UC403: Lync & Network Interaction Lars H. Sørensen Solution Architect, Microsoft Unified Communications Atea Denmark

Agenda Lync & Network Interaction Call Setup Bandwidth Usage Enemies on the Network What to do ?

Lars H. Sørensen Aarhus, Denmark Solution Architect 19+ years in IT 10+ years with Microsoft UC lars.harbeck.sorensen@atea.dk +45 3078 0361 http://dk.linkedin.com/in/dotLars https://twitter.com/dotLars

Call Setup

Protocols Session Initiation Protocol (SIP) Session Description Protocol (SDP) Interactive Connectivity Establishment (ICE) Session Traversal Utilities for NAT (STUN) Traversal Using Relay NAT (TURN)

Call Setup IP Candidate Discovery Invite & IP Candidate Exchange Connectivity Checks Candidate Promotion

IP Candidate Discovery b Allocate UDP b c c d Allocate TCP e d e

Invite & IP Candidate Exchange w y z a b c d e SIP INVITE a,b,c,d,e a b c d e w y z 183 Session Progress w,y,z 200 OK w,y,z a c a b w b e c d y d e z

Connectivity Checks Determine all possible UDP and TCP port pairings STUN packets sent between port pairs in order STUN packet response indicates connectivity Stop checks when candidate pair has bi-directional connectivity

Candidate Promotion Select highest order candidate with validated connectivity Send SIP invite, indicating only candidate is in SDP 200 OK also contains only one candidate in SDP Note there will be two candidates, one RTP and one RTCP Media is redirected to flow on optimal, validated path

Connectivity Checks & Candidate Promotion w y z a b c d e SIP INVITE b û û a b c d e w y z 200 OK y û û û û û û û ü ü û û û û û û û û û ü ü û c û a û w b e ü ü û y d ü ü z

NAT (Home) Network Address Translation General NAT/Firewall behavior Translates one or more internal addresses to one external address General NAT/Firewall behavior Allow connections from the private network Blocks connection from the Internet Security/usability tradeoff Blocks attackers from harming your system PROBLEM: Also blocks incoming signaling and media

NAT (Corporate) Though more scrutinized, goals are similar Sharing of IP addresses Controlling data traffic from the internet Two firewalls isolate via perimeter network PROBLEM: Also blocks incoming and outgoing signaling and media

Why is NAT Traversal a problem ? SIP signaling over TCP uses Access Edge UDP media flows over separate channel Pre-ICE endpoints uses local IPs & ports No media can be sent between (a) and (w) INVITE m/c = a 200OK m/c = w a w

Types of NAT Full Cone NAT IP Address Restricted NAT Port Restricted NAT Symmetric NAT

Full Cone, IP Address Restricted & Port Restricted STUN will be supported Type Inside Host (H1) NAT Outside Host Full Cone 10.10.10.10:1111 20.20.20.20:2222 *:* IP Address Restricted 10.10.10.10:1111 20.20.20.20:2222 30.30.30.30:* IP Address Restricted 10.10.10.10:1111 20.20.20.20:2222 40.40.40.40:* Port Restricted 10.10.10.10:1111 20.20.20.20:2222 30.30.30.30:3333 Port Restricted 10.10.10.10:1111 20.20.20.20:2222 40.40.40.40:4444

Symmetri NAT Does not work with STUN, must use TURN Type Inside Host (H1) NAT Outside Host Symmetri 10.10.10.10:1111 20.20.20.20:1234 30.30.30.30:3333 Symmetri 10.10.10.10:1111 20.20.20.20:2345 40.40.40.40:4444

STUN, TURN, ICE Add a Media Relay (aka A/V Edge Server) STUN reflects NAT addresses (b) and (e) TURN relays media packets (c) (d) (x) (y) ICE exchanges candidates (cand) and determines optimal media path INVITE m/c = a 200OK m/c = w cand=a,b,c,d,e cand=w,x,y a b c w e d x y

Internal to Internal Call UDP 3478 TCP 443 w1 UDP/TCP 50000 . 59999 w1 w1 w2 w2 w2

Internal to External Call h1 UDP 3478 TCP 443 h1 h1 w1 UDP/TCP 50000 . 59999 h1 h1 w1 w1

