microsoft ® lync™ server 2010 high availability and resiliency module 12 microsoft corporation

Microsoft Lync Server 2010 High Availability and Resiliency Module 12 Microsoft Corporation

Session Objectives and Takeaways Session Objectives: Resiliency Architecture Branch Office Resiliency Data Center Resiliency Takeaways: Microsoft Lync Server 2010 Architecture provides High Availability for Voice services Survivable Branch Appliance built by UC partners delivers Voice High Availability for branch users Metropolitan Data Center Resiliency delivers High Availability for all UC modalities across datacenters separated by high bandwidth & low latency Voice Data Center Resiliency delivers Voice High Availability across geo-dispersed datacenters 2

Agenda Main Concepts High Availability Branch Office Resiliency Data Center Voice Resiliency Metropolitan Data Center Resiliency 3

Main Concepts 4

Survivable Branch Appliance (SBA) A purpose-built appliance optimized to provide resilient multi-modal communication for maximizing branch office user productivity 5 PSTN WAN Data Center Lync Pool Edge Server SBA Branch Office ComponentsFunctionalityGo-To Market Windows Server 2008 R2 Mediation Server Registrar PSTN Gateway Normal/Failover mode SIP Registrar SIP Proxy and Routing engine PSTN connectivity Voicemail routing PSTN re-routing Centrally provisioned Up to 1000 user support OEM (Embedded channel) 5 partners Audiocodes Dialogic Ferrari HP NET

Terminology DNS Load Balancing (DNS LB) is NOT the same as DNS Round Robin (DNS RR) DNS RR: DNS Server is configured for Round Robin and returns a list of IP addresses for a Pool FQDN in different order Pool.contoso.com resolves to IP1, IP2, IP3 DNS Server replies to 1 st Query with (IP1, IP2, IP3) DNS Server replies to 2 nd Query with (IP2, IP1, IP3) DNS Server replies to 3 rd Query with (IP3, IP2, IP1) DNS Load balancing Lync Clients and Servers are able to understand multiple IP addresses (Ex: IP1, IP2, IP3) Clients failover if connectivity to one IP fails Servers failover as well as load balance traffic across these IPs DNS RR complements DNS Load Balancing 6

DNS Load Balancing Goals Simplify Hardware Load Balancer (HLB) Configuration Reduce dependence on HLB DNS LB supported for Internal Pool, Director Pool All Server-Server and Client-Server SIP traffic All Server-Server HTTP traffic Media traffic Support Draining of Applications Improve Load balancing of server-server traffic (Ex: Access Edge Director) Eliminating HLB is not a goal HLB still be required Client Server HTTP & HTTP(s) traffic (ABS, DLX, LIS, etc.) Edge High availability for PIC and legacy clients 7

Domain Name System Load Balancing Sample Configuration 8 For a Lync Server Pool ocspool1.contoso.com with 3 FEs: FE1, FE2, FE3 DNS FQDNDNS A Record IP Web VIP lyncweb1.contoso.com172.24.32.150 Poollyncpool1.contoso.com172.24.32.151 Poollyncpool1.contoso.com172.24.32.152 Poollyncpool1.contoso.com172.24.32.153 FEFE1.contoso.com172.24.32.151 FEFE2.contoso.com172.24.32.152 FEFE3.contoso.com172.24.32.153 DNS FQDNDNS A Record IP Pool VIP ocspool1.contoso.com172.24.32.150 FEFE1.contoso.com172.24.32.151 FEFE2.contoso.com172.24.32.152 FEFE3.contoso.com172.24.32.153 OCS 2007 R2 HLB - DNS ConfigurationLync Server 2010 DNS LB - DNS Configuration Pool DNS A Entries Machine DNS A Entries

Other Resiliency Enhancements DNS Based Load Balancing for Internal Pools Only Client Server HTTP traffic can be DNS Load Balanced All other traffic CANNOT be DNS Load Balanced Still require HLB for this traffic (NLB not supported) Draining: Ability to drain a server before taking the server down Session Dialog Resiliency for Conferencing User can still participate in a conference even if the FE the user is connected to goes down Client caches successful connections to Lync Server 2010 SIP Registrar, Media Relay Authentication Server ( MRAS)/Media Relay (MR) FQDN and IP 9

High Availability 10

High Availability in OCS 2007 / 2007 R2 Office Communications Server (OCS) 2007 and R2 Bobs Lync 2010 Bobs Phone Registration Routing Presence Conferencing Architecture: One monolithic Front End Service Dependency on single shared backend database (Registration, Routing, Presence, Conferencing) HLB required for all traffic 11

High Availability Lync Server 2010 Microsoft Lync Server 2010 Bobs Lync 2010 Bobs Phone User Services Database (Presence and Conferencing) Registrar Database HLB is optional for SIP traffic (DNS LB is recommended) HLB still required for client-server HTTP Traffic (Registration and Routing) 12 Architecture: Registrar Role (Registration and Routing). Each registrar has its own SQL Express database User Services Role (Presence and Conferencing) Registrar and User Services are collocated in the datacenter (but on different servers) All user end points register with same Front End Users are load balanced by Registrars using a Distributed Hash Algorithm Registrar can be installed in remote locations

Resiliency Architecture 13 Architecture: 1.Each user has a Primary Registrar Pool. Each Registrar Pool can have a Backup Registrar Pool 2.Users client discovers a Registrar Pool through DNS SRV. Directed to Primary & Backup Registrar Pool 3.Backup Registrar heart-beats Primary Registrar. If heart-beat not received within Configurable Failover Interval (default = 120 sec for branch offices), Backup starts accepting client registrations Registrar SBA Branch Office Joes Primary Registrar = SBA., User Services = EE Pool1 Data Center - EE Pool 1 Bobs Primary Registrar & User Services = EE Pool 1 Presence Conferencing Registrar (Registration & Routing) AD & DNS Data Center - EE Pool 2 Presence Conferencing Registrar (Registration & Routing) Alices Primary Registrar & User Services = EE Pool 2 AD & DNS Backup Registrar Pool Backup Registrar Pool

Branch Resiliency 14

Branch Resiliency Options 15 1000 500 Users 25 PSTN / WAN Small Branch (1000 users) Survivable Branch Server (or SE Server) AND Separate Media Gateway Medium Branch (25-1000 users) SBA Lync

Branch Client Registration Scenarios Normal Mode Users Register with SBA WAN Down No change SBA Down Users register with Backup Registrar Pool in the datacenter PSTN WAN PSTN Data Center Lync Server 2010 Pool Edge Server SBA WAN PSTN Data Center Lync Server 2010 Pool Edge Server SBA WAN 16 Signaling Lync Server 2010 Pool

Client Media and Signaling Paths WAN available PSTN Data Center Lync Server 2010 Pool Edge Server SBA WAN PSTN WAN PSTN Data Center Lync Server 2010 Pool Edge Server SBA WAN Intra-Branch calls Signaling/media dont traverse wide area network (WAN) SBA routes the call between the users Inter-Branch/ HQ calls Signaling/media traverse WAN SBA routes the call to the other cluster Branch PSTN calls SBA sends the call to Public Switched Telephone Network (PSTN) No WAN involved Media Signaling 17

Client Voice Media and Signaling Paths Key failure scenarios 18 Intra-Branch calls No impact on two party voice/video /IM/App sharing Audio conferencing possible (through PSTN) No Presence or Video conferencing Inter-Branch/ HQ calls SBA initiates PSTN re-routing Media is over PSTN (only voice) SBA Down Clients register with Backup Registrar Pool in datacenter All functionality driven by that pool over the WAN No loss in functionality PSTN Data Center Lync Server 2010 Pool Edge Server SBA WAN Gateway PSTN WAN PSTN Data Center Lync Server 2010 Pool Edge Server SBA WAN Gateway Media Signaling Lync Server 2010 Pool

