Microsoft Lync 2013

 Download PDF File
9.0

Table of Contents

1.1Microsoft Lync 2013

1.2Document Purpose

1.3Prerequisites

3.1Disable SNAT Globally

3.2Subnet Originating Requests

3.3Change Drop Connections Settings

3.4Increase the Connection Timeout

3.5Connection Scaling For Large Scale Deployments

5.1DNS Only Configuration

5.1.1Lync Internal WebSvc HTTPS Virtual Service

5.1.2Lync Director 2013 DNS Virtual Service

5.1.3Lync Internal WebSvc HTTP Virtual Service

5.2HLB Only Configuration

5.2.1Lync Director 2013 HLB Virtual Service

5.2.2Lync Internal Director SIP Virtual Service

5.2.3Lync Mediation Virtual Service

5.2.4Lync Edge Internal AV Media TCP Virtual Service

5.2.5Lync Edge Internal AV Media UDP Virtual Service

5.2.6Lync Edge Internal SIP Virtual Service

5.2.7Lync Internal WebSvc HTTP Virtual Service

5.2.8Lync Internal Front-End DCOM Virtual Service

5.2.9Lync Internal WebSvc HTTPS Virtual Service

5.2.10Lync Internal Front-End SIP Virtual Service

5.2.11Configure Edge Virtual Services

5.3Common to Both

5.3.1Lync Office Web App Servers Virtual Service

5.3.2Lync Director Reverse Proxy HTTP Virtual Service

5.3.3Lync Director Reverse Proxy HTTPS Virtual Service

5.3.4Lync Front End Reverse Proxy HTTP Virtual Service

5.3.5Lync Front End Reverse Proxy HTTPS Virtual Service

6.1Server Maintenance

6.2Loss of Failover while using DNS

6.3Hardware Load Balancing

 

1Introduction

KEMP’s LoadMaster family of purpose-built hardware and Virtual Appliances (VLM) offer advanced Layer 4 and Layer 7 server load balancing, content switching, SSL Acceleration and a multitude of other advanced Application Delivery and Optimization (ADC) features.

KEMP’s LoadMaster fully supports Microsoft’skey solutions and are approved by Microsoft (KEMP is a Microsoft Gold partner).The LoadMaster efficiently distributes user traffic for Microsoft Lync 2013 so that users get the best experience possible.

The entire KEMP LoadMaster product family, including the Virtual LoadMaster (VLM) supports Microsoft Lync 2013.

For more information about KEMP Technologies, visit us online at www.kemptechnologies.com.

1.1Microsoft Lync 2013

Microsoft Lync is a communications tool which provides services such as audio/video conferencing, Instant Messaging (IM) and Voice over Internet Protocol (VoIP). These services can all be accessible from the Internet, or from an internal network. Microsoft Lync allows companies to enhance collaboration amongst employees.

A number of enhancements have been made in Microsoft Lync 2013. The network topology setup is quite similar to the previous version but with a number of small differences. Changes include the consolidation of the archiving and monitoring features towards the front-end servers (optional feature). The Lync 2010 Director role is now optional and is not recommended anymore. Less servers are needed because front-end servers can now take the role of Director.

1.2Document Purpose

This documentation is intended to provide guidance on how to configure KEMP LoadMaster products to provide high availability for a Microsoft Lync Server 2013 environment. This documentation is created using a representative sample environment described later in the document. As this documentation is not intended to cover every possible deployment scenario it may not address unique setup or requirements. The KEMP Support Team is available to provide solutions for scenarios not explicitly defined.

1.3Prerequisites

It is assumed that the reader is a network administrator or a person otherwise familiar with networking and general computer terminology. It is further assumed that the Microsoft Lync Server 2013 environment has been set up and the KEMP LoadMaster has been installed.

Other LoadMaster documentation can be referred to as needed from http://www.kemptechnologies.com/documentation.

The minimum requirements that should be met before proceeding are as follows:

  • LoadMaster firmware version 7.0-6 or above should be installed
  • Configured and published Microsoft Lync Server architecture with Lync Topology builder
  • Installed the Microsoft Servers, Active Directories and followed other Microsoft requirements
  • Configured internal and external DNS entries for Front-End, Director and Edge pools
  • Established access to the LoadMaster Web User Interface (WUI)

2Load Balancing Microsoft Lync 2013

Figure 2‑1: Lync 2013 Network Topology

Deploying a Microsoft Lync environment can require multiple servers in Front-End pools and Edge server pools. Load balancing is necessary in this situation to distribute the traffic amongst these servers.

Microsoft Lync Server 2013 supports two load balancing solutions: DNS load balancing and Hardware Load Balancing (HLB). Hardware load balancers are also required to provide load balancing for the internal and external web services when DNS load balancing is used.

Different load balancing methods cannot be used on the Edge internal and Edge external interfaces, for example, DNS load balancing cannot be used on the Edge internal interface when hardware load balancing is being used on the Edge external interface. Health checking at the LoadMaster ensures that, if one of the servers becomes inaccessible, the load balancer will take the sever offline and automatically re-route and reconnect users to other functioning servers.

KEMP Technology recommend the configuration as depicted in Figure 2.1. If your configuration differs from the recommended configuration and there are issues deploying the LoadMaster, please contact the local KEMP Support Team for assistance.

3General Configuration

Some recommended general LoadMaster configuration settings are outlined below. These options can be set within the LoadMaster WUI.

3.1Disable SNAT Globally

By default, global Server Network Address Translation (SNAT) is enabled in the LoadMaster settings. KEMP recommends disabling SNAT globally when using the LoadMaster with a Lync 2013 environment. To disable SNAT globally, follow the steps below:

  1. In the main menu, select System Configuration.
  2. Select Miscellaneous Options.
  3. Select Network Options.

Figure 3‑1: Disable SNAT globally

  1. Remove the check from the Enable Server NAT check box.

3.2Subnet Originating Requests

When the LoadMaster is deployed in a two-armed configuration, KEMP recommends enabling Subnet Originating Requests. When this option is enabled, the LoadMaster will use its local IP address, instead of the IP address of the Virtual Service, when communicating to the Real Servers.

Subnet Originating Requests can be enabled on a per-Virtual Service or a global basis.

It is recommended that the Subnet Originating Requests option is enabled on a per-Virtual Service basis.

To enable Subnet Originating Requests globally, follow the steps below:

  1. In the main menu of the LoadMaster WUI, select System Configuration > Miscellaneous Options > Network Options.

Figure 3‑2: Network Options

  1. Select the Subnet Originating Requests check box.

3.3Change Drop Connections Settings

The LoadMaster must be configured to drop connections on Real Server Failure to have fast failover for clients to another Real Server.

  1. To configure dropping connections, click System Configuration.
  1. Click Miscellaneous Options.
  2. Click L7 Configuration.

Figure 3‑3: Enable Drop Connections on RS failure option

  1. Select the Drop Connections on RS failure checkbox.

3.4Increase the Connection Timeout

The Loadmaster Connection Timeout must be set to one day. The reason why this value can be set so high is because the LoadMaster monitors client connection to Real Servers and if a server fails then the LoadMaster can drop the associated client connections to that real server. Clients are disconnected from the LoadMaster and then reconnected to the LoadMaster to connect to another Real Server.

One day is the maximum value for this setting and it must be used in conjunction with the Drop Connections on RS failure option.

  1. To configure the Connection Timeout, click System Configuration.
  1. Click Miscellaneous Options.
  2. Click L7 Configuration.

Figure 3‑4: Set L7 Connection Drain Time

  1. Enter 86400 (1 day) in the L7 Connection Drain Time (secs) field and click Set Time.

3.5Connection Scaling For Large Scale Deployments

Execution of this procedure is optional and should be used only in cases where network traffic is expected to be greater than 64,000 server connections at any one particular time.

L7 Transparency must be disabled in order to use connection scaling.

  1. To use connection scaling, click System Configuration.
  2. Click Miscellaneous Options.
  3. Click L7 Configuration.

Figure 3‑5: Allow connection scaling

  1. Select the Allow connection scaling over 64K Connections checkbox.
  2. Click Virtual Services.
  3. Click View/Modify Services.
  4. Click the Modify button of the appropriate Virtual IP Address.
  5. Expand the Advanced Properties section.

Figure 3‑6: Advanced Properties section

  1. In the Advanced Properties panel, input a list of Alternate Source Addresses. Multiple IPV4 addresses must be separated with a space; each must be unallocated and allow 64K connections.
  2. Click the Set Alternate Source Addresses button.

4Lync 2013 Template

KEMP have developed a template containing our recommended settings for Lync 2013. This template can be installed on the LoadMaster and can be used when creating each of the Virtual Services. Using a template automatically populates the settings in the Virtual Services. This is quicker and easier than manually configuring each Virtual Service. If needed, changes can be made to any of the Virtual Service settings after using the template.

Released templates can be downloaded from the KEMP documentation page: http://www.kemptechnologies.com/documentation/.

If you create another Virtual Service using the same template, ensure to change the Service Name to a unique name.

For more information and steps on how to import and use templates, refer to the Virtual Services and Templates, Feature Description.

For steps on how to manually add and configure each of the Virtual Services, refer to Section5.

5Configuring Virtual Services for Lync 2013

This deployment guide covers three types of Virtual Service; DNS Only, HLB only and those that are common to both types of environment. The below sections provide instructions and recommended configuration options for setting up a KEMP LoadMaster to work with Lync 2013 using these configuration options.

For an explanation of each of the fields mentioned, refer to the Web User Interface (WUI), Configuration Guide.

5.1DNS Only Configuration

Refer to the sections below for instructions on how to set up the LoadMaster using a DNS only configuration.

Microsoft recommends that DNS load balancing is used for Session Initiation Protocol (SIP) traffic. Microsoft also recommend that web services are configured to override FQDN for internal web services.

Source-IP Persistence

Source IP persistence can be used but take care before enabling it because:

  • Clients from behind an NAT device show up as a single IP
  • It can result in uneven connection distribution

Cookies

If cookies are used, there is no negative impact. However, there are some requirements:

  • The cookie must be named MS-WSMAN
  • It must not expire
  • It must not be marked httpOnly
  • Cookie optimization should be turned off

To configure the various Front-End Virtual Services, refer to the sections below.

