Page History
| Panel | |
|---|---|
In this section:
|
Include Page Transparency_Profile_Note Transparency_Profile_Note
Microsoft Lync Video Relay
Microsoft (MS) Lync 2013 introduces support for H.264-UC open standard video codec, and enables point-to-point video from Lync endpoints to non-Lync endpoints. With this capability, MS Lync 2013 supports establishing video sessions with other devices that are capable of supporting H.264-UC codec.
| Info | ||
|---|---|---|
| ||
MS Lync 2010 supports the older standard codec H.263 which is commonly supported by video devices; however, it is not supported by MS Lync 2013. |
The two methods to route video from Lync 2013 are following:
- Static route (via FQDN)
- Non-Lync endpoint registers directly to Lync server
Lync 2010 and Lync 2013 expects STUN/ICE connectivity to be completed before initiating video stream.
The SBC interworks with a Microsoft Lync 2010 or 2013 client by enabling the SIP trunk group iceLync flag (see SIP Trunk Group - Services - CLI, SIP Trunk Group - Media - CLI for details). When flag is enabled, the SBC relays (passes through) MS Lync video sessions. A Video call originating from Lync typically includes multi-part/alternative content with two SDPs. SBC uses a second SDP to establish the audio/video call.
Lync-capable endpoints such as Polycom RPG clients simulate the Lync endpoint behavior for Presence (it initiates a “SERVICE” method). This and its 200OK response back from Lync needs to be relayed through the SBC. Lync uses BENOTIFY method which is also relayed. Offer/Answer SDP during the STUN connectivity phase includes TCP-ACT attribute for the server reflexive candidates. This is derived from the UDP host candidates. Upon completion of the STUN connectivity checks, the final offer SDP that is sent by the SBC, which includes the “remote-candidate” attribute for remote media IP and the “a=candidate” attribute for local media IP.
| Caption | ||||
|---|---|---|---|---|
| ||||
Using sRTP for Media
If sRTP is used for media between the SBC and the Lync endpoint (as well as for normal sRTP configuration), configure the SBC to add the lifetime parameter to the crypto attribute for the sRTP-encrypted media streams when it sends SDP toward the endpoint. An example SMM configuration to accomplish this is provided below.
| Code Block | ||||
|---|---|---|---|---|
| ||||
% set profiles signaling sipAdaptorProfile CRYPTO rule 1 criterion 1 type message message messageTypes responseAll
% set profiles signaling sipAdaptorProfile CRYPTO rule 1 criterion 2 type messageBody messageBody condition regex-match regexp string "a=crypto:3 AES_CM_128_HMAC_SHA1_80 inline:.{40}" numMatch match
set profiles signaling sipAdaptorProfile CRYPTO rule 1 action 1 type messageBody operation regappend from type value value "|2^31"
% set profiles signaling sipAdaptorProfile CRYPTO rule 1 action 1 to type messageBody messageBodyValue all
% set profiles signaling sipAdaptorProfile CRYPTO rule 1 action 1 regexp string "a=crypto:3 AES_CM_128_HMAC_SHA1_80 inline:.{40}" matchInstance all |
| Note | ||||
|---|---|---|---|---|
| ||||
If the Lync setup does not have a mediation server between the SBC and Lync endpoint and sRTP is used for media between the two, then by this SMM SBC will add the lifetime parameter to the crypto attribute for the sRTP encrypted media streams when it sends SDP toward the endpoint. |
Call Scenarios
The SBC supports the following call scenarios for MS Lync Video Relay:
- Lync call which starts out as audio and then adds a video stream. In this situation the ICE processing occurs on the newly-added video stream with media being cut-through successfully.
- Lync call which starts out as audio and video and then downgrades to an audio only stream. In this case, the ICE is successfully completed for both audio and video streams. Once the video stream is removed, the audio stream remains unaffected. The SBC ceases all ICE activity on what was previously the video stream.
- The SBC redirects a non-Lync leg of a call toward a Lync endpoint. In this case the ICE processing occurs on the redirected leg and media is cut through appropriately to the Lync endpoint.
- The SBC handles call hold and resume on streams that are established with Lync ICE.
- The SBC interoperates with a Lync 2013 Endpoint offering IPv6 and or IPv4 addresses and Lync 2010 endpoints offering IPv4 addresses for media. The SBC does not support offering both IPv4 and IPv6 addresses at this time.
| Anchor | ||||
|---|---|---|---|---|
|
The following example procedure configures the SBC for MS Lync-Video relay.
Enable transparency for following headers.
Code Block language none title Supported, Contact, Server % set profiles services transparencyProfile LYNC sipHeader <supported | contact | server>
Code Block title Unknown header, From, To, Unknown body, requestURI, userAgentHeader % set profiles signaling ipSignalingProfile LYNC commonIpAttributes transparencyFlags unknownHeader enable % set profiles signaling ipSignalingProfile LYNC commonIpAttributes transparencyFlags unknownBody enable % set profiles signaling ipSignalingProfile LYNC commonIpAttributes transparencyFlags fromHeader enable % set profiles signaling ipSignalingProfile LYNC commonIpAttributes transparencyFlags toHeader enable % set profiles signaling ipSignalingProfile LYNC commonIpAttributes transparencyFlags requestURI enable % set profiles signaling ipSignalingProfile LYNC commonIpAttributes transparencyFlags userAgentHeader enable
- Configure the following in IP signaling profile:
Enable “DisableHostTranslation”, INFO relay
Code Block language none % set profiles signaling ipSignalingProfile LYNC commonIpAttributes flags disableHostTranslation enable % set profiles signaling ipSignalingProfile LYNC commonIpAttributes flags sendRtcpPortInSdp enable % set profiles signaling ipSignalingProfile LYNC commonIpAttributes relayFlags info enable
Note icon false title Note This parameter must be enabled to configure Lync 2010.
Disable “Privacy”
Code Block language none % set profiles signaling ipSignalingProfile LYNC egressIpAttributes privacy flags includePrivacy disable
Enable STUN Support on SIP trunk group facing Lync or Lync-capable endpoints.
Code Block language none % set addressContext a1 zone ACCESS sipTrunkGroup LYNC_TG services natTraversal iceSupport iceLync
Enable Video and RTCP in packet service profile.
Code Block language none % set profiles media packetServiceProfile LYNC_PSP videoCalls maxVideoBandwith 8000 % set profiles media packetServiceProfile LYNC_PSP rtcpOptions rtcp enable
Disable
rel100Supportflag on the Lync facing the SIP trunk group.Code Block language none % set addressContext a1 zone ACCESS sipTrunkGroup LYNC_TG signaling rel100Support disabled
Enable
SuppressEmptyFragmentsflag in the TLS profile.Code Block language none % set profiles security tlsProfile nbstls suppressEmptyFragments enabled
To relay unknown DSP attributes for the trunk group, enable
sdpAttributesSelectiveRelayflag.Note icon false title Note The following configuration is not applicable for MS Lync/Skype for remote desktop sharing configuration.
Code Block language none % set addressContext a1 zone ACCESS sipTrunkGroup LYNC_TG media sdpAttributesSelectiveRelay enabled
To configure sRTP for the Packet Service Profile of the trunk group facing Lync.
Code Block language none % set profiles media packetServiceProfile Lync_PSP secureRtpRtcp flags allowFallback "enable" enableSrtp "enable" resetROCOnKeyChange "disable" resetEncDecROCOnDecKeyChange "disable" updateCryptoKeysOnModify "disable" set profiles media packetServiceProfile Lync_PSP secureRtpRtcp cryptoSuiteProfile DEFAULT
How to Configure MS Lync/Skype for Remote Desktop Sharing
The following steps are performed to configure MS Lync/Skpe for business desktop sharing:
- Configuring SBC and LYNC in Media Environment#Configuring Basic Lync for Media
- Configuring SBC and LYNC in Media Environment#Setting Setting the non-RTP Media Bandwidth
- Enabling Application Sharing on Ingress and Egress Sip Trunk Group
- Enabling SBC TCP Client Role on Ingress and Egress Sip Trunk Group
- Configuring SBC and LYNC in Media Environment#Call Call Detail Status
| Anchor | ||||
|---|---|---|---|---|
|
To configure basic Lync for media, refer to the section Configuring SBC and LYNC in Media Environment#How How to Configure MS Lync Video Relay.
Once the base configuration is applied to enable support for Lync desktop sharing in the SBC, configure the following parameters and flags:
| Anchor | ||||
|---|---|---|---|---|
|
| Code Block |
|---|
% set system media dedicatedBWForNonRTPMedia 10 |
| Note |
|---|
|
Anchor Enabling application sharing on ingress and egress Sip Trunk Group Enabling application sharing on ingress and egress Sip Trunk Group
Enabling Application Sharing on Ingress and Egress Sip Trunk Group
| Enabling application sharing on ingress and egress Sip Trunk Group | |
| Enabling application sharing on ingress and egress Sip Trunk Group |
To configure the parameter lyncshare on ingress and egress Sip Trunk Group, execute the following commands:
| Code Block |
|---|
% set addressContext default zone ZONE3 sipTrunkGroup TG_ingress media lyncShare enabled % set addressContext default zone ZONE3 sipTrunkGroup TG_egress media lyncShare enabled |
Anchor Enabling SBC TCP client role on ingress and egress Sip Trunk Group Enabling SBC TCP client role on ingress and egress Sip Trunk Group
Enabling SBC TCP Client Role on Ingress and Egress Sip Trunk Group
| Enabling SBC TCP client role on ingress and egress Sip Trunk Group | |
| Enabling SBC TCP client role on ingress and egress Sip Trunk Group |
To configure the parameter iceTcpRole on ingress and egress Sip Trunk Group, execute the following commands:
| Code Block |
|---|
% set addressContext default zone ZONE3 sipTrunkGroup TG_ingress services natTraversal iceSupport iceLync iceTcpRole passive % set addressContext default zone ZONE3 sipTrunkGroup TG_egress services natTraversal iceSupport iceLync iceTcpRole passive |
| Anchor | ||||
|---|---|---|---|---|
|
The new stats TCP/LYNC/APPSHARE is added to the media streams of call detail status.
| Code Block |
|---|
> show status global callDetailStatus
callDetailStatus 4 {
mediaStreams audio,video,UDP/BFCP,video;
state Stable;
callingNumber "";
calledNumber "";
addressTransPerformed none;
origCalledNum "";
scenarioType SIP_TO_SIP;
callDuration 221072;
mediaType passthru;
associatedGcid1 4;
associatedGcid2 4;
associatedGcidLegId1 1;
associatedGcidLegId2 0;
ingressSessionBandwidthkbps 269;
egressSessionBandwidthkbps 269;
ingressMediaStream1LocalIpSockAddr "10.32.114.1/ 1062 (rtcp: 1063)";
ingressMediaStream1RemoteIpSockAddr "10.128.99.157/ 3230 (rtcp: 3231)";
egressMediaStream1LocalIpSockAddr "10.33.5.141/ 1066 (rtcp: 1067)";
egressMediaStream1RemoteIpSockAddr "10.128.96.48/ 51564 (rtcp: 51565)";
ingressMediaStream1Security rtp-disabled,rtcp-disabled;
egressMediaStream1Security rtp-disabled,rtcp-disabled;
ingressMediaStream1Bandwidth 127;
egressMediaStream1Bandwidth 127;
ingressMediaStream1IceState NONE;
egressMediaStream1IceState NONE;
ingressDtlsStream1 DISABLED;
egressDtlsStream1 DISABLED;
