Thursday, September 28, 2017

Ignite 2017 Demystifying internet connectivity to Skype for Business Online and Microsoft Teams

On demand recording available here.

Microsoft runs a high-quality network around the globe to provide services to customers. This Network is closer than you might think, and it means that only little of the traffic actually uses the public Internet.

This article describes the network in greater detail:
How Microsoft builds its fast and reliable global network

And recently Microsoft announced a new nice addition to this network:
A cable stretching 4,000 miles between the US and Spain is the key to a high-speed future

Audio & video is realtime traffic and must be handled different from emails / web browser traffic. The stateless UDP protocol is used for realtime traffic, if a packet is lost there is no point resending it.

Most networks were designed when we had all services on-premises. Now we moved many services online, and we need to reconsider how we do networking.

The network has peering with more than 2500 ISPs around the world in more than 130 locations.

The ideal scenario is a local internet breakout in every office, and not a central breakout point. The analogy used is, "the faster you can get on the freeway the faster you will reach your destination." Identify Office 365 traffic, use local DNS resolution and egress as close to the user as possible.

What kind of performance measures do we need to get a good experience?
In short:

To make a short story long:
Media Quality and Network Connectivity Performance in Skype for Business Online

How can we check these metrics?
Use the Skype for Business Network Assessment Tool.This tool has been a part of the Skype Operations Framework and I have covered it earlier in this blog.

QoS is always a good idea even if our servers now are online, it will have a good impact on peer-to-peer traffic.

Questions and Answers

What about VPNs?
Use split tunneling.

The proxy pac file must contain all Office 365 URLs / FQDNs, but the firewall is allowing/blocking locations based on IP addresses.
How do we match URLs / FQDNs to IP address automatically, to update both pac file and firewall?
This is a challenge.

What ports are Teams using for realtime audio / video?
Teams are using the same destination ports as Skype for business online.

No comments:

Post a Comment