locked
Multiple Edge Server or another Edge Server for Internet RRS feed

  • Question

  • I have an existing LYNC2010 Front-end, with internal office users and an Edge server connected to our WAN link towards another office location and it is working fine.

    Now, they want to include/allow connectivity thru Internet. I initially re-configured the topology to add another Edge server dedicated for Internet use. However, when doing the topology, it warns that the association between the FE and Edge1 will be transfered to Edge2. I'm afraid that the Edge1 association will be disconnected.  

    Is it possible to have to Edge Servers pointing to a single FE, where Edge1 is for WAN to another office while Edge2 is for Internet with public IP and public cert?  Thanks for your thoughts!   Valerio

    Friday, January 4, 2013 6:09 AM

Answers

  • No, a front end is configured for solely 1 Edge server or Edge Pool.

    My question is why do you have/need an Edge server for your WAN connection? Can you route those users from the other office to use the Edge server connected to your Internet line? It will certainly shift some of your bandwidth to your Internet line and off your WAN line (assuming they are different lines). Further, you will then have only 1 Edge to work with rather than 2.

    If you must have a second Edge server, I would recommend bringing up a second Lync server. Below is a sample topology of what that might look like where lync.distressler.com is connected to edge1.distressler.com and lync2.distressler.com is connecte dto edge2.distressler.com

    • Marked as answer by Barfbarf Thursday, January 10, 2013 9:56 PM
    Friday, January 4, 2013 9:47 PM
  • Hi,

    The Edge Server is dedicated for external user access.

    For multiple sites, the topology is recommended:

    http://technet.microsoft.com/en-us/library/gg398095(OCS.14).aspx

    In this case, deploying Lync Server in central site. If branch site has a resilient WAN connection to the central site that Lync Server resides, the users in branch site can sign in Lync Server directly(central site and branch site are in a single forest, domain preparation and certificate trust are required).

    If the branch office does not have a reliable wide area network (WAN) link to the central site, a Survivable Branch Appliance can be deployed there. With this deploying, if the WAN link goes down users at the branch site can still make and receive calls (both calls within the organization and PSTN calls), have voice mail functionality, communicate with two-party instant messaging (IM). Users can also be authenticated when the WAN link is unavailable as well.


    Kent Huang
    TechNet Community Support

    • Proposed as answer by Kent-Huang Monday, January 7, 2013 3:05 AM
    • Marked as answer by Barfbarf Thursday, January 10, 2013 9:56 PM
    Monday, January 7, 2013 3:05 AM

All replies

  • No, a front end is configured for solely 1 Edge server or Edge Pool.

    My question is why do you have/need an Edge server for your WAN connection? Can you route those users from the other office to use the Edge server connected to your Internet line? It will certainly shift some of your bandwidth to your Internet line and off your WAN line (assuming they are different lines). Further, you will then have only 1 Edge to work with rather than 2.

    If you must have a second Edge server, I would recommend bringing up a second Lync server. Below is a sample topology of what that might look like where lync.distressler.com is connected to edge1.distressler.com and lync2.distressler.com is connecte dto edge2.distressler.com

    Friday, January 4, 2013 9:47 PM
  • No, a front end is configured for solely 1 Edge server or Edge Pool.

    My question is why do you have/need an Edge server for your WAN connection? Can you route those users from the other office to use the Edge server connected to your Internet line? It will certainly shift some of your bandwidth to your Internet line and off your WAN line (assuming they are different lines). Further, you will then have only 1 Edge to work with rather than 2.

    If you must have a second Edge server, I would recommend bringing up a second Lync server. Below is a sample topology of what that might look like where lync.distressler.com is connected to edge1.distressler.com and lync2.distressler.com is connecte dto edge2.distressler.com

    • Marked as answer by Barfbarf Thursday, January 10, 2013 9:56 PM
    Friday, January 4, 2013 9:47 PM
  • Hi,

    The Edge Server is dedicated for external user access.

    For multiple sites, the topology is recommended:

    http://technet.microsoft.com/en-us/library/gg398095(OCS.14).aspx

    In this case, deploying Lync Server in central site. If branch site has a resilient WAN connection to the central site that Lync Server resides, the users in branch site can sign in Lync Server directly(central site and branch site are in a single forest, domain preparation and certificate trust are required).

    If the branch office does not have a reliable wide area network (WAN) link to the central site, a Survivable Branch Appliance can be deployed there. With this deploying, if the WAN link goes down users at the branch site can still make and receive calls (both calls within the organization and PSTN calls), have voice mail functionality, communicate with two-party instant messaging (IM). Users can also be authenticated when the WAN link is unavailable as well.


    Kent Huang
    TechNet Community Support

    • Proposed as answer by Kent-Huang Monday, January 7, 2013 3:05 AM
    • Marked as answer by Barfbarf Thursday, January 10, 2013 9:56 PM
    Monday, January 7, 2013 3:05 AM
  • thanks to both Kent and Flinchbot for the insights. I'm doing a labtest now on adding a second set of FE and Edge for connecting to Internet. I know that our topology is not the usual one. Our Asia office doesn't have any infrastructure servers, most are here in the US. We do have a dedicated 50mbps DS3 wan link between the office and most communications are between Asia and USA.

    We will be upgrading to Lync 2013, so is this the same topology change/addition, by joining a new set of LYNC servers for FE and Edge. we are talking with MS Marketing/Sales for the licenses.

    Valerio

    Tuesday, January 8, 2013 10:31 PM
  • Valerio,

    One thing you need to think of if you need it is media routing.  I actually recently went through something very similar to this where we had an pool/edge that was pointed towards a MPLS WAN and they wanted to add an internet facing edge so another front-end pool was created.

    If you need to support media between users on Pool A (Internet Pool) and Pool B (WAN Pool) you will have issues if both edge servers aren't accessible from the internet.  What will end up happening is external users on Pool A will be advertising a public IP that users on Pool B will never be able to connect and media will fail.

    Just something to make sure to test.

    Thanks,

    Richard


    Richard Brynteson, Avtex, Lync MCM, Blog - www.masteringlync.com

    Wednesday, January 9, 2013 5:46 AM
  • Hi Richard,

    Thanks for bringing this up. Yes it makes sense that if External users are advertising/sharing thru Public IP,  internal users may not be able to route to it.  So far, we haven't had that requirement. Most usage is on video conference and desktop sharing, users are not allowed to pass information or any media due to data sensitivity issues. Actually, we should be blocking media routing rather than allowing it.

    Which ports do you think are required for media routing? We may not need this but it's good to know, so we won't be surprised if somebody complains (we'll just say the usual...it's not supported..or it's blocked).

    The Internet facing Edge is now operational and Internet based satellite offices can now make use of the connection. We actually prefer our external users go via WAN; the internet as an alternative. Only those sites that doesn't have WAN will use this new Edge Server.

    Valerio

    Thursday, January 10, 2013 9:51 PM
  • Hi Richard,

    Thanks for bringing this up. Yes it makes sense that if External users are advertising/sharing thru Public IP,  internal users may not be able to route to it.  So far, we haven't had that requirement. Most usage is on video conference and desktop sharing, users are not allowed to pass information or any media due to data sensitivity issues. Actually, we should be blocking media routing rather than allowing it.

    Which ports do you think are required for media routing? We may not need this but it's good to know, so we won't be surprised if somebody complains (we'll just say the usual...it's not supported..or it's blocked).

    The Internet facing Edge is now operational and Internet based satellite offices can now make use of the connection. We actually prefer our external users go via WAN; the internet as an alternative. Only those sites that doesn't have WAN will use this new Edge Server.

    Valerio

    Hi

    What is referred as MEDIA is Audio and Video

    AV Edge will have an external address published and connections will not be possible between 2 edge servers.

    Your requirements state video conference feature is required which means you will need to re-arrange your proposed configuration.

    Regards

    Thursday, January 24, 2013 10:54 AM