SIP Normalization Script for removing the Diversion Header

When we forward a call from one  phone to another or from one hunt group to a phone, the Diversion header gets added to the SIP messages.
Some of the SIP gateways or Voice mail systems doesnt have the ability pick the required Diversion header.  For example look at the below message, we are calling the operator(1408) and the operator forwards the calls to Vishnu on 1100  so the Diversion headers are added to it.
When the call is forwarded to the Voice mail system. The server looks at the latest Diversion that is 1408 and provides the voice mail of Operator, instead of Vishnu.
If there is no Voice Mail box exist for 1408 then the System will say "The person you have tried does not have a valid Voice mail box configured on this system"  error message.

INVITE sip:9997@172.17.8.6:5060 SIP/2.0
Via: SIP/2.0/TCP 172.16.8.4:5060;branch=
From: <sip:1112@172.16.8.4>;tag=470449ec-8a27-f7e4c9c946e7-30683727
To: <sip:9997@172.17.8.6>
Date: Thu, 11 Dec 2014 13:41:36 GMT
Call-ID: 6bcc2d80-48919f10-704b6-40810ac@172.16.8.4
Supported: timer,resource-priority,replaces
Min-SE:  1800
User-Agent: Cisco-CUCM10.5
Allow: INVITE, OPTIONS, INFO, BYE, CANCEL, ACK, PRACK, UPDATE, REFER, SUBSCRIBE, NOTIFY
CSeq: 101 INVITE
Expires: 180
Allow-Events: presence, kpml
Supported: X-cisco-srtp-fallback
Supported: Geolocation
Call-Info: <sip:172.16.8.4:5060>;method="NOTIFY;Event=telephone-event;Duration=500"
Call-Info: <urn:x-cisco-remotecc:callinfo>;x-cisco-video-traffic-class=VIDEO_UNSPECIFIED
Cisco-Guid: 1808543104-0000065536-0000008029-0067637420
Session-Expires:  1800
Diversion: "Vishnu" <sip:1100@172.16.8.4>;reason=no-answer;privacy=off;screen=yes
Diversion: "Operator" <sip:1408@172.16.8.4>;reason=no-answer;privacy=off;screen=yes

So We need to need to configure the Voice mail server to pick the other Diversion .I.e 1100 instead of 1408
Cisco Unity connection or Microsoft Unified messaging has the option of selecting the Diversion header. But Microsoft Office 365 or any other voice mail servers doesnt have this option.

We need to remove the Extra Diversion from the SIP messages while sending out of the SIP trunk to the Voice mail server.
This can be acheived by using the SIP Normalization Script in the CUCM.
We need to create a Script in the CUCM server and assign it in the SIP trunk.
Step1: Login to Call manager.
Step2: Click Device --> Device Settings --> SIP Normalization Script
             Click Add New and add the below config and save the script  

Step 3: Then go to the  SIP truck.
              Click Device ---> Trunk and select the SIP trunk which goes to Voice mail server.
              Go to Normalization script section and select the UseLastDiversion script
              Save the Config.
              Reset the trunk.
After applying the script the script will remove the Lastbefore Diversion
So the output of SIP Message will look like below.

INVITE sip:9997@172.17.8.6:5060 SIP/2.0
Via: SIP/2.0/TCP 172.16.8.4:5060;branch=
From: <sip:1112@172.16.8.4>;tag=470449ec-8a27-f7e4c9c946e7-30683727
To: <sip:9997@172.17.8.6>
Date: Thu, 11 Dec 2014 13:41:36 GMT
Call-ID: 6bcc2d80-48919f10-704b6-40810ac@172.16.8.4
Supported: timer,resource-priority,replaces
Min-SE:  1800
User-Agent: Cisco-CUCM10.5
Allow: INVITE, OPTIONS, INFO, BYE, CANCEL, ACK, PRACK, UPDATE, REFER, SUBSCRIBE, NOTIFY
CSeq: 101 INVITE
Expires: 180
Allow-Events: presence, kpml
Supported: X-cisco-srtp-fallback
Supported: Geolocation
Call-Info: <sip:172.16.8.4:5060>;method="NOTIFY;Event=telephone-event;Duration=500"
Call-Info: <urn:x-cisco-remotecc:callinfo>;x-cisco-video-traffic-class=VIDEO_UNSPECIFIED
Cisco-Guid: 1808543104-0000065536-0000008029-0067637420
Session-Expires:  1800
Diversion: "Vishnu" <sip:1100@172.16.8.4>;reason=no-answer;privacy=off;screen=yes


P.S: Use http://ipsubnetcalculator.net/  for calculating IP subnet mask Online

How to Install Cacti on Centos

This procedure explains the Cacti installation on Centos Server using Yum.


Step1: Install the dependencies.

[:vishnu:root@sandbox ~]# yum install mysql-server mysql php-mysql php-pear php-common php-gd php-devel php php-mbstring php-cli php-snmp php-pear-Net-SMTP php-mysql httpd

[:vishnu:root@sandbox ~]# yum install net-snmp-utils php-snmp net-snmp-libs


Step2: start mysqld and configure it

[:vishnu:root@sandbox ~]# service mysqld status
mysqld is stopped
[:vishnu:root@sandbox ~]# service mysqld start

Initializing MySQL database: Installing MySQL system tables...
OK
<<Output Suppressed>>
[ OK ]
Starting MySQL: [ OK ]
[:vishnu:root@sandbox ~]#
[:vishnu:root@sandbox ~]# /usr/bin/mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In <Output Omitted>
Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.
Set root password? [Y/n] Y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] Y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] Y
... Success!
By default, MySQL comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] Y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] Y
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MySQL
installation should now be secure.
Thanks for using MySQL!

