This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

QOS Bandwidth Limitation Download & UPLOAD

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

QOS Bandwidth Limitation Download & UPLOAD

kan0062
L1 Bithead

‎03-10-2020 11:32 AM

I would like to understand bandwidth limitation steps on Internet download and upload

 

Example - lets say i want to restrict steaming url category on download and upload

 

1. create QOS policy to map traffic going to inside to Internet  youtube as Class 8 with DSCP marking

2. Create QOS Profile with class 8 to egress max/guaranteed

3. Apply QOS  Interface on Egress INSIDE Interface for cleartext and Tunneled to its address DOWNLOAD

4. Apply QOS Interface on Egress INTERNET Interface for cleartext and Tunneled to its address UPLOAD

 

Questions:

 

Do i need seperate QOS policy to match INGRESS from Internet and EGRESS to Internet separately to apply different mappings ? or does Palo capable of doing the QOS based on session with single QOS policy for traffic going to Internet ?

 

 

0 Likes Likes
1 REPLY 1

SutareMayur
L6 Presenter

‎03-11-2020 02:41 AM

QoS marking is performed on the egress interface. The Palo Alto Networks firewall marks packets with DSCP (Differentiated Services Code Point ) values upon egress. Here, The egress interface for traffic depends on the traffic flow. If you are shaping incoming traffic, the egress interface is the internal-facing interface. If you are shaping outgoing traffic, the egress interface is the external-facing interface.

For Limiting Upload, QoS needs to be applied on the egress, which is a WAN interface.

For Limiting Download, so QoS will be on Egress interface which will be your LAN interface.

 

You need to have separate policies to match traffic flow as QoS policy rule will apply that class of service to traffic matched. You can have application based qos policy with Source & Destination zones any so this will get match for both upload and download.

 

Hope it helps you!

 

Mayur

M

Check out my YouTube channel - https://www.youtube.com/@NetworkTalks
0 Likes Likes
  • 6389 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks