Dialogic PowerVille LB Load Balancer for Real-Time Communications

Size: px
Start display at page:

Download "Dialogic PowerVille LB Load Balancer for Real-Time Communications"

Transcription

1 Dialogic PowerVille LB Load Balancer for Real-Time Communications Installation and Operations Guide December 2016 Rev 2.1

2 Copyright and Legal Notice Copyright 2016 Dialogic Corporation. All Rights Reserved. You may not reproduce this document in whole or in part without permission in writing from Dialogic Corporation at the address provided below. All contents of this document are furnished for informational use only and are subject to change without notice and do not represent a commitment on the part of Dialogic Corporation and its affiliates or subsidiaries ("Dialogic"). Reasonable effort is made to ensure the accuracy of the information contained in the document. However, Dialogic does not warrant the accuracy of this information and cannot accept responsibility for errors, inaccuracies or omissions that may be contained in this document. INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH DIALOGIC PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY RIGHTS IS GRANTED BY THIS DOCUMENT. EXCEPT AS PROVIDED IN A SIGNED AGREEMENT BETWEEN YOU AND DIALOGIC, DIALOGIC ASSUMES NO LIABILITY WHATSOEVER, AND DIALOGIC DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY, RELATING TO SALE AND/OR USE OF DIALOGIC PRODUCTS INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY INTELLECTUAL PROPERTY RIGHT OF A THIRD PARTY. Dialogic products are not intended for use in certain safety-affecting situations. Please see for more details. Due to differing national regulations and approval requirements, certain Dialogic products may be suitable for use only in specific countries, and thus may not function properly in other countries. You are responsible for ensuring that your use of such products occurs only in the countries where such use is suitable. For information on specific products, contact Dialogic Corporation at the address indicated below or on the web at It is possible that the use or implementation of any one of the concepts, applications, or ideas described in this document, in marketing collateral produced by or on web pages maintained by Dialogic may infringe one or more patents or other intellectual property rights owned by third parties. Dialogic does not provide any intellectual property licenses with the sale of Dialogic products other than a license to use such product in accordance with intellectual property owned or validly licensed by Dialogic and no such licenses are provided except pursuant to a signed agreement with Dialogic. More detailed information about such intellectual property is available from Dialogic's legal department at 3300 Boulevard de la Côte-Vertu, Suite 112, Montreal, Quebec, Canada H4R 1P8. Dialogic encourages all users of its products to procure all necessary intellectual property licenses required to implement any concepts or applications and does not condone or encourage any intellectual property infringement and disclaims any responsibility related thereto. These intellectual property licenses may differ from country to country and it is the responsibility of those who develop the concepts or applications to be aware of and comply with different national license requirements. Dialogic, Dialogic Pro, Dialogic Blue, Veraz, Brooktrout, Diva, BorderNet, PowerMedia, PowerVille, PowerNova, MSaaS, ControlSwitch, I-Gate, Mobile Experience Matters, Network Fuel, Video is the New Voice, Making Innovation Thrive, Diastar, Cantata, TruFax, SwitchKit, Eiconcard, NMS Communications, SIPcontrol, Exnet, EXS, Vision, incloud9, NaturalAccess and Shiva, among others as well as related logos, are either registered trademarks or trademarks of Dialogic Corporation and its affiliates or subsidiaries. Dialogic's trademarks may be used publicly only with permission from Dialogic. Such permission may only be granted by Dialogic's legal department at 3300 Boulevard de la Côte-Vertu, Suite 112, Montreal, Quebec, Canada H4R 1P8. Any authorized use of Dialogic's trademarks will be subject to full respect of the trademark guidelines published by Dialogic from time to time and any use of Dialogic's trademarks requires proper acknowledgement. The names of actual companies and products mentioned herein are the trademarks of their respective owners. This document discusses one or more open source products, systems and/or releases. Dialogic is not responsible for your decision to use open source in connection with Dialogic products (including without limitation those referred to herein), nor is Dialogic responsible for any present or future effects such usage might have, including without limitation effects on your products, your business, or your intellectual property rights. 2

3 Table of Contents 1. Welcome... 7 Related Information PowerVille LB Installation... 8 System Requirements... 8 Disable SELinux... 8 Disable the Firewall Service... 9 CentOS CentOS 6 and Oracle Linux... 9 Software Installation... 9 Command Line Installation... 9 Graphical Environment Installation Software Updates and Uninstallation CentOS CentOS 6 and Oracle Linux PowerVille LB Console PowerVille LB Configuration Dashboard Services Add Service Prerequisites Add Service Service Configuration Configuration High Availability SNMP VIP Status Provisioning Service Node Service VIP Interfaces Security Profiles Add a Trusted Certificate Add a Server Certificate User Administration Add a User Change a User User Roles User Policies PowerVille LB Operations Enabling HTTPS with Jetty Connectivity Checks Overriding a Default Connectivity Check Script Implementing a Connectivity Check Script SNMP Traps List of Standard MIBs List of Standard Traps Enterprise (Proprietary) MIBs

4 MGCP Service Message Flows Provisioning Support High Availability and Service Continuity PowerVille LB Troubleshooting Resolve the Hostname

5 Revision History Revision Release Date Notes 2.1 December 2016 Updates to support PowerVille LB System Requirements: Added a command and note for UDP. 2.0 November 2016 Updates to support PowerVille LB System Requirements: Updated the Ethernet requirement. Software Installation: Updated the Command Line Installation and Graphical Environment Installation sections. Services: Updated the Add Service section. Updated the configuration options and added the Nodes and Node Settings sections to Service Configuration. Configuration: Updated section. VIP Status: Updated section. Service VIP: Updated section. Connectivity Checks: Updated section. MGCP Service: Added section. 1.6 September 2016 System Requirements: Updated the operating system requirements because the same version of CentOS must be used for each PowerVille LB in an HA pair. Security Profiles: Added a link to the procedure for creating self-signed certificates and keys. 1.5 July 2016 Updates to support PowerVille LB PowerVille LB Installation: Added Java 8 to the System Requirements, removed the netcat workaround in the Software Installation, and updated the Software Updates and Uninstallation section. 1.4 June 2016 Global Change: Renamed this document from Installation and Configuration Guide to Installation and Operations Guide. Services: Added information regarding stateful and stateless services. SNMP Traps: Added section. 5

6 Revision Release Date Notes 1.3 May 2016 System Requirements: Removed Java 8. Services: Added information about stateful and stateless services. Configuration: Updated section. High Availability: Updated section. 1.2 April 2016 System Requirements: Updated section. Disable the Firewall Service: Added section. Software Installation: Updated section. Software Updates and Uninstallation: Added section. Services: Updated section. Resolve the Hostname: Updated section. 1.1 March 2016 Resolve the Hostname: Added section. Connectivity Checks: Added section. 1.0 January 2016 Initial release of this document. Last modified: December 2016 Refer to for product updates and for information about support policies, warranty information, and service offerings. 6

7 1. Welcome This Installation and Operations Guide provides information about installing and operating the Dialogic PowerVille LB Load Balancer for Real-Time Communications (also referred to herein as "PowerVille LB"). Related Information See the following for additional information: PowerVille LB documentation at 7

8 2. PowerVille LB Installation System Requirements The system requirements are as follows. Component Operating System Processor Ethernet Memory Storage Software UDP Requirement Note: 32-bit operating systems are not supported. Community ENTerprise Operating System (CentOS) 7.1 and 6.4 Oracle Linux 6.4 Note: The same version of CentOS must be used for each PowerVille LB in a high availability (HA) pair. Intel Dual 56xx or greater Up to Base-TX (RJ-45) 8 GB RAM minimum 60 GB HDD minimum Install the latest update of Java Runtime Environment (JRE) version 8 (.rpm) on the target installation machine. As of June 2016, obtain the latest Oracle JRE 8 update at the following location: javase/downloads/jre8-downloads html. Note: The JRE is not required if the latest Oracle Java Development Kit (JDK) version 8 is installed. For UDP transport, the following command needs to be applied to master and slave nodes: iptables -I OUTPUT -t raw -p udp -j CT --notrack Note: This command will not persist on reboot and must be reapplied. Disable SELinux SELinux is not currently supported and must be disabled. To disable SELinux, proceed with the following: 1. Edit the /etc/selinux/config file as a root user. 2. Find the line with the key SELINUX= and replace the value after the equals sign with disabled. 3. Save the file and reboot the operating system. 8

9 Disable the Firewall Service The CentOS and Oracle Linux firewall services are currently not supported and must be disabled. The procedure to disable the firewall service differs between CentOS 7 and CentOS 6 and Oracle Linux. CentOS 7 To disable the firewall service for CentOS 7, perform the following procedure: 1. Stop the firewall service: systemctl stop firewalld 2. Disable the firewall service: systemctl disable firewalld CentOS 6 and Oracle Linux To disable the firewall service for CentOS 6 or Oracle Linux, perform the following procedure: 1. Stop the firewall service: service iptables stop 2. Disable the firewall service: chkconfig iptables off Software Installation After reviewing the system requirements, disabling SELinux, and disabling the firewall service, install the PowerVille LB. There are two methods to install the PowerVille LB depending on the available capabilities of the environment: Command Line Installation Graphical Environment Installation Command Line Installation To install the PowerVille LB using the command line, perform the following procedure: 1. Run the following command to execute the installer file: java -jar dialogic-lb-installer-<version>.jar -console Note: Alter the command as necessary to match the version and path of the Java executable. 2. Install the required packages if prompted using the yum install command followed by the packages. Refer to the following example. yum install nc yum install net-tools yum install nmap After the required packages have been installed, execute the installer file again. Proceed to the next step if no additional packages are required. 9

10 3. Enter the following information or use the default value by pressing Enter, and then press 1 to continue. Enter the location of the Java install (JRE or JDK) that will be used to run the PowerVille LB (e.g., /user/bin/java). Enter the management IP address that will be used for management traffic. Enter the multicast base address if you want to use an explicit address for multicast traffic. For normal installations, use the default address ( ). Note: The multicast base address must be the same address for master and slave nodes in a high availability (HA) pair, but different for every PowerVille LB installation. Enter a unique label to identify the PowerVille LB cluster pair (must be the same on the PowerVille LB slave). 4. Select the target path or press Enter to accept the default, and then press 1 to continue. 5. Press 1 to create a new installation of the Jetty web server or press 2 if you have an existing Jetty web server. Press 1 if you do not know if Jetty has been previously installed. If prompted, enter the installation location of the Jetty web server or press Enter to accept the default. 6. Select the packs that you want to install, and then press 1 to continue. When the installation process is complete, the installation details will be displayed. The following example is from the command line installation. $ java -jar dialogic-lb-installer jar -console Please enter the location of your Java JRE install that will be used to run the Load Balancer [/usr/bin/java] The list of available IP Addresses are as follows: Please enter your IP Address that the Load Balancer will use for management traffic. [ ] Please enter a Multicast Base Address [default: ]: Please enter a unique label to identify this loadbalancer cluster pair (must be the same on the slave LB) lb-cluster-101 press 1 to accept, 2 to reject, 3 to redisplay 1 Select target path [/opt/nst-loadbalancer] press 1 to continue, 2 to quit, 3 to redisplay 1 * Press 1 if you would like to create a new installation of the Jetty web server * Press 2 if you would like to install the Load Balancer Admin UI within an existing Jetty instance 1 10

11 Please enter a path where you would like to install the jetty web server [default: /opt/nstloadbalancer] : Select the packs you want to install: [<required>] LB (The Load Balancer base Installation files)...pack selection done. press 1 to continue, 2 to quit, 3 to redisplay 1 [ Starting to unpack ] [ Processing package: LB (1/1) ] [ Unpacking finished ] Install of the Load Balancer successfully complete. The Load Balancer has been installed at the following location - /opt/nst-loadbalancer You can now view the web admin ui at the following URL: Login details are as follows Username : root Password : admin [ Console installation done ] 11

12 Graphical Environment Installation To install the PowerVille LB using the graphical environment, perform the following procedure: 1. Run the following command to execute the installer file: java -jar dialogic-lb-installer-<version>.jar Note: Alter the command as necessary to match the version and path of the Java executable. 2. If prompted, install the required packages using the yum install command. Refer to the following example. yum install nc yum install net-tools yum install nmap After the required packages have been installed, execute the installer file again. Click Next to proceed to the next step if no additional packages are required. 3. Enter the following information or use the default value, and then click Next: Enter the location of the Java install (JRE or JDK) that will be used to run the PowerVille LB (e.g., /usr/bin/java). Enter the IP address that will be used for management traffic. Enter the multicast base address if you want to use an explicit address for multicast traffic. For normal installations, use the default address ( ). Note: The multicast base address must be the same address for master and slave nodes in a high availability (HA) pair, but different for every PowerVille LB installation. Enter a unique label to identify the PowerVille LB cluster pair (must be the same on the PowerVille LB slave). 12

13 4. Review the license agreement if populated, accept the terms, and then click Next. 13

14 5. Select the installation path, and then click Next. 6. Set the Jetty web server preferences, and then click Next: Select new Jetty install location - Choose this option if there is not a Jetty instance on the server already. If you do not know if Jetty has been previously installed, select this option. Select existing Jetty installation - Choose this option if there is a Jetty instance on the server already. 14

15 7. Select the pack to install. Choose the PowerVille LB as the base installation. Note: Grayed packs are required. 8. When the installation process is complete, click Next to view the installation details. 15

16 Software Updates and Uninstallation To update the PowerVille LB software, the existing PowerVille LB software must be uninstalled and the new software must be installed following the PowerVille LB Installation procedure. Refer to the following procedures to uninstall the PowerVille LB. Important: Prior to uninstalling the existing PowerVille LB software, capture the existing configuration settings (e.g., via screen dumps). The configuration settings need to be reapplied after the new PowerVille LB software has been installed. Note: If the PowerVille LB console WAR file is installed on an existing Jetty instance (as opposed to being installed on the Jetty that is part of the PowerVille LB installation), the uninstall script will not remove the PowerVille LB console WAR file from the existing Jetty install. CentOS 7 Perform the following procedure to uninstall the PowerVille LB if using CentOS 7: 1. Stop all services: systemctl stop nst-loadbalancer; systemctl stop nst-vip-manager; systemctl stop jetty 2. Remove all start scripts and configuration files: \rm /etc/systemd/system/nst-loadbalancer.service /etc/systemd/system/nst-vipmanager.service /etc/systemd/system/jetty.service /etc/sysconfig/nstloadbalancer.properties /etc/sysconfig/nst-vip-manager.properties 3. Remove the PowerVille LB directory: \rm -rf /opt/nst-loadbalancer Note: If the PowerVille LB installation directory does not reside in the /opt/nst-loadbalancer directory, replace "/opt/nst-loadbalancer" with the correct directory. CentOS 6 and Oracle Linux Perform the following procedure to uninstall the PowerVille LB if using CentOS 6 or Oracle Linux: 1. Stop all services: service nst-loadbalancer stop; service nst-vip-manager stop; service jetty stop 2. Remove all start scripts and configuration files: \rm /etc/init.d/nst-loadbalancer /etc/init.d/nst-vip-manager /etc/init.d/jetty /etc/sysconfig/nst-loadbalancer.properties /etc/sysconfig/nst-vip-manager.properties 3. Remove the PowerVille LB directory: \rm -rf /opt/nst-loadbalancer Note: If the PowerVille LB installation directory does not reside in the /opt/nst-loadbalancer directory, replace "/opt/nst-loadbalancer" with the correct directory. 16

17 3. PowerVille LB Console The PowerVille LB console is a web-based graphical user interface (WebGUI) used to manage the PowerVille LB. HTTPS is not enabled by default on the PowerVille LB console. For details on setting up HTTPS, refer to Enabling HTTPS with Jetty. Proceed as follows to log in to the PowerVille LB console. 1. Launch the PowerVille LB Login page in a web browser using one of the following URLs: or for secure connection. Note: If the error message "Lost connection to LB on localhost:5101" is displayed when attempting to log in, refer to Resolve the Hostname. 2. When logging in to the PowerVille LB console for the first time, enter root in the Username field and admin in the Password field. Once logged in to the PowerVille LB console, it is possible to add different users by going to the User Administration page if desired. 3. Click Login. The PowerVille LB console opens and the Dashboard page appears. The status of the PowerVille LB is shown in the Status field using a traffic light system. A green status indicates that the node is running and functional. A red status indicates that the node is not running or is in an error state and is subsequently unavailable. For more information on the Dashboard page, refer to Dashboard. 4. To make changes to the PowerVille LB console, click Unlock Config and proceed to PowerVille LB Configuration. 17

18 4. PowerVille LB Configuration PowerVille LB configuration is done using the PowerVille LB console. Note: It is required to disable the firewall on your system. The side-bar menu of the console contains hyperlinks to each of the configuration pages. Dashboard Services Configuration o High Availability o SNMP VIP Status Provisioning o Service Node o Service VIP o Interfaces Security Profiles User Administration o User Roles o User Policies 18

19 Dashboard When logging in to the PowerVille LB console, the Dashboard page is displayed. On this page, PowerVille LB operation can be verified. The status of the PowerVille LB is shown in the Status field using a traffic light system. A green status indicates that the node is running and functional. A red status indicates that the node is not running or is in an error state and is subsequently unavailable. Services The Services page allows for setting up PowerVille LB services. 19

20 Click Add Service to add a service. Add Service Prerequisites Before adding a service, it is necessary to do the following: Configure at least one service node. Refer to Service Node. Configure at least one service VIP. Refer to Service VIP. Configure at least one interface. Refer to Interfaces. Configure at least one security profile in order to create TLS services (e.g., a security profile is required if configuring secure services such as HTTPS). Refer to Security Profiles. Add Service When a PowerVille LB service is added, a default script is used for connectivity checks. For details to override the default script or implement a new connectivity check script, refer to Connectivity Checks. 20

21 The configuration options are as follows. Item Name Type Description The name to identify the PowerVille LB service. The transport protocol for the PowerVille LB service. SIP HTTP HTTP (Stateless) HTTPS Generic-TCP MGCP-SIP Selecting the appropriate service type for a deployment is important, and it is advisable to consult with Dialogic should there be any doubts in the choice. When deploying HTTP, choose an HTTP (Stateless) service unless advanced features such as request affinity or TLS offloading are required. The affinity mechanisms currently included in the HTTP service are either Cookie Insert or Source Address, which allows requests to be grouped to the same HTTP backend server. Using HTTPS allows for security offloading and re-encryption. SIP can be set up to run over the WebSockets protocol with or without encryption. For more details, refer to Port Configuration section. The MGCP-SIP transport protocol option provides MGCP to SIP/MSML internetworking. This MGCP Service converts MGCP protocol commands to SIP/MSML signaling. The MGCP Service supports a subset of the MGCP protocol and initially developed to support a very specific set of scenarios and use cases. For more details, refer to MGCP Service section. Click Cancel to abort the operation. Click Next to go to the next page. 21

22 Service Configuration The LB Service Configuration page allows for PowerVille LB service configuration. The configuration options vary depending on the parameter selected in the Type field of the Add LB Service page. Refer to the following examples. The following configuration options are available depending on the selected service type. Item Service Name Type Description The name to identify the PowerVille LB service. The service type/protocol. General Inbound VIP Bind Address Outbound VIP Bind Address Service Port The A side VIP address. The B side VIP address. The port for the PowerVille LB service. Ports 1 to 1024 cannot be used because the user roles do not have privileges. 22

23 Item Algorithm Max Java Heap Size (MB) Description The type of algorithm the PowerVille LB service should use. Round Robin - Either node will service the request. Priority - The same node will always service the request unless the node is down. The request will always go to the first node listed on the LB Service Configuration page. Adjust the priority using the arrows. Prioritized Round Robin - This is a combination of both the Priority and Round Robin algorithms. When this algorithm is enabled, the first entry in the services list of nodes takes priority and all traffic will be directed to this node. Should the node fail or be taken out of service, then the remaining entries in the list will be used in a Round Robin fashion. The maximum Java heap size (i.e., the amount of space allocated for Java program memory) for the PowerVille LB service. Logging Enable Detailed Logging Enable Stack Logging Enable SIP Message Logging Allows the user to turn on and off detailed logging. Allows the user to turn on and off full logging output to the log files. This option should only be enabled under the guidance of Dialogic Support. Allows the user to turn on and off SIP message logging output to the log files. TLS Configuration Encrypt A-side A checkbox that enables all messages egressing A-side (following B- side initial request) will be encrypted. This is used in conjunction with the configured Security Profile, which must be configured. Refer to Security Profiles for more information. Encrypt B-side A checkbox that enables all messages egressing B-side (following A- side initial request) will be encrypted. This is used in conjunction with the configured Security Profile, which must be configured. Refer to Security Profiles for more information. 23

24 Item SSL Type Security Profile Description The type of SSL encryption to use. Off Load - Encrypted incoming message to the PowerVille LB over TLS and unencrypted outgoing messages to the PowerVille LB node over TCP. Re-Encryption - Encrypted incoming message to the PowerVille LB over TLS and encrypted outgoing messages to a PowerVille LB node over TLS. Allows the user to select a security profile to use for encrypted/secure interactions between the PowerVille LB and the server. Refer to Security Profiles for more information. Port Configuration SIP (non-tls) SIP (TLS) WS-SIP WSS-SIP A checkbox that enables the port on which the SIP service listens for unencrypted SIP messages. A checkbox that enables the port on which the SIP service listens for encrypted SIP messages. This is used in conjunction with the configured Security Profile, which must be configured before this port can be used. Refer to Security Profiles for more information. A checkbox that enables the port on which the SIP service listens for unencrypted WebSocket SIP commands. A checkbox that enables the port on which the SIP service listens for encrypted WebSocket SIP commands. This is used in conjunction with the configured Security Profile, which must be configured before this port can be used. Refer to Security Profiles for more information. SIP Configuration Routing Option The outgoing requests can either push a SIP route or rewrite the R-URI for the next hop. Rewrite R-URI - When this option is set, the PowerVille LB rewrites the request URI of the message that is sent into the PowerVille LB with the address and port of the node that the PowerVille LB is going to send the message to. In this mode, the PowerVille LB will not insert a "Route" header. Push Route - When this option is set, the LB inserts a "Route" header (containing the node address and port) into the outgoing SIP message and forwards the request onto the node behind the PowerVille LB maintaining the original request URI. 24

25 Item Enable SIP Dialog Aware Enable Recursion on 3xx Responses Description Allows requests to be load balanced per transaction rather than on a per SIP dialog basis. Allows recursion on receiving a SIP 3xx response to an INVITE request. HTTP Configuration Session Affinity Session Affinity Timeout (s) Allows the user to choose how requests are routed to the node (sticky sessions). Disabled - There is no session affinity and a request could be sent to either node on entering the PowerVille LB. Cookie - A request based on a key/data is stored on a client's web browser to ensure requests are sent to a specific node/server behind the PowerVille LB. Source Address - The IP address of the incoming request is used as a key to send a request to a specific node/server behind the PowerVille LB. The amount of time in seconds before the session affinity is timed out. MGCP Configuration SIP Port SIP Transport Notified Entity First Request Timeout (sec) Inter Request Timeout (sec) The local bind port for SIP. The combination of the "Outbound VIP Bind Address" and the "SIP Port" define the outbound address for SIP signaling. The default transport for the outbound SIP signaling. It is recommended that TCP is used. TCP - The transmission control protocol. UDP - The user datagram protocol. The address of the MGCP Call Agent to which the MGCP Service will send NTFY and DLCX commands. This is optional. When empty, the address of the notified entity will be determined according to the rules defined in the MGCP RFC The elapsed time after receiving a CRCX command, that the connection will be deleted if a RQNT command is not received. The elapsed time after the MGCP Service has completed all of its NTFY messaging associated with an RQNT, that the connection will be deleted if another RQNT command is not received. 25

