locked
EDGE server SRV recrod RRS feed

  • Question

  • Hello all 

     running OCS 2007 R2 in a consolidated EDGE deploy. Once the EDGE server is configured and up and running, should i poing my SRV records for sipinternalstls to the EDGE server? currently its pointing to the front end server and everything works?

    Thanks 
    Bulls on Parade
    Monday, January 25, 2010 10:01 PM

Answers

  • Skipster,

    The _sipinternatls._tcp.domain.com record is typically used to point directly to your internal FE server.  This record is meant to be used by internal clients.  If you would like it is possible to send internal traffic through the edge server, however, in most cases you would want your internal traffic to go directly to your FE server.  This reduces latency on connections and causes less network utilization.

    For external user access you would typicall use the _sip._tls.domain.com and point that to your access edge's external name (such as sip.domain.com)

    Please have a look at:
    http://technet.microsoft.com/en-us/library/dd425167(office.13).aspx

    Including the "Planning for internal deployment" and "Planning for external user access" sections. 

    Hope this helps!

    -kp
    Kevin Peters blog: www.ocsguy.com MCITP: Enterprise Administration | MCTS:OCS | MCSE | MCSA | CCNA
    • Proposed as answer by Kevin Peters Tuesday, January 26, 2010 9:07 PM
    • Marked as answer by Gavin-Zhang Friday, February 5, 2010 9:22 AM
    Tuesday, January 26, 2010 1:40 AM
  • Typically you will want the external interface to have the default gateway and DNS servers assisgned.  In some deployments I've seen DNS servers in the DMZ with the edge server, if these exist I would use them, and I have even seen people use their internal DNS servers on the internal NIC ( I do not recommend this for security reasons).  You can also use a host file on the edge to get to the internal addresses it has access to.  The key thing is to make sure the edge server can resolve its public FQDNs to the proper public IPs.

    Hope this helps!

    -kp
    Kevin Peters blog: www.ocsguy.com MCITP: Enterprise Administration | MCTS:OCS | MCSE | MCSA | CCNA
    • Marked as answer by Gavin-Zhang Friday, February 5, 2010 9:22 AM
    Tuesday, January 26, 2010 9:07 PM
  • Hi skipster,
    Agree with Kevin.
    If you have two nics on the edge server, and you will configure three VIP on the external interface, you will need config the private ip for the external three VIPs, and make sure it is different ip subnetwork form the internal interface. Some link is very usefu in your last case, about how to use the NAT for A/V edge server.
    A good useful article for you
    http://blogs.pointbridge.com/Blogs/schertz_jeff/Pages/Post.aspx?_ID=78
    And you can refer to below how to confiure the DNS record for the external public IP
    http://technet.microsoft.com/en-us/library/dd425138(office.13).aspx

    Regards!
    gavin

    • Marked as answer by Gavin-Zhang Friday, February 5, 2010 9:22 AM
    Thursday, January 28, 2010 10:33 AM

All replies

  • Skipster,

    The _sipinternatls._tcp.domain.com record is typically used to point directly to your internal FE server.  This record is meant to be used by internal clients.  If you would like it is possible to send internal traffic through the edge server, however, in most cases you would want your internal traffic to go directly to your FE server.  This reduces latency on connections and causes less network utilization.

    For external user access you would typicall use the _sip._tls.domain.com and point that to your access edge's external name (such as sip.domain.com)

    Please have a look at:
    http://technet.microsoft.com/en-us/library/dd425167(office.13).aspx

    Including the "Planning for internal deployment" and "Planning for external user access" sections. 

    Hope this helps!

    -kp
    Kevin Peters blog: www.ocsguy.com MCITP: Enterprise Administration | MCTS:OCS | MCSE | MCSA | CCNA
    • Proposed as answer by Kevin Peters Tuesday, January 26, 2010 9:07 PM
    • Marked as answer by Gavin-Zhang Friday, February 5, 2010 9:22 AM
    Tuesday, January 26, 2010 1:40 AM
  • Thanks very much for the information, can you tell me what nic on the EDGE server has the DNS settings specified in tcp/ip? I have two nics external and internal

    Thanks again
    Bulls on Parade
    Tuesday, January 26, 2010 5:30 AM
  • Typically you will want the external interface to have the default gateway and DNS servers assisgned.  In some deployments I've seen DNS servers in the DMZ with the edge server, if these exist I would use them, and I have even seen people use their internal DNS servers on the internal NIC ( I do not recommend this for security reasons).  You can also use a host file on the edge to get to the internal addresses it has access to.  The key thing is to make sure the edge server can resolve its public FQDNs to the proper public IPs.

    Hope this helps!

    -kp
    Kevin Peters blog: www.ocsguy.com MCITP: Enterprise Administration | MCTS:OCS | MCSE | MCSA | CCNA
    • Marked as answer by Gavin-Zhang Friday, February 5, 2010 9:22 AM
    Tuesday, January 26, 2010 9:07 PM
  • Hi skipster,
    Agree with Kevin.
    If you have two nics on the edge server, and you will configure three VIP on the external interface, you will need config the private ip for the external three VIPs, and make sure it is different ip subnetwork form the internal interface. Some link is very usefu in your last case, about how to use the NAT for A/V edge server.
    A good useful article for you
    http://blogs.pointbridge.com/Blogs/schertz_jeff/Pages/Post.aspx?_ID=78
    And you can refer to below how to confiure the DNS record for the external public IP
    http://technet.microsoft.com/en-us/library/dd425138(office.13).aspx

    Regards!
    gavin

    • Marked as answer by Gavin-Zhang Friday, February 5, 2010 9:22 AM
    Thursday, January 28, 2010 10:33 AM