JNR- Juniper Networks Routers

Presentation

Juniper Hardware Overview.

- Products at a Glance
- Products Comparision.
- General Router Architecture.
- Hardware Overview.

Juniper VS Cisco

Routing task has been divided into various entities with ASIC Architecture.
whereas this feature is not being provided by Cisco

Once the configration is done, a user can call rollback to previous configuration. While this facility is
not with Cisco.

General Router Architecture

- Routing Engine
- Packet Forwarding Engine
- Relationship between Routing Engine and Packet forwarding
Engine.

Hardware Overview
- Routing Engine.
- Packet forwarding Engine.
- System Midplane.
- Flexible PIC concentrator ( FPC)
- Physical interface Card.
- System Control Board.

Routing Engine

RT

FT

CLI

JUNOS
Software

fxp1/bcm0

Packet Forwarding Engine

FT
Packets Out
Packets In

Routing Engine maintains routing table (RT) and primary copy of forwarding table (FT)
All M-series and T-series platforms share the same basic design philosophy

Clean separation of control and forwarding

Packet Forwarding Engine receives FT from Routing Engine

Packet forwarding Engine

Forwards the packets through the router . It is a high Performance switch
That is capable of forwarding up to 160 Mpps.

Routing Engine
Performs the routing updates and system management.it consists of routing
protocol software processes running inside a protected environment on a
General-purpose computer platform with a direct 100 Mbps connection to
the packet forwarding engine.

Routing Engine Overview.

JUNOS Software resides in the flash memory.

- Backup copy available on the Hard drive

Provides routing Protocol intelligence to the packet forwarding Engine
- Not directly involved with packet forwarding
- Runs various routing protocols.
Implements command-line interface ( CLI )
Manages Packet forwarding Engine

Packet forwarding Engine Components.

Physical interface card ( PIC )
Provides physical layer interface and signaling.

Flexible PIC concentrator ( FPC )

Carrier that accepts physical interface cards ( PIC )

System Midplane
Control
- AXI 520-1 and 520-2 Forward Engine Board ( FEB)
- Combined FPC and Control Board.
- AXI 520-4 System switching Board (SSB)
- AXI 520 System Control Board ( SBM )

FPCs are hot insertable and hot removable Each FPC is mounted on a card
Carrier . When you remove an FPC and install a new one , the backplane flushes
The entire system memory pool before the new card is brought online, a process
That takes about 100 milliseconds.
Each FPC hold 4 PIC
FPCs connect to the PICs to the rest of the packet forwarding Engine so that
incoming packets can be forwarded across the backplane to the appropriate
destination port.

Switch Fabric
Memory

Architecture of FPC and PIC

connection
Physical
Interface
Card (PIC)

PIC
PIC

ASIC

FPC

PIC

Standard Interfaces - Individual Ports

Individual ports are uniquely identified
Port location based on:
FPC slot number
PIC slot number within FPC
Port number within PIC
Interface port type names:
at - ATM over SONET/SDH ports
so - SONET/SDH ports
t3 - DS-3 ports
ge - Gigabit Ethernet ports
ip - IP-IP tunneled ports
gr - GRE tunneled ports
For example e1-0/1/2.0 or fe-3/2/0.0 etc

PIC
PIC support from 0 to 3 physical ports
- Some PICs support channelized options.
- Tunnel PIC and Multilink PIC do not have any ports.
- Each port have LED status.

In case of the PIC first offline the PIC

Show chassis fpc pic status
Request chassis pic offline fpc-slot 2 pic-slot 3
Example of PICs 4 port Fast Ethernet , 2 port ATM OC-3 etc

PIC Slot Numbers and Port Numbers

For the AXI 520 router, the four PIC

slots are numbered from 0 through 3,
From the top of the FPC to the bottom.
The PIC slots are printed on the FPC
Carrier board. For PICs that occupy
more than one PIC slot, the lower or lowest
slot number is used.

FPC 0-7
Left to right

PICs 03
(Top to bottom)

The number of ports varies, depending

on the PIC. The ports are numbered
from top to bottom and from right to
left. The port numbers are also printed on
the front of the PIC.