26 Click Back to return to the previous page. Click Cancel to abort the operation. Click Next to go to the next page. Once the service is saved, the bottom of the page is populated with the buttons shown in the previous image. Click Back to return to the previous page. Click Edit to change the service. Click Delete to remove the service. Click Restart to restart the service. Click Stop to stop the service. Click Start to start the service. Click Save to save the configuration settings. 26

27 Nodes The Nodes page allows for Nodes configuration. It contains the end-point nodes that are used to terminate and fulfill requests made to the SIP service. Click Add to add a node. Click Save to save the configuration settings. Click Cancel to abort the operation. A node can be removed by clicking Remove. A node can be gracefully taken out of service and not process any traffic by clicking Take Offline. Any existing calls will be completed before a node is taken fully offline. The configuration options are as follows. Item Protocol Address Port Description The protocol for the service. The service endpoint IP address. The port for the service. Click Cancel to abort the operation. Click Add to add the node. Node Settings The Node Settings page allows for Service Node configuration. 27

28 The configuration options are as follows. Item Polling Time (ms) Dead Node Polling Time (ms) Description The duration (ms) between polling a node to see if it is still alive (minimum 500, maximum ). The duration (ms) between polling a dead node to see if it is still alive (minimum 500, maximum ). Click Cancel to abort the operation. Click Save to save the configuration settings. Configuration The Configuration page allows for PowerVille LB configuration. The configuration options are as follows. Item IP Address JMX Bind Address Enable Detailed Logging Description The address used as the bind address from which SNMP traps are sent and also used by the underlying PowerVille LB services to replicate data. This IP address must match the IP address that was entered during installation in the "Please enter your IP Address that the Load Balancer will use for management traffic" field. The address that the PowerVille LB binds to so that it can replicate internal data and configuration. The field is read only and is set on installation via the management IP address. A check box that enables or disables detailed logging. Note: The IP Address and the JMX Bind Address must be configured on the same network interface as the Slave IP Address, which is configured on the High Availability page. Click Cancel to abort the operation. Click Save to save the configuration settings. Click Restart to restart the PowerVille LB. Click Shutdown to shut down the PowerVille LB. 28

29 High Availability The High Availability page allows for high availability (HA) configuration. The configuration options are as follows. Item Enable HA Slave IP Address Slave JMX Port Description A check box that enables or disables HA. A restart is required for this option. The JMX bind address for the slave PowerVille LB. Note: The Slave IP Address must be configured on the same network interface as the IP Address and JMX Bind Address, which are configured on the Configuration page. The JMX port of the paired bootstrap. Click Cancel to abort the operation. Click Save to save the configuration settings. Click Restart Slave to restart the slave PowerVille LB. Click Shutdown Slave to shut down the slave PowerVille LB. 29

30 SNMP The SNMP page allows for SNMP-related configuration. Refer to SNMP Traps for details on the PowerVille LB SNMP traps. The configuration options are as follows. Item Enabled Destination hostname Destination port Additional Destination hostname Additional Destination port SNMP Community Name Java class name for notifications Description A check box that enables or disables notifications. The host to send SNMP traps. The port to send SNMP traps. An additional location that can optionally be provisioned to send SNMP traps. An additional port associated with the Additional Destination hostname field to send SNMP traps. The community name for SNMP notifications. Allows custom notifications to be sent. The field contains the Java class name to be used instead of the default SNMP traps. Click Save to save the configuration settings. Click Cancel to abort the operation. 30

31 VIP Status The VIP Status page provides the current state of the VIP Manager process. The page also contains up-to-date information regarding the VIPs managed by the PowerVille LB. The page lists each VIP, the IP address of the node currently serving the VIP, and the number of nodes where the VIP may be hosted. If the VIP Manager is not running as expected, click Restart VIP Manager to restart the VIP Manager. This may resolve issues. If restarting the VIP Manager on a traffic master node, the traffic master node will no longer be the traffic master. Provisioning The Provisioning page provides options to provision service nodes, service VIPs, and interfaces. Service Node Service VIP Interfaces Service Node The Service Node page provides options to provision service nodes. A service node is a server or application (e.g., a Dialogic PowerMedia XMS system or an HTTP server) that the PowerVille LB sends traffic to. Click Add to add the node. 31

32 The configuration options are as follows. Item Address Description The service endpoint IP address. Click Add to add the address. Click Cancel to abort the operation. Service VIP The Service VIP page provides options to provision service VIPs. A service VIP is a floating IP address that can be passed between two highly available (HA) PowerVille LB nodes in case one node fails. When a node goes down, the second node takes control of the floating IP address so that all traffic will continue. The service VIP must be on the same subnet as the interface. Click Add to add the VIP. The configuration options are as follows. Item Address Interface Name Description The virtual IP (VIP) address. The network interface name for the service (i.e., eth0). Click Add to add the address. Click Cancel to abort the operation. 32

33 Interfaces The Interfaces page provides options to provision network interfaces. Click Add to add the interface. The configuration options are as follows. Item Interface Description The network interface name for the service (i.e., eth0). Click Add to add the address. Click Cancel to abort the operation. Security Profiles The Security Profiles page enables the PowerVille LB to be configured for secure protocol communication, such as Transport Layer Security (TLS), over transports such as SIP. Security profiles are only relevant to TLS connections. Note: For secure services such as HTTPS, a security profile is required. To create selfsigned certificates and keys, refer to the "PowerVille LB Configuration: Configure the PowerVille LB Services" section of the Dialogic PowerVille LB Load Balancer for Real- Time Communications Quick Start Guide. This page displays the current set of security profiles that are configured for the PowerVille LB. To remove a security profile, click Remove. To edit a security profile, click Edit. To add a security profile, click Add. The Add button allows a new security profile to be created. When the Add button is clicked, the Security Profile page appears. 33

34 The Security Profile page allows both trusted and server certificates to be added to the profile. The following describes the purpose of a server certificate in comparison with a trusted certificate: Server certificate (mandatory one per security profile). This certificate has two roles: o o Identifies the PowerVille LB to a client. Sets up the encrypted connection between a client and the PowerVille LB. Trusted certificate (a security profile can have 0 to n). A security profile only requires a trusted certificate to be added if the security profile encryption mode is set as re-encrypt. When re-encryption mode is used, the connection between the PowerVille LB and service node is encrypted as well as the connection between client and PowerVille LB. The trusted certificate is used in the setup of the encrypted connection between PowerVille LB and the service node to ensure the PowerVille LB trusts the service node to be what it claims to be. Note: A security profile requires exactly one server certificate entry but can have 0 to n trust certificates configured. The existing certificates that have been assigned to the security profile are listed under the "Trusted Certificates" and "Server Certificates" column headers. The configuration options are as follows. Item Remove Add Certificate Description The Remove button causes the appropriate certificate to be deleted from the profile. The Add Certificate button causes the appropriate certificate to be added to the profile. For more information, refer to Add a Trusted Certificate and Add a Server Certificate sections that follow. When finished making changes to the Security Profiles page, click Save to save the configuration settings. If invalid data is provided, an error message appears. If this occurs, validate the data and click Save again. Click Cancel to abort the operation. 34

35 Add a Trusted Certificate To add a client certificate, click the Add Certificate button and enter a valid alias on the Add Trusted Certificate page. Click Browse to find and select the appropriate certificate file (locally stored). This is the SSL certificate file (X.509) for a secure connection to any nodes (required for SSL re-encryption mode). When the alias and certificate file have been added, click Add to add the certificate or Cancel to return to the previous page. Add a Server Certificate To add a server certificate, click the Add Certificate button and enter a valid alias on the Add Server Certificate page. Click Browse to find and select the appropriate certificate file (stored locally). This is the signed certificate containing the public key, which is sent to the client when an SSL connection is made. Click Browse to find and select the appropriate private key file (stored locally). This is the complementary private key used for encryption when an SSL connection is made. This must be a DER file in PKCS8 format. When the alias and the files have been added, click Add to add the certificate or Cancel to return to the previous page. User Administration The User Administration page allows users of the PowerVille LB to be provisioned and managed. An administrator can create additional users by clicking the Add User button. An existing user can be deleted by clicking the Delete hyperlink and edited by clicking the Change hyperlink. 35

36 Add a User The Add User page allows users of the PowerVille LB to be provisioned and the user role to be set. To successfully create a user, all of the fields must be populated. The administrator must then click the Add user button. Clicking the Cancel button aborts the addition of a new user to the PowerVille LB. Change a User The Change User page provides identical user manipulation options as provided by the Add User page. Click Update when the changes have been made. 36

37 User Roles The User Roles page allows user roles for the PowerVille LB to be added, edited, and deleted. To make changes to the user roles, Add Role, Edit, or Delete must be selected. An administrator can create additional user roles by clicking the Add Role button, adjusting the settings, and then clicking the Save hyperlink. The "Super user" role and the "Low privileges" role cannot be edited or deleted. Excluding the "Super user" role and the "Low privileges" role, an existing user role can be edited by clicking the Edit hyperlink, making the changes, and then clicking the Save hyperlink. Selecting User allows the role to add and remove users. Selecting LB allows the role to have full access. Excluding the "Super user" role and the "Low privileges" role, an existing user can be deleted using the Delete hyperlink. User Policies The User Policies page allows user policies for the PowerVille LB to be edited. The configuration options are as follows. Item User idle time before logout Minimum password length Description The given time period of inactivity in seconds before the user is automatically logged out of the PowerVille LB console. The minimum length of the user s password. To change the User idle time before logout and the Minimum password length fields, click Update, make the changes, and then click Save to save the changes. 37

38 5. PowerVille LB Operations Enabling HTTPS with Jetty Proceed as follows to configure Jetty to enable a secure connection. If an existing private key or company certificate is being used, skip steps 1 and 2 as necessary. 1. Create a private key using the following command and entering a pass phrase in the output: $ openssl genrsa -des3 -out mycompany.key Sample Output Generating RSA private key, 2048 bit long modulus e is (0x10001) Enter pass phrase for mycompany.key: [pwjetty123] Verifying - Enter pass phrase for mycompany.key: [pwjetty123] This creates the private key file mycompany.key. Verify the private key using the following command: $ openssl rsa -in mycompany.key -check Sample Output Enter pass phrase for mycompany.key: [pwjetty123] RSA key ok writing RSA key -----BEGIN RSA PRIVATE KEY----- MIIEogIBAAKCAQEAr653O+uwL0Ohoq8OQFadub9MMi1qak2tDhI9k25N5iZgElkL : : R1dsDTpOMqikPFbT1aw98mNTcSMFiOiUcg07AEswqYfuuc8iR44= -----END RSA PRIVATE KEY Create a certificate using the private key that was just created and enter the applicable information: $ openssl req -new -x509 -key mycompany.key -out mycompany.crt Sample Output Enter pass phrase for mycompany.key: [pwjetty123] You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank

39 Country Name (2 letter code) [AU]:UK State or Province Name (full name) [Some-State]:myState Locality Name (eg, city) []:mytown Organization Name (eg, company) [Internet Widgits Pty Ltd]:myCompany Organizational Unit Name (eg, section) []:Engineering Common Name (eg, server FQDN or YOUR name) []:myserver.com Address This creates the certificate file mycompany.crt. Verify the certificate using the following command: $ openssl x509 -in mycompany.crt -text -noout Sample Output Certificate: Data: Version: 3 (0x2) Serial Number: (0xf4ccf7b0ff67713b) Signature Algorithm: sha256withrsaencryption Issuer: C=UK, ST=myState, L=myTown, O=myCompany, OU=Engineering, CN=myServer.com/ Address=me@company.com Validity Not Before: Sep 2 07:18: GMT Not After : Oct 2 07:18: GMT Subject: C=UK, ST=myState, L=myTown, O=myCompany, OU=Engineering, CN=myServer.com/ Address=me@company.com Subject Public Key Info: Public Key Algorithm: rsaencryption Public-Key: (2048 bit) Modulus: 00:af:ae:77:3b:eb:b0:2f:43:a1:a2:af:0e:40:56: : : 57:38:3a:84:c4:0d:24:3b:2c:8f:e1:c3:b5:56:0a: fe:23 Exponent: (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:09:70:E1:9A:99:A6:DE:90:CB:AF:70:6E:D4:A9:74:68:71:11:C1 X509v3 Authority Key Identifier: keyid:39:09:70:e1:9a:99:a6:de:90:cb:af:70:6e:d4:a9:74:68:71:11:c1 X509v3 Basic Constraints: CA:TRUE Signature Algorithm: sha256withrsaencryption 7a:d9:c5:c4:3a:93:77:35:b9:de:57:96:c5:36:fa:26:ab:63: : : 6b:b4:de:06:1a:65:c8:36:9a:85:7a:83:79:04:ee:9f:f3:89: c9:83:23:e0 39

40 3. Add the certificate to the keystore using the following command and enter the applicable information: $ keytool -keystore mycompany-jetty.jks -import -alias mycompany -file mycompany.crt - trustcacerts Sample Output Enter keystore password: [pwjetty123] Re-enter new password: [pwjetty123] Owner: ADDRESS=me@company.com, CN=myServer.com, OU=Engineering, O=myCompany, L=myTown, ST=myState, C=UK Issuer: ADDRESS=me@company.com, CN=myServer.com, OU=Engineering, O=myCompany, L=myTown, ST=myState, C=UK Serial number: f4ccf7b0ff67713b Valid from: Wed Sep 02 08:18:47 BST 2015 until: Fri Oct 02 08:18:47 BST 2015 Certificate fingerprints: MD5: 66:D1:81:98:12:05:CC:7C:7C:9B:1E:2F:44:1F:9D:29 SHA1: CF:E8:39:E0:E7:7F:B0:96:CE:80:72:7E:4B:C0:4A:2B:D2:DB:94:DA SHA256: A0:34:77:FA:67:0D:54:AC:14:6D:EF:98:6C:A7:AB:1C:01:7A:99:6D:08:85:B1:3E:8D:02:6E:28:65:39 :74:31 Signature algorithm name: SHA256withRSA Version: 3 Extensions: #1: ObjectId: Criticality=false AuthorityKeyIdentifier [ KeyIdentifier [ 0000: E1 9A 99 A6 DE 90 CB AF 70 6E D4 A p...pn..t 0010: C1 hq.. ] ] #2: ObjectId: Criticality=false BasicConstraints:[ CA:true PathLen: ] #3: ObjectId: Criticality=false SubjectKeyIdentifier [ KeyIdentifier [ 0000: E1 9A 99 A6 DE 90 CB AF 70 6E D4 A p...pn..t 0010: C1 hq.. ] ] Trust this certificate? [no]: yes Certificate was added to keystore This creates the keystore file mycompany-jetty.jks. Verify the keystore contents using the following command: $ keytool -list -keystore mycompany-jetty.jks 40

41 Sample Output Enter keystore password: [pwjetty123] Keystore type: JKS Keystore provider: SUN Your keystore contains 1 entry mycompany, 02-Sep-2015, trustedcertentry, Certificate fingerprint (SHA1): CF:E8:39:E0:E7:7F:B0:96:CE:80:72:7E:4B:C0:4A:2B:D2:DB:94:DA 4. Create a Certificate Signing Request (CSR) using the following command and enter the applicable information: $ openssl req -new -key mycompany.key -out mycompany.csr Sample Output Enter pass phrase for mycompany.key: [pwjetty123] You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank Country Name (2 letter code) [AU]:UK State or Province Name (full name) [Some-State]:myState Locality Name (eg, city) []:mytown Organization Name (eg, company) [Internet Widgits Pty Ltd]:myCompany Organizational Unit Name (eg, section) []:Engineering Common Name (eg, server FQDN or YOUR name) []:myserver.com Address []:me@company.com Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:pwjetty123 An optional company name []: This creates the CSR file mycompany.csr. Verify the contents of the CSR using the following command: $ openssl req -text -noout -verify -in mycompany.csr Sample Output verify OK Certificate Request: Data: Version: 0 (0x0) Subject: C=UK, ST=myState, L=myTown, O=myCompany, OU=Engineering, CN=myServer.com/ Address=me@company.com Subject Public Key Info: Public Key Algorithm: rsaencryption Public-Key: (2048 bit) 41

42 Modulus: 00:af:ae:77:3b:eb:b0:2f:43:a1:a2:af:0e:40:56: : : 57:38:3a:84:c4:0d:24:3b:2c:8f:e1:c3:b5:56:0a: fe:23 Exponent: (0x10001) Attributes: challengepassword :unable to print attribute Signature Algorithm: sha256withrsaencryption 8f:65:04:17:24:b4:3f:32:0c:87:75:22:8b:21:a8:ca:98:62: : : 55:21:82:5a:8c:e9:18:8e:b7:98:53:32:7a:7f:77:5e:55:08: 7f:76:96:e2 5. Create a PKCS12 bundle containing the private key and its x509 certificate using the following command and enter the applicable information: $ openssl pkcs12 -inkey mycompany.key -in mycompany.crt -export -out mycompany.p12 Sample Output Enter pass phrase for mycompany.key: [pwjetty123] Enter Export Password: [pwjetty123] Verifying - Enter Export Password: [pwjetty123] This creates the PKCS12 bundle file mycompany.p12. Verify the contents of the PKCS12 bundle using the following command: $ openssl pkcs12 -info -in mycompany.p12 Sample Output Enter Import Password: [pwjetty123] MAC Iteration 2048 MAC verified OK PKCS7 Encrypted data: pbewithsha1and40bitrc2-cbc, Iteration 2048 Certificate bag Bag Attributes localkeyid: CF E8 39 E0 E7 7F B0 96 CE E 4B C0 4A 2B D2 DB 94 DA subject=/c=uk/st=mystate/l=mytown/o=mycompany/ou=engineering/cn=myserver.com/ address =me@company.com issuer=/c=uk/st=mystate/l=mytown/o=mycompany/ou=engineering/cn=myserver.com/ address= me@company.com -----BEGIN CERTIFICATE----- MIID9zCCAt+gAwIBAgIJAPTM97D/Z3E7MA0GCSqGSIb3DQEBCwUAMIGRMQswCQYD : : CTgULXcnl6Zyxm9E1P1XjWXpmCBtSTMUOoNR1YBV8LmLCo+LsGu03gYaZcg2moV6 g3ke7p/zicmdi+a= 42

43 -----END CERTIFICATE----- PKCS7 Data Shrouded Keybag: pbewithsha1and3-keytripledes-cbc, Iteration 2048 Bag Attributes localkeyid: CF E8 39 E0 E7 7F B0 96 CE E 4B C0 4A 2B D2 DB 94 DA Key Attributes: <No Attributes> Enter PEM pass phrase: [pwjetty123] Verifying - Enter PEM pass phrase: [pwjetty123] -----BEGIN ENCRYPTED PRIVATE KEY----- MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQI4W6snmuYS6ICAggA : : Ks7khnExAVuwu5/kbxBH90rf/cFFMQ/QOOFOY1ITVchhbBjRgYcnEVp7dUPSEWum a5e= -----END ENCRYPTED PRIVATE KEY Insert the PKCS12 bundle in the keystore using the following command and enter the applicable information: $ keytool -importkeystore -srckeystore mycompany.p12 -srcstoretype pkcs12 -destkeystore mycompany-jetty.jks Sample Output Enter destination keystore password: [pwjetty123] Enter source keystore password: [pwjetty123] Entry for alias 1 successfully imported. Import command completed: 1 entries successfully imported, 0 entries failed or cancelled This updates keystore file mycompany-jetty.jks. Verify the contents of the updated keystore using the following command: $ keytool -list -keystore mycompany-jetty.jks Sample Output Enter keystore password: [pwjetty123] Keystore type: JKS Keystore provider: SUN Your keystore contains 2 entries mycompany, 02-Sep-2015, trustedcertentry, Certificate fingerprint (SHA1): CF:E8:39:E0:E7:7F:B0:96:CE:80:72:7E:4B:C0:4A:2B:D2:DB:94:DA 1, 02-Sep-2015, PrivateKeyEntry, Certificate fingerprint (SHA1): CF:E8:39:E0:E7:7F:B0:96:CE:80:72:7E:4B:C0:4A:2B:D2:DB:94:DA 7. Copy the updated keystore to an area that can be used by the Jetty installation: $ cp mycompany-jetty.jks <jetty-install-dir>/etc/ 43

44 8. Update the Jetty SSL config file to use the new keystore with the following: a. Locate the sslcontextfactory block in <jetty-install-dir>/etc/jettyssl.xml. <New id="sslcontextfactory" class="org.eclipse.jetty.http.ssl.sslcontextfactory"> <Set name="keystore"><property name="jetty.home" default="." />/etc/keystore</set> <Set name="keystorepassword">obf:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4</set> <Set name="keymanagerpassword">obf:1u2u1wml1z7s1z7a1wnl1u2g</set> <Set name="truststore"><property name="jetty.home" default="." />/etc/keystore</set> <Set name="truststorepassword">obf:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4</set> </New> Note: The passwords are listed in obfuscated form. Jetty provides a utility within the installation to generate obfuscated passwords. b. In the Jetty install directory, run the following command using the passwords created in the previous steps: $ java -cp lib/jetty-util v jar org.eclipse.jetty.util.security.password pwjetty123 Sample Output pwjetty123 OBF:1lfg1mmc1di01x0r1z0f1z0f1x1v1dgm1mii1lc2 MD5:c0e1ec92ed0dc1b26daa291604cd0d69 Note: The value of the obfuscated (OBF) version of the password. c. Update the sslcontextfactory configuration accordingly: <New id="sslcontextfactory" class="org.eclipse.jetty.http.ssl.sslcontextfactory"> <Set name="keystore"><property name="jetty.home" default="." />/etc/mycompany- Jetty.jks</Set> <Set name="keystorepassword">obf:1lfg1mmc1di01x0r1z0f1z0f1x1v1dgm1mii1lc2</set> <Set name="keymanagerpassword">obf:1lfg1mmc1di01x0r1z0f1z0f1x1v1dgm1mii1lc2</set> <Set name="truststore"><property name="jetty.home" default="." />/etc/mycompany- Jetty.jks</Set> <Set name="truststorepassword">obf:1lfg1mmc1di01x0r1z0f1z0f1x1v1dgm1mii1lc2</set> </New> Note: The password and keystore locations have been updated. d. In the Jetty startup file <jetty-install-dir>/start.ini, look for the following line: # etc/jetty-ssl.xml. Uncomment and save. 44

45 9. Validate the changes with the following: a. Before restarting Jetty (to allow the above configuration changes to take effect), note the original set of Jetty ports. $ netstat -nlp grep -E ' ' Sample Output tcp 0 0 :::8888 :::* LISTEN 4310/java This shows Jetty is not currently listening on the encrypted port (8443). Note: 8888 is the standard Jetty port for PowerVille LB UI and 8443 is the standard default HTTPS port. b. Restart Jetty to apply the changes using the following command: $ service jetty restart Sample Output Stopping the Jetty Web Server Starting the Jetty Web Server c. Verify that Jetty is listening on its secure port using the following command: $ netstat -nlp grep -E ' ' Sample Output tcp 0 0 :::8888 :::* LISTEN 16440/java tcp 0 0 :::8443 :::* LISTEN 16440/java This shows Jetty is listening on both unencrypted (8888) and encrypted (8443) ports. d. Using a web browser, navigate to the new secure port: IP>:8443. The browser will prompt with a message stating the connection is untrusted or that the connection is not private, and the user will have to accept the decision to proceed. Once accepted, the default Jetty landing page should appear. After validating the changes, the secure port can be changed by updating the port value in the <jetty-install-dir>/etc/jetty-ssl.xml SslSelectChannelConnector class element. Follow step 9 to validate and restart Jetty after changing the secure port. 45

