Correct configuration of DNS is key to a usable and stable Lync deployment.
- To discover internal servers or pools for server-to-server communications.
- To allow clients to discover the Front End pool or Standard Edition server used for various SIP transactions.
- To allow unified communications (UC) devices that are not logged on to discover the Front End pool or Standard Edition server running Device Update Web Service, obtain updates, and send logs.
- To allow Ext servers and clients to connect to Edge Servers or the HTTP reverse proxy for instant messaging (IM) or conferencing.
- To allow Ext UC devices to connect to Device Update Web service through Edge Servers or the HTTP reverse proxy and obtain updates.
Standard Edition Server
- An Internal A record that resolves the fully qualified domain name (FQDN) of the server to its IP address.
- A set of Internal A records that resolve the FQDN of the pool to the IP address of each server in the pool. There must one A record for each server in the pool.
- An A record that lists all the deployed Front End Servers
- An A record (separate to the pool record) that points to the VIP of the hardware load balancer, this is used for the pool's Web Services
- An Internal A record that resolves the fully qualified domain name (FQDN) of the Front End pool to the virtual IP (VIP) address of the load balancer.
- _sipInternaltls._tcp.<domain> e.g. An SRV record for _sipInternaltls._tcp.contoso.com domain over port 5061 that maps to pool01.contoso.com
- An Internal A record with the name ucupdates-r2.<SIP domain> that resolves to the IP address of the Front End pool (or Standard Edition Service) that hosts the Device Update Web service.
- Refer to the blog post on SimpleURLs here
Standard Edition Server
| Function | Record Type | Entry | Value | Int / Ext |
| Automatic Client Sign-in | SRV 5061 | _sipInternaltls._tcp.contoso.com | Pool01.contoso.com | Int |
| Server/Pool discovery | A | Pool01.contoso.com | 192.168.6.1 | Int |
| Device Update Web Service | A | ucupdates-r2.contoso.com | 192.168.6.1 | Int |
| Time Server | SRV 123 | _ntp._udp.contoso.com | DC.contoso.com | Int |
| Simple URL (Meet) | A | Meet.contoso.com | 192.168.6.1 | Int |
| Simple URL (Dial-in) | A | Dial-in.contoso.com | 192.168.6.1 | Int |
| Simple URL (Admin) | A | Admin.contoso.com | 192.168.6.1 | Int |
| Edge Internal | A | Lsedge.contoso.com | 10.2.2.1 | Int |
| Ext TLS connections | SRV 443 | _sip._tls. contoso.com | access.contoso.com | Ext |
| SIP Access Edge Ext interface | A | access.contoso.com | 10.1.2.1 | Ext |
| Web Conferencing Edge Ext interface | A | webcon.contoso.com | 10.1.2.2 | Ext |
| A/V Edge Ext interface | A | av.contoso.com | 10.1.2.3 | Ext |
| Federation | SRV 5061 | _sipfederationtls._tcp.contoso.com | Access.contoso.com | Ext |
| Simple URL (Meet) | A | Meet.contoso.com | 10.1.2.4 | Ext |
| Simple URL (Dial-in) | A | Dial-in.contoso.com | 10.1.2.4 | Ext |
| Address Box etc. via Reverse Proxy | A | Lsrp.contoso.com | 10.1.2.4 | Ext |
| Lync Web Services published via Reverse Proxy | A | lsweb-ext.contoso.com | 10.1.2.4 | Ext |
 |
| Internal DNS entries for Standard Edition Server |
 |
| External DNS entries for consolidated Edge |
Enterprise Pool (DNS Load Balancing)
| Function | Record Type | Entry | Value | Int / Ext |
| Automatic Client Sign-in | SRV 5061 | _sipInternaltls._tcp.contoso.com | Pool01.contoso.com | Int |
| Server/Pool discovery | A | Pool01.contoso.com | 192.168.6.1 192.168.6.2 192.168.6.3 | Int |
| Server access | A | LS01.contoso.com | 192.168.6.1 | Int |
| Server access | A | LS02.contoso.com | 192.168.6.2 | Int |
| Server access | A | LS03.contoso.com | 192.168.6.3 | Int |
| Web Services | A | Webcon.contoso.com | 192.168.6.10 | Int |
| Device Update Web Service | A | ucupdates-r2.contoso.com | 192.168.6.10 | Int |
| Time Server | SRV 123 | _ntp._udp.contoso.com | DC.contoso.com | Int |
| Simple URL (Meet) | A | Meet.contoso.com | 192.168.6.10 | Int |
| Simple URL (Dial-in) | A | Dial-in.contoso.com | 192.168.6.10 | Int |
