none
Media negotiation between internal and external clients is sometimes not working - Edge Problem RRS feed

  • Frage

  • Good morning together

    We encounter a very strange problem in our deployment. (virtualized in VMWare)

    Our deployment consists out of one edge pool with two edge servers: (Each Edge Server has 3 external NICs, 1 internal NIC)

    Sometimes there is a period of time when we are not able to share the desktop/application to external clients.
    Audio media path negotiation, f.e. in a conference, is also not working everytime during this time period.

    For the sharing we get the error message: Failed due to network issues

    This seems to be a problem with the ICE checks which don’t work properly.

    But there are also periods of time when everything works fine and we don’t encounter any problem with sharing desktop/applicatio or negotiate audio media path.

    I have tried to check whether the problem occurs at a certain time/or on specific hosts but this was not the case.

    I have checked the network traffic between internal/external clients to the edge and found the following:

    -         - When the problem occurs the client gets an “allocate response” for his "allocate request" from the Edge Server

    -         - After that the client send requests to the edge server but the server seems not to relay any data to the other peer and  vice versa.

    -        -  On both sides i dont receive any data indication messages from the Edge Server

    -         -  That’s why the client don’t send the active destination request to the server

    -         - After a short time the error occurs and the appl. And desktop sharing is canceled

    Also we encounter another strange problem:

    Edgeserver 1 is not offering any STUN and TURN candidates with UDP (even in audio-video negotiation)

    Edgeserver 2 is offering STUN and TURN candidates with UDP

    In my opinion the first Edgeserver should also offer STUN and TURN candidates with UDP, should´t it? 
    They are in the same network and configured the same.

    Up to now I have tried the following:

    -          -  Reinstall the Skype components on Edge Server 1

    -          - Install a complete new VM for Edge Server 1

    -          - I have checked the firewall settings etc.

    But we still encounter the same problems. (Still no UDP candidate)

    When the problem occurs and I stop the A/V service on one of the edge it seems to work again.
    When I start the service again, it is possible that everything will work for a random time

    Did anyone of you encouter such a strange problem before?

    Thanks for all your help in advance.

    Greets,
    Markus

    Mittwoch, 7. Dezember 2016 07:36

Antworten

  • Hi all,

    Update for the previous post:

    I was able to solve the issue with the UDP candidates.
    For some reasons our internal network adapter was dedicated to the wrong firewall profile...
    Thats why the UDP port was blocked on the internal interface.

    Our network colleague told me that the clients are able to ping the external interfaces from the edge because of our Firewall but any other traffic will be blocked.

    Unfortunately the problem with the Application Sharing/Audio still exists. I have checked a few things and found out that the problem only occurs when both Edge Server are active.

    Everything works fine with one Edge Server.

    For your information: We use a NetScaler HLB for the Edge Server.

    Thanks for any help from your side!

    Greets,

    Markus

    • Als Antwort markiert Markus_95 Dienstag, 13. Dezember 2016 13:29
    Sonntag, 11. Dezember 2016 10:22

Alle Antworten

  • Hi,

    just a little information for you:

    I read an article about the problem with ICE checks and figured out that we are able to ping the Edge External interfaces from the SfB Server and internal Clients.
    Seems so that deployments often have problems with this.

    Could this also be a reason for our problems?

    I will change this and provide you with a response afterwards.

    Greets,
    Markus

    Source:
    https://enablingtechcorp.com/Blog/TabId/777/ArtMID/2450/ArticleID/493/REALLY-IMPORTANT-Skype-for-Business-Edge-Server-Configuration-Note.aspx

    Mittwoch, 7. Dezember 2016 13:09
  • Hi all,

    Update for the previous post:

    I was able to solve the issue with the UDP candidates.
    For some reasons our internal network adapter was dedicated to the wrong firewall profile...
    Thats why the UDP port was blocked on the internal interface.

    Our network colleague told me that the clients are able to ping the external interfaces from the edge because of our Firewall but any other traffic will be blocked.

    Unfortunately the problem with the Application Sharing/Audio still exists. I have checked a few things and found out that the problem only occurs when both Edge Server are active.

    Everything works fine with one Edge Server.

    For your information: We use a NetScaler HLB for the Edge Server.

    Thanks for any help from your side!

    Greets,

    Markus

    • Als Antwort markiert Markus_95 Dienstag, 13. Dezember 2016 13:29
    Sonntag, 11. Dezember 2016 10:22
  • Hello together,

    unfortunately I noticed that the question is in the wrong forum category.

    I will reopen the problem in the "Lync Server" category.

    Greets,

    Markus

    Dienstag, 13. Dezember 2016 13:29