JNCIS Juniper Networks Certified Internet 2007. 4. 21.¢  The JNCIA-M certification is the first of the

  • View
    1

  • Download
    0

Embed Size (px)

Text of JNCIS Juniper Networks Certified Internet 2007. 4. 21.¢  The JNCIA-M certification is the...

  • JNCIS Juniper™ Networks Certified Internet Specialist

    Study Guide

    by Joseph M. Soricelli

    This book was originally developed by Juniper Networks Inc. in conjunction with Sybex Inc. It is being offered in electronic format because the original book (ISBN: 0-7821-4072-6) is now out of print. Every effort has been made to remove the original publisher's name and references to the original bound book and its accompanying CD. The original paper book may still be available in used book stores or by contacting, John Wiley & Sons, Publishers. www.wiley.com.

    Copyright © 2004-6 by Juniper Networks Inc. All rights reserved.

    This publication may be used in assisting students to prepare for a Juniper JNCIS exam but Juniper Networks cannot warrant that use of this publication will ensure passing the relevant exam.

  • This book is dedicated to my wife, Christine, whose patience and love has allowed

    me to pursue those things in my life that interest me. In addition, my family and

    friends have provided encouragement beyond words that have helped me accomplish

    numerous things in my life.

    4072cFM.fm Page vii Sunday, March 28, 2004 4:33 PM

  • Acknowledgments

    There are numerous people who deserve a round of thanks for assisting with this book. I would first like to thank Jason Rogan and Patrick Ames, who got this project started and kept it going through thick and thin. I would also like to thank Colleen Strand, Leslie Light, Liz Welch, and Maureen Adams at Sybex. Without their assistance and guidance, this book would still be a figment of my imagination. A very large thank-you goes out to the technical editors, Steven Wong and Doug Marschke. Both of them worked very hard to make this book as accu- rate and complete as possible.

    I would be remiss without acknowledging the colleagues and cohorts I’ve known and met throughout the years. You all know who you are, but I’ll name just few: Terry, Pete, John, Renee, Noel, Chris, Jim, Dante, Matt, Sush, Terence, Andy, Jeff, Chris, Rajah, Colby, Wayne, Jamie, Dave, Jeff, and Trey.

    Finally, a special thank-you belongs to all of the folks at Juniper Networks. The ES crew (Matt, Todd, Jason, Harry, Doug, Will), the PS crew (Gary, Drew, Pete, Eural, Ken, John, Taher, Tom, Steve, Bob, Glenn), the JTAC crew (Mark, Scott, Jim, Sunny, Derek, Alex, Siew, Robert, Steven), and others (Mary, Susan, Sheila, Chris, Andrew, Dennis, Alan) have made Juniper an organization that I feel truly blessed to belong to.

    4072cFM.fm Page viii Sunday, March 28, 2004 4:33 PM

  • Contents at a Glance

    Introduction xv

    Assessment Test xxvii

    Chapter 1

    Routing Policy 1

    Chapter 2

    Open Shortest Path First 71

    Chapter 3

    Intermediate System to Intermediate System (IS-IS) 161

    Chapter 4

    Border Gateway Protocol (BGP) 257

    Chapter 5

    Advanced Border Gateway Protocol (BGP) 317

    Chapter 6

    Multicast 397

    Chapter 7

    Multiprotocol Label Switching (MPLS) 455

    Chapter 8

    Advanced MPLS 529

    Chapter 9

    Layer 2 and Layer 3 Virtual Private Networks 605

    Glossary

    685

    Index 731

    Bonus Chapters

    Chapter A

    Class of Service

    Chapter B

    Security

    Chapter C

    IP version 6

    4072cFM.fm Page ix Sunday, March 28, 2004 4:33 PM

  • Contents

    Introduction xv

    Assessment Test xxvii

    Chapter 1 Routing Policy 1

    Routing Policy Processing 2 Policy Chains 2 Policy Subroutines 9 Prefix Lists 16 Policy Expressions 18

    Communities 27 Regular Communities 27 Extended Communities 42 Regular Expressions 47

    Autonomous System Paths 56 Regular Expressions 56 Locating Routes 59

    Summary 64 Exam Essentials 64 Review Questions 66 Answers to Review Questions 69

    Chapter 2 Open Shortest Path First 71

    Link-State Advertisements 72 The Common LSA Header 72 The Router LSA 74 The Network LSA 79 The Network Summary LSA 80 The ASBR Summary LSA 85 The AS External LSA 88 The NSSA External LSA 89 The Opaque LSA 93

    The Link-State Database 94 Database Integrity 94 The Shortest Path First Algorithm 95

    Configuration Options 101 Graceful Restart 101 Authentication 105 Interface Metrics 109 Virtual Links 115

    Stub Areas 127

    4072cFM.fm Page x Sunday, March 28, 2004 4:33 PM

  • Contents

    x

    Configuring a Stub Area 129 Configuring a Totally Stubby Area 134

    Not-So-Stubby Areas 136 Address Summarization 142

    Area Route Summarization 142 NSSA Route Summarization 151

    Summary 154 Exam Essentials 154 Review Questions 156 Answers to Review Questions 159

