In some environments customers have several sites where Call Recording is installed. Some of the Call Recording recorders may be protected by a firewall because of various security procedures. In some situations this means that the Call Recording cluster needs to pass communications through a firewall. This procedure describes a situation where one of the Call Recording servers is installed on the “protected” site and the Replay server must access it in order to get recordings.
The most important step of this procedure is to configure Network File System (NFS) file sharing correctly. NFS file sharing uses a set of random ports by default, but in this case NFS file sharing must be configured to use static ports. These static ports must be open in the firewall.
- Open the following ports in the firewall. Communication is initiated by the Replay Server.
For NFS file sharing:- Open TCP ports: 111, 2049, 4001, 4002, 4003, 4004.
- Open ports UDP ports: 111, 2049, 4001, 4002, 4003, 4004.
If the database is PostgreSQL: Open TCP port: 5432.
If the database is Oracle: Open TCP port: 1521.
Configure NFS file sharing to use static ports. To do this edit the configuration file on the source Call Recording server (where recording is done, not the Replay server). Log in to the recording server using an SSH client, for example PuTTY.
Log in asadmin. Entersu -to log in as the root user. Enter the password, the default iszoomcallrec.
Edit or create the configuration file/etc/sysconfig/nfsand add the following contents:STATD_PORT=4001 LOCKD_TCPPORT=4002 LOCKD_UDPPORT=4002 MOUNTD_PORT=4003
Restart the NFS services using the following commands:
/etc/init.d/nfs restart /etc/init.d/nfslock restart
Run
rpcinfoand verify that all the ports above have changed to the correct values using the following command:/usr/sbin/rpcinfo -p
Create an NFS share on the source server. Using a text editor, edit the
/etc/exportsfile:
Type the correct IP address and mask of the server or network that will access resources on this server. Usually you will only need to type the IP address of the Replay server. Replace 10.20.30.40/32 with the correct IP address and mask of the server or network that will access the database./opt/callrec/data/calls 10.20.30.40/255.255.255.255(rw,sync,no_root_squash)
Allow remote connections on the source database. Edit the file
/opt/callrec/data/psql/pg_hba.confand add the appropriate line:host all all 10.20.30.40/32 md5
Again, replace 10.20.30.40/32 with the correct IP address and mask of the server or network that will access the database.
Mount NFS on the Replay server. You can configure the NFS directory to be mounted by editing the
/etc/fstab filesettings as shown in the following example, where 10.20.30.31 and 10.20.30.32 are the IP addresses of the source Call Recording servers from which the Replay server will synchronize the recordings:10.20.30.31:/opt/callrec/data/calls /mnt/src1/opt/callrec/data/calls nfs bg,soft,intr,timeo=14,tcp,rsize=8192,wsize=8192 0 0 10.20.30.32:/opt/callrec/data/calls /mnt/src2/opt/callrec/data/calls nfs bg,soft,intr,timeo=14,tcp,rsize=8192,wsize=8192 0 0
The mount path must contain the full local path on the source server, for example, when the source local path is
/opt/callrec/data/callsand the mount point on Replay server is located in the directory /mnt/src1, the full mount path on the Replay server must be/mnt/src1/opt/callrec/data/calls.Connect the shared directory by using the mount command and test whether you can access files.
[root@callrec ~]# mount -a
Create database pools for all source Call Recording servers on the Replay server:
<Pool name="CallRec_1" url="jdbc:postgresql://10.20.30.31:5432/callrec" poolType="ibatis" connValidator="cz.zoom.util.dbpool.validator.PsqlValidator"> <Login userName="callrec" password="callrec"/> <Connections max="20" init="1" timeOut="5"/> <ConfigFile fileName="/etc/callrec/tools.sqlMap.xml"/> </Pool> <Pool name="CallRec_2" url="jdbc:postgresql://10.20.30.32:5432/callrec" poolType="ibatis" connValidator="cz.zoom.util.dbpool.validator.PsqlValidator"> <Login userName="callrec" password="callrec"/> <Connections max="20" init="1" timeOut="5"/> <ConfigFile fileName="/etc/callrec/tools.sqlMap.xml"/> </Pool>
Configure the Synchro Tool on the Replay server by following the standard procedure and test the operation. The following example is a fragment of a configuration file
/opt/callrec/etc/tools.xmlon the Replay server that corresponds with the examples above:<SpecifiedConfiguration name="synchro"> <Group name="sources"> <EqualGroup name="source"> <Value name="database">CallRec_1</Value> <Value name="sysname">CallRec_1</Value> <Value name="mountPath">/mnt/src1</Value> <Value name="path">/opt/callrec/data/calls</Value> <Value name="copyFiles">true</Value> <Value name="processJTAPIRecCalls">true</Value> </EqualGroup> <EqualGroup name="source"> <Value name="database">CallRec_2</Value> <Value name="sysname">CallRec_2</Value> <Value name="mountPath">/mnt/src2</Value> <Value name="path">/opt/callrec/data/calls</Value> <Value name="copyFiles">true</Value> <Value name="processJTAPIRecCalls">true</Value> </EqualGroup> </Group> <Group name="target"> <Value name="database">Maintenance</Value> <Value name="path">/opt/callrec/data/calls</Value> <Value name="sysname">replay</Value> </Group> <Group name="target"> <Value name="database">Maintenance</Value> <Value name="path">/opt/callrec/data/calls</Value> <Value name="sysname">replay</Value> </Group> <Value name="enabled">true</Value> <Value name="time">older than 10 minutes</Value> <Value name="queryLimit">200</Value> <Value name="runAsDaemon">true</Value> <Value name="daemonNapPeriod">60</Value> <Value name="tmpDir">/tmp</Value> <Value name="synchronizeNoStreamCouples">true</Value> <Value name="markErroneus">false</Value> <Value name="ignoreCaptureFiles">true</Value> <Value name="intervalPeriod"/> </SpecifiedConfiguration>