Wireless Access

Reply
Frequent Contributor I
Posts: 60
Registered: ‎12-03-2015

S4B short silences

Hi,

 

Couple of weeks ago I deployed an Aruba controller based WLAN, using 7220's, 325's with 6.4.4.5.

Since the start using this WLAN, lot of people are complaining about short silcences during S4B calls.

These 1 second silences do not really have a pattern but can occur with an interval of 10 seconds or more.

 

We are in the progress of implementing the SDN API to have S4B traffic prioritized, but due to some circumstances this is not going to take place within the next month.

For a short term solution, I configured the heuristic config as described in the following document:

 

http://www.arubanetworks.com/assets/tg/SG_MicrosoftLyncHeuristics.pdf

 

However, after configuring all required settings I don't see any session/call being marked or recognized as high prio VoIP call.

Assuming that the config is correct, do these settings take effect on S4B clients or only Lync? If so, what is the difference between the two because based on the documentation that I've red I don't see any differences regarding layer 4 port communcation or session encryption.

 

Can the short silences be caused by some scan or other enabled functionality? I'm trying to find a solution that does not cost me weeks or month by deselecting different options one-by-one.

Anyone able to point me in the right direction where to look for and how to solve this annoying issue?

Guru Elite
Posts: 20,789
Registered: ‎03-29-2007

Re: S4B short silences

I think someone needs to take a look at your configuration.  That someone is TAC, to ensure you have all of your ducks in a row.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Frequent Contributor I
Posts: 60
Registered: ‎12-03-2015

Re: S4B short silences

Will do Colin!

Guru Elite
Posts: 20,789
Registered: ‎03-29-2007

Re: S4B short silences

[ Edited ]

Report back to us what you find.  One thing that not everyone does is configure the clients for QOS but they should:  https://technet.microsoft.com/en-us/library/jj205371(v=ocs.15).aspx

 

http://community.arubanetworks.com/t5/Wireless-Access/Configuring-QoS-for-Lync-2013/td-p/239592

 

Also make sure that "Voice Aware" is enabled in your ARM profile so that there is no scanning during VOIP calls.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Frequent Contributor I
Posts: 60
Registered: ‎12-03-2015

Re: S4B short silences

voip- and video aware scan are both enabled on the ARM profile.

I asked the client team if QOS is enabled and they confirmed me it is being pushed in the polciy. I will have this doublechecked to be sure.

Once a have a solution to this issue I will share this.

Guru Elite
Posts: 20,789
Registered: ‎03-29-2007

Re: S4B short silences

When you type "show session table <IP address of client>" during a call, what flags do you see during a VoIP call?


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Frequent Contributor I
Posts: 60
Registered: ‎12-03-2015

Re: S4B short silences

Hi Colin,

 

I've just checked if QOS is send by the client for S4B data and I can confirm this is true.

VoIP gets 46 while video gets 34. Seems to work correctly on the client part.

 

I've also attached the show datapath output of the controller. I do see DPI is taking place but don't see the V(oIP) flag. I'm wondering if Aruba controller is able to determine S4B VoIP traffic using heuristic scanning. Will have a case opened at TAC today.

 

Thanks for looking into this.

Guru Elite
Posts: 20,789
Registered: ‎03-29-2007

Re: S4B short silences

What is your ACL to classify S4B traffic?

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Guru Elite
Posts: 20,789
Registered: ‎03-29-2007

Re: S4B short silences

Here is a screenshot of what you should have in general:

 

classify-media.png

HTTPS is what Lync uses remotely.  SIPS or TCP 5061 is what lync uses internally.  The ACL above signals to the firewall to inspect all of this traffic and then classify the traffic as voice if we see voice traffic.  Typically you would restrict that source and destination of the TCP 443 and TCP 5061 traffic so that the controller does not attempt to classify ALL TCP 443 traffic.

