Share via

Skype for Business Client Registration Process through HLB

  • Article

Summary

This article explains the SFB client registration process with the FE server, when using HLB Only load-balancing option.

Procedure

MS recommends to use DNS load balancing for SIP traffic.

An HLB is mandatory for load-balancing web traffic. Customer has deployment templates for SFB Load Balancing which makes the configuration much easier. 

In an HLB only configuration, both web traffic and SIP traffic* (initial) are passed though HLB, however unlike the web traffic which always pass though HLB, there is a need for the SIP traffic to flow directly to the FE servers.

Here are the Lab IP details,

FE01 - 192.168.2.11

FE02 - 192.168.2.12

FE03 - 192.168.2.13

HLB Virtual Server (HLB Only Config) - 192.168.2.10

HLB eth1 - 192.168.2.2

Client - 192.168.2.200

User's registration preference.

Joe's preferred registration server is FE02 but when this user try to register, the HLB may send the registration traffic to any of the FEs.

Here is the snap shot of client logs,

User attempt to register using HLB IP.

Looking at 401 SIP message  - we know that the HLB tried to send the registration to FE01.

09/19/2016|08:30:41.645 D14:D44 INFO  :: Data Received -192.168.2.10:5061 (To Local Address: 192.168.2.200:65242) 784 bytes:

09/19/2016|08:30:41.645 D14:D44 INFO  :: 

SIP/2.0 401 Unauthorized

Date: Mon, 19 Sep 2016 15:30:41 GMT

WWW-Authenticate: NTLM realm="SIP Communications Service", targetname="

FE01.mylab.loca

l", 
    version=4

WWW-Authenticate: Kerberos realm="SIP Communications Service", targetname="

sip/FE01.mylab.local

", 
    version=4

WWW-Authenticate: TLS-DSK realm="SIP Communications Service", targetname="

FE01.mylab.local

", 
    version=4, 
    sts-uri="https://web-int.mylab.local:443/CertProv/CertProvisioningService.svc"

From: <sip:joe@mylab.local>;tag=d9c2020975;epid=4d74fcfc86

To: <sip:joe@mylab.local>;tag=303BBD74E522C9A8C59A7B8E8491A899

Call-ID: 22a1f00f29094be697744332976cbf44

CSeq: 1 REGISTER

Via: SIP/2.0/TLS 
    192.168.2.200:65242;received=192.168.2.2;ms-received-port=54967;ms-received-cid=37E00

Server: RTC/6.0

Content-Length: 0

Through 301 SIP Message the FE01 informs the User to register with his home server "FE02"

09/19/2016|08:30:41.692 D14:D44 INFO  :: Data Received -192.168.2.10:5061 (To Local Address: 192.168.2.200:65242) 670 bytes:

 09/19/2016|08:30:41.692 D14:D44 INFO  :: 

 SIP/2.0 301 Redirect request to Home Server

 Proxy-Authentication-Info: Kerberos qop="auth", opaque="67ED4CCE", srand="14F85869", snum="1", rspauth="040401ffffffffff000000000000000046109d384434a69f5340c5bd", targetname="sip/FE01.mylab.local", realm="SIP Communications
 Service", version=4

 From: <sip:joe@mylab.local>;tag=d9c2020975;epid=4d74fcfc86

 To: <sip:joe@mylab.local>;tag=303BBD74E522C9A8C59A7B8E8491A899

 Call-ID: 22a1f00f29094be697744332976cbf44

 CSeq: 2 REGISTER

 Via: SIP/2.0/TLS 192.168.2.200:65242;received=192.168.2.2;ms-received-port=54967;ms-received-cid=37E00

 Contact: <sip:FE02.mylab.local:5061;transport=tls>

 Expires: 2592000

 Content-Length: 0

The Client then registers directly with the FE02 without passing through HLB.

Conclusion

Even with an HLB only load balancing deployment there is a need to open necessary communication port between the Client and the FEs, failing to do so may result in client registration issues.