P. 1
Determining Your Infrastructure Requirements for Lync Server 2010 (RC)

Determining Your Infrastructure Requirements for Lync Server 2010 (RC)

|Views: 310|Likes:
Published by Mahmoud Magdy

More info:

Published by: Mahmoud Magdy on Sep 16, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as DOC, PDF, TXT or read online from Scribd
See more
See less

09/16/2011

pdf

text

original

This section summarizes the ports and protocols used by servers and clients in a Microsoft Lync
Server 2010 communications software deployment.

Note:

Windows Firewall must be running before you start the Lync Server 2010 services on a
server, because that is when Lync Server opens the required ports in the firewall.
For details about firewall configuration for edge components, see Firewall Requirements for
External User Access in the Planning for External User Access documentation.
The following table lists the ports that need to be open on each server role.
Additionally, for each port, the Does this port need to be open on the load balancer? column
indicates whether this port must be open on the load balancer too (that is, if this server is part of a
pool). If you are using Domain Name System (DNS) load balancing for this pool, the DNS load
balancing will automatically ensure that the ports (that is, those with a value of Yes in this column)
are open. Values of Yes (must be open on the hardware load balancer even if you are using
DNS load balancing)
indicate that load balancing for this port must occur on the pool’s hardware
load balancer (that is, even if DNS load balancing is used for SIP traffic on this pool). (If you are
using only a hardware load balancer for a pool, all ports with a value of Yes must be open on the
hardware load balancer.)

Required Ports (by Server Role)

Component (server
role or client)

Service name

Port

Protocol

Does this
port need
to be open
on the load
balancer?

Notes

Front End ServersLync Server
Front-End
service

5060

TCP

Yes

Used by Standard
Edition servers and
Front End pools for
listening to client
connections from

33

Determining Your Infrastructure Requirements for Microsoft Lync Server 2010

Component (server
role or client)

Service name

Port

Protocol

Does this
port need
to be open
on the load
balancer?

Notes

Microsoft Lync 2010
(TCP).

Front End Servers Lync Server
Front-End
service

5061

TCP
(TLS)

Yes

Used by Standard
Edition servers and
Front End pools for all
internal SIP
communications
between servers
(MTLS), for SIP
communications
between Server and
Client (TLS) and for SIP
communications
between Front End
Servers and Mediation
Servers (MTLS).

Front End ServersLync Server
Front-End
service

444

HTTPS

Yes

Used for communication
between the Focus (the
Lync Server component
that manages
conference state) and
the individual servers.

Front End ServersLync Server
Front-End
service

135

DCOM
and
remote
procedur
e call
(RPC)

Yes (must
be open
on the
hardware
load
balancer
even if you
are using
DNS load
balancing)

Used for DCOM based
operations such as
Moving Users, User
Replicator
Synchronization, and
Address Book
Synchronization.

Front End ServersLync Server IM
Conferencing
service

5062

TCP

No

Used for incoming SIP
requests for instant
messaging (IM)
conferencing.

Front End ServersLync Server

8057

TCP

No

Used to listen for

34

Determining Your Infrastructure Requirements for Microsoft Lync Server 2010

Component (server
role or client)

Service name

Port

Protocol

Does this
port need
to be open
on the load
balancer?

Notes

Web
Conferencing
service

(TLS)

Persistent Shared
Object Model (PSOM)
connections from client.

Front End ServersLync Server
Audio/Video
Conferencing
service

5063

TCP

No

Used for incoming SIP
requests for audio/video
(A/V) conferencing.

Front End ServersLync Server
Audio/Video
Conferencing
service

57501-
65335

TCP/UD
P

No

Media port range used
for video conferencing.

Front End ServersWeb

Compatibility
service

80

HTTP

Yes (must
be open
on the
hardware
load
balancer
even if you
are using
DNS load
balancing)

Used for communication
from Front End Servers
to the Web farm FQDNs
(the URLs used by IIS
Web components) when
HTTPS is not used.

Front End ServersLync Server
Web
Compatibility
service

443

HTTPS

Yes (must
be open
on the
hardware
load
balancer
even if you
are using
DNS load
balancing)

Used for communication
from Front End Servers
to the Web farm FQDNs
(the URLs used by IIS
Web components).

Front End ServersLync Server
Web
Compatibility
service

8080

TCP

Yes (must
be open
on the
hardware
load
balancer

Used for IIS Web
components for external
access.

35

Determining Your Infrastructure Requirements for Microsoft Lync Server 2010

Component (server
role or client)

Service name

Port

Protocol

Does this
port need
to be open
on the load
balancer?

Notes

even if you
are using
DNS load
balancing)

Front End ServersLync Server
Conferencing
Attendant
service (dial-in
conferencing)

5064

TCP

No

Used for incoming SIP
requests for dial-in
conferencing.

