Friday, January 6, 2012

Lync Edge Server Static Routes

If you're following the Technet articles on how to setup your edge server, you will eventually get to the point where you have to setup your NICs on your edge server.  According to the Set Up Network Interfaces for Edge Servers page:, you should set the default gateway on the external interface, but not the internal. The guide then helpfully tells you to....
Create persistent static routes on the internal interface to all internal networks where clients, Lync Server 2010, and Exchange Unified Messaging (UM) servers reside.
If you're not a Windows networking expert, this might stump you a bit.  Doing some searches might help, but here's a simple way to ensure that all internal networks are covered, even if you aren't aware of exactly which ones are in use.  This can easily happen if you're a consultant doing a Lync deployment for a large, multi-site company.

There are 3 well-known IP subnets that are reserved for internal use.  Any networking person can tell you what they are, and should be using these for their internal corporate network.  If not, then I would recommend running away.  The 3 well-known subnets are 10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16.

I typically add static routes for all 3 subnets even if they aren't all in use.  This will future-proof your deployment  in case the company adds or changes their subnetting scheme.  To add these static routes on the internal interface of your edge server, do the following:
  1. Using the Network Connections interface, make sure your NICs have descriptive names that make sense (Ie. Internal and External)
  2. Open a command prompt in Administrative Mode on the edge server.
  3. Make sure you know what the internal default gateway should be.  In this example, we will use 192.168.100.1
  4. Type the following commands in the command window:
netsh interface ipv4 add route 10.0.0.0/8 "Internal" 192.168.100.1
netsh interface ipv4 add route 172.16.0.0/12 "Internal" 192.168.100.1
netsh interface ipv4 add route 192.168.0.0/16 "Internal" 192.168.100.1
When you do a netsh interface ipv4 show route, you should see the new routes show up at the bottom of the list.  If you make a mistake, you can delete a route by using the same command above, and replace add with delete.  Now,  your Lync edge server should be able to route to any internal address, both now and in the future.

UPDATE:  Apparently, I'm part Amish, and I was using ROUTE ADD instead of the updated netsh commands shown above.  Thanks to @twharrington on Twitter for pointing out the error to this ol' timer.  I'M DOIN' IT OLD SKOOL!