Using Microsoft® Exchange 2000 Conferencing Server over the Internet White Paper

Published: August 2001

Table of Contents
Introduction............................................................................................................. ..3 Overview............................................................................................................ .......3 Conferencing Terminology Review.................................................................... .............3 Software and Hardware Requirements......................................................................... ..5 Software Requirements............................................................ ...............................5 Hardware Requirements ........................................................... ..............................5 IP Multicasting vs. H.323 Bridge................................................................ ...................6 Bandwidth Considerations......................................................................................... ...7 Firewall Considerations........................................................................................... .....8 Cisco PIX Firewall.................................................................................................... 9 Microsoft Internet Security and Acceleration (ISA) Server 2000.................................... .9 Network Address Translation (NAT) Servers............................................... .................9 Configuring Exchange Conferencing Server for Internet Attendees....................................9 Step 1: Create an Additional Windows 2000 Site and Subnet......................................10 Step 2: Manage the Conferencing Site................................................. ....................12 Step 3: Create Conferencing Resources.................................... ...............................13 Step 4: Configure T.120 MCU Properties.......................................................... .........16 Additional Resources............................................................................... ..................17

Using Microsoft Exchange 2000 Conferencing Server over the Internet
White Paper
Published: August 2001
For the latest information, please see http://www.microsoft.com/exchange

Introduction
This step-by-step guide provides instructions for configuring Microsoft® Exchange 2000 Conferencing Server to host attendees connecting over the Internet. This guide describes the process of configuring conferencing resources for Internet attendance. It also discusses bandwidth and firewall considerations.

Overview
This paper assumes that you have installed and configured Microsoft Exchange 2000 Server and installed Exchange Conferencing Server. This paper also assumes that your Exchange deployment runs and functions properly. Before you deploy Exchange Conferencing Server, you should have an understanding of administration concepts for Microsoft Windows® 2000 Server (or Windows 2000 Advanced Server) and Exchange. This paper assumes you are familiar with these technologies. For information about each of these Microsoft products, see the online documentation for each product, Microsoft Windows 2000 Server Resource Kit, or the Microsoft.com Web site.

Conferencing Terminology Review
Familiarity with various Exchange 2000 Server and Exchange 2000 Conferencing Server components and terms enhances your understanding of this paper. Table 1 lists and describes these components. Table 1 Conferencing Server components and descriptions
Description Conference Management Service coordinates and manages conferencing technologies and resources, and tracks and controls access to conferences.

Component Conference Management Service

Component Conference Technology Provider

Description Conference Technology Provider is the back-end service supporting the online meeting. Microsoft provides two Conference Technology Providers within Exchange 2000 Conferencing Server, Data Conferencing Provider and Video Conferencing Provider. Data Conferencing Provider is a conferencing technology based on the T.120 protocol stack that provides collaboration tools such as those found in Microsoft NetMeeting®. Data Conferencing Provider provides a T.120 multipoint control unit for data conferencing clients. Video Conferencing Provider is a conferencing technology that provides video and audio conferences over multicast-enabled IP networks. Video Conferencing Provider also provides an H.323 bridge that allows H.323 conferencing clients to participate in audio and video conferences. The T.120 MCU service runs as a component of Data Conferencing Provider and provides network connections between participants in a data conference. After you configure and activate a multicast scope, the DHCP service in Windows 2000 Server can provide multicast IP addresses in the same way that it provides unicast IP addresses. A conference calendar mailbox is an Exchange 2000 mailbox that stores the definitions and structure of all conferences. Conference resources are Exchange 2000 mailboxes that conferencing clients invite when scheduling an online meeting. The conference properties, including the resource used, are stored in the conference calendar mailbox. The H.323 bridge permits NetMeeting clients that are unable to connect directly to multicast conferences to connect through a H.323 unicast session. Unlike traditional Internet traffic that requires separate connections for each sourcedestination pair, IP multicasting allows many recipients to share the same connection, which means that just one set of packets is transmitted for all the destinations. A Windows 2000 site is defined as one or more well-connected (highly reliable and fast) TCP/IP subnets. A site allows administrators to configure the Microsoft Active Directory™ directory services access and replication topology quickly and easily to take advantage of the physical network. When users log on, Windows 2000 locates Active Directory servers in the same site as the user. A codec (coder/decoder) is any technology for encoding and decoding data.