Front End ServersLync Server
Conferencing
Attendant
service (dial-in
conferencing)

5072

TCP

Yes

Used for incoming SIP
requests for Microsoft
Lync 2010 Attendant
(dial in conferencing).

Front End Servers
that also run a
Collocated
Mediation Server

Lync Server
Mediation
service

5070

TCP

Yes

Used by the Mediation
Server for incoming
requests from the Front
End Server to the
Mediation Server.

Front End Servers
that also run a
Collocated
Mediation Server

Lync Server
Mediation
service

5067

TCP
(TLS)

Yes

Used for incoming SIP
requests from the PSTN
gateway to the
Mediation Server.

Front End Servers
that also run a
Collocated
Mediation Server

Lync Server
Mediation
service

5068

TCP

Yes

Used for incoming SIP
requests from the PSTN
gateway to the
Mediation Server.

Front End ServersLync Server
Application
Sharing
service

5065

TCP

No

Used for incoming SIP
listening requests for
application sharing.

Front End ServersLync Server
Application
Sharing
service

49152-
65335

TCP

No

Media port range used
for application sharing.

36

Determining Your Infrastructure Requirements for Microsoft Lync Server 2010

Component (server
role or client)

Service name

Port

Protocol

Does this
port need
to be open
on the load
balancer?

Notes

Front End ServersLync Server
Conferencing
Announcement
service

5073

TCP

Yes

Used for incoming SIP
requests for the Lync
Server Conferencing
Announcement service
(that is, for dial-in
conferencing).

Front End ServersLync Server
Call Park
service

5075

TCP

Yes

Used for incoming SIP
requests for the Call
Park application.

Front End ServersAudio Test
service

5076

TCP

Yes

Used for incoming SIP
requests for the Audio
Test service.

Front End Servers

5066

TCP

No

Used for outbound
Enhanced 9-1-1 (E9-1-
1) gateway.

Front End ServersLync Server
QoE
Monitoring
Service

5069

TCP

Yes

Used by Quality of
Experience (QoE) agent
on the Front End Server.

Front End ServersLync Server
Response
Group service

5071

TCP

Yes

Used for incoming SIP
requests for the
Response Group
application.

Front End ServersLync Server
Response
Group service

8404

TCP
(MTLS)

No

Used for incoming SIP
requests for the
Response Group
application.

Front End ServersLync Server
Bandwidth
Policy Service

5080

TCP

Yes

Used for call admission
control by the Bandwidth
Policy service for A/V
Edge TURN traffic.

Front End ServersLync Server
Bandwidth
Policy Service

448

TCP

Yes

Used for call admission
control by the Lync
Server Bandwidth Policy
Service.

37

Determining Your Infrastructure Requirements for Microsoft Lync Server 2010

Component (server
role or client)

Service name

Port

Protocol

Does this
port need
to be open
on the load
balancer?

Notes

Front End Servers
where the Central
Management store
resides

CMS
Replication
service

445

TCP

No

Used to push
configuration data from
the Central
Management store to
servers running Lync
Server.

All internal serversVarious

49152-
57500

TCP/UD
P

N/A

Media port range used
for audio conferencing
on all internal servers.
Used by all servers that
terminate audio: Front
End Servers (for Lync
Server Conferencing
Attendant service, Lync
Server Conferencing
Announcement service,
and Lync Server
Audio/Video
Conferencing service),
and Mediation Server.

Directors

Lync Server
Front-End
service

5060

TCP

Yes

Used by Standard
Edition servers and
Front End pools for
listening to client
connections from Lync
2010(TCP).

Directors

Lync Server
Front-End
service

5061

TCP

Yes

Used for internal
communications
between servers and for
client connections.

Mediation ServersLync Server
Mediation
service

5070

TCP

Yes

Used by the Mediation
Server for incoming
requests from the Front
End Server.

Mediation ServersLync Server
Mediation
service

5067

TCP
(TLS)

Yes

Used for incoming SIP
requests from the PSTN
gateway.

38

Determining Your Infrastructure Requirements for Microsoft Lync Server 2010

Component (server
role or client)

Service name

Port

Protocol

Does this
port need
to be open
on the load
balancer?

Notes

Mediation ServersLync Server
Mediation
service

5068

TCP

Yes

Used for incoming SIP
requests from the PSTN
gateway.

Mediation ServersLync Server
Mediation
service

5070

TCP
(MTLS)

Yes

Used for SIP requests
from the Front End
Servers.

Monitoring ServersLync Server
Monitoring
service

135

Message
Queuing
and
remote
procedur
e call
(RPC)

N/A

Used for message
queuing and RPC
operations.

Archiving Servers

Lync Server
Archiving
service

135

Message
Queuing
and RPC

N/A

Used for message
queuing and RPC
operations.

Reverse proxy
servers

80

TCP

N/A

Used by the reverse
proxy to listen on the
external interface for
incoming requests from
external users.

Reverse proxy
servers

443

TCP

N/A

Used by the reverse
proxy to listen on the
external interface for
incoming requests from
external users for Web
components information
and file downloads,
distribution group
expansion as well as
Address Book
information.

Reverse proxy
servers

8080

TCP

N/A

Used for SIP/TLS
communication with the
internal network to the
Web services cluster.

39

Determining Your Infrastructure Requirements for Microsoft Lync Server 2010

Component (server
role or client)

Service name

Port

Protocol

Does this
port need
to be open
on the load
balancer?

Notes

Traffic from port 80 on
the external interface is
redirected to this port.

Reverse proxy
servers

4443

TCP

N/A

Used by the reverse
proxy to listen on the
internal interface. Traffic
from port 443 on the
external interface is
redirected to this port.

Edge Servers

All edge
services
(external
interface)

443

TCP

Yes

Used for SIP/TLS
communication for
external users
accessing internal Web
conferences, and
STUN/TCP inbound and
outbound media
communications for
accessing internal
media and A/V sessions.

Edge Servers

Lync Server
Access Edge
service
(internal and
external
interface)

5061

TCP

Yes

Used for SIP/MTLS
communication for
remote user access or
federation and public
Internet connectivity.

Edge Servers

Lync Server
Web
Conferencing
Edge service
(internal
interface)

8057

TCP

No

Used to listen for
PSOM/MTLS
communications from
the Web Conferencing
Server on the internal
interface of the Web
Conferencing Edge
Server.

Edge Servers

Lync Server
Audio/Video
Edge
Authentication

5062

TCP

Yes

Used for SIP/MTLS
authentication of A/V
users. Communications
flow outbound through

40

Determining Your Infrastructure Requirements for Microsoft Lync Server 2010

Component (server
role or client)

Service name

Port

Protocol

Does this
port need
to be open
on the load
balancer?

Notes

service
(internal
interface)

the internal firewall.

Edge Servers

Lync Server
Audio/Video
Edge service
(internal and
external
interfaces)

3478

UDP

Yes

Used for STUN/UDP
inbound and outbound
media exchange.

Edge Servers

Lync Server
Audio/Video
Edge service
port range

50,000-
59,999

RTP/TC
P,
RTP/UD
P

No

Used for inbound and
outbound media transfer
through the external
firewall. This port range
always needs to be
opened outbound for
TCP. If you federate with
an organization running
Microsoft Office
Communications Server
2007 R2 or Microsoft
Office Communications
Server 2007, you must
open this range both
outbound and inbound,
and for both TCP and
UDP.

Edge Servers

All Edge
services
(internal
interface)

4443

TCP

No

Used to push
configuration data from
the Central
Management store to
the Edge Server. This
port must be opened on
every individual Edge
Server, not on the load
balancer.

Clients

67/68

DHCP

N/A

Used by Lync 2010 to
find the Registrar FQDN

41

Determining Your Infrastructure Requirements for Microsoft Lync Server 2010

Component (server
role or client)

Service name

Port

Protocol

Does this
port need
to be open
on the load
balancer?

Notes

(if DNS SRV fails and
manual settings are not
configured).

Clients

6891-
6901

TCP

N/A

Used for file transfer
between Lync 2010
clients and previous
clients (clients of Office
Communicator 2007 R2,
Office Communications
Server 2007, and Live
Communications Server
2005).

Clients

1024-
65535

TCP/UD
P

N/A

Used by clients for audio
port range (minimum of
20 ports required).

Clients

1024-
65535

TCP/UD
P

N/A

Used by clients for video
port range (minimum of
20 ports required).

Clients

1024-
65535

TCP

N/A

Used by clients for peer-
to-peer file transfer (for
conferencing file
transfer, clients use
PSOM).

Clients

1024-
65535

TCP

N/A

Used by clients for
application sharing.

Microsoft Lync
2010 Phone
Edition for Aastra
6721ip common
area phone

Microsoft Lync
2010 Phone
Edition for
Aastra 6725ip desk
phone

67/68

DHCP

N/A

Used by the devices
listed to find the Lync
Server 2010 certificate,
provisioning FQDN, and
Registrar FQDN.

42

Determining Your Infrastructure Requirements for Microsoft Lync Server 2010

Component (server
role or client)

Service name

Port

Protocol

Does this
port need
to be open
on the load
balancer?

Notes

Microsoft Lync
2010 Phone
Edition for
Polycom CX500
common area
phone

Microsoft Lync
2010 Phone
Edition for
Polycom CX600
desk phone

43

Determining Your Infrastructure Requirements for Microsoft Lync Server 2010

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->