External to External Call h1 UDP 3478 TCP 443 h1 h1 UDP/TCP 50000 . 59999 h2 h2 h2 h2 h1 h2 h1

Bandwidth Usage

P2P Call Media Codec Typical stream bandwidth (Kbps) Audio 62 Kbps Video 4010 Kbps Media Codec Typical stream bandwidth (Kbps) Maximum stream bandwidth without FEC Maximum stream bandwidth with FEC Audio RTAudio Wideband 39.8 62 91 RTAudio Narrowband 29.3 44.8 56.6 Main video when calling Lync 2013 endpoints H.264 460 4010 (for maximum resolution of 1920x1080) Not applicable

Conference Call Audio Video (MultiView) 1xTx 1x101Kbps = 101Kbps 2xRx 2x101Kbps = 202Kbps Video (MultiView) Default (212x160) 3xTx 1x260Kbps = 780Kbps 3xRx 2x260Kbps = 1560Kbps PopOut (424x320) 2xTx 1x460Kbps and 3xTx 1x260Kbps = 1700Kbps 1xRx 2x460Kpbs and 2xRx 2x260Kbps = 1960Kbps

Enemies on the Network

Latency Latency vs. Round Trip Time (RTT) Provision your network to ensure a maximum end-to-end delay (latency) of 150 milliseconds (ms) under peak load. When latency is high, users will likely hear the words, but there will be delays in sentences and words. Lync Monitoring Thresholds < 200 ms is good > 200 ms is poor > 500 ms is bad

Jitter Variability of packet delay. Results in a distorted or choppy experience. Jitter can increase total latency Lync Monitoring Thresholds < 20 ms is good > 30 ms is not good (but can be ‘ok’) > 45 ms is considered very bad

Packet Loss Represents the % of packets that did not make it to their destination. Packet loss will cause the media to be distorted or missing. Lync Monitoring Thresholds < 3% is considered good > 5% will impact audio > 7% is not good > 10% is very bad Divide by two when media is video.

Wi-Fi Usual built for data and fixed location Off-Channel Scanning Handover Performance Rate Adaption and TX Retries Lack of QoS Devices / BYOD

What to do ?

Optimal Media Path Direct before relay UDP before TCP

Optimal Media Path Port range open Port range closed 443 TCP 3478 UDP 50,000 port range 50,000 port range 443 TCP 3478 UDP 443 TCP 3478 UDP 50,000 port range 50,000 port range

Quality of Service (QoS) What is QoS? Quality of Service (QoS) is a combination of networking technologies that enables organizations to optimize the end-user experience for real time audio and video communications When is QoS needed? QoS is commonly used when network bandwidth is limited QoS is needed when there is a possibility of network congestion

Quality of Service (QoS)

Quality of Service (QoS) Lync Server 2013 enables both defined port ranges and DSCP marking WMM-capable wireless access points translate DSCP markings into the equivalent WMM tag value Validating QoS on Lync Endpoints

Quality of Service (QoS) Lync Monitoring Server and Reports is your best friend.

A word or two on Wi-Fi Delivering Lync 2013 Real-Time Communications over Wi-Fi: http://www.microsoft.com/en-us/download/details.aspx?id=36494

Resources Lync Deep Dive: Edge Media Connectivity with ICE http://channel9.msdn.com/Events/TechEd/Europe/2012/EXL412 Network Bandwidth Requirements for Media Traffic http://technet.microsoft.com/en-us/library/jj688118.aspx Lync 2010 and 2013 Bandwidth Calculator http://www.microsoft.com/download/en/details.aspx?id=19011 Network Planning, Monitoring, and Troubleshooting with Lync Server http://www.microsoft.com/en-us/download/details.aspx?id=39084 Delivering Lync 2013 Real-Time Communications over Wi-Fi http://www.microsoft.com/en-us/download/details.aspx?id=36494

Match of technical Level Evaluation Scale: 1 = Very bad 2 = Bad 3 = Relevant 4 = Good 5 = Very Good! Questions: Speaker Performance Relevance according to your work Match of technical level according to published level Comments Evaluation Create a Text message on your phone and send it to 1919 with the content: UC403 5 5 5 I liked it a lot Session Code Lars Performance (1 to 5) Relevance (1 to 5) Match of technical Level (1 to 5) Comments (optional)

Thank you © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation.  Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.  MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.