Data Conferencing Provider

Video Conferencing Provider

T.120 multipoint control unit (MCU)

Multicast Address Dynamic Client Allocation Protocol (MADCAP)

Conference calendar mailbox

Conference resources

H.323 bridge

IP multicasting

Windows 2000 site

Codec

Using Microsoft Exchange 2000 Conferencing Server over the Internet

4

Software and Hardware Requirements
To install the Exchange 2000 Conferencing Server configuration discussed in this white paper, you must meet the following software and hardware requirements.

Software Requirements
To install Conferencing Server, the following software is required: •Microsoft Windows 2000 Server or Microsoft Windows 2000 Advanced Server, Service Pack 1 or later. •Microsoft Exchange 2000 Server or Microsoft Exchange 2000 Enterprise Server. •Microsoft Exchange 2000 Conferencing Server. Note For best performance, install the latest service pack for each software requirement.

Hardware Requirements
Review the hardware requirements for servers on which you plan to install Conference Management Service, Data Conferencing Provider, and Video Conferencing Provider. Also, review the hardware requirements for conferencing clients that participate in data or video conferences. Server Computers Table 2 lists the minimum and the recommended hardware requirements for server computers on which you install Conference Management Service, Data Conferencing Provider, Video Conferencing Provider, or multipoint control units (MCUs). Table 2 Minimum and recommended hardware for server computers
Recommended hardware 400–MHz or faster Intel Pentium processor or equivalent 256 megabyte (MB) of RAM

Minimum hardware 133-MHz Intel Pentium processor or equivalent 128 megabyte (MB) of RAM

An MCU installed on this hardware configuration with no other applications active can process approximately 500 simultaneous conferencing client connections. Conferencing Client Computers Review the hardware requirements for conferencing client computers to participate in data and video conferences.
Data Conferencing Client

Table 3 lists the minimum and recommended hardware requirements for conferencing clients participating in a data conference.

Using Microsoft Exchange 2000 Conferencing Server over the Internet

5

Table 3 Minimum and recommended hardware for data conferencing client computers
Minimum hardware For Windows 95 or later, a 90-MHz Intel Pentium processor or equivalent with 16 MB of RAM For Microsoft Windows NT® or later, a 90-MHz Intel Pentium processor or equivalent with 24 MB of RAM Recommended hardware For Windows 95 or later, a 133-MHz or faster Intel Pentium processor or equivalent with at least 16 MB of RAM For Windows NT or later, a 133-MHz or faster Intel Pentium processor or equivalent with at least 32 MB of RAM

Video Conferencing Client

To participate in multicast video conferences, conferencing client computers must have the same hardware as computers running Microsoft Windows 2000 Professional. Video conferences also require the following peripheral equipment: •Sound card with microphone and speakers •Video capture card and camera Table 4 lists the minimum and recommended hardware requirements for conferencing client computers that participate in multicast video conferences. Table 4
Minimum 56 Kbps or faster modem 133-MHz Intel Pentium processor or equivalent 64 MB of RAM

Minimum and recommended hardware for multicast video conferences
Recommended Local area network (LAN) connection 266-MHz or faster Intel Pentium processor or equivalent 128 MB of RAM

Video conferencing client computers without Windows 2000 must use NetMeeting to participate in video conferences. NetMeeting uses H.323 to communicate with the MCU and to bridge participants into the conference. Table 5 lists the minimum hardware requirements for H.323 conferencing clients. Table 5 Minimum and recommended hardware for H.323 conferencing client computers
Minimum For Windows 95 or later, a 90-MHz Intel Pentium processor or equivalent with 16 MB of RAM For Windows NT, a 90-MHz Intel Pentium processor or equivalent with 24 MB of RAM Recommended For Windows 95 or later, a 133-MHz or faster Intel Pentium processor or equivalent with at least 16 MB of RAM For Windows NT, a 133-MHz or faster Intel Pentium processor or equivalent with at least 32 MB of RAM

IP Multicasting vs. H.323 Bridge
IP multicasting supports a one-to-many method of packet delivery. When a conferencing client capable of multicasting joins an online conference, the conferencing client computer is assigned a multicast address. The conferencing client registers the address on its subnet and submits an Internet Group Management Protocol (IGMP) router registration packet. The routers listening for this multicast address propagate the traffic through a spanning tree type algorithm to all other routers. Any time an IGMP and Request

Using Microsoft Exchange 2000 Conferencing Server over the Internet

6

for Comments (RFC) 2236-compliant router receives a multicast packet, the router looks through its routing table and determines whether there are conferencing clients listening for that address on that particular subnet. If there are conferencing clients listening, the packets are delivered to only those conferencing clients. If no conferencing clients on that subnet or segment are listening on that address, the address is not registered with the router, and the router does not forward the packets to the specific subnet. Note This paper does not address IGMP and RFC 2236-compliant routers. For additional information about these routers, see the Microsoft Windows 2000 Server Resource Kit or documentation provided by the router manufacturer. With the exception of large corporate infrastructures and ISPs, most Internet conferencing clients do not have multicast connectivity. To work around this issue, conferencing clients without multicast connectivity need to connect across an H.323 bridge. The H.323 bridge runs on the T.120 multipoint control unit (MCU) server and permits conferencing clients that are unable to connect directly to multicast conferences to connect through an H.323 unicast session and participate in video and audio conferences. When a conferencing client participates in an online conference, the conferencing client connects directly to the T.120 MCU/H.323 bridge server, which sends the data to all the other participating conferencing clients. Conferencing clients on the Internet can participate in video and audio conferences because the H.323 protocol can be used across the Internet.

Bandwidth Considerations
Because Internet conferencing clients must use the H.323 protocol to communicate, bandwidth is a major consideration for most customers. When H.323 fallback is enabled, the audio codec used is G.711, which consumes roughly 70 kilobits per second (Kbps). The video codec used is H.263, which consumes approximately 90 Kbps. Therefore, conferencing clients connecting to a conference send an average of approximately 160 Kbps for each audio/video stream. To get an estimate of the amount of bandwidth required to have a smooth audio and video conference, multiply the number of conferencing clients participating in the conference by 160 Kbps. The required bandwidth for data conferencing is difficult to determine because of the many variables involved. For example, whether or not you will be chatting, using a white board, or sharing applications affects the overall bandwidth. However, compared to the bandwidth consumed by audio and video, data conferencing uses relatively few resources. The type of connection used also has a major influence on the amount of available bandwidth. For more information about bandwidth considerations, see the following Microsoft Knowledge Base article: Q290174, “XCCC: Bandwidth Considerations for Conferencing over Internet” An administrator has several options to control the amount of bandwidth used in a conference. These options include:

Using Microsoft Exchange 2000 Conferencing Server over the Internet

7

•Select the codec to be used If you use the G.711 codec, each audio stream uses approximately 70 Kbps. But the GMS 6.11 codec reduces this bandwidth to about 20–30 Kbps. For video, the bandwidth is roughly the same for both the H.262 and the H.263 codecs. However, the H.263 codec has a smarter algorithm and uses slightly less network bandwidth. Although conferencing clients using H.323 default to the G.711 and the H.263 codec, an administrator may choose to define other codecs for any multicast conferencing resource. •Reduce conference participants Another way to control bandwidth is to reduce the number of conference participants possible for video resources. In a multicast conference, additional attendees (that is, individuals who join the conference after the maximum number is reached) connect to the conference as observers and do not send anything to the network. •Define audio-only resources Define resources that use audio only. Resources that do not use video will preserve bandwidth. •Configure the “Automatically send audio at join time” and the “Automatically send video at join time” settings If you do not select these settings, the conferencing client must manually start the audio and video streams in their client. Conferencing Server will not automatically start these streams. •Implement QoS policies Windows 2000 Quality of Service (QoS) includes enterprise and subnet policies that contain rules for your organization. You can set QoS policies to guarantee the amount of available bandwidth to your organization, subnets, or individual users. •Configure MCU visibility restrictions and site referrals Through administrative settings, you can restrict access to an MCU based on a set of subnet mask pairs. Only conferencing clients whose IP addresses match a defined subnet can connect to the MCU. In this way, administrators can divide a Windows 2000 site and direct participants to a specific MCU. •Limit videoconferences over WAN links You can limit videoconferences over WAN links which limits the network area where multicast data can go. •Restrict use of expensive resources Restrict the use of conferencing resources that are the most expensive in your organization. For more information about these options, see your Exchange 2000 Conferencing Server online documentation.

Firewall Considerations
For Internet conferencing clients to participate in data, video, and audio conferences hosted inside a firewall, administrators need to open primary and secondary ports so that internal and external conferencing clients can communicate with each other. Table 6 lists these ports. Table 6 Port list for conferences hosted inside a firewall
Port 1503 1720 (H.323 video) and 1731 (H.323 audio)

Conference Type Data conference Video and audio conference over the Internet

Using Microsoft Exchange 2000 Conferencing Server over the Internet

8

For data conferencing without audio and video, all you need to do is open port 1503. However, issues arise when configuring your firewall to allow for audio and video conferencing because audio and video require two dynamic ports in addition to ports 1720 and 1731. Because there is not a method for predicting which ports those will be, an administrator must open all the ports on the firewall.

Cisco PIX Firewall
Exchange Conferencing Server was tested behind a Cisco PIX Firewall with successful results. However, the steps necessary to configure Conferencing Server behind a Cisco PIX Firewall are beyond the scope of this paper. For more information about configuring the firewall, see the following Microsoft Knowledge Base article: Q299668, “XCCC: Configuring Exchange 2000 Conferencing Server Behind a PIX Firewall”

Microsoft Internet Security and Acceleration (ISA) Server 2000
You can also configure Exchange Conferencing Server to work with Microsoft Internet Security and Acceleration (ISA) Server 2000. For more information, see the following Microsoft Knowledge Base article: Q303098, “XCCC: How to Configure Exchange 2000 Conferencing Server and ISA Server to Allow Audio and Video”

Network Address Translation (NAT) Servers
Network Address Translation (NAT) servers are being used more often, especially in small office and home office environments. Note Remote conferencing clients may participate in data conferences that are conducted behind a NAT server, but video and audio conferences behind a NAT server are not supported.

Configuring Exchange Conferencing Server for Internet Attendees
To configure Exchange Conferencing Server for Internet attendees, use the following four steps. 1. Create an additional Windows 2000 site and subnet. 2. Manage the conferencing site. 3. Create conferencing resources. 4. Configure T.120 MCU properties.

Using Microsoft Exchange 2000 Conferencing Server over the Internet

9

Step 1: Create an Additional Windows 2000 Site and Subnet
You must configure more than one Windows 2000 site and subnet before the Conference Management Service can distinguish conferencing clients as either connecting locally or from the Internet. If you do not configure more than one site, all conferencing clients appear to come from the default (the internal) Windows 2000 site. Note If your topology includes a perimeter network (also known as DMZ, demilitarized zone, and screened subnet), the best practice is to create another Windows 2000 site in the perimeter network, and then install an additional Exchange Conferencing Server in the site to handle requests from Internet attendees. In the meantime, the server running Exchange Conferencing Server on the internal network is dedicated to managing requests from internal attendees. In this case, you need to create a subnet with the IP address of the server running Exchange Conferencing Server in the perimeter network and a 32-bit subnet mask, such as 255.255.255.255. If you have only one active server running Exchange Conferencing Server in your primary site and do not have a perimeter network, you must create a placeholder subnet and site as described in Task 1 and Task 2. Be aware that, if you create a placeholder site to allow Exchange Conferencing Server to distinguish Internet conferencing clients from local conferencing clients and you have Exchange 2000 running on a member server, you must also define a subnet for the default site and add that server to the Servers folder on the default site. You can only use Active Directory Sites and Services from a computer that has access to a Windows 2000 domain. The Active Directory Sites and Services snap-in is installed on all Windows 2000 domain controllers. To use Active Directory Sites and Services on a computer that is not a domain controller, such as one running Windows 2000 Professional, install the Windows 2000 Administration Tools. Task 1: Create a Placeholder Site 1. Log on to your domain controller as Domain Administrator. 2. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Sites and Services. 3. Right-click the Sites container and then click New Site. 4. In Name, type the name of the new site, for example Internet. 5. Click the DEFAULTIPSITELINK site link object, and then click OK (Figure 1).

