Topic Last Modified: 2011-04-04
For internal communications, ensure that the following options are set up on the organization’s DHCP servers, see Configuring DHCP Options to Enable Sign-in for IP Phones in the Deployment documentation.
The DHCP protocol (see RFC 2131 for details) exchanges information using several options. The following options are used in Microsoft Lync Server 2010 connectivity:
- Option 120 (SIP Servers) is defined in RFC 3361. It is used to
return a list of SIP servers.
- Option 55 is used by the device to ask the DHCP server for the
values of specific options (in our case 120 and 43).
- Option 60 is used by the client to specify the vendor for which
option 43 is requested.
- Option 43 is a complicated option: it has many sub-options and
can also have many values. The effective value for option 43, IOW
the value that the DHCP server will send to the client, depends on
the vendor class id. So, in a sense there is a <key, value>
relationship between option 60 and option 43: for the vendor
specified in option 60, option 43 provides a set of sub-options
that have been configured for that vendor.
There are two options for DHCP servers when using:
Enterprise DHCP Servers
These are DHCP servers which are already being used in the enterprise and providing IP discovery and other services. They can be either Windows DHCP servers (part of Windows Server) or manufactured by other vendors like Cisco. In this document, only configuration of Windows DHCP servers is provided.
When configuring a central site, we recommend that enterprise DHCP servers are used because:
- These do not require re-configuration of all the Bootp relay
agents to relay packets to a new server.
- Using the DHCP server that is included with the Lync Server
2010 Registrar results in unneeded packets being sent to an
additional DHCP server. DHCP does not participate in the address
acquisition process and these type of packets will be ignored.
- Enabling DHCP server by using the Registrar adds one more
responsibility to the Front End Server or Director roles. This
could potentially affect performance and impact core
Registrars and DHCP Servers
Registrars have a built in DHCP component, which can listen for DHCP broadcasts and respond to appropriate DHCP INFORM packets. The use case for this component is very small branches which have no DHCP servers and minimal server administration. The DHCP component does not participate in or affect the IP acquisition process in the enterprise, and you can use it side-by-side with existing DHCP servers. This component only responds to DHCP INFORM messages which:
- Have vendor class identifier = MS-UC-Client
- Ask for Option 120 or 43 (using option 55 – parameter request
In the case of a branch office, when there is no enterprise DHCP server in the branch, the Registrar running the DHCP server is needed because:
- Without an enterprise DHCP server the branch is relying on DHCP
functionality provided by routers. It is likely not possible to
configure DHCP options on these.
- Depending on the branch size, all unified communications (UC)
devices can be in the same subnet. In this case relay
reconfiguration is not required. If there are multiple subnets it
is likely that there are not many and reconfiguration is
- It is much easier to enable DHCP on the Registrar than to
configure and deploy an enterprise DHCP server for the
vender-specific Lync Server DHCP options.
Using the Registrar DHCP Server and Static DNS
The DHCP server on the Registrar does not grant IP leases. Instead, it provides only the Web Services URL and Registrar fully qualified domain name (FQDN).
It is highly recommended that you deploy DHCP servers on the Registrar in subnets where computers running Lync Server are located. This is because they do not provide IP addresses but do provide the preceding DHCP options. Computers running Lync Server need these options available, so if using static DNS for Lync Server host machines, you must also deploy Lync DHCP and enterprise DHCP servers.
Using DHCP on the Registrar and Enterprise DHCP servers
DHCP server on the Registrar provides the Web Services URL and Registrar FQDN to clients. This is turned off by default, and can be enabled by running the following cmdlet in the Lync Server Management Shell:
set-CsRegistrarConfiguration –EnableDHCPServer $true
In addition, ensure that broadcast packets from the client can reach the DHCP server(s) on the Registrar. This may mean configuring DHCP relay agents to forward DHCP packets to DHCP servers on the Registrar.
Enterprise DHCP servers can also be configured to give out appropriate values to Lync devices. DHCPUtil.exe, a Lync Server tool, can assist in this.
Using DHCPUtil to Configure DHCP options
There are two types of DHCP servers that DHCPUtil.exe works with, Windows DHCP server, available in Windows Server, and the DHCP server on the Registrar.
Alternately, you can use any other DHCP server to configure the options needed in Lync Server, however DHCPUtil.exe does not work with these. You will need to use the management tools provided with the other DHCP server to configure these options.
DHCPUtil does the following:
- Generates the values for option 120 and 43.
- In addition to the DHCPConfigScript batch file, configures
Windows DHCP server with options 120 and 43.
- Tests DHCP server configuration.
- Cleans up configuration on Windows DHCP server that is related
to Lync Server.
Only the 64-bit version of DHCPUtil is included with Lync Server.
|To use DHCPUtil with a 32-bit version of DHCP Server, do the
To generate the values for Options 120 and 43, use the following syntax:
DHCPUtil –SipServer <FQDN of the Front End Server> [-WebServer <FQDN of the web server> | -CertProvUrl <URL of the certificate provisioning service>]
The following table explains the parameters and how they are used:
The FQDN of the main Director or main Front End pool in a particular site
This is used to generate the value of DHCP Option 120. If an enterprise has two sites, the United States and Singapore, then Option 120 for the United States needs to be the FQDN of the Director or Front End pool in the United States site; Option 120 for Singapore site will be set to the FQDN of the Director or Front End pool in Singapore.
The FQDN of the Web Server
This is used to calculate URL of the web server in DHCP Option 43 as follows: https://<fqdn>:443/CertProv/CertProvisioningService.svc
This is needed when the Lync Server web server is not collocated with either the main Director or within the Front End pool in a site.This might be due to a load balancer configuration where web traffic is load balanced differently to SIP traffic resulting in different FQDNs for the SIP and web servers. If this is not provided, the value for option 43 is calculated using the FQDN provided with –SipServer.
This parameter is optional, and is used only when SipServer is provided
The URL of the Lync Server Certificate Server
This parameter can be used instead of the WebServer parameter in order to specify the full URL of the Certificate Provisioning Web service. This can be useful when the calculation used in WebServer will not yield the correct URL.
This parameter is optional, and is used only when SipServer is provided.
Run as a client: sending a packet to the DHCP server and receiving the response
When this parameter is provided, DHCPUtil acts as a client, sending a packet to the DHCP server requesting the Lync Server options. This command cannot be run on the same machine as a DHCP server.
Run DHCPUtil with a script
When this option is specified DHCPUtil generates the values for option 120 and 43, and then passes the values to the configuration script.If “-RunConfigScript” is specified without any path, then DHCPConfigScript.bat is run from the same folder that DHCPUtil.exe is run from.If a valid file path is specified, then that file is run. This file can be anything – a script, or an executable.
Removes Lync Server options
This option removes options 43 and 120 on the local DHCP server. DHCPConfigScript.bat must be located in the same folder as DHCPUtil.exe.
For example, to set the SIP server and web server values, run the following command:
DHCPUtil.exe -SipServer sip.contoso.com -WebServer web. contoso.com
This produces the following output:
Sip Server FQDN: sip.contoso.com
To configure a DHCP server with appropriate values, do the following:
- Run DHCPUtil on the DHCP server using the '-RunConfigScript'
- Run the DHCPConfigScript batch file using the following
command:"DHCPConfigScript.bat" Configure MS-UC-Client
6874747073 7765622E6578616D706C652E636F6D 343433
The values input and set on the DHCP server are printed out, followed by the value for Option 120. Vendor Class Identifier refers to what is included in the request to the DHCP server. This is how a DHCP server knows to provide these options in a response and will always be MS-UC-Client.
Next, the sub options for Option 43 corresponding to the Lync Server vendor class ID are printed. These are in the format of a hex-encoded binary string which is what is expected by the DHCP server. They are:
- Identifier value which must be MS-UC-Client.
- URL scheme identifies which of HTTP or HTTPS is used.
- Web server FQDN is the value set for the web server.
- Web Server FQDN is the value set for the web server.
- Relative Path for Cert Prov is the relative path of the
Certificate Provisioning Web service.
Together, this are combined to give the full Certificate Provisioning Server URL: <url scheme>://<web server FQDN>:<port><relative path>