IMPORTANT NOTES

  • There are 2 methods to prioritize packages, using DSCP Tagging and Ports prioritization
    • Ports prioritization will not be discussed in this guide as this document only aligns with Microsoft’s best practices. Some network equipment can prioritize traffic based on source ports.
    • DSCP Tagging through Group Policies apply only on Outbound traffic, if there is a way to prioritize inbound traffic, you can use the source IP addresses listed in Microsoft official documentation.
    • These procedures only applied to Teams desktop client applications in domain joined computers.
    • To prioritize traffic on IP phones with Teams firmware from any vendor (Yealink, Poly or AudioCodes) is necessary to use VLANs and prioritize VLAN assign for voice traffic or use DSCP tagging directly from the network devices (switches/routers). Please consider that not all the network devices are capable of theses options, review with your networking team about availability of these options.

 

TEAMS CLIENT QUALITY OF SERVICES THROUGH GPO

 

Quality of service is a huge concern for any customer using Microsoft Teams, but deploying QoS for Teams is not a simple task as Teams traffic is mostly encrypted and there is no way for a network device to identify the traffic type “Audio, Video or App sharing”, the only way to do it is through Network port assignment. The policy sets a port range for each service as following (using Microsoft Default values):

  1. Audio traffic port range: 50,000–50,019 (TCP/UDP)
  2. Video traffic port range: 50,020–50,039 (TCP/UDP)
  3. Application Sharing port range: 50,040–50,059 (TCP/UDP)

To assign different priority values for each traffic type Microsoft recommends using Group Policy and DSCP tagging:

  1. In Group Policy Management, locate the container where the new policy should be created. For example, if all your client computers are located in an OU named Clients, the new policy should be created in the Client OU.
  2. Right-click the appropriate container, and then click Create a GPO in this domain, and Link it here.
  3. In the New GPO dialog box, type a name for the new Group Policy object in the Name box, and then click OK.
  4. Right-click the newly created policy, and then click Edit.
  5. In the Group Policy Management Editor, expand Computer Configuration, expand Windows Settings, right-click Policy-based QoS, and then click Create new policy.
  6. In the Policy-based QoS dialog box, on the opening page, type a name for the new policy in the Name box. Select Specify DSCP Value and set the value to 46. Leave Specify Outbound Throttle Rate unselected, and then click Next.
  7. On the next page, select Only applications with this executable name and enter the name Teams.exe, and then click Next. This setting instructs the policy to only prioritize matching traffic from the Teams client.
  8. On the third page, make sure that both Any source IP address and Any destination IP address are selected, and then click Next. These two settings ensure that packets will be managed regardless of which computer (IP address) sent the packets and which computer (IP address) will receive the packets.
  9. On page four, select TCP and UDP from the Select the protocol this QoS policy applies to drop-down list. TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) are the two networking protocols most commonly used.
  10. Under the heading Specify the source port number, select From this source port or range. In the accompanying text box, type the port range reserved for audio transmissions. For example, if you reserved ports 50000 through ports 50019 for audio traffic, enter the port range using this format: 50000:50019. Click Finish.

Repeat steps 5-10 to create policies for Video and Application/Desktop Sharing, substituting the appropriate DSCP values and ports. The new group policy should apply on all domain joined windows machines, but it will not work on different OS or out of domain machines.

These policies will require changing an additional registry key to work on computer with multiple network interfaces, the needed Registry Key is as following:

  1. Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Qos (if you don’t have any QoS in the tree, you can create one with right click>New>Key and enter the QoS name).
  2. Create a string value (Right click>New>String value) and use “Do not use NLA” for the name and “1” for the value.

After applying the Group policy and changing the registry keys the computer needs to be restarted for the policies to take effect.

The network team can then use the provided DSCP tagging on different traffic to differentiate the priority of traffic depending on the service.