Using Microsoft Exchange 2000 Conferencing Server over the Internet

10

Figure 1

New Object – Site dialog box

For detailed information about the steps in this task, see your Windows 2000 online documentation. Task 2: Create a Placeholder Subnet 1. Log on to your domain controller as Domain Administrator. 2. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Sites and Services. 3. Double-click the Sites container. 4. Right-click the Subnets container, and then click New Subnet. 5. In Address, type 1.1.1.1 for the IP address. 6. In Mask, type 255.255.255.255 for the subnet mask.

7. Select the Internet site object for this subnet, and then click OK (Figure 2).

Using Microsoft Exchange 2000 Conferencing Server over the Internet

11

Figure 2

New Object – Subnet dialog box

For detailed information about the steps in this task, see your Windows 2000 online documentation.

Step 2: Manage the Conferencing Site
In this step, you manage the conferencing site. Before you manage your conferencing site, you should create a new storage group named Conferencing Storage Group, and then create and mount a new mailbox store named Conferencing Mailbox Store Server Name. Use this mailbox store for conferencing calendar mailboxes and resources. By separating the conferencing database from your user’s database, you make it possible to perform a selective backup and restore. 1. Click Start, point to Programs, point to Microsoft Exchange, and then click System Manager. 2. Select your Exchange 2000 Server and click the Action menu, point to New, then click Storage Group. 3. Name the new storage group Conferencing Storage Group. 4. Right-click the new storage group, point to New, and then click Mailbox Store. 5. Name the new mailbox store Conferencing Mailbox Store Server Name. 6. When asked to mount the new mailbox store, click Yes.

Using Microsoft Exchange 2000 Conferencing Server over the Internet

12

7. On the Start menu, point to Programs, point to Microsoft Exchange, and click Conferencing Manager. 8. Right-click the Exchange Conferencing container, and then click Manage. 9. Click OK to choose either the Default-First-Site-Name conferencing site or your Windows 2000 site name conferencing site if you changed the default site name. 10. When prompted to designate the conference calendar mailbox, click Yes. 11. In Conference Calendar Mailbox, click Create, and then type the account information for the mailbox. Note Although a password is not required, you should use one.

Important Be certain to select the conferencing storage group mailbox store you created for this mailbox. For detailed information about this step, see your Exchange 2000 Server and Exchange 2000 Conferencing Server online documentation.

Step 3: Create Conferencing Resources
In this step, you create conference resources. 1. Click Start, point to Programs, point to Microsoft Exchange, and then click Conferencing Manager. 2. Right-click your conferencing site, and then click Properties. 3. Click the Resources tab, and then click Add. 4. In New Resource Mailbox, type the account information. Note Select the conferencing storage group mailbox store you created for this mailbox in “Step 2: Managing the Conferencing Site.” 5. In Resource Properties, click Add, and then select Data Conferencing Provider. Note Data Conferencing Provider is necessary even for video and audio conferences because the H.323 bridge is a component of the Data Conferencing service. 6. In Technology Provider Properties for data conferences, enter the number of planned meeting participants. See Figure 3 for more information.

Using Microsoft Exchange 2000 Conferencing Server over the Internet

13

Figure 3

Data conference Technology Provider Properties dialog box

7. In Resource Properties, click Add, and then select Video Conferencing Provider. 8. In Technology Provider Properties for video conferences, enter the number of planned meeting participants, and select Enable H.323 Data Provider fallback for Audio/Video Conferences. 9. If you are using MADCAP servers to allocate multicast addresses, in Use multicast IP addresses from the following scopes, select the scope. If you are not using MADCAP servers, Conference Management Service randomly allocates a multicast address. See Figure 4 for more information.

Using Microsoft Exchange 2000 Conferencing Server over the Internet

14

Figure 4

Video conference Technology Provider Properties dialog box

10. On the Conference Settings tab, in Access URL for user connections, type the fully qualified domain name (FQDN) of the active host server. This name will take the form of http://servername.yourdomainname.com/conferencing, where yourdomainname is your DNS domain name. See Figure 5 for more information. Note If you configured your settings to allow external participants access the server using a URL in the form of http://www.yourdomainname.com/conferencing, you must add a CNAME record to your DNS settings so that www is mapped to the actual machine name. For information about how to add this record, see the following article in the Microsoft Knowledge Base: Q168322, “Creating a DNS Alias Record”

Using Microsoft Exchange 2000 Conferencing Server over the Internet

15

Figure 5

Conference Settings tab Do not make the FQDN longer than 32 characters.

Important

Note The naming convention used for the conference resources should indicate the type of Conference Technology Provider used, the number of participants allowed, and, if applicable, the Windows 2000 site name. For example, FSExchConfResDV20 represents a resource with the following attributes: Site name = First site (FS) Conference Technology Provider used = Data and video (DV) Number of allowed participants = 20. For detailed information about this step, see your Exchange 2000 Conferencing Server online documentation.

Step 4: Configure T.120 MCU Properties
In this step, you configure T.120 MCU properties. 1. Click Start, point to Programs, point to Microsoft Exchange, and then click Conferencing Manager. 2. In the console tree, click the Data Conferencing Provider container. 3. In the details pane, right-click the T.120 MCU server, and then click Properties. 4. On the General tab, select the Accept client connections from the Internet check box.

Using Microsoft Exchange 2000 Conferencing Server over the Internet

16

5. In Use network name, type the FQDN of the appropriate T.120 MCU server, and then click OK. See Figure 6 for more information.

Figure 6

T.120 MCU server properties dialog box Do not make the FQDN longer than 32 characters.

Important

6. Allow enough time for replication if you have multiple domain controllers or domains in your topology. Important If you are modifying the Use network name setting in Accept client connections from the Internet from a hostname to a FQDN, to clear the directory services cache, you must either restart the server or use the Dscflush utility from the Exchange 2000 Resource Kit. Note When you want to join an online conference across the Internet, you must enter the FQDN of the active host server in your browser's address field. For detailed information about this step, see your Exchange 2000 Conferencing Server online documentation.

Additional Resources
For additional information about Exchange 2000 Conferencing Server, please see the following resources: •Exchange 2000 Conferencing Server and H.323

Using Microsoft Exchange 2000 Conferencing Server over the Internet

17

•Installing Exchange 2000 Conferencing Server in a Mixed Site •Q290174 •Q299668 Firewall XCCC: Bandwidth Considerations for Conferencing over Internet XCCC: Configuring Exchange 2000 Conferencing Server Behind a PIX

•Q303098 XCCC: How to Configure Exchange 2000 Conferencing Server and ISA Server to Allow Audio and Video •Q168322 Creating a DNS Alias Record

For more information: http://www.microsoft.com/exchange/

Did this paper help you? Please give us your feedback. On a scale of 1 (poor) to 5 (excellent), how would you rate this paper? mailto:exchdocs@microsoft.com?subject=Feedback: Using Microsoft Exchange 2000 Conferencing Server over the Internet

Using Microsoft Exchange 2000 Conferencing Server over the Internet

18

The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. This White Paper is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, AS TO THE INFORMATION IN THIS DOCUMENT. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, email address, logo, person, place or event is intended or should be inferred. © 2001 Microsoft Corporation. All rights reserved. Microsoft, Active Directory, NetMeeting, Windows, and Windows NT are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

Using Microsoft Exchange 2000 Conferencing Server over the Internet

19