Design network for media optimization

Completed

Microsoft Teams sends and receives real-time traffic over the network for its calls and meetings, features, and depends on good network connectivity. There are some configurations you can make in your network architecture to optimize performance for Teams. This unit discusses internet breakout strategy as a method of media optimization.

Design local site internet breakout strategy for client media optimization

Most larger organizations have their sites network connected via a private Wide Area Network (WAN), using technologies like Multi-protocol Label Switching (MPLS) or a Software-defined WAN (SD-WAN).

They might then have specific internet ingress and egress points on their global private network; for example, having all the internet connectivity for Europe route in and out of one connection. This is done to centralize internet traffic through dedicated firewalls and proxies at a single location.

While this configuration can make network management easier, it's suboptimal for real-time network traffic like Teams, which must route over the WAN and then break out onto the internet at the regional internet connection. This adds latency and traffic can potentially be impacted with conjunction on the WAN links. Most Teams traffic, including all meeting traffic and Calling Plan and Operator Connect calls, need to break out to the internet.

Microsoft has local ingress points to its network all over the world: a so called "Distributed Service Front Door infrastructure" designed to shorten the route between customers and cloud services. If the internet is centralized, the client's traffic takes a longer route to get to Microsoft 365.

The best option for Microsoft 365 traffic is to allow local internet breakout from each site. This is also called local egress direct internet network architecture.

In this picture, you can see each site is allowed to connect directly to the internet without going over a WAN or VPN.

This optimizes the network route; end-user connections are dynamically routed to the nearest Microsoft 365 entry point by the Distributed Service Front Door infrastructure. It also reduces the load on the organization's WAN. All connections between the client and Office 365 are encrypted. With less traffic routing across the WAN, technologies like QoS become less important as most traffic goes directly to Microsoft.

Validate local site internet breakout

If you configure local site internet breakout and want to validate it's working or are unsure if a site has optimal internet routing, you can validate it with The Microsoft 365 connectivity test.

The Microsoft 365 connectivity test is a tool that runs basic connectivity tests against your Microsoft 365 tenant and makes recommendations for optimal Microsoft 365 performance.

The tool detects your location, or you can specify your location manually and then tests the connection to the nearest Microsoft 365 service front door.

To run the test, perform the following steps:

  1. Navigate to the Microsoft 365 network connectivity test at https://connectivity.office.com/

  2. Sign in with your Microsoft 365 account for the best test experience.

  3. Either automatically detect your location or add your location manually.

Tip

If you let the tool automatically detect your connection, make sure it is correct on the map to make the test valid.

This picture shows the results of a network connectivity test. You can see the Azure front door in use is near to the site location, which is good.

You can then check your Exchange Online and SharePoint Online front door location and match the best option for your location. There's no specific front door test for Teams.

The following picture of the detailed results shows that the Exchange and SharePoint front door locations in use are one of the best front door locations, which is good:

The Microsoft 365 connectivity test tool performs some basic Teams network performance tests. You can see in the picture below this site passed for connectivity, packet loss, latency, and jitter tests.

Perform this test on every enterprise site and after any network changes to ensure your network and ISP are routing traffic optimally.

Optimize WiFi networks

By default, WiFi networks aren't designed or configured to optimally support real-time media. Each vendor has its own recommendations for deploying its wireless solution, and you should consult your vendors documentation for more detail. There are some general recommendations:

  • Implement QoS or WiFi Multimedia (WMM) to prioritize real-time media traffic.

  • The 5-GHz range is better suited to real-time media than 2.4Ghz due to its dense range and lower interference. If you're using dual-band WiFi networks, consider implementing band steering to push clients to use the 5-GHz range.

  • When access points of the same channel are too close together, they can cause signal overlap and unintentionally compete, resulting in a bad experience for the user. Ensure that access points that are next to each other are on channels that don't overlap.

Performance optimization for organizations in China

Connectivity and performance for users in China is different, due factors unique to China's telco architecture. Chinese ISPs regulate offshore connections to the global public internet that go through perimeter devices, which can be prone to high-levels of cross-border network congestion. This congestion creates packet loss and latency for all internet traffic going into and out of China.

This section provides guidance for scenarios in which users located in China connect to a global Microsoft 365 tenant outside of China. Organizations can opt to have a Microsoft 365 tenant in China operated by 21Vianet, in which case, you aren't crossing the perimeter devices and this advice doesn't apply.

The following recommendations are to help optimize traffic for users in China:

  • Leverage your existing private network to carry Microsoft 365 network traffic between office networks in China and offshore locations that egress on the public internet outside China. Areas with low-latency interconnect with the Microsoft global network such as Singapore, Japan, and South Korea are optimal.

  • Configure your network to route all Microsoft 365 traffic across your private offshore link.

  • Configure user devices to access the corporate network over a VPN connection to allow Microsoft 365 traffic to transit the corporate network's private offshore link.

  • Ensure that VPN clients are either not configured to use split tunneling, or that user devices are configured to ignore split tunneling for Microsoft 365 traffic.

  • If possible, use UDP instead of TCP for live media streaming traffic, such as for Teams. UDP offers better live media streaming performance than TCP.

If your users have PSTN Audio Conferencing, users in China might have a better meeting experience joining meetings via the public switched telephone network (PSTN).

For more information on optimizing for China users, see the link in the resources section.