Microsoft Teams bad Network quality / drops out of meeting
-
Hi Steve
I've gathered the screenshots of the monitorringtool. Or are you mentioning something different?
No i don't see any issues on different tools, only when my girlfriend performing videocalls with Teams during homework.
-
That is what I mean but if it's an issue upstream of the gateway IP you would not see it there.
That's why it's often better to monitor some external public IP like 8.8.8.8 or 1.1.1.1 to real idea of connectivity.
Steve
-
Hi Steve
So what should i do next?
I have followed this youtube video: video
And my firewall rules are just the same.Today, the meetings kicked out again my girlfriend due to bad network quality?
I don't know what to check even more.
-
@koenh I have been having issues with Teams as well.
did you run the network assessment tool?
https://www.microsoft.com/en-us/download/details.aspx?id=103017
did you open up the required UDP ports as well?
-
@gnordli thank you for the tip!
im running the tool and get:
Connectivity check source port range: 50000 - 50019
Relay : 52.114.93.15 is the relay load balancer (VIP)
Relay : 52.114.93.15 is reachable using Protocol UDP and Port 3478
Relay : 52.114.93.15 is QOS (Media Priority) enabledStarting Service Connectivity Check:
Relay : 52.114.93.15 is the relay load balancer (VIP)
Relay : 52.114.93.15 is reachable using Protocol PseudoTLS and Port 443
Relay : 52.114.93.15 is the relay load balancer (VIP)
Relay : 52.114.93.15 is reachable using Protocol FullTLS and Port 443
Relay : 52.114.93.15 is the relay load balancer (VIP)
Relay : 52.114.93.15 is reachable using Protocol HTTPS and Port 443
Relay : 52.112.212.14 is the actual relay instance (DIP)
Relay : 52.112.212.14 is reachable using Protocol UDP and Port 3478
Relay : 52.112.212.14 is the actual relay instance (DIP)
Relay : 52.112.212.14 is reachable using Protocol UDP and Port 3479
Relay : 52.112.212.14 is the actual relay instance (DIP)
Relay : 52.112.212.14 is reachable using Protocol UDP and Port 3480
Relay : 52.112.212.14 is the actual relay instance (DIP)
Relay : 52.112.212.14 is reachable using Protocol UDP and Port 3481Relay connectivity and Qos (Media Priority) check is successful for all relays.
Service verifications completed successfully
When running the tool with /qualitycheck:
Reflexive IP is my WAN
Result:
2022-02-08 21:41:58 Loss Rate: 0 Latency: 26,06 Jitter: 15,59 Protocol: UDP
Local IP: IP-LAPTOP:50016 Remote IP: 52.113.203.106:3478
Is Proxied Path: False Last Known Reflexive IP: ...:36796
The firewall rules on my VLAN are:
Or do i have to port forward the UDP ports ?
-
@koenh You don't need to forward any inbound ports to the PC running Teams.
Does the Traffic Graph show high traffic while this is happening?
300/20 should be way more than enough unless something is maxing out the connection. Have you run the speed test from her computer?
-
Are you still monitoring the gateway IP or have you set something external yet?
-
This is during the /qualitycheck.
Yes i have run multiple speedtests and all are looking stable and providing enough speed.
Most tests returned +- 150/15 (wifi), should be enough for Teams. -
Could you explain me how i monitor the gateway IP?
Especially how to monitor an external one? -
In System > Routing > Gateways edit the gateway and set an alternative monitoring IP.
https://docs.netgate.com/pfsense/en/latest/routing/gateway-configure.html
Steve
-
@koenh said in Microsoft Teams bad Network quality / drops out of meeting:
Since the switch to pfsense, my girlfriend noticed she get’s kicked from teamsmeetings with video and screensharing. Before the kick she receives a pop up of “Bad network quality”.
Her laptop is placed in the Guest-network.Teams rarely needs more that 2-3 mbits of traffic both ways.
Is the laptop connected wifi? Have you tried ethernet cable?
How is the wifi neighborhood?
5g? 2.4g?And as a last resort, have you tried swapping girlfriends?
-
Indeed, doesn't require a lot of speed.
The laptop is connected to wifi and she uses 2.4GHz, because the room she is working don't have a network cable / distance is too long (don't have that cable length).
