a QoS profile to define the bandwidth limits and priority for up to eight classes of service. You can set both guaranteed and maximum bandwidth limits for individual classes and for the collective classes. Priorities determine how traffic is treated in the presence of contention.
To fully enable the firewall to provide QoS, you must also:
Define the traffic that you want to receive QoS treatment (select
Policies > QoS
to add or modify a QoS policy).
Enable QoS on an interface (select
Network > QoS).
Enter a name to identify the profile (up to 31 characters). The name is case-sensitive and must be unique. Use only letters, numbers, spaces, hyphens, and underscores.
Enter the maximum throughput in Mbps for this profile. The value is 0 by default, which specifies the firewall limit (60,000 Mbps in PAN-OS 7.1.16 and later releases; 16,000 in PAN-OS 7.1.15 and earlier releases).
value for a QoS profile must be less than or equal to the
value defined for the physical interface enabled with QoS. See
Network > QoS.
Though this is not a required field, it is recommended to always define the Egress Max value for a QoS profile.
Enter the bandwidth that is guaranteed for this profile (Mbps). When the egress guaranteed bandwidth is exceeded, the firewall passes traffic on a best-effort basis.
to specify how to treat
individual QoS classes. You can select one or more classes to configure:
—If you do not configure a class, you can still include it in a QoS policy. In this case, the traffic is subject to overall QoS limits. Traffic that does not match a QoS policy will be assigned to class 4.
—Click and select a priority to assign it to a class:
When contention occurs, traffic that is assigned a lower priority is dropped. Real-time priority uses its own separate queue.
—Click and enter the maximum throughput in Mbps for this class. The value is 0 by default, which specifies the firewall limit (60,000 Mbps in PAN-OS 7.1.16 and later releases; 16,000 in PAN-OS 7.1.15 and earlier releases. The
value for a QoS class must be less than or equal to the
value defined for the QoS profile.
Though this is not a required field, it is recommended to always define the
value for a QoS profile.
—Click and enter the guaranteed bandwidth (Mbps) for this class. Guaranteed bandwidth assigned to a class is not reserved for that class—bandwidth that is unused continues to remain available to all traffic. However, when the egress guaranteed bandwidth for a traffic class is exceeded, the firewall passes that traffic on a best-effort basis.