Is it Operating up to Your Expectations?
Jun 25, 2020
Most of BusinessCom Network’s broadband satellite services are “managed,” leveraging our proprietary Sentinel Server. See: Sentinel Bandwidth Management and Optimization. The Sentinel provides full routing, firewall, access control, optimization and compression, and excellent remote diagnostic tools and statistics to allow our NOC to remotely diagnose and fix data related issues traversing our services. The iDirect satellite modems provide excellent information on the RF (satellite link) side of things, and Sentinel provides superior capabilities for the data side of the connection. As it turns out, most problems are on the data side. For example, a client may have been quite pleased with throughput but then noticed over time, that it was not as fast as it used to be. Without proper tools, all the satellite diagnostics really tell us is whether the bandwidth is being delivered. Telling the client that they are getting their bandwidth, when their perception is that it is “slow” is not what they want to hear. With Sentinel, we gain insight as to how the bandwidth is being used; and often, that is where we find the source of the problem.
With Sentinel we have notified clients that users on their network are downloading porn, playing games, have inadvertently turned their workstation into file share servers, or any number of other reasons the bandwidth isn’t being used as the customer desires. In some cases, this is resolved with “rate limiting,” which means every user is assigned some level of bandwidth, and they cannot go above that and use more than their fair share. In other cases, the client may not want bandwidth restrictions, but may want to prioritize or limit applications based on the company’s business policies.
This is where Video Conferencing comes in. In the past it has been difficult to prioritize or limit some video conferencing applications, notably Skype. In today’s environment, where video is an essential tool for business, this traffic may need to be prioritized. In our past, particularly when satellite prices were higher than they are now, many clients wanted to restrict Skype sessions, because they would eat up all the bandwidth and bring all the other traffic to a crawl. This situation is slowly improving as satellite prices continue to trend downward. See: Will Satellite Bandwidth Costs Continue to Fall. Now, thanks to the pandemic, businesses are under pressure to reduce travel and use video conferencing, and the demand for consistent video quality is increasing.
Implementing QoS (Quality of Service)
We are going to take a brief look at Microsoft Teams and Zoom, as these are two popular platforms for videoconferencing. MS Teams includes Skype for Business, which can be prioritized, unlike the free version which “hops ports” if you try to limit it. QoS is used to allow real-time traffic like audio or video to be prioritized over other traffic that is less sensitive to network delays. For example, when you are having a conversation, the data bits that are used to transmit your voice cannot be held up by a web page that is downloading or the voice will have poor quality or may not work at all. BusinessCom Networks has quite a bit of experience transporting business quality voice over our networks. See: Delivering Business Class VoIP over iDirect Broadband.
QoS addresses issues like jitter, which is the result of media (voice or video) packets arriving at different rates. This can cause lost words or syllables in a call. When a network is congested, packets may be dropped. If this happens to voice or video packets, it results in lower quality and hard to understand audio. QoS can also be used to help address RTT or delayed round trip time, creating noticeable delays between two parties which can result in them talking over each other. This is an inherent problem with satellite networks since they have greater latency than land lines, but keeping that delay consistent, makes it easier to adapt to.
Of course one way to address the problem is to throw bandwidth at it, however this is often cost-prohibitive, and power users may suck up any additional bandwidth in any case, so QoS provides a way to manage the available bandwidth and ensure that it’s being used to provide maximum utility for the organization.
QoS Model
To manage and optimize critical traffic, you first must identify it. When traffic enters a router such as BusinessCom’s Sentinel server, if there is no QoS policy configured, then there is one queue and all traffic goes into it and is handled on a first in/first out basis. Time sensitive traffic, particularly voice, can get stuck behind other packets and be delivered with delays that make the speech poor or even unrecognizable. One way to think of it, is the router creating virtual “carpool” lanes in the data network, so some traffic does not encounter delays. Once the lanes (queues) are configured, you can determine their relative sizes and adjust as needed.
Microsoft Teams and Skype for Business
MS Teams supports a couple different mechanisms for implementing QoS. One is Access Control Lists leveraging port-based tagging. As packets arrive at the router, they are examined and if the packet is using a particular port or range of ports, it is identified as a certain media type and placed in the queue for that traffic type. A predetermined DSCP (Differentiated Services Code Point) mark is applied to the packet header and can be recognized by other devices that can recognize the type of traffic and prioritize it within the device’s queue. From a MS Teams perspective, this is a good solution that works across multiple platforms such as Windows, Linux and Mac. This solution, which is probably the simplest, works only across the WAN, and not all the way to the client machine. Unless local networks are congested, the WAN is the most likely source of traffic interference and delay.
Another option is GPO or Group Policy Object, which directs client devices to insert the DSCP marker in packets to identify them as particular traffic types, such as voice or video. Routers, such as BusinessCom’s Sentinel can recognize the tagged traffic and place it in the higher-priority queue. This solution only supports domain-joined Windows clients. Others such as Mac OS have hard-coded tags. The advantage for the Windows clients is that all computers get the same settings, and only an administrator can manage them. A combination of client marking DSCP at the endpoints, and port-based access control lists at the router should result in all users getting at least partial prioritization.
There are several decisions to be made to prioritize Teams/Skype traffic, starting with the IT department selecting initial port ranges for the different media types. If a company has previously deployed Skype for Business Online which supports QoS tagging and port ranges, Teams will respect the existing configuration and integrate smoothly. (The free version of Skype does not support port tagging currently, to the best of the author’s knowledge). For additional information and step by step procedures, please visit: docs.microsoft.com/en-us/microsoftteams/qos-in-teams
Zoom
The procedure for Zoom is similar, the primary issue being whether a client is set up manually or through the MSI or mass installer. The client is configured with marking values for audio, video and signaling, to prioritize Zoom traffic between clients and the Zoom server. For more details, see: support.zoom.us/hc/en-us/articles/207368756-QoS-DSCP-Marking
Protocol/Ports
TCP 880, 443
⠀
TCP 443, 8801, 8802
⠀
⠀
UDP 3478, 3479, 8801, 8802
Source
All Zoom Clients & Meeting Connector
⠀
All Zoom Clients
⠀
⠀
All Zoom Clients
Destination
*zoom.us
⠀
MeetingConnector.IP, MeetingConnector.IP2, MeetingConnector2.IP, MeetingConnector2.IP2
⠀
MeetingConnector.IP, MeetingConnector.IP2, MeetingConnector2.IP, MeetingConnector2.IP2
If your company is holding video conferencing sessions over broadband satellite, and you want to ensure that an important video session is as good as it can be given the available bandwidth, and other traffic on the network, then the BusinessCom Sentinel server will recognize and act on the DSCP marking and operate with the Teams and Zoom solutions to achieve this goal for the organization. Current customers should contact the NOC for assistance configuring the Sentinel to prioritize their videoconferencing traffic.