How to Install Zimbra Talk


How to Install Zimbra Talk

   KB 22593        Last updated on 12/28/2016  




0.00
(0 votes)
Article-check.png  - This is certified documentation and is protected for editing by Zimbra Employees & Moderators only.

Zimbra Talk specializes in providing services for real time communication and it includes several components. In minimal installation a Zimbra environment and a single additional server (the Talk server) are required. At the moment the only supported platform for the Talk Server is Ubuntu 14.04 (64bit), Red Hat Support is expect for the next Release

Zimbra Talk needs as well a Zimbra Collaboration 8.6 or higher version

The Zimbra Talk system enables its users to perform text chat, text conference, video chat & video conference as well as online document collaboration between the participants of a Zimbra Talk session, using Zimbra Zimlet technology.

Limitations

  • For a full-featured experience with Zimbra Talk the usage of the Google Chrome >=34.0 web-browser is recommended. Chromium >=34.0 will also work on most operating systems, except Debian Testing due to Debian specifc changes in the sandbox handling
  • The Safari web-browser and Microsoft’s Internet Explorer are supported as well, when the Temasys WebRTC plugin is installed for the respective browser. Firefox is currently not fully supported
  • A functional webcam, microphone & headphones are also needed for videoconferences.
  • Another limitation is the bandwidth which is available for the user. If many users, e.g. more than 6 users, are using the videochat application at the same time, the complete uplink and downlink bandwidth of a slow Internet

connection (<= 16000Mbit/s) could be saturated, affecting the quality of the conversation.

Please Note: This guide doesn't cover the Multi-tenancy installation. You can read more about Zimbra Talk Multi-tenancy here.

Installation Prerequisites

Zimbratalk-install-progress-001.png

Before performing an installation these prerequisites must be fulfilled:

  • A working Zimbra Collaboration 8.6 or higher version Environment
  • A dedicated server for Zimbra Talk, for now Zimbra Talk only supports Ubuntu 14.04 LTS. Zimbra Talk can't be installed on the same server as Zimbra Collaboration
  • Knowledge and understanding of your network infrastructure setup, especially in regard to your Firewall and DNS settings
  • Access to DNS management to create the required DNS settings
  • Access to Firewall management to enable required communication between Zimbra server/s and Zimbra Talk server/s
  • A commercial certificate matching the certificate requirements described below
  • Root access to the Zimbra and Talk Server.
  • Zimbra-Proxy must be installed and running on the Zimbra server

  • In case you do not have a dedicated Zimbra-Proxy instance running:
$ zmcontrol status | grep proxy
proxy Running

In case you do not have a proxy running, follow the steps decribed in Zimbra-Wiki, how to enable the proxy:

When the proxy is installed properly it should listen on port 443:

$ sudo netstat -nlp | grep 443
tcp 0 0 0.0.0.0:443 0.0.0.0: LISTEN 28098/nginx.conf

Certificate Requirements

Zimbra Talk heavily relies on DNS resource records and TLS. The certificates used at the Talk server must be valid and cover all required names. We recommend using a wildcard certificate. Below are the needed domains that need to be included in the TLS certificate.

  • yourdomain.tld
  • xmpp.yourdomain.tld
  • conference.yourdomain.tld
  • external.yourdomain.tld
  • conference.external.yourdomain.tld
  • auth.yourdomain.tld
  • jitsi-videobridge.yourdomain.tld
  • focus.yourdomain.tld

To order a certificate matching the requirements you can create a CSR using this command (replace the subj content with your information) :

$ openssl req -out zimbratalk.csr -new -newkey rsa:2048 -nodes -sha256 -keyout zimbratalk.key -subj '/C=GB/ST=London/L=Londo/O=ZimbraInc/OU=ZimbraTalkServer/CN=*.zimbra.io/emailAddress=admin@zimbra.io'														
Generating a 2048 bit RSA private key
...........+++ ...................................................................+++ 				
writing new private key to ' zimbratalk.key ' 	

For better certificate management, put the key and crt files under /etc/ssl/owncerts. You need to provide the TLS key and the TLS certificate. The certificate must also include the complete CA chain!

