Disabling Google Chrome QUIC protocol with GPO

Google Chrome has this neat protocol called QUIC (Quick UDP Internet Connections, which is another perfect acronym, right up there with MAD – Mutually Assured Destruction). The downside is that it can be very traffic intensive, especially on a busy network. This leaves you with essentially two options: disable the protocol in Chrome or block the application at your firewall. The second option is simple enough but it can have some unintended consequences. The first being that Google’s websites support this. So if you try to go to google.com, you’ll probably have a bad time. The first option, disabling it, can be a bit tricky as you’d probably have to manually update each computer to not use it. In a large network, this isn’t possible so we have the next best thing: Group Policy Objects.

QUIC is helping to drain network bandwidth – except it was pulling over 5 Mbps before I captured a screenshot!

Google Chrome GPOs

If you’re not using Chrome’s GPOs, you’re missing out on a lot. If you don’t have them, you can get the templates from here. Once you get the template imported, create a new GPO policy. You’ll want to go to User Configuration > Policies > Administrative Templates > Classic Administrative Templates > Google >Google Chrome. From here find the setting “Allows QUIC protocol” and set to Disabled.

After all or the majority of the computers receive the GPO update, you should begin to see QUIC traffic drop and speeds improve.

Getting up and running with GNS3

GNS3 is a great tool for those of you who are looking at becoming a network engineer, sharpening your networking skills, or looking to advance your career with network certifications. I love it for all three of these reasons. I’m using it in a context of helping me get my CCNA as, admittedly, I never bothered to get it. Being a network admin, it’s a blemish on my resume. Getting up and running with GNS3 can be a little bit tricky with the newer versions so follow this post if you happen to run into any of these issues.

Items you need

  • GNS3 – download from here (login required; free account)
  • VMWare VIX API – download from here (login required; free account)
  • VMWare Player – download from here (login required; free account)
  • GNS3 VM image for your respective hypervisor – download here (no login)
  • Cisco IOS images – download from here (login required; active Cisco contract required)

Procedure

The installation of GNS3 is pretty straight forward. Once GNS3 is installed is where you may encounter some issues.

The first issue you’ll probably encounter is an error that VMWare vmrun tool can’t be found. The URL in the error message will point you to the tool documentation, but the download link is difficult to find on the page. See the download link above to resolve this error.

If you receive this error (Error while save settings: GNS3VM: Error while executing VMware command: vmrun has returned an error: Error: Service type…), you have the wrong VIX installed. For some reason, 1.6.2 comes up a lot in the search results. This was released in 2008 but does not support VMWare Workstation Player 12. Use the link above to get the correct version.

This error may also occur if the VM isn’t started or was started and GNS3 was then updated. It’s a little tricky sometimes – you may have to restart GNS3. Use the Servers Summary to give you an idea. Both should be green for there to be no issues.

If you run into any issues, just let me know and I’ll do my best to help.