JNR- Juniper Networks Routers

Presentation
Juniper Hardware Overview.

- Products at a Glance

- Products Comparision.

- General Router Architecture.

- Hardware Overview.
 Juniper VS Cisco

Routing task has been divided into various entities with ASIC Architecture.
whereas this feature is not being provided by Cisco

Once the configration is done, a user can call rollback to previous configuration. While this facility is
not with Cisco.
General Router Architecture

- Routing Engine
- Packet Forwarding Engine
- Relationship between Routing Engine and Packet forwarding
Engine.

Hardware Overview
- Routing Engine.
- Packet forwarding Engine.
- System Midplane.
- Flexible PIC concentrator ( FPC)
- Physical interface Card.
- System Control Board.
 Routing Engine RT FT JUNOS
CLI Software

fxp1/bcm0
Packet Forwarding Engine

FT
Packets Out
Packets In
Routing Engine maintains routing table (RT) and primary copy of forwarding table (FT)
All M-series and T-series platforms share the same basic design philosophy
Clean separation of control and forwarding
Packet Forwarding Engine receives FT from Routing Engine
Packet forwarding Engine

Forwards the packets through the router . It is a high Performance switch

That is capable of forwarding up to 160 Mpps.

Routing Engine

Performs the routing updates and system management.it consists of routing

protocol software processes running inside a protected environment on a
General-purpose computer platform with a direct 100 Mbps connection to
the packet forwarding engine.
Routing Engine Overview.
JUNOS Software resides in the flash memory.
- Backup copy available on the Hard drive
Provides routing Protocol intelligence to the packet forwarding Engine

- Not directly involved with packet forwarding

- Runs various routing protocols.

Implements command-line interface ( CLI )

Manages Packet forwarding Engine

Packet forwarding Engine Components.
Physical interface card ( PIC )
Provides physical layer interface and signaling.
Flexible PIC concentrator ( FPC )
Carrier that accepts physical interface cards ( PIC )
System Midplane

Control
- AXI 520-1 and 520-2 Forward Engine Board ( FEB)
- Combined FPC and Control Board.
- AXI 520-4 System switching Board (SSB)
- AXI 520 System Control Board ( SBM )
FPCs are hot insertable and hot removable Each FPC is mounted on a card
Carrier . When you remove an FPC and install a new one , the backplane flushes
The entire system memory pool before the new card is brought online, a process
That takes about 100 milliseconds.

Each FPC hold 4 PIC

FPCs connect to the PICs to the rest of the packet forwarding Engine so that
incoming packets can be forwarded across the backplane to the appropriate
destination port.
Architecture of FPC and PIC
connection
Physical
Interface

Switch Fabric
Card (PIC)

Memory
PIC

PIC
ASIC

PIC
FPC
Standard Interfaces - Individual Ports

Individual ports are uniquely identified

Port location based on:
FPC slot number
PIC slot number within FPC
Port number within PIC
Interface port type names:
at - ATM over SONET/SDH ports
so - SONET/SDH ports
t3 - DS-3 ports
ge - Gigabit Ethernet ports
ip - IP-IP tunneled ports
gr - GRE tunneled ports

For example e1-0/1/2.0 or fe-3/2/0.0 etc

PIC
PIC support from 0 to 3 physical ports
- Some PICs support channelized options.

- Tunnel PIC and Multilink PIC do not have any ports.

- Each port have LED status.

In case of the PIC first offline the PIC

Show chassis fpc pic status

Request chassis pic offline fpc-slot 2 pic-slot 3

Example of PICs 4 port Fast Ethernet , 2 port ATM OC-3 etc

PIC Slot Numbers and Port Numbers

For the AXI 520 router, the four PIC

slots are numbered from 0 through 3,
From the top of the FPC to the bottom.
The PIC slots are printed on the FPC
Carrier board. For PICs that occupy
more than one PIC slot, the lower or lowest
slot number is used.

The number of ports varies, depending

on the PIC. The ports are numbered
FPC 0-7 from top to bottom and from right to
Left to right left. The port numbers are also printed on
the front of the PIC.

PICs 03
(Top to bottom)
Access Routers Management Ports
Console
- Db9 EIA-232 @ 9600Bps,8/N/1 (preconfigured)
Management port, using Telnet ,SSH
-Requires Configuration
M5 and M10 / AXI-520-1 and AXI520-2 Connector

- Management Ethernet
- Provides access to router from administrative network.
- Can not login as root directly.

- Console
- Provides the direct access to JUNOS software.
- Can login as root.

- Auxiliary console.
Provides modem access to JUNOS software
 M-series and T-series Product Line

M160 M5/M10
Router Routers

M40
Router M20
Router

Forwarding
Performance
per Rack Inch
...
Sep. 1998 Dec. 1999 March 2000 Sep. 2000
 M-series and T-series Product Line
T320 Router M7i
M40e M320
Router
T640 Internet
Routing Node M10i

A Continuing History
... of Rapid Innovation

Dec. 2001 Feb. 2002 August 2002 Sept. 2003 Feb. 2004
Products at a Glance
M5 ---- AXI-520-1 --- No Redundancy on Routing Eng.

M10 ---- AXI-520-2 --- No Redundancy on Routing Eng.

M20 ---- AXI-520-4

M40 ---- AXI-520 --- No Redundancy on Routing Eng.

M160 --- AXI-580

- Based on common ASIC Technology

- Common JunOS Software
- Common Architecture
- Main Difference between routers is throughput ,size,No of physical ports
PIC s/Chassis
M5 / AXI-520-1

- This router has No Redundancy on Routing Engine

- Supports 4 PICs per Chassis

- Aggregate throughput of 5+ Gbps.

M10 / AXI-520-2

- This router has No Redundancy on Routing Engine

- Supports 8 PICs per Chassis

- Aggregate throughput of 10+ Gbps

 M-series ASICs
Internet Forwarding
M-series System Board Processor II Table
(For example, SSB, SFM)

Buffer Buffer
Manager 1 Manager 2

FPC I/O M I/O M I/O M

E E E
Manager M Manager M Manager M

PIC I/O PIC I/O PIC I/O PIC I/O

Manager Manager Manager Manager
PICs
PIC I/O PIC I/O PIC I/O PIC I/O
Manager Manager Manager Manager
JUNOS
JUNOS Internet software runs on the routing engine
Consists of the Following.
- JUNOS Kernel.
- Routing Protocol Process.
- Interface process.
- Chassis Process.
- SNMP process.
- Management Process.
- Command line interface process.

The software consists of a series of processes that handle the router s Management processes

JUNOS is a Multi Module design and each process runs in a separate memory Space, It resides in
the RE, Which runs on the Intel based PCI platform.Routing Engine has a dedicated 100 Mbps
Internal connection to PFE. If one process dies that another is not affected (S M Space)
Routing protocol process
Core Functions.
- Controls routing protocols running on the router.
- starts all configured protocols.
- Handles all routing messages.
- Maintains routing tables.
- implement routing policy.

Chassis process
- chassis daemon ( Chassisd ) allows you to configure and control
the properties of the router.
- Conditions that trigger alarms.
- clock sources.
- Communicates directly with Chassis daemon in PFE.
SNMP process
Simple Network Management protocol ( SNMP )
Master Agent and various subagents (snmpd)
- Support SNMP V1 and V2

Management process
- Management process (mgd) is responsible for CLI

- Configuration Access to System.

- Manages the CLI
- CLI is client of MGD.
Command line Interface
Command line interface ( CLI ) is the primary interface to

- Configure the JUNOS software .

- Monitor and trouble shoot the software , network connectivity

and router hardware.
Overview of the CLI
Universal access to router using
Console
Management port, using Telnet, SSH, RADIUS.

User authentication using login name and password

Users have individual accounts
Per-user command class permissions
Line editor with command history
Context-sensitive help
Command completion
UNIX style pipes

Basically there are two modes one is operational mode and another is configuration mode .
Overview of the CLI (cont.)
Configure
Object-based hierarchy
commit changes when done
rollback if necessary
load or save configuration files

Monitor or view information

show command

Troubleshoot
traceroute command
ping command
monitor command
Operational Mode Commands
- Show
- Request
- restart
- ping
- traceroute
- clear
- monitor
- test
- file
- telnet
- set
- start
- quit
 CLI Operational Mode
Commands are executed (mainly) from default CLI level (user@host>)

-Can be executed from configuration Mode with run command.

