QoS Overview
Focus
Focus

QoS Overview

Table of Contents
End-of-Life (EoL)

QoS Overview

Use QoS to prioritize and adjust quality aspects of network traffic. You can assign the order in which packets are handled and allot bandwidth, ensuring preferred treatment and optimal levels of performance are afforded to selected traffic, applications, and users.
Service quality measurements subject to a QoS implementation are bandwidth (maximum rate of transfer), throughput (actual rate of transfer), latency (delay), and jitter (variance in latency). The capability to shape and control these service quality measurements makes QoS of particular importance to high-bandwidth, real-time traffic such as voice over IP (VoIP), video conferencing, and video-on-demand that has a high sensitivity to latency and jitter. Additionally, use QoS to achieve outcomes such as the following:
  • Prioritize network and application traffic, guaranteeing high priority to important traffic or limiting non-essential traffic.
  • Achieve equal bandwidth sharing among different subnets, classes, or users in a network.
  • Allocate bandwidth externally or internally or both, applying QoS to both upload and download traffic or to only upload or download traffic.
  • Ensure low latency for customer and revenue-generating traffic in an enterprise environment.
  • Perform traffic profiling of applications to ensure bandwidth usage.
QoS implementation on a Palo Alto Networks firewall begins with three primary configuration components that support a full QoS solution: a QoS Profile, a QoS Policy, and setting up the QoS Egress Interface. Each of these options in the QoS configuration task facilitate a broader process that optimizes and prioritizes the traffic flow and allocates and ensures bandwidth according to configurable parameters.
The figure QoS Traffic Flow shows traffic as it flows from the source, is shaped by the firewall with QoS enabled, and is ultimately prioritized and delivered to its destination.
QoS Traffic Flow
The QoS configuration options allow you to control the traffic flow and define it at different points in the flow. The figure QoS Traffic Flow indicates where the configurable options define the traffic flow. A QoS policy rule allows you to define traffic you want to receive QoS treatment and assign that traffic a QoS class. The matching traffic is then shaped based on the QoS profile class settings as it exits the physical interface.
Each of the QoS configuration components influence each other and the QoS configuration options can be used to create a full and granular QoS implementation or can be used sparingly with minimal administrator action.
When a queue is filling faster than it can be emptied, the device has two choices as to where to drop traffic. It can wait until the queue is full and simply drop packets as they arrive (tail dropping), or it can detect incipient congestion and proactively begin to drop packets based on a probability function that is tied to an average depth of the queue. This technique is called random early drop (RED). PAN-OS uses a weighted RED (WRED) algorithm.
Each firewall model supports a maximum number of ports that can be configured with QoS. Refer to the spec sheet for your firewall model or use the product comparison tool to view QoS feature support for two or more firewalls on a single page.