About Me

My photo
TsooRad is a blog for John Weber. John is a Skype for Business MVP (2015-2018) - before that, a Lync Server MVP (2010-2014). My day job is titled "Technical Lead, MS UC" - I work with an awesome group of people at CDW, LLC. I’ve been at this gig in one fashion or another since 1988 - starting with desktops (remember Z-248’s?) and now I am in Portland, Oregon. I focus on collaboration and infrastructure. This means Exchange of all flavors, Skype, LCS/OCS/Lync, Windows, business process, and learning new stuff. I have a variety of interests - some of which may rear their ugly head in this forum. I have a variety of certifications dating back to Novell CNE and working up through the Microsoft MCP stack to MCITP multiple times. FWIW, I am on my third career - ex-USMC, retired US Army. I have a fancy MBA. One of these days, I intend to start teaching. The opinions expressed on this blog are mine and mine alone.

2015/11/25

Avanu WebMux Review

Here is a new twist on an old friend.  The Avanu WebMux line of hardware load balancers has been around on the approved list since, IIRC, OCS 2007 R2.  Here is the ancient link to that listingThe Webmux is also on the Lync 2013 OIP listing.

Avanu offered to let me try out their hardware and virtual appliances; so naturally, I jumped at the opportunity. Avanu first sent me a piece of hardware, an A500XD, which I will not specifically make detailed comments about, other than these two semi-humorous notes.

  • OMG, I have a 747 in my office!  This thing needs to go into a server room, or at least away from me!
  • Power Supply out/failed tone.  The alarm will wake the dead.  Removing the failed/disconnected power supply turns off the zombie alert, leaving you with just the 747 taxiing out for takeoff.

The A500XD oozes build quality.  A very nice piece of gear from that perspective.  And wicked fast. But, I am living in a mostly virtualized world, so Avanu sent me their virtual appliance, which they assure me (and I verified) that the interface and operation aspects of the virtual match that of the physical hardware.  So the remainder of this short article will focus on the virtual appliance and how it might work with Skype for Business Server 2015 in your environment.  You can do some light reading on the Avanu Virtual WebMux here.

Network Environment

Here is what we are going to walk through:

image

Pretty simple, yes?  Even so, Avanu has provided their WebMux with a set of wizards that will do most of the work for us.  So, first, let’s step through the basic networking of the applicance to get it into the environment, and then we’ll take a look at the wizard for SfB to see how that functions.

After downloading my VMDX/VMX files, and opening them with vmware, we get our first look at the virtual appliance.

image

I sent a quick note to the fine folks at Avanu tech support over the size of the disk… seemed small to me.  But, this is correct.  Very small footprint.  Makes me wonder what the other vendors are doing that requires all that drive space. 

But wait, it gets better.  No DHCP support, so the WebMux comes up on static addresses…192.168.11.21 and 192.168.12.21 to be exact.  But which interface is which?  I learned more Linux figuring that out.  What you get in the vmware console is this:

image

Not exactly helpful for someone trying to figure out IP, eh wot?  But, in the best sysadmin tradition, I persevered.  It turns out that “ifconfig ethf0” and “ifconfig ethb0” gave me the existing IP (which are listed in the documentation)(but, which to paraphrase Alfred E. Newman, “What, me read?”) Ha!  For you intensely curious types, I  have vnet0 set to the 1.1.1.0 net and vnet7 set to the 10.10.10.0 net, and those are set to the first two virtual NICs for the WebMux vmx…

image

and

image

All of that got me to the web-based UI, so that humans (not to be confused with Linux admins) can configure the WebMux.  There is a CLI available that can whip the WebMux into shape, but dang, I am Mr. Visual.  So, we got to the GUI.

Basic Setup

image

You may note that I took this screen cap after I set the IP up to match the actual network.  And oh yes, you will need to educate yourself on the various network choices and their definitions.  You mean you did not read the link up above?  Here it is again but focused this time on the “Arms and Architecture” section.  If you are following along (and reading the (*&%$ doc) note that the “two-armed server LAN NAT” selection REQUIRES you to have the WebMux be the GW for the farm real servers.  Note down below that I chose 1.1.1.2 for this – not a real address for anything else on my net, and one that the WebMux can float between HA instances if need be.  But, if your first efforts fail, remember that I told you to set the real server gateway to the WebMux impersonated IP.  I will wait whilst you digest that statement.

OK, so we need to choose “two-armed server LAN NAT” – got it.  And all the rest should be fairly obvious; well, it was to me.

image

With that out of the way, and after the reboot, let’s take a swing at the aforementioned wizard configuration.

SfB Wizard Configuration

image

I am going to choose the “Skype for Business” option..

image

This is so easy, even *I* got it right the first time…but here goes.

image

On to Step 2…

image

Step 3…

image

Step 4…I am a solo, no HA…so it looks like this:

image

Step 5…

image

Step 6… I don’t use the Monitoring Port, so I will use the default…

image

Step 7… Submit the configuration.  Yes, part of this will simply duplicate my network configuration work, but if you don’t get access to the WebMux in the first place, then you could not have gotten to this wizard unless you went through the “change the IP on a workstation” bit… chicken and egg scenario, but that is what we have to work with!

image

oh my, it’s rebooting!

image

And here we are:

image

Pretty slick.  If this meets your needs because your firewall is doing all the port redirects for you, then perfect. But what about the aspects of internal versus external?  I just did the external…and I need the 443 farm to be on the 1.1.1.0 network and the external to come in on 443 and attach to the real servers on 4443.

Looks like the wizard might not be what we want, eh?  So we’ll have to do this manually!  Oh joy.  Luckily, this turns out to be dirt simple.

Manual Setup for SfB Basic Stuff using Two Nets

First, I blew off what the wizard put in for me.  I did not like it, and it only did my external stuff.  When I tried to run it again for the internal, I got only internal.  The reason seems pretty simple; the wizard appears to be doing the entire WebMux configuration and once things are in place, running the wizard again appears to re-configure.  Ooops!  Well, no matter, I want more control anyway.  And specifically, 90%+ of my workings will have an external facing subnet and an internal facing subnet, with certificates in both directions, so I need to know how to do this thing manually anyway.  And then wata-shi-wa get’s to be in control.  I am all about control  My SO says TOO controlling, but I let her go shopping every third month, so I think she is over-reacting.  Adelante!

Here is what I ended up with and working as expected:

image

A regex note

To do content redirects, you will need to get some content rules.  Here is where things get a little different – just like all developers everywhere, “they” followed a different “standard” so things look a bit “off” from what I am used to.

You want to do a host name filter you should use the "layer 7 host MIME header perl regex match" field since the host name requested by the browser is in the host MIME header of the HTTPS request.  The URI regex match field is for matching strings following the host name portion which you don't need in this case.

An example of a match pattern to allows all hosts in a specific domain would be: ^.*testing\.com$

That will allow all hosts for the domain "testing.com" to pass through that farm.

While putting together the virtual servers, keep this in mind: 

  • Each IP/Port combination must have it’s own virtual server.
  • Real servers MUST have their gateway set to the core IP of the WebMux
  • WebMux must be in Two-Arm NAT mode
  • When adding a farm, choose “service: generic no health check (TCP)”
  • The farm gets the core port, the real server gets the tranlated port (443 –> 4443 in the case of SfB)
  • If you want to do SSL other than a straight pass-through, you will need to remember that WebMux is a linux box, and it acts like one.  Holy moly!  To get your cert up into the WebMux is going to be pulling teeth.  I suggest you call them – the most excellent support folks up in WebMux-land were very helpful – and will do all the work for you if you wish.  You can read up on it here: http://avanu.com/webmux_ssl_certificate/ 

Conclusions

The WebMux, even in virtual living on my strapped-for-resources lab, was wicked fast.  Really excellent throughput and admin response.  The linux-based certificate goat-rope exercise was a royal PITA; but the Avanu folks are very helpful with working it through.  The WebMux is very granular.  Planning before jumping off the cliff is strongly recommended.  Did I mention the WebMux is wicked fast?