Resilient Lync Server 2010 clients: Lync 2010, Attendant Console, Lync Phone Edition User Interface in Normal and Survivability Mode 19 Features Available when WAN Down PSTN Inbound and Outbound calls Intra-Site calls Inter site calls (PSTN Rerouting) Hold, Retrieve, Transfer Authentication, Authorization Voicemail Deposit (Redirect to Exchange UM in Data Center) Voicemail Retrieve (through PSTN) Call Forwarding, SimulRing Boss-Admin, Team-call Call Detail Records (CDR) All 2 Party Intra Site communications Audio Conferencing through PSTN Contact Search Features Unavailable Inter-site Data (IM, App Sharing, etc.) Conferencing (IM, Video and Web) Presence & DND based routing Modify Presence or Change Call Forwarding Settings Contact List Response Group and Call Park WAN Down Basic Voice Features Available WAN Down Basic Voice Features Available WAN Up All Features Available WAN Up All Features Available

Data Center Lync Server 2010 Enterprise Edition Pool Lync Server 2010 Director Branch Office SBA Bob AD DS & DNS 2. TLS to Director Pool. SIP Register 1. DNS SRV Query 3. https;//PoolFQDN/CertSvc 5. SIP Register 4. Certificate Replication 6. SIP-TLS Register 200 OK (Cert Auth) Client caches SBA FQDN And IP Address Branch Office: Lync Server 2010 Discovery Response: (Multiple) Director Pool FQDN Response: 401 Redirect to Cert Provisioning Response: 301 Redirect Primary: SBA FQDN, Backup: EE Pool FQDN IIS - IWA Auth Get Certificate 20 WAN

Data Center Lync Server 2010 EE Pool Lync Server 2010 Director AD DS & DNS WAN Branch Office Server Connectivity when WAN Is Down Branch Office Alice (new client) TLS to SBA FQDN SIP Register (Cert Auth) DHCP Server or Lync DHCP on SBA DHCP Options 120 Query SBA FQDN 200 OK SBA 21 Branch Office SBA Bob TLS to cached FQDN and IP SIP Register (Cert Auth) 200 OK

Data Center Voice Resiliency 22

Lync Server 2010 Pool. That Lync Server 2010 Pool directs client to primary and backup SIP registrar Client attempts connect to Primary Registrar Pool, if fails, connects to Backup Limited feature set available on failover Enable/Disable Automatic failover, Configurable Failover interval Automatic Failback, Configurable Failback interval (No manual failback. Workaround: Stop Front End Services on Primary Registrar pool servers) What happens if Primary Data Center cannot be restored? Features Available to Users In Case of Data Center Disaster PSTN Inbound calls (if Carrier offers this resiliency) PSTN Outbound calls Intra-Site calls and Inter site calls Hold, Retrieve, Transfer Authentication, Authorization 2 Party Intra Site Instant Messaging (IM) and Audio/Video (A/V) Call Detail Records (CDR) Call Forwarding, SimulRing Boss-Admin, Team-call Join conferences scheduled by users homed on other pool Features Unavailable Conferencing Auto Attendant (AA) (through PSTN) Schedule IM, A/V & Web Conferences Presence and Do Not Disturb (DND) based routing Updating Call Forwarding settings Response Group Service & Call Park Voicemail Deposit (Redirect to Exchange UM in the datacenter) Voicemail Retrieve (through PSTN) Data Center Voice Resiliency (EE) Failover to backup data center Failover Lync Server 2010 Edge1 Lync Server 2010 Pool 1 North America Data Center Lync Server 2010 Edge2 Lync Server 2010 Pool 2 Europe Data Center WAN Backup Registrar 23

SE Servers operate as separate systems Client DNS SRV request discovers (one or multiple) Lync Server 2010 SE. That Lync Server 2010 SE sever directs client to primary and backup SIP registrar Client attempts connect to Primary Registrar, if fails, connects to Backup Limited feature set available on failover Enable/Disable Automatic failover, Configurable Failover interval Automatic Failback, Configurable Failback interval (No manual failback. Workaround: Stop Front End Services on Primary Registrar servers) If Primary Data Center cannot be restored: Restore Central management Server in backup datacenter Restore other services including Presence, Conferencing by moving users to other Pool Data Center Voice Resiliency (SE) Failover to backup data center Failover WAN North America Data Center Europe Data Center 24 WAN Backup Registrar Features Available to Users In Case of Data Center Disaster PSTN Inbound calls (if Carrier offers this resiliency) PSTN Outbound calls Intra-Site calls and Inter site calls Hold, Retrieve, Transfer Authentication, Authorization 2 Party Intra Site Instant Messaging (IM) and Audio/Video (A/V) Call Detail Records (CDR) Call Forwarding, SimulRing Boss-Admin, Team-call Join conferences scheduled by users homed on other pool Features Unavailable Conferencing Auto Attendant (AA) (through PSTN) Schedule IM, A/V & Web Conferences Presence and Do Not Disturb (DND) based routing Updating Call Forwarding settings Response Group Service & Call Park Voicemail Deposit (Redirect to Exchange UM in the datacenter) Voicemail Retrieve (through PSTN) 24 Lync Server 2010 Edge1 Lync Server 2010 Pool 1 Lync Server 2010 Edge2 Lync Server 2010 Pool 2

1.Client DNS SRV request. Example: DNS SRV for _sipinternaltls._tcp.contoso.com 2.DNS SRV Response includes Lync Server 2010 Director Pool.contoso.com:5061 Priority=0, Weight=10 Pool2.contoso.com:5061 Priority=1, Weight=10 3.Client connects via TLS to Lync Server 2010 Director Pool. Sends SIP Register. Authenticates 4.Lync Server 2010 Director Pool redirects client. SIP 301 includes Primary & Backup Registrar pool 5.If Primary Registrar Pool is available, client connects and registers with it 6.Else client connects and registers with Backup Registrar Pool (Lync Server 2010 Pool 2) Data Center Voice Resiliency Failover to backup data center (discovery) Lync Server 2010 Edge1 Lync Server 2010 Edge2 Lync Server 2010 Pool 1 Lync Server 2010 Pool 2 WAN Lync Server 2010 Director Pool AD DS & DNS (1) (2) (3) (4) (5) (6) 25 Backup Registrar North America Data Center Europe Data Center

Metropolitan Data Center Resiliency 26

Metropolitan Data Center Resiliency Lync Server 2010 Pool extended across two data centers Lync Server 2010 pools operate as one logical system Split Front End pool across two datacenters (all FEs active) SQL Geo cluster for backend (Stretched Virtual Local Area Network (VLAN)) Data replication is done by storage arrays (Ex: EMC SRDF, HP CLX EVA) Requires low latency WAN (15 milliseconds) In one site is down, clients are serviced by FEs in other site Nearly all features available PSTN termination may affect inbound calls Failback has to be manually initiated Lync Server 2010 Edge FE 1-2 FE 3-4 Low-LatencyWAN NY Data CenterNJ Data Center Active SQL Passive SQL Features Available Depending on Ex-UM Deployment Voicemail Deposit Voicemail Retrieve Features Available to Users If One Data Center goes Down PSTN Inbound calls PSTN Outbound calls Intra-Site calls and Inter site calls Hold, Retrieve, Transfer Authentication, Authorization 2 Party Intra Site IM and A/V Call Detail Records (CDR) Call Forwarding, SimulRing Boss-Admin, Team-call Voice Apps (CAA, Response Group, Call Park) Conferencing (IM, A/V and Web) Presence and DND based routing Updating Call Forwarding settings 27

