Showing results for 
Search instead for 
Did you mean: 
Ryan Bos

QoS in ACI: Intro, Configuration, and Verification


Purpose of this document

The purpose of this document is to explain the foundations of QoS within ACI and how to configure and verify configuration within ACI. This document will not explain QoS fundamentals, but just how it works in ACI. This document will also not be diving into the hardware queues.



As with normal QoS, QoS within ACI deals with classes and markings to place traffic into these classes. Each QoS class represents Class of Service, and is equivalent to “qos-group” in traditional NXOS. Each Class of Service maps to a Queue or set of Queues in Hardware. Each Class of Service can be configured with various options, including a Scheduling Policy (Weighted Round Robin or Strict Priority, WRR being default), Min Buffer (guaranteed buffer), and/or a max buffer (static or dynamic, dynamic being default).


These classes are configured at a system level, and are therefore called System Classes. At the system level, there are 6 supported classes:

            -A maximum of 3 “User-defined” classes

                        -Level1, Level2, Level3

            -3 “Reserved” classes which are not configurable by the user

                        -IFC Class, Span Class, Control Class


User Defined Classes

As mentioned above, there is a maximum of 3 “User-defined” classes within ACI. The three classes are:



            -Level3 – Always enabled & Equivalent to “best-effort” class in traditional NXOS


Only 1 of these classes can be set as a “Strict Priority” class. Also note that all of the QoS classes are configured for all ports in the fabric (Leaf, Spine, ASIC, and internal port). There is no per-port configuration of QoS Classes in ACI.


Reserved Classes

As mentioned above, there are 3 reserved classes that are not configurable by the user:

            -IFC Class – All APIC originated or destined traffic is classified into this class

                             -Strict Priority Class

                             -In Flowlet prioritization mode, prioritized packets use this class

            -Control Class (SUP class)

                                    -Strict Priority Class

                                    -All SUP generated traffic is classified into this class

                                    -All control traffic such as Protocol packets use this class

            -SPAN Class

                                    -Best Effort class

                                    -DWRR and least possible weight parameters

                                    -All SPAN and ERSPAN traffic classified into this class

                                    -Can be starved


Classification and Marking

  • Packets are Classified using Dot1p Policy, DSCP policy, or Contracts
  • DSCP/Dot1p Policy is configured and applied at the EPG level via “Custom QoS Policy”

Screen Shot 2015-05-12 at 4.01.52 PM.png

  • DSCP Policy within the “Custom QOS Policy” is a set of rules: Each rule gives mapping of a range of DSCP values to a DSCP Target
  • Dot1p policy within the “Custom QOS Policy” is set of rules: Each rules gives mapping of a range of dot1p values to a DSCP Target
  • DSCP policy takes precedence within EPG based policy
  • There is a default qos-grp for all traffic of an EPG if no QoS policy is configured
  • If a Packet matches both a zone rule with Qos Action and EPG Based Policy, the zone rule action will take precedence

Heirarchy of Priority: Zone rule , EPG based DSCP policy, EPG based Dot1p Policy, EPG based default qos-grp


QoS Configuration in ACI

This section will be walking through these steps and will also show verification commands to check your configuration.


Within the APIC GUI, there are 3 main steps to configure your EPG to use QoS:

  1. Configure Global QoS Class parameters
  2. Configure Custom QoS Policy within the EPG (if necessary)
  3. Assign the QoS Class and/or Custom QoS Class (if applicable) to your EPG.


I believe that the best way of learning something is to walk through doing it yourself, and since there are a million different ways to configure QoS in ACI, I will be walking through a specific use case and scenario and showing exactly how I configured this in ACI.


The environment is the following: 2 ASR routers connected to two separate leaf switches. The ASR routers are BFD (Bidirectional Forwarding Detection) peers, which use a keepalive/heartbeat between the peers. We want to apply QoS to these heartbeats to ensure they are prioritized within the fabric during periods of congestion. Below is a topology of the setup:



The first step in this configuration is to configure the Global QOS Class that we will later be placing BFD heartbeat traffic into:

  1. Navigate to Fabric -> Access Policies -> Global Policies
  2. Click on the Class you would like to use for traffic
  3. Configure parameters for this class. In this case, I’ve chosen to configure Level1 as Strict Priority

 Screen Shot 2015-05-12 at 4.56.56 PM.png


Now that our Global Class is setup, we need to navigate to the EPG we are using and create our Custom QoS Policy. This Custom QoS Policy lets us specific what DSCP traffic to look for and what to do with that traffic.


