PK )Doa,mimetypeapplication/epub+zipPK)DiTunesMetadata.plisth artistName Oracle Corporation book-info cover-image-hash 247139167 cover-image-path OEBPS/dcommon/oracle-logo.jpg package-file-hash 542986811 publisher-unique-id E40973-01 unique-id 460311840 genre Oracle Documentation itemName Oracle® Communications WebRTC Session Controller System Administrator's Guide, Release 7.0 releaseDate 2013-11-08T22:37:18Z year 2013 PK+mhPK)DMETA-INF/container.xml PKYuPK)DOEBPS/wsc_part.htm Configuring WebRTC Session Controller

Part I

Configuring WebRTC Session Controller

This part provides information on configuring the Oracle Communications WebRTC Session Controller Signaling Engine properties, Media Engine nodes, Diameter Rx to PCRF integration, and the Media Engine.

This part contains the following chapters:

PKwID PK)DOEBPS/cnf_heartbeat.htm9K Configuring Server Failure Detection

10 Configuring Server Failure Detection

This chapter describes how to use the Oracle Communications WebRTC Session Controller "echo server" process to improve SIP data tier failover performance when a server becomes physically disconnected from the network.

Overview of Failover Detection

In a production system, engine tier servers continually access SIP data tier replicas to retrieve and write call state data. The WebRTC Session Controller architecture depends on engine tier nodes to detect when a SIP data tier server has failed or become disconnected. When an engine cannot access or write call state data because a replica is unavailable, the engine connects to another replica in the same partition and reports the offline server. The replica updates the current view of the SIP data tier to account for the offline server, and other engines are then notified of the updated view as they access and retrieve call state data.

By default, an engine tier server uses its Remote Method Invocation (RMI) connection to the replica to determine if the replica has failed or become disconnected. The algorithms used to determine a failure of an RMI connection are reliable, but ultimately they depend on the TCP protocol's retransmission timers to diagnose a disconnection (for example, if the network cable to the replica is removed). Because the TCP retransmission timer generally lasts a full minute or longer, WebRTC Session Controller provides an alternate method of detecting failures that can diagnose a disconnected replica in a matter of a few seconds.

WlssEchoServer Failure Detection

WlssEchoServer is a separate process that you can run on the same server hardware as a SIP data tier replica. WlssEchoServer provides a simple UDP echo service to engine tier nodes used for determining when a SIP data tier server goes offline. The algorithm for detecting failures with WlssEchoServer is as follows:

  1. For all normal traffic, engine tier servers communicate with SIP data tier replicas using TCP. TCP is used as the basic transport between the engine tier and SIP data tier regardless of whether WlssEchoServer is used.

  2. Engine tier servers send a periodic heartbeat message to each configured WlssEchoServer over UDP. During normal operation, WlssEchoServer responds to the heartbeats so that the connection between the engine node and replica is verified.

  3. Should there be a complete failure of the SIP data tier stack, or the network cable is disconnected, the heartbeat messages are not returned to the engine node. In this case, the engine node can mark the replica as being offline without having to wait for the normal TCP connection timeout.

  4. After identifying the offline server, the engine node reports the failure to an available SIP data tier replica, and the SIP data tier view is updated as described in the previous section.

Also, should a SIP data tier server notice that its local WlssEchoServer process has died, it automatically shuts down. This behavior ensures even quicker failover because avoids the time it takes engine nodes to notice and report the failure as described in "Overview of Failover Detection".

You can configure the heartbeat mechanism on engine tier servers to increase the performance of failover detection as necessary. You can also configure the listen port and log file that WlssEchoServer uses on SIP data tier servers.

Forced Shutdown for Failed Replicas

If any engine tier server cannot communicate with a particular replica, the engine access another, available replica in the SIP data tier to report the offline server. The replica updates its view of the affected partition to remove the offline server. The updated view is then distributed to all engine tier servers that later access the partition. Propagating the view in this manner helps to ensure that engine servers do not attempt to access the offline replica.

The replica that updates the view also issues a one-time request to the offline replica to ask it to shut down. This is done to try to shut-down running replica servers that cannot be accessed by one or more engine servers due to a network outage. If an active replica can reach the replica marked as "offline," the offline replica shuts down.

WlssEchoServer Requirements and Restrictions


Note:

Using WlssEchoServer is not required in all WebRTC Session Controller installations. Enable the echo server only when your system requires detection of a network or replica failure faster than the configured TCP timeout interval.

Observe the following requirements and restrictions when using WlssEchoServer to detect replica failures:

  • If you use the heartbeat mechanism to detect failures, you must ensure that the WlssEchoServer process is always running on each replica server. If the WlssEchoServer process fails or is stopped, the replica will be treated as being "offline" even if the server process is unaffected.

  • The WlssEchoServer listens on all IP addresses available on the server.

  • WlssEchoServer requires a dedicated port number to listen for heartbeat messages.

Starting WlssEchoServer on SIP Data Tier Server Machines

WlssEchoServer is a Java program that you can start directly from a shell or command prompt. The basic syntax for starting WlssEchoServer is:

java -classpath WLSS_HOME/server/lib/wlssechosvr.jar options com.bea.wcp.util.WlssEchoServer

Where WLSS_HOME is the path to the WebLogic Server SIP directory and options may include one of the options described in Table 10-1.

Table 10-1 WlssEchoServer Options

OptionDescription
-Dwlss.ha.echoserver.ipaddress

Specifies the IP address on which the WlssEchoServer instance listens for heartbeat messages. If you do not specify an IP address, the instance listens on any available IP address (0.0.0.0).

-Dwlss.ha.echoserver.port

Specifies the port number used to listen for heartbeat messages. Ensure that the port number you specify is not used by any other process on the server. By default WlssEchoServer uses port 6734.

-Dwlss.ha.echoserver.logfile

Specifies the log file location and name. By default, WebLogic writes log messages to ./echo_servertime.log where time is the time expressed in milliseconds.


Oracle recommends that you include the command to start WlssEchoServer in the same script you use to start each WebRTC Session Controller SIP data tier instance. If you use the startManagedWebLogic.sh script to start an engine or SIP data tier server instance, add a command to start WlssEchoServer before the final command used to start the server. For example, change the lines:

"$JAVA_HOME/bin/java" ${JAVA_VM} ${MEM_ARGS} ${JAVA_OPTIONS}     \
  -Dweblogic.Name=${SERVER_NAME}                                 \
  -Dweblogic.management.username=${WLS_USER}                     \
  -Dweblogic.management.password=${WLS_PW}                       \
  -Dweblogic.management.server=${ADMIN_URL}                      \
  -Djava.security.policy="${WL_HOME}/server/lib/weblogic.policy" \
   weblogic.Server

to read:

"$JAVA_HOME/bin/java" -classpath WLSS_HOME/server/lib/wlssechosvr.jar    \
  -Dwlss.ha.echoserver.ipaddress=192.168.1.4                   \
  -Dwlss.ha.echoserver.port=6734 com.bea.wcp.util.WlssEchoServer &
"$JAVA_HOME/bin/java" ${JAVA_VM} ${MEM_ARGS} ${JAVA_OPTIONS}     \
  -Dweblogic.Name=${SERVER_NAME}                                 \
  -Dweblogic.management.username=${WLS_USER}                     \
  -Dweblogic.management.password=${WLS_PW}                       \
  -Dweblogic.management.server=${ADMIN_URL}                      \
  -Djava.security.policy="${WL_HOME}/server/lib/weblogic.policy" \
   weblogic.Server 

Enabling and Configuring the Heartbeat Mechanism on Servers

To enable the WlssEchoServer heartbeat mechanism, you must include the -Dreplica.host.monitor.enabled JVM argument in the command you use to start all engine and SIP data tier servers. Oracle recommends adding this option directly to the script used to start Managed Servers in your system. For example, in the startManagedWebLogic.sh script, change the line:

# JAVA_OPTIONS="-Dweblogic.attribute=value -Djava.attribute=value"

to read:

JAVA_OPTIONS="-Dreplica.host.monitor.enabled=true"

Several additional JVM options configure the functioning of the heartbeat mechanism. Table 10-2 describes the options used to configure failure detection.

Table 10-2 WlssEchoServer Options

OptionDescription
-Dreplica.host.monitor.enabled

This system property is required on both engine and SIP data tier servers to enable the heartbeat mechanism.

-Dwlss.ha.heartbeat.interval

Specifies the number of milliseconds between heartbeat messages. By default heartbeats are sent every 1,000 milliseconds.

-Dwlss.ha.heartbeat.count

Specifies the number of consecutive, missed heartbeats that are permitted before a replica is determined to be offline. By default, a replica is marked offline if the WlssEchoServer process on the server fails to respond to 3 heartbeat messages.

-Dwlss.ha.heartbeat.SoTimeout

Specifies the UDP socket timeout value.


PK$S099PK)DOEBPS/net_diameter_config.htm Configuring WebRTC Session Controller Diameter Rx to PCRF Integration

5 Configuring WebRTC Session Controller Diameter Rx to PCRF Integration

This chapter describes how to integrate Oracle Communications WebRTC Session Controller with a Diameter Rx Policy Control and Charging Rules Function (PCRF) server.

About the WebRTC Session Controller Rx Interface

You can use WebRTC Session Controller to enforce media and Quality of Service (QoS) policies by integrating with a PCRF using the Diameter Rx interface. The Diameter Rx interface includes session information and access charging identifiers that both your PCRF and WebRTC Session Controller implementation can use to enforce QoS limits.

See the chapter on using policy data in messages and the appendix section on Diameter Rx Protocol support in WebRTC Session Controller Extension Developer's Guide for more information on supported commands, requests and answers.

Overview of Diameter Rx Protocol Configuration

WebRTC Session Controller domain includes support for the Diameter base protocol and the IMS Diameter Rx interface deployed to engine tier servers that act as Diameter client nodes. SIP Servlets deployed on the engines can use the available Diameter application to initiate requests for PCRF functions.

Installing the Diameter Domain Template

You enable Diameter Rx functionality by extending an existing WebRTC Session Controller domain with the appropriate WebRTC Session Controller Diameter domain template JAR file located in:

Middleware_Home/wlserver/common/templates/wls directory

where Middleware_Home is the directory where you installed WebRTC Session Controller.

Domain template files are provided for both basic domain and replicated domain configurations. Use the wsc_diameter_basicdomain.jar when updating basic domains and the wsc_diameter_replicateddomain.jar when updating replicated domains.

To upgrade an existing domain with the Diameter Domain template:

  1. Log on to the host where you installed WebRTC Session Controller.

  2. Navigate to the Middleware_Home/common/bin directory where Middleware_Home is the location where you installed WebRTC Session Controller.

  3. Start the Fusion Middleware Configuration Wizard with ./config.sh.

  4. On the Configuration Type wizard screen, select Update an existing domain.

  5. In the Domain Location, enter the path to the domain directory of the domain you are updating. Alternatively, click Browse to browse to and select the location.

  6. Click Next.

  7. In the Templates wizard screen, select Update Domain Using Custom Template.

  8. Click Browse.

  9. Browse to and select the Middleware_Home/wlserver/common/templates/wls directory.

  10. Click Open.

  11. Select either the wsc_diameter_basicdomain.jar or wsc_diameter_replicateddomain.jar template file corresponding to your domain.

  12. Click OK.

  13. Click Next.

  14. Adjust any properties in the Advance Configuration wizard screen if needed.

  15. Click Next.

  16. In the Configuration Summary wizard screen click Update.

  17. Click Next when the update is done.

  18. Click Finish to exit the wizard.

Creating TCP, TLS, and SCTP Network Channels for the Diameter Protocol

The WebRTC Session Controller Diameter implementation supports the Diameter protocol over the TCP, TLS, and SCTP transport protocols. (SCTP transport is provided with certain restrictions as described in "Configuring and Using SCTP for Diameter Messaging".)

To enable incoming Diameter connections on a server, you must configure a dedicated network channel of the appropriate protocol type:

  • diameter channels use TCP transport

  • diameters channels use TCP/TLS transport

  • diameter-sctp channels use TCP/SCTP transport.

Servers that use a TCP/TLS channel for Diameter (diameters channels) must also enable two-way SSL. WebRTC Session Controller may automatically upgrade Diameter TCP connections to use TLS as described in the Diameter specification (RFC 3558).

To configure a TCP or TCP/TLS channel for use with the Diameter provider:

  1. Access the Administration Console for the WebRTC Session Controller domain.

  2. Click Lock & Edit to obtain a configuration lock.

    If you are using a development domain, Lock & Edit is only present if you enable configuration locking. See "Enable and disable the domain configuration lock" in the Administration Console Online Help for more information.

  3. In the Domain Structure tree, expand Environment.

  4. Click Servers.

  5. In the Servers table, select the server to configure.

  6. Select the Protocols tab, and then select the Channels subtab to display the configured channels.

  7. Click New to configure a new channel.

  8. Fill in the fields of the Identity Properties page as follows:

    • Name: Enter an administrative name for this channel, such as "Diameter TCP/TLS Channel."

    • Protocol: Select diameter to support the TCP transport, diameters to support both TCP and TLS transports, or diameter-sctp to support TCP transport.


      Note:

      If a server configures at least one TLS channel, the server operates in TLS mode and will reject peer connections from nodes that do not support TLS (as indicated in their capabilities exchange).

  9. Click Next to continue.

  10. Fill in the fields of the Network Channel Addressing page as follows:

    • Listen Address: Enter the IP address or DNS name for this channel. On a multi-homed system, enter the exact IP address of the interface you want to configure, or a DNS name that maps to the exact IP address.

    • Listen Port: Enter the port number used to communication through this channel. Diameter nodes conventionally use port 3868 for incoming connections.

    • External Listen Address: The external IP address or DNS name for this channel.

    • External Listen Port: Re-enter the Listen Port value.

  11. Click Next to continue.

  12. Chose attributes in the Network Channel Properties page as follows:

    • Enabled: Select this attribute to ensure that the new channel accepts network traffic.

    • Tunneling Enabled: Un-check this attribute for Diameter channels.

    • HTTP Enabled for this Protocol: Un-check this attribute for Diameter channels.

    • Outbound Enabled: Select this attribute to ensure that the node can initiate Diameter messages using the channel.

  13. Click Next to continue.

  14. For diameters channels, select the following two attributes:

    • Two Way SSL Enabled: Two-way SSL is required for TLS transport.

    • Client Certificate Enforced: Select this attribute to honor available client certificates for secure communication.

  15. Click Finish to create the new channel.

  16. Select the name of the newly-created channel in the Network Channels table.

  17. Display the advanced configuration items for the newly-created channel by expanding the Advanced link.

  18. Change the Idle Connection Timeout value from the default (65 seconds) to a larger value that will ensure the Diameter connection remains consistently available.


    Note:

    If you do not change the default value, the Diameter connection will be dropped and recreated every 65 seconds with idle traffic.

  19. Click Save.

  20. Click Activate Changes.

Configuring Two-Way SSL for Diameter TLS Channels

Diameter channels that use TLS (diameters channels) require that you also enable two-way SSL, which is disabled by default. If you have not already configured Two-Way SSL, see "Configuring SSL" in Administering Security for Oracle WebLogic Server for more information.

Configuring and Using SCTP for Diameter Messaging

SCTP is a reliable, message-based transport protocol that is designed for use in telephony networks. SCTP provides several benefits over TCP:

  • SCTP preserves the internal structure of messages when transmitting data to an endpoint, whereas TCP transmits raw bytes that must be received in order.

  • SCTP supports multihoming, where each endpoint may have multiple IP addresses. The SCTP protocol can transparently failover to another IP address should a connection fail.

  • SCTP provides multistreaming capabilities, where multiple streams in a connection transmit data independently of one another.

WebRTC Session Controller supports SCTP for Diameter network traffic, with several limitations:

  • Only 1 stream per connection is currently supported.

  • Use SCTP only for Diameter network traffic; SIP traffic cannot use a configured SCTP channel.

  • TLS is not supported over SCTP.

SCTP channels can operate on either IPv4 or IPv6 networks. "Creating TCP, TLS, and SCTP Network Channels for the Diameter Protocol" describes how to create a SCTP channel. To enable multihoming capabilities for an existing SCTP channel, specify the IPv4 address 0.0.0.0 as the listen address for the channel (or use the :: address for IPv6 networks).

Configuring Diameter Nodes

The Diameter node configuration for WebRTC Session Controller engines is specified in the diameter.xml configuration file, which is located in the directory: Middleware_Home/user_projects/domains/domain_name/config/custom

Where Middleware_Home is the directory in which the WebRTC Session Controller software is installed (the installation program used to install WebRTC Session Controller refers to this as Middleware Home), and domain_name is the name of the Diameter domain.

To provide diameter services on an engine tier server, you must create a Diamter node configuration and target the configuration to an existing engine server instance.

Diameter node configurations are divided into several categories:

  • General configuration defines the host identity and realm for the node, and basic connection information and default routing behavior.

  • Application configuration defines the Diameter application(s) that run on the node, and any optional configuration parameters passed to those applications.

  • Peer configuration defines the other Diameter nodes with which this node operates.

  • Routes configuration defines realm-based routes that the node can use when resolving messages.

The sections that follow describe how to configure each aspect of a Diameter node.

Creating a New Node Configuration (General Node Configuration)

Follow these steps to create a Diameter node configuration and target it to an existing WebRTC Session Controller engine tier instance:

  1. Log in to the Administration Console for the WebRTC Session Controller domain you want to configure.

  2. Click Lock & Edit to obtain a configuration lock.

    If you are using a development domain, Lock & Edit is only present if you enable configuration locking. See "Enable and disable the domain configuration lock" in the Administration Console Online Help for more information.

  3. In the Domain Structure tree, select Diameter.

  4. Click New in the right pane to create a Diameter configuration.

  5. Fill in the fields of the Create a New Configuration page as described in Table 5-1, then click Finish.

    Table 5-1 Diameter Node General Configuration Properties

    Property NameDescription

    Name

    Enter the administrative name for this Diameter node configuration.

    Host

    Enter the host identity of this Diameter node, or leave the field blank to automatically assign the host name of the target engine tier server as the Diameter node's host identity. The host identity may or may not match the DNS name.

    When configuring Diameter support for multiple Sh client nodes, it is best to omit the host element from the diameter.xml file. This omission enables you to deploy the same Diameter web Application to all servers in the engine tier cluster, and the host name is dynamically obtained for each server instance.

    Realm

    Enter the realm name for which this node has responsibility, or leave the field blank to use the domain name portion of the target engine tier server's fully-qualified host name (for example, host@oracle.com).

    You can run multiple Diameter nodes on a single host using different realms and listen port numbers.

    Note: An HSS, Application Server, and relay agents must all agree on a realm name or names. The realm name for the HSS and Application Server need not match.

    Address

    Enter the listen address for this Diameter node, using either the DNS name or IP address, or leave the field blank to use the host identity as the listen address.

    Note: The host identity may or may not match the DNS name of the Diameter node. Oracle recommends configuring the Address property with an explicit DNS name or IP address to avoid configuration errors.

    TLS

    Select this option if the Diameter node is configured with support for TLS (diameters network channels). This field advertises TLS capabilities when the node is interrogated by another Diameter node.

    Debug

    Select this option to enable debug message output. Debug messages are disabled by default.

    Dynamic Peers Allowed

    Select this option to allow dynamic discovery of Diameter peer nodes. Dynamic peer support is disabled by default. Oracle recommends enabling dynamic peers only when using the TLS transport, because no access control mechanism is available to restrict hosts from becoming peers.

    Peer Retry Delay

    Enter the amount of time, in seconds, this node waits before retrying a request to a Diameter peer. The default value is 30 seconds.

    Request Timeout

    Enter the amount of time, in milliseconds, this node waits for an answer message before timing out.

    Watchdog Timeout

    Enter the number of seconds this node uses for the value of the Diameter Tw watchdog timer interval.

    Targets

    Enter one or more target engine tier server names. The Diameter node configuration only applies to servers listed in this field.

    Default Route Action

    Specify an action type that describes the role of this Diameter node when using a default route. The value of this element can be one of the following:

    • none

    • local

    • relay

    • proxy

    • redirect

    Default Route Servers

    Specifies one or more target servers for the default route. Any server you include in this element must also be defined as a peer to this Diameter node, or dynamic peer support must be enabled.


  6. Click Finish.

  7. Click Activate Changes to apply the configuration to target servers.

After creating a general node configuration, the configuration name appears in the list of Diameter nodes. You can select the node to configure Diameter applications, peers, and routes, as described in the sections that follow.

Configuring Diameter Applications

Each Diameter node can deploy one or more applications. To configure Diameter Rx applications:

  1. Log in to the Administration Console for the WebRTC Session Controller domain you want to configure.

  2. Click Lock & Edit to obtain a configuration lock.

    If you are using a development domain, Lock & Edit is only present if you enable configuration locking. See "Enable and disable the domain configuration lock" in the Administration Console Online Help for more information.

  3. In the Domain Structure tree, select Diameter.

  4. In the Diameter Configurations table, select the name of a Diameter node configuration.

  5. Select the Applications tab.

  6. Click New to configure a new Diameter application, or select an existing application configuration from the table.

  7. Fill in the application properties as follows:

    • Application Name: Enter a name for the application configuration.

    • Class Name: Enter the classname of the application to deploy on this node.

    • Parameters: Enter optional parameters to pass to the application upon startup.

  8. Click Finish to create the new application configuration.

  9. Click Activate Changes to apply the configuration to the Diameter node.

Configuring the Rx Client Application

The WebRTC Session Controller Rx client application enables SIP Servlets to issue PCRF messages using the IMS Rx interface. To configure the Rx application, specify the class com.bea.wcp.diameter.charging.RxApplication.

See the chapter on using policy data in messages in WebRTC Session Controller Extension Developer's Guide for more information about using the Rx application API in deployed applications.

Configuring Peer Nodes

A Diameter node should define peer connection information for each other Diameter node in the realm, or enable dynamic peers in combination with TLS transport to allow peers to be recognized automatically.

To configure Diameter Peer Nodes:

  1. Log in to the Administration Console for the WebRTC Session Controller domain you want to configure.

  2. Click Lock & Edit to obtain a configuration lock.

    If you are using a development domain, Lock & Edit is only present if you enable configuration locking. See "Enable and disable the domain configuration lock" in the Administration Console Online Help for more information.

  3. In the Domain Structure tree, select Diameter.

  4. In the Diameter Configurations table, select the name of a Diameter node configuration you want to add a peer to.

  5. Select the Peers tab.

  6. Click New to define a new peer entry.

  7. Fill in the fields of the Create a New Peer page as follows:

    • Host: Enter the peer node's host identity.

    • Address: Enter the peer node's address (DNS name or IP address).

    • Port Number: Enter the listen port number of the peer node.

    • Protocol: Select the protocol used to communicate with the peer (TCP or SCTP).


      Note:

      WebRTC Session Controller attempts to connect to the peer using only the protocol you specify (TCP or SCTP). The other protocol is not used, even if a connection fails using the selected protocol. TCP is used as by default if you do not specify a protocol.

    • Watchdog: Indicate whether the peer supports the Diameter Tw watchdog timer interval.

  8. Click Finish to create the new peer entry.

  9. Click Activate Changes to apply the configuration.

Configuring Routes

Certain Diameter nodes, such as relays, should configure realm-based routes for use when resolving Diameter messages. You configure Diameter routes in the Administration Console.

To configure Diameter routes:

  1. Log in to the Administration Console for the WebRTC Session Controller domain you want to configure.

  2. Click Lock & Edit to obtain a configuration lock.

    If you are using a development domain, Lock & Edit is only present if you enable configuration locking. See "Enable and disable the domain configuration lock" in the Administration Console Online Help for more information.

  3. In the Domain Structure tree, select Diameter.

  4. In the Diameter Configurations table, select the name of a Diameter node you want to configure a route for.

  5. Select the Routes tab.

  6. Click New to configure a new Route.

  7. Fill in the fields of the Create a New Route page as follows:

    • Name: Enter an administrative name for the route.

    • Realm: Enter the target realm for this route.

    • Application ID: Enter the target Diameter application ID for this route.

    • Action: Select an action that this node performs when using the configured route. The action type may be one of: none, local, relay, proxy, or redirect.

    • Server Names: Enter the names of target servers that will use the route.

  8. Click Finish to create the new route entry.

  9. Click Activate Changes to apply the configuration.

Troubleshooting Diameter Configurations

SIP Servlets deployed on WebRTC Session Controller use the available Diameter applications to initiate requests for PCRF information. If a SIP Servlet performing these requests generates an error similar to:

Failed to dispatch Sip message to servlet ServletName
java.lang.IllegalArgumentException: No registered provider for protocol: Protocol

The message may indicate that you have not properly configured the associated Diameter application for the protocol. See "Configuring Diameter Applications" for more information.

If you experience problems connecting to a Diameter peer node, verify that you havev configured the correct protocol for communicating with the peer in "Configuring Peer Nodes". Be aware that WebRTC Session Controller tries only the protocol you specify for the peer configuration (or TCP if you do not specify a protocol).

PK 퓁PK)DOEBPS/cover.htm  Cover

Oracle Corporation

PK@t` PK)DOEBPS/ref_diameter_dd.htm0Jϵ Diameter Configuration Reference (diameter.xml)

20 Diameter Configuration Reference (diameter.xml)

This chapter describes the Oracle Communications WebRTC Session Controller Diameter configuration file, diameter.xml.

Overview of diameter.xml

The diameter.xml file configures attributes of a Diameter node, such as:

  • The host identity of the Diameter node

  • The Diameter applications that are deployed on the node

  • Connection information for Diameter peer nodes

  • Routing information and default routes for handling Diameter messages.

The Diameter protocol implementation reads the configuration file at start time. diameter.xml is stored in the domain_home/config/custom subdirectory where domain_home is the root directory of the WebRTC Session Controller domain.

Graphical Representation

Figure 20-1 shows the element hierarchy of the diameter.xml file.

Figure 20-1 Element Hierarchy of diameter.xml

Description of Figure 20-1 follows

Editing diameter.xml


WARNING:

You should never move, modify, or delete the diameter.xml file during normal operations.


Oracle recommends using the Administration Console to modify diameter.xml indirectly, rather than editing the manually with a text editor. Using the Administration Console ensures that the diameter.xml document always contains valid XML.

You may need to manually view or edit diameter.xml to troubleshoot problem configurations, repair corrupted files, or to roll out custom Diameter node configurations to a large number of machines when installing or upgrading WebRTC Session Controller. When you manually edit diameter.xml, you must restart Diameter nodes to apply your changes.


Caution:

Always use the Diameter node in the Administration Console or the WLST utility, as described in Chapter 7, "Configuring WebRTC Session Controller Container Properties" to make changes to a running WebRTC Session Controller deployment.

Steps for Editing diameter.xml

If you need to modify diameter.xml on a production system, follow these steps:

  1. Use a text editor to open the WSC_home/config/custom/diameter.xml file, where WSC_home is the root directory of the WebRTC Session Controller domain.

  2. Modify the diameter.xml file as necessary. See "XML Element Description" for a full description of the XML elements.

  3. Restart or start servers to have your changes take effect.

  4. Test the updated system to validate the configuration.

XML Schema

The XML schema file (wcp-diameter.xsd) is bundled within the wlssdiameter.jar library, installed in WL_home/wlserver/sip/server/lib, where WL_home is the path to the directory where WebLogic Server is installed.

Example diameter.xml File

See Chapter 5, "Configuring WebRTC Session Controller Diameter Rx to PCRF Integration" for examples of diameter.xml configuration files.

XML Element Description

The following sections describe each XML element in diameter.xml.

configuration

The top level configuration element contains the entire diameter node configuration.

target

Specifies one or more target WebRTC Session Controller instances to which the node configuration is applied. The target servers must be defined in the config.xml file for your domain.

host

Specifies the host identity for this Diameter node. If no host element is specified, the identity is taken from the local server's host name. The host identity may or may not match the DNS name.


Note:

When configuring Diameter support for multiple Sh client nodes, it is best to omit the host element from the diameter.xml file. This omission enables you to deploy the same Diameter web application to all servers in the engine tier cluster, and the host name is dynamically obtained for each server instance.

realm

Specifies the realm name for which this Diameter node has responsibility. You can run multiple Diameter nodes on a single host using different realms and listen port numbers. The HSS, Application Server, and relay agents must all agree on a realm name or names. The realm name for the HSS and Application Server need not match.

If you omit the realm element, the realm named is derived using the domain name portion of the host name, if the host name is fully-qualified (for example, host@oracle.com).

address

Specifies the listen address for this Diameter node, using either the DNS name or IP address. If you do not specify an address, the node uses the host identity as the listen address.


Note:

The host identity may or may not match the DNS name of the Diameter node. Oracle recommends configuring the address element with an explicit DNS name or IP address to avoid configuration errors.

port

Specifies the TCP or TLS listen port for this Diameter node. The default port is 3868.

tls-enabled

This element is used only for standalone node operation to advertise TLS capabilities.

WebRTC Session Controller ignores the tls-enabled element for nodes running within a server instance. Instead, TLS transport is reported as enabled if the server instance has configured a Network Channel having TLS support (a diameters channel). See "Creating TCP, TLS, and SCTP Network Channels for the Diameter Protocol" in Chapter 5, "Configuring WebRTC Session Controller Diameter Rx to PCRF Integration."

sctp-enabled

This element is used only for standalone node operation to advertise SCTP capabilities.

WebRTC Session Controller ignores the sctp-enabled element for nodes running within a server instance. Instead, SCTP transport is reported as enabled if the server instance has configured a Network Channel having SCTP support (a diameter-sctp channel). See "Creating TCP, TLS, and SCTP Network Channels for the Diameter Protocol" in Chapter 5, "Configuring WebRTC Session Controller Diameter Rx to PCRF Integration."

debug-enabled

Specifies a boolean value to enable or disable debug message output. Debug messages are disabled by default.

message-debug-enabled

Specifies a boolean value to enable or disable tracing of Diameter messages. This element is disabled by default.

application

Configures a particular Diameter application to run on the selected node. WebRTC Session Controller includes applications to support nodes that act as Diameter Rx clients, Diameter relay agents, or Home Subscriber Servers (HSS). The HSS application is a simulator that is provided only for development or testing purposes.

class-name

Specifies the application class file to load.

param*

Specifies one or more optional parameters to pass to the application class.

name

Specifies the name of the application parameter.

value

Specifies the value of the parameter.

peer-retry-delay

Specifies the number of seconds this node waits between retries to Diameter peers. The default value is 30 seconds.

allow-dynamic-peers

Specifies a boolean value that enables or disables dynamic peer configuration. Dynamic peer support is disabled by default. Oracle recommends enabling dynamic peers only when using the TLS transport, because no access control mechanism is available to restrict hosts from becoming peers.

request-timeout

Specifies the number of milliseconds to wait for an answer from a peer before timing out.

watchdog-timeout

Specifies the number of seconds used for the Diameter Tw watchdog timer.

include-origin-state-id

Specifies whether the node should include the origin state AVP in requests and answers.

supported-vendor-id+

Specifies one or more vendor IDs to be added to the Supported-Version-Ids AVP in the capabilities exchange.

peer+

Specifies connection information for an individual Diameter peer. You can choose to configure connection information for individual peer nodes, or allow any node to be dynamically added as a peer. Oracle recommends using dynamic peers only if you are using the TLS transport, because there is no way to filter or restrict hosts from becoming peers when dynamic peers are enabled.

When configuring Sh client nodes, the peers element should contain peer definitions for each Diameter relay agent deployed to your system. If your system does not use relay agents, you must include a peer entry for the Home Subscriber Server (HSS) in the system and for all other engine tier nodes that act as Sh client nodes.

When configuring Diameter relay agent nodes, the peers element should contain peer entries for all Diameter client nodes that access the peer and the HSS.

host

Specifies the host identity for a Diameter peer.

address

Specifies the listen address for a Diameter peer. If you do not specify an address, the host identity is used.

port

Specifies the TCP or TLS port number for this Diameter peer. The default port is 3868.

protocol

Specifies the protocol used by the peer. This element may be one of tcp or sctp.

route

Defines a realm-based route that this node uses when resolving messages.

When configuring Sh client nodes, you should specify a route to each Diameter relay agent node deployed in the system and a default-route to a selected relay. If your system does not use relay agents, simply configure a single default-route to the HSS.

When configuring Diameter relay agent nodes, specify a single default-route to the HSS.

realm

The target realm used by this route.

application-id

The target application ID for the route.

action

An action type that describes the role of the Diameter node when using this route. The value of this element can be one of the following:

  • none

  • local

  • relay

  • proxy

  • redirect

server+

Specifies one or more target servers for this route. Any server specified in the server element must also be defined as a peer to this Diameter node, or dynamic peer support must be enabled.

default-route

Defines a default route to use when a request cannot be matched to a configured route.

action

Specifies the default routing action for the Diameter node. See "route" for more information.

server+

Specifies one or more target servers for the default route. Any server you include in this element must also be defined as a peer to this Diameter node, or dynamic peer support must be enabled.

PKhw5J0JPK)DOEBPS/ref_data_tier_dd.htm{ SIP Data Tier Configuration Reference (datatier.xml)

19 SIP Data Tier Configuration Reference (datatier.xml)

The chapter describes the Oracle Communications WebRTC Session Controller SIP data tier configuration file, datatier.xml:

Overview of datatier.xml

The datatier.xml configuration file identifies servers that manage the concurrent call state for SIP applications, and defines how those servers are arranged into SIP data tier partitions. A partition refers to one or more SIP data tier server instances that manage the same portion of the call state. Multiple servers in the same partition are referred to as replicas because they all manage a copy of the same portion of the call state.

datatier.xml is stored in the domain_home/config/custom subdirectory where domain_home is the root directory of WebRTC Session Controller domain.

Editing datatier.xml

You can edit datatier.xml using either the Administration Console or a text editor. Changes to the SIP data tier configuration cannot be applied to servers dynamically; you must restart servers to change SIP data tier membership or reconfigure partitions.

XML Schema

This schema file is bundled within the wlss-descriptor-binding.jar library, installed in the Middleware_Home/wlserver/sip/server/lib directory where Middleware_Home is the path to the directory where WebLogic Server is installed

Example datatier.xml File

Example 19-1 shows the template datatier.xml file created using the Configuration Wizard. See also "Example SIP Data Tier Configurations and Configuration Files" in Chapter 8, "Configuring SIP Data Tier Partitions and Replicas."

Example 19-1 Default datatier.xml File

<st:data-tier xmlns:st="http://bea.com/wcp/sip/management/internal/webapp">
 <st:partition>
   <st:name>partition-0</st:name>
   <st:server-name>replica1</st:server-name>
   <st:server-name>replica2</st:server-name>
 </st:partition>
</st:data-tier>

XML Element Description

datatier.xml contains one or more partition elements that define servers' membership in a SIP data tier partition. All SIP data tier clusters must have at least one partition. Each partition contains the XML elements described in Table 19-0.

Table 19-1 Nested partition Elements

ElementDescription

name

A String value that identifies the name of the partition. Oracle recommends including the number of the partition (starting at 0) in the text of the name for administrative purposes. For example, "partition-0."

server-name

Specifies the name of a WebRTC Session Controller instance that manages call state in this partition. You can define up two three servers per partition element. Multiple servers in the same partition maintain the same call state data, and are referred to as replicas.

Oracle recommends including the number of the server (starting with 0) and the number of the partition in the server name for administrative purposes. For example, "replica-0-0."


PKb‰PK)DOEBPS/cnf_jvmrand.htmX Avoiding JVM Delays Caused By Random Number Generation

17 Avoiding JVM Delays Caused By Random Number Generation

This chapter describes how to avoid Java Virtual Machine (JVM) delays in Oracle Communications WebRTC Session Controller processes caused by random number generation.

Avoiding JVM Delays Caused by Random Number Generation

The library used for random number generation in Oracle's JVM relies on /dev/random by default for UNIX platforms. This can potentially block the WebRTC Session Controller process because on some operating systems /dev/random waits for a certain amount of "noise" to be generated on the host system before returning a result. Although /dev/random is more secure, Oracle recommends using /dev/urandom if the default JVM configuration delays WebRTC Session Controller startup.

To determine if your operating system exhibits this behavior, try displaying a portion of the file from a shell prompt:

head -n 1 /dev/random

If the command returns immediately, you can use /dev/random as the default generator for Oracle's JVM. If the command does not return immediately, use these steps to configure the JVM to use /dev/urandom:

  1. Open the JAVA_HOME/jre/lib/security/java.security file in a text editor where JAVA_HOME is the location of your java installation.

  2. Change the line:

    securerandom.source=file:/dev/random
    

    to read:

    securerandom.source=file:/dev/urandom
    
  3. Save your change and exit the text editor.

PKOJ] X PK)DOEBPS/cnf_datatier.htm[g Configuring SIP Data Tier Partitions and Replicas

8 Configuring SIP Data Tier Partitions and Replicas

This chapter describes how to configure Oracle Communications WebRTC Session Controller instances that form the SIP data tier cluster of a deployment.

Overview of SIP Data Tier Configuration

The WebRTC Session Controller SIP data tier is a cluster of server instances that manages the application call state for concurrent SIP calls. The SIP data tier may manage a single copy of the call state or multiple copies as needed to ensure that call state data is not lost if a server fails or network connections are interrupted.

The SIP data tier cluster is arranged into one or more partitions. A partition consists of one or more SIP data tier server instances that manage the same portion of concurrent call state data. In a single-server WebRTC Session Controller installation, or in a two-server installation where one server resides in the engine tier and one resides in the SIP data tier, all call state data is maintained in a single partition. Multiple partitions are required when the size of the concurrent call state exceeds the maximum size that can be managed by a single server instance. When more than one partition is used, the concurrent call state is split among the partitions, and each partition manages an separate portion of the data. For example, with a two-partition SIP data tier, one partition manages the call state for half of the concurrent calls (for example, calls A through M) while the second partition manages the remaining calls (N through Z).

In most cases, the maximum call state size that can be managed by an individual server corresponds to the Java Virtual Machine limit of approximately 1.6 GB per server.

Additional servers can be added within the same partition to manage copies of the call state data. When multiple servers are members of the same partition, each server manages a copy of the same portion of the call data, referred to as a replica of the call state. If a server in a partition fails or cannot be contacted due to a network failure, another replica in the partition supplies the call state data to the engine tier. Oracle recommends configuring two servers in each partition for production installations, to guard against system or network failures. A partition can have a maximum of three replicas for providing additional redundancy.

datatier.xml Configuration File

The datatier.xml configuration file is located in the

Middleware_Home/user_projects/domains/domain_home/config/custom

subdirectory of the domain directory, where Middleware_Home is the WebRTC Session Controller installation directory and domain_home is your domain directory.

This file identifies SIP data tier servers and also defines the partitions and replicas used to manage the call state. If a server's name is present in datatier.xml, that server loads WebRTC Session Controller SIP data tier functionality at start time. (Server names that do not appear in datatier.xml act as engine tier nodes, and instead provide SIP Servlet container functionality configured by the sipserver.xml configuration file.)

The sections that follow show examples of the datatier.xml contents for common SIP data tier configurations. See Chapter 19, "SIP Data Tier Configuration Reference (datatier.xml)" for complete information about the XML Schema and its elements.

Configuration Requirements and Restrictions

All servers that participate in the SIP data tier should be members of the same WebLogic Server cluster. The cluster configuration enables each server to monitor the status of other servers. Using a cluster also enables you to easily target the sipserver and datatier custom resources to all servers for deployment.

For high reliability, you can configure up to three replicas within a partition.

You cannot change the SIP data tier configuration on running replicas or engine tier nodes. You must restart servers in the domain to change SIP data tier membership or reconfigure partitions or replicas.

To view and configure the current SIP data tier configuration in the Administration Console, click the SipServer node, click the Configuration tab, and then click the Data Tier tab. The SIP data tier configuration page is shown in Figure 8-1.

Figure 8-1 SIP Data Tier Configuration Screen

Description of Figure 8-1 follows

Best Practices for Configuring and Managing SIP Data Tier Servers

Adding replicas can increase reliability for the system as a whole, however, each additional server in a partition requires additional network bandwidth to manage the replicated data. With three replicas in a partition, each transaction that modifies the call state updates data on three different servers.

To ensure high reliability when using replicas, always ensure that server instances in the same partition reside on different machines. Hosting two or more replicas on the same system leaves all of the hosted replicas vulnerable to a system or network failure.

SIP data tier servers can have one of three different statuses:

  • ONLINE: indicates that the server is available for managing call state transactions.

  • OFFLINE: indicates that the server is shut down or unavailable.

  • ONLINE_LOCK_AUTHORITY_ONLY: indicates that the server was restarted and is currently being updated (from other replicas) with the current call state data. A recovering server cannot yet process call state transactions, because it does not maintain a full copy of the call state managed by the partition.

If you need to take a SIP data tier server instance offline for scheduled maintenance, ensure that at least one other server in the same partition is active. If you shut down an active server and all other servers in the partition are offline or recovering, you will lose a portion of the active call state.

In a WebRTC Session Controller installation with a set of engine tier nodes and tier nodes in a partition, if the connection to the SIP data tier becomes "split" such that each engine tier server can only reach a different SIP data tier node, one of the replicas is forced offline.

To recover from this situation, always configure the Node Manager utility to restart SIP data tier replicas automatically when a replica fails. This configuration enables the replica to rejoin its associated partition and update its copy of the call state data without having to manually restart the server.

WebRTC Session Controller automatically divides the call state evenly over all configured partitions.

When configuring the data tier cluster, you have the option of choosing unicast or multicast as the mechanism by which servers in a cluster communicate with each other. While unicast may be easier to configure, for most production deployments, Oracle recommends use of multicast communication. Using multicast reduces the likelihood of performance degradation that may result from excessive work load on group leaders and retransmissions during periods of high traffic. For more information on clustering, see "Setting up WebLogic Clusters" in Administering Clusters for Oracle WebLogic Server.

If you configure two or more SIP data tier replicas using the default WebLogic Server Listen Address configuration (which specifies no listen address), multiple SIP data tier instances on the same system cannot connect to one another. This occurs because, using the default Listen Address configuration, JNDI objects in the first started server bind to all local IP addresses.

To avoid this problem, always enter a valid IP address for each configured SIP data tier server instance.

Example SIP Data Tier Configurations and Configuration Files

The sections that follow describe some common WebRTC Session Controller installations that use a separate SIP data tier.

SIP Data Tier with One Partition

A single-partition, single-server SIP data tier represents the simplest data tier configuration. Example 8-1 shows a SIP data tier configuration for a single-server deployment.

Example 8-1 SIP Data Tier Configuration for Small Deployment

<?xml version="1.0" encoding="UTF-8"?>
  <data-tier xmlns="http://www.bea.com/ns/wlcp/wlss/300">
    <partition>
      <name>part-1</name>
      <server-name>replica1</server-name>
    </partition>
  </data-tier>

To add a replica to an existing partition, define a second server-name entry in the same partition. For example, the datatier.xml configuration file shown in Example 8-2 recreates a two-replica configuration.

Example 8-2 SIP Data Tier Configuration for Small Deployment with Replication

<?xml version="1.0" encoding="UTF-8"?>
  <data-tier xmlns="http://www.bea.com/ns/wlcp/wlss/300">
    <partition>
      <name>Partition0</name>
      <server-name>DataNode0-0</server-name>
      <server-name>DataNode0-1</server-name>
    </partition>
  </data-tier>

SIP Data Tier with Two Partitions

Multiple partitions can be easily created by defining multiple partition entries in datatier.xml, as shown in Example 8-3.

Example 8-3 Two-Partition SIP Data Tier Configuration

<?xml version="1.0" encoding="UTF-8"?>
  <data-tier xmlns="http://www.bea.com/ns/wlcp/wlss/300">
    <partition>
      <name>Partition0</name>
      <server-name>DataNode0-0</server-name>
    </partition>
    <partition>
      <name>Partition1</name>
      <server-name>DataNode1-0</server-name>
    </partition>
  </data-tier>

SIP Data Tier with Two Partitions and Two Replicas

Replicas of the call state can be added by defining multiple SIP data tier servers in each partition. Example 8-4 shows the datatier.xml configuration file used to define a system having two partitions with two servers (replicas) in each partition.

Example 8-4 SIP Data Tier Configuration for Small Deployment

<?xml version="1.0" encoding="UTF-8"?>
  <data-tier xmlns="http://www.bea.com/ns/wlcp/wlss/300">
    <partition>
      <name>Partition0</name>
      <server-name>DataNode0-0</server-name>
      <server-name>DataNode0-1</server-name>
    </partition>
    <partition>
      <name>Partition1</name>
      <server-name>DataNode1-0</server-name>
      <server-name>DataNode1-1</server-name>
    </partition>
  </data-tier>

Monitoring and Troubleshooting SIP Data Tier Servers

A run-time MBean, ReplicaRuntimeMBean, provides valuable information about the current state and configuration of the SIP data tier. See WebRTC Session Controller JavaScript API Reference for a description of the attributes provided in this MBean.

Many of the attributes can be viewed in the Administration Console by navigating to the SipServer node, clicking the Monitoring tab, and then clicking the Data Tier Information tab, as shown in Figure 8-2.

Figure 8-2 Data Tier Information Tab

Description of Figure 8-2 follows

Example 8-5 shows a simple WLST session that queries the current attributes of a single Managed Server instance in a SIP data tier partition. Table 8-1 (following the example) describes the MBean services in more detail.

Example 8-5 Displaying ReplicaRuntimeMBean Attributes

connect('weblogic','weblogic','t3://datahost1:7001')
custom()
cd('com.bea')
cd('com.bea:ServerRuntime=replica1,Name=replica1,Type=ReplicaRuntime')
ls()
-rw-   BackupStoreInboundStatistics                 null
-rw-   BackupStoreOutboundStatistics                null
-rw-   BytesReceived                                0
-rw-   BytesSent                                    0
-rw-   CurrentViewId                                2
-rw-   DataItemCount                                0
-rw-   DataItemsToRecover                           0
-rw-   DatabaseStoreStatistics                      null
-rw-   HighKeyCount                                 0
-rw-   HighTotalBytes                               0
-rw-   KeyCount                                     0
-rw-   Name                                         replica1
-rw-   Parent                                       com.bea:Name=replica1,Type=S
erverRuntime
-rw-   PartitionId                                  0
-rw-   PartitionName                                part-1
-rw-   ReplicaId                                    0
-rw-   ReplicaName                                  replica1
-rw-   ReplicaServersInCurrentView                  java.lang.String[replica1, replica2]
-rw-   ReplicasInCurrentView                        [I@75378c
-rw-   State                                        ONLINE
-rw-   TimerQueueSize                               0
-rw-   TotalBytes                                   0
-rw-   Type                                         ReplicaRuntime

Table 8-1 ReplicaRuntimeMBean Method and Attribute Summary

Method/AttributeDescription

dumpState()

Records the entire state of the selected SIP data tier server instance to the WebRTC Session Controller log file. You may use the dumpState() method to provide additional diagnostic information to a Technical Support representative if a problem arises.

BackupStoreInboundStatistics

Provides statistics about call state data replicated from a remote geographical site.

BackupStoreOutboundStatistics

Provides statistics about call state data replicated to a remote geographical site.

BytesReceived

The total number of bytes received by this SIP data tier server. Bytes are received as servers in the engine tier provide call state data to be stored.

BytesSent

The total number of bytes sent from this SIP data tier server. Bytes are sent to engine tier servers when requested to provide the stored call state.

CurrentViewId

The current view ID. Each time the layout of the SIP data tier changes, the view ID is incremented. For example, as multiple servers in a SIP data tier cluster are started for the first time, the view ID is incremented when each server begins participating in the SIP data tier. Similarly, the view is incremented if a server is removed from the SIP data tier, either intentionally or due to a failure.

DataItemCount

The total number of stored call state keys for which this server has data. This attribute may be lower than the KeyCount attribute if the server is currently recovering data.

DataItemsToRecover

The total number of call state keys that must still be recovered from other replicas in the partition. A SIP data tier server may recover keys when it has been taken offline for maintenance and is then restarted to join the partition.

HighKeyCount

The highest total number of call state keys that have been managed by this server since the server was started.

HighTotalBytes

The highest total number of bytes occupied by call state data that this server has managed since the server was started.

KeyCount

The number of call data keys that are stored on the replica.

PartitionId

The numeric partition ID (from 0 to 7) of this server's partition.

PartitionName

The name of this server's partition.

ReplicaId

The numeric replica ID (from 0 to 2) of this server's replica.

ReplicaName

The name of this server's replica.

ReplicaServersInCurrentView

The names of other WebRTC Session Controller instances that are participating in the partition.

State

The current state of the replica. SIP data tier servers can have one of three statuses:

  • ONLINE: indicates that the server is available for managing call state transactions.

  • OFFLINE: indicates that the server is shut down or unavailable.

  • ONLINE_LOCK_AUTHORITY_ONLY: indicates that the server was restarted and is currently being updated (from other replicas) with the current call state data. A recovering server cannot yet process call state transactions, because it does not maintain a full copy of the call state managed by the partition.

TimerQueueSize

The current number of timers queued on the SIP data tier server. This generally corresponds to the KeyCount value, but may be less if new call states are being added but their associated timers have not yet been queued.

Note: Engine tier servers periodically check with SIP data tier instances to determine if timers associated with a call have expired. In order for SIP timers to function properly, all engine tier servers must actively synchronize their system clocks to a common time source. Oracle recommends using a Network Time Protocol (NTP) client or daemon on each engine tier instance and synchronizing to a selected NTP server. See "Configuring Timer Processing".

TotalBytes

The total number of bytes consumed by the call state managed in this server.


PKIAr`g[gPK)DOEBPS/opg_part2.htmY Monitoring and Troubleshooting

Part II

Monitoring and Troubleshooting

This part provides information on operating and maintaining Oracle Communications WebRTC Session Controller. It includes information on starting and stopping servers, logging, diagnostics, SNMP traps, upgrading WebRTC Session Controller software and deployed SIP applications, and avoiding and recovering from server failure.

This part contains the following chapters:

PK*PK)DOEBPS/title.htm5 Oracle Communications WebRTC Session Controller System Administrator's Guide, Release 7.0

Oracle® Communications WebRTC Session Controller

System Administrator's Guide

Release 7.0

E40973-01

November 2013


Oracle Communications WebRTC Session Controller System Administrator's Guide, Release 7.0

E40973-01

Copyright © 2013, Oracle and/or its affiliates. All rights reserved.

This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.

The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing.

If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable:

U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government.

This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications.

Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group.

This software or hardware and documentation may provide access to or information on content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services.

PKeOjPK)DOEBPS/ref_part5.htmt Reference

Part III

Reference

This part provides reference information on Oracle Communications WebRTC Session Controller XML configuration files and their entries. It also provides a list of startup configuration options.

This part contains the following chapters:

PKamzdPK)DOEBPS/cnf_engine_tier.htm_& Configuring WebRTC Session Controller Container Properties

7 Configuring WebRTC Session Controller Container Properties

This chapter describes how to configure SIP container features in the engine tier of an Oracle Communications WebRTC Session Controller deployment.

Configure General SIP Application Server Properties

Loading SIP applications to the WebRTC Session Controller in the Administration Console is similar to loading any application to WebLogic server. You use the Deployments page in the Administration Console to load, update, or remove an application or module.

The WebRTC Session Controller defines general settings that apply to all SIP applications. Before deploying applications to the WebRTC Session Controller, you should verify and modify the default values for the general settings. You can configure the general settings in the SIP Server page of the Administration Console.

To configure general SIP application server properties:

  1. Open the Administration Console for your domain.

  2. Click the SipServer link in the Domain Structure pane.

    The right pane of the console provides two levels of tabbed pages that are used for configuring and monitoring WebRTC Session Controller. By default, the General configuration page appears.

  3. Use the fields in the General subtab of the Configuration tab to configure the general settings applicable to serving SIP applications.

    Among the settings that determine common application handling are:

    • The default servlet invoked if a specific servlet is not identified for a request based on the servlet mapping rules.

    • Timer values. See "Configuring Timer Processing" for more information.

    • Header handling settings.

    • Application session settings.

    For details, see the on-screen field descriptions in the Administration Console.

  4. Click Save to save your configuration changes.

  5. Click Activate Changes to apply your changes to the engine tier servers.

Adding Servers to the WebRTC Session Controller Cluster

WebRTC Session Controller instances configured as replicated domains include the default BEA_ENGINE_TIER_CLUST and BEA_DATA_TIER_CLUST clusters for the signaling and data tiers. You can assign additional managed servers to each cluster as needed when performance requirements in your environment require them.

See WebLogic Server Administration Console Online Help for information on how to "Assign servers to clusters".

For more information on clustering, see "Understanding WebLogic Server Clustering" in Oracle Fusion Middleware Using Clusters for Oracle WebLogic Server.

Configuring Timer Processing

As engine tier servers add new call state data to the SIP data tier, SIP data tier instances queue and maintain the complete list of SIP protocol timers and application timers associated with each call. Engine tier servers periodically poll partitions in the SIP data tier to determine which timers have expired, given the current time. By default, multiple engine tier polls to the SIP data tier are staggered to avoid contention on the timer tables. Engine tier servers then process all expired timers using threads allocated in the sip.timer.Default execute queue.

Configuring Timer Affinity (Optional)

With the default timer processing mechanism, a given engine tier server processes all timers that are currently due to fire, regardless of whether that engine was involved in processing the calls associated with those timers. However, some deployment scenarios require that a timer is processed on the same engine server that last modified the call associated with that timer. One example of this scenario is a hot standby system that maintains a secondary engine that should not process any call data until another engine fails. WebRTC Session Controller enables you to configure timer affinity in such scenarios.

When you enable timer affinity, replicas request that each engine tier server periodically poll the SIP data tier for processed timers. When polling the SIP data tier, an engine processes only those timers associated with calls that were last modified by that engine, or timers for calls that have no owner.


Note:

When an engine tier server fails, any call states that were last modified by that engine no longer have an owner. Expired timers that have no owner are processed by the next engine server that polls the SIP data tier.

To enable timer affinity:

  1. Access the Administration Console for your domain.

  2. Select the SipServer node in the left pane. The right pane of the console provides two levels of tabbed pages that are used for configuring and monitoring WebRTC Session Controller.

  3. Select the Configuration, then General tab in the right pane.

  4. Select the box for Enable Timer Affinity.

  5. Click Save to save your configuration changes.

  6. Click Activate Changes to apply your changes to the engine tier servers.

The Enable Timer Affinity setting is persisted in sipserver.xml in the enable-timer-affinity element.

Configuring NTP for Accurate SIP Timers

In order for the SIP protocol stack to function properly, all engine and SIP data tier servers must accurately synchronize their system clocks to a common time source, to within one or two milliseconds. Large differences in system clocks cause severe problems such as:

  • SIP timers firing prematurely on servers with fast clock settings.

  • Poor distribution of timer processing in the engine tier. For example, one engine tier server may process all expired timers, whereas other engine tier servers process no timers.

Oracle recommends using a Network Time Protocol (NTP) client or daemon on each WebRTC Session Controller instance and synchronizing to a common NTP server.


Caution:

You must accurately synchronize server system clocks to a common time source (to within one or two milliseconds) in order for the SIP protocol stack to function properly. Because the initial T1 timer value of 500 milliseconds controls the retransmission interval for INVITE request and responses, and also sets the initial values of other timers, even small differences in system clock settings can cause improper SIP protocol behavior. For example, an engine tier server with a system clock 250 milliseconds faster than other servers will process more expired timers than other engine tier servers, will cause retransmits to begin in half the allotted time, and may force messages to timeout prematurely.

PKd&_&PK)DOEBPS/preface.htm` Preface

Preface

This book describes system administration tasks for Oracle Communications WebRTC Session Controller.

Audience

This book is intended for system administrators who configure and manage WebRTC Session Controller implementations. Service providers use WebRTC Session Controller to make their communications services available to WebRTC-enabled web browsers and applications.

Related Documents

For more information, see the following documents in:

  • Oracle Communications WebRTC Session Controller Concepts

  • Oracle Communications WebRTC Session Controller Security Guide

  • Oracle Communications WebRTC Session Controller Extension Developer's Guide

  • Oracle Communications WebRTC Session Controller Web Application Developer's Guide

Documentation Accessibility

For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at http://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc.

Access to Oracle Support

Oracle customers have access to electronic support through My Oracle Support. For information, visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=info or visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs if you are hearing impaired.

