Every modern-day Citrix admin will probably agree with me. Using Office 365 on Citrix Servers and Desktops can be a challenge, let’s leave it at that.

That’s not the topic of this blog post, however. It’s not even a Citrix problem. But again, every Citrix admin will agree on this too; if the problem or issue is present on Citrix, then it’s a Citrix problem, period. So I won’t be writing on how to install and configure Office 365 applications on Citrix, it’s how those apps will connect to the magical entity, otherwise known as “The Cloud”.

Let’s take a look at Outlook. Outlook will always try to connect to outlook.office365.com. Now before Outlook can establish that connection, it needs to resolve that name into an IP address. Enter DNS. DNS is a vital part of today’s connected world. Microsoft will even tell you that Outlook uses a geolocation mechanism based on DNS to point you to the “best” entry point into their network. The latter is a crucial statement; you need the fastest connection to their network. Once there, they’ll take care of things for you.
Another important fact for you: “The Cloud” changes at an extraordinary pace. What’s relevant today, may be completely obsolete by tomorrow. In that light, it may or may not be true for you to see something like this when you do nslookup of outlook.office365.com.

First of all, if outlook.office365.com still resolves for you to something like outlook-emeawest3.office365.com, you’re in a bad place. More details on that below.

What can we actually learn from this? Microsoft DNS returns multiple IP addresses for that single DNS record. Why? Load distribution and high availability, what else? But if you look closer, there might be something off. When pinging those IP addresses individually, you might see a big difference in performance. Some will be a lot “faster” than others. And if ping can “see” that, you can be sure your users will “see” the difference too.

Why is this happening? Because those IP addresses are served from different Microsoft data centers around the world. And some are closer to you than others.

Remember I wrote something about being at a bad place some lines above?

Microsoft has been revamping the DNS resolution for some time now. How to find out? Outlook.office365.com should be resolving to a more generic outlook.ms-acdc.office.com by now. Microsoft keeps expanding its ACDC solution. And no, that’s not about music, but about AnyCast DNS Cafe. The reasoning is quite simple: Microsoft wants your users to connect to the Microsoft network as fast as possible. Once you’re on their network, you’re all set.

In general, ms-acdc returns a more consistent set of IP addresses and those would be “closer”, or in other words: faster for your users.

There is a moral to this story: you do have some influence of this DNS stuff. Choose your resolver/forwarder wisely. Some will work better than others. In my case, CloudFlare 1.1.1.1 servers returned IP addresses 10ms “faster” compared to the ones of our hosting/colo facility (even that’s a leading, global one).

Bottom line: DNS is essential to a successful Office 365 (or any cloud service really) implementation, on Citrix or otherwise. Your mileage will vary, so you’ll need to try and test for yourself and your users.

Thanks

Bart Jacobs