46 Connectivity Checks Overriding a Default Connectivity Check Script When a PowerVille LB service is added on the Services page of the PowerVille LB console, a default script is used for connectivity checks. The default scripts are located in the PowerVille LB home directory under the <home>/scripts sub-directory and are named appropriately. The default scripts are as follows. Service Type SIP HTTP HTTP (Stateless) HTTPS Generic-TCP MGCP-SIP Default Connectivity Check Script <home>/scripts/test-sip <home>/scripts/test-http <home>/scripts/test-http_stateless <home>/scripts/test-https <home>/scripts/test-generic_stateless <home>/scripts/test-sip It is possible to override the default connectivity check script used for each service type. To override a default connectivity check script, perform the following procedure: 1. Create a new connectivity check script that strictly complies with the following naming convention: test-<protocol>-<service-name> The protocol types are as follows. Service Type SIP HTTP HTTP (Stateless) HTTPS Generic-TCP MGCP-SIP Protocol sip http http_stateless https generic_stateless sip The following example would be the name of a new connectivity check script for the HTTP service called "dialogic": test-http-dialogic 46

47 2. Place the script in the location dictated by the type of service: o o For SIP, HTTP, HTTPS, and MGCP-SIP service types, new connectivity check scripts should be placed in the appropriate service directory. The path can be located in the PowerVille LB console by navigating to the Services page and using the "Logs Directory" path (i.e., <home>/nst-loadbalancer/p1). For HTTP (Stateless) and Generic-TCP service types, new connectivity check scripts should be placed in the scripts directory located in in the PowerVille LB home directory (i.e., <home>/nst-loadbalancer/scripts). 3. Set the appropriate ownership and permissions. This is achieved by running the following commands: o o To change the ownership of the new connectivity check script, use the following command where <script-name> is the name of the new connectivity check script: chown loadbalancer:loadbalancer <script-name> To change the permissions of the new connectivity check script, use the following command where <script-name> is the name of the new connectivity check script: chmod a+x <script-name> Implementing a Connectivity Check Script When implementing a new connectivity check script, adhere to the following requirements: The new connectivity check script should accept the following input parameters: o o o o name - The name specified when creating the service. host name - The IP address of the remote server to be tested by the script. port - The port of the remote server to be tested by the script. timeout period (milliseconds) - The time period to wait for a response to the connectivity check from the remote server. The new connectivity check script should return the exit code of 0 to convey that a remote server has been detected as online. Any other exit code returned by the connectivity check script produces an offline result. The following skeleton script can be used for guidance when creating a new connectivity check script: #!/bin/bash name=$1 host=$2 port=$3 timeout=$4 # if node is down do this... echo "FAIL" exit -1 # if node is alive but disabled (eg, a backup node for a DB)... echo "servicename=$name,hostname=$host,port=$port,disable=true,reason=backup DB" 47

48 exit 0 # if node is alive... echo "servicename=$name,hostname=$host,port=$port" exit 0 SNMP Traps The PowerVille LB SNMP implementation supports SNMPv2. The standard MIBs are located on your system. There are two additional MIB files that are not located in the standard MIBs directory. The two MIB files ("NST-MIB" and "LB-MIB") must be loaded into a network manager in order to decode SNMP traps. "NST-MIB" is a parent file. "LB-MIB" is a file specific to the PowerVille LB. These MIBs are located in the following location on the PowerVille LB installation: /opt/nst-loadbalancer List of Standard MIBs MIB EtherLike-MIB HOST-RESOURCES-MIB Description Defines generic objects for Ethernet like network interfaces (RFC 3635) Management of host systems (RFC - many) IF-MIB Defines generic objects for network interface sub-layers (RFC 2863) IP-MIB Management of IP and ICMP implementation (RFC 4293) IPV6-MIB Management of IPv6 implementation TCP-MIB Management of TCP implementation (RFC 4022) UDP-MIB Management of UDP implementation (RFC 4113) RFC1213-MIB Defines MIB-II (RFC 1213) List of Standard Traps The following table lists the traps raised by the PowerVille LB installation as a result of the incorporation of the standard MIBs. Trap Name coldstart warmstart Description A coldstart trap signifies that the SNMP entity, supporting a notification originator application, is re-intializing itself and that its configuration may have been altered. A warmstart trap signifies that the SNMP entity, supporting a notification originator application, is reinitializing itself such that its configuration is unaltered. 48

49 Trap Name linkup linkdown authenticationfailure ipv6ifstatechange Description A linkup trap signifies that the SNMP entity, acting in an agent role, has detected that the ifoperstatus object for one of its communication links left the down state and transitioned into some other state (but not into the notpresent state). This other state is indicated by the included value of ifoperstatus. Objects (ifindex, ifadminstatus, ifoperstatus) ifindex: index of the interface ifadminstatus: (up, down, testing) ifoperstatus: (up, down, testing, unknown, dormant, notpresent, lowerlayerdown) A linkdown trap signifies that the SNMP entity, acting in an agent role, has detected that the ifoperstatus object for one of its communication links is about to enter the down state from some other state (but not from the notpresent state). This other state is indicated by the included value of the ifoperstatus. Objects (ifindex, ifadminstatus, ifoperstatus) An authenticationfailure trap signifies that the SNMP entity has received a protocol message that is not properly authenticated. While all implementations of SNMP entities may be capable of generating this trap, the snmpenableauthentraps object indicates whether this trap will be generated. An ipv6ifstatechange notification signifies that there has been a change in the state of an IPv6 interface. This notification should be generated when the interface's operational status transitions to or from the up(1) state. Objects (ipv6ifdescr, ipv6ifoperstatus) Enterprise (Proprietary) MIBs The PowerVile LB enterprise MIBs contain traps and performance related variables. The following sections detail the traps and variables. Enterprise (Proprietary) Traps The following table identifies the SNMP traps for the PowerVille LB and provides a description of each SNMP trap. Trap Name generictrap adminroleadded adminroledeleted adminroleedited adminuseradded Description The generic trap OID is unique. It states that the PowerVille LB is sending a general, non-specific trap. An admin role has been added. An admin role has been deleted. A user role has been edited. A new admin user has been added. 49

50 Trap Name adminuserpasswordchange adminuserchange adminuserdeletion adminserviceadd adminservicedeletion adminserviceupdate adminservicereplicate serviceactive adminserviceinactive serviceunavailable adminserviceerrored servicestopped servicenonodes nodeactive nodeinactive nodeunavailable consolelogin Description An admin user's password has been changed. A user's privileges/role has been changed. A user has been deleted from the PowerVille LB console. A service has been added to the PowerVille LB. A service has been deleted from the PowerVille LB. A service has been modified and updated. A service has been replicated to a backup node. A service has become active. A service that was previously running has become inactive. A service that was previously running has become unavailable for use. A service has failed due to some error and is no longer available. A user has stopped a service and the service is no longer running. The node endpoints used to load balance requests are not available. Requests are rejected with an error response. The node endpoint has become active and is available to receive traffic/requests. The node endpoint has become inactive and is no longer available to receive traffic/requests. The node endpoint has become unavailable and is no longer available to receive traffic/requests. A user has logged in to the PowerVille LB console. Associated Variables Each SNMP trap has three associated variables: event, whosenttrap, and otherinformation. The following table identifies the associated variables and describes their type. Associated Variables event whosenttrap otherinformation Type DisplayString that indicates what event has occurred. DisplayString that identifies the user that triggered the event. DisplayString that gives extra information and details of what to send with the trap. 50

51 MGCP Service The MGCP Service provides MGCP to SIP/MSML interworking. This MGCP Service converts MGCP protocol commands to SIP/MSML signaling. The MGCP Service presents two distinct service ports, each on a separate Virtual IP Address (VIP) to the network: A Service Port for inbound MGCP traffic. A Service Port for outbound SIP/MSML traffic. The MGCP Service supports a subset of the MGCP protocol. The MGCP Service is designed to support IVR scenarios between an MGCP client and the Dialogic PowerMedia XMS (also referred to herein as "PowerMedia XMS"). For example, "Play Announcement" and "Play and Collect". The MGCP Service was initially developed to support a very specific set of scenarios and uses cases. As of the publication date of this document, the functionality offered by the MGCP Service amounts to what was needed for those scenarios and use cases. Message Flows When an MGCP connection is made to the MGCP Service, the MGCP commands are sent to the inbound VIP address and service port. The MGCP Service then selects a back-end node for each new connection according to the provisioned selection algorithm. The MGCP Service directs the call via the outbound VIP address and service port to the receiving back-end node. A back-end node would be either be a Dialogic PowerMedia MRB (also referred to herein as "PowerMedia MRB") or PowerMedia XMS. For the duration of a connection, all outbound SIP signaling (related to that connection) will be sent to the selected back-end node (i.e., the MGCP Service is always SIP dialog-aware). 51

52 The following diagram illustrates a basic call flow for a "Play Announcement" scenario. 52

53 The following diagram illustrates a basic call flow for a "Play and Collect" scenario. 53

54 Provisioning MGCP Service can be created via the PowerVille LB console, which is a web-based graphical user interface (WebGUI), by selecting the "MGCP-SIP" service type from the Add LB Service page. For more details, refer to the Add Service section. The LB Service Configuration page for MGCP Service shares many of the same configuration items as other service types. For more details, refer to the Service Configuration section. 54

55 The following configuration items are specific to the MGCP Service type. MGCP Configuration MGCP Port SIP Port SIP Transport Notified Entity First Request Timeout (sec) Inter Request Timeout (sec) The combination of the "Inbound VIP Bind Address" and "MGCP port" define the inbound address for MGCP signaling. The local bind port for SIP. The combination of the "Outbound VIP Bind Address" and the "SIP Port" define the outbound address for SIP signaling. The default transport for the outbound SIP signaling. It is recommended that TCP is used. TCP - The transmission control protocol. UDP - The user datagram protocol. The address of the MGCP Call Agent to which the MGCP Service will send NTFY and DLCX commands. This is optional. When empty, the address of the notified entity will be determined according to the rules defined in the MGCP RFC The elapsed time after receiving a CRCX command, that the connection will be deleted if a RQNT command is not received. The elapsed time after the MGCP Service has completed all of its NTFY messaging associated with an RQNT, that the connection will be deleted if another RQNT command is not received. Support The MGCP Service supports a subset of the MGCP protocol. The MGCP Service can receive the following MGCP commands: CreateConnection - CRCX ModifyConnection - MDCX DeleteConnection - DLCX NotificationRequest - RQNT AuditEndpoint - AUEP The MGCP Service will send the following MGCP commands: Notify - NTFY DeleteConnection - DLCX The MGCP Service supports a subset of the "Announcement Server" package and ANSI "Basic Audio Package" as specified in the MGCP RFC

56 High Availability and Service Continuity Two instances of the PowerVille LB can be paired in an active/backup configuration to provide a High Availability (HA) solution. If the active PowerVille LB suffers a catastrophic failure, the backup PowerVille LB will take over meaning that the service continues to be provided for new connections. The MGCP Service provides service continuity in the event of catastrophic failure, however it does not provide session continuity. That is, if the active instance of the PowerVille LB fails, any ongoing MGCP connections/calls will be lost. Similarly, if the back-end PowerMedia XMS fails, all active sessions with that PowerMedia XMS will be lost. When the PowerVille LB receives a CRCX message it will send an initial SIP INVITE request to one of a number of preconfigured nodes (according to a preconfigured selection algorithm). The PowerVille LB will monitor the availability of each configured node. If all nodes are unavailable, the PowerVille LB will respond to CRCX messages with an error response. 56

57 6. PowerVille LB Troubleshooting Resolve the Hostname The PowerVille LB software needs to be able to resolve its hostname otherwise the error "Lost connection to LB on localhost:5101" is displayed in the LB console when attempting to log in and an error is displayed in opt/nst-loadbalancer/nst-vip-manager.out every few seconds. This is an example of the error message in opt/nst-loadbalancer/nst-vip-manager.out when "mclb-" is the hostname and "mc-lb3.lonlab.dialogic.com" is the FQDN. Error: Exception thrown by the agent : java.net.malformedurlexception: Local host name unknown: java.net.unknownhostexception: mc-lb3.lonlab.dialogic.com: mc-lb3.lonlab.dialogic.com: Name or service not known To resolve the hostname, edit the /etc/hosts file so that the hostname and FQDN are included. This is an example of an incorrect /etc/hosts file when "mc-lb" is the hostname and "mc-lb3.lonlab.dialogic.com" is the FQDN. The hostname and FQDN are not in the file localhost localhost.localdomain localhost4 localhost4.localdomain4::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 This is an example of a correct /etc/hosts file when "mc-lb" is the hostname and "mc-lb3.lonlab.dialogic.com" is the FQDN. The hostname and FQDN have been added to the file mc-lb mc-lb3.lonlab.dialogic.com localhost localhost.localdomain localhost4 localhost4.localdomain4::1 mc-lb mc-lb3.lonlab.dialogic.com localhost localhost.localdomain localhost6 localhost6.localdomain6 57

Dialogic PowerVille LB Load Balancer for Real-Time Communications

Dialogic PowerVille LB Load Balancer for Real-Time Communications Dialogic PowerVille LB Load Balancer for Real-Time Communications Quick Start Guide July 2016 Rev 1.3 www.dialogic.com Copyright and Legal Notice Copyright 2016 Dialogic Corporation. All Rights Reserved.

More information

Dialogic PowerVille LB Load Balancer for Real-Time Communications

Dialogic PowerVille LB Load Balancer for Real-Time Communications Dialogic PowerVille LB Load Balancer for Real-Time Communications Technology Guide June 2016 1.0 www.dialogic.com Copyright and Legal Notice Copyright 2016 Dialogic Corporation. All Rights Reserved. You

More information

Dialogic PowerMedia Media Resource Broker (MRB)

Dialogic PowerMedia Media Resource Broker (MRB) Dialogic PowerMedia Media Resource Broker (MRB) Installation and Configuration Guide September 2016 Rev 1.3 www.dialogic.com Copyright and Legal Notice Copyright 2015-2016 Dialogic Corporation. All Rights

More information

Deploying a Dialogic 4000 Media Gateway as a Survivable Branch Appliance for Microsoft Lync Server 2010

Deploying a Dialogic 4000 Media Gateway as a Survivable Branch Appliance for Microsoft Lync Server 2010 Deploying a Dialogic 4000 Media Gateway as a Survivable Branch Appliance for Microsoft Lync Server 2010 February 2011 64-1146-01 www.dialogic.com Copyright and Legal Notice Copyright and Legal Notice Copyright

More information

Using Two Ethernet Network Interface Cards with Dialogic PowerMedia Extended Media Server (XMS) Tech Note

Using Two Ethernet Network Interface Cards with Dialogic PowerMedia Extended Media Server (XMS) Tech Note Using Two Ethernet Network Interface Cards with Dialogic PowerMedia Extended Media Server (XMS) Introduction While Dialogic PowerMedia Extended Media Server s (PowerMedia XMS) default configuration is

More information

Dialogic PowerMedia XMS WebRTC

Dialogic PowerMedia XMS WebRTC Dialogic PowerMedia XMS WebRTC Demo Guide September 2015 05-2718-008 www.dialogic.com Copyright and Legal Notice Copyright 2013-2015 Dialogic Corporation. All Rights Reserved. You may not reproduce this

More information

Dialogic PowerMedia XMS and Amazon Web Services (AWS)

Dialogic PowerMedia XMS and Amazon Web Services (AWS) Dialogic PowerMedia XMS and Amazon Web Services (AWS) Using PowerMedia XMS with a J2EE Application Server and Dialogic JSR 309 Introduction This is the third tech note in the series Dialogic PowerMedia

More information

Dialogic Brooktrout Fax Service Provider Software

Dialogic Brooktrout Fax Service Provider Software Dialogic Brooktrout Fax Service Provider Software Installation and Configuration Guide for the Microsoft Fax Server September 2016 931-121-04 www.dialogic.com Copyright and Legal Notice Copyright 1998-2016

More information

Dialogic Brooktrout SR140 Fax Software with babytel SIP Trunking Service

Dialogic Brooktrout SR140 Fax Software with babytel SIP Trunking Service Dialogic Brooktrout SR140 Fax Software with babytel SIP Trunking Service March 2011 64-0600-27 www.dialogic.com Copyright and Legal Notice Copyright 2011 Dialogic Inc. All Rights Reserved. You may not

More information

Dialogic Brooktrout SR140 Fax Software with Microsoft Exchange Server 2010

Dialogic Brooktrout SR140 Fax Software with Microsoft Exchange Server 2010 Dialogic Brooktrout SR140 Fax Software with Microsoft Exchange Server 2010 June 2010 64-0600-20 www.dialogic.com Copyright and Legal Notice Copyright 2010 Dialogic Corporation. All Rights Reserved. You

More information

IMPORTANT NOTE. Dialogic Brooktrout SR140 Fax Software with Broadvox SIP Trunking Service. Installation and Configuration Integration Note

IMPORTANT NOTE. Dialogic Brooktrout SR140 Fax Software with Broadvox SIP Trunking Service. Installation and Configuration Integration Note Dialogic Brooktrout SR140 Fax Software with Broadvox SIP Trunking Service IMPORTANT NOTE This document is not to be shared with or disseminated to other third parties, in whole or in part, without prior

More information

IMPORTANT NOTE. Dialogic Brooktrout SR140 Fax Software with Alcatel-Lucent OmniPCX Enterprise. Installation and Configuration Integration Note

IMPORTANT NOTE. Dialogic Brooktrout SR140 Fax Software with Alcatel-Lucent OmniPCX Enterprise. Installation and Configuration Integration Note Dialogic Brooktrout SR140 Fax Software with Alcatel-Lucent OmniPCX Enterprise IMPORTANT NOTE This document is not to be shared with or disseminated to other third parties, in whole or in part, without

More information

Dialogic Media Gateway Installation and Configuration Integration Note

Dialogic Media Gateway Installation and Configuration Integration Note Dialogic Media Gateway Installation and Configuration Integration Note This document is intended to detail a typical installation and configuration of the Dialogic 2000 Media Gateway Series (DMG2000) when

More information

Installing Dialogic NaturalAccess SS7 Monitor Software 3.0

Installing Dialogic NaturalAccess SS7 Monitor Software 3.0 Installing Dialogic NaturalAccess SS7 Monitor Software 3.0 August 2009 64-0465-01 www.dialogic.com Copyright and legal notices Copyright 2004-2009 Dialogic Corporation. All Rights Reserved. You may not

More information

Dialogic 1000 Media Gateway Series

Dialogic 1000 Media Gateway Series August 2010 05-2685-002 www.dialogic.com Copyright and Legal Notice Copyright 2009-2010 Dialogic Corporation. All Rights Reserved. You may not reproduce this document in whole or in part without permission

More information

Dialogic PowerMedia Media Resource Broker (MRB)

Dialogic PowerMedia Media Resource Broker (MRB) Dialogic PowerMedia Media Resource Broker (MRB) Technology Guide September 2017 Rev 2.0 www.dialogic.com Copyright and Legal Notice Copyright 2016-2017 Dialogic Corporation. All Rights Reserved. You may

More information

Using ISE 2.2 Internal Certificate Authority (CA) to Deploy Certificates to Cisco Platform Exchange Grid (pxgrid) Clients

Using ISE 2.2 Internal Certificate Authority (CA) to Deploy Certificates to Cisco Platform Exchange Grid (pxgrid) Clients Using ISE 2.2 Internal Certificate Authority (CA) to Deploy Certificates to Cisco Platform Exchange Grid (pxgrid) Clients Author: John Eppich Table of Contents About this Document... 4 Using ISE 2.2 Internal

More information

Dialogic TX Series SS7 Boards

Dialogic TX Series SS7 Boards Dialogic TX Series SS7 Boards Loader Library Developer s Reference Manual July 2009 64-0457-01 www.dialogic.com Loader Library Developer's Reference Manual Copyright and legal notices Copyright 1998-2009

More information

Dialogic Media Gateway Installation Site Survey

Dialogic Media Gateway Installation Site Survey Dialogic Media Gateway Installation Site Survey 1. Scope This document is provided by Dialogic for you to use if implementing Microsoft Office Communications Server 2007 or Microsoft Exchange Server 2007

More information

Dialogic DSI Protocol Stacks

Dialogic DSI Protocol Stacks Dialogic DSI Protocol Stacks User Guide: Running DSI User Parts Over Dialogic TX Series SS7 Boards February 2010 U03DPK02 www.dialogic.com Copyright and Legal Notice Copyright 2009-2010 Dialogic Corporation.

More information

Intel Small Business Extended Access. Deployment Guide

Intel Small Business Extended Access. Deployment Guide Intel Small Business Extended Access Deployment Legal Notices and Disclaimers Disclaimers INTEL CORPORATION MAKES NO WARRANTY OF ANY KIND WITH REGARD TO THIS MATERIAL, INCLUDING, BUT NOT LIMITED TO, THE

More information

Dialogic Continuous Speech Processing API

Dialogic Continuous Speech Processing API Dialogic Continuous Speech Processing API Demo Guide May 2008 05-2084-005 Copyright 2005-2008. All rights reserved. You may not reproduce this document in whole or in part without permission in writing

More information

FieldView. Management Suite

FieldView. Management Suite FieldView The FieldView Management Suite (FMS) system allows administrators to view the status of remote FieldView System endpoints, create and apply system configurations, and manage and apply remote

More information

IMPORTANT NOTE. Dialogic Brooktrout SR140 Fax Software with Cisco Unified Communications Manager 7.0. Installation and Configuration Integration Note

IMPORTANT NOTE. Dialogic Brooktrout SR140 Fax Software with Cisco Unified Communications Manager 7.0. Installation and Configuration Integration Note Dialogic Brooktrout SR140 Fax Software with Cisco Unified Communications Manager 7.0 IMPORTANT NOTE This document is not to be shared with or disseminated to other third parties, in whole or in part, without

More information

Installing and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.

Installing and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3. Installing and Configuring VMware Identity Manager Connector 2018.8.1.0 (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.3 You can find the most up-to-date technical documentation on

More information

Application Notes for Dialogic PowerVille LB with Avaya Aura Session Manager Issue 1.0

Application Notes for Dialogic PowerVille LB with Avaya Aura Session Manager Issue 1.0 Avaya Solution & Interoperability Test Lab Application Notes for Dialogic PowerVille LB with Avaya Aura Session Manager Issue 1.0 Abstract These Application Notes describe configuration steps required

More information

NetXplorer. Installation Guide. Centralized NetEnforcer Management Software P/N D R3

NetXplorer. Installation Guide. Centralized NetEnforcer Management Software P/N D R3 NetXplorer Centralized NetEnforcer Management Software Installation Guide P/N D357006 R3 Important Notice Important Notice Allot Communications Ltd. ("Allot") is not a party to the purchase agreement

More information

Dialogic PowerMedia XMS

Dialogic PowerMedia XMS Dialogic PowerMedia XMS Quick Start Guide April 2016 05-2701-007 www.dialogic.com Copyright and Legal Notice Copyright 2012-2016 Dialogic Inc. All Rights Reserved. You may not reproduce this document in

More information

Dialogic PowerMedia XMS

Dialogic PowerMedia XMS Dialogic PowerMedia XMS Quick Start Guide March 2013 05-2701-005 www.dialogic.com Copyright and Legal Notice Copyright 2012-2013 Dialogic Inc. All Rights Reserved. You may not reproduce this document in

More information

Dialogic System Release 6.0 PCI for Windows

Dialogic System Release 6.0 PCI for Windows Dialogic System Release 6.0 PCI for Windows Release Update September 28, 2017 05-2221-108 Copyright and Legal Notice Copyright 2004-2017 Dialogic Corporation. All Rights Reserved. You may not reproduce

More information

Listed below are the specific details of the PBX and gateways used in the testing to construct the following documentation.

