of 445 /445
Copyright © 2003, Juniper Networks, Inc. IJNR-6.b.6.1.2 Juniper Networks Networking Essentials Module 1: TCP/IP Internetworking

Junos routing overview from Juniper

Embed Size (px)

DESCRIPTION

Junos routing overview all in-one

Text of Junos routing overview from Juniper

  • 1. Juniper NetworksNetworking EssentialsModule 1: TCP/IP InternetworkingCopyright 2003, Juniper Networks, Inc. IJNR-6.b.6.1.2

2. Module ObjectivesAfter successfully completing this module, you will beable to: Identify the components of an internetwork and explain therole of each component Explain how packets are routed on a TCP/IP network Describe the role of an IP address on an internetworkCopyright 2003, Juniper Networks,Inc. 3. Internetwork ExampleNetwork 1192.168.1.0Network 2192.168.2.0Copyright 2003, Juniper Networks,Inc. 4. Local-Area NetworksA computer network that spans a small areaConfined to a single building or corporate campusCan connect to other LANs through telephone linesand wireless connectionsLAN characteristics differentiated by: Topology Protocols MediaCopyright 2003, Juniper Networks,Inc. 5. Wide-Area NetworksA computer network that spans a large geographicalareaWANs interconnect LANsComputers connected to WAN through publictelephone system, leased lines, or wireless connectionThe Internet consists of many WANs and WAN linksCopyright 2003, Juniper Networks,Inc. 6. Intermediate Internetworking DevicesCopyright 2003, Juniper Networks,Inc.Bridges Connect multiple LAN segments to form a larger LAN Usually the same media type Bridges forward broadcasts by defaultRouters Connect multiple LANs but maintain LAN boundaries Connect LANs across WAN links LAN and WAN links may be different media types Implement logical network structure (e.g., IP networks) Routers block broadcasts by defaultSwitches High-speed multi-port bridges with many ports Many implement Virtual LANs (VLANs) 7. Routing on a TCP/IP NetworkNetwork 2192.168.2.0Network 1192.168.1.0Copyright 2003, Juniper Networks,Inc. 8. Role of IP and the IP AddressEnd-to-End DeliveryIP Protocol Internet (IP) IP ProtocolCopyright 2003, Juniper Networks,Inc.ApplicationTCP/UDPIP Address XApplicationTCP/UDPIP Address YNetwork-Dependent Network-Dependent 9. Format of the IP AddressIP address is a 32-bit numeric addressWritten as four numbers separated by periods: Dotted Quad notation for human convenience Examples 10.0.15.1 172.20.10.24 192.168.94.122The IP address is used to identify a particular networkand host on that network Must be globally unique (with some exceptions)Copyright 2003, Juniper Networks,Inc. 10. Relationship of the IP Address to theHardware AddressApplicationPresentationSessionTransportNetworkMACPhysicalOSI Reference Model802.2 Logical Link ControlCopyright 2003, Juniper Networks,Inc.7654321LLC802.3CSMA/CD802.4Token Bus802.5Token RingIP Address 11. Mapping Address Layers: ARPAddress Resolution Protocol (ARP) maps an IP addressto a physical MAC address Host broadcasts an ARP request to obtain a physical addressIP: 192.168.2.1MAC: 0000.2222.1111IP: 192.168.2.23MAC: 0000.2222.2323(1) Requester sendsBROADCAST ARP_REQUEST(MAC dest = ffff.ffff.ffff, targetIP = 192.168.2.23)IP: 192.168.2.2(2) ALL hosts readARP_REQUEST, but do notrespond if theyre not theMAC: 0000.2222.2222IP: 192.168.2.11MAC: 0000.2222.0011IP: 192.168.2.43MAC: 0000.2222.4343Copyright 2003, Juniper Networks,Inc.target(3) Target host responds torequester via UNICAST(192.168.2.23 maps to MAC0000.2222.2323, MAC dest =0000.2222.1111)(4) Requester stores themapping in local ARP cacheand can now communicatedirectly with target 12. Logical Network TypesCopyright 2003, Juniper Networks,Inc. Broadcast Multiple sources anddestinations "on the wire" One packet can be read bymany receivers Typical for LANs Example: Ethernet Point-to-Point Two ends/"stations" Typical for WANs Example: T1Router A Router B 13. Review Questions1. How does a router differ from a bridge?2. What is ARP?3. What are two types of Logical Networks?Copyright 2003, Juniper Networks,Inc. 14. Juniper NetworksNetworking EssentialsModule 2: IP Addressing.Copyright 2003, Juniper Networks, Inc. IJNR-6.b.6.1.2 15. Module ObjectivesAfter successfully completing this module, you will beable to: Create IP addresses in binary notation and decimal format,and identify the corresponding address classes Define subnetting and subnet masks, and create effectivesubnets for a given network Define classless interdomain routing (CIDR), and aggregate agiven range of network addresses to the highest degreepossibleCopyright 2003, Juniper Networks,Inc. 16. Importance of IP AddressingUnique addresses make information delivery systemswork Telephone numbers Postal addressesIP addressing scheme integral to process of routing IPdata through an internetworkTwo major Internet scaling issues: IPv4 address space depletion Routing traffic given increasing number of networks thatmake up the InternetCopyright 2003, Juniper Networks,Inc. 17. Classful IP AddressingOriginal Classful IP addressing defines a 32-bit IPaddressTwo-part Internet address structure32-Bit IP AddressNetwork Part Host PartCopyright 2003, Juniper Networks,Inc. 18. Binary Overview7 6 5 4 3 2 1 0 Bit position27 26 25 24 23 22 21 20 2^(bit position)Copyright 2003, Juniper Networks,Inc.1286432168 4 2 1 Decimal value1 0 0 1 1 0 1 0 128+16+8+2=1540 0 0 1 0 1 1 1 16+4+2+1=231 1 1 0 1 0 0 0 128+64+32+8=2320 1 0 0 0 0 0 1 64+1=651 1 1 1 1 1 1 1 128+64+32+16+8+4+2+1=2551 0 1 0 1 1 0 0 128+32+8+4=172 19. Primary Address ClassesNetwork Host Host128 64 32 16 8 4 2 11 0 NetworkCopyright 2003, Juniper Networks,Inc.Host8Host16Host24HostNetworkNetwork Network01 1 0 Network24168No. of bitsClass AClass BClass C 20. Dotted Decimal NotationBit# 31 0. . .10101100 00010000 00100011 00001000172 16 35 8172.16.35.8Copyright 2003, Juniper Networks,Inc. 21. High-Order Bits Class addresses specified by the high-order bits:Class High-Order BitsClass A 0Class B 10Class C 110 IP Address 192.168.21.40 is a Class C address:11000000.10101000.00010101.00101000Copyright 2003, Juniper Networks,Inc. 22. First Octet RuleClass determined by location of first 0 in binaryaddress:Class First Octet RangeClass A 00000001 01111110 (Binary)1 126* (Decimal)Class B 10000000 10111111128 191Class C 11000000 11011111192 223*0 and 127 reservedCopyright 2003, Juniper Networks,Inc. 23. First Octet Rule ExamplesAddress Class172. 18.192.3410101100.00010010.11000000.00100010Copyright 2003, Juniper Networks,Inc.B10.155.128.200001010.10011011.10000000.00000010A192.12.3.4211000000.00001100.00000011.00101010C 24. Default MasksIdentify the location of the network part (1s) and hostpart (0s) of an addressClass A 11111111.00000000.00000000.00000000255 . 0 . 0 . 0Class B 11111111.11111111.00000000.00000000255 . 255 . 0 . 0Class C 11111111.11111111.11111111.00000000255 . 255 . 255 . 0Copyright 2003, Juniper Networks,Inc. 25. Reserved AddressesNetwork Address: all host bits are binary 0 10.0.0.0 172.23.0.0 192.168.14.0Broadcast Address: all host bits are binary 1 10.255.255.255 172.23.255.255 192.168.14.255Copyright 2003, Juniper Networks,Inc. 26. IPv4 Address Management IssuesCentral authority: IANAInefficient allocation of limited address spaceIPv4 32-bit address spaceAddress allocations based on organizations requestsrather than actual needEarly depletion of Class B addressesCopyright 2003, Juniper Networks,Inc. 27. IP SubnettingAll Classful IP addresses can be divided into smallernetworks called subnetsClass B Address: Before Subnetting1 0 Network Network Host HostClass B Address: After Subnetting1 0 Network Network Subnet HostCopyright 2003, Juniper Networks,Inc. 28. Problems Solved with SubnettingProvides network administrators with extra flexibilityProvides more efficient use of network addressutilizationContains broadcast traffic; broadcast will not cross arouterSubnets under local administrator controlExternal users and organizations see only singlenetworkCopyright 2003, Juniper Networks,Inc. 29. Subnet MaskExample subnet mask for Class B addressNetwork Network Subnet HostBinary 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0Copyright 2003, Juniper Networks,Inc.RepresentationDotted DecimalRepresentation 255 . 255 . 255 . 0 30. Subnet Example 1Assigned Network Number: 172.25.0.0/16Create 256 subnets 172.25.0.0/24 172.25.1.0/24 172.25.2.0/24 172.25.3.0/24 . . . 172.25.255.0/24Copyright 2003, Juniper Networks,Inc. 31. Subnet Example 2Assigned Network Number: 192.168.1.0/24Create 4 subnets 192.168.1.0/26 192.168.1.64/26 192.168.1.128/26 192.168.1.192/26Copyright 2003, Juniper Networks,Inc. 32. Subnet Example 3Assigned Network Number: 10.0.0.0/11Create 8 subnets 10.0.0.0/11 10.32.0.0/11 10.64.0.0/11 10.96.0.0/11 10.128.0.0/11 10.160.0.0/11 10.192.0.0/11 10.224.0.0/11Copyright 2003, Juniper Networks,Inc. 33. Growth of the InternetThe Internet is todays largest public data networkConnects millions of users worldwideOngoing technical advancements in networkinghardware contribute to growthIncreasing number of networks over the past decadeCopyright 2003, Juniper Networks,Inc. 34. Growth of Internet Routing TablesCaused by Internet expansionBackbone routers must maintain complete Internetrouting informationAdditional factors include: Increased CPU processing speed for routing table topologyupdates Dynamic nature of todays WWW Increased volume of diverse informationIP Next Generation (IPv6) Long-term solution, but deployment is limitedIPv4 modified to allow continued growthCopyright 2003, Juniper Networks,Inc. 35. Classless Inter-Domain RoutingCIDR ignores the concept of Network Address ClassesReduces the amount of route advertisementsNo CIDR192.168.64 /24192.168.65 /24CIDRCopyright 2003, Juniper Networks,Inc.192.168.64 /22192.168.64.0.65.0.66.0.67.0192.168.66 /24192.168.67 /24 36. Implications of CIDR on the RouterCIDR officially documented in 1993CIDR supports following important features that benefitglobal Internet routing system: Ignores traditional concept of Class A, B, and C networkaddresses Supports route aggregation where single routing table entrycan represent address space of thousands of traditionalclassful routesCopyright 2003, Juniper Networks,Inc. 37. CIDR Address Allocation ExampleAllocate variable-length blocks from 192.168.16/20Block#1Block#4Block#3Copyright 2003, Juniper Networks,Inc.192.168.16.0/21192.168.30.0/23192.168.28.0/23192.168.24.0/22Block#2 38. CIDR Routing in a Classless EnvironmentISP 1Copyright 2003, Juniper Networks,Inc.InternetOrganization 2172.25.24.0/22ISP 2192.168.0.0/16172.16.0.0/16Organization 1172.25.16.0/21Organization 4172.25.30.0/23Organization 3172.25.28.0/23 39. JUNOS Support for CIDRJUNOS supports CIDRDefined in RFC 1519, Classless Inter-Domain Routing(CIDR): An Address Assignment and AggregationStrategyCopyright 2003, Juniper Networks,Inc. 40. Private IP Addresses (RFC 1918)Sustained growth in TCP/IP technologyIncreasing number of enterprises use TCP/IP for intra-enterprisecommunications onlyConcerns: Limited global address space Routing overhead increasing beyond capabilities of ISPsRFC1918 allows enterprises and ISPs to use specificaddress space so long as it is not advertised back outto the Internet 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16ISPs continue to obtain blocks of public address spacefrom address registry and assign customers addressesfrom within block based on customer requirementCopyright 2003, Juniper Networks,Inc. 41. Review Questions1. To select IP addresses for an ISP, where would youCopyright 2003, Juniper Networks,Inc.begin?2. How are subnets implemented on an IP network?3. When would you implement CIDR on an IP network?4. What is the purpose of Private Addressing and how isit useful? 42. Lab 1: IP SubnettingNote: Various Junos CLI commands will be used duringthis lab that have not yet been discussed. All CLIcommands will be fully explained in the sunsequentsections.Copyright 2003, Juniper Networks,Inc. 43. Juniper NetworksNetworking EssentialsModule 3: Router BasicsCopyright 2003, Juniper Networks, Inc. IJNR-6.b.6.1.2 44. Module ObjectivesAfter successfully completing this module, you shouldbe able to: Describe the function of a router and explain how a routerworks to route packets on a network Explain the concepts of routing metrics and route selection onan Internet networkCopyright 2003, Juniper Networks,Inc. 45. What Is Routing?Act of moving information across logical path from asource to a destinationRouters Determine the best routing paths Transport information groups, or packets, through aninternetworkRouters vs. bridges and switches Bridges and switches operate at Layer 2, the Data Link layer Routers operate at Layer 3 (the Network layer)Copyright 2003, Juniper Networks,Inc. 46. Basic Router FunctionsRoute determination/topology awareness Routes are learned and recorded in the route table Selection criteria are applied to determine the preferred routeor routes to each destination The preferred routes are recorded in the forwarding tablePacket forwarding Incoming packets are switched to outgoing interfaces basedon the forwarding table entriesCopyright 2003, Juniper Networks,Inc. 47. How Routers OperateApplication LayerConsists of applications andprocesses that use the networkHost-to-Host Transport LayerInternetwork LayerFrames are switched from oneinterface to another, based onpacket informationNetwork Access LayerIdentifies bits on the mediumat router interfacesSelect interface towhich to sendencapsulated framesEncapsulate frames(such as Ethernet)Transmit bits of the frameCopyright 2003, Juniper Networks,Inc.4321 48. Packet ProcessingPacket(2) IP lookup (3) Select outbound interface(1) Inbound: Receive bits Detect frame Removeencapsulation(4) Outbound: Re-encapsulate Transmit bits1. Receive packet, check L2 info.2. Read L3 header to determine destination address.3. Perform longest-match lookup for L3 destination inforwarding table and select the appropriate outbound physicalinterface.4. Encapsulate the packet with the appropriate L2 header/trailerand transmit.Copyright 2003, Juniper Networks,Inc.5. GO TO STEP 1: Receiving router does it all over again. 49. IP Packet FormatRouter readsdestinationaddress to determinehow to route the packet32 BITSVERSION IHL TYPE-OF-SERVICETOTAL LENGTHIDENTIFICATION FLAGS FRAGMENT OFFSETTIME-TO-LIVE PROTOCOL HEADER CHECKSUMSOURCE ADDRESSDESTINATION ADDRESSOPTIONS (+ PADDING)DATA (VARIABLE)Copyright 2003, Juniper Networks,Inc. 50. IP Addresses Determine Route Destination24Class A Network Host Host Host16128 64 32 16 8 4 2 1Class B Network Network Host HostClass C Network Network Network HostWhat is the longest-matchprefix for this packet?Copyright 2003, Juniper Networks,Inc.81421No. Bits 701 01 1 0 51. Selecting Routes for ForwardingRoutingupdatesStaticroutesLocaladdressesRoutingTableCopyright 2003, Juniper Networks,Inc.PolicyForwardingTableBest YesRoutes 52. Routing TablesPackets destination address is for: One of the routers interfaces or a broadcast address Packet is for an internal router process Any other known address Packet must be routed Unknown address Look for default route. If none exists, packet is droppedPacket In Packet OutCopyright 2003, Juniper Networks,Inc. 53. Contents of a Routing TableMinimum contents of routing table: Destination prefix Next-hop IP address The next router downstream, closer to the destinationinet.0: 12 destinations, 12 routes (12 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both10.0.21.0/24 *[Direct/0] 17:48:31 > via GigE0.010.0.21.2/32 *[Local/0] 17:48:31 Local10.0.29.0/24 *[Direct/0] 17:48:31 > via GigE1.010.0.29.1/32 *[Local/0] 17:48:31 Local192.168.16.0/24 *[RIP/100] 00:03:45 > to 10.0.21.1 via fxp0.0192.168.17.0/24 *[RIP/100] 00:03:45 > to 10.0.21.1 via fxp0.0192.168.28.0/24 *[Static/5] 16:48:05 Discard192.168.29.0/24 *[Static/5] 16:48:05 DiscardCopyright 2003, Juniper Networks,Inc. 54. Populating a Routing TableStatic and default routes Specific prefixes not learned via a protocol Default used when a partial match cannot be madeDynamic routing protocols Routers communicate reachability informationinet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both10.0.21.0/24 *[Direct/0] 01:00:31 > via GigE0.010.0.21.2/32 *[Local/0] 01:00:31 Local10.0.29.0/24 *[Direct/0] 01:00:31 > via GigE1.010.0.29.1/32 *[Local/0] 01:00:31 Local192.168.16.0/24 *[RIP/100] 00:03:45 > to 10.0.21.1 via GigE0.0Copyright 2003, Juniper Networks,Inc. 55. Route SelectionRoute selection is based on: Longest, or most specific, match Preferences, for different protocols Routing metrics, for same protocolGiven multiple routes to a destination, the router mustselect the best routeLoad balancing may be consideredCopyright 2003, Juniper Networks,Inc. 56. Route Selection: Longest MatchMost specific address is matched: Host route Subnet Summary route, or group of subnets Major network number Supernet, or group of major networks Default addressCopyright 2003, Juniper Networks,Inc. 57. Route Selection: PreferenceRouting protocol processes calculate the active routefrom all routes in the routing tablePreference routes are placed in the forwarding tableThe active route is the route with the lowest preferencevalue Preference is a value in the range of 0 through 255 Preference is used to rank routes received from differentprotocols, interfaces, or remote systemsIdentifies the believability of a source in determiningbest routeCopyright 2003, Juniper Networks,Inc. 58. Route Selection: Routing MetricsRouting metrics are generally a measurement of cost oroverheadMetrics are protocol-specific Used to determine the best route for a single protocol Dont compare metrics from different routing protocolsapples vs. orangesCopyright 2003, Juniper Networks,Inc. 59. Forwarding [email protected]> show route forwarding-tableInternet:Destination Type RtRef Nexthop Type Index NhRef Netif10.100.71.0/24 user 0 10.100.67.254 ucst 18 74212 GigE0.010.100.71.224/27 user 2 10.100.67.254 ucst 18 74212 GigE0.010.250.1.36/30 intf 0 ff.3.0.21 ucst 27 1 so-2/0/0.010.250.1.37/32 intf 0 10.250.1.37 locl 26 110.250.1.103/32 dest 0 10.250.1.103 bcst 37 1 ge-7/2/0.0---(more)[email protected]> show route forwarding-tableInternet:Destination Type RtRef Nexthop Type Index NhRef Netif10.100.71.0/24 user 0 10.100.67.254 ucst 18 74212 GigE0.010.100.71.224/27 user 2 10.100.67.254 ucst 18 74212 GigE0.010.250.1.36/30 intf 0 ff.3.0.21 ucst 27 1 so-2/0/0.010.250.1.37/32 intf 0 10.250.1.37 locl 26 110.250.1.103/32 dest 0 10.250.1.103 bcst 37 1 ge-7/2/0.0---(more)---Copyright 2003, Juniper Networks,Inc. 60. MetricsPossible routing metrics include: Hop count Composite index/metric Bandwidth: Amount of data that can be transmitted in a fixed amountof time Delay: Transit latency of pathCommon practice is to link bandwidth as a measure ofcost, like a toll for the routerPath metrics are calculated by adding the interfacemetrics along the pathCopyright 2003, Juniper Networks,Inc. 61. Review Questions1. What functions does a router perform?2. What functions does a routing algorithm perform?3. What is the relationship between a routing table and aforwarding table?4. What factors affect how a router makes a routeselection?5. What is a metric and how does a router use metrics tomake routing decisions?Copyright 2003, Juniper Networks,Inc. 62. Introduction to Juniper Networks RoutersModule 4: M-series and T-seriesProduct OverviewCopyright 2003, Juniper Networks, Inc. IJNR-6.b.6.1.2 63. Module Objectives After successfully completing this module, you will beable to: Match Juniper Networks, Inc. products with typicalapplications in a service provider network Describe the architecture of Juniper Networks M-series andT-series platforms Describe the function of the RE, FPCs, PICs, System, andControl boards Operate the Craft Interface Describe packet flow through M-series and T-series platforms List three characteristics of JUNOS softwareCopyright 2003, Juniper Networks,Inc. 64. Juniper Networks Role in the Internet Where we are going Networking hardware evolution Juniper Networks: the company Juniper Networks M-series and T-series platforms overview M5/M10 and the M7i/M10i routers M20 router M40 router M40e router M160 router T640 Internet routing node T320 router M320 RouterCopyright 2003, Juniper Networks,Inc. 65. Networking Hardware Evolution The first routers were general-purpose computers Single CPU, RAM, monolithic operating system Low-speed serial interfaces Networking advancements: More PCs attached to networks Increased application bandwidth consumption Increased transmission speeds Single-CPU router architecture could not keep up! Juniper Networks broke tradition with: Specialized operating system Protected memory, multi-tasking Hardware-based packet forwarding Juniper Networks M-series and T-series routers implement keyfunctions on ASICs Separation of two equally complex problemsInternet control andCopyright 2003, Juniper Networks,Inc.high-performance packet forwarding 66. Juniper Networks: The Company Business: Converts bandwidth into scalable, differentiable IP servicesusing a new class of integrated silicon- and software-basedrouting systems Juniper Networks sells solutions, not just routers Mission: To be the primary supplier of scalable, reliable,high-performance IP systems for the new IP infrastructureCopyright 2003, Juniper Networks,Inc. Market: Supplies systems to numerous worldwide markets thatprovide high-speed IP services in both the core and edgeenvironments 67. Juniper Networks Product PositioningPPSSTTNN//MMoobbiillee M-series/T-seriesPlatformsSOHO/ROBO Large EnterpriseCopyright 2003, Juniper Networks,Inc.Small/Medium EnterpriseEducationService ProviderConsumer NetworkEdge: B-RAS(E-series Routers)Business Edge(E-series/M-seriesRouters)RReessiiddeennttiiaallCore 68. The E-series Family of Edge Routers Series of high-performance broadband remote accessservers (B-RAS) The result of Unisphere acquisition in mid-2002ERX-700ERX-310 E-series ERX-1440edge router operation and configuration is coveredin various E-series router-specific class offerings See http://www.juniper.net/training for detailsCopyright 2003, Juniper Networks,Inc. 69. M-series and T-series Product Line (1 of 2) Family of router platforms that deliver: Industry-leading core and dedicated-access platforms Solutions that scale in multiple dimensions with market-leading portdensity Flexible and manageable traffic control High reliability featuresM40Router M20RouterM160RouterM5/M10RoutersForwardingPerformanceper Rack InchCopyright Dec. 2003, 1999 Juniper March 2000Networks,Inc.Sep. 2000Sep. 1998. . . 