Sie sind auf Seite 1von 468

Operating Juniper Networks

Routers in the Enterprise

8.a

Student Guide

1194 North Mathilda Avenue
1194 North Mathilda Avenue

Sunnyvale, CA 94089 USA

408-745-2000

www.juniper.net

Course Number: EDU-JUN-OJRE

Juniper Networks, the Juniper Networks logo, NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. JUNOS and JUNOSe are trademarks of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.

Operating Juniper Networks Routers in the Enterprise Student Guide, Revision 8.a

Copyright © 2007, Juniper Networks, Inc.

All rights reserved. Printed in USA.

Revision History:

Revision 8.a—March 2007

The information in this document is current as of the date listed above.

The information in this document has been carefully verified and is believed to be accurate for software Release 8.1R2. Juniper Networks assumes no responsibilities for any inaccuracies that may appear in this document. In no event will Juniper Networks be liable for direct, indirect, special, exemplary, incidental or consequential damages resulting from any defect or omission in this document, even if advised of the possibility of such damages.

Juniper Networks reserves the right to change, modify, transfer or otherwise revise this publication without notice.

YEAR 2000 NOTICE

Juniper Networks hardware and software products do not suffer from Year 2000 problems and hence are Year 2000 compliant. The JUNOS software has no

known time-related limitations through the year 2038. However, the NTP application is known to have some difficulty in the year 2036.

SOFTWARE LICENSE

The terms and conditions for using this software are described in the software license contained in the acknowledgment to your purchase order or, to the extent

applicable, to any reseller agreement or end-user purchase agreement executed between you and Juniper Networks. By using this software, you indicate that you

understand and agree to be bound by those terms and conditions.

Generally speaking, the software license restricts the manner in which you are permitted to use the software and may contain prohibitions against certain uses.

The software license may state conditions under which the license is automatically terminated. You should consult the license for further details.

Contents

Chapter 1:

Course Introduction .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.1-1

Chapter 2:

Juniper Networks Enterprise Routers

 

.2-1

Customer Edge and Enterprise Platforms

 

.2-3

Overview of Enterprise Routing

 

2-8

Architecture and Packet

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

2-15

Interface Support and Naming.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

2-37

Field-Replaceable Units

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

2-43

Network Management Options

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

2-47

Chapter 3:

JUNOS User

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.3-1

User Interface Options

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

3-3

User Authentication and Authorization

 

3-6

Active and Candidate Configurations

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

3-15

Using the J-Web Graphical User

 

3-18

Lab 1, Parts 1–3: The J-Web Interface

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

3-35

Using the JUNOS Software Command-Line Interface

 

3-36

Lab 1, Parts 4–5: The JUNOS Software

 

3-78

Chapter 4:

Installation and Initial

 

.4-1

Installation Guidelines

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

4-3

Autoinstallation

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

4-8

Rescue and Factory-Default Configurations

 

4-19

Configuration

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

4-26

Initial Configuration Using J-Web .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

4-29

Initial Configuration Using the CLI

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

4-38

Overview of Interface Configuration

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

4-49

Configuring Interfaces Using J-Web

 

4-56

Lab 2: Initial Configuration

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

4-73

Chapter 5:

Operational Monitoring and Maintenance

 

.5-1

Monitoring Platform

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

5-3

Monitoring Interface Operation

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

5-9

Network Utilities

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

5-25

System Logging and Protocol Tracing

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

5-31

License Management

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

5-42

Maintaining JUNOS

Software

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

5-48

File System Maintenance and Password Recovery

 

5-63

Lab 3: Operational

Monitoring .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

5-71

. . . . . . . . . . . . . . . .

Contents • iii

Chapter 6:

Routing Protocols and

.6-1

Routing Tables and Route Preferences

6-3

 

Routing Policy

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

6-7

J-Web Support for Routing Protocols and Policy

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

6-16

Configuring and Monitoring Static Routing

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

6-21

. Configuring and Monitoring RIP

Interior Gateway Protocols

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

6-28

6-31

Lab 4, Parts1–3: RIP

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

6-47

Configuring and Monitoring OSPF

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

6-48

Lab 4, Parts 4–5:

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

6-72

Configuring and Monitoring Basic BGP

 

6-73

Lab 5: Static and BGP Routing

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

6-93

Chapter 7:

Adaptive

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.7-1

Overview of Adaptive Services Features and Architecture

 

7-3

Configuration and Monitoring of Packet

 

7-8

Configuration and Monitoring of Stateful

7-12

Configuration and Monitoring of

 

7-26

Configuration and Monitoring of IPSec Tunnels

 

7-37

Overview of Intrusion Detection System Capabilities

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

7-44

Overview of Flow Monitoring and Accounting

 

7-46

Overview of J-series CoS Support

 

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

7-48

Lab 6: Services

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

7-58

Appendix

A: Supported PIMs

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

A-1

Appendix

B: New

Features .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.B-1

. . . . . . . . . . . . . . . .

iv • Contents

Course Overview

This three-day course is an introductory-level, instructor-led course that focuses on installation, configuration, and operational analysis of Juniper Networks routers in the enterprise environment. OJRE introduces Juniper Networks enterprise routing platforms including both M-series and J-series models. It then focuses on router configuration using both the J-Web graphical user interface (GUI) and the JUNOS software command-line interface (CLI). Real-world configuration and operational monitoring case studies are provided for general router configuration and for RIP, static, and OSPF routing. The class also provides an overview

of common services such as IPSec VPNs and stateful firewall/NAT.

The course combines both lecture and labs, with significant time allocated for hands-on

experience with J-series platforms and JUNOS Internet software. The OJRE class is an excellent

way to prepare students for attending other offerings in the Juniper Networks training

curriculum.

Objectives

After successfully completing this course, you should be able to install, configure, and operate

J-series platforms.

Intended Audience

The primary audiences for this course are end users of J-series platforms, which include the

following:

• Network engineers;

• Support personnel;

• Reseller support; and

• Others responsible for implementing Juniper enterprise routing products.

Course Level

OJRE is an introductory-level course.

Prerequisites

The OJRE prerequisite is a basic understanding of the TCP/IP protocols.

While not required, familiarity with the command-line interface of a routing platform or UNIX

system is helpful.

.
.

Course Overview • iii

Course Agenda

Day 1

 

Chapter 1:

Course Introduction

Chapter 2:

Juniper Networks Enterprise Routers

Chapter 3:

JUNOS User Interfaces

Chapter 4:

Installation and Initial Configuration

Day 2

 

Chapter 5:

Operational Monitoring and Maintenance

Chapter 6:

Routing Protocols and Policy

Day 3

 

Chapter 7:

Adaptive Services

Chapter 6: Routing Protocols and Policy Day 3   Chapter 7: Adaptive Services iv • Course

iv • Course Agenda

Document Conventions

CLI and GUI Text

Frequently throughout this course, we refer to text that appears in a command-line interface (CLI) or a graphical user interface (GUI). To make the language of these documents easier to read, we distinguish GUI and CLI text from chapter text according to the following table.

Style

Description

Usage Example

Franklin

Normal text.

Most of what you read in the Lab

Gothic

Guide and Student Guide.

Courier

Console text:

New

• Screen captures

commit complete

• Noncommand-related

Exiting configuration

syntax

mode

Century

GUI text elements:

Select File > Open, and then click

Gothic

• Menu names

Configuration.conf in the

Filename text box.

• Text field entry

Input Text Versus Output Text

You will also frequently see cases where you must enter input text yourself. Often this will be

shown in the context of where you must enter it. We use bold style to distinguish text that is

input versus text that is simply displayed.

Style

Description

Usage Example

Normal CLI

No distinguishing variant.

Physical interface:fxp0,

 

Enabled

Normal GUI

View configuration history by

clicking Configuration > History.

CLI Input

Text that you must enter.

lab@San_Jose> show route

GUI Input

Select File > Save, and enter

config.ini in the Filename field.

Defined and Undefined Syntax Variables

Finally, this course distinguishes between regular text and syntax variables, and it also