PKTe ` PK)DOEBPS/img/wsc_console.pngPNG  IHDRisRGBgAMA a pHYsttfxIDATx^Eր[g}7+ٸxBzw8?~sh[p 6٬^UuO&ل /Wr~=+y#p8bXp89(,p#ѫUa[i sN,SH'ԁbqAz9?<]s].' 3 (ZA44M $=v!Kh Ept.ɓ`a?y@8-v1l<ЁqȊ\MVPøPEJ[jeasXC2'+bBUРQ@_̒ Z@"=ui6| AѫhPY7Fk=MQH2iԣGGu8R0VH6p`JߥN_z食aQ Lց8:GAq uVGuTFc>HI MxײGVopJ[ogsjiJo9) =9Ec| i)@2T2X[tq?Q}%KZ"{A&HhDKlhSҪ1Mhh5T;5h%kPS-W-8itOzd(x|d̚S-uDkל(Uw@9!y *M}&Q r'*t5ű'&Q!? *ڗfEQT腔tXAqᚊi.mlPJiyH[Sszlb"F<.-X":"r`"Dr`FCkrP1:HI-E[ sqhhM0H/dE4E"CuqQ+7iIj9퐽Qj4[HiG|uP#jaG'tCt(419+cmӻgNA 1YmPXcp(70 5(3"A'h HV;RsF,tW*DdCOLiuZ0 !miZFc0r"ͪVpQzIsx@3}R!-fɚ!9 jV$ M"E$*h:AuDL}4}Fej2 [NPL'ReaG?0_*l'fXEz$b5tƐ[  P=rVz[tNP"u- Uzb yLPj" Q状` 0iAH@Vaͧ0lѢ ,C0 -ĉEk TȪФ8*`Ll+ m攘F"1^QK롽&ɊojV-%c)pm4pDžOdfh$&5P" %Ti2-R *Fj!ۨRr$@Qe油L3۪̀U9fUR< %XDOg/fhw '^ZFU!%a%t]L7 fH4+E4Y34jHvmi0*ABg4ݧԟfFDڧ#hM5 *TnZ4wH%ښBudSNIf)JhwL͋8jN DB]zhVD*J0,4ziR+>wstt: @[QUzV@ -8AYF24=H#E0BUզSEP\B@ZKAK~i;IQ4ESBjl{xDf/@4``Fj4@!MRihf*4?C'- Y2 ȸ5Ё!,K5N%d4Ea9/=$h[@{6fQ6Rp2T%9 0[T5IPĊiZp4u}Bг ɜo_[V'먚X9мh^܄4 avÚNYMBJR4O$ш/9TBخ"@R ,ǔ*&DHEڍuF\%j`($8{h#i c"р!9!ys,LVO4V{ )R+t^"SY e#IU Xi%9,LQQf̦ i^U(ˉ#kstvB7&B.JS8YCvY%r4EDFatQΙ^@I)Ivb6Rq8 1.DךH(9CPi0; t#8ɅOGXQ1 pX$~pQ}I}ک&nЅvv GU af`)-]jqhua!LίjR:h5zeΩ:di #/:AwfPÔC\rՖTЋCG_-Ӡ,El#85"am vMeu>*-`'ȒU7Ft ϭB{gW&ŋ_',A99]'T/w"vB!$"`9%EK=|)ɟn;r8/D7$'823 cueѾ(-ѽߡ! ` ͹]SZƧK(%9F\ 4U1]i;j=%{TĕnD=t7L~K,(RR+08N A#p"Uv&C77ܱ{Jl+(0: j⊣ˊo:ڥl2[mVXF|CEL&$Cel2V8",ί )ѶC?w.X <n-I+: 7HBXMbBbߚOVà (^P܊VUAj:7Xaew-L7 K7yJĉh֍.R[$`c @]5xp8pr3kkkk޺ںĚP}G |3erJ,Q2xvV C@6wW^py|dO >R]5{ݷf],]:9|)Bx%$6\_ _ 9}ì6ove%QbasN}ԑ^nuidE3ƟK[]$ƨ Z6CtkOlf5YXTuF 2eG| `E rᰰujkA0<`Ω44Ҕ˟~HrXm {e[]wKom\R#p A6/gged'4:l ;rչCm"Hb`%/v*YlmrOE4ژ&V jЦ"66>z|m_ue^}5W_v'ic jdbQ&b9= A,~EP$l7F, !L]O]5č6E5EsBݺK%=~|_)__ 69/وRDKմvh4GJaIF(>x~6, F(Ÿjq lQ,b"/ ֜촗,W5J=B'p}.ՙ`oy=쟬${y{{iC5{<#okͲϟ{w} ~$*JG fYd͜`ɢ,:qj+)Π6vd7jKqБǎ>ӭCQ\.?}1*p%nŗ<|ףwߣQyl oYy dۻ{ywz>B\mucw㓧m@fޛ|u=}{,FY2|u׃7aa?!J1q И+t۶/;}f?#7.wMF0I8u1|SVNomU[pDʧ3yq~Z}Z꤉OML C!E4+9OŌ_LqٳR<;V0Adڬw~$@i>] @R*}J#T{Ue g6m58<&Lj$t;bmYLc{^ /v9u׍}Oۿ4ð'o:-{MOfۍ/x"!){qYĞuϖŬknZX1#P#cGఱ6/\b]׭ؾiMMƆkAtXuc A_ܵN>>W?"i窟y^|hd~Ģ(]5KnnbD?=׾~o;=׹efݼk|<},ce֌Iv<B T]]SU] Km[V (F, ?uH>_;WDA P ~iۿ5&Hֽrm;v~i4[7w/sgn?~X]rr|~= wsM0~?mT|5ecslm=H4؍j=ʮ˟nOoeǬwW6ӺyP)^?-T/?2ZlƐ3ẗo]?Լ{^:YT . (G`Xć!Q M#}c;'3Ә^mʫk\f1d^p!f&h8jhh`vVs屌gqgg۷sz();{8_4_9oX[N[du?{Wֿ[>_PO~vP-ԃcGj!ݱc6YV$ Ü(J~~^ౣ(IK4xkk }&߹t~i}Rnnm-u5JqM&S?- tjBUKOMh(۸f~1 u;irysrl 奕{JzvMSMG@ aw?m]Ҳ-UA|.{$x B `/eIMXZk?ÙE??[u6e~tׂY{v:AJ!|Eҙ[O=$zۧmRQl&A=^A4ȎUJR~5"st pC5.n2| pE9Ɔu]/_ڂal vW[ "\w l 3$d1,Ju .LrI֜[E/Z5m/[yVB׎/lV-㲢‚o%Ŵ\E>چ=kݮ{W]v|uu _ V91~!6l`Ў;eddo߾]|+(~Xd.mq Rmc;-&$.%gg'{(+Θ`5O1TQ !,X6j[8v{5_?=$Mqe[4@҂88,ӬnY}\{~G$Y1ٵƕ6$ӘQ't랑m4*`2)M]cna0_MЗ`!ؗ1+ܸ\PDz@( Kw,ahQGyC~%}AATDkQZ @Dqa3ER’$) Y)hSgN]U.Zv7\\>I Y YdhBۗϷ=_~l{%XRv~W3*&OaU4kW.s;*'mW~r0'CMnOH">dgbNؑp8P(\$].޽{`b,۸OL~"H'}wae kՒ #O/oaJ  ~z[\pŧ6h0aV4G  _ :CBlE_}o_vuъ5+z6N-7( k9cNj?C~猬,զDƔNن⢊Fc(/S Mn_{ UW`G9^!f{e 6D֢DsԠF UX`<~c(jZLP^hwŮ]廊ʶn۷w_DUՕjmܟWrv9 FjN^o|/o:->V.Fo}?>uwXM{x͘/3{׏lGRA!]=|ӟW;zJ h(h.qg|+s[ˡ AK--@(oN밥JX׸nks3c1kFffB87yncX]}Gkw]g>=יư? ?p˵Jv4 8 }&'z=.ZP:đa&:]:ENs H" x#{oJEߗ Yvm75CWwte7Õ=-#U"ۓf+>iABn Ƀθ_Lu?3?x}'T9` G9jw֧!)(c_5r՝=zr8R;j==7ysG] CzAG=̒8`%%r%Ap(Ra&p愦&YH> #ERkH+XA[՚1?&UHɟ}" dZib0C'v.R~wB"z3xbiġH$iPHF VC541"$ua3 w4CՉ@B9QpnDF:tt 5IO~bPMwQR#qкqH@:aԍfDQ`l$s;-hӆJ DY1 :E[\LGe2WD3@uS f1ʉV 4i3IBiƼ,pt33PdL0fD(sfQ}cDr]A9-P .~hb-DP}5=sjHa2pL,t;ڪ ȯA5҃R5VwAtbɊ!u*,7;ӆڪ\ZZvZM&t ֮Y=xt2K \^"C{b%CŒ Зp"[O3BκpX y|[]]Dl4Nę S\ [l t7:< '$]N%!ND~K3(lq fmeS\.bd!lt|晒 8}_]':LDP.쟞k(Ik]7J; l;m^6vϡ"Q}%0CEM6i)j/j2{Ni6tVUyii FRg%߰*";j=rbr wK!cH2V{qx,yvlTD%!/;a"kP-׮͟9n<$!j4 a6>f?^Ap֊,%%r\R΢5 =3bFHʊSJa,oSF)) ܰ%y9V%m5֕ĬPdS,'d%jKjT#j, ^g}I2fdBҾq8Axv$ ǎT!#)fBhlԅrLؑt- 4OƦ+9`;f,n}sͳZk3ǎ4C3P_VUbrЂHSPk"x:cǶmBظiӦScG̣|\Ʌ/1ux91$eH*Q1`Zp}%Q.Ut-jZB= Pk7>Ď΀9:0=>y92q©fZ6t`$$/ fԣVeI$a!Q:*Sb. , g3: >K=Ѵyʻ',_""$ D X: j*BjiCP:| A2ꣅC|NA YZ;ocqyɅ:X,C UTEu"X`ŨjuQ6h#p(I6X+[nʕ+a]TTo߾⒒HFΑS'aq20`7'.4ɽ JHMFA0dk, !.!a+2!YJ 졁YJ|#*86bC %>1cW5 (xU&32V;ʎC$LEla;{vۼt!:pyGLIyhlԅrL`yY)R";š^| uY)(gfԌ#U,3 ?f̙XzipqԈ)?? H~!A~Z]W{ Ѵi݊{>}Uj0ʒu{V 1x'%ߕ?&UHyHxH#Y.}6F9 &m&I2;2V!Bȹ 'f옛j]X/ t8 +_ʨ_.B/hvper߻]WCJzv_ѭWvhsGMM>Ԅg1;(MؑؑcGV]TYkmrD7MLPe5 nHX4d6aQ 1ˬb3-&D@4LG/iK1" @Q5+&H!RMH0I]tD݇E @+%) >aMY 3jr8p8ǎp8cGp8Nk#p85> M C,H^5K-+$)5}fN)Rd@&@HIVzV;,UX]z$S*IY8nV$7  M@)^i7xfc qW}K7CkEm.&$Ps":[2a--g i֐wͨa=hG0@RԝŀQe:O - H&((M $Ƞ&UE9Sf=ōV6FJ8mV+h@+^ȬHVP}9-:AZ=$ CMDBYU' $$  ӕ*nrZqT EdK-]0&; 嘡Kձ{XwAt@Θ<{PXF: ]5UPj P!JmT擴30*d/zd(_$P/DFLKgOOӚG` IS!PqZC*^]!VD9B@f QF#l8tQ֠HFA \b4QUYUAo`RRNt KApDH ' y%l3)l/BW ~}ȀF[$7`ˊL_ 66U)jY숪n1'ZFZKڛ(B+:F (E))>UChvI3f#XzgEl`b`1*v$ɐgLm&@fHur c  [lR+j=ɼA(lӡPkjF vj!h)hBq}pI&!Ja,v$1xSg:Nbi'HDJ QH$uDTFo5ЈSUrL,ӁUz_/T BJ\@a.բ@ ZIgbN'`xq Y22%<=⢡mdNˆEŘ$`*th7Z T* ;}`9Q֮MH'ULcGǎ ;et9QCal o$ %ؑ1lX9l#~0=/i@NmlxHkA5GO}ё7rwq; 8B12ĺ!KX.sNbr5%_ƤRIJh⨢U P㯬7zk=` CmO,Dǎp~ӌtʰl1+>9 4Gk?g\,+n_ED0Fq£ǎ@7,TQr>pT̶;b!/FŇoqٶ 64`CZH iَ&IiSiښ:Ni2AwS:w<],^!ǎ;Fuǎ(D~D:aTFm["9) 4Gs ;vβ+O~jRur1< D@F* 8}뼻k;;=UM`Z\Ö!0<lӓoC Z3(oZnwW9Cx();.IPDNwǎ;FuZw/"-RCal [$ʜ p`K)ɂm[ɚ{AAyzw *Ȉ+.( @(60՞hw~2 5x p2Ifdl b0ELFc3 ]_rrȒy} R :fnQk*{F! # aO}UGsXC”F`I#\KɔoJhU7y":ϊb# dDyKA!P@{v7ͰKA"`L0CJXL,(Ig81>5d#Sa%o)P_!lwX B0Vs~,`'Hf֎M0vgAGEƝ_r_ߑnطhO13q-?B/q`3vmh5OCX$tKT5 S]FmV$ӏ IM sjRR5 SU -PMUtՀ"hɊ`:e45fct4j2& 1LG[ 5r] W V8t,v)EyzG=a9 4Mt5zBiMkR"XlԆ5U ި*mIPbhU2uP2t BTJ7j}^6/C*0_ h¨~EҚBT7̖ i]Aa` VEZB@Z;ӭm&9 pU3d!J`ӖSە8m6->f=:۶,iIVc~5{&GNdјgIͲTȥ,J3a#J}[ڳxOYU5m1p!4Xp߃SOYh8b\+ Ülk_Ǐoϐ#26yPt&.nX|ˮHJ0; kII4Wy+6o4%Zq1o*ٲmMu-xɅ~:$w>`Lm&Ql!dÚĎ%g#X&pf%K߶y˶E{*I0d {W˾x+^YVq<ܳ?8GwR8oh[ U_0o~%!#s3^?̊/ƚB9'Ŗ`3{ |rR%[!)xE$l%jWRxљMر55#+I@T4Ia: r4`N)>rHoNPbfdKY-d%%FIFCÒ`Kn0Ǝcz ->]Yk7 ƺsVեmd3!*(Xi,vkEޮ Η 2FЩ[8eo">h )lwoxY} ;zTx#~ a45ݪ,g/詵J:'m?nدXl9BJb$j@"%\fHָ/rR)TR4W#r[BJВ^q(X+ʸ"rr5uœZ8eU -PMUtՀuBJVJtpZu ij3FMƈ# hR'P-d$Mcn1j 娏\3қTpp>%YRVc>Y>#B}/(({rTǎ #!=r̀r0.ђP<幦!84+-?j+i˖l**q Ήk,^`seKΛh2Cuvlܥ-.bZ ֬^v֝׭^U+/_)b(iڻiU0-IyYfɺw+\b.kZN^PoʌҲ>]z͞Pzv fxid򥋕QyqC8]~[ݜHչ< s?‘pŚ_Kڜsۯca/:XY+֬.3uJV’!,^G3ZrFg )/ Gh/p+W,ڳj +5ZrSiS|VafiO0}m= x?VTDSMFw@zꐡzu8&{^6tڭw]0k>=wNs'd%%IKYKW\n&ghoMhlY) *-iӇCJ]֜EYf1|=W%#lŠ 2 2;-vKaU{MV]i=tѺUV,ULm9QEuSbgueJ~LKflM68 c0Y 4V;D;Cp+2xaƞIoYU^o0ΟQ~rth~lͬ_~J=ݛثHMʕE` {>i,Y:o.}q{꽯.m,Z<7~.tɬ͏>geLY[>}.˒s7[5V|p SQ]]3aDxhvOYso3F%ޜSk/_wAn8Cf|~[ZyNO@k$-"F/WFU%Ph U#(c31jj6FAW@:j&#i ttLiPS(G}嚑ޜ p`K)ɂm[ɚ{AAy o߯0M0Fz|~1=/S TRt_M8W<7  4xWvsӢܙ90lJ>ՠ!B뗭VI{F-ɳa[fM>tϨYG 2s$8_9{' L#9Plƴ/Wu3 Nr]د|7<>4Ǹщ߿v@㶟߭K[8nzc^遀lO>tL߾s߭ Bۗط?|-^~} *O5[~{o~:kcE(P>﫯~_kJJ\8}xンr%2:c .GrNmͬg=u_mۍGϹ{Z=ڊgL~7^$jټ3e~O1#Vpp,Fyb;N qfpN\Ŏpd+`1lί4ltrzЦ162tNo u7xA ھ4=$|dz\ҿ_CƝs\pڰcǎ?.]:s䶽ٝ ֧ =[闏OwOEغtey`0& _phLsyc<|%=Aƅn}Tl:wѿ!\s㙝M|ʰhZcں:sƟ~R͛B&CAW-¿"A S 2>X?{ٞgȰHtIcnj8I#fx yCܧ5M-Kw%8IjJlZz䧜7甞Yf'1Nk4ھ&٭mՊ^@;MG\rEO˭y>n1-vǟ=ጳGti6󗽖$GJq=.Hm6b~xh[ۿuɃ QbƯ%AfYM+ h>Ij7˞ |̡<:`WOhw+BQC>ő '햜snn~/7^9rM3۸Ӈ^\ǒl䏙tig)߹{]NY?2_`qӄN o?$9DW#dvlINmyx~ž&|D̑j |)#FDkRMC>нG{]fNWec-5'<^0U I5??E9*9,*!8+A> SnY7 &e^zƧ$>_ 6Lc+0|λY6C밆K{B\ஹԩOaz(:|d~cΝt'K|j|GP>B+w* ^6%% {˴ަ' ے+Ɲyʜ>sV^apsW-*n!C191kCuI CK_zm=[ϸ౷f4ȶipxd=!!A0!.=s{ ;7 `0z?Kj~A[-F{j(|!!#O}= >'6`5kle˖JBxïx;3$$ATB*99f1[榜?Yи\ⓙϸWƍ6 QܡwCݼU^PWSơނSHɷr+׹G{paoh /r {0}lW^-`au4-v_۱m6 vIK6_]́M8;WC.TgľmS=?GMp8fUduQwQ']rs6֗B(c̫?ƃ>Œhe%9OGGL?l>͏O3~bYI$n`ejrg@ɥ  [׋|g]~{)1_9 /j3K"&lNw{_'I=,aT0 Vv8~{=6pǫmMQVV33r7t:\>?ܕN}A/?8j]lZvJHaetT2l&9'Λ}V,\h6k2goLM{j8P 034hOpAmYI>TAZ7{1Aّ <م}LȂhv*@!'v?q՜6o0Wr&Z}k`uˆԸBЌZ ԓ̜p ?a U`Iq0=r8㡥y׆' hgˑ#ag i9y2THJaia0#I=9wxxlU&6vd_dհli|]9xf0VsM=BI8'"G`1/Aqg(WvSnWd;p0YZ1u5k׳>wHZ2i7+m͂N>קRuyIY.rnNxgy`3C/}v5#l}֩ued6^"fC8T0Ἆ]Mk4 tz5}3c -]e4E~0f2t*udy~mG!+KR2sS|h,fS!V; '@eiy^v0|Z) #>oHM n@@+s"!~^Uf&=\. .u.-}sVSqNjT;#/D .C 9s9.\s]~R\U ]78~ː^$$JR P<, Af4$r+=sx7Ap6N݅;>`Haݮ{OS]UYQ1>(۾go>?۾cKl/jݵqMW8{+}\Eٽv;\>$~w1L ~gamk̘~6if"w/5w•V,Y#{ADHp(}YsuKY0nƤA LX݇3mV}_.q}M77)W_\m5VkE4u8N3hT:psم[~[mk\j˂|Պem?k7 ȑ#}6nݺy+/<`;gO_tնm6l/ ҽC WZi;K)IU[mشhG.&_-A}͛wx0~ ;AQv={~2Q@qgL_yӊVo,fCv̅CVN_j螗bx䰁80ϘoԦ/g/_nO=1w__fGY= k6:cɚ f: J8z| M#3'/xܹs7^dks`sE^U> ;뗾{% mN@lyt }x&XE1KҰNy <|p8'8oup U]}FU],FX)Ɏ@%e;o/ f~ # _n{Yukw4 2w8>S)eI6GNvniЎpū2zQ9c#+øgŒU*Y%i]k}m;J'3aPj(ow!U&<.1[Ϝm\[e ^>'>udk,[#.ҡKn䄴LGdݒ#]nP1qo\׹gA#sv)MGRN^m7,\9=MvOV&[: kuZY o^TkՋWݰ}ko>߭>#vE9F23=}׆y^,fImDW\ǾC;YbӶwڏ>)d.^ WRؾ #nsv\6n+ p|)vcYpp;{oسeEiwJJ.Ȳ8n̾}䩪ے;#Ϟ߻o۷{Ѧ}5%6gV|ήM[j=Fov>O;x)ݒFGZΝ%YRVc>Y>#B}/(({rT.PZ2tZ[낍0 U *B̲JRnYӜNUHJFs ۦ#rP拸!U UկHZSJ2>K1h:"QڪHKh6UbvZDqD(.W`LOB4fD66{W?c>=WTx4XW~װ /?# *AWA_P4p0@uH&Hb% `G`P.ğh",?(v3 A?͒MVR3B%&l0%Q{yl`8l4X.0?"`;. HڠݕeV @)ћ[J"b0pd˨>9yo:P{8$idĠ_$l|攇^sy{;M05Zl&Tpj,V5*a؏N b!#j S2ĉ GaKfl+eذOt= i[;DzR%On3$ӕ  p G2~5Oz9^͢ǧA|W_rG/6֩1`T>xaP a% d 3A-$g \UxϖZR/`V>Q; |0 !( ar2|AQ$a:Gmy2<:'ZJx1BW9#-m SAmG}k`"6Gmj_(O(/&7uJQ&>A1T+uj >3T VdqD#m VO.è-^0>#sH3n|v|p?,T YaLa.B䔭I W?؟>5G`ZTԐѩ{MpKD\-5p@<P(io" P D'Dd/Wb]P!6VzD )"\]z2w8]&R;?/5D4FYPz˳\>v@a@3Z 5*?5 /l #dE0PwPԊ́hl?--_u!t]>T'өHaV8k @Q:Ea/D !\ܝ9AyF,gB sRm K bFKÿ6Nx [[Ϟכ/3z :E($NjsBoil.eu?`HlY$AJ0P'M|ƨq]MIt m3} ysBMqkFzs*3.ݧ$ >]jl'kgDQcOtX Q\{1|[$bvgbi8!\N 56iIj(?]G8Xukc7GRz`@8|I6:w,j:8^"< {:tHẁ$5D!XxeGMq|*rJfm([r:rr%,2%ev{Ra1;F~ߑ6ADۣ~ߑ1lX9lߪbǫǝ7/oF Q{a:4-_^?rFhw~P!o; d?`G`- Cfɍf&< F@Bv_S\aom' n?pHPސ`ɕ4OEYzߎ*vEhhAB#9!F]=w] g Q%V؅lQΒ:Ie1Pjj ! iĜ&\HB$S]SU+*+zSh L|#:u{7'"9 j+HdF.谨+sDw$#a|Clar!UjfE 05k> i-h3"f.k*Lh`Yǩ1@VJ+S5!%l:ԐntELHUz7ChQZ"$XYw~ر]6's8c %G0X g&p8eWYOK}1M%~Xy\fvm cGbG3k]p}>#p8 Q*j'\v׎!.U0DC P;JcG9pNPON;!vcw֧wp8'($\ޏYV`e }1+^p#p8Ή Uԟ; q)&ypQ(dp8 (.wp89;~;w_~+#p8Ήg}fKc2Gtߕp89DNnyW&F]bOHd21 #׷g$bGp89EbǺzW}SlMHLfURr䱣ۻ(3bG>cp89Nں:ɐos٬֘[XT&'h@mp8K0*6 ;&$ьKvɄ;J&& G&3)j^bB?h0FYVNO r89.TTMƄ%vQXmn;dڬpȯ8}vo ֐J6%/Eyϛ_)g; ^9T:l1 .RûV.fM^s/)(!=r89VWͦc鎝ڷ1EǎlR0U9}{{}w?\N&!~k^/Og=~}BCnx狾# %;7>kH~OyzOƶM0[J9YBͽq;p8Ǝ+q߮:&)v޼k/Mȕv/znzQ6 L` ѿ&w{l|N_X6&pk/o?~NʶF#+).dX LM%XFQYZv3ks:}'g5P(9]v8}*\%C]RK=Dh[#AoQr83 hc۳[.vͦZ>^b8 ^;2<{SzV'O YSDqo.|c9e`bYմuÆOpeK{gA&xdXiߧ'pg'zo7tQyMmN- V~m.)՞hLuol6; k,}}sEt<(Nz5Qc?{vxۨ/U'w q{쁚ڠ_mVzxcNjMg3o;SY1oYXk'лdA2P~|uNXy޻~Ck^W);AY{waWUVߝ6b'Wη߯H]g\@U}a߸Å;ܰ"/| _,JCGH+bGEZB xeS7a]Q A`6Z5~)?Y hIA + 9jBA';V4 ?$ڶ l-T {6HF| P%rvXtA~!<w+#DlaL~jbbo_Z!f#f󽷎J rZuˮz!|w&amI$(Cg%# ֎ל-!59=5UKW?}۸$t'iNUYs8p(H0;R;GTE.Du/>/M]tun;s1IU55BNB݌inb!ȡpD$M{>|~ssIOwq`2 u[A l?J eP^Wx.j`IMӕWM!|P( =6_S@?tAܠ~a,fh_`wx+ C$j &_/|@BVVĎ-,S%>%Sn#lBeWZq7@b7o+ ?>ue/q/46_%*PQfRi8u5A}ֹ3"$جBX,to|䋗߽o Lp8xcm>{އ+6xJp')cDEP ⅊=5A +c#E_Y-ddAK]J8lKKLBY5(d=x #=1zSb.e>/ruݮ~^󮟳iwqcf8p;0vw[^za|坅Wom򄄤sΞtf?raz/)C( > Oy}ÖJvB MuN_P{=n$_u.˜,yW%?Gg%ynV{zh[[n{ky^{za5xNA"unC1^5l|?wdE @CƆ&Ӄ:]6W%{07qO_]A,8pC=գl:* ~]ܠoJIdaKM,88A+-N2 ٗT|Y t=7WՍƱg l+W_I-FR: _ƂԤ*߲aFQo卿[^9bl`Mmnj۾Ð.!~U A[{_y77f ~Y5Aˏ mŴf굊0`Ϯ[ftePaE-j#[\ewysmQ8嬞B6V ׽@]nKA nX (Ҵsp8?ϿqK;UK%^0$[^s 2lV g\xv:/^rmŅ7>FG ?ߔ#T\xΩ/^p;˿)pBgOvxkh3p8ΉwߑA|BCZ)p8Mxyt+.yp8w9p8;*p8CĎȒd2p8B!?@?d7rAe6p81DvC p8 ^p&o(r8pZ 9p8ǎp8ǎp8=5J d9po p4syg``AQGQ1+3s~5fn[IC߼ϩFg9,LH;\rCN;A}#y."\3)?)C'.~.y}~})joY}Ӗ|~ 5ӿȮ#ylX%h2یIr8TXp8_zz7ߜ{u |[[p↓ ~iWw >6:#HF-I`4}շ4͹__~_/w'Hx_|ʔ[s=mR\㻓o$^=^|Ħ\ey6+*K}d0%DApMp~-\ 2[1DF([ɪ]￸LykIÉfԋo{bf+>, E}5$$ >S)qp~N! q"T|/RRuv_K `4XDAhI5lf  #%QR `2{>89.cCϜL ޥô ^s!*bjq`+њj(dG_o?/ M P]V,E޻9J8h߸M 5@p8~>z-wg_zkxl [^dBۓXw9o.쪵PX @=x?Y˧?%^[M?.Xhqy^OHz]aIh?[f~solU v~Ipr_O[E`(^h^l{\Av2|[gw/tL{o{i,j9QeYoZ 1ȣmc^݇6nr74J|ij ss e%~Wv+薙_h5SMWl$ca=*5NoziDhMӡ;mp`ܩМAqU+t߾̌d=1ÎfH&'XsU%~_NIקg/(5: Y`>s8) ZƔvSS=Ja˱%ƹ={w#:[Mqqҥ o68pJ r s86(z*J/>..;z<ޚ}%}{u ΑҴ q_?agJed555s.>`pZTWWرQ+b۷oo6>-ˌfSRRr|B1V K5g^qǎZ!.E0DS b;kCt?볷{kv )0YHaJuE|bVrt9ڢW@A;R w/ow ٺu?ٹs'iڵkwT;ؑs< b&wԅe8kƎ=Dp8r8;cGp8Nk#p8ؑp8Zxp8i-}܍{4uK7תFd@zfsQlr'xYs;$On61$E#/Ni䀾B$&kDi,:Ť=F$yp8ĸZCL5 ;zUZ k\W7/:ixG~snAWTR،+`oIؘ; s?f]I ;\YşN]h$Rk<̭+~MxndA61a㧟>$T~ƎLsw_RgͶe>S/{Ods͔½˭9o>7z޿o;p05^r{aݜW^'<Td1p޽J'k!>Y]b`Y3)˃n*m}tب/޺ituk&/oV|MۭVK¼07@DﷷNI^w?'7)JXapo[Ť/QY`}O~s G(T.⫟nj sK0>(5B8_ |u㗍Hr8c~Y%r/UڌM0W-]V+.1i[>~濥])WԦLW׿TӶMQO\t5۾'r?O_ԓ|-;F$(!p}E['$#kO3Β-KU7Ah[yǯ ya>pe^rJMS\^_^uΊo@=[.5_Nvis?}uXcϵ?+?KՆOg<[ t?Ms泟ʚt߻'OCY4orzwf69qbĎL\{aկյzPbN:=`^E 7ktBjqet9^]S}ErYdgՖK[^6gd%9_v㌝%{-kt9oP]R;>]],+3_Md%,b$wOqEY6+I =/| m^S8_3/+w m{HzY [=m:9 C^_Đ6f\$$nŽqF!7t~Ё]Sg\ 90eN[^y[v e ]=G\}]x)Mp8*'F(9ڞ8MLؘbRtI6[i$eMNۿo71ߡL]x.yԫ)6V=)cīGMKlߩK˺A󷖂UOQ#}d|MGͥ~ v}aY6VPM4HBk~F$þmkxh3ߝi}$[W)8Qw[@Ь_ ZƤ`H @ EI6V ۯ6VK5I]i!,~_; ۜ7矸P~-TlNH:Wm*ssRO;̰|n;5{N*8حI8QbGF|L^KW笹?3#7 b)df=Gy[\*.*'|,e\e, Fӽ/r <- -FNy GP*=12k;7!iPZVb̹o`>ys$fAVj$! D"("`P4zLfϺ5o'.z"s8GĈ}ee~5 4!!!Cד ,Xt|]ػ[?8m)Vq6S-G,_j;Wy+CI&ݷ.W%9.ꋝcJ%9wg|OƩY+n))wF4h]z~и!û9j844t׊ɧ?.EŘ`\.xmَR٠ pV<$sIU-a^Cj5YP^sm'>bs?yLҽ[v.!G篟뢺“o̓E)&AaƖ5[5%ޜεsW5x..LU ,߾"(=`BH_w.UW6=~KSįX26p8{#IO7y/+b~B_%D+^$0 tl%^zy㆕,9VbXpTd`4K)#b!45fe-s庚- UbwY+ q9=R{潳mMU.w9ix_pt/pV^n(opRg1vALxz[hWƆzKJwo+d^}ι)VMw6VG]!і9ROvW1$іadN )S~Hx/JưY))w<3o!?{FњZ?3%AN^kJ{E.S: so(ٿ1s R|jn{B)sth!GmytM&vIKu|NXL‘YFrJV~#&)hl3LԥᾉPQUc2ݿ|9OnC|2,ՊagͿ襏\4, >lN~(K=m8ӻl:+7,ذrǒn[;%߀dlb'%~]YTQW_gY'_p8"N}[(Fz&' `(TYl j5[,&\Zc/Ȓ$<ީͪmf EX#w5r5797m۬%NoW3A*y^_=f $@dGPT@QAvEdGPTpGP$i6;r0 #xO" z=EK0ZRgJe!AQ1<.TER".Sk N&@IOؿGoB10۟o G.[إ:n;s؉F=bmzZ1GUVKu^||X/4oZ9~+ag5ح+aYcGо*2#LY#]WmgyVpxww)ە5,(;J 7fq,J)I^+D^< ECv(Yߑ0tu -(4\Ǫr!m{z }ʍ9 u-iZ8-Dn)d3i0# }&WnyǓ0å!gS' ޥl~5+36ksF3 fktv&WurW/VME^Њa̘Ӹ*ܥ1cHĆ5ysMI:zCfd0=i3Ȉ(0:3%>ф&Q%>|Vfnun7p_m+g%ջ,-Ӥx!Rs( 4a5Y2ThWϫW/->ln`V㭅{-ƎXwkסp -mjy"1jFJ|k{2!-W.[Fa~kJћ^-;?;s07;bA_wRO}uSǗ` p0YhTJ],s4#sm7)fɯӷyr.W/d\KqP{Iw8q qh7| kWq?*D씓JbO]Y׭:ǧTfRR|u#{j REܓy]~X~+џ{>sٺ"xg1L\w3vd.qP? bB&>xғ[{ܾ6q{-? s75hBW|\g|5NK`Ӂ _ j-[5Fյ;޷4ʄP\8^~sҮpRv.ƼTh uዸ~B[j f6o0e 4A18m[O,E1{#m~XV9 m%4ڔh^>mh!NRv>aU[۱}QlQmxtԣcr7zQex9XXe2H.* _>h#ls4ߖÎ,mf=fS<&-~pw'wp:Uf!f^jjJߤGsG8eϕu.L^dd9u\M(e.\3c EB%ڈa6cɔa*4wv+hLm S0 puZv,x6yіi0Fo׬̖R&FDC ZQɇ-2>SgNd޳ c4:Gu^Rԣ-8J/1Q%=ǰ]_SGUjߺ >k\ő˝\%yڡA$.tq!Ȏ<s+*:uoYpBk( <}>-;vv1sR~ D<&_:ve.y׬gfOͮ[9+vs+`gGP4/:YJ%(xU6iҤq!/Kh5nhW^5*mYw/8?jx݂9`4s6'jέٓ{akOFaG. C~~>%0 G[O''aHUi.+"@6o u*&`\>a8_o?g.iT".h%riݎۿwRu^ҙ3 9;f<}YO`A޼c^Y|.N ? O# B573|ۮv *=*ʄZտM~U˺hԸAyk6 {9Wݛ٨Gx/!;VsĤq|<^c'=}ͱ;O_<~D<|З1_"%>oA.;_o2D;Kn) Ȏq:wH`%\+>/x\'E>+ *X$3Z%ZȎ$1j$b pY $ JȎ ; #(*Ȏ ;;D)Uj4o44M:;Jb[?popIԋ;; 5(T-l#EdvhvQ lP@vL2;6 œ4CyQh'bWqf;NǬ%op 'unEKI&+Tilӷحuw\qF *8z_j,L3VKfխ3 ~CS&c°g>ciC\-CF,t+׿xu.k{GfHի5¢[X<6ߓ~wyχnz!ڱwJf)yf/ 9/ʩ 5*÷=1"bX$IlEP|>gWjk9'޸f<#ϭp 6/dæcOY8vÂ4sa}2>Pe%Rׂ#Bs|gTk}gMVf>ĭgSHأ-er=U SV8ߧ|ZpDԇiJ[rGDR1+i2x'8py<teů|T+\$ː"[o-|mP'xmPRhpz@=z[iy7y8Ĕ 4ޯ>jϩlp8C\YU4kòOxF60Y,;zzn34p֝%F6ÿ42a$M~@(bsꩶ? 8z \50Ùczy|eK_O HM7O(79zw 8i) Sݟ޿1ޯ6F(Omi4N7&nx+THf<nxaj#aˣ A&xzwxjϦ;%^H%RLȹj-$ĝnKG o ;C0+'y' b JmжVym}GcXٱ7kk_#3^]r}a1bwix5:pom }>9B>ϰqӯVI.0EɠB>jR'773Dː.忞yY +3.bei-s:Xj/@SxG".~Usk~p/G}";IJf3>߹!_fyx.a $ŚE]T^DegiWKWlmԘz*QSR 6Ͽ.3k]GIL(`wl>8e]BrDJ׼L0v9&szc0Ldަ?Xll~U7kHTxqvZW`uۓ懵h~Fj72 *L<\ǘP, \͋ýF%ol ;䚟a75Z*ZC]ktt,yK9r4E+3&U4Jpyae+JX,eN˜_O+![#.}]̱e On?j[=j9ն&`h~`c߱}-KlHɹd{*ym0?'&;/+ʐ\PHbMovt0MA,r8 mNaOcO֜MOwE!4 cegP*Vqre>۲lY"N9zȿNEo0(L"ufІ"541^FSa E?eZvVI*3wP98"L #,iGH3 4(2eOlz#<ǧW1tz&Y׆x(üL \aꈹzwS%nh{ e|]B YʈU1xӚm/M]6_ozSm e/[k1O<ԫ1$I4_S׆/_}AOmcn鱂 ! \ml%ygqm%0ȇ7x<.sa:ܹM3)b(Ya|> 4h_r8{^<*g i2A,'Y M0S{rjj~-/OgGyvf֨Pݮz70TaN[NXB$M)֒/ {ٰf.PuvE ;u+]|3nR$D\=fߑp̧Y0ö .=|q(^Kp_ 5^ 6-huFPxfCJZ3}z_/֪t~s3_N)N1.c#9w*[V&v[u: 9j-N#ܿ&>~L?`2PpE]¼0o}}&zDog̞=cƚ_g7(ANH FR"[Or8l!Qq uC7 R,#2<ܶ÷ oM Jbώ[Q7?ZXW ]s @}j;t]jF܌M10a{^c3_<:d*+Y9M >VBJze^7ꪙu՚G(Fk}iRcvt3)8z1aH@eDs~BE'/Ky&3's1ʠHБ.<4-/*4皤Ab.&;RWD?⨖22Ύ9t5.pr)eeeKH9{kWS\N(Zʵq'OG:f?i:U9xzW6d>QmfERT5,H.1\I4I˺8RM}1 J$K|=ѧ@<3%DIC䲏}x#KZcS_F '[;g֯\s'{&V_;g[o iyy\6Ψf; ^ap'~[h hvՆGKf\^Ӿ}~^ 俳m!0Eڿ76.Mw1*NCh7?/~gn$ ;~@#Î%TU_:R'2_-LvMF<}h-rš}~;&IOWN a w^n[wUZJDvpPDh9 Gz+( ;ke@dGPT@QAvEdGPTpGP(|4g44Myye~( ՓI)ir5t 4V>$V%dG* NYbP lP@vW^9ZilE'X@y#NSJ0/ѓh$!;Ochdb[𛄟T??6yy&xb>I^mwrl6 KL p |X{|t'|d{מlO|OLx'm@Dndg- pI3))E6c&Nniœc:ۆn_Ӏɩs.@:6G5w]j9Ql>oFO?PM`  E":>x\#ȓ:xJ}b/3wrrN 7_Wky|_`av/n^='GCcE \P 8ϘzzZ9aT;?M_Ip{e_a8̚2ѱ׿/;q:ب؆h&S7|zGVNf];[U03Job>q_{qP(u[B3z[]ɿGW& S$eYz7 KqfwGg&xmmّFp&$ކ3[CmGdrvMgl=]ߵ\ZX_8wYi,Tȶa]9[oH"46 _`tA|h[| trR##; Mei+Fl+;CG}fDvi]!C'z׶S<3y8`fŐc* Wm*P_ǖe̓_VT7cSK+:;a)sW9k]M3n??6g_jưzvlsEҙ;&hB>:^x|dP)Jk5\FRR(|7Zi:;f813ȱtG/6ˬ={TxUŁ9rlfbRKX_Ѩ&fqf}j1YϺXyYucPҙ72ux;י59?T2h!o<ɬ<.6}VAvlǷLd7ŸFU ҒQx0mo6%}&{r*^&ļOh'p0\ qP(\j3e@º&Koe֟UKK&/+ &( 0L ut}8zWkNv/7$c"gt_Q2.}ߪ6!>⒱ݿju.]}Ӭkҟ?кsou8Vj=h#ts~r?֜}jKAvdUݤO2ѕBCM'ܛ̺3f|ĕw<W~p}rM֩NBԱm}25Ҋ_>vըu|SA-/yWnC8~UXzn}YKq:7\;ҋ}U-1g#n~Ce%Iolޠ85OL0[#=ح~x-ǣf"!%̨s?& J=)Kinot*S[Bj2AW=" ͆ ٳA{س=yZ`4 LLy#~Ѱ.]puwv۪ư3;F{ՇS4~Okw֑q̩7[͑,#&v4'?J|T;ZW(#Lx3Xf2"#F;qcUvdfI3Yb'weǡ!F,r^)wܼRJsu0DwXY.{uL2IBPrwo*U^"_#a{se$`9y b/5zBcιuhiT?-)QnbPsxz>)TQÛW P$(>Z)&,'R ֤s`WRB&'xI{1bFl&[yTi:vB^-lB>wF<qk?W.bCW^7d$PjsiN;{ YѬL(\i5'tr2ng0 !vt(WqiI`vλ<fۡ{sԮQ,G2\@\>cJ;Y)=@n䎞J=2 #I0pEjUtHb~gO[v-yfNOS2IAtzʿՀ5nXr~L6]_?_rWIU9UG^ؿvdWwփlk4)kY{Nsw\ϵ! q:\l$QQ?Tru{VЩNͽ÷ a 􉚸+ڶJ~~/[(Sn/%2.O*cM^c,Ȟ\.q{ewbݏޏ1ZE~emWo^, Vc(1v>WTReYW| ȞkE}{.![6cs'^>yV RB{W[sggQniBOYP.a~.s2|Ǎ!SGu۴+kaxϮsyL[vyqCsy]㶲EAOi*=09?zF@hr4a}C;cŽ )ch>rz1l@_LUJ9cͼ [| {ng?{쒒co20RQI UmCT&x{Fa&m`3&V14) Z iAYOI |O.\Q3 .Ldk:gTa6pL5*` mֱ\f`&h2aAFTn;gk|#۝(.\ZWm yhYh'V1w\0R"Ԓ粆 eBمvmRg\l'6QȰ~vJghI(3ٹ8YCҍKR+ lCn O umw̡Yj=p._ 'p wsC^ ;A×8I$bIueALn`{o|^q98y/2zM^bpb;!Ui0{򆌺l+rpm_bH@$|eps,(dv6di( ۔Y͖dhB*J"sv)ts )MfM}h;`bgdYA-GIVM \ZY<($;[4Ocq@_[?rkR١yn"_9UKFT"@Iel(; 1/|k盹;!}b /z "^Vq:I&`(IȎR`07ZD"fvGL ix ^P=>[/vIC2ңq_b$>-ޯY\.ǹMl?|ȃߖ֫=u\(_2m [?Mxk:66 v+ 8"T*^uPփp-Z@[K\. FJIIA֐o&O͎vK7X[SG kR\d^h.\]򃔸iIQ imZjfZn ^+էWC0w7%~JsULҥM{8[\c \fGc^6 2"' s/#Gz)]AR3ӳIvV|ܳtw,}:{;QǩqS裏ѳ^4'_mKcBjY?}UZ,-^jB&ruҝY9OWeĩ W4Y 4U&vMŹ;e֝a֜a_|>Ya(dФEi ذYY֏LժԸiIfˠIɌ{7Se U ԄܜQL%$nLݲ~03C1KC5V(iT".kU|̋^h=JRDe[?YK$UV]ri̙ׯvZ2eƍgooo=l7Y݋5  KՃ,LŶneJU?{}<`f:W0ppĂc7Vm)u:AZ${n8}){$7Y0f֭w̹[ugܑyc8nعq9䵛44rKt'c{Zb]#F~hAu6N{fa'S{8%w?qVܝo0jo Pjo1|(푍o0XJq˵_=lAĔS{bm=;+XG'qw{h c7ٝF׏;iӦ+VسgիW+U4aGG'A~֕pƹL3C‹4 ;8cS6=Gy&%][1I.C_<4d(ʭ~ G˪\ԣEE&Qcݺ;4? RO34^Xb5zd<{e}|w5lg;Ptރyvި0DC?T?nJu衍cǦP%D~jƱT;Kk4P], q8o^mņ6^M<*p=pSg?dDF`2Yғ) V.;^}N߇&HY.]dMs<6.ݤjӫ4999 (wrJUj7לǣ~{7<6(vG_mۦ}kڮD]t>|K7Kvt`)T:<3V}q].ؓn)rN<qa>37&|j 1/cŒKAi &8 Vѹ2QDdP d[j9"bP"cLc/uo`-b $?!$lĵb&[JwP(~b8fֻ86N=Ћ@o1ݹq]Bɛ2=v&$,x~hBsK0n7dYaßkc/ʎkq*c;)KZ)нǚmhCdf"9xd0FK܈avლ}t<sDW?*lݟmC0̥e}̙-v0UzNw e֮X¯_|y"LdsWʦ9l)l; C 5jQWv-bcLjxAE`d04* zGOH3X?$j^6Ov[5FK9ZAs>g+)޷fcWvlNR3KS.1h0ٚiʤ1$F|d;DNh ވtسrs;|`3Oxx"i&5ךtӾi+Z>֌ɫXef=vDy,FNmQ&&Ha.O@:Wȫ( ȶG98O1 |;MBP=zGchᨮ.~UJ(a]aW&w+{*jیZO?3޻MilͬXX@Q͋'NxQr ˹0GJ$#F(5#m= WgGk  ٟ@ pB֟+Q;JȎ8m0/wW'[L*Da %JmWm;P|ԱkK d;eG4qf%͞:veMMh4 % zd6Yq÷`r8|(3W^VJ ޔTr؟F qG$DV^R54(UZsrs\avݏm"xʰ% t a6 x\Hssc$ITjZ1F$H,%ؖߕQv016I9c .cgGd6V%f@ɕ,O[a(љIM.DQ,Je(=(8xo# h0Qg2Q(mka5/=T (1Px-BDZPua?;2QR$lBd&E(;Ώq%1Ԍ@(bEdytOɎۼX$a&H$)FTm P);"(;Z߶ǞSɸܷنhM65kڴJ*f# cת$*KFD(㽥!S#wPݜ\6`غu믿Zvs)S_puӎ}۶~\{Ov|{/4$ER4C iu 7Μ93--СCSL}1十Q O1cPZ#֙5/;=ML?.;;:ÇƎ71t@xq_Ǭ;V(f4eR)()pF=3|ETH˳ c4[qe2P(rʉǷnZ.T\ap IL%!>?kvS\uK œsP%\% ܼߵZ-y\rp`'ҧݣ FiFiHtg/rm!D904goGELVQnja4PI%D wG4^Z)Id0(rP\%zgRPP3qq(ي>-Rڒ,q>' $vRH [a1m#ّiU %˳CCY bX$¤%=yώ$I%2 e pı1)/HdRT*|l9>:F&%0Z=AcX"ًHmOqє<ɎŋvM7/q$Ơ1jE"\.D@ QcbsWG.[ (R(uJ/98:ىRP\pTgGєÑ) J IR|doo/$bMS^vPHdzv~n^.r)ʎif|>ʎōó \Z5s$b1ΐIkqB6;ZBɋӇ.T`|A8!myLίzujP_(OPcږaARܨvY#6hΎ@Lڽg4ٜ5"$CL]GO ?so[KHAvg 1OcZ|\_@r.\ ha}CD*t,NmoVCo0'_ݨQhunRG ۝ 1t!G,1[dfԚ$.nv ;aбM\D *MZ@r"13\`d_#_Kt'hg2_ed`JK+_&@,/#WSWV^rQFO+KKMpiLIݔ|LLؚ_>2ҞҾ.-DTjM"׮Di6#G(4}{jNe5br=8BqP?DOi-Yg Ec< f'r f7,8|eu7+:sܬG/whq(vbggh7#X .I @Iq<6-=+og7prb\NRgJDEo/ԱC12az yqhu%)_za?~VflU#U&0@7DiUvĜe6 ]z':{ Π`ˎazIg0I98àmr DCT釒9c+w]z=}9 Qʄ\0cqz$%dKGz:%p=7s^m69ǼYMY tAtA]I8bԧV`#6FS'5&.\霝7emdcVKwLj7v#8(ya㧕[Urlh03f6*rbSrrk$Cv Tlh1 ,i׾@Y1Vab>7#u0G_CMnzBZgvai%^ E/s٬$f4MônޘȠaZV9ei)<~8;b٬c(]9~乬jJ2cXM4y 5FS p a"e"V8;swL>8bLɆ>뫳p"f=xV 13E!Q֙*yֱgѿ/oy`i0-iv\V$^S6]38TLj:蠃:蠃Dt(X|"dw(߻Zp0F{vc/|EBuTr?Z|9^.u{I-%:QLZ0;rfM,5MI%RN u]NDk\=k83,E\LRj뫔()ZrѭFy?:5IR^B57>xBY/9zY)r\] {nwp6`!j`m^t5d@=kRru;y\]STb+>x]_oT EX04݅JȎհR>R#t8ifo>g+ ;~W*/e/Ґ'xB@ ?y m{g|aّIQT"aˎ!畔oByFx8/2;\@6fBOqON)}1u/JT{~bLԞsA^`98tء #/Pɹ#G ̏]Kg=S[ hO|kbBou!N0?662(%&;8WH̡`{7g!v-C*9NUVø" fv|˅ e֭j׿4܄aYOO}^IDAT/+q$tvj$xdv8s cRih6 K+Ij^}?.=] #(fc1N1+6"^ S+s3(o:9uhvcVYd2afvn;'ȰA'vN=z~#˼wȭ&=Ӧq.gL97TF4UpgHP|ʈu_)α7S6VcΕU$[٫Ii lC3$G_Oώ8cAeЪo~yj)nÞy-eQKS͠;nYu뢯3ˆmg}uq;=҇q?=VnH:|܎#۱"aܙ.zYQ ez7W΍><77 _}d[ڻD;jOP<gHIoy aY<_=+U;Xrw눋 mݚ8k֬' 3ݿko] .}5#i(c^]=QZzucc+pt oj6qj'lzym%m{P>_kq_j zV+BR(pT<ّ#:X-}+WǿMUuo6LxՇOU嶡M&}mZz¾B)k X6+˽{ƈeP+)% K֨vh_Zc큫jJ;vøB[3j|r,^qhUUayCCv䆛ftjJLjJ`F77YS}ďMoznF8[_pXsY[rpJY`~lLK5( 髷spfόD/NgEb C3=,eH@q)0TjR$MQ˟!Rԗ32P |-}icl5f>UVl%8f˳OpnSGI*rggxj0j>ȋZ1,?>JX}"::9*q#@1Д$Lv@ ԥTP{?xqqUx(u❔7"/M=7-{t=9ѹeZ`2_дge+;7F豴fŇHt-ZvnafhQVBi*ڟwNNtAj"&m Ux$p'IҠQ{z8[+REKWɿ{7N5^m [fE]NH'ʴXѴo ?nBFSI()WZ]{&r4n-y!5z?l|zHɿWq`^jօ#ߡtOc$NzThPm,.(^*qoH")*;WjʍIJO? ʎ_8V{ ; #(*Ȏ ; #(*Ȏ ; #(*Ȏ ; #(*Ȏ ;`0bS2%d&dE=Oo\r{(ؔ$'ǙiK034EVb0 聭?T*ƏIJ_Vn@7,)-3/8::RL"1MLMR`vΘ@ EO}8;楧Tb4 g?YOn'U|"ӳUi5J'>ºEķ-l9(w?fCkpEC@ _JvLKV9:{UZTd 2rTqɹ {ӳcqƫl CQo*vzUeb[?OKkP펰-F|տuw?0H,A :fӧiEwƾ5?m= hH\$P].:ʶ0s_>xm w 3*d2T"^ XK mGֽǽ>ÓGqi"lF|m+Iqذ-.Rͅs=1iI󥤙}Uu99AaWV+ \:ďB۰\TlѺIvv6\.;@%=@5j9h4 JRT$E h_TXxV$%%ŽPjutthH%P1fDŽTU7774DJEA9EPXz ֒/ J)44488B3nQQ*EJn]i|\"W\A/^w1bl}yв"˓$ƍϫIr܁V.AQ:PҀ^oJe"1Ph5\-hw}h=]u*&`\>a/GˤT*2H&kTd+]9Xs_ eo|*#6f)"zXkO۲;i&[Q?mJ.ӓ'OЊղge˖E) msssm}ӧ6j֬RPAub{]9w*,]zzރOm:Xa-&T /s9ig}Ɇ aZۓPMZăŋhv2L(tڵ;w=9)XvuX-z(RB+AOQbNCmQաժuĿIz~_nP^]mWJu,f~2eʠ]LL ,988:}6ʔh076NNN ھ؍W.^s;^ROIR((%q۶mQUx Z}[G2'N8出'Y+lR c](XwUX~*T@^QHBu,D߂ ɹ;=y5;Dj=qN?hETBq Eb1Q;Ǵw |p>n;f,Ag$;Z7Pųۙ75[peVHt΃v4dMF|uWԉ{ݽwpӍ5';H7.qppA:ZuPA]7nm:22~]j\bևfEffz59(~o9wU/ y|vWnwS~:* MƐ'L4M?0ӹٙuI'?Ldݽ{>b]H0s$IGw}M>>UTAgϞ-z*333!!%ˆ LZholL8mR7]g۾ -lslR{;DZk7mŜN ^?E//[S%_:9>޿z v5%پ~q^eܔ)'{mm;х]ܱÙ ۴oTͽ77lqhY9dvC|h|Q/2٥\_+|Dk|Ung;b!cOdY^(.s7{ Yhb=ag%o -\.E]$A)r/n\Ki/3L1g<6˫[0e3g} {~isLjY\Xn#W[>m֒_~PDIyv9X0n{LG}FNl_WIВK()cXBhcT*)ߛ?Тeipd#ۑኽvc_y=e~LrNTJcP_[rBFN$;BOQYszg)tFЄ",lVdyB*mWѦN:(3DJh ׯ MyYq1OzW/GUn zp+SbɅh[}rԇOCa0,7O?KHd۬rJ_aYA!reVj&f gD1%00bŊ^^^(#FGG?}EȈE|E ,vinyHyxr32R1ځ(߽m-kP)ߪgvtD};W#ƙ5emV޷ޠuRw܊Lq=4BczENRRf&%f3Afeh =2XPtc8jNyR/=[7}/ AABԋv?-(ݺuvhB_PArlNwO.]f/sjV ڔ}ujU ALLکC!Er$Wr^6jX} ե.'5++;3&2{>dEfqf& ? pShnv&c\m䛡BkΝs1s9枫sYslK=ά9 rIޠ/;Ǭ:7*mbc--;l\ȸy֗,"ʬ(.uZZzRrZjhq;T/"Ӳs4Iɽ\Yf_3im܃Say[>Y};mvZ>U -٫ w>TJ'_KqpurV. CveaY[{+{%W߲4zKAK8{CuXCLHM8͎ESCX72lƹVC m/Js.k+Em㖔Nx|pٽ]N`$K$aÆ(2...IIIhkMz*WV6/Km͋v!Ǥ\Bv9Q*: ?=opB'4a0$ 2YKhB{{瞓;۳ i8Fbt$sY# *ThCFVZ˖-SퟠH?2\0k٣2yQ֡#BPx{{BԋR# zCla8C?{灹Ng4Jwxי}N:^#F¬Iz恃g=xڤwZ'~c+(&>s?HIVx|gz\.*=*{ۧA{:|Gs'jVvrܡB*Û{ |ǾƵ;)tΞ'oBijV}aIhʚ#NfĔ9+YٸD̯].&!n/vroѯN!;LU^nzv[IQ/Ӥɽͫ9=wuoF'eYYTH߿{F>χX_T)A U<2TiW7CL͉K#B*u*Vk$ѫhYѴ:IXt޽~ ?;157$YR%h!l6^vd#Ő(>RE_LFmOLwN6a5{xƴ{291;^hP9dlppwc4{t:WUTA[)JX^^^.]zlnoFv1=t&=hvr#f/t,MLQ*O*_vneއ>:Uu Dl5kR24ϟ?t5jԨSm7e#ZLY+/k0 Wg'Th(d#.I$mD28&s5arbGk9ub1C;'AKx<^S8ʠu4dFQrJ\\ݺuCX w)6X\r?:DU*Df/@ www=<<ʖ-k0Ҋ2%C4+k:/ 帲7dp3H(utaѲ3nd߱=o[0y|sq# ^bΕL8:>v_ћnM KNuok0L}gu }|Dzix"Ɯs3Өk6;kK̟܍c9fmv4i^Vth_>Znc60y3{Dt{5G>~7yx=2x"`zϖMNNN+WϞ=KJJBIVz%Tb2PF؆~U X`I~pࢺ d ƨw|kVuAEĥKi^UU p֍t.+s+նY`nع3QڏE F=׹\ܨ(~O}LmL]}8TYC!*Ul6=ǏcNN[|>PA3PpGZC5>Zf $'iZcy<ڗC[eQ9Z*_#Q/ʎ(Fʋ-5]w* k=)N7[ffZUܳLLXVӾ9F3$G,=#1]SS;֛QStj&;ABN[veroxu͵6Q!s{U!ʅ{v\բI Vz=G~/oZ-Um02Y)=9fw#w؜#Xo68󷞑|~q8à6CCr)Vctԭs*y*qФIn}U-Tta3ڕF+J_OwLk[nsrl)7r5P`Y#~exu{z̫מϊhmEhI ha{wxwf)n4;;RlHqx'Ow.^<)w3[mQܽa@;ވE3/ƥhk֧ ~KzCi{MmѲR# Rzm"266+Y[Zq$:ϢKS1㳮c_\9[7?f!} yE|+BG= JT.'/=ηҶD"">4)) 5'_uNF3'؋H v2{2'2Oy{ &mANr79/Mmԓlj(c&CӈtgzWb;-8h=(@pEuGf4(;2^fnmjB߶Dxٵkk / hM^FfrbʽT^}7:G <4Z3]Rh 2{GG%e#""ʖeO1L(Km˗/Wpp0 R(D>~Yf( XG,S52oo{˚h3'p*Ӳ gpˁRI(JTjHӪl#Z|g1d>c MOӳ++RQoܸRZTBQvܤH=]"5pvg7bLBsqy3(5F̕(s4f:S=<|433T\wwDI!G:895dʊWJݭ7&l`n.vJ%Dg(0G/G1fR9 QfGb̺\ eNNqo^E͛Qznz:V߷nB_͛7mZhXS:2O3s$>">:( C;6JyҥK-?Nj=9ZHr5HM#|e%1(2 ow)| .wtk_Ȉ1?7C}GҞm΋L=SOO;!e~m:ٿ&TgOOloj ͍>>, gn>f/oyѷtΆ4ۼعV*;gUMWi몸y}+6挸/j~ Ig!%$U7h\֝g]E=mvpp,(xerS4^r{k(>g|}]F"QRdHš_ZߣaQݺժWpv?@o*S۷|KbIII7oD0eG:g@(;v Uu֭Z`wXc ӧO?{G4k׮š᭷ \ώFAK ͙(>ZJ(8+WUieiK]"һ(łbRY ]H.6OCSK|U%Վ:ٵ>%vdEs#i')'ǡ~:+WZSY^)2k֔j#˪1_/G ;a}s34qlȱcǣAx}dfo 4Ol,)9ءC`BQPn:z..QO^z 44h=JzW6lؼy:8QDtRLC@{s/[lʕ7nlѢuFG剈>iFdٜN'8H!J*=ɡEz eQ1ʢt-IMBjݻi5jD7#+H=KQwQUAa8,5;I\ 'kyuYyߌb[jA:lvr8ͺ?VIc(HY1?C@Ar[WiE'בIHA6*Vq~ACVh;FǑbkPYRh%:~i}|Q@Led!.e1a5AQ!kTOMB OEP$<$^wݕj.q(2/1%^g.uGv;_ܣw뎄ΙܹBCr3g8p78&~3t8aC=`6=xB!xkڴ)=-Rċt;h7~3 (^ѠhNUZoAh ]N뎐Y{x`; zj&]yyE5^w<޳EEK^h_hF<c=RN_=z~?L[A "+++e<Zъ)//,Jh(wy~t>~9kANESLD| AjT̨ODW;͛7_3*̙(L'mZZz->)JX}n)4-ct]tbլ|)/E/=?']} '˯,v!vŎjGI~$ݮid+3;{֥5ZPHO(EKk<?q}/pri%KϒdY @ :AyYUUEUQ~ V,nӲu~e֯:\Rںuc|.aB4MݰiKN:' :M]ynk.Xj]nC#]{]{?5>߶m;;ul~oN6D7JKWTwgf{(nOvZ7kn_7n֭'/.7^_S3SQU9s^rX/`ɣi֭۶o6fD"EЁ:v}VH~'{-1 ə89 ojv9L?D7t'a_kfK)9﹝ged4ieWդtU84-)BK1cK:bۑ?~pϩqIiwj ml)_~ؤ*/i-t8bR˔ `H~=bjLO1'g? QR{9ϲ.=?϶N"KU{6M]~X4n &6>Cdә2'zVO0ɲaw” )+iUs8˦{GȲ-\v ^=cI!+N'=o߰qEɹITЁO,|wޙ6;JtuI9ձivI*vD'}hro~z19r|X"&=6G\Q;bT)|h6fgT&iR.OtvΏ_('I=.H:cI05}DVURX]췤\?%)twlibKLqrA, ((l0fG'= J^S2į\Țr%8tvዱ+:s:!^N[fk7{@@Hi reɪcr{K]QOSu[`Φm2}ݦZEn7 e36jT2U{-8U?-S#G-r#O4/ۡI#E6O#(ɇ6fyOlҪ~=EfgѨǷ̑yC +vGղ _ lرlmѬnq:̒IT7VC^{úbwys:t\?gosrG]YD3nېs &uc]cJa ]Z$c+Wqit}38/Zf^$_4f\w WmO@ZVn(ETw_mS I6lMG^SZ4mEZ6sy+8oU{Zwf3npn6y|bҹ =6}`{nFnc呈Δ}`,r}^9amM9hZ3*JYYYIIivې":rjӉyRٲtv-\OYRnIɪS?M.]֯.N"U˓dx2=CҕrRWJs\++ɟެ4=@ʑ)4u^qLnn$,O_z*p8TylҰ]E*Ҙvpg:'n'aSW[ IٌC;s~bweU<컠ݡ(v3,ʤ&Y킬4p{6Z ڝS2^}_xf/+Uܚ3CQUՑaVxZto"-#-^3%|QcSB`U?QMן&+5_HӹtSMj۟`ϵ?vKoiw^9Z8솨uY,tcߔ`eV]MW3S^bPt-ӜZPT͑q$;ߜ :j搼Nf2j*X1)]צ+fVo?;$iv`Q-)H=*HYmLl_x_w<{4ͥl)4EZ4fZ/FU+z֔_p2/J+^t'-92zH{ʶk'gm8<BbMu[;b+5'*ZH;+no/Nw~Ʋٞ.zqݫ(ڈrUL&PNy{SXa5޸'6?۟Lwک#ZEOYutVoU!y7v o7;Wth2xo}'vM[g(vᥡ6h׎WdzΊŽ;>ӻێU:6y鬿H]ҹ=bw_sЙnT~.|@5%o1S?k ]/sγ^(Zٲ={s׭Q=_jvT;>]`WPn8zju$-]>ϑ.7m8mތq}]=?? p*ڲ6sqOoY7.?GXZFyiҤ凇Zl^E Fw6i5(ЅdPy~Ձt-o{f8RUVYU72P ^vwnlﴚuzooÀts Gzǯyq2-螾;"3ٴ_\tǻgUcK_?g ghnbˡ0ʾ'T${[Mq`=]`g/-ܱ» ڿdO Nwez\ҥjfd|hx=HkGStDYEqzT"\ Ϲ̖%h$iٍ麳3}a%4osQ^ޘ0$9\2¡|/׫4tx ~ڑWL~y[8m\ӗwG%7^ d瀬'$ƘͰyC R(SԆu˫e}^_?sW&߰'n;}W ̾3>!s#a#5t)}>˶Tݳ0I5^5W7vS7_9=[qͨlk:sգl_X.64M+|T%/mH*Pu}]}ݽշg4;jkGaBVK&wN»Ϝ<ؖHﯪpŧKz8T%UՁTky<|}&,= 94y{u΃ӱynFK/61wnw$֍.[zk^a[DƇL)*hUmY^0ˆ?<#7+ϻ1/^w<{F^yu~Ieo$}F^~z);KIN>]UO[fa=JDIfŠ˟a`C _|C]ҟ.|1_t2Yfo֬*K.e=tEOyc?ّfSV^$n,΀/и}~>MMF ?ѫt z]_Uֲ赽8iݺjST-PFįkVmַէ"Ed_- yLۿTVM~Jqgtg&a8pmjDWwji#t2bܕE5<=;[Mr7n{ѻRpUQP>nχ}٭mΐ\o2oA׏jmD,yٛh.E7akdܬW{*[WiPWuw4{ٙ:z6oep[?uK3 |I8=ikJs"Ob4;tŽ zYmJϝ)r%O;WAtOJ6%RqcG~؋kqٵGQRͺ)ۣ~RH5lUϵ˷yоx἗3FvEA z+wڻ+ߓ}] ƞpFYul6ouQn-:h c ]UT> cF#٨†}[qj9e_p.=>h`qۈ-ZdT&^`w`Rsξih/Ǡp괳#`> k፻}/{#vhm7hYة9[oާzX܎2 弾MB!ޯe{a+hvgp㘱7栈4I"6p(gC?0`P_t/\7Qw ((ZVa{ o$q37~tS/?Y[Ң\ߏTn`s?ywWvpd7֣}}/>@+5O]yz[qk2&3KRv} oz޲}{ve `(uY)+.ˈkg(v]nK׊gto7Ln3T.%^vߜ'.+^˧pΛ38ޜ-zHr[{|K7;+5A5^ oݥfMsSpBR(d/: D nc/ջǚ`P߻i/?$#vx~+Dv~Jy*anyٞ,] a/,CiM/]UxCm‚VrGvm]g+ڶn| ")uϞȁFΠ\d}$ F$imtF &ZG"`HtU-nC`bD;N5vkZ1ݪT-xu[a3Ҽ.)f=T)R7ϔ~$4G}Hvvޢm;%vِ9zQ=iܲ\QQ~}OX74~—5v7Vwlذi:?,20aiކ͒O #֔{΋L)X#uU6hׄyM x5{%_`K+v,~kCiLz5fHaP lrp?MDB!FuۛC%l#:U_QBn{\0=_k 4.º#+|'u/l/땾/ޮY}B{h~t ymaP6#(YWuOUzwkRx߫#7"ttgP4 Ёش- +ڴwٖc|gv#;9oҊ>˔> w<6.mZyS=OU|{ӊ?=2#).:sXcWEҤ#M56L36N78~W1s} ϫ ʔ%}a7>Fv;&˹5_a)^/b:P<,h,hb1P6?^ =XȂоg6 ;ze)h?鈝blc:?f#w ;qg?zsc_5uM8_ў(ܗpϊWvݬ R|,kRΠK3hbĪgacs;K=`g3[6+Fn&82<V!`*ymb5{ơ79:Xv`} qGhXŠ5)C.4߶C+"c?b54ѭ؇%>}avYc-PW'oz~ʞ WZ5S.[itԅ6}zW؞m glS5= |Xzj-xwؘlKתj{b t(nlz%w}Xu٩2+pztDً*mX9Ӡc6xeF2kl+d?loe~uS4zp׀ͤzC16&6~$>$;rV[N16N |}˰Қǃ4P~VHފm;XaQcHa6qKz(6zV &?!c)N1TcGq)NUՄ՟}呙{V3rzIbwH*UN^]wuePVm`&;gZdRVϖ ](ݾPiy5^>S5C }٘˗:yJaî,2" ) ) uԷKtGPZSs^n-6 Gv)7D?;yu< ~@*(=<Âp:ZܺlrIJ͇ٝI%%Eg XCX}~߀ʗ(c3o oйUt]`ETi]WҺ~㮧KӥIROJÖMznvE@ vEPŷI=dO[VST m˚5lᐿ*,6 y&uUd|/MSvݻ SgK$?:BLv8ޙW^1d]a8TgF>E|sD@7isE;5pP/NRێË}$foѸi}jnsRt)-a!=o֦ٗ-Z"˓T:kb--k42zVXVK#ΒVXh;m5nz'']`붔oG)ph/b l)K-I%\?--Ga[R_2it!e5M6%\U]Y}*9s^-^W{(#iw8$sK7e?qwH8\^P?o`X'E"ʯY3=$5ӷKޟ:IS>fy7]vc{?{%f/~2 hYA=Ĝ:ˆ ~(@}O}'39au#F5UV[0xr gLx[K(gӱU'_ģZʈC4Dw?ˡX((k8C鲇죹K&~=m6: s_nҜMfbvh$ 3dHOh݆J"bD~0DW(x`YIi?hH=a_|3&[KU紳wjW?C+ZԅSWCJ{ߚp_0A'E|hE?d _ aCZ3zH:*^1h(j/Yb0 ̾Y7'v¬NåoHՋ?h̅Mz-H$Hg%Ձ&zgȳgxgw͝^/%]8iVv+KG8&s&)`X\|Y4vj KμK&LIK4BG_oPECF :yMW\5 =T7_& "Mee|o?3 WXM/lYϾ=sWK& /]}Es⻏;kEf/}?O82@gM}`90SМװb VfMz~dcdwŸy͏fO/O֣](FoЉQU|`EZ8n7'9欿4^v>o~2cYѯr3tͽc#i78CtIӤΪ= ~Y\^H.|מ8iηV-{g :r]tQ^pija)76?PnVuzO Ek1inCV o.X՛7ul@NFMڴT횱t /v碓QC&Ywܵ`Wn]1vnd-[w66 imߵuvΞShiZ ʒUߨS>TUD dŢm/U'f++6jh] -_=sC-AVu@di:UK%Mt~f{VkV9#zuh0[ūfm۹|1=e|fgRۤwfkA[/ݽt²} lѴ}lxw"w<}3͖*ӪڨYy{|΢oe~oQWOb&J!guk۰s^Î=:^uܪͫ-󯽠cAe4_YfzvAZ=l=ݮ o2K Zdji;znb׽E)P Z5nusi[gboփ!ot԰b>dww۱g][.pn9i) ٲ{/[ڴjU[+ %+-WO P%F*w*5իFNowl_|Pp|^=OQГ%*wA6 d @szFnt]+wD,{ee}wJZ,WZFZ6szM6a}zG?ooׯue'\`s{{}Wxێ%sO6YY-JYalۤvy+žܡ+歭tkͯ̋Nv-;4jRypOfuӣEVM{pϘM="ľ_QQ]MP(9"0iV o?FiB6u9{ 'gRnV!!PX>ŲS\q:MCV-[&[d(>lc"aGċ]77tqbCT4&ј"쇤;B( GdᴞttFTJ C0Ӊ S3"ayl]t0`H"W`e:Lƺp!pNaȰU#Q !YsH(`CԬ AaY?gqFS:Vڲɔ og# B:m|*#"+p߾k|35JmN0m Na( e*I{ {t46iov Sly/vG6fh/p}  yѐ9ؗ5>EzhWDH±e7QUi#Gge{+2Aa?)RF 7|$eugP=̱ J}h3{hݕd4mEEsnv"@ E).>t;nMю=-+NzFu= MU.;7(JvlϠke@تUpO~;oՂbG r_CJ!vS2ߺ} 'Lq/D츮#Ǝgl4H~ɜ-ar:2H[ħzaMt's|1?? IuE1)LlZ.yMpFHsmg.V^Q_ʱ2l;v^ 뎐_= 3?vx?)d0Oc ݺv5r8bGH/;68x0///rҿ"KD* ?5Om6Jz8_2e啭[a#K*)vPeت̈́5IװZF`-/9k$UU5g;뗾>sK?eoFmT2Z'BUOTONs/Y1w& P%[ă#8Y=&_C"pe9PsϾuwN'>js})|4O֕}}^ߧ[b,$5+}mUVTU*ݾ$"x4Y~ `iW%͖Mw/-UvYT(I/@Z'^Peɾy'Ϯ ֮iːѩSt@c@&y=a^nyv#*ҤZ'6FCrH(LY2_ ~7RNY_C8 ֗^HL1Qۯv}k7n*7/具5{inv_{y4#o~hʻvsom/ߧNѿ}k nkqCQ@&ZX՛=N/-/i|ۮ\ٹnnr-{˚=w(T7L7[\tWK^]ˊwY啕e7vh_? O2my7匾/w@`l5s/ګ yn>Ҡ(w[_"#|S 7z(-_{ΊK|3En_|Ӂ5#z7<{q~Wr+2`[?VInxTӬKsы]fOzY/yR72ק7Pnw b }pOےqы18+We]8LuuI)ǖ;kԚu|iMMy|v}. k{ʐ>ҠIgg}=+Z]QljW3gm:isBE{w$'U4_|[1ᗞ<'=֍Se񗈚*wG_SزaF조V]-{6oԶIaPR,Z~&ul٬sFfvny;fY#"; SAMs_y닭\VIʇɎ.ιb@~u%!oYUUV{*տs 2c5uKn~Dߺ~jMN( v7jݰ^\:;r<9/iT{['!tS Ŏ){[4MQ%ev"E$%:3SbFu:{mFĐt=LEˊprWBF#_DA"ջrr}uQ1FtÈDTnآ1Ųޞ{mdE<$DcfrfְPW\ۤo޹G<+gΖ;^q7;j3'|U%Ik}ڞ"?ی`(IG7B,9vYdFv>ua)} NVUEluWm2Xm*V5E60X%~8U% YX(|HҤM(4@F/5_4k`=C oھtFc_rU2vz3\-Ӎڷ7R۫xø'+߰qseCR6#jN< O[~fC.5k;Ӿd*Yfɷr.+IuEqZȕ;J+ں]/is^*ذ\h_P,"ܳ}{eOMTT+ =9gbqdUvw@xӻ[Q^Nr̲D؇]-ٛ˜,+a_*9o>zޯW4MQ-yIѷW :Mb}!:j};WUT(~7&W'̬푟!l鎊2Rm"@&Gkr=qKzM} f'|8d䭏vE;="tKO7?{/1ˏZ~'Lajﹻ7O8 צ10/n -C-ۻj? ֯bݏMG<7 HkzIz gꔧ?$2 ktY޽w޿/KJ_sz@ФI3`CuawfKXn`ϛCQ'{} .6B}xzM"sz)*7dΒ@h؀6 CaɲL1- y4I7ܹy6k9#yՕ5YS`8G\-vYT\V36ӾeCEn(h>! qZCbo8g~C%UT+wd|׬IZ[ δɺR^7 4ʬܷnql=:ͱˊX6g{KVlseo7G _~XWVUrNn_QEOYRnIɪSFJg]ٶmkɈBfP&0 -]OE˪ݖՒ5-pPX"$,p8H&QccޚePXYfD"M.~믗I:5gvU QrtЃ!ɮq^rl=kC׍`4p$`&TEj(j Zyx"&UMh-9p$x.oM0$w_ZR^RIxR'HM!Cՠ;ޙCix6r8)&7AG#W4GqOV;|0nD%) c2Eu7lX'MM Ir5ȶDNYd( Js˗;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@;@N veٜ_ NZ'3g%ɨyW[X"۠pi~~k]EIUPŝ:ukvٿgeIxn0 4e]}%RZ]Rcǒ}{eYV_I-Z䱣ػ}ka&ԏ MzoUh.ꘟ1 YdEI(P8CDn8EQ5Gqi2W(,.yEV)㟿>`?vt5%>@:V8T\YiGE>wY1JEyinӔ'd)ҋK*) Ng=^͒Q?s,0_UYYS]u9"C*lD"5`01"vry=ii'i6`ԏCP8|վjNh~dEVUf91^۝,(#$S> F"H$N!2}2FfQ)`t:<4MT4FQ1bz81P(~0(,؟9BM6jZX ĎzxGVDBj0kzX;٧ً*Ӝxn:*K*F\;ǎy`b\hD!dgȑ: G2^G6CF>ZP"In쎿mS&yJ6Hd ՉcMK<|͙v-~4k#0uL9XY%)vhkVsF`%k6#VQ؜Kd`"JJEeч#YYGu>} "MTT[xx-1+#+ıc\Vbu٦hmYFxT G6̪ -$эd'*C%l#'RhњudbD#ImZY۩5+Vfm/qѭ/bŬ֒0p!Ny1_["';:̓H(k+:T2iHڌ5"$:&1*5IJhSFoهc4hV绘5ѿ h+x6rH7X.ף1bb&R:r/Km '4J"=\b-%7i] Q h77ևc4olߋ+k"+["2,3#:0JWxU4%CF-H4fbFo0 Il"y}acJ1%%z-|Xu? c1"1~+hVxN0 tKؑ=>iN9*%hq>=hƝbGcGq)`ű|FtaUDbƬExyQK9\;LM +-ۣTfw'fU)iuv1ȟeR!%:8Έؐ{GBd6' N'cclm$tcuQG4`iL"֚(:j\ݠme1?b-h#R͒l$ucxyv嬃"߉U)gL4nfhLa "#޾YR,pUX9BbbIՉ KK,3Tv!= +%bE]++m4k%hm4K%),ռpZk6×o>{fő5YuJē X#ѫe]E;Wb2(ga ak MebhbXi>ˎxh[n:.j~İnC<x"+mRܳ$v*Y@wY['K/*/= MhܬٍȊ`)<[ [zhJ"؆0R" j&K^HnLwla2g^\`=a w >RMB|beh.)v5B4}ψMFj,;D/تx,JyYeQU,v a9LMKQ%(ķMnnMyE>GQYz ?E͠]YIVAI" NK|NL 1lގyeJJZ#FkX1$ǎ!6&m2 7[+Ϯe$.?[+6Xqhi̚l`i&E>fi6SDr cN,7[~Jwdb&qDkB,92V Y4' SlGwXCX&U3VXyH4ڋfh>W2a((vh5B|etg.hQj/SltA<;CEcGqge{Q(CP쐘%KKc lyN49/2_xBf]],g'.b>Zz!F*^!ؑm_4sVZl1ᡀ&v0 Q,4ma1!V/'%6cŎF⍳!)y0zEB2+G&w:dm%Q׎+Lr˰Y~knOg7" <'zgͰ.QVD\$bG ka 3o1OE|ݵ4k]%%Ăh؀K̈́Eze-Ʋ.rX;FbG䇣 A$ʋD!EXȊǶx$VG)5\;%Yr`膰$+ ŀ|.c)z9._;Z<=9D&g,#;#cG6+`UE-gb]0k; ALq8dfK>i\M`t{ؑy1l݈,ke>ؑTj< +G/3'Q,/[0X"5⒛es׋ 4E[̆I)Ŏ ҵƎ-Uzn~ZkY,5v,qY_Y-$3ˊ* _F@)C|g ԮycX8!JylZ0vUb ƚ0* *lVFRي~ #-%y-oG|';[abe%2]0D5~Ȋa=<D)놋8KEK[$\b.h R:fخ#3Xkk2d n%v%I"X4v;hmۊ$I<JgU-5:hS FPt}y.yc[ZᳬD&g,#݋u D^RyE"xz+QWg3<;xMMf/Z #ϴlXf$ kJfb0vOkXKwѲfV\rSl.]llͽ(2P-BlYSĎD4gXgnj,5v8sY_Y-ey/#J+ΉJ,gۣX[y9VcL%̼#/_5aUoVAPZqQ)!@fhdwN'cM$| yE˼ 鱝oLfk@BFҒ( Z[[h-,lQ$C.Oc([Wsz|kX]>#F؂Xٲ`0O7Q~`4goנͦj oD=V-Ҳ+_E"OEa"bsU&:kՉv6T]';*[W8ֶd .O&˛,'D-D cg;q:,K{v@Rsf%ՎdЬ.sI/6E29Z.RXdGDt^lm$1#cG8giŎ^Ŭ)FyWyE $K;, 7OX-^Wc,#vbK/ H,щ%hY3+.)Z6.6^6%D;峔z TJ4nM3yM1sy)%棋D1t,|b6ybXL,:3Dk4o,=kY$b9efɣL,^:o6yd._fbRVl J,%1לuW%XJB1>)t[Vۚ8rEuv+T--[kn6Vˬg`fD1l61+h-oCi߈2"2%)4nY s,S,˜ټfvHHTtdi|r~pAGHHTT^[TXH[HH^^tqtee~{kp}t~~tHttHHHttHttd|̜HtHߜHṫʙ̜Ռ̇ւޗ̚әӜՊ瓾飑ʸťգ֤٭޸²ѿ՜߿ߜٖȝҜߛíݥݰɸң߿¦Ϥ̭¦¹Ѱݹߜߜ!,H*\ȰÇ#JHŋ3jȱǏ CIIN\ɲ˗0cʜI͛8 ɳϟ@ JQ)*]ʴӧPJ((Xju׮` KvٲhϪMv۶pʍKwݺxw߾ Lxˆw k㫏; ʘ/kr̟7{ ҨOtԯW ڸovܿwȏ+xϗ'ֳW;v߽k~|ӗ_O=zݫXϿ(h& 6F(VhMc^ӡ "'(!/ׄ8"J6H#;Xc@($CHF&$K*YdP>)%S:IVf%[jYe`~)&czIf&kYfpY#ci8b*zu&袌6裐F*餔Vj饘f馜v駠*ꨤjꩦ(8& ,N)7w뫱*k&6쳡δVNK+>d{m-*! ,LAmSk.負. ,l' 7G,Wlq?389Sîgq推+"(2/q_Լb)s@,tDmtHtL/tP?-uTOmuX_u\ou`-vdmv(튃܋80=-b0{_۱S̰}sٌx?.yOny_yoy=褃N+'܁NN食dݬ r,-q3 ~{*'7G/Wogw/._:ꃠ/mξ_|Jݮ7@L 2 '( R 7r !G(&L! W.t6 aCu /jhC"P<$ /LxF,E 0ؐIDweDz` H2hL6pH:x̣G9cqQ'01,hbC' 9H𢏘̤&7Nz (GIRH*W90L`Ђ!l JXb/Y@[$.f:Ќ4IjZ̦6nz 8IrLG?r|3z̧>~ =Nu4-AЅ. (D!*ф*-hFzQzhEA*Ґ#MIUZҖt0u)K_*Ә3ͩMuZӞt@)O*ԠCMQZԦ"uPu*SJSEUӫz_jTJVuf-+Zzֶխi+[JWuv+A׾ `KMb:d'KZͬfzlճmh*ZMiUhWKmnkoKnr*̅sKZؕnvjwK񚷻ݫg;[c|^Wů~7+w>* #L [p5|oVE`'&qQb!K)uc>qL =&;PL*[Xβ.{`L2hN6Y͝}L:xγ>π^7KBЈNF;ѐ4яJ[Ҙδ7N{ӠGMRԨNWVհgMZָεw^MbNf;ЎMmjSζn{MrNvMzη~-Ox;'N[ϸ7{ GN(OW41 8ϹwχNHOzCj+PԧNu03ӫ{`=hOڏ2[kN{d읆}xNFo;N Nu,ȼ7{GoT!z/C!'Ow,C0!OOmB( Bz,YD(<{k(?5-tuvpOϿca X* Y1 ؀v€8( 8~~&tː 2 @&x(*("b? pPgV  *YJ Ns#)z ɘ fɞ,0_晍)ڞ,jGʚK zJu :Rz9ʠJh2ZE i 䠢Y@b4JI iڢk O@:: (#\i^yzPꌺS j9`I! z*@Z9Y {(۱HЈ"{;k({ +#۲%['2ۈ~v8kP3tH<@w5D[aFJtHN=W 7T[V{&\۵^T9y`[f{hobti۶npKmkiv{x6vΨ;ƷyG|뷀뵆+x{Wd;y0;[{[rָ{P;ǹ眵;+ۻ;*Aě˜ @8؛al;܋u{{;d۾ɫ뽕wyWywz' yyzRz{ zE{뾤N{||7}{(*'G}և$~~3lW݇4|;:>,9L~l{~P|O,Z\GXN Hu"hgkhpqi|m|IZH|;+!8{زR0(L)18d{w9}̈Jܹ+D ۄOɻ ʦlN H|GV Lܽaxz„h v[ܞgkxxn˚ nߊ ?j ڶ"ZޟCZ(~*u,jmUe:QNߥ=EFݙiS-t^J ~"=e zJwhޣ6 m>:[it.봺y=8וi^՗JM.&طsԕI` Z;>3`:Z[cln :7Z{^칷o5ЬMړ}-ьRy,_:Ii݌힎^^戎nΪ>&b" ''Mjך-"ͪ쉾Ȟ.@Ne jq/0vm0*,]kÖ^IN]gGw9P/"ZɕY^vx+֮mΖH?ϰQωƟ>켯}xb =x.ܿw7+>oow<9N@ DP>QD-^ĘQF=~RH%MJ+ũl%LęSN=}TPEEzf̗-\4ͤU^ŚUV]~KR*˦PVZmݾW۱.>Z7\}X`P˚e&bƍ?Ydʕ-_ƜYfΝ=ZhҥM>[0cŊQ[lڵmƝ[nQ EpōG\rFܺtխ_Ǟ]vρ]x͟Gcݿ_|U~X«D0Ad;p*&B /0C 7C?1DG$DOD1EWdE_1Fgi/2H! ~c#dI'2GdMIߢ2K-+t/SL3D9//IL3N95N=O?;t,BE4QEBoQI'F$PL6ySO?ER"sRAE5UU%5rUYgV"uSNwW_V4M`E6ЄUc5UYi1f5\cgO\sl<]wgMqu}^{+w<^U4*`R}aR by/cX\G&y7dWvd7f9f;Yuɝ9gf 9hLS}Cyhhei&e:k=s_q:l:j;m٫F{m.%g K؆iZoڼi`vWc8:c\"ajztCt6Gs0X u\w&e]7tsmLj y̔y9gwȌgx7~-7zǹGzz_yyGݥ6x\{`C \x~ J[`Nqy7@ wn `&Bp`#kD1C2d yȻІ8a7@xoC, E|"iR-`>?*Q;Ԣn`Q&(A[JȒ&2SA09",^!GҌcp4(@‘{7JUcQ )P8.y\062~(eS h;0Qxn^&w fpy%7e2%6 W~nsM'F'QzJG󣌓)Jgt RO"4&5'Ѐt"z>h?Ҍt[&7jjU #Np q$#FS3Z&aeeok|1`-(y<;\4gX"VD$(FdCTO=Yy#s#AgI/FQGZMv[Lb[XVY ms:2Mlk]Ùд+YD-[rҴUkجV}Q掖!Ɲ/gT 4B]rR v#rTvu%tqJ~[ 6+s[%0}[l9 ߵƌ+ybMzwKzt`'οOٕVlb9}FfɎ+6N_.1 =uF2E=o&J/ff|}A dѬ%M%!oζyAmvV$'T8zF.8%慲 +FT_z-+]O;:ƶ-Y٦Wj3rdqN֠a8rZ4=/1T9.`!ݦT:ӛ8&?ko޴u8(_S6Vu[%qVow->pr;|r[KSc > GtMOWۛgQͦUp5xWr|kqU&MC56_:t͘xYbϔP^`d -7]x&=| -LQ{{[hz }9O|~mֵVm I~`/{Uj1(yQ_*w\#.d Բ{飒si/Ǥ>|}:U;u3317 gC!@裻pyNq4#@LbBtc,4Wc@ .c[Rz<@9t?Ԟk;@&BQB8JB@˪*|1 `% H&%T2¾YZ,]N=[0[VB>?s#+>Go"-G2 P"Cb[C8~{*A a+÷JEJ)*zgCr}3''zD4)S+fùiz'rB5ºq+>gƄEDĩӳ&=.N)>-\l"˱SDG5T*x1˥6ӲPw,1 G ƳB`n:*LjN0-o+pW%Ȏ /8 p:3Dl ~ILp+ǭ33|!+ʒK+úKʓk/Eh@TqH?>7$=wT^; ò:K?[ʷ4>5j?;^#> JAtrdA4vJ<ż|;ƄLwqID\AU B4\AքN3Ԕ̴ݔMq㌓|d3Malt;(yNռNdIdO!k|LP!OYxrML5<LPOHPͼ \|MQ,EpM(Mt% 5N@+d #U E& u(]+ ( 5/*PC0ESBiJ(Sg |(`+ة#B>?ӖT?Ӛ' B=4%A}pg9 yp<}B AmTՖHEeRu԰)R2eUxS@~RPATm |hTa%ֿ;;Ui`~XS~0Mek#g_k:}DV`CU-uSZ@xEZtu4^A<iЃ~x X~mZ%\=؝"hXQMU>=U{j ?eXTvV0P40Y4tH;ӕWi؊Y'S}Y{-TmAUX}?@Ukً|=ԞYqט@!Z!Xp%WPMZ[ZEV:W=Tg~pcMԿQ؇Vt]ڥiږ@!۩ZU]=ۡط%ZbqSUU[P&ZUEۺ83XoLiӋՆMXWEVY-Uս`mוm\͙e3@ӏUe۲bVlM=aV=0V[Uܿi[]앆鵂>PDmcWk߭5StqR]{&(5FSUP.`H`$` m `6`0v6a _ Rv`m+Qa'v "R"Fb=%Q%v (&;Dȩ Dj4I@ tZ( 9qnH@X(K*@̋ 4? ?Ą,b5`&?*ʘdR_cJn d9Icod=Je'݉C6D%a<ʜI bfZާ)zc]J H2*\3dVPD4`ZJ gxb?Ҧ_ЛDl&j^f% €Qfe<*7֠_ aF0d[vD sJS,J'}*f}֪"8P~}~ii9d5z7ʢ!b%2.iSTCs4F-"fg*~!}j8'M]VjQcCn&̂r'F뼮@Zzf +Y a M96g \c6E䀖ʦr>|'n„j4JX4h*fN%bg5 1O9kNFl%Rn@a ImNl88xm>k}nnisve^iն톮c8hoSnn~o>*~mm"Noʷgn\N<(iSxn?bvΦFɎm8j~/զƮnqضm?qOμW"Tf9icbĈerXo ;'n?#j"ퟂ̎d%:?VpR~ >ss*Vm476F~EfI.f~CV/3%.Vf*gXONno#ϮnF'OWJg Hj2hǣ_ym^^JouZ3 D"Gws`gcZQuІYAEa#5jjY`pw+e2Y4e)d@)f|ba~'7GWgw'yGdq~qЇw'7GWgwz?rd'g ww7{G[Fy65'7GQQՈy ɧʷ'7GWgwׇؗ/_nq{'7GWg~˷}k|~~~J-Onx~hv' „ 2lC!R8Ō7r豣ď"GT$ʔ*+~2g&͛8kܹOɕ$*mӨ J8*֬NjjװR[ӧMDgsLC- VIxR~LÊ)=zvg۠hs+wu&yS[z4걧S#^u޲fF~Kmi7la'}58œs\μ0ُʕ[!vyrŇ>WQ_1ivY;~̓na2{ $^4}g_\G~VxAcC;lH;#xb Zdb"4`D.ahF|ȇWB" Џ,"$GД c UjJF@RHVa mYteAȖф]~ɝ] .$С1bb>(vAХ1ʎ ӕƩͬBM*Ц BRA$FLjj"ԪފUzjlv!^(f)Z"Ұ"l":x(.WَsXj`:D nݮCnésmKYfjq&IJ162-ی+ϫ:!\3.ĔʬsG\jJߜ82+݄{B;^4mM֦m44}b4 * #}jFݶ%ރҽ N2J}ۼ1|$VLAzIá+ ܷC^豒xF*+x뗫(Yj_H?[un66)wf= 4w"hBɞ1i#ڷ*o+[h?bp 4)dm`PTh 1RjWS %OJV s :hBᔦ Aa#8z(zJ` "UGdXt9Kl<,, OCǡݒt趁~>ߺ/JъC Z3r7ySpL鸲;:RX\p,NMQŽE0y`K'eĉ1:dtGȸAX0| 0& A2\J:; C'FyR aP%+wJ2UrTٮ-f7]܋>SZEcQX#^Tv'2%!Ryt$?Iho9[\8PFp=8Y-y3Wu#^4|Y5+ы{?DqoM=~ Lv麻XSنGGc//H 1_CJ򠇣]tVҪ{d8ӛ߫k[H1h?,/:;"zPnEbN+j,PrKbwKH3Dww~/\*FJ1l@p1i#;Vx>wD1.{@y l0k:`]䧭4eHIјߜYٚyJ! 0̠4$tΠe ^IBӸz@şmN`O^r TNΏ|No) ɽ UݵK \@~ZRo   4<5@N5!КA`З 𡙡٨ъ^a}!>ފ^˳Ei"}v;=LNЗ%n!g an"#& ˕)2Qb#%"![\l-T\ I`/ Mi'Gձ_>~!0a%!2#.F="fI^Z ݍtBZ#4*D[.Ũ|!| %ͣѸaxMd r@ϩ|ُ꽣uUIONIUIʈ_♖y2Mֵ$mtUm"UvZzxdy8*X1lI}m-[)W#{U%~)E]26Fb6=fddNfh$R^A6eUMMe:eihV!cR1e9_AKҦbJj.n[o-"j)%hfDr桍rfAs"fR"&~&BzvAg&Łx^DuQa:vƛyrhjy6}6'}f 'aal"~z`w!(e *t`f*uAdn(v~(((((ƨ(֨(樊1&qf))&.)6>)j(uZqGen)v~)))))Y'L橞))*j)(qJ>*FN*V^*v)6D1cve**jnja*jz*檮*(:ޏ.b+&.+ZǢi&V^+fn)b*n+<,k604dj7kkkyC bѾ^j d?|Ꝏ&lk«iÖF^,lf*j'b,)2!Ȅ7(v<˦LtCl?,J̲,Mt0Cl2.l*m%l# %kP,2m@@lѶ6m<Ʃ'V^h-ޢ)&&@RL^Bjv^B++& nvjޞRl΃#ګZ:4ث.o6/J/N/R/,ļz2nĞo/Joâ/A<@ji盛*e/g6ق-󚭺-MDRo;p6nZj/pKfC/>z0Vp>l?@0*o.o0oz*ʰ DʮV0/Ϧ1/n?l q*%`@ Si o"-?C1.#n钮KGnncB뺫 k@Cr &0R ̞0M|m_.DO4E,7''8GAWG4HjCw@o&+>Ϫ&`6aa6b'b/]br6cO6eWe_6fgf_c }*h6ii6jj6kk6lǶl6m׶m6nn6oo6pppZu*eH/7s7w>:7uWu)t;4`uwwwf7I𥁷y7zSxcQjz7|zsr7~st78Ew 8'?8dt*8G83M_8OcWhrw8.sxގZf8rK{øxZ8vv979ǦO9S4hxo9iww^9q99ǹ9׹9k+9::'/:7?:GO:W_:go:7g9q׷:zs:ic9vƺ:kw&:zws:;_z7;uO;W_;go;w/;;#zx;7[xA{{;y{{;As:ŝ/<7?FTr|~pAFYTX[H^pwee{kp}sMP~uGsrFFHtrFttd|̜HrHpݚFr̆ʗ̝џڌ̇ڂޗ̚әӊ瞧듾靽˸ťլƥ׸õƲќ߿ޛۖȝқéܥܴȸҢ߽ĩIJå¹Ѱݹۙŵȯɵһݚ͸Ӻ!,7*\ȰÇ#JHŋ3jȱǏ CIɓ(Q$˗0cʜI͛8sP K@ JѣH*ҧPJJի&WN"+ׯ^Â+,ٳfӢ]-۷n+.ݻvݫ/߿~,0Æ#^1>~%6Vʗ-S֌ysϞCw͹4hҧMVzu׮cͺ6lڷm֍{w߾λ8pǍ W|yΣ7μ:tWn}ݺtؿw/|ӓG^y߷/~Gy(h& 6F(Vhfv5vPV"eb&+ĸ*bP2#8s(dD8EJ6yI>)eT29UBZvyY~)fdr9ejyi)gt9u‰z]5X")ΈB52Z#VS莃B*h^Fi馣JjꪳJުkKlB첣i5jM5F5PcTb%ٺm^mҫoo,p p GpO,qSq ,r(+r,rĭ5✳UXDP;NZFb8 J,)8;}Q5_m5c-gh]ivtmwxyw}݃N߈ 7G^K^9[9sy症mOlo4n5٨멿+( 5{k nh3|?/}Oo}_}o}/~o~蟯~~/o"3Ex{(?kOEl1b\ ,^ZW Cxk#ȳouG(< S0| cHd8̡R+1@/8$ :mML.z` H2hL6pH:x̣}!G sHH, A ! ґNr %(G)RL%*WV򕮌%,g)Z%.w^ &0)b\ 8Lf2qX!iHpT3iMoٜf3/JLqf3řv~ @JЂMBxd$a!! h4]fP"Wr(MJWҖ0LgJSNs>HB (jȜu:OUΜAQÑ%OhT;ԩv^ +X*ֲfM+Zתֶn+\*׺v+^׾~ ,`+Va-k8ĂըEcK,f7r -hG+ҒOֺlgKͭnw pKMr:+ytKZͮvzjKMzW" <yC}_ . /"}1a CL(qK,cL۸8qk<L!Hr#+L_V0:*Ynpefof4^^L9۹x=πMAЈ>E;ѐ~#MI[Ҙ^O{ȃӞ4?}_OӣNzէ&uaY֯sP:ծMa{Fv}d;{n6-j36ml{{6-rsF7mt{n7-z+{%6Y=`/p?O#_oa;3Xw9Gq?Sr.9grל/ss>:Їs??ғt7Nwj m-˹ꋍ3֯_kYֿne?_N;׮n;.vϻEOO;񐏼'O[ϼ7{+GOқOWֻ=gOϽwC^OO息;ЏO[ϾwO3OO?M8Xx ؀8Xx؁ x"8$X&x(0284X6,؂7؃>@Bh9w.<8JL؄N؄Eh;TXVxX(QxI^`b([("G؅cjl(ehS؆r8tX>>v|؇~xׅPwXe:a  0Xx Ј8X8hSŊZY8HXx̤@\a  oXxȘʸ̘d@``XֈgXSp-b/>"X)税B 0 oRp؏HR'xթZ*(SʪnzZ`wbejZJ,Jnj{y.P̊(p}ۡ1:Zڱֹ`Q@Zy9Dꊭ*B?C(Ъz8:ګ* kQ* KժǠj JᰪZZr;+9ItoZ;oH+rʰlڧ|_ S4:Rꨶ୛.˶庩犹[ʜYZpK{w*ʧ{{Qs5?S"It~j Dʣȹlʜ!ɲ$K*OU6˥ʯR/۟ ;۹|׺$Rk I y[ܹz(ؿ$Y{',+"{۾(<|.g\p4ǐ5: <;@+ A\F GLCR<ʨ8Qʞʰ.ʋWʲ|˸\,|ʹ˝|wgl̽l|<͆gǬ͂X\x載8 ,<\ϗΡl= L l Ў} a|ʿH8$͌Y!-%.0x+=2]']Ӿ,@B-;ғpCJEm>K#=-R}HO(b=(i_]`@lnpYadmt-xx׀؀hk-؈lMum؊؋=ׅ և ٖ폌LaZ nY %IIڬm =ڮMڢںۯڲۻ"i۾=}ܨK-Ya]@YӍSAi  =ޝޕi= ܛM\mN)}MDOIQ n .M nWX%g=e ~,n1/5>79;=pIw]mIߪBp$LUnI֭J|^`G“ c~X<o~`ut|b>'ܝ'^xܼﭚ礍.>p葞^ 攞\>%eeYJ撙I<9=˓{n(eknD+Ty=Y3iICʋI,鮖bU*~z뺞M< Yμ겶 LDY P :yiik>UɟRi:9* ߑ !YI)`5@Nα-/bP/o#%?@k_Fќ}VEIRJSMV*nݮ0 @ZuZVvAF*l[I厶WOmHK YT>#9/L*ת}Y-c"W߽nO*KptvC7;ZJz.On7O_f~?^Kы؏TOGj 9ՏAkߺ}YnHaiN1 ( \A+ C%\&E 7!D}~a}:$b@  2mąL%8E3噜MHvLqgЇ%w<(EBM;V54vJ.avm0lL #cW$dZa4m[dɯLN q<Ѳ][ZBkES50WaX(ՆnXrԦ5S T%ya R'^)QCew'fu=`s#7≔o?i9w'ǟ_~$p@ D0L0J6˷ N+y&R.  -#ۋ!>L.(9E}-y+iE2d;6r##) COt?<ΡpI`rE'3p=TTKP2KJTF3I2 dYgA-ApcGq{MU64\ R1C\)ה'!wts4*b zSFs-Jr8}n`LH8WYN-!2aPp/X`[,V 5VX~dt,*֤ &s5fEGCY\3:ΊE }?!p)f:$2Пdsj7P*ͪjkcCuݪiceg%s=0%j3VJJnMKk l3K2rNrKݺp[vct/%CeagD8֕xWyn8 S{7w1IwW3D26u*-DYBFJy'{^ǫLxw.a0{]gAAZ\ e}s}@F7u6jIy& "\Gv'WQ1HS1q>s]q^1x#Lط>)&p՘cIF;X p#6O2e,b7x<¼Gha UelG$=Rd 8!+J0'#H78JښJef l)'-iFs\YfyD6Sd)DᲔlKf8s7TP'1B,v~"VL|0ŐI(f 98rfCV#ЙCs>%K<9B-Q~j:8L*U] (9;Їا+ VRHQsL>@뷤 ^165)[t=hBЇFt-;ټ\t%=iJWҗt593E=jRԧFuUl] Zue=kZַ}`m׿v=lb 4 {4sk8vOtw=nrFwMxfnz6]o~]lԍNl{*p ;3~qSF]"ohCUr/ye>suL{畇=TmT_1ubTc^/nvn_nh$K|?xG|w*H'W|~[}yGi! AB4h`%#Ao>?A^ȯ}?}? r=]F(&Ԡ{7!07{X?x~g s۰ 4 ;,@28@$ cC63ػF Ls?pA\kAiA?[m/03t\=I!,%t/$/.Bj'C >)l=* ;!$Bk-˱60:$CDSL@BDT@!PJ@/x\Cʛ( ` RB8pѨZb8,.*hbQ RBKY(CCC+?L8DA8f!؂rD5&I,Jt,K|!ފz{Ã#X|md\GtDE(c^xH?da˳\DIxHHH\iHA `׈%ݐ>ʌP 0  1 B-x IP ` K" 8#՘ڢMJ鰧*B%CMb+vwCďI(F`Dǃ8HxDK^KH9)g_ JNĨdi&qyN .TtAƘH)Z ٕ;=ypBATPacǯ*G˲ D@K H mHE#hxNn銨YDQ1iQr |QPXNlʄl)In.ѾQ᧖%` SZJ=űaT ENcGu ՏD$bI"=OYAU6rIRy(&&OT$TM7q!0UYkP2}>\ =hK̊ZSS\?y QBUyY $]H Nʢ{QVhPJg2Je"TetT4̭x&y*pUF| iRl֭0.zKHdb/]Հ512M{8 DeX^V;m+J'P*9tr y+'C8 Y.s'ȥ**2|%ȼ)")aڷKyثMt3,VC.ҊFȊð,ڶ:t4ݴ4U[ҪnY JU%ܷ<[mں J ,˭V-WI[ʵM1E,54U6Uv5]0d./B]@ZW=h65 ^5eU^u^Ճ[=De{@-2-6m355)Du5\%&6FVfv ωFVfvaI&"6#F$V] %()*b!-./c V063F4V.a2vb89:;<=>?@A&B6CFDVEfFvGHId,bK~5MNdކ;#;'SFTVUFP3 vcVZ[bW.eFX6_`a&2e!bd.fvgf>L&a=hlmiQ^Lq&r.fodfsvwgZFg^Neux}.g|!RFfp6vFva["ch{fWNffkhFVi%L{&蕖F閖e{艦izhj&jhX>|.fjwizV椎馦viꮎfpi&Veߣ6fkOFK궖䷆ff뽞be_j&"뿆i.fVk}ƖvÎ긦kqm lVm.mf^ؖmm~jnmmN6nz:e`_(hnn.nn`jhY` n&oV_no>`fo_pp~ݎlN&&pppfpw _w`_?_Gq"WqO`_`vqqmj oo놀8nA;`+Wrr'_rhs,w&0Au84r/V`5o7Wphr2o-g>gVs?nABOt3)?-'t+1?&hXt,N7t4DonR,-2v[sOHumWnUswGu6v0usWv|zouGsswJt9GqvovoYptufqob`޶ O0;WFQ/y3s87s)wn_ypnous&0w_gzu`yhWzy_znz=q;ogw{'{)wG{o: zG:zY{Q{{$W7}?oGw·zo'}{wp0'gߏn}ޏp>mOouPpj~0OvQvw&tuЃ?0X?}z_7wd1RZY8ƌ È=G"Ȇ WNE bT,SF$r?8oTL53J/ zRƖJKlJjG`i&5jPT6-nQ] 7X.!ۼ1O|˾E'@e]oFE{58PgU"ݺ톭b0|lj#KV81YB';orbyU6n>n* L.|`(Zg6!s!p>z0n ! D P&](2qT5x-r,̢hC02Y"FA#Qn|#(9ұv#ehF%It+b)A<$"= j\#$IR$&3I0I}#IQn<%*SU H(I)K>%.sK.e#?IIf*J&iC+|f.{)Ҽ/"37MJ*&89$isC<-K ~bLз9|O UPVtM>Y87Ba哣#hW&=)#Rl Х'_ZK՛L_pښe=C$U!WM ERj)$6)t2qAkH֠b[gC)ZӪti<0ӹ&@$ /S&꫉QѨu!vM^R5V[%!qWѬCSM$E;ih65*.Q)e+fr0v0 ak>)U1\x.mU]L.zӻ&p-qe.E_Ot0ƄmlcWv߰xJ/$2^c ~.1Rd݀^rW hV/⣈Oe5e4AU4#-iE2ZHj43@Vzɗ4C-j^~~GU޳WYӺ֓/O-&ۺ׾f5߻k&tVb45gSvNjksvmo띶mu؞3-y}^6.,ѱI;ܼf#.qAN83>G{8I:9Sǂ|W9c†[29rO<>9e8nC93͔'s&"У^ǻϵ\%:؛-?]εt0or ڣ䌇 zi,wmqaH3U'@z]N NrU6|  Ơ ֠   6&.!6>!FN!V^!fn!v~!!!anϡ_e!֡!!L"$Fb "'I&n"'v'~"((Rla*"++",")j!/b,."//bbF$ *.#2&2.#36 #!ޢ3V5^#6f/B#%b*j8#99!7#89;#<#4:r<>clBC@@"!AFaB:҅.$sBZCVUZdDң~!Fa`!4aII#Kc !PGFz$/($N"NB!A~blLeO.!Ha1dJ`!$SNe VeKn6$DB <` @.EG%?HQdA C ,\ҥ]*!^\^%PzdT49I/C^d@T`&!Qd Bd^ }d¡HR#~&kk&l&lj%~=&nn&oo&mrp:㵄bnd|Pz&?| |fhAx('tjKencc2P>Rq"DG~yV>%vP$H>MNxZ&yCEgAgs2gAfiZ{M4EemnV^(f^ڦ5TC((=xpƨ2z^ЧA9d6Xހ9ԕ |";%WgvɎv'@~%*Jd>cIsNguF)J&CQ9*%L9h<'hg&eS2h]&n(ivU~6j*6j2 XhAgq2(c)y瓖*.AnE&%~Ggr*aVjJo0enf9x)}%&(S.ɍN6J%*&R: hf\~Rrڕ"huNi*x+@4}z.&"+xkc)Dhfu>a+i82>+nhF^V+f~l,d[y.|Ctjv앆꩞lz%vRjA(zC&)ǜ÷Ql*z ZbF ^%VZ^erƆmz,Ȗm+>f)g"R kY 9&ia갶%󴭍*)$Oxk {첐-6, jnv~ؖn¨٦n.Z.-*fKb.jn\bh0Th.ע.?h.#,.B*P2@B5$􂭋f8V3M^^h@/B5X6/Fo#\jC7(o[j?p2zon1>~/ Ao %Cd=|55,C$6԰-6("@6 {;B//0 <`/G#c^ p/> C o ' ?1w{ o 08ذ=hC0B?L) ;0 1*C=q r 6O2%c#n. x2(@9@)A -\B؃Ё(C r 2(ױ08lC/r6603@:̃6H:4 72+33;s:DC4/3://Kr%38g%Sjr. -3 2 q*;S%99>2;.&864ASs;h35G2o#4D>0t>tDOt.C'4A6{s8H'8 S&;p@ @:s 8A:AK(CtK4 ;(COK@@j8,5S/3DB>R3)C4DBj]tDgDoFHuS/5H4Yu,tٕ3JӢJ [[˳?4- u@^? [u\@RCX3SGu88#>C0B;8$tCcSecfCu;Teg<,v8Yj"nAe[[C_ M6 <:`_lvbߦ< mBvE?<00o/CD=H7uCh;:h"T=$wn&76z#tJ|nӷ|}}w}|q=l>=F=#sf?'8p2z_8+"{Z&/~8x=>fCÊ8oxxWx縎;{6|@9'9+7f=>Lø=h9cW9_xoy︚v.3[&lylyklfcyk9s9_y9G8ѝ惪gf 䧏:z{z::<:[j2bz::+;j:'{Nmuxs뺴gz&:n^;õõ涣Crk;o{S:ujV%׻;绾{ gXn/2?|'{oO>'cWb{闾>>>뷾>Ǿ>׾þ߾>>?/㽥++??W_O?o?w?~w{???׿?~;@8?Dhpm F̑81fԸĊA9dI'QTG/aƔ9fM7qԹĈ5ܦ!тF k(i†M>%Ϊը@gP]tI*ll6xKc%XNt53[lASayK Et̏\RK0Kd- ۋ8%LW}U}tLpqj[I]?u @_szqHYSɅ~u6 SR_ėNBxhILH$2vyH75-#8uA@B+|٧ճmM"8H`OsMg-t"b8h< S b0cוε/9 DhvAYcz]Cև$iFh?!"i@hddIݤe14Z6mGX]hl^BӾ0P3pp{TFG7Q!(e}eKvb2JUL MLa-(ewT%76OʂA(Q’#RY vSL%5;'PtZEKA Pn;dQN>,/EzPfdh7iE B;ZOpT5L3VFSҖV ;>*S|~:& H[ωb%\O3fmz*8(UN!RԴg_-jT*ѱӪY)[V=nk83 5=[kLzXVǯd k\{E>ǰe1(gFR51I{Z._+ԿVxmq[o\5q\.us]NյrȆ5mu^񎗼5yћ^mvc ՙn6|旿`x!%`/ v!olKX!a%6QS8w!a 5mc=1~Y'xd%/ Kve)4#u`TRO>nrf1U'/Lnm&g9ϙ1C]jypg@Ѕg{e٪G04@Z҆BiJwtg pQ}bDuXdv *j)cz)qhPϗ ?c>2|(:t ֕5M <&a;7sk ۥ՝kdM{aWu5o4.N@!Vx½n=6QbFq06kQ\yO+˽VGA` wQ|Mf}mOlNې/O j;>\1wɮ'◹_ G:an٬O: bb(D .Aٔ BoN$bN$RN pq п>OH,&":-H/rn -a 0[pخ0P  ˭plCȀPn pxlnho!D.F2:0q Qaa@Mqx΃Ho2! MhqqRQ;ND$sQfqb*(B1ɒQ /"/qkq )qƲQ{qUm q9o?/ ,"r"P!rb"S "9#S/Q#$ Qr% 007%A#m2'%9N&m$a2pR'(2)L!A)P)# **ۍ' $R%22,ɲl}(,k,r.U)1˽r///30s0,u'-/011!32%s20r-Q-83=3A34Es4I4M4Q35Us5Y5]5a36es6i6m6q37CS$ O7s88839s999y#9:3;s;;;3:/3S(<3=s=ٳ=S=37A=>3?s?<)a? @ @4A@+ljA%tB)B? q(KsCQC!D?SD93 DS@LSESV"FS48z1 uֈ!9i;owxu Mw8~AY mv}#"hpSuYFYpeQDl`}CYIM xeWE 6eCs0wZy9T-1jɹqv4sC^9}mtA1B6 A Ayhvva zR!Ak xy)Z5=r9ٝkG5N}֞QMW4vazd:_Z:ia{w:$zZ4569ZN3OEz !hQZ@J:hAP 6\!|zaz 䚮azA :T4!XWgS2{O!PZ̠B;57)t!Tzqx۷H:;5鹭P{Rh|DZ`S໽[­amaAС !<=]+;tّW;YY \n|[S[Ç|%0\£ A"ʥɑ|ȅ9<̛)ۑYXO @i޼\`Ӝ[A՜Yu"!ڡC!"!ʡ-} =\A=7̭gY^AM~*/ j~빾~w^]Ana\q5Wsw~ Y_@~uW!_HA_+!A=~P^ҪuU[Y\+7D,_mC;GԳ5DP~P?Ё9:ٿ3/g_-"8_8ϟ$hm:|o۶++Z1ƌ Al(ўHt8_[}\lj)Cn,v!r ѤK>:Ձ+treɓe_~:ݼ{ <8oa}vli'3=ԫ[8AaO<zef>_?n{E_ .`?7Bk=a~"tNa|b.cVH|&ֈv1c>8"%Ƈ*cJ.$~AX?He6eZnۓF&9efb3B9ٔVIgvމgzg~ hJhh.h> iNJ7ibfi~ jJjjj kJ+$iXk lKll 'cy)NKm^mnmnVm枋nnnދoFڸiLp0F+el& qOLq.L@lq r cf,*r.+Km6ߌs:rsBM=l2E/tN|t4tV_5Qm'g vb\5jv*)nMwN}b׻w~ߌwhw^p-sʈ?yʽ2KyOPV z袏Nz馟zꪯzR>_@{ߎ{{|O||/|?}OO}oƌy-3 ~ +ꏟvߏo?M|,'} l@9p"x jp?p$, ?Up,D`ʐo` oCI͆9&pD Z W$*qg;Dŕ}Qijp\$0qd,4djl#7q#t;PK\_L\G\PK)DOEBPS/img/vipconfig.gif41GIF89a !!!%%%)))---222555999===AAAEEEIIIIMLNNNMPOOPRQQQUUUTXWYYY^^^RYbTZcU\dW_jY`j[cl\bj\cl\fo]fq_hs_htaaaeeefhjjjjikmjlnmmm`gpajraitdkvemvclyenzmnphoynpsnqtkr{is}jt~lr{mt}rrrqrtstvuuuptxuwxuz~zzz}}}htnwmxqxryu{w|w~rw}y~zy|}t{{|š¤Ǯʱ²ĵõƵƶȼʨ̺Ǿ¿ĺʻ̽ɼͽξ!, H*\ȰÇ#JHŋ3jȱǏ CIɓ(S\ɲ˗0cʜI͛8sɳϟ@ JѣH*]ʴӇJJիXjʵ+է`JݧٳhӪ]˶۷pݷ_?a׍YN p4ii[m[m#Gʘi̹s̠qQL2ʼn6Y^W7RoN$"Cvɣ>rDʮplPCbygУqΩϱBTMiƝҥCW9q3,s1J)DxQ1@DSmF=1ƛof #y)\H2LAo 6*¨rH,T FiAET׎MGKAER:ݧ$b 2 Rha ܣ^O> boja$,,  ׄJ8S2u7!x0>,фOTQ`AkTG{ȼ$Ƚ6>oȼkn`Ga.k)RK 3x 5 ;PMo>LqHBJ)"0$ 5`N8S:<&pC.9G't{Wzա֪Nu fkHPT`BYs/3y,qzKC0ґ{gD׶|:huIw^ԯx8s$yF=i- kxMP|b 1džB(8Q,PK(*R.؋= D! ,r2AB6+`#0:ґDȣ{hgLdpH|Au7⁏ ]qb&/xQ; ^ܢH*WVDe-fYSڲ%,w^ւ;2P+2K"f; nd#f4|mv '8r״f5vԆ5iNr6 y~c 沜IP%QJR|ŇD'JъZ=!wc;GJҒ?wiL_u4(ͩNKu#̨PJԉ>ԡe9BQʲPTJժZXͪVjBԡ>ղhMTД4`B eх,k\@6m=IP{앯=Pn%]DuldaRvf YLd+< &m;{}mlSVّd1]7pXp5KX!\ո]EW{p\o nvG+~%I4 6d~(xA-P.߂.ymE׾o_ 4 (Iudm0 l`&$uo?Dux@\ m#u=cd5qwXD6| \(`@ū(b̐-D@,:4 @! @ @ ,ģlʙ 3g?Z ~0z v@ -i` iҜMkhaf/Bj#/̍c G6 l0hK c@2>TxiE0!VZ 6Feώ}lop2r DNҽ:e7|b+u Vpojs9 H4!;  9w?oy)n`\y r&Gk0/>\`{6}E {VJo4!VĚ7nѱz{?nv=X{wpxu7<0 9{t?[{zqw?pPhe_^|/3"zқ~O;z˞G= 7uI:<@D0}Cky !q{rэ^~Ag/~~w(`~!'svzP* V  hgww{7Hmx!8%xg U~Чu&р.(YDpV'+IK؄OQuTH^}7G(]uHgH^d{a( Fn8eX}h8GwXy-E_qq*P`.) @Hg w_. vhbX 0s _Hsp؆q8xX؉Xnl(h EȆ8u < s [bPj ؄C)0 `Qh P e b@ްz P)Af8A蘏Hh8yd`ـwF ِu0y}函\u ,Єfq .H 1 PmPKٔ!Hgx bXUNIpQS)UIXѕ_7 blh9xkٖos٠iᨈX|%0(Bc8_n   bu]Y@96dib9) dyٛ9ŹchuI l! `ɚB08Y0u< pl PPYﷇx :Iq!Aj@Ym ~ j/\99  jy( uÕ i TjEXKڤAaQ]ډa]AxZ (5:9XcpvSV[*jj ᨐ*@ A7fP* !QAK @)O )0mꔷ` PbhP誮SN!Zp麮NfB:zj+[}GyZ).UJNI Ipib0ֳ g  ?Xɇ"HRu9;;Dk@+dG UzKKN 6U+W˲ٜ1[8Wrd+K˝Y뒓+ɵș !AڲEs `뷖i%on6i DBfags&skiZlSVej۽hU f``{蛾jPb; s G 3)ۿ P@. [ n `_a^K  ̿ %̿N,\)F!Q]5 [pD ?@B=]'+WnZOڀM4T]V}X] \MX ]ո R[VN-RS aշPbp]G׀hjրV5VUSRْؐR[}َ٘} pmSUPUXQT }@`=ٕ]۸-,Eڦ*TEw]%S]}] Ľ0=up eb1XQL) 6]f @ŝUu yQEeQ=2nQ`87P;SLy @P0 ~QPnGTuaHJwUP igppWXtcA p 0n?^mCnPT$>}wqLƴcT S @_0V 0'V0d^\T9InIS4MTpnGt~c@B7 1 p~nQμq y!NP Y qPС1(`a 'b`p+Pe1iQ!pЮ!!0  @ ^8m fG bp#JzO4f !:#_Pb#>_! ^zP ,4n$q?1fp.P`@ P IPzd 'ݪB` `$q^j`o\P] (a'  wo0 !(zn ooP^ȾØ $Q ^} @+aϏ0">.p,qz㿋)`OuPB >-^ĘQFq WCTQ(]&tL5Or[`#>AA:@5fc`TҚD0ئ|jAx ox cXe&fV!Nj3Pm|)dT)sm0 }3`G6sy5(f! d_} > `tCv-ˏ=͵g6U6z+,`!:^Ym?y4hYȄVgXo> X!`duE~ bEyro#["GufʞH >bj7 䰡|{0$1 /@⇋QQP~4@)~ ƓP)7؏#{0@A@. >zI` Ox^R0/@'cI[hjp "Ɨ>L̟=|'~秿o_{r"K?v~/ؑcZMн@v5(?zr/Є'>6+mFVw ІE>nA af.?(VZ =-%|wt8ve- 슆NC;٣F):=?ТM{zUdlщ}br6@"6yR >,ć=HD2T ax|67ITBp=Ld (XG<1GE wl+kYϱ].n(&:qbDdG z9-h%%7j:1a7h{Locg.㱎 %[@6!a>ӊ'>OΑ@%7~D\pphwxFxw#d(;4ϗ fif q$u i%DubM?$~[L5-j, hnRe=BڏJ *2h< 1dp-~C XC0h,Ne lL!UG-} e ܀ ̡!UR; YS|}_;؅40BRnt]1[ًPĖ\l2[uH|x<֬y,j&dI-d E6 ܍5P\" !@̤K]/4_R"=j˼U}UP~H8!FO߲W#oVpB$m˒b@m0N+V+'){^ؼV׸B c(Zb1 ^FY*Fb^*rf2Mnf`'U*t?L⦚=sBZ;CYR՜d@ fp3[Ϯ4CdюݵQ ig?d=ddwͽ&KKөf>X h gI@tk^\tq-ejDZw.3*c{fvQ\|bb\χ~a c& {ĭ`0_ ~`!HvieN7?[Ћ<Z7# !t@1pLjh%ӄ9.8#`DA #8.[{"@_0@<L lA @ 'vQ6&t''1h9ȄQwy,v0$($C21h:(s4i#L%܂2&*,Ԧ-L%j%nZL9C7PEdFTDDTP,%Z%& M8DtP\DHIl&bBdA$DCDDQE7LDJl&eh wl\QP0cDda؇008Lh)/z\j]`g3Ȁ4/ӒZ`uxȄ[n%aF[^a4avÚ&v:x)@ƴX. XoЀX~A~؀ XM QocZ9>/$cz9ƫXv 6406)1"㾑.n㇨?>F@dBCFdEެFvHJL~'z6 X g@43EatVg#ȇbX T ˆPDc+%g騔B[eFF(X9 f|-d {gdr>tuwgFFu{~C<(0 d PVW2>]h^{Z"fnu(HhH"p.3Ui^inշ /=^ \pP)*j_ (s1P> 9xq: . {X` #88-M-1nN6?I-*5'n40Ub5FՆPn!XbLrY-%u< .Y BzxL%ob esKM^XfY!c>E$Z0 jx_1<$cdbd`آg9 NT饙)Se~܊k?u$h$ՅG Jm!jӯ I&[VW GsĀAJQYXKFW`e?w ל+ZjeB67/RcgJe7RWp\:뭻:sC -*Y;@3C'0}F;쵟yM: x=/>;,"Lۗ?>_~PnFSEsH>O}`_r^m` C(pB8/ۭLT[]-#-6s8BF؂s fQ-A rPN` ONt P c`1f<#1:|5)NyCbf(F4G搉f4KF .z{#$Ӹ6qqZylbV'Q<V׆6wGB;$aJQd]PMp<1N“/1|e,pE(4Lԡ<':iLh"1h2  \"T'@:O7,M<79΀RԜl;9YLop#.nQ t.m)LWz ˜ eX{CF6|qҔ1=*Jylp==ʗC=Qҙ⢦ܸRrQ/3xG*NC,.8v>.^1gxb 8/1m\܆X51[czD.K%33Ӭ5n~3,9ӹv3=~3-AІ>4E3ю~4#-ISҖ43M9 ;PKq44PK)DOEBPS/img/diameterxsd.pngPNG  IHDR|9tIME gAMA aIDATx}xT3dLB&B!$ !\ Z j/H[.[v+.vuۮKmb/Tݪm(V B"$憛&H&I{g>0I&s2y>''gN>Ӓ׼?9cill@bt@o")D;!h BRvB @H!)D;!jtSA %Lh5zFCCoc0г\2ďhZ,olQ__*aWItfi$= ?U@*UK7xzk PWxIjFD4G#>be./_\Z_r]ylv>r]nml'OfC͹B2vҗ#H6;`BD;Lͬ uv1[d:555*ȇ:эhh6Q#}"F0]CMvǣvPnHX$९d vhM]2AG'Py ځ&pWcF7tOgԝB=4Q@35-2-@+UntsL7יeLhOMwe: y.0@3= [d:ןlv vc"]~oF7 @+BRvB @H!)D; wW^ǚrݩi'l>01ޟ'/\o݃ y;a0򀁪|8>qܚ9k[~nY%ɪ);ԸΚg7fNSlF_ ځ*+ÉS&8>۾:[>$11QӶo\ʏ_vNK~:;[gh0=q/}VY,DFSkV!6dYܒ3_ٵ2-6riv˫yeۣwDX,SVfsCz1|~2= ƈAN ׻k׮UWW;ʊ+V?e%]<֘橪p8Z`wd״RG?wU_rE8bbZ\}Bl߾=666&&fذaCFDDl0i^]2:vy#&yKJ^^w학Olۤ+|eḖvǸq~K-01 5W~_ں{kcnjLڤnBRvB @H!)D;!h BRvB юo(Cnn(ͧfzFtrD̉?^@T,FvZ @+\lu==v*F\۷owzU{\.S__׍y7on VUŷv7y#ځ& U%&v%U5/{>mLUU4`FꊡCJ3$#d(V$DM.=vUK\=}/^bbbz?H]oNfCM:UKzyT.;%jkkU?U78rH{Ch],̉he%|纄rqqqFv}nB\Aow #D;LĶu5(]WW&\h///bcc } CPj\̌hZogWuکϻK O]N~aÆ!.v}&hj'v@=5&}Fy 7:=ԻJz\̉hHDI`fW*TUzi>}:999**|^_o{#"ځfUUMWuPeC᭯gEiiM7it9Q "ځV*\/IDh/))YdIxxѝz^SfF|R,h/**z'|CoTq8F==@` 0#GL8\D;`"_M7dt+ lD;`"D;#),,9sѭ0퀉P9VfQ[[;biٌn 0℄r@Y0WY0WYzWB0k׮]zOJCL099\sLxhLh[v@o!Sj[vxUUU7x  vxzzi3fhhh0B[Y,03h_l艫'z_D{rr1[Yo{-^F@ D;OeyczW~}T~WItfi$=AuTPaÆ(SvĹ x;`NT@+}^x`D;J]jLFtt!P%F7 @;v:q7EfzC^0!Q=ݍnY:쀙@+nt7Yz\Gu}ovo%cFٗ | yBRv`V0 0FE/u畞ʼ*UWlYjEOoH 4= nKݑvܛ{7?nۢ Y+`<0M޳kY,Ek_-~.b޳R>=uj/U\gIi \7|zN#.ghO}YG whY|"w[k~-O6NX2V2:a/o^}Ǧ/˚3ߝa_fsd;6ֶ.M4k R{F[_xaK*y-%'84-/]i3Qn޻{˜{$wT )q\uR*3M_"WY<1׭ޚ~jk]g'Y`0 0 ěRm^{gy4[{,cZ wo1n΢ew>=@vɑ 'Z]ets1lm)!3e5<2ޙqx:ヌwEL{`z{3+HYqF_SMz]SSsڵjYYYYQQbŊg⩪pico*/;Eײriv{5X,۷o6lXӃrl0i@s:b9Mw) .̵RvB @H!)D;!h BRvB @H!)D;!h @ 2ifz÷4~`at·OHt̬F70JT,K?ȩu0'6m֭W\q:UUU555^ ]=o9...auuuYYY\7aDQ3z I8.q+YR_vv#-XTz@jUGFFڽToT`ZD;Jգ*$TKv%UyVK'\5jTG>|xܸqR+ \\{Jw?,DLhIPI`i!1&]j*%eOW… cǎ˗/O2%#>2._ގDEEhWyw4C h]bu)!W[[*nTUUU&M9rdG? >}>Bq wUH0-h"Td`nD{EEŬY:]C'ҥKr$!]B8}g i!v:*%%T麺:5zW|Ŋ+..~̘1F>t.\ `yA&G|@WWѮyWryթSRRRA#O>=s#F.v}&նj'@+=5&}VǏǎ={QzWIO&G$$P-l*ժx=Ի'OLNNw~FDבВj]JK* o]ef͊ |9|pZZZG5=gfhSWzm'z7СCxxx$㍺ݗ~^S&G-O^TT//v9suۛ0\]]g̘ vƺA>wСɓ'w0⫯曍n/h\aa̙3;=D;"ځ>_tMvX30@ 2̙ctc xD;炌v& [555gΜIHHH@ ځUTT4}Nd@@ ځhӧ%o `#ځD;~F}+ț[voQgD;ЇNK;=@o!ځ>$%̙3;8+WL<D;ЇhThv@#ځ>DF? |7.] |صkFt:ymg0Xn`R^Р3gx<͕^Ir}cȐ![b09𧲼E}}VP>ړjkko߾Ng*$ Z uTPo7ׂ奥uzXC]%.6NэځV*Zx< #F.S|j҂yځVuvGCDxmmftzqot#ځf%u :e.K_Q(`D;p5.$%%όnYԨ 7QA\w{Igu+$,>nt#ځV\QUF7,+^a^jFh︁fmoT*ݍnY-zi>`D;J]jLFtt!P%F7 @;v:3jw[d7TU;"昅o3ҟ F7,|sKψv:zF,|DOw&DM|+Q3ʾ> ǷnBRvB "ssX^)違;[l6Kn7퀹yܧ5ӇyJ/8szVr!ځ*ݱj;Xo,ϫҪJ>Z"RPGovk_Z?xklU^kY]{_}W6S]e%1vGjZvv+m~_~WwݞH[gK?% ~t3o}̗v_֭ݻ3#η7m%.>7C6d$9\ư"ei.6yf8M~_í/};kɜW6dCrƶ]KFguٽxv=}m/ldu0 U;bG֤8;)ߟjW]=bELޘM뵚2[ޔEIMo=n﹫r?5ͅqk/0鬩tb燻WÙKF Y"J5uN1j&3 jD;b7ehZ\ph\x/y=8eR%i*["@"ځ~e[O0K벶j=Ol[fX>oO[e GۼIi>0m|ӟ\̩/,| #y?v\vtVVVVTTX*/^h8uOc"&0ôؾ}{lllLLLtttddaÚcOn Vf ^qm4/ӬyB @H!)D;!h BRvB @H!)D;!h @ 2ifz÷4~`at·OHtD%¼nYu0' L7m6FyIW!Qs]l߾Ur<O}}}CCz'|2vؤӟ0eʔ`?qڴiA= nZv{W =ݙLhZzTd$YxxxDD,Wռ쩫oի$Ν+̗.]4iRct/^\d0T :T._]=K.\Ha!`ZD;LJ{H 17@TS.I/{T׊Sʏ::sMMMmmɓǖ7nFAe~RGEEhWyw4 #D;J-S%ĘKSBNZUz.7pCӖHTӆRy0rH;Ah],LhZif%$|纄H'N8_|ٳgg͚}AEt>%!q.θHuTKlK\Wuuuj]u|v[n j?vؽ}AP0 #ځfO8j(c;AzWIO&G$$P-l*ժx=RdKlY\\L.d24o7ވvv:ZUMWu)Ue7upIIĉf?tٳ###_}˃TrEx֬Y'8v`&O<А`7_~ot+,,|衇 MC3|_z t!_tM2eJDDD0g/$ڍ&tSmmmYYYbbbc̙ srrϟoevMx曃9[]]Νkev:׺RˑIIIf @Gi766J!>{`h|x̘1Çl[v:YCD;W^p”)Sg MfeD;Ɂ/|3@wt:Ѯue@hЋv;:h?ydxx1c9ztG/xxT.э2 Wq7Q;n~ۛ"UJwejtE|ogW7Qf!]!njɡэ} 3zvGt79f̲fFTb7$3QfzG( ځ蹮o"=4Du(? G )D;!h q hRjżJ]7,yUJJEۢ_$߁hbkQz۶(Bq>.73Ϯx}jŽO/Oy-/_{wzuyjjUK-_/*-y6ƒ]/xϼh햒vJo8G\=62G>+\rc۹7~l~KyG-cΜ4eMx/-W,ަiמz^{xScKw8^ʹ=@ǵ~ŏ;^M#zWS7&SclmˉFw @}elKZ2'Ueh;w5-%'t(-϶9_2/vj8\*_\Z+?Gs_0ٕ+ҽآ'oPyʦӢrߐubyXm"F&o&ZM[9š~4EsicS%5˶k%st.ײMSificƓ/y6KC/^ZinEo׬6|F~B}͇3_έSbi\AEJ jN\SlmYmDQYSs83R_vJꑕwl.쿧nxGh}8qʤGgWgKvLLԴm6ϣy vZa\m%7E_wk}k͛WVcwO<Y ?(ӦZ[S{ٶ sVtځ>s'֭N۶ZRlz"cSkY36&5֚LٴLMsh6<) O5}Ki[׼&`ʼnbLj~{3+HYqFw~bnڵkNbŊg⪼XX5OUUM!=U/Ti#}X:bSyYEkX,۷DGGGFF6Q86[XXUT@mu8-[q$xLܸg=@t \;!h  0D;ȩS| h9}M!ځ@v€<hj0@***Œnt tĉ&L05D;С2C}ĉFhX Eo4if1˷4~`D;pUaw@~ҤIF,\7n@+JQQQ#7IwF70U;vlʔ)6M#ü+|\G(KI'$$Hm߾Ur<OiiiaaҥK-'''<;wnc۷[V^G~FDבr\jyDP.ٳg pΟ??222+g_>9}Uvvߑ#GLb%n5T}n6l/5jT||WLj}C)#_oyB] 3g ~nn O?]hQ5&΁,GP780r׼3 ;+,, ,yyyR>CNNQ|U}Bk[:4k֬gjN4iԨQF_:P@ש.//Z ;]_z]vQ-D;pӧwtcW_}釯WTT?K#"N`]Jvٳ;4NvoÇ7Nhohhϟ={v30XD;p~Сq9//Tzr:&Mj;kjj߿pB/@ ځV3gh\0k:E.#ahk貳322n!hZ |c c@78qbذaqqq^~SNuZ7 ,0hjr4~޼yzݻϟ?tP@H!ځf/^tƍk}x}hD;khÏiollܻwoUKJKKΝku5D;,@~o1KJJbcc%%… V @7&A4 gnllT$͛۹s~g~ 3jh9sn{4'H;x<ڞaϞ=<~L`D?= uSh쪒nlQ__/Ѿqƺ:mӧO ^po*,-`BD;DvUl 6Lt1bȑ]F_w\vM\lHϐ9@nMW<"qv%׵z]J08o&v}^` +T"0v(/**1cl03tx?s\z~ժ)"㱱*UU*..yft̢F2Fh\o4֙Euu$zXXZ3?hZϵ{<UK:%̵;njo{Sjt7ufVH]+Tvy}c2ufVȫ yr0'3Է+$Ɏ9bt7j`BD;; 'v}G"'O@uf3#1>=^DJcǎ5ow,}f@c,W='O6fo0!vJT'>i$hj~ݷ4`D;;=otkv j'N>}zI1ZZZJpv j%%%SNlmtietkv j~k|:t(!!v[Dv j&Mʼ*UWlYjEOoH"1ڧNjt:vGqoкmr/8/giϯ|rv jdڴi}]v[^jXV=wb޳XRWm۔ֿ֮_Ei'-}}ApOωs% ms))Ϟ=ni~y؊>=mҞx;xCC[}7N{>ܣ\ÿ.?^+v.sWl6-州^NzVgk[_N4Gю099yȐvƮڽ#95_z ]:Ek)9o>9ǡioym/dR94eIQ_w1-v+nIx YG8+` c 0OѮiG1щk2ѡEKѴ揭699bujZ+z$Bgt\¸?vKN[ vǬk_cAFfow= ˏf̘mֲT[qחVG8G֖\vG0-Y7q3:^2: Rw&X.Q7eD;k׮9sƔO:v)V TD;766;;h``h0,' tD;v>|8))@|x̘1F7zhǠnnX<8{l!^F,To~`{]Ÿ- . VyyyzF|ĎrرѣGGEEс֭[T`a^j 7 \[s"1xz5obnٶnzʕ?ĉwuWW}}}CCC)))q:F?Jƌc`kp8ÇMw[ 0KG$Ƥu! gϞ=)?"!!݁]vɓ'; .jUڽToT`ZD;oVJ/6nԩSwyholll{sɯPjێ;6u#FE*/.]E "1H?SmhZց\MErʴi$%Dx~iwmeeesm1yIe~R*.RelkEcxkV 񸸸VnS3eʔSCRԻJzr09T>lR/_\jV%HOOPPoRy'?h~zv}0~/moD;`ND; uĶ?ԶqWuznoxkw_dddt?N7^wן=;q`bD;iӦ躪ӧ{Thչ?m6Fڍ<.5W^S&GcRKAU9βoY}Nn޽{m:t233>90 w:Zk޽{om7粳{n S[k"o/[;=yUUUAA ڪS^x!th`ѽ=''g|>.o۾CD;W^paʔ)~kkk9nk9u`]v-Z h4{Baa3Α'%% :W>|xcƌ]mՕ+W{==B юA{AN_tѣj>TD;>hOnnܽh<@cP^Y߽vG-[jv V]zѣg݋ly1zh@!.]tڵ'/..}(˾}$m6[?ٳh<>t wuW7%'ѾsN@jG h|nnnTTg@o!={E;ю׍҈q>ɓ'hwvvرcÇm%}z[YYٳgn Ν;7dȐӉ{S\ svܹx6x}hGg>|pXXԩSԞܻ!N}ܹm?k,_oll?hhhR{~˫]}a?v~;Ϟ=[__?a„v_k =]v{KW?= 8etB#ĵ; x@⼱мqvjް~V[[|c?ҫ [J0K %юPVVV6|#F?O ^ 蘘۳s3fDDDtULue\P;շF7@;v'NHtM0APo@;vl7ZսW˒ZK._- e>??}ɞ={nVU{nf`#^[[k٤VD;`B![WVVVTT$$$=^+''g޼yzK\.7TM.vv={vG޽{Ν[UWW'aVSScu߼ f #dIN+??_~*=f^֟PXXZ3?Y7pCddўd%=U/jWK LhG#f3Rt7RLA?|юnKy3f5ѮngW7RLAAzCj's"ڍΜ9jm_|W*Ԍїb +5t:`ZD;BV7///~ʔ)Z3et7RL7יěhGh*--MJJ` TZjF_)KF7 @;vC}0jWOF_)v3#ڝhx<ct#:!#Gō1ϟrJbbb72ﳼJ IW*啂}wiU[,[yeUA+_jżJ٪,رbY,/_w vIOO܃p<펴iMӧ5;N_oy):_R3'|loU0`AS=iߴz.Z7>k[NW|vQORTk%;^/zR}MU鮧6|GMlZ۴~UEwfP/zWwU5e:_M̟?$H_]M.>ChGjZCg}/kZ |wB w|y;6}VyK.=y鑌wYr^jhGL},gky[?x,ѝ'[w-u߽)z>z=񑬜ܝm~tW 4OɏGyΜS ֽz9M!_cwhچ$5֞0YQQ1yd ۷s޻{OUqHkEO֪KO866vZ;[MgY1NӦ||e0֩=֎'?MU-ìܴ{fX/VjAk5o>>I=~<^g_x%2s_0gd=$>ϮZ-sM_ @/jG}ƌ~Nlcǎm{|~~~|||ttti]Ӻ#鯟ݔmixtݔ䔔W6qw>">S?QQ#Hk<՗aFִO]#'PhzMAEs_hkW"F\dPC#tc{a5M]r䢾^7gѲ;nc;UxSŕu\{=Kuʴxٚv.pM{jyk3ښRΚpmߕ$_DDMo<`=֤ @!jZw|M'2bme{l=;35 [Wn{f>|a)-;em,{?ڶ'r`B6rd/&˙?u|kLm.ڣY<CS KtƔM?_b[Ri4Ŗ/9Ϝ Ȉ3v8qݻۮS \"!,nwMM͵kתNgee;ꫯv/riv蘆9f\*/^h8GnO ȸ*ա~bs;z#&r*md- ccccbb### -,,X>"Qrr]vJHu-vشh=&n\m=joj#.K|ǔ:0h0 .h RgΜaB#ti ]CC޽{WȟhGHR7.&&& vю6گ^z餤w:xAB#t:tԨQ;5kVXXX;h/--6lXllW]@#t}Y5D;BG&/_|))P}F_t юѥi߻w-@АKpvU{]]ݡC-;]C'oƌ3b/ hGhll0w:Ѯz/ hG8qȑ#}wv4/$Wr@ZZї]F#DtcKJJbcc::Rv.-ow46<=3O0f!Dv^C'Yg9@Ѯ蹮o"oBDh/))?~XC?_`dXg +|stjt^P__С3fh44 .͓_fiĘI?!ѣRGDDh ݗ_~)Ͽo>y-ol^۷owzU{I{<y?!/ǿƍ%\zwYbE5V!Ͱ^^+tg0-5t?Ox]kwq7 pyv%L쩫o%@bbbN.!99yȑFe\СC%#eJwV!E#tarrr~{* l 6ȶ$$vUK\=GIJJy~?Tf.{TTvCZ3w|?~p}gϞ_ڵkFAz -I2ץTUڏ=`V&`xujAWD pg<`ZD;B3<㻧5tRdK;S/;wa$ѥ.0 s]Hرc?O7ַ:IE#$1yw D;:ѧO3h|G'wu$Du5@-HM\秤L0'w:ܰaCTT}D*P/\LhǀWRR2eߝRY>&;;{ͪfU;ռ_U󮥿{p|^UxhW۾O31RT*^ )?gy3i*++__{x^(Y=ԻJzr09^ϟ݁zO>Yp^R٦r]W>쳩SN2' ŋ݋|eh̉hǀ'wOGKMMk׮EInIW5._%%eCE]?^lYdddO?aOן=F#1൭;<.x %Tu[deew''#%zNюMұ;6lX}ܹݻw{3(Xۉdwd#G;7xCr݄Ov `?&nG}lٲ4׿eXkWO>$99y̘1n~1o>Oɓ۷[ߊ5:Uc4@c 28ѲO>=??WepuD;7<^~D.??~ѣ;ueee;_G? SFV8lٲnsmm[o%$6ӧ#""|ף=zT;p4wMKK 8юWй?]|y߾}=&g~À< ?ܹsN311ݓ|ӦMk[?!##n766=F0N8'ECC=,i-3#1 I~m|e4peRXbȐ! Zg`2u!1 I]wOU{TyK/ve ]^owm][J0K %юGbw@̙37ƍ;2''gƍr}wqG\W).hyکW=zɓ衮 \kWjhюFr8vhx@% ͆v`X#iHC0Q:ׁ8MֆX,u'B@Ġ@iGZ:v-k^x^i= VrWѷD"H; iAZ(HCiS{aaaqqq޽iq׮]e5txLF7wQJ;1L+W 6fkzΠgA4ˎ  J;Pr=gչy&i%+XR쮮, ueGCia(I;w+03MRRRn4]dA܈Sz> J;ҒH$ iyyy999L@b_5l0QEAiI2뺆,ȑ#5ak׮9::o'i'1 5A v%#fkNx񢇇 RPڑKRNNN4EEEJ=]t A J;ҒPvjggt^,X7|SGܾ}cǎݺuwuAJ;ҒPԮv4^D{xw]WAzҎJKK>}jkkKߩxݥ}̘1n#2}AҎ;880GU]{UUH{C\{fffII khqeE X*I;w }En#Iڟl5B&MLLFF[Ӛ41(HAi0&%%R >}h˙3g<==5ŕ \\4 gܜ_],k4B ҕ^ℵ> Ҏ&ݻץKsssfƃ{$o]``kg_3JqgԂiǸMeIi>S먝3U_y₝I z=[wTCyyDgy:)1e3y/?Mn(hBz=e#,Keee׶%c-8\'STTj.j;`Pڑko5tϟ?1B{蟽V>g#wlwH®#Sú8tE񶬝IY|fiS#wwۓo̿<30S>`߅1b#,|> He]Ȉ\oX~v ea񑋶/'-ev)ܵm(Ox^7%P3 ۶r%<<|~z?`Ol#E⤦F?t!VjĒ=k'pd΁T(>fG OgO988xvʷb0ߤU yIכͩ^:PV8ݙ7̫׫#`{ƶsTB2q04ɻ޽IAY==y m?lPڑ.G 4M62/\ˎvt"An|a>sR-PQע55G=*$+-.P Z*RyR)|fEFDShoC}#QU(ޝT,iuf 5bːJEq^jlwos$T^\;-#p(AZ<(H@IڳMLL:wL5t.]rqq0){F 3qK3d´x^+QFޜm Η'9:%pXT)ޫE\.u됏O-n w\VQ_AT ݘVAεQqjm.gٍOm~2[Jv; j׭/E9 dI!{ eo4yCZ:?곕QQQ{ &RY^]>o3"mzXe-_e=GyF=9s–af5jyĖxO^u7%(>ωC%1ϱËf'> fAک+^dˢ^ȯX W*~K6ťR\{oQA?scLAߎ -# ȈFvZ:d/|1ӀNKKVz6>>~֬YZ؈DҲ2@PTTTPP0}tgR=-,S+ ZebNG|MtQ/ׯή(PFq-۲<Xr/-/sV\G ׊ё#G,--MMMGܰmڴici4е#-se&{nTum4?z=gJ,y4*R mR P_*ZZYqk9\;x|2e[u@1¼&#OD$6 J;Peee=m5V#ɮ]OigY:i.Pڑ.k47oG4+ AiGZiEzztnMhAvPn0`&J; vP뀼xD%󼼼#G껖 J;b<|ғBɓ'}eѴ.&&kNKឞj? HK1t&oggW^uA‡,# AiG ZG333MLLllԜR]z\k h#Nk4M޹sgذaZ2p<۾}{}A@iG Z]Dkh;(Gy@iG Tz]"+nk8wAZ (As}kkk333۷mۖN RRR\\\TUݻwMߵDiLP5tovrr266VzݻZ2W7R@_^Qf0HS0b4 4^CwʕaÆi߭iuB`0A 7 1hT7븆xY&9;;+gQа6 i #aҎ4L^QQ4`fM^kvk㙺NQZځ  ҈"J322ݻKlT N)ڵu4 7oVTu8r@ 8ydqq1b18~jTVV6Ϟ= glԝbq8S HSb#˽{@%rOehϓ'OՆ!Ĥ۟|Iv|ij`/\0tPRmBݡ & pڄ4B@C1\j ^{TJ>h+5iuppH$R,{Bpc٩ݡ7C=>]^AAiG ƍc&׾uVA?s-9͙3GOdjXvP2W;C  (򲲲c#mz2XI D݉q14P?& L911qJO+Xŋׯ_?v_L38r61W ۷o/_ t~jCu f|C5xwzL9"vpacر#k||#S`ݵ6jJ@d$ >!K.9D ]o?~|޼yf)Ƹ'dp\#Ҏ(bѣG}!_u_CWDmoDD2='O\nI)W;($dkד^o21A y2ˋ 2(툁 N5tjTs՚%!al٢)-lDHR!={\\ͬhh'SDQAiG 5t-b&׾i&222@8)h;;;M @@h3Yfigz\.wnc-@1O_P0AiG a?~\VV"T#n'(X, tzŃvajjZ#n{C1P?3r BRڵkWW-;nj%[3gv[ғ'O6{>wM{! ڑSG J;b0]k"##̣|'- Zt)RI{yy ~wr %F9GNBa~~~޽Wkri.L222RSS}n߾}б6lX& -C iGGGZ>\T*;oS {~'bӆZPCD{;wٵkN)ҞÇXy5V 4 ~x;w^گ_Fы/llFAZ'CDi ݀sjǃW5YO?jcǎѣG3"AvxB0&&wձO>:%%%?w}l Hk18 ^{5UiygϊUɵKoXL:UٶmĉUAi PCYkꪴL&]~}ȑh|```c-{onݺj?AZ;(vYYYjGoݺekk ?""lOׅhccc@4Juӧkm Ҹ y`J{bbb;oܸMh+Wtcqݓ'Oۗܜ H+];bp07+WTTA: H?sFƍΝꫯ6g"A׎Lמ0h '>߳gO0$..MS .\;өSWÇGw^! taɓ6mtܙ|U]Cjcbb\ !cq4oѢEK@taR455ѿ޸qC՝k^$[4Jfn@Atah޽{п㰚:I{``ܹsI`.[}܀ \ɵh|aa!XjZKKK!/>:t..//NHHhx-Srҥ}5# tayݍ7+Vs5 p8eutOѣ]recf R'PBM=X Gŋ7s!P";;Cd~Ν;LiWMܼyw ɓ&Mjx-֮]7hH@ijp1 ޽{2ʸ8%i/..{aϝ;njj˫mll)t5|ZYEEEߟ>N;J 舮QT@_zOu/_uu+ @ס$_]XA`i\A 332;ީS'0t6GG#G 0NߧOHbۢEzB[{?nggCr4=d2z<bR#a1222lllжmۖLMSvH{:EGRis! J;b(h>x`%2~m}޽{ke'zV^^1b1ԝ  Se%L{]6>..[) Y@WH1HG4NK݇ /1(툡Y5t999EEEJC4K tKm hh ,bȠ#*pJ]PpVVֳg4cäĉgfޤe2v&k'K m(AF033ޞR,Y z"?YZZZYY1k:a]e?~͍^G1TD<uh}(a>(Ap]mR*j'###mhh{lM%]c0ugĐAiG Mŋ୙QM&8p@mtvYy k9HAҎvPKQ}...,ֿV$ҥKǏugΜWGMQeq~# B%2'kM Apy<2(D999Dhܹ)))fff=zP'22eoTiFinRY[hg4kRtf[h vDZ׏L{+D?:u^*}yDggQ33E+BB;#8/sxus*Q򛣶o3O))gxM̭;.X'eG@iGCe&$u$M3SBڀ5ffbiG.ھc$ɥ(_E;rؓ$%QaaK-N+ t[tKW AVA?\s\#e\BGsarMKKK[[[޽{;>JyZ1 ]BAOpd@rU\ J=:՞Cn۽7?"}"}vuŃAKBCBٔqfFzE{y@׎ڵK$sN߹sLtAv ߊ⍲PrTBeaeOzY12~Zŭ(^շʟ*GlspRj"gе#}mS#ZΗi ]j5/)%lXlSZ{]E2JߞKA]Ĥ1|j܅%t2^2#=%W&\j A׎@PXXسgOk233!kWIIə3gf̘rMO~VDظPYvS۷qҬC<()rO85'tt/ʤ}sOL D3d9 W|]|9y#H3Ɏ$SҘdk׮u^^^j19|gǎU6OMshOyW˱YW3722wnK$ǟәm{ƎE-(112o3fzLCG.a{NeAQ:bv֭[$` }V0ZwݻkuIXZYpC{Myp‚X큡Ekn.R, /UVwvՃ zʤ$sr_u]h|AAAbb4wy.c +{,u7!ſּ|o^v#{8 #z]rkV~NkZCw̙1cЋ4駟:h߲"!V=ӝ]"AvDЛU/WD>V!,,lʔ)"w0nc4jӨ KvD<4:5tYYYmڴ֭=We7hvddڰLN:5x`f ? vDh ӮK. 4B2¤F;bHmd43I\{&ϫ)J h611aUE J;O4:]{:?~\M#?Ƙ懜 xs̯y[" EKWz-2@4(>'A}\nN}%^VV?l0+++Ϝ9Sfe9s&s]JzWPv~"|;䚜z=[wToWO$&<)6T~[v9`q8ɂ |Av2kے)**5A^~P}BvhD"IJJb~5jb| .]4T}?khXȟ.]dY@({f"~FF^>x̷{du5di;,i@qU|En7!G -۷oM2nݺё͛7{zŋjwTKvIHT1O5KB_D:Vg"[0JEq^jlwos$T^\;-#p(AZ (ޠG>}*JMJ~աCʫCCC'N|:~̙w}WVz[v^ >: )GmL7eXi5keŭFrRGV#!++cǎ(k袢*=^h/N<'Ե`2l+Vw !vD?%%%yyy}kT 9v[YYٕ+W{=-;vݽsu-{B'(~`V3`2Y ԔNv ŋAz۷o%yյT,7|A?(~P]i=77)=[h|jjjvvرcZggg{A vD?=bVI/_ ]iueeٳg'L%ssQNYYn:} H@iG@EEݻw)kN_ݺu޽̥R6_1bAA7Dk&&&"D={VRRҷo_:H_l᯿z޽T$Pm۶+WP=4(w)Cմ ȿ=@O|rlLLСC42_~J*[@?{zzS5rEJ; bȠkG#f&ծOII)//0`srrN>]ܹ͛B)Q3HS0uA #PNZ-{PP̌ ?Ô)ScL]' FJZTw}Appp8q.d?}fmm 6GoܸCm^ze @F׮]"H" )P`H\YYYgff޺ukڏ/Obd\E MLLD]dA# @MAfbb"fZSRR̔tݻZ7o5k:J,) o ]D@Aˉ;P ZqAA7NکS'}G>m8H5܁6!cPAiG4[[[ >߳gOrv{ESX@{T pDډA];KD"yzz. 44fuޮ];"D!-" J;hZC7rH:MTTɓ ?صkW ~[[[w2d2įM9iڡaoo?zh=ЃdĂlhmB;= Ҏ47ЭZ\^kߘOFGG=zTSǏС%y'ә7L38r61WZA'ݥٳ_}Ygiv#@ΡuaÆѓ-޾}{Jw};vTOd$:.//'"Е WB[Z 28O.PAiGAA‰k>dztB!sHV޽{ܹLMjd"ԧAI)`rN M&&d\3OwyQiV?~lggaiiiaaA[C7w\S Û7o֔޽{:̺u\>-ln"cdrkur…}0Oމң#Ҏ4+ J+V `]v!Spw4%D"ѣGt/Ͽrʾ}T&D]'iQ.~~~fffVjYcF xrAo{CiGiVTôX޺uՕ$}6zKeڵdߝ*[P*$ n. oş={6<<ڵwZ#n{CiV,YB*yJD;)Ͻ{tzǏגi{J+vi/Μ9ꫯ꥝]evhAiGrذa=QosiA# q999mڴ!N"Ź1>}֬Y~ݻw?Ӻ\w[pAΖ!GIIIqqq=4|+Z"AAAu:\v~~~ZNm vJJJoDvP=b(77ܤhqff#f[-/^˛1cFU֭[&&&Ң j@׎4Ĝ Zk5t`Ǐ)l޽{47߬_vL2dkk,͉ vP+D{YYÇ32ٳ+W|:=<<|ԩMQʏ?{„ ՜ AiGwԿ'گ]6h PP(ywvi333]^]UUf͚ 64JoV&Aܤ \;|,;9 &..v#FtK``u|'8NiA9A׎4yyy*.55ʪSN$:-`l6y-{}}}7nʚ={;wܜ  vPhgƗ0Ϯd5:- ~wRdk֬aAD#}z5tW^:t(ӷo_ ӧOϚ5KJo,ŋWcnAv ÇԿ]moFwHv]BPP_- v ~''6m8;;_$K$??P+V>}Z% J;LiG D?<;;ŅN ٶm[GGGjĮ] /jܺO<_A 4999;vLHH ̉(7771-=00pܹ(WZZ_tqRUU5cƌ'N6M_ tHs:G˃Auy/2rHM`ͦMoݺU R;ڑH;sZZǃ;111#3C>R0tP|BCC гgZ(moi܊DFF M;AkG"٧Occ{o~-(( zOFt?dҷoFENNӏ;vK Ҏ4dSj3v4۷oO<ܹom*2_}^APڑ&*%%>bVi |ْ1cƨo>ooo0q˖-~._Y_|^Avpir߿oeer̙C~\r%?9rR&AAAᵾٳgɍXÇ_pM!w苗yM1AirD;hsbboQZZz=22/JG'4B>F 6m={MK^z K,.L&w6-dá}Am#Mh{.-x(ur\Ҷ7ܹS5bĈZl_f7|cbb޽)vtڵd2hz J;ҴMd 2:aU h|\\ܝ;w,XҦ~`ߥR)Q:g$:s[g:9Oڑ:ܚ)T$gW15Hc#[f_CQi;G)8O\k{&:3ܺ`ٞlmYBzgEe{. ?%u@lDİB&C,s8k׮ <4nܸ'N)++=~]kkko=zt@@@K ]v<}4;;qFDDDRU蠥>7y;⫪ w=҈x~yYҼUG; UH3;fA"xUjܜ#"6ro+VPqb>\Wo`@&&2>JWGqv lggWTTУGǏxЃd >>yv ,'|=2:䓙IH͛7dȐٳgdTAGE9{9۩Kr(-9bJ0:y-2,|)ť&] ̩(;X &7S{"zp 5DВLCBTLHQ#\>,@^0M=ISkЯ#HB&Uݾ}w;v$Ν;7j(r:zj??? ݻw|Rlս (.Di'cI_O3Qw/~^]FFIMwX,FFln>Q1 ]]OqNZB]A)A<9vgzβ#Ҏ4!JacbbJٳ}h… ӧOo`9ϱ~'Or8j^ߌeJ߫U^ ϋIH#N@$ȍ%ѣ/^?~ҳ,˾aÆϟ6mZPPP^Z鋆7szQ3d\0 SY^;A&6G^;Rzn{XQ~NYRb0l>*Ý//e|vÝGQ|N&,mUyv+RmRtf[tbP#MEiig@>}ڷo={vdjGjd͚5[li]Lw}ȕ81\UU\NT\X.M\(6ZXpBDI٦6V gzge ?OhUd&DU A՝ݺtfߺ)QkG k]~Ņ®*%%%gΜ1clRw}aÆ?ӢEH J;T$''fddӇ0G߿7|ԑ#G}]KKKM:88 6 ߳g~Ghbc F5>Pڑ&H( lڵ3=44,wbx eQoN:e} h9qi#Ms4ɓ'vvv %%ܪ:z<ͮ]\]]ɱpʔ)飯ɾ6j(sNw5Q̩sAFm Og81D_ ϔGS AV .C^z{۶mẠΝ;JKΝi+j|I,E ;{zr"`Ћ%?.3d˴aqx@C?"6~EO/|%Qaaƾ uN=z5oAn Hi5kӧU'Ϟ=;ӏH$#G@o@S;v쀮W$???Hyf=6˃롔Sz%Rmx.Ejϡ\`6… ǏoӦZE|Vo}u֨Ҧٝד2w7Iӊ^ F 1x<鯲 tH޶m[iLHHpuu}yVV9F,GFF2ٻw5e?N0~s>5kɓ',/)%lr|M*Q\Ĥ1|jhui\@QX"GqešyikGOA}7mmm۵kFL9p@:^;H9qD֭Ga$ɔ)Sk6m>yHZ%{|`BVMn=ܟ/N >݋2i;Ĕ0oN0ô:o߾3fvlٲ壏>|Nsٲen9=&l8<4E6 h.fMP-A~ɟә=.f^4 1."$1cj7}WA}Ҏ4>Ǐ&/X FB¬^N_YYty=}400GI:}jD e,:Q60T8(?_z-MB%Vonp@i|@߹sv?wvv_ccc{EpB׮]5-}߸q9sllČY ؔ 5MrJ+qXX0eþ|zϑ=:mݰ >@iG;vA&9x-'=z(88xժUu-CIIɓW}GaQ]$ 8,!C@ѕ&:D'7oѢEuZUU'{}o(Ҏ42>477woѾb HOO...tN4IyffS೮eزeK^^މ'L,8kGV# \;H${{{J]H-֭[lYT;vwHI;w*~{hf8mMWS2шmbb62>AvOxniײƍjw\xqҥuzǏO~]%cu}<'7M%P$=t"  vINN*,,޽{iiwW&h쾾+Vh׮JSN{zGv~"|;䚜z=[wToWO$&<`Sc~f*b-?MVW,NG2Y5 8NVVFym[2ւu}2EE梶#J;Ȁx5tJ՜9swߥϥ)-- OT3x:Zr۠<ю>?C %wa @ك<6s32"[Gm~>8gݣo&ì+~hB{(YC6 EF&tCU"_Erq kƤ255>|8|p8d{XX؇~H'>vȑ#՞vիWd5ٳ ̉|tj'];݆mu#^5p"۶-?ϑv{DX' V~3E%*PҬCKzP!~s{28ņmrR\1̈2˫G y~4е#Ifff.]jH${N8o8ߧƶ 'w{OɣNl3?hvUҎ4&xν{~#=7|^OOOL֬Y?>U]&(}zrYE?|EQbHgLQ+}Ct_޹6?Wŵ֗OQ޲Ǩ1z:1iիh뭷;wꫯVVV={*Jy7o/ޫPQQHTZZZVV& O^qQ~ZXi .+G~(# e,.9;N&/sV\G`qTG+9rL~ 0Y H#cgg縸8pDht| Xvuٳg~E)z2bdˑtӮTM7"8\LXJSjAr&ui f0 Ai4ݻ*ؾ}.]gtt4Yϔ)S(=V>.|g}6vF-~@`6*:2oh?yyy`o߾ݫW/KKTXodAAA}ҞʵknܸQwZ rmZ0(hXznYÀ4SQ0etHB޿㙖j޽'OTzѣS%44رcwI SI12N FPڑF#99b׮]//_dJ!ׯ'i@! %##>رcUL*Ӻ9rDL1&L`^?"Rw1U`48O GxaÆ>|_~7nwٳ~Q,9rd54iƍ D T*.HUU͛7/_RWRmBݡ &  i\  J;8G޺uޱc<==ɘvqqs~7}ѣGuy!:A['@@_ G!OKwh6]wڵ#Nnb./ ʠ#CJJJ>}޽K1'gΜI7‚ 믿Nbig׮]IIIMZFXvP2DrȑӧO#F; ^Vi'#@ԝw\$  J;8$''wl||… 5k֔FGG(4?)HqFuݸqNi'YbbUtdnn.JA᧗[ڡs`A!)))!i!/NSNm3ԅ;6HMN:z1cƔvZ_Vi՝LU@4@]Gi@o߾8p)s޽{Ν}Ŗ-[TUt?0aBSׂy]ttE ru333u62OR_7a#P]Ryh'̓]^A3ơGVVV999ݻwsk&mll|>\ӏlذ!---88X{k׮xb믿:ӯܮw2:v1Lе#P(\P[ٳ'۷׺&? ᅴHSN}SNMLLNۉU񴨿N1O_P0AiGd[[۲Yf׷z믿fƃ^2ٶmĉdKYYY5C-33> QQQ:'CU#j"bȠ#@rr2uL{@@6"(((22NT-#۷PW^tf:AZ 8[4ѳ@AѳgO: ͛ץKMݹsgŊO633k2|WWߺu/ęcA^3KR77#FPO?Nךr?iҤ]v7Q%ɚ5k<<</^KM Ҙ(HCINN655m߾= 3UV~)Sk׎LOOԔզMoݺ)) `O&NfCi*p@i(`%#t[[ׯ;R.[ :j?AtO8v _,CGuAtHCi)~#FSoӦ +x$''tW_m='66JiA^Jе# ~VVh'k\Rw0SNꫯlGncc uAZ iO}^}գGzxxgQV>|ҥ7V?pCBuAε# 1[VVfF}}}Ipʕ+Ry恺_vv#2ڑ.i~Y$|7~- y<8iҤ;v(^?3.(*'^,Ƣb`)G ah)t%h*(.n3,>ˮ0?ay3{>!Hv9a„wyŋD BH;A%BaYYvjj 5j,YnMLL_hQk===NpBՓnmm  B{tZNMM 8诼oݺuUp_xue|쁁;vvϞ= ǏW1 |g}J+@ ^vNh9ܹs.]/ OϞ=?̅))) -oZPP- !^;\~t>>>~3g߼y;d gxvŔ_̙33fд%A ^;倯\]] R- Ag͚+W̙~:tYU"+W2eJ{ԩQF N 2r233{:t{+V|Wnnn.{HH%~~~6mj?~j*hI|wǏ״A!^;大655uԩ 7>::GӦMc ѣG[6=22rÆ i'N .Nm{XVFZy;wٳg]t@|/lJ _˗/?s x& ߽{+++;{i[ ,: D_6 ]N<1]͇ۺ;y2'y[oُ%Bg}[v6A[bb^){Y])eJLM?KYQKptXoB: <\R{K\ʍX a:HHZsڛ q*T:6p~NF]wyp\yUFєgSe鲦 j:5*ﰜRrx=be,K*Y+8Pӹe73JӔels,׆۸6>*'[jjYR +~_gYo͡gGtZA]H]2{ 1:6m@ B/МxzT0㏇TüqF$ILe{.l3kJJwaXn<| +"xANCQ'7 a mH6 ,]']B]a**.J4Բ999/_>sLttKCWH>tQMz FD.};1!TQHNN%?2!1&"+k !Ba? Dyq^KLmq_ kji,qtDHi yy p_sR}˅ChRz"` 0&CM-GsON>H`JeQ+<@iיE@=-4$;狄(8&I HYI34߫ida4bҳSc f 8 `0x ߖfє۷ӥD3JAiz0B!)45;;Ezb0* (D>\těٳɳL =5i`H~y"5}n%C_x;~\`ȂPo}KnKueOUh${$rr2e-Ny O9ep<=ZzHg_Bt+RdGWt4C fiVpCQrfAʉp7nRCZcoJ1 "ꋄ[nNfGz-&' QPfՓUݭRm J_kļt)dIs*sB7cF>zqHr/i MXFui0_2< [\"o9Q?@:k6ņ8Y6 7O$u %GkrsdJuCʉ[ Ft3}dE_\lWo Mێ&is%ﰧN d~(%%*è ;^+jρL9t yŕpZȯT# +@7z⒣J3*OBy'P!AAVH\#p@ZN,K_5 $ <\^Ntԑ3ڐ&>\:ujӶGDZTRCؚ|+S > ]L}$::GFFF:uܹNǎ9NscZVVV>B$7^?JLB +lTq!Nԃ=CxPxpaBʋ!~qwn#tjyJoU"AFTBn/z58Wl%5O%O1AMC{Rn53._kttT)׫m=ˆ -fpqkCl2His"fF(4pDmPt_ذ&&1!R#o7>;I`U1€;31dgma<+pwƴZ_9 ~{y]V/=  "Py.Uf:/3bh8[{,ǭw0Sog<,41oz:: 3th{$# yfm) '&Q)MHg' A2Y1;$bC{q |[lK "*OL6uOidCd } Yu^7gejxqvQoci^n85Mm꧸RE.ب )-*pKBϪҢ ΕTUI\}.WdA5; 3 ^^TPR4,Uϴ< 狝MT"}#F,426"Iyyꃮ]IyiaHǰ4,_tn9|2ideQy]֔g.e.*(Ņ@ Vw7KcH Щl#^&FvCIS7i{uVDUu:61˙!JܯAYh*^йv [dZzeȸ.>?q|D o~ldBM=؜[P \6"qr | 63䚱 *>.T!gdkN(nJ&ƊcPɭS N ) L?VD&\ DWgJ ek&2_f ϸcXfu0`V8~SbY9@ "9pdY5# ;Ц N BH;@ m "@ )Ц # 2k PGf UV"N ehE'Ү<:t9P"@h!XkEH`EA1^ vV^%`>{D)hQt]3v`T&B"@h6Xi-[nNW#6:( H;@  H$":{WWW@ˉKmH;M^۴+ 4>aB $\bŰh|bV"uw)^xmkTUUA_C^ǽ^;]M? [GM_.0>>Ԭ#l萦QYY[Q/\3[y>55%\0 񙣂kkՋ Se5,սyڙEg<` f}brQe oMr50/FkH$bjA`R52>05+9lSPDGG(*(` zՂ6~|0~' C l fi'O̚5+11I9s毿;@sqq!ɓڰaÚu+WܼysҤIGnDo'%%Ϙ1Z}ofV:(6@[Lu[QfogKYim=f{o rn[ Pl (!;xK{ }۷/$k׮fff B>Μ9Ǐׯ_޽˔)SFu\WWΝ;/[{O?tuOOO>֍OL"YGy'i5`X;lgftEy\?鲇o߆.6x.9P]̯Y*K >p@HAe>||~JKK'L9wٳg'''1jɒ%;w<}44kph.|˺u̙k@÷w!!!W^ݾ}ɓ'kz<65&zuveji?*2 L]hk0f-ۼatx;x9p=?ctkŏv/cw|veF >x`;hy""" mBD?~ dҥ~mXXBP///KKɓ'[o駟o߾iӦC׵@co#?<<Yk׮dS>,b)\S2ȑuK7WL2Ř / =xGQ xa\f1s'Un733pЩS'gϞgΜ]ڵ͛7mll@ׯv ¢r Cc~QkbbnۿPoܸqѢEQQQwpph]dLNL"sbDYGfg_󖬡?Х.me\ˉ.<[ey/744p`mm At.\aÆ'''Aw4śI(08ڵ;wkAAAK.e@o;~GDOO &@5!ԈpM25(5:DSZGBϨ}Fݣ)%wi/э7=yҥ~W^ r֣Gsƌ˖-3g偁;vLDe  x8n۫vx[-[3Jpŕϟ?///)[\\F- "x8x0n)n5CQ] KE//5ƺ };,,m68_uuu~OOO_bvŕ+WB ^b*Zjƍo_ {xxq{#bjQwEuPEڛ7t S,fܵ8;;_^ZZ QlذN|DSxܳgOo!_E5ĪAfZ2)ohJ; ޿wvrϟ}F>a83f,YdЫWSN9::5j _4&&&}\\… M{n###VT;:4m_`̙3?#GرϕPvLjof֯چ-8N}:d3L{ ^;;w7߄$''CVVV&MOaaa D\ І077?vXЂ}g7666ԭf(6@:g-W^y۷xܸq }ڵkNNΣG-Z?ۻw/'h.?ӧiT .\rƌV*++tvvB iWɓ'@U׽{w8'2VnTwﮬ `1ycǎMOOwpp% 3;;1bđ#G4"BEe{.KiGć9P]. a9=G OE]IFv*rmDR-666ӫ?e/9&&fڴi}~AAQ~~ wIyGGGKK˗/kf헫WB6++Ki!ʿ+߿ƍ.]:sLtt4E.-gϞi:E5?!{Kׂz**Qw@ L6UI"=wH7Hxny8X9x H.U1aH;p8 O#F\~}ĉ?8pĉ@w^gggHzjܲAQFiG:t|rp>>|xLLSDhS@ǔ'=:QtG` 9v>ɨ!1^&%];KU-f Qrk4 MRcN"l}%(ht\JSCfu#/bLWub Ѽ5 &ϟsWZ5x>ƍ7oތlꫯb1T4iRc1͚5ҥKCU_!mvƲeuiSVX1|𰰰j:9&y֐Vw7aĀߴVKJ %\Ok'<~bnǟjMqgr b rvvVPjH:Bi2zgjڢׯ;v\TשCet]z\i]W"턖ҞN;wPtfffƠdɒǏWTT.X "ѝ8qW^ǎۿ?nM۵= >k׮5_t"턖!C MMMǏw Nƍb {Ν;[YO9rÇ5kvKO<oCQ)"^JZ!5rܯ\2a„ٳgC5e3fѣGuuuO8矟9sSNw_nҌY=n@3r޽d`i';ݻgϞLi䭬Ά3g޹s|?ƺ>VW_| <ˎ;bf۾߶m[jj꯿ 9rM@x NPW^yK.xj;?wh,]9Q-pZ``@ xy hѢBM@x9 NP v.K{:(yqqq~~>Q9R]]ͼ|'EWX1fh/>>~d[RM1wܜ}92D (vJ]744g%Txrsssέ[N x{{h:EB2PH:$\~]fA;p{}nnnt35&akkꫯax_: ndKޖl]]Ç@-3(ڹI2,ew-=99yᎎ!!!/^w~#ATOmO#P={7puu|rqVJKKr27߿c,X5=3?+xR~M,vơÉehO?aÆA9|ԡرuf'?CnVe)7̅AU@ڟ_.UUU2Vvk`0[;20oY& w %{ׯ_LḶG>;@1g̩v֑u;ZHNT]WŔxڭ:t*d+?s}ݺup+V/^@XYYB` 6ο*/GngYIIǡwܹ[v-yRR҆ ,--4V}wĘ"Ui(Oŋ+ 8Ą^}ԨQ 2QK'(W^ݿ?E Kr=vUEݙN&, yرcong͚,\. /!Ү$dAU@گ]M{7D#G>y[[[|L5Llp;u$p%TxL\ RAz1L;WS;2ІǏ;w.99 e&* _סQTPTUUwm!;QR`2}w%#$NPϝ;J5ҾgD}OJJi={9sp `>6OPPЪU|% 5o޼tVJf:vwQeOvՅ}e2]Ibgu̴b(ӧO ¢J:#(/Cy Ti%L `@4i'QFN<900p֭UC ~ѣmW6mpԩgdde˔L.\Ń碧cMdí[bVoݾ} b1vK;na] "4l0#n1ޥK,X^2N*fffLi*ڵkϟ? 'Q}򮮮7nl O?W2}˗W^֣$]öd2Yu ԂR=N=@ ޸& Ӵ w~Fq7 vk׵k׊ `#f̘1vؔ'''>`˖-kkk##gς.'\߿ݺuʧ\hO8pˋ.):vullg ά |c+˰[IϦquߑH{`iUtnܸ8S@mmmݻz<|ĉ$..|>CԭlTwM[Z+`zM* w#5],g SݱC{_x?ӺN]1t6 .C^y]GD &@״4( +WDܶzԩSW,\߿X&NssYf޽{ʧpaWW׫WGu>дFR~Y[l3 J-zKa wz;n13g;wsZ62吜'Yʚ jvmլ/_*2&!5xx-,6&6O﴿ެod ȕvTO 7ONNFP+Wxyy8p@nl׎ټysϞ=ս/\STvWFK(cj%ۥA˵I;EV ȍX{x-QΈ~xyiou.aYXGB~3Fw̝K6sv< NoxW:6$s'H:gҾl2^֩S-5yƍÇ_nOQQQcƌ\x"w@HIϞ?neBnƥvzHx& _"g'VQ< Bg,ܩGQahcvIUz%T\`SqunNvz5Fq< ЖSKQaKw0# $<*22>X08 AinbXtnv;dnߎŊqb۶m6#Ս!K*愯 B#x!3PHȉ{CWLv+Nz1|JVε'A@TexDD xt9Qq˻si~ N`Ƥ/7 fff\.B԰\xyYpǓ'On ]vvZkڤZÅb(D\ 5bgD-#tcJQ>vjWzwM)*\?\SҸ EO+?fbh%+,yiDU޻"vyK#lPP% Do޻%<eʔg}򞞞'N(/?C;wo٨#GFDDM[py˨NFO+\Qkd az<aʠ/˘ytgnxrb]8AkY=˂YVٷ]EAvTg}0 ?&=;;5斟`_R|z)*oOH~!x+o'^Z95/„))1Q~ %$X>.* IįL,O}CBOLhi'CcҎ}xvwc֫W/~20f?~e);woZKLKt*ja?Լ=#(j#GYm6B}%j5d|X>!.w- dDO=a׵Hp4s!QE%⚸y;xZiy m"v\]]SOtɓ2Gرcff&LŃ-[Z3'|7m750HXHOdF[F .zvrq/G@:N *vBuWTd.e_!DX81wQ!N`!ާO}:Gcw4i%C~mll,i !աꈻ̘QM(~KGI ~0`aPTYSS56k'HC1D @_{7o>55`0XYYٲtŭZJ(jfr)ʐ?CYV8E4e 'mIF#݇ `Ļw!zq2t" .5ZC[=|NDD  9~q#lF-U~^i:p-*@rt<OLYXLCBK5ų_K̈(A)1 S T@XKIYYrIWWΝ;M6->>y2ҥKsm6UܣGSNy{{+nF15ij0txW7)rWAySxG}V^dٲEiip\[.B[H;5H:"poݺ%+'okk :0䍓-[vȑj裏bcc4^{-$$Yf.~"|U\o wu+;5ke(`dd; RE _Xfff++'occsy>sd/cƌQUnddlٲEdC440"ː IV!Y!W7ML7O9 w5ȓH;5LmG _q[nO9ts,q${-//ߺuf g<=;.0dG?'$g͕agܩY҈%*@ i'biqFU;2s;jO^ ;u^)r_}WVc0?&[:WJήn],ā˙E֋o!H{о!N` ҮgaaqU8~sss?̮-:::M:_)))*&W^'O\d ޤMLe7ՍSYU9],˓CjCݺuH$Ϟ=+'߱clj'}򦦦p dÊ7Ye̘1wvvvnlcYkhhbJ+ؐnϿ1*@&x|?~p|{cQ#}C577o /^ᡩ!u-ḱJãG?-NиBBPچa# =4hPnnȑ#/={cXXLx0ܹsܔ͚5CU[vvv;wܰaI C``ͤILҹsgbƪC;vqk%kP;߈DsC;zp-,,1 +++%W~w̙~iTTԢET|ښO8Q%XϞ=qɓ'l2|SBcz„ ·8Z72ʠ2ˈ|SТ@fLD lxj;r/8'qAp;}… ,U)w߹>}wޚ6* =z) .lذ᯿6mڰaÚ!VkZqrn4m :R`kn(|k'Ave>P:tHf|CƏ5WDD+2nܸ[ӫmhB[955ݻ ̄ڿl2hԖ()K1ضtxi'IҮ`$TTT5jTΝ;?-]tر֭cviԺ63Z⑹Y}4e={?ά#rlĈW͇sw>k֬P2DUVV6Bsa'E&C)sBN8ro,X*do"Klˀ Z|7iiiLE`S0u]ug CY2z赂,ѱ۱cwoܸ1m4(K,9~'OP}]^NbN&={|94vݻ Q'UTT$s 4@ݿ&0hРwygΝl=yǏĜ ~bg%\.%vf:2##y8p޽{ǎ333M6AvhWSuk(y$C IHH:t(4}}}dN'?^N6 >eʔe˖\u5&+&\(BۢOGAK- {?EUUUȵ`M Р( )֭BOO@WW*v{ÿeee,8O2W, /~_~_~ر666 :'P%%%AA~u2NB-22xA:vX{mjj1fP_{={BU8+nzAU7yxxzj3=i6^ Aw т%q;lvfYeLgϞ6@[x[^~"iqj|I}ҤIѫkJ;ܹs> xXz5(իWB/$ w ###zi[xt #Z9w v9m,dgnYz}&ו"4^Ӝ%{X̙3'wcvzXG Ρ6I{wUFڡ:ۺuG}t? V(KP!bDB6o|СΝ;z&%q/=-`;)#4GmgQe4ŘȬF9Nwz%N`CĵW^8p9666x<99yԩ2P=5ŋ 1C} Z`+V?'`Amt NSk  |\e3s|=0 ۙEg=Mŵhu"pwTgvG2>̴F07} QK8p@iZlǎ_r©"@1!!!oVLLgs[/̹ѴZlb1vE^KDq!,~k'h'D ,ӧO>eʔXǏ2?gp?ТEPZZjdddb͛| ;n B.q2pJ>ѣG鷱Amԛ4$}@ϡRQڙvqb;A,ch ޶!N`2LLL/W07HJJzu믧̘1:tnݺ 2Ϛ5ȑ#k֬Q&1AAApK V7H_5>Wa"##-[vySSSM[]p 6@l̡´ssGPdA!N`'nffFo*x`vZQ]|CiG`իW+#퀣#45>t< iuӧ]v…ΝӔ f.8NrNiE'Ү\PN|ua1@U]\bs=s{۔.p* !Zv()666W\ٻQԳ?~,r<]Tm۶mxӧZjΜ9/^PGA\a=v%SZ]Wr>GSnN_ 2꿝O<G+c"QRڍLMM_(++{}̙3O:%S>yڵkJ-ڱczƍ}Qr>@`xPpKؗ[ťM`:赱讨>]G~Ä(0jń8$i'O߾}$iP A)Sd|S^p{f96mwȑ#ϟWqxxV3}0zQQS\ 9v>ɨ^)auq `Ju yŕ'@ N`:wm0G!y}NNN/^llܒ%K?^QQdz ^u@@K.iiij@hA"#C9ny/vaeMM~/*\j4SqS׊?P,*+KR4P-H;A-(3)1rĉ?MLL&L*u֝>}o;9wƆ5a=w%㯙9I1*H-A= E(U<>pq2o=:]+G|&;}i'Zڻu릫ѣGieeeegg3Q'9Q;ӀWqF=Y U@hfrk,s%(ht\JSw 85vX>~ݺu @ 4H;A-4KuGk32-<{l60`1cN8|OպȈ#KHy3338MCTsAWWY[eѢEZoD 4D jXOmGJnGM 7n(h@O?ݼyDZ_^w!"rrNI7iҤK.,ƮXutt<==<СCj5E;f6 D # G-Gw.`M\i?D%h@PZQ X)*HdZ XZV+nv+jW ȶVE*R ^XZPAH DɁi$>Cyϳə33߼fȻ6 ,رc1rXz5DՍNgϞsB Վ|udͨ4hP``MIxc3f̦Ml]yfx:[_ A.ƫb]o?,1|;Ōtn:fF<ۑR MA#xvuIY&222җɌ3 M]mҰf#4M^#e˖tyd!b2vVXvPs?~\NjN1))Ɍ5U?LO'U*# *|`^<;|K'L0nݢ=""b)_N߲e… 哒Gu[7oފ+6of Xi]:5=zsqq?K/ 0`С*}觃݆B4ؾGA~Վ o߾}D"իW DS@6M4_~=t?x Ӥ]ly着&zZNCUfC$%̜9 :AxnDET;b+ Q=}ĈUTTܻwW^1RoILLԗLg/^|rf95L{i"zg^_~"FuEݻwwޥ_MmnsDEE'ox+8q@o;},Z(??+S(5hty(haґӂ}k5hj3*C'}oKz=!?|u 5kg}fݺ|˖-#fuP(.QEBKFyB iPV׍ 1I!!!eee LNkĈG1UJJ֭[0 xeWڲ477l=i]' OExvJ¤1RebwZjGlIj޽{pppaa!2|p\O?9:#Gw}g +W{DLmkmQ&x[J<(%rM<ڽkB@!Byl_$(X(^FFbIk|TTBdæMzL3ĉMٳg]&MzikWTUJ(50'QSC.MgP| 4 h 999r  o~#PM-U Q _xپwoW?|tۻ`رJLL\tiMMI ?UVALxMmRLK3a3eMKb=]vW鏓ӳ`kі+R9^>*V(+^<}EsCU'6-ElMnW(wd4d@D+rxhRh $ AN!yݡՎ"_^^>l0}C[oi|폤u.Oc3J:uիwܙ̿:''fx*<\yaaxUm9)nrzSCFN8Tp]bِ}ܐq%Ikyf~:u3wgv|jy`#u; ;:.CJN}cwT;bCNZ _~W[QQq9M xtR@3fXn/X_7CZlllw[R&2-!Z!xEW=ړ!vD j볧ի{~I,hx}Uy\)P*}x ͻ+ôie.m!;M_h"ȉ1/l/a?h}IbwL|SO0j'um>bw… Ç7;vLHƎ}9sh'&{M.iP[~>!cIIqSB }76ڵorvai$dK5٭8dh[ܳ_ 3/!ʘя u:6!TC";*#S'_wc2D#6.]\\@ cçОt*j/͑NހIkg:3XbԩӦM_cwRs^Uds==[~w/$Q^|Q9iq)HJNpN0'9HHo^}Vu^b\omӀ*777Fwa   yNP툭;vÃֈ&~SRiZZZYApΖx^{-##C&bS<(( %>g?|=IIS{kWI/S7$d) mq &ы h|](٤Wd5]F4$婙@HLxfE%oZW]bSo 6fjGl U;:ޘ Pil[TT4j(#ǎ[QQ%F饗>tqղe&L0}tFⱋ'f'CbQtҔGP󲏟wJS'ĭ8e\zE?6i~6C_ǝ)7F"FDkڽzDӦw&^7%ؔԑ#GB "@`M6EDM|ѢE}3hҾ^cǎ!@:]T666¥}=g϶OF!WŞb>Q7:D^5UuJ-fq7'777gggDBwAX4bgE!F/Q;b[WmGW<=3Ⱦ!ݰڣN:nC/J!p7:b!B1ӑ/k zz{T|;1_R7ܽLt֎pgy&??P^^nX6MǏWk)'NLJJ)=%%%++<{yy͚5k֭ .d,sPـyOpnGqr۹}Ɍҹ'6"'7H?=բIA"$'svnVh A~~AZYJN}dܸ7FC+NA D"(PmiCf=;#wEAUyYiYYii CxjGlNӡվN>,, };YgUq0_"2T2:?8v1|,ɚY~(أZ=a u瓽x$79M$ 僯-9rk*3J%fA#6ǼN{u-**Jgj2e \xLHtN8d Rٹdֈ5JO4ENg3\KubǦe-y o^ T;bsS{诓 rpp8<7ް$p7ᘄ2I[eNVzzdt/֦A"l_OCʨkGҗoPgG&W(BQ 8YA#6</#_;SHB;O೙āxi<R9'{jӞnCd1$ t 7>G?!f!y0X;'TJn+49nEnroGSo_kCC|vt=eʔpvb޽Ϝ99ɓos:^x_={W~{!ܪ\.o*_)RSh(Z->f֓F,)9>TdR rO]!mBRf)i_4-c=-6tשkó6n:A~k{FPPuvɧl۶`Ê[c@QB6ZgS Y|vPиd7k^!Ԣ-qeVd.ғVceT_>x$τ ;{بVuz8`AIQtYqh͆ M|*/-!i4^hZ.pԜKwל1tɚ +qTtMP툝n'CΩ}|| cǎ9g:ߪ犢}Y*dcR)76U=tՑ=5 ,?稖sUu?3|51rMG.  m'̙3m:͉D_'+8qq#$aUvJUUg}>;3D_M|B=+{hMhkdYҁn<[`dut7 WHԻyW/ەgM!)A#vlG:T(yJJ֭[]QN|XW]]'[YF8i>H+ ѴċVWˇ>ɓZVkyVTTU3DmL K=""^m#GcRh?5f&ETʖ5ڴ+y>l]NRnK.rC]P툝0{ӓܴiӌY3#uf&E4CN6Fh A=((觟~~tu`ׯbb"Dpvv$ &Ed:A,v6Ԯ5>]$M>}ǎ:a.ӵ]YWlq!*R@:3^^^v7559::PC'NyfMMgS@VzwIIIK,N-ʌׁ BR=zH{lÇwޝv[ }|>/ 5iVM@@S`#33÷l& Yڟ1=رcQQQLp^60T*<;I<8@ٮ# jGgn7Ν mSKgթvɓsssϟo%RRRAT lV@cU; j`zHi3v^X~=[]A<>TLBc~QjGG>}444rs;>>;;H'%%-_\&Hk: Ac* 4^D\SSDD3Ǐ7.u`-h}aw(3mpT;b? 1t:ڇ 7o{mʔ) ,x𡋋K_z?<==63CDVO03Aځ3g: TPLnqgfiՎPիWSLR;I7w69rd޼yOqss3f̡Cf̘a%=U;i;h|FNki;u%%%ڵkl0Uiu v~SLnO?m>a}j'(O:@o]iw1_߸qcκt:fmNgc~QjG y}gĈWWWtPej|/ډjxn0ڸځ~Z=hŊA<3veao1xet5w 89;;믿ޱcǁڤW999:ϺrJtt?lddye˖1)Lt:pEFFWXք)7f1XGjGJDD_1c0)jAAAƜ^UU%Hݻ&R矏5ʘ{uOƘ_ǓʘE`5bW,Y$vrrj_߫W/g;ۉF]׹+i<?->Sc 헇AˠbډI댳2iv7/W>|h AjGj=ڧX5jL&3z 22nްa2D+S{TT755z _|Ѥ}_|J~?%%2Di+|>ډjnp\.wu{vmXt޽{\b<AA#v=aױc8y'O-wٳ>y"hjGjO?~vWWȃ˗/YfBz-x(..b vXvݰډu`ܹ ܝ222 ,D b vXECCCoݺU]]ĸ8ڕJZ`;L:Cϟ_^^o<A(v޴W{*LEtv佼 Gm7aÆ[V<|{Y1OA 7.o޼i|&aaa%%%:G[Nؠ3+4= 1{^:ygg@%:Ti@&-g<}tVEEˁZO< U@#ǧY>tІիӧ9smfݢ?Њ!7ьۉ2ߤ1F>ň#Ǻ"ҕA#,`)>l3g-è=44-++3[wʪUV^my @#,^7n0C_~nnn.\0p̙3{'Z<^xaݺuge#< k7a BOO6bN޺C&~GTVe6msu:4|6@"I|?#@΍zjUUKЊ&`MNN1cƒ%K*zӧ+O>V![G?vnxLAl# jGXvTj|>G.** o ,XBLsᔩSBpB}SaÆԖ 77nocr7F PPt&үl, -ʬ5Duܹ6@gϞ;=>>~˖-Nmʹ7={BbBBJp_~3Q'}@uEakasI rν4"J t.-Z>L: \ՎP(D555ډݒtRoiB`-^l jP;Xeh;1GEE>}ڰ cѨLvq( ((Z>8 >p T;VUUeR>C mSd(H :ye744]l\M<Aak5x<ͮի׈#tN]Gk0nDw!#@#SthYYғ詓gQ 6vgظ: SDaT;V$o']DDą ^Kpv3=Cv9diՎ>zBj޽;ߧO/4nqgظBVv:p T;VT{Ϟ=}}}\K1NBQlW:#@#`En'zV{:.6'֛KAjGU d2DXud3tq]1Ћ/Igl]l&(v`xv53ݬM ܵ#Q٢|#42mfwrC]Pk_ÇWVV`ݚ&%m*ǫT&nf^TrIk,g✖2VsU5צ%8P ɡv58B{ΒƍqF2 ^}*s**ɝTJQ?!mЖC%ffd.$ 62f>!_k%G7nH\Cm$Df8v5֓.00PP ޭ[鬌@("sܡJ'd B|$nS']w| !rz:,?]"DDNҷ*KN5dJt4'VՔ)A< ՎunpN^IҌK褩Aɀ/MKK"5G{hz͝|=*L_".{r[i)I큒@5nA~ְO>1j8q3g~?R9+`yF\(/9~(#n mu5FWE<:T_<{Q^Yttg KZQaT;:t}Ssի{%{cbbtvV/Qlϋy!P<  yW)p "|4KwX֭[7kAt0jGĊCۉNĸvwwÇۯ"ooOm"'4TRyz ZǹBo??_>Ӻ^G6v@"TTT[U*;vy4w88$AA#lbN|>?44:ի38p +Cbgcȍ 6ډ5FglAՎN{{{߿Çfdhډ&p߿M\%+?]\"AZo ]T;&: #"" 퍌5*kv"6IgZ19 gVxe쌴%Gw.ې7!`ѣ[&^ rO]!mBR&v ͨO,v<SVluth] #HՎGcccCCCtKnv 66v3E~S&#SG.$')3_#dy[HɾWfEo)z+vt4hK\[߮&S_, ֦fU>\KzͶPZ6zA8a֘=t/]cƌlc֢QIHIR+%ÞQokp(~.-!iuxi^I24% oT;2VRVV־&ҽ{wc g0uoƮeT>~o|zkJeC]]ZzTm对д;DbG#ѩ~UWWwؕ]'`ȑgΜwu/mj1߯7ߺ?a7"eŖ%$oJ!H' i][,SɊߞZܛv-A~ѩv_n^VI'JKJJl|7!nVZҤhuu85n?v]ɲڥx< Ɋ&={rWlHx<ȴ-D!3!ɡh]B kfFjF?|vv!!!wݻLBattÇNjP66|!DV}A_..' J}$&:|ZuJur[oO1miNB9eDs-? ve?mL>eۭLJwI|gۅ@~~^gkBjGXj7nwT*0^xɓ5#a[Xit{=BBBN8v!!aOOO\&ݒ:@1 p?rۅ bvex}?]H ƂjGBpgϞw@LL I03K@!pT;>"Tĉ;h`- Da apO:bDTv$*J uvQqnvGjGG纮b0YK}1ýi` /=U]mwy {a}Q;fׄ{=<<Μ9<(F)ݻ#РAPT*x94|'o>y;,|L440vǦ v}z]WWT*iX~'r6v:Nxګ{Ǐ^x\DpÞCP.o%i@N!Oˇ7 H v} }lpZ'o}L0aݺuӟۡXLLLfff||< j`zH1fѣʆ ZAu6<>bwWWWv{h}A#S;hռlGuܹ QQQ+ V]]VG"##}]p9 &kDFFz.oca-58BNw A.jG8:ɻ<1;`ȑ'Ol@!"H$={vɌU*2R힞p˗/ l)PCQ©ALv;7 H vP{AA%9!pNZvmsʔ){9s&6ZOnځiӦeee͞=k.LrnNjyft vQ~Tdɒ6Ti|FACtcT;F_ہ-`3T޴mBtl/ jP'A Nᇆt{衝XݫW/ Q;0k֬EӦwjz:pT; U;;;ٳǼ ھ{n޽uhDDĿ︸8tpV5SovllÇON{3R7^s;vUX+niMTc0cٵ;NONl`nMFDr:a6O8棏>ѪRܸq|V{N27v۷ѣGij2;sړΰJ}}}}YxQJS̟?O>Y`͋J09D#A#`OO۷oCfUz}9r$\Ν;}yvx']f}ԩofYYmYVQq 6N4={20 ۦ$ymfƹ~yA  S[ϟ?ong; VՎpd :yڏ=j`6kرCTZ 6v+TUU4}zX,.--5&K.Y ((WAmPWwi*j'1<)Srss-+L A#Μ9cy/WTTX ޫWGd2K2/^4pLtt'T*1B[rWIII~ADz 4իaǀi522UJJʶm ̃ bvCth;1nt}_ PP7btD3̡C,"vCZÇu YXXhL{6l`̙}ee T;)lnݺ5pȑ#O Վp [W'oD3zm޽FagO?<Ac@#B(D[__ /atz:}76b//Ç[ j !t&ymR'O3 VՎp }+Cd^VVf@0vfȑ5ݛJN3nժU-aÆ9::~wcƌI#u:<>ݠ+7 ȯnao*؈_~NZuG0vu=Ba%AHHj*T j+5455v PPLi`v[P;D Jnxt;uDyyy* 3_)~3@Q@Вn`iՎp GGǺ:{U'o5 u嚛dF*bQ;Π \Վp;4GDD8744]0\M<A8v޷o_o yܸqǎè LN{bm

###O8ѬvČuDk>AXՎpps;%/^GHkyӨ Վpj}6_Þt4+]0\M+;zA}}}oܸaUBCC/]dQRvpmc+;pT;9 XN{:>iA^\\Lz]0\AOKA.jG8}N6vVɊOTv)JyMNU}` 7A#G` \s;kG0mߢ|#42N%#;Sn q.7AXՎpoݺsF?|w}M~|<KCx]_~|z=MߖUʉ?tb8EUszeޤ5FWHҤSL/q3/3>88XpnJ -̣axeZiǦ/s7"7o4|ȑ#\bj|yCWAWw^z{Ȇ|T}բ%׮]?}Ӎ^/.Hdq!O,V=<;!tܟ ԡV'+dś'g}0!/^v| i6KQ}h{^r q"\Ā 2~]WBh}?iY Ώ#VQwFsl'Yޏ/>[:1H̯i&<;dJt4?9s5!GZIB6\i'WW=2WITqoqr۹} ,#ҿ8^={'!C<9pюljɸ/uUr@)TAF1ݻ۷PH… &-=gNSE^k˜EEߖ,{95ԝOr ^䖺t\Y6ēAB"'GOUJM|tH˻TPKOXRrFD$FinLBf, Hn9obpT;EItڌ1tQ $79%1kĨ)'ōTUOH?쳦g=~M4$)̙.-1$ t 7>G?!fsSp IĜJZ!Q"9Eo<~_CzX~mxg It |68uO;x^9iN<{膸5G<'Uߒ$po^p EE8H]]]@@L&ӹw߾}}r7|so6 :lccÇr9Ɏ;ZTb!Q)U|MR(ҊzH,6XjTOH+MQSU$N^b~9OGv\Y6?Zx999bސAn`A8755YAZqh;3-aV}DӻuS(n1Յ"cɯ=m?hbZIܖqxANV#@< Iv˻^{BYuRl BծzkE}5pXjz:d۷ (vIDDD Վp{:yk..Wx-VfyF\ A(TsYt+|&fWn] HՎp{J{,(=QS?S?cVfMWl۴?oZo94W^IW{z=rNWirΉOͩozFZZAA#jwuu ϝ;gZQ={Yh$DY{);#9U:\BU'OFd4X=a&7Z6@#ŞjxۧN^Ûc7{iRvv0-n?v]ɲڥx< Ɋ&={rWlHx<ȴ-D!3!ɡh]Bk}kҡڭ3*>_?)Qwe_s㋂R &!ؚ$ϯam2ZtnPw =zs#X.jkku=zׯFT;] p:1 Վp޽{ڽS7#T;][YYT; H{PsOaÆUUUd6]BAĶNcg;880;O  lW]>ؾ5AVډNӤUP eFGZ! 1{nllV?Qv$ 릁 4vGNsT!'N8!!!ֺ"ڟhf{@ 0 Pvgvi 4Fm=<A4}kX?<III4$ި?~ kssHXlR=z8p'OY*WfbwWWWv{V&g~iՎp0z޽|}}ujϭ{QPwAc* 4^D\SSDnnnp<2#F0&ЇZv;vGjG7vWK$Ça`5dd+u0:9rdeeaLDdd޽{_}UJ!g$@Lv;7 ȯcG&5448;;[늴ٳgǏFQf^8><<~0UҐ @=z`l Cqjnڸ]u<^GnjGa{ pPZWU;F?cbb;&]9<< ..ej +3{CjG1j߽{կ =sL`` 3)JԞF[MD||gΜi4橙 &R`A :>>>o߆@Y_th y?)#u 9hР1cƘt_~yD3du kݻwЯ_;w477[𞆙 |!C?~IGfAA#uݺu///EGyʕs =jUg;GjG:Wm'`3gsq㊊L AjG:Fmuu944:2dٳg~tYPH']IkO:#Jyyyf\eڴi{#eA#n|NA΀jG:l+nܸaGrL&3*=\mm-隠ڑN@j߿[T*/QPP`̑0v|S/Mg< ]T; PU _tڑNc= Åv{/^40- ڑ[aaa.\P(q+* 잚 {5>8a̘1V,:+/IkP\X9 ՎtiɅhDNu: v\755 ( >HՎ Վt3zYss3O 3/؝Vc ɐN=gc=R766\ŤX4Ahx}XevJ `+@Q@ВA#7A# cU*Fm`vڻ) w@#.|~MMٗ`Q 6vgѹ: SDv3avf8; i<ۏhm< iԎ^GjG:vIGQw+ieG#A# {v(cw+h{[ڑ΄݆dyEq4Xf%k;εl_\o{4;KAV)k΄[ cNV,|.gDFnd]g,Ołv`x&# cvKkG lQV_JJQ;)umNWw8^m&%'Y[wˌ&~=!n5TŻWkrXg0vh \Վt&bqssÇ /l߬.ڰDިlZ9z܄W ^;=n驝JN|qur?J[լ{u;~x4Q&ew!4!c^ 7MH,eaG:N~Ȑ!uaaall;4?8ǖ/_'&+,ZUMF-Sx\HKf@'n zeVbC]P|}^U%p?x `Ԏt2Iޖ42oXi#>^^ufxfTF/ZzCFwQVy?30(\A-  ]JJuSnVeZ]u}uٷ 4!/)fPBWtAf8=<Ϝyg9|߹,˩j)g :kz5sZsg<?[NfMe罛8eqі-$(!y{5D>r'ځAQݻ[?SNaaa'OnuK8-cؗ;rW(gMt*v.m63=/6oRim^_b:=J Ďmu\$?'<8>%&FJcWc`,볯čn|״||{׽} v|8#;sc6,&ݛ*E$ >i`VoL{[&cCqh뗒ئsf.QyL^qZ];z W]hzJ8a]Kki9ÑԮ2K^N1&aGJmf.}stahݗ<ؔ+ MMSk$l hWWgۨ;4>rjG=ˍ[ k<0-ʝKgy[=Urc)oc0U\:7wi6}#Ř42VvK~m}B}tSw3P4k^p-#pZv|T`$:XҀm]*v]7pP/9cJ71S@91G;3#7tS%.]eV(ʼn×>^&,`Jnk؉}]s{߀S2|K1swɓ'-;UW1ࠛf(APb ߑ/Y1X_ż|ĎnAժnq&*+=tgw- }n;`?ܙ2gϞ&In0ve Z9{'{{{˝/ҥKuO.4λ8P;pJ, ܹs!!!֧OӧO#qvD <:"Tjn9FCUABP;X&XXXh=EJo i0;^:A2z ^3 _XYdvfk8N:rT6Y'jkkdrׄ@UABGL bH:>ݪ;K#Q>@ef !^ ͐ɪ~[e@UAkvgߤ^Kբoڽc>TL&DMP.w@Y!>|V_}%w]\Z/36;BL{Pl.w 9 TnnnW3W\8+y<*b 2}izxxOS RI-++|)w]Nj0C#v@1M^rxk<!ugr8q$*~iCd5ոT]t;ﴼ[nڵ+}lQ|)\X&֨=rאФAy :-SSTTDޙ!;iO+:%x$$~Հ=kU)聠;:[nƣnww y ]Ce8+???;93yjwGO2:C,U{TTV"22̙3G:NU!$HT|&/qwf R]C^jX&oڭ';}Eϸytmm-t^_AݻwUVѵreSD/8oü^rא ,V8P;pbOjjt:@w'b1qO>MO!&&f…th+]Pyhҕ i$*@&H 5]81KKK-"^o$ 2Gt(wu6C}W===*Ell#G&M$wu6@L{p4vĐڏ=zlVM>%!76l|5v؍7vEl!x1uȴ7@0j֭VpB=,9El*\?d?(22ҥK0DŁ@P1pJix-E:t#GUw'|#k1 81"KfؼIՍtj W_}JƌiU@" P*VRSaB.=ځޭ[[.jRC*>>~Ϟ==`̊A?a1s\87۵6n˗/_p({j?OXé[5`1mkA9rY c X=7kUA%+H]8RD=V w޻[ } pW/;ͩ)I7JJ9+?_Ir!?ߒu5s<=n*]l+ځshjg沲 jwH"mZ4"2YnƱҼf.u|u*6xX\5.,6112T'wBw%՞SƦisud,&Ggߗxe3Nը<&8qUfk7 87,ڏ9bd={o: bwҐv,Gn4Ktlȕ&s \87v//\k/Dc=9]Zh`"g6.l/dG$?Omber fځsjgeddtLEDH_xi4>3RMMRFLZvځKR%.]eV(ʼn×]ࢨ/pjoy H7n\ܷouezR)++sssL:|~HWү[WTTP-=2}}Jˍ# G4W뫘o!`0Z{I'եK]zxx \m! @./26wm6\:#նPhhzI:7jN;Ν;gÀ|t ޳g+WTVv&,\8=JI7|oիI"ځjmV{=۷c2 P$P;pzSW6.6y@ځj j8=!!!gϞ̎T;M{9q%EvXlI׹sQFaY:@T՗.]|7Kk~s{[%`-I]sL&Im-pUzzyXkVr%:k'Up@vHLR~hə{0V-J^SShjZHj* !A*qxmHaH˃?ڽA^:{f0.PxmH$:ӅŁ(HFD@ Xsֺd޳NP{uu5;>tFw fHH(N_z:uF3* *'T|rHF:,Rk4]jJLJ{OO[ovn2xƵn*  qO׉T*3uٖa N) ځbh_3tv6yK)'T|svD?i?^Y{'RXXe˖РArעpgS}/"](ܹӒ35]R ^"j1(}S"I?vg~mjj3,ysdDo7"pj;`xl*.w)D/#O2O/&jߵk_z-w1QtIΩM^.wf@@!|7IgΜ!ޘ,V]Rʉ떬߾p'ϸytmm-t^Z~={y睞={]yh q@@Q'|bə%H}iLuq w)[TPݭά\="}i=ȲX Xyw'b:~رM6XWLEl#sxG;?L'w~@@!X oviTd_vK 1e=y35}@}EurƭDC׉?{Q@o׌u$ҥdy;7=h ;K/MdWJ)wPҬSV՟j O͚|Y4h*x;W_WgTRiӖ^5AzgfSʂ 荜3b`ש󮟶uPmn YnNi~9XN2gGf7~RlћSvvc)D-0o]$nQ4sʗ9yw}G;v/~+/@@9X~I;wn4ܘ8=>t~%ky^yl<[n!L`={>}yzݺ4^_M7|Zӥ>?&fvw1Wfb;a9xrP}>`ȑr2@9Xvݻ={֞)뀾Rr}B'<0&15wݎSe^9镔R8l!3`zX(M;'DzR )Y9)MF!X+\RLrZtĔӞ!13奭[c@qoOȀ847BjϷd O8ѫW/e'- LRM1s#u.b&XXVxjb?d4_4`7Mw xd=igGP LW3驹g}=w^ $/rJ}vp |' ;;8N Ծ{n OOʫ4]|1v ¤i 9zWV2OiFc Ha(PFlr#1_=pdݘY\6Ox>G?EFJFYq!sh4׿>y$y]1^@@98vοp/yi4f̫Fr &bPP+'oz&}r+W}Q*={,vPƣϞ-;o\3#d̖cZRRR2jԨ>^EvzQQQQ[[kɎvĄ uȉ VsWzjP**((ȒEb#F /;/84P;Pt:OOsɝ[`(ؠRMȩ%Y7UZS!wl>KLL\v3 _k“"p77V^1l2 7O|AEaH:>N91M4pC\6B>od߽mK-okf0hРiϮXr ˬM[WQbAoX>M5aUU L>a_,[l틉;/8P;P3H^v.w1?:T|lggeyziX).lߎ+G*rVMY5԰{$9~<+6wAbƌe?Y0}[OןJKEf*]@R{]#=^5c~ܹs7o|Сo]4`^;P{Zx2}֭ʊv,>e/Oe hJtO'wo[hVB3'^>ucys@+c:燭(Yqy/b_]7Iocej#Y dn7|'jjj~_^p^^^rggQ;Pbl۰ǓY _/ 'ϝKɨ#NɌܭqudgnluJL% 1_\w@Ā `lᛁUF}Ko_m(=s億w`-P;P[ LLX27k?ټ=ٌj}uuI~֎jXq߮6|F~XfIUíU "muoƅW7|3S%'{Ż9"u#FxE``ŋM&%'RZVVfrQЉI+gLJ RdkN>lp!t[ (ܹtf.#7n׵.t`ttda/bXd$LAAСCNob3rljs=zw1'"-ǿlA_/kb'3ް{y&4W ~%_<% 8qߖš7o7hHOO_rJFI7|3oj:4jԨ_~瞓;/81:Q(xaÆYrOso۴iӁI˪ Bd G-aړβrڵ~:;;\Rg)Mp8;r8 P;PÇ[xS,#Tq_xzz|F豀t.uQ;$c>A{aUޣGR^Ǻ(LyyC=ԧO-[h4޺{[~݌8g::DRځҰJqFou$gΜ7n_}UKE ZL&DMP.w@@X }t-1{HMMV1 |mqRYYٞ={lh+dVŌ^vOP7s!___#q(6v www777ɫ\(R7|cS!M籩j=y4O)Ӷ8I})D害*L"SyIf"CK\zuĉtrFF,w3pA'OL2QawQz\\\l\&bO2$Ku>-j뮻o/wW;_tC.&/qoT>_י3gK R]O^jX[n%%%=z-[4Ov/Jr:o6FGGZqދ ^XhA^ϟx≵k&%%cŁ(H oP7[(xw'ɉb1W^^nVC'&sxG;?L'v裏vɌ4GYJ r8ϋځ2jpe^z]pO"w>"^ocyرK:!xM3o޽{  w!pivLIG =yI-6ov;aәhttw}_Z:ଥCŁ&Nk׮]\(7 7׼mO}m>|ƍ/#/Bb9iL{}'nݺɝq }ݖfDt.SLTTԙ3gjjj䮶%"R~ۛj[ڝ(+ UjWՑ999cƌʚ'$$ >|ժU.- Sk2 9{緾IՍtj vvU{Ѥ:tɓ~meyr i`J5!>`մAzhO-5]b8 OXk{%ק=1/… KidᕓeK)|^,wҀځ2k׮/^޽{So2@Q~AY>m_կ~%w^lT41kRVz )krr߮0cAM{v ƼiZa4ՄU9tQNKר_CtqVTb8c=GX2׊%,jŪ]>}Zѣ[n?,nׯ1c΋佛8eqі-$(f,?'kOx5*rVMY5ZckL_zxEMZ<#=+{+gO[ 9OŬ;4S}bS+qK H[2=OM*J#8bjQfV<m>G$?鬆/6Mi𪾓.L?>rW Pځbi:C:tHO%ׯ_?CzpjGT*Źw706 pHfD\G0X"ԟho^.˜f3?wsf.QyL^qZln\PHl :1)M ^HCg];4ElN @@8W_ɕ 6lXtt͛5-ΈR7>gɼ3kӗQi"&mܙ:t7d4$tL#z²}T*#俞93#TaKnu[ІˍGMY./P*?p+k5`0x{{S,,9}BBjr偯o4^J^_QQQVVOe(4}}TYYQ,m,-dAZə&f:G\b^"yJ{AO ~~~>>>^^^]tڵkR8m˂@X VKBCC-:thJJ,ݜ<#VzKV^2xP3z'u(V)4V/]d%I裏~SP=lذcǮ_^vٰeeergik jG>1{o|ַ~{/Z跿\嵜;w~.\;;8.P;P26}ȑ&u {磏>~+'##ONN~ᇛ\d\׬>ۺu+IӓzA$00pԩre jJd2]r`% 3gF PZ3{ÇY 0k8ϟOGFF;  v@pRvpHXx>> 5r5f9OdvV{pppMMɓ'Nm۶Ql7$c&PVo+11_~}׮]vo\}!pԯ̞ڿqݻwoذO? jєBNfT|~v=^ddd|bF>CjNU "ځ±DM&yۻ㳽k׮3g^r%:k'UW[KKK t&Slh*x0-{kowmݺ?7?I}mҊ G׆~X oLNz>};E2`# A N/ǏK/5,t!uq w}8 :j ub!d޽{?~|v%p-˷mFgq=y~4k0FBu@@X GqSIjǐlU9CXS#,((MG3f woc^>FPUH.wvCcm_;{ZR;rQP"=]ɴ~n0Ə /ƺ˧DjjLP>V^|vVŌ^ j{W^%-yxx~&W$:uvnwK(PU'AMvK׏-[^<d2BwD.<^*u#*>a N) ځ+w-3{EjvUU?A:ɉ}Ŋ\}h'  qSIJBʃ;[bwOOOv{i @@Xvf;VQQAb)_r%11q޼yƍڵ?!;idH(X?݌G#