Step3: Install Cacti

[:vishnu:root@sandbox ~]# yum install net-snmp-utils php-snmp net-snmp-libs
[:vishnu:root@sandbox ~]# yum install cacti

If cacti package is not available. Add the below repo to your machine and run the command again.
#vim /etc/yum.repos.d/dag.repo:
[dag]
name=Dag RPM Repository for Red Hat Enterprise Linux
baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag
gpgcheck=1
gpgkey=http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
enabled=1

Step4: Install Spine

Download the latest file from the cacti.net

tar xvzf cacti-spine-*.tar.gz
cd cacti-spine-*
./configure
make
sudo make install
Spine Path /usr/local/spine/bin/spine ​


Step5: Update the correct database details in /var/www/cacti/include/config.php

$database_type = "mysql";
$database_default = "cacti";
$database_hostname = "localhost";
$database_username = "cacti";
$database_password = "cacti";
$database_port = "3306";
$database_ssl = false;


Step6: Spine config: update the below variables in spine.conf file

###Copy the config file first
cp /usr/local/spine/etc/spine.conf.dist /usr/local/spine/etc/spine.conf

DB_Host localhost
DB_Database cacti
DB_User cacti
DB_Pass cacti
DB_Port 3306
DB_PreG 0

step:6 create a database called cacti in mysql
#mysql -u root -p
#mysqladmin --user=root create cacti
#mysql --user=root mysql
mysql# GRANT ALL ON cacti.* TO cactiuser@localhost IDENTIFIED BY 'somepassword';
mysql# flush privileges;​

Step:7 Correct the Folder permission:
cd /var/www/cacti/
chown -R cacti rra/ log/

Step:8 Edit the cacti.conf file and add the "allow from all" in it.

#vim /etc/httpd/conf.d/cacti.conf
Alias /cacti/ /var/www/cacti/
<Directory /var/www/cacti/>
DirectoryIndex index.php
Options -Indexes
AllowOverride all
order deny,allow
deny from all
allow from all
AddType application/x-httpd-php .php
php_flag magic_quotes_gpc on
php_flag track_vars on
</Directory>

Step:9 reload httpd config file.
# service httpd reload


Step 10 point your browser to:
http://your-server/cacti


P.S: Use http://ipsubnetcalculator.net/  for calculating IP subnet mask Online

Shell Script to generate Reverse DNS file for Core links

This is Shell script i created which Collects the IPaddress details from the WAN routers using SNMP and creates the reverse DNS file for the same. Some times the reverse DNS of the links will be very helful for identifying and troubleshooting the link issue, without looking at your database.

Create a file called device_list in /var/named folder. Enter the device detail hostname or IP address from where you need to retrive the IP address details.

eg:
core1.pop1
core2.pop1
( or )
10.1.1.1
10.2.1.1

update the grep commands to include the links which you want reverse_dns 
=================================================
#!/bin/bash
#This is a script to generate reverse DNS file for core links

DEVICELIST=/var/named/device_list
ALIASFILE=/tmp/ifalias
ADDRESSFILE=/tmp/ipaddress
REVERSEDNS=/tmp/reverse_dns
COREDNSFILE=core-reverse.inc
TMPCOREDNS=/tmp/$COREDNSFILE
BINDBASE=/var/named/inc-reverse
POPFILE=$BINDBASE/reversedns

##Empty the files
echo > $ALIASFILE
echo > $ADDRESSFILE
echo > $REVERSEDNS
echo > $TMPCOREDNS

for  DEVICE in `cut -d " " -f 1 $POPLIST`
                       do echo "$DEVICE"
                snmpwalk -v2c -c a0xCOWTF^@gXhgphcxMX!  $DEVICE ifAlia | egrep 'pl2'| grep -v trunk | sed 's/-/ /g' | sed 's/::ifAlias./ /g' | sed 's/_/ /g' | cut -d ' ' -f 3,6,7,8,9,10 > $ALIASFILE  2>/dev/null
                sed -i 's/[^ ]*/'$DEVICE'/6' $ALIASFILE
                snmpwalk -v2c -c a0xCOWTF^@gXhgphcxMX!  $DEVICE ipAdEntIfIndex | sed 's/-/ /g' | sed 's/::ipAdEntIfIndex./ /g' | sed 's/_/ /g' | cut -d ' ' -f 3,6 > $ADDRESSFILE  2>/dev/null
                awk 'NR==FNR {a[$2]=$1;next} {$1=a[$1];print}' $ADDRESSFILE $ALIASFILE | sed 's/\./_/g' | sed 's/ /_/g' >> $REVERSEDNS
        done
done

sed -i '/^$/d' $REVERSEDNS
awk -F '_' '{print $4"\."$3"\t""\t""IN""\t""PTR""\t"$5"-"$6"-"$7"-"$8"-"$9"-"$10"\."$11}' $REVERSEDNS > $TMPCOREDNS


#Move the files to bind base
mv $COREDNS $BINDBASE
chown root:named ${POPFILE}
chmod 640 ${POPFILE}


P.S: Use http://ipsubnetcalculator.net/  for calculating IP subnet mask Online