5.1.1Lync Internal WebSvc HTTPS Virtual Service

To configure a Virtual Service for Lync Internal WebSvc HTTP, follow the steps below:

  1. Click the Add New button.

Figure 5‑15‑2: Add New VS screen

  1. Enter a Virtual Address.
  2. Enter 443 in the Port field.
  3. Enter a recognisable Service Name, for example Lync Internal WebSvc HTTPS.
  4. Ensure that TCP is set as the Protocol.
  5. Click Add This Virtual Service.

Figure 5‑35‑4: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Ensure the Force L4 checkbox is clear (if visible).

b)Enter 4443 in the Extra Ports field and click Set Extra Ports.

c)Ensure the Transparency checkbox is clear.

d)Select Source IP Address as the Persistence Mode.

e)Select 20 Minutes as the Persistence Timeout.

f)Select least connection as the Scheduling Method.

g)Enter 1800 in the Idle Connection Timeout field and click Set Idle Timeout.

Figure 5‑55‑6: Real Servers section

  1. Expand the Real Servers section and select the following options:

a)Select TCP Connection Only in the drop-down menu.

b)Enter 5061 in the Checked Port field and click Set Check Port.

5.1.2Lync Director 2013 DNS Virtual Service

To configure a Virtual Service for Lync Director, follow the steps below:

  1. Click the Add New button.

Figure 5‑7: Add New VS screen

  1. Enter a Virtual Address.
  2. Enter 443 in the Port field.
  3. Enter a recognisable Service Name, for example Lync Director.
  4. Ensure that TCP is set as the Protocol.
  5. Click Add This Virtual Service.

Figure 5‑8: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Enter 444,4443 in the Extra Ports field and click the Set Extra Ports button.

b)Remove the tick from the Transparency check box.

c)Select Source IP Address as the Persistence Mode.

d)Select 20 Minutes as the Persistence Timeout.

e)Select least connection as the Scheduling Method.

f)Enter 1800 in the Idle Connection Timeout field and click Set Idle Timeout.

Figure 5‑9: Real Servers section

  1. Expand the Real Servers section.
  2. Select TCP Connection Only as the Real Server Check Parameters.
  3. Enter 5061 in the Checked Port field and click Set Check Port.

5.1.3Lync Internal WebSvc HTTP Virtual Service

To configure a Virtual Service for Lync Internal WebSvc HTTP, follow the steps below:

  1. Click the Add New button.

Figure 5‑10: Add New VS screen

  1. Enter a Virtual Address.
  2. Enter 80 in the Port field.
  3. Enter a recognisable Service Name, for example Lync Internal WebSvc HTTP.
  4. Ensure that tcp is set as the Protocol.
  5. Click Add This Virtual Service.

Figure 5‑11: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Enter 8080 in the Extra Ports text box and click the Set Extra Ports button.

b)Select Source IP Address as the Persistence Mode.

c)Select 20 Minutes as the Persistence Timeout.

d)Select least connection as the Scheduling Method.

e)Enter 1800 in the Idle Connection Timeout field and click Set Idle Timeout.

Figure 5‑12: Real Servers section

  1. Expand the Real Servers section and select the following options:

a)Select TCP Connection Only in the drop-down menu.

b)Enter 5061 in the Checked Port field and click Set Check Port.

5.2HLB Only Configuration

The HLB only configuration instructions are below.

5.2.1Lync Director 2013 HLB Virtual Service

To configure a Virtual Service for Lync Director, follow the steps below:

  1. Click the Add New button.

Figure 5‑13: Add New VS screen

  1. Enter a Virtual Address.
  2. Enter 443 in the Port field.
  3. Enter a recognisable Service Name, for example Lync Director.
  4. Ensure that TCP is set as the Protocol.
  5. Click Add This Virtual Service.

Figure 5‑14: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Enter 444,4443 in the Extra Ports field and click the Set Extra Ports button.

b)Remove the tick from the Transparency check box.

c)Select Source IP Address as the Persistence Mode.

d)Select 20 Minutes as the Persistence Timeout.

e)Select least connection as the Scheduling Method.

f)Enter 1800 in the Idle Connection Timeout field and click Set Idle Timeout.

Figure 5‑15: Real Servers section

  1. Expand the Real Servers section.
  2. Select TCP Connection Only as the Real Server Check Parameters.
  3. Enter 5061 in the Checked Port field and click Set Check Port.

5.2.2Lync Internal Director SIP Virtual Service

To configure a Virtual Service for Lync Internal Director SIP, follow the steps below:

  1. Click the Add New button.

Figure 5‑16: Add New VS screen

  1. Enter a Virtual Address.
  1. Enter 5061 in the Port field.
  2. Enter a recognisable Service Name, for example Lync Internal Director SIP.
  3. Ensure that tcp is set as the Protocol.
  4. Click Add This Virtual Service.

Figure 5‑17: Basic Properties section

  1. Within the Basic Properties section, select Generic as the Service Type.

Figure 5‑18: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Ensure the Force L4 checkbox is clear.

b)Ensure the Transparency checkbox is clear.

c)Select Normal Protocols in the Server Initiating Protocols drop-down menu.

d)Select Source IP Address as the Persistence Mode.

e)Select 20 Minutes as the Persistence Timeout.

f)Select least connection as the Scheduling Method.

g)Enter 1800 in the Idle Connection Timeout field and click Set Idle Timeout.

Figure 5‑19: Real Servers section

  1. Expand the Real Servers section and select the following options:

a)Select TCP Connection Only in the drop-down menu.

b)Enter 5061 in the Checked Port field and click Set Check Port.

5.2.3Lync Mediation Virtual Service

DNS-only load balancing is sufficient for Mediation pools. If using the LoadMaster instead of DNS, load balance only TCP port 5070.

To configure a Virtual Service for Lync Mediation, follow the steps below:

  1. Click the Add New button.

Figure 5‑205‑21: Add New VS screen

  1. Enter a Virtual Address.
  2. Enter 5070 in the Port field.
  3. Enter a recognisable Service Name, for example Lync Mediation.
  4. Ensure that TCP is set as the Protocol.
  5. Click Add This Virtual Service.

Figure 5‑225‑23: Basic Properties section

  1. Within the Basic Properties section, select Generic as the Service Type.

Figure 5‑245‑25: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Ensure the Force L4 checkbox is clear.

b)Ensure the Transparency checkbox is clear.

c)Select Normal Protocols in the Server Initiating Protocols drop-down menu.

d)Select Source IP Address as the Persistence Mode.

e)Select 20 Minutes as the Persistence Timeout.

f)Select least connection as the Scheduling Method.

g)Enter 1800 in the Idle Connection Timeout field and click Set Idle Timeout.

Figure 5‑265‑27: Real Servers section

  1. Expand the Real Servers section and select the following options:

a)Select TCP Connection Only in the drop-down menu.

b)Enter 5070 in the Checked Port field and click Set Check Port.

5.2.4Lync Edge Internal AV Media TCP Virtual Service

This is the failback path for A/V media transfer. It is used for file transfer and desktop sharing.

To configure a Virtual Service for Lync Edge Internal AV Media TCP, follow the steps below:

  1. Click the Add New button.

Figure 5‑28: Add New VS screen

  1. Enter a Virtual Address.
  2. Enter 443 in the Port field.
  3. Enter a recognisable Service Name, for example Lync Edge Internal AV Media TCP.
  4. Ensure that TCP is set as the Protocol.
  5. Click Add This Virtual Service.

Figure 5‑29: Basic Properties section

  1. Within the Basic Properties section, select Generic as the Service Type.

Figure 5‑30: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Ensure that the Force L4 check box is clear.

b)Ensure that the Transparency check box is clear.

c)Select Normal Protocols in the Server Initiating Protocols drop-down menu.

d)Select Source IP Address as the Persistence Mode.

e)Select 20 Minutes as the Persistence Timeout.

f)Select least connection as the Scheduling Method.

g)Enter 1800 in the Idle Connection Timeout field and click Set Idle Timeout.

Figure 5‑31: Real Servers section

  1. Expand the Real Servers section and select the following options:

a)Select TCP Connection Only in the drop-down menu.

b)Enter 5061 in the Checked Port field and click Set Check Port.

5.2.5Lync Edge Internal AV Media UDP Virtual Service

This is the preferred path for A/V media transfer.

To configure a Virtual Service for Lync Edge Internal AV Media UDP, follow the steps below:

  1. Click the Add New button.

Figure 5‑32: Add New VS screen

  1. Enter a Virtual Address.
  2. Enter 3478 in the Port field.
  3. Enter a recognisable Service Name, for example Lync Edge Internal AV Media UDP.
  4. Select udp as the Protocol.
  5. Click Add This Virtual Service.

Figure 5‑33: Real Servers section

  1. Expand the Real Servers section.
  2. Select ICMP Ping in the Real Server Check Parameters drop-down menu.

5.2.6Lync Edge Internal SIP Virtual Service

This is used by Directors and FE Pools.

To configure a Virtual Service for Lync Edge Internal SIP, follow the steps below:

  1. Click the Add New button.

Figure 5‑34: Add New VS screen

  1. Enter a Virtual Address.
  1. Enter 5061 in the Port field.
  2. Enter a recognisable Service Name, for example Lync Edge Internal SIP.
  3. Ensure that tcp is set as the Protocol.
  4. Click Add This Virtual Service.

Figure 5‑35: Basic Properties section

  1. Within the Basic Properties section, select Generic as the Service Type.

Figure 5‑36: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Enter 5062 in the Extra Ports field and click Set Extra Ports.

Port 5062 is used by any FE pool and SBA

b)Select Normal Protocols in the Server Initiating Protocols drop-down menu.

c)Select Source IP Address as the Persistence Mode.

d)Select 20 Minutes as the Persistence Timeout.

e)Select least connection as the Scheduling Method.

f)Enter 1800 in the Idle Connection Timeout and click Set Idle Timeout.

Figure 5‑37: Real Servers section

  1. Expand the Real Servers section and select the following options:

a)Select TCP Connection Only in the Real Server Check Parameters drop-down menu.

b)Enter 5061 in the Checked Port field and click Set Check Port.

5.2.7Lync Internal WebSvc HTTP Virtual Service

To configure a Virtual Service for Lync Internal WebSvc HTTP, follow the steps below:

  1. Click the Add New button.

Figure 5‑38: Add New VS screen

  1. Enter a Virtual Address.
  2. Enter 80 in the Port field.
  3. Enter a recognisable Service Name, for example Lync Internal WebSvc HTTP.
  4. Ensure that tcp is set as the Protocol.
  5. Click Add This Virtual Service.

Figure 5‑39: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Enter 8080 in the Extra Ports text box and click the Set Extra Ports button.

b)Select Source IP Address as the Persistence Mode.

c)Select 20 Minutes as the Persistence Timeout.

d)Select least connection as the Scheduling Method.

e)Enter 1800 in the Idle Connection Timeout field and click Set Idle Timeout.

Figure 5‑40: Real Servers section

  1. Expand the Real Servers section and select the following options:

a)Select TCP Connection Only in the drop-down menu.

b)Enter 5061 in the Checked Port field and click Set Check Port.

5.2.8Lync Internal Front-End DCOM Virtual Service

To configure a Virtual Service for Lync Internal WebSvc HTTP, follow the steps below:

  1. Click the Add New button.

Figure 5‑41: Add New VS screen

  1. Enter a Virtual Address.
  2. Enter 135 in the Port field.
  3. Enter a recognisable Service Name, for example Lync Internal Front-End DCOM.
  4. Ensure that tcp is set as the Protocol.
  5. Click Add This Virtual Service.

Figure 5‑42: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Deselect the Transparency checkbox.

b)Select Normal Protocols in the Server Initiating Protocols drop-down menu.

c)Select Source IP Address as the Persistence Mode.

d)Select 20 Minutes as the Persistence Timeout.

e)Select least connection as the Scheduling Method.

f)Enter 1800 in the Idle Connection Timeout field and click Set Idle Timeout.

Figure 5‑43: Real Servers section

  1. Expand the Real Servers section and select the following options:

a)Select TCP Connection Only in the drop-down menu.

b)Enter 5061 in the Checked Port field and click Set Check Port.

5.2.9Lync Internal WebSvc HTTPS Virtual Service

To configure a Virtual Service for Lync Internal WebSvc HTTPS HLB Only, follow the steps below:

  1. Click the Add New button.

Figure 5‑44: Add New VS screen

  1. Enter a Virtual Address.
  2. Enter 443 in the Port field.
  3. Enter a recognisable Service Name, for example Lync Internal WebSvc HTTPS HLB Only.
  4. Ensure that tcp is set as the Protocol.
  5. Click Add This Virtual Service.

Figure 5‑45: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Select the Force L4 checkbox (if visible).

b)Enter 4443 in the Extra Ports field and click Set Extra Ports.

c)Ensure the Transparency checkbox is clear.

d)Select Source IP Address as the Persistence Mode.

e)Select 20 Minutes as the Persistence Timeout.

f)Select least connection as the Scheduling Method.

g)Enter 1800 in the Idle Connection Timeout field and click Set Idle Timeout.

Figure 5‑46: Real Servers section

  1. Expand the Real Servers section and select the following options:

a)Select TCP Connection Only in the drop-down menu.

b)Enter 5061 in the Checked Port field and click Set Check Port.

5.2.10Lync Internal Front-End SIP Virtual Service

To configure a Virtual Service for Lync Internal Front-End SIP, follow the steps below:

  1. Click the Add New button.

Figure 5‑47: Add New VS screen

  1. Enter a Virtual Address.
  2. Enter 5061 in the Port field.
  3. Enter a recognisable Service Name, for example Lync Internal Front-End SIP.
  4. Ensure that tcp is set as the Protocol.
  5. Click Add This Virtual Service.

Figure 5‑48: Basic Properties section

  1. Within the Basic Properties section, select Generic as the Service Type.

Figure 5‑49: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Ensure the Force L4 checkbox is clear.

b)Enter 448,5070-5073,5075,5076,5080 in the Extra Ports field and click the Set Extra Ports button.

c)Ensure the Transparency checkbox is clear.

d)Select Normal Protocols in the Server Initiating Protocols drop-down menu.

e)Select Source IP Address as the Persistence Mode.

f)Select 20 Minutes as the Persistence Timeout.

g)Select least connection as the Scheduling Method.

h)Enter 1800 in the Idle Connection Timeout field and click Set Idle Timeout.

Figure 5‑50: Real Servers section

  1. Expand the Real Servers section and select the following options:

a)Select TCP Connection Only in the drop-down menu.

b)Enter 5061 in the Checked Port field and click Set Check Port.

5.2.11Configure Edge Virtual Services

To configure the various Edge Virtual Services, refer to the sections below.

When load balancing external interfaces of Edge pools, the shared interface IP should be used as the default gateway on all Edge interfaces. Also, a publicly routable IP with no NAT or port translation must be used.

5.2.11.1Lync Edge External AV Media UDP Virtual Service

To configure a Virtual Service for Lync Edge External AV Media UDP, follow the steps below:

  1. Click the Add New button.

Figure 5‑51: Add New VS screen

  1. Enter a Virtual Address.
  2. Enter 3478 in the Port field.
  3. Enter a recognisable Service Name, for example Lync Edge External AV Media UDP.
  4. Select udp as the Protocol.
  5. Click Add This Virtual Service.

Figure 5‑52: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Select Source IP Address as the Persistence Mode.

b)Set the Timeout to 20 Minutes.

c)Select least connection as the Scheduling Method.

Figure 5‑53: Real Servers section

  1. Expand the Real Servers section.
  2. Select ICMP Ping in the Real Server Check Parameters drop-down menu.
5.2.11.2Lync Edge External SIP Virtual Service

To configure a Virtual Service for Lync Edge External SIP, follow the steps below:

  1. Click the Add New button.

Figure 5‑54: Add New VS screen

  1. Enter a Virtual Address.
  2. Enter 443 in the Port field.
  3. Enter a recognisable Service Name, for example Lync Edge External SIP.
  4. Ensure that tcp is set as the Protocol.
  5. Click Add This Virtual Service.

Figure 5‑55: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Ensure the Force L4 checkbox is clear.

b)Ensure the Transparency checkbox is clear.

c)Select Source IP Address as the Persistence Mode.

d)Select 20 Minutes as the Persistence Timeout.

e)Select least connection as the Scheduling Method.

f)Enter 1800 in the Idle Connection Timeout and click Set Idle Timeout.

Figure 5‑56: Advanced Properties section

  1. Expand the Real Servers section and select the following options:

a)Select TCP Connection Only in the Real Server Check Parameters drop-down menu.

b)Enter 5061 in the Checked Port field and click Set Check Port.

5.2.11.3Lync Edge External SIP Federation Virtual Service

To configure a Virtual Service for Lync Edge External SIP Federation, follow the steps below:

  1. Click the Add New button.

Figure 5‑57: Add New VS screen

  1. Enter a Virtual Address.
  1. Enter 5061 in the Port field.
  2. Enter a recognisable Service Name, for example Lync Edge External SIP Federation.
  3. Ensure that tcp is set as the Protocol.
  4. Click Add This Virtual Service.

Figure 5‑58: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Ensure the Force L4 checkbox is clear.

b)Ensure the Transparency checkbox is clear.

c)Select Source IP Address as the Persistence Mode.

d)Select 20 Minutes as the Persistence Timeout.

e)Select least connection as the Scheduling Method.

f)Enter 1800 in the Idle Connection Timeout and click Set Idle Timeout.

Figure 5‑59: Real Servers section

  1. Expand the Real Servers section and select the following options:

a)Select TCP Connection Only in the Real Server Check Parameters drop-down menu.

b)Enter 5061 in the Checked Port field and click Set Check Port.

5.2.11.4Lync Edge External XMPP Virtual Service

To configure a Virtual Service for Lync Edge External XMPP, follow the steps below:

  1. Click the Add New button.

Figure 5‑60: Add New VS screen

  1. Enter a Virtual Address.
  1. Enter 5269 in the Port field.
  2. Enter a recognisable Service Name, for example Lync Edge External XMPP.
  3. Ensure that tcp is set as the Protocol.
  4. Click Add This Virtual Service.

Figure 5‑61: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Ensure the Force L4 checkbox is clear.

b)Ensure the Transparency checkbox is clear.

c)Select Source IP Address as the Persistence Mode.

d)Select 20 Minutes as the Persistence Timeout.

e)Select least connection as the Scheduling Method.

f)Enter 1800 in the Idle Connection Timeout and click Set Idle Timeout.

Figure 5‑62: Real Servers section

  1. Expand the Real Servers section and select the following options:

a)Select TCP Connection Only in the Real Server Check Parameters drop-down menu.

b)Enter 5061 in the Checked Port field and click Set Check Port.

5.2.11.5Lync Edge External Conferencing Virtual Service

To configure a Virtual Service for Lync Edge External Conferencing, follow the steps below:

  1. Click the Add New button.

Figure 5‑635‑64: Add New VS screen

  1. Enter a Virtual Address.
  2. Enter 443 in the Port field.
  3. Enter a recognisable Service Name, for example Lync Edge External Conferencing.
  4. Ensure that tcp is set as the Protocol.
  5. Click Add This Virtual Service.

Figure 5‑655‑66: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Ensure the Force L4 checkbox is clear.

b)Ensure the Transparency checkbox is clear.

c)Select Source IP Address as the Persistence Mode.

d)Select 20 Minutes as the Persistence Timeout.

e)Select least connection as the Scheduling Method.

f)Enter 1800 in the Idle Connection Timeout and click Set Idle Timeout.

Figure 5‑675‑68: Advanced Properties section

  1. Expand the Advanced Properties section.
  2. Enter https://%h%s in the Redirection URL field and click Add HTTP Redirector.

Figure 5‑695‑70: Real Servers section

  1. Expand the Real Servers section and select the following options:

a)Select TCP Connection Only in the Real Server Check Parameters drop-down menu.

b)Enter 443 in the Checked Port field and click Set Check Port.

5.2.11.6Lync Edge External AV Media TCP Virtual Service

To configure a Virtual Service for Lync Edge External AV, follow the steps below:

  1. Click the Add New button.

Figure 5‑71: Add New VS screen

  1. Enter a Virtual Address.
  2. Enter 443 in the Port field.
  3. Enter a recognisable Service Name, for example Lync Edge External AV Media TCP.
  4. Ensure that tcp is set as the Protocol.
  5. Click Add This Virtual Service.

