[go: up one dir, main page]

0% found this document useful (0 votes)
984 views117 pages

Junos Fundementals

Junos is the network operating system that runs an increasing spectrum of the Juniper portfolio product, ranging from switches, to routers, and to firewall products. It is what sets Juniper apart as a strategic portfolio vendor. This course is designed to share with you the highlights of the Junos advantages, focusing on its key differences and ease of operation.

Uploaded by

Scramble 69
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
984 views117 pages

Junos Fundementals

Junos is the network operating system that runs an increasing spectrum of the Juniper portfolio product, ranging from switches, to routers, and to firewall products. It is what sets Juniper apart as a strategic portfolio vendor. This course is designed to share with you the highlights of the Junos advantages, focusing on its key differences and ease of operation.

Uploaded by

Scramble 69
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 117

Junos Operating System Highlights

Slide 1

Juniper Networks Sales Education The new network is here.

2009 Juniper Networks, Inc. All rights reserved. | www.juniper.net | Proprietary and Confidential

SSFJUN01B

Juniper Networks, Inc.

Junos Operating System Highlights

Slide 2

JUNOS OPERATING SYSTEM HIGHLIGHTS

2009 Juniper Networks, Inc. All rights reserved. | www.juniper.net | Proprietary and Confidential

Welcome to Junos operating system user highlights. Junos is the network operating system that runs an increasing spectrum of the Juniper portfolio product, ranging from switches, to routers, and to firewall products. It is what sets Juniper apart as a strategic portfolio vendor.

SSFJUN01B

Juniper Networks, Inc.

Junos Operating System Highlights

Slide 3

Introduction
The Junos operating system is a single network operating system integrating routing, switching, security, and services Junos OS delivers the power of one operating system to run highperformance networking infrastructure The Junos OS command-line interface offers specialized features to save time for users and prevent downtime in the network Juniper offers customers the training, tools, and services needed to make the adoption of Junos OS simple and safe

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 3

Much of the value, the savings, and the streamlining of operations of our products and solutions are delivered by the Junos operating system. With the limited amount of time that you have to talk to customers and get their interest, its important to understand how the operating system works, how customers use it, and how you can help to ease its adoption into their own infrastructure. When we talk about Junos, we talk about the Junos advantage offered by the Power of One operating system. This course is designed to share with you the highlights of the Junos advantages, focusing on its key differences and ease of operation that would aid to lower your customers operating costs. The course provides operational and configurational commands, illustrating the power of Junos and its ease of use.

SSFJUN01B

Juniper Networks, Inc.

Junos Operating System Highlights

Slide 4

Junos OS: The Power of One Operating System


Deployed since 1998 First high-performance network operating system Over a decade of innovation and development Runs routing, switching and security platforms Reduces complexity, achieves operational excellence Evolutionary architecture expands to new services and extends to new platforms for tomorrow Serving the most demanding customers Top 100 service providers High-performance enterprise and public sector customers

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 4

The year 2008 marked the 10th Anniversary of the Junos OS. Junos is the one operating system that spans Juniper routing, switching and security products. Among many other achievements, Juniper has consistently delivered a new Junos OS release 4 times a year, on or before scheduled release dates. This steady rate of innovation has enabled Juniper to extend the software to many new platforms while also expanding its set of services. The result: Junos has experienced tremendous market success, capturing a significant portion of its available market in just 10 years, while serving the most demanding customers in the world, including the: Top 100 service providers, and Many high-performance enterprise and public sector accounts

SSFJUN01B

Juniper Networks, Inc.

Junos Operating System Highlights

Slide 5

Evolution of One OS
10 Years+ On Time 9.3
4Q08

Market Ready Platforms 9.5


Routing 2Q09 + Switching + Security
30 EX Series 27 24 21

9.4
1Q09

Platform Curve

Rich Services Integration


4Q 1Q 2Q 2006 2007 3Q 4Q 1Q 2Q 2008

18 Market Innovation
3Q 4Q 1Q 2Q 15 2009 | Virtualization for new core scalability 2009 2008 | 100+ Gbps Firewall 12 2008 | Advanced Insight Solutions 2008 | Hardware-virtualized router 2008 | NGN Multicast VPN 2008 | Virtual Chassis switching solution 2007 | Open to outside development 2007 | Unified ISSU

SRX Series

Intelligent Services Edge

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 5

A closing thought on one operating system is its ability to evolve to meet new marketplace needs. Can your customers tell you what theyll need in five years? How about three? Even if you ask them about one year I suspect they are not able to accurately predict. So, by having one operating system, to which can be added new functionality, really gives customers protection of investment. They can purchase their hardware platforms and know that the software will bring them new functionality and new services and that Juniper has been doing this for ten years, quarter after quarter delivering new releases of the software, on time. Whenever we introduce new platforms to integrate into their systems, theyre based on a mature operating system thats ready to go and able to richly integrate new services such as the recent release of the SRX Series and continue to innovate in the marketplace, bringing additional firsts in high performance, additional firsts in support such as Advanced Insight Solutions and bring all of this into an expanding portfolio. In just the last two years, Juniper has more than doubled the number of platforms that run Junos.

SSFJUN01B

Juniper Networks, Inc.

Junos Operating System Highlights

Slide 6

Junos OS Separate Control and Forwarding


Supports scale for highperformance Assures performance of each plane Enhances resiliency Provides options for redundancy
Control Plane

Routing Engine

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

Data Plane

Packet Forwarding Engine


SSFJUN01B www.juniper.net | 6

Lets review some of the architecture highlights whats different in the design. From the beginning the engineers decided to separate the functions of control and forwarding. Ask yourself a question what do routers do for living? They determine the path and then, once they know the next hop, they switch packets. So, it makes complete logical sense to separate the function of path determination, or control, from the function switching, or packet forwarding. Think of control as the brains of the system. Its really what runs the protocols. The forwarding is where the packet handling happens. Its the brawn of the system. Its whats responsible for the high throughput taking packets, inspecting them, and moving them on quickly down the network. So, if youre not a software engineer, why do you care about this? Well, the bottom line here is - dedicated resources means high resiliency, which gives you that incredibly high availability that carriers rely on. So, again, carrier class is what weve got.

SSFJUN01B

Juniper Networks, Inc.

Junos Operating System Highlights

Slide 7

Junos OS Modular Architecture


Independent modules
Protected Memory for stability
No overwrites

Control Plane

Management

Contain faults and enable rapid isolation Well-defined interfaces for expansion of functions/ platforms

Interfaces

Kernel
Controls the modules Manages communication between the modules and to the PFE

...

Kernel

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

Module n

Routing

SSFJUN01B

www.juniper.net | 7

A second design element to point out about the architecture is its modularity. Here we have a diagram of the control plane and you see a group of modules responsible for different functions of the software whether it be management or routing and each of these run as independent processes, all of which are controlled by the underlying kernel. Weve got dedicated resources. Because of the modular nature of these resources, if theres a problem, say, in the routing module, it doesnt disrupt anything going on in the management or interface modules. So, small problems dont become big ones, and that leads to really high availability and, when our engineers want to add functionality, they do it in a modular fashion. We can roll out new features by building a new module and putting it into this same model you see here. Junos modular architecture allows customers to troubleshoot the problems much easier because they can isolate whats going on in the software quicker versus other systems that are just monolithic blocks of code where it is very difficult to understand whats going on.

SSFJUN01B

Juniper Networks, Inc.

Junos Operating System Highlights

Slide 8

Junos OS Services
Tailored services flexibility
Deep integration of new functionality Dedicated hardware in many platforms Create customized service chains
Scripts CLI NSM J-Web Toolkit

Open Management Interfaces


Management
Service App 1

Control Plane

Interfaces

Services Interfaces

NETCONF/XML Partner development platform

Kernel

Service App 3

Data Plane

Packet Forwarding

. . .

Physical Interfaces

Service App n

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 8

Junos modularity permits very painless addition of two additional Junos design elements that are different. First is a dedicated services plane in many platforms, such as the SRX Series Services Gateways. What this means is that Juniper engineers are able to quickly introduce and integrate new service capabilities whether it be bringing intrusion prevention, or Antivirus and have all of those services work together in an integrated fashion. The next element to add is open management interfaces. Junos offers interfaces for integrating both into our element management systems as well as some element management systems of other vendors and other operational systems.

SSFJUN01B

Services Plane

Open management and development Interfaces

...

Module n

Routing

Service App 2

Juniper Networks, Inc.

