JNCISJuniper Networks Certified Internet Specialist
Study Guide
by Joseph M. Soricelli
This book was originally developed by Juniper Networks Inc. in conjunction with Sybex Inc. It is being offered in electronic format because the original book (ISBN: 0-7821-4072-6) is now out of print. Every effort has been made to remove the original publisher's name and references to the original bound book and its accompanying CD. The original paper book may still be available in used book stores or by contacting, John Wiley & Sons, Publishers. www.wiley.com.
Copyright 2004-6 by Juniper Networks Inc. All rights reserved.
This publication may be used in assisting students to prepare for a Juniper JNCIS exam but Juniper Networks cannot warrant that use of this publication will ensure passing the relevant exam.
This book is dedicated to my wife, Christine, whose patience and love has allowed
me to pursue those things in my life that interest me. In addition, my family and
friends have provided encouragement beyond words that have helped me accomplish
numerous things in my life.
4072cFM.fm Page vii Sunday, March 28, 2004 4:33 PM
Acknowledgments
There are numerous people who deserve a round of thanks for assisting with this book. I would first like to thank Jason Rogan and Patrick Ames, who got this project started and kept it going through thick and thin. I would also like to thank Colleen Strand, Leslie Light, Liz Welch, and Maureen Adams at Sybex. Without their assistance and guidance, this book would still be a figment of my imagination. A very large thank-you goes out to the technical editors, Steven Wong and Doug Marschke. Both of them worked very hard to make this book as accu-rate and complete as possible.
I would be remiss without acknowledging the colleagues and cohorts Ive known and met throughout the years. You all know who you are, but Ill name just few: Terry, Pete, John, Renee, Noel, Chris, Jim, Dante, Matt, Sush, Terence, Andy, Jeff, Chris, Rajah, Colby, Wayne, Jamie, Dave, Jeff, and Trey.
Finally, a special thank-you belongs to all of the folks at Juniper Networks. The ES crew (Matt, Todd, Jason, Harry, Doug, Will), the PS crew (Gary, Drew, Pete, Eural, Ken, John, Taher, Tom, Steve, Bob, Glenn), the JTAC crew (Mark, Scott, Jim, Sunny, Derek, Alex, Siew, Robert, Steven), and others (Mary, Susan, Sheila, Chris, Andrew, Dennis, Alan) have made Juniper an organization that I feel truly blessed to belong to.
4072cFM.fm Page viii Sunday, March 28, 2004 4:33 PM
Contents at a Glance
Introduction xv
Assessment Test xxvii
Chapter 1
Routing Policy 1
Chapter 2
Open Shortest Path First 71
Chapter 3
Intermediate System to Intermediate System (IS-IS) 161
Chapter 4
Border Gateway Protocol (BGP) 257
Chapter 5
Advanced Border Gateway Protocol (BGP) 317
Chapter 6
Multicast 397
Chapter 7
Multiprotocol Label Switching (MPLS) 455
Chapter 8
Advanced MPLS 529
Chapter 9
Layer 2 and Layer 3 Virtual Private Networks 605
Glossary
685
Index 731
Bonus Chapters
Chapter A
Class of Service
Chapter B
Security
Chapter C
IP version 6
4072cFM.fm Page ix Sunday, March 28, 2004 4:33 PM
Contents
Introduction xv
Assessment Test xxvii
Chapter 1 Routing Policy 1
Routing Policy Processing 2Policy Chains 2Policy Subroutines 9Prefix Lists 16Policy Expressions 18
Communities 27Regular Communities 27Extended Communities 42Regular Expressions 47
Autonomous System Paths 56Regular Expressions 56Locating Routes 59
Summary 64Exam Essentials 64Review Questions 66Answers to Review Questions 69
Chapter 2 Open Shortest Path First 71
Link-State Advertisements 72The Common LSA Header 72The Router LSA 74The Network LSA 79The Network Summary LSA 80The ASBR Summary LSA 85The AS External LSA 88The NSSA External LSA 89The Opaque LSA 93
The Link-State Database 94Database Integrity 94The Shortest Path First Algorithm 95
Configuration Options 101Graceful Restart 101Authentication 105Interface Metrics 109Virtual Links 115
Stub Areas 127
4072cFM.fm Page x Sunday, March 28, 2004 4:33 PM
Contents
x
Configuring a Stub Area 129Configuring a Totally Stubby Area 134
Not-So-Stubby Areas 136Address Summarization 142
Area Route Summarization 142NSSA Route Summarization 151
Summary 154Exam Essentials 154Review Questions 156Answers to Review Questions 159
Chapter 3 Intermediate System to Intermediate System (IS-IS) 161
IS-IS TLV Details 162Area Address TLV 163IS Reachability TLV 165IS Neighbors TLV 168Padding TLV 169LSP Entry TLV 170Authentication TLV 172Checksum TLV 174Extended IS Reachability TLV 175IP Internal Reachability TLV 177Protocols Supported TLV 179IP External Reachability TLV 180IP Interface Address TLV 182Traffic Engineering IP Router ID TLV 183Extended IP Reachability TLV 184Dynamic Host Name TLV 186Graceful Restart TLV 187Point-to-Point Adjacency State TLV 188
Link-State Database 191Database Integrity 191Shortest Path First Algorithm 192IS-IS Areas and Levels 193
Configuration Options 196Graceful Restart 197Authentication 200Interface Metrics 207Wide Metrics 211Mesh Groups 216Overload Bit 218
Multilevel IS-IS 223Internal Route Default Operation 223
4072cFM.fm Page xi Sunday, March 28, 2004 4:33 PM
xii
Contents
External Route Default Operation 230Route Leaking 235
Address Summarization 242Internal Level 1 Routes 243External Level 1 Routes 246Level 2 Route Summarization 248
Summary 251Exam Essentials 251Review Questions 253Answers to Review Questions 255
Chapter 4 Border Gateway Protocol (BGP) 257
The BGP Update Message 258BGP Attributes 260
Origin 261AS Path 262Next Hop 263Multiple Exit Discriminator 264Local Preference 264Atomic Aggregate 265Aggregator 266Community 267Originator ID 271Cluster List 272Multiprotocol Reachable NLRI 273Multiprotocol Unreachable NLRI 274Extended Community 274
Selecting BGP Routes 276The Decision Algorithm 276Verifying the Algorithm Outcome 278Skipping Algorithm Steps 280
Configuration Options 283Multihop BGP 283BGP Load Balancing 285Graceful Restart 287Authentication 292Avoiding Connection Collisions 293Establishing Prefix Limits 296Route Damping 301
Summary 312Exam Essentials 312Review Questions 314Answers to Review Questions 316
4072cFM.fm Page xii Sunday, March 28, 2004 4:33 PM
Contents
xiii
Chapter 5 Advanced Border Gateway Protocol (BGP) 317
Modifying BGP Attributes 318Origin 318AS Path 322Multiple Exit Discriminator 336Local Preference 349
IBGP Scaling Methods 353Route Reflection 354Confederations 371
Using Multiprotocol BGP 380Internet Protocol Version 4 381Layer 2 Virtual Private Networks 388
Summary 391Exam Essentials 392Review Questions 393Answers to Review Questions 395
Chapter 6 Multicast 397
PIM Rendezvous Points 398Static Configuration 398Auto-RP 406Bootstrap Routing 411
The Multicast Source Discovery Protocol 417Operational Theory 417Mesh Groups 419Peer-RPF Flooding 419Anycast RP 420Inter-Domain MSDP 427
Reverse Path Forwarding 431Creating a New RPF Table 432Using an Alternate RPF Table 447
Summary 448Exam Essentials 449Review Questions 451Answers to Review Questions 454
Chapter 7 Multiprotocol Label Switching (MPLS) 455
Signaling Protocols 456Resource Reservation Protocol 456The Label Distribution Protocol 499
Summary 523Exam Essentials 524Review Questions 525Answers to Review Questions 527
4072cFM.fm Page xiii Sunday, March 28, 2004 4:33 PM
x
Contents
Chapter 8 Advanced MPLS 529
Constrained Shortest Path First 530Using the Traffic Engineering Database 530CSPF Algorithm Steps 538
LSP Traffic Protection 554Primary LSP Paths 555Secondary LSP Paths 556Fast Reroute 571
Controlling LSP Behavior 583Adaptive Mode 584Explicit Null Advertisements 586Controlling Time-to-Live 588LSP and Routing Protocol Interactions 591
Summary 599Exam Essentials 600Review Questions 601Answers to Review Questions 603
Chapter 9 Layer 2 and Layer 3 Virtual Private Networks 605
VPN Basics 606Layer 3 VPNs 608
VPN Network Layer Reachability Information 608Route Distinguishers 611Basic Operational Concepts 613Using BGP for PE-CE Route Advertisements 622Using OSPF for PE-CE Route Advertisements 627Internet Access for VPN Customers 641
Transporting Layer 2 Frames across a Provider Network 650Layer 2 VPN 651Layer 2 Circuit 672
Summary 680Exam Essentials 681Review Questions 682Answers to Review Questions 684
Glossary
685
Index 731
Bonus Chapters
Chapter A Class of Service
Chapter B Security
Chapter C IP version 6
4072cFM.fm Page xiv Sunday, March 28, 2004 4:33 PM
Introduction
Welcome to the world of Juniper Networks. This Introduction serves as a location to pass on to you some pertinent information about the Juniper Networks Technical Certification Program. In addition, youll learn how the book itself is laid out and what it contains. Also, well review what you should already know before you start reading this book.
Juniper Networks Technical Certification Program
The Juniper Networks Technical Certification Program (JNTCP) consists of two platform-specific, multitiered tracks. Each exam track allows participants to demonstrate their compe-tence with Juniper Networks technology through a combination of written proficiency and hands-on configuration exams. Successful candidates demonstrate a thorough unde