温馨提示×

温馨提示×

您好,登录后才能下订单哦!

密码登录×
登录注册×
其他方式登录
点击 登录注册 即表示同意《亿速云用户服务条款》

SFB 项目经验-30-SFB与SFB联盟-IM-正常-状态-不正常

发布时间:2020-04-06 08:53:00 来源:网络 阅读:1388 作者:CTO_LiuJinFeng 栏目:建站服务器

 

现状:

A环境:

Skype for Business Server 2015,前端服务器、持久聊天服务器、边缘服务器。

与MSN、Skype、O365联盟,IM、音频和视频正常。

A与B联盟,A能看B的状态,能发消息给B,B能有回消息,看不到A的 状态。

B环境:

Skype for Business Server 2015,前端服务器、持久聊天服务器、边缘服务器。

与MSN、Skype、O365联盟,IM、音频和视频不正常。

A与B联盟,A能看B的状态,能发消息给B,B能有回消息,看不到A的 状态。

问题:

Skype for Business Server 2015,前端服务器、持久聊天服务器、边缘服务器。

与MSN、Skype、O365联盟,IM、音频和视频不正常。

A与B联盟,A能看B的状态,能发消息给B,B能有回消息,看不到A的 状态。

解决方案:

1. 增加C环境

2. 测试C环境与A、B

3. 发现A与C正常

4. 发现A与B不正常

5. 发现C与B不正常

6. 发现A与B,C与B,问题一样

A与B联盟,A能看B的状态,能发消息给B,B能有回消息,看不到A的 状态。

C与B联盟,C能看B的状态,能发消息给B,B能有回消息,看不到C的 状态。

问题出在B上, 检查B上设置。同。

SFB 项目经验-30-SFB与SFB联盟-IM-正常-状态-不正常

SFB 项目经验-30-SFB与SFB联盟-IM-正常-状态-不正常

SFB 项目经验-30-SFB与SFB联盟-IM-正常-状态-不正常

TL_INFO(TF_PROTOCOL) [Pool\SkypeSrv15-IP06]0C4C.BDDC::01/21/2017-05:12:54.578.0002B968 (SIPStack,SIPAdminLog::ProtocolRecord::Flush:ProtocolRecord.cpp(261)) [2166602313] Trace-Correlation-Id: 2166602313
Instance-Id: 5D2
Direction: outgoing
Peer: 192.168.1.6:51425
Message-Type: response
Start-Line: SIP/2.0 504 Server time-out
From: "............03-(...............)-OA"<sip:sales03@contoso.com>;tag=c5a4c97016;epid=2c401f2a22
To: <sip:sfbdemo01@i-x-cloud.com>;tag=345733AABF1549BBA3E4E1E2A5406FD1
Call-ID: 7e9210ed5ff044438925c226a4f2f7ea
CSeq: 1 SUBSCRIBE
Via: SIP/2.0/TLS 192.168.1.6:51425;ms-received-port=51425;ms-received-cid=100
Content-Length: 0
ms-diagnostics: 1008;reason="Unable to resolve DNS SRV record";domain="contoso.com";dns-srv-result="NegativeResult";dns-source="InternalCache";source="sip.contoso.com"
Authentication-Info: TLS-DSK qop="auth", opaque="4556B265", srand="B338FE87", snum="81", rspauth="383e05e98238d9c67c9e3829b0cd41a94a62632e", targetname="SkypeSrv15-IP06.contoso.local", realm="SIP Communications Service", version=4
Server: RTC/6.0

$$end_record

TL_INFO(TF_PROTOCOL) [Pool\SkypeSrv15-IP06]0C4C.BDDC::01/21/2017-05:12:54.578.0002B960 (SIPStack,SIPAdminLog::ProtocolRecord::Flush:ProtocolRecord.cpp(261)) [2166602313]

Trace-Correlation-Id: 2166602313

Instance-Id: 5D2

Direction: incoming

Peer: EdgePool01.contoso.local:5061

Message-Type: response

Start-Line: SIP/2.0 504 Server time-out

From: "............03-(...............)-OA"<sip:sales03@contoso.com>;tag=c5a4c97016;epid=2c401f2a22

To: <sip:sfbdemo01@i-x-cloud.com>;tag=345733AABF1549BBA3E4E1E2A5406FD1

Call-ID: 7e9210ed5ff044438925c226a4f2f7ea

CSeq: 1 SUBSCRIBE

Via: SIP/2.0/TLS 192.168.1.6:52981;branch=z9hG4bKD2246EB8.5F7C6012EE61B306;branched=FALSE;ms-received-port=52981;ms-received-cid=4500

Via: SIP/2.0/TLS 192.168.1.6:51425;ms-received-port=51425;ms-received-cid=100

Content-Length: 0

ms-diagnostics: 1008;reason="Unable to resolve DNS SRV record";domain="contoso.com";dns-srv-result="NegativeResult";dns-source="InternalCache";source="sip.contoso.com"

ms-edge-proxy-message-trust: ms-source-type=EdgeProxyGenerated;ms-ep-fqdn=EdgePool01.contoso.local;ms-source-verified-user=verified

