Reducing the media port range on an Office Communications Mediation Server

Posted on March 3rd, 2009 in Uncategorized by guy.shepperd

By default the number of ports the mediation server will use is 4000 in the range of 60,000 to 64,000.

This is to allow for 1,000 concurrent users. I had an issue opening up this many ports both udp/tcp.

Especially; if we are no where large enough to have 1,000 concurrent users on the system.


So I lowered ours settings down to 400 ports, range 60,000 to 60,400. This will allow for 100 concurrent calls. I then only have to open up 400 ports, much more acceptable by myself and our security team.

 

This option is set in the Graphical User interface, under:

Forest->mediation Server –FQDN (Mediation Server)

Right Click -> properties (you should see the screen below)

 


 

 

 

 

 

 

 

 

 

 

 

 

 

 

* As noted in the Media Port Range Server Allocation

For a Mediation Server, the port range must be at least four times the maximum number of concurrent calls that can be supported on the server (two ports for the RTP and RTCP traffic for audio multiplied by two because the Mediation Server is a back-to-back User Agent).

 

** As noted in the OCS_VOIP_Guide Pg 100

Important

The default range media port range enables the server to handle up to 1000 simultaneous calls. Reducing the port range greatly reduces server capacity and should be undertaken only for specific reasons by an administrator who is knowledgeable about media port requirements, and scenarios. For this reasons, altering the default port range is not generally recommended.


 

February Monthly Activity Report (MARS)

Posted on March 2nd, 2009 in Uncategorized by guy.shepperd

Exchange 2007 Deployment

This month we have started the Migration over to Exchange 2007. We built the infrastructure, have set the Best practices Options. We first moved over three people, and two resource accounts. This showed us some small issues that needed to be fixed. The first one that showed up was the lag the client was showing. This wasn’t a good thing, since we had 5 mailboxes on it, it was specked for 4,000 and it was showing almost an unusable latency. We diagramed the path, and we realized we were making 13 hops for each client, every time it made a connection to the Client Access Servers. We were able to eliminate half the hops by moving the Electronic Messaging AD site behind the same firewall as our load balancers.

The second issue that showed up was that the Free Busy for 2003 users wasn’t being replicated to the 2007 environment. This is still an open issue, and as more people move over to the 2007 environment it will grow exponentially.

We moved over 30 People to the 2007 environment, this is to allow us to be able to gauge any further issues. We even moved over to iMac people to help show any issues using Entourage. So far the main complaint has been the free busy. Next steps are to get the mail routing through the Hub Transport servers.

We did attempt a DR scenario, we were looking to have the ability to use Database portability, to help recover from a server crash. This was a great opportunity to see where we need to adjust our expectations. We also need to get DR stuff in one location to help facilitate the availability of those items. One of the biggest problems found out was that the media that had been burnt was not usable. It crashed at 99%, and not having a second physical copy or an ISO on my laptop pushed any recovery time out 45 minutes as I download the ISO again.

Office Communications Server Pilot

We went into a Production pilot; this is an Office Communications Server R1 installation. Once we moved into this environment, there was a need to move the Mediation Server, the SIP gateway and the Exchange Unified Messaging role. This would enable the pilot users to use Enterprise voice and voicemail. This installation will be scraped in April as we move forward with Office Communications Server R2 engagement with Enabling Technology.

With the move of the Electronic Messaging AD Site behind a different firewall gave us e the ability to tighten the firewall rules. Most issues that have been perceived have been a closed port on the firewall that before a catch all rule was enabling.