Listed below are the specific details of the PBX and gateways used in the testing to construct the following documentation. Dialogic Media Gateway Installation and Configuration Integration Note 1. Scope This document is intended to detail a typical installation and configuration of Dialogic 2000 Media Gateway Series (DMG2000)

More information

CloudLink SecureVM. Administration Guide. Version 4.0 P/N REV 01

CloudLink SecureVM. Administration Guide. Version 4.0 P/N REV 01 CloudLink SecureVM Version 4.0 Administration Guide P/N 302-002-056 REV 01 Copyright 2015 EMC Corporation. All rights reserved. Published June 2015 EMC believes the information in this publication is accurate

More information

SSL Configuration Oracle Banking Liquidity Management Release [April] [2017]

SSL Configuration Oracle Banking Liquidity Management Release [April] [2017] SSL Configuration Oracle Banking Liquidity Management Release 12.4.0.0.0 [April] [2017] Table of Contents 1. CONFIGURING SSL ON ORACLE WEBLOGIC... 1-1 1.1 INTRODUCTION... 1-1 1.2 SETTING UP SSL ON ORACLE

More information

Dialogic PowerMedia XMS

Dialogic PowerMedia XMS Dialogic PowerMedia XMS Quick Start Guide April 2016 05-2701-010 www.dialogic.com Copyright and Legal Notice Copyright 2012-2016 Dialogic Corporation. All Rights Reserved. You may not reproduce this document

More information

RealPresence Access Director System Administrator s Guide

RealPresence Access Director System Administrator s Guide [Type the document title] Polycom RealPresence Access Director System Administrator s Guide 2.1.0 March 2013 3725-78703-001A Polycom Document Title 1 Trademark Information POLYCOM and the names and marks

More information

IMPORTANT NOTE. Dialogic Brooktrout SR140 Fax Software with T.38Fax.com SIP Trunking Service. Installation and Configuration Integration Note

IMPORTANT NOTE. Dialogic Brooktrout SR140 Fax Software with T.38Fax.com SIP Trunking Service. Installation and Configuration Integration Note Dialogic Brooktrout SR140 Fax Software with T.38Fax.com SIP Trunking Service IMPORTANT NOTE This document is not to be shared with or disseminated to other third parties, in whole or in part, without prior

More information

UCON-IP-NEO Operation Web Interface

UCON-IP-NEO Operation Web Interface UCON-IP-NEO Operation Web Interface copyright G&D 25/01/2012 Web Interface version 2.30 Subject to possible errors and technical modifications License notes G&D license Copyright G&D GmbH 2003-2012: All

More information

IMPORTANT NOTE. Dialogic Brooktrout SR140 Fax Software with NEC Philips SOPHO is3000. Installation and Configuration Integration Note

IMPORTANT NOTE. Dialogic Brooktrout SR140 Fax Software with NEC Philips SOPHO is3000. Installation and Configuration Integration Note Dialogic Brooktrout SR140 Fax Software with NEC Philips SOPHO is3000 IMPORTANT NOTE This document is not to be shared with or disseminated to other third parties, in whole or in part, without prior written

More information

Dialogic PowerMedia HMP for Windows Release 3.0

Dialogic PowerMedia HMP for Windows Release 3.0 Dialogic PowerMedia HMP for Windows Release 3.0 Release Update March 27, 2018 05-2508-110 Copyright and Legal Notice Copyright 2006-2018 Dialogic Corporation. All Rights Reserved. You may not reproduce

More information

Configuring IBM Rational Synergy to use HTTPS Protocol

Configuring IBM Rational Synergy to use HTTPS Protocol Technical Note Configuring IBM Rational Synergy to use HTTPS Protocol November 20, 2013 This edition applies to IBM Rational Synergy version 7.1, and to all subsequent releases and modifications until

More information

Dialogic PowerMedia Media Resource Broker (MRB)

Dialogic PowerMedia Media Resource Broker (MRB) Dialogic PowerMedia Media Resource Broker (MRB) The PowerMedia Media Resource Broker (MRB), a standardscompliant, software-based Media Resource Broker that allows application developers, service providers

More information

LifeSize Control Installation Guide

LifeSize Control Installation Guide LifeSize Control Installation Guide January 2009 Copyright Notice 2005-2009 LifeSize Communications Inc, and its licensors. All rights reserved. LifeSize Communications has made every effort to ensure

More information

8 Digital Station Lines

8 Digital Station Lines Dialogic Media Gateway Installation and Configuration Integration Note 1. Scope This document is intended to detail a typical installation and configuration of a Dialogic Media Gateway when used to interface

More information

VMware AirWatch Content Gateway Guide for Linux For Linux

VMware AirWatch Content Gateway Guide for Linux For Linux VMware AirWatch Content Gateway Guide for Linux For Linux Workspace ONE UEM v9.7 Have documentation feedback? Submit a Documentation Feedback support ticket using the Support Wizard on support.air-watch.com.

More information

Dialogic PowerMedia Media Resource Broker (MRB)

Dialogic PowerMedia Media Resource Broker (MRB) Dialogic PowerMedia Media Resource Broker (MRB) The PowerMedia Media Resource Broker (MRB) is a standardscompliant, software-based Media Resource Broker that allows application developers, service providers

More information

White Paper Subcategory. Overview of XML Communication Technologies

White Paper Subcategory. Overview of XML Communication Technologies Subcategory Overview of XML Communication Technologies Executive Summary A significant shift has occurred in the communications infrastructures deployed today. This shift is the result of the acceptance

More information

Quest VROOM Quick Setup Guide for Quest Rapid Recovery for Windows and Quest Foglight vapp Installers

Quest VROOM Quick Setup Guide for Quest Rapid Recovery for Windows and Quest Foglight vapp Installers Quest VROOM Quick Setup Guide for Quest Rapid Recovery for Windows and Quest Foglight vapp Installers INTRODUCTION Setup of Quest VROOM requires installation of Rapid Recovery and Foglight for Virtualization

More information

SSL Configuration: an example. July 2016

SSL Configuration: an example. July 2016 SSL Configuration: an example July 2016 This document details a walkthrough example of SSL configuration in an EM managed mongodb environment. SSL certificates are used to enforce certificate based security

More information

Listed below are the specific details of the PBX and gateways used in the testing to construct the following documentation.

Listed below are the specific details of the PBX and gateways used in the testing to construct the following documentation. Dialogic Media Gateway Installation and Configuration Integration Note 1. Scope This document is intended to detail a typical installation and configuration of Dialogic 2000 Media Gateway Series (DMG2000)

More information

Dialogic PowerMedia Extended Media Server (XMS) Installation and Configuration Guide

Dialogic PowerMedia Extended Media Server (XMS) Installation and Configuration Guide Dialogic PowerMedia Extended Media Server (XMS) Installation and Configuration Guide March 2012 05-2704-001 www.dialogic.com Copyright and Legal Notice Copyright 2012 Dialogic Inc. All Rights Reserved.

More information

VMware Identity Manager Connector Installation and Configuration (Legacy Mode)

VMware Identity Manager Connector Installation and Configuration (Legacy Mode) VMware Identity Manager Connector Installation and Configuration (Legacy Mode) VMware Identity Manager This document supports the version of each product listed and supports all subsequent versions until

More information

Quest Collaboration Services 3.6. Installation Guide

Quest Collaboration Services 3.6. Installation Guide Quest Collaboration Services 3.6 Installation Guide 2010 Quest Software, Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide

More information

Cisco TelePresence Conductor with Cisco Unified Communications Manager

Cisco TelePresence Conductor with Cisco Unified Communications Manager Cisco TelePresence Conductor with Cisco Unified Communications Manager Deployment Guide TelePresence Conductor XC4.0 Unified CM 10.5(2) January 2016 Contents Introduction 6 About this document 6 Related

More information

Tanium IaaS Cloud Solution Deployment Guide for Microsoft Azure

Tanium IaaS Cloud Solution Deployment Guide for Microsoft Azure Tanium IaaS Cloud Solution Deployment Guide for Microsoft Azure Version: All December 21, 2018 The information in this document is subject to change without notice. Further, the information provided in

More information

IMPORTANT NOTE. Dialogic Brooktrout SR140 Fax Software with ShoreTel Release 12.1 Gateway. Installation and Configuration Integration Note

IMPORTANT NOTE. Dialogic Brooktrout SR140 Fax Software with ShoreTel Release 12.1 Gateway. Installation and Configuration Integration Note Dialogic Brooktrout SR140 Fax Software with ShoreTel Release 12.1 Gateway IMPORTANT NOTE This document is not to be shared with or disseminated to other third parties, in whole or in part, without prior

More information

Installation Guide. EventTracker Enterprise. Install Guide Centre Park Drive Publication Date: Aug 03, U.S. Toll Free:

Installation Guide. EventTracker Enterprise. Install Guide Centre Park Drive Publication Date: Aug 03, U.S. Toll Free: EventTracker Enterprise Install Guide 8815 Centre Park Drive Publication Date: Aug 03, 2010 Columbia MD 21045 U.S. Toll Free: 877.333.1433 Abstract The purpose of this document is to help users install

More information

Cisco Expressway with Jabber Guest

Cisco Expressway with Jabber Guest Cisco Expressway with Jabber Guest Deployment Guide First Published: Decemeber 2016 Cisco Expressway X8.9 Cisco Jabber Guest Server 10.6.9 (or later) Cisco Systems, Inc. www.cisco.com Contents Preface

More information

Quest VROOM Quick Setup Guide for Quest Rapid Recovery for Windows and Quest Foglight vapp Installers

Quest VROOM Quick Setup Guide for Quest Rapid Recovery for Windows and Quest Foglight vapp Installers Quest VROOM Quick Setup Guide for Quest Rapid Recovery for Windows and Quest Foglight vapp Installers INTRODUCTION Setup of Quest VROOM requires installation of Rapid Recovery and Foglight for Virtualization

More information

VMware AirWatch Content Gateway Guide For Linux

VMware AirWatch Content Gateway Guide For Linux VMware AirWatch Content Gateway Guide For Linux AirWatch v9.2 Have documentation feedback? Submit a Documentation Feedback support ticket using the Support Wizard on support.air-watch.com. This product

More information

Oracle WebLogic Server

Oracle WebLogic Server Oracle WebLogic Server Creating WebLogic Domains Using the Configuration Wizard 10g Release 3 (10.1.3) August 2008 Oracle WebLogic Server Creating WebLogic Domains Using the Configuration Wizard, 10g Release

More information

akkadian Global Directory 3.0 System Administration Guide

akkadian Global Directory 3.0 System Administration Guide akkadian Global Directory 3.0 System Administration Guide Updated July 19 th, 2016 Copyright and Trademarks: I. Copyright: This website and its content is copyright 2014 Akkadian Labs. All rights reserved.

