Let me add some more information on this:
We have the customer CPE, which links to the NTE (SRX300/340). Our customers require CoS from the NTE through the Data (ISP) network. The CoS works fine on the MX (Layer 3), however, the NTE for the customer, merely acts as a pass through for the Layer 2 VLAN. Please see below:
CPE --> ge-0/0/1.0 (VLAN ONLY) SRX340 ge-0/0/15.10 (TRUNK) ---> MX240 ---> Wherever
So, as can be seen, the ports for the customer VLAN are ONLY layer 2. I need to apply CoS to the ingress interface of ge-0/0/1.0 so the traffic can be queued correctly through the NTE device.
Here is the configuration:
set firewall family ethernet-switching filter testcos term 1 from dscp 46
set firewall family ethernet-switching filter testcos term 1 from dscp 26
set firewall family ethernet-switching filter testcos term 1 then accept
set firewall family ethernet-switching filter testcos term 1 then forwarding-class SIP-VOICE
set firewall family ethernet-switching filter testcos term 4 from source-address x.x.x.x/32
set firewall family ethernet-switching filter testcos term 4 from source-address x.x.x.x/32
set firewall family ethernet-switching filter testcos term 4 from source-address x.x.x.x/32
set firewall family ethernet-switching filter testcos term 4 from source-address x.x.x.x/32
set firewall family ethernet-switching filter testcos term 4 from source-address x.x.x.x/32
set firewall family ethernet-switching filter testcos term 4 then accept
set firewall family ethernet-switching filter testcos term 4 then forwarding-class SIP-VOICE
set firewall family ethernet-switching filter testcos term 2 then accept
set firewall family ethernet-switching filter testcos term 2 then forwarding-class best-effort
set class-of-service drop-profiles low-drop fill-level 95 drop-probability 0
set class-of-service drop-profiles low-drop fill-level 100 drop-probability 100
set class-of-service drop-profiles med-drop fill-level 75 drop-probability 0
set class-of-service drop-profiles med-drop fill-level 95 drop-probability 30
set class-of-service drop-profiles high-drop fill-level 50 drop-probability 0
set class-of-service drop-profiles high-drop fill-level 95 drop-probability 50
set class-of-service forwarding-classes queue 2 SIP-VOICE
set class-of-service interfaces ge-0/0/1 scheduler-map normal
set class-of-service scheduler-maps normal forwarding-class best-effort scheduler be
set class-of-service scheduler-maps normal forwarding-class expedited-forwarding scheduler ef
set class-of-service scheduler-maps normal forwarding-class SIP-VOICE scheduler sv
set class-of-service scheduler-maps normal forwarding-class network-control scheduler nc
set class-of-service schedulers be transmit-rate percent 65
set class-of-service schedulers be buffer-size percent 65
set class-of-service schedulers be priority medium-high
set class-of-service schedulers be drop-profile-map loss-priority high protocol any drop-profile high-drop
set class-of-service schedulers be drop-profile-map loss-priority medium-high protocol any drop-profile med-drop
set class-of-service schedulers be drop-profile-map loss-priority medium-low protocol any drop-profile med-drop
set class-of-service schedulers be drop-profile-map loss-priority low protocol any drop-profile low-drop
set class-of-service schedulers nc transmit-rate percent 5
set class-of-service schedulers nc buffer-size percent 5
set class-of-service schedulers nc priority medium-high
set class-of-service schedulers nc drop-profile-map loss-priority high protocol any drop-profile high-drop
set class-of-service schedulers nc drop-profile-map loss-priority medium-high protocol any drop-profile med-drop
set class-of-service schedulers nc drop-profile-map loss-priority medium-low protocol any drop-profile med-drop
set class-of-service schedulers nc drop-profile-map loss-priority low protocol any drop-profile low-drop
set class-of-service schedulers ef transmit-rate 5k
set class-of-service schedulers ef transmit-rate exact
set class-of-service schedulers ef buffer-size temporal 1
set class-of-service schedulers ef priority low
set class-of-service schedulers ef drop-profile-map loss-priority high protocol any drop-profile high-drop
set class-of-service schedulers ef drop-profile-map loss-priority medium-high protocol any drop-profile med-drop
set class-of-service schedulers ef drop-profile-map loss-priority medium-low protocol any drop-profile med-drop
set class-of-service schedulers ef drop-profile-map loss-priority low protocol any drop-profile low-drop
set class-of-service schedulers sv transmit-rate percent 30
set class-of-service schedulers sv buffer-size percent 30
set class-of-service schedulers sv priority high
set class-of-service schedulers sv drop-profile-map loss-priority high protocol any drop-profile high-drop
set class-of-service schedulers sv drop-profile-map loss-priority medium-high protocol any drop-profile med-drop
set class-of-service schedulers sv drop-profile-map loss-priority medium-low protocol any drop-profile med-drop
set class-of-service schedulers sv drop-profile-map loss-priority low protocol any drop-profile low-drop
set interfaces ge-0/0/1 unit 0 family ethernet-switching interface-mode access
set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members 10
I know the filter needs applying to the interface, but as I mentioned, it fails with the following error:
root# commit check
[edit firewall family ethernet-switching filter testcos term 1 then forwarding-class]
'forwarding-class SIP-VOICE'
To configure forwarding-class, loss-priority must be set
[edit firewall family ethernet-switching filter testcos term 4 then forwarding-class]
'forwarding-class SIP-VOICE'
To configure forwarding-class, loss-priority must be set
[edit firewall family ethernet-switching filter testcos term 2 then forwarding-class]
'forwarding-class best-effort'
To configure forwarding-class, loss-priority must be set
error: configuration check-out failed: (statements constraint check failed)