locked
Server and Client Side Recommended Port Ranges for SFB Environment RRS feed

  • Question

  • Following are the details taken from or as per Microsoft's Recommendations for Fixing the Usage of Ports for various modalities or per session type like Audio, Video or AppSharing ....

    CLIENT SIDE PORT RANGE AND COUNT

    ClientAudioPort                            50020-50039     ( Client Audio Port                     count 20 )
    ClientVideoPort                            58000-580019   ( Client Video Port                     count 20 )
    ClientAppSharingPort                  42000-42019     ( Client AppSharing Port            count 20 )
    ClientFileTransferPort                  42021-42041      ( Client FileTransfer Port            count 20 )

    SERVER SIDE PORT RANGE AND COUNT

    AppSharing Port Range              40801 -- 49149 ( Server AppSharing port           count 8348 )
    Audio Port Range                        49152 -- 57500  ( Server Audio port                      count 8348 ) 
    Video Port Range                         57501 -- 65535  ( Server Video port                      count 8348)

    Now we are checking the detailed reports for these sessions to check on the bandwidth consumption happening for these kind of sessions for which have configured client side reports based the ports recommended above as well as the server side reports recommended as shown above again

    However we can see huge variance in the client side report vs server side report,

    Checking and digging in to the details of the report shows that there are other ports rather say a huge number of other port being used at the client side compare to what we have configured as part of Set-CsConferencingConfiguration so that all clients use the ports in fact rather say "USE ONLY THE PORTS" defined in the configuration,

    for example we have this config

    ClientVideoPort 58000-580019 ( Client Video Port count 20 ) we expect that SFB Client will not use another port video related info exchange,

    Whereas i can see this in the port that there many other ports being used during the same session which Microsoft has not mentioned anywhere in there documentation which is causing a big difference between server side vs client side reporting

    How, Where or Who can confirm this from Microsoft I need resolution for this ASAP i mean the complete details on port usage


    An Extremist

    Friday, March 16, 2018 11:13 AM

Answers

  • Hello All,

    Once again i my quest to identify or find out the pattern for the ports-protocols used by clients and servers in SFBS2015 environment when QoS as recommended by Microsoft is deployed

    Get-CsConferencingPolicy
    Get-CsMediaConfiguration
    Get-CsConferencingConfiguration - CLient Side Ports for all media type
    Get-CsService -ApplicationServer - Application Sharing Server Side Port Range
    Get-CsService -ConferencingServer - Conferencing Server Side Port Range|Set-CsConferencingPolicy -ApplicationSharingMode RDP
    Set-CsMediaConfiguration -EnableVideoBasedSharing $false
    Get-CsConferencingPolicy
    Get-CsMediaConfiguration

    Above commands can clearly show what are the settings with respect to VBSS configuration in the environment

    and also do disable VBSS so that end to end RDP is used for Screen Sharing Sessions

    Which i have tested i think is working as well as for every client all packets are sent to 3389 port on the server and all communication received from server is sent from 3389 only

    However here is the interesting part remember in my environment i have csconferencingconfiguration set for client ports for all session types like audio, video, desktop-App Sharing and File Transfering...

    Now when VBSS is disabled and it is clearly seen that clients do send all packets to 3389 on the server in the traces i tool i can it is over UDP

    However clients do not use any one of the port ranges which have been configured though it is suppose to use the one configured for app sharing however none of these ranges are used instead client apparently choose a random ephemeral ports for these network exchanges STRANGE again!

    I would like to know if i am missing anything here, when will these ports be used and where can i get authentic and validated info as all the testing i am doing does seem to show variance in comparison to whats mentioned in Microsoft Documentation, if not then please help with getting my understanding sorted

    I figured the new custom policy created with custom or rather microsoft recommended port ranges policy for skype clients does not take instead client take the port ranges from Global Policy once the change in the Global Policy was done desired ports ranges were/are effective


    An Extremist


    • Marked as answer by AnExtremist Tuesday, September 18, 2018 5:57 AM
    • Edited by AnExtremist Tuesday, September 18, 2018 6:00 AM update
    Monday, March 26, 2018 9:18 AM

All replies

  • Hi AnExtremist,

    By default, Lync client applications can use any port between ports 1024 and 65535 when involved in a communication session,if you run the Set-CsConferencingConfiguration ,set the ClientMediaPortRangeEnabled  to True.you could use the fixed port.

    Best Regards,
    Leon Lu


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Monday, March 19, 2018 8:07 AM
  • Hi AnExtremist,

    Check the technical diagram of skype for business wat ports are needed and where they are needed:

    http://go.microsoft.com/fwlink/p/?LinkId=550989

    Greetings,

    Erdem


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

    Monday, March 19, 2018 8:19 AM
  • That is what my point is about,

    I have used those commands to set the ports client should use and must adhere to the policy configured

    Still when tracing the various session types like audio / video / appsharing I see clients do use the ports configured on them to be used, however I can see clients keep on sending packets to SFB servers on port 5061 with different bytes I want to understand what are these packets and why do client keep on sending these to servers that too in the middle of the session

    BR,

    /HS


    An Extremist

    Monday, March 19, 2018 9:48 AM
  • Hi AnExtremist,

     

    Based on my research , it is normal, port 5061 used for client-to-server SIP traffic(when you sign in and send IM all will use it), for example ,if you send IM in the A/V meeting ,your client will still send packets to the server via port 5061,


    Best Regards,
    Leon Lu


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Friday, March 23, 2018 8:40 AM
  • If you agree that every network sent received from Client to Server must have a significance purpose of doing it,

    I understand client need to exchange packets on this port to get the details for next steps which means one should see packets this or these know service ports initially,

    But I see them during the session that too with the big difference in the packet sizes, I just want to know why is client sending packets to this port what is purpose - reason behind what kind of update client is asking for ...? during the session....

    It would be great if someone can share the entire series of steps a client performs while joining a call what ports are used, presenting the desktop what are the ports and additional details....

    I have also read that with Skype for Business there is new Screen Sharing Feature which uses Video Port Range on the Server Side however on the client side it will use the port from AppSharing Port Range which adds to the overall complexity

    BR,

    /HS


    An Extremist

    Friday, March 23, 2018 10:30 AM
  • Hello AnExtremist,

    As you said it talks over 5061 TLS port which you mentioned is for the Sign in process, Conference capabilities, User contacts, presence, Voice Capabilities ....these require different methods to talk over sip signaling ..Easier to refer you to Reskit Documents of Lync 2010 are good source for a Peer to Peer and then PSTN call.

    https://www.microsoft.com/en-us/download/details.aspx?id=22644

    and http://blog.schertz.name/2015/10/video-based-screen-sharing-in-skype-for-business/

    Friday, March 23, 2018 8:29 PM
  • Hello All,

    Once again i my quest to identify or find out the pattern for the ports-protocols used by clients and servers in SFBS2015 environment when QoS as recommended by Microsoft is deployed

    Get-CsConferencingPolicy
    Get-CsMediaConfiguration
    Get-CsConferencingConfiguration - CLient Side Ports for all media type
    Get-CsService -ApplicationServer - Application Sharing Server Side Port Range
    Get-CsService -ConferencingServer - Conferencing Server Side Port Range|Set-CsConferencingPolicy -ApplicationSharingMode RDP
    Set-CsMediaConfiguration -EnableVideoBasedSharing $false
    Get-CsConferencingPolicy
    Get-CsMediaConfiguration

    Above commands can clearly show what are the settings with respect to VBSS configuration in the environment

    and also do disable VBSS so that end to end RDP is used for Screen Sharing Sessions

    Which i have tested i think is working as well as for every client all packets are sent to 3389 port on the server and all communication received from server is sent from 3389 only

    However here is the interesting part remember in my environment i have csconferencingconfiguration set for client ports for all session types like audio, video, desktop-App Sharing and File Transfering...

    Now when VBSS is disabled and it is clearly seen that clients do send all packets to 3389 on the server in the traces i tool i can it is over UDP

    However clients do not use any one of the port ranges which have been configured though it is suppose to use the one configured for app sharing however none of these ranges are used instead client apparently choose a random ephemeral ports for these network exchanges STRANGE again!

    I would like to know if i am missing anything here, when will these ports be used and where can i get authentic and validated info as all the testing i am doing does seem to show variance in comparison to whats mentioned in Microsoft Documentation, if not then please help with getting my understanding sorted

    I figured the new custom policy created with custom or rather microsoft recommended port ranges policy for skype clients does not take instead client take the port ranges from Global Policy once the change in the Global Policy was done desired ports ranges were/are effective


    An Extremist


    • Marked as answer by AnExtremist Tuesday, September 18, 2018 5:57 AM
    • Edited by AnExtremist Tuesday, September 18, 2018 6:00 AM update
    Monday, March 26, 2018 9:18 AM