QoS for slow ISP connection

SOLVED
eddiex
Here to help

QoS for slow ISP connection

Hello,

I am working on a project that connects our branch office back to main company building via site to site VPN by PaloAlto firewall. All branch office traffic goes through the VPN.

The branch office has a very slow internet connection (10M), so QoS is important for VoIP.

 

Current setup.

Main company (ISP 1G uplink)

PaloAlto firewall

Cisco 6509E as core

Meraki MS350s+MS250s

Phone servers

 

Branch office (ISP 10M uplink)

PaloAlto firewall to do site to site VPN

Meraki MS125

IP phones

 

I am wondering whether the QoS should be setup on my Meraki MS or the PaloAlto firewall.

Thank you everyone.

 

 

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
Bruce
Kind of a big deal

Re: QoS for slow ISP connection

Your primary problem will be QoS between the two sites since that'll be the smallest bandwidth by a long way - so you need QoS on the PAN devices. If you're also using the 10Mbps internet link at the branch office for general internet traffic then you still may have problems though. QoS doesn't apply to traffic on the internet, it is ignored by everything. So although you can use QoS markings and prioritization as traffic leaves the sites, both head office and the branch, it has no impact as the traffic traverses the internet or as it comes into the site.

View solution in original post

5 REPLIES 5
Bruce
Kind of a big deal

Re: QoS for slow ISP connection

Your primary problem will be QoS between the two sites since that'll be the smallest bandwidth by a long way - so you need QoS on the PAN devices. If you're also using the 10Mbps internet link at the branch office for general internet traffic then you still may have problems though. QoS doesn't apply to traffic on the internet, it is ignored by everything. So although you can use QoS markings and prioritization as traffic leaves the sites, both head office and the branch, it has no impact as the traffic traverses the internet or as it comes into the site.

View solution in original post

Inderdeep
Head in the Cloud

Re: QoS for slow ISP connection

@eddiex : I am agree with @Bruce @the qos should be on Palo Alto devices as the traffic segregated there. You can configure on access switches but no sense to do that.

Regards
Inderdeep Singh
www.thenetworkdna.com
eddiex
Here to help

Re: QoS for slow ISP connection

Thank you very much for the clarification.

The branch office does use 10M ISP for everything. All branch traffic(internet and corp data) go back to the VPN tunnel back to main office. So, if the branch office need go to Google, it will first tunnel back to main office, and then go out to the internet through the main office's firewall. Like full tunneling. In this case, will QoS makes any impact?

eddiex
Here to help

Re: QoS for slow ISP connection

Thank you very much for the clarification.

The branch office does use 10M ISP for everything. All branch traffic(internet and corp data) go back to the VPN tunnel back to main office. So, if the branch office need go to Google, it will first tunnel back to main office, and then go out to the internet through the main office's firewall. Like full tunneling. In this case, will QoS makes any impact? Thanks

Inderdeep
Head in the Cloud

Re: QoS for slow ISP connection

@eddiex : This is pure routing as for your design the local sites dont have Local Internet breakout and rerouted with the all traffic and exit from Hub location. 

 

https://community.meraki.com/t5/Security-SD-WAN/Local-breakout-from-autovpn/m-p/92208 

Regards
Inderdeep Singh
www.thenetworkdna.com
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.