure --prefix=/usr
make opt
make install
export OPENH323DIR=/usr/src/openh323_v1_18_0
cp $OPENH323DIR/lib/ /usr/lib
cd ..

Install Asterisk
cd asterisk-
./configure --prefix=/usr
make menuselect

At this point use the menuselect utility to select which Zaptel hardware - if any - you have on board. Please remeber that if you want to exit keeping the changes you made, you must press x, while q will quit without saving and the left arrow will get you back to the previous menu. Even if you do not have Zaptel hardware, you should compile the ztdummy driver.

On the channels menu you will be able to see the chan_h323 availabble for installation.


When you compile with make you will get the error shown on the image below therefore you will have to run the make command again:


make install
make samples
cd ..

This should be it. I checked that my /etc/zaptel.conf was missing. Not sure if this is because I didn't have any hardware installed. Just in case I copied
cp /home/ricardo/asterisk_intall/zaptel- /etc/zaptel.conf

Run the moprobe on zapte/ztdummy

modprobe zaptel
modprobe ztdummy

Change the default zone on zaptel.conf to UK

vi /etc/zaptel.conf


After starting Asterisk and logging into the console type the command show channeltypes to check that H323 has been install and is running.

Then you have to follow the next post with the details of the Avaya-Asterisk H323 ip trunk.

Please check this website for more details on the h323 installation:

Solaris tips (for the CMS)

I had to use the following tips time to time so I am posting them here to save me the time to look for them again (and avoid the possibility of the original sites going off-line).

1. Set up your /etc/hosts file.

It should look something like this:       localhost solaris-box-1 loghost

Make sure the second line has the correct IP address, hostname, and FQDN. The first line is the loopback entry. Along with #5, Solaris will know its name and IP address.

2. Create or edit /etc/nodename

Contains the hostname of the computer (same as hostname.hme0).

# cat nodename

3. Create or edit /etc/defaultrouter

Surprisingly enough, this file contains the IP address of your default router (or gateway). When you reboot and the network initialization scripts run, it will add a default route to the IP address in this file.

# cat defaultrouter

Now it knows about it's own network parameters and it's time to get it to use DNS. The next steps will tell it to use other nameservers. If you want to set up a nameserver on the local machine, see the man page for named.

4. Edit /etc/nsswitch.conf

If you haven't edited this file before, it should look suspiciously like like this:

passwd:     files
group: files
hosts: files
networks: files
protocols: files
rpc: files
ethers: files
netmasks: files
bootparams: files
publickey: files
# At present there isn't a 'files' backend for netgroup; the system will
# figure it out pretty quickly, and won't use netgroups at all.
netgroup: files
automount: files
aliases: files
services: files
sendmailvars: files

Add the word 'dns' after 'files' on the 'hosts' line:

passwd:     files
group: files
hosts: files dns
networks: files
protocols: files
rpc: files
ethers: files
netmasks: files
bootparams: files
publickey: files
# At present there isn't a 'files' backend for netgroup; the system will
# figure it out pretty quickly, and won't use netgroups at all.
netgroup: files
automount: files
aliases: files
services: files
sendmailvars: files

Now it knows to query a nameserver when looking up a name. Next we have to tell it what nameservers to use:

5. Create or edit /etc/resolv.conf

Here you tell it three things:

  1. What domain we're in
  2. Specify any additional search domains
  3. What the nameservers are (it will use them in the order you put them in the file)

When you're done it should look something like this:

# cat resolv.conf

For more information, see the man page for resolv.conf.

6. Edit /etc/hostname.hme0

This file should contain the hostname of your machine, without the domain name. So, if the FQDN (Fully Qualified Domain Name = hostname + domain name) is, the file should look like this:

# cat hostname.hme0

This assumes that your Ethernet adatper is hme0, the default device name for the first Ethernet adapter.