Access Routers Management Ports

Console

- Db9 EIA-232 @ 9600Bps,8/N/1 (preconfigured)

Management port, using Telnet ,SSH

-Requires Configuration

M5 and M10 / AXI-520-1 and AXI520-2 Connector

- Management Ethernet
- Provides access to router from administrative network.
- Can not login as root directly.
- Console
- Provides the direct access to JUNOS software.
- Can login as root.
- Auxiliary console.
Provides modem access to JUNOS software

M-series and T-series Product Line

M160
Router

M40
Router

M5/M10
Routers

M20
Router

Forwarding
Performance
per Rack Inch
Sep. 1998

Dec. 1999

March 2000

Sep. 2000

...

M-series and T-series Product Line

T640 Internet
Routing Node

M40e
Router

T320 Router

M7i

M320

M10i

A Continuing History
of Rapid Innovation

...
Dec. 2001

Feb. 2002

August 2002

Sept. 2003

Feb. 2004

Products at a Glance
M5

---- AXI-520-1

--- No Redundancy on Routing Eng.

M10 ---- AXI-520-2

--- No Redundancy on Routing Eng.

M20 ---- AXI-520-4

M40 ---- AXI-520

--- No Redundancy on Routing Eng.

M160 --- AXI-580

-

Based on common ASIC Technology

Common JunOS Software
Common Architecture
Main Difference between routers is throughput ,size,No of physical ports
PIC s/Chassis

M5

/ AXI-520-1
-

This router has No Redundancy on Routing Engine

Supports 4 PICs per Chassis

Aggregate throughput of 5+ Gbps.

M10 / AXI-520-2
-

This router has No Redundancy on Routing Engine

Supports 8 PICs per Chassis

Aggregate throughput of 10+ Gbps

M-series ASICs
Internet
Processor II

M-series System Board

(For example, SSB, SFM)
Buffer
Manager 1

FPC

PICs

I/O
Manager

PIC I/O
Manager
PIC I/O
Manager

PIC I/O
Manager
PIC I/O
Manager

M
E
M

Forwarding
Table

Buffer
Manager 2

I/O
Manager

M
E
M

M
E
M

I/O
Manager

PIC I/O
Manager
PIC I/O
Manager

PIC I/O
Manager
PIC I/O
Manager

JUNOS
JUNOS Internet software runs on the routing engine
Consists of the Following.
- JUNOS Kernel.
- Routing Protocol Process.
- Interface process.
- Chassis Process.
- SNMP process.
- Management Process.
- Command line interface process.
The software consists of a series of processes that handle the router s Management processes
JUNOS is a Multi Module design and each process runs in a separate memory Space, It resides in
the RE, Which runs on the Intel based PCI platform.Routing Engine has a dedicated 100 Mbps
Internal connection to PFE. If one process dies that another is not affected (S M Space)

Routing protocol process

Core Functions.
- Controls routing protocols running on the router.
- starts all configured protocols.
- Handles all routing messages.
- Maintains routing tables.
- implement routing policy.

Chassis process
- chassis daemon ( Chassisd ) allows you to configure and control
the properties of the router.
- Conditions that trigger alarms.
- clock sources.
- Communicates directly with Chassis daemon in PFE.

SNMP process
Simple Network Management protocol ( SNMP )
Master Agent and various subagents (snmpd)
- Support SNMP V1 and V2

Management process
- Management process (mgd) is responsible for CLI
- Configuration Access to System.
- Manages the CLI
- CLI is client of MGD.

Command line Interface

Command line interface ( CLI ) is the primary interface to
- Configure the JUNOS software .
- Monitor and trouble shoot the software , network connectivity
and router hardware.

Overview of the CLI

Universal access to router using
Console
Management port, using Telnet, SSH, RADIUS.
User authentication using login name and password
Users have individual accounts
Per-user command class permissions
Line editor with command history
Context-sensitive help
Command completion
UNIX style pipes

Basically there are two modes one is operational mode and another is configuration mode .

Overview of the CLI (cont.)

Configure
Object-based hierarchy
commit changes when done
rollback if necessary
load or save configuration files
Monitor or view information
show command
Troubleshoot
traceroute command
ping command
monitor command

Operational Mode Commands

- Show
- Request
- restart
- ping
- traceroute
- clear
- monitor
- test
- file
- telnet
- set
- start
- quit

CLI Operational Mode

Commands are executed (mainly) from default CLI level (user@host>)

-Can be executed from configuration Mode with run command.
-Hierarchy of commands.

Initial Configuration
-

Root account
- Root is the only predefined account
- Root password is not set at a factory
- use console to configure root password
Host name
Management interface IP and prefix length.
Default router IP address.
Domain name and DNS Server address

Login as root and then give the command

# cli

For coming to command line interface .

Enter configuration mode using edit or configure

Set the root password
Plain text password
Set the router name
{edit }
root@ancd# set system host-name lab2
Commit changes so far.
{edit }
root@lab2# commit check
root@ancd# commit
root@ancd# commit sync If more than one RE
Set Management Ethernet IP
{edit }
root@lab2# set interface fxp0 unit 0 family inet <address> /prefix-length
Set default route
{edit }
root@lab2# set routing-options static route default next-hope
gateway address> /prefix-length

Set name Server address

{edit }
root@lab2# set system name-server ns-address
Set Remote access
{edit }
root@lab2# set system service ssh
Set User accounts.

Create VRFs and their routes.

Create physical interfaces like ethernet and WAN interfaces

Editing Lines
Command completion saves typing
Type the minimum characters required and press space or
tab key
Completion Example
root@lab2> sh<space>ow i<space>
'i' is ambiguous.
Possible completions:
igmp Show information about IGMP
interfaces Show interface information
isis Show information about IS-IS
root@lab2> show i

Interpreting Output - Invalid String

Error messages
^ displayed under error
Message indicates type of error
Example
[edit]
root@lab2# load config-file<Enter>
^
syntax error, expecting merge, override, or
replace.
root@lab2>

Getting Help
Type ? anywhere on command line
Help depends on where you are
Beginning of line
Shows help for top level of hierarchy
End of command
Shows help for next level in hierarchy
Middle of command
Shows list of matching commands at current level in
help apropos <string>

hierarchy

Getting Help: Examples

List all available commands

root@lab2> ?
Possible completions:
clear Clear information in the system
configure Manipulate software configuration information
Copy Copy files
monitor
Real-time debugging
ping
Ping a remote target
quit
Exit the management session
request
Make system-level requests
restart
Restart a software process
set
Set information about the system
show
Show information about the system
ssh
Open a secure shell to another host
start
Start a software process
telnet
Telnet to another host
test
Diagnostic debugging commands
traceroute Trace the route to a remote host

Configuring the Router Overview

CLI has separate configuration mode
You edit a copy of current configuration called the candidate configuration
Changes you make are visible to other CLI users
Changes they make might conflict with your changes
Changes do not take effect until you commit them
When committed, candidate configuration becomes active and a new
candidate is created

Path where configuration files are stored

Last 3 configuration are stored in /config/juniper.conf
--- resides on the solid-state flash disk
--- May be recovered with rollback 1
--- Active configuration is always juniper.conf
--- Second latest is named as juniper.conf.1
Rest 46 are stored in /var/db/config
A Maximum of 50 configurations can be stored.

Entering Configuration Mode

Type configure or edit at the CLI prompt
root@lab2> configure
entering configuration mode
[edit]
root@lab2#
To allow a single user to edit the configuration type configure exclusive
In the edit mode if you changed and did not commit and want to check the
changes made (only in M and T series Routers)
# Show | compare /config/juniper.conf
# Show | compare rollback 0
To run the operational mode commands at configuration mode start commands
With run (only in M and T series Routers)

Configuration Operations
Add and modify configuration statements
edit, set, rename, and insert commands
Display current configuration
show command
Save, validate, and a complete configuration
commit command activate
Return to previously saved configuration
rollback command
Remove configuration statements
delete command

Configuration Basics
Move around statement hierarchy using edit command
Like UNIX cd command
Alter configuration using set command
Activate configuration using commit command

Moving Around the Hierarchy

Similar to UNIX/Windowsstyle directories
Configuration statements organized as a tree
Least specific configuration topics appear at the base of tree
chassis
interfaces
policy-options
protocols
routing-options
snmp
system

Moving Around the Hierarchy

Use the edit command to focus your attention on a particular part of the hierarchy
[edit]
root@lab2# edit protocols
[edit protocols]
root@lab2# edit
Possible completions:
> bgp BGP options
> dvmrp DVMRP options
> igmp IGMP options
> isis IS-IS configuration
> mpls Multiprotocol label switching options
> ospf OSPF configuration
> pim PIM options
> router-discovery ICMP router discovery options
> rsvp RSVP options
> sap Session Advertisement Protocol options
[edit protocols]
root@lab2#

Moving Around the Hierarchy

The question mark is your friend
[edit]
root@lab2# edit ?
Possible completions:
> chassis Chassis configuration
> interfaces Interface configuration
> policy-options Routing policy option configuration
> protocols Routing protocol configuration
> routing-options Protocol-independent routing option
configuration
> snmp Simple Network Management Protocol
> system System parameters
[edit]

Moving Around the Hierarchy

Use the exit command to move back to where you just were
exit at the top level exits configuration mode
exit configuration-mode exits no matter where you are
Use the up command to move up a level
Use the top command to move to the top of the hierarchy
[edit protocols]
root@lab2# up
[edit]
root@lab2# edit protocols ospf
[edit protocols ospf]
root@lab2# edit area 0
[edit protocols ospf area 0.0.0.0]
root@lab2# exit
[edit protocols ospf]
root@lab2# top
[edit]
root@lab2#

Modifying the Configuration

Use the set command to add configuration statements
set command changes configuration statements if they already exist
[edit]
root@lab2# set protocols ospf area 0 interface so-0/0/0 hello-interval 5
[edit]
root@lab2#

Modifying the Configuration

Optionally move into the OSPF hierarchy and save some keystrokes
[edit]
root@lab2# edit protocols ospf area 0 interface so-0/0/0
[edit protocols ospf area 0 interface so-0/0/0]
root@lab2# set hello-interval 5
[edit protocols ospf area 0 interface so-0/0/0]
root@lab2# set retransmit-interval 10
[edit protocols ospf area 0 interface so-0/0/0]
root@lab2# set metric 10
[edit protocols ospf area 0 interface so-0/0/0]
root@lab2# up
[edit protocols ospf area 0]

Viewing the Configuration

Use the show command to see the candidate
configuration
Begins at current hierarchy level
Can specify starting level
Indented to match each hierarchy level
[edit protocols ospf area 0.0.0.0]
root@lab2# show
interface so-0/0/0 {
metric 15;
retransmit-interval 10;
hello-interval 5;
}
[edit protocols ospf area 0.0.0.0]
root@lab2#

Removing Statements
[edit]
root@lab2# edit protocols ospf area 0 interface so-0/0/0
[edit protocols ospf area 0 interface so-0/0/0]
root@lab2# delete hello-interval
[edit protocols ospf area 0 interface so-0/0/0]
root@lab2# delete retransmit-interval
[edit protocols ospf area 0 interface so-0/0/0]
root@lab2#

Activating the Configuration

Activate configuration changes using the commit command
[edit]
cli# commit
commit complete
[edit]
cli#
Save checks configuration before activating it
System never commits for you
Only one exception: commit confirmed
commit confirmed
Requires second commit to confirm configuration
You can also do commit check for checking your configuration before commit

Returning to Previous Versions

Use the rollback command to restore one of the last 49 previously committed
configurations
rollback and rollback 0 reset the candidate configuration to the currently
running configuration, which is the last version committed
rollback 1 loads the configuration before that and so on

Saving Configuration Files

Current candidate configuration from current hierarchy level
and below can be saved to ASCII file using save command
[edit]
cli# save filename
[edit]
cli#
File is saved to users home directory unless full path name is specified
Filename can be URL or in user@host notation

Loading a Configuration File

Configuration information can come from an ASCII file prepared elsewhere

Use the load command to:
Override an existing configuration
Merge new statements into existing configuration
Replace existing statements in current configuration
Syntax
load (replace | merge | override) filename
Changes candidate configuration only
You must commit to make active

Viewing Log Files

System keeps log files in /var/log
messages file contains running commentary about system
operation
Can be tuned to provide minimal up to extensive logging
Can be viewed with
show log file-name
Can be viewed in real time with
monitor start file-name
Additional logging can be turned on on a per-module basis
specify file name with
traceoptions file file-name command
specify what is to be logged with
traceoptions flag keywords command

Configuring Interfaces
Standard configuration statement hierarchy
interfaces {
interface-name {
Deactivate/disable at-5/2/0 it will show inactive/disable
physical-properties;
[]
unit unit-number {
logical-properties;
[]
}
}
}
Configured using the set command
set interface interface-name interface-properties
-An interface can either be done inactive effectively commenting out the statement
-Disabling the interface or logical unit means effectively un configuring it

System Management Overview

CLI commands allow the user to monitor and perform system management tasks
System management areas include:
Software version
Router up time
Configuration
Log files
Remote system reachability
System software
Stop and restart processes and software
Manipulate files

Software Version
View software currently running:
show version <brief | detail>
No option gives detailed information of the JUNOS packages plus any other
packages running on the router
brief gives information of just the JUNOS packages
detail gives detailed information of the JUNOS packages plus any other packages
running on the router and any packages on the router but not running

Router Up Time
Display current time and information about how long processes have been
running
show system uptime
Example output:
show system uptime
Current time: 1998-10-13 19:45:47 UTC
System booted: 1998-10-12 20:51:41 UTC(22:54:06 ago)
Protocols started: 1998-10-13 19:33:45 UTC(00:12:02
ago)
Last configured: 1998-10-13 19:33:45 UTC(00:12:02 ago)
12:45PM up 22:54, 2 users, load averages: 0.07, 0.02,
0.01

Configuration
View system configuration
show configuration
Test system configuration
test configuration < filename | terminal>
filename is used to test a particular configuration file for syntex
terminal is used to test text being typed on a particular terminal

User Account Information

View users currently logged in
show system users <noresolve>
Display permissions for the current user
show cli authorization
Example permissions
admin
clear
configure
edit
interface
routing
- Systemwide Messages

Log Files
View log files and their contents
show log <user < user-name>> < filename>
Monitor log files
monitor (start | stop) filenames
Log files are generated by routing protocols or by syslog

System Software
Display information about the system memory and buffer pool usage
show system buffers
Display information about software processes that are
running on the router
show system processes <wide> <brief | detail | extensive | summary>

System Software (contd)

Display information about system wide protocol-related statistics
show system statistics < protocol>
Display statistics about the amount of free disk space in the routers file systems
show system storage
Display the state and checksum values for the files in the router file systems
show system audit <root-only>

Stop and Restart Processes and Software

Restart a software process
restart (interface-control | mib-process |routing | snmp) <soft>
Note: never restart any of the software processes unless instructed to do so by a
customer support engineer.
Adding and deleting software
request system software (add | delete) filename <force>
Stop the router software
request system halt <at time> <in minutes> <message text>

Stop and Restart Processes and Software (contd)

Reboot the software on the router
request system reboot <at time> <in minutes> <message text>
Display any pending system halts or reboots
show system reboot
Clear any pending system halts or reboots
clear system reboot

Stop and Restart Processes and Software (contd)

Back up the currently running and active file system partitions on the router
request system snapshot
root (/) is backed up to /altroot
/config is backed up to /altconfig

Systemwide Messages
Send a message to all users currently logged in
request message all message text
Send a message to a particular user or a particular terminal
request message message text (terminal terminal-name | user user-name)

Commands
Show chassis hardware
Show chassis alarm
Show Chassis environment
Show Chassis craft-interface
Show Chassis firmware
Show chassis fpc
Show chassis fpc detail 0
Show chassis fpc pic-status
Show chassis routing-engine
Show system processes extensive
Show system boot-messages
Show system statistics
Show system storage
Show system connections.
Show system uptime

Commands
Request system reboot
Request system snapshot
Request system halt
Show Version.