Thoughts of virtualization – Part II

I really like going to events at the GarageGeeks ( – apart from meeting with some friends, having a good laugh and enjoying the casual beer, the technical talks and the general subjects that are being attended at a gathering are always interesting.

This time, the Geeks had decided to focus on Cloud Computing, trying to introduce the somewhat highly evolving field of the IT/Computing industry to the visitors of Garage. Now, I have to admit that during the past few weeks I’ve been studying the various aspects of utilizing Amazon EC2 services, and I’ve come to the somewhat problematic conclusion: “Cloud computing is a wonderful solution, as long as you have clear and concise control over your computing cloud!”

The main problem with traditional cloud computing, as offered by Amazon and others, is that the physical boundaries of your system are somewhat unknown – not to you and in some cases, not to your provider either. Let us imagine a Tier based architecture platform, implemented utilizing Amazon EC2 technologies – our web front-end may be located in the US, the application server in the UK and the Database in Zimbabwe for all that matters – in accordance to EC2 and traditional cloud computing, that is fairly normal.While EC2 and some other providers had introduced the idea of a Zone, making sure that your virtual servers are all located in the same physical data center, other solutions are yet to follow.

The above design introduces an interesting “Critical Path” management problem, tied deep into the Tier based architecture design pattern. Companies such as GigaSpaces and others had made it their business to cash in on the problem, by providing a distributed, memory based, middle-ware – literally sweeping the “Critical Path” problem under the rug. However, as the platform will evolve, “Critical Path” issues have a tendency to re-appear, usually, a lot more serious than the original problem – due to new constraints and new operational paradigms within the operational construct of the cloud platform.

So, question be asked: “Is cloud computing good? Can you really build a full service based upon cloud computing services?” – The answer isn’t a straight forward yes or no. For example, while I have a couple of servers on EC2, serving me as development servers mainly, I’ve built my own little cloud environment on my own servers – used for production usage. I’ve used a mixture of OpenVZ servers tied together with my own provisional interface to create a seamless cloud, enabling me to replicate servers, control their operational structures at east and most important – expand my cloud rapidly by introducing new servers to my cloud.

Is my paradigm good for all purposes? I can’t really say – it works for me, it may not work for you. The thing is this, don’t expect cloud computing to come in and solve all your problems, you may run into new ones you are completely unfamiliar with.

Sierra AirCard 880E and Mandriva Linux

As you probably already learned from a previous post, I’ve switched to Mandriva from my previous FedoraCore distro, running on my home PC and my old ThinkPad T42 notebook.

Recently, I’ve signed up with Cellcom, an Israeli cellular provider for data connection only. I’ve received a Sierra AirCard 880E, which installs easily on Windows and on MacOSX, however, Linux was a little tricky. While reading several sources around the internet, dealing mainly with some shell based scripts – Mandriva is different – simply requires a bit to know the Mandriva framework in order to get it working right.

Step 1: Know where your AirCard is

As the AirCard is inserted to the computer, Mandriva will automatically load the respected kernel module and will automatically assign the /dev/ttyUSB0 device to it.

Step 2: Mandriva Control Center

In the Mandriva control center, launch the network configuartion tool for creating a new connection. Here’s the trick, you need to create a “POTS” connection, not a 3G/EDGE connection. The reason is that the EDGE/3G functionality is maintained by the AirCard itself, Linux has nothing to do it.

Step 3: Configure your connection

I named my connection as Cellcom and setup the following as my dial-in number: *99# – this is very important. Select PAP/CHAP as your login type and set both the username and password to be “cellcom”.

From this point onwards, you should be just fine and up on the network in no time 🙂

Hi-Tech fallouts unite!

The current economical situation of the world had gotten me thinking about various things. I would say that while most people think about “how to survive the economical desert” we are currently passing – my thoughts are going to another place – I see an opportunity.

About 6 months ago a team of 58 engineers joined forces in Israel to create the service, a “pay-it-forward” type service. The amazing thing about itribu is the fact that it was completely built within a period of less than 72 hours!

Is that logical? creating a full service in less than 72 hours? is that actually doable? even extreme programming techniques and scrum/agile don’t offer this kind of development turn around. Actually, coming to think of it, I’ve created web based services in the past on my own which took less time to develop. I’ve developed a web based telephone conferencing system in less than 2 days, on my own, so – developing a full grown service with 58 engineers in 72 hours – sounds logical.

You are probably wondering: “What is he talking about? how does itribu relate to the current economic situation? where is the opportunity?” – the answer is simple, you’re simply too stuck thinking in normal development and financial paradigms – that you are blind to the obvious. Over the course of the past month, over 2000 engineers were let go from their jobs in Israel. These are highly qualified, highly original individuals ranging the full spectrum of the hi-tech industry. Imagine that a company that had let go 10 engineers, and imagine that these engineers had decided to start a web based service. Now, imagine that these 10 engineers get into a single place for a full weekend. Can they build a service in a single weekend? the answer is a definite YES!

If creating a service is so simple, how come people are not doing it – the answer is usually simple: EGO and PRIDE. When I talked about this idea to a couple of friends of mine they both replied a simple thing: “Hmmm… Ok, sounds cool, but, what is our take in the company? how much money are we going to make from it?” – and then I actually realized: the world had completely forgotten what the term start-up means. In 1996, when the ICQ team started working on their product, they had no idea they would end up selling ICQ to AOL for 400,000,000 USD. When Sergey and Larry started Google they basically had nothing in their pockets, they almost closed Google due to a poor business model in the beginning – that’s the idea behind a start-up, you have an idea and you go for it. We had become so obsessed with business models, revenues, making money, ego, status, driving a big car – all he things that had become synonyms to Hi-Tech success, but had completely forgotten that it takes time to get there. VC’s start giving money to any company that looked like a Web 2.0 application, when actually, there was nothing behind the idea. In my view, any team of 10-15 engineers can surely spend anything between 2 to 4 weekend building a service, continue on to running it – the VC’s will shortly follow once your service becomes a craze – trust me (I’ve seen it happen more than once).

Digium started from a loan Mark got from his folks for 5000$, and grew into a multi-million dollar company. In 2006 Digium received an investment of roughly 13M$ from Matrix Partners, but that’s long after Digium was already racking up about 14M$ sales per year. JaJah started off from funds of their founders, slowly growing in number of users, shortly to follow by investments from Intel Capital and Sequoia – in other words, obsess about creating the service first – the money will soon follow after wards. Starting to argue about who gets what and how much is stupid, after all, if you don’t build it – its value is still 0!

Open Source SBC – Is there such a thing?

Session Border Controllers (SBCs) are utilized as a means to providing both load balancing and security structures for VoIP networks. To be completely honest, 90% of my customers utilize SBC appliances, be it Acme Packet, Juniper, NexTone or others.

According to a report by Transnesus, a combination of OpenSER and Asterisk can be utilized as a Back-To-Back-User-Agent (B2BUA) structure – however, the general configuration and setup isn’t clear and straight forward. I’ve been thinking to myself: “Why hadn’t anyone written and Open Source SBC? could it be? usually there’s an Open Source alternative to any commercial product”.

Like any other search on the net, I’ve pointed my Firefox to Google, and typed the phrase “Open Source SBC”, aparently, such a thing exists from a company called Solegy – over at the web address: So, I downloaded the source code, and after a 30 minute compilation phase (bearing in mind working on a Virtual server running under VMWARE Server) – the compilation completed.

Compiling was one thing, running it was a completely different thing – took me a while to realize where the binary is located and how the configuration works out – once I did that was a breeze. On my system, after compilation the binary was located according to the following:

[root@opensbc obj_linux_x86_r]# pwd
[root@opensbc obj_linux_x86_r]# ./opensbc -x

Message from syslogd@ at Thu Nov 13 23:15:35 2008 ...
tvms OpenSBC[18900]: Starting service process "OpenSBC" v1.1.5-25

Per the information provided by Solegy, the OpenSBC project supports several modes of operations, ranging according to the following:

<strong>Full Mode</strong> - By default OpenSBC runs in full mode exposing its capability both as a
relay SIP proxy, Registrar and as a B2B User Agent. When OpenSBC receives an INVITE
or a REGISTER request it would follow the following procedure to make a decision how
to route a request:

● If the Request-URI resolves to a remote domain, the request will be relayed. If a
relay route is available, the request is sent to that route. If a relay route is not
available, then the URI is resolved via DNS.
● If the Startline-URI resolves as a local address and port, the To URI is checked
if it resolves to a local domain and port. If not, the request would be proxied
using Relay Routes or via DNS resolution. The Request URI would be rewritten to point
to the resolved route.
● INVITE: If both Request URI and To URI resolves to a local listener and port, the
B2BUA Route is used to route the INVITE.
● REGISTER: If both Request URI and To URI resolves to a local listener and port, the
local Registrar will process the registration. This would include Authorization of
the user.

<strong>B2BOnly Mode</strong> - This mode removes the relay capability but exposes the Registrar and
the B2BUA functionalities. This mode does not do the checks performed by Full Mode. It
will always process REGISTER and INVITE as local.

● INVITE: This mode always use B2BUA Route to route calls. If there is not corresponding
route found, a DNS resolutions is done against the Request URI or the To URI in case the
Request-URI resolves to a local address.
● REGISTER: Registrations are always handled by the local registrar.
Proxy Only Mode</strong> - This mode removes the B2BUA functionality but exposes Registrar and the
relay SIP Proxy functionalities
● Always uses Relay Routes for all messages including REGISTER. If a relay route is not
configured, Requests will be relayed using DNS resolution. If a registrations is resolved
as local, the registrar would handle the registration including authorization

<strong>B2BUpperReg Mode</strong> - This is almost the same as the B2BOnly mode but with the additional
capability of relaying registrations to upper registrars.

● INVITE: This mode always uses B2BUA Route.
● REGISTER: For registrations, it performs the Request URI and To URI checking and relay
for a remote domain or process the registration locally for local domains.
● Upper-Registration: This mode also has the capability to hijack-registrations towards
upstream registrars.

Per the above, I didn’t completely understand what I should use for normal IP phones operations, so, I guess I’m more or less on my own on this one. My general understanding says that I need to use the B2BupperReg mode, however, I can’t say I’m totally sure about it – I’ll be experimenting with OpenSBC and the virtual Asterisk servers i’ve written before over the couple of months.

Thoughts of Virtualization and Asterisk

Over the past 2 years, I’ve come to love the world of virtualization. Thanks to Intel over blowted hardware, the ever dropping price of memory chips and the available of hard drives that hold more information than an 80’s main frame – virtualization became a must for almost any sane minded Linux users.

Since the time I decided to evaluate virtualization, my main virtualization technologies were: VirtualBox – mostly for running Windows XP on top of my Linux notebook, VMWARE Workstation – for running simple VMWARE appliances on my Linux notebook and VMWARE Server – for running production servers.

Now, these past few weeks I’ve been heavily experminenting with Para-Virtualization, mainly XEN and OpenVZ. Both seem to be similar in concept of operation – but vary with the install and configuration of the software. In any case, my main interest is to see how many Asterisk virtual hosts I’ll be able to run on a single server (Dual XEON Quad Core based), 16GB RAM and a 500GB Raid-1 Array. This is my config, and I’m currently busy building the system.

Once I have proper answers and configurations ready, I’ll publish my findings here. In the mean while, if you’ve done such an experiment, I’d love to hear it.