This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

QoS Guaranteed

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

QoS Guaranteed

SOC_CSG
L4 Transporter

‎02-26-2015 11:33 PM

Hi,

I would like to book (guaranteed egress) 5Mbps for streaming in one of my vlan. My outide-Internet (egress) interface is eth1/1.

The class for streaming is CLASS 1 (real time) right????

whats the difference between "clear text traffic" and "tunneled traffic"???

Im using a PA2020, i can do QoS for limited bandwith and guarranteed in this model, i have read somthing related to not allow qos in pa2020, right??

where i should guaranteed the traffic??? in my qos profile (class 1) or in "clear text traffic: Guaranteed Mbps???

Please check my config if it would work it....thanks

Profile with 5Mbps Guaranteed

qos profile.png

wos interface.png

I dont know the diference clear text-tunneled so i choosed clear text. I have configured my untrust interface as source interface and my vlan to apply this guaranteed traffic.

qosapply.png

Labels:
0 Likes Likes
5 REPLIES 5

SOC_CSG
L4 Transporter

‎02-27-2015 01:12 AM

To apply QoS for streaming on internet, the egress interface should be my untrust interface or my LAN interface?????

0 Likes Likes

mivaldi
L7 Applicator
In response to SOC_CSG

‎02-27-2015 02:06 PM

When you say "streaming 'on' internet", you are not offering enough information to get an answer.

Are you streaming "to" the internet, or are you streaming "from" the internet ?

QoS is applied on the egressing interface.

If you are streaming "to" the internet, the relevant interface is untrust (WAN).

If you are streaming "from" the internet, the relevant interface is trust (LAN).

SOC_CSG
L4 Transporter
In response to mivaldi

‎03-02-2015 05:27 AM

i meant streaming like going to youtube. i think it must to be configured in egreess (untrust) interface like you said..

thanks

0 Likes Likes

mivaldi
L7 Applicator
In response to SOC_CSG

‎08-13-2015 05:30 PM

If you go to youtube, the content is delivered "to" you, so the traffic comes in from untrust, and exits trust towards your workstation. The correct interface to be configured is trust. We are not looking at the direction of the session, but which interface are packets egressing from. The stream is from the YouTube server to your Workstation. The egress is clearly your Trust interface.

0 Likes Likes

VinceM
L5 Sessionator
In response to SOC_CSG

‎08-14-2015 12:29 AM

Hi,

Mivaldi is right.

On one hand, QoS is always apply for outgoing traffic from paloalto's interface point of view.

Mean if you want to limit your streaming traffic, you need to apply QoS on your trust interface.

If you apply your profile on your untrust int, you will imit your request to youtube (which make less sense)

On the other hand, QoS policy is based on session point of view. (From trust to untrust).

Carefull for application identification. Youtube or SSL ....

Doc: QoS in PAN-OS 4.1 (no change on other version)

Hope help

V.

0 Likes Likes
  • 3029 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks