Throttle Bandwidth Hogs using QoS (Episode 3) Learning Happy Hour

by mdensley on ‎01-17-2019 09:40 AM - edited a month ago (217 Views)

Nobody appreciates a data glutton! In this episode, Jason & Mitch show you how to spot bandwidth hogs and how to throttle them using a Palo Alto Networks NGFW. If QoS is new to you, there is a background segment called the QoS High Jump which is a deep dive into what QoS is, how it works, and why it is needed. Make it your New Years resolution to learn about QoS by watching this episode of the Learning Happy Hour!

Click on the [ ↗ ] arrow icon in the lower right hand corner of the video to open in a new window to view and search the video in the full video player! 

Previous Episode: See the previous episode of Learning Happy Hour (9 reasons to use URL filtering)

Next Episode: This is the latest episode of the Learning Happy Hour

Episode Timeline: Want to skip to a specific part of this Learning Happy Hour episode

Episode Quiz: Test your memory by answering 5 questions related to this episode

Episode Feedback:

Episodes list: See full list of Learning Happy Hour episodes (note: they are listed as articles)

Episode Resources: Acknowledgements, References, Links, Labs, etc.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 

Episode Timeline:

00:00 – Episode introduction

02:02 – Opening discussion and banter

04:44 – QoS topic opener

07:29 - QoS deep dive (high jump)

15:47 - Bandwidth hog scenario / problem explanation

17:28 - QoS solution to stop bandwidth hogs

19:48 - Steps to implement solution

22:42 – Step 1: Create a log filter string to identify user sessions over #gb

23:33 – Step 2: Create a Log Forwarding Profile to auto-tag source IP matching log filter string

24:32 – Step 3: Match auto-tag IPs in a Dynamic Address Group (DAG)

25:09 – Step 4: Match DAG + Application Filter in QoS Policy to assign traffic to a QoS class

27:27 – Step 5: Setup QoS Profile to define throttle limits

28:20 – Step 6: Assign QoS Profile to an upload/download ethernet interface

29:19 – Step 7: Create a scheduled custom report based on log filter string

32:22 – Step 8: Create script to run daily to remove auto-tag IPs from DAG

36:54 – QoS Demonstration

42:44 – QoS Testimonials

43:41 - Things We Learned

50:36 – Post Episode Quiz

 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 

Episode Links:

Auto-tagging & DNS sinkhole video

PAN-Python

Palo Alto Networks - API Lab

Clearing Registered IPs

How does QoS work

Differentiated services

DSCP configuration guidance (RFC 4594)

Enforce QoS Based on DSCP Classification

Science of Successful Learning

History of Ransomware

Post-Episode Quiz

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 

Episode Resources:

clear-bhogs.xml

<uid-message>

  <type>update</type>

  <payload>

    <clear>

      <registered-ip>

        <all/>

      </registered-ip>

    </clear>

  </payload>

</uid-message>

Optional QoS Practice Lab

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 

Episode Quiz:

 

 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 

Episode Feedback:

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 

Episode Acknowledgements:

Elf Gif

AF Traffic Flagger

Baseband vs. Broadband

Closing music

Ask Questions Get Answers Join the Live Community
Contributors