Topic Last Modified: 2011-01-04

This section describes the hardware, port, Domain Name System (DNS), Dynamic Host Configuration Protocol (DHCP), and security configurations that must be in place before you deploy IP phones. These requirements are in addition to the required components described in Required Lync Server 2010 Components for Devices in the Planning documentation.

Note:
Review the manufacturer’s data sheet for the devices that you are deploying to learn about additional requirements.

Hardware Requirements

IP phones running Microsoft Lync 2010 Phone Edition support Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED) and Power over Ethernet (PoE). To take advantage of LLDP-MED, the switch must support IEEE802.1AB and ANSI/TIA-1057. To take advantage of PoE, the switch must support PoE802.3AF or 802.3at.

To enable LLDP-MED, the administrator must enable LLDP by using the switch console window and set the LLDP-MED network policy with the correct voice VLAN ID.

Important:
You can configure the switch for Enhanced 9-1-1 (E9-1-1), if the switch supports this.

Port Requirements

IP phones use port 443 for the Device Update Web service.

DNS Requirements

IP phones require certain DNS records. The following table describes the records that you must create and publish to a DNS service, within the corporate network, if you are deploying IP phones. The following table provides details about the DNS records that are required for external IP phones.

DNS Records for External Devices

Type Value Note

A

Fully qualified domain names (FQDNs) for the pool(s) hosting the Registrars

The new Microsoft Lync Server 2010 DNS load balancing feature requires you to specify the server FQDN and the pool FQDN, using the same IP address, for each server in the pool and to create A records for all pools that contain a Registrar.

For example: RegistrarServerOneInPool.<SIP domain>: 1.2.3.4, RegistrarPool.<SIP domain>: 1.2.3.4, RegistrarServerTwoInPool.<SIP domain>: 1.2.3.5, and RegistrarPool.<SIP domain>: 1.2. 3.5.

If you are using hardware load balancing, just specify A records for each pool that contains a Registrar. Allows external devices to connect by using SIP over TLS to the Registrar internally.

SRV

_sipinternal._tcp.<SIP domain>

_sipinternaltls._tcp.<SIP domain>

Specifies the two SIP FQDNs for internal routing, one for communications over TCP, and one for TCP communications that use TLS.

A

ucupdates-r2.<SIP domain>

Specifies the Web Services portion of the Device Update Web service URL. The device appends “:443/RequestHandler/ucdevice.upx”. Make sure the hardware load balancer translates external requests to use “:443/RequestHandler/ucdevice.upx.” The external port is 443.

Note:
If the pool is already deployed, you can get this information from Lync Server Control Panel on the Topology page by viewing the Edge Server properties.

DHCP Requirements

IP phones require the Web Services URL and Registrar FQDN from the DHCP server, for connectivity. To make sure that the DHCP server can provide IP phones with the appropriate information, refer to the guidelines described in System and Infrastructure Requirements for Devices in the Planning documentation.

Security Requirements

If you are allowing external access for IP phones, a public key infrastructure (PKI) infrastructure must be in place, and devices must have a valid Lync Server 2010 certificate, which they obtain when they log on and is issued from a public certification authority (CA) (recommended) or a private CA. This allows the devices to connect to the Device Update Web service from outside the intranet. For details, see Certificate Infrastructure Requirements in the Planning documentation.

Edge Server Requirements

If you’re allowing external access for IP phones, deploy Edge Servers by following the instructions in Deploying Edge Servers in the Deployment documentation. However, during the setup process described in Set Up Network Interfaces for Edge Servers in the Deployment documentation, use the following configuration information to enable external access to the Device Update Web service:

  • In the Configure a Reverse Proxy step, configure the reverse HTTP proxy to use the Device Update Web service virtual directory https://<external Server FQDN>:443 for the external URL for Web Services and the Device Update Web service.

  • In the Configure DNS step, use the information in the following table.

    DNS Records for External Devices

    Type Value Note

    SRV

    Edge Server:_sipexternal._tls.<SIP domain>, and _sipexternaltls.<SIP domain>

    Allows external devices to connect by using SIP over TLS to the Registrar internally.

    A

    Reverse proxy FQDN:<server name>.<SIP domain>

    Allows external devices to connect by using TLS over HTTP to the Device Update Web service.

    Note:
    If the Edge Server is already deployed, you can get this information from Lync Server Control Panel on the Topology page by viewing the Edge Server properties.