Junos Operating System Highlights

Slide 9

Junos OS
data center

routing

headquarters
switching

security

branch

campus

services

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 9

So, Junos OS, deployed in many platforms, ranging from switching to routing, to security, and encompassing multiple services is a key differential of Juniper products from any competition. The vast range of Junos OS products portfolio implies that your customers have an opportunity to position the products within any layer of their network infrastructure campus, branch, headquarters, and data centers.

SSFJUN01B

Juniper Networks, Inc.

10

Junos Operating System Highlights

Slide 10

Junos 201

2009 Juniper Networks, Inc. All rights reserved. | www.juniper.net | Proprietary and Confidential

Now, lets begin the course

SSFJUN01B

Juniper Networks, Inc.

11

Junos Operating System Highlights

Slide 11

Learning Activity 1, Question 1 Why is the Junos message important in your sales presentations?
Platforms using Junos OS are subject to greater discounts b) Junos OS is capable of running competitors routers and switches c) The higher cost of Junos OS must be justified by knowing its value d) Much of the value, savings, and streamlining of operations are delivered by Junos OS

a)

Submit Submit

Clear Clear

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 11

SSFJUN01B

Juniper Networks, Inc.

12

Junos Operating System Highlights

Slide 12

Learning Activity 1, Question 2 Junos OS runs an increasing spectrum of the Juniper Networks portfolio, including which three of the following?
a)
b) c) d)

Switches
Routers WAN Acceleration Firewall
Submit Submit Clear Clear

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 12

SSFJUN01B

Juniper Networks, Inc.

13

Junos Operating System Highlights

Slide 13

Course Objectives
On completing this course, you will be able to:
Describe the Junos OS command-line interface (CLI) Demonstrate specialized features of the Junos CLI that save time and avert downtime Describe basics of routing using Junos OS Discuss how to ease adoption of Junos OS

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 13

On completing this course, you will be able to: Describe the Junos command-line interface (CLI) Demonstrate specialized features of the Junos CLI that save time and prevent downtime Describe basics of routing using Junos Discuss how to ease adoption of Junos

SSFJUN01B

Juniper Networks, Inc.

14

Junos Operating System Highlights

Slide 14

Course Agenda
1 2 3 4 5
Introducing Junos OS CLI The Junos OS CLI Rocks Routing with Junos OS Junos OS Adoption Course Summary

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 14

This course consists of five sections, including a summary. The four main sections are provided in sequential order and are titled as follows: Introducing the Junos CLI The Junos CLI rocks Routing with Junos Junos adoption Course summary

SSFJUN01B

Juniper Networks, Inc.

15

Junos Operating System Highlights

Slide 15

Introducing the Junos OS CLI

2009 Juniper Networks, Inc. All rights reserved. | www.juniper.net | Proprietary and Confidential

Introducing the Junos CLI This section introduces the Junos command-line interface used to configure the platforms running Junos Software, monitor its operations, and adjust the configuration as needed.

SSFJUN01B

Juniper Networks, Inc.

16

Junos Operating System Highlights

Slide 16

Section Objectives
After completing this section, you will be able to:
Introduce the Junos OS CLI Understand the difference between operational mode and configuration mode Navigate the command hierarchy Use command-line shortcuts and get help

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 16

After completing this section, you will be able to: Introduce the Junos CLI Understand the difference between operational mode and configuration mode Navigate the command hierarchy Use command-line shortcuts and get help

SSFJUN01B

Juniper Networks, Inc.

17

Junos Operating System Highlights

Slide 17

Junos OS User Interface Options


1. Command-line interface
Available from the console interface
RJ-45 RS-232 @ 9600 Bps, 8/1/N (not configurable)

Available by using Telnet and SSH


Requires network interface and related service configuration

Dedicated Ethernet management port on M Series routers (fxp0) and EX Series switches (me0)
All J Series network ports support management access and transit traffic

2. Junos Web interface


A Web-based GUI Perform actions available in the command-line interface

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 17

The command-line interface (CLI) is the software interface used to access the device. One big differentiator of Junos CLI from other CLIs in the market place is that Junos provides a rich set of new tools and safeguards that can help your customers to efficiently manage their networks and maintain high uptime. The material discussed in these slides is generally applicable to any device run by Junos. You can access the CLI through either a console connection, through an out-of-band network interface, or in-band through the network. By default, only the console connection is available for use. All other connection methods require explicit configuration in the device. Another option of operating and configuring a Junos device is J-Web, a powerful web-based management interface available on Junos devices. J-Web lets you perform the actions available in the command-line interface. It provides practical tools to monitor, configure, troubleshoot, and manage your device. Generally to use J-Web, the user has to either manually enable http via the CLI, or through the LCD panel externally to launch J-Web (by default J-Web is only set up on the J Series). Additionally customers can manage platforms run by Junos with Juniper management products including NSM.

SSFJUN01B

Juniper Networks, Inc.

18

Junos Operating System Highlights

Slide 18

CLI Login
Log in with your username and password Default CLI prompt shows: username device host name

user: mike password: *******

mike@jnpr1>

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 18

To access the interface you need to connect and log in. These instructions assume that your device has already been configured with your user name and password. If youre using a brand-new device rather than one thats already been configured with your user name and password, you log in as root and press enter as your password. We use the convention of showing user input into the CLI in blue bold font

SSFJUN01B

Juniper Networks, Inc.

19

Junos Operating System Highlights

Slide 19

CLI Modes
Operational mode
Monitor and manage device operations
mike@jnpr1>

The > character identifies operational mode

Configuration mode
Configure the device and its interfaces
[edit]
mike@jnpr1#

The # character identifies configuration mode

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 19

The Junos CLI organizes its commands into two groups, known as modes: Operational mode is for managing and monitoring device operations. For example, monitor the status of the device interfaces, check chassis alarms, and upgrade and downgrade the device's operating system. Configuration mode is for configuring the device and its interfaces. This includes configuring the management console with its network settings, setting up user accounts for access to the device, specifying the security measures used to protect the device and the network, and setting up routing and switching protocols. The prompt following the device name indicates the mode as shown on the slide.

SSFJUN01B

Juniper Networks, Inc.

20

Junos Operating System Highlights

Slide 20

Hierarchical Command Structure


Logical structure organizes device features and functions
Deeper levels are more and more specific

Know where you are at, find what you want, quickly move around the interface, efficiently enter commands
Top Level Node

2nd Level Nodes


3rd Level Nodes

...
... ... ... ... ... ...

...
... ... ...

...
... ... ...
SSFJUN01B www.juniper.net | 20

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

The Junos CLI structures the activities of each mode into hierarchies. The hierarchy of each mode is made up of cascading branches of related functions commonly used together. The structured hierarchy of the command-line interface is among the first of many preferred differences that new users discover about the Junos CLI. By logically grouping activities, the Junos CLI provides a regular, consistent syntax helpful in knowing where you are at, finding what you want, quickly moving around the interface, and efficiently entering commands. The hierarchy of commands just makes everything a lot easier in both learning and then using the Junos CLI. New users regularly comment on just how logical the command-line is.

SSFJUN01B

Juniper Networks, Inc.

21

Junos Operating System Highlights

Slide 21

Operational Mode: Key Functions


Monitor and troubleshoot the device Connect to other network systems Restart software processes Enter configuration mode and exit the CLI

Display the configuration


Control the CLI environment

Perform system-level operations such as stopping and rebooting the device and loading Junos images
2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 21

The slide shows common administrative tasks completed in operational mode. Junos provides an extensive set of on-board instrumentation capabilities for gathering critical operational status, statistics, and other information. These tools deliver advance notification of issues and speed problem-solving during events. As part of your configuration setup you can specify the types of events to track, the event severity, the files in which to store the data, among other options. You can then access this information in operational mode. Juniper devices come with sufficient processing power to collect and store critical operational data, including SNMP management, system logging, and traceoptions (or debugging) that help you to understand how the box operates in normal conditions and where, when, and why changes occur.

SSFJUN01B

Juniper Networks, Inc.

22

Junos Operating System Highlights

Slide 22

Operational Mode CLI Tree

top

Less Specific
clear configure file help monitor set show etc.

chassis configuration interfaces ospf route version etc.

database interface neighbor route statistics etc.