  1. Navigate to your EPG (In this case, Tenants -> MyTenant -> Application Profile -> Application EPGs -> EPG EPG-1


  1. Click the dropdown arrow for Custom QoS and click “Create Custom QOS Policy”

Screen Shot 2015-05-12 at 5.16.15 PM.png


  1. Name the Custom QOS policy and specify the traffic you want to apply QoS. In this specific case, as shown by the configuration below, we have configured this Custom QOS policy to look for CS6 marked traffic (which is what BFD control/heartbeats are marked) and will place this traffic in our Level1 QoS Class, which is set for strict priority. If we specified a DSCP Target, it would take CS6 traffic and place it into a specific target, for example, CS4.

 Screen Shot 2015-05-12 at 5.17.34 PM.png


  1. In this use case, we also want to place all other traffic in the EPG in a Level3 (best effort) QoS Class, so we specify this in the EPG configuration as seen below:


Verification via CLI


There are some useful commands that can be run at the CLI of the leaf to verify QoS configuration, as seen below. These commands, and others, are also mentioned in my "ACI Commands Cheat Sheet" (



calo2-leaf1# show copp policy
COPP Class           COPP proto           COPP Rate            COPP Burst          
ifc                  ifc                  5000                 5000                
igmp                 igmp                 1500                 1500                
cdp                  cdp                  1000                 1000                
pim                  pim                  500                  500                 
dhcp                 dhcp                 1360                 340                 
lacp                 lacp                 1000                 1000                
ospf                 ospf                 2000                 2000                
arp                  arp                  1360                 340                 
lldp                 lldp                 1000                 1000                
acllog               acllog               500                  500                 
stp                  stp                  1000                 1000                
coop                 coop                 5000                 5000                
traceroute           traceroute           500                  500                 
isis                 isis                 1500                 5000                
icmp                 icmp                 500                  500                 
bgp                  bgp                  5000                 5000   



calo2-leaf1# show system internal qos classes
QOS Class
Id: span
Mtu: 9216
Buffer: min 0
Cong: algo 0 ecn 0
Sched: bw 1 meth WRR
Queue: limit 1500 meth Dynamic
QOS Class
Id: control-plane
Mtu: 9216
Buffer: min 0
Cong: algo 0 ecn 0
Sched: bw 0 meth SP
Queue: limit 1500 meth Dynamic
QOS Class
Id: level3
Mtu: 9216
Buffer: min 0
Cong: algo 1 ecn 0
Sched: bw 20 meth WRR
Queue: limit 1522 meth Dynamic
QOS Class
Id: level2
Mtu: 9216
Buffer: min 3
Cong: algo 1 ecn 0
Sched: bw 20 meth WRR
Queue: limit 1522 meth Dynamic
QOS Class
Id: level1
Mtu: 9216
Buffer: min 0
Cong: algo 1 ecn 0
Sched: bw 10 meth SP
Queue: limit 1522 meth Dynamic

Show system internal qos classes shows the global classes that are configured for the system, as well as their properties. We can see here that our Level1 QoS Class is set to SP (strict priority)




calo2-leaf1# show system internal qos vlan all
Requested VLAN ALL
PI id: 28 (0xe2aeeac, 0xe2b3354) flags 0x0
Type: VLAN   Encap: 1011
refcnt: 1 pinst: 87032335 def_nodeid: 87032336
Default Qos Group = 1
Vlan list for this EPG (PI ids): 28 
DSCP name: (null)
     qos_grp: 3 from: 48 to: 48 markDscp: 64

calo2-leaf1# show vlan extended
VLAN Name                             Status    Ports                           
---- -------------------------------- --------- ------------------------------- 
 28   Leigh:Project-App:EPG-1          active    Eth1/20       

Another useful command is show system internal qos vlan all, which can be large output, but I've removed the unnecessary output for above. We can see that our EPG vlan is 28 via <show vlan extended> and then we can look for that vlan in the output of <show system internal qos vlan all>




Is it possible to re-upload the screenshots?


Cisco Employee
Cisco Employee

Very well written and easy to follow.

Thank you very much!




Nice info .

Question: if you don´t configure anything,  is the ACI fabric transparent for the incoming Qos tags that is on the incoming packets going through the packet,  like in nxos when you dont configure qos or have the MLS turned on but trust the trunks ?

so if you dont confgure anything there is no manipulation of the Qos fileds as default through the ACI fabric ?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers