Enabling QoS for Lync Server 2010 – Part 2
Welcome to Part 2 on how to Enable QoS for Lync Server 2010. The purpose of this multi-part article (first part for QoS on Lync Client and second part for QoS on Lync Server) is to lay everything out in a concise manner to help you, the reader, understand how to enable QoS. Keep in mind that this article is only for the ability to enable QOS, it is not a comprehensive guide on all the various dynamic ports available in Lync to lock down your firewalls. For that, you can check out my other article here. Second of all, the question may arise, why and when would you want to enable QoS. Audio and Video are synchronize traffic that can be affected by jitter, delay, and packet loss on an IP Network. Lync has been designed to work without QoS but Lync Administrators can choose to enable both Lync endpoints as well as servers to mark Differentiated Services Code Point (DSCP) values on audio and video packets. This ensures that audio/video packets get prioritized on a network that is enabled for Differentiated Services (DiffServ).
To better understand DiffServ and its affect on the network, please check out the excellent blog article written by fellow Lync MVP Jeff Schertz at the following URL: http://blog.schertz.name/2011/08/lync-qos-behavior/
Part 2
Server QOS
General Procedure for Server QoS
In Part 1, we talked about Windows Vista/7 vs Windows XP. Windows 7 and Windows Vista utilize Policy based QoS and Windows XP used QoS based on the Packet Scheduler. For Lync Servers, you’ll always use Policy based QoS since Lync Server 2010 can only be installed on Windows 2008 or Windows 2008 R2 which both utilize Policy based QoS. For Server based QoS, we can configure Conferencing Servers, Application Servers, and Edge Servers (which will use QoS based on the destination port rather than the source port as everything else does).
Client to Server Port Configuration for Conferencing Servers and Application Servers
Client to Server Port ranges are out of the box different for all modalities except for Application Sharing. The default ports for a Conferencing Server are as such:
- Audio: 49152 to 57500
- Video: 57501 to 65535
- Application Sharing: 49152 to 65535
At least 40 ports minimum are required for Application Sharing. We will specify a 8,348 port range that is unique from other ports. Ultimately, we will set Application Sharing to use the following ports:
- Application Sharing: 40803 to 49151
To set this, we will run the following command:
Configuring an Application Server is identical. The only difference is that you use the Set-CSApplicationServer command instead of the Set-CSConferencingServer. Make sure to include these ports in the QoS Policies for Edge Servers as you will learn later.
Client to Server Port Configuration for Dedicated Mediation Servers
A Mediation Server of course only handles Audio since it’s job is to transcode RTAudio to G.711. The default ports for a Mediation Server are as such:
- Audio: 49152 to 57500
No Changes to this port range will be required. If the Mediation Server is collocated on a Front End Server, no changes will need to be done as you can see the Audio Port Range for a dedicated Mediation Server is the same as the Audio Port Range for a Front End Conferencing Server.
Edge Server Policy Configuration
An Edge Server doesn’t get configured per se. But the policy that you create is based on a destination port (rather than source port like client peer to peer or client to server). The destination port configuration in the QoS Policy is configured based on the client peer to peer ports you defined in Part 1 of this article series as well as the client to server ports you defined in this Part 2 of this article series.
So if we take a look at everything we’ve done so far, we have the following peer to peer configuration from Part 1 of this article series:
- Audio: 20000 to 20039
- Video: 20040 to 20079
And we have the following client to server configuration from Part 2 of this article series:
- Audio: 49152 to 57500
- Video: 57501 to 65535
- Application Sharing: 40803 to 49151
The Edge QoS Policy will need to have several QoS Policies configured to handle each modality (Application Sharing not as critical as Audio/Video but can be enabled) for peer to peer (Audio/Video) and client to server (Audio/Video). Additional QoS Policies may be needed depending on Application Servers in the environment and whether they have any different port ranges from your Peer to Peer or Client to Peer port configurations.
Configuring Policy Based QOS in Group Policy for Windows 2008 and/or Windows 2008 R2 for a Conferencing Server
As stated previously, Lync Server 2010 can only be installed on Windows 2008 or Windows 2008 R2. Both Windows 2008 and Windows 2008 R2 utilize Policy Based QOS which allows a wider variety of options for configuring QoS.
