Article
01/30/2017

Step 1 Configure DNS Records for Your Edge Servers

Microsoft Office Communications Server 2007 and Microsoft Office Communications Server 2007 R2 will reach end of support on January 9, 2018. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.

Before you deploy your edge server topology, you must configure the required DNS records. The default port for external user access has changed from port 5061 to port 443. We recommend port 443 to ensure that connectivity from Office Communicator and the Live Meeting 2007 client to the server is not blocked by any external HTTP proxy servers or firewalls that do not allow connectivity to 5061.

To change the remote access port from 443 to 5061, you might need to make the following changes to your existing DNS records:

For external clients that allow Office Communications Server to configure their connection automatically, change your DNS SRV record for _sip._tls.<domain> that points to the external interface of the Access Edge Server to use port 443.
If your external clients are manually configured, you might need to change the external server name using the Group Policy object. For more information, see the Microsoft Office Communicator 2007 Planning and Deployment Guide.

Table 2 describes the DNS records that you must configure for the external interface and the internal interface of edge servers in the single-site edge topology and the scaled single-site edge topology. If you are deploying a different topology, see the Microsoft Office Communications Server 2007 Edge Server Deployment Guide. For information about configuring these DNS records, see the documentation for your DNS server.

The following table describes the DNS records that must be configured for the external interface and the internal interface of edge servers in the single-site edge topology.

Table 2 DNS Records for the Single-Site Edge Topology

Interface	Server	DNS Settings
External	Collocated Access Edge Server	An external SRV record for all Access Edge Servers for _sipfederationtls._tcp.<domain>, over port 5061 (where <domain> is the name of the SIP domain of your organization). This SRV should point to an A record with the external FQDN of the Access Edge Server. If you have multiple SIP domains, you need a DNS SRV record for each domain. This SRV record supports federation and public IM connectivity. A DNS SRV (service location) record for _sip._tls.<domain>, over port 443 where <domain> is the name of your organizations SIP domain. This SRV record must point to the A record of the Access Edge Server. If you have multiple SIP domains, you need a DNS SRV record for each domain. This SRV record supports external user access through Office Communicator and the Live Meeting client. Note Configuring multiple SRV records for the same SIP domain is not supported. If multiple DNS records are returned to a DNS SRV query, the Access Edge Server always picks the DNS SRV record with the lowest numerical priority and highest numerical weight. For each supported SIP domain in your organization, an external DNS A record for sip. <domain> that points to the external interface of the Access Edge Server and resolves to the external IP address on the firewall. If you have multiple SIP domains, you need a DNS A record for each. If a client cannot perform an SRV record lookup to connect to the Access Edge server, it uses this A record as a fallback. An external DNS A record that resolves the external FQDN of the Web Conferencing Edge Server to its external IP address.
	Reverse proxy	An external DNS A record that resolves the external Web farm FQDN to the external IP address of the reverse proxy. The client uses this record to connect to the reverse proxy.
	Access Edge Server	An internal DNS A record that resolves the internal FQDN of the Access Edge Server to its internal IP address.

External

Collocated Access Edge Server

An external SRV record for all Access Edge Servers for _sipfederationtls._tcp.<domain>, over port 5061 (where <domain> is the name of the SIP domain of your organization). This SRV should point to an A record with the external FQDN of the Access Edge Server. If you have multiple SIP domains, you need a DNS SRV record for each domain. This SRV record supports federation and public IM connectivity.

A DNS SRV (service location) record for _sip._tls.<domain>, over port 443 where <domain> is the name of your organizations SIP domain. This SRV record must point to the A record of the Access Edge Server. If you have multiple SIP domains, you need a DNS SRV record for each domain. This SRV record supports external user access through Office Communicator and the Live Meeting client.

Note

Configuring multiple SRV records for the same SIP domain is not supported. If multiple DNS records are returned to a DNS SRV query, the Access Edge Server always picks the DNS SRV record with the lowest numerical priority and highest numerical weight.

For each supported SIP domain in your organization, an external DNS A record for sip. <domain> that points to the external interface of the Access Edge Server and resolves to the external IP address on the firewall. If you have multiple SIP domains, you need a DNS A record for each. If a client cannot perform an SRV record lookup to connect to the Access Edge server, it uses this A record as a fallback.

An external DNS A record that resolves the external FQDN of the Web Conferencing Edge Server to its external IP address.

Reverse proxy

An external DNS A record that resolves the external Web farm FQDN to the external IP address of the reverse proxy. The client uses this record to connect to the reverse proxy.

Access Edge Server

An internal DNS A record that resolves the internal FQDN of the Access Edge Server to its internal IP address.

The following table describes the DNS records that must be configured for the external interface and the internal interface of edge servers in the scaled single-site edge topology.

Table 3 DNS Records for the Scaled Single-Site Edge Topology

Interface	Server	DNS Settings
External	Access Edge Server	An external SRV record for all Access Edge Servers for _sipfederationtls._tcp.<domain>, over port 5061 (where <domain> is the name of the SIP domain of your organization). This SRV should point to an A record that resolves the external FQDN of the Access Edge Server array to the VIP address used by the Access Edge Server array on the external load balancer. If you have multiple SIP domains, you need a DNS SRV record for each domain. This SRV record supports federation and public IM connectivity. A DNS SRV (service location) record for _sip._tls.<domain>, over port 443 where <domain> is the name of your organizations SIP domain. This SRV record must point to the A record of the Access Edge Server. If you have multiple SIP domains, you need a DNS SRV record for each domain. This SRV record supports external user access through Office Communicator and the Live Meeting client. Note Configuring multiple SRV records for the same SIP domain is not supported. If multiple DNS records are returned to a DNS SRV query, the Access Edge Server always picks the DNS SRV record with the lowest numerical priority and highest numerical weight. For each supported SIP domain in your organization, an external DNS A record for sip. <domain> that points to the external interface of the Access Edge Server and resolves to the external IP address on the firewall. If you have multiple SIP domains, you need a DNS A record for each. If a client cannot perform an SRV record lookup to connect to the Access Edge server, it uses this A record as a fallback. An external DNS A record that resolves the external FQDN of the Web Conferencing Edge Server array to the VIP address used by the Web Conferencing Edge Server array on the external load balancer.
	Reverse proxy	An external DNS A record that resolves the external Web farm FQDN to the external IP address of the reverse proxy. The client uses this record to connect to the reverse proxy.
	Access Edge Server	An internal DNS A record that resolves the internal FQDN of the Access Edge Server array to the virtual IP address used by the Access Edge Servers on the internal load balancer.

External

Access Edge Server

An external SRV record for all Access Edge Servers for _sipfederationtls._tcp.<domain>, over port 5061 (where <domain> is the name of the SIP domain of your organization). This SRV should point to an A record that resolves the external FQDN of the Access Edge Server array to the VIP address used by the Access Edge Server array on the external load balancer. If you have multiple SIP domains, you need a DNS SRV record for each domain. This SRV record supports federation and public IM connectivity.

Note

An external DNS A record that resolves the external FQDN of the Web Conferencing Edge Server array to the VIP address used by the Web Conferencing Edge Server array on the external load balancer.

Reverse proxy

An external DNS A record that resolves the external Web farm FQDN to the external IP address of the reverse proxy. The client uses this record to connect to the reverse proxy.

Access Edge Server

An internal DNS A record that resolves the internal FQDN of the Access Edge Server array to the virtual IP address used by the Access Edge Servers on the internal load balancer.

Step 1 Configure DNS Records for Your Edge Servers

Table 2 DNS Records for the Single-Site Edge Topology

Table 3 DNS Records for the Scaled Single-Site Edge Topology

Additional resources