© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 10 of 70
The total capacity of the ACEs is an aggregate number that constitutes all types of ACEs. One type of ACE,
however, can scale up to 1500. For example, the total number of Port ACL (PACL) access control entries cannot
exceed 1500. But a combination of PACL and Router ACL (RACL) access control entries can scale up to 3000.
Cisco Catalyst 3850 Quality of Service One of the primary advantages of the Cisco Catalyst 3850 is the visibility into wireless packets at the access layer.
This visibility is a powerful feature and enables network administrators to apply the rich intelligent services of wired
traffic and extend these services to wireless traffic as well. QoS is one of the features that can be applied on
wireless traffic similar to that of being applied on wired network.
Significant QoS features have been introduced for wired as well as wireless on the Cisco Catalyst 3850. Some of
them are the following and are discussed in detail later in the document:
● Modular QoS CLI (MQC)
● Approximate Fair-Drop (AFD) algorithm for bandwidth management across wireless users, providing
hierarchical support across access points, radios, Basic Service Set Identifier (BSSID), and clients.
● Eight queues per port (wired) and 4 queues per port (wireless)
● Bidirectional policing support in hardware for wireless clients
● Two-level hierarchical QoS on wired ports
● Per-SSID bandwidth management; differentiated bandwidth management across SSIDs
Because of the inherent differences of wired and wireless media and transmission methods, there are differences
between wired and wireless QoS.
Wired QoS on the Cisco Catalyst 3850 is explained later, followed by wireless QoS in the following section.
Wired Quality of Service
Cisco Catalyst 3850 Trust Behavior
The trust behavior on the Cisco Catalyst 3850 has changed from the that of Cisco Catalyst 3K Series switches. By
default, the Cisco Catalyst 3850 trusts markings on the wired ports. For wired ports, differentiated services code
point (DSCP) markings in IP packets from endpoints such as IP phones, telepresence units, cameras, and laptops
are trusted and retained.
Retained markings are summarized in Table 2.
Table 2. Trust Behavior
Incoming Packet
Outgoing Packet
Trust Behavior
L3
L3
Preserve DSCP/precedence
L2
L2
Not applicable
Tagged
Tagged
Preserve DSCP and class of service (CoS)
L3
Tagged
Preserve DSCP; CoS is set to 0
With the introduction of MQC, the “trust cos/dscp” CLI has been deprecated on the Cisco Catalyst 3850. However,
“trust device” on the interface level is still supported. The default mode on the interface is trusted and changes to
untrusted only when an untrusted device is detected. In the untrusted mode, the DSCP/precedence/CoS will be
reset to 0.