More Specific

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 22

When you first log in to the CLI, the command-line interface is at the top level of the CLI's operational mode. This slide shows a view of the CLI's tree structure from the top of the operational mode, with an example of its cascading hierarchy through the show command. The show command is one of the most commonly used because it displays information ranging from interfaces (show interface) to hardware (show chassis) to protocols (show ospf neighbor). For the student with experience using IOS, a basic difference of Junos is that it does not use the keyword IP. So, many of the show commands you already know work if you drop this part of the command. For example, the IOS command show ip route simply becomes show route in Junos.

SSFJUN01B

Juniper Networks, Inc.

23

Junos Operating System Highlights

Slide 23

Specifying Output
mike@jnpr1> show interfaces fe-1/1/1 ? Possible completions: <[Enter]> Execute this command brief Display brief output descriptions Display interface description strings detail Display detailed output extensive Display extensive output media Display media information snmp-index SNMP index of interface statistics Display statistics and detailed output terse Display terse output

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 23

The show command includes other arguments to modify the output. This slide displays the available arguments for the show interfaces command for the fe-1/1/1 Fast Ethernet interface. The question mark (?) helps you to complete commands, enabling you to navigate through the command hierarchy without referencing a CLI manual. In fact, question mark is your best friend while operating or configuring a Junos running device. You can add these options to adjust the output listings to what you need.

SSFJUN01B

Juniper Networks, Inc.

24

Junos Operating System Highlights

Slide 24

Example: Brief and Terse


mike@jnpr1> show interfaces fe-1/1/1 brief Physical interface: fe-1/1/1 Enabled, Physic link is Down Link-level type: Ethernet, MTU: 1514, Speed: 100mbps, Loopback: Disabled, Source filtering: Disabled Flow control: Enabled Device flags: Present Running Down Interface flags: Hardware-Down SNMP-Traps Internal: Ox4000 Link flags: None

mike@jnpr1> show interfaces fe-1/1/1 terse Interface Admin Link Proto Local Remote fe-1/1/1 up up at-1/3/0.0 up up inet 1.0.0.1 --> 1.0.0.2 iso

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 24

This slide illustrates the results of adding the keywords brief and terse to the show interfaces command.

SSFJUN01B

Juniper Networks, Inc.

25

Junos Operating System Highlights

Slide 25

Switching Between Modes


Enter configuration mode from operational mode
mike@jnpr1> configure Entering configuration mode [edit] mike@jnpr1#

Enter operational mode from the top of configuration mode


[edit] mike@jnpr1# exit Exiting configuration mode mike@jnpr1>

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 25

As you monitor and configure a device, you need to switch between the operational mode and configuration mode. When you change to configuration mode the command prompt changes from > to #. To switch from operational mode to configuration mode, issue the configure command. The [edit] banner shows your location at the top level of the configuration hierarchy. To exit back to operational mode, you issue the exit command.

SSFJUN01B

Juniper Networks, Inc.

26

Junos Operating System Highlights

Slide 26

Configuration Mode CLI Tree


top

Less Specific
access chassis groups interfaces services system etc.

accounting license location ports services syslog etc.

finger

ftp

netconf

ssh

telnet

etc.

More Specific

Two types of statements


Container statements which contain other statements Leaf statements which do not contain other statements
2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 26

Configuration mode has a hierarchical structure logically grouping related configuration statements. This structure eases configuration set up, review, and changes by allowing you to more readily find and view related statements. The slide illustrates a portion of the configuration tree, with nodes such as system and interfaces at the 2nd level of the hierarchy. The configuration statement hierarchy includes two types of statements: container statements: which contain other statements, that is they have subordinate configuration levels. Each container statement represents a configuration stanza, which could include other configuration stanzas. A configuration stanza is represented by the content between curly brackets ({ and }). leaf statements: which do not contain other statements, that is they are at the end of a particular hierarchical path. Each leaf statement is located within a configuration stanza.

SSFJUN01B

Juniper Networks, Inc.

27

Junos Operating System Highlights

Slide 27

Configuration Mode Syntax


[edit] system { services { ftp; } }

Indentation of subordinate levels Container statements indicated by open and close curly brackets { }
In the example, system and services are cascading container statements

Leaf statements indicated with a semicolon ;


In the example ftp; is a leaf statement
2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 27

The command-line interface displays the hierarchy of the configuration mode through specific syntax: Indicating hierarchy by indenting each subordinate level In this example, services is a subordinate of system, and ftp is a subordinate to services. Indicating container statements by open and close curly brackets. In the example, system and services are cascading container statements. Indicating leaf statements with a semicolon. In the example, ftp; is a leaf statement. Also, speaking of configuration stanzas, system is a configuration stanza and so is services.

SSFJUN01B

Juniper Networks, Inc.

28

Junos Operating System Highlights

Slide 28

Hierarchy Flexibility
View from the top of configuration mode
[edit] system { services { ftp; } }

View from a sublevel of configuration mode


[edit system services] ftp;

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 28

The flexibility to work at a specific sublevel or stanza in the hierarchy is helpful when users want to focus on just a small portion of the configuration. For example, the two configuration statements shown for the FTP service are equal. In the first, you are looking at the statement from the root level of the hierarchy; and so the ftp; statement is shown in this listing within the system and services container statements. In the second example, you are viewing the ftp; statement from deeper level within the hierarchy. When you are in deeper levels of the hierarchy, the [edit] banner displays the entire hierarchical path. Here, the banner [edit system services] indicates a place of the hierarchy lying within services at the 3rd level, within system at the 2nd level, and within the root - first level. In this 2nd example, as you are deeper within the hierarchy. Whenever you view the configuration, the command-line only displays the ftp; statement. To determine where you are in the configuration hierarchy refer to the configuration command banner before entering configuration commands. While you can edit the configuration from the root directory, often it is easier to navigate to the area within the configuration you are changing prior to adding and removing commands.

SSFJUN01B

Juniper Networks, Inc.

29

Junos Operating System Highlights

Slide 29

Configuration Mode Commands


edit
Must know the full hierarchical path Creates new intermediate hierarchy levels if they dont yet exist in your configuration

up
Move up one level in the hierarchy To move up multiple levels, add an optional count

top
Move to the top level in the hierarchy

exit
Leave the current level of the configuration hierarchy, returning to the level prior to the last edit command If you enter exit from the top level of the configuration hierarchy, you exit configuration mode
2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 29

The edit, up, top, and exit commands let you navigate the configuration tree. Use the edit command to jump to a specific location within the candidate configuration. The configuration mode banner changes to indicate your new location in the hierarchy. You must know the full hierarchical path. If you navigate to a hierarchy location that doesnt exist in your configuration yet, the CLI will create the hierarchy level. The up command allows you to move up levels in the hierarchy. By default, you move one level. You can add a number after the command to specify how many levels to move up. The top command takes you to the first hierarchy level. The exit command returns you to the hierarchy location prior to the last edit command. If you exit this command from the top level of the configuration hierarchy, you exit configuration mode. The organized structure of the command hierarchy eases movement from one level to another within the Junos CLI.

SSFJUN01B

Juniper Networks, Inc.

30

Junos Operating System Highlights

Slide 30

CLI Shortcut Keys


Go to next in command history Go to previous in command history Go to beginning of line Down arrow or Ctrl+n Up arrow or Ctrl+p Ctrl+a

Go to end of line
Go left one character Go right one character Go forward one word Go backward one word Delete character over cursor Delete word after cursor Delete word before cursor Delete text from the cursor to end of the line Delete the line Paste the deleted text at cursor

Ctrl+e
Ctrl+b Ctrl+f Esc+f Esc+b Ctrl+d Esc+d Esc+backspace Ctrl+k Ctrl+u Ctrl+y

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 30

Fortunately for new (and experienced) users, the Junos CLI includes lots of shortcuts and ways to get help. Both configuration mode and operational mode offer options to shorten keystrokes. All standard Unix keyboard shortcuts are available to you when you are logged on to the Junos device. It may take a few days for these to become second nature; however, once you have the muscle memory, these keys can save you lots of typing time. The command-line interface stores every entered command in its command history. At any command prompt the up and down arrow keys let you scroll through this history. Re-use commands that you previously entered, or modify them as needed. Keyboard sequences can save you much time, for example, when you are configuring similar items on the device, or you are repeating operational commands, such as when you are debugging an issue.

SSFJUN01B

Juniper Networks, Inc.

31

Junos Operating System Highlights

Slide 31

Command and Variable Completion


Spacebar completes commands
[edit] mike@jnpr1# show i<space> i is ambiguous Possible completions: igmp Show Internet Group Management Protocol ike Show Interface Key Exchange Information interfaces Show Interface Information ipsec Show IP Security Information isis Show Intermediate System-to Intermediate

Tab key completes commands, filenames, and user defined variables


[edit policy-options] mike@jnpr1# show policy-statement t<tab>his-is-my-policy then accept;

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 31

The CLI provides command completion to further speed your typing in both modes. Command completion automatically finishes partially typed commands, filenames, and user names, so you dont need to recall the exact syntax of the desired input string. Command completion is a big help to new users, easing their transition to the new command-line interface. The spacebar completes most CLI commands. The tab key not only completes CLI commands, but also filenames and user-defined variables such as policy names, community names, and IP addresses. When the completion of the command or argument is ambiguous, hitting space or tab lists the possible completions.

SSFJUN01B

Juniper Networks, Inc.

32

Junos Operating System Highlights

Slide 32

Getting Help
[edit system] mike@jnpr1# set s? Possible completions: saved-core-context saved-core-files > services > static-host-mapping > syslog

Save context information for core files Number of saved core files per executable (1..64) System services Static hostname database mapping System logging facility

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 32

Query the command-line with the ? character at any level of the operational or configuration hierarchies for a list of available commands and a short description of each. Typing a partial command and the ? provides a list of all the valid ways to complete your command, as shown in this example. Using the ? in either of these ways is known as context-sensitive help in Junos lingo. For commands that require a filename as an argument, the question mark lists the files in the working directory. You can consider ? to be your best friend while navigating through Junos CLI.

SSFJUN01B

Juniper Networks, Inc.

33

Junos Operating System Highlights

Slide 33

More Help
help apropos
Displays help about a text string contained in a statement or command name

help reference
Provides assistance with configuration syntax by displaying summary information for the statement

help syslog
Displays information on specific syslog events

help tip
Provides random tips for using the CLI

help topic
Displays usage guidelines for configuration statements
2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 33

When you want more information than provided by context-sensitive help, you can turn to the Junos technical documentation on your device through the help commands. Juniper loads it on new devices and includes it as a part of new upgrade builds. When requesting help, follow each of these help commands with the string or topic for which you're seeking information. The help files are divided into major categories. You can access these files in operational mode. Use: help apropos to display help about a text string contained in a statement or command name help reference to provide assistance with configuration syntax by displaying summary information for the statement help syslog to display information on specific syslog events help tip to provide random tips for using the CLI help topic to display usage guidelines for configuration statements

SSFJUN01B

Juniper Networks, Inc.

34

Junos Operating System Highlights

Slide 34

Logging out

[edit protocols ospf] mike@jnpr1# exit configuration-mode Exiting configuration mode mike@jnpr1> exit logout Connection closed by foreign host.

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 34

When it's time to take a break, you must be in operational mode to log out completely from the device. So, if you are in configuration mode use the exit configuration-mode command to enter operational mode. Then, you can completely exit the CLI by entering the exit command in this mode.

SSFJUN01B

Juniper Networks, Inc.

35

Junos Operating System Highlights

Slide 35

Lab 1- Intro to the CLI


Log into the Junos CLI Explore the Junos OS CLI operational mode https://virtuallabs.juniper.net/
Download and print Lab Instructions

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 35

Lab 1- Intro to the CLI Log into the Junos CLI Explore the Junos OS CLI operational mode Lab instructions: https://www.juniper.net/partners/partner_center/common/training/downloads/pdfs/ssfjun1b_lab.pdf Enter Virtual Lab https://virtuallabs.juniper.net/

SSFJUN01B

Juniper Networks, Inc.

36

Junos Operating System Highlights

Slide 36

Section Summary
In this section, you have learned how to:
Introduce the Junos OS CLI Understand the difference between operational mode and configuration mode Navigate the command hierarchy Use command-line shortcuts and get help

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 36

In this section, you have learned how to: Introduce the Junos CLI Understand the difference between operational mode and configuration mode Navigate the command hierarchy Use command-line shortcuts and get help

SSFJUN01B

Juniper Networks, Inc.

37

Junos Operating System Highlights

Slide 37

Learning Activity 2, Question 1


Operational mode is identified by which prompt?
a) b) # character } character

c) d)

> character ~ character

Submit Submit

Clear Clear

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 37

SSFJUN01B

Juniper Networks, Inc.

38

Junos Operating System Highlights

Slide 38

Learning Activity 2, Question 2

Configuration mode is identified by which prompt?


a)
b) c) d)

> character
# character * character } character

Submit Submit

Clear Clear

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 38

SSFJUN01B

Juniper Networks, Inc.

39

Junos Operating System Highlights

Slide 39

Learning Activity 2, Question 3 What are three key functions of operational mode?
a) b) Monitor and troubleshoot the device Connect to other network systems Specify the types of events to track Control the CLI environment

c)
d)

Submit Submit

Clear Clear

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 39

SSFJUN01B

Juniper Networks, Inc.

40

Junos Operating System Highlights

Slide 40

Learning Activity 2, Question 4:


Which command do you used to switch from operational mode to configuration mode?
a) b) exit configure

c) d)

confmode switch

Submit Submit

Clear Clear

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 40

SSFJUN01B

Juniper Networks, Inc.

41

Junos Operating System Highlights

Slide 41

The Junos OS CLI Rocks!

2009 Juniper Networks, Inc. All rights reserved. | www.juniper.net | Proprietary and Confidential

The Junos CLI includes functionality not found in legacy network operating systems, such as Ciscos IOS. For example, did you know that the Junos CLI has some special features for protecting the network from configuration errors and mistakes? Sound helpful? Many of these features came from the inspiration and ideas of early Junos users who demanded a safer way to set up and make changes to their device configurations. This section introduces you to the ground breaking and specialized features of the Junos CLI. These are the reasons why so many users say that Junos saves them time (often lots of it), reduces repetitive tasks, and helps them to avoid very costly mistakes. In other words to enthusiastically agree that the Junos CLI rocks!

SSFJUN01B

Juniper Networks, Inc.

42

Junos Operating System Highlights

Slide 42

Section Objectives
After completing this section, you will be able to:
Present and demonstrate the Junos OS configuration process and its multiple safeguards Highlight the advantages of operating devices run by Junos OS Discuss features of the Junos OS CLI to automate operations

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 42

After completing this section, you will be able to: Present and demonstrate the Junos configuration process and its multiple safeguards Highlight advantage of operating devices run by Junos Discuss features of the Junos CLI to automate operations

SSFJUN01B

Juniper Networks, Inc.

43

Junos Operating System Highlights

Slide 43

Junos OS Configuration Process


Separation of configuration edit and activation
Validation checks Version control Automated rollback

Convenient deployment of standard configurations and policy language across the network
candidate configuration commit validated configuration
commit scripts commit validations

Load

commit confirmed

active configuration

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 43

The presented graphic outlines the basic steps to configure a Junos run device. Do you notice anything different from most other network operating systems? Foremost: configuration changes in Junos do not become active until you are ready. The Junos approach provides multiple safety nets that can save engineers hours of troubleshooting on those bad days when configuration updates can go horribly wrong potentially resulting in network collapses. Once they understand these safety nets, new users of Junos typically come to see the Junos CLI as much more user-friendly than other systems that have line-by-line entry and instant activation of configuration changes. Have you ever had to make line-by-line changes in other systems, knowing that you were creating intermediate risks, such as removing a firewall on an interface? Perhaps you have entered a single-line change that created unwanted or unexpected results that you could not easily revert. The Junos CLI protects you from these and other configuration headaches. To operate a device Junos uses the active configuration file. When a user changes a configuration file, he/she works with the candidate configuration file, which is different from the active one. In order for configuration changes to take place, the user must commit the candidate configuration file.

SSFJUN01B

Juniper Networks, Inc.

44

Junos Operating System Highlights

Slide 44

Junos OS Configuration Process (contd)

Load

candidate configuration

commit commit confirmed

validated configuration
commit scripts commit validations
1

active configuration

rollback

49

Basic steps in the configuration process


1. Enter changes in the candidate 2. Commit the candidate 3. Candidate becomes active
2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 44

So what are the basic sets of the multi-stage Junos configuration process? Lets examine it in more details. First: enter changes in the candidate configuration The candidate configuration is a copy of the active configuration. You can enter configuration changes to the candidate through the CLI via cut and paste, load or merge a text file with the updated configuration changes, or enter the changes by hand through the CLI interface. After making all your candidate changes, you can review your work, including comparing the candidate to the active running file. Second: commit you changes, sending off a copy of the candidate to become the active configuration Before finalizing the changeover, the software checks for certain statements within the candidate and performs other context validations. If the device includes pre-loaded commit scripts, these scripts will also check and possibly correct errors within the candidate configuration. Third: the candidate becomes the active configuration The candidate configuration becomes the active configuration and the device places the previous active configuration into an archive of up to 49 of the past active configurations, which you can access through the rollback command. Well explore explore each of these steps further in this section.

SSFJUN01B

Juniper Networks, Inc.

45

Junos Operating System Highlights

Slide 45

configure private, configure exclusive


Use configure private for your own copy of the candidate configuration
mike@jnpr1> configure private warning: uncommitted changes will be discarded on exit Entering configuration mode

Use configure exclusive when you want to prohibit others from also making changes while you are in mike@jnpr1> configure exclusive be discarded on exit configuration mode warning: uncommitted changes will
Entering configuration mode

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 45

To enter configuration mode, Junos provides several options. These options give users different ways to manage who is making changes and when. If users enter configuration mode with the base command: configure, as discussed in the prior section, then they are in standard configuration mode. Standard mode allows any number of users to edit the candidate configuration simultaneously, and changes made by a single user are visibly shared by all users, any of whom will activate all changes if they enter a commit command. Alternatively, Junos offers the options to configure private or configure exclusive. These prevent one user from inadvertently activating another users changes before they are ready. In private mode, the device keeps a separate candidate copy holding only the changes by the private user. In exclusive mode, the command-line locks all other users out of configuration mode until the exclusive user closes the exclusive state. These two configuration options are very handy when multiple users can change the candidate configuration of a device.

SSFJUN01B

Juniper Networks, Inc.

46

Junos Operating System Highlights

Slide 46

show Command
List the complete candidate from the top of configuration mode
[edit] mike@juniper1# show version "9.2R1.3"; groups { re0 { system { jnpr1-name jnpr1; } } }

List a specific subset of the candidate configuration from a deeper level of the hierarchy
[edit interfaces ge-5/0/0] mike@jnpr# show gigether-options { flow-control; auto-negotiation; } unit 0 { family inet { address 1.2.3.4/28; } }

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 46

Initially, before any changes are entered, the candidate configuration is the same as the active running configuration of the device. To display the candidate configuration, use the show command in configuration mode. When entered from the top of the configuration hierarchy, the CLI displays the entire candidate configuration, as shown in the abbreviated listing of the example on the left. Deeper in the hierarchy, the show command displays the configuration from the current hierarchy level and below, as show in the example on the right. Note: You may have noticed that configuration mode uses the show command in a different way than operational mode. The commands of each mode are independent of each other, and so the show command represents different actions in each.

SSFJUN01B

Juniper Networks, Inc.

47

Junos Operating System Highlights

Slide 47

set Command
From the top of configuration mode
[edit] mike@jnpr1# set system mike@jnpr1# set system mike@jnpr1# set system mike@jnpr1# set system services services services services finger ftp ssh telnet [edit] system { services { finger; ftp; ssh; telnet; } }

From a sublevel
[edit system services] mike@jnpr1# set finger mike@jnpr1# set ftp mike@jnpr1# set ssh mike@jnpr1# set telnet

Either adds

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 47

You can create or change the candidate configuration by entering a series of commands, including those to add and remove configuration statements. The set command inserts a statement and values into the candidate configuration. While you can edit the candidate from the root directory, as shown in the top example, often it is easier to navigate to the area within the configuration you are changing prior to adding and removing commands. This is shown in the second example where changes are entered in the [edit system services] sublevel of the hierarchy. Either approach adds the same lines, shown on the right.

SSFJUN01B

Juniper Networks, Inc.

48

Junos Operating System Highlights

Slide 48

delete Command
Remove a statement along with any subordinate statements
Deleting a statement effectively returns the affected device, protocol, or service to an unconfigured state Deleting a container statement removes everything under that level of the hierarchy
[edit] mike@jnpr1# delete system services [edit] system { }

Now

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 48

The delete command removes statements from the candidate configuration. In this example, we delete what we just added in the prior slide. Deleting a statement effectively returns the affected device, protocol, or service to an unconfigured state. Deleting a container statement removes everything under that level of the hierarchy. So, be cautious here!! Remember the delete command removes all subordinate statements and identifiers. For example, if you entered the simple command: delete protocols from the top of the CLI hierarchy; you would remove all the protocols configured in your candidate file. Know where you are at in the hierarchy and what all you are removing when you issue a delete statement!

SSFJUN01B

Juniper Networks, Inc.

49

Junos Operating System Highlights

Slide 49

compare Configurations
Display the differences between the candidate and active configuration
Options to show any two configurations
[edit system services] mike@jnpr1# show | compare - ssh; + telnet; - web-management { http { port 8080; } -}

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 49

Have you ever entered changes to a configuration and then wanted to review them? The compare command provides a convenient way to display the configured differences (and only these differences) between the candidate configuration file and the active running configuration of the device (or any other configurations you might choose). The CLI indicates new lines in the candidate with a plus (+) sign and those removed with a minus (-) sign. In this example, the user has enabled telnet within system services and also removed ssh and web-management.

SSFJUN01B

Juniper Networks, Inc.

50

Junos Operating System Highlights

Slide 50

commit check
Check that the device will accept your candidate
Validates the logic and completeness of the candidate without activating the changes
[edit] mike@jnpr1# commit check [edit interfaces lo0 unit 0 family inet] 'address 192.168.69.1/24' Loopback addresses' prefix must be 32 bits error: configuration check-out failed

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 50

The CLI also provides a command to check that the system can process your candidate configuration. The commit check command validates the logic and completeness of the candidate semantics without activating any changes. These are the same validations which run when you commit a candidate. If the system finds a problem in the candidate configuration, it lets you know, as the example above.

SSFJUN01B

Juniper Networks, Inc.

51

Junos Operating System Highlights

Slide 51

commit
Activates the candidate to become the running configuration of the device
If the validation checks find any errors, you must fix these before the candidate can become the active file
[edit] Add Bullets mike@jnpr1# commit error: Policy error: Policy my-policy referenced but not defined error: BGP: export list not applied error: configuration check-out failed

The commit complete message tells you that the new configuration is now active
[edit] mike@jnpr1# commit commit complete
2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 51

The candidate file is only the proposed configuration, and your device does not use any of this configuration until you issue a commit command. After you have entered all desired changes, and you have double checked your work, you are ready to activate your candidate as the active running configuration. To activate the candidate configuration, enter the commit command. Before actually activating the candidate configuration, Junos checks basic syntax and semantics. For example, the software makes sure that a policy has been defined before it is referenced. If any syntax or semantic problems are found, the commit command returns an error. You must fix all mistakes before the candidate (or any part of the candidate) can become active. The commit complete message tells you that the new configuration is up and running on the device.

SSFJUN01B

Juniper Networks, Inc.

52

Junos Operating System Highlights

Slide 52

Commit confirmed
Automate rollback in remote devices
Commit a candidate configuration for a limited time
[edit] mike@jnpr1# commit confirmed commit confirmed will be automatically rolled back in 10 minutes unless confirmed commit complete

Finalize the commit, by entering a 2nd commit command


[edit] mike@jnpr1# commit commit complete

Or, wait for rollback to your previous configuration


Broadcast Message from root@jnpr1 (no tty) at 08:10:17 UTC Commit was not confirmed; automatic rollback complete.
2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 52

Are you among those of us who have made the mistake of adding security to a remote box, only to discover the new firewall locked you out of the very interface that you were using to access the device? Do you have a story about the time you accidently isolated a remote box and then had to jump in the car and drive twoand-a-half hours in the middle of the night just to reset it? The commit confirmed command can prevent costly configuration mistakes by automatically rolling back problematic configurations. The commit confirmed command commits a candidate configuration for 10 minutes. Then if you don't follow up with a second commit, the device automatically rolls back to the previous configuration. You can use the commit confirmed command anytime you want a safety net against potential configuration problems. If you do not confirm the configuration by entering a second commit command, the CLI will roll back the device to the previous active configuration at the end of the 10 minutes (or other interval you specify). In this way, if you have accidently isolated the device, you simply need to wait for the roll back instead of agonizing over how you are going to otherwise undo your mistake.

SSFJUN01B

Juniper Networks, Inc.