-Hierarchy of commands.
Initial Configuration
- Root account
- Root is the only predefined account
- Root password is not set at a factory
- use console to configure root password
- Host name
- Management interface IP and prefix length.
- Default router IP address.
- Domain name and DNS Server address

Login as root and then give the command

# cli For coming to command line interface .

- Enter configuration mode using edit or configure
- Set the root password
Plain text password
- Set the router name
{edit }
root@ancd# set system host-name lab2
- Commit changes so far.
{edit }
root@lab2# commit check
root@ancd# commit
root@ancd# commit sync If more than one RE
- Set Management Ethernet IP
{edit }
root@lab2# set interface fxp0 unit 0 family inet <address> /prefix-length
- Set default route
{edit }
root@lab2# set routing-options static route default next-hope
gateway address> /prefix-length
- Set name Server address
- {edit }
root@lab2# set system name-server ns-address
- Set Remote access
{edit }
root@lab2# set system service ssh
- Set User accounts.

- Create VRFs and their routes.

- Create physical interfaces like ethernet and WAN interfaces

Editing Lines
Command completion saves typing
Type the minimum characters required and press space or
tab key
Completion Example
root@lab2> sh<space>ow i<space>
'i' is ambiguous.
Possible completions:
igmp Show information about IGMP
interfaces Show interface information
isis Show information about IS-IS
root@lab2> show i
Interpreting Output - Invalid String
Error messages
^ displayed under error
Message indicates type of error
Example
[edit]
root@lab2# load config-file<Enter>
^
syntax error, expecting merge, override, or
replace.
root@lab2>
Getting Help
Type ? anywhere on command line
Help depends on where you are
Beginning of line
Shows help for top level of hierarchy
End of command
Shows help for next level in hierarchy
Middle of command
Shows list of matching commands at current level in hierarchy
help apropos <string>
Getting Help: Examples
List all available commands
root@lab2> ?
Possible completions:
clear Clear information in the system
configure Manipulate software configuration information
Copy Copy files
monitor Real-time debugging
ping Ping a remote target
quit Exit the management session
request Make system-level requests
restart Restart a software process
set Set information about the system
show Show information about the system
ssh Open a secure shell to another host
start Start a software process
telnet Telnet to another host
test Diagnostic debugging commands
traceroute Trace the route to a remote host
Configuring the Router Overview
CLI has separate configuration mode

You edit a copy of current configuration called the candidate configuration

Changes you make are visible to other CLI users
Changes they make might conflict with your changes

Changes do not take effect until you commit them

When committed, candidate configuration becomes active and a new

candidate is created
Path where configuration files are stored
Last 3 configuration are stored in /config/juniper.conf
--- resides on the solid-state flash disk
--- May be recovered with rollback 1
--- Active configuration is always juniper.conf
--- Second latest is named as juniper.conf.1

Rest 46 are stored in /var/db/config

A Maximum of 50 configurations can be stored.

Entering Configuration Mode
Type configure or edit at the CLI prompt
root@lab2> configure
entering configuration mode
[edit]
root@lab2#

To allow a single user to edit the configuration type configure exclusive

In the edit mode if you changed and did not commit and want to check the
changes made (only in M and T series Routers)
# Show | compare /config/juniper.conf
# Show | compare rollback 0

To run the operational mode commands at configuration mode start commands

With run (only in M and T series Routers)
Configuration Operations

Add and modify configuration statements

edit, set, rename, and insert commands
Display current configuration
show command
Save, validate, and a complete configuration
commit command activate
Return to previously saved configuration
rollback command
Remove configuration statements
delete command
Configuration Basics
Move around statement hierarchy using edit command
Like UNIX cd command

Alter configuration using set command

Activate configuration using commit command

Moving Around the Hierarchy

Similar to UNIX/Windowsstyle directories

Configuration statements organized as a tree
Least specific configuration topics appear at the base of tree
chassis
interfaces
policy-options
protocols
routing-options
snmp
system
Moving Around the Hierarchy
Use the edit command to focus your attention on a particular part of the hierarchy
[edit]
root@lab2# edit protocols
[edit protocols]
root@lab2# edit
Possible completions:
> bgp BGP options
> dvmrp DVMRP options
> igmp IGMP options
> isis IS-IS configuration
> mpls Multiprotocol label switching options
> ospf OSPF configuration
> pim PIM options
> router-discovery ICMP router discovery options
> rsvp RSVP options
> sap Session Advertisement Protocol options
[edit protocols]
root@lab2#
Moving Around the Hierarchy
The question mark is your friend
[edit]
root@lab2# edit ?
Possible completions:
> chassis Chassis configuration
> interfaces Interface configuration
> policy-options Routing policy option configuration
> protocols Routing protocol configuration
> routing-options Protocol-independent routing option
configuration
> snmp Simple Network Management Protocol
> system System parameters
[edit]
Moving Around the Hierarchy
Use the exit command to move back to where you just were
exit at the top level exits configuration mode
exit configuration-mode exits no matter where you are
Use the up command to move up a level
Use the top command to move to the top of the hierarchy
[edit protocols]
root@lab2# up
[edit]
root@lab2# edit protocols ospf
[edit protocols ospf]
root@lab2# edit area 0
[edit protocols ospf area 0.0.0.0]
root@lab2# exit
[edit protocols ospf]
root@lab2# top
[edit]
root@lab2#
Modifying the Configuration
Use the set command to add configuration statements
set command changes configuration statements if they already exist

[edit]
root@lab2# set protocols ospf area 0 interface so-0/0/0 hello-interval 5
[edit]
root@lab2#
Modifying the Configuration
Optionally move into the OSPF hierarchy and save some keystrokes
[edit]
root@lab2# edit protocols ospf area 0 interface so-0/0/0

[edit protocols ospf area 0 interface so-0/0/0]

root@lab2# set hello-interval 5

[edit protocols ospf area 0 interface so-0/0/0]

root@lab2# set retransmit-interval 10

[edit protocols ospf area 0 interface so-0/0/0]

root@lab2# set metric 10

[edit protocols ospf area 0 interface so-0/0/0]

root@lab2# up
[edit protocols ospf area 0]
Viewing the Configuration
Use the show command to see the candidate
configuration
Begins at current hierarchy level
Can specify starting level
Indented to match each hierarchy level

[edit protocols ospf area 0.0.0.0]

root@lab2# show
interface so-0/0/0 {
metric 15;
retransmit-interval 10;
hello-interval 5;
}
[edit protocols ospf area 0.0.0.0]
root@lab2#
Removing Statements
[edit]
root@lab2# edit protocols ospf area 0 interface so-0/0/0
[edit protocols ospf area 0 interface so-0/0/0]
root@lab2# delete hello-interval
[edit protocols ospf area 0 interface so-0/0/0]
root@lab2# delete retransmit-interval
[edit protocols ospf area 0 interface so-0/0/0]
root@lab2#
Activating the Configuration
Activate configuration changes using the commit command
[edit]
cli# commit
commit complete
[edit]
cli#
Save checks configuration before activating it
System never commits for you
Only one exception: commit confirmed
commit confirmed
Requires second commit to confirm configuration

You can also do commit check for checking your configuration before commit
Returning to Previous Versions

Use the rollback command to restore one of the last 49 previously committed
configurations

rollback and rollback 0 reset the candidate configuration to the currently

running configuration, which is the last version committed

rollback 1 loads the configuration before that and so on

Saving Configuration Files
Current candidate configuration from current hierarchy level
and below can be saved to ASCII file using save command
[edit]
cli# save filename
[edit]
cli#
File is saved to users home directory unless full path name is specified
Filename can be URL or in user@host notation
Loading a Configuration File
Configuration information can come from an ASCII file prepared elsewhere

Use the load command to:

Override an existing configuration
Merge new statements into existing configuration
Replace existing statements in current configuration

Syntax
load (replace | merge | override) filename
Changes candidate configuration only
You must commit to make active
Viewing Log Files
System keeps log files in /var/log
messages file contains running commentary about system
operation
Can be tuned to provide minimal up to extensive logging
Can be viewed with
show log file-name
Can be viewed in real time with
monitor start file-name
Additional logging can be turned on on a per-module basis
specify file name with
traceoptions file file-name command
specify what is to be logged with
traceoptions flag keywords command
Configuring Interfaces
Standard configuration statement hierarchy
interfaces {
interface-name { Deactivate/disable at-5/2/0 it will show inactive/disable
physical-properties;
[]
unit unit-number {
logical-properties;
[]
}
}
}
Configured using the set command
set interface interface-name interface-properties
-An interface can either be done inactive effectively commenting out the statement
-Disabling the interface or logical unit means effectively un configuring it
System Management Overview

CLI commands allow the user to monitor and perform system management tasks
System management areas include:

Software version
Router up time
Configuration
Log files
Remote system reachability
System software
Stop and restart processes and software
Manipulate files
Software Version

View software currently running:

show version <brief | detail>

No option gives detailed information of the JUNOS packages plus any other
packages running on the router

brief gives information of just the JUNOS packages

detail gives detailed information of the JUNOS packages plus any other packages
running on the router and any packages on the router but not running
Router Up Time
Display current time and information about how long processes have been
running
show system uptime
Example output:
show system uptime
Current time: 1998-10-13 19:45:47 UTC
System booted: 1998-10-12 20:51:41 UTC(22:54:06 ago)
Protocols started: 1998-10-13 19:33:45 UTC(00:12:02
ago)
Last configured: 1998-10-13 19:33:45 UTC(00:12:02 ago)
12:45PM up 22:54, 2 users, load averages: 0.07, 0.02,
0.01
Configuration

View system configuration

show configuration

Test system configuration

test configuration < filename | terminal>

filename is used to test a particular configuration file for syntex
terminal is used to test text being typed on a particular terminal
User Account Information

View users currently logged in

show system users <noresolve>
Display permissions for the current user
show cli authorization

Example permissions
admin
clear
configure
edit
interface
routing
- Systemwide Messages
Log Files
View log files and their contents
show log <user < user-name>> < filename>

Monitor log files

monitor (start | stop) filenames

Log files are generated by routing protocols or by syslog

System Software
Display information about the system memory and buffer pool usage

show system buffers

Display information about software processes that are

running on the router

show system processes <wide> <brief | detail | extensive | summary>

System Software (contd)

Display information about system wide protocol-related statistics

show system statistics < protocol>

Display statistics about the amount of free disk space in the routers file systems
show system storage

Display the state and checksum values for the files in the router file systems
show system audit <root-only>
Stop and Restart Processes and Software

Restart a software process

restart (interface-control | mib-process |routing | snmp) <soft>

Note: never restart any of the software processes unless instructed to do so by a

customer support engineer.

Adding and deleting software

request system software (add | delete) filename <force>

Stop the router software

request system halt <at time> <in minutes> <message text>
Stop and Restart Processes and Software (contd)

Reboot the software on the router

request system reboot <at time> <in minutes> <message text>

Display any pending system halts or reboots

show system reboot

Clear any pending system halts or reboots

clear system reboot
Stop and Restart Processes and Software (contd)
Back up the currently running and active file system partitions on the router
request system snapshot

root (/) is backed up to /altroot

/config is backed up to /altconfig
Systemwide Messages

Send a message to all users currently logged in

request message all message text

Send a message to a particular user or a particular terminal

request message message text (terminal terminal-name | user user-name)

Commands

Show chassis hardware

Show chassis alarm
Show Chassis environment
Show Chassis craft-interface
Show Chassis firmware
Show chassis fpc
Show chassis fpc detail 0
Show chassis fpc pic-status
Show chassis routing-engine
Show system processes extensive
Show system boot-messages
Show system statistics
Show system storage
Show system connections.
Show system uptime
Commands

Request system reboot

Request system snapshot
Request system halt
Show Version.