DNS Load Balancing in Lync Server 2010 – Hardware Load Balancers Are Still Needed

It appears to be a common misconception regarding DNS Load Balancing (DNS LB) in that it means we don’t need Hardware Load Balancers (HLBs) anymore.

First off, let’s break open our DNS books. There is no such thing as DNS LB in any of those books. Why? Well, because it really isn’t a DNS function, it is a Lync 2010 feature. As far as DNS goes, all we are doing is creating multiple records with the same host name by using different IPs for each entry. That is, for all intents and purposes, the same thing as DNS round robin (DNS RR). So, nothing new from the DNS side. DNS RR, by itself, is not a high availability solution.

However, in the Lync world, life is so much better when using DNS LB. Lync is able to use DNS LB (yes, DNS RR entries) to load balance traffic such as SIP and media traffic between Lync clients and Lync front-end servers. You still need HLBs to handle the HTTP and  HTTPS traffic. So, the HLB is needed for port 443, and 80 traffic [corrected from the original post]. We need to use the HLB for these ports because the HTTP and HTTPS protocols are session-state–oriented. We need to use HLBs to ensure thats if connections are initiated to a particular server, the Lync client would maintain its association with the server and continue to connect to the server to complete the entire request. Using DNS LB prevents the client from having to rely on the initial server connection.

So, what is the purpose of DNS LB if it doesn’t replace HLBs? Great question, and I am glad you asked. The purpose is to reduce the complexity of the rules required for implementing the HLBs. The purpose is not to replace HLBs by using DNS LB.

DNS Load Balancing can be used for pools of Directors and for pools of Front-end servers. However in almost all cases with Directors and Front-end pools, HLBs are still required.

DNS LB can also be used for Edge servers (for the internal and the external interfaces). You can pretty much get away with using just DNS LB (meaning no HLB) when connecting to Edge pools. There are a couple of pretty big issues when using DNS LB and Edge servers, though, when it comes to federation with companies that use previous versions of OCS and when federating with PIC and XMPP environments. Basically, it will not work.

This entry was posted in Office Communications Server. Bookmark the permalink.

8 Responses to DNS Load Balancing in Lync Server 2010 – Hardware Load Balancers Are Still Needed

  1. If a company already have a HLB for OCS , why use DNS LB for Lync at all?
    Reducing complexity for the HLB admin is not a great argument, if you can configure HLB on port 80&443 you can most likely do it for other ports as well.

  2. Daniel,

    I would tend to agree with you, but Microsoft has found that it just isn’t true. Many HLB administrators do not admin devices that often. When they do, they are usually experienced at configuring the rules for 80 and 443. At the minimum, they can copy existing rules for web servers in the company and use them for an example to configure the Lync servers.

  3. Jed Ellerby says:


    Where did you get your HLB port requirements from, Technet references port 80 and 443 only? http://technet.microsoft.com/en-us/library/gg398833.aspx. DCOM doesn’t seem to be required for Lync HLB.

    Also, another possible benefit of using DNS LB and a HW LB is the load reduction on the HLB. There may be the option to deploy a much cheaper virtual LB (Citrix Netscaler) depending on the traffic loading. The Netscaler VPX Express is free, but limited to 1Mbps of traffic.

    The traffic flows through the the HW LB appear to be for the WEB farm FQDNs only. Perhaps an investigation into the traffic loads assoicated with the various IIS sites would be useful, such as address book etc. This would help determine the size of HLB required for Lync when deployed with DNS LB.


  4. Pawel says:

    I have a pool of 2 Front End servers and do not have HLB. Can I leave Http/https traffic on one server of FE pool? I want to prepare script to switch VIP to second FE when first FE server fails. That’s all I need. Is it a good idea? Now I can’t buy HLB.

    • I would not recommend it. However, if you want to provide redundancy without using hardware load balancing, you might consider using two pools, each with a single server, adn configure them as primary and secondary registrars.

  5. blackburn83 says:

    Correct me if I’m wrong, but DNS RR (LB) is only a way to spread load, it is not a HA solution. If one of the servers goes down, the DNS will still return (in some cases, cause RR) the IP address of the particular server it will not keep track of which server is alive or not.

    So in my opinion if you’re looking for a HA solution, a HLB is the way to go.
    In some cases HA is more important, than loadbalancing.

    • You are right and wrong.

      Basically, the Redundancy provided through DNS LB is handled by the client. For example, if you have Communicator clients, they can’t take advantage of DNS LB. A Lync client, though, can use the different servers listed in DNS and will attempt others in the list if the one is not available.

      Remember, though, you still need HLB in the internal network for FE pools, and you will need HLB for the edge environment if you have Communicator clients or are federating with OCS environments and want edge redundancy.

Leave a Reply to Jed Ellerby Cancel reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s