Server: RTC/6.0

$$end_record

从以上可以看出,DNS的SRV记录有问题,但:

内部与外部域名一致的时候,与其它SFB联盟,只需要公网上面新建SRV记录才可以。

目前环境,SFB的内部域名,外部域名不一致,这与其它公司的SFB联盟就报上面的问题。

通过查询了好多文档,结果终于找到一个可以参考的。

No Presence for Fedrated partners – Event ID 11

https://ucsorted.com/2016/06/08/no-presence-for-fedrated-partners/

SFB 项目经验-30-SFB与SFB联盟-IM-正常-状态-不正常

内部SRV:

SFB 项目经验-30-SFB与SFB联盟-IM-正常-状态-不正常

SFB 项目经验-30-SFB与SFB联盟-IM-正常-状态-不正常

SFB 项目经验-30-SFB与SFB联盟-IM-正常-状态-不正常

在内部要为公网的联盟新建SRV记录,才可以!

内外域名不同的SFB环境与其它企业的SFB环境联盟:

SFB 项目经验-30-SFB与SFB联盟-IM-正常-状态-不正常

内外域名不同的SFB环境与其它企业的o365联盟:

SFB 项目经验-30-SFB与SFB联盟-IM-正常-状态-不正常

完成!!!

No Presence for Fedrated partners – Event ID 11

Posted on 08/06/2016 by Paul B

i

1 Vote

Problem

Came across a deployment with the following 2 issues:-

1. federated partners were showing up as presence unknown

2. unable to call voicemail (hosted in O365)

When trying to send messages to these “unknown” federated partners I got “This message wasn’t sent due to company policy”.

So why did I try to message a contact with a presence status of “unknown? Simply because the federated contact could see my users presence and send me IM’s, I was even able to respond to these IM’s although the presence was still “unknown”.

SFB 项目经验-30-SFB与SFB联盟-IM-正常-状态-不正常

Troubleshooting

A quick look at the client side logs revealed an error in the presence Subscribe message

CSeq: 1 SUBSCRIBE
Via: SIP/2.0/TLS 172.11.12.13:24164;ms-received-port=24164;ms-received-cid=FC9300
ms-diagnostics: 1008;reason=”Unable to resolve DNS SRV record“;domain=”ucsorted.com”;dns-srv-result=”NegativeResult”;dns-source=”InternalCache”;source=”access.ucsorted.com”
Server: RTC/6.0
Content-Length: 0

Taking a look at the users (client side) local event log I found the same error.

SFB 项目经验-30-SFB与SFB联盟-IM-正常-状态-不正常

Event ID 11
A SIP request made by Lync failed in an unexpected manner (status code 80ef01f8).

Response Data
504  Server time-out
ms-diagnostics:  1008;reason=”Unable to resolve DNS SRV record“;domain=”ucsorted.com”;dns-srv-result=”NegativeResult”;dns-source=”InternalCache”;source=”access.ucsorted.com”;OriginalPresenceState=”0″;CurrentPresenceState=”0″;MeInsideUser=”No”;ConversationInitiatedBy=”6″;SourceNetwork=”5″;RemotePartyCanDoIM=”Yes”

Clearly there is some issue with either the federation SRV record or resolving the federation SRV record.

Checking the SRV record from the Edge server I can see that this record is not found. Checking the DNS for the Edge server I noticed that the interfaces are pointing to the internal DNS servers.

Solution

We have 2 options here:-

1. Configure the Edge Server to point to a public (external) DNS server where the SRV record for _sipfederationtls._tcp.domain.com is valid (frowned upon by some security folks)

2. Add the SRV record for _sipfederationtls._tcp.domain.com to the internal DNS, making sure that the target FQDN is the Public Access FQDN of the Edge Server.

NOTE

Here is a little reason why you may want to avoid using the common sip.domain.com DNS name for your Edge Servers Access FQDN (only..). Internally the sip.domain.com record was generally configured to resolve to the front end pools, if we now need an internal SRV record for _sipfederationtls._tcp.domain.com then targeting this to sip.domain.com will simply get to the Front End Pool and not to the Federation point at the Access Edge FQDN.

********************************************

广告:

********************************************

×××以下IT服务:

A. 项目

Lync Server 2013项目规划、部署、运维、排错。

Skype for Business Server 2015项目规划、部署、运维、排错。

大企业云桌面部署规划、部署、运维、排错。

小微型企业的Cisco UC项目规划、部署、运维、排错。

小微型企业的IT规划、部署、运维、排错。

B. 培训

/《Skype for Business 2015 项目实战》

/ 《跟菜鸟学Cisco UC部署实战》

/ 《大企业云桌面部署实战》

《跟菜鸟学Cisco UC部署实战》-上线了(线下培训班开班,见百度云)

http://dynamic.blog.51cto.com/711418/1834588

C. 费用

欢迎沟通,咨询。

D. 联系方式

咨询QQ: 3313395633

向AI问一下细节

免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。

AI