Metropolitan Data Center Resiliency Lync Server 2010 Pool extended across two data centers FE 1-2 FE 3-4 Low-LatencyWAN NY Data CenterNJ Data Center Active SQL Passive SQL Features Available Depending on Ex-UM Deployment Voicemail Deposit Voicemail Retrieve Features Available to Users If One Data Center goes Down PSTN Inbound calls PSTN Outbound calls Intra-Site calls and Inter site calls Hold, Retrieve, Transfer Authentication, Authorization 2 Party Intra Site IM and A/V Call Detail Records (CDR) Call Forwarding, SimulRing Boss-Admin, Team-call Voice Apps (CAA, Response Group, Call Park) Conferencing (IM, A/V and Web) Presence and DND based routing Updating Call Forwarding settings 28 DNS Server DNS Srv Pool.contoso.com Lync Server 2010 Edge

Survivable Branch Appliance 29

Survivable Branch Appliance 30 SBA Centrally Managed Sold and supported by UC partners Appliance form factor with Hardened Windows Server 2008 R2 Voice high availability for branches

Branch Data Center Survivable Branch Appliance Deployment Simple, easy, repeatable Technician connects to SBA-WEB based GUI IP Configuration SBA Drop Shipped w/ Software installed Join to Domain Start Lync Server 2010 services Finish GW Config Test PSTN Connectivity- Make/Receive call using Test User account AD Computer Lync Server 2010 Administrator (Data Center) Add SBA to Topology Move Users to SBA Enable Lync Server 2010 Replica SBA downloads topology & config Request/Assign Certs 31

SBA Central Management Centralizing move, add, changes 32 Survivable Branch Appliance Lync Server 2010 administrator (Data Center) Change Normalization Rules Change Routing Rules Change User Policies Lync Server 2010 Central Management Server Store Configuration Replicate to SBA Data Center Branch Replicated to the SBA

Survivable Branch Appliance Support and service SBA is supported and serviced by the SBA partner Windows Server Updates SBA partner can act as the gatekeeper OR Customers can deploy updates Microsoft Lync Server 2010 updates SBA partner will test and release product notice on whether a particular update can be applied on the SBA 33 Original equipment manufacturer (OEM) notified about impending Lync Server 2010 Updates OEM Downloads and tests the updates Compatibility issues Partner addresses the issue if any Partner notifies the customer on updates compatibility X-5 Biz Days Date X MSFT Update Date X MSFT Update X+30 Days

Survivable Branch Appliance Partner Solutions Audiocodes two form factor M1k 1U, 4E1/T1, redundant power supply MSBG-Firewall, Routing engine M2k 1U, 480 concurrent calls, redundant power supply Dialogic DMG 4000 1U, 4 E1/T1 Redundant power supply NET UX Series 1U, 8 E1/T1, Redundant power supply MSBG-Firewall, Routing engine Ferrari 1U, 4 E1/T1, Redundant Power supply HP Procurve Survivable Branch Appliance Module running on 54xx switch Chassis Redundant Power supply, 8 E1/T1, Layer 2 functionality 34 Audiocodes: Existing M1k and M2k gateways can be converted to SBA Dialogic: Existing DMG4000 Hybrid can be converted to SBA NET: New HW to support SBA. Migration plan for customers wanting to move to UX platform Ferrari: Existing R2 Hybrid gateway can be converted into SBA HP: Customers using ProCurve switches can convert it into a SBA by buying the module

Summary Lync Server 2010 Architecture provides High Availability for Voice services Survivable Branch Appliance built by UC partners delivers Voice High Availability for branch users Metropolitan Data Center Resiliency delivers High Availability for all UC modalities across datacenters separated by high bandwidth and low latency Voice Data Center Resiliency delivers Voice High Availability across geographically dispersed datacenters 35

