Teams Phone System and Direct Routing is more important than ever because it helps companies and their employees to stay connected with their office number even if they are working from home.
To gain best audio quality in a PSTN phone call it is important to understand how local media optimization can support this scenario and how to configure it.
With Teams Phone System in general companies can close the gap between working from anywhere and still stay connected with the office phone number. This is an often-underestimated scenario. Users can use legacy technologies like VPN securely to get a company access from home. They can use Office 365 services like Exchange Online and SharePoint Online to collaborate with colleagues and get work done. But one missing piece is most often left out: the desk phone in the office. With a legacy PBX system, it is difficult to bring the office phone number at home to the user. Here Microsoft Teams Phone System can help and support you. The Microsoft Teams Client will be extended by PSTN calling and the user is reachable under the office number in their home office or wherever they like to work.
But as often: there is no joy without sorrow. The network part and especially the WAN connection is critical. If the roundtrip time for the audio packages in the network is not optimal, users are complaining about bad audio quality and the well-intended solution can turn into a fiasco.
To offer the best experience for your users, Microsoft provides several techniques and features to optimize the media flow for this scenario.
Media Flow in Microsoft Teams– some basics
In case of Microsoft Teams, we must two types of media flow. The first scenario is a 1:1 scenario. Microsoft Teams always tries to use the shortest network path for transmitting the data packages. In this 1:1 scenario this is a direct connection between the two endpoints. To optimize the flow even further, Microsoft Teams will try to establish a UDP connection first and will switch to a TCP connection if the first one is not possible.
The second scenario is the Meeting scenario. A meeting scenario can be a scheduled online meeting, but also when you start a one on one conversation and add a third person to it, it will be turned into a meeting. And in case of a meeting, the media flow is always to the Office 365 platform as the central meeting platform.
In case of PSTN Calling with Teams Direct Routing a session border controller is required. A session border controller (SBC) terminates the PSTN connection from the provider and routes inbound calls to the Teams platform and vice versa. Therefor the media flow for a PSTN call is slightly different because there is at least one more hop: the SBC itself where the audio packages will be routed through.
Media Flow and Microsoft Teams Direct Routing – default scenario
In a default scenario without Media Optimization, the audio packages will be routed from the SBC to the Microsoft Teams platform and from there to the Teams endpoint. In case of an employee inside the company, the media stream traverses the firewall twice: first time from the SBC to Office 365 and for a second time from the Office 365 platform to the user. As you can imagine this costs bandwidth and, of course, package runtime.
How to optimize Media Flow with Teams Direct Routing – Media Bypass
The first step to optimize the media flow is a well know technique from Microsoft Lync and Skype for Business deployments: Media Bypass.
If the Microsoft Teams endpoint can communicate directly to the SBC external IP address, the call is established with Media Bypass. This means that the audio data are transmitted directly between the Teams endpoint and the SBC itself. The audio data does not traverse the firewall and the routing is optimized. Additionally, you have the option to prioritize Microsoft Teams audio data in your network with Quality of Service.
With a current firmware release installed on the SBC and Local Media Optimization, you can configure the SBC to provide an internal facing network adapter to use for Media Bypass, too. The Teams client will send and receive the audio packages to and from an internal IP address of the SBC directly.
In the past, you had to configure the external interface with the public IP address for Media Bypass, so that internal clients use the external IP for a direct connection. This made it very hard and complex because your firewall had to support this scenario.
The advantages are very simple: the media flow stays in your local network and you can control it better with Quality of service. Also, the firewall configuration is much simpler for this scenario.
Local Media Optimization with Centralized SBC for Branch Offices
For your branch offices you can use Media Bypass as a centralized SBC, too. In this scenario the different phone number ranges for your offices will terminate on one SBC in your datacenter. The SBC will do the routing between the users in the branch offices and the Microsoft Teams platform.
Local Media Optimization with Proxy SBC
A second option for your branch office can be to implement a Proxy SBC in your main datacenter and local SBC systems on site. In this scenario, the Proxy SBC is used for the central communication to the Microsoft Teams platform. The SBC in the branch site is responsible for the local PSTN connection and will route calls over the Proxy SBC to Microsoft Teams and vice versa.
In this scenario a Proxy SBC can help to reduce the requirements to your infrastructure. Only a single SBC instance must be configured to work with Microsoft Teams. Also, it is often used where a centralized SBC is not possible when there are some regulatory or the onsite SBC does not meet the technical requirements.
Can Home Office users participate from Media Bypass?
Of course, Media Bypass and local Media Optimization also provides some benefits for your home office and mobile users.
Microsoft provides several Transport Relay servers in their worldwide datacenters. Best practice is to allow the Teams subnet networks to communicate to the public SBC IP address for media traffic. It is also possible to open the SBC public IP address to your mobile worker, but it is quite difficult to manage this. Each time they connect to the internet, they will use another public IP address. Therefor my recommendation is to allow only the Teams subnet networks to your SBC public IP and to benefit from the Microsoft Global Network.
If you are doing so, the audio data from the home user will be transmitted to one of the nearest Transport Relay server of the Microsoft Global Network. Pay attention that your users can use a local internet break out and reach the nearest egress point to the Microsoft Global Network. The Microsoft Transport Relay server will connect to the SBC directly and will establish a communication. And here is the same behavior: the path from the Microsoft Global Network to your SBC will be shorten to the most necessary. That is why even your home user will benefit from Media Bypass. The runtime of the audio packages is optimized with the help of the Microsoft Global network.
How to configure Media Bypass and local Media Optimization
To configure Media Bypass and Local Media Optimization you must check if your installed SBC firmware already supports this feature. If not, ask your vendor for a current release and install it on the SBC.
Then you must configure your network topology in the Microsoft Teams Admin Center, so the Teams platform is aware of your network infrastructure. You can allow or decline Media Bypass in two ways, as we already know from the good old times: Always ByPass or Local Only.
In case of Always ByPass the Microsoft Teams endpoint tries to connect directly to the SBC every time, regardless of where the user is located in your network.
When you configure Local Only, Media Bypass will only be used, if the user is in the same network site as the SBC. If each one is in a separate network site, the media flow is routed to a Microsoft Transport server and then to the SBC.
Therefor you must configure Regions and Sites in the Teams Admin Center or with PowerShell. Next you assign your networks to a site. You must configure the trusted WAN IP addresses as well. Theses are the public IP addresses used by your users to connect to Microsoft Teams. According to this information and the network topology, Microsoft Teams will allow to use Media Bypass for the endpoint.
The last step is to enable Media Bypass on the SBC level in the Teams Admin Center or on the PowerShell.
More information can be found on Microsoft Docs Configure Local Media Optimization for Direct Routing