Update: Microsoft Lync Server 2010 Protocol Workloads Poster

The Microsoft Lync Server 2010 communications software protocol workloads poster shows the protocols that are used by each workload in Lync Server 2010, describing relationships, dependencies, the servers that initiate connections, and certificate requirements. This poster provides a snapshot of the network connections between server roles. You can download this poster from hereThe latest update is version 5.12. This version adds details to the Enterprise Voice workload quadrant based on feedback from Lync experts.

NOTE   Microsoft Lync Server 2010 Protocol Workloads Poster version 5.15 is now available here.

Author: Rui Maximo

Publication date: November 2010

Revision date: June 6, 2012

Product version: Microsoft Lync Server 2010


The Microsoft Lync Server 2010 Protocol Workloads Poster is an update of the Office Communications Server 2007 R2 protocol poster, which was released in 2009 and is still available. So many customers and professionals liked it and found it useful that they requested I update it for Lync Server 2010. Encouraged by the positive feedback, I made it a priority to release an updated poster for Lync Server.

Since the initial release early the week of November 15, 2010, customers and UC professionals sent in e-mails with positive comments and valuable feedback regarding inaccuracies and enhancements. Providing accurate information is important—every effort is made to quickly update the poster so that erroneous information isn’t disseminated.

To help you track the latest update of the poster, you’ll notice a version number in the upper-left corner of the poster. The current and latest update is marked as version 5.12. This version updates adds more detailed traffic information to the Enterprise Voice workload based on feedback from Richard Pasztor and Thomas Binder.

As the “guardian” of this poster, I’m committed to keeping the poster updated. You can download the poster from here. Hope you like it!

View this poster at Zoom.IT.


Isn't eye-candy enough to serve as a purpose? You can print it and hang it in your office. Co-workers passing by will immediately be impressed by your technical prowess, and your manager will suddenly, to your surprise, give you a raise. We've heard customer stories reporting unexpected good luck coming their way. So, go ahead and plaster this protocol poster on your wall, and let the goodwill shower down on you.

In addition to good fortune, this poster provides an understanding of the protocols and ports used for each workload. By isolating the protocols for each media, you can gain a better understanding of how Lync Server works. This deeper understanding can help you troubleshoot problems with a specific media in your Lync Server deployment.

Because certificate configuration can be confusing, this poster also details which settings to define in the server certificate request. If you don't find these settings defined in the certificate issued, it is an indication that the server certificate wasn't properly requested from the certification authority (CA).

Domain Name System (DNS) is a configuration step that can often be missed and is prone to misconfiguration, particularly for Edge servers. The poster lists the DNS configurations that are needed for Lync Server.

Last, but not least, this poster has useful links to where you can obtain additional resources, such as articles, the Microsoft Office Communications Server 2007 R2 Resource Kit book, product documentation, and useful tools. You'll notice a Microsoft Tag. Take a picture with your mobile phone, and the picture will automatically resolve the embedded URL to NextHop. Here you'll find lots of useful technical articles and a community of like-minded technical professionals, such as yourself. The Microsoft Tag application must be installed on your phone. If you're not familiar with Microsoft Tag, you can get more information at http://microsoft.com/tag.


The Microsoft Lync Server 2010 Protocol Workloads Poster summarizes the protocols, ports, and certificate and DNS requirements for each workload in Lync Server. Having a visual snapshot of how the product works can be useful. If you would like to provide feedback, you can reach me at rui@maximo.ws.

Stay tuned for Microsoft Lync Server 2010 Firewall Poster to be released. I've heard that many customers (that's you, yes, you) would like to have it. Please check back on NextHop or follow DrRez on Twitter for an announcement of when it will be published.

Lync Server 2010 Resources

We Want to Hear from You

Keywords: Enterprise Voice; IM; presence; conferencing; application sharing; CAC; certificate; central management store; Edge Server; Mediation Server; Exchange UM; Mobility Server; Monitoring Server; Group Chat Server; Director; XMPP gateway; sip; rtp; srtp; stun; turn; psom; https; mtls; tls; dns;

Comments (28)

  1. Anonymous says:

    I would also like to see a Lync Online/Office 365 version of this poster when using both Lync 2010 and 2013 clients.

  2. Anonymous says:

    Nice poster 🙂

    I have one question:

    Why would you have e SAN entry on the public cert called sip.<domain> when you do not have sip.<domain> in public DNS?


  3. Thank you folks for your comments (soder, AJ, lync fans, Lync hater).

    Although this is not the forum for general Lync issues, we do read, evaluate, and take appropriate action on all comments as best we can. However, the correct avenue for issues is the Lync Forums at social.technet.microsoft.com/…/ocs. The forums are resourced with Microsoft Support folks who will do their very best to assist you.

    Thank you for considering NextHop a trusted source of information on Lync Server.

  4. Anonymous says:


    Do you know where I can download a PDF workflow for Lync Online with Office 365? In fact, I would like an Exchange Online, Lync Online, and SharePoint workflow. How can I get that? I want to print it out and frame it in my office.

  5. Anonymous says:

    Nice poster.

    2 questions about it:

    1] on the A/V and Web Conferencing Work load. There is a 'C' on the external clients what type of client is it repsenting?

    2] I saw a few "old" MOC icons on some of the workloads. It this to demostrate interop between the MOC client and Lync?

    Also great Lync event today.

  6. Thanks Jon! 🙂 The latest version of the poster is on it's way, with these issues resolved. Should be live shortly.

  7. Great Resource says:

    I especially like being able to zoom in and out and get a nice feel for the overall picture as well as the details.

  8. Rui Maximo says:

    hi Martin,

    Thanks for your feedback. You have a keen eye. The lack of a public DNS A record for sip.<sip-domain> is an omission. I've corrected that in the next version (to be released at a future date). Good catch!

  9. Joe Straining says:

    Any information/graphics on the Lync Mobile Client connectivity?  

  10. Rui Maximo says:

    hi Joe,

    Information regarding the Lync Mobile client connectivity will be added shortly after that's released. Once I have more information about it. There's a good possibility that I'll create a separate poster for it given the complexity and lack of space available in the current protocol poster.

    Thanks for your inquiry. Keep checking back regularly for updates or follow Dr.Rez's tweets (http://www.twitter.com/DrRez). He's really good at keeping a pulse on what's happening in Lync and broadcasting it. I'm about to release version 5.9 of the protocol poster. I've added and fixed the CAC traffic.

  11. Eric Stoddard says:

    Howdy Rui,

    It appears the latest release (10-26-2011) says the version should be 5.9 but in the actual documents (both pdf and vsd) show the version is 5.7.  I have the 5.7 version and I can tell the differences so I'm sure it's just something that was missed, but wanted to bring it to your attention.

  12. Rob L2 says:

    Excelent poster. It has been a big help.

    In the enterprice voice section the media connection from front end/mediation servers to a gateway shows being 60,000 – 64,000. From the documentation and traces I have seen this should be 49,152- 57,500

  13. Tommy Clarke says:

    Hi the deepzoom image is only 5.9 i have created a 5.10 deepzoom here  http://zoom.it/36Qq please update the post.

  14. Mohammad Khan says:

    Great work on the poster 🙂

    Would also be nice if you include the traffic of push notifications for Mobile Clients, because it can be confusing and would be nice to visualize instead 🙂

  15. willi says:

    Your poster states we need STUN 3478 from Edge to FE but technet technet.microsoft.com/…/gg425891 says we don't need it.

    Could you please check which information is right?

  16. Also in the TechNet the port STUN 3478 is needed for internal communication.


  17. Rui Maximo says:

    hi Holger,

    I'm not sure I understand your question. Could you clarify?


  18. Hi Rui,

    sorry it was my answer to willi's question.

  19. xmpp server says:

    Xmpp server is so useful and beneficial hosting server because it gives lots of features and services.

  20. AJ says:

    Hi there

    Sorry for this being a bit offtopic, but I'm not sure how to submit feedback.

    Lync has many improvements over Communicator, but one thing has gone backwards:  The management of connections.  Communicator would seamlessly and quietly connect and disconnect when the internet connection becomes available or unavailable.  You could just leave it alone and it would automatically connect whenever an internet connection became available, without bothering the user.  

    Lync, on the other hand, is a pain in the ass when the internet connection is lost (especially on laptops and netbooks).  Lync constantly flashes the entire time the internet connection is unavailable, even if that's all day.  The only way to stop it flashing is to click the "Cancel Sign-In" button, and then it leaves you alone, but it won't automatically reconnect when internet access later becomes available.   Thus Lync effectively requires manual connect/disconnect, whereas Communicator was automatic and unobtrusive.  

    Surely Lync could hook into some Windows notification that alerts it when to check for internet access.  Until such time as internet access becomes available, it should sleeps quietly, and not consume processor time, and not bother the user.   Do you agree?



  21. AJ says:

    On yes, one more problem.  Lync tends to crash ("not responding") around once per week when I paste styled text into an IM window (even when I didn't intend it to be styled).  It never crashes with plain text.  Sometimes I copy text to notepad before copying it to lync, to avoid lync crashing.

    Actually it would be great if there was a little icon you could click to enable/disable style information (whether text is pasted with styles or as plain text).

    Other than these issues, fantastic job, keep up the good work!

  22. jkdas says:

    Under Application Sharing Workload, between Reverse Proxy and Enterprise Pool, I think there's a typo. It should be https 443 right?

  23. lync fans says:

    My coworker found out that when copy paste text to ms lync it crashes (not responding) ms lync, so u have to close it in task manager.  It happens when font style is "bold". Use other style and it works 🙂

    Steps to reproduce crash. First open lync and choose font with bold style. then open chat window.

    1. Write any sentence into lync – to anyone. And press Enter to end the message. (message is sent)

    2. Click on the written text.

    3. Press Ctrl + A (to select it all)

    4. Press Ctrl + C (to copy it all)

    5. Now type a new sentence into the chatbox.

    6. Press Shift + Enter Twice

    7. Press Ctrl + V to paste the text you copied earlier

    8. Press Shift + Enter Twice

    9. Type a new sentence

    10. Press Enter (lync will stop responding and you’ll have to kill it from task manager)

    *6.11.2012 Estonia*

  24. Lync hater says:

    have this paste issue all the time with anything out of ordinary Plain Old text ….. hence use the copy into notepad trick.      

  25. soder says:

    Guys (AJ, Lyncfan, Lynchater above):

    nobody cares about your frustration here, thats not the proper forum to post your pain. If you found a bug, goto the official product site on MS, and submit a bugreport. I am not sure anything will change even if you do it there, but here I am confident nobody will react to your rumblings.. Just FYI.

  26. Stefan says:

    Hi, thank you for this great poster. Do you have an update for Lync 2013?

  27. Rob L. says:

    Looking the latest version 5.15 for Lync 2010, the A/V and Web Conferencing Workload shows ICE between Lync clients. I have not seen any other info that indicates Lync clients do ICE between them.

    Also on the Enterprise Voice workload there needs to be a separate SRTP line from the SRTP, ICE line. Front End pool, Mediation Pool, and Exchange UM don't accept ICE, then send it to the edge pool. The SRTP to Exchange UM is there, but the is no indication SRTP to Front End pool or Mediation Pool for if media bypass is not used.

  28. Rob L. says:

    Also, Exchange UM needs 5062 access to Edge Pool for MRAS.

Skip to main content