53

Junos Operating System Highlights

Slide 53

Rollback
Use rollback (or rollback 0 ) to reset the candidate configuration to the currently active configuration
rollback 1 loads the previously active configuration rollback n loads the nth previous active configuration rollback rescue loads the previously created rescue file

rollback only modifies the candidate configuration


[edit] mike@host# rollback load complete [edit] mike@host# commit commit complete

Dont forget to commit the changes!

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 53

Whenever you commit the candidate as the new active configuration, Junos automatically saves a copy of the replaced active file. As you store each newly replaced configuration, all the prior configuration files move back one version number further in the configuration archive. Each device can store up to 50 of the most recently active versions. This number includes the current active configuration (also known as rollback 0). You can access this configuration archive using the rollback command to restore your candidate configuration. Reset your candidate to match the active running configuration by entering rollback or rollback 0. Return to the most recently previous configuration file using the rollback 1 command, or add any other number between 2 and 49 to go back to an even older version of the configuration. The rollback command loads the requested archive as the candidate file. You can also create a rescue configuration of a known working configuration so that you can rollback to it when all else fails. If you want to use the rollback file immediately, first make sure it's what you want by using the show command, and then activate it with the commit command. That last bit was important. Dont forget to complete a rollback for the active configuration of the device, you must also commit it. This automatic backup mechanism lets you return quickly to a previous configuration for immediate use or for fast updates.

SSFJUN01B

Juniper Networks, Inc.

54

Junos Operating System Highlights

Slide 54

Lab 2- Configuring the CLI


Explore the Junos OS CLI configuration mode Save, view, and use a rescue configuration https://virtuallabs.juniper.net/
Download and print Lab Instructions

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 54

Lab 2 Configuring the CLI *Explore the Junos OS CLI configuration mode *Save, view, and use a rescue configuration Lab instructions: https://www.juniper.net/partners/partner_center/common/training/downloads/pdfs/ssfjun1b_lab.pdf Enter Virtual Lab https://virtuallabs.juniper.net/

SSFJUN01B

Juniper Networks, Inc.

55

Junos Operating System Highlights

Slide 55

Preparing Changes in Advance


Prepare for hardware being installed tomorrow
[edit] mike@jnpr1# edit interfaces fe-3/0/0 unit 0 [edit interfaces fe-3/0/0 unit 0] mike@jnpr1# set family inet address 192.168.1.254/24

Make changes during a maintenance window


edit] mike@jnpr1# commit at 02:00:00 commit check succeeds commit will be executed at 2009-02-02 02:00:00 UTC Exiting configuration mode mike@jnpr1>
2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 55

Unlike other systems Junos lets you prepare for an installation before actually installing the hardware. The software simply ignores any parts of the running configuration which are irrelevant to the existing hardware installation. Whenever the hardware becomes available, the newly added section of the configuration then becomes active. The option to set up a configuration prior to hardware install is quite useful, especially when the person installing the hardware is different than the person configuring the device, a common occurrence for remote boxes. Here is a configuration for fe-3/0/0, which will be installed tomorrow. Sometimes you want to prepare configuration changes for activation at a specific time, such as during a maintenance window. The commit at command provides this option. You can also make configuration changes and mark them as inactive until you are ready to use them by using the deactivate command.

SSFJUN01B

Juniper Networks, Inc.

56

Junos Operating System Highlights

Slide 56

Handy Commands Save Time


copy defines a new element by duplicating a selected configuration statement and its subordinate elements
[edit interfaces] mike@jnpr1# copy se-0/0/2 to se-0/0/1 [edit interfaces] mike@jnpr1# delete se-0/0/1 unit 0 family inet address 10.0.22.1/24

Add the correct address for the new interface


[edit interfaces] mike@jnpr1# set se-0/0/1 unit 0 family inet address 10.0.36.2/24

rename changes the value of a user-defined variable or the name to a user-defined element
[edit interfaces] mike@jnpr1# rename se-0/0/1 unit 0 family inet address 10.0.22.1/24 to address 10.0.36.2/24
2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 56

A typical configuration includes many similar elements named and defined by the user, such as interface names, policy statements, and firewall filters. The Junos CLI includes commands to duplicate and quickly change the configurations of these user-defined variables. The copy command duplicates a configuration statement along with all the subordinate statements configured underneath it. In using the command, you copy the configuration associated with one userdefined element to a new, similarly configured element. You then modify that second element with any needed changes. The rename command is a convenient shortcut when you need to alter the value of a user-defined variablesuch as policy names, filter names, IP addressesor to change the name of a user-defined element. The example on this slide illustrates a very useful technique for configuring similar interfaces, where only IP addresses are different. First, you create identical configuration of se-0/0/1 based on the se-0/0/2 interface. Then, you change the ip address of the newly created se-0/0/1 interface by deleting the ip address of the copied se-0/0/2 interface and setting the ip address for the se-0/0/1 interface, which is 10.0.36.2/24. Also, you can use the rename command to change the ip address of the newly created interface, thereby achieving the same result, as indicated on this slide.

SSFJUN01B

Juniper Networks, Inc.

57

Junos Operating System Highlights

Slide 57

Powerful | Pipe
Filter output in both operational and configuration mode Sends output of one command as input to another Examples:
Use to redirect output of a command to a file
Useful for re-using sections of configurations across many devices
mike@jnpr1> request support information | save <filename> Wrote 1143 lines of output to filename

| count: gives the number of lines in the output


mike@jnpr1> show interfaces terse | count Count: 22 lines

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 57

The pipe | character lets you filter output in both operational and configuration modes. Pipe makes it possible to display specific information in a single command step, sending the output of one command as input to another, or redirecting the output to a file. The output of the command to the left of the pipe symbol serves as input to the command or file to the right of the pipe. The first example shown on the slide creates a file that stores the output of the request support information command of the operational mode by piping its output to a filename. In the second, | count counts the number of lines in the output. Many more examples for using pipe are available in the Junos technical documentation and other reference resources.

SSFJUN01B

Juniper Networks, Inc.

58

Junos Operating System Highlights

Slide 58

Run is Cool
Issue operational mode commands while in configuration mode
[edit] mike@jnpr1# run show interfaces Physical interface: fe-4/0/2, Enabled, Physical link is Up Interface index: 137, SNMP ifIndex: 29 Link-level type: Ethernet, MTU: 1514, Speed: 100mbps, Loopback: Disabled, Source filtering: Disabled, Flow control: Enabled Device flags : Present Running Interface flags: SNMP-Traps 16384 Link flags : 4 CoS queues : 8 supported <. . .>

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 58

The run command lets you issue CLI operational mode commands while in configuration mode. Just add the keyword run before any operational mode command that you want to execute while you are inside the configuration mode. For example, entering the run show interfaces command displays the output as if show interfaces had been entered from operational mode. Here we show an abbreviated listing of the output.

SSFJUN01B

Juniper Networks, Inc.

59

Junos Operating System Highlights

Slide 59

Junos OS System Health: Monitoring


Real-time Performance Monitoring (RPM)
Active probes to monitor performance Per-destination and application basis

Flow accounting
cflowd and rich filtering Active monitoring, passive monitoring, port mirroring

Health monitor
Extends the Remote Network Monitoring (RMON) alarm infrastructure with minimum user configuration
2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 59

Juniper devices provide extensive on-board instrumentation that enables customers to proactively gather status information. Self-monitoring allows continuous feedback and lets administrators capture networkwide down to highly granular perspectives on the operations of the network. Junos-based platforms come with sufficient processing power to collect and store critical operational data that help you to understand how a device operates in normal conditions and where, when, and why changes occur. Available tools for automating network monitoring include: Real-time performance monitoring: Measures the performance of traffic as it travels between network devices. The RPM probes can collect round-trip time minimums, averages, maximums, jitter, and other data on both a per-destination and application basis. Flow accounting: Provides a method for collecting traffic flow statistics, enabling operations teams to track link utilization for capacity planning, security analysis, fault isolation, internal billing, and more. You can gather statistics on an individual physical device, logical device, interface, or subinterface. Health monitor: Notifies your network management system (NMS) when something requires attention. Health monitor extends the Remote Network Monitoring (RMON) alarm infrastructure of Junos with minimum user configuration requirements, by providing predefined monitoring of the operating system processes and device hardware, for example: file system usage, CPU usage, and memory usage.

SSFJUN01B

Juniper Networks, Inc.

