Load Balancer Requirements for Office Communications Server 2007 Enterprise Pools

Prerequisites for a Load Balancer Connecting to a Pool

Before a hardware load balancer can connect to the Office Communications Server Enterprise pool, you must configure the following:

• A static IP address for servers within your pool.

• Using a load balancer in SNAT (source network address translation) mode is recommended for ease of deployment, however be aware each SNAT IP address on the load balancer limits the maximum number of simultaneous connections to 65,000. If you deploy load balancer in SNAT mode, ensure you configure a minimum of one SNAT IP address for each group of 65,000 users. (The open number of connections generally corresponds to the number of active users.) For example, in a deployment supporting 100,000 users, you would configure two SNAT IP addresses.

• If you use a DNAT (destination network address translation) load balancer for your Enterprise pools, the following is required:

  • Each pool must reside in a distinct IP subnet from other pools, because the Front End Servers in each pool must reside in this distinct IP subnet.

  • For a pool in the expanded configuration, only the Front End Servers must be placed in this distinct IP subnet. All other roles – the Web Conferencing, A/V Conferencing and Web Component Servers – must reside outside the distinct IP subnet for the Front End Servers. There is no additional restriction on how these other roles can be placed on the network.

• A VIP address and associated DNS record for the load balancer. See the DNS (Domain Name Service) section for more information.

  Important

  The following requirements apply to all load balancers that are deployed in an Office Communications Server 2007, Enterprise pool. For information about configuring and deploying a particular brand and model of hardware load balancer, see the documentation that is included with the product of your choice.

A load balancer for an Office Communications Server 2007, Enterprise Pool must meet the following requirements:

• Expose a VIP Address through ARP (Address Resolution Protocol). The VIP must have a single DNS entry, called the pool FQDN and must be a static IP address.

• Allow multiple ports to be opened on the same VIP. The following ports are required.

  Table 77 Hardware load balancer ports that are required for Office Communications Server 2007

  Port Required	Virtual IP	Port Use
  5060	Load balancer VIP used by the Front End Servers	Client to server SIP communication over TCP
  5061	Load balancer VIP used by the Front End Servers	Client to Front End Server SIP communication over TLS SIP Communication between Front End Servers over MTLS
  135	Load balancer VIP used by the Front End Servers	To move users and perform other "pool" level WMI operations over DCOM
  444	Load balancer VIP used by the Front End Servers	Communication between the internal components that manage conferencing and the conferencing servers
  443	Load balancer VIP used by the Web Components Server	HTTPS traffic to the pool URLs

• Provide TCP-level affinity. This means that the load balancer must ensure that TCP connections can be established with one Office Communications Server in the pool and all traffic on that connection will be destined for that same Office Communications Server.

• Each Front End Server must have an IP address that is directly routable within the internal network (specifically to allow communications between Front End Servers across different pools).

• The load balancer must provide a configurable TCP idle-timeout interval with its value set to 20 minutes or greater. This value must be 20 minutes or higher because it should be above the following values:

  • Maximum SIP connection idle timeout of 20 minutes (this is the major determining value).

  • SIP Keep-alive interval 5 minutes.

  • Maximum REGISTER refresh interval of 15 minutes in absence of keep-alive checks.

• Enable TCP resets on idle timeout; also disable TCP resets when servers are detected to be down.

• Front Ends within a pool behind a load balancer must be capable of routing to each other. There can be no NAT device in this path of communication. Any such device will prevent successful RPC between Front End Servers within a pool.

• Front Ends behind a load balancer must have access to the Active Directory environment.

• Front Ends must have static IP addresses that can be used to configure them in the load balancer. In addition, these IP addresses must have DNS registrations (referred to as Front End FQDN).

• Any computer running Office Communications Server 2007 administrative tools must be able to route through the load balancer to both the Pool FQDN as well as the Front End FQDN of every Front End in the pool(s) to be managed. In addition, there can be no NAT device in the path of communication to the Front Ends to be managed. Again, this is a restriction enforced by the usage of the RPC protocol by DCOM.

• The load balancer should support a least-connections-based Load balancing mechanism. This means that the load balancer will rank all Office Communications Server servers based on the number of outstanding connections to each of them. This rank will then be used to pick the Office Communications Server to be used for the next connection request.

• The load balancer must allow for adding and removing servers to the pool without shutting down.

• The load balancer should be capable of monitoring server availability by connecting to a configurable port for each server.

  Important

  The monitor for ports 135 and 444 should open TCP connections to port 5060 or 5061 for determining server availability. Attempting to monitor ports 135 and 444 on the servers will cause the load balancer to incorrectly detect these servers to be available because these ports are open even though Office Communications Server is not running.