More information

VMware AirWatch Content Gateway for Linux. VMware Workspace ONE UEM 1811 Unified Access Gateway

VMware AirWatch Content Gateway for Linux. VMware Workspace ONE UEM 1811 Unified Access Gateway VMware AirWatch Content Gateway for Linux VMware Workspace ONE UEM 1811 Unified Access Gateway You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/

More information

VMware Identity Manager Cloud Deployment. Modified on 01 OCT 2017 VMware Identity Manager

VMware Identity Manager Cloud Deployment. Modified on 01 OCT 2017 VMware Identity Manager VMware Identity Manager Cloud Deployment Modified on 01 OCT 2017 VMware Identity Manager You can find the most up-to-date technical documentation on the VMware Web site at: https://docs.vmware.com/ The

More information

Using ANM With Virtual Data Centers

Using ANM With Virtual Data Centers APPENDIXB Date: 3/8/10 This appendix describes how to integrate ANM with VMware vcenter Server, which is a third-party product for creating and managing virtual data centers. Using VMware vsphere Client,

More information

Cisco TelePresence Conductor with Cisco Unified Communications Manager

Cisco TelePresence Conductor with Cisco Unified Communications Manager Cisco TelePresence Conductor with Cisco Unified Communications Manager Deployment Guide XC2.2 Unified CM 8.6.2 and 9.x D14998.09 Revised March 2014 Contents Introduction 4 About this document 4 Further

More information

Oracle Enterprise Manager

Oracle Enterprise Manager Oracle Enterprise Manager System Monitoring Plug-in Installation Guide for VMware ESX Server Release 5 (1.0.3.0.0) to Release 8 (1.1.3.2.0) E13339-05 November 2009 This document is the installation guide

More information

SOA Software Intermediary for Microsoft : Install Guide

SOA Software Intermediary for Microsoft : Install Guide SOA Software Intermediary for Microsoft : Install Guide SOA Software Intermediary for Microsoft Install Guide SOAIM_60 August 2013 Copyright Copyright 2013 SOA Software, Inc. All rights reserved. Trademarks

More information

VMware Horizon View Deployment

VMware Horizon View Deployment VMware Horizon View provides end users with access to their machines and applications through a unified workspace across multiple devices, locations, and connections. The Horizon View Connection Server

More information

VMWARE HORIZON CLOUD WITH VMWARE IDENTITY MANAGER QUICK START GUIDE WHITE PAPER MARCH 2018

VMWARE HORIZON CLOUD WITH VMWARE IDENTITY MANAGER QUICK START GUIDE WHITE PAPER MARCH 2018 VMWARE HORIZON CLOUD WITH VMWARE IDENTITY MANAGER QUICK START GUIDE WHITE PAPER MARCH 2018 Table of Contents Introduction to Horizon Cloud with Manager.... 3 Benefits of Integration.... 3 Single Sign-On....3

More information

HYCU SCOM Management Pack for F5 BIG-IP

HYCU SCOM Management Pack for F5 BIG-IP USER GUIDE HYCU SCOM Management Pack for F5 BIG-IP Product version: 5.5 Product release date: August 2018 Document edition: First Legal notices Copyright notice 2015-2018 HYCU. All rights reserved. This

More information

USER GUIDE Summer 2015

USER GUIDE Summer 2015 USER GUIDE Summer 2015 Copyright and Disclaimer This document, as well as the software described in it, is furnished under license of the Instant Technologies Software Evaluation Agreement and may be used

More information

Version Installation Guide. 1 Bocada Installation Guide

Version Installation Guide. 1 Bocada Installation Guide Version 19.4 Installation Guide 1 Bocada Installation Guide Copyright 2019 Bocada LLC. All Rights Reserved. Bocada and BackupReport are registered trademarks of Bocada LLC. Vision, Prism, vpconnect, and

More information

VMware Identity Manager Cloud Deployment. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager

VMware Identity Manager Cloud Deployment. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager VMware Identity Manager Cloud Deployment DEC 2017 VMware AirWatch 9.2 VMware Identity Manager You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/

More information

Policy Manager for IBM WebSphere DataPower 7.2: Configuration Guide

Policy Manager for IBM WebSphere DataPower 7.2: Configuration Guide Policy Manager for IBM WebSphere DataPower 7.2: Configuration Guide Policy Manager for IBM WebSphere DataPower Configuration Guide SOAPMDP_Config_7.2.0 Copyright Copyright 2015 SOA Software, Inc. All rights

More information

eroaming platform Secure Connection Guide

eroaming platform Secure Connection Guide eroaming platform Secure Connection Guide Contents 1. Revisions overview... 3 2. Abbrevations... 4 3. Preconditions... 5 3.1. OpenSSL... 5 3.2. Requirements for your PKCS10 CSR... 5 3.3. Java Keytool...

More information

Blue Coat ProxySG First Steps Solution for Controlling HTTPS SGOS 6.7

Blue Coat ProxySG First Steps Solution for Controlling HTTPS SGOS 6.7 Blue Coat ProxySG First Steps Solution for Controlling HTTPS SGOS 6.7 Legal Notice Copyright 2018 Symantec Corp. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Blue Coat, and the

More information

Configuring SSL. SSL Overview CHAPTER

Configuring SSL. SSL Overview CHAPTER 7 CHAPTER This topic describes the steps required to configure your ACE appliance as a virtual Secure Sockets Layer (SSL) server for SSL initiation or termination. The topics included in this section are:

More information

Oracle Insurance Rules Palette

Oracle Insurance Rules Palette Oracle Insurance Rules Palette Security Guide Version 10.2.0.0 Document Part Number: E62439-01 August, 2015 Copyright 2009, 2015, Oracle and/or its affiliates. All rights reserved. Trademark Notice Oracle

More information

Installing and Configuring vcloud Connector

Installing and Configuring vcloud Connector Installing and Configuring vcloud Connector vcloud Connector 2.6.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new

More information

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the product, please review the readme files,

More information

Load Balancing Microsoft IIS. Deployment Guide v Copyright Loadbalancer.org

Load Balancing Microsoft IIS. Deployment Guide v Copyright Loadbalancer.org Load Balancing Microsoft IIS Deployment Guide v1.6.4 Copyright Loadbalancer.org Table of Contents 1. About this Guide...4 2. Loadbalancer.org Appliances Supported...4 3. Loadbalancer.org Software Versions

More information

Silver Peak EC-V and Microsoft Azure Deployment Guide

Silver Peak EC-V and Microsoft Azure Deployment Guide Silver Peak EC-V and Microsoft Azure Deployment Guide How to deploy an EC-V in Microsoft Azure 201422-001 Rev. A September 2018 2 Table of Contents Table of Contents 3 Copyright and Trademarks 5 Support

More information

Cisco TelePresence Conductor with Unified CM

Cisco TelePresence Conductor with Unified CM Cisco TelePresence Conductor with Unified CM Deployment Guide TelePresence Conductor XC3.0 Unified CM 10.x Revised February 2015 Contents Introduction 5 About this document 5 Related documentation 5 About

More information

XLmanage Version 2.4. Installation Guide. ClearCube Technology, Inc.

XLmanage Version 2.4. Installation Guide. ClearCube Technology, Inc. XLmanage Version 2.4 Installation Guide ClearCube Technology, Inc. www.clearcube.com Copyright and Trademark Notices Copyright 2009 ClearCube Technology, Inc. All Rights Reserved. Information in this document

More information

DameWare Server. Administrator Guide

DameWare Server. Administrator Guide DameWare Server Administrator Guide About DameWare Contact Information Team Contact Information Sales 1.866.270.1449 General Support Technical Support Customer Service User Forums http://www.dameware.com/customers.aspx

More information

SIP Proxy Deployment Guide. SIP Server 8.1.1

SIP Proxy Deployment Guide. SIP Server 8.1.1 SIP Proxy Deployment Guide SIP Server 8.1.1 5/4/2018 Table of Contents SIP Proxy 8.1 Deployment Guide 3 SIP Proxy Architecture and Deployment 4 Supported Features 7 Prerequisites 9 Deploying SIP Proxy

More information

271 Waverley Oaks Rd. Telephone: Suite 206 Waltham, MA USA

271 Waverley Oaks Rd. Telephone: Suite 206 Waltham, MA USA Contacting Leostream Leostream Corporation http://www.leostream.com 271 Waverley Oaks Rd. Telephone: +1 781 890 2019 Suite 206 Waltham, MA 02452 USA To submit an enhancement request, email features@leostream.com.

More information

Installation Guide Install Guide Centre Park Drive Publication Date: Feb 11, 2010

Installation Guide Install Guide Centre Park Drive Publication Date: Feb 11, 2010 EventTracker Install Guide 8815 Centre Park Drive Publication Date: Feb 11, 2010 Columbia MD 21045 U.S. Toll Free: 877.333.1433 Abstract The purpose of this document is to help users install and configure

More information

VMware AirWatch Cloud Connector Guide ACC Installation and Integration

VMware AirWatch Cloud Connector Guide ACC Installation and Integration VMware AirWatch Cloud Connector Guide ACC Installation and Integration Workspace ONE UEM v1810 Have documentation feedback? Submit a Documentation Feedback support ticket using the Support Wizard on support.air-watch.com.

More information

1.0. Quest Enterprise Reporter Discovery Manager USER GUIDE

1.0. Quest Enterprise Reporter Discovery Manager USER GUIDE 1.0 Quest Enterprise Reporter Discovery Manager USER GUIDE 2012 Quest Software. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide

More information

Dialogic Media Toolkit API

Dialogic Media Toolkit API Dialogic Media Toolkit API Library Reference February 2008 05-2603-002 Copyright 2008,. All rights reserved. You may not reproduce this document in whole or in part without permission in writing from at

More information

Dialogic Host Media Processing Software Release 3.1LIN

Dialogic Host Media Processing Software Release 3.1LIN Dialogic Host Media Processing Software Release 3.1LIN Software Installation Guide January 2009 05-2598-002 Copyright and Legal Notice Copyright 2007-2009,. All Rights Reserved. You may not reproduce this

More information

Novell Access Manager

Novell Access Manager Quick Start AUTHORIZED DOCUMENTATION Novell Access Manager 3.1 SP2 June 11, 2010 www.novell.com Novell Access Manager 3.1 SP2 Quick Start Legal Notices Novell, Inc., makes no representations or warranties

More information

Getting Started with the VQE Startup Configuration Utility

Getting Started with the VQE Startup Configuration Utility CHAPTER 2 Getting Started with the VQE Startup Configuration Utility This chapter explains how to use the Cisco VQE Startup Configuration Utility to perform the initial configuration tasks needed to get

More information

MSE System and Appliance Hardening Guidelines

MSE System and Appliance Hardening Guidelines MSE System and Appliance Hardening Guidelines This appendix describes the hardening of MSE, which requires some services and processes to be exposed to function properly. This is referred to as MSE Appliance

More information

HP Load Balancing Module

HP Load Balancing Module HP Load Balancing Module Load Balancing Configuration Guide Part number: 5998-4218 Software version: Feature 3221 Document version: 6PW100-20130326 Legal and notice information Copyright 2013 Hewlett-Packard

More information

BIG-IP System: Migrating Devices and Configurations Between Different Platforms. Version

BIG-IP System: Migrating Devices and Configurations Between Different Platforms. Version BIG-IP System: Migrating Devices and Configurations Between Different Platforms Version 13.0.0 Table of Contents Table of Contents Migration of Configurations Between Different Platforms...5 About Migrating

More information

Dell Statistica. Statistica Enterprise Server Installation Instructions

Dell Statistica. Statistica Enterprise Server Installation Instructions Dell Statistica Statistica Enterprise Server Installation Instructions 2014 Dell Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in

More information

Copyright 2016 PTC Inc. and/or Its Subsidiary Companies. All Rights Reserved.

Copyright 2016 PTC Inc. and/or Its Subsidiary Companies. All Rights Reserved. ThingWorx Foundation Docker Installation Guide 1.2 ThingWorx Foundation Docker Installer September 2017 Copyright 2016 PTC Inc. and/or Its Subsidiary Companies. All Rights Reserved. User and training

More information

Blue Coat Security First Steps Solution for Controlling HTTPS

Blue Coat Security First Steps Solution for Controlling HTTPS Solution for Controlling HTTPS SGOS 6.5 Legal Notice Copyright 2017 Symantec Corp. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Blue Coat, and the Blue Coat logo are trademarks

More information