JNR- Juniper Networks Routers Presentation

Juniper Hardware Overview.

- Products at a Glance

- Products Comparision.

- General Router Architecture.

- Hardware Overview.

Juniper VS CiscoRouting task has been divided into various entities with ASIC Architecture. whereas this feature is not being provided by Cisco Once the configration is done, a user can call rollback to previous configuration. While this facility is not with Cisco.

General Router Architecture

- Routing Engine- Packet Forwarding Engine - Relationship between Routing Engine and Packet forwarding Engine. Hardware Overview- Routing Engine.- Packet forwarding Engine. - System Midplane. - Flexible PIC concentrator ( FPC)- Physical interface Card.- System Control Board.

Routing Engine maintains routing table (RT) and primary copy of forwarding table (FT)All M-series and T-series platforms share the same basic design philosophyClean separation of control and forwardingPacket Forwarding Engine receives FT from Routing Engine

Packet Forwarding EngineRouting Enginefxp1/bcm0Packets OutFT RTFTJUNOSSoftwareCLI Packets In

Packet forwarding Engine

Forwards the packets through the router . It is a high Performance switch That is capable of forwarding up to 160 Mpps.Routing Engine

Performs the routing updates and system management.it consists of routing protocol software processes running inside a protected environment on a General-purpose computer platform with a direct 100 Mbps connection to the packet forwarding engine.

Routing Engine Overview.

JUNOS Software resides in the flash memory. - Backup copy available on the Hard drive

Provides routing Protocol intelligence to the packet forwarding Engine

- Not directly involved with packet forwarding - Runs various routing protocols.

Implements command-line interface ( CLI )

Manages Packet forwarding Engine

Packet forwarding Engine Components. Physical interface card ( PIC )Provides physical layer interface and signaling. Flexible PIC concentrator ( FPC ) Carrier that accepts physical interface cards ( PIC ) System Midplane Control- AXI 520-1 and 520-2 Forward Engine Board ( FEB)- Combined FPC and Control Board.- AXI 520-4 System switching Board (SSB)- AXI 520 System Control Board ( SBM )

FPCs are hot insertable and hot removable Each FPC is mounted on a cardCarrier . When you remove an FPC and install a new one , the backplane flushes The entire system memory pool before the new card is brought online, a process That takes about 100 milliseconds.

Each FPC hold 4 PIC

FPCs connect to the PICs to the rest of the packet forwarding Engine so that incoming packets can be forwarded across the backplane to the appropriate destination port.

Architecture of FPC and PIC connectionPhysical Interface Card (PIC)PICPICPICFPCSwitch FabricMemory

Standard Interfaces - Individual Ports

Individual ports are uniquely identified Port location based on: FPC slot number PIC slot number within FPC Port number within PIC Interface port type names: at - ATM over SONET/SDH ports so - SONET/SDH ports t3 - DS-3 ports ge - Gigabit Ethernet ports ip - IP-IP tunneled ports gr - GRE tunneled ports

For example e1-0/1/2.0 or fe-3/2/0.0 etc

In case of the PIC first offline the PIC

Show chassis fpc pic statusRequest chassis pic offline fpc-slot 2 pic-slot 3

Example of PICs 4 port Fast Ethernet , 2 port ATM OC-3 etcPICPIC support from 0 to 3 physical ports - Some PICs support channelized options.

- Tunnel PIC and Multilink PIC do not have any ports.

- Each port have LED status.

For the AXI 520 router, the four PIC slots are numbered from 0 through 3, From the top of the FPC to the bottom. The PIC slots are printed on the FPC Carrier board. For PICs that occupy more than one PIC slot, the lower or lowest slot number is used.

The number of ports varies, depending on the PIC. The ports are numbered from top to bottom and from right to left. The port numbers are also printed on the front of the PIC.

PIC Slot Numbers and Port Numbers

PICs 03(Top to bottom)FPC 0-7Left to right

Access Routers Management Ports Console - Db9 EIA-232 @ 9600Bps,8/N/1 (preconfigured) Management port, using Telnet ,SSH -Requires Configuration

M5 and M10 / AXI-520-1 and AXI520-2 Connector

- Management Ethernet- Provides access to router from administrative network.- Can not login as root directly.

- Console- Provides the direct access to JUNOS software. - Can login as root.

Auxiliary console.Provides modem access to JUNOS software

M-series and T-series Product Line

March 2000Dec. 1999M40 RouterM20 RouterSep. 2000Forwarding Performance per Rack InchSep. 1998. . .M160 RouterM5/M10 Routers

M-series and T-series Product LineA Continuing History of Rapid InnovationFeb. 2002M40e RouterSept. 2003T320 RouterAugust 2002Dec. 2001M7iM10iM320Feb. 2004. . .T640 InternetRouting Node

Products at a Glance M5 ---- AXI-520-1 --- No Redundancy on Routing Eng. M10 ---- AXI-520-2 --- No Redundancy on Routing Eng.

M20 ---- AXI-520-4

M40 ---- AXI-520 --- No Redundancy on Routing Eng.

M160 --- AXI-580

- Based on common ASIC Technology - Common JunOS Software - Common Architecture - Main Difference between routers is throughput ,size,No of physical ports PIC s/Chassis

M5 / AXI-520-1

- This router has No Redundancy on Routing Engine Supports 4 PICs per Chassis

- Aggregate throughput of 5+ Gbps.

M10 / AXI-520-2

- This router has No Redundancy on Routing Engine Supports 8 PICs per Chassis

- Aggregate throughput of 10+ Gbps

M-series ASICsInternet Processor II ForwardingTableBuffer Manager 1Buffer Manager 2I/OManagerI/OManagerI/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerPIC I/OManagerFPCPICsM-series System Board (For example, SSB, SFM)M E MM E MM E MPIC I/OManagerPIC I/OManager

JUNOS JUNOS Internet software runs on the routing engine Consists of the Following.- JUNOS Kernel.- Routing Protocol Process.- Interface process.- Chassis Process.- SNMP process.- Management Process.- Command line interface process.

The software consists of a series of processes that handle the router s Management processes

JUNOS is a Multi Module design and each process runs in a separate memory Space, It resides in the RE, Which runs on the Intel based PCI platform.Routing Engine has a dedicated 100 Mbps Internal connection to PFE. If one process dies that another is not affected (S M Space)

Routing protocol process

Core Functions.- Controls routing protocols running on the router.- starts all configured protocols.- Handles all routing messages.- Maintains routing tables.- implement routing policy.

Chassis process- chassis daemon ( Chassisd ) allows you to configure and control the properties of the router. - Conditions that trigger alarms. - clock sources.- Communicates directly with Chassis daemon in PFE.

SNMP process

Simple Network Management protocol ( SNMP ) Master Agent and various subagents (snmpd) - Support SNMP V1 and V2

Management process- Management process (mgd) is responsible for CLI

- Configuration Access to System. - Manages the CLI - CLI is client of MGD.

Command line Interface Command line interface ( CLI ) is the primary interface to

- Configure the JUNOS software .

- Monitor and trouble shoot the software , network connectivity and router hardware.

Overview of the CLI

Universal access to router using Console Management port, using Telnet, SSH, RADIUS.

User authentication using login name and password Users have individual accounts Per-user command class permissions Line editor with command history Context-sensitive help Command completion UNIX style pipes

Basically there are two modes one is operational mode and another is configuration mode.

Overview of the CLI (cont.)

Configure Object-based hierarchy commit changes when done rollback if necessary load or save configuration files

Monitor or view information show command

Troubleshoot traceroute command ping command monitor command

Operational Mode Commands

- Show- Request- restart- ping- traceroute- clear- monitor- test- file- telnet- set- start- quit

CLI Operational ModeCommands are executed (mainly) from default CLI level (user@host>)

-Can be executed from configuration Mode with run command.

-Hierarchy of commands.

Initial Configuration

Root account - Root is the only predefined account - Root password is not set at a factory - use console to configure root password- Host name Management interface IP and prefix length.- Default router IP address.- Domain name and DNS Server address

Login as root and then give the command

# cli For coming to command line interface .

- Enter configuration mode using edit or configure - Set the root password Plain text password Set the router name {edit }root@ancd# set system host-name lab2 Commit changes so far.{edit }root@lab2# commit checkroot@ancd# commitroot@ancd# commit sync If more than one RE- Set Management Ethernet IP {edit }root@lab2# set interface fxp0 unit 0 family inet /prefix-length- Set default route {edit }root@lab2# set routing-options static route default next-hope gateway address> /prefix-length

- Set name Server address {edit }root@lab2# set system name-server ns-address- Set Remote access {edit }root@lab2# set system service ssh Set User accounts.

Create VRFs and their routes.

- Create physical interfaces like ethernet and WAN interfaces

Editing Lines

Command completion saves typing Type the minimum characters required and press space or tab key Completion Exampleroot@lab2> show i'i' is ambiguous.Possible completions:igmp Show information about IGMPinterfaces Show interface informationisis Show information about IS-ISroot@lab2> show i

Interpreting Output - Invalid String

Error messages ^ displayed under error Message indicates type of error Example[edit]root@lab2# load config-file^syntax error, expecting merge, override, orreplace.root@lab2>

Getting Help

Type ? anywhere on command line Help depends on where you are Beginning of line Shows help for top level of hierarchy End of command Shows help for next level in hierarchy Middle of command Shows list of matching commands at current level in hierarchy help apropos

Getting Help: Examples List all available commandsroot@lab2> ?Possible completions:clear Clear information in the systemconfigure Manipulate software configuration informationCopy Copy filesmonitor Real-time debuggingping Ping a remote targetquit Exit the management sessionrequest Make system-level requestsrestart Restart a software processset Set information about the systemshow Show information about the systemssh Open a secure shell to another hoststart Start a software processtelnet Telnet to another hosttest Diagnostic debugging commandstraceroute Trace the route to a remote host

Configuring the Router Overview

CLI has separate configuration mode

You edit a copy of current configuration called the candidate configurationChanges you make are visible to other CLI users Changes they make might conflict with your changes

Changes do not take effect until you commit them

When committed, candidate configuration becomes active and a new candidate is created

Path where configuration files are stored

Last 3 configuration are stored in /config/juniper.conf --- resides on the solid-state flash disk --- May be recovered with rollback 1 --- Active configuration is always juniper.conf --- Second latest is named as juniper.conf.1

Rest 46 are stored in /var/db/config

A Maximum of 50 configurations can be stored.

Entering Configuration Mode

Type configure or edit at the CLI promptroot@lab2> configureentering configuration mode[edit]root@lab2#

To allow a single user to edit the configuration type configure exclusive

In the edit mode if you changed and did not commit and want to check the changes made (only in M and T series Routers)# Show | compare /config/juniper.conf# Show | compare rollback 0

To run the operational mode commands at configuration mode start commandsWith run (only in M and T series Routers)

Configuration Operations

Add and modify configuration statements edit, set, rename, and insert commands Display current configuration show command Save, validate, and a complete configuration commit command activate Return to previously saved configuration rollback command Remove configuration statements delete command

Configuration Basics

Move around statement hierarchy using edit command Like UNIX cd command

Alter configuration using set command

Activate configuration using commit command

Moving Around the Hierarchy

Similar to UNIX/Windowsstyle directories Configuration statements organized as a tree Least specific configuration topics appear at the base of tree chassis interfaces policy-options protocols routing-options snmp system

Moving Around the Hierarchy Use the edit command to focus your attention on a particular part of the hierarchy[edit]root@lab2# edit protocols[edit protocols]root@lab2# editPossible completions:> bgp BGP options> dvmrp DVMRP options> igmp IGMP options> isis IS-IS configuration> mpls Multiprotocol label switching options> ospf OSPF configuration> pim PIM options> router-discovery ICMP router discovery options> rsvp RSVP options> sap Session Advertisement Protocol options[edit protocols]root@lab2#

Moving Around the Hierarchy

The question mark is your friend[edit]root@lab2# edit ?Possible completions:> chassis Chassis configuration> interfaces Interface configuration> policy-options Routing policy option configuration> protocols Routing protocol configuration> routing-options Protocol-independent routing optionconfiguration> snmp Simple Network Management Protocol> system System parameters[edit]

Moving Around the Hierarchy Use the exit command to move back to where you just were exit at the top level exits configuration mode exit configuration-mode exits no matter where you are Use the up command to move up a level Use the top command to move to the top of the hierarchy[edit protocols]root@lab2# up[edit]root@lab2# edit protocols ospf[edit protocols ospf]root@lab2# edit area 0[edit protocols ospf area 0.0.0.0]root@lab2# exit[edit protocols ospf]root@lab2# top[edit]root@lab2#

Modifying the Configuration

Use the set command to add configuration statements set command changes configuration statements if they already exist

[edit]root@lab2# set protocols ospf area 0 interface so-0/0/0 hello-interval 5[edit]root@lab2#

Modifying the Configuration Optionally move into the OSPF hierarchy and save some keystrokes[edit]root@lab2# edit protocols ospf area 0 interface so-0/0/0

[edit protocols ospf area 0 interface so-0/0/0]root@lab2# set hello-interval 5

[edit protocols ospf area 0 interface so-0/0/0]root@lab2# set retransmit-interval 10

[edit protocols ospf area 0 interface so-0/0/0]root@lab2# set metric 10

[edit protocols ospf area 0 interface so-0/0/0]root@lab2# up[edit protocols ospf area 0]

Viewing the Configuration Use the show command to see the candidateconfiguration Begins at current hierarchy level Can specify starting level Indented to match each hierarchy level

[edit protocols ospf area 0.0.0.0]root@lab2# showinterface so-0/0/0 {metric 15;retransmit-interval 10;hello-interval 5; }[edit protocols ospf area 0.0.0.0]root@lab2#

Removing Statements

[edit]root@lab2# edit protocols ospf area 0 interface so-0/0/0[edit protocols ospf area 0 interface so-0/0/0]root@lab2# delete hello-interval[edit protocols ospf area 0 interface so-0/0/0]root@lab2# delete retransmit-interval[edit protocols ospf area 0 interface so-0/0/0]root@lab2#

Activating the Configuration

Activate configuration changes using the commit command[edit]cli# commitcommit complete[edit]cli# Save checks configuration before activating it System never commits for you Only one exception: commit confirmed commit confirmed Requires second commit to confirm configuration

You can also do commit check for checking your configuration before commit

Returning to Previous Versions

Use the rollback command to restore one of the last 49 previously committed configurations

rollback and rollback 0 reset the candidate configuration to the currently running configuration, which is the last version committed

rollback 1 loads the configuration before that and so on

Saving Configuration Files

Current candidate configuration from current hierarchy leveland below can be saved to ASCII file using save command[edit]cli# save filename[edit]cli# File is saved to users home directory unless full path name is specified Filename can be URL or in user@host notation

Loading a Configuration FileConfiguration information can come from an ASCII file prepared elsewhere

Use the load command to: Override an existing configuration Merge new statements into existing configuration Replace existing statements in current configuration

Syntax load (replace | merge | override) filenameChanges candidate configuration onlyYou must commit to make active

Viewing Log Files

System keeps log files in /var/log messages file contains running commentary about systemoperation Can be tuned to provide minimal up to extensive loggingCan be viewed withshow log file-nameCan be viewed in real time withmonitor start file-nameAdditional logging can be turned on on a per-module basis specify file name withtraceoptions file file-name command specify what is to be logged withtraceoptions flag keywords command

Configuring Interfaces

Standard configuration statement hierarchyinterfaces { interface-name { Deactivate/disable at-5/2/0 it will show inactive/disable physical-properties; [] unit unit-number { logical-properties; [] } }}Configured using the set command set interface interface-name interface-propertiesAn interface can either be done inactive effectively commenting out the statementDisabling the interface or logical unit means effectively un configuring it

System Management Overview

CLI commands allow the user to monitor and perform system management tasks System management areas include:

Software version Router up time Configuration Log files Remote system reachability System software Stop and restart processes and software Manipulate files

Software Version

View software currently running: show version

No option gives detailed information of the JUNOS packages plus any other packages running on the router

brief gives information of just the JUNOS packages

detail gives detailed information of the JUNOS packages plus any other packages running on the router and any packages on the router but not running

Router Up Time Display current time and information about how long processes have been running show system uptime Example output:show system uptimeCurrent time: 1998-10-13 19:45:47 UTCSystem booted: 1998-10-12 20:51:41 UTC(22:54:06 ago)Protocols started: 1998-10-13 19:33:45 UTC(00:12:02ago)Last configured: 1998-10-13 19:33:45 UTC(00:12:02 ago)12:45PM up 22:54, 2 users, load averages: 0.07, 0.02,0.01

Configuration

View system configuration

show configuration

Test system configuration

test configuration < filename | terminal> filename is used to test a particular configuration file for syntex terminal is used to test text being typed on a particular terminal

User Account Information

View users currently logged in show system users Display permissions for the current user show cli authorization

Example permissions admin clear configure edit interface routing- Systemwide Messages

Log Files

View log files and their contents show log > < filename>

Monitor log files monitor (start | stop) filenames

Log files are generated by routing protocols or by syslog

System Software

Display information about the system memory and buffer pool usage

show system buffers

Display information about software processes that arerunning on the router

show system processes

System Software (contd) Display information about system wide protocol-related statistics show system statistics < protocol>

Display statistics about the amount of free disk space in the routers file systems show system storage

Display the state and checksum values for the files in the router file systems show system audit

Stop and Restart Processes and Software

Restart a software process restart (interface-control | mib-process |routing | snmp)

Note: never restart any of the software processes unless instructed to do so by a customer support engineer.

Adding and deleting software request system software (add | delete) filename

Stop the router software request system halt

Stop and Restart Processes and Software (contd)

Reboot the software on the router request system reboot

Display any pending system halts or reboots show system reboot

Clear any pending system halts or reboots clear system reboot

Stop and Restart Processes and Software (contd)

Back up the currently running and active file system partitions on the router request system snapshot

root (/) is backed up to /altroot/config is backed up to /altconfig

Systemwide Messages

Send a message to all users currently logged in

request message all message text

Send a message to a particular user or a particular terminal

request message message text (terminal terminal-name | user user-name)

Commands

Show chassis hardware Show chassis alarm Show Chassis environmentShow Chassis craft-interface Show Chassis firmware Show chassis fpcShow chassis fpc detail 0Show chassis fpc pic-statusShow chassis routing-engineShow system processes extensiveShow system boot-messagesShow system statisticsShow system storageShow system connections.Show system uptime

Commands

Request system rebootRequest system snapshotRequest system haltShow Version.

*****The system allows you to log everything happening within the system. The messages log file is the default log file. It logs all messages from the system.But you can configure your own log files and choose exactly what information you want to go into it.Log files are useful for recording information about what is going on in the router. This is especially helpful if there are problems in the router, the logs can provide valuable troubleshooting information.The following commands give an example of how to create a log file (calledospf-log) that records all ospf related, error messages from the system:[edit]cli# edit protocols ospf[edit protocols ospf]cli# set traceoptions file ospf-logcli# set traceoptions flag errors