| Simple URL (Admin) | A | Admin.contoso.com | 192.168.6.10 | Int |
| Edge Internal | A | Lsedge.contoso.com | 10.2.2.1 | Int |
| Ext TLS connections | SRV 443 | _sip._tls. contoso.com | access.contoso.com | Ext |
| SIP Access Edge Ext interface | A | access.contoso.com | 10.1.2.1 | Ext |
| Web Conferencing Edge Ext interface | A | webcon.contoso.com | 10.1.2.2 | Ext |
| A/V Edge Ext interface | A | av.contoso.com | 10.1.2.3 | Ext |
| Federation | SRV 5061 | _sipfederationtls._tcp.contoso.com | Access.contoso.com | Ext |
| Simple URL (Meet) | A | Meet.contoso.com | 10.1.2.4 | Ext |
| Simple URL (Dial-in) | A | Dial-in.contoso.com | 10.1.2.4 | Ext |
| Address Box etc. via Reverse Proxy | A | Lsrp.contoso.com | 10.1.2.4 | Ext |
| Lync Web Services published via Reverse Proxy | A | lsweb-ext.contoso.com | 10.1.2.4 | Ext |
 |
| Internal DNS entries for Enterprise Edition pool with DNS Load Balancing |
Enterprise Pool (HLB Load Balancing)
| Function | Record Type | Entry | Value | Int / Ext |
| Automatic Client Sign-in | SRV 5061 | _sipInternaltls._tcp.contoso.com | Pool01.contoso.com | Int |
| Server/Pool discovery | A | Pool01.contoso.com | 192.168.6.10 | Int |
| Server access | A | LS01.contoso.com | 192.168.6.1 | Int |
| Server access | A | LS02.contoso.com | 192.168.6.2 | Int |
| Server access | A | LS03.contoso.com | 192.168.6.3 | Int |
| Web Services | A | Webcon.contoso.com | 192.168.6.10 | Int |
| Device Update Web Service | A | ucupdates-r2.contoso.com | 192.168.6.10 | Int |
| Time Server | SRV 123 | _ntp._udp.contoso.com | DC.contoso.com | Int |
| Simple URL (Meet) | A | Meet.contoso.com | 192.168.6.10 | Int |
| Simple URL (Dial-in) | A | Dial-in.contoso.com | 192.168.6.10 | Int |
| Simple URL (Admin) | A | Admin.contoso.com | 192.168.6.10 | Int |
| Edge Internal | A | Lsedge.contoso.com | 10.2.2.1 | Int |
| Ext TLS connections | SRV 443 | _sip._tls. contoso.com | access.contoso.com | Ext |
| SIP Access Edge Ext interface | A | access.contoso.com | 10.1.2.1 | Ext |
| Web Conferencing Edge Ext interface | A | webcon.contoso.com | 10.1.2.2 | Ext |
| A/V Edge Ext interface | A | av.contoso.com | 10.1.2.3 | Ext |
| Federation | SRV 5061 | _sipfederationtls._tcp.contoso.com | Access.contoso.com | Ext |
| Simple URL (Meet) | A | Meet.contoso.com | 10.1.2.4 | Ext |
| Simple URL (Dial-in) | A | Dial-in.contoso.com | 10.1.2.4 | Ext |
| Address Box etc. via Reverse Proxy | A | Lsrp.contoso.com | 10.1.2.4 | Ext |
| Lync Web Services published via Reverse Proxy | A | lsweb-ext.contoso.com | 10.1.2.4 | Ext |
 |
| Internal DNS entries for Enterprise Pool using Hardware Load Balancing |
There are errors in your diagrams. For internal DNS, the box you have labeled "Reverse Proxy" should be "Edge server"
ReplyDeleteHi Mike,
ReplyDeleteI'm trying to get Lync on my iPhone, but it's asking me for all kinds of server and domain names, etc.
Is this different for every company? Any way I can find this out without contacting my company directly?
Thanks!
Wanted to say thank you a ton for this easy to follow outline. I couldn't wrap my head around Lync DNS until I found this! Thanks again.
ReplyDeleteI need know if DNS register of Lync Server Enterprise for DNS load balanced in:
ReplyDeleteWeb Services
ucupdates-r2.contoso.com
Meet.contoso.com
Dial-in.contoso.com
Admin.contoso.com
Is 192.168.6.10, about don`t VIP (virtual Ip), thanks.
Michael, I need know the best practice of Enterprise Dns load balancig about with you reference a VIP .....but it don`t have.
ReplyDeletethak`s
Do you need the following dns records if your simple url are lync.contoso.com/meet, lync.contoso.com/dialin, and lync.contoso.com/admin?
ReplyDeleteSimple URL (Meet) A Meet.contoso.com 192.168.6.10 Int
Simple URL (Dial-in) A Dial-in.contoso.com 192.168.6.10 Int
Simple URL (Admin) A Admin.contoso.com 192.168.6.10 Int
Hi,
ReplyDeletethere is an issue with my lync 2010, where users outside domain (working from home) NOT on vpn can make calls, but they can message. As soon as they connect to domain, it works fine.
please help. thx