70. M-series and T-series Product Line (2 of 2)Common software image/feature set across all platforms!A Continuing Historyof Rapid InnovationM40eRouterCopyright 2003, Juniper Networks,Inc.Feb. 2002Sept. 2003T640 InternetRouting NodeT320 RouterAugust 2002. . .Dec. 2001M7iM10i 71. Copyright 2003, Juniper Networks,Inc. 72. M-series and T-series Hardware Overview Where we are going General M-series and T-series platform architecture Hardware overview Routing Engine Packet Forwarding Engine (M-series and T-series) The Craft Interface Field Replaceable Units (FRUs) Summary of platform characteristicsCopyright 2003, Juniper Networks,Inc. 73. Separation of Control and ForwardingJUNOSCLI SoftwarePacket Forwarding EngineRouting EngineRT FTfxp1FTPackets In Packets Out All M-series and T-series platforms share the samebasic design philosophy Clean separation of control and forwarding Routing Engine maintains routing table (RT) andprimary copy of forwarding table (FT) Packet Forwarding Engine receives FT from RoutingEngineCopyright 2003, Juniper Networks,Inc. 74. Routing Engine Overview JUNOS software resides in flash memory Backup copy available on hard drive Provides forwarding table to the Packet ForwardingEngine Not directly involved with packet forwarding Runs various routing protocols Implements CLI Manages Packet Forwarding EngineCopyright 2003, Juniper Networks,Inc. 75. Current Routing Engine CharacteristicsRE-333Processor/clock Pentium III/333 MHzMemory 768 MB80 MBSolid stateflash storageHard disk storage 6.4+ GBPCMCIAExternal media flash card/LS-120*Supported PlatformsOriginally shippedon: M5/10/20/40/40e,and M160RE ModelRE-400Celeron/400 MHz256, 512, 768 MB256 MB(Optional)20 GBPCMCIAflash card(Optional)M7i/M10i OnlyRE-600Pentium III/600 MHz512, 2 GB128 MB/256 MB30+ GBPCMCIAflash card/LS-120*All M-seriesand T-series exceptM7i/M10iCopyright 2003, Juniper Networks,Inc.Feature* The M40 router continues to use the original LS-120 drive for external storage regardless of RE model. 76. Packet Forwarding Engine Overview Custom ASICs implement forwarding path No process switching Value-added services and features implemented in hardware Multicast CoS/queuing Firewall filtering Accounting Divide-and-conquer architecture Each ASIC provides a piece of the forwarding puzzleCopyright 2003, Juniper Networks,Inc. 77. PFE Components: M-series Physical Interface Cards (PICs) Flexible PIC Concentrators (FPCs) The system midplane For M5/M10, M7i/M10i, M20, and M40 System Control M5/M10 and M7i /M10i routersForwarding Engine Board/CompactForwarding Engine Board, combined FPC and System Control Board M20 routerSystem Switching Board (SSB) M40 routerSystem Control Board (SCB) For M40e and M160 Switching and Forwarding Module (SFM) Miscellaneous Control Subsystem (MCS) Packet Forwarding Engine Clock GeneratorCopyright 2003, Juniper Networks,Inc. 78. PFE Components: T-series Physical Interface Cards (PICs) T-series FPCs contain one or two PFE complexes PFEs interface to other PFEs through the T-series switchfabric Nonblocking crossbar switch matrix with high-speed lines to each FPC Switch fabric redundancy Switching between PFEs performed by SwitchInterface Boards (SIBs) Three SIBs comprise a T320 switch fabrictwo active, onespare Five SIBS comprise the T640 switch fabricfour active, onespare The system midplaneCopyright 2003, Juniper Networks,Inc. 79. Physical Interface Cards PICs currently support from0 to 48 physical ports Some PICs supportchannelized and advancedCoS options IP Service PICs (Tunnel,Multilink, Monitoring, etc.) Services PIC normally have nophysical ports Custom ASIC for eachmedia type Status indicators Hot-swappable on allplatforms except M20 andM40 routersSwitch FabricMemoryASICCopyright 2003, Juniper Networks,Inc.PhysicalInterfaceCard (PIC)PICPICPICFPC 80. The Flexible PIC Concentrator General FPC features Supports from 1 to 4 PICs Hot-swappable on most platforms PowerPC supervisory processor Not used for packet forwarding From 64 MB to 1.2 GB of memory Pooled to create shared memoryswitch fabric on M-series platforms High aggregate throughput rates* M5/M10, M7i/M10i, M20, M40, andM40e routers: 6.4 Gbps per FPC M160 router: 25.6 Gbps per FPC2 T640 Internet Routing Node: 80+Gbps with FPC3 T320 router: 40+ Gbps with FPC3ASICFPCCopyright 2003, Juniper Networks,Inc.PICPICPICPICSwitch FabricMemory* The numbers quoted are two times the unidirectional (Simplex) capacity of eachFPC. 81. M-series System Boards General System Board functions: Forwarding table updates and route lookups Management of ASICs and PFE hardware components Environmental monitoring Stratum 3 SONET clock generation Handling exception/control packets Names vary by platform M5 and M10FEB M20 and M40SSB and SCB M7i and M10iCFEB Enhanced System Boards feature the secondgeneration Internet Processor II ASICCopyright 2003, Juniper Networks,Inc. 82. Control Boards: M-series and T-series General Control Board functions: Component power up/down Handling hardware faults Controlling redundancy Environmental monitoring Distribution/generation of SONET clocking M160/M40e control Control provided by Miscellaneous Control Subsystem(MCS); paired with a Routing Engine to form a Host Module Host Module redundancy supported T640/T320 control Control provided by Control Board (CB); the CB is paired witha Routing Engine to form a Host Subsystem Host Subsystem redundancy supportedCopyright 2003, Juniper Networks,Inc. 83. Internet Processor II ASIC The Internet Processor II Provides industry-leading performance for longest-matchpacket lookup Numerous packet processing features: Filtering, sampling, logging, counting, and improved load balancing Second generation Internet Processor II available onenhanced system boardsCopyright 2003, Juniper Networks,Inc. 84. System Midplane Examples M10 System midplane: FEB contains built-in FPCs,eight PIC slots M40e, M160, T640, and T320System midplane Connector Interface Panel(CIP), eight FPC slots M20 System midplane System Switching Boardslots, Craft Interface slot, fourFPC slots010 1 2 3 4 5 6 7Connector Interface PanelPrimary SSBSecondary SSBCraft Interface012Copyright 2003, Juniper Networks,3Inc. 85. The Craft Interface Craft Interface overview LCD display (M40, M40e, M160, T640, and T320 routers only) FPC online/offline buttons (M20, M40, M40e, M160, T640,and T320 platforms) PIC online/offline buttons (M5/M10 and M7i/M10i routers) Status LEDsA Typical Craft Interface Panel (T320)Copyright 2003, Juniper Networks,Inc. 86. Craft Interface Status LEDs Status LEDsCopyright 2003, Juniper Networks,Inc. OK Blinking = starting Solid = running FAIL Solid = taken offline because of failure Online/offline buttons Press and hold for three seconds to take FPC (or PIC) offline 87. Alarm Indications Red alarm Major failure that affects service/safety Yellow alarm Minor failure that needs attention but does not affectserviceCopyright 2003, Juniper Networks,Inc. 88. LCD Display LCD display is available on M40, M160, T640, and T320platforms only Displays general system status when no alarms are present Displays alarm information when alarms are present Identifies the total number and types of alarms that are active Currently, the navigation buttons are only used to obtain thestatus of certain PICsCopyright 2003, Juniper Networks,Inc. 89. Dry Relay Contacts Activated with first alarm Yellow and red alarms Can be disabled with ACO/LT buttonon Craft Interface New alarms reactivate relay Alarm contacts supported on M20, M40,M40e, M160, and T-series platforms Relay contacts located on the CraftInterface or Connector Interface panelCopyright 2003, Juniper Networks,Inc. 90. Typical Router Components (T640)Copyright 2003, Juniper Networks,Inc.Front Back 91. Product Comparison: M-series51.2 Gbps(40 Mpps)6.4 Gbps6.4 Gbps(40 Mpps)6.4 Gbps1/4AC/DC12.8 Gbps(40 Mpps)6.4 Gbps2/8AC/DC51.2 Gbps(40 Mpps)6.4 Gbps8/32AC/DC25.6 Gbps(40 Mpps)6.4 Gbps4/16AC/DC9.4 Gbps(8 Mpps)6.4 Gbps1/6 (2built-inPICs)AC/DC12.8 Gbps(16 Mpps)6.4 Gbps2/8AC/DCNo YesCopyright 2003, Juniper Networks,Inc.M160RouterM40eRouterM5RouterM10RouterM40RouterM20RouterM7iRouterM10iRouter204 Gbps(160Mpps)25.6 Gbps8/32DC Only2 per rack8/32AC/DC2 per rack15 perrack15 perrack2 per rack5 per rack21 perrack8 per rackFeatureChassisThroughput(Aggregate)Slot Throughput(Aggregate)Slots/PICsPowerUnits per RackPlatformRE/ControlRedundancyWeight (Max)No No Yes No Yes Yes61 Lbs/27.7Kg36.5Lbs/16.6Kg65 Lbs/29.5Kg150Lbs/68 Kg280Lbs/127 Kg370.5Lbs/168 Kg370.5Lbs/168 Kg65 Lbs/29.5Kg* Numbers quoted are two times the unidirectional (simplex) capacity for each FPC or chassis. 92. Product Comparison: T-seriesPlatformFeature T320Router320+ Gbps(320 Mpps)FPC3 = 40+GbpsFPC 1, 2, and 38/16DC only3 perrackT640 InternetRouting Node640+ Gbps (640Mpps)FPC3 = 80+GbpsFPC 2 and 38/32DC only2 perrackChassisThroughput(Aggregate)SlotThroughput(Aggregate)Slots/PICSPowerUnits Per RackRE/ControlRedundancy Yes YesWeight (typical)565Lbs/256.28Kg369.9Lbs/167.78KgCopyright 2003, Juniper Networks,Inc.* Numbers quoted are two times the unidirectional (simplex) capacity for each FPC or chassis. 93. PICs Where we are going Listing of common PICs 4-port and 48-port Fast Ethernet, 2-port STM1/OC3c ATM, andOC-192cCopyright 2003, Juniper Networks,Inc. 94. Common PICsCopyright 2003, Juniper Networks,Inc. Basic ATM Channelized OC-12, STM1, DS3 DS-3, 4 port T1, E1, T3, E3 Fast Ethernet Gigabit Ethernet, 10 Gigabit Ethernet SONET/SDH IP Services Tunnel Services, Encryption Services, Link Services, MultilinkServices, Monitoring services, and Adaptive Services PIC(ASP) Services (Q Performance Processor) Channelized Services (E1, DS3, STM1, and OC12) ATM Services (ATM-2) Ethernet Services 95. PIC Examples4-port Fast Ethernet (M5/M10) 48-port Fast Ethernet (M40e)Copyright 2003, Juniper Networks,Inc.2-port STM1/OC3 ATM (M20/M40) Quad-wide STM-64/OC192c (M160) 96. M-series ASICs and Packet Flow Where we are going The M-series Packet Forwarding Engine PIC Controller ASIC I/O Manager ASIC Distributed Buffer Management ASIC Internet Processor II M-series packet flowCopyright 2003, Juniper Networks,Inc. 97. M-series ASICsInternetProcessor IIForwardingM-series System Board(For example, SSB, SFM)Copyright 2003, Juniper Networks,Inc.TableBufferManager 1BufferManager 2I/OManagerI/OManagerI/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerFPCPICsMEMMEMMEMPIC I/OManagerPIC I/OManager 98. M-series Packet Flow (1 of 5)InternetProcessor IIForwarding PIC I/O ASIC Connects to FPC I/O ASIC Manages physical-layerframing and bit-streamsignaling Detects link-layer errors(CRC) Generates data link-layeralarmsPacket ForwardingEngine SystemController(SSB, SFM, etc.)Copyright 2003, Juniper Networks,Inc.TableBufferManager 1BufferManager 2I/OManagerI/OManagerKeyI/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerFPCPICsMEMMEMMEMPIC I/OManagerPIC I/OManager DataNotification 99. M-series Packet Flow (2 of 