[INTERLINKED-22] Broadband exodus

The always-on broadband link at the ARTN site is scheduled to be cut and replaced with intermittent connectivity using the existing POTS line at this site, no later than July 2026.

Initial testing:

Test dial-up using POTS connection and see if we can reliably get V.90 to an ISP. See if we can borrow any GlobalPOPs/independent accounts. Answer: V.90 doesn't work, but we can consistently get reliable 33.6k connections to GlobalPOPs
~~Establish that broadband day-to-day pricing is supported if needed (yes)~~
~~Test Mosh for SSH connections over dial-up (doesn't seem necessary, regular SSH works well enough if the connection has no contention)~~
~~Test if multilink or even concurrent connections (via same account) are possible with GlobalPOPs (Yes, can get 78.8k multilink with 2 lines)~~
Determine if we will add a second POTS line at this site to support data needs (depends on actual pricing + maximum possible ISP cost compared to broadband connection). TCO is same as cable Internet, limitations are that sessions have an 8 hour limit. Not moving forward with this.
Test how well RDP works over 31.2/33.6/36k connections - grayscale, 8-bit (note: 8-bit only works on NT <= 6.1 - https://serverfault.com/a/1141642 / https://superuser.com/a/681450)
See if we can get direct-dial connections to the BBS to work somehow. 300/1200/2400 Softmodem connections even to a beefy machine with 8 cores fails, so try real hardware modem on the other end instead
Need to perform bandwidth testing (Cisco switch clients have been tested and completed, but clients not on the Cisco switch still need testing)
LPC10 appears to the most bandwidth-efficient codec and should work over 33k dialup - arrangement has been set up but will need to do some actual testing on 33k to see how well it works in practice (especially with concurrent SSH sessions, etc.)

Migration (com services):

~~Forward or disconnect all 2xxx Centrex extensions so they forward to a 3xxx extension which will route in via the POTS line~~
~~IP phones and ATAs with SIP lines connected to WAN will need to be cut or migrated to LAN~~
~~Schedule TFC calls (cron)~~
Single-ring suppression/delay circuit is needed so the local PBX can answer calls without telephones ringing. Caller ID is not provisioned at this site, so we will use the ring once, hangup, ring again scheme to signal a call for the PBX to answer.
Since email is a good interface for this already, we need the ability from the main to be able to "push" email to the ARTN site, for push notifications and alerts. This could either mean somehow establishing a dial-up connection in the reverse direction temporarily, to allow these emails to be downloaded, or using another reliable transport for SMTP in this case besides TCP/IP. Could use the TAP protocol for this...
~~res_alarmsystem needs to be able to not do reporting for all events, just breaches, as otherwise the phone line would be tied up too much~~
Inbound calls. Calls to numbers that would ring at or forward to the site must be configured to alternate route via CCSA over POTS and pass Caller ID + called number forward. We will also need to figure out how to pass answer supervision back . Can pass DNIS+Calling Number using MF.
~~Outbound calls. Local PBX will need to use CCSA for call routing. Calls previously sent over IP tie trunk to main must be alternate routed via POTS to the main and send ANI + called number forward.~~
- Need ability to transfer calls and make 3-way calls. Also be able to drop current call and make a new one (either directly on remote using * code, or locally, while holding trunk group), for faster setup time / eliminate # of calls
- Currently, there is an out-of-band DTMF carrier issue perturbing certain MFs even when set to inband. Does not appear to be Verizon's fault but rather the Tier 1 carriers by SIP providers - issue persists, but workaround is to fallback from MF to SF signaling if needed, with custom checksums and error correction for both method (see https://rfc.phreaknet.org/rfc8.html)
- Configure local PBX to make long-distance calls out via CCSA via the POTS line (for 8+, but not 9+), and also be able to send forward the ANI of the POTS line, for calls that would normally be made from the POTS line (this will save on toll charges, and we should even get a B attestation for STIR/SHAKEN instead of a C)
- ~~A local ARTN code must provide access to voicemail at the main site~~
- ~~Alarm reporting line needs to be toll-free accessible so it doesn't use message units.~~
- Use A/B/C/D for preemption/priority so POTS line can be seized if needed (e.g. by alarm, for important call, etc.) if voice/data session already active
Separate DISAs must be established at ARTN (e.g. *) and main sites.
- ~~The one at the main should be the primary DISA, and a special code should provide authenticated access to the ARTN DISA without requiring reauthentication (e.g. to check messages left there).~~
- ~~Need ability to transfer calls, make 3-way calls, reoriginate, etc.~~
- MWI should be shared between sites, e.g. a new message at ARTN site should trigger MWI at the main, and vice versa. A message/voicemail left on either system should trigger an email, page, etc.
- Minor Issue: Had to change the out provider from TLS to UDP due to pjsip issues. See if that's fixed with a newer version of Asterisk? Or putz with the configs more.