  • Note 1: Do not use this path /etc/ssl/yourdomain.tld to store the TLS certificates, because this path is used exclusively by the Talk installer script! Any files under /etc/ssl/yourdomain.tld will be overwritten without asking.
  • Note 2: Please do not use a certificate with a password.
  • Note 3: For install Zimbra Talk by using a Self-Signed Certificate, please go to the next Wiki
  • Note 4: You may also order a LetsEncrypt-certificate covering the domains listed above as well.

For the talk-server you need to provide the privkey1.pem and fullchain1.pem files when prompted for it during the installation process. Please make sure that you create a dedicated certificate for the talk server.

System Requirements

Evaluation and Testing Production Environments
Intel/AMD 64-bit CPU 1.5 GHz (min. 2 cores) Intel/AMD 64-bit CPU 1.5 GHz (min. 4 cores)
2GB RAM 4GB RAM
Ubuntu 14.04 LTS Server Edition (64bit) in minimal setup Ubuntu 14.04 LTS Server Edition (64bit) in minimal setup
10 GB free disk space 40 GB free disk space

Firewall Settings

The Talk application server uses multiple ports and protocols. These ports have to be accessible between the Zimbra server and the Talk server. The UDP ports listed must be available to the outside world if videoconferencing is used by users outside the firewall. All ports must be accessible outside the firewall if external users are invited to chats:

Port Protocol Usage
80 TCP HTTP/BOSH/Websocket
443 TCP HTTPS/BOSH/Websocket
4443 TCP jitsi-meet videostream for very restrictive environments
5222 TCP XMPP client to server connections
5269 TCP XMPP server to server connections
5280 TCP HTTP and SecureWebSocket connection (SSL)
5281 TCP HTTP and WebSocket connection
3478 UDP/TCP STUN/TURN Port forwarding to turnserver
5349 UDP/TCP SSTUN/STURN Port forwarding to turnserver
10000 - 20000 UDP/TCP jitsi-meet videostream RTP
10000 - 20000 UDP/TCP TURN server media

Please note: The server has to be accessible using the same hostname + port combination from zimbra servers as well as from clients. If you are using NAT and split DNS you have to make sure your DNS settings are correct, otherwise the application will not work!

In addition to that, the Talk application server must have access to Zimbra’s WDSL-Interface and Admin-UI. The respective ports required can be obtained by executing this query as user zimbra on the attached Zimbra-Server:

$ zmprov gs `zmhostname` zimbraAdminPort zimbraMailSSLPort zimbraMailPort
# zimbra.yourdomain.tld
zimbraAdminPort: 7071
zimbraMailPort: 8080
zimbraMailSSLPort: 8443
$

DNS entries

This section lists the needed DNS entries for the Talk components. The XMPP server is called xmpp.yourdomain.tld. This server serves the yourdomain.tld. So a user JID4 will be for example alice.doe@yourdomain.tld.
 For each Talk service and subdomain we need an SRV DNS record, so the clients know which server provides the corresponding service. As of the of oficial prosody documentation: The target domain (xmpp.example.com) MUST be an existing A record of the target server, it cannot be an IP address, and cannot be a CNAME record.

The Zimbra Talk Server should contain a valid hostname, and it should contain the same domain as the Zimbra Server.
For example, imagine an environment with Zimbra Collaboration server called mail.example.com, the Zimbra Talk Server should be called then xmpp.example.com (or talk.example.com, etc, but inside the same domain as the Zimbra Collaboration Server

;;
;; Zimbra Talk XMPP server
;;
;; A records for XMPP server
;; OWNER-NAME                   TTL     CLASS   RR      IPV4
;yourdomain.tld.                       300     IN      A       $YOUR.IPv4	; Use this record if the server has this dns name
xmpp.yourdomain.tld.                   300     IN      A       $YOUR.IPv4	; Zimbra Talk prosody full hostname
conference.yourdomain.tld.             300     IN      A       $YOUR.IPv4
external.yourdomain.tld.               300     IN      A       $YOUR.IPv4
conference.external.yourdomain.tld.    300     IN      A       $YOUR.IPv4
auth.yourdomain.tld.                   300     IN      A       $YOUR.IPv4
jitsi-videobridge.yourdomain.tld.      300     IN      A       $YOUR.IPv4
focus.yourdomain.tld.                  300     IN      A       $YOUR.IPv4
turn.yourdomain.tld.                   300     IN      A       $YOUR.IPv4
;stun.yourdomain.tld.                  300     IN      A       $YOUR.IPv4										
													