YMMV

2015/11/22

Kuando BusyLight Omega

Reference: 

It turns out that Kuando Busylight has a new version, a new look, new software, and one showed up at my door to greet me the other day.  Very nice to get toys with which to play.  Even better when I can say “Skype for Business” during the review – sort of ties my life together, eh?

image

The official name for this nifty piece of kit is Kuando Busylight UC Omega.  Dang.  Long name for a small thing.  But this small thing does a big job!  For those office environments where your co-workers are always walking up and yakking at you or interrupting you whilst you are already in a call, this device will visually keep those nearby to you, and maybe even into the next county, alerted to your status.

Just in case your browser doesn’t work so well, here is the official list of features:

image

I use all features except 6 and 7.  I don’t use 6 because I be an Amerikan and only need Englais.  #7 is unused because I have full admin control of this laptop and have no need to push settings to client machines. But, nice to know it can be done.

Hardware

The only bad news is that what I got here is not quite available…yet.  But to whet your appetite just a smidge, here is a nifty screen cap of the unit in question.

image

Notice the new shape.  The whole thing lights up.  Well, not the whole thing, but the white-ish parts certainly do.  And bright.  So bright my humble cell phone camera cannot handle the colors.  To demonstrate, here is “DND” and “Available.”  In person, green is a nice bright hue and the DnD purple is extremely visible. But, you can see the color reflecting on the laptop.

image

image

SfB Features

Ring tones (that work), lights that alert (and are visible), and while the toast in SfB is visible, the BusyLight’s visibility is a much better experience.  Kuando also has a few enhanced features:  BUSY ON BUSY (woo hoo!)(finally), and missed call notification.  Short of posting video, there is no way to show this feature.  But, the BusyLight pulses blue to indicate a missed call or IM.  So, if you have your presence set to BUSY (red), then the BusyLight will pulse blue every few seconds to show a missed conversation.  In the last two weeks, this feature alone has saved my beau-tocks at least twice.

Software

All this goodness does create a need for a software driver so that the BusyLight can do its’ stuff.  A quick download, followed by an easy install, and you are up and running.  Here is the software download.

After install, you have an icon in the system tray area:

image

Here are the menu options. As you might expect, the “sound” options are different ring tones and well, duh, the volume.  Bear in mind that this is for the BusyLight and does not affect the actual Lync/SfB application.

image

The “Colour” (note the EMEA spelling) controls the color of the Busylight.  And the BusyLight is intense enough that when you have “Busy in a a call” red pulsing away, it catches the eye - your cube buddies will definitely see it.  The remainder of the presence colors (note the Amerikan spelling) follow the Lync/SfB client presence colors.

image

“Notifications” is where I really like the improvements.  If the intense color, loud audio alert, and the flashing are not good enough for you, here is the compelling piece.

image

The BusyLight will tell you if you miss a conversation.  I have missed IM set to just flash.  But you can get audio also.  The “Missed conversation” is the part that flashes your presence indicator with a blue blinker if you miss something.  So nice for those of us who are head down and concentrating on multiple screens and just miss the toast.  Or, in my case, maybe you stepped out for some coffee.  Returning to my desk I can see the BusyLight flashing a miss.  Sold.

Last, but certainly not least, and another compelling purchase reason, Busy on Busy (BoB).

image

BoB is on or off.  Here it shows enabled.  My only complaint is that this thing is so good, I had to go into my call forwarding settings (on the SfB client) and increase the delay time (to 30 seconds) so that I have a chance of getting to the answer button before the BusyLight caused the incoming second call to divert to VM.  Note that you can also set custom hot keys for dial and answer.  Sweet.

image

Conclusions

I am not giving my new BusyLight Omega to anyone.  It is MINE.  You can go here http://www.busylight.com/busylight-omega and get your very own.  At some point (hopefully very soon) the various vendors will have them too.

YMMV

What Vacation Taught me

I took vacation this year; a formal thing with travel, schedule coordination, planned activities, and days full of interacting with others. ...