Migration (net services):

~~Any IP whitelists on the ARTN site need to be eliminated or another method used~~
~~PhreakScript needs to support offline installations (extension to phreaknet source, --offline flag?)~~
~~Cross-site backups using the WAN need to be eliminated (need to save VPS backups outside of the VPS without storing them at ARTN site)~~
~~Split netmon script into ARTN and VPS versions that run independently~~
Depending on whether something originates at the main or at ARTN site, the routing logic must be different, i.e. the same destination address should NOT be used on both sides, since that would imply equal routing behavior
- Any messages sent to pager locally should directly copy the Polycom alerting address and use the TAP application (once written, as in [PHREAKSCRIPT-70]) to dial the pager company and send the page (this way, no Internet connection is needed, and messages can be sent in realtime). Ideally, this would be integrated into the SMTP server to the extent that only when a page is delivered over the POTS line is a 250 OK response sent for DATA. This would allow leveraging native SMTP queuing behavior (with retry logic for these messages only, at least) to ensure reliable delivery of the message if the POTS line is busy, etc.
~~Adjust all cron jobs that send daily email jobs to do so during "mail hour" (~1am-4am)~~
Download all Wikipedia articles (to supplement encyclopedia) - look into https://en.wikipedia.org/wiki/Kiwix
Make Git repos available remotely
Reduce the overall number of emails received, esp. unnecessary ones
~~Migrate external webmail~~
Mail server migrations: [INTERLINKED-12] - in particular, emails with large attachments should be rejected with a notice
- PC1 should be reimaged prior to cutover, after the mail migration (opportune moment) - in particular, with an SSD or RAID-1 of HDDs
- Any high-importance emails (either marked as high importance, destined for pager, etc.) should be delivered immediately instead of waiting in queue for next queue flush
~~Intranet sites with Internet dependencies need to be migrated to the Internet (i.e. grocery price monitor)~~
- ~~For the matter, the grocery price monitor should email its output, rather than simply alerting (this way, the entire service could be rehosted on the WAN side, with no caching)~~
~~Provisioning server must be replaced locally (for IP phones and ATAs). This includes the weather display applet. This requires [~~PHREAKNET-60~~] to be completed first.~~
~~Caching of WAN services, i.e. calendar download, weather, etc. Weather data for the entire day must be downloaded during mail hour. Services using these must point to the cached version.~~
~~[~~INTERLINKED-25~~] - eliminate redundant CSS requests, to reduce bandwidth usage~~
~~Rehost user VMs~~
[INTERLINKED-24] - InterLinked Issues - allow creating and commenting on issues by email and also expose issues via IMAP or NNTP
~~Rehost the downfiles site, on the WAN side instead.~~
- ~~Allow downfiles submissions to be received via SMTP, rather than just by web. This way, we can take advantage of SMTP's offline queuing capabilities.~~
  - ~~e.g. RECIPIENT downfiles@interlinked.us SUBJECT Download Request BODY https://youtube.com/sdfy87sdf87df~~
- Add optimizations to automatically download attachments / linked videos and audio file attachments from curated RSS feeds
- Setup email to fax gateway: http://www.asteriskdocs.org/en/3rd_Edition/asterisk-book-html-chunk/Fax_id265396.html
Apply for a GETS card
~~Use offline TOTP storage service (e.g. locally hosted PHP page)~~

Unsolved problems:

2FA (primarily voice) calls. Can't receive a call while online. Will need to be migrated to a number that can be manipulated out-of-band, i.e. STT email.
~~The inverse also applies, e.g. when calling Verizon for change orders, receiving an email for 2FA will no longer work. Migrate to PIN.~~

Final pre-cutover:

Disable root updates (or cache locally)
- https://learn.microsoft.com/en-us/windows-server/identity/ad-cs/configure-trusted-roots-disallowed-certificates
- https://woshub.com/updating-trusted-root-certificates-in-windows-10/
~~Determine which machine will be used for Internet Connection Sharing and establish scheduled tasks to bring up dial-up connection(s) if needed (using 1 or 2 lines)~~
~~Automatically restart wireguard tunnel when dial-up link is brought up (doesn't seem needed)~~
~~Remove ARTN lines from most queues and ring groups at the main site~~
~~IAX2 trunk registration will need to be cut/disabled (can leave low-bandwidth outbound enabled)~~
Perform measurements at the router of what clients are still accessing the WAN periodically, how much, etc.
~~Backup entire media array and replace RAID-0 array with a RAID-1 array using larger disks~~
- Emails should be stored on main RAID-10, not the system RAID-1
- ~~Switch all IMAP accounts to proxy through BBS if still configured separately~~
Set up local Debian package mirror for frequently used packages
Download entire Evan Doorbell FLAC collection, any media backlog
Record a week of Flower Power Radio and set up a local MP3 streaming server that can provide this stream. Also export songs listing locally.
Be able to decode FM subcarrier for song names: https://github.com/bastibl/gr-rds
Sync clocks

Post-cutover, will not be possible:

Operator working sessions
ASL repeater operation

Comments

You must be logged in to leave a comment.