60

Junos Operating System Highlights

Slide 60

Junos OS System Health: Diagnostics


System logging to record device events
Hardware events Operating system events

Trace logging (traceoptions) to flag events specific to operations


Protocol operations SNMP operations Other device operations

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 60

The logging and tracing operations of Junos allow administrators to find out about events that occur in the device normal operations, as well as error conditions. You can use the following tools to discover, trace, and analyze the sequence of events leading to network or device issues for fast resolution. System logging: Generates system log messages (syslog messages) for recording events that occur on the device, including hardware and within the processes of the operating system. A few examples, among the thousands that we can cite: an interface starting up, login failure, or hardware failure conditions. Trace logging (also called traceoptions): Provides a wide range of variables for observing network and system events specific to operations, such as protocol operations. Note that traceoptions is similar to the debug function in IOS. Examples of trace logging include BGP state changes, graceful restart events, and even tracking SNMP operations and statistics. Trace logging is a valuable tool when you need to find out whats going on in your device.

SSFJUN01B

Juniper Networks, Inc.

61

Junos Operating System Highlights

Slide 61

Junos OS Automation
Business Rules Automation
Enforce compliance check and change management to avert human factors

Provisioning Automation
Operations Automation Event Automation

Simplify and abstract complex configurations and self-heal errors

Allow custom outputs to ease migration and facilitate quick diagnosis

Automate pre-defined response to events for self-monitoring networks

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 61

Junos automation can be provisioned with four criteria in mind: Business; Provisioning; Operations; and Event. The business criterion enforces compliance check and change management to avert human factors. The provisioning criterion is aimed to simplify and abstract complex configurations. The operations criterion is aimed to allow custom outputs to ease migration and facilitate quick diagnosis of network/hardware problems. The event criterion automates pre-defined response to events for self-monitoring networks. You can see that the four criteria are aimed to ease operations, ensure network availability and scalability.

SSFJUN01B

Juniper Networks, Inc.

62

Junos Operating System Highlights

Slide 62

Junos OS Automation of Commands


Configuration-mode automation
Prevent errors and enforce compliance to policies and procedures
Accept, reject, modify, or generate a message
CLI

scripts

Macros minimize line entries

Operations-mode automation
Build custom operational commands Automate remediation steps/guidance
Custom notifications, further diagnosis, or corrective actions Correlate specific events and perform a set of actions
Junos management

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 62

Junos command automation is available in configuration and operation modes. In the configuration mode command automation prevents configuration errors and enforces compliance to pre-defined policies and procedures. In the operations mode command automation allows you customize operational commands, and automate custom-defined notifications, diagnosis, or corrective actions, correlating specific events and actions.

SSFJUN01B

Juniper Networks, Inc.

63

Junos Operating System Highlights

Slide 63

Summary of the Junos OS CLI Rocks


Configuration Mode Highlights
Configure private, configure exclusive Commit model Compare Rollback Preconfigure changes Copy and rename Junos automation

Operational Mode Highlights


Powerful monitoring tools with performance Powerful diagnostic tools with performance Junos automation
CONFIDENTIAL

2010 Juniper Networks, Inc. All rights reserved.

SSFJUN01B

www.juniper.net | 63

In summary, the Junos CLI offers multiple specialized features that are not found in many other network operating systems. In configuration mode: configure private and configure exclusive let engineers manage who is changing the device and when. The commit model lets engineers enter configuration changes in a candidate file. The approach provides multiple safety nets that can prevent configuration problems and save hours of troubleshooting. The compare command lets engineers review their changes, looking for any last-minute typos or omissions, by comparing two different configurations, yet again providing safety nets ensuring maximum network availability. rollback restores the rescue or any of the prior 50 configurations. Preconfigure a device before hardware install or specify a time for changes to become active. A rich set of text editing tools saves engineers lots of typing, including the power of the copy and rename commands to repurpose existing configuration elements. Commit scripts to customize validation of configurations and define time-saving macros. In operational mode, the highlights include: Powerful monitoring and diagnostic tools that engineers can use without harming device performance. Various scripts and event policies to automate event detection and troubleshooting as well as restoration to normal operations.

SSFJUN01B

Juniper Networks, Inc.

64

Junos Operating System Highlights

Slide 64

Section Objectives
In this section, you have learned how to:
Present and demonstrate the Junos configuration process and its multiple safeguards Highlight the advantages of operating devices run by Junos Discuss features of the Junos CLI to automate operations

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 64

In this section, you have learned how to : Present and demonstrate the Junos configuration process and its multiple safeguards Highlight advantage of operating devices run by Junos Discuss features of the Junos CLI to automate operations

SSFJUN01B

Juniper Networks, Inc.

65

Junos Operating System Highlights

Slide 65

Learning Activity 3, Question 1: True or False: As soon as you edit the configuration file and press Enter the changes are implemented on your device.
a) b) True False

Submit Submit

Clear Clear

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 65

SSFJUN01B

Juniper Networks, Inc.

66

Junos Operating System Highlights

Slide 66

Learning Activity 3, Question 2:


What is the purpose of configure private?
a) b) c) Limits impact of configuration to the local system only Creates your own copy of the candidate configuration

Prohibits others from making changes to the configuration


Produces a second copy of the configuration for testing purposes

d)

Submit Submit

Clear Clear

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 66

SSFJUN01B

Juniper Networks, Inc.

67

Junos Operating System Highlights

Slide 67

Learning Activity 3, Question 3:


What is the purpose of commit check?
a) Implements configuration changes for a limited amount of time before an automatic rollback

b)

Ensures that no one else has the configuration open


Ensures that all devices to be impacted on online and running without error conditions Validates logic and completeness of the candidate statements
Submit Submit Clear Clear

c)

d)

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 67

SSFJUN01B

Juniper Networks, Inc.

68

Junos Operating System Highlights

Slide 68

Learning Activity 3, Question 4: True or False: Junos-based platforms come with sufficient processing power to collect and store critical operational data.
a) b) True False

Submit Submit

Clear Clear

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 68

SSFJUN01B

Juniper Networks, Inc.

69

Junos Operating System Highlights

Slide 69

Routing with Junos OS

2009 Juniper Networks, Inc. All rights reserved. | www.juniper.net | Proprietary and Confidential

Junos supports various standards-based routing protocols. This section provides a quick overview of basic routing, overviewing the differences between static and dynamic routing.

SSFJUN01B

Juniper Networks, Inc.

70

Junos Operating System Highlights

Slide 70

Section Objectives
In this section, you will:
Compare and contrast routing and forwarding tables Describe routing instances Describe static routing and its configuration using Junos OS Describe dynamic routing

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 70

Upon completion of this section, you will be able to: Compare and contrast routing and forwarding tables; Describe routing instances; Describe static routing and its configuration using Junos; and Describe dynamic routing.

SSFJUN01B

Juniper Networks, Inc.

71

Junos Operating System Highlights

Slide 71

What Is Routing?
The process of moving data between Layer 3 networks

Server A
Internet

Server B

User A

= Router = Switch

User B

Data center

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 71

A Basic Definition of Routing Routing, in its most basic form, is the process of moving data between Layer 3 networks. The sample topology on the slide consists of several Layer 3 networks, all connected to routers. Although routers are the most common devices for performing routing operations, note that many switches and security devices also perform routing operations. Note also that the Internet is actually a collection of many networks rather than a single network. We look at the required components of routing and how devices running Junos Software make routing decisions on subsequent slides within this section.

SSFJUN01B

Juniper Networks, Inc.

72

Junos Operating System Highlights

Slide 72

Components of Routing
For a device to communicate with another device in a remote network, the following requirements exist:
End-to-end communications path Routing information on participating Layer 3 devices
Internet

User A

= Router = Switch

User B

Data center

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 72

Routing Components You must consider several components and other aspects to effectively implement routing between remote networks. However, you can classify the various components and considerations into two primary requirementsend-to-end communications path and ensuring all Layer 3 devices within the communications path have the required routing information. In the example shown on the slide, you can see that a physical path exists between the highlighted networks and the Internet. As long as the physical path is configured and functioning correctly, the first requirement is satisfied. For the second requirement, all Layer 3 devices participating in the communications path must have the necessary routing information. The devices within the user and data center networks must have the proper gateway configured (the router that connects to those networks as well as the Internet). The gateway device must determine the proper next hop for each destination prefix for transit traffic it receives. Devices running Junos Software use the forwarding table, which is a subset of information found in the route table, to make this determination. We discuss the route and forwarding tables next.

SSFJUN01B

Juniper Networks, Inc.