ingressMediaStream2LocalIpSockAddr "10.32.114.1/ 1064 (rtcp: 1065)";
ingressMediaStream2RemoteIpSockAddr "10.128.99.157/ 3232 (rtcp: 3233)";
egressMediaStream2LocalIpSockAddr "10.33.5.141/ 1068 (rtcp: 1069)";
egressMediaStream2RemoteIpSockAddr "10.128.96.48/ 51566 (rtcp: 51567)";
ingressMediaStream2Security rtp-disabled,rtcp-disabled;
egressMediaStream2Security rtp-disabled,rtcp-disabled;
ingressMediaStream2Bandwidth 269;
egressMediaStream2Bandwidth 269;
ingressMediaStream2IceState NONE;
egressMediaStream2IceState NONE;
ingressDtlsStream2 DISABLED;
egressDtlsStream2 DISABLED;
ingressMediaStream3LocalIpSockAddr "10.32.114.1/ 1066";
ingressMediaStream3RemoteIpSockAddr "10.128.99.157/ 3238";
egressMediaStream3LocalIpSockAddr "10.33.5.141/ 1070";
egressMediaStream3RemoteIpSockAddr "10.128.96.48/ 51570";
ingressMediaStream3Security rtp-UnEncrypted;
egressMediaStream3Security rtp-UnEncrypted;
ingressMediaStream3Bandwidth 0;
egressMediaStream3Bandwidth 0;
ingressMediaStream3IceState NONE;
egressMediaStream3IceState NONE;
ingressDtlsStream3 DISABLED;
egressDtlsStream3 DISABLED;
ingressMediaStream5LocalIpSockAddr "10.32.114.1/ 1070 (rtcp: 1071)";
ingressMediaStream5RemoteIpSockAddr "10.128.99.157/ 3234 (rtcp: 3235)";
egressMediaStream5LocalIpSockAddr "10.33.5.141/ 1074 (rtcp: 1075)";
egressMediaStream5RemoteIpSockAddr "10.128.96.48/ 51568 (rtcp: 51569)";
ingressMediaStream5Security rtp-disabled,rtcp-disabled;
egressMediaStream5Security rtp-disabled,rtcp-disabled;
ingressMediaStream5Bandwidth 269;
egressMediaStream5Bandwidth 269;
ingressMediaStream5IceState NONE;
egressMediaStream5IceState NONE;
ingressDtlsStream5 DISABLED;
egressDtlsStream5 DISABLED;
iceCallTypes ing-lcl-NONE,ing-rmt-NONE,eg-lcl-NONE,eg-rmt-NONE;
}
callDetailStatus 524292 {
mediaStreams TCP/LYNC/APPSHARE;
state Stable;
callingNumber "";
calledNumber "";
addressTransPerformed none;
origCalledNum "";
scenarioType SIP_TO_SIP;
callDuration 220758;
mediaType passthru;
associatedGcid1 524292;
associatedGcid2 524292;
associatedGcidLegId1 1;
associatedGcidLegId2 0;
ingressSessionBandwidthkbps 0;
egressSessionBandwidthkbps 0;
ingressMediaStream1LocalIpSockAddr "10.33.5.141/ 42589 (rtcp: 42589)";
ingressMediaStream1RemoteIpSockAddr "10.128.96.48/ 43131 (rtcp: 43131)";
egressMediaStream1LocalIpSockAddr "10.33.5.141/ 1029 (rtcp: 1029)";
egressMediaStream1RemoteIpSockAddr "10.128.99.168/ 5358 (rtcp: 5359)";
ingressMediaStream1Security rtp-Encrypted;
egressMediaStream1Security rtp-UnEncrypted;
ingressMediaStream1Bandwidth 0;
egressMediaStream1Bandwidth 0;
ingressMediaStream1IceState ST_ICE_COMPLETE;
egressMediaStream1IceState ST_ICE_COMPLETE;
ingressDtlsStream1 DISABLED;
egressDtlsStream1 DISABLED;
iceCallTypes ing-lcl-FULL-ICE,ing-rmt-FULL-ICE,eg-lcl-FULL-ICE,eg-rmt-FULL-ICE;
}
[ok] |
| Pagebreak |
|---|
Overview
Content Tools