In the below example, we will show how to create the Policy-based QoS for Audio. Once finished, be sure to also create Policy-based QoS policies for Video. The DSCP Value for Audio will be 46 and the DSCP Value for Video will be 34. Open up Group Policy (in my examples, I am using Local Computer Policy but in a real production environment you would be using Group Policy at some level in your Domain Hierarchy) and navigate to Computer Configuration > Windows Settings > Policy-based QoS. Right-Click and choose Create new policy.
In the new Policy, give it a name and specify the DSCP Value. DSCP Values for audio is typically 46. Make sure the Outbound Throttle Rate check box is cleared. Click Next.
Because there are multiple applications that will stamp DSCP Values, we will choose All Applications. Click Next.
On the following screen, make sure you leave the defaults as “Any source IP address” and “Any destination IP Address.” Click Next.
On the following screen, choose TCP and UDP. In our information above we stated the default audio port range is 49152 to 57500 and does not need to be changed. Because of this, our source port range will 49152 to 575000 specified as 49152:57500.
Let’s go ahead and set the DSCP Value for Video with a DSCP value of 34. Right-Click Policy-based QoS and choose Create new policy. In the new Policy, give it a name and specify the DSCP Value. DSCP Values for video is typically 34. Make sure the Outbound Throttle Rate check box is cleared. Click Next.
Because there are multiple applications that will stamp DSCP Values, we will choose All Applications. Click Next.
On the following screen, make sure you leave the defaults as “Any source IP address” and “Any destination IP Address.” Click Next.
On the following screen, choose TCP and UDP. In our information above we stated the default video port range is 57501 to 65535 and does not need to be changed. Because of this, our source port range will 57501 to 65535 specified as 57501:65535.
If you would like Client to Server QoS for Application Sharing, feel free to also create a new QoS Policy that provides DSCP Values for the port ranges specified for Application Sharing. If you made this port range contiguous with Video, feel free to modify your Video QoS Policy to add the ports for Application Sharing if you are fine with also using a DSCP value of 34.
Now go ahead and restart your Lync Conferencing Servers so they pick up the changes. After Group Policy have applied the settings, you should see the following settings within the registry:
Configuring Policy Based QOS in Group Policy for Windows 2008 and/or Windows 2008 R2 for a Dedicated Mediation Server
As stated previously, Lync Server 2010 can only be installed on Windows 2008 or Windows 2008 R2. Both Windows 2008 and Windows 2008 R2 utilize Policy Based QOS which allows a wider variety of options for configuring QoS.
In the below example, we will show how to create the Policy-based QoS for Audio only. The DSCP Value for Audio will be 46. Open up Group Policy (in my examples, I am using Local Computer Policy but in a real production environment you would be using Group Policy at some level in your Domain Hierarchy) and navigate to Computer Configuration > Windows Settings > Policy-based QoS. Right-Click and choose Create new policy.
In the new Policy, give it a name and specify the DSCP Value. DSCP Values for audio is typically 46. Make sure the Outbound Throttle Rate check box is cleared. Click Next.
Since this is Policy-based QoS, we will want to take advantage of only tagging traffic that the Mediation Server uses utilizing the executable MediationServerSvc.exe. So make sure you choose the “Only applications with this executable name” and specify MediationServerSvc.exe. Click Next.
On the following screen, make sure you leave the defaults as “Any source IP address” and “Any destination IP Address.” Click Next.
On the following screen, choose TCP and UDP. In our information above we stated the default audio port range is 49152 to 57500 and does not need to be changed. Because of this, our source port range will 49152 to 575000 specified as 49152:57500.
Now go ahead and restart your Lync Mediation Servers so they pick up the changes. After Group Policy have applied the settings, you should see the following settings within the registry:
Configuring Policy Based QOS in Group Policy for Windows 2008 and/or Windows 2008 R2 for an Edge Server
As stated previously, Lync Server 2010 can only be installed on Windows 2008 or Windows 2008 R2. Both Windows 2008 and Windows 2008 R2 utilize Policy Based QOS which allows a wider variety of options for configuring QoS.
In the below example, we will show how to create the Policy-based QoS for Audio. Once finished, be sure to also create Policy-based QoS policies for Video. The DSCP Value for Audio will be 46 and the DSCP Value for Video will be 34. Open up Group Policy (in my examples, I am using Local Computer Policy but in a real production environment you would be using Group Policy at some level in your Domain Hierarchy) and navigate to Computer Configuration > Windows Settings > Policy-based QoS. Right-Click and choose Create new policy.
In the new Policy, give it a name and specify the DSCP Value. DSCP Values for audio is typically 46. Make sure the Outbound Throttle Rate check box is cleared. Click Next.
Since this is Policy-based QoS, we will want to take advantage of only tagging traffic that the Edge Server uses utilizing the executable MediaRelaySvc.exe. So make sure you choose the “Only applications with this executable name” and specify MediaRelaySvc.exe. Click Next.
On the following screen, make sure you leave the defaults as “Any source IP address” and “Any destination IP Address.” Alternatively, you can change the Source IP Address to the internal IP of your Edge. Click Next.
On the following screen, choose TCP and UDP. In our information above we stated the default audio port range is 49152 to 57500 and does not need to be changed. Because of this, our source port range will 49152 to 575000 specified as 49152:57500.
‘
I will not display the remainder of the QoS Policy configuration for the Edge as I’m sure by now, you are a master at configuring QoS Policies for Lync. The remainder of the three QoS Policies will look as such:
Peer to Peer Video:
- Policy Name: Lync Edge Peer to Peer Video
- DSCP Value: 34
- Only applications with the following executable name: MediaRelaySvc.exe
- Specify Outbound Throttle Rate is Unchecked
- Source IP: Your Internal Edge IP (Our example is 10.10.10.50/32)
- Destination Port Range of 20040:20079
Client to Server Audio:
- Policy Name: Lync Edge Conferencing Audio
- DSCP Value: 46
- Only applications with the following executable name: MediaRelaySvc.exe
- Specify Outbound Throttle Rate is Unchecked
- Source IP: Your Internal Edge IP (Our example is 10.10.10.50/32)
- Destination Port Range of 49152:57500
Client to Server Video:
- Policy Name: Lync Edge Conferencing Video
- DSCP Value: 34
- Only applications with the following executable name: MediaRelaySvc.exe
- Specify Outbound Throttle Rate is Unchecked
- Source IP: Your Internal Edge IP (Our example is 10.10.10.50/32)
- Destination Port Range of 57501:65535
After all QoS Policies are created, reboot the Lync Edge Server. You should see the following registry changes:
Elan Shudnow :: Nov.28.2011 :: Lync 2010 ::
[...] Enabling QOS for Lync Server 2010 – Part 2 | Elan Shudnow’s Blog Posted on November 28, 2011 by johnacook http://www.shudnow.net/2011/11/28/enabling-qos-for-lync-server-2010-part-2/ [...]
[...] Continue reading here: Enabling QOS for Lync Server 2010 – Part 2 | Elan Shudnow's Blog [...]
What will happend if I narrow down the range ports to the minimum of 40 ports per application (Audio, Video, App sharing) ? Will it affect the number of users can sign to conferencing call ? if so, what is the calculation of ports needed per user or per conferncing call ?
It's not 40 ports minimum for Client to Server. I don't talk at all in this blog article about narrowing the ports for client to server. I do talk about that here http://www.shudnow.net/2010/12/06/lync-server-201… where I stated that it's 128 ports for client to server on a per modality basis (though not for all modalities). 20 is the minimum for Peer to Peer.
It do believe it restricts the amount of conferences you can have but I have not seen a calculation. I'll ping Microsoft on this and see what they say, if anything.
Ok, so I got an answer from Microsoft:
MS: If you narrow it to 40 ports on client – i.e., 20 ports for audio and 20 ports for video and some x ports for app sharing), it will not affect the client. Surely if you restrict it on server it will have an impact on number of users. With 128 ports on server, it will be surely less (as audio requires 2 ports when the call is in “stable” stage (after the initial spike in ports)
He also stated the following:
MS: There was a separate article written in OCS 2007 R2 on this. http://technet.microsoft.com/en-us/library/dd5722…
They may look into updating the Lync documentation.