Administration
A31003-S2000-M102-3-76A9, 08/07/2009
3-24
Asterisk - OpenStage Family, Administration Manual
administration.fm
IP Network Parameters
3.3.7
Configuration & Update Service (DLS)
The Deployment Service (DLS) is a HiPath Management application for administering work-
points in both HiPath and non-HiPath networks. Amongst the most important features are: se-
curity (e.g. PSS generation and distribution within an SRTP security domain), mobility for opti-
Point and OpenStage SIP phones, software deployment, plug&play support, as well as error
and activity logging.
DLS address
, i.e. the IP address or hostname of the DLS server, and
DLS port
, i.e. the port
on which the DLS server is listening, are required to enable proper communication between
phone and DLS.
The
Contact gap
parameter controls a security function. It specifies a minimum time interval
that must elapse between individual HTTP requests from the phone which are responding to a
ContactMe request from the DLS. The ContactMe request is sent by the DLS each time the
DLS wants to execute an action on the phone, e. g. software deployment, or a configuration
change. Any requests coming within that time will be ignored. The purpose is to prevent DoS
(Denial of Service) attacks on the phone.
The
Security mode
determines whether the communication between the phone and the DLS
is secure. A secure connection is established by exchanging credentials between the DLS and
the phone for mutual authentication. After this, the communication is encrypted, and a different
port is used.
Data required
•
DLS address
: IP address or hostname of the server on which the Deployment Service is
running.
•
DLS port
: Port on which the DLS Deployment Service is listening.
Default: 18443.
•
Contact gap
: Minimum time interval in seconds that must elapse between responses to a
ContactMe request from the DLS, in order to prevent DoS attacks.
Default: 300.
>
With firmware V2, it is possible to operate the DLS server behind a firewall or NAT
(Network Address Translation), which prevents the DLS from sending ContactMe
messages directly to the phone. Only outbound connections from the phone are al-
lowed. To overcome this restriction, a DLS Contact-Me proxy (DCMP) can be deplo-
yed. The phone periodically polls the DCMP (DLS Contact-Me Proxy), which is
placed outside of the phone’s network, for pending contact requests from the DLS.
If there are contact requests, the phone will send a request to the DLS in order to
obtain the update, just as with a regular DLS connection.
The URI of the DCMP, as well as the polling interval, are configured by the DLS. For
this purpose, it is necessary that the phone establishes a first contact to the DLS,
e. g. by phone restart or local configuration change.