Figure 5‑72: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Ensure the Force L4 checkbox is clear.

b)Select the Transparency checkbox.

c)Select Source IP Address as the Persistence Mode.

d)Select 20 Minutes as the Persistence Timeout.

e)Select least connection as the Scheduling Method.

f)Enter 1800 in the Idle Connection Timeout and click Set Idle Timeout.

Figure 5‑73: Real Servers section

  1. Expand the Real Servers section and select the following options:

a)Select TCP Connection Only in the Real Server Check Parameters drop-down menu.

b)Enter 443 in the Checked Port field and click Set Check Port.

5.3Common to Both

The Virtual Services listed below are common to both DNS and HLB configurations.

5.3.1Lync Office Web App Servers Virtual Service

To configure a Virtual Service for Office Web App Servers, follow the steps below:

  1. Click the Add New button.

Figure 5‑745‑75: Add New VS screen

  1. Enter a Virtual Address.
  2. Enter 443 in the Port field.
  3. Enter a recognisable Service Name, for example Office Web App Servers.
  4. Ensure that TCP is set as the Protocol.
  5. Click Add This Virtual Service.

Figure 5‑76: SSL Properties section

  1. Expand the SSL Properties section and select the following options:

a)Select the Enabled check box.

b)Select the Reencrypt check box.

Figure 5‑77: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Select Super HTTP and Source IP as the Persistence Mode.

b)Select 30 Minutes as the Persistence Timeout.

c)Select least connection as the Scheduling Method.

d)Enter 1800 in the Idle Connection Timeout field and click Set Idle Timeout.

Figure 5‑785‑79: Advanced Properties section

  1. Expand the Advanced Properties section.
  2. Enter https://%h%s in the Redirection URL field and click Add HTTP Redirector.

Figure 5‑805‑81: Real Servers section

  1. Expand the Real Servers section and select the following options:

a)Select HTTPS Protocol in the drop-down menu.

b)Enter /hosting/discovery in the URL field and click Set URL.

c)Select the Use HTTP/1.1 checkbox.

d)Select GET as the HTTP Method.

5.3.2Lync Director Reverse Proxy HTTP Virtual Service

To configure a Virtual Service for Lync Reverse Proxy HTTP, follow the steps below:

  1. Click the Add New button.

Figure 5‑82: Add New VS screen

  1. Enter a Virtual Address.
  2. Enter 80 in the Port field.
  3. Enter a recognisable Service Name, for example Lync Director Reverse Proxy HTTP.
  4. Ensure that TCP is set as the Protocol.
  5. Click Add This Virtual Service.

Figure 5‑83: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Ensure the Force L4 checkbox is clear.

b)Ensure the Transparency checkbox is clear.

c)Select Source IP Address as the Persistence Mode.

d)Select 20 Minutes as the Persistence Timeout.

e)Select least connection as the Scheduling Method.

f)Enter 1800 in the Idle Connection Timeout field and click Set Idle Timeout.

Figure 5‑84: Real Servers section

  1. Expand the Real Servers section and select the following options:

a)Select TCP Connection Only in the drop-down menu.

b)Enter 5061 in the Checked Port field and click Set Check Port.

  1. Click the Add New … button to add a Real Server.

Figure 5‑85: Add Real Server

  1. Enter the Real Server Address for the Director(s).
  2. Enter 8080 as the port.

Ensure to not use 80 as the Real Server Port.

  1. Click the Add This Real Server button.

5.3.3Lync Director Reverse Proxy HTTPS Virtual Service

To configure a Virtual Service for Lync Reverse Proxy HTTPS, follow the steps below:

  1. Click the Add New button.

Figure 5‑86: Add New VS screen

  1. Enter a Virtual Address.
  2. Enter 443 in the Port field.
  3. Enter a recognisable Service Name, for example Lync Director Reverse Proxy HTTPS.
  4. Ensure that TCP is set as the Protocol.
  5. Click Add This Virtual Service.
  6. Expand the SSL Properties section.

Figure 5‑87: SSL Properties section

  1. Select the Enabled check box.
  2. Click OK.
  3. Select the Reencrypt checkbox.

Figure 5‑88: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Select Source IP Address as the Persistence Mode.

b)Select 20 Minutes as the Persistence Timeout.

c)Select least connection as the Scheduling Method.

d)Enter 1800 in the Idle Connection Timeout text box and click Set Idle Timeout.

Figure 5‑89: Real Servers section

  1. Expand the Real Servers section and select the following options:

a)Select TCP Connection Only in the drop-down menu.

b)Enter 5061 in the Checked Port field and click Set Check Port.

  1. Click the Add New … button to add a Real Server.

Figure 5‑90: Add a Real Server

  1. Enter the Real Server Address for the Director(s).
  2. Enter 4443 as the Port.

Ensure to not use 443 as the Real Server Port.

  1. Click the Add This Real Server button.

5.3.4Lync Front End Reverse Proxy HTTP Virtual Service

To configure a Virtual Service for Lync Reverse Proxy HTTP, follow the steps below:

  1. Click the Add New button.

Figure 5‑91: Add New VS screen

  1. Enter a Virtual Address.
  2. Enter 80 in the Port field.
  3. Enter a recognisable Service Name, for example Lync Front End Reverse Proxy HTTP.
  4. Ensure that TCP is set as the Protocol.
  5. Click Add This Virtual Service.

