Topic Last Modified: 2014-04-08

The Domain Name System (DNS) records that will be required for defining a federation with Office Communications Server or Lync Server partners is determined by your decision to either allow automatic DNS discovery of your domain by other perspective partners. If you publish the _sipfederationtls._tcp. <SIP domain name> SRV record, any other SIP federated domain will be able to “discover” your federation. You can control which federated domains can communicate with you by using the Allows domains and Blocked Domains settings in the Lync Server Control Panel, or by setting the allowed or blocked domains configuration using the Lync Server Management Shell and the Get, Set, New, Remove-CsAllowedDomain and -CsBlockedDomain PowerShell cmdlets. For additional information on how to configure theses settings and the use of the PowerShell cmdlets, see Related Topics at the end of this topic.

The DNS records summary table depicts the required entries for an open, or discoverable, federation. If you do not want to implement Federation Discovery, You can decide to not configure the _sipfederationtls._tcp. <SIP domain name> record.

Important:
There are specific scenarios in which you must have the _sipfederationtls._tcp. <SIP domain name> SRV record, but you do not want to have a discoverable federation. One such instance is where you have deployed mobility for your users. The mobility push notification clearinghouse (PNCH) is a special type of federation that is used for Microsoft Lync Mobile clients on Apple iPhone or iPad using the Lync 2010 Mobile client or Windows Phone using the Lync 2010 Mobile or Lync 2013 Mobile clients. The _sipfederationtls._tcp. <SIP domain name> SRV record is used in the case of mobility and push notification. To mitigate this issue and control your discoverability, clear the setting Enable partner domain discovery to turn off discovery.

To configure extensible messaging and presence protocol (XMPP) for your deployment, you create two domain name system (DNS) records in an external DNS server that will resolve the records to the Access Edge service of your Edge Server or Edge pool.

When you configure domain name system (DNS) for public instant messaging connectivity, you will find that the configuration that supports external users will support public IM connectivity. If you have already configured your Edge Server or Edge pool, you should have the DNS records necessary to support public IM connectivity.

DNS Summary - SIP Federation

Location/TYPE/Port FQDN IP address/FQDN host record Maps to/Comments

External DNS/SRV/5061

_sipfederationtls._tcp.contoso.com

sip.contoso.com

Access Edge service external interface Required for automatic DNS discovery of your federation to other potential federation partners, and is known as “Allowed SIP Domains” (called enhanced federation in previous releases).Repeat as necessary for all SIP domains with Lync enabled users

Important:
This SRV record is required for mobility and the push notification clearing house. In cases where there is more than one SIP domain, create and publish an SRV record for each domain that will have Lync Mobile clients. The Push Notification Service and Apple Push Notification service may not operate as expected if there is not an explicit SRV record for each SIP domain that the deployment supports.

DNS Summary - Extensible Messaging and Presence Protocol (XMPP)

Location/TYPE/Port FQDN IP address/FQDN host record Maps to/Comments

External DNS/SRV/5269

_xmpp-server._tcp.contoso.com

xmpp.contoso.com

XMPP proxy external interface on the Access Edge service or Edge pool.Repeat as necessary for all internal SIP domains with Lync enabled users where contact with XMPP contacts is allowed through the configuration of the External Access Policy through a global policy, site policy where the user is located, or user policy applied to the Lync-enabled user. An allowed XMPP domain must also be configured in the XMPP Federated Partners policy. See topics in See Also for additional details

External DNS/A

xmpp.contoso.com (for example)

IP address of Access Edge service on your Edge Server or Edge pool hosting XMPP proxy

Points to the Access Edge service or Edge pool that hosts the XMPP proxy service. Typically, the SRV record that you create will point to this host (A or AAAA) record

DNS Summary – Public Instant Messaging Connectivity

Location/TYPE/Port FQDN/DNS Record IP Address/FQDN Maps to/Comments

External DNS/A

sip.contoso.com

Access Edge service interface

Access Edge service external interface (Contoso). Repeat as necessary for all SIP domains with Lync enabled users.

See Also