Verifying External SRV Records for Office Communications Server 2007 R2

Another great question came my way today regarding the testing of external SRV records for OCS 2007 R2. After all, we configure them, but how do we know that they are properly configured until it comes time to use them, and then we have to go into troubleshooting mode without being sure if the records themselves are at fault.

It makes sense to test the SRV records, first, before we start trying to use them. Using an external computer, you can test the resolution of the external DNS records. I use a cellular modem for most of my external testing. In this case, I am using NSLookup to test Microsoft’s SRV records as follows:

First, you run NSLookup.exe at a command prompt and connect to your DNS server.

C:UsersRuss>nslookup
Default Server:  dns.infrastructurehelp.com
Address:  208.109.80.195

Next, you set the record type to all, and then enter in the SRV record for the Edge server.

> set type=all
> _sip._tls.microsoft.com
Server:  dns.infrastructurehelp.com
Address:  208.109.80.195

Non-authoritative answer:
_sip._tls.microsoft.com SRV service location:
          priority       = 0
          weight         = 0
          port           = 443
          svr hostname   = sip.microsoft.com

microsoft.com   nameserver = ns4.msft.net
microsoft.com   nameserver = ns2.msft.net
microsoft.com   nameserver = ns5.msft.net
microsoft.com   nameserver = ns3.msft.net
microsoft.com   nameserver = ns1.msft.net
sip.microsoft.com       internet address = 131.107.106.16
ns1.msft.net    internet address = 65.55.37.62
ns2.msft.net    internet address = 64.4.59.173
ns3.msft.net    internet address = 213.199.161.77
ns4.msft.net    internet address = 207.46.75.254
ns5.msft.net    internet address = 65.55.226.140

Note: In this case, above, Microsoft uses 443 instead of 5061, which I always recommend since 443 is almost always going to be open going out from the network on almost any firewall in almost any location where you might be running your Office Communicator client.

Then, we test the federation SRV record.

> _sipfederationtls._tcp.microsoft.com
Server:  dns.infrastructurehelp.com
Address:  208.109.80.195

Non-authoritative answer:
_sipfederationtls._tcp.microsoft.com    SRV service location:
          priority       = 0
          weight         = 0
          port           = 5061
          svr hostname   = sipfed.microsoft.com

microsoft.com   nameserver = ns5.msft.net
microsoft.com   nameserver = ns2.msft.net
microsoft.com   nameserver = ns1.msft.net
microsoft.com   nameserver = ns4.msft.net
microsoft.com   nameserver = ns3.msft.net
sipfed.microsoft.com    internet address = 131.107.115.72
ns2.msft.net    internet address = 64.4.59.173
ns3.msft.net    internet address = 213.199.161.77
ns4.msft.net    internet address = 207.46.75.254
ns5.msft.net    internet address = 65.55.226.140
ns1.msft.net    internet address = 65.55.37.62
>

Overall, it is a pretty simple process to verify that the proper SRV records are published in the external DNS servers.

Advertisements
This entry was posted in Office Communications Server. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s