client log in times while failed over (sfb on premise)

Steel Contributor
Hi everyone. I have an on premise active / active paired pool SfB environment. I've noticed that random users take longer to sign in to their client while I have my infrastructure failed over to one pool or another, and those users are homed on the failed over pool. It doesn't appear to affect everyone on the failed over pool. Clearing out the Skype cache folder doesn't improve the login time. Default TTL for the pools is 15 min, so I don't think DNS is part of it. Has anyone experienced this behavior? Curious what might be causing it.
3 Replies

Hi,

 

The actual values (seconds) can be configured in the Skype for business Topology for Automatic Voice Failover.  By default this is 300 seconds (you will have to include TCP disconnects and retries so not exactly 300 seconds but may be off by a few minutes)

 

The second part is relying on your DNS SRV/Lyncdiscoverinternal records configuration which may also cause issues if not done correctly.

 

Greetings,

Johan

The clients will eventually log in well under the 300 second threshold. I'm also fairly certain my DNS entries are correct. I'm looking for what might be causing the client login delay for users homed on the failed over pool.

If you have Windows Firewall enabled on the servers, disabling stealth mode for it helped signficantly for us in speeding up sign in times in both local failover and pool failover scenarios.

 

Browse to HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile, create a new DWORD named DisableStealthMode, and set the value to 1.

 

Disabling this allows the front end servers where the services are shutdown to send back a TCP RST to the client when it tries to connect. Otherwise, if the client doesn't receive a TCP RST, it will wait 20 seconds before moving on to attempting to sign in to next server.