7. Reboot
# sync;sync;sync
# reboot

8. Change IPs

UNIX Shell: All Primary shells (sh,ksh,csh)
Function: Use ifconfig to change your IP address immediately. Edit your /etc/hosts file to change it permanently.
Syntax: Immediate change: ifconfig interface new IPaddress subnet mask

Permanent change: vi /etc/hosts
interface Specifies the network interface, e.g. hme0 for 100 Mbps or le0 for 10 Mbps.
new IPaddress Specifies the new IP address that you want to assign the computer.
subnet mask Specifies the subnet mask for your local network.

File Name: hosts Directory: /etc Type: External
ifconfig hme0 Sets the IP address to on interface hme0.
ifconfig le0 Sets the IP address to on interface le0

9. Recover ROOT password

You need to have physical access to the machine's console.

Note the root partition;

Solaris uses

* /dev/dsk/c0t0d0s0 on the Ultra5/10 and Blade 100
* /dev/dsk/c0t1d0s0 for Blade 1000.

Press the STOP and A keys simultaneously, or, on an ASCII terminal or emulator, send a ) to halt the operating system, if it's running.

Boot single-user from CD-ROM (boot cdrom -s) or network install/jumpstart server (boot net -s). For CD media use the CD-ROM labeled "Installation". I prom pssword is set you need to know it

Mount the root partition on "/a". "/a" is an empty mount point that exists at this stage of the installation procedure. For example:

#mount /dev/dsk/c0t0d0s0 /a

If the mount command fails and since "/a" always exists, then you either typed in the wrong device, OR the system is seeing the root partition as something else.

Do a "ls /tmp/dev/dsk" and see what is there. "c0t6" things are the CD-ROM, what is left is what one needs to try. On a Blade 1000/2000, choose /dev/dsk/c1t1d0s0, and execute: #mount /dev/dsk/c1t1d0s0 /a

Set your terminal type so you can use a full-screen editor, such as vi. You can skip this step if you know how to use "ex" or "vi" from open mode.

* If you're on a sun console, type "TERM=sun; export TERM";
* If you are using an ascii terminal or terminal emulator on a PC for your console, set TERM to the terminal type for example: TERM=vt100; export TERM.

Edit the passwd file, /a/etc/shadow (or perhaps in older versions, /etc/passwd) and remove the encrypted password entry for root.

Type: "cd /; then "umount /a"

Reboot as normal in single-user mode ("boot -s"). The root account will not have a password. Give it a new one using the passwd command. PROM passwords: Naturally, you may not want anyone with physical access to the machine to be able to do the above to erase the root password. Suns have a security password mechanism in the PROM which can be set (this is turned off by default). The man page for the eeprom command describes this feature.

If security-mode is set to "command", the machine only be booted without the prom password from the default device (i.e. booting from CD-ROM or install server will require the prom password). Changing the root password in this case requires moving the default device (e.g. the boot disk) to a different SCSI target (or equivalent), and replacing it with a similarly bootable device for which the root password is known. If security-mode is set to full, the machine cannot be booted without the prom password, even from the default device; defeating this requires replacing the NVRAM on the motherboard. "Full" security has its drawbacks -- if, during normal operations, the machine is power-cycled (e.g. by a power outage) or halted (e.g. by STOP-A), it cannot reboot without the intervention of someone who knows the prom password.

10. Others (and repeated)

"I've almost just reinstalled Solaris to get the network settings fixed!" Ya, sometimes you can get alittle confused and irritated. Whether it's a new Linux distro, or diffrent UNIX OS, everyone puts their network configuration in diffrent places and learning each systems setup can be a pita. So, what if you don't even wanna bother learning all the network configuration stuff and what files does what... what if you could just re-run the networking configuration and have it all sorted out? You can! Solaris has a nifty command that can reset the base networking and configuration to a clean system: "sys-unconfig". If you buy a pre-installed system from Sun or a VAR, what they will generally do is install Solaris, customize the install as needbe and then run "sys-unconfig" before putting the system in the box and shipping it out. The command will scratch the networking configuration (most of it anyway), the root password, time zone, etc. Once sys-unconfig finished cleaning out the files it will immediately halt the system (shut it down). Next time you boot the system it will prompt you for all the networking information, time zone, locale and a new root password. This is the "quick-no-hassle" reconfiguration method. Generally we do not recommend this as ideal, but it will do the trick. If you plan on selling a pre-installed system or you are moving your system to a new network where all the info is changing, this is the command to use. Just use it carefully.

"I know root shouldn't login remotely, but I really want too!" Logging into a system via telnet, ftp, or ssh is just bad... very bad. However, some times people think they need to do this or they simply don't care about security. If you really wanna drop your pants like this, edit: /etc/default/login. In this file, you'll see a line for CONSOLE. To allow root to log in via telnet or ftp just comment out this line and your done. To allow root login via SSH you need to edit a diffrent file: /etc/ssh/sshd_config. Change the value of PermitRootLogin from "no" to "yes" and restart SSH via "svcadm restart ssh". The SSH configuration file is just the same as Linux since Solaris uses OpenSSH. Please note, that allowing root to log in remotely is a massive security risk and needlessly stupid, don't do this unless you absolutely must.

"How do I set and make the default gateway persistant across reboots?" The default gateway is easy to configure, just put the IP address of the default gateway in /etc/defaultrouter. If this file doesn't exist just create it and add the IP. The IP address of the gateway should be the ONLY thing in this file, nothing else. Typically you should just use echo, like this: "echo > /etc/defaultrouter". Once you've changed the file you can restart the physical network interfaces to make the changes effective without a reboot ("svcadm restart physical").

How do I set or change my IP address? Setting and changing IP addresses on Solaris is a snap. Just add the IP and hostname that you wish to use to /etc/hosts. Then put the hostname (by itself) in teh /etc/hostname.(interface) file. Then just restart the physical networking via SMF ("svcadm restart phsyical") and your done! Example: "echo ' solarisrox' >> /etc/hosts; echo 'solarisrox' > /etc/hostname.hme0" assuming that hme0 was the interface you wanted to use. Don't worry about this changing the hostname for the whole workstation, the hostname for the system is kept in /etc/nodename. You can add the default gateway as we discussed just above. If you need to specify a non-standard subnet netmask you can add it to /etc/netmasks. You can have as many subnet masks in the /etc/netmasks file as you like, one per line, just follow the instructions at the top of the file.

How do I configure DHCP? DHCP is pretty easy to configure, just create 2 empty files: /etc/hostname.(interface) and /etc/dhcp.(interface). If you are using HME0 you could do this: "echo "" > /etc/hostname.hme0 > /etc/dhcp.hme0". You might want to wipe out information that might conflict like the /etc/defaultrouter file if you created one. Once you've got these two empty files ready just restart the physical network to make the changes effective without a reboot ("svcadm restart physical"). If you want to customize the properties of the DHCP agent you can check out the " System Administration Guide: IP Services" manual. Remember that DHCP settings take acouple seconds to be retrieved from the server so if you reset the physical interfaces as mentioned above and you notice that nothing happened, just wait a couple seconds (30 secs is the default timeout).

I can't figure out what the network interface is called! Linux sort of makes network interface naming easy because typically interfaces are named "eth0", "eth1", so on and so forth. In Solaris, however, the name of the interface is decided by the interface driver. For instance, the onboard ethernet of a Sun Ultra workstation uses the HME (Happy Meal Ethernet, also more boringly called Hundred Meg Ethernet) driver and so the first instance is "hme0". You can look at the device mappings to driver names using "prtconf -D". In general, Solaris will find your network device and try to configure it so generally just checking "ifconfig -a" is enough to find it.

My l337 workstations network device isn't frickin' support!?! Sadly there are lots of networking devices that aren't officially supported (right now anyway, OpenSolaris hopes to change this). Thankfully there are tons of really kool Solaris developers that have been creating open source drivers! Check out these free NIC drivers by Masayuki Murayama! Grok google for drivers, you just might find your l337 gear really does have drivers avalible, they just aren't in Solaris right now.

There ya go.. some quick Solaris networking tips. As always, check out's Solaris10 manuals for help and details.