locked
Edge Server to Front End communications RRS feed

  • Question

  • i've run into a bit of a problem...i'm load balancing a group of front end servers and edge servers, the IM and AV interfaces work fine, but the Web Conf interface is not...

    the firewall is open (as evidenced by telnet sessions to port 5061 to both the VIP and Real addresses of the Edge servers).  However, i continue to get an error concerning the server not being available when i launch the client to IM.<FQDN>....DNS is resolving to correct address.  The load balancer logs show a connection to the server, and then a TCP reset and then nothing...of course, i get a TCP reset when i successfully telnet to the server on 5061 also, once the session ends.) 

    Its almost like the server is dropping the connection.

    the only thing i can glean from the logs is possibly a certificate issue...has a single entry referring to invalid certificate..

    I'm afraid i dont have the log entries to post right this minute, but if anyone has any thoughts, I'd appreciate a response.

    thanks.

    bruce
    Thursday, November 5, 2009 3:54 AM

All replies

  • Where do you have load balancers configured and are you using pools for both the FE and Edge?  Basically, are you connecting a FE pool with a single consolidated Edge or a FE pool with an Edge pool using 2 HLBs (or 1 HLB configured for both tasks on different network segments)?

    Is the firewall configured to only allow communications between the HLB VIPs?  There are certain scenarios in which an individual Front-End server will communicate with the Edge server(s) using the FE server's own IP address as the source IP and not route through the HLB.


    Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS
    Thursday, November 5, 2009 12:51 PM
    Moderator
  • I made the experience that the health check of the load balancer is killing the Web Conf Edge Server. Every health check to the Web Conf Edge Server IP (TCP Port 443) produces a TCP connection in the CLOSE_WAIT state (see netstat -an) on the server. After a while all resources seem to be consumed and the server answers with RST packet to every SYN packet coming from the load balancer. Only restarting the Web Conf Edge Service removes all the CLOSE_WAIT connections. This only occurs on the Web Conf Edge. The Access Edge and AV Edge correctly close the health check TCP sessions of the load balancer. OS is Windows 2008 SP2 and OCS is 2007 R2.
    Friday, November 6, 2009 8:17 AM
  • Hi
    Any update for your issue?

    Regards!
    Tuesday, November 10, 2009 8:35 AM
    Moderator