+#8ޠvc)j`W6oʗޔ*u)Bb9icô7`j' ҥKnnn^ңG+W`yKKD"6FwKD`v|+/88>}X~UHHHQQ,VM\Rjo%MZC <@W6tSOj;`5P;p lP;8X \NM톝g_ T*մJ 713P;p ,j7\rk.4U?l;s*ZL4V=i77 V_݋X`K`{qZdHؼ+&F35hXҡNd[/Mײw,HOٙ{J>O8ځK`;uXRRb,=nS'0 ^L/jRb=~rVbrYfՕ2T0@\ŋM&_Ο?o,5TXBo7}},^txhҰcG4g,;<鏈Kz)+zꑨwYȺec;w&Yu… ȏ˝"`(H߳_t]NWy쓈Λt-%;]:0::2rX1,2^ M>44Kz?-G))y_Wڬ䀘)듒YXt<:ꢑd"ٓ_j ۷ѳ]3J*L>?zV]oyn଺Y7Nq]FW)1ځ` _2j]ohuAA[LW~Y. ,//C^<ؗ~mrW @`pl;wg]%eW3s.w:v*ئ=zȝq |Lܵk׬ Q;ځVwnrrgj. m;w8\h/A.8s3<Ǎ7zhyTWWKERZy j. QF|3sL?? .9rdҥO=Ԙ1c|x#֙ׯ& F\tԉj.m䁔s=>luu޽{m6|J$. >"(KuN?sΪFX運7ȝ н{SN>zrOʕ+7PxhLVUU%w}8 TT!f`wځkaH:y߰a)R巠VG:thcǮ\M}& Q{DG50 -.qoVPP)B2 ;Ic#{7jԨЛj2kCؽ*z3W^ϷmFN#F?H ؔ]t*'"f.482P;p-ZW;Gmd2 ] 5768qG}D j.RNj0C^?@՛dr/?3fܸqqqq{6ykQq\ R[$*fiGBd5 pG+:}М=zlذ 2v&rgS}/m̐/^g}ѣGGGGohI}ځkqat}>Cooo!H؎wyO>:u4т?܈ޮt}ڴi=ؕ+W>^t_*t^wځkqyr'Y~ ?<vQ_~yŊk׮ӟ$qj]sEǽcc:tgϞ!w9 R+{]`9P;p-,FGҢ/G:o&Mוꫯߖ-[F<4] 8:p 7n<@H\ =vzݻ7y+"xw +// jg ,YnݺN޽UΏ+5oHTe)M6ȑVWj.ܛ5"%;w_pӳw2?>=CO> ޭd0Zw,4Òb@b***D󣧟D^SE `մAzhO-5ɝ7z@A휾}6ߔLoٲ;>|xQQq|NE:eᕓeK)|^,wހj WZO|wrg0\>kUORVjN54>E5hZz[NM:m|jo(%*z~^ď </cܳr.FBWS;O= R?zh Ym_?9f^&->aɶ&|CƲSXқ-zgځbH[2=6K\"o~c2~C-ځ6! `޽EEEIIIW^;;(.atO? 9rdIÏN'3rQ!&7.;Ν;[cǎY{8@N`tp]gÇgeeY~4%u6#wQ^R#Bjljo ӧOٳ>ǏB5 PUH.wvC樽wgΜvbGHHHصk}:<<\B8+Ξ=/~2Gmd2wwwH.<˺: gx =*>a N)T-~002/_/GkmP{[ݻwVVdu6搨H؝Ho\<@'q)EjbwOOOv{QE/.]L j7n܅pn233'O|:1LfxN$9z>vnƣnwc<`P;pqx j>|Ν;{L9Y~$0z)Nv %A:6yiܙ2-'ww}W?xIM>^ӵ]x]jvnf xv`j?9$$dԨQ~!E"]'~wO?-gΏ+ɝ_ 'P;piH6 N" HjGL8a„իW?"]XZs]+>j띛^4L.󣈿W^rBQgdd$&&͙3'H){{RWڙDb8ޠvy&;7nܙ3g^{5rF;'yBU:ޔ*u)Bb9icô7`j.M'w!=0<6WjjtΝ./~>` \ȑ#)j_`k&w^phv@NwqС7Ι3 h\ݹ/&Md0\gv-. ^^^vrww///;;8P;puzYRR7 Lm FyÇ:PX@Q tG.#*jٲes!rgjv__N:]xQ.y1c޽[(@`$soݺuʔ)7n;/8P;P3lذ/^_;/Ԯnٳg6(+@O<WUUɝdjjW۷o񉍍F@Ih_w_tt4ErgPɝdJe: u&w9 ]vѢE~w-w^P|||.\`hwLz ۷o;/t(P;]I5l۶mk֬l݈ܕ !jjwfedddff>x̙ŋ˝M+CSNm=GuQ.$̼ߞ={}·~ a~ܹsgՍȝG@FoذA(੧Zh / wo::D*<j ;ۮE\xd"{{{r oK.Yc<;bwzwnUUU.].k#rF֨|A h4T:Z$Ys-jp: 2`;_vJGe䅕8ȝ/p@3ˇ\%UWW˝#;B2RI`szZN+--r] ҞwQyayaw"P; `Cv3L.h7jݹ8r˝/;½N%f%z@4;b:;yܙ#5ܶgP+`86kgTA_lĂg-߰|jª*w:[p6 غ'z~;6?MݘSUKz}NV#e=Q(0VYMM?婨է+e?YM]><Ĺe#k&Me+SM݌9?sO;f(fĺv঺G:k( ֭۵k׮\i}9};uB{#S٢ħ.ez4Kgțd_?@esfDzmnL 2(z":EK?QV~囷[8m0eHN"${xxFr9^7#w~(F%=PY(J ցh6nj/.!;5B#rsRWW'w-;[bwOOOv{Qj^r8P;-УGrRﻵu]G񐝜g2uJ$#p..w3p̀hzYTTf >if_Fq9iM$ȝ_+ s*h;hnڃz+W<==.!Ir$?uޔ][[;;p1xϥO? ?6h?vzDM6UaUIp k{pppXX}>ݛƊ:Oq *!oP皨(ש|_n,HhIG{~~>~ <( z˖-eK)YUN|$/'.UYYsX44|LP].U^'fۥNSQ| ZW :E"u@҉\񥥥4T7mڔ3ߤvL/6M )EA^хXkhgϞݕGQ]v: "v=Lv;Ü\tv^#U!Kv^#pg<]vW+q.EZ~曨!! UzTh{c8D;!媨{nVz__jjpgvD - 1! .{%*`E]즁4v;H_pGv;kѢfkt{~P+ k;Ü<Vpj;4vZtX jrtyBò[pVp+0h V<mڴ))){/?~:݊V3ks{?7Bzt2F(vD;@4}ܮq6:tRGw6o3Y CSүJxTk[i ph„<@m@\Aw(cwvl6Ö's^J0eyOyGE鬨+Lvo !j s^),gͦ~|SlgWe;&z=emAPYhu+Mg"cǦ,R/KAO' :St|KXִGW66 fCo4{쐐9s4M7.88ewrr8%%%6j3Nb1Web/<4EiWLfct:]ZZZxxb ?Qd06mJߕ2 U;@myj;vr{a4GEE\u7GDU溺)3nP[=Mvoo!j 'h#L9=RQ~Sї")[բ}۶mTOdwxP% s꾘w_qX P7uڵk[hOLLݧF;6u>;]^^Eh_f͎;?ӧ11u;'0<@h3>'hs))āHߢhW_}|bS?YC9ηݯL' ٩SK?T8_lW(|ϺSxӆ8ԩSɿe[DkϹOf0*D;@QW ͛3gq^CK('jS#G(g͚sn^ QXPgYUh=T 裏[e7ݿ͗<}ݧFۇ~G~d@u}\# |%Kܹuf0Ν;B[EE̙3W\y:;TFhO~sQOAP8M˗/9fرp3D;@}klP2Bj4Ο?߿'FQvsP?6mB>>hѢyٳ'>>^v[LGPPP-Ο?BիWg̘_2 6m۶n@#h'%}裏5k&9p$7{ܸq˗/POv/?a̙Ј! Y6mJNNd POvz'Me˖!Cn @F$""oEEEE([+ToݺSNuza?_׬8jKSHHHPPŋV Ǐw]v|ʕ+SN>p@-/SbmĞj~LdwөdP vV5'Pp8qzܵkW|UcPhGJtݴiS]VǗ=ǁvjŋGձc 6 ;>:Oq *!oP皨(ש|_n,Hh?Iwa~aСɯZm <( z˖-eC)YUN4\pvlG; G>|/%b:q\ ڣ/++3 4z^:=ap[]޽{oF]s]tVPЀq_. U;@y0s蠠 7N:>0`@]_WIyy9ݝźFd/<C~|$ݛo9}۷7$]*v\N?PЀ$N <jN-{饗>b]Q^S*OZACW5Uwٍ.]ԢE_.S?3_7jS{|Yfȇ y]odԨQ.\عsgC.#Ng;9@9(  8HV  n2n5b]v*;r5{=|wyS3ü.ZXe ۟>}B}9s+7WuOwٽ \KB!ăn0O<)O }aÆ/4iVؐQp\8D;@x7}׏3O>IIIWVUApnH.,YOݻv*-  zFT ۶m;p@tt:L4b)///))Ȼ5S۩cƌߏ\D;@CypotUfKJJt/h8D;@Cypcǎ'Ol,Lj={_~]vݰa߰A4h4FFFtg}]޽}7|o"zJnQ';8V7`m_X=lUsNgZgZ.]@cɷo^vnСCɋ-zꩧd~*QXAݵ~ɉ~qَ "2Z_|O>kHhm޼yȑ_5+u>TPYMoYZYѳ܍/Xxr>yEF+nݹ*{_\PFPk֬8q>l0m5eZ{'O]dSV/51n=h^JW/;zowy߶'yy9k׍)f_yBԜ3:LKz#r.t>\,p榵7yyrfņ-,`Utlݼ):M=cMiϮ>|C^k=)sWKĄެO1vsY#"M:!2vµrr5Ֆ$zԲcK+^1tZ_e&^{3D;@CEDDvbjNѮ Synݭ[ݜ; SwTTNΊ' cl=ǫexQ]4ҹ{U8Vğ]Nl;olfݑv> :_Z&' VƕomqXk֭[_x=|\9s&++ !<@EGG79 .$$$DDDddd <.|ܹ=VUTT=zt˖-v:whΪ]ƋEGGW^Oر=n5ڹs?r_7j2x]3ñu֌ ͛"mڴԵf*T쩶m۶'OT#?}yyyz}G3fSOY.64i¿M̟={vӦMTc>lddЬH!Y^Qʕ+KChoݺ={<L?b4ݪySy]ު<okhIq| Otd㏯Y&$$D\C? ns8Uyn ~ɃCc|Av/Xvg}UckEsMT}w/=$xsM*8jԨ_O>z^Ƴ׉xNQʕ-[ڴiP꥞ѣ/)..\gU:=p5dr>aPo߾D{ 8׉x׋1E8Ӣ[ȠD?vСC_;aaafD! >|xHh^'fۥNSQH'kY']v)w299y "ņ 1Ah_Y'g[yK/n޼|֭?FE]{%0FHw@\'rݥh! eH&Un~fnn.r?rȠA(?GDD4}dpOwM@\'EU;4z.K#w^>t:̙䑟.NlRP~أW#> h VhtR0D; N{j.]ZACA9ݬY3zC)m۶Ku҅ 6<Ѽ)(ɨ &(y5O{ߋcS&u\88|N^vWyyy;w8?|pbb"K.D1O1?^Pj<שyBg>͛7}7ר+[Nk޽{/_4}CxGxN1_:;GXRt;h?Nh.OHHx7zINZB\~=RcK_ͿB,IPSŜƂdvd]vbɒ%;wnٲe-_(OwgzLƤ'v3#+M6״blZ>-lG^\{-dV56ki+z5k&@4#ۍ\.QRRRZZj٬VkQQј1ckح/ #,"k-ߕך ˝‹ 3["̾p-KhhhpppHHdwe4U;dz%\7%"ӌFjDDn6h      VlRPP pg8j~ok68tL&Mv)@WbAP#D;ʤIϝ;W_-\g4hȑ#GѺuk5BEW^{m1bI&K<v{zݻ7o{1߹s1)B޲eK]ׄbuVU# &n}VHHHjjo]PPFٳ#""Fvs\:0s:C+h(h@ȸ/OnȄ?[7.6dH+ǤNccܹ<~ȑ#?s~,󳳳kB|eS944 4,||ĉg :JW1Gb\/UO>G}TXXxb6nܸmN8O>|^(rݥ$+--=ZACAG:\kúG@C a^?`%K|_~TYuԤ֭[ԋj-ON^ ڵTQ_p3Ջ/ءC+::*;ځ!ue^SxN;)x$ʣۿ[xx8=',,Lvj@9s'BڹÍ(iXx.ཪUVǏ._k׮[Ι3_j{c8D;uʝjHIƯB_\g&۶mKOݭQ^S:u*6ϣB,IPSŜti*K޽x)S|;w=~Z}]=D; xG3|v[.r@tKԶ+V̟?_`6u;'0SmҋG&DtCdB ՖGrzDWM6*u9ċ.W>'۵M-;0vI=œ_BxD;2dȶmۦN[onW(csTT8 ]X֩Bьk`W>|鵯\' V3Rǽ^ԺukZ^^.!8p`gϖSlcf5e1V?-!Ӿ}{J'xrx)ltP!lObz˜}.\طo_ $c9΍7^P53ĒRfZƌ?_+zrjn-t2cETqC\,eaQfL-KhhhpppHHdõvv?СCw%"2+76["r]z#bb|hv㏲[yT\׿u||w}'9p>axU[-s̡.}O{-9P U;w儼;~{rrrzz@%TNu֑#G9sfʔ)Nz!Cd7 aBڴisEQd7:tp;va„:S Jv0q_:{իWe7DVZܹpԨQ8]ؐ!p$:p:_5u:ݽkHw@޵(~޽{?~NuunLLAp/^zn&̝;O>,rT*ө(ʕ+Wuw_`UHw,UCf„ m۶9r{7jԨ?ף<((ɂL&,ש<)///+**dw+4k֌O}h7㴇"776lXff&+2iҤ[=I17@TNIO{8ݻO{yCMv{A&D;/P_ N{ϟue^S)*^N 2^}#T*hΝ;쳈pv5iw:th|||^^UP˲@p{B@"(ĞjΝ_O?t6 R%k|8&&ҥK,+?Dmeff>sW2d~4ozDM6UaUIk!!!Νk޼4&A}iO>~wM}P皨(ɐ y]vݐFCsPlٲoCSDG.L8D;vD{xr2@CE#p$]s¬\vt# )(W :E;iA/Q  5D{]\w(q9 %QCBZ(jRUvP q)`vC׉8퍣ڔviu1Dz>h+q:;/Fi%;ڑhVZ`JN5jĊiEUv:0D;(ף"e7G+s!$@׉{nV D - 1!$]kɽv_vMӊ @T=v =v =v =v "##qgRD;:.::;x@ @kRxN5c^Ϟerb+Z8~ƪkgt%?㐕ؾqFꌴ\zt|Evn=yu+gڹjS;  ] ,Mu.3'/geke;tM:>'g}B\EM=[g{;+_lf{Eo&1uٔWo5at6g}քge^vE{~~V1ffSO* eG?^柞;&. ۧ|y ύqv=3pt:w]{iT7eݸ +OX앙qoeY'wcV>l?+ Pȁ] )뒺Ftr+͋VMS9'w[+W9ߣD<5%MIgA4W֓~tյoMʙn&95Tr ڵnǾڵj m1fgO5:rŚٷ_b6%6僿9ΦՕhœ'd0sQ`&-zJ dv9ZpΝh8=O`9j6>60鍳ʵ'W">摕)˦LJYg#&eqa4N ?գWztѫW7 *& G6m.\(^_Ci?#eh4q;Ns_H5:}laODzSչ>yIK}b;R7%_Pӏ _:@v߿?PW\q\fY֢1cxϗ9!uTQ^Ta.Zx^ћ-Zt:]ZZZxxb  1LiӦ]44vٌQ11wY"&:k      DEE;wʕ+~ ^oժٳ'x@&!dB!dB!dB!dB!dBߞN%6&*M > ~=dBגu!EZ>&Ht Eӧ+**d7D+Q *ٍ >tf͚Y,sεiFv[= Ch(]vs@9yDe$--ͦ*U9NEQ\rUٍPzh VhtR0D;t<nvze%YPPdr\弚=nh֬uNnRQi   = * &U((xR:%=hw>͛7^ 4! Kv1EuI!WVV+xzDT;/q<0D;tdB23UjHIFMF_\o}P% s꾘w_qX  NMysNEw~"z3x\ ܯ@Gywuw 6q`<=ҷ8ڙz8T |t 2p8tnvZjbqݽ^ݽvKn#ȇhG< !CKT68!*u Ñt^V!9P#ȇhB׮]Qv+O CKw֭[nT5o`0XV h 4hD;x @)vM@ 4hD;x @)vMhٲ(/_hZG sv@G z kjΖ݊Ƥ=:6_pvhOOO PիWŞj~LdhҤ 1@+~{<+\rIyN#%:nڴ Jzpv@uWUbC=߀5QQSɿXL篿hZ&IvC*PlRv4r]7y@! {GvCE\'.o^{eeeҝEq/i m4s7s/yS9N  >22jDuR^^hwp8x/Q @C5RQnVPP7mڔw!vEQxNFi   ?h8퍣viu1Dz>h8|N^vjG@C"Q#VeH+hU;8D;DFF^t %ix=*]vs=ױ@Ct:]TTӧe7D[d]v=RP{vm]k$r]lnV -Xnw^ XQvW9%i @[@vmA@! hD;4@[@vmiӦMQQ.ɢ]V1naThЖ&MPnʉ~q'(ڍnؐxYv{Che]Gؒwڻ*r.qChg\G?mSMheEr7`ɕ/>yESv 4.}M Ssv0-Cvf?})+w|zZוy#/g,v_ݥe9637} W;3+6laccM9ikWO{vaٽ.!!3=;nH7;cGh̥,a[͌>עTuc2''kư~rǕظg>Bd,Z:U;@s(qy)J/s%'8U}+m> ]Vȿ2RE}{_X1!0!9ڥP ŏ763樨pd'0»S ֣m0+sWE^8| 9v)EzإYoxwY8ȷ*cSf}njA{uƞ#&y2rٷ,æ'܋A&Lh] CѝCi;aKbȼ /IV/fSllNXRo!g^ c6w6ԣ5 ÍFQ`ѴiSm@]rrhl6ZTT4f/R}X]ћZd'}m4\,eaQfVL:.---<&Htw&)))dȋr"VVyyyjFZdI=+Q~_2Hsv;"}6:QV5[˗@m63f4hdj`s`00d=e74pl7EQxNuFyN^;R\LwЁ Sa#NlRG8?ûO.F1X!K'N{j.]^D j֬=^q;tr_xqTTgQ^md6D弚=OC_Lӿ uNnRQi(v;nQ﨏&rv8pOSO6m r<(qc:5[\Aݧڽy|С]v17Ͱaü4^<韀:Ew~"z3x\pg"FCq%Gf񻧶,h4?X1Wmѕ9:O[bŊ#GmvРA˗/իe'O/ __ U0ϋWq`gv`z8T |t 2!n/8h A7G>^t.׫T?㘣bf)Schhlv Yq-xQ}^wuaX͝:|KDu&,Lg /\4WT)I{|д[G_OZg^t2wmNm76ϸ+}sJzxxe-l޾N}bChD;(;gHYȖgԺ),%vZW o?hzfvN)N?4-KOY`o ;/|C=5>eO祬yJ[h{]мecӗOʚV:^ýBmOT %Cݝxq9 @h漴Q]=9sӧd y u2o͟n˷LlII:Y ffwⴲXpe_EviM 34W'GAIrtaWEm*=p}CT(A@x c-MGߛ.Q]=;v*SA?Sݩ'^ 8E9r{=c,S{&d1t1S os2{}B +y79Yg\vL]c\&}Erh}\7IhK,ԠP>3Py Y&rt)&]hʃ؃ n[>]'siPv@#p,D;/R/hdl=m˝c;oPwv 9lc뒑}ʗ~h@ SxʫؿڒڅhL-;0v ³./nƘy} }}!; v ]XksUz`6~|3 t,vyfs8.ܑX?@&61͛[ylܖr{+s:|R/Sr^u{v'зwk5WLYH*H1ɯ> + 9b 1=aZJg,3.wֹO ۑ3e'F7Z}~mnҥ}8}̙3x Kݻի#>:.%,d(d@dXt|Hg~>Bc]Jc{Xs}oڴĉn ÑHl[liiises=$; \;0"\Jw:SzNx:d… .O<|;מH$ڇt迚θ{(x5GJIO?Fݎ^G,˶S`T$ @#QPP0a„# dggkޏk{>GJ;vL{yi~wп2wVWs %<U;0 -^mI$!'N<=ռ׋n(%4;AE*s`ĉ2gϞ_fMGGGUUҥK-Z$M]{=~BoB/9$<.$'Ѯ)..W,ZJ̶=]>wn{m>5$9vyƍ#G466ᒒŋϟ?f,{ rCЫɴdӻ^Z6ٚ_=鮅?Sׯ_vm4=qdc"?\O~WD;0 6erӅAKlQng$ΥGz:o*.\p͛/^x)/YsKbv`xx溞Iw+ g#/zNBO>y+p9mڴ˗:tF%,Vhή yN;.)h/DuG5LlKN{e:OD:;2ކ|@{z&EpV{Y{"U3S:CÐ`ngSEׇ {+_ u7v9{Ua 9[pO=x:hFVR=%TDPU0Vvi,ydWγ8s\9VS1 zxUj32Ϫ=}| wx}=cWfׁ]2{A}u߁^wih:Oq4aeOEDMgkٌDN=FZ`@nLdgTr3+\ވ~+yHϦU疶]$3k+;mKWU^ssYVt'5%tƚ}@aEjoU3dedl>Hz}pZJ op4oמs0 ܮ:gbp4ݰ::,@rJِ&PD;¬ B+D;B+D;B+D;B+D;B+F%IENDB`PKiQfAPK)DOEBPS/cnf_asc.htm+! Configuring WebRTC Session Controller Media Engine

6 Configuring WebRTC Session Controller Media Engine

This chapter provides an overview of the configuration of the Oracle WebRTC Session Controller Media Engine.

About WebRTC Session Controller Media Engine Configuration

You configure the WebRTC Session Controller Media Engine using one of the following interfaces: a command-line interface (CLI), web interface or SNMP

  • Command-Line Interface (CLI) through console, telnet or secure shell (SSH)

  • Http/web using a browser interface provided by the Media Engine

  • SNMP Interface

  • HTTP/SOAP/WSDL Interface

Configuring the Media Engine does not use the WebLogic domain Administration Console For more information about setting up and accessing Media Engine interfaces see the chapter on Managing and Administering Net-Net OS-E Systems in Oracle Communications Net-Net OS-E System Administration Guide.

Common Media Engine Configuration Tasks

You must configure the WebRTC Session Controller Media Engine to receive requests from Signaling Engines and to forward the requests to your SIP network infrastructure. The Media Engine also allows requests originating from SIP clients on your network to communicate with WebRTC clients through the Signaling Engine.

You perform the following Media Engine configuration tasks using of the Media Engine administration interfaces:

The following sections provide a general overview of each task along with a reference to the related chapter in the Oracle Communications Net-Net OS-E System Administration Guide. For detailed information on each task, see the referenced chapter.

Configuring Permissions, Users and Authorization

Media Engine requires setting up users unique to those configured in the WebRTC Session Controller Oracle WebLogic domain. You must also assign the proper permissions and authorizations to each user to secure your Media Engine server.

For more information see the chapter on configuring permissions, user and authorizations in Oracle Communications Net-Net OS-E System Administration Guide.

Enabling Media Engine Interfaces and Protocols

You must configure the web and network interfaces used by the Signaling Engine and Media Engine to communicate with each other. The network configuration required by your environment determines whether you need to configure multiple IP interfaces, VLANs, and other network properties.

For more information on setting up the Media Engine network interfaces and properties see the chapter on enabling Net-Net OS-E interfaces and protocols in Oracle Communications Net-Net OS-E System Administration Guide.

Enabling Media Engine Services

The Media Engine provides several services and interfaces with external systems that are used with WebRTC Session Controller. These services include:

  • Cluster-Master Services

  • Directory Services

  • Accounting Services

  • Authentication Services

  • OS-E Database

  • Registration Services

  • Server Load

  • Call Failover (Signaling and Media)

  • Load-Balancing

  • File-Mirror

  • Route Server

  • Sampling

  • Third-Party-Call-Control (3PCC)

  • Logging

  • Data and Archiving

  • External Database Connections

  • System Maintenance

  • Back Up

The services you use depend on the WebRTC Session Controller implementation in your environment.

For more information on all of the services listed, including how to enable a service using an administration interface like CLI, see the chapter on enabling Net-Net OS-E Services in Oracle Communications Net-Net OS-E System Administration Guide.

Configuring Accounting and Archiving Services

The Media Engine can capture SIP call detail records (CDRs) and other accounting records associated with the SIP sessions generated by WebRTC Session Controller from WebRTC and SIP client requests.

For information on using Media Engine accounting features see the chapter on configuring Net-Net OS-E accounting and provisioning in Oracle Communications Net-Net OS-E System Administration Guide.

Configuring Media Engine Domain Name Systems

The Media Engine contains a configurable Domain Name Systems (DNS) resolver used to configure and cache heavily used static server mappings, including SIP service to SIP server mappings, and mappings resulting from interactions with external servers. You can also configure the Media Engine to ignore lookups involving specific domain names.

For more information on Media Engine DNS capabilities, see the chapter on configuring domain name systems in Oracle Communications Net-Net OS-E System Administration Guide.

Configuring SIP Servers

You must configure the Media Engine to communicate with SIP servers in your network infrastructure so WebRTC requests can be forwarded from external clients to your SIP clients. Media Engine supports SIP servers from multiple vendors.

For information on configuring the SIP server pools and SIP directories required by the Media Engine to communicate with your environment see the chapter on configuring SIP servers, directories and federations in Oracle Communications Net-Net OS-E System Administration Guide.

PKl0!+!PK)DOEBPS/cnf_engine_cache.htm" Using the Engine Tier Cache

11 Using the Engine Tier Cache

This chapter describes how to enable the Oracle Communications WebRTC Session Controller Signaling Engine tier cache for improved performance with SIP-aware load balancers.

Overview of Engine Tier Caching

The default WebRTC Session Controller Signaling Engine cluster is stateless. A separate SIP data tier cluster manages call state data in one or more partitions, and engine tier servers fetch and write data in the SIP data tier as necessary. Engines can write call state data to multiple replicas in each partition to provide automatic failover should a SIP data tier replica going offline.

WebRTC Session Controller also provides the option for engine tier servers to cache a portion of the call state data locally and in the SIP data tier. When a local cache is used, an engine tier server first checks its local cache for existing call state data. If the cache contains the required data, and the local copy of the data is up-to-date (compared to the SIP data tier copy), the engine locks the call state in the SIP data tier but reads directly from its cache. This improves response time performance for the request, because the engine does not have to retrieve the call state data from a SIP data tier server.

The engine tier cache stores only the call state data that has been most recently used by engine tier servers. Call state data is moved into an engine's local cache as necessary to respond to client requests or to refresh out-of-date data. If the cache is full when a new call state must be written to the cache, the least-recently accessed call state entry is first removed from the cache. The size of the engine tier cache is not configurable.

Using a local cache is most beneficial when a SIP-aware load balancer manages requests to the engine tier cluster. With a SIP-aware load balancer, all of the requests for an established call are directed to the same engine tier server, which improves the effectiveness of the cache. If you do not use a SIP-aware load balancer, the effectiveness of the cache is limited, because subsequent requests for the same call may be distributed to different engine tier severs (having different cache contents).

Configuring Engine Tier Caching

By default, engine tier caching is enabled. To disable partial caching of call state data in the engine tier, specify the engine-call-state-cache-enabled element in sipserver.xml:

<engine-call-state-cache-enabled>false</engine-call-state-cache-enabled>

When enabled, the cache size is fixed at a maximum of 250 call states. The size of the engine tier cache is not configurable.

Monitoring and Tuning Cache Performance

The SipPerformanceRuntime MBean monitors the behavior of the engine tier cache. Table 11-1 describes the MBean attributes.

Table 11-1 SipPerformanceRuntime Attribute Summary

AttributeDescription
cacheRequests

Tracks the total number of requests for session data items.

cacheHits

The server increments this attribute each time a request for session data results in a version of that data being found in the engine tier server's local cache. This counter is incremented even if the cached data is out-of-date and requires updating with data from the SIP data tier.

cacheValidHits

This attribute is incremented each time a request for session data is fully satisfied by a cached version of the data.


When enabled, the size of the cache is fixed at 250 call states. Because the cache consumes memory, you may need to modify the JVM settings used to run engine tier servers to meet your performance goals. Cached call states are maintained in the tenured store of the garbage collector. Try reducing the fixed NewSize value when the cache is enabled (for example, -XX:MaxNewSize=32m -XX:NewSize=32m). The actual value depends on the call state size used by applications and the size of the applications themselves.

PK'"PK)D OEBPS/cnf_security_providers.htmv` Configuring WebRTC Session Controller Authentication

4 Configuring WebRTC Session Controller Authentication

This chapter describes WebRTC Session Controller authentication schemes and the steps to configure them.

About WebRTC Session Controller Security Schemes

Before WebRTC Session Controller can process any signaling traffic, you must configure an authentication scheme.

WebRTC Session Controller provides out of the box support for these authentication schemes:

  • Guest authentication

    This scheme allows anonymous guest access to WebRTC Session Controller.

  • HTTP authentication

    This provider sends a HTTP GET request to a remote HTTP endpoint (for instance, a Representational State Transformation (REST) endpoint) using HTTP BASIC authentication headers. A return code of 200 indications that authentication was successful.

  • OAuth 2.0 authentication

    This authentication scheme lets you leverage OAuth 2.0 authentication support provided by companies such as Facebook or Google, and lets WebRTC Session Controller retrieve user information such as an email address, with the consent of that user.

The following sections describe the configuration steps for each of those authentication schemes.

About Provisioning WebRTC Session Controller Guest Access

To provision guest access for WebRTC Session Controller, you must configure settings in the WebLogic Administration Console and then define a new WebRTC Session Controller application in the WebRTC Session Controller console.

Configuring the WebLogic Server Guest Access Provider

To configure the WebLogic Server guest access provider:

  1. Start your Signaling Engine servers if they are not already running. See Oracle Communications WebRTC Session Controller Installation Guide for more information.

  2. Navigate to the WebLogic Server Administration Console and log in with your administrator user name and password:

    http://host:port/console
    

    where host is the name of your WebRTC Session Controller server and port is the Administration Console access port.


    Note:

    The default Administration Console port is 7001.

  3. In the Domain Structure pane, select Security Realms.

  4. Click myrealm in the Realms table.

  5. Click the Providers tab and then click New.

  6. Enter a name in the Name text box, in the Type drop down list, select WscServletAuthenticator, and click OK.

  7. Click the newly created authentication provider in the list of Authentication Providers, and click the Provider Specific tab.

  8. Make a note of the Guest Uri Match Pattern. The default is /ws/webrtc/guest.

  9. Navigate back to the myrealm Providers tab, and in the list of Authentication Providers, click DefaultAuthenticator.

  10. Select the Common tab, choose OPTIONAL in the Control Flag drop down list, and click Save.

  11. Log out of the WebLogic administration interface.

Continue to "Configuring the WebRTC Session Controller Guest Access Application".

Configuring the WebRTC Session Controller Guest Access Application

For more details on WebRTC Session Controller application configuration options, see the discussion on creating applications in Oracle Communications WebRTC Session Controller Extension Developer's Guide.To configure the WebRTC Session Controller guest access application:

  1. Navigate to the WebRTC Session Controller console and log in with your administrator user name and password:

    http://host:port/wsc-console
    

    where host is the name of your WebRTC Session Controller server and port is the Administration Console access port.


    Note:

    The default Signaling Engine console port is 7001.

  2. Select the Applications tab.

  3. Click Lock and Edit.

  4. Click Create.

  5. Enter a name for the application in Create Application and click OK.

  6. In the Request URI text box, enter the URI that you noted in "Configuring the WebLogic Server Guest Access Provider". The default value is /ws/webrtc/guest.

  7. Enter guest for the Security Group.

  8. Enter * for Allowed Domains, or customize as your deployment requires.

  9. Choose call, message_notification, and register for the Packages.

  10. Click Commit.

  11. Restart WebRTC Session Controller.

About Provisioning WebRTC Session Controller HTTP Access

To provision HTTP access for WebRTC Session Controller, you must configure settings in the WebLogic Administration Console and then define a new WebRTC Session Controller application in the WebRTC Session Controller console.

In addition you must have your own HTTP endpoint defined to handle authentication requests.

Configuring the WebLogic Server HTTP Authentication Provider

To configure the WebLogic Server HTTP access provider:

  1. Start your Signaling Engine servers if they are not already running. See Oracle Communications WebRTC Session Controller Installation Guide for more information.

  2. Navigate to the WebLogic Server Administration Console and log in with your administrator user name and password:

    http://host:port/console
    

    where host is the name of your WebRTC Session Controller server and port is the Administration Console access port.


    Note:

    The default Administration Console port is 7001.

  3. In the Domain Structure pane, select Security Realms.

  4. Click myrealm in the Realms table.

  5. Click the Providers tab and then click New.

  6. Enter a name in the Name text box, in the Type drop down list, select WscRestAuthenticator, and click OK.

  7. Click the newly created authentication provider in the list of Authentication Providers, and click the Provider Specific tab.

  8. Enter a Group name to associate a group with authentication requests rather than individual user names. Make a note of this group name.

  9. To enable authentication over http, check Allow Http. By default, only https is allowed.

  10. Enter your REST endpoint in the Rest End Point Uri text box and click Save.

  11. Log out of the WebLogic administration interface.

Continue to "Configuring the WebRTC Session Controller HTTP Access Application".

Configuring the WebRTC Session Controller HTTP Access Application

For more details on WebRTC Session Controller application configuration options, see the discussion on creating applications in Oracle Communications WebRTC Session Controller Extension Developer's Guide.

To configure the WebRTC Session Controller HTTP access application:

  1. Navigate to the WebRTC Session Controller console and log in with your administrator user name and password:

    http://host:port/wsc-console
    

    where host is the name of your WebRTC Session Controller server and port is the Administration Console access port.


    Note:

    The default Signaling Engine console port is 7001.

  2. Select the Applications tab.

  3. Click Lock and Edit.

  4. Click Create.

  5. In Create Application, enter a name for the application.

  6. Click OK.

  7. In the Request URI text box, enter the URI endpoint that you want WebRTC applications to use to access WebRTC Session Controller.

  8. Enter the group name you defined in "Configuring the WebLogic Server HTTP Authentication Provider" for the Security Group.

  9. Click the pencil icon under Allowed Domains.

  10. In the Allowed Domains window, enter * to allow all domains, or customize as your deployment requires.

  11. Click OK.

  12. Click the pencil icon under Packages.

  13. In the Packages window, select the call, message_notification, and register packages and move them to Selected Packages.

  14. Click OK.

  15. Click Commit.

About Provisioning WebRTC Session Controller OAuth Access

To provision OAuth access for WebRTC Session Controller, you must configure settings in the WebLogic Administration Console and then define a new WebRTC Session Controller application in the WebRTC Session Controller console.

In addition you must procure a developer's account from the provider from whom you want to leverage OAuth authentication services and obtain the following information:

  • The OAuth service provider's OAuth user information URI

  • An OAuth client ID supplied to you by the OAuth service provider

  • The service provider's OAuth server URI

  • Your OAuth client secret, defined when you create your account with your OAuth service provider

Configuring the WebLogic Server OAuth Access Provider

To configure the WebLogic Server REST access provider:

  1. Start your Signaling Engine servers if they are not already running. See Oracle Communications WebRTC Session Controller Installation Guide for more information.

  2. Navigate to the WebLogic Server Administration Console and log in with your administrator user name and password:

    http://host:port/console
    

    where host is the name of your WebRTC Session Controller server and port is the Administration Console access port.


    Note:

    The default Administration Console port is 7001.

  3. In the Domain Structure pane, select Security Realms.

  4. Click myrealm in the Realms table.

  5. Click the Providers tab and then click New.

  6. Enter a name in the Name text box, in the Type drop down list, select WscServletAuthenticator, and click OK.

    The console creates the new provider and returns to the Authentication Providers table.


    Note:

    The WscServletAuthenticator must be deployed to enable OAuth security authentication, but it does not need to be further configured.

  7. Click New.

  8. Enter a name in the Name text box, in the Type drop down list, select WscOAuthIdentityAsserter, and click OK.

  9. Click the newly created authentication provider in the list of Authentication Providers.

  10. Assign an access token to the provider in Active Types and click Save.

    If you are provisioning multiple OAuth authentication sources, for example, Facebook, Google, and Microsoft, you should select a different OAuth token for each in the Active Types list.


    WARNING:

    The user interface will let you select multiple OAuth tokens for a single provider. Only select a single token for each OAuth provider you provision.


  11. Select the Provider Specific tab and enter the following information as described in Table 4-1.

    Table 4-1 OAuth Provider Specific Attributes

    Attribute NameAttribute Description

    Group Name

    Required. A group name used to associate a group with authentication requests. Specifying a group name allows both the user name and group name to be available in the authenticated subject. Make a note of this group name.

    OAuth User Info Uri

    Required. The OAuth providers URI that provides user information.

    Proxy Port

    Optional. The proxy port used to connect to the OAuth server.

    OAuth Client ID

    Required. The OAuth client ID provided to you by your OAuth service provider.

    OAuth Server Uri

    Required. The URI of your OAuth service provider's OAuth server which issues access tokens.

    OAuth Redirect Uri

    Optional. The URI to which the browser is re-directed after successful authentication by the OAuth provider.

    OAuth Client Secret

    Required. The OAuth client secret provided to you by your OAuth provider.

    Proxy Server

    Optional. The proxy URI used to connect to the OAuth server.


  12. Click Save.

  13. Log out of the WebLogic administration interface.

Continue to "Configuring the WebRTC Session Controller OAuth Access Application".

Configuring the WebRTC Session Controller OAuth Access Application

For more details on WebRTC Session Controller application configuration options, see the discussion on creating applications in Oracle Communications WebRTC Session Controller Extension Developer's Guide.

To configure the WebRTC Session Controller OAuth access application:

  1. Navigate to the WebRTC Session Controller console and log in with your administrator user name and password:

    http://host:port/wsc-console
    

    where host is the name of your WebRTC Session Controller server and port is the Administration Console access port.


    Note:

    The default Signaling Engine console port is 7001.

  2. Select the Applications tab.

  3. Click Lock and Edit.

  4. Click Create.

  5. Enter a name for the application in Create Application and click OK.

  6. In the Description text box, enter a description for your applicaiton.

  7. In the Request URI text box, enter the URI endpoint that you want WebRTC applications to use to access WebRTC Session Controller.

  8. In the Security Group text box, enter the group name you defined in "Configuring the WebLogic Server OAuth Access Provider".

  9. Click the pencil icon under Allowed Domains.

  10. In the Allowed Domains window, enter * to allow all domains, or customize as your deployment requires.

  11. Click OK.

  12. Click the pencil icon under Packages.

  13. In the Packages window, select the call, message_notification, and register packages and move them to Selected Packages.

  14. Click OK.

  15. Click Commit.

  16. Restart WebRTC Session Controller.

PK˃P{`v`PK)DOEBPS/cnf_coherence.htmV Configuring Coherence

12 Configuring Coherence

This chapter describes the implementation and configuration of Oracle Coherence in Oracle WebRTC Session Controller.

Overview of WebRTC Session Controller Coherence Implementation

WebRTC Session Controller includes an implementation of Coherence used for all engine tier internal clusterwide communication and state management. The Domain Creation Wizard creates a default Coherence cluster for managing WebRTC Session Controller information automatically when setting up new domains. The default cluster include the servers included in the engine tier and the administrative server in your environment.

Configuring Coherence

You configure the WebRTC Session Controller Coherence implementation using the Oracle WebLogic Administration Console. See the chapter on "Configuring and Managing Coherence Clusters" in Administering Clusters for Oracle WebLogic Server for more information on the parameters that can be set in the Administration Console.

To configure the default Coherence cluster installed with WebRTC Session Controller:

  1. Log in to the Administration Console for the WebRTC Session Controller administration server.

  2. In the Domain Structure tree, expand Environment.

  3. Select Coherence Clusters.

  4. In the Coherence Clusters table, select defaultCoherenceCluster.

  5. Configure the parameters for the Coherence cluster as needed.

  6. Click Save.

Each engine tier server and the administration server acts as a managed Coherence server. See "Configuring Managed Coherence Servers" in Administering Clusters for Oracle WebLogic Server for more information about managed Coherence servers.

To configure Coherence settings for individual engine tier servers and the administration server:

  1. Log in to the Administration Console for the WebRTC Session Controller administration server.

  2. In the Domain Structure tree, expand Environment.

  3. Select Servers.

    The Administration Console displays a list of servers included in your WebRTC Session Controller installation.

  4. From the Servers table, select an engine tier or the administration server you want to configure Coherence settings for.

  5. In the Configuration tab, select Coherence.

  6. Configure the Coherence parameters for the server.

  7. Click Save.

PKU>k,[VPK)D OEBPS/toc.ncxA Oracle® Communications WebRTC Session Controller System Administrator's Guide, Release 7.0 Cover Title and Copyright Information Contents Preface Part I Configuring WebRTC Session Controller 1 WebRTC Session Controller Configuration Overview 2 Configuring WebRTC Session Controller Signaling Properties and Media Nodes 3 Using the Administration Console and WLST 4 Configuring WebRTC Session Controller Authentication 5 Configuring WebRTC Session Controller Diameter Rx to PCRF Integration 6 Configuring WebRTC Session Controller Media Engine 7 Configuring WebRTC Session Controller Container Properties 8 Configuring SIP Data Tier Partitions and Replicas 9 Configuring Network Connection Settings 10 Configuring Server Failure Detection 11 Using the Engine Tier Cache 12 Configuring Coherence 13 Upgrading Production WebRTC Session Controller Software Part II Monitoring and Troubleshooting 14 Logging SIP Requests and Responses 15 Avoiding and Recovering From Server Failures 16 Tuning JVM Garbage Collection for Production Deployments 17 Avoiding JVM Delays Caused By Random Number Generation Part III Reference 18 Engine Tier Configuration Reference (sipserver.xml) 19 SIP Data Tier Configuration Reference (datatier.xml) 20 Diameter Configuration Reference (diameter.xml) Copyright PKFAPK)DOEBPS/ref_engine_tier_dd.htm Engine Tier Configuration Reference (sipserver.xml)

18 Engine Tier Configuration Reference (sipserver.xml)

This chapter describes the Oracle Communications WebRTC Session Controller engine tier configuration file, sipserver.xml.

Overview of sipserver.xml

The sipserver.xml file is an XML document that configures the SIP container features provided by a WebRTC Session Controller instance in the engine tier of a server installation. sipserver.xml is stored in the domain_home/config/custom subdirectory where domain_home is the root directory of the WebRTC Session Controller domain.

Editing sipserver.xml

You should never move, modify, or delete the sipserver.xml file during normal operations.

Oracle recommends using the Administration Console to modify sipserver.xml indirectly, rather than editing the file manually with a text editor. Using the Administration Console ensures that the sipserver.xml document always contains valid XML.

You may need to manually view or edit sipserver.xml to troubleshoot problem configurations, repair corrupted files, or to roll out custom configurations to many systems when installing or upgrading WebRTC Session Controller. When you manually edit sipserver.xml, you must restart WebRTC Session Controller instances to apply your changes.


Caution:

Always use the SipServer node in the Administration Console or the WLST utility to make changes to a running WebRTC Session Controller deployment. See Chapter 7, "Configuring WebRTC Session Controller Container Properties."

Steps for Editing sipserver.xml

If you need to modify sipserver.xml on a production system, follow these steps:

  1. Use a text editor to open the domain_home/config/custom/sipserver.xml file, where domain_home is the root directory of the WebRTC Session Controller domain.

  2. Modify the sipserver.xml file as necessary. See "XML Schema" for a full description of the XML elements.

  3. Save your changes and exit the text editor.

  4. Restart or start servers to have your changes take effect:


    Caution:

    Always use the SipServer node in the Administration Console or the WLST utility to make changes to a running WebRTC Session Controller deployment. See Chapter 7, "Configuring WebRTC Session Controller Container Properties" for more information.

  5. Test the updated system to validate the configuration.

XML Schema

The schema file for sipserver.xml (wcp-sipserver.xsd) is installed inside the wlss-descriptor-binding.jar library, located in WL_home/wlserver/sip/server/lib, where WL_home is the path to the directory where WebLogic Server is installed.

Example sipserver.xml File

The following shows a simple example of a sipserver.xml file:

<?xml version="1.0" encoding="UTF-8"?>
<sip-server xmlns="http://www.bea.com/ns/wlcp/wlss/300">
  <overload>
    <threshold-policy>queue-length</threshold-policy>
    <threshold-value>200</threshold-value>
    <release-value>150</release-value>
  </overload>
</sip-server>

XML Element Description

The following sections describe each element used in the sipserver.xml configuration file. Each section describes an XML element that is contained within the main sip-server element.

enable-timer-affinity

The enable-timer-affinity element determines the way in which engine tier servers process expired timers. By default (when enable-timer-affinity is omitted from sipserver.xml, or is set to false), an engine tier server that polls the SIP data tier for expired timers processes all available expired timers. When enable-timer-affinity is set to true, engine tier servers polling the SIP data tier process only those expired timers that are associated with call states that the engine last modified (or expired timers for call states that have no owner).

See "Configuring Timer Processing" for more information.

overload

The overload element enables you to throttle incoming SIP requests according to a configured overload condition. When an overload condition occurs, WebRTC Session Controller destroys new SIP requests by responding with 503 Service Unavailable until the configured release value is observed, or until the size of the server's capacity constraints is reduced (see "Overload Control Based on Capacity Constraints").

User-configured overload controls are applied only to initial SIP requests; SIP dialogues that are already active when an overload condition occurs may generate additional SIP requests that are not throttled.

To configure an overload control, you define the three elements described in Table 18-1.

Table 18-1 Nested overload Elements

ElementDescription

threshold-policy

A String value that identifies the type of measurement used to monitor overload conditions:

Note: Execute queues are deprecated and no longer used in WebRTC Session Controller. Capacity constraints are used for execute queues. The policy name queue-length was kept for backward compatibility.

You must use only one of the above policies to define an overload control. See "Selecting an Appropriate Overload Policy" for more information.

threshold-value

Specifies the measured value that causes WebRTC Session Controller to recognize an overload condition and start throttling new SIP requests:

  • When using the session-rate threshold policy, threshold-value specifies the number of new SIP requests per second that trigger an overload condition. See "Overload Control Based on Session Generation Rate".

  • When using the queue-length threshold policy, threshold-value specifies the size of the combined number of requests in the SIP transport and SIP timer capacity constraint components that triggers an overload condition. See "Overload Control Based on Capacity Constraints".

  • After the threshold-value is observed, WebRTC Session Controller recognizes an overload condition for a minimum of 512 milliseconds during which time new SIP requests are throttled. If multiple overloads occur over a short period, the minimum overload of 512 ms is dynamically increased to avoid repeated overloads.

  • After the minimum overload recognition period expires, the overload condition is terminated only after the configured release-value is observed.

release-value

Specifies the measured value that causes WebRTC Session Controller to end an overload condition and stop throttling new SIP requests:


Selecting an Appropriate Overload Policy

WebRTC Session Controller provides two different policies for throttling SIP requests:

  • The session-rate policy throttles sessions when the volume new SIP sessions reaches a configured rate (a specified number of sessions per second).

  • The queue-length policy throttles requests after the sum of the requests in the wlss.trasnport work manager and wlss.timer.capacity capacity constraint components reaches a configured size.

You must select only one of the available overload policies. You cannot use both policies simultaneously.

The session-rate policy is generally used when a back-end resource having a known maximum throughput (for example, an RDBMS) is used when setting up SIP calls. In this case, the session-rate policy enables you to tie the WebRTC Session Controller overload policy to the known throughput capabilities of the back-end resource.

With the queue-length policy, WebRTC Session Controller monitors both CPU and I/O bottlenecks to diagnose an overload condition. The queue-length policy is generally used with CPU-intensive SIP applications in systems that have no predictable upper bound associated with the call rate.

The following sections describe each policy in detail.

Overload Control Based on Session Generation Rate

WebRTC Session Controller calculates the session generation rate (sessions per second) by monitoring the number of application sessions created in the last 5 seconds. When the session generation rate exceeds the rate specified in the threshold-value element, WebRTC Session Controller throttles initial SIP requests until the session generation rate becomes smaller than the configured release-value.

The following example configures WebRTC Session Controller to begin throttling SIP requests when the new sessions are created at a rate higher than 50 sessions per second. Throttling is discontinued when the session rate drops to 40 sessions per second:

<overload>
  <threshold-policy>session-rate</threshold-policy>
  <threshold-value>50</threshold-value>
  <release-value>40</release-value>
</overload>

Overload Control Based on Capacity Constraints

By default, SIP messages are handled by a work manager named wlss.transport and SIP timers are processed by a work manager named wlss.timer. Each work manager has an associated capacity constraint component that sets the number of requests allotted for SIP message handling and timer processing. Work managers are configured in the config.xml file for your WebRTC Session Controller. Work managers allocate threads automatically, as described in the Oracle WebLogic Server documentation. You can also allocate additional threads to the server at start time using the startup option -Dweblogic.threadpool.MinPoolSize=number_of_threads.

WebRTC Session Controller performs queue-length overload control by monitoring the combined lengths of the configured capacity constraints. When the sum of the requests in the two constraints exceeds the length specified in the threshold-value element, WebRTC Session Controller throttles initial SIP requests until the total requests are reduced to the configured release-value.

Example 18-1 shows a sample overload configuration from sipserver.xml. Here, WebRTC Session Controller begins throttling SIP requests when the combined size of the constraints exceeds 200 requests. Throttling is discontinued when the combined length returns to 200 or fewer simultaneous requests.

Example 18-1 Sample overload Definition

<overload>
  <threshold-policy>queue-length</threshold-policy>
  <threshold-value>200</threshold-value>
  <release-value>150</release-value>
</overload>

Two Levels of Overload Protection

User-configured overload controls (defined in sipserver.xml) represent the first level of overload protection provided by WebRTC Session Controller. They mark the onset of an overload condition and initiate simple measures to avoid dropped calls (generating 503 responses for new requests).

If the condition that caused the overload persists or worsens, then the work manager component used to perform work in the SIP Servlet container may itself become overloaded. At this point, the server no longer uses threads to generate 503 responses, but instead begins to drop messages. In this way, the configured size of the SIP container's work manager components represent the second and final level of overload protection employed by the server.

Always configure overload controls in sipserver.xml conservatively, and resolve the circumstances that caused the overload in a timely fashion.

message-debug

The message-debug element enables and configures access logging with log rotation for WebRTC Session Controller. Use this element only in a development environment, because access logging logs all SIP requests and responses.

To perform more selective logging in a production environment, see Chapter 14, "Logging SIP Requests and Responses."

proxy—Setting Up an Outbound Proxy Server

RFC 3261 defines an outbound proxy as "A proxy that receives requests from a client, even though it may not be the server resolved by the Request-URI. Typically, a UA is manually configured with an outbound proxy, or can learn about one through auto-configuration protocols."

In WebRTC Session Controller an outbound proxy server is specified using the proxy element in sipserver.xml. The proxy element defines one or more proxy server URIs. You can change the behavior of the proxy process by setting a proxy policy with the proxy-policy tag. Table 18-2, "Nested proxy Elements" describes the possible values for the proxy elements.

The default behavior is as if proxy policy is in effect. The proxy policy means that the request is sent out to the configured outbound Proxy and the Route headers in the request preserving any routing decision taken by WebRTC Session Controller. This configuration enables the outbound proxy to send the request over to the intended recipient after it has performed its actions on the request. The proxy policy comes into effect only for the initial requests. As for the subsequent request the Route Set takes precedence over any policy in a dialog. (If the outbound proxy wants to be in the Route Set it can turn record routing on).

Also if a proxy application written on WebRTC Session Controller wishes to override the configured behavior of outbound proxy traversal, then it can add a special header with name X-BEA-Proxy-Policy with the value domain. This header is stripped from the request while sending, but the effect is to ignore the configured outbound proxy. Applications use the X-BEA-Proxy-Policy custom header to override the configured policy on a request-by-request basis. The value of the header can be domain or proxy. Note, however, that if the policy is overridden to proxy, the configuration must still have the outbound proxy URIs to route to the outbound proxy.

Table 18-2 Nested proxy Elements

ElementDescription

routing-policy

An optional element that configures the behavior of the proxy. Valid values are:

  • domain: Proxies messages using the routing rule defined by RFC 3261, ignoring any outbound proxy that is specified.

  • proxy: Sends the message to the downstream proxy specified in the default proxy URI. If there are multiple proxy specifications they are tried in the order in which they are specified. However, if the transport tries a UDP proxy, the settings for subsequent proxies are ignored.

uri

The TCP or UDP URI of the proxy server. You must specify at least one URI for a proxy element. Place multiple URIs in multiple uri elements within the proxy element.


Example 18-2 shows the default proxy configuration for WebRTC Session Controller domains. The request in this case is created in accordance with the SIP routing rules, and finally the request is sent to the outbound proxy sipoutbound.oracle.com.

Example 18-2 Sample proxy Definition

<proxy>
     <routing-policy>proxy</routing-policy>
     <uri>sip:sipoutbound.oracle.com:5060</uri>
     <!-- Other proxy uri tags can be added. - > 
</proxy>

t1-timeout-interval

This element sets the value of the SIP protocol T1 timer, in milliseconds. Timer T1 also specifies the initial values of Timers A, E, and G, which control the retransmit interval for INVITE requests and responses over UDP.

Timer T1 also affects the values of timers F, H, and J, which control retransmit intervals for INVITE responses and requests; these timers are set to a value of 64*T1 milliseconds. See the Session Initiation Protocol for more information about SIP timers. See also "Configuring NTP for Accurate SIP Timers" for more information.

If t1-timeout-interval is not configured, WebRTC Session Controller uses the SIP protocol default value of 500 milliseconds.

t2-timeout-interval

This elements sets the value of the SIP protocol T2 timer, in milliseconds. Timer T2 defines the retransmit interval for INVITE responses and non-INVITE requests. See the Session Initiation Protocol for more information about SIP timers. See also "Configuring NTP for Accurate SIP Timers" for more information.

If t2-timeout-interval is not configured, WebRTC Session Controller uses the SIP protocol default value of 4 seconds.

t4-timeout-interval

This elements sets the value of the SIP protocol T4 timer, in milliseconds. Timer T4 specifies the maximum length of time that a message remains in the network. Timer T4 also specifies the initial values of Timers I and K, which control the wait times for retransmitting ACKs and responses over UDP. See the Session Initiation Protocol for more information about SIP timers. See also "Configuring NTP for Accurate SIP Timers" for more information.

If t4-timeout-interval is not configured, WebRTC Session Controller uses the SIP protocol default value of 5 seconds.

timer-b-timeout-interval

This elements sets the value of the SIP protocol Timer B, in milliseconds. Timer B specifies the length of time a client transaction attempts to retry sending a request. See the Session Initiation Protocol for more information about SIP timers. See also "Configuring NTP for Accurate SIP Timers" for more information.

If timer-b-timeout-interval is not configured, the Timer B value is derived from timer T1 (64*T1, or 32000 milliseconds by default).

timer-f-timeout-interval

This elements sets the value of the SIP protocol Timer F, in milliseconds. Timer F specifies the timeout interval for retransmitting non-INVITE requests. See the Session Initiation Protocol for more information about SIP timers. See also "Configuring NTP for Accurate SIP Timers" for more information.

If timer-f-timeout-interval is not configured, the Timer F value is derived from timer T1 (64*T1, or 32000 milliseconds by default).

max-application-session-lifetime

This element sets the maximum amount of time, in minutes, that a SIP application session can exist before WebRTC Session Controller invalidates the session. max-application-session-lifetime acts as an upper bound for any timeout value specified using the session-timeout element in a sip.xml file, or using the setExpires API.

A value of -1 (the default) specifies that there is no upper bound to application-configured timeout values.

enable-local-dispatch

enable-local-dispatch is a server optimization that helps avoid unnecessary network traffic when sending and forwarding messages. You enable the optimization by setting this element true. When enable-local-dispatch enabled, if a server instance needs to send or forward a message and the message destination is the engine tier's cluster address or the local server address, then the message is routed internally to the local server instead of being sent through the network.

You may want to disable this optimization if you feel that routing internal messages could skew the load on servers in the engine tier, and you prefer to route all requests through a configured load balancer.

By default enable-local-dispatch is set to false.

cluster-loadbalancer-map

The cluster-loadbalancer-map element is used only when upgrading WebRTC Session Controller software, or when upgrading a production SIP Servlet to a new version. It is not required or used during normal server operations.

During a software upgrade, multiple engine tier clusters are defined to host the older and newer software versions. A cluster-loadbalancer-map defines the virtual IP address (defined on your load balancer) that correspond to an engine tier cluster configured for an upgrade. WebRTC Session Controller uses this mapping to ensure that engine tier requests for timers and call state data are received from the correct "version" of the cluster. If a request comes from an incorrect version of the software, WebRTC Session Controller uses the cluster-loadbalancer-map to forward the request to the correct cluster.

Each cluster-loadbalancer-map entry contains the two elements described in Table 18-3.

Table 18-3 Nested cluster-loadbalancer-map Elements

ElementDescription

cluster-name

The configured name of an engine tier cluster.

sip-uri

The internal SIP URI that maps to the engine tier cluster. This corresponds to a virtual IP address that you have configured in your load balancer. The internal URI forwards requests to the correct cluster version during an upgrade.


Example 18-3 shows a sample cluster-loadbalancer-map entry used during an upgrade.

Example 18-3 Sample cluster-loadbalancer-map Ez?ntry

<cluster-loadbalancer-map>
   <cluster-name>EngineCluster</cluster-name>
   <sip-uri>sip:172.17.0.1:5060</sip-uri>
</cluster-loadbalancer-map>
<cluster-loadbalancer-map>
   <cluster-name>EngineCluster2</cluster-name>
   <sip-uri>sip:172.17.0.2:5060</sip-uri>
</cluster-loadbalancer-map>

See Chapter 13, "Upgrading Production WebRTC Session Controller Software," for more information.

default-behavior

This element defines the default behavior of the WebRTC Session Controller instance if the server cannot match an incoming SIP request to a deployed SIP Servlet (or if the matching application has been invalidated or timed out). Valid values are:

  • proxy: Act as a proxy server.

  • ua: Act as a User Agent.

proxy is used as the default if you do not specify a value.

When acting as a User Agent (UA), WebRTC Session Controller acts in the following way in response to SIP requests:

  • ACK requests are discarded without notice.

  • CANCEL or BYE requests receive response code 481 - Transaction does not exist.

  • All other requests receive response code 500 - Internal server error.

When acting as a proxy requests are automatically forwarded to an outbound proxy (see "proxy—Setting Up an Outbound Proxy Server") if one is configured. If no proxy is defined, WebRTC Session Controller proxies to a specified Request URI only if the Request URI does not match the IP and port number of a known local address for a SIP Servlet container, or a load balancer address configured for the server. This ensures that the request does not constantly loop to the same servers. When the Request URI matches a local container address or load balancer address, WebRTC Session Controller instead acts as a UA.

default-servlet-name

This element specifies the name of a default SIP Servlet to call if an incoming initial request cannot be matched to a deployed Servlet (using standard servlet-mapping definitions in sip.xml). The name specified in the default-servlet-name element must match the servlet-name value of a deployed SIP Servlet. For example:

<default-servlet-name>myServlet</default-servlet-name>

If the name defined in default-servlet-name does not match a deployed Servlet, or no value is supplied (the default configuration), WebRTC Session Controller registers the name com.bea.wcp.sip.engine.BlankServlet as the default Servlet. The BlankServlet name is also used if a deployed Servlet registered as the default-servlet-name is undeployed from the container.

BlankServlet's behavior is configured with the default-behavior element. By default the Servlet proxies all unmatched requests. However, if the default-behavior element is set to ua mode, BlankServlet is responsible for returning 481 responses for CANCEL and BYE requests, and 500/416 responses in all other cases. BlankServlet does not respond to ACK, and it always invalidates the application session.

retry-after-value

Specifies the number of seconds used in the Retry-After header for 5xx response codes. This value can also include a parameter or a reason code, such as "Retry-After: 18000;duration=3600" or "Retry-After: 120 (I'm in a meeting)."

If the this value is not configured, WebRTC Session Controller uses the default value of 180 seconds.

sip-security

WebRTC Session Controller enables you to configure one or more trusted hosts for which authentication is not performed. When WebRTC Session Controller receives a SIP message, it calls getRemoteAddress() on the SIP Servlet message. If this address matches an address defined in the server's trusted host list, no further authentication is performed for the message.

The sip-security element defines one or more trusted hosts, for which authentication is not performed. The sip-security element contains one or more trusted-authentication-host or trusted-charging-host elements, each of which contains a trusted host definition. A trusted host definition can consist of an IP address (with or without wildcard placeholders) or a DNS name. Example 18-4 shows a sample sip-security configuration.

Example 18-4 Sample Trusted Host Configuration

<sip-security>
   <trusted-authentication-host>myhost1.mycompany.com</trusted-authentication-host>
   <trusted-authentication-host>172.*</trusted-authentication-host>
</sip-security>

route-header

3GPP TS 24.229 Version 7.0.0 :

http://www.3gpp.org/ftp/Specs/archive/24_series/24.229/24229-700.zip requires that IMS Application Servers generating new requests (for example, as a B2BUA) include the S-CSCF route header. In WebRTC Session Controller, the S-CSCF route header must be statically defined as the value of the route-header element in sipserver.xml. For example:

<route-header>
   <uri>Route: sip:wlss1.bea.com</uri>
</route-header>

engine-call-state-cache-enabled

WebRTC Session Controller provides the option for engine tier servers to cache a portion of the call state data locally or in the SIP data tier, to improve performance with SIP-aware load balancers. When a local cache is used, an engine tier server first checks its local cache for existing call state data. If the cache contains the required data, and the local copy of the data is up-to-date (compared to the SIP data tier copy), the engine locks the call state in the SIP data tier but reads directly from its cache.

By default the engine tier cache is enabled. To disable caching, set engine-call-state-cache-enabled to false:

<engine-call-state-cache-enabled>false</engine-call-state-cache-enabled>

See Chapter 11, "Using the Engine Tier Cache" for more information.

server-header

WebRTC Session Controller enables you to control when a Server header is inserted into SIP messages. You can use this functionality to limit or eliminate Server headers to reduce the message size for wireless networks, or to increase security.

By default, WebRTC Session Controller inserts no Server header into SIP messages. Set the server-header to one of the following string values to configure this behavior:

  • none (the default) inserts no Server header.

  • request inserts the Server header only for SIP requests generated by the server.

  • response inserts the Server header only for SIP responses generated by the server.

  • all inserts the Server header for all SIP requests and responses.

For example, the following element configures WebRTC Session Controller to insert a Server header for all generated SIP messages:

<server-header>all</server-header>

See also "server-header-value".

server-header-value

WebRTC Session Controller enables you to control the text that is inserted into the Server header of generated messages. This provides additional control over the size of SIP messages and also enables you to mask the server entity for security purposes. By default, WebRTC Session Controller does not insert a Server header into generated SIP messages (see "server-header"). If Server header insertion is enabled but no server-header-value is specified, WebRTC Session Controller inserts the value WebLogic SIP Server. To configure the header contents, enter a string value. For example:

<server-header-value>MyCompany Application Server</server-header-value>

persistence

The persistence element enables or disables writing call state data to an RDBMS, or to a remote, geographically-redundant WebRTC Session Controller installation. For sites that use geographically-redundant replication features, the persistence element also defines the site ID and the URL at which to persist call state data.

The persistence element contains the sub-elements described in Table 18-4.

Table 18-4 Nested persistence Elements

ElementDescription

default-handling

Determines whether WebRTC Session Controller observes persistence hints for RDBMS persistence or geographical-redundancy. This element can have one of the following values:

  • all: Specifies that call state data may be persisted to both an RDBMS store and to a geographically-redundant WebRTC Session Controller installation. This is the default behavior. Replication to either destination also requires that the available resources (JDBC datasource and remote JMS queue) are available.

  • db: Specifies that long-lived call state data is replicated to an RDBMS if the required JDBC datasource and schema are available.

  • geo: Specifies that call state data is persisted to a remote, geographically-redundant site if the configured site URL contains the necessary JMS resources.

  • none: Specifies that only in-memory replication is performed to other replicas in the SIP data tier cluster. Call state data is not persisted in an RDBMS or to an external site.

geo-site-id

Specifies the site ID of this installation. All installations that participate in geographically-redundant replication require a unique site ID.

geo-remote-t3-url

Specifies the remote WebRTC Session Controller installation to which this site replicates call state data. You can specify a single URL corresponding to the engine tier cluster of the remote installation. You can also specify a comma-delimited list of addresses corresponding to each engine tier server. The URLs must specify the t3 protocol.


Example 18-5 shows a sample configuration that uses RDBMS storage for long-lived call state and geographically-redundant replication. Call states are replicated to two engine tier servers in a remote location.

Example 18-5 Sample persistence Configuration

<persistence>
  <default-handling>all</default-handling>
  <geo-site-id>1</geo-site-id>
  <geo-remote-t3-url>t3://remoteEngine1:7050,t3://remoteEngine2:7051</geo-remote-t3-url>
</persistence>

use-header-form

This element configures the server-wide, default behavior for using or preserving compact headers in SIP messages. You can set this element to one of the following values:

  • compact: WebRTC Session Controller uses the compact form for all system-generated headers. However, any headers that are copied from an originating message (rather than generated) use their original form.

  • force compact: WebRTC Session Controller uses the compact form for all headers, converting long headers in existing messages into compact headers as necessary.

  • long: WebRTC Session Controller uses the long form for all system-generated headers. However, any headers that are copied from an originating message (rather than generated) use their original form.

  • force long: WebRTC Session Controller uses the long form for all headers, converting compact headers in existing messages into long headers as necessary.

enable-dns-srv-lookup

This element enables or disables WebRTC Session Controller DNS lookup capabilities. If you set the element to true, then the server can use DNS to:

  • Discover a proxy server's transport, IP address, and port number when a request is sent to a SIP URI.

  • Resolve an IP address and port number during response routing, depending on the contents of the Sent-by field.

For proxy discovery, WebRTC Session Controller uses DNS resolution only once per SIP transaction to determine transport, IP, and port number information. All retransmissions, ACKs, or CANCEL requests are delivered to the same address and port using the same transport. For details about how DNS resolution takes place, see RFC 3263: Session Initiation Protocol (SIP): Locating SIP Servers (http://www.ietf.org/rfc/rfc3263.txt).

When a proxy needs to send a response message, WebRTC Session Controller uses DNS lookup to determine the IP address and port number of the destination, depending on the information provided in the sent-by field and Via header.

By default, DNS resolution is not used (false).


Note:

Because DNS resolution is performed within the context of SIP message processing, any DNS performance problems result in increased latency performance. Oracle recommends using a caching DNS server in a production environment to minimize potential performance problems.

connection-reuse-pool

WebRTC Session Controller includes a connection pooling mechanism that minimizes communication overhead with a Session Border Control (SBC) function or Serving Call Session Control Function (S-CSCF). You can configure multiple, fixed pools of connections to different addresses.

WebRTC Session Controller opens new connections from the connection pool on demand as the server makes requests to a configured address. The server then multiplexes new SIP requests to the address using the already-opened connections, rather than repeatedly terminating and re-creating new connections. Opened connections are reused in a round-robin fashion. Opened connections remain open until they are explicitly closed by the remote address.

Connection reuse pools are not used for incoming requests from a configured address.

To configure a connection reuse pool, you define the four nested elements described in Table 18-5.

Table 18-5 Nested connection-reuse-pool Elements

ElementDescription

pool-name

A String value that identifies the name of this pool. All configured pool-name elements must be unique to the domain.

destination

Specifies the IP address or host name of the destination SBC or S-CSCF. WebRTC Session Controller opens or reuses connection in this pool only when making requests to the configured address.

destination-port

Specifies the port number of the destination SBC or S-CSCF.

maximum-connections

Specifies the maximum number of opened connections to maintain in this pool.


Example 18-6 shows a sample connection-reuse-pool configuration having two pools.

Example 18-6 Sample connection-reuse-pool Configuration

<connection-reuse-pool>
   <pool-name>SBCPool</pool-name>
   <destination>MySBC</destination>
   <destination-port>7070</destination-port>
   <maximum-connections>10</maximum-connections>
</connection-reuse-pool>
<connection-reuse-pool>
   <pool-name>SCSFPool</pool-name>
   <destination>192.168.1.6</destination>
   <destination-port>7071</destination-port>
   <maximum-connections>10</maximum-connections>
</connection-reuse-pool>

globally-routable-uri

This element enables you to specify a Globally-Routable User Agent URI (GRUU) that WebRTC Session Controller automatically inserts into Contact and Route-Set headers when communicating with network elements. The URI specified in this element should be the GRUU for the entire WebRTC Session Controller cluster. (In a single-server domain, use a GRUU for the server itself.)

User Agents (UAs) deployed on WebRTC Session Controller typically obtain GRUUs through a registration request. In this case, the application code is responsible both for requesting and subsequently handling the GRUU. To request a GRUU, the UA includes the +sip.instance field parameter in the Contact header in each Contact for which GRUU is required. Upon receiving a GRUU, the UA uses the GRUU as the URI for the Contact header field when generating new requests.

domain-alias-name

This element defines one or more domains for which WebRTC Session Controller is responsible. If a message has a destination domain that matches a domain specified with a domain-alias-name element, WebRTC Session Controller processes the message locally, rather than forwarding it.

The sipserver.xml configuration file can have multiple main-alias-name elements. Each element can specify either:

  • an individual, fully-qualified domain name, such as myserver.mycompany.com, or

  • a domain name starting with an initial wildcard character, such as *.mycompany.com, used to represent all matching domains. Only a single wildcard character is supported, and it must be used as the first element of the domain name.


    Note:

    You can also identify these domain names using the Domain Aliases field in the Configuration > General tab of the SipServer Administration Console extension.

enable-rport

This element determines whether WebRTC Session Controller automatically adds an rport parameter to Via headers when acting as a UAC. By default, the server does not add the rport parameter; set the element to true to automatically add rport to requests generated by the server.


Note:

You can also set this parameter to true by selecting the Symmetric Response Routing option in the Administration Console. In the Administration Console, select Configuration, then select the General tab of the SipServer Administration console extension.

The rport parameter is used for symmetric response routing as described in RFC 3581 (http://www.ietf.org/rfc/rfc3581.txt). When a message is received by an RFC 3581-compliant server, such as WebRTC Session Controller, the server responds using the remote UDP port number from which the message was received, rather than the port number specified in the Via header. This behavior is frequently used when servers reside behind gateway devices that perform Network Address Translation (NAT). The NAT devices maintain a binding between the internal and external port numbers, and all communication must be initiated through the gateway port.

WebRTC Session Controller is compliant with RFC 3581, and will honor the rport parameter even if you set the enable-rport element to false. The enable-rport element only specifies whether the server automatically adds rport to the requests it generates when acting as a UAC. To disable rport handling completely (disable RFC 3581 support), you must start the server with the command-line option, -Dwlss.udp.uas.rport=false.


Note:

rport support as described in RFC 3581 requires that SIP responses include the source port of the original SIP request. Because source port information is frequently treated as sensitive data, Oracle recommends using the TLS transport.

image-dump-level

This element specifies the level of detail to record in WebRTC Session Controller diagnostic image files. You can set this element to one of two values:

  • basic: Records all diagnostic data except for call state data.

  • full: Records all diagnostic data including call state data.


    Note:

    Recording call state data in the image file can be time consuming. By default, image dump files are recorded using the basic option.

    You can also set this parameter using the Configuration > General tab of the SipServer Administration Console extension.


stale-session-handling

WebRTC Session Controller uses encoded URIs to identify the call states and application sessions associated with a message. When an application is undeployed or upgraded to a new version, incoming requests may have encoded URIs that specify "stale" or nonexistent call or session IDs. The stale-session-handling element enables you to configure the action that WebRTC Session Controller takes when it encounters stale session data in a request. The following actions are possible:

  • drop: Drops the message without logging an error. This setting is desirable for systems that frequently upgrade applications using WebRTC Session Controller's in-place upgrade feature. Using the drop action ensures that messages intended for older, incompatible versions of a deployed application are dropped.

  • error: Responds with an error, so that a UAC might correct the problem. This is the default action. Messages having a To: tag cause a 481 Call/Transaction Does Not Exist error, while those without the tag cause a 404 Not Found error.

  • continue: Ignores the stale session data and continues processing the request.


    Note:

    When it encounters stale session data, WebRTC Session Controller applies the action specified by stale-session-handling before considering the value of the default-behavior element. The default-behavior is performed only when you have configured stale-session-handling to perform the continue action.

enable-contact-provisional-response

By default WebRTC Session Controller does not place a Contact header in non-reliable provisional (1xx) responses that have a To header. If you deploy applications that expect the Contact header to be present in such 1xx responses, set this element to true:

<enable-contact-provisional-response>true</enable-contact-provisional-response>

Setting this element to true does not affect 100 Trying responses.

PK(\"PK)DOEBPS/opg_starting.htm Using the Administration Console and WLST

3 Using the Administration Console and WLST

This chapter describes managing Oracle Communications WebRTC Session Controller domain services using the Administration Console and WebLogic Scripting Tool (WLST).

Accessing the Administration Console

The Administration Console enables you to configure and monitor core Oracle WebLogic Server functionality and the SIP Servlet container functionality provided with WebRTC Session Controller.

See Oracle WebLogic Server Administration Console Online Help for more information about the Administration Console.

To configure or monitor SIP Servlet features using the Administration Console:

  1. Ensure that your WebLogic Administration Server is running.

  2. Use your browser to access the URL:

    http://address:port/console
    

    where address is the Administration Server's listen address and port is the listen port.

  3. Select the SipServer node in the left pane.

    The right pane of the console provides two levels of tabbed pages that are used for configuring and monitoring WebRTC Session Controller. Table 3-1 summarizes the available pages and provides links to additional information about configuring SIP container properties.

Table 3-1 WebRTC Session Controller Configuration and Monitoring Pages

TabSubTabFunction

Configuration

General

Configure SIP timer values, session timeout duration, default WebRTC Session Controller behavior (proxy or user agent), server header format, call state caching, DNS name resolution, timer affinity, domain aliases, rport support, diagnostic image format, and stale session handling.

Configuration

Application Router

WebRTC Session Controller does not use this configuration tab.

Configuration

Proxy

Configure proxy routing URIs and proxy policies.

Configuration

Overload Protection

Configure the conditions for enabling and disabling automatic overload controls.

Configuration

Message Debug

Enable or disable SIP message logging on a development system.

Configuration

SIP Security

Identify trusted hosts for which authentication is not performed.

Configuration

Persistence

Configure persistence options for storing long-lived session data in an RDBMS, or for replicating long-lived session data to a remote, geographically-redundant site.

Configuration

Data Tier

View the current configuration of SIP data tier servers. You can also add, delete and configure partitions here.

Configuration

LoadBalancer Map

Configure the mapping of multiple clusters to internal virtual IP addresses during a software upgrade.

Configuration

Targets

Configure the list of servers or clusters that receive the engine tier configuration. The target server list determines which servers and clusters provide SIP Servlet container functionality.

Configuration

Connection Pools

Configure connection reuse pools to minimize communication overhead with a Session Border Control (SBC) function or Serving Call Session Control Function (S-CSCF).

Monitoring

General

View run-time information about messages and sessions processed in engine tier servers.

Monitoring

SIP Performance

View run-time performance information on SIP traffic throughput and number of successful and failed transactions.

Monitoring

SIP Applications

View run-time session information for deployed SIP applications.

Monitoring

Data Tier Information

View run-time information about the current status and the work performed by servers in the SIP data tier.


Locking and Persisting the Configuration

The Administration Console Change Center provides a way to lock a domain configuration allowing configuration changes while preventing other administrators from making changes during your edit session. You can enable or disable this feature in development domains. It is disabled by default when you create a development domain.

See "Enable and disable the domain configuration lock" in the Oracle WebLogic Server Administration Console Online Help for more information on the domain configuration lock.

Some changes you make in the Administration Console take place immediately when you activate them. Other changes require you to restart the server or module affected by the change. These latter changes are called non-dynamic changes. Non-dynamic changes are indicated in the Administration Console with a warning icon containing an exclamation point. If an edit is made to a non-dynamic configuration setting, no edits to dynamic configuration settings will take effect until after you restart the server.

To make changes to your WebRTC Session Controller domain when domain configuration lock is enabled:

  1. Locate the Change Center in the upper left corner of the Administration Console.

  2. Click Lock & Edit to lock the editable configuration hierarchy for the domain.

  3. Make the changes you want on the relevant page of the console and click Save on each page where you make a change.

  4. When you have finished making all the changes, click Activate Changes in the Change Center.


    Note:

    • You can instead discard your current changes by clicking Undo All Changes. This deletes any temporary configuration files that were written with previous Save operations.

    • If you need to discard all configuration changes made since the server was started, you can revert to original boot configuration file. See "Reverting to the Original Boot Configuration" for more information.


Using WLST (JMX) to Configure WebRTC Session Controller

The WebLogic Scripting Tool (WLST) is a utility that you can use to monitor or modify JMX MBeans available on a WebLogic Server or WebRTC Session Controller instance. You use WLST to configure both the WebRTC Session Controller SIP container and application. The following sections describe configuring WebRTC Session Controller with WLST:

For more information on using the WLST, see "Using the WebLogic Scripting Tool" in the Oracle WebLogic Scripting Tool documentation.

Before using WLST to configure a WebRTC Session Controller domain, set your environment to add required WebRTC Session Controller classes to your classpath. Use either a domain environment script or the setWLSEnv.sh script located in WL_home/server/bin where WL_home is the directory where WebLogic Server is installed.

Configuring the SIP Container with WLST

This section provides information on configuring the WebRTC Session Controller SIP container using WLST.

Managing Configuration Locks

Table 3-2 summarizes the WLST methods used to lock a SIP container configuration and apply changes.

Table 3-2 SIP Container ConfigManagerRuntimeMBean Method Summary

MethodDescription

activate()

Writes the current configuration MBean attributes (the current SIP Servlet container configuration) to the sipserver.xml configuration file and applies changes to the running servers.

cancelEdit()

Cancels an edit session, releasing the edit lock, and discarding all unsaved changes. This operation can be called by any user with administrator privileges, even if the user did not start the edit session.

cd

Navigate the hierarchy of configuration or run-time beans.

connect

Connect WLST to a WebLogic Server instance.

edit()

Starts an edit session.

save()

Writes the current configuration MBean attributes (the current SIP Servlet container configuration) to a temporary configuration file.

startEdit()

Locks changes to the SIP Servlet container configuration. Other JMX applications cannot alter the configuration until you explicitly call stopEdit(), or until your edit session is terminated.

If you attempt to call startEdit() when another user has obtained the lock, you receive an error message that states the user who owns the lock.

set

Set the specified attribute value for the current configuration bean.

stopEdit()

Releases the lock obtained for modifying SIP container properties and rolls back any pending MBean changes, discarding any temporary files.


A typical configuration session using WLST involves the following tasks:

  1. Call startEdit() to obtain a lock on the active configuration.

  2. Modify existing SIP Servlet container configuration MBean attributes (or create or delete configuration MBeans) to modify the active configuration. See "Configuration MBeans for the SIP Servlet Container" for a summary of the configuration MBeans.

  3. Do one of the following:

    • Call save() to persist all changes to a temporary configuration file named sipserver.xml.saved

    • Call activate() to persist changes to the sipserver.xml.saved file, rename sipserver.xml.saved to sipserver.xml (copying over the existing file), and apply changes to the running engine tier server nodes.


      Note:

      When you start the Administration Server for a WebRTC Session Controller domain, the server parses the current container configuration in sipserver.xml and creates a copy of the initial configuration in a file named sipserver.xml.booted. You can use this copy to revert to the booted configuration, as described in "Reverting to the Original Boot Configuration".

Configuration MBeans for the SIP Servlet Container

ConfigManagerRuntimeMBean manages access to and persists the configuration MBean attributes described in Table 3-3. Although you can modify other configuration MBeans, such as WebLogic Server MBeans that manage resources such as network channels and other server properties, those MBeans are not managed by ConfigManagerRuntimeMBean.

See "Configuring the WebRTC Session Controller Application with WLST" for information on MBeans used to configure WebRTC Session Controller application properties.

Table 3-3 SIP Container Configuration MBeans

MBean TypeMBean AttributesDescription

ClusterToLoadBalancerMap

ClusterName, 
LoadBalancerSipURI

Manages the mapping of multiple clusters to internal virtual IP addresses during a software upgrade. This attribute is not used during normal operations.

See also "Define the Cluster-to-Load Balancer Mapping".

OverloadProtection
RegulationPolicy,
ThresholdValue,
ReleaseValue

Manages overload settings for throttling incoming SIP requests.

See also "overload".

Proxy
ProxyURIs, 
RoutingPolicy

Manages the URIs routing policies for proxy servers. See also "proxy—Setting Up an Outbound Proxy Server".

SipSecurity
TrustedAuthenticationHosts

Defines trusted hosts for which authentication is not performed. See also "sip-security".

SipServer
DefaultBehavior, 
EnableLocalDispatch,
MaxApplicationSessionLifeTime,
OverloadProtectionMBean,
ProxyMBean,
T1TimeoutInterval,
T2TimeoutInterval, 
T4TimeoutInterval,
TimerBTimeoutInterval,
TimerFTimeoutInterval

SipServer also has several helper methods:

createProxy(), 
destroyProxy(),
createOverloadProtection(),
destroyOverloadProtection(),
createClusterToLoadBalancerMap()
destroyClusterToLoadBalancerMap()

Configuration MBean that represents the entire sipserver.xml configuration file. You can use this MBean to obtain and manage each of the individual MBeans described in this table, or to set SIP timer or SIP Session timeout values. See also:


Locating the SIP Container MBeans

All SIP Servlet container configuration MBeans are located in the serverConfig MBean tree, accessed using the serverConfig() command in WLST. Within this bean tree, individual configuration MBeans can be accessed using the path:

CustomResources/sipserver/Resource/sipserver

For example, to browse the default Proxy MBean for a WebRTC Session Controller domain you would enter these WLST commands:

serverConfig()
cd('CustomResources/sipserver/Resource/sipserver/Proxy')
ls()

Run-time MBeans, such as ConfigManagerRuntime, are accessed in the custom MBean tree, accessed using the custom() command in WLST. Run-time MBeans use the path:

mydomain:Location=myserver,Name=myserver,Type=mbeantype

Certain configuration settings, such as proxy and overload protection settings, are defined by default in sipserver.xml. Starting an associated server generates Configuration MBeans for these settings. You can immediately browse the Proxy and OverloadProtection MBeans. Other configuration settings are not configured by default and you will need to create the associated MBeans before they can be accessed. See "Creating and Deleting MBeans" for more information.

Configuring the WebRTC Session Controller Application with WLST

This section provides information on configuring the WebRTC Session Controller application using WLST.

Managing Configuration Locks

Table 3-4 summarizes the WebRTC Session Controller methods included in ConfigAdminMBean.

Table 3-4 WebRTC Session Controller ConfigAdminMBean Method Summary

MethodDescription

lockAndEdit()

Begins the configuration update transaction.

isLocked()

Checks if the configuration is locked (by any user).

getCurrentLock()

Gets current lock if one exist. The request fails if the lock is owned by another user.

revert()

Reverts a configuration update transaction.

commit()

Commits a configuration update transaction.

validate()

Validates the transaction.

validateAllScripts()

Validates all the scripts.

validateScript()

Validates a particular script.

validateScriptLibrary()

Validates the script libraries.

validateMediaEngines()

Validates all the Media Engines and checks to see if they are reachable from the Signaling Engine.


Configuration MBeans for WebRTC Session Controller

Table 3-5 lists the configuration MBeans for WebRTC Session Controller. See the oracle.wsc.core.configuration.admin.mbean package in Oracle Communications WebRTC Session Controller Configuration API Reference for detailed information about each MBean.

See "Accessing WebRTC Session Controller Application MBeans" for information on how to access and use the WebRTC Session Controller MBeans.

Table 3-5 WebRTC Session Controller Configuration MBeans

MBeanDescription

ApplicationMBean

WebRTC Session Controller application configuration MBean.

AscMBean

Media Engine configuration MBean.

AscMBeans

Media Engine configuration MBean.

ConfigAdminMBean

WebRTC Session Controller configuration administration MBean.

PackageMBean

WebRTC Session Controller package configuration MBean.

ResourceLimitsProfileMBean

WebRTC Session Controller resource limits configuration MBean.

ScriptLibraryMBean

WebRTC Session Controller script library configuration MBean.

ScriptMBean

WebRTC Session Controller script configuration MBean.

SystemConfigurationsMBean

WebRTC Session Controller application configuration MBean.

WebSocketMBean

WebRTC Session Controller WebSocket configuration MBean.

WscConfigMBean

WebRTC Session Controller main configuration MBean.


Accessing WebRTC Session Controller Application MBeans

You configure the WebRTC Session Controller MBeans using the Java MbeanServerConnection interface. Use the mbs variable at the WLST interface prompt to access the MBeans.

See the "WLST Variable Reference" in WLST Command Reference for WebLogic Server for information about the mbs variable.

To configure the WebRTC Session Controller MBeans using mbs:

  1. Connect to the WebLogic instance using WLST.

  2. Use the MBeanServerConnection to interact with the WebRTC Session Controller MBean server. See the following link for more information, including available methods, about MBeanServerConnection:

    http://docs.oracle.com/javase/7/docs/api/javax/management/MBeanServerConnection.html

  3. Access the WebRTC Session Controller administration MBean, which is the root of all WebRTC Session Controller MBeans, using the following object name:

    oracle.wsc:Location=AdminServer,Type=ConfigAdminMBean
    
  4. Use the getAttribute, setAttribute, and invoke operations to interact with the MBeans and configure the WebRTC Session Controller.

See "WebRTC Session Controller Code Sample" for an example showing how to use the MBeanServerConnection method to perform common configuration tasks.

WLST Configuration Examples

The following sections provide example WLST scripts and commands for configuring SIP Servlet container properties.

Invoking WLST

To use WLST with WebRTC Session Controller, you must ensure that all WebRTC Session Controller JAR files are included in your classpath. Follow these steps:

  1. Set your WebRTC Session Controller environment:

    cd ~/domain_home/bin
    ./setDomainEnv.sh
    

    where domain_home is the path to the domain's home directory.

  2. Start WLST:

    java weblogic.WLST
    
  3. Connect to the Administration Server for your WebRTC Session Controller domain:

    connect('system','weblogic','t3://myadminserver:port_number')
    

WLST Template for Configuring Container Attributes

Because a typical configuration session involves accessing ConfigManagerRuntimeMBean twice—once for obtaining a lock on the configuration, and once for persisting or applying changes—JMX applications that manage container attributes generally have a similar structure.

Example 3-1 shows a WLST script that contains the common commands needed to access ConfigManagerRuntimeMBean. The example script modifies the proxy RoutingPolicy attribute, which is set to supplemental by default in new WebRTC Session Controller domains. You can use this listing as a basic template, modifying commands to access and modify the configuration MBeans as necessary.

Example 3-1 Template WLST Script for Accessing ConfigManagerRuntimeMBean

# Connect to the Administration Server
connect('username','password','t3://localhost:7001')
# Start an edit session
edit()
startEdit()
# --MODIFY THIS SECTION AS NECESSARY--
# Edit SIP Servlet container configuration MBeans
cd('mydomain:DomainConfig=mydomain,Location=myserver,Name=myserver,SipServer=myserver,Type=Proxy')
set('RoutingPolicy','domain')
# Commit changes
save()
activate()

Creating and Deleting MBeans

The SipServer MBean represents the entire contents of the sipserver.xml configuration file. In addition to having several attributes for configuring SIP timers and SIP application session timeouts, SipServer provides helper methods to help you create or delete MBeans representing proxy settings and overload protection controls.

Example 3-2 shows an example of how to use the helper commands to create and delete configuration MBeans that configuration elements in sipserver.xml. See also WebRTC Session Controller JavaScript API Reference for more information.

Example 3-2 WLST Commands for Creating and Deleting MBeans

connect('username','password','t3://localhost:7001')
edit()
startEdit()
cd('CustomResources/sipserver/Resource/sipserver')
cmo.destroyOverload()
cmo.createProxy()
save()
activate()

WebRTC Session Controller Code Sample

Oracle recommends using MBeanServerConnection (mbs) methods when using WLST to perform WebRTC Session Controller configuration instead of the built-in WLST operations. Example 3-3 provides sample code including how to connect to an administration server, lock configuration, retrieve and modify attributes, create test packages, and commit configurations using the mbs variable.

See "Accessing WebRTC Session Controller Application MBeans" for more information on using MBeanServerConnection.

Example 3-3 Connecting and Performing MBean Operations with mbs

# Connect to Admin Server
connect('username', 'password', 't3://127.0.0.1:7001')
 
# Lock configuration
noObjs = jarray.array([],java.lang.Object)
noStrs = jarray.array([],java.lang.String)
admin = ObjectName('oracle.wsc:Location=AdminServer,Type=ConfigAdminMBean')
myLock = mbs.invoke(admin, 'lockAndEdit', noObjs, noStrs)
 
# Get some attribute
mbs.getAttribute(myLock, 'Packages') 
 
# Change some attributes
myApp=ObjectName('oracle.wsc:Type=ApplicationMBean,Location=AdminServer,Name=unsecure,User=weblogic')
activeAttr=Attribute('Active', Boolean('false'))
mbs.setAttribute(myApp, activeAttr)
descAttr=Attribute('Description', 'Disabled this app')
mbs.setAttribute(myApp, descAttr)
 
# Create test package
packageObjs = jarray.array(['test-package'], java.lang.Object)
packageStrs = jarray.array(['java.lang.String'], java.lang.String)
myPackage = mbs.invoke(myLock, 'createPackage', packageObjs, packageStrs)
 
# Commit configuration
commitObjs = jarray.array([myLock], java.lang.Object)
commitStrs = jarray.array(['javax.management.ObjectName'], java.lang.String)
mbs.invoke(admin, 'commit', commitObjs, commitStrs)

Setting Logging Levels

The WebRTC Session Controller is subject to the common configuration settings defined for WebLogic servers. To modify the logging settings for a WebRTC Session Controller in the Administration Console, access the logging configuration settings page as follows:

  1. Expand the Environment node in the Domain Structure tree.

  2. Click Servers.

  3. Click the name of the server you want to configure logging for in the Configuration tab.

  4. In the right pane, click the Logging tab.

  5. Modify the default logging settings and then click Save to commit your changes.

Alternatively, use the logging.xml WebLogic file to manually configure logging properties for the servers.

WebRTC Session Controller supports additional logging features that provide for SIP message logging. SIP message logging should be enabled in development environments only. It is not intended for production environments.

To configure SIP message logging:

  1. Expand the SipServer node in the Domain Structure tree.

  2. In the Configuration tab, click the Message Debug subtab.

  3. Select the Enable Debug check box.

  4. Configure other message logging settings as needed. Other settings include the logging verbosity level, the log entry pattern, and the target log file name. See the on-screen field description for more information.

  5. Click Save to commit your changes.

  6. Restart the WebLogic server.

See "Logging SIP Requests and Responses" for information about creating custom log listeners and more information about logging settings.

Startup Sequence for a WebRTC Session Controller Domain

WebRTC Session Controller start scripts use default values for many JVM parameters that affect performance. For example, JVM garbage collection and heap size parameters may be omitted, or may use values that are acceptable only for evaluation or development purposes.

In a production system, you must rigorously profile your applications with different heap size and garbage collection settings to realize adequate performance. See "Modifying JVM Parameters in Server Start Scripts" in the chapter for suggestions about maximizing JVM performance in a production domain.


Caution:

When you configure a domain with multiple Signaling Engine servers, you must accurately synchronize all system clocks to a common time source (to within one or two milliseconds) in order for the SIP protocol stack to function properly. See "Configuring NTP for Accurate SIP Timers" for more information.

Because a typical WebRTC Session Controller domain contains numerous Signaling Engine and SIP data tier servers, with dependencies between the different server types, you should generally follow this sequence when starting up a domain:

  1. Start the Administration Server for the domain.

    Start the Administration Server to provide the initial configuration to engine servers in the domain. The Administration Server can also be used to monitor the startup/shutdown status of each Managed Server.

    You generally start the Administration Server by using the startWebLogic.sh or startWebLogic.cmd script (depending on your operating system) installed with the Configuration Wizard, or a custom startup script.

  2. Start SIP data tier servers in each partition.

    The engine tier cannot function until servers in the SIP data tier are available to manage call state data. Although all replicas in each partition need not be available to begin processing requests, at least one replica in each configured partition must be available to manage the concurrent call state. All replicas should be started and available before opening the system to production network traffic.

    You generally start each SIP data tier server by using either the startManagedWebLogic.cmd script installed with the Configuration Wizard, or a custom startup script. startManagedWebLogic.cmd requires that you specify the name of the server to startup and the URL of the Administration Server for the domain. For example:

    startManagedWebLogic.cmd datanode0-0 t3://adminhost:7001
    
  3. Start engine tier servers.

    Start Signaling Engine servers and begin processing client requests. Signaling engine tier servers are generally started using the startManagedWebLogic.cmd script or a custom startup script.

Following the above startup sequence ensures that all Managed Servers use the latest SIP Servlet container and SIP data tier configuration. This sequence also avoids engine tier error messages that are generated when servers in the SUP data tier are unavailable.

Startup Command Options

Table 3-6 lists startup options available to WebRTC Session Controller. For more information about these and other options, see "weblogic.Server Command-Line Reference" in the Command Reference for Oracle Weblogic Server documentation.

Table 3-6 Startup Command Options

ApplicationStartup OptionFor More Information

WebRTC Session Controller

-Dwlss.udp.listen.on.ephemeral

See information about single network adapter card configurations with TCP and UDP channels in Oracle WebLogic Server SIP Container Administrator's Guide.

WebRTC Session Controller

-Dwlss.udp.lb.masquerade

See information about single network adapter card configurations with TCP and UDP channels in Oracle WebLogic Server SIP Container Administrator's Guide.

WebRTC Session Controller

-Dweblogic.management.discover

See "Restarting an Administration Server on the Same System" for more information.

WebRTC Session Controller

-Dweblogic.RootDirectory

See "Restarting an Administration Server on Another System" for more information.

Installer

-Djava.io.tmpdir

See the discussion on temporary disk space requirements in Installation Guide for Oracle WebLogic Server in the WebLogic Server documentation.

WlssEchoServer

-Dwlss.ha.echoserver.port

See "Enabling and Configuring the Heartbeat Mechanism on Servers" for more information.

WlssEchoServer

-Dwlss.ha.echoserver.logfile

See "Enabling and Configuring the Heartbeat Mechanism on Servers" for more information.

WlssEchoServer

-Dreplica.host.monitor.enabled

See "Enabling and Configuring the Heartbeat Mechanism on Servers" for more information.

WlssEchoServer

-Dwlss.ha.heartbeat.interval

See "Enabling and Configuring the Heartbeat Mechanism on Servers" for more information.

WlssEchoServer

-Dwlss.ha.heartbeat.count

See "Enabling and Configuring the Heartbeat Mechanism on Servers" for more information.

WlssEchoServer

-Dwlss.ha.heartbeat.SoTimeout

See "Enabling and Configuring the Heartbeat Mechanism on Servers" for more information.


Reverting to the Original Boot Configuration

When you start the Administration Server for a WebRTC Session Controller domain, the server creates parses the current container configuration in sipserver.xml, and generates a copy of the initial configuration in a file named sipserver.xml.booted in the config/custom subdirectory of the domain directory. This backup copy of the initial configuration is preserved until you next start the server; modifying the configuration using JMX does not affect the backup copy.

If you modify the SIP Servlet container configuration and later decide to roll back the changes, copy the sipserver.xml.booted file over the current sipserver.xml file. Then restart the server to apply the new configuration.

PKWTJPK)DOEBPS/cnf_config_overview.htm^% WebRTC Session Controller Configuration Overview

1 WebRTC Session Controller Configuration Overview

This chapter introduces Oracle Communications WebRTC Session Controller configuration and administration.

About the Oracle WebLogic Platform

WebRTC Session Controller is based on Oracle WebLogic Server. Many system-level configuration tasks are the same for both products. This guide addresses system-level configuration tasks that are unique to WebRTC Session Controller, such as tasks related to network and security configuration and cluster configuration for the engine and SIP data tiers.

WebLogic server configuration and other basic configuration tasks such as logging are addressed in the WebLogic Server documentation. This guide will refer you to the WebLogic documentation for information where appropriate rather than repeat that information here.

Overview of Configuration and Administration Tools

You configure the WebRTC Session Controller domain using the Administration Console or the command-line using the WebLogic Scripting Tool (WLST). Changes to certain SIP Servlet container properties require a restart of the engine tier server for the change to take affect. Configuration for SIP data tier nodes cannot be changed dynamically, so you must restart SIP data tier servers to change the number of partitions or replicas.

You configure WebRTC application behavior properties in the WebRTC Session Controller console, which is separate from the Administration Console.

Administration Console

The WebRTC Session Controller extends the WebLogic Administration Console with additional configuration and monitoring pages. The Administration Console interface for WebRTC Session Controller settings are similar to the core console available in Oracle WebLogic Server.

All WebRTC Session Controller configuration and monitoring is provided through these nodes in the left pane of the console:

  • SipServer: presents SIP Servlet container properties and other engine tier functionality. This extension also enables you to view (but not modify) SIP data tier partitions and replicas.

  • Converged Load Balancer: presents configuration settings and monitoring pages for the activities of the converged load balancers in the implementation.

See "Accessing the Administration Console" for more information about using the console.

WebLogic Scripting Tool

The WebLogic Scripting Tool enables you to perform interactive or automated (batch) configuration operations using a command-line interface. View and manipulate the MBeans available in a running WebRTC Session Controller domain using the WLST.

See "Using WLST (JMX) to Configure WebRTC Session Controller" for more information about modifying SIP Servlet container properties using WLST.

For general WLST information, including information about WLST commands, see Oracle Fusion Middleware WebLogic Scripting Tool documentation.

WebRTC Session Controller Console

You configure Signaling Engine and Media Engine parameters and entries in the WebRTC Session Controller console. Signaling Engine parameters include time limit parameters for SIP sessions and WebSocket connections. Media Engine entries represent media hosts that you use with WebRTC Session Controller.

See "Configuring WebRTC Session Controller Signaling Properties and Media Nodes" for more information on the WebRTC Session Controller console.

Additional Configuration Methods

Most WebRTC Session Controller configuration is performed using the interfaces above. The methods described in the following sections may also be used for certain configuration tasks.

Editing Configuration Files

You may also modify the configuration by editing configuration files.

The WebRTC Session Controller custom resources use the basic domain resources defined in config.xml, such as network channels, cluster and server configuration, and Java EE resources. The config.xml file applies to all managed servers in the domain. However, standalone WebRTC Session Controller components are configured in separate configuration files based on functionality:

  • sipserver.xml contains general SIP container properties and engine tier configuration settings.

  • datatier.xml identifies servers that participate as replicas in the SIP data tier, and also defines the number and layout of SIP data tier partitions.

  • diameter.xml defines Diameter nodes and Diameter protocol applications used in the domain.

The component configuration files determine the role of each server instance, such as whether they behave as SIP data tier replicas or engine tier nodes.

See Part III, "Reference" for more information on the configuration files.

If you edit configuration files manually, you must restart all servers to apply the configuration changes.

Custom JMX Applications

You configure WebRTC Session Controller properties using JMX-compliant MBeans. You can program JMX applications for configuring SIP container properties using the appropriate WebRTC Session Controller MBeans.

See "Using WLST (JMX) to Configure WebRTC Session Controller" for the general procedure for modifying WebRTC Session Controller MBean properties using JMX. For more information about the individual MBeans used to manage SIP container properties, see WebRTC Session Controller JavaScript API Reference.

Common Configuration Tasks

General administration and maintenance of WebRTC Session Controller requires that you manage both WebLogic Server configuration properties and WebRTC Session Controller container properties.

Common configuration tasks include:

PKoc%^%PK)DOEBPS/cnf_jvmgc.htme Tuning JVM Garbage Collection for Production Deployments

16 Tuning JVM Garbage Collection for Production Deployments

This chapter describes how to tune Java Virtual Machine (JVM) garbage collection performance for Oracle Communications WebRTC Session Controller engine tier servers.

Goals for Tuning Garbage Collection Performance

Production installations of WebRTC Session Controller generally require extremely small response times (under 50 milliseconds) for clients even under peak server loads. A key factor in maintaining brief response times is the proper selection and tuning of the JVM's Garbage Collection (GC) algorithm for WebRTC Session Controller instances in the engine tier.

Whereas certain tuning strategies are designed to yield the lowest average garbage collection times or to minimize the frequency of full GCs, those strategies can sometimes result in one or more very long periods of garbage collection (often several seconds long) that are offset by shorter GC intervals. With a production WebRTC Session Controller installation, all long GC intervals must be avoided to maintain response time goals.

The sections that follow describe GC tuning strategies for Oracle's JVM that generally result in best response time performance.

Modifying JVM Parameters in Server Start Scripts

If you use custom startup scripts to start WebRTC Session Controller engines and replicas, simply edit those scripts to include the recommended JVM options described in the sections that follow.

The Configuration Wizard also installs default startup scripts when you configure a new domain. by default, these scripts are installed in the Middleware_Home/user_projects/domains/domain_name/bin directory, where Middleware_Home is where you installed the WebRTC Session Controller software and domain_name is the name of the domain's directory. The /bin directory includes:

  • startWebLogic.cmd, startWebLogic.sh: These scripts start the Administration Server for the domain.

  • startManagedWebLogic.cmd, startManagedWebLogic.sh: These scripts start managed engines and replicas in the domain.

If you use the Oracle-installed scripts to start engines and replicas, you can override JVM memory arguments by first setting the USER_MEM_ARGS environment variable in your command shell.


Note:

Setting the USER_MEM_ARGS environment variable overrides all default JVM memory arguments specified in the Oracle-installed scripts. Always set USER_MEM_ARGS to the full list of JVM memory arguments you intend to use. For example, when using the Sun JVM, always add -XX:MaxPermSize=128m to the USER_MEM_ARGS value, even if you only intend to change the default heap space (-Xms, -Xmx) parameters.

Tuning Garbage Collection with Oracle JDK

When using Oracle's JDK, the goal in tuning garbage collection performance is to reduce the time required to perform a full garbage collection cycle. You should not attempt to tune the JVM to minimize the frequency of full garbage collections, because this generally results in an eventual forced garbage collection cycle that may take up to several full seconds to complete.

The simplest and most reliable way to achieve short garbage collection times over the lifetime of a production server is to use a fixed heap size with the collector and the parallel young generation collector, restricting the new generation size to at most one third of the overall heap.

Oracle recommends using the Garbage-First (G1) garbage collector. See "Getting Started with the G1 Garbage Collector" for more information on using the Garbage-First collector.

The following example JVM settings are recommended for most production engine tier servers:

-server -Xms24G -Xmx24G -XX:PermSize=512m -XX:+UseG1GC -XX:MaxGCPauseMillis=200 -XX:ParallelGCThreads=20 -XX:ConcGCThreads=5 -XX:InitiatingHeapOccupancyPercent=70

For production replica servers, use the example settings:

-server -Xms4G -Xmx4G -XX:PermSize=512m -XX:+UseG1GC -XX:MaxGCPauseMillis=200 -XX:ParallelGCThreads=20 -XX:ConcGCThreads=5 -XX:InitiatingHeapOccupancyPercent=70

For standalone installations, use the example settings:

-server -Xms32G -Xmx32G -XX:PermSize=512m -XX:+UseG1GC -XX:MaxGCPauseMillis=200 -XX:ParallelGCThreads=20 -XX:ConcGCThreads=5 -XX:InitiatingHeapOccupancyPercent=70

The above options have the following effect:

  • -Xms, -Xmx: Places boundaries on the heap size to increase the predictability of garbage collection. The heap size is limited in replica servers so that even Full GCs do not trigger SIP retransmissions. -Xms sets the starting size to prevent pauses caused by heap expansion.

  • -XX:+UseG1GC: Use the Garbage First (G1) Collector.

  • -XX:MaxGCPauseMillis: Sets a target for the maximum GC pause time. This is a soft goal, and the JVM will make its best effort to achieve it.

  • -XX:ParallelGCThreads: Sets the number of threads used during parallel phases of the garbage collectors. The default value varies with the platform on which the JVM is running.

  • -XX:ConcGCThreads: Number of threads concurrent garbage collectors will use. The default value varies with the platform on which the JVM is running.

  • -XX:InitiatingHeapOccupancyPercent: Percentage of the (entire) heap occupancy to start a concurrent GC cycle. GCs that trigger a concurrent GC cycle based on the occupancy of the entire heap and not just one of the generations, including G1, use this option. A value of 0 denotes 'do constant GC cycles'. The default value is 45.

PKGUj e PK)DOEBPS/content.opfA Oracle® Communications WebRTC Session Controller System Administrator's Guide, Release 7.0 en-US E40973-01 Oracle Corporation Oracle Corporation Oracle® Communications WebRTC Session Controller System Administrator's Guide, Release 7.0 2013-11-08T22:37:18Z Oracle® Communications WebRTC Session Controller System Administrator's Guide, Release 7.0 PKڵ*dPK)DOEBPS/dcommon/oracle-logo.jpg_5JFIFC    $.' ",#(7),01444'9=82<.342C  2!!22222222222222222222222222222222222222222222222222'7" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( (QEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQE!KEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEzE7V%ȣOΏ9??:a"\fSrğjAsKJ:nOzO=}E1-I)3(QEQEQEQEQEQEQE֝Hza<["2"pO#f8M[RL(,?g93QSZ uy"lx4h`O!LŏʨXZvq& c՚]+: ǵ@+J]tQ]~[[eϸ (]6A&>ܫ~+כzmZ^(<57KsHf妬Ϧmnẁ&F!:-`b\/(tF*Bֳ ~V{WxxfCnMvF=;5_,6%S>}cQQjsOO5=)Ot [W9 /{^tyNg#ЄGsֿ1-4ooTZ?K Gc+oyڙoNuh^iSo5{\ܹ3Yos}$.nQ-~n,-zr~-|K4R"8a{]^;I<ȤL5"EԤP7_j>OoK;*U.at*K[fym3ii^#wcC'IIkIp$󿉵|CtĈpW¹l{9>⪦׺*ͯj.LfGߍԁw] |WW18>w.ӯ! VӃ :#1~ +މ=;5c__b@W@ +^]ևՃ7 n&g2I8Lw7uҭ$"&"b eZ":8)D'%{}5{; w]iu;_dLʳ4R-,2H6>½HLKܹR ~foZKZ࿷1[oZ7׫Z7R¢?«'y?A}C_iG5s_~^ J5?œ tp]X/c'r%eܺA|4ծ-Ե+ْe1M38Ǯ `|Kյ OVڅu;"d56, X5kYR<̭CiطXԮ];Oy)OcWj֩}=܅s۸QZ*<~%뺃ȶp f~Bðzb\ݳzW*y{=[ C/Ak oXCkt_s}{'y?AmCjޓ{ WRV7r. g~Q"7&͹+c<=,dJ1V߁=T)TR՜*N4 ^Bڥ%B+=@fE5ka}ędܤFH^i1k\Sgdk> ֤aOM\_\T)8靠㡮3ģR: jj,pk/K!t,=ϯZ6(((((((49 xn_kLk&f9sK`zx{{y8H 8b4>ÇНE|7v(z/]k7IxM}8!ycZRQ pKVr(RPEr?^}'ðh{x+ՀLW154cK@Ng C)rr9+c:׹b Жf*s^ fKS7^} *{zq_@8# pF~ [VPe(nw0MW=3#kȵz晨cy PpG#W:%drMh]3HH<\]ԁ|_W HHҡb}P>k {ZErxMX@8C&qskLۙOnO^sCk7ql2XCw5VG.S~H8=(s1~cV5z %v|U2QF=NoW]ո?<`~׮}=ӬfԵ,=;"~Iy7K#g{ñJ?5$y` zz@-~m7mG宝Gٱ>G&K#]؃y1$$t>wqjstX.b̐{Wej)Dxfc:8)=$y|L`xV8ߙ~E)HkwW$J0uʟk>6Sgp~;4֌W+חc"=|ř9bc5> *rg {~cj1rnI#G|8v4wĿhFb><^ pJLm[Dl1;Vx5IZ:1*p)إ1ZbAK(1ׅ|S&5{^ KG^5r>;X׻K^? s fk^8O/"J)3K]N)iL?5!ƾq:G_=X- i,vi2N3 |03Qas ! 7}kZU781M,->e;@Qz T(GK(ah(((((((Y[×j2F}o־oYYq $+]%$ v^rϭ`nax,ZEuWSܽ,g%~"MrsrY~Ҿ"Fت;8{ѰxYEfP^;WPwqbB:c?zp<7;SBfZ)dϛ; 7s^>}⍱x?Bix^#hf,*P9S{w[]GF?1Z_nG~]kk)9Sc5Ո<<6J-ϛ}xUi>ux#ţc'{ᛲq?Oo?x&mѱ'#^t)ϲbb0 F«kIVmVsv@}kҡ!ˍUTtxO̧]ORb|2yԵk܊{sPIc_?ħ:Ig)=Z~' "\M2VSSMyLsl⺿U~"C7\hz_ Rs$~? TAi<lO*>U}+'f>7_K N s8g1^CeКÿE ;{+Y\ O5|Y{/o+ LVcO;7Zx-Ek&dpzbӱ+TaB0gNy׭ 3^c T\$⫫?F33?t._Q~Nln:U/Ceb1-im WʸQM+VpafR3d׫é|Aү-q*I P7:y&]hX^Fbtpܩ?|Wu󭏤ʫxJ3ߴm"(uqA}j.+?S wV ~ [B&<^U?rϜ_OH\'.;|.%pw/ZZG'1j(#0UT` Wzw}>_*9m>󑓀F?EL3"zpubzΕ$+0܉&3zڶ+jyr1QE ( ( ( ( ( ( ( (UIdC0EZm+]Y6^![ ԯsmܶ捆?+me+ZE29)B[;я*wGxsK7;5w)}gH~.Ɣx?X\ߚ}A@tQ(:ͧ|Iq(CT?v[sKG+*רqҍck <#Ljα5݈`8cXP6T5i.K!xX*p&ќZǓϘ7 *oƽ:wlຈ:Q5yIEA/2*2jAҐe}k%K$N9R2?7ýKMV!{W9\PA+c4w` Wx=Ze\X{}yXI Ү!aOÎ{]Qx)#D@9E:*NJ}b|Z>_k7:d$z >&Vv󃏽WlR:RqJfGإd9Tm(ҝEtO}1O[xxEYt8,3v bFF )ǙrPNE8=O#V*Cc𹾾&l&cmCh<.P{ʦ&ۣY+Gxs~k5$> ӥPquŽўZt~Tl>Q.g> %k#ú:Kn'&{[yWQGqF}AЅ׮/}<;VYZa$wQg!$;_ $NKS}“_{MY|w7G!"\JtRy+贾d|o/;5jz_6fHwk<ѰJ#]kAȎ J =YNu%dxRwwbEQEQEQEQEQEQEQEQEQE'fLQZ(1F)hQ@X1KEQE-Q@ 1KE3h=iPb(((1GjZ(-ʹRPbR@ 1KE7`bڒyS0(-&)P+ ڎԴP11F)h&:LRmQ@Q@Š((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((( g\==oNYdp+@jhs2X".]q8mQ\V_ Ehl%d24O@@^2QҬudKhCrnWS0H9Ey?H@2pX9[RFѯKEQK2@IԡtkRdX/m㸍d0WP3k|]1U@dPRY"Pp2H8;DzD<?;ۿb1@}gYywx4r@c ~5ChڥY[q"b gW_5h^Wwgy@\+#nܜ]*ǃ|M^->Y:+F8\i::΍c[w Fp}M\3Լg!?G9Qk$hڱ@D($P1׃jx%`]f;KXbv pé#pLx^JfbKXYPCaݎ6?G4me#ֵO IU¾/P0qJ+/x]/S?t9绗̗â4)%܈ Q` +[ӵg\yae2crq+C{iڇhɑvlp p ^|X$m?oYvdc0z j>ug,p[ l ? @CFSfsZ~ԡV+`dmP$KcOZx]my#cB39AʫbM.[69)T5Ys/ZZ|>JI3HrFOlW(eO閑>j[ڏrUC"e"5SǞH|Mj֚ދ.amj Z'tX$dGx8I@FFBFFU8<Mώdj 2ϑsrN^1R=h60xNεKw$5\)<g(.߇0 ◃|GA:/Yv,ydp $:DuOY>zwKĒAO12A0H=k?j/a%d:Cl UjXr]&]\sgp:0`AAO#äiyVܼzp? .XiV:c=pۃuqU/8rO$i~ӞWr7@'j 2N8|K5E4}j9 M 8zXt\~>Ǯ&2MavރcAVLl.it-SXtWE_nI wWύ7iȲjB#:nHC`I<֣hj>.қSUv *ɸP~^O'W^"$^~"sw//EhR=z+dK1%6II }*eS᳐{YG×zskkz@:[~/u|#.5hR#iFUd rh@$csY'zʮ~z@ZGokoG$隤P 4$rF Ϗ<]qx|SiiťMI؇YB  Eq|CkZu='PL\<[s  QEQEQEQEQEQEQEQEQEQEQEQEp$޻g[) kRazh R&ڬB}j6>Ö*Ksy-w$jA1" g𫸏Q@gxVÚL~"u/w#%7"15#&u BJs@l'98,ޙEqؚ)ywmݝ{bj?>?Go_gٷvv3{aEymf"ujl(Ȑ8l=[?5o;> vB7$g j(?&/o}:Sv#Y)|K`32Oyo2 F;~v}goymg5]n*?|MaO"]>XlF+;\Q@gx3_Cچ$px6HZϵQ%p #!|K=&?5wlQwr;aQGQNO\Eq54ծmX_a$\%_r0N9=k>6ooiEi-ÃG) xQ@7h-p7wDx X`PN8pJ(/xI֟i ƻc`n:lx<3gR%HO4)e >Q@_<wk_ H5y{CFfΠ+y8.߅fi,9jy!D"d I(YojݮNiGz-Y* IޛۈQi~ JB2%vŎŷVu ͊VbA@L*%qעQ@7h-p7wDx X`PN8p<[7&=|QY!U?8mek5Q@?q?t6 5}J^G:6amWkzmxYc 7zd̨V~98z~EG[@?1 vlύ~.v{egoHHPh '>*MCǞխkb*(xJDA sz(oi%\ETCĬ *W#WAjq~y/"+B'wz]>[]{,eܼ ^+(-1Zj~u  Kr\F<pTu?Ñ|=TmjȜjm:: *atks)<7okwriwi"\ܭ 9``>%GqfU[6cԃ,9Wa=0x n[9뒬H8*HvTP|] S645p5PhJ)}!s v5ctj~VAG$ȟ}⁀g-pr .3.=2Ev5/_ǧ\w`r+uq/>=`ƍ|[dЦCmV@v6<X}Ŀ G v]FHi#y-lwumrxRr@&:M_ j%x K4bN֭cxs?2w?nimˍpKqҹH1<4g-L+47$+x.N 0#ˏI_:4V;}3$dW9Tnf9(lPyyS^+RKHd8q"qm=M/4?jRx}yK`~ҷQl@8댮-NxJï:n#K=a]պS<&zߊ^"׼/=~oEVF3 Q<%%{/?%$B(# k׈MUH䕭W 5h嗇M }s[ܵJ HcH T7͡MρmZ%lu$XD0!^> wz |E~ҵ[ycksv Ge^Fiq>2'URI @7ú߇}NT}F8d!!ar S,69GKIoQ%ye^ROηJfӏ$fD<* I? EvrymW9'zd)"r@|YZt5gdW#A`55R3E,Bf*rGWrKeCnx%O Ea&Ki2g?'q esrz};_IR)4њ&G˻SM~b.4ٴo"6F2=\|U;s^xg.ĶS[)m%0:FOQ{>^e?i[XQw!ztoq^G߇,mcV|3DFӄнA2++~RHݘEzf\j<wtmnY' nU#\URzЮ/v:ݘ Í6k|yO. 79{J(((((((((((((/_<(֑^En.5 FLfvr2_i>ukA;G";66 QМuxe͊(oN4&e-|-w? ``F{Qw:ƝlԼ߲E HjТ} o_E5pi'i>15|k t;ZCdܱ ltu:+OMsK5BI\%ww1bfv=\Ѿ)'_RN{D9!I*C1$aG'Ҁ; ( +Aj>$_vՄ60O1syψuM{C[Xi3@~Knd~ u4k~C"(p00NO˃`?Z2K$X/|Gb%,sTᑆ9(?@}ڔvi;gg dTN02=EIh^+7Zk<8eӌdq@~7UR4k 6÷ij%Kݾfd ` aoop8*/~ wg6۟ss]&=#[jZvo`XUA,zx5(? x@:wdd$deX0p} e|SNI]E}!Ds.pr~\; *8'+yc P&@v1R#w mcW/6S6.<)oeb-R0@=A=3^z_t l&vܧ  s7_ t(I$ Q#0V 0z_×XBv 4(9Xr@œ۬5x ʭU=J5i)M֬c.cXt*ASd#5:yi$Zy ̜0gynϴ?yd}15ca ݟھf7n98^ii:ƣ[[Լ˽ zßᗂA.qIr47b0Iמ]yڿ']^9>lWWhuGn^Hol$L@cpCK摣x}t+KTt4ʥ\$Kz7 ??nr;y{y{mn88k;{k9wyyv<'*axjInY[bLd$rŗbx'? &ox> _EX^ݕ!?0duO |K ?G; I)ӟ0aV d(=#J4Oۮ佸ٷܓp0=Dӭ˝j.%DvU_YA:#pgP97_5%FKyA8\:cv*C'Í* ?@A1>YfLc]Ƴ:>K2II%F',y>~4'L]64n#E*gkr,IݜIɠ+?5??Am/߻孷5]s#ƅ3?IX@C ]y*fvQkt/ً]sL5H'k2h0x~!q=ƅk<I #m8ؐ3@p3P#^<*H>FmsFx2LeIZxoJ\4Ȯeq2}y:t q]<5h^$ UC[Bռ}wFKI{=9-(P  p 8.#Z|XP\q6 CH@d`1}ooᨼ6*2\GpM#@ B`˶c^<o<N!f$s SYz:t.$;$a(f$zUM7J́c*|~@cmjWm)}G\]D\&H"dTgg'iV:oiYۦȢN?$y$rMGhvfzmVTC :keNGDC څ&4{y!'t:Ohg}y^ټyyۿo]=3V+?N3'ؼ~ssgހ8zÏ˸ eS&Ǧdo,|%HCEX `yF :V(S4XdҬD\0㌞puA VG  HB(q(((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((PK^s__PK)DOEBPS/dcommon/cpyr.htmD Oracle Legal Notices

Oracle Legal Notices

Copyright Notice

Copyright © 1994-2014, Oracle and/or its affiliates. All rights reserved.

Trademark Notice

Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group.

License Restrictions Warranty/Consequential Damages Disclaimer

This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.

Warranty Disclaimer

The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing.

Restricted Rights Notice

If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable:

U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government.

Hazardous Applications Notice

This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications.

Third-Party Content, Products, and Services Disclaimer

This software or hardware and documentation may provide access to or information on content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services.

Alpha and Beta Draft Documentation Notice

If this document is in preproduction status:

This documentation is in preproduction status and is intended for demonstration and preliminary use only. It may not be specific to the hardware on which you are using the software. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to this documentation and will not be responsible for any loss, costs, or damages incurred due to the use of this documentation.

Oracle Logo

PK0hPK)DOEBPS/dcommon/oracle.gifJGIF87aiyDT2F'G;Q_oKTC[ 3-Bq{ttsoGc4I)GvmLZ).1)!ꑈ53=Z]'yuLG*)g^!8C?-6(29K"Ĩ0Яl;U+K9^u2,@@ (\Ȱ Ë $P`lj 8x I$4H *(@͉0dа8tA  DсSP v"TUH PhP"Y1bxDǕ̧_=$I /& .)+ 60D)bB~=0#'& *D+l1MG CL1&+D`.1qVG ( "D2QL,p.;u. |r$p+5qBNl<TzB"\9e0u )@D,¹ 2@C~KU 'L6a9 /;<`P!D#Tal6XTYhn[p]݅ 7}B a&AƮe{EɲƮiEp#G}D#xTIzGFǂEc^q}) Y# (tۮNeGL*@/%UB:&k0{ &SdDnBQ^("@q #` @1B4i@ aNȅ@[\B >e007V[N(vpyFe Gb/&|aHZj@""~ӎ)t ? $ EQ.սJ$C,l]A `8A o B C?8cyA @Nz|`:`~7-G|yQ AqA6OzPbZ`>~#8=./edGA2nrBYR@ W h'j4p'!k 00 MT RNF6̙ m` (7%ꑀ;PKl-OJPK)DOEBPS/dcommon/doccd_epub.jsM /* Copyright 2006, 2012, Oracle and/or its affiliates. All rights reserved. Author: Robert Crews Version: 2012.3.17 */ function addLoadEvent(func) { var oldOnload = window.onload; if (typeof(window.onload) != "function") window.onload = func; else window.onload = function() { oldOnload(); func(); } } function compactLists() { var lists = []; var ul = document.getElementsByTagName("ul"); for (var i = 0; i < ul.length; i++) lists.push(ul[i]); var ol = document.getElementsByTagName("ol"); for (var i = 0; i < ol.length; i++) lists.push(ol[i]); for (var i = 0; i < lists.length; i++) { var collapsible = true, c = []; var li = lists[i].getElementsByTagName("li"); for (var j = 0; j < li.length; j++) { var p = li[j].getElementsByTagName("p"); if (p.length > 1) collapsible = false; for (var k = 0; k < p.length; k++) { if ( getTextContent(p[k]).split(" ").length > 12 ) collapsible = false; c.push(p[k]); } } if (collapsible) { for (var j = 0; j < c.length; j++) { c[j].style.margin = "0"; } } } function getTextContent(e) { if (e.textContent) return e.textContent; if (e.innerText) return e.innerText; } } addLoadEvent(compactLists); function processIndex() { try { if (!/\/index.htm(?:|#.*)$/.test(window.location.href)) return false; } catch(e) {} var shortcut = []; lastPrefix = ""; var dd = document.getElementsByTagName("dd"); for (var i = 0; i < dd.length; i++) { if (dd[i].className != 'l1ix') continue; var prefix = getTextContent(dd[i]).substring(0, 2).toUpperCase(); if (!prefix.match(/^([A-Z0-9]{2})/)) continue; if (prefix == lastPrefix) continue; dd[i].id = prefix; var s = document.createElement("a"); s.href = "#" + prefix; s.appendChild(document.createTextNode(prefix)); shortcut.push(s); lastPrefix = prefix; } var h2 = document.getElementsByTagName("h2"); for (var i = 0; i < h2.length; i++) { var nav = document.createElement("div"); nav.style.position = "relative"; nav.style.top = "-1.5ex"; nav.style.left = "1.5em"; nav.style.width = "90%"; while (shortcut[0] && shortcut[0].toString().charAt(shortcut[0].toString().length - 2) == getTextContent(h2[i])) { nav.appendChild(shortcut.shift()); nav.appendChild(document.createTextNode("\u00A0 ")); } h2[i].parentNode.insertBefore(nav, h2[i].nextSibling); } function getTextContent(e) { if (e.textContent) return e.textContent; if (e.innerText) return e.innerText; } } addLoadEvent(processIndex); PKo"nR M PK)DOEBPS/dcommon/blafdoc.cssc@charset "utf-8"; /* Copyright 2002, 2011, Oracle and/or its affiliates. All rights reserved. Author: Robert Crews Version: 2011.10.7 */ body { font-family: Tahoma, sans-serif; /* line-height: 125%; */ color: black; background-color: white; font-size: small; } * html body { /* http://www.info.com.ph/~etan/w3pantheon/style/modifiedsbmh.html */ font-size: x-small; /* for IE5.x/win */ f\ont-size: small; /* for other IE versions */ } h1 { font-size: 165%; font-weight: bold; border-bottom: 1px solid #ddd; width: 100%; text-align: left; } h2 { font-size: 152%; font-weight: bold; text-align: left; } h3 { font-size: 139%; font-weight: bold; text-align: left; } h4 { font-size: 126%; font-weight: bold; text-align: left; } h5 { font-size: 113%; font-weight: bold; display: inline; text-align: left; } h6 { font-size: 100%; font-weight: bold; font-style: italic; display: inline; text-align: left; } a:link { color: #039; background: inherit; } a:visited { color: #72007C; background: inherit; } a:hover { text-decoration: underline; } a img, img[usemap] { border-style: none; } code, pre, samp, tt { font-family: monospace; font-size: 110%; } caption { text-align: center; font-weight: bold; width: auto; } dt { font-weight: bold; } table { font-size: small; /* for ICEBrowser */ } td { vertical-align: top; } th { font-weight: bold; text-align: left; vertical-align: bottom; } ol ol { list-style-type: lower-alpha; } ol ol ol { list-style-type: lower-roman; } li { text-align: left; } dd { text-align: left; } td p:first-child, td pre:first-child { margin-top: 0px; margin-bottom: 0px; } table.table-border { border-collapse: collapse; border-top: 1px solid #ccc; border-left: 1px solid #ccc; } table.table-border th { padding: 0.5ex 0.25em; color: black; background-color: #f7f7ea; border-right: 1px solid #ccc; border-bottom: 1px solid #ccc; } table.table-border td { padding: 0.5ex 0.25em; border-right: 1px solid #ccc; border-bottom: 1px solid #ccc; } span.gui-object, span.gui-object-action { font-weight: bold; } span.gui-object-title { } p.horizontal-rule { width: 100%; border: solid #cc9; border-width: 0px 0px 1px 0px; margin-bottom: 4ex; } div.zz-skip-header { display: none; } td.zz-nav-header-cell { text-align: left; font-size: 95%; width: 99%; color: black; background: inherit; font-weight: normal; vertical-align: top; margin-top: 0ex; padding-top: 0ex; } a.zz-nav-header-link { font-size: 95%; } td.zz-nav-button-cell { white-space: nowrap; text-align: center; width: 1%; vertical-align: top; padding-left: 4px; padding-right: 4px; margin-top: 0ex; padding-top: 0ex; } a.zz-nav-button-link { font-size: 90%; } div.zz-nav-footer-menu { width: 100%; text-align: center; margin-top: 2ex; margin-bottom: 4ex; } p.zz-legal-notice, a.zz-legal-notice-link { font-size: 85%; /* display: none; */ /* Uncomment to hide legal notice */ } /*************************************/ /* Begin DARB Formats */ /*************************************/ .bold, .codeinlinebold, .syntaxinlinebold, .term, .glossterm, .seghead, .glossaryterm, .keyword, .msg, .msgexplankw, .msgactionkw, .notep1, .xreftitlebold { font-weight: bold; } .italic, .codeinlineitalic, .syntaxinlineitalic, .variable, .xreftitleitalic { font-style: italic; } .bolditalic, .codeinlineboldital, .syntaxinlineboldital, .titleinfigure, .titleinexample, .titleintable, .titleinequation, .xreftitleboldital { font-weight: bold; font-style: italic; } .itemizedlisttitle, .orderedlisttitle, .segmentedlisttitle, .variablelisttitle { font-weight: bold; } .bridgehead, .titleinrefsubsect3 { font-weight: bold; } .titleinrefsubsect { font-size: 126%; font-weight: bold; } .titleinrefsubsect2 { font-size: 113%; font-weight: bold; } .subhead1 { display: block; font-size: 139%; font-weight: bold; } .subhead2 { display: block; font-weight: bold; } .subhead3 { font-weight: bold; } .underline { text-decoration: underline; } .superscript { vertical-align: super; } .subscript { vertical-align: sub; } .listofeft { border: none; } .betadraft, .alphabetanotice, .revenuerecognitionnotice { color: #e00; background: inherit; } .betadraftsubtitle { text-align: center; font-weight: bold; color: #e00; background: inherit; } .comment { color: #080; background: inherit; font-weight: bold; } .copyrightlogo { text-align: center; font-size: 85%; } .tocsubheader { list-style-type: none; } table.icons td { padding-left: 6px; padding-right: 6px; } .l1ix dd, dd dl.l2ix, dd dl.l3ix { margin-top: 0ex; margin-bottom: 0ex; } div.infoboxnote, div.infoboxnotewarn, div.infoboxnotealso { margin-top: 4ex; margin-right: 10%; margin-left: 10%; margin-bottom: 4ex; padding: 0.25em; border-top: 1pt solid gray; border-bottom: 1pt solid gray; } p.notep1 { margin-top: 0px; margin-bottom: 0px; } .tahiti-highlight-example { background: #ff9; text-decoration: inherit; } .tahiti-highlight-search { background: #9cf; text-decoration: inherit; } .tahiti-sidebar-heading { font-size: 110%; margin-bottom: 0px; padding-bottom: 0px; } /*************************************/ /* End DARB Formats */ /*************************************/ @media all { /* * * { line-height: 120%; } */ dd { margin-bottom: 2ex; } dl:first-child { margin-top: 2ex; } } @media print { body { font-size: 11pt; padding: 0px !important; } a:link, a:visited { color: black; background: inherit; } code, pre, samp, tt { font-size: 10pt; } #nav, #search_this_book, #comment_form, #comment_announcement, #flipNav, .noprint { display: none !important; } body#left-nav-present { overflow: visible !important; } } PKT' hcPK)DOEBPS/net_network.htmEt Configuring Network Connection Settings

9 Configuring Network Connection Settings

This chapter describes how to configure network resources for use with Oracle Communications WebRTC Session Controller.

Overview of Network Configuration

The default HTTP network configuration for each WebRTC Session Controller instance is determined from the Listen Address and Listen Port setting for each server. However, WebRTC Session Controller does not support the SIP protocol over HTTP. The SIP protocol is supported over the UDP and TCP transport protocols. SIPS is also supported using the TLS transport protocol.

To enable UDP, TCP, or TLS transports, you configure one or more network channels for a WebRTC Session Controller instance. A network channel is a configurable Oracle WebLogic Server resource that defines the attributes of a specific network connection to the server instance. Basic channel attributes include:

  • The protocols supported by the connection

  • The listen address (DNS name or IP address) of the connection

  • The port number used by the connection

  • (optional) The port number used by outgoing UDP packets

  • The public listen address to embed in SIP headers when the channel is used for an outbound connection. This is typically the IP address presented by the IP sprayer or external load balancer as the virtual IP (VIP) for the telecommunication services.

You can assign multiple channels to a single WebRTC Session Controller instance to support multiple protocols or to use multiple interfaces available with multihomed server hardware. You cannot assign the same channel to multiple server instances.

When you configure a new network channel for the SIP protocol, both the UDP and TCP transport protocols are enabled on the specified port. You cannot create a SIP channel that supports only UDP transport or only TCP transport. When you configure a network channel for the SIPS protocol, the server uses the TLS transport protocol for the connection.

As you configure a new SIP Server domain, you will generally create multiple SIP channels for communication to each engine tier server in your system. Engine tier servers can communicate to SIP data tier replicas using the configured Listen Address attributes for the replicas. Note, however, that replicas must use unique Listen Addressees to communicate with one another.


Note:

If you configure multiple replicas in a SIP data tier cluster, you must configure a unique Listen Address for each server (a unique DNS name or IP address). If you do not specify a unique Listen Address, the replica service binds to the default localhost address and multiple replicas cannot locate one another.

Configuring External IP Addresses in Network Channels

When you set up a network channel for your WebRTC Session Controller instance, you must specify the public IP address that external clients use to address the instance. In most cases, this address is presented by an IP sprayer or external load balancer or other network element capable of exposing a virtual IP (VIP) on behalf of the WebRTC Session Controller to the external network.

You configure the client-facing address as the external listen address. When a SIP channel has an external listen address that differs from the channel's primary listen address, WebRTC Session Controller embeds the host and port number of the external address in SIP headers, such as in the Response header. This causes subsequent messages from external clients to be directed to the public address rather than the local engine tier server address (which may not be accessible to clients).

If an external listen address is not specified for the network channel, the WebRTC Session Controller embeds the primary listen address for the channel in the headers.

If you have more than one IP sprayer or load balancer that may receive external traffic addressed to the WebRTC Session Controller servers, you must define a channel on each engine tier server for each one. When a particular network interface on the engine tier server is selected for outbound traffic, the network channel associated with the network interface card's (NIC's) address is examined to determine the external listen address to embed in SIP headers.

If your system uses a multihomed IP sprayer or load balancer having two public addresses, you must also define a pair of channels to configure both public addresses. If the engine tier server has only one NIC, you must define a second, logical address on the NIC to configure a dedicated channel for the second public address. In addition, you must configure your IP routing policies to define which logical address is associated with each public address.

About IPv4 and IPv6 Support

If your operating system and hardware support IPv6, you can also configure WebRTC Session Controller to use IPv6 for network communication. Enable IPv6 for SIP traffic by configuring a network channel with an IPv6 address. You must configure an IPv6 SIP channel on each engine tier server that will support IPv6 traffic.

Each SIP network channel configured on an engine supports either IPv6 or IPv4 traffic. You cannot mix IPv4 and IPv6 traffic on a single channel. You can configure a single engine with both an IPv4 and IPv6 channel to support multiple, separate networks.

It is also possible for WebRTC Session Controller engine and SIP data tier nodes to communicate on IPv4 (or IPv6) while supporting the other protocol version for external SIP traffic. To configure engine and SIP data tier nodes on an IPv6 network, simply specify IPv6 listen addresses for each server instance.

Enabling DNS Support

WebRTC Session Controller supports DNS for resolving the transport, IP address and port number of a proxy required to send a SIP message. This matches the behavior described in RFC 3263 (http://www.ietf.org/rfc/rfc3263.txt). DNS may also be used when routing responses to resolve the IP address and port number of a destination.


Caution:

Because multihome resolution is performed within the context of SIP message processing, any multihome performance problems result in increased latency performance. Oracle recommends using a caching multihome server in a production environment to minimize potential performance problems.

To configure DNS support:

  1. Log in to the Administration Console for the WebRTC Session Controller domain you want to configure.

  2. Select the SipServer node in the left pane of the Console.

  3. Select the Configuration, and then select the General tab in the right pane.

  4. Select the option for Enable DNS Server Lookup.

  5. Click Save to save your changes.

When you enable DNS lookup, the server can use DNS to:

  • Discover a proxy server's transport, IP address, and port number when a request is sent to a SIP URI.

  • Resolve an IP address and port number during response routing, depending on the contents of the Sent-by field.

For proxy discovery, WebRTC Session Controller uses DNS resolution only once per SIP transaction to determine transport, IP, and port number information. All retransmissions, ACKs, or CANCEL requests are delivered to the same address and port using the same transport. For details about how DNS resolution takes place, see RFC 3263 (http://www.ietf.org/rfc/rfc3263.txt).

When a proxy is required to send a response message, WebRTC Session Controller uses DNS lookup to determine the IP address and port number of the destination, using the information provided in the sent-by field and the Via the header.

Configuring Network Channels for SIP or SIPS

When you create a domain using the Configuration Wizard, WebRTC Session Controller instances are configured with a default network channel supporting the SIP protocol over UDP and TCP. This default channel is configured to use Listen Port 5060, but specifies no Listen Address. Follow the instructions in "Reconfiguring an Existing Channel" to change the default channel's listen address or listen port settings. See "Creating a New SIP or SIPS Channel" for information on creating a new channel resource to support additional protocols or additional network interfaces.

Reconfiguring an Existing Channel

You cannot change the protocol supported by an existing channel. To reconfigure an existing listen address/port combination to use a different network protocol, you must delete the existing channel and create a channel using the instructions in "Creating a New SIP or SIPS Channel".

To reconfigure a channel:

  1. Log in to the Administration Console for the WebRTC Session Controller domain you want to configure.

  2. In the left pane, select the Environment entry to display its contents. Select Servers from the displayed entries.

  3. In the right pane, select the name of the server you want to configure.

  4. Select Protocols, then select the Channels tab to display the configured channels.

  5. To delete an existing channel, select it in the table and click Delete.

  6. To reconfigure an existing channel:

    1. Select the channel's link from Name column of the channel list (for example, the default SIP channel).

    2. Edit the Listen Address or Listen Port fields to correspond to the address of a NIC or logical address on the associated engine tier server.


      Note:

      The channel must be disabled before you can modify the listen address or listen port. Disable the channel by deselecting the Enabled check box.

    3. Set the External Listen Address or External Listen Port fields to the destination address and port addressed by external clients. This is typically the VIP address presented by an external load balancer or IP sprayer in your system.

    4. Edit the advanced channel attributes as necessary (see "Creating a New SIP or SIPS Channel" for details.)

  7. Click Save.

Creating a New SIP or SIPS Channel

To add a new SIP or SIPS channel to the configuration of a WebRTC Session Controller instance:

  1. Log in to the Administration Console for the WebRTC Session Controller domain you want to configure.

  2. In the left pane, select the Environment node, and then select the Servers tab.

  3. In the right pane, select the name of the server you want to configure.

  4. Select the Protocols tab, then select the Channels tab to display the configured channels.

  5. Click New to configure a new channel.

  6. Fill in the new channel fields as follows:

    • Name: Enter an administrative name for this channel, such as SIPS-Channel-eth0.

    • Protocol: Select either sip to support UDP and TCP transport, or sips to support TLS transport. A SIP channel cannot support only UDP or only TCP transport on the configured port.

  7. Click Next.

  8. Fill in the new channel's addressing fields as follows:

    • Listen Address: Enter the IP address or DNS name for this channel. On a DNS server, enter the exact IP address of the interface you want to configure, or a multihome name that maps to the exact IP address.

    • Listen Port: Enter the port number used to communication through this channel. The combination of Listen Address and Listen Port must be unique across all channels configured for the server. SIP channels support both UDP and TCP transport on the configured port.

    • External Listen Address and External Listen Port: Edit these fields to match the external address and port used by clients to address the system. This is typically a virtual IP address presented by an external load balancer or IP sprayer.

      If this value differs from the Listen Address value, the WebRTC Session Controller embeds this value in SIP message headers for further call traffic.

  9. Click Next.

  10. Set the additional channel properties listed below if required:

    • Enabled: This attribute specifies whether to start the new channel.

    • Tunneling Enabled: This attribute specifies whether tunneling through HTTP should be enabled for this network channel. This value is not inherited from the server's configuration.

    • HTTP Enabled for This Protocol: This attribute cannot be selected for SIP and SIPS channels, because WebRTC Session Controller does not support HTTP transport SIP protocols.

    • Outbound Enabled: This attribute cannot be unchecked, because all SIP and SIPS channels can originate network connections.

  11. Click Finish.

Configuring Custom Timeout, MTU, and Other Properties

SIP channels can be further configured using one or more custom channel properties. The custom properties cannot be set using the Administration Console. Instead, you must use a text editor to add the properties to a single, custom-property stanza in the channel configuration portion of the config.xml file for the domain.

WebRTC Session Controller provides the following custom properties that affect the transport protocol of SIP channels:

  • TcpConnectTimeoutMillis: Specifies the amount of time WebRTC Session Controller waits before it declares a destination address (for an outbound TCP connection) as unreachable. The property is applicable only to SIP channels; WebRTC Session Controller ignores this attribute value for SIPS channels. A value of 0 disables the timeout completely. A default value of 3000 milliseconds is used if you do not specify the custom property.

  • SctpConnectTimeoutMillis: Specifies the amount of time WebRTC Session Controller waits before it declares a destination address (for an outbound SCTP connection) as unreachable. The property is applicable only to SCTP channels (for Diameter traffic). A value of 0 disables the timeout completely. A default value of 3000 milliseconds is used if you do not specify the custom property. See "Configuring Static Source Port for Outbound UDP Packets" for information about creating SCTP channels for Diameter.

  • SourcePorts: Configures one or more static port numbers that a server uses for originating UDP packets.


    Caution:

    Oracle does not recommend using the SourcePorts custom property in most configurations because it degrades performance. Configure the property only in cases where you must specify the exact ports that WebRTC Session Controller uses to originate UDP packets.

  • Mtu: Specifies the Maximum Transmission Unit (MTU) value for this channel. A value of -1 uses the default MTU size for the transport.

  • EnabledProtocolVersions: Specifies the version of the SSL protocol to use with this channel when WebRTC Session Controller acts as an SSL client. When acting as an SSL client, by default the channel requires TLS V1.0 as the supported protocol. You can configure the server to use SSL V3.0 as well, if that is the highest version that the SSL peer servers support. You can set one of the following values for this property:

    • TLS1, the default, configures the channel to send and accept only TLS V1.0 messages. Peers must respond with a TLS V1.0 message, or the SSL connection is dropped.

    • SSL3 configures the channel to send and accept only SSL V3.0 messages. Peers must respond with an SSL V3.0 message, or the SSL connection is dropped.

    • ALL supports either TLS V1.0 or SSL V3.0 messages. Peers must respond with a TLS V1.0 or SSL V3.0 message, or the SSL connection is dropped.

To configure a custom property, use a text editor to modify the config.xml file directly, or use a JMX client such as WLST to add the custom property. When editing config.xml directly, ensure that you add only one custom-properties element to the end of a channel's configuration stanza. Separate multiple custom properties within the same element using semicolons (;) as shown in Example 9-1.

Example 9-1 Setting Custom Properties

<network-access-point>
  <name>sip</name>
  <protocol>sip</protocol>
  <listen-port>5060</listen-port>
  <public-port>5060</public-port>
  <http-enabled-for-this-protocol>false</http-enabled-for-this-protocol>
  <tunneling-enabled>false</tunneling-enabled>
  <outbound-enabled>true</outbound-enabled>
  <enabled>true</enabled>
  <two-way-ssl-enabled>false</two-way-ssl-enabled>
  <client-certificate-enforced>false</client-certificate-enforced>
  <custom-properties>EnabledProtocolVersions=ALL;Mtu=1000;SourcePorts=5060</custom-properties>
</network-access-point>

Configuring SIP Channels for Multihomed Machines

If you are configuring a server that has multiple network interfaces (a "multihomed" server), you must configure a separate network channel for each IP address used by WebRTC Session Controller. WebRTC Session Controller uses the listen address and listen port values for each channel when embedding routing information into SIP message system headers.


Note:

If you do not configure a channel for a particular IP address on a multihomed system, that IP address cannot be used when populating Via, Contact, and Record-Route headers.

Configuring Engine Servers to Listen on Any IP Interface

To configure WebRTC Session Controller to listen for UDP traffic on any available IP interface, create a SIP channel and specify 0.0.0.0 (or :: for IPv6 networks) as the listen address. You must still configure at least one additional channel with an explicit IP address to use for outgoing SIP messages. (For multihomed machines, each interface used for outgoing messages must have a configured channel.)


Note:

You must configure the 0.0.0.0 address directly on the server's network channel. If you configure a SIP channel without specifying the channel listen address, but you do configure a listen address for the server itself, then the SIP channel inherits the server listen address. In this case the SIP channel does not listen on IP_ANY.


Note:

Using the 0.0.0.0 configuration affects only UDP traffic on Linux platforms. WebRTC Session Controller only creates TCP and HTTP listen threads corresponding to the configured host name of the server, and localhost. If multiple addresses are mapped to the host name, WebRTC Session Controller displays warning messages upon startup. To avoid this problem and listen on all addresses, specify the :: address, which encompasses all available addresses for both IPv6 and IPv4 for HTTP and TCP traffic as well.

Configuring Static Source Port for Outbound UDP Packets

You can optionally use a static port rather than a dynamically assigned ephemeral port as the source port for outgoing UDP datagrams. WebRTC Session Controller network channels provide a SourcePorts attribute that you can use to configure one or more static ports that a server uses for originating UDP packets.

You can identify the ephemeral port currently used by the WebRTC Session Controller by examining the server log file. A log entry appears as follows:

<Nov 30, 2005 12:00:00 AM PDT> <Notice> <WebLogicServer> <BEA-000202> <Thread "SIP Message Processor (Transport UDP)" listening on port 35993.>

Caution:

Oracle does not recommend using the SourcePorts custom property in most configurations because it degrades performance. Configure the property only in cases where you must specify the exact ports that WebRTC Session Controller uses to originate UDP packets.

To use a static port for outgoing UDP datagrams, first disable use of the ephemeral port by specifying the following server start-up option:

-Dwlss.udp.listen.on.ephemeral=false

To configure the SourcePorts property, use a JMX client such as WLST or directly modify a network channel configuration in config.xml to include the custom property. SourcePorts defines an array of port numbers or port number ranges. Do not include spaces in the SourcePorts definition; use only port numbers, hyphens ("-") to designate ranges of ports, and commas (",") to separate ranges or individual ports. See Example 9-2 for an example configuration.

Example 9-2 Static Port Configuration for Outgoing UDP Packets

<network-access-point>
  <name>sip</name>
  <protocol>sip</protocol>
  <listen-port>5060</listen-port>
  <public-port>5060</public-port>
  <http-enabled-for-this-protocol>false</http-enabled-for-this-protocol>
  <tunneling-enabled>false</tunneling-enabled>
  <outbound-enabled>true</outbound-enabled>
  <enabled>true</enabled>
  <two-way-ssl-enabled>false</two-way-ssl-enabled>
  <client-certificate-enforced>false</client-certificate-enforced>
  <custom-properties>SourcePorts=5060</custom-properties>
</network-access-point>

Configuring Unique Listen Address Attributes for SIP Data Tier Replicas

Each replica in the SIP data tier must bind to a unique Listen Address attribute (a unique DNS name or IP address) to contact one another as peers. Follow these instructions for each replica to assign a unique Listen Address:

  1. Access the Administration Console for the WebRTC Session Controller domain.

  2. Select Environment, then select Servers from the left pane.

  3. In the right pane, select the name of the server to configure.

  4. Select Configuration, then select the General tab.

  5. Enter a unique DNS name or IP address in the Listen Address field.

  6. Click Save.

PK) JtEtPK)DOEBPS/opg_upgrading.htmF; Upgrading Production WebRTC Session Controller Software

13 Upgrading Production WebRTC Session Controller Software

This chapter provides general instructions for upgrading Oracle Communications WebRTC Session Controller software to a new Service Pack release. The service pack may contain additional tools or instructions for performing the upgrade which may supersede the information in this chapter. Refer to those instructions if they are available.

Overview of System Upgrades

Because a typical production WebRTC Session Controller installation uses multiple server instances, upgrading the WebRTC Session Controller software requires that you follow very specific practices. These practices ensure that:

  • Existing clients of deployed SIP Servlets are not interrupted or lost during the upgrade procedure.

  • The upgrade procedure can be "rolled back" to a previous state if any problems occur.

The sections that follow describe how to use a configured load balancer to perform a "live" upgrade of the WebRTC Session Controller software on a production installation.

When upgrading the WebRTC Session Controller software (for example, in response to a Service Pack), a new engine tier cluster is created to host newly-upgraded engine tier instances. One-by-one, servers in the engine tier are shut-down, upgraded, and then restarted in the new target cluster. While servers are being upgraded, WebRTC Session Controller automatically forwards requests from one engine tier cluster to the other as necessary to ensure that SIP data tier requests are always initiated by a compatible engine tier server. After all servers have been upgraded, the older cluster is removed and no longer used. After upgrading the engine tier cluster, servers in the SIP data tier may also be upgraded, one-by-one.

Requirements for Upgrading a Production System

To upgrade a production WebRTC Session Controller installation you need:

  • A compatible load balancer product and administrator privileges for reconfiguring the load balancer virtual IP addresses and pools.

  • Adequate disk space on the Administration Server system and on each Managed Server system for installing a copy of the new WebRTC Session Controller software.

  • Privileges for modifying configuration files on the WebRTC Session Controller Administration Server system.

  • Privileges for shutting down and starting up individual Managed Server instances.

  • Three or more replicas in each partition of the SIP data tier, to upgrade the WebRTC Session Controller software to a new version. With fewer than three replicas in each partition, it is not possible to safely upgrade a production SIP data tier deployment as no backup replica would be available during the upgrade procedure.


    Caution:

    Before modifying any production installation, thoroughly test your proposed changes in a controlled, "stage" environment to ensure software compatibility and verify expected behavior.

Upgrading to a New Version of WebRTC Session Controller

Follow these steps to upgrade a production installation of WebRTC Session Controller to a newer Service Pack version of the WebRTC Session Controller software. These instructions upgrade both the SIP Servlet container implementation and the SIP data tier replication and failover implementation.

The steps for performing a software upgrade are divided into several high-level procedures:

  1. Configure the Load Balancer: Define a new, internal Virtual IP address for the new engine tier cluster you will configure.

  2. Configure the New Engine Tier Cluster: Create and configure a new, empty engine tier cluster that will host upgraded engine tier servers and your converged applications.

  3. Define the Cluster-to-Load Balancer Mapping: Modify the SIP Servlet container configuration to indicate the virtual IP address of each engine tier cluster.

  4. Duplicate the SIP Servlet Configuration: Copy the active sipserver.xml configuration file to duplicate your production container configuration.

  5. Upgrade Engine Tier Servers and Target Applications to the New Cluster: Shut down individual engine tier server instances, restarting them in the new engine tier cluster.

  6. Upgrade SIP Data Tier Servers: Shut down individual SIP data tier servers, restarting them with the new SIP data tier software implementation.

The sections that follow describe each procedure.

Configure the Load Balancer

Begin the software upgrade procedure by defining a new internal virtual IP address for the new engine tier cluster you will create in "Configure the New Engine Tier Cluster". The individual server IP addresses (the pool definition) for the new virtual IP address should be identical to the pool definition of your currently-active engine tier cluster. Figure 13-1 shows a sample configuration for a cluster having three engine tier server instances; both virtual IP addresses define the same servers.

Figure 13-1 Virtual IP Address Configuration for Parallel Clusters

Description of Figure 13-1 follows

See your load balancer documentation for more information about defining virtual IP addresses.

In the next section, you will configure the WebRTC Session Controller domain to identify the virtual IP addresses that map to each engine tier cluster. WebRTC Session Controller uses this mapping during the upgrade procedure to automatically forward requests to the appropriate "version" of the cluster. This ensures that SIP data tier requests always originate from a compatible version of the WebRTC Session Controller engine tier.

Configure the New Engine Tier Cluster

Follow these steps to create an Engine Tier cluster to host upgraded containers, and to configure both clusters in preparation for a software upgrade:

  1. On the Administration Server system, install the new WebRTC Session Controller software into a new ORACLE_HOME\Middleware home directory. The steps that follow refer to c:\Oraclenew as the home directory in which the new software was installed. c:\Oracle refers to the software implementation that is being upgraded.

  2. Log in to the Administration Console for the active WebRTC Session Controller domain.

  3. In the Administration Console, create an empty engine tier cluster for hosting the upgraded engine tier servers:

    1. In the left pane, select the Environment node, and then select the Clusters node.

    2. Click New to configure a new cluster.

    3. Enter a name for the new cluster.

    4. Select Unicast or Multicast for the Messaging Mode.

    5. Enter a Unicast Broadcast Channel, or Multicast Address and Multicast Port number for the cluster.

    6. Click OK to create the cluster.

  4. Proceed to "Define the Cluster-to-Load Balancer Mapping".

Define the Cluster-to-Load Balancer Mapping

In this procedure, you configure the cluster-to-load balancer mapping to define the internal, virtual IP address that is assigned to the older and newer engine tier clusters.

To define the cluster-to-load balancer mapping:

  1. Log in to the Administration Console for the active WebRTC Session Controller domain.

  2. In the Administration Console, create a load balancer map entry for the new cluster you created:

    1. In the left pane, select the SipServer node.

    2. Select Configuration, then select the Loadbalancer Map tab.

    3. Click New to create a mapping.

    4. Enter the Cluster Name and SIP URI of the new cluster you created in Configure the New Engine Tier Cluster.

    5. Click Finish to create the new mapping.

  3. Repeat Step 2 to enter a mapping for the older cluster. For example, create an entry for "EngineCluster" and "sip:172.17.0.1:5060".

    You must include a mapping for both the older and the newer engine tier cluster. A mapping consists of the internal virtual IP address of the cluster configured on the load balancer and the cluster name defined in the WebRTC Session Controller domain. Example 13-1 shows an entry in the sipserver.xml file for the sample clusters described earlier.

Example 13-1 Sample cluster-loadbalancer-map Definition

<sip-server>
... 
  <cluster-loadbalancer-map>
      <cluster-name>EngineCluster</cluster-name>
      <sip-uri>sip:172.17.0.1:5060</sip-uri>
   </cluster-loadbalancer-map>
   <cluster-loadbalancer-map>
      <cluster-name>NewEngineCluster</cluster-name>
      <sip-uri>sip:172.17.0.2:5060</sip-uri>
   </cluster-loadbalancer-map>
</sip-server>

Duplicate the SIP Servlet and WebRTC Session Controller Configurations

Before upgrading individual engine tier servers, you must ensure that the SIP Servlet container configuration, SIP data tier configuration, and the WebRTC Session Controller configuration in the new engine tier cluster matches your current production configuration.

To duplicate the SIP Servlet container configuration, copy your production sipserver.xml configuration file to the new installation. For example:

cp c:\Oracle\Middleware\user_projects\domains\mydomain\config\custom\*.xml c:\Oraclenew\Middleware\user_projects\domains\mydomain\config\custom

To duplicate the WebRTC Session Controller configuration, copy your production configuration files to the new installation. For example:

cp c:\Oracle\Middleware\user_projects\domains\mydomain\config\wsc\*.xml c:\Oraclenew\Middleware\user_projects\domains\mydomain\config

As engine tier servers are restarted in the new engine tier cluster in the next procedure, they will have the same configuration but will use the new container implementation.

Upgrade Engine Tier Servers and Target Applications to the New Cluster

To upgrade individual engine tier servers, you gracefully shut each server down, change its cluster membership, and then restart it. Follow these steps:

  1. Access the Administration Console for your production domain.

  2. Select the first running engine tier server that you want to upgrade:

    1. Select Environment, then select the Servers tab in the left pane.

    2. Select the Control tab in the right pane.

    3. Select the name of the server you want to upgrade.

  3. Select Shutdown, then select When work completes from the table.

    The server remains active while clients are still accessing the server, but no new connection requests are accepted. After all existing client connections have ended or timed out, the server shuts down. Other server instances in the engine tier process client requests during the shutdown procedure.

  4. Select Environment, then select the Servers tab in the left pane and verify that the Managed Server has shut down.

  5. Change the stopped server's cluster membership so that it is a member of the new engine tier cluster:

    1. Expand the Environment node, and the select the Clusters tab in the left pane.

    2. Select the name of the active engine tier cluster.

    3. Select Configuration, and then select the Servers tab in the right pane.

    4. Select the check box next to the name of the stopped server, and click Remove.

    5. Click Yes to remove the server from the cluster.

    6. Next, expand the Environment node, then select the Clusters tab and select the newly-created engine tier cluster ("NewEngineCluster").

    7. Select Configuration, then select the Servers tab in the right pane.

    8. Click Add to add a new server.

    9. Select the name of the stopped server from the drop-down list.

    10. Click Finish.

  6. Restart the stopped managed server to bring it up in the new engine tier cluster:

    1. Access the system on which the stopped engine tier server runs (for example, use a remote desktop on Windows, or secure shell (SSH) on Linux).

    2. Use the available Managed Server start script (startManagedWebLogic.cmd or startManagedWebLogic.sh) to start the Managed Server. For example:

      startManagedWebLogic.cmd engine-server1 t3://adminhost:7001
      
  7. In the Administration Console, select Environment, then select the Servers node and verify that the Managed Server has started.

  8. Repeat these steps to upgrade the remaining engine tier servers.

At this point, all running Managed Servers are using the new SIP Container implementation and are hosting your production SIP Servlets with the same SIP Servlet container settings as your old configuration.

Applying Software Patches and Updates

Oracle may occasionally release software patches and updates to address known bugs and limitations in the WebRTC Session Controller software. To update WebRTC Session Controller, you apply patches using the Oracle OPatch utility.

See "Patching with OPatch" in Oracle Fusion Middleware Documentation for more information on how to update your WebRTC Session Controller installation.

PKk)FFPK)D OEBPS/toc.htmGj Oracle Communications WebRTC Session Controller System Administrator's Guide , Release 7.0

Contents

Preface

Part I Configuring WebRTC Session Controller

1 WebRTC Session Controller Configuration Overview

2 Configuring WebRTC Session Controller Signaling Properties and Media Nodes

3 Using the Administration Console and WLST

4 Configuring WebRTC Session Controller Authentication

5 Configuring WebRTC Session Controller Diameter Rx to PCRF Integration

6 Configuring WebRTC Session Controller Media Engine

7 Configuring WebRTC Session Controller Container Properties

8 Configuring SIP Data Tier Partitions and Replicas

9 Configuring Network Connection Settings

10 Configuring Server Failure Detection

11 Using the Engine Tier Cache

12 Configuring Coherence

13 Upgrading Production WebRTC Session Controller Software

Part II Monitoring and Troubleshooting

14 Logging SIP Requests and Responses

15 Avoiding and Recovering From Server Failures

16 Tuning JVM Garbage Collection for Production Deployments

17 Avoiding JVM Delays Caused By Random Number Generation

Part III Reference

18 Engine Tier Configuration Reference (sipserver.xml)

19 SIP Data Tier Configuration Reference (datatier.xml)

20 Diameter Configuration Reference (diameter.xml)

PK[LjGjPK)DOEBPS/opg_backup_restore.htm~x Avoiding and Recovering From Server Failures

15 Avoiding and Recovering From Server Failures

This chapter describes the Oracle Communications WebRTC Session Controller failure prevention and recovery features, and includes the configuration artifacts that are required to restore different portions of a WebRTC Session Controller domain.

Failure Prevention and Automatic Recovery Features

A variety of events can lead to the failure of a server instance. Often one failure condition leads to another. Loss of power, hardware malfunction, operating system malfunctions, network partitions, or unexpected application behavior may each contribute to the failure of a server instance.

WebRTC Session Controller uses a highly clustered architecture as the basis for minimizing the impact of failure events. However, even in a clustered environment it is important to prepare for a sound recovery process if an individual server fails.

WebRTC Session Controller, and the underlying WebLogic Server platform, provide many features that protect against server failures. In a production system, use all available features to ensure uninterrupted service.

Overload Protection

WebRTC Session Controller detects increases in system load that could affect the performance and stability of deployed SIP Servlets, and automatically throttles message processing at predefined load thresholds.

Using overload protection helps you avoid failures that could result from unanticipated levels of application traffic or resource utilization.

WebRTC Session Controller attempts to avoid failure when certain conditions occur:

  • The rate at which SIP sessions are created reaches a configured value, or

  • The size of the SIP timer and SIP request-processing execute queues reaches a configured length.

See "overload" in the chapter Chapter 18, "Engine Tier Configuration Reference (sipserver.xml)" for more information.

The underlying WebLogic Server platform also detects increases in system load that can affect deployed application performance and stability. WebLogic Server allows administrators to configure failure prevention actions that occur automatically at predefined load thresholds. Automatic overload protection helps you avoid failures that result from unanticipated levels of application traffic or resource utilization as indicated by:

  • A workload manager's capacity being exceeded

  • The HTTP session count increasing to a predefined threshold value

  • Impending out of memory conditions

See "Avoiding and Managing Overload" in Administering Server Environments for Oracle WebLogic Server for more information.

Redundancy and Failover for Clustered Services

You can increase the reliability and availability of your applications by using multiple engine tier servers in a dedicated cluster and multiple SIP data tier servers (replicas) in a dedicated SIP data tier cluster.

Because engine tier clusters maintain no stateful information about applications, the failure of an engine tier server does not result in any data loss or dropped calls. Multiple replicas in a SIP data tier partition store redundant copies of call state information, and automatically failover to one another should a replica fail.

See Oracle Communications WebRTC Session Controller Concepts for more information.

Automatic Restart for Failed Server Instances

WebLogic Server self-health monitoring features improve the reliability and availability of server instances in a domain. Selected subsystems within each server instance monitor their health status based on criteria specific to the subsystem. (For example, the JMS subsystem monitors the condition of the JMS thread pool while the core server subsystem monitors default and user-defined execute queue statistics.) If an individual subsystem determines that it can no longer operate in a consistent and reliable manner, it registers its health state as failed with the host server.

Each WebLogic Server instance, in turn, checks the health state of its registered subsystems to determine its overall viability. If one or more of its critical subsystems have reached the FAILED state, the server instance marks its own health state FAILED to indicate that it cannot reliably host an application.

When used in combination with Node Manager, server self-health monitoring enables you to automatically restart servers that have failed. This improves the overall reliability of a domain, and requires no direct intervention from an administrator. For more information, see "Using Node Manager to Control Servers" in the Administering Node Manager for Oracle WebLogic Server.

Managed Server Independence Mode

Managed Servers maintain a local copy of the domain configuration. When a Managed Server starts, it contacts its Administration Server to retrieve any changes to the domain configuration that were made since the Managed Server was last shut down. If a Managed Server cannot connect to the Administration Server during startup, it can use its locally-cached configuration information—this is the configuration that was current at the time of the Managed Server's most recent shutdown. A Managed Server that starts without contacting its Administration Server to check for configuration updates is running in Managed Server Independence (MSI) mode. By default, MSI mode is enabled. See "Replicate domain config files for Managed Server Independence" in the Administration Console Online Help for more information.

Automatic Migration of Failed Managed Servers

When using Linux or UNIX operating systems, you can use WebLogic Server's server migration feature to automatically start a candidate (backup) server if a Network tier server fails or becomes partitioned from the network. The server migration feature uses node manager, with the wlsifconfig.sh script, to automatically start candidate servers using a floating IP address. Candidate servers are started only if the primary server hosting a Network tier instance becomes unreachable. See the discussion on "Whole Server Migration" in Administering Clusters for Oracle WebLogic Server for more information about using the server migration feature.

Geographic Redundancy for Regional Site Failures

In addition to server-level redundancy and failover capabilities, WebRTC Session Controller enables you to configure peer sites to protect against catastrophic failures, such as power outages, that can affect an entire domain. This configuration enables you to failover from one geographical site to another, avoiding complete service outages.

Directory and File Backups for Failure Recovery

Recovery from the failure of a server instance requires access to the domain's configuration data. By default, the Administration Server stores a domain's primary configuration data in a file called domain_home/config/config.xml, where domain_home is the root directory of the domain.

The primary configuration file may reference additional configuration files for specific WebLogic Server services, such as JDBC and JMS, and for WebRTC Session Controller services, such as SIP container properties and SIP data tier configuration. The configuration for specific services are stored in additional XML files in subdirectories of the domain_home/config directory, such as domain_home/config/jms, domain_home/config/jdbc, and domain_home/config/custom for WebRTC Session Controller configuration files.

The Administration Server can automatically archive multiple versions of the domain configuration (the entire domain_home/config directory). Use the configuration archives for system restoration in cases where accidental configuration changes need to be reversed. For example, if an administrator accidentally removes a configured resource, the prior configuration can be restored by using the last automated backup.

The Administration Server stores only a finite number of automated backups locally in domain_home/config. For this reason, automated domain backups are limited in their ability to guard against data corruption, such as a failed hard disk. Automated backups also do not preserve certain configuration data that are required for full domain restoration, such as LDAP repository data and server start-up scripts. Oracle recommends that you also maintain multiple backup copies of the configuration and security offline, in a source control system.

This section describes file backups that WebRTC Session Controller performs automatically and manual backup procedures that an administrator should perform periodically.

Enabling Automatic Configuration Backups

Follow these steps to enable automatic domain configuration backups on the Administration Server for your domain:

  1. Access the Administration Console for your domain.

  2. In the left pane of the Administration Console, select the name of the domain.

  3. In the right pane, click Configuration, and then select the General tab.

  4. Select Advanced to display advanced options.

  5. Select Configuration Archive Enabled.

  6. In the Archive Configuration Count box, enter the maximum number of configuration file revisions to save.

  7. Click Save.

When you enable configuration archiving, the Administration Server automatically creates a configuration JAR file archive. The JAR file contains a complete copy of the previous configuration (the complete contents of the domain_home\config directory). JAR file archive files are stored in the domain_home\configArchive directory. The files use the naming convention config-number.jar, where number is the sequential number of the archive.

When you save a change to a domain's configuration, the Administration Server saves the previous configuration in domain_home\configArchive\config.xml#n. Each time the Administration Server saves a file in the configArchive directory, it increments the value of the #n suffix, up to a configurable number of copies—5 by default. Thereafter, each time you change the domain configuration:

  • The archived files are rotated so that the newest file has a suffix with the highest number,

  • The previous archived files are renamed with a lower number, and

  • The oldest file is deleted.

Be aware that configuration archives are stored locally within the domain directory, and they may be overwritten according to the maximum number of revisions you selected. For these reasons, you must also create your own off-line archives of the domain configuration, as described in "Storing the Domain Configuration Offline".

Storing the Domain Configuration Offline

Although automatic backups protect against accidental configuration changes, they do not protect against data loss caused by a failure of the hard disk that stores the domain configuration, or accidental deletion of the domain directory. To protect against these failures, you must also store a complete copy of the domain configuration offline, preferably in a source control system.

Oracle recommends storing a copy of the domain configuration at regular intervals. For example, backup a new revision of the configuration when:

  • You first deploy the production system

  • You add or remove deployed applications

  • The configuration is tuned for performance

  • Any other permanent change is made.

The domain configuration backup should contain the complete contents of the domain_home/config directory. For example, to make an offline archive of mydomain use the following command:

cd ~/ORACLE_HOME/Middleware/user_projects/domains/mydomain
tar cvf domain-backup-06-17-2007.jar config

Store the new archive in a source control system, preserving earlier versions should you need to restore the domain configuration to an earlier point in time.

Backing Up Server Start Scripts

In a WebRTC Session Controller deployment, the start scripts used to start engine and SIP data tier servers are generally customized to include domain-specific configuration information such as:

  • JVM Garbage Collection parameters required to achieve throughput targets for SIP message processing (see "Modifying JVM Parameters in Server Start Scripts" in Chapter 16, "Tuning JVM Garbage Collection for Production Deployments." Different parameters (and therefore, different start scripts) are generally used to start engine and SIP data tier servers.

  • Configuration parameters and startup information for the WebRTC Session Controller heartbeat mechanism. If you use the heartbeat mechanism, engine tier server start scripts should include startup options to enable and configure the heartbeat mechanism. SIP data tier server start scripts should include startup options to enable heartbeats and start the WlssEchoServer process.

Backup each distinct start script used to start engine tier, SIP data tier, or diameter relay servers in your domain.

Backing Up Logging Servlet Applications

If you use WebRTC Session Controller logging Servlets (see Chapter 14, "Logging SIP Requests and Responses") to perform regular logging or auditing of SIP messages, backup the complete application source files so that you can easily redeploy the applications should the staging server fail or the original deployment directory becomes corrupted.

Backing Up Security Data

The WebLogic Security service stores its configuration data config.xml file, and also in an LDAP repository and other files.

Backing Up the WebLogic LDAP Repository

The default Authentication, Authorization, Role Mapper, and Credential Mapper providers that are installed with WebRTC Session Controller store their data in an LDAP server. Each WebRTC Session Controller contains an embedded LDAP server. The Administration Server contains the master LDAP server, which is replicated on all Managed Servers. If any of your security realms use these installed providers, you should maintain an up-to-date backup of the following directory tree:

domain_home\servers\AdminServer\data\ldap

where domain_home is the domain's root directory and servers\AdminServer\data\ldap is the directory in which the Administration Server stores run-time and security data.

Each WebRTC Session Controller has an LDAP directory, but you only need to back up the LDAP data on the Administration Server—the master LDAP server replicates the LDAP data from each Managed Server when updates to security data are made. WebLogic security providers cannot modify security data while the domain's Administration Server is unavailable. The LDAP repositories on Managed Servers are replicas and cannot be modified.

The ldap\ldapfiles subdirectory contains the data files for the LDAP server. The files in this directory contain user, group, group membership, policies, and role information. Other subdirectories under the ldap directory contain LDAP server message logs and data about replicated LDAP servers.

Do not update the configuration of a security provider while a backup of LDAP data is in progress. If a change is made—for instance, if an administrator adds a user—while you are backing up the ldap directory tree, the backups in the ldapfiles subdirectory could become inconsistent. If this does occur, consistent, but potentially out-of-date, LDAP backups are available.

Once a day, a server suspends write operations and creates its own backup of the LDAP data. It archives this backup in a ZIP file below the ldap\backup directory and then resumes write operations. This backup is guaranteed to be consistent, but it might not contain the latest security data.

For information about configuring the LDAP backup, see the "Back Up LDAP Repository" section in Administering Server Startup and Shutdown for Oracle WebLogic Server.

Backing Up SerializedSystemIni.dat and Security Certificates

All servers create a file named SerializedSystemIni.dat and place it in the server's root directory. This file contains encrypted security data that must be present to start the server. You must back up this file.

If you configured a server to use SSL, also back up the security certificates and keys. The location of these files is user-configurable.

Backing Up Additional Operating System Configuration Files

Certain files maintained at the operating system level are also critical in helping you recover from system failures. Consider backing up the following information as necessary for your system:

  • Load Balancer configuration scripts. For example, any automated scripts used to configure load balancer pools and virtual IP addresses for the engine tier cluster and NAT configuration settings.

  • NTP client configuration scripts used to synchronize the system clocks of engine and SIP data tier servers.

  • Host configuration files for each WebRTC Session Controller system (host names, virtual and real IP addresses for multi-homed machines, IP routing table information).

Restarting a Failed Administration Server

If an Administration Server fails, only configuration, deployment, and monitoring features are affected, but Managed Servers continue to operate and process client requests. Potential losses incurred due to an Administration Server failure include:

  • Loss of in-progress management and deployment operations.

  • Loss of ongoing logging functionality.

  • Loss of SNMP trap generation for WebLogic Server instances (as opposed to WebRTC Session Controller instances). On Managed Servers, WebRTC Session Controller traps are generated even without the Administration Server.

To resume normal management activities, restart the failed Administration Server instance as soon as possible.

When you restart a failed Administration Server, no special steps are required. Start the Administration Server as you normally would.

If the Administration Server shuts down while Managed Servers continue to run, you do not need to restart the Managed Servers that are already running to recover management of the domain. The procedure for recovering management of an active domain depends upon whether you can restart the Administration Server on the same system it was running on when the domain was started.

Restarting an Administration Server on the Same System

If you restart the WebLogic Administration Server while Managed Servers continue to run, by default the Administration Server can discover the presence of the running Managed Servers.


Note:

Ensure that the startup command or startup script does not include -Dweblogic.management.discover=false, which disables an Administration Server from discovering its running Managed Servers.

The root directory for the domain contains a file, running-managed-servers.xml, which contains a list of the Managed Servers in the domain and describes their running state. When the Administration Server restarts, it checks this file to determine which Managed Servers were under its control before it stopped running.

When a Managed Server is gracefully or forcefully shut down, its status in running-managed-servers.xml is updated to "not-running." When an Administration Server restarts, it does not try to discover Managed Servers with the "not-running" status. A Managed Server that stops running because of a system malfunction, or that was stopped by killing the JVM or the command prompt (shell) in which it was running, will still have the status "running' in running-managed-servers.xml. The Administration Server will attempt to discover them, and will throw an exception when it determines that the Managed Server is no longer running.

Restarting the Administration Server does not cause Managed Servers to update the configuration of static attributes. Static attributes are those that a server refers to only during its startup process. Servers instances must be restarted to take account of changes to static configuration attributes. Discovery of the Managed Servers only enables the Administration Server to monitor the Managed Servers or make run-time changes to attributes configurable while a server is running (dynamic attributes).

Restarting an Administration Server on Another System

If a system malfunction prevents you from restarting the Administration Server on the same system, you can recover management of the running Managed Servers as follows:

  1. Install the WebRTC Session Controller software on the new system (if this has not already been done).

  2. Make your application files available to the new Administration Server by copying them from backups or by using a shared disk. Your application files should be available in the same relative location on the new file system as on the file system of the original Administration Server.

  3. Make your configuration and security data available to the new administration system by copying them from backups or by using a shared disk. For more information, refer to "Storing the Domain Configuration Offline" and "Backing Up Security Data".

  4. Restart the Administration Server on the new system.

    Ensure that the startup command or startup script does not include -Dweblogic.management.discover=false, which disables an Administration Server from discovering its running Managed Servers.

When the Administration Server starts, it communicates with the Managed Servers and informs them that the Administration Server is now running on a different IP address.

Restarting Failed Managed Servers

If the system on which the failed Managed Server runs can contact the Administration Server for the domain, simply restart the Managed Server manually or automatically using Node Manager. You must configure Node Manager and the Managed Server to support automated restarts, as described in the discussion on "How Node Manager Restarts a Managed Server" in the Administering Node Manager for Oracle WebLogic Server.

If the Managed Server cannot connect to the Administration Server during startup, it can retrieve its configuration by reading locally-cached configuration data. A Managed Server that starts in this way is running in Managed Server Independence (MSI) mode.

For a description of MSI mode, and the files that a Managed Server must access to start in MSI mode, see "Replicate domain config files for Managed Server independence" in the Administration Console Online Help.

To start a Managed Server in MSI mode:

  1. Ensure that the following files are available in the Managed Server's root directory:

    • msi-config.xml

    • SerializedSystemIni.dat

    • boot.properties

    If these files are not in the Managed Server's root directory:

    1. Copy the config.xml and SerializedSystemIni.dat file from the Administration Server's root directory (or from a backup) to the Managed Server's root directory.

    2. Rename the configuration file to msi-config.xml. When you start the server, it will use the copied configuration files.


      Note:

      Alternatively, use the -Dweblogic.RootDirectory=path startup option to specify a root directory that already contains these files.

  2. Start the Managed Server at the command-line or using a script.

    The Managed Server will run in MSI mode until it is contacted by its Administration Server. For information about restarting the Administration Server in this scenario, see "Restarting a Failed Administration Server".

PK#xx~xPK)DOEBPS/opg_pdu_logging.htmh[ Logging SIP Requests and Responses

14 Logging SIP Requests and Responses

This chapter describes how to configure and manage logging for SIP requests and responses that Oracle Communications WebRTC Session Controller processes.

Overview of SIP Logging

WebRTC Session Controller enables you to perform Protocol Data Unit (PDU) logging for the SIP requests and responses it processes. Logged SIP messages are placed either in the domain-wide log file for WebRTC Session Controller, or in the log files for individual Managed Server instances. Because SIP messages share the same log files as WebRTC Session Controller instances, you can use advanced server logging features such as log rotation, domain log filtering, and maximum log size configuration when managing logged SIP messages.

Administrators configure SIP PDU logging by defining one or more SIP servlets using the com.bea.wcp.sip.engine.tracing.listener.TraceMessageListenerImpl class. Logging criteria are then configured either as parameters to the defined servlet, or in separate XML files packaged with the application.

As SIP requests are processed or SIP responses generated, the logging servlet compares the message with the filtering patterns defined in a standalone XML configuration file or servlet parameter. WebRTC Session Controller writes SIP requests and responses that match the specified pattern to the log file along with the name of the logging servlet, the configured logging level, and other details. To avoid unnecessary pattern matching, the servlet marks new SIP Sessions when an initial pattern is matched and then logs subsequent requests and responses for that session automatically.

Logging criteria are defined either directly in sip.xml as parameters to a logging servlet, or in external XML configuration files. See "Specifying the Criteria for Logging Messages".


Note:

Engineers can implement PDU logging functionality in their servlets either by creating a delegate with the TraceMessageListenerFactory in the servlet's init() method, or by using the tracing class in deployed Java applications. Using the delegate enables you to perform custom logging or manipulate incoming SIP messages using the default trace message listener implementation. See "Adding Tracing Functionality to SIP Servlet Code" for an example of using the factory in a servlet's init() method.

Defining Logging Servlets in sip.xml

Create logging servlets for SIP messages by defining servlets having the implementation class com.bea.wcp.sip.engine.tracing.listener.TraceMessageListenerImpl in the sip.xml file. The definition for a sample msgTraceLogger is shown in Example 14-1.

Example 14-1 Sample Logging Servlet

<servlet>
    <servlet-name>msgTraceLogger</servlet-name>
    <servlet-class>com.bea.wcp.sip.engine.tracing.listener.TraceMessageListenerImpl</servlet-class>
    <init-param>
      <param-name>domain</param-name>
      <param-value>true</param-value>
    </init-param>
    <init-param>
      <param-name>level</param-name>
      <param-value>full</param-value>
    </init-param>
    <load-on-startup/>
  </servlet>

Configuring the Logging Level and Destination

Logging attributes such as the level of logging detail and the destination log file for SIP messages are passed as initialization parameters to the logging servlet. Table 14-1, "Pattern-matching Variables and Sample Values" lists the parameters and parameter values that you can specify as init-param entries. Example 14-1 shows the sample init-param entries for a servlet that logs full SIP message information to the domain log file.

Specifying the Criteria for Logging Messages

The criteria for selecting SIP messages to log can be defined either in XML files that are packaged with the logging servlet's application, or as initialization parameters in the servlet's sip.xml deployment descriptor. The sections that follow describe each method.

Using XML Documents to Specify Logging Criteria

If you do not specify logging criteria as an initialization parameter to the logging servlet, the servlet looks for logging criteria in a pair of XML descriptor files in the top level of the logging application. These descriptor files, named request-pattern.xml and response-pattern.xml, define patterns that WebRTC Session Controller uses for selecting SIP requests and responses to place in the log file.


Note:

By default WebRTC Session Controller logs both requests and responses. If you do not want to log responses, you must define a response-pattern.xml file with empty matching criteria.

A typical pattern definition defines a condition for matching a particular value in a SIP message header. For example, the sample response-pattern.xml used by the msgTraceLogger servlet matches all MESSAGE requests. The contents of this descriptor are shown in Example 14-2.

Example 14-2 Sample response-pattern.xml for msgTraceLogger Servlet

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pattern
   PUBLIC "Registration//Organization//Type Label//Definition Language"
   "trace-pattern.dtd">
<pattern>
  <equal>
    <var>response.method</var>
    <value>MESSAGE</value>
  </equal>
</pattern>

See "trace-pattern.dtd Reference" for descriptions of additional operators and conditions used for matching SIP messages. Most conditions, such as the equal condition shown in Example 14-2, require a variable (var element) that identifies the portion of the SIP message to evaluate. Table 14-1 lists some common variables and sample values. For additional variable names and examples, see Section 16: Mapping Requests to Servlets in the SIP servlet API 1.1 specification (http://jcp.org/en/jsr/detail?id=289); WebRTC Session Controller enables mapping of both request and response variables to logging servlets.

Table 14-1 Pattern-matching Variables and Sample Values

VariableSample Values

request.method, response.method

MESSAGE, INVITE, ACK, BYE, CANCEL

request.uri.user, response.uri.user

guest, admin, joe

request.to.host, response.to.host

server.mydomain.com


Both request-pattern.xml and response-pattern.xml use the same Document Type Definition (DTD). See "trace-pattern.dtd Reference" for more information.

Using Servlet Parameters to Specify Logging Criteria

Pattern-matching criteria can also be specified as initialization parameters to the logging servlet, rather than as separate XML documents. The parameter names used to specify matching criteria are request-pattern-string and response-pattern-string. They are defined along with the logging level and destination as described in "Configuring the Logging Level and Destination".

The value of each pattern-matching parameter must consist of a valid XML document that adheres to the DTD for standalone pattern definition documents (see "Using XML Documents to Specify Logging Criteria"). Because the XML documents that define the patterns and values must not be parsed as part of the sip.xml descriptor, you must enclose the contents within the CDATA tag. Example 14-3 shows the full sip.xml entry for the sample logging servlet, invTraceLogger. The final two init-param elements specify that the servlet log only INVITE request methods and OPTIONS response methods.

Example 14-3 Logging Criteria Specified as init-param Elements

<servlet>
      <servlet-name>invTraceLogger</servlet-name>
      <servlet-class>com.bea.wcp.sip.engine.tracing.listener.TraceMessageListenerImpl</servlet-class>
      <init-param>
        <param-name>domain</param-name>
        <param-value>true</param-value>
      </init-param>
      <init-param>
        <param-name>level</param-name>
        <param-value>full</param-value>
      </init-param>
      <init-param>
        <param-name>request-pattern-string</param-name>
        <param-value>
            <![CDATA[
                <?xml version="1.0" encoding="UTF-8"?>
                <!DOCTYPE pattern
                   PUBLIC "Registration//Organization//Type Label//Definition Language"
                   "trace-pattern.dtd">
                <pattern>
                  <equal>
                    <var>request.method</var>
                    <value>INVITE</value>
                  </equal>
                </pattern>
            ]]>
        </param-value>
      </init-param>
      <init-param>
        <param-name>response-pattern-string</param-name>
        <param-value>
            <![CDATA[
                <?xml version="1.0" encoding="UTF-8"?>
                <!DOCTYPE pattern
                   PUBLIC "Registration//Organization//Type Label//Definition Language"
                   "trace-pattern.dtd">
                <pattern>
                  <equal>
                    <var>response.method</var>
                    <value>OPTIONS</value>
                  </equal>
                </pattern>
            ]]>
        </param-value>
      </init-param>
      <load-on-startup/>
  </servlet>

Specifying Content Types for Unencrypted Logging

By default WebRTC Session Controller uses String format (UTF-8 encoding) to log the content of SIP messages having a text or application/sdp Content-Type value. For all other Content-Type values, WebRTC Session Controller attempts to log the message content using the character set specified in the charset parameter of the message, if one is specified. If no charset parameter is specified, or if the charset value is invalid or unsupported, WebRTC Session Controller uses Base-64 encoding to encrypt the message content before logging the message.

To avoid encrypting the content of messages under these circumstances, specify a list of String-representable Content-Type values using the string-rep element in sipserver.xml. The string-rep element can contain one or more content-type elements to match. If a logged message matches one of the configured content-type elements, WebRTC Session Controller logs the content in String format using UTF-8 encoding, regardless of whether a charset parameter is included.


Note:

You do not need to specify text/* or application/sdp content types as these are logged in String format by default.

Example 14-4 shows a sample message-debug configuration that logs String content for three additional Content-Type values, in addition to text/* and application/sdp content.

Example 14-4 Logging String Content for Additional Content Types

   <message-debug>
     <level>full</level>
     <string-rep>
       <content-type>application/msml+xml</content-type>
       <content-type>application/media_control+xml</content-type>
       <content-type>application/media_control</content-type>
     </string-rep>
   </message-debug>

Enabling Log Rotation and Viewing Log Files

The WebRTC Session Controller logging infrastructure enables you to automatically write to a new log file when the existing log file reaches a specified size. You can also view log contents using the Administration Console or configure additional server-level events that are written to the log.

trace-pattern.dtd Reference

trace-pattern.dtd defines the required contents of the request-pattern.xml and response-pattern.xml, documents and the values for the request-pattern-string and response-pattern-string servlet init-param variables.

Example 14-5 trace-pattern.dtd

<!--
The different types of conditions supported.
- > 

<!ENTITY % condition "and | or | not |
                      equal | contains | exists | subdomain-of">

<!--
A pattern is a condition: a predicate over the set of SIP requests.
- > 

<!ELEMENT pattern (%condition;)>

<!--
An "and" condition is true if and only if all its constituent conditions
are true.
- > 

<!ELEMENT and (%condition;)+>

<!--
An "or" condition is true if at least one of its constituent conditions
is true.
- > 

<!ELEMENT or (%condition;)+>

<!--
Negates the value of the contained condition.
- > 

<!ELEMENT not (%condition;)>

<!--
True if the value of the variable equals the specified literal value.
- > 

<!ELEMENT equal (var, value)>

<!--
True if the value of the variable contains the specified literal value.
- > 

<!ELEMENT contains (var, value)>

<!--
True if the specified variable exists.
- > 

<!ELEMENT exists (var)>

<!--
- > 

<!ELEMENT subdomain-of (var, value)>

<!--
Specifies a variable. Example:
  <var>request.uri.user</var>
- > 

<!ELEMENT var (#PCDATA)>

<!--
Specifies a literal string value that is used to specify rules.
- > 

<!ELEMENT value (#PCDATA)>

<!--
Specifies whether the "equal" test is case sensitive or not.
- > 

<!ATTLIST equal ignore-case (true|false) "false">

<!--
Specifies whether the "contains" test is case sensitive or not.
- > 

<!ATTLIST contains ignore-case (true|false) "false">

<!--
The ID mechanism is to allow tools to easily make tool-specific
references to the elements of the deployment descriptor. This allows
tools that produce additional deployment information (i.e information
beyond the standard deployment descriptor information) to store the
non-standard information in a separate file, and easily refer from
these tools-specific files to the information in the standard sip-app
deployment descriptor.
- > 

<!ATTLIST pattern id ID #IMPLIED>
<!ATTLIST and id ID #IMPLIED>
<!ATTLIST or id ID #IMPLIED>
<!ATTLIST not id ID #IMPLIED>
<!ATTLIST equal id ID #IMPLIED>
<!ATTLIST contains id ID #IMPLIED>
<!ATTLIST exists id ID #IMPLIED>
<!ATTLIST subdomain-of id ID #IMPLIED>
<!ATTLIST var id ID #IMPLIED>
<!ATTLIST value id ID #IMPLIED>

Adding Tracing Functionality to SIP Servlet Code

Tracing functionality can be added to your own servlets or to Java code by using the TraceMessageListenerFactory. TraceMessageListenerFactory enables clients to reuse the default trace message listener implementation behaviors by creating an instance and then delegating to it. The factory implementation instance can be found in the servlet context for SIP servlets by looking up the value of the TraceMessageListenerFactory.TRACE_MESSAGE_LISTENER_FACTORY attribute.


Note:

Instances created by the factory are not registered with WebRTC Session Controller to receive callbacks upon SIP message arrival and departure.

To implement tracing in a servlet, you use the factory class to create a delegate in the servlet's init() method as shown in Example 14-6.

Example 14-6 Using the TraceMessageListenerFactory

public final class TraceMessageListenerImpl extends SipServlet implements MessageListener {
  private MessageListener delegate;

  public void init() throws ServletException {
    ServletContext sc = (ServletContext) getServletContext();
    TraceMessageListenerFactory factory = (TraceMessageListenerFactory) sc.getAttribute(TraceMessageListenerFactory.TRACE_MESSAGE_LISTENER_FACTORY);
    delegate = factory.createTraceMessageListener(getServletConfig());
  }
  public final void onRequest(SipServletRequest req, boolean incoming) {
    delegate.onRequest(req,incoming);
  }
  public final void onResponse(SipServletResponse resp, boolean incoming) {
    delegate.onResponse(resp,incoming);
  }
}

Order of Startup for Listeners and Logging Servlets

If you deploy both listeners and logging servlets, the listener classes are loaded first, followed by the servlets. Logging servlets are deployed in order according to the load order specified in their web application deployment descriptor.

PKWjm[h[PK)DOEBPS/wsc_signaling.htm:l Configuring WebRTC Session Controller Signaling Properties and Media Nodes

2 Configuring WebRTC Session Controller Signaling Properties and Media Nodes

This chapter describes the Signaling Engine and Media Engine configurations you perform in the Oracle Communications WebRTC Session Controller web console.

About WebRTC Session Controller Console Configuration

You use the WebRTC Session Controller console for configuring Signaling Engine properties and Media Engine nodes. Additionally, you manage WebRTC applications, packages, and scripts in the console. See WebRTC Session Controller Extension Developer's Guide for more information on managing applications, packages, and scripts.

You can also configure WebRTC Session Controller console options using configuration Mbeans. See the oracle.wsc.core.configuration.admin.mbean package page for more information on using these MBeans in Oracle Communications WebRTC Session Controller Configuration API Reference.

About Signaling Engine Properties

You configure the Signaling Engine run-time parameters in the WebRTC Session Controller console. Table 2-1 describes the configurable Signaling Engine parameters.

Table 2-1 Configurable Signaling Engine Run-time Parameters

ParameterDescription

Glare Handling

Selecting glare handling enables the Signaling Engine to avoid race conditions that arise when a caller and callee send simultaneous invitations, re-invitations, or session updates. By default, glare handling is selected and enabled.

Sip Session Default Time

The default SIP session time (in seconds). The default value is 3600 seconds.

Sip Session Minimum Time

The minimum SIP session time (in seconds). The default value is 90 seconds.

WebSocket Disconnect Time Limit

The time interval after which the websocket times out (in milliseconds). The defalt value is 60000 milliseconds.

WebSocket Idle Time Limit

The idle time interval after which the websocket times out (in seconds). The default value is 30 seconds.

WebSocket Maximum Connections

The maximum number of websocket connections allowed. Set this value to -1 for unlimited connections. The default value is -1.


About Media Engine Nodes Configuration and Status

You configure, remove, and manage Media Engine nodes in the WebRTC Session Controller console. Managing Media Engine nodes includes blocking and unblocking WebRTC network traffic to media nodes, monitoring their availability and ensuring the their load factor remains within acceptable limits.

Table 2-2 describes the configurable and viewable media node properties in the WebRTC Session Controller console.

Table 2-2 Media Node Properties

PropertyDescription

User

The user name required to connect to the Media Engine server.

Password

The password require to connect to the Media Engine server.

Address

The IP address of the Media Engine server.

Port

The port number of the media server connection.

Media Node Traffic Enabled

Whether traffic is enabled to the media node.

Media Node Status

Whether a connection to the media node is active.

Load Factor

The load percentage on a node controlled by the internal load balancer that attempts to distribute load evenly to available media nodes. WebRTC Session Controller will stop sending requests to media nodes with a Load Factor of 100%.


Accessing the WebRTC Session Controller Console Configuration Tab

The WebRTC Session Controller console resides on the same domain as your WebRTC Session Controller installation. When you start your domain, both the Oracle WebLogic Administration Console an the WebRTC Session Controller console become available.

You configure Signaling Engine and Media Engine parameters in the Configuration tab of the WebRTC Session Controller console. To access the WebRTC Session Controller console Configuration tab:

  1. Start the WebRTC Session Controller domain server.

  2. Open a web browser.

  3. Access this URL:

    http://host:port/wsc-console

    where host:port represents the server and administration port number used by your domain server. If your environment uses HTTP security, use https.

    The WebLogic user login screen appears.

  4. Enter the Username and Password you set when creating the WebLogic domain.

  5. Click Login.

    The WebRTC Session Controller console window appears.

  6. Select the Configuration tab.

    The Signaling Engine parameters and Media Engine node window are displayed as shown in Figure 2-1.

Figure 2-1 WebRTC Session Controller Console Configuration Tab

Description of Figure 2-1 follows

Configuring Signaling Engine Parameters

To configure Signaling Engine parameters:

  1. Click Lock and Edit in the upper right corner of the screen.

  2. Alter the Signaling Engine parameters listed in Table 2-1 as needed for your environment.

  3. Click Commit.

Configuring Media Engine Nodes

You can perform the following media node configuration actions in the WebRTC Session Controller console in the Media Engine window:

Adding Media Engine Nodes

To add a Media Engine node:

  1. Click Lock and Edit in the upper right corner of the screen.

  2. Click Add.

  3. Enter the Address and Port of the media server node.

  4. Click OK.

  5. Enter a User name and Password.

  6. Click Commit.

Removing Media Engine Nodes

To remove a Media Engine node:

  1. Click Lock and Edit in the upper right corner of the screen.

  2. Select the row with the media node you want to remove.

  3. Click Block Traffic.

  4. Click Remove.

    The Remove Media Node window appears.

  5. Click OK.

  6. Click Commit.

Blocking and Unblocking Media Node Traffic

To block or unblock traffic to a media node:

  1. Click Lock and Edit in the upper right corner of the screen.

  2. Select the row with the media node you want to block or unblock traffic to.

  3. Click Unblock Traffic or Block Traffic.

  4. Click Commit.

Setting Media Node Information Auto Refresh

You can configure media node information to auto refresh at specified time intervals.

To enable media node data auto refresh and set the refresh interval:

  1. Select the Auto Refresh check box in the Media Engine window.

  2. Select the interval in the drop-down menu.

PKZy::PK )Doa,mimetypePK)D+mh:iTunesMetadata.plistPK)DYuMETA-INF/container.xmlPK)DwID OEBPS/wsc_part.htmPK)D$S099eOEBPS/cnf_heartbeat.htmPK)D 퓁cKOEBPS/net_diameter_config.htmPK)D@t` AOEBPS/cover.htmPK)Dhw5J0JOEBPS/ref_diameter_dd.htmPK)Db‰ OEBPS/ref_data_tier_dd.htmPK)DOJ] X 3OEBPS/cnf_jvmrand.htmPK)DIAr`g[g{@OEBPS/cnf_datatier.htmPK)D*OEBPS/opg_part2.htmPK)DeOj OEBPS/title.htmPK)DamzdOEBPS/ref_part5.htmPK)Dd&_&OEBPS/cnf_engine_tier.htmPK)DTe ` OEBPS/preface.htmPK)Dsv,7OEBPS/img/wsc_console.pngPK)DMA~AOEBPS/img/console_datamon.gifPK)D\_L\G\xOEBPS/img/dataconfig.gifPK)Dq44 2OEBPS/img/vipconfig.gifPK)DiQfA"gOEBPS/img/diameterxsd.pngPK)Dl0!+!}OEBPS/cnf_asc.htmPK)D'"OEBPS/cnf_engine_cache.htmPK)D˃P{`v` _OEBPS/cnf_security_providers.htmPK)DU>k,[V(OEBPS/cnf_coherence.htmPK)DFA ,OEBPS/toc.ncxPK)D(\"ICOEBPS/ref_engine_tier_dd.htmPK)DWTJ]>OEBPS/opg_starting.htmPK)Doc%^%# OEBPS/cnf_config_overview.htmPK)DGUj e I OEBPS/cnf_jvmgc.htmPK)Dڵ*dNj OEBPS/content.opfPK)D^s__P OEBPS/dcommon/oracle-logo.jpgPK)D0hj OEBPS/dcommon/cpyr.htmPK)Dl-OJn OEBPS/dcommon/oracle.gifPK)Do"nR M  OEBPS/dcommon/doccd_epub.jsPK)DT' hc OEBPS/dcommon/blafdoc.cssPK)D) JtEtM OEBPS/net_network.htmPK)Dk)FFڔ OEBPS/opg_upgrading.htmPK)D[LjGj OEBPS/toc.htmPK)D#xx~xoF OEBPS/opg_backup_restore.htmPK)DWjm[h[< OEBPS/opg_pdu_logging.htmPK)DZy:: OEBPS/wsc_signaling.htmPK**4 U