Quality of service is a huge concern for any Skype for Business customer, but deploying QoS for Skype for business is not a simple task as Skype for business traffic is mostly encrypted and there is no way for a network device to identify the traffic type “Audio, Video, App sharing, or file transfer”, the only way to do it is through Network port assignment.
In our BlueskyUC environment we have implemented a policy that applies to all Skype for Business computer applications. The policy sets a port range for each service as following:
- Audio traffic port range: 54000 to 54040
- Video traffic port range: 58000 to 58040
- Application Sharing port range: 51000 to 51040
- File transfer traffic port range: 51100 to 51140
To assign different priority values for each traffic type Microsoft recommends using Group Policy and DSCP tagging:
First you create a new Group policy to be applied on all computers who will need this policy assigned on “client computers”
Expand computer configuration, policies, windows settings, Policy-based QoS:
And create the needed new policies:
For example for Audio, assign the DSCP tagging value:
Then Select all application:
And any source and distention IP addresses:
Then make sure to select the correct protocols (TCP and UDP), and the correct Port Range for Audio (54000 to 54040)
Repeat the upper steps for different services with Different DSCP tagging for different services depending on port ranges.
The new group policy should apply on all domain joined windows machines, but it will not work on different OS or out of domain machines.
These policies will require changing an additional registry key to work on computer with multiple network interfaces, the needed Registry Key is as following:
- Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Qos (if you don’t have any QoS in the tree, you can create one with right click>New>Key and enter the QoS name).
- Create a string value (Right click>New>String value) and use “Do not use NLA” for the name and “1” for the value.
After applying the Group policy and changing the registry keys the computer needs to be restarted for the policies to take effect.
The network team can then use the provided DSCP tagging on different traffic to differentiate the priority of traffic depending on the service.
- Some network equipment can define priority based on source port, if the devices support this method it can work as well.
- The above rules apply only on Outbound traffic, if there is a way to prioritize inbound traffic, you can use the source IP addresses 220.127.116.11 and 18.104.22.168