Switching

All of the information I read about enabling CoS refers to a three tier setup, an access layer, dist. layer and edge.  I am in a small environment that has only an access layer (EX4200 closet switches on each floor), which connect to a core switch (also EX4200) with ae interfaces.  The core switch provides all L3 routing, access layer functions for some servers and also a dedicated ae interface to another location over our WAN link.  My ultimate goal is to setup CoS for that link.  In theory, I think I have to setup and define ingress filters for each interafce on the closet switches, in addition to the interfaces for the servers on the core switch.  I then need to create and define schedulers and a scheduler map.  I assign the scheduler map to the outgoing ae interface that is used for the WAN link.  I know I'm missing something (or several somethings). 

Also, when I definea firewall ingress filter, does each source-address have to be exact (/32)?  Or can I define an entire vlan, such as x.x.x.0/24?  I guess that means I want to definte these per vlan, I suppose.  Confusion reigns!

Thank you in advance for any pointers.

In the filter, you can match on /24 source address if you want. You are not limited to only /32.

Additionally to what you mentioned, you will need to create forwarding classes.

Below is a guide how to actually configure COS on EX with all the components needed:

http://www.juniper.net/techpubs/en_US/junos12.2/topics/example/cos-ex-series-configuring.html

Parau,

Thank you for your response.  Do I create the same forwarding classes on both the closet/access switches and the core switch?  Once the packet is placed in a forwarding class on the access switch, do subsequent switches know what to do with that packet or do I need a rewrite rule to take care of that?  

There is a section in the article you suggested that confuses me.  Why would you create multiple firewall filters with a few terms each, rather than 1 firewall filter with all the terms?  And lastly, what is the purpose of the following line?

set family ethernet-switching filter voip_class term network_control from precedence [net-control itnernet-control]

 Kind Regards,

R

You will have to be consistent with COS configuration across the network.

If you have congestion in access layer and you configure COS there, but keep the same design(no COS) on core layer, then the congestion will move to the core layer.

I'm not sure that I understand your concern regarding many FF with few terms versus 1 FF with all the terms. Can you be more specific?

Regarding the configuration you mentioned, the FF will match the IP precedence 6 and 7.

Are there performance or other reasons for using more than 1 firewall filter?  Or is it acceptable to just use one blanket firewall filter?

I need to read more about precedence!

The optimal is that you have a match as soon as possible when a packet hits a FF.

If you will configure different FF for each type of interfaces(voice, PC), you will have a match quicker because you will not include voice specific terms in PC interfaces FF.

Also, you will read easier the configuration. If you see a voice FF applied to an interface, then you know what is connected to that interface.