I have switched my USG for a pfSense and before the switch everything was running fine. So my only guess is that something is not functioning right with in my setup.And i woodn't dare (last question) ;-).
-
I'm a bit confused now.
The gateways are showing my WAN gateway, do i need to configure every gateway for every VLAN here?(WAN IP hidden, just left the .1)
I've added the gateway of the Guest network and will look at the monitoring tonight.
-
@koenh said in Microsoft Teams bad Network quality / drops out of meeting:
uses 2.4GHz
Some observations :
That's the 'legacy' band, the historical one with close to 11 canals (really usable 1,5 and 11).
The legacy band is often a mess ..... but, as you can't see or smell it, people tend to say 'Internet is bad".
Not all APs are equal, neither.
Even in 2022, when you suspect a network issue, the very first thing you should do : remove Wifi from the equitation. We can't see or measure easily the quality of a radio connection.
Cable-up and retest.Next step : monitor bandwidth closely.
Try to download and upload "huge" files to a known server with way more bandwidth as at your place. The bottleneck will be : your ISP, and the route to this server.
Be aware that every uplink technology (cable, fibre, adsl, satellite etc) has its advantages and disadvantages.Do some speed tests. This one is shows more then just the speed. And do them regularly.
And remember : ISPs will give you the bandwidth available. What's available at instance X doesn't even depend on them (exception : you hired a uplink with a guaranteed bandwidth - this is very $$$ or €€€ ).
ISP's 'peering' (POPs) to the 'backbone' of the Internet, or directly the the big players, like FB, Twitter, Google, Netflix, etc. These peerings (the actual interconnections) are expensive. ISP's main goal will always be : sell as much subscriptions as possible, buy as less peering possible.
If all the above factors are (somewhat) excluded, then you can focus on pfSense.
Using the defaults settings, a pfSense box with a sub 25 $ ( ? ) processor can do several hundreds of Megabit / sec. There is always the chance you've a bad cable/switch or NIC somewhere. These local issue can be determined easily and rapidly : just swap stuff.
A worst case scenario is : make your own pfSense from scratch. You'll be needing a (very) old ancient desktop PC - a Ethernet adapter with two ports ans an USB drive. You system, based upon some Intel or AMD, will do close to (or even more) a Gigabit / sec. It will be big, ugly and a power drain, but it will work. It will take you 15 minutes, inserting the NIC included. If the issue persists, you will know the issue is not your original pfSense box - or pfSense for that matter. -
The pfSense i configured is actually a build one. I’ve installed pfSense on a Minisforum GK41.
The Specs it is showing are more then good.Also like i mentoined before, i was a UniFy USG before my pfSense. With the USG i had no troubles with Teams. Now using pfSense and there are issues.
-
@koenh I use teams and webex pretty much every day, been work from home since very start covid.. Like 2 years going on - and have never seen any issues..
I'm not using any sort of shaping or limiting..
-
@koenh said in Microsoft Teams bad Network quality / drops out of meeting:
The gateways are showing my WAN gateway, do i need to configure every gateway for every VLAN here?
No. That's showing the gateways pfSense is using so seeing only one there is expected. You would have more if you have multiple WANs or other gateway types such as VPNs or on internal router with subnets behind it.
@koenh said in Microsoft Teams bad Network quality / drops out of meeting:
I've added the gateway of the Guest network
Not sure exactly what you mean there. What I expect is to edit the WAN_DHCP gateway and set the monitoring IP to 8.8.8.8 or some other external pingable IP.
Steve
-
I had the Traffic Sharper applied after reading simular issues with teams and zoom. It has been removed 2 days ago but the issue still persist.
I’m running quite a vanilla version with just some vlans and little rules on them. The only blocks they have is that they can’t reach each other.
So i don’t understand the issue.
If you guys would have even more screenshots as for proof or troubleshooting, i would more be happy to send them.
-
@koenh Hate to suggest it, but here it goes.
Why don't you swap back the unify USG for a couple of days?
(especially when other options of "swappiness" are considered inappopriate.) ;-) -
I understand your suggestion.
But the reason why i'm avoiding the return of the USG is because i can't run any Threat Management on it.
If i turn it on, the USG would crash after a few days (well known issue of the USG).So i would like to make the pfSense work.
I it super silly, i know. The pfSense is doing his work very well.
But just this small issue about Teams drives me crazy and makes me want to solve it.
