Hi All,

We are planning to deploy lync 2013 enterprise in a two site (pool) deployment. Both the sites are separated by a WAN link.

Our primary SIP domain is xyz.com

For site A, we have

1) A pool name siteApool.xyz.com

2) 2 FEs name siteAfe001.xyz.net and siteAfe002.xyz.net

3) A edge for external access siteAedge

For site B, we have

1) A pool name siteBpool.xyz.com

2) A FE name siteBfe001.xyz.net

Site B users will use the edge at site A for external access.

As per the r&d we know that following records are required for external access 

• Access/webcon/av.xyz.com
• _sip_tls.xyz.com

Apart from that we also need following service URL records as well

• dialin.xyz.com
• meet.xyz.com
• admin.xyz.com
• sip.xyz.com

Our problem starts here and because we only manage xyz.net dns not the xyz.com dns (its is our public dns), which rises two questions -

1) As both the internal and external users are going to use same service url records (dailin/meet/admin/sip.xyz.com), how can we make sure that when a user uses lync on office LAN the service urls will be resolved by xyz.net dns and will not get routed to xyz.com (public dns) for dns resolution.

2) As i told we have a two site deployment and we need common service url records (dailin/meet/admin/sip.xyz.com) to be used by user at both site , how can i make sure that when a user at site A ask for dailin/meet/admin/sip.xyz.com it gets routed to siteApool.xyz.com and when a user at site B ask for dailin/meet.xyz.com it gets routed to siteBpool.xyz.com. We need such functionality to save unnecessary WAN traffic.

Please help me to figure out the most suitable design.

Thanks,

Mohit Taneja

Hi Mohit,

thanks for the detailed description, makes helping out easier.

1. The easiest method of sorting your internal DNS is by adding a xyz.com DNS zone internally (aka split-brain DNS). If you cant do split then you can use UPN masking - warning, this is often allot more tricky)

2. For Web Services you need one publishing rule for each Standard Edition server\Front End pool. For Simple URL's a single publishing rule will suffice and the Lync Front Ends will re-direct the user to the server its homed to.

Simple URLs are meet\dialin\admin

See http://technet.microsoft.com/en-nz/library/gg398069.as

Hi Paul,

1) We are not going to use split brain dns and UPN marking can make more problems. Can you suggest an alternate solution?

I am not good in DNS part and i need advice to overcome this hurdle.

2) Indeed lync will redirect the user to appropriate pool but imagine if users is on site A and the request is going to sit B pool over the WAN link and then site B pool redirect it to site A over the WAN link, this will cause unnecessary congestion on the LAN and also going to effect the performance. I need a solution or configuration to make sure the site A user will get to site A pool only until unless the respective site is down and the same will happen for site B users.

Thanks,

Mohit

Understood,

1) Ultimatly you need to resolve the required FQDN's. DNS is the answer, my previous suggestions are it as far as internal DNS goes. If you cant add the required entries to DNS then you wont be able to proceed.

2) The redirected traffic is tiny and should hardly be noticed on the WAN, certainly less than any Lync audio, video and content between users across the pools. That said your internal DNS at each site (meet\dialin) could point to the local pool only to avoid this traffic concern. 

Hi Mohit Taneja,

Some additional information.

About the DNS requirements, you could refer to the following article.

http://technet.microsoft.com/en-us/library/gg398082.aspx

About the network traffic, it depends on where exactly the user is hosted. Central site does not decide the media traffic . If user is hosted in site-B and organize the meeting , media has to travel via WAN if you dont have edge server in site-B.

Best regards,

Eric

Hi,

I am still not able to understand this.

We are not managing xyz.com dns, what we need if an internal user request for meet.xyz.com the internal dns would do the dns resolution and route it to appropriate pool instead of re-directing the request to external dns which would route the traffic through internet.

Please help me. Its becoming a bottleneck for the deployment

Thanks,

Mohit Taneja

Hi Mohit, You could add a PinPoint DNZ zone in xyz.net DNS zone. you would need to add external dns you want to resolve internally such as meet.xyz.com zone and resolve it the internal IP address of the servers. This could be a VIP on a load balancer if using Enterprise Edition with multiple FEs (3 recommended) or single server if using Standard Edition. Hope this helps, Martin