You should then start a call and the type "show datpath session table <ip address of client> | include V" to see if it is being classified as voice:

(Aruba7005-US) #show datapath session table 192.168.1.237 | include V
       C - client, M - mirror, V - VOIP
22.240.16.25    192.168.1.237   17   52679 50053  0/0     0    46  0   tunnel 14   1a0  273        102960     FHTV            
22.240.16.25    192.168.1.237   17   52186 50052  0/0     6    0   0   vlan 1      192  19647      1580474    FHPTIQV         
192.168.1.237   22.240.16.25    17   50053 52679  0/0     0    46  1   tunnel 14   1a0  618        406485     FHTCV           
192.168.1.237   22.240.16.25    17   50052 52186  0/0     6    0   0   vlan 1      192  11319      2372524    FHPTCIQV        

In the example, my off-premise Skype for Business Server is 22.240.16.25 and my Lync/S4B client is 192.168.1.237

Once the call is started, the call continues with high ports and using "Classify Media" in the ACL determines what ports those are and sets the "V" flag.

"show ucc client-info" would show my client that is recognized and more info.

(Aruba7640-US) #show ucc client-info 

Client Status:
--------------
Client IP      Client MAC         Client Name  ALG      Server(IP)  Registration State  Call Status  AP Name     Flags  Device Type
---------      ----------         -----------  ---      ----------  ------------------  -----------  -------     -----  -----------
192.168.1.237  b8:e8:56:38:9d:be  Client       Skype4B              REGISTERED          In-Call      Office-325         OS X


Flags: V - Visitor, A - Away, W - Wired, R - Remote, B - Blocked, E - External

Show ucc call-info cdrs will give you a record of all of your calls:

(Aruba7005-US) #show ucc call-info cdrs 

CDR:
----
CDR ID  UCC Call ID  Client IP      Client MAC         Client Name  ALG      Dir  Called to  Dur(sec)  Orig Time        Status  Reason      Call Type  Client Health  UCC Score  UCC-Band  MOS  MOS-Band
------  -----------  ---------      ----------         -----------  ---      ---  ---------  --------  ---------        ------  ------      ---------  -------------  ---------  --------  ---  --------
5       NA           192.168.1.237  b8:e8:56:38:9d:be  Client       Skype4B  NA   NA         622       May 23 07:10:11  ACTIVE  NA          Voice      86             68.44      Fair      NA   NA
4       NA           192.168.1.136  ac:cf:85:6b:c5:e6  NA           Jabber   NA   NA         31        May 18 17:38:52  SUCC    Terminated  Voice      73             NA         NA        NA   NA
3       NA           192.168.1.136  ac:cf:85:6b:c5:e6  NA           Jabber   NA   NA         16        May 18 17:38:36  SUCC    Terminated  Voice      0              NA         NA        NA   NA
2       NA           192.168.1.136  ac:cf:85:6b:c5:e6  NA           Jabber   NA   NA         6         May 18 17:38:30  SUCC    Terminated  Voice      0              NA         NA        NA   NA
1       NA           192.168.1.237  b8:e8:56:38:9d:be  Client       Skype4B  NA   NA         2712      May 16 09:26:13  SUCC    Terminated  Voice      74             82.59      Good      NA   NA

I hope all of that makes sense...



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Frequent Contributor I
Posts: 60
Registered: ‎12-03-2015

Re: S4B short silences

Hi Colin,

 

Makes absolutely sense.

Based on the Aruba doc, I did configure the following:

 

netdestination lync-servers
host 10.10.10.10

ip access-list session lync-control
any alias lync-servers svc-sips permit classify-media
any alias lync-servers udp 443 permit classify-media
exit
ip access-list session lync-rtp
any any udp 1024 65535 permit
exit

user-role lync-user
access-list session lync-control
access-list session lync-rtp
exit

ip access-list session lync-365-control
any any tcp 443 permit classify-media
exit

ip access-list session lync-rtp
any any udp 1024 65535 permit
exit

user-role lync-user
access-list session lync-365-control
access-list session lync-rtp

 

Like you mentioned I already had the destination IP's of the Lync front end servers configured to prevent non lync/S4B traffic to be prioritized.

 

These settings are documented for a Lync setup. Not sure if these settings are still fully compatible and required for S4B to function properly. Also I've to check if the user role ' lync user'  is being hit as this will be an issue for the ACL to be aplied if it is not.

Search Airheads
Showing results for 
Search instead for 
Did you mean: