Microsoft have published a lot of documentation about Quality of Service (QoS) with Lync. There is the Word document Enabling Quality of Service with Microsoft Lync Server 2010, TechNet for QoS on Lync 2010 and TechNet for QoS on Lync 2013. From what I can see there are no QoS specific changes between Lync 2010 and Lync 2013, other than the documentation seems to have been improved – especially for the client QoS section.

As there is so much documentation and no hard recommendations it can seem a bit overwhelming. Elan Shudnow has two comprehensive posts on QoS 1 and 2 but combine these with the Microsoft documentation there is a bit of information overload. The purpose of this post is a simple (relative term) summary of the changes required to enable QoS.

Microsoft Recommended QoS Markings

QoS marking is performed by the endpoints involved in the conversation – Lync clients, Lync Front-End servers, Lync Mediation servers, Lync phones and media gateways. This is done by setting a Differentiated Services Code Point (DSCP) marking on the TCP/IP packets as they are processed by the endpoint. The table below shows the recommended QoS markings for Lync. There are other recommendations for application sharing and file transfer, but the focus of QoS for Lync is to ensure the Audio traffic is prioritised highest, while also prioritising Video and SIP signalling.

Media Type Classification
Queuing and Dropping Notes
Audio EF (DSCP 46) Priority Queue Low loss, low latency, low jitter, assured bandwidth (BW)
Video AF41 (DSCP 34) BW Queue + DSCP WRED Pair with WAN Bandwidth Policies on constrained links
SIP Signalling CS3 (DSCP 24) BW Queue Class 4. Low drop priority

Note: The DSCP markings in the following steps should be mapped to what the switches and routers are prioritising if different from the recommendations above.

Step 1 – Decide on the port ranges

In order to mark audio traffic as DSCP 46 and video traffic as DSCP 34, we need to ensure Lync restricts each modality to a specific set of ports that do not overlap. Windows can then set the QoS DSCP markings on traffic based on specific port numbers and potentially from specific programs on those port numbers. Based on the documentation above and Elan’s examples, the table below seems to be a good mix of keeping most settings default and ensuring no overlapping port ranges.

Scenario Starting port Ending port
Client audio 20000 20039
Client video 20040 20079
Client application sharing 20080 20119
Server application sharing 40803 49151
Server audio 49152 57500
Server video 57501 65535

Step 2 – Set the Port Ranges (Lync in band settings)

Client Ranges

Set-CsConferencingConfiguration -ClientMediaPortRangeEnabled 1
Set-CsConferencingConfiguration -ClientAudioPort 20000 -ClientAudioPortRange 40 -ClientVideoPort 20040 -ClientVideoPortRange 40 -ClientAppSharingPort 20080 -ClientAppSharingPortRange 40 -ClientFileTransferPort 20120 -ClientFileTransferPortRange 40 -ClientMediaPort 20160 -ClientMediaPortRange 40

Lync Pools

Set-CsConferenceServer -Identity <PoolFQDN> -AppSharingPortStart 40803 -AppSharingPortCount 8348
Set-CsApplicationServer -Identity <PoolFQDN> -AppSharingPortStart 40803 -AppSharingPortCount 8348

Lync Phone

Set-CsUCPhoneConfiguration -identity global -VoiceDiffServTag 46

Step 3 – Group Policy for Clients

A Group Policy should be created to set the following Policy Based QoS settings (applicable to Windows 8, Windows 7 and Vista):

  • Voice: DSCP 46 for ‘communicator.exe’ (OCS or Lync 2010) or ‘lync.exe’ (Lync 2013) on source TCP/UDP ports 20000:20039
  • Video: DSCP 34 for ‘communicator.exe’ (OCS or Lync 2010) or ‘lync.exe’ (Lync 2013) on source TCP/UDP ports 20040:20079

Step 4 – Group Policy for Servers

A Group Policy should be created to set the following Policy Based QoS settings:

Lync Front-End servers and standalone A/V Conferencing servers

  • Voice: DSCP 46 for all applications on source TCP/UDP ports 49152:57500
  • Video: DSCP 34 for all applications on source TCP/UDP ports 57501:65535

Lync Mediation servers and SBAs

  • Voice: DSCP 46 for all applications on source TCP/UDP ports 49152:57500

In order to confirm the Group Policies have been applied to the servers you can use regedit to view HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\QoS\ which should look similar to this:


Step 5 – Local Computer Policy for Edge Servers

Lync Edge Servers are not domain joined so cannot use Group Policy. A Local Security Policy should be created to set the following Policy Based QoS settings by running gpedit.msc:

  • Client voice:   DSCP 46 for MediaRelaySvc.exe on destination TCP/UDP ports 20000:20039
  • Server voice:  DSCP 46 for MediaRelaySvc.exe on destination TCP/UDP ports 49152:57500
  • Client video:  DSCP 34 for MediaRelaySvc.exe on destination TCP/UDP ports 20040:20079
  • Server video: DSCP 34 for MediaRelaySvc.exe on destination TCP/UDP ports 57501:65535

Note: The Edge Policy Based QoS is using Destination port numbers, not source like the previous Group Policies

The Edge Local Computer Policy should look similar to this:

Step 6 – Set Voice Gateways to mark correct DSCP values

This is dependent on the gateway vendor, but ensure the gateway is setting the same DSCP markings for audio defined above.

Finished

Assuming traffic prioritisation has been set on all routers / switches in the media path, that should be all that is required. For more information on how to confirm the DSCP markings are being applied, see the blog by Jeff Schertz on QoS.

** Updated 17 March 2013 to clarify client and server ports and GPO names and correct client QoS group policy ports

Category:
Lync

Join the conversation! 15 Comments

  1. Hello, this change affect on my list of public edge ip’s requirement to open?
    I mean, in standard requirement to Edge I’ll have this open ports:

    SIP
    x.x.x.26
    TCP 80 IN-OUT
    TCP 443 IN-OUT
    TCP 5061 IN-OUT

    WEBCON
    x.x.x.x.27
    TCP 80 IN-OUT
    TCP 443 IN-OUT

    A/V
    x.x.x.x.28
    TCP 80 IN-OUT
    TCP 443 IN-OUT
    TCP 50000 al 59999 IN-OUT
    UDP 3478 IN-OUT
    UDP 50000 al 59999 IN-OUT

    Do i need to modify something?

    Thanks for your help.

  2. Hi Marc,

    Under step “Step 3 – Group Policy for Clients”. I guess the portrange should be 20000-20039 for Voice and 20040-20079 for Video or am i missing something?


    Regards
    Martin

  3. What would happen if there were more than 40 simultaneous calls going on, effectively using up all the Client Audio ports? Shouldn’t matter correct, unless the “Client” some how managed to create 40 calls from the 1 IP address, in which case then you have other serious problems…

    • You are correct that if 40 calls were made then the ports would be exhausted. This is explained in the Technet article http://technet.microsoft.com/en-au/library/jj204760.aspx
      “In general, you can consider each available port to represent a single communication session: if you have 100 ports available in a port range that means that the computer in question could participate in, at most, 100 communication sessions at any given time. Because servers will likely take part in many more conversations than clients, it makes sense to open many more ports on servers than on clients. Setting aside 20 ports for application sharing on a client means that a user could participate in 20 application sharing sessions on the specified device, and all at the same time. That should prove sufficient for the vast majority of your users.”

  4. I notice that you don’t use any powershell command to set the ‘server’ audio and video port ranges yet you list them in the table above. Is this intentional?

  5. Hi Marc,
    What if I just done the Group Policy for Servers with the Local Group Policy within Lync servers, will it be the same? or should I really set it with the GPO server?

    Thanks.
    Mar

    • The Local Group Policy will work too. The Group Policy is easier if you have multiple servers.

      Marc

  6. Where are we configuring the setting for SIP for DSCP 24?

    • Good question. We aren’t in this or any of the Microsoft documentation. The client policies http://technet.microsoft.com/en-us/library/jj205371.aspx only specify audio and video. This can be done in the same way as the audio and video group policies using port 5061 on the clients and front end servers. As the SIP traffic will not be using random ports, I would assume the switches can be configured to tag traffic on the SIP (TLS) port 5061 as DSCP 24.

  7. What about if your FE is on hyperv. Should you apply these policies to the host server as well?

Comments are closed.