I’m helping someone set up a private node network. I can ping the “connect to” address, all required ports in the routers at each end is correctly opened and each node’s info is in their respective rpt.conf. Can’t connect either way however.
My question is. Does NOT FOUND simply mean it couldn’t connect the node described in rpt.conf or something else? Running the Asterisk CLI in verbose level 9 doesn’t show me the connect attempt (maybe that’s the clue)
It could be a number of issues. For example, are the both behind the same NAT router and have different bindport values in iax.conf? Please provide network configuration information. Can you communicate with each node using iaxRPT?
All the nodes on that network are on the same private LAN but also are internet accessible. As they are all remote to me, I did place the required stanzas in iax.conf on one of the nodes that is to used as his hub and was able to connect to it using iaxrpt.
What other network info would you like?
Ken, not sure what process is used to do connects or node lookups.
Might I suggest looking at "/etc/asterisk/local/privatenodes.readme as well as “/etc/asterisk/local/privatenodes.txt” to see if it exists with the proper info which gets added to the astdb.txt file. Perhaps that is something causing the errror.
Larry - N7FM
Ken … a further add… since I am not sure which platform is being used my path to the “privatenodes” info reference may not be correct in some cases. By looking at your astdb.php it should show you the path for whatever system.
Larry - N7FM
Hi Larry, good to see you here!
These are all private nodes (1000,1002, 1003, etc) on Maui and they obviously don’t register with the ASL servers. As such the correct info DOES appear in each rpt.conf and all necessary ports are forwarded on routers.
They’re running on Pi4s FWIW
Here’s an entry from /var/log/asterisk/connectlog after I tried a connect from the command line of node 1002, to connect to node 1009
root@repeater:~# /usr/sbin/asterisk -rx ‘rpt fun 1002 *8131009’
Fri Oct 21 23:04:36 UTC 2022 == 1002 Connected AllStar 1009 =OUT=> KH6COM Puu Mahoe Ulupalakua HI (NOT FOUND)
Private node are unregistered nodes.
Anytime you need to connect to one you must have the ip address and port set in rpt.conf [nodes]
You may have known this but I can’t tell from your text how far along you are. But I did write-up a explanatory in the wiki this year…
Come back and tell us if you are that far along and perhaps post your rpt.conf [nodes] section
Likely a error you need fresh eyes for.
Oh yea, I 'm quite aware of that as I’ve been running private nodes for some time
IP’s blocked for posting of course (x.x.x.x) but are correct in the actual rpt.conf file
1001 = firstname.lastname@example.org:4569/1001,NONE ; KKD_Molokai Dispatch
1002 = email@example.com:4569/1002,NONE ; Wailuku Police Station
1003 = firstname.lastname@example.org:4569/1003,NONE ; HKA-Haleakala County
1004 = email@example.com:4569/1004,NONE ; KLA_Kahakuloa
1005 = firstname.lastname@example.org:4569/1005,NONE ; HNV-Hana Verizon (future)
1006 = email@example.com:4569/1006,NONE ; HNA-Hana Airport
1007 = firstname.lastname@example.org:4569/1007,NONE ; KBC-Kaanapali Beach Club
1008 = email@example.com:4569/1008,NONE ; LYP-Lanai Police Station
1009 = firstname.lastname@example.org:4569/1009,NONE ; PME-Puu Mahoe
1010 = email@example.com:4569/1010,NONE ; ICSD-Haleakala State
1011 = firstname.lastname@example.org:4569/1011,NONE ; Whaler
1012 = email@example.com:4569/1012,NONE ; KHA-Kahua Ranch
1013 = firstname.lastname@example.org:4569/1013,NONE ; PHU-Puu Hoku Ranch
1014 = email@example.com:4569/1014,NONE ; Ritz Carlton Kapalua
1015 = firstname.lastname@example.org:4569/1015,NONE ; Waialeakua (future)
1016 = email@example.com:4569/1016,NONE ; Reflector (not really needed for Allstar)
But I might also ask if all the nodes are in the same NAT.
Yes they are all on the same VLAN
Since you revised your post, I see what you are doing.
So, this leads me to firewall issues.
The receiving end may need to ignore your IP for the iax port.
ASL uses the registration data to allow on iax, but private nodes don’t provide for that.
At this point you may want to set it to ignore in iptables and possibly fail2ban local since you may be in jail.
ASL uses iptables and not ipchains? Good to know.
I will have a look
I don’t know what’s on a pi4 image, but iptables was install-able in the asl menu and fail2ban as well.
But it is whatever is at the other stations.
-A INPUT -s x.x.x.x -p udp -m udp --dport 4569 -j ACCEPT
It may be that when you put that entry in iptables, it will clear in fail2ban as well, if you were in jail.
Nice config. I had pushed a lot of skywarn/ecom folks to do the same for their nets over the years.
I was the only one who would do it. Can’t figure out why. Just makes sense. I started doing t many years ago when the registration server had issues. Last thing you want to deal with during ecom.
The system over there is connected via their county microwave backbone system. My system here is also all private nodes, connected via the AREDN Mesh network (5.8 gHz). We link our systems together 99.99% of the time
Indeed. Reliance on the internet during times of trouble is simply stupid IMHO…
I know you didn’t show the IP for privacy but don’t forget ons of those needs to be ‘self’ on each node.
1001 = firstname.lastname@example.org:4569/1001,NONE ; KKD_Molokai Dispatch
Also do you have the correct setting in extensions.conf for each node?
exten => 1001,1,rpt,1001
Roger, I’m aware of the local node entry for each node itself.
As for extensions.conf, I’ve never had to do anything to them other than the one NODE = <node#> entry. Why would this be different?
Update on this
Turns out that doing the connects from node-to–node via bash works fine. For example:
/usr/sbin/asterisk -rx 'rpt fun 1000 *8131009'
What we discovered is there is apparently an issue with Supermon 7+ when issuing a connect to SOME nodes. We’re not quite sure why but it appears to be an issue with that, not ASL
Once again try adding the private node list to the astdb.txt file.
Larry - N7FM