1 / 46

SharePoint Ports, Protocols and Proxies An end-to-end overview of SharePoint inter-server communication

Session Code: OFC402 . SharePoint Ports, Protocols and Proxies An end-to-end overview of SharePoint inter-server communication. Martin Kearn Martin.Kearn@Microsoft.com Senior Consultant Microsoft UK (Microsoft Consulting Services). Agenda. Why is understanding farm communication important?

eli
Download Presentation

SharePoint Ports, Protocols and Proxies An end-to-end overview of SharePoint inter-server communication

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Session Code: OFC402 SharePoint Ports, Protocols and ProxiesAn end-to-end overview of SharePoint inter-server communication Martin Kearn Martin.Kearn@Microsoft.com Senior Consultant Microsoft UK (Microsoft Consulting Services)

  2. Agenda • Why is understanding farm communication important? • Types of farm communication • Inter-Server communication • Client-Server communication • Extra-Server communication • Tools • References

  3. Who is this session for? • SharePoint Architects that are interested in how servers in the farm communicate • Main target audience since this is in the ‘Office System’ track • Firewall & network architects that are working on SharePoint projects • Level 400 (‘Expert’ level content) • I’m going to assume a certain familiarity with SharePoint terminology and concepts

  4. What is a ‘farm’? • A Collection of SharePoint 2007 and SQL (2005/2008) servers bound together by a single configuration database • Server Roles • Web Front End (WFE) • Windows SharePoint Services Web Application Service • Application • Office SharePoint Server Search Service (Index or Query mode) • Document Conversion Launcher Service • Document Conversion Load Balancer Service • Excel Calculation Services • SQL

  5. Why care about farm communications? • ‘Secured’ farms where different parts may be on different network segments • Firewall guys need to know what traffic they need to allow/block • Extranet/Internet Farms • Debugging network issues / WAN • Windows Server 2008 is locked by default!

  6. Geographically Distributed FarmsUsing ‘stretched farms’ • Many customers have LAN-like WANs • It is possible to split farms across data centres for DR purposes • Supported in very specific scenarios • WFE has less than 1 millisecond(ms) latency to DB • Typically WFE has less than 10 miles (16 kilometres) to DB, however up to 100 miles has been achieved • All servers on the same network segment • Servers cannot cross time zones • Think long and hard about your network traffic especially to SQL! • Resources • Plan for availability (Office SharePoint Server): http://technet.microsoft.com/en-us/library/cc748824.aspx • Optimizing Office SharePoint Server for WAN environments: http://technet.microsoft.com/en-us/library/cc263099.aspx

  7. Transport Protocols 3 key transport protocols used for SharePoint • SQL Server Tabular Data Stream (TDS) • Most farm traffic is SharePoint servers talking to SQL • Default = TCP:443, Named Instances = TCP:0 (random) • Server Message Block (SMB) • Used extensively in SharePoint Index / Query Servers • TCP:445 • Hyper Text Transfer Protocol (HTTP) • Clients or Web Services • TCP:80 (or whichever port the web application uses)

  8. HTTP Web Services in Web ApplicationsAll web applications have a common set of web services on all WFEs • Web Services in Web Applications • Dynamic path of http://<server>:<port>/<sitestructure>/_vti_bin • Always maps to: C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\isapi • This path includes • Webs.asmx • Lists.asmx • Search.asmx • etc

  9. HTTP Web Services in SSPSSP adds several web services to all WFEs • Dedicated IIS Site called ‘Office SharePoint Web Services’ on all WFE servers • TCP:56737 / TCP:56738 (for SSL) • Use STSADM to change port (for server lock-down) STSADM.exe –o setsspport • Separate IIS ‘Application’ for each SSP in farm • Always maps to: C:\Program Files\Microsoft Office Servers\12.0\WebServices\Shared • This includes web services for Search, Excel ,BDC etc

  10. Types of Communication

  11. Inter Server Inter-Server CommunicationTraffic between servers in the farm • SharePoint servers talking to other SharePoint servers or SQL • Main operations • To/from SQL • Search Propagation and Crawling • Web Service Requests • 32 Protocols Used

  12. Inter Server Inter-Server Communication

  13. SharePoint Protocol DocumentsWhere are they and how are they organised • The resource for planning farm comms • All available online as PDFs • http://msdn.microsoft.com/en-us/library/cc339473.aspx • Document types • Front-end • SharePoint only at one end, intended for Interoperability • Extra-Farm • Client-server • Back-end • SharePoint at both ends • Intra-farm

  14. Inter Server Intra-Server Core Platform CommunicationProtocols used for core platform functionality

  15. Inter Server First look at a SharePoint protocol specification document [MS-WSSCFGD] demo Martin Kearn Senior Consultant Microsoft UK

  16. Inter Server Intra-Server MOSS Extended Communication (1)Protocols used by the MOSS-specific features

  17. Inter Server Intra-Server MOSS Extended Communication (2)Protocols used by the MOSS-specific features

  18. Inter Server Search SpecificsSearch Activities • Search Administration • Calls to Office SharePoint Web Services on TCP:56737 & TCP:56738 (SSL) • [MS-GLOADWS], [MS-ADMWS] and [MS-SQLPADM] • Search Crawling • Actual crawling is extra-server, but during crawls there is heavy traffic between Index and SQL • [MS-SQLPGAT], and [MS-SQLPQ] • Search Index Propagation • Continual copying the index from the Index Server to the Query Server (C:\Program Files\Microsoft Office Servers\12.0\Data\Office Server\Applications) • Occurs over SMB • [MS-CIPROP] • Search Query Execution • Passing search queries from the WFE Servers to the Query Servers • Occurs over SMB, which is a major design factor for extranet topologies! • [MS-SQP]

  19. Inter Server Search SpecificsDedicated WFE for Crawling • It is possible to configure a dedicated WFE for crawling • http://blogs.msdn.com/joelo/archive/2007/02/06/use-a-dedicated-web-front-end-for-crawling.aspx • This can be on the index server itself or a dedicated server • Advantages • Different network segment, thus reducing firewall holes • Reduced performance impact on real WFEs • If on Index server, no network traffic (reduce overhead on firewall) • Diss-Advantages • Requires a dedicated server • If on Index server, additional load on Index server

  20. Inter Server Search SpecificsIndex and Query on same Server • The ‘Office SharePoint Server Search Service’ has two modes of operation: Index & Query • Both roles can run on a single server • Advantages • No propagation traffic • Reduces holes in firewall • Disadvantages • No fault tolerance for query (cannot have additional query servers in this mode) • Additional load on Index • SMB required to server for querying

  21. Inter Server Search Protocols

  22. FiddlerHTTP Web Debugging Software • Simple and easy to use • Inserts itself as a local proxy in IE • 127.0.0.1:8888 • All HTTP traffic goes via Fiddler (Not SQL or SMB) • Clients that do not follow the Winlnet API will bypass fiddler • This includes .net. To ensure .net goes via Fiddler set the proxy as follows in web.config <system.net> <defaultProxy> <proxy proxyaddress="http://127.0.0.1:8888" bypassonlocal="False" autoDetect="False" /> </defaultProxy> </system.net>

  23. WiresharkPhysical-level packet sniffer • Powerful but complex • Physical packet sniffer • Traps all traffic, including HTTP, TDS for SQL and SMB • Check your network policy

  24. SQL ProfilerTrace SQL queries • Useful for seeing the queries coming into SQL • Shows user accounts being used • Can filter on specific events and objects

  25. Inter Server Using Fiddler and WireShark to capture Search Communications demo Martin Kearn Senior Consultant Microsoft UK

  26. Extra Server Extra-Server CommunicationTraffic between servers in the farm and external servers • Two main types of extra-server traffic • Infrastructure: • DNS: TCP/UDP:53 • Active Directory Authentication • LDAP: Used to query AD for list of users • SharePoint • Indexing • BDC • Excel Data Connections • InfoPath Forms Services

  27. Extra Server Extra-Server Communication

  28. Extra Server Extra-Server MOSS Extended CommunicationProtocols used for MOSS functionality

  29. Client Server Client-Server CommunicationTraffic between servers in the farm and clients • Any integration between the client and servers, this includes: • General browsing • Synchronisation of lists in Outlook / Groove • Viewing or editing files • Using SharePoint Designer • Almost all client-server traffic occurs over HTTP • Special additions for MS Office

  30. Client Server Client-Server with MS OfficeMS Office gets special consideration • Windows SharePoint Headers Protocol • Authenticating client connections • Communicating error conditions • Sending complex data (Metadata Updates, SPD etc) • Interacting with IRM • Interacting with anti-virus • Interacting with customer crawlers (Protocol Handlers) • MetaWeblog Extensions • Allows retrieval and publishing of blogging content • Slide Library Web Service • Allows PowerPoint to interact with Slide Libraries • RSS Feeds in Outlook

  31. Client Server Using WireShark to capture Office to WFE Communication demo Martin Kearn Senior Consultant Microsoft UK

  32. Client Server ActiveX ControlsSharePoint makes use of several ActiveX controls • SharePoint Datasheet Editing Control • Multiple Document Upload Control • Send To Location Control • Document Opener/Launcher Controls • General Documents, Pictures, PowerPoint, InfoPath, Excel, Access • Presence Control • Personal Sites • List Synchronisation launcher for Outlook

  33. Client Server Client-Server Communication

  34. Client Server Client-Server MOSS Extended Communication (1)Protocols used for MOSS functionality

  35. Client Server Client-Server MOSS Extended Communication (2)Protocols used for MOSS functionality

  36. WFE Server Communication

  37. SQL Server Communication

  38. Application Server(s) Communication

  39. Using Windows & SQL 2008Additional configuration required • Windows 2008 is locked down by default, therefore the following changes are required • On the SQL Server set an Inbound Rule to allow TCP:1433 in Windows Firewall • Server Manager > Configuration > Windows Firewall with Advanced Security • SQL 2008 does not allow incoming connection by default • Use ‘SQL Server Configuration Manager’ to enable TCP/IP • SQL Server Network Configuration > Protocols for MSSQLSERVER

  40. Configuring Windows 2008 & SQL 2008 for SharePoint demo Martin Kearn Senior Consultant Microsoft UK

  41. Resources • Fiddler: http://www.fiddlertool.com • WireShark: http://www.wireshark.org • Office protocols documents: http://msdn.microsoft.com/en-us/library/cc307432.aspx • SharePoint protocol documents: http://msdn.microsoft.com/en-us/library/cc339473.aspx • TechNet Articles • Plan security hardening for extranet environments: http://technet.microsoft.com/en-us/library/cc262834.aspx • Plan for secure communication within a server farm: http://technet.microsoft.com/en-us/library/cc263077.aspx • Plan security hardening for server roles within a server farm: http://technet.microsoft.com/en-us/library/cc262849.aspx • Blogs • Watch out for an announcement soon around MCS SharePoint Team Blog • http://blogs.msdn.com/martinkearn/default.aspx

  42. Key Takeaways • The documentation is out there, you just have to find it • Protocol Documents • TechNet / MSDN articles • Blogs • Think about your network when designing farm architecture • Make use of the tools available when problem solving

  43. Q & A Meet me in the Ask-the-Experts pavilion! Mon 3rd 19:00 – 21:00 Wed 5th 12:15 – 12:45 Thu 6th 10:00 – 13:00

  44. © 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

More Related