This article provides information on “how to set the Operating System Differentiation Service Code Point (DSCP) for Lync QOS

Table of Contents:

  1. Discussion about 802.1P
  2. Server QOS
  3. Client QOS




1. Setup of DSCP using Lync and Windows Server/Client  


Before trying to layout the issue, I feel it is important to understand the context of the problem at hand on a Lync Deployment. The process for setting up QOS is documented, but there is little documentation on how the settings affect the packets. It is the Operating system which affects the packets. Lync is not responsible for Packet generation. The Windows Server or client is in charge of that. The overall Lync process, is to set the proper ports with Lync and Group policy. Second, it is necessary to set every switch to specifically allow communication, on the specified port range ;to pass, only if tagged, the DSCP value in the lync packet.

To be clear, the DSCP value is a layer three item, which goes into the IPV4 header.  This value indicates an 802.1p tag should be added to the layer two header when the packet gets to the switch. For an abstract of QOS, look to TechNet for more related material. DSCP is only part of the QOS equation. this value may be set, but 802.1p is the actual layer two QOS. DSCP only affects layer 3.

IMPORTANT POINT—there is a setting in Lync called 8021p. Its default value is 0. It is not used in Lync 2013 and has no effect on anything. The command you will see this under is Get-CsUCPhoneConfiguration.

Finally, the Operating system must be verified, to be set to allow for QOS DSCP generation. This article hopefully will help get this last item accomplished.

This article looks at DSCP from a windows perspective, providing the locations to check for DSCP privatization to work. IT is important to note that just because DSCP is in place, 802.1p may not be enabled. Here is the top level way to look at the overview from a windows perspective:

¨  Enable QOS on all physical NICS that will be using DSCP

¨ Disable NLA on windows 7 clients  at policy Computer Configuration->Windows Settings->Security Settings->Network List Manager Policies

Use the registry key to disable NLA

¨ Client must be domain joined for NLA to function. Said another way, the client will not get enforcement of DSCP or QOS if not in a domain member.

Set up Lync ports using an article you trust. Ethan Shudnow and Jeff Schertz come to mind. (official MS documentation should be used). blogs are only examples. I have the commands necessary below. Here is another good resource; example setup

Once you have a solid setup in place, its time to look at the OS settings



2. Server Registry locations for DSCP enablement 
This Section is not exhaustive, but  It is important to understand internal QOS should include internal server and ports only. QOS is set up on:

¨ Conferencing, Application and Mediation servers

¨ Edge Servers

¨ Application Sharing

You need to configure Port ranges and Policies. The port range commands are stated below, but consult TechNet for any corner cases. Verify your existing port ranges to determine what changes need to be made:. Keep in mind the ports are contiguous, so you only need to specify the start port and how many ports you want to use. Furthermore, the ports do not need to be the same on a server basis. They can overlap. However, both of these things are not recommended for the sake of ease of management.

¨ Get-CsService -ConferencingServer | Select-Object Identity, AudioPortStart, AudioPortCount, VideoPortStart, VideoPortCount, AppSharingPortStart, AppSharingPortCount¨ Get-CsService -ApplicationServer | Select-Object Identity, AudioPortStart, AudioPortCount¨ Get-CsService -MediationServer | Select-Object Identity, AudioPortStart, AudioPortCountThe changes you will make will involve the following commands. This is called In band provisioning:

Set-CsConferenceServer -Identity -AppSharingPortStart 40800 -AppSharingPortCount 200

Set-CsConferenceServer -Identity -AudioPortStart 49000 -AppSharingPortCount 6000

Set-CsConferenceServer -Identity -VideoPortStart 57000 -AppSharingPortCount 3000For Application Servers:

Set-CsApplicationServer -Identity -AppSharingPortStart 40800 -AppSharingPortCount 200

Set-CsApplicationServer -Identity -AudioPortStart 49000 -AppSharingPortCount 6000

Set-CsApplicationServer -Identity -VideoPortStart 57000 -AppSharingPortCount 3000


3. Windows 7 Client Issues



By this point you may be asking if its worth all the trouble. If you read QOS from Microsoft, they seem to tell us its more work then what its worth.

But were going through with this!

Of course, you need to make the Server side commands for the clients and also set the GPOs up. Thank you to Lain Smith for his help on this command and his articles as well at

Set-CsConferencingConfiguration -ClientAudioPort 20000 -ClientAudioPortRange 199 -ClientVideoPort 20200 -ClientVideoPortRange 199 -ClientAppSharingPort 20400 -ClientAppSharingPortRange 199 -ClientFileTransferPort 20600 -ClientFileTransferPortRange 199 -ClientMediaPort 20800 -ClientMediaPortRange 199

These are really the registry keys on the client machine. Set your GPOs up (example) and your set.

Wait, don’t forget the phone setting- Set-CsUCPhoneConfiguration -identity global -VoiceDiffServTag 46


The interesting thing about QOS on the Lync clients are that it begins to make you wonder, If Lync is actually in control of packet generation. After you look at some traces, and start to stumble on the whole concept of QOS. It is the network stack that generates the packet, with information, provided from the Lync client. Hopefully you will find guidance to help you see the simple truths at work. The bottom line is the QOS concept is really a Group policy setup to force the clients and servers to use specific ports, and to pass specific request to the network, to identify the packets in a certain way.

The bottom line is the job of QOS is really up to the network. My  recommendation is you simply set the Group policy up and verify the proper values are in place. The only things that will go wrong is the client is not talking on the correct port, as specified, the DHCP value is not changed, or the client is being ignored, no matter what you do to it. Do not fear, there are a few things you cant read in the setup guide.


  1. The setup appears to be correct, but the DSCP value wont change, no matter what.

Are you using Windows 7? Well guess what? Windows 7 is the only OS that supports QOS at the time of this writing. DO you know what else? There is a bug in Win 7 so it wont work!  It so happens, I cant find it. Of course. However, it was an update to SP1 windows 7. The main things here, are the drivers and firmware for all Windows, Clients, Switch’s and Routers. This should be a first step to begin with consistent updates across your deployment.

A second common problem is the Windows Client is not sending the DSCP value. Its not sending the DSCP value, because the switch is not set to specifically take the value. It may even take the packet. But… If there is not priority rule on the switch, then QOS will not work.

  1. The policy is setup, and I have even put the values in the client registry. They keep going back to defaults, or no value at all.

You have to make sure your looking at the right place. A device should only place DSCP markings on RTP or RTCP traffic. The RTP packet will have odd number as the sequence number. RTCP, even.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s