5)MEMInternetProcessor IIForwardingPacket Forwarding EngineSystem Controller(For example, SSB and SFM) I/O Manager ASIC Decodes Layer 2encapsulation Identifies protocol andchecks Layer 3 headervalidity Classifies traffic for CoS Chops incoming packetsinto 64-bytechunks (J-cells) Sends J-cells to BufferManager 1 ASIC Confirms packet integrityCopyright 2003, Juniper Networks,Inc.TableBufferManager 1BufferManager 2I/OManagerI/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerFPCPICsMEMMEMPIC I/OManagerPIC I/OManager I/OManager 100. M-series Packet Flow (3 of 5)MEMInternetProcessor IIForwardingPacket ForwardingEngine System Controller(For example, SSB and SFM)I/OManager Distributed Buffer Manager ASICsBuffer KeyManager 2 Manage packet memory shared across FPC slots Extract address information from packets Direct FPCs where to forward packetsCopyright 2003, Juniper Networks,Inc.TableBufferManager 1I/OManagerI/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerFPCPICsMEMMEMPIC I/OManagerPIC I/OManager DataNotification 101. M-series Packet Flow (4 of 5)Packet ForwardingEngine System Controller(For example, SSB and SFM) Internet Processor II ASIC Extracts next-hopinformation from systemforwarding tableI/OManager Passes modifiednotification (next-hopinformation added) toBuffer Manager 2 ASIC Applies packet filteringand policy rules Collects exception packetsfor queuing to RoutingEngineCopyright 2003, Juniper Networks,Inc.FPCMEMInternetProcessor IIForwardingTableBufferManager 1BufferManager 2I/OManagerI/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerKeyPIC I/OManagerPIC I/OManagerPICsMEMMEMPIC I/OManagerPIC I/OManager Extracts next-hopinformation from systemforwarding table Passes modifiednotification (next-hopinformation added) toBuffer Manager 2 ASIC Applies packet filteringand policy rules Collects exception packetsfor queuing to RoutingEngineDataNotification 102. M-series Packet Flow (5 of 5)MEMInternetProcessor IIForwarding I/O Manager ASICPacket ForwardingEngine System Receives 64-bytechunks from BufferManager 2 ASIC Adjusts any requiredprotocol time-to-livevalues Encapsulates chunksinside appropriatedata link layer header Sends to PIC I/OManager ASIC fortransmissionController(SSB, SFM, etc.)I/OManagerCopyright 2003, Juniper Networks,Inc.TableBufferManager 1BufferManager 2I/OManagerI/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerKeyPIC I/OManagerFPCPICsMEMMEMPIC I/OManagerPIC I/OManager DataNotificationPIC I/OManager 103. ASIC Functionality and Packet Flow Where we are going The T-series Packet Forwarding Engine PIC Controller ASIC Layer 2/Layer 3 Packet Processing ASIC Switch Interface ASIC Queuing and Memory Interface ASIC Internet Processor II T-series switch fabric overview T-series packet flowCopyright 2003, Juniper Networks,Inc. 104. T-series Packet Forwarding EngineEach T-series PFE consists of: One or more media-specific PIC ASIC Handles physical layer signaling, alarms, and CRC processing Layer 2/Layer 3 Packet Processing ASIC Provides Link layer encapsulation and decapsulation Manages division and reassembly of packets into J-cells Queuing and Memory Interface ASICs Manage data cell memory buffering Manage notification queuing Internet Processor II ASIC Performs route lookups in forwarding table Switch Interface ASICs Extract route lookup keys Manage cell flow across the switch fabricCopyright 2003, Juniper Networks,Inc. 105. The T-series Switch Fabric Nonblocking topology with any-to-any connectivity No single point of failure, all SIBs fully redundant Graceful degradation for multiple failures T640 switch fabric consists of 5 Switch Interface Boards (SIBs) (5th is aspare) T320 switch fabric consists of 3 Switch Interface Boards (SIBs) (3rd is aspare) Packet order and CoS maintained across fabricSIB 0SIB 1SIB 2F16F16F16FPC 1FPC 0Nf40Gbps(FD)HSLsCopyright The T320 2003, Switch Juniper FabricNetworks,Inc. 106. T-series Packet Flow (1 of 10)Layer2/Layer3PacketProcessingASICSONETorGigEPICKey Packets arrive at an incoming PICSONETorGigEPICSwitchInterfaceASICLayer2/Layer3PacketProcessingASICSwitchInterfaceASICInternetProcessorII ASICRDRAMCopyright 2003, Juniper Networks,Inc.SwitchInterfaceASICInternetProcessorII ASICSwitchInterfaceASICSwitchFabricQueuing& MemoryInterfaceASICQueuing& MemoryInterfaceASICPacketsin Packet sout interface PIC controller ASIC manages link layerframing of bit stream Detects link layer CRC errors Generates link layer alarms Passes packets to FPCRDRAMIngress PFEDataNotification 107. T-series Packet Flow (2 of 10)Layer2/Layer3PacketProcessingASICKey Layer 2/Layer 3 Packet ProcessingRDRAMCopyright 2003, Juniper Networks,Inc.SONETorGigEPICSONETorGigEPICSwitchInterfaceASICLayer2/Layer3PacketProcessingASICSwitchInterfaceASICInternetProcessorII ASICSwitchInterfaceASICInternetProcessorII ASICSwitchInterfaceASICSwitchFabricQueuing& MemoryInterfaceASICQueuing& MemoryInterfaceASICPacketsin Packetsout ASIC parses and validates Layer 2and Layer 3 headers Classifies traffic for CoS processing Divides the packets into 64-bytecells Sends cells to Switch Interface ASICRDRAMIngress PFE DataNotification 108. T-series Packet Flow (3 of 10)KeyIngress PFE DataNotificationLayer2/Layer3PacketProcessingASICSONETorGigEPIC Switch Interface ASIC extracts theSONETorGigEPICSwitchInterfaceASICLayer2/Layer3PacketProcessingASICSwitchInterfaceASICInternetProcessorII ASICSwitchInterfaceASICInternetProcessorII ASICSwitchInterfaceASICRDRAMCopyright 2003, Juniper Networks,Inc.SwitchFabricQueuing& MemoryInterfaceASICQueuing& MemoryInterfaceASIC Packet sout route lookup key Key is placed in a notification celland passed to the InternetProcessor Data cells are sent to the Queuingand Memory Interface ASICsRDRAMPacketsin 109. T-series Packet Flow (4 of 10)KeyIngress PFE DataNotificationLayer2/Layer3PacketProcessingASICSONETorGigEPIC Queuing and Memory InterfaceSONETorGigEPICSwitchInterfaceASICLayer2/Layer3PacketProcessingASICSwitchInterfaceASICInternetProcessorII ASICSwitchInterfaceASICInternetProcessorII ASICSwitchInterfaceASICRDRAMCopyright 2003, Juniper Networks,Inc.SwitchFabricQueuing& MemoryInterfaceASICQueuing& MemoryInterfaceASIC Packetsout ASICs pass the data cells tomemory for buffering Internet Processor II ASIC performsthe route lookup and forwards thenotification to the Switch InterfaceASICRDRAMPacketsin 110. T-series Packet Flow (5 of 10)KeyIngress PFE DataNotificationLayer2/Layer3PacketProcessingASICSONETorGigEPIC Switch Interface ASIC sendsSONETorGigEPICSwitchInterfaceASICLayer2/Layer3PacketProcessingASICSwitchInterfaceASICInternetProcessorII ASICSwitchInterfaceASICInternetProcessorII ASICSwitchInterfaceASICRDRAMCopyright 2003, Juniper Networks,Inc.SwitchFabricQueuing& MemoryInterfaceASICQueuing& MemoryInterfaceASIC Packetsout bandwidth requests through theswitch fabric to the destination PFE Issues read requests to the Queuingand Memory Interface ASIC to beginreading data cells out of memoryRDRAMPacketsin 111. T-series Packet Flow (6 of 10) Destination Switch Interface ASICLayer2/Layer3PacketProcessingASICSONETorGigEPICSONETorGigEPICSwitchInterfaceASICLayer2/Layer3PacketProcessingASICSwitchInterfaceASICInternetProcessorII ASICRDRAMCopyright 2003, Juniper Networks,Inc.SwitchInterfaceASICInternetProcessorII ASICSwitchFabricQueuing& MemoryInterfaceASICQueuing& MemoryInterfaceASIC PacketsinPacketsoutsends grants through the switchfabric Originating Switch Interface ASICsends a cell through the switchfabric to the destination PFERDRAMEgress PFESwitchInterfaceASICKeyDataNotification 112. T-series Packet Flow (7 of 10) Switch Interface ASIC extracts theLayer2/Layer3PacketProcessingASICRDRAMCopyright 2003, Juniper Networks,Inc.SONETorGigEPICSONETorGigEPICSwitchInterfaceASICLayer2/Layer3PacketProcessingASICSwitchInterfaceASICInternetProcessorII ASICSwitchInterfaceASICSwitchFabricQueuing& MemoryInterfaceASICQueuing& MemoryInterfaceASIC Packet sinroute lookup key, places it in anotification, and forwards to theInternet Processor II Internet Processor II performs routelookup and forwards notification toQueuing and Memory Interface ASICRDRAMPacketsoutEgress PFESwitchInterfaceASICInternetProcessorKeyData II ASICNotification 113. T-series Packet Flow (8 of 10) Queuing and Memory Interface ASICLayer2/Layer3PacketProcessingASICSONETorGigEPICSONETorGigEPICSwitchInterfaceASICLayer2/Layer3PacketProcessingASICInternetProcessorII ASICRDRAMSwitchInterfaceASICCopyright 2003, Juniper Networks,Inc.SwitchInterfaceASICInternetProcessorII ASICSwitchInterfaceASICSwitchFabricQueuing& MemoryInterfaceASIC Packetsinforwards notification to the SwitchInterface ASIC Switch Interface ASIC issues readrequests to the Queuing andMemory Interface ASIC and passescells to L2/L3 Processing ASICRDRAMPacketsoutEgress PFEQueuing& MemoryInterfaceASICKeyDataNotification 114. T-series Packet Flow (9 of 10) Layer 2/Layer 3 Packet ProcessingASIC reassembles the data cells intopackets Adds Layer 2 encapsulationLayer2/Layer3Packet Sends the packets Processingto the outgoingASICSONETorGigEPICSONETorGigEPICSwitchInterfaceASICLayer2/Layer3Layer2/Layer3PacketProcessingPacketProcessingASICASICSwitchInterfaceASICInternetProcessorII ASICRDRAMCopyright 2003, Juniper Networks,Inc.SwitchInterfaceASICInternetProcessorII ASICSwitchInterfaceASICSwitchFabricQueuing& MemoryInterfaceASICQueuing& MemoryInterfaceASIC PacketsinPIC interfaceRDRAMPacketsoutEgress PFEKeyDataNotification 115. T-series Packet Flow (10 of 10) Egress PIC ASIC adds physicalLayer2/Layer3PacketProcessingASICSONETorGigEPICSwitchInterfaceASICLayer2/Layer3PacketProcessingASICSwitchInterfaceASICInternetProcessorII ASICRDRAMCopyright 2003, Juniper Networks,Inc.SwitchInterfaceASICInternetProcessorII ASICSwitchInterfaceASICSwitchFabricQueuing& MemoryInterfaceASICQueuing& MemoryInterfaceASIC Packet sinlayer framing and CRC Sends bit stream out to thenetworkRDRAMPacketsoutEgress PFESONETorGigEPICKeyDataNotification 116. Exception Packets Exception packets Local delivery IP options Source route, router alert, etc. ICMP message generation Generally processed by Packet Forwarding Enginecontrol CPU Remaining traffic (local and control) sent to Routing Enginevia internal link Rate limiting Hardware-based WRR ensures control traffic is not starvedCopyright 2003, Juniper Networks,Inc. 117. JUNOS Software Overview Where we are going Features Processes Protocol supportCopyright 2003, Juniper Networks,Inc. 118. JUNOS Software Features A single image runs on all M-series and T-seriesplatforms with all features Free BSD-based environment Fully independent software processes Routing, interface control, management, chassismanagement, SNMP, CLI, APS, VRRP, sampling, CoS, etc. Protected memory environment Serious error in one module does not impact other modules or packetforwarding Automatic core dumps for serious faults Purpose built for performance and stability in theInternet coreCopyright 2003, Juniper Networks,Inc. 119. JUNOS Software ProcessesUserJUNOS Internet SoftwareRoutingEngineRoutingTablesRoutingProtocolProcessSNMPInterfaceProcessCommand-LineInterface (CLI)ChassisProcessForwardingTable KernelForwardingTableInterfaceProcessChassisProcessDistributedASICsMicrokernelEmbedded MicrokernelPacketForwardingEngineCopyright 2003, Juniper Networks,Inc. 120. The Kernel The kernel Provides the underlying infrastructure for all the JUNOSsoftware processes Provides the link between the routing tables and the RE's forwardingtable Responsible for all communication with the PFE, including keeping thePFEs copy of the forwarding table synchronizedRoutingProtocolProcessInterfaceProcessCommand-LineInterface (CLI)ChassisProcessForwardingTable KernelCopyright 2003, Juniper Networks,Inc. 121. Routing Protocol Process Core functions Controls routing protocols running on router Starts all configured protocols Handles all routing messages Maintains routing tables Implements routing policyRoutingTablesRoutingProtocolProcess(rpd)JUNOS KernelCopyright 2003, Juniper Networks,Inc. 122. Industrial-Strength Protocols Unicast routing protocols Intermediate System-to-Intermediate System (IS-IS) Open Shortest Path First (OSPF and OSPF3) Routing Information Protocol (RIP and RIPng) Border Gateway Protocol (BGP) Multicast routing protocols Distance Vector Multicast Routing Protocol (DVMRP) Protocol Independent Multicast (PIM) Multicast Source Discovery Protocol (MSDP) Internet Group Management Protocol (IGMP and MLD) Session Announcement Protocol and Session DescriptionProtocol (SAP/SDP) MPLS application protocols Multiprotocol Label Switching (MPLS) Provider-provisioned VPN support (Layer 2 and 3) Resource Reservation Protocol (RSVP) Label Distribution Protocol (LDP)Copyright 2003, Juniper Networks,Inc. 123. Review Questions1. Which Juniper Networks M-series or T-seriesrouters are aimed at the Internet core? Whatabout the edge?2. What are the primary responsibilities of theRouting Engine and the Packet ForwardingEngine?3. What is the purpose of and relationship betweenFPCs and PICs?4. What is the purpose of the Craft Interface?5. Describe packet flow through Juniper NetworksM-series and T-series platforms6. Which software process maintains the routingtables and implements routing policy?Copyright 2003, Juniper Networks,Inc. 124. Juniper NetworksNetworking EssentialsModule 5: Installation andInitial ConfigurationCopyright 2003, Juniper Networks, Inc. IJNR-6.b.6.1.2 125. Module ObjectivesAfter completing this module, you should be able todescribe Important installation issues Initial configuration process Software installation from scratch Software component upgrades How to back up existing router softwareCopyright 2003, Juniper Networks,Inc. 126. Chassis Installation M40/M160 Craft interface displays Typical M160 weighs 300 pounds (135 kg) Typical M40 weighs 220 pounds (100 kg) Typical M20 weighs 120 pounds (53 kg) Lifting requires three or more people Remove heaviest components first Power supplies FPCs Fan Trays Lift into rack Do not lift M40 by Routing Engine handles Replace componentsCopyright 2003, Juniper Networks,Inc. 127. Power Up and Power Down Powerup Perform more checks Connect all cables Turn on one power supply Turn on second power supply Powerdown Shutdown Junos Routing software CLI request system halt command Turn off Power SuppliesCopyright 2003, Juniper Networks,Inc. 128. Visible Activity at Startup M40/M160 Craft interface displays Starting Routing Engine Starting PFE Starting cards FPC LED Blink green while testing Become solid green when tests pass Alarm LEDs light as neededCopyright 2003, Juniper Networks,Inc. 129. Initial Configuration Using serial console Root password Machine name IP address (prefix) and prefix length assigned tomanagement interface (fxp0) Default router DNS serverCopyright 2003, Juniper Networks,Inc. 130. Troubleshooting Craft interface Red LEDs indicate failure M40/M160 LCD displays all major and minor alarms Syslog messages Contain more detailed information CLI show log messages commandCopyright 2003, Juniper Networks,Inc. CLI Interactive failure analysis using show commands monitor log files using monitor command 131. Boot Devices and Media Removable media Used for install and upgrade, normally left empty M40120-MB high-capacity floppy drive M20/M160110-MB PCMCIA flash card Flash drive Solid-state nonrotating media Primary source for booting software Hard drive Traditional rotating media Secondary source for booting softwareCopyright 2003, Juniper Networks,Inc. 132. Software Installation Arrives preinstalled from factory onto Flash drive Hard drive (alternate copy) Removable LS-120 floppy or PCMCIA flash card (use as a last resort) Can boot from alternate copy If flash drive fails, router can still boot from hard drive or removablemedia Upgradable Upgrade packages available through the Internet or on removablemediaCopyright 2003, Juniper Networks,Inc. 133. Boot Sequence Hardware controlled Software notifies hardware when boot completesRemovablemedia HaltSuccess? Success? Success?Copyright 2003, Juniper Networks,Inc.DoneSolid-stateflash diskRotatingdiskDone Done 134. Initial ConfigurationRoot password Root password not set at factory Must use console to configure root passwordRouter and domain nameManagement interface IP address and prefix lengthDefault router IP addressDNS server IP addressCopyright 2003, Juniper Networks,Inc. 135. Initial ConfigurationEnter configuration [email protected]> configure[edit][email protected]#Set root password Plain text [email protected]# set system root-authenticationplain-text-password Pre-encrypted [email protected]# set system root-authenticationencrypted-password encrypted-password SSH (secure shell) [email protected]# set system root-authenticationssh-rsa keyCopyright 2003, Juniper Networks,Inc. 136. Initial ConfigurationSet router name[edit][email protected]# set system host-name lab2Set router domain name[edit][email protected]# set system domain-name juniper.netCommit changes so far[edit][email protected]# commitcommit complete[edit][email protected]#Copyright 2003, Juniper Networks,Inc. 137. Initial ConfigurationSet management Ethernet IP address and prefix[edit][email protected]# set interfaces fxp0 unit 0 family inet address ip-address/prefix-lengthSet default route[edit][email protected]# set system backup-router [email protected]# set routing-options static route default nexthop gateway-addressretain no-readvertiseSet name server address[edit][email protected]# set system name-server ns-addressCopyright 2003, Juniper Networks,Inc. 138. Full InstallationReinstall JUNOS software if storage media fails or iscorruptedFuture major software revisions may require fullinstallationThree steps Prepare to reinstall JUNOS software Reinstall JUNOS software Configure JUNOS softwareCopyright 2003, Juniper Networks,Inc. 139. Full Installation: Preparation Record basic information Router name Management interface IP address and prefix length Default router IP address Domain name and DNS server IP address Copy existing configuration file to a safe place on the network Located in /config/juniper.conf Full installation erases both flash and rotating drives Locate your Juniper installation media LS-120 floppy or PCMCIA card contains entire JUNOS distributionCopyright 2003, Juniper Networks,Inc. 140. Full Installation: Reinstallation Insert installation media into Routing Engine M40LS-120 floppy All othersPCMCIA flash card Reboot router Use the CLI from the serial [email protected]> request system halt Power-cycle router Follow prompts Enter configuration information saved during installation preparation System reboots automatically after installation completesCopyright 2003, Juniper Networks,Inc. 141. Software ConfigurationLog in as rootno-name (ttyd0)login: rootLast login: date on ttyd0Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994The Regents of the University of California. All rights reserved.---JUNOS 4.1R1 built 2000-07-24 09:29:44 UTC#Start CLI# [email protected]>Copyright 2003, Juniper Networks,Inc. 142. Software ConfigurationEnter configuration [email protected]> configure[edit][email protected]#Set root password [email protected]# set system root-authenticationplain-text-password text-password Pre-encrypted [email protected]# set system root-authenticationencrypted-password encrypted-password SSH [email protected]# set system root-authenticationssh-rsa keyCopyright 2003, Juniper Networks,Inc. 143. Software Update PackagesJUNOS software updates are contained in fourpackages jkernelOperating system jrouteRouting Engine software jpfePacket Forwarding Engine software jdocsOn-line documentation jbundleAll four upgrade packages combined jinstall-Upgrade to/from 5.0Packages can be upgraded individuallyCLI show system software command displaysinstalled packagesCopyright 2003, Juniper Networks,Inc. 144. Jinstall vs. JbundleWhen to use jinstall Upgrade 4.x to 5.y Downgrade 5.y to 4.xWhen to use jbundle 4.x to 4.y transition 5.x to 5.y transitionCopyright 2003, Juniper Networks,Inc. 145. Package Naming ConventionSoftware packages have standard namespackage-m.nZnumber.tgz m.n is the major version number Z is a single uppercase letter AAlpha BBeta RRelease IInternal number is the release number, which might include the buildnumber for that releaseFor examplejbundle-4.1R1.2.tgzCopyright 2003, Juniper Networks,Inc. 146. Back Up Existing SoftwareSystem software and configuration can be backed upto rotating diskBest used Before major upgrade to ensure system recovery if necessary When system is judged to be stableCLI request system snapshot commandCopyright 2003, Juniper Networks,Inc. 147. Upgrade Software Jbundle Download current package from software download page atwww.juniper.net Add new [email protected]> request system software add new-package-nameChecking available free disk space...11200k available,6076k suggested. Reboot [email protected]> request system rebootCopyright 2003, Juniper Networks,Inc. 148. Upgrade Software jinstallPrep the machine: cli> file copy jinstall-url /var/tmp/jinstall-pkg Copy customer configs and other files/executables Do not worry about JUNOS configs, uncommitted config, logfiles, SSH keysCopyright 2003, Juniper Networks,Inc. 149. How to use jinstall Add jinstall cli> request system software add /var/tmp/ jinstall-pkgInstalling package '/var/tmp/jinstall-package name'...WARNING: This package will load JUNOS software release-number.WARNING: It will save JUNOS configuration files, log files, and SSH keysWARNING: (if configured), but erase all other files and informationWARNING: stored on this machine. This is the pre-installation stageWARNING: and all the software is loaded when you reboot the system.WARNING: If you do not wish to proceed, you will be able to abort theWARNING: installation.Saving the config files ...Installing the bootstrap installer ...Copyright 2003, Juniper Networks,Inc. 150. How to use jinstallType yes to reboot:WARNING: A reboot is required to load this software correctly. If youWARNING: wish to abort the installation, enter 'no' below.Reboot the system (yes/no) [no] ? yesShutting down in 10 seconds ...Saving package file in /var/sw/pkg/jinstall-packagename ...Saving state for rollback ...*** FINAL System shutdown message from [email protected] ***System going down IMMEDIATELYShutdown NOW!Go for a coffee. Router will be up in 5-7 min.Copyright 2003, Juniper Networks,Inc. 151. Cautions5.0 will reformat the disk. Customer configs and otherfiles/executables will be lost.Connect to the router via the management ethernetIf the juniper.conf has statements not supported in thenew release, then mgd may fail during commitCopyright 2003, Juniper Networks,Inc. 152. Jinstall internal mechanicsPreinstall phase does various checks. Stores preinstallinformation in /var/tmp/preinstallReboot to come up on the installer: Perform more checks Reformat the disk Lay a base OS (files that are needed but not in jbundle) Lay the jbundleSecond reboot to come up on the new JUNOSCopyright 2003, Juniper Networks,Inc. 153. End of Life Procedures Hardware EOL Notifcation 180 day in Advance During notification period can continue to purchase Repaired or Replaced upto 3 years after EOL date Software EOL Software Support covers most recent release and twoprevious (e.g. 4.3, 4.2, 4.1) New Releases schedule for FRS every 3 months Major Release 6 month notice of EOLCopyright 2003, Juniper Networks,Inc. 154. Review Questions1. What JUNOS boot Sequence?2. What are the JUNOS software update Packages?3. Describe the Package naming convention.4. Explain the difference between Jbundle and Jinstall.Copyright 2003, Juniper Networks,Inc. 155. Juniper NetworksNetworking EssentialsModule 6: JUNOS Configuration BasicsCopyright 2003, Juniper Networks, Inc. IJNR-6.b.6.1.2 156. Module ObjectivesAfter successfully completing this module, you shouldbe able to: Explain how to gain access to a Juniper router Describe the difference between the CLI command mode andconfiguration mode Describe how to navigate and modify the Candidateconfiguration Describe how to change the Active configuration Explain the method used to describe a customer interface Describe how to configure the physical and logical propertiesof an interface on a Juniper routerCopyright 2003, Juniper Networks,Inc. 157. Access to RouterConsoleManagement port, using Telnet, ssh, RADIUSCopyright 2003, Juniper Networks,Inc.NCCNONCCNOACO/LT AUX/MODEM MGMT CONSOLEOFFLINE ONLINE MASTEROFFLINE ONLINE MASTERRE0RE1FPC0FPC1FPC2FPC3FAIL OKFAIL OKFAIL OKFAIL OK 158. User AuthenticationName and passwordIndividual accountsPer-user command "class" permissionslab2 (ttyd0)login: nigelPassword:Copyright 2003, Juniper Networks,Inc. 159. FeaturesLine editingCommand historyCommand completionContext-sensitive helpCopyright 2003, Juniper Networks,Inc. 160. CLI ModesOperational [email protected]> Monitor and troubleshoot the software, the networkconnectivity, and the routerConfiguration [email protected]# Configure the router, including interfaces, general routinginformation, routing protocols, user access, and systemhardware propertiesCopyright 2003, Juniper Networks,Inc. 161. CLI CommandsCommand hierarchybriefexactprotocoltabletersebgpchassisinterfacesisisospfrouteversionclearconfiguremonitorsetshowCopyright 2003, Juniper Networks,Inc. 162. Logging Inlab2 (ttyd0)login: nigelPassword:Last login: Fri Feb 18 19:23:16 on ttyd0Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994The Regents of the University of California.---JUNOS 4.1R1 built 2000-07-24 09:29:44 [email protected]>Copyright 2003, Juniper Networks,Inc. 163. HelpType ? anywhere on command [email protected]> ?Possible completions:clear Clear information in the systemconfigure Manipulate software configuration informationfile Perform file operationshelp Provide help [email protected]> show ?Possible completions:aps Show APS informationarp Show system ARP table entriesas-path Show table of known AS pathsCopyright 2003, Juniper Networks,Inc. 164. Editing Command [email protected]> show [email protected]> show [email protected]> show [email protected]> show [email protected]> show interfacesCopyright 2003, Juniper Networks,Inc. 165. Command Completion completes a [email protected]> show i'i' is ambiguous.Possible completions:igmp Show information about IGMPinterfaces Show interface informationisis Show information about [email protected]> show iCopyright 2003, Juniper Networks,Inc. 166. Software Configuration OverviewCreate a hierarchy of configuration statements Enter commands in CLI configuration [email protected]# set chassis alarm sonet lol red ASCII text file and displaychassis {alarm {sonet {lol red;}Copyright 2003, Juniper Networks,Inc.}} 167. Activating a Configurationcommitrollback nCandidateConfigurationActiveConfiguration01 2 ...Rollback files stored in/config/juniper.conf.n (n=1-3)/var/db/config/juniper.conf.n (n=4-9)Copyright 2003, Juniper Networks,Inc. 168. Statement Hierarchyfirewall interfaces protocols system moreclock fpcchassisatm e3 ethernetsonet t3Copyright 2003, Juniper Networks,Inc.alarmLess SpecificMore Specifictop 169. Entering Configuration ModeType configure or edit at the CLIoperational mode [email protected]> configureEntering configuration mode[edit][email protected]#Copyright 2003, Juniper Networks,Inc. 170. Moving Between LevelsMoving between levels of the statement hierarchy[edit][email protected]# edit chassis alarm ethernet[edit chassis alarm ethernet]topfirewall interfaces protocols system moreclock fpcchassisalarmatm e3 ethernetsonet t3Copyright 2003, Juniper Networks,Inc. 171. Moving Between [email protected]# up[edit chassis alarm][email protected]# top[edit]topfirewall interfaces protocols system moreclock fpcchassisalarmatm e3 ethernetsonet t3Copyright 2003, Juniper Networks,Inc.topup 172. Displaying Current Configuration[edit][email protected]# show chassis alarmsonet {lol red;pll yellow;Copyright 2003, Juniper Networks,Inc.}[edit][email protected]# edit chassis alarm[edit chassis alarm][email protected]# showsonet {lol red;pll yellow;}[edit chassis alarm] 173. Exiting Configuration Modeexit from top levelexit configuration-mode from any levelOperationalexit configuration-modetopexit/upCopyright 2003, Juniper Networks,Inc.mode[edit][edit chassis][edit chassisalarm]exitedit/configureedit chassisedit alarm 174. Standard Interfaces Interface contained onPIC PIC plugs into FPC FPC has room for fourPICs FPC plugs into chassisPPhhyyssiiccaallIInntteerrffaacceeCCaarrddPPIICCCopyright 2003, Juniper Networks,Inc.PPIICCPPIICCFPC 175. Standard InterfacesSystem uses consistent names for all customerinterfacesBased on Interface port type FPC slot number PIC slot number within FPC Port number within PICCopyright 2003, Juniper Networks,Inc. 176. Interface Port Typeat ATM over SONET/SDH portse1 E1 portse3 E3 portsfe Fast Ethernet portsso SONET/SDH portst1 T1 portst3 DS-3 portsge Gigabit Ethernet portsae- Bundled Ethernet portsCopyright 2003, Juniper Networks,Inc. 177. FPC Slot Numbers0 1 2 3 4 5 6 7 M160 0 1 2 3 4 5 6 7M20 0112Copyright 2003, Juniper Networks,Inc.M4030 M10 178. PIC Slot Numbers0123M40 and M160 Top to bottomAll others Right to left3 2 1 0Copyright 2003, Juniper Networks,Inc. 179. Port Numbers0123 M40 and M160 Top to bottom Right to left All others3 2 Right to left Bottom to top 1 0Copyright 2003, Juniper Networks,Inc. 180. Interface NamesPhysical interfaces havestandard names Type FPC slot PIC slot Port numberso-5/2/3Copyright 2003, Juniper Networks,Inc. 181. Typical FPC and PIC Placement Transient interfacesidentified according toFPC/PIC/port convention FPC and PIC numberingvaries by platform M40/M160 platforms supporteight FPCs, numbered fromleft to right PICs numbered from top tobottom (03) M20 platform supports fourFPCs numbered from top tobottom PICs numbered from right toleft (03)FPCs 07(Left to right) FPC slot and PIC portnumbers are labeled!Typical FPC and PIC Numbering(T640)PICs 03(Top to bottom)Copyright 2003, Juniper Networks,Inc. 182. Interface NamesLogical interfaces are used to set up FrameRelay DLCIs or ATM virtual circuitsso-5/2/3.43Interface number is separate in meaning fromthe actual DLCI or ATM VC and can be anyarbitrary valueSuggested convention is to keep them thesame whenever possibleCopyright 2003, Juniper Networks,Inc. 183. Permanent InterfacesRouter has two permanent interfaces Out-of-band management interface is called fxp0 Internal Routing Engine to PFE connection is called fxp1Copyright 2003, Juniper Networks,Inc. 184. Configure InterfacesCopyright 2003, Juniper Networks,Inc. 185. Configure InterfacesTwo steps Configure physical properties Configure logical propertiesCopyright 2003, Juniper Networks,Inc. 186. Configure Interfaces Physical properties Clocking Scrambling Frame check sequence (FCS) Maximum transmission unit (MTU) Keepalives Other link characteristics Logical properties Protocol family (Internet, ISO, MPLS) Addresses (IP address, ISO NET address) Virtual circuits (VCI/VPI, DLCI) Other characteristicsCopyright 2003, Juniper Networks,Inc. 187. Configure Interfaces Standard configuration statement hierarchyinterfaces {interface-name {physical-properties;[]unit unit-number {logical-properties;[]}Copyright 2003, Juniper Networks,Inc.}} 188. Configure Physical PropertiesConfigure physical properties of the interface using theset command:set interface so-1/0/3 no-keepalivesOr park yourself in the interfaces section of thehierarchy and set many [email protected]> configure[edit][email protected]# edit interfaces so-1/0/3[edit interfaces so-1/0/3][email protected]# set [email protected]# set sonet-options fcs [email protected]# commitCopyright 2003, Juniper Networks,Inc. 189. Default SettingsDefault settings for an interface are usually enough toget you talkingMost interfaces do not need complex setupCopyright 2003, Juniper Networks,Inc. 190. Logical Interface Settings Each physical interface has one or more logical interfaces Logical interface separates configuration information for eachATM virtual circuit, Frame Relay DLCI, or VLAN Some physical interface encapsulations allow only one possiblelogical interfaceCopyright 2003, Juniper Networks,Inc. PPP HDLC 191. Logical Interface SettingsLogical settings Protocol family (Internet, ISO, MPLS) Protocol MTU IP address Other protocol options Virtual circuit identifiers (VPI.VCI, DLCI) Other according to-circuit characteristicsCopyright 2003, Juniper Networks,Inc. 192. Unit Numbers Each logical interface has a unit number Number can be arbitrary Typically, the unit number is the same as the VC or DLCI number Some physical interfaces have only one possible logical interface,and one unit number only, which must be configured as unit zeroCopyright 2003, Juniper Networks,Inc. 193. Configure Logical InterfacesUse the set command to configure a logical interface,using the unit numberFor exampleset interface so-1/0/3 unit 40 dlci 40Or park yourself at the unit [email protected]> configure[edit][email protected]# edit interfaces so-1/0/3 unit 40[edit interfaces so-1/0/3 unit 40][email protected]# set dlci [email protected]# set family inet address 10.0.20.1/[email protected]# commitCopyright 2003, Juniper Networks,Inc. 194. Configure Protocol FamiliesEach major protocol is called a familyInternet protocol has TCP, UDP, and ICMP as familymembersMost common protocol families are Internet (inet) International Standards Organization (iso) Traffic engineering (mpls) Multiple families can live on one logical interfaceCopyright 2003, Juniper Networks,Inc. 195. Configure Protocol Families Internet protocol family (inet) Allows you to set IP address: address A.B.C.D/prefix_length Remote address on point-to-point links: destination A.B.C.D Broadcast address: broadcast A.B.C.D MTU size: mtu bytes ICMP redirect control: no-redirectsCopyright 2003, Juniper Networks,Inc. 196. Configure Protocol Families Minimal sample [email protected]> configure[edit][email protected]# edit interfaces so-1/0/3[edit interfaces so-1/0/3][email protected]# set unit 0 family inet address 10.0.20.1/[email protected]# commit Displayed asinterfaces {so-1/0/3 {unit 0 {family inet {address 10.0.20.1/24;}Copyright 2003, Juniper Networks,Inc.}}} 197. Review Questions1. What are the two types of CLI modes?2. What are the interface types and names?3. What are the two permanent interfaces?4. What are the two basic interface characteristics?5. What are some examples of physical interface settings?6. What are some examples of logical interface settings?Copyright 2003, Juniper Networks,Inc. 198. Lab 2: CLI ConfigurationLab objective:Introduction to Juniper CLICopyright 2003, Juniper Networks,Inc. 199. Juniper NetworksNetworking EssentialsModule 7: Routing Protocol BasicsCopyright 2003, Juniper Networks, Inc. IJNR-6.b.6.1.2 200. Module ObjectivesAfter successfully completing this module, you shouldbe able to: Explain the difference between static routing and dynamicrouting, and explain when to use each type of routing Describe the characteristics and operation of distance vectorand link-state routing protocols Explain how network convergence occurs and provide real-lifeexamples Explain how routes are selected on a routed network androuting metrics Explain the role of interior gateway protocols and exteriorgateway protocols, including Border Gateway Protocol (BGP) Explain how JUNOS software implements routing tables androuting policyCopyright 2003, Juniper Networks,Inc. 201. Types of RoutesCopyright 2003, Juniper Networks,Inc.Static All packets forwarded to predetermined destinations definedby an administratorDynamic Packets are forwarded to dynamically calculated routesdetermined by a routing protocol 202. Static RoutingCopyright 2003, Juniper Networks,Inc.Benefits Good for small networks Can help create a secure network Efficiently uses router resourcesDrawbacks Does not handle network failures well Does not scale well 203. Static Routing ExampleDestination Next Hop10 Direct172.16 Router B192.168.5 Router C192.168.6 Router C Destination Next Hop10 Router A172.16 Router B192.168.5 Direct192.168.6 Router DNetwork192.168.5Router B Router CNetwork172.16Network10Router ACopyright 2003, Juniper Networks,Inc.Network 192.168.6Destination Next Hop10 Router A172.16 Direct192.168.5 Router C192.168.6 Router CDestination Next Hop192.168.6 DirectDefault Router CRouter D 204. Static Routing with Link FailureNetwork192.168.5Router B Router CNetwork172.16Network10Router ACopyright 2003, Juniper Networks,Network 192.168.6Inc.Destination Next Hop10 Direct172.16 Router B192.168.5 Router C192.168.6 Router CDestination Next Hop10 Unreachable172.16 Router B192.168.5 Direct192.168.6 Router DDestination Next Hop10 Router A172.16 Direct192.168.5 Router C192.168.6 Router CDestination Next Hop192.168.6 DirectDefault Router CRouter D 205. Floating Static RoutesStatic routes CANhandle link failures!A floating static route isa backup static routethat is less preferredthan more direct routes(static or dynamic)Floating static route isused only when thepreferred route isunavailableUse with caution!Router A Router BDestination Next HopNetwork X Router CNetwork X Router BRouter CNetwork XCopyright 2003, Juniper Networks,Inc.Destination Next HopNetwork X Router CNetwork X Router A 206. Dynamic RoutingCommunicatewhat?Betweenwhom?Routing tables NeighborsInterface status All routersDistance-VectorLink-StateCopyright 2003, Juniper Networks,Inc. 207. Routing Protocol Convergence Convergence: when all routers in a given routing domain achievea consistent view of that routing domain Routing protocols must achieve convergence in order to routepackets consistently from one location to anotherCopyright 2003, Juniper Networks,Inc. 208. Interior and Exterior Gateway ProtocolsInterior Gateway Protocols (IGPs) Routing protocols that run within an autonomous system (AS)to exchange network reachability informationExterior Gateway Protocols (EGPs) Routing protocols that exchange routing information betweenautonomous systemsAS 1 AS 2IGP EGP IGP BorderGatewayProtocolIGPs RIP OSPF IS-ISCopyright 2003, Juniper Networks,Inc. 209. Distance Vector ProtocolsDistance vector neighbors exchange vectors Metric is typically hop count Vectors reflect both distance and direction Vectors are stored in the routing table Entire table or a portion of table is sentThe longest network path is limitedEach router sends a routing table update periodicallyCopyright 2003, Juniper Networks,Inc. 210. When to Use Distance Vector RoutingUse in very small networks that have few, if any,redundant paths and no stringent network performancerequirementsEpitome of the distance-vector routing protocol isRouting Information Protocol (RIP)Distance vector drawbacks: Long convergence time Simplistic metricsCopyright 2003, Juniper Networks,Inc. 211. Distance Vector Stability IssuesCounting to infinityRouting loops Network ANetwork A = 1 hopNetwork A = 2 hops3R1 R2R3Copyright 2003, Juniper Networks,Inc.456 212. Link-State Routing ProtocolsLink-state routing protocols build and maintain adatabase of link state informationHello messages are used to discover neighborsCosts are associated with linksUpdates are sent to communicate link state changesInformation is flooded to all neighbors who create alink state databaseCopyright 2003, Juniper Networks,Inc. 213. The Link-State Database (LSDB)The LSDB is like a puzzle that, when complete, is anaccurate picture of the networkLSDB entries are like puzzle pieces that can describe: Routers and their attached links Links and their attached routers Routing information from outside the network Link metrics, often represented as CostEach router maintains its own copy of the LSDBEach router stores a copy of every LSDB entry in thenetworkDifferent protocols use different names for LSDBentries More on that laterCopyright 2003, Juniper Networks,Inc. 214. When to Use Link-State RoutingUse link-state routing with: Any size, well-designed network Any network that requires network scalability Larger, more complicated networks Faster convergence requiredDrawbacks Can flood the network's transmission facilities, therebysignificantly decreasing the network's capability totransport data Memory and processor intensiveCopyright 2003, Juniper Networks,Inc. 215. Martian AddressesHost or network addresses about which all routinginformation is ignoredCommonly sent by improperly configured systems onthe network and have destination addresses that areobviously invalidIn IPv4, these are the default martian addresses: 0.0.0.0/8 127.0.0.0/8 128.0.0.0/16 191.255.0.0/16 192.0.0.0/24 223.255.255.0/24 240.0.0.0/4Copyright 2003, Juniper Networks,Inc. 216. Route FlappingWhat is route flapping? Instability in the reachability of a prefix Occurs during a topology change In an unstable network, routers might be unable to decide ona route to a destinationDealing with route flapping Different protocols have different solutionsCopyright 2003, Juniper Networks,Inc. 217. JUNOS Routing PolicyControls routing information transferred betweenrouting table and each routing protocol Incoming routing information can be ignored or changed Outgoing routing information can be suppressed or changedSome match conditions are protocol-specificCopyright 2003, Juniper Networks,Inc. 218. When to Apply PolicyYou do not want to import all learned routes into therouting tableYou do not want to advertise all learned routes toneighboring routersYou want one protocol to receive routes from anotherprotocolYou want to modify information associated with a routeCopyright 2003, Juniper Networks,Inc. 219. Import and Export Policy filtering is done with respect to the JUNOSrouting table Export policy is applied to active paths in the routingtableCopyright 2003, Juniper Networks,Inc.NNeeiigghhbboorrssPPrroottooccoollRoutingtableForwardingtablePPrroottooccoollImportRoutes RoutesPFEExportNNeeiigghhbboorrss 220. Routing Policy Allows you to filter and control routing informationentering and leaving the router Separate policy for each routing protocolRoutes RoutesCopyright 2003, Juniper Networks,Inc.NNeeiigghhbboorrssPPrroottooccoollRoutingtableForwardingtablePPrroottooccoollPFENNeeiigghhbboorrssImport policy #1Import policy #2Export policy #1Export policy #2 221. Routing PolicyPolicies can be chained together to increase theireffectivenessRoute PPoolliiccyyAcceptPPoolliiccyyRejectAccept... RejectLastpolicyAcceptDefaultpolicyRejectCopyright 2003, Juniper Networks,Inc.AcceptReject 222. Routing PolicyPolicies contain collections of termsTerms contain a condition and an action to apply toeach routeRoute TTeerrmmAcceptTTeerrmmRejectAccept... RejectLasttermAcceptCopyright 2003, Juniper Networks,Inc.NextpolicyReject 223. Default Routing Policy ActionsDifferent default policies for each protocol beingimported or exported describe default protocolbehaviorReaching the end of a policy, or chain of policies,invokes default policy for that protocolCopyright 2003, Juniper Networks,Inc. 224. How Routing Policies Are EvaluatedRRoouuttee PPoolliiccyyAcceptRejectPPoolliiccyyAcceptRejectLastConfiguredpolicyAcceptCopyright 2003, Juniper Networks,Inc.DefaultpolicyactionRejectAcceptRejectContinueevaluatingContinueevaluatinguntil 225. Routing Policy ExampleAdditionalPoliciesCopyright 2003, Juniper Networks,Inc.RRoouutteeTTeerrmmAcceptor rejectTTeerrmmTTeerrmmAcceptor rejectAcceptor rejectPolicy 1TTeerrmmAcceptor rejectTTeerrmmTTeerrmmAcceptor rejectAcceptor rejectPolicy 2TTeerrmmAcceptor rejectDefaultaction 226. Routing Policy ExampleRRoouutteePolicy termSourceConditionsDestinationConditionsMatchAAccttiioonnssDoes notmatch allconditionsDefaultactionCopyright 2003, Juniper Networks,Inc. 227. JUNOS Routing DatabasesRouting tableMaster forwarding tableForwarding tableNetwork interfacesRouting EngineRoutingProtocol ProcessJUNOS kernelPacket Forwarding EngineCopyright 2003, Juniper Networks,Inc. 228. Review Questions1. When would you implement static routing? Dynamicrouting?2. What are the primary differences between distance-vectorprotocols and link-state protocols?3. How does a distance-vector protocol handle routerupdates?4. What happens when the network converges?(Describe the process.)5. Describe the JUNOS routing policy and itsimplementation.Copyright 2003, Juniper Networks,Inc. 229. Lab 3: Static RoutingCopyright 2003, Juniper Networks,Inc. 230. Juniper NetworksNetworking EssentialsModule 8: Interior Gateway ProtocolsCopyright 2003, Juniper Networks, Inc. IJNR-6.b.6.1.2 231. Module Objectives After successfully completing this module, you should be able to: Describe RIP architectural features, standards, limitations, andpacket format Explain JUNOS support for RIP Configure a Juniper Networks router with a minimum RIPconfiguration Describe OSPF standards, terminology, routing algorithms, packetformat, external metrics, designated routers, and traffic engineeringextensions Explain JUNOS software support for OSPF Configure a Juniper Networks router with a minimum OSPFconfiguration Describe IS-IS standards, terminology, network addressing, packetformat, and traffic engineering extensions Explain JUNOS software support for IS-IS Configure a Juniper Networks router with a minimum ISISconfigurationCopyright 2003, Juniper Networks,Inc. 232. IGPs vs EGPsIGP Internal Gateway Protocol Used to optimize the route a packet takes between pointswithin an Autonomous System(AS network infrastructureunder a unique set of administrative and technical policies)EGP External Gateway Protocol Used to provide for the exchange of routing informationbetween Autonomous Systems Typically designed for doing policy routing, providing controlover routes leaving and entering an ASCopyright 2003, Juniper Networks,Inc. 233. What Is OSPF?An interior gateway protocol (IGP) based on theshortest path first (SPF) algorithm, also known as theDijkstra algorithmCreated to fill the need for a high-functionality,standards-based IGP for the TCP/IP protocol familyMain RFCs: 1587 OSPF NSSA Option 2328 OSPF Version 2 (current implementation)Copyright 2003, Juniper Networks,Inc. 234. What Is a Link-State Protocol ?Link = router interfaceState = description of interface and its relationship toneighboring routersOSPF routers send link-state advertisements (LSAs) toall other routers within the same hierarchical areaRouters store information in a link-state, or topological,databaseEach OSPF router uses the SPF algorithm to calculatethe shortest path to each nodeCopyright 2003, Juniper Networks,Inc. 235. What Is SPF?Places each router at the root of a tree and calculatesthe shortest path to each destination based on thecumulative cost to reach that destinationEach router has its own view of the topology, eventhough all the routers build a shortest-path tree usingthe same link-state databaseCopyright 2003, Juniper Networks,Inc. 236. OSPF Routing HierarchyLargest entity is the autonomous system (AS)An AS can be divided into areas, groups of contiguousnetworks, and hosts Routers within a single area have identical link-statedatabases Area Border Routers (ABRs): routers with interfaces inmultiple areas AS Boundary Routers (ASBRs): routers that act as gatewaysto other protocols or another ASCopyright 2003, Juniper Networks,Inc. 237. OSPF BackboneOSPF backbone (Area 0) distributes routinginformation between areas Contains all area border routers and backbone routers All traffic between areas goes through the backboneBackbone is itself an OSPF areaIf backbone is configured as not contiguous, mustconfigure virtual links Between any backbone routers that share a link to anonbackbone area, or the transit area Function as direct linksCopyright 2003, Juniper Networks,Inc. 238. OSPF Area RelationshipsIntra-area routesBackboneArea 1Area 3Area 2(0.0.0.0)Inter-area routes(Summary routes)Copyright 2003, Juniper Networks,Inc.RIPExternal routes BGP 239. OSPF Stub AreasStub areas Do not carry external routes Virtual links cannot be configured across Cannot contain ASBRTotally stubby areas Stub area that only receives the default route from thebackboneNot-so-stubby areas Allows limited importing of external routesTransit areas Used to pass traffic from one adjacent area to the backbone,or to another area if the backbone is more than two hops awayfrom an areaCopyright 2003, Juniper Networks,Inc. 240. OSPF Area TypesInter-area routes(summary routes) Default routeBackboneStubarea(0.0.0.0)Copyright 2003, Juniper Networks,Inc.RIPExternal routes BGPTotally stubbyareaNot-so-stubbyareaIntra-area routes 241. OSPF NeighborsRouters that share a common segment within a singlearea are neighborsNeighbors become adjacent to exchange LSAsThe goal: to achieve identical link-state databasesCopyright 2003, Juniper Networks,Inc. 242. Neighbors Exchange Link-State InfoNeighbors exchange link-state update packetscontaining LSAs at initialization and when routinginformation changesLink-states exchanged by flooding: Each router thatreceives a link-state update stores a copy in its link-statedatabase and then propagates the update to otherroutersOnce the database is complete, the router calculates anSPF Tree to all destinations using the DijkstraalgorithmOSPF activity determined by the amount of change the less change, the less activityCopyright 2003, Juniper Networks,Inc. 243. OSPF Packet Types Hello: Establishes and maintains neighbor relationships Database Description: Describes the contents of the link-statedatabase by sending LSA headers. Exchanged when an adjacencyis initialized. Link-State Request: Requests specific LSAs from neighborrouters. Exchanged after a router discovers that parts of itsdatabase are missing or out of date. Link-State Update: Responds to a link-state request packet. Alsoused for the regular dispersal of LSAs to reflect topology changes.Several LSAs can be included within a single link-state updatepacket. Link-State Acknowledgment: Acknowledges receipt of link-stateupdate packets. Implements guaranteed flooding.Copyright 2003, Juniper Networks,Inc. 244. OSPF RoutingLink-state advertisementsNSSA External LinksNSSAExternal LinksType 5Router LinksDescribe the state and cost of the routerslinks (interfaces) to the area (Intra-area).Network LinksType 2Type 1ABRCopyright 2003, Juniper Networks,Inc.Type 7Used by not-so-stubby areas toimport external routes into a stubarea.ASBROriginated by an ASBR.Describe destinations externalto the autonomous system or adefault route to the outside AS.DROriginated for multi-access segments withmore than one attached router. Describeall routers attached to the specificsegment. Originated by a DesignatedRouter (discussed later on).Summary LinksTypes 3 and 4Originated by ABRs only.Describe networks in the AS but outside of area(Inter-area).Also describe the location of the ASBR.ASBR 245. Link-State AdvertisementsField length,in bytes 1 1 2 4 4 2 2 8 VariableType length VersionnumberID Area ID sum Packet# of LSAs LSAAuthentication DataAuthent-icationtypeCheck-RouterHeader LSA Data LSAHeader LSA Data Copyright 2003, Juniper Networks,Inc. 246. Designated RouterOne designated router (DR) and one backup designatedrouter (BDR) per multi-access segmentMinimizes amount of information exchange on thesegmentDesignatedRouterCopyright 2003, Juniper Networks,Inc.BackupDesignatedRouter 247. External RoutesASBRs discover external routes Static routes Exterior gateway protocol, such as BGP, for exampleExternal Type 1 Cost = external cost + internal cost Preferred over Type 2External Type 2 Cost = external costCopyright 2003, Juniper Networks,Inc. 248. When to Use OSPFFaster convergence than distance vectorSupports much larger networksLess susceptible to bad routing informationCopyright 2003, Juniper Networks,Inc. 249. OSPF Design TipsNumber of routers per area Depends on many factorsNumber of neighbors Fewer neighbors = better performance Link State Database grows proportionately to the number oflinks in an areaNumber of areas per ABR Fewer areas = better performanceFull mesh vs. partial mesh Partial works betterCopyright 2003, Juniper Networks,Inc. 250. JUNOS OSPF SupportOSPF Version 2, including: Virtual links Stub areas AuthenticationCopyright 2003, Juniper Networks,Inc. 251. Configuring OSPFMinimal configuration exampleprotocols {Copyright 2003, Juniper Networks,Inc.ospf {area 0.0.0.0 {interface interface-name;interface interface-name;}} 252. Useful Commandsshow ospf neighbor displays state of neighbors/adjacenciesAddress Intf State ID Pri Dead172.16.30.254 fe-0/0/0.0 Full 10.250.240.8 128 30area 0.0.0.5, opt 0x2, DR 172.16.30.254, BDR 172.16.30.253Up 00:10:50, adjacent 00:10:50172.16.30.253 fe-0/0/0.0 Full 10.250.240.35 128 30area 0.0.0.5, opt 0x2, DR 172.16.30.254, BDR 172.16.30.253Up 00:10:50, adjacent 00:10:52172.16.30.252 fe-0/0/0.0 2Way 10.250.240.32 64 38area 0.0.0.5, opt 0x2, DR 172.16.30.254, BDR 172.16.30.253Up 00:08:10show ospf interface displays state of interfacesInterface State Area DR ID BDR ID Nbrsfe-0/0/0.0 DR 0.0.0.0 192.168.12.1 192.168.8.1 1fe-0/0/1.0 DR 0.0.0.0 192.168.12.1 0.0.0.0 0Copyright 2003, Juniper Networks,Inc. 253. Useful Commands (contd)show ospf database displays all learned OSPF LSAsOSPF link state database, area 0.0.0.0Type ID Adv Rtr Seq Age Cksum LenRouter *10.250.240.8 10.250.240.8 0x800001fc 2388 0x3684 36Router 10.250.240.17 10.250.240.17 0x80000217 1835 0x444c 36Router 10.250.240.32 10.250.240.32 0x80000232 1876 0x0158 36Router 10.250.240.35 10.250.240.35 0x80000291 1100 0x4aa5 36Network 192.168.254.230 10.250.240.8 0x800001cc 117 0xab67 40Summary 10.1.2.0 10.250.240.17 0x80000216 1535 0x1729 28Summary 10.1.3.34 10.250.240.8 0x8000013a 2217 0x842f 28OSPF link state database, area 1.0.0.0Type ID Adv Rtr Seq Age Cksum LenRouter 10.250.240.9 10.250.240.9 0x80000267 116 0x1bb3 36[additional information]Copyright 2003, Juniper Networks,Inc. 254. Lab 5: OSPF Configuration LabLab objective:Configure a Juniper Networks router with a minimalOSPF configurationCopyright 2003, Juniper Networks,Inc. 255. Review Questions1. What type of routing protocol is RIP?2. What algorithm is used by RIP to determine the bestpath to forward data?3. What type of metric does RIP use?4. What is the maximum network diameter, in terms ofhop count, for RIP?5. What is a Link-State protocol?6. Describe the types of areas that can be used byCopyright 2003, Juniper Networks,Inc.OSPF?7. Describe the purpose of the DR in OSPF?8. What are ISIS packets called?9. Describe some similarities between OSPF and ISIS? 256. Juniper NetworksNetworking EssentialsModule 9: BGP ProtocolCopyright 2003, Juniper Networks, Inc. IJNR-6.b.6.1.2 257. Module ObjectivesAfter successfully completing this module, you shouldbe able to: Describe the definition, use, operation, implementation, andinteroperability considerations for BGP Describe BGP standards, autonomous systems, AS path andattributes, external and internal operational features, routes,and messages Explain JUNOS software support for BGPCopyright 2003, Juniper Networks,Inc. 258. What Is BGP?BGP is an inter-domain routing protocol thatcommunicates prefix reachabilityBGP is a path vector protocol Similar to distance vectorBGP views the Internet as a collection of autonomoussystemsStability is very important to the Internet and BGPBGP supports CIDRBGP routers exchange routing information betweenpeersDefined in RFC 1771Copyright 2003, Juniper Networks,Inc. 259. BGP FundamentalsRoutes consist of destination prefixes with an AS pathand BGP-specific attributesEach BGP update contains one path advertisement andattributes Many destinations can share the same pathBGP compares the AS path and attributes to choosethe best pathUnfeasible routes can be advertised Unreachable routes are withdrawnCopyright 2003, Juniper Networks,Inc. 260. BGP ConnectionsBGP updates are incremental No regular refreshes Except at session establishment, when volume of routingcan be highBGP runs over TCP connections TCP port 179 TCP Services Fragmentation,