Q&A 36

Appendix Survivable Branch Appliance Partners 37

Dialogic 4000 Media Gateway Series Survivable Branch Appliance Complete PBX, PSTN, IP and Fax Protocol Support Analog Foreign Exchange Office (FXO), Primary Rte Interface (PRI), Basic Rate Interface (BRI), Integrated Services Digital Network (ISDN), code access security (CAS), Q.SIG protocols SIP (RFC32XX), Microsoft SIP (TCP Transport), Microsoft Secure SIP: TLS T.30 (PSTN) Fax to T.38 (FoIP) Exclusive V.34 Fax / FoIP speed Exceeds Transcoding and Security Requirements Ready for Lync Server 2010 RTP: G.711, G.729, sRTP w/ TLS Robust Windows 2008 Server Platform Dual Xeon 3.0 Ghz processors offers more resource processing power for up to 120 UC sessions and more Dual redundant hard disk drives with redundant array of independent disks (RAID)-1 Dual power supply option Additional chassis slots for expanding TDM connectivity Value Added Software Options Centralized Management System Includes ESTOS CallControlGateway (5 licenses) Local Microsoft Shared Fax Server Included Support for Value Added 3rd Party Applications Dialogic 4000 Media Gateway Series (DMG4000) Broad Hybrid Gateway Product Line and Scalability 8 port, 8 channel FXO - Analog to SIP 8 port, 16 channel - BRI to SIP 24/30 channel - T1/E1 to SIP 48/60 channels - dual T1/E1 to SIP 96/120 channels - Quad T1/E1 to SIP Complete Support for Microsoft Unified Communications Qualified Hybrid Gateway for Office Communications Server 2007 R2 Performs Mediation Server Role Certified for Exchange Server 2010 Unified Messaging Ready for Lync Server 2010 Field Software Upgrade to Survivable Survivable Branch Appliance Performs Survivable Branch Appliance Server Role (Lync Server 2010 Release) Survivable Branch Appliance Survivability Features Local PSTN Connectivity Local Lync Server 2010 Wave 14 and Analog Endpoint Registration Alternative Routing Rules Active Directory Domain Services Look Up Flexible, Cost Effective Support for Analog Devices Support for Advanced Technology Attachments (ATAs) and Foreign Exchange Station (FXS) Gateways from Grandstream and Cisco Easy to deploy - 1, 2, 4, 8, 24 port solutions Low cost per port Interface for any number of Analog Devices Conference Phones, Fax Machines, Plain Old Telephone System (POTS), elevator phones, loading docks, checkout registers, paging systems, etc. 38

NET Survivable Branch Appliance 39 DescriptionQTY Channel DSP modules1- 6 USB ports2+2 Line Cards (rear)2 Gig-E Ports8+1 mgmt AC power supplies1 or 2 4 T1/E1 WAN Ports USB Ports Mgmt Port SFP Optical & Copper Ethernet Ports COM Express Interface (SBA) Indicator Lights Gig-E LAN/WAN ports Fans

Ferrari Survivable Branch Appliance + Unique hardware approach for Microsoft Lync Server 2010 SBA HP Server Hardware Certified for Windows Server 2008 R2 High performance, high availability, Integrated Lights Out (ILO) remote management Integrated Gateway Hardware: 4 analog ports, 4 digital interfaces: 4 BRI or 2 BRI/2 PRI, expandable PCIe Gateway card 100% self contained, using LAN-interface 40

HP Procurve Survivable Branch Appliance HP ProCurve ONE Services zl Module: Intel Core 2 Duo 250G HDD 2 x 10G Ethernet connections to network fabric Supported in zl series chassis: 5400zl for edge and branch (4U/7U) 8200 with high availability for core and distribution (9U) ProCurve Switch 8212z l PSTN Gateway Up to 8 T1/E1 ports Up to 4 FXS or FXO ports PSTN Gateway Up to 8 T1/E1 ports Up to 4 FXS or FXO ports 41

Audiocodes Survivable Branch Appliance Uniform Functionality, Manageability and Protocol Support 42

43 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. This document may contain information related to pre-release software, which may be substantially modified before its first commercial release. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, email address, logo, person, place or event is intended or should be inferred.

microsoft ® lync™ server 2010 high availability and resiliency module 12 microsoft corporation

Documents

hlb dns

ip3 dns server replies

load balancing of server

lync server pool

dns round robin dns

server traffic ex

microsoft lync server

dns load balancing goals