    Chapter 3 Intermediate System to Intermediate System (IS-IS) 161

    IS-IS TLV Details 162 Area Address TLV 163 IS Reachability TLV 165 IS Neighbors TLV 168 Padding TLV 169 LSP Entry TLV 170 Authentication TLV 172 Checksum TLV 174 Extended IS Reachability TLV 175 IP Internal Reachability TLV 177 Protocols Supported TLV 179 IP External Reachability TLV 180 IP Interface Address TLV 182 Traffic Engineering IP Router ID TLV 183 Extended IP Reachability TLV 184 Dynamic Host Name TLV 186 Graceful Restart TLV 187 Point-to-Point Adjacency State TLV 188

    Link-State Database 191 Database Integrity 191 Shortest Path First Algorithm 192 IS-IS Areas and Levels 193

    Configuration Options 196 Graceful Restart 197 Authentication 200 Interface Metrics 207 Wide Metrics 211 Mesh Groups 216 Overload Bit 218

    Multilevel IS-IS 223 Internal Route Default Operation 223

    4072cFM.fm Page xi Sunday, March 28, 2004 4:33 PM

  • xii

    Contents

    External Route Default Operation 230 Route Leaking 235

    Address Summarization 242 Internal Level 1 Routes 243 External Level 1 Routes 246 Level 2 Route Summarization 248

    Summary 251 Exam Essentials 251 Review Questions 253 Answers to Review Questions 255

    Chapter 4 Border Gateway Protocol (BGP) 257

    The BGP Update Message 258 BGP Attributes 260

    Origin 261 AS Path 262 Next Hop 263 Multiple Exit Discriminator 264 Local Preference 264 Atomic Aggregate 265 Aggregator 266 Community 267 Originator ID 271 Cluster List 272 Multiprotocol Reachable NLRI 273 Multiprotocol Unreachable NLRI 274 Extended Community 274

    Selecting BGP Routes 276 The Decision Algorithm 276 Verifying the Algorithm Outcome 278 Skipping Algorithm Steps 280

    Configuration Options 283 Multihop BGP 283 BGP Load Balancing 285 Graceful Restart 287 Authentication 292 Avoiding Connection Collisions 293 Establishing Prefix Limits 296 Route Damping 301

    Summary 312 Exam Essentials 312 Review Questions 314 Answers to Review Questions 316

    4072cFM.fm Page xii Sunday, March 28, 2004 4:33 PM

  • Contents

    xiii

    Chapter 5 Advanced Border Gateway Protocol (BGP) 317

    Modifying BGP Attributes 318 Origin 318 AS Path 322 Multiple Exit Discriminator 336 Local Preference 349

    IBGP Scaling Methods 353 Route Reflection 354 Confederations 371

    Using Multiprotocol BGP 380 Internet Protocol Version 4 381 Layer 2 Virtual Private Networks 388

    Summary 391 Exam Essentials 392 Review Questions 393 Answers to Review Questions 395

    Chapter 6 Multicast 397

    PIM Rendezvous Points 398 Static Configuration 398 Auto-RP 406 Bootstrap Routing 411

    The Multicast Source Discovery Protocol 417 Operational Theory 417 Mesh Groups 419 Peer-RPF Flooding 419 Anycast RP 420 Inter-Domain MSDP 427

    Reverse Path Forwarding 431 Creating a New RPF Table 432 Using an Alternate RPF Table 447

    Summary 448 Exam Essentials 449 Review Questions 451 Answers to Review Questions 454

    Chapter 7 Multiprotocol Label Switching (MPLS) 455

    Signaling Protocols 456 Resource Reservation Protocol 456 The Label Distribution Protocol 499

    Summary 523 Exam Essentials 524 Review Questions 525 Answers to Review Questions 527

    4072cFM.fm Page xiii Sunday, March 28, 2004 4:33 PM

  • x

    Contents

    Chapter 8 Advanced MPLS 529

    Constrained Shortest Path First 530 Using the Traffic Engineering Database 530 CSPF Algorithm Steps 538

    LSP Traffic Protection 554 Primary LSP Paths 555 Secondary LSP Paths 556 Fast Reroute 571

    Controlling LSP Behavior 583 Adaptive Mode 584 Explicit Null Advertisements 586 Controlling Time-to-Live 588 LSP and Routing Protocol Interactions 591

    Summary 599 Exam Essentials 600 Review Questions 601 Answers to Review Questions 603

    Chapter 9 Layer 2 and Layer 3 Virtual Private Networks 605

    VPN Basics 606 Layer 3 VPNs 608

    VPN Network Layer Reachability Information 608 Route Distinguishers 611 Basic Operational Concepts 613 Using BGP for PE-CE Route Advertisements 622 Using OSPF for PE-CE Route Advertisements 627 Internet Access for VPN Customers 641

    Transporting Layer 2 Frames across a Provider Network 650 Layer 2 VPN 651 Layer 2 Circuit 672

    Summary 680 Exam Essentials 681 Review Questions 682 Answers to Review Questions 684

    Glossary

    685

    Index 731

    Bonus Chapters

    Chapter A Class of Service

    Chapter B Security

    Chapter C IP version 6

    4072cFM.fm Page xiv Sunday, March 28, 2004 4:33 PM

  • Introduction

    Welcome to the world of Juniper Networks. This Introduction serves as a location to pass on to you some pertinent information about the Juniper Networks Technical Certif