;;
;; XMPP special records
;;
;; TXT records for BOSH and Websocket
;; OWNER-NAM                    TTL     CLASS   RR      TEXT
_xmppconnect.xmpp.yourdomain.tld.      300     IN      TXT     "_xmpp-client-xbosh=https://xmpp.yourdomain.tld:443/http-bind"
_xmppconnect.yourdomain.tld.           300     IN      TXT     "_xmpp-client-xbosh=https://xmpp.yourdomain.tld:443/http-bind"
_xmppconnect.external.yourdomain.tld.  300     IN      TXT     "_xmpp-client-xbosh=https://xmpp.yourdomain.tld:443/http-bind"										
													
;;
;; SRV records for XMPP
;; SRVCE.PROT.OWNER-NAME                              TTL     CLASS   RR  PRI     WEIGHT  PORT    TARGET
_xmpp-client._tcp.yourdomain.tld.                     300     IN      SRV 0       5       5222    xmpp.yourdomain.tld.
_xmpp-server._tcp.yourdomain.tld.                     300     IN      SRV 0       5       5269    xmpp.yourdomain.tld.
_xmpp-client._tcp.xmpp.yourdomain.tld.                300     IN      SRV 0       5       5222    xmpp.yourdomain.tld.
_xmpp-server._tcp.xmpp.yourdomain.tld.                300     IN      SRV 0       5       5269    xmpp.yourdomain.tld.
_xmpp-client._tcp.auth.yourdomain.tld.                300     IN      SRV 0       5       5222    xmpp.yourdomain.tld.
_xmpp-server._tcp.auth.yourdomain.tld.                300     IN      SRV 0       5       5269    xmpp.yourdomain.tld.
_xmpp-client._tcp.focus.yourdomain.tld.               300     IN      SRV 0       5       5222    xmpp.yourdomain.tld.
_xmpp-server._tcp.focus.yourdomain.tld.               300     IN      SRV 0       5       5269    xmpp.yourdomain.tld.
_xmpp-client._tcp.jitsi-videobridge.yourdomain.tld.   300     IN      SRV 0       5       5222    xmpp.yourdomain.tld.
_xmpp-server._tcp.jitsi-videobridge.yourdomain.tld.   300     IN      SRV 0       5       5269    xmpp.yourdomain.tld.
_xmpp-client._tcp.conference.yourdomain.tld.          300     IN      SRV 0       5       5222    xmpp.yourdomain.tld.
_xmpp-server._tcp.conference.yourdomain.tld.          300     IN      SRV 0       5       5269    xmpp.yourdomain.tld.
_xmpp-client._tcp.external.yourdomain.tld.            300     IN      SRV 0       5       5222    xmpp.yourdomain.tld.
_xmpp-server._tcp.external.yourdomain.tld.            300     IN      SRV 0       5       5269    xmpp.yourdomain.tld.
_xmpp-client._tcp.conference.external.yourdomain.tld. 300     IN      SRV 0       5       5222    xmpp.yourdomain.tld.
_xmpp-server._tcp.conference.external.yourdomain.tld. 300     IN      SRV 0       5       5269    xmpp.yourdomain.tld.

During the installation, the installer will create ready-to-use configs for BIND and dnsmasq, stored to the files

/etc/zimbra-talk/dnsmasq.conf
/etc/zimbra-talk/bind.conf

When installation is finished, a tool is provided to check for correct DNS settings, located in

/usr/share/ztalk/libexec/check_talk_dns.sh

You can find real BIND and dnsmasq examples at the Appendix

Preparing Zimbra Environment

Zimbratalk-install-progress-002.png

Required Information / Credentials

During the installation of the Talk server the installer will ask for several settings and information about your Zimbra and network environment. It is recommended to fetch this information now and copy it to a text for convenient usage later on. Run all the following commands as user zimbra.

  • Zimbra (and master LDAP) fully qualified domain (FQDN).
$ zmhostname
zimbra.yourdomain.tld
  • LDAP access to your master LDAP - please login to your LDAP Master and execute as zimbra user:
$ zmlocalconfig -s zimbra_ldap_password
zimbra_ldap_password = w_A77uZ9

The installer will check for additional settings and fetch these automatically. If any additional adjustments are required on your zimbra server, the installer will provide details.

General Settings

On every Mailbox-Server

In preparation you should change these settings prior to installing the Talk server:

zmprov mcf zimbraZimletJspEnabled TRUE
zmprov mc "$COSNAME" zimbraProxyAllowedDomains "*yourdomain.tld"
zmprov mcf +zimbraHttpThrottleSafeIPs $TalkServerIPv4		
zmprov mcf zimbraHttpDosFilterMaxRequestsPerSec 100
zmprov gdpak yourdomain.tld
zmprov mcf zimbraDefaultDomainName yourdomain.tld

Note: Replace $COSNAME with your actual Class of Service name, and the $TalkServerIP with the actual IP of your Talk server as well as yourdomain.tld by the actual domain name you get when executing this command on the Talk application server:

hostname -d

If you do not adjust the settings now, the installer will prompt you for it during the installation process.

Install Zimbra Talk Server

Zimbratalk-install-progress-003.png

The Talk Server has to be installed on a dedicated machine. Currently, the only supported environment is Ubuntu 14.04 server 64bit. While installing the base operating system, use the minimal installation and only add openSSH server to it. The installation is done by running the installer script. This will interactively ask for required information and afterwards install and configure all components.

Getting the Zimbra Talk Installer package

The tar xzvf zimbra-talk-XXXX.tar.gz , which you can download on the Zimbra Website, contains the TLS certificates required to communicate with the VNC package repository. As root user

tar xzvf zimbra-talk-XXXX.tar.gz 
chmod + install-zimbra-talk.sh
./install-zimbra-talk.sh

This will install quite a lot of dependencies and may take some time. We propose running the installation in a screen.

Installation process

After adding some additional package repositories and pre-installing some required components, the interactive installation process starts.

Please note that the installation process is logged on the next file, you can debug it in case that the installation process fails:

/var/log/apt/term.log

1. The first question asked by the installer is for the global system mode. As of now two modes are supported:

Zimbratalk-installer-001.png

  • locked mode: [YES] allows access to video calls only for zimbra users. External guests can not participate

in video calls.

  • open mode [No] allows access to video calls for anybody.

2. In the next five screens, the installer will ask for details to access Zimbra LDAP server and the public domain name of your talk server. Whenever a default value is available or can be determined, the input is pre-filled using this default value. In addition the installer provides you with the respective zimbra command-line, to fetch the required information from the Zimbra-server:

Zimbratalk-installer-002.png

Zimbratalk-installer-003.png

3. To obtain the Zimbra LDAP password, you can run the next command on the Zimbra Collaboration Server:

zmlocalconfig -s zimbra_ldap_password

Zimbratalk-installer-004.png

4. Now, please make sure you introduce the main domain for your Zimbra Talk Configuration, for example zimbra.com so all your users should be like bob@zimbra.com, etc. If your primary email domain is "example.zimbra.com" and users are at "bob@example.zimbra.com", use "example.zimbra.com". The domain entered MUST be a valid email domain on your Zimbra installation.

Zimbratalk-installation-005.png

5. Once these details are provided, the installer checks for the required Zimbra settings and provides feedback about required modifications still pending on Zimbra side:

In case you've missed some of the Zimbra requirements, the Zimbra Talk installer will check for the needed commands and suggest them on the screen, please execute them on the Zimbra Collaboration Server:

Zimbratalk-installation-012.png

After all the parameters are properly configured on the Zimbra Collaboration Server, then we can continue

Zimbratalk-installer-006.png

6. After successfully validating the Zimbra settings, the default LDAP Roster Filter has to be set. The proposed filter will create Roster from all existing Distribution Lists (per domain only):

Zimbratalk-installer-007.png

You can accept the provided default value here, since the default filter can be changed afterwards by editing the value DefaultRosterFilter in the config file: /etc/zimbra-talk/talk.defaults.cfg as well as domain specific by modifying the value RosterFilter in the respective domain’s section [domain:<domainname>] in that file as well. To apply the changes made to /etc/zimbra-talk/talk.defaults.cfg, just update the prosody config and restart prosody service by executing:

sudo /usr/share/ztalk/libexec/update-prosody-conf
sudo service prosody restart

7. Now the installer will create the Talk application server’s databases. If you do not want to use external databases let the installer create them automatically by selecting "Yes" here:

Zimbratalk-installer-008.png

8. When asked for a commercial certificate it is highly recommended to provide a valid commercial certificate. Using self-signed certificates can create weird and hard-to-debug errors, as these certificates will have to be imported into the zimbra truststore as well as into all client systems.

Zimbratalk-installer-009.png

When selecting "YES" here, you will be prompted in the next two screens to enter the path to the certificate’s key file (no screenshot) and certificate file. Provide the filenames with full path to the installer here. The files will be copied to

/etc/zimbra-talk/ztalk-ssl-cert.key and
/etc/zimbra-talk/ztalk-ssl-cert.pem

afterwards. The installer will only accept valid key-files and certificates and will request you to reenter the filepaths in case of an error is detected.

Zimbratalk-installer-010.png

9. Next up you will have to provide some more information about your Zimbra environment:

Zimbratalk-installer-011.png

Zimbratalk-installation-014.png

Zimbratalk-installer-013.png

Zimbratalk-installer-014.png

Zimbratalk-installer-015.png

10. Once this is done, the installer asks if the server is behind a NAT/Firewall. If you are using Split DNS answer "Yes" here. If you are installing this in the Amazon Cloud, answer "Yes".

Zimbratalk-installer-016.png

11. In the next step, you are asked if you want to use the default virtual hostnames. These are the names mentioned in section "Certificate Requirements" In most cases it is safe to answer "Yes". If you say "No" here, the installer will prompt you for all the required virtual hostnames afterwards.

Zimbratalk-installer-017.png

12. After accepting Middleware app name and choosing to use the default ports (recommended),

Zimbratalk-installer-018.png

Zimbratalk-installer-019.png

the remaining dependent packages are now installed and configured.

When the process is finished and you selected "Yes" when asked if the server is behind a NAT/Firewall in screen 16, you are now prompted with two additional screens, asking you to enter either the external

  • IPv4 or
  • IPv6 address

Only one IP-address type is required to enter here. The other input field could be left empty. In case the answer was "No" in screen 16, the next two screens are skipped and the DNS configuration is created right away. When finished, you will be informed about it by screen

13. (Optional) Add external IP:

Zimbratalk-installer-020.png

Zimbratalk-installer-021.png

14. DNS configuration created:

Zimbratalk-installer-022.png

After pressing "Ok", the dnsmasq config is displayed. There is no need to copy anything from here, since it is stored as a dnsmasq.conf file as well as a bind.conf file to:

/etc/zimbra-talk/dnsmasq.conf
/etc/zimbra-talk/bind.conf

15. Finally the required settings for admin UI are displayed:

Zimba Talk installation (nearly) done.
please configure in Zimbra Admin UI these settings:
XMPP server URL: https://<server-URL-forAdminUI>
XMPP server URL Port: 443
External User server URL: https://<server-URL-forAdminUI>
External User URL Port: 443
Authentication Token: ahshohsaopeequepaedahxiqueigohri
Etherpad URL: https://<server-URL-forAdminUI>
Etherpad URL Port: 443

Install & Configure the Zimbra Talk Zimlet

Zimbratalk-install-progress-004.png

This section describes how to install and configure the Zimbra Talk zimlet on a Zimbra 8.6 or higher environment. Before installing the zimlet you need to install and configure zmpkg in order to install the Zimbra OEM zimlets.

Customizing Zimbra proxy settings

On every Zimbra-Proxy server

Open the file /opt/zimbra/conf/nginx/templates/nginx.conf.web.https.default.template and search this line:

#For long polling of Microsoft ActiveSync								

Before that line insert:

    location ^~ /VNCMiddleware										
    {													
         proxy_cache off;											
         proxy_read_timeout 500s;										
         proxy_pass_header Cookie;										
         proxy_pass      http://$TalkServerIP:8080/VNCMiddleware;						
    }													
     #For long polling of Microsoft ActiveSync		

Note: replace $TalkServerIP with the actual IP of your Talk server. The actual config will be updated and used after

Update the proxy config:

/opt/zimbra/libexec/zmproxyconfgen

Installing zmpkg

Open the link: http://packages.vnc.biz/zmpkg/bootstrap/ in the browser and download the latest zmpkg installer from there. The latest version is always available at url http://packages.vnc.biz/zmpkg/bootstrap/zmpkg-installer-latest.tar.gz And transfer it to your machine where Zimbra is installed. You can copy the link and use wget to download it directly into your machine where Zimbra is installed. For an example:


wget http://packages.vnc.biz/zmpkg/bootstrap/zmpkg-installer-latest.tar.gz 				

Extract the downloaded file:

tar xfvz zmpkg-installer-latest.tar.gz 									

Change to the extracted directory and execute the installer. Run the installer as user root. The install script will also install the needed dependencies.

$ cd zmpkg-installer-1.4.4.1 
$ sudo ./install.sh 												

Switch to zimbra user using

$ sudo su - zimbra											 

And check whether zmpkg is installed or not using zmpkg list command.

$ zmpkg list 												

Note: if your system is behind an proxy, you might have to set the $http_proxy environment variable accordingly:

export http_proxy=http://<proxy-host>:<proxy-port>/ 							

It may be required to add the http_proxy variable to zimbra user's .profile or .bashrc.

Configuring zmpkg

Because zmpkg works like apt-get it is possible to change the repository URL from which the zimlets are installed. For this you need to log in as the zimbra user, then edit the apt.sources file /opt/zimbra/extensions- extra/zmpkg/etc/apt/sources.list

$ sudo su - zimbra
											
$ vim /opt/zimbra/extensions-extra/zmpkg/etc/apt/sources.list 						

You need to add the commercial repository. Finally the source.list le should look like this:

## automatic entry generated by bootstrap install								
## NOTE: you should retain formatting (spaces instead of tabs) for further automatic config upgrades to work
deb http://packages.vnc.biz/zmpkg/current judaspriest free restricted commercial				
## uncomment this if you want to use commercial VNC products						
## NOTE: these products are free for evaluation-only, but charged on usage					
##       please see http://www.vnc.biz/ for more information						
# deb http://packages.vnc.biz/zmpkg/current judaspriest commercial					
													
## add your own repos here 	

Installing zcs-vnc-talk Zimlet

After installing zmpkg succesfully, logged in as the zimbra user in the Zimbra ZCS environment run the following shell commands

zm-apt-get update
											
zm-apt-get install zcs-vnc-talk 										
zmcontrol restart 											

This commands use zmpkg to update the repository and install the Zimbra Talk zimlet. After the installation restart mailboxd using zmmailboxdctl restart to make the changes available in the ZCS.

Listing installed zimlets

Check if the zimlet is installed using command zmpkg list.

zmpkg list

Upgrading installed zimlets

zm-apt-get update 											
zm-apt-get upgrade 											

Configuring zcs-vnc-talk Zimlet

After the Zimbra ZCS environment restarted all services and after the Zimbra Talk backend server is fully installed and configured, you have to configure the Zimbra Talk zimlet. Open Zimbra Admin interface as the Zimbra-admin, then navigate to the section Configure-> Zimbra Talk Zimlet. This is the Zimbra Talk global configuration section. Wiki-zimbra-talk-003.png

Usually only the parameters in the Basic XMPP configuration section have to be configured. The other sections are optional and only required in special cases.

Post Installation tasks Zimbra Talk

Zimbratalk-install-progress-005.png

Basic XMPP configuration

This section contains the basic parameters needed by Zimbra Talk to work for all domains existing in the Zimbra ZCS6.

After setting this configuration, click on the upper left side the save button.

Activate zimlet for users in domain

In order to use the Zimlet, you have to activate it for users in your domain. In addition, currently all users have to be members of at least one distribution list that is found with the LDAP query configured in during backend installation. To create a list containing (nearly) all domain members, you can run these commands as zimbra user:

$ zmprov -l gaa | grep "$yourdomain.com" | egrep -v "(spam|ham|virus|galsync)" > /tmp/users.raw	
$ cat /tmp/users.raw | awk '{print "adlm allusers@$yourdomain.com " $1}' > /tmp/users.prov	
$ zmprov cdl allusers@$yourdomain.com								
$ zmprov -f /tmp/users.prov									

Note: replace $yourdomain.com with your actual domain.

Appendix

Zimbra Talk License

Zimbra Talk it's installed by default with a 30-day Trial License, with up to 30 users, and all the features enabled. You can find the license file in the next directory:

/etc/clouddirectory/licenses/trial-license.lic									

If you want to decode the content and read it, you can run the next command:

root@zimbratalk:~# openssl x509 -in /etc/clouddirectory/licenses/trial-license.lic -noout -text | grep "Subject:" | tr ',' '\n'
Subject: C=CH												
 ST=ZG													
 L=Zug													
 O=VNC Zimbra Talk Trial											
 CN=edition:Standard/emailAddress=info@zimbra.com								
 CN=vncTalk.video												
 CN=vncTalk.externalGuestInvitation										
 CN=vncTalk.singleTextChat											
 CN=vncTalk.groupTextChat											
 CN=vncTalk.fileTransfer											
 CN=vncTalk.documentCollaboration										
 CN=vncTalk.screenshare											
 CN=vncTalk.calendarInvitation										
 CN=accountLimit:30 

Required DNS Records

BIND DNS Records Example

;;
;; Zimbra XMPP server
;;
;; A records for XMPP server
;; OWNER-NAME TTL CLASS RR IPV4
;example.com. 300 IN A $YOUR.IPv4 ; Use this record if the server has this dns name
xmpp.example.com. 300 IN A $YOUR.IPv4 ; Zimbra Talk prosody full hostname
conference.example.com. 300 IN A $YOUR.IPv4
external.example.com. 300 IN A $YOUR.IPv4
conference.external.example.com. 300 IN A $YOUR.IPv4
auth.example.com. 300 IN A $YOUR.IPv4
jitsi-videobridge.example.com. 300 IN A $YOUR.IPv4
focus.example.com. 300 IN A $YOUR.IPv4
turn.example.com. 300 IN A $YOUR.IPv4
;stun.example.com. 300 IN A $YOUR.IPv4
;;
;; XMPP special records
;;
;; TXT records for BOSH and Websocket
;; OWNER-NAM TTL CLASS RR TEXT
_xmppconnect.xmpp.example.com. 300 IN TXT "_xmpp-client-xbosh=https://xmpp.example.com:443/http-bind"
_xmppconnect.example.com. 300 IN TXT "_xmpp-client-xbosh=https://xmpp.example.com:443/http-bind"
_xmppconnect.external.example.com. 300 IN TXT "_xmpp-client-xbosh=https://xmpp.example.com:443/http-bind"
;;
;; SRV records for XMPP
;; SRVCE.PROT.OWNER-NAME TTL CLASS RR PRI WEIGHT PORT TARGET
_xmpp-client._tcp.example.com. 300 IN SRV 0 5 5222 xmpp.example.com.
_xmpp-server._tcp.example.com. 300 IN SRV 0 5 5269 xmpp.example.com.
_xmpp-client._tcp.xmpp.example.com. 300 IN SRV 0 5 5222 xmpp.example.com.
_xmpp-server._tcp.xmpp.example.com. 300 IN SRV 0 5 5269 xmpp.example.com.
_xmpp-client._tcp.auth.example.com. 300 IN SRV 0 5 5222 xmpp.example.com.
_xmpp-server._tcp.auth.example.com. 300 IN SRV 0 5 5269 xmpp.example.com.
_xmpp-client._tcp.focus.example.com. 300 IN SRV 0 5 5222 xmpp.example.com.
_xmpp-server._tcp.focus.example.com. 300 IN SRV 0 5 5269 xmpp.example.com.
_xmpp-client._tcp.jitsi-videobridge.example.com. 300 IN SRV 0 5 5222 xmpp.example.com.
_xmpp-server._tcp.jitsi-videobridge.example.com. 300 IN SRV 0 5 5269 xmpp.example.com.
_xmpp-client._tcp.conference.example.com. 300 IN SRV 0 5 5222 xmpp.example.com.
_xmpp-server._tcp.conference.example.com. 300 IN SRV 0 5 5269 xmpp.example.com.
_xmpp-client._tcp.external.example.com. 300 IN SRV 0 5 5222 xmpp.example.com.
_xmpp-server._tcp.external.example.com. 300 IN SRV 0 5 5269 xmpp.example.com.
_xmpp-client._tcp.conference.external.example.com. 300 IN SRV 0 5 5222 xmpp.example.com.
_xmpp-server._tcp.conference.external.example.com. 300 IN SRV 0 5 5269 xmpp.example.com.

dnsmasq DNS Records Example

##
## Zimbra XMPP server
##
## A records for XMPP server
## DOMAIN IPv4
#address=/example.com/$YOUR.IPv4 # Use this record if the server has this dns name
address=/xmpp.example.com/$YOUR.IPv4
address=/conference.example.com/$YOUR.IPv4
address=/external.example.com/$YOUR.IPv4
address=/conference.external.example.com/$YOUR.IPv4
address=/auth.example.com/$YOUR.IPv4
address=/jitsi-videobridge.example.com/$YOUR.IPv4
address=/focus.example.com/$YOUR.IPv4
address=/turn.example.com/$YOUR.IPv4
#address=/stun.example.com/$YOUR.IPv4
##
## XMPP special records
##
## TXT records for BOSH and Websocket
## OWNER-NAM TEXT
txt-record=_xmppconnect.xmpp.example.com,"_xmpp-client-xbosh=https://xmpp.example.com:443/http-bind"
txt-record=_xmppconnect.example.com,"_xmpp-client-xbosh=https://xmpp.example.com:443/http-bind"
txt-record=_xmppconnect.external.example.com,"_xmpp-client-xbosh=https://xmpp.example.com:443/http-bind"
##
## SRV records for XMPP
## SRVCE.PROT.OWNER-NAME TARGET PORT
srv-host=_xmpp-client._tcp.example.com,xmpp.example.com,5222
srv-host=_xmpp-server._tcp.example.com,xmpp.example.com,5269
srv-host=_xmpp-client._tcp.xmpp.example.com,xmpp.example.com,5222
srv-host=_xmpp-server._tcp.xmpp.example.com,xmpp.example.com,5269
srv-host=_xmpp-client._tcp.conference.example.com,xmpp.example.com,5222
srv-host=_xmpp-server._tcp.conference.example.com,xmpp.example.com,5269
srv-host=_xmpp-client._tcp.external.example.com,xmpp.example.com,5222
srv-host=_xmpp-server._tcp.external.example.com,xmpp.example.com,5269
srv-host=_xmpp-client._tcp.conference.external.example.com,xmpp.example.com,5222
srv-host=_xmpp-server._tcp.conference.external.example.com,xmpp.example.com,5269
srv-host=_xmpp-client._tcp.auth.example.com,xmpp.example.com,5222
srv-host=_xmpp-server._tcp.auth.example.com,xmpp.example.com,5269
srv-host=_xmpp-client._tcp.focus.example.com,xmpp.example.com,5222
srv-host=_xmpp-server._tcp.focus.example.com,xmpp.example.com,5269
srv-host=_xmpp-client._tcp.jitsi-videobridge.example.com,xmpp.example.com,5222
srv-host=_xmpp-server._tcp.jitsi-videobridge.example.com,xmpp.example.com,5269

Split DNS

Split DNS, sometimes also called split-horizon DNS is a common network setup method used for hosting environments. The idea is to use private network IP addresses in your hosting environment and provide public access using network address translation. Usually this allows for a more flexible datacenter setup while the availability of public IP addresses is limited. The downside is that DNS has to provide different replies to the same query.

Another side effect is that when connection information is transmitted inside network communication, it usually has to be translated as well. Zimbra Talk uses STUN/TURN to mitigate these problems, but the servers have to know the actual public IP address that will be used in order to create correct announcement for video connections.


Zimbra Talk

zimbra-talk-logo.png

Latest Version: 2.3

Zimbra Talk Resources

Here you can find useful resources for your Zimbra Talk environment

Verified Against: Zimbra Collaboration Suite 8.7, 8.6 Date Created: 05/04/2016
Article ID: https://wiki.zimbra.com/index.php?title=How_to_Install_Zimbra_Talk Date Modified: 12/28/2016



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »


Wiki/KB reviewed by Jorge Edu Godinho Copyeditor Last edit by Mnichols
Jump to: navigation, search