DEPLOYMENT GUIDELoad Balancing Microsoft Lync2010/2013v1.8.1Deployment Guide

Contents1. About this Guide. 42. Appliances Supported. 43. Software Versions Supported. 44. Microsoft Lync Software Versions Supported. 45. Microsoft Lync. 5Microsoft Lync Editions.5Standard Edition. 5Enterprise Edition. 56. Microsoft Lync & 57. Microsoft Lync Server Roles. 58. Load Balancing Lync. 8Load Balancing Methods Supported.8DNS Load Balancing. 8Hardware Load Balancing (HLB). 8Load Balanced Appliance Considerations.9Load Balancer Deployment Mode. 9Persistence (aka Server Affinity). 9TCP Timeout Settings. 10Reverse Proxy Server. 10Additional Details.109. Load Balanced Ports/Protocols. 11Front End Servers.11Required. 11Optional. 11Director Servers.12Required. 12Optional. 12Edge Servers (Internal Access).12Edge Servers (External Access).1210. Deployment Architecture. test Environment.13One-arm Vs Two-arm.14Front End Pool – the Details.15Director Pool – the Details.16Internal Edge – the Details.17External Edge – the Details.18Lync Topology Builder.19DNS Configuration.1911. Appliance – the Basics. 21Virtual Appliance Download & Deployment.21Initial Network Configuration.21Accessing the Web User Interface (WebUI).212 Copyright [email protected]

HA Clustered Pair Configuration.2312. Appliance Configuration for Lync. 24STEP 1 – Configure Layer 7 Global Settings.24STEP 2 – Configuring the Load Balanced Front End Services.24Virtual Service (VIP) List. 24Configuring the FrontEndPool VIP. 25Configuring the FePoolExtWebSvcs8080 VIP. 26Configuring the FePoolExtWebSvcs4443 VIP. 27STEP 3 – Configuring the Load Balanced Director Services.31Virtual Service (VIP) List. 31Configuring the DirectorPool VIP. 31Configuring the DirPoolExtWebSvcs8080 VIP. 33Configuring the DirPoolExtWebSvcs4443 VIP. 34STEP 4 – Configuring the Load Balanced Edge Pool Services (Internal).38Virtual Service (VIP) List. 38Virtual Service (VIP) Configuration. 38Real Server (RIP) Configuration. 39STEP 5 – Configuring the Load Balanced Edge Pool Services (External).40Virtual Service (VIP) List. 40Virtual Service (VIP) Configuration. 40Real Server (RIP) Configuration. 41STEP 6 – Finalizing the Configuration.4213. Testing & Validation. 43Client connections bypass the load balancer.43Taking Servers Offline.43Microsoft Lync Testing Tool.43Lync Diagnostics Tools.43Wireshark Protocol Analyzer.44Other Useful Resources.4414. Technical Support. 4415. Further Documentation. 4416. Conclusion. 4517. Appendix. 461 – Clustered Pair Configuration – Adding a Slave Unit.462 – Configure Reverse Proxy VIPs.4818. Document Revision History. 513 Copyright [email protected]

1. About this GuideThis guide details the steps required to configure a load balanced Microsoft Lync 2010 / 2013 environment appliances. It covers the configuration of the load balancers and also any Microsoft Lync 2010 / 2013configuration changes that are required to enable load balancing.For more information about initial appliance deployment, network configuration and using the Web User Interface(WebUI), please also refer to the relevant Administration Manual: v7 Administration Manual v8 Administration Manual2. Appliances SupportedDue to the number of Virtual Services (VIPs) required for Lync, the Enterprise R16 & R20 are not supported. All othermodels can be used with Lync as listed below:Discontinued ModelsCurrent Models *Enterprise VAEnterprise MAXEnterprise R320Enterprise 10GEnterprise 40GEnterprise UltraEnterprise VA MAXEnterprise AWS **Enterprise AZURE **Enterprise GCP *** For full specifications of these models please refer to:** Some features may not be supported, please check with support3. Software Versions Supported V7.6.4 and later4. Microsoft Lync Software Versions Supported Microsoft Lync 2010 – all versions Microsoft Lync 2013 – all versions4 Copyright [email protected]

5. Microsoft LyncMicrosoft Lync is an Enterprise level real-time communications server, providing the infrastructure for enterprise instantmessaging, presence, file transfer, peer-to-peer and multiparty voice and video calling, ad-hoc and structuredconferences (audio, video and web) and PSTN (Public Switched Telephone Network) connectivity. These features areavailable within an organization, between organizations, and with external users on the public internet, or standardphones, using the PSTN or via SIP trunking.Microsoft Lync EditionsStandard EditionStandard Edition server is designed for small organizations, and for pilot projects of large organizations. It enables manyof the features of Lync, including the necessary databases, to run on a single server. This enables you to have LyncServer functionality for a lesser cost, but does not provide a true high-availability solution.Enterprise EditionFor a high-availability solution Lync Enterprise Edition is required. Load balancing is required to load balance the FrontEnd pools, Director pools and Edge Server pools.6. Microsoft Lync & Loadbalancer.orgDeploying Microsoft Lync with appliances enables organizations to create a feature rich highly resilientsolution that ensures that wherever staff are located and however they connect, they can depend on a platform thatallows seamless communications wherever and whenever needed using the communications medium of their appliances are configured to present a series of Virtual Services (VIPs). These VIPs become theconnection points for internal and external clients. The load balancer is then able to distribute requests to the Lyncservers that make up the various pools.7. Microsoft Lync Server RolesSystem functionality is split into multiple roles as shown in the following table. For the Standard edition, all roles areinstalled on a single server, for the Enterprise edition, roles can be distributed across multiple servers depending on thenumber of end-users, server performance and HA requirements.The table also summarizes the scalability, HA & co-location options for each role.RoleDetailsFront End ServerPurpose: As the core server role, the Front End Server runs many Lync Server services. Thisrole along with the back-end SQL server are the minimum required roles for Lync.Scalability: Each front end server can support up to 10,000 users. When configured in a pool,up to 80,000 users are supported.High Availability: Use a pool of servers with a load balancer.5 Copyright [email protected]

Back End ServerPurpose: The back-end SQL Server hosts various databases to keep track of Lync'sconfiguration and state information.Scalability: Microsoft recommends using an SQL cluster for high availability.High Availability: Use clustering/Mirroring techniques.A/V ConferencingServerPurpose: Provides Audio/Visual conferencing functionality to Lync clients.Scalability: Microsoft recommends a separate dedicated server for more than 10,000 users.Each dedicated A/V server supports up to 20,000 users.High Availability: Use a pool of servers (no load balancer is required).Co-location: By default this role is co-located with the Front End Server, but can also bedeployed separately.Edge ServerPurpose: Enables users to communicate and collaborate with users outside the organization’sfirewalls. These external users can include the organization’s own users who are currentlyworking off-site, users from federated partner organizations, and outside users who have beeninvited to join conferences hosted on your Lync Server deployment. This role also enablesconnectivity to public IM connectivity services, including Windows Live, AOL, and Yahoo!.Scalability: One Edge Server for every 15,000 users who will access a site remotely. As aminimum, Microsoft recommend two Edge Servers for high availability.High Availability: Use a pool of servers with a load balancer.Mediation ServerPurpose: Enables Enterprise Voice and dial-in conferencing. Mediation Server translatessignaling and, in some configurations, media between your internal Lync Server infrastructureand a public switched telephone network (PSTN) gateway, IP-PBX, or a Session InitiationProtocol (SIP) trunk.Scalability: A dedicated Mediation Server supports up to 1200 users. Co-located with a FrontEnd Server, it supports up to 226 users.High Availability: Use a pool of servers with a load balancer.Co-location: By default this role is co-located with the Front End Server, but can also bedeployed separately, which for larger deployments making a large number of calls isrecommended.Monitoring ServerPurpose: This role collects data from the Lync infrastructure and allows administrators to runreports. This information can help to provide the best possible media experience for users and6 Copyright [email protected]

maximize the return on investment of your deployment as well as helping to plan future growth.Scalability: One physical Monitoring Server can support up to 250,000 users if not co-locatedwith Archiving Server. If co-located, it can support up to 100,000 users.High Availability: Use a standby server (messages are queued on the Front-End servers if afailure occurs).Co-location: Can be co-located with Archiving Server.Archiving ServerPurpose: Enables archiving of IM communications and meeting content for compliancereasons. If you do not have legal compliance concerns, you do not need to deploy ArchivingServer.Scalability: One physical Archiving Server can support up to 500,000 users if not co-locatedwith Monitoring Server. If co-located, it can support up to 100,000 users.High Availability: Use a standby server (messages are queued on the Front-End servers if afailure occurs).Co-location: Can be co-located with Monitoring Server.Director ServerPurpose: This is a required role when Edge Servers are deployed. In this case Directorauthenticates the external users, and then passes their traffic on to the internal servers.Directors are also deployed with Front End pools to streamline authentication requests andimprove performance. In this scenario, all requests go first to the Director, which then routesthem to the correct Front End pool.Scalability: One Director for every 15,000 users who will access a site remotely. As a minimum,Microsoft recommend two Directors for high availability.High Availability: Use a pool of servers with a load balancer.7 Copyright [email protected]

8. Load Balancing LyncNote: It's highly recommended that you have a working Lync environment first before implementing the loadbalancer.Load Balancing Methods SupportedMicrosoft Lync supports two types of load balancing solutions: Domain Name System (DNS) load balancing andHardware Load Balancing (HLB).DNS Load BalancingLync DNS load balancing is typically implemented at the application level. When the application (for example, a Lyncclient) queries DNS for the pool members IP address, all member addresses are returned. Then, the client attempts toestablish a TCP connection to one of the IP addresses. If that fails, the client tries the next IP address in the cache. If theTCP connection succeeds, the client negotiates TLS to connect to the Front End Server. If it gets to the end without asuccessful connection, the user is notified that no servers running Lync Server are available at the moment.It's not possible to use DNS load balancing for client to server HTTP/HTTPS traffic because these are session stateoriented protocols. In this case a Hardware Load Balancer must be used.Hardware Load Balancing (HLB)As mentioned above, hardware based load balancing is required for Web traffic. Therefore it's possible to use a HLB in ahybrid mode where the HLB balances web traffic and DNS load balancing is used for all other services, or in exclusivemode where the HLB is used to balance all services.Note: The configuration presented in this manual uses hardware load balancing for all load balanced services.Load Balanced RolesThe following pools/servers require load balancing:The Enterprise Pool with multiple Front End Servers: The hardware load balancer serves as the connectivity point tomultiple Front End Servers in an Enterprise pool. For Web Services, the simple URLs can either be directed at the FrontEnd Servers or the Director Servers. However, when Director Servers are

5. Microsoft Lync Microsoft Lync is an Enterprise level real-time communications server, providing the infrastructure for enterprise instant messaging, presence, file transfer, peer-to-peer and