Figure 5‑92: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Ensure the Force L4 checkbox is clear.

b)Ensure the Transparency checkbox is clear.

c)Select Source IP Address as the Persistence Mode.

d)Select 20 Minutes as the Persistence Timeout.

e)Enter 1800 in the Idle Connection Timeout field and click Set Idle Timeout.

Figure 5‑93: Real Servers section

  1. Expand the Real Servers section and select the following options:

a)Select TCP Connection Only in the drop-down menu.

b)Enter 5061 in the Checked Port field and click Set Check Port.

  1. Click the Add New button to add a Real Server.

Figure 5‑94: Add Real Server

  1. Enter the Real Server Address for Front End Server(s).
  2. Enter 8080 as the port.

Please do not use 80 as the Real Server Port.

  1. Click the Add This Real Server button.

5.3.5Lync Front End Reverse Proxy HTTPS Virtual Service

To configure a Virtual Service for Lync Reverse Proxy HTTPS, follow the steps below:

  1. Click the Add New button.

Figure 5‑95: Add New VS screen

  1. Enter a Virtual Address.
  2. Enter 443 in the Port field.
  3. Enter a recognisable Service Name, for example Lync Front End Reverse Proxy HTTPS.
  4. Ensure that TCP is set as the Protocol.
  5. Click Add This Virtual Service.
  6. Expand the SSL Properties section.

Figure 5‑96: SSL Properties section

  1. Select the Enabled check box.
  2. Click OK.
  3. Select the Reencrypt checkbox.

Figure 5‑97: Standard Options section

  1. Expand the Standard Options section and select the following options:

a)Select Source IP Address as the Persistence Mode.

b)Select 20 Minutes as the Persistence Timeout.

c)Select least connection as the Scheduling Method.

d)Enter 1800 in the Idle Connection Timeout text box and click Set Idle Timeout.

Figure 5‑98: Real Servers section

  1. Expand the Real Servers section and select the following options:

a)Select TCP Connection Only in the drop-down menu.

b)Enter 5061 in the Checked Port field and click Set Check Port.

  1. Click the Add New … button to add a Real Server.

Figure 5‑99: Add a Real Server

  1. Enter the Real Server Address for Front End Server(s).
  2. Enter 4443 as the Port.

Do not use 443 as the Real Server Port.

  1. Click the Add This Real Server button.

6Additional Information

Some additional information that may be of use is contained within the sections below.

6.1Server Maintenance

When blocking traffic to a server during maintenance, removing the server IP entry from the pool Fully Qualified Domain Name (FQDN) is not sufficient. The server entry must be removed from the DNS. As the server to server traffic is topology-aware, in order to block server to server traffic the server must be removed from the DNS topology.

6.2Loss of Failover while using DNS

Loss of failover when load balancing Edge pools using DNS is possible in the following scenarios:

  • Federation with organizations running OCS versions older than Lync 2010
  • PIM connectivity with Skype, Windows Live, AOL, Yahoo! and XMPP partners
  • UM Play on Phone functionality
  • Transferring calls from UM Auto Attendant

6.3Hardware Load Balancing

If hardware load balancing is being used, a list of the ports that must be open can be found here: http://technet.microsoft.com/en-us/library/gg398833.aspx

Hardware load balancing Edge servers requires N+1 Public IP addresses.

Refer to the two links below for further information on hardware load balancing:

References

The following sources are referred to in this document:

KEMP Technologies website

www.kemptechnologies.com

KEMP Technologies Documentation page

http://kemptechnologies.com/loadmaster-documentation.

MS Lync 2013 Single Pair Addendum, Deployment Guidehttp://www.kemptechnologies.com/documentation

Web User Interface (WUI), Configuration Guide

http://www.kemptechnologies.com/documentation

Virtual Services and Templates, Feature Description

http://www.kemptechnologies.com/documentation

Ports and Protocols for Internal Servers

http://technet.microsoft.com/en-us/library/gg398833.aspx

Port Summary - Scaled Consolidated Edge with Hardware Load Balancers

http://technet.microsoft.com/en-us/library/gg398739.aspx

Scaled Consolidated Edge with Hardware Load Balancers

http://technet.microsoft.com/en-us/library/gg398478.aspx

 

 

 

 

Document History

Date

Change

Reason for Change

Version

Resp.

Sep 2014

Updates made

Updates made to settings

1.11

LB

Nov 2014

Minor changes

Defects resolved

1.12

LB

Feb 2015

Minor changes

Added reference

1.13

LB

Apr 2015

Minor changes

Additional information added

1.14

LB

Sep 2015

Release updates

Updates for 7.1-30

3.0

LB

Dec 2015

Release updates

Updates for 7.1-32

4.0

LB

Jan 2016

Minor changes

Updated

5.0

LB

Mar 2016

Minor changes

Enhancement made

6.0

LB

July 2016

Release updates

Updates for 7.1.35

7.0

LB

Oct 2016

Release updates

Updates for 7.2.36

8.0

POC

Jan 2017

Minor changes

Enhancement made

9.0

LB

Was this article helpful?

0 out of 0 found this helpful

Comments