I am configuring QoS on a PA200 for a remote site that only has a 768Kbps upload pipe. When it comes to PA and QoS, there are a ton of config options. I just want to make sure I am configuring the correct ones.
These are my goals:
- RTP traffic(for VoIP and Video Teleconferencing) to have the highest priority of all traffic. When the pipe is congested because a user uploads a file, we have experienced dropped video calls.
- Riverbed-rios traffic(WAN optimizer) to have a max upload speed of 600Kbps(400Kbps guaranteed). The WAN optimizer traffic is the #1 traffic generator. When it maxes out the upload pipe, latency shoots up from 50ms to 800-900ms.
- Panorama traffic to have a max upload speed of 400Kbps(100Kbps guaranteed). This is the #2 traffic generator.
This is how I have it configured:
Should Class1 have Egress Max/Guaranteed set to 0? I would like it to have "unlimited" egress bandwidth, even during congestion. Class2 is not being used.
Rule 1: RTP traffic from VoIP Phone/Video Teleconferencing Unit to HQ(over ipsec tunnel).
Rule 2: RTP traffic from HQ to VoIP Phone/Video Teleconferencing Unit to remote site(over ipsec tunnel).
Rule 3: Remote sites WAN optimizer to HQ's WAN optimizer(over ipsec tunnel).
Rule 4: Remote sites Palo Alto firewall to HQ's Panorama server(over ipsec tunnel).
*Edit* I forgot to mention that all the Egress Max/Guaranteed were kept at 0 *End Edit* I was experiencing a very similar issue where file uploads(antivirus updates/backups, etc) could temporarily consume the whole pipe and cause issues for voice/video/citrix. Just prioritizing rtcp/rtp/sip as 1st priority, citrix as 2nd and everything else as third was enough to solve our issues. Now we can have the pipe completely utilized and not have any issue with voice/citrix.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!