Problem:
How to prioritize Lync traffic when clients are connected on IAP
Since Lync clients uses Secure SIP for control traffic, IAP cannot sniff the traffic to understand the port number negotiated for data traffic(RTP traffic).
Currently IAP does not communicate with Lync SDN to fetch details about RTP ports which would be used for Data traffic between Lync Clients.
Hence recommendation is to limit the port ranges available for negotiation to carry RTP traffic.
Please find below Microsoft article on how to configure Lync server to limit the port range:
https://technet.microsoft.com/en-us/library/jj204760(v=ocs.15).aspx
Once we limit the port range on Lync server, we can write ACL's on user role to prioritize the RTP ports with appropriate DSCP values.
Here is the sample ACL configuration prioritizing the RTP ports with DSCP value 46.
wlan access-rule Aruba
index 3
rule any any match tcp 5061 5061 permit classify-media disable-scanning <<<< Note here tos 46 is not needed for Control Session
rule any any match udp 50000 50015 permit tos 46 <<<<<<<<<< Here we are using port number 50000 to 50015 and assigning TOS value of 46
rule any any match any any any permit
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.