73

Junos Operating System Highlights

Slide 73

The Routing Table


Compiles information learned from routing protocols and other routing information sources Selects an active route to each destination Populates the forwarding table Main unicast routing tables are inet.0, for IPv4 routing, and inet6.0, for IPv6 routing

Routing protocol databases Other routing information sources

OSPF

Routing table
Direct Static

Forwarding table

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 73

Routing Information Sources The Junos Software routing table consolidates prefixes from multiple routing information sources including various routing protocols, static routes, and directly connected routes. Active Route Selection When a device running Junos Software receives multiple routes for a given prefix, it selects a single route as the active route. With additional configuration, Junos Software supports multiple, equal-cost routes. Forwarding Table The router uses the active route for each destination prefix to populate the forwarding table. The forwarding table determines the outgoing interface and Layer 2 rewrite information for each packet forwarded by a device running Junos Software. Multiple Routing Tables Devices running Junos Software can accommodate multiple routing tables. The primary routing table, inet.0, stores IPv4 unicast routes. Additional predefined routing tables exist, such as inet6.0, which Junos Software creates when required by the configuration. The following is a summary of the common predefined routing tables you might see on a device running Junos Software: inet.0: Used for IPv4 unicast routes; inet.1: Used for the multicast forwarding cache; inet.2: Used for MBGP routes to provide reverse path forwarding (RPF) checks; inet.3: Used for MPLS path information; inet.4: Used for MSDP route entries; inet6.0: Used for IPv6 unicast routes; and mpls.0: Used for MPLS next hops.

SSFJUN01B

Juniper Networks, Inc.

74

Junos Operating System Highlights

Slide 74

Predefined Routing Tables


The following is a summary of the common predefined routing tables you might see on a device running Junos Software: inet.0: Used for IPv4 unicast routes; inet.1: Used for the multicast forwarding cache; inet.2: Used for MBGP routes to provide reverse path forwarding (RPF) checks; inet.3: Used for MPLS path information; inet.4: Used for MSDP route entries; inet6.0: Used for IPv6 unicast routes; and mpls.0: Used for MPLS next hops.

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 74

The following is a summary of the common predefined routing tables you might see on a device running Junos OS : inet.0: Used for IPv4 unicast routes; inet.1: Used for the multicast forwarding cache; inet.2: Used for MBGP routes to provide reverse path forwarding (RPF) checks; inet.3: Used for MPLS path information; inet.4: Used for MSDP route entries; inet6.0: Used for IPv6 unicast routes; and mpls.0: Used for MPLS next hops.

SSFJUN01B

Juniper Networks, Inc.

75

Junos Operating System Highlights

Slide 75

Route Preference
Ranks routes received from different sources Primary criterion for selecting the active route
Used as a tiebreaker when same destination prefix is available through multiple sources
Route Preference Values

Routing information source

Default preference

Direct Local Static OSPF internal RIP OSPF AS external BGP (both EBGP and IBGP)

0 0 5 10 100 150 170


CONFIDENTIAL

More Preferred

Less Preferred

2010 Juniper Networks, Inc. All rights reserved.

SSFJUN01B

www.juniper.net | 75

Preferred Routing Information Sources Junos OS uses route preference to differentiate routes received from different routing protocols or routing information sources. Route preference is equivalent to administrative distance on equipment from other vendors. Selecting the Active Route Route preference is similar to Ciscos administrative distance setting. Junos OS uses route preference to rank routes received through the various route information sources and as the primary criterion for selecting the active route. The table at the bottom of the slide shows the default preference values for a selected set of routing information sources. Of course, any default can be changed.

SSFJUN01B

Juniper Networks, Inc.

76

Junos Operating System Highlights

Slide 76

Viewing the Routing Table


Use show route to display route table contents:
user@host> show route inet.0: 6 destinations, 7 routes (6 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 10.1.1.0/24 *[Static/5] 00:10:24 Route source and preference > to 172.29.30.253 via ge-0/0/10.0 [OSPF/10] 00:03:38, metric 2 > to 172.18.25.2 via ge-0/0/13.0 *[Direct/0] 00:11:05 > via ge-0/0/13.0 *[Local/0] 00:11:05 Local via ge-0/0/13.0 *[Direct/0] 00:11:05 > via ge-0/0/10.0 *[Local/0] 00:11:05 Asterisk (*) indicates that the Local via ge-0/0/10.0 route is selected as active

172.18.25.0/30 172.18.25.1/32 172.29.30.0/24 172.29.30.1/32 Route table name

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 76

Viewing the Route Table The slide shows the use of the show route command, which displays all route entries in the routing table. As identified on the slide, all active routes are marked with an asterisk (*) next to the selected entry. Each route entry displays the source from which the device learned the route, along with the route preference for that source. The show route command displays a summary of active, holddown, and hidden routes. Active routes are the routes the system uses to forward traffic. Holddown routes are routes that are in a pending state before the system declares them as inactive. Hidden routes are routes that the system cannot use for reasons such as an invalid next hop and route policy. You can filter the generated output by destination prefix, protocol type, and other distinguishing attributes. The following sample capture illustrates the use of the protocol filtering option: user@host> show route protocol ospf inet.0: 6 destinations, 7 routes (6 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 10.1.1.0/24 224.0.0.5/32 [OSPF/10] 04:57:41, metric 2 > to 172.18.25.2 via ge-0/0/13.0 *[OSPF/10] 05:00:58, metric 1 MultiRecv

SSFJUN01B

Juniper Networks, Inc.

77

Junos Operating System Highlights

Slide 77

The Forwarding Table


Stores required information for packet forwarding operation; contents include the destination prefixes and the associated outgoing interfaces
Use show route forwarding-table to view contents

Routing protocol databases

OSPF

Other routing information sources

DirectStatic

Routing Table

Forwarding Table

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 77

The Forwarding Table The forwarding table stores a subset of information from the routing table. Within the forwarding table, you can find the details used by a device running Junos OS to forward packets such as the learned destination prefixes and the outgoing interfaces associated with each destination prefix. You use the show route forwarding-table CLI command to view the forwarding table contents. Note that the Junos OS kernel adds some forwarding entries and considers them permanent in nature. One such example is the default forwarding entry, which matches all packets when no other matching entry exists. When a packet matches this default forwarding entry, the router discards the packet and it sends an ICMP destination unreachable message back to the sender. If you configured a user-defined default route, the router uses it instead of the permanent default forwarding entry. Some examples of forwarding entries are remote addresses directly reachable through an interface, routes installed by the kernel when the routing table initializes, routes installed by the routing protocol process or as a result of the configuration, and local address on an interface.

SSFJUN01B

Juniper Networks, Inc.

78

Junos Operating System Highlights

Slide 78

Determining the Next Hop


Device compares incoming packets against forwarding table entries to determine appropriate next hop
If multiple matches exist, it uses the most specific entry (longest match) to forward packet toward destination If no matching entry exists, it sends a destination unreachable notification back to source device

Forwarding plane

FT
Packets in Packets out

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 78

Determining the Next Hop When a packet enters a device running Junos OS , it compares that packet against the entries within the forwarding table to determine the proper next hop. If the packet is destined to the local device, Junos OS processes the packet locally. If the packet is destined to a remote device and a valid entry exists, the device running Junos OS forwards the packet out the next-hop interface associated with the forwarding table entry. If multiple destination prefixes match the packets destination, Junos OS uses the most specific entry (also called longest match) when forwarding the packet to its destination. In situations where no matching entry exists, the device running Junos OS responds to the source device with a destination unreachable notification.

SSFJUN01B

Juniper Networks, Inc.

79

Junos Operating System Highlights

Slide 79

Overview of Routing Instances


A routing instance is a unique collection of routing tables, interfaces, and routing protocol parameters
Device Running Junos Software
Routing instance (master) inet.0 inet6.0 ge-0/0/0.0 ge-0/0/1.0 lo0.0 Default Route OSPF Routing instance (cust-A) cust-A.inet.0 cust-A.inet6.0 ge-0/0/3.0 ge-0/0/4.0 lo0.1 Default Route OSPF Routing instance (cust-B) cust-B.inet.0 cust-B.inet6.0 ge-1/0/0.0 ge-1/0/1.0 lo0.2 Default Route OSPF

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 79

Overview of Routing Instances Junos OS logically groups routing tables, interfaces, and routing protocol parameters to form unique routing instances. The device logically keeps the routing information in one routing instance apart from all other routing instances. The use of routing instances introduces great flexibility because a single device can effectively imitate multiple devices.

SSFJUN01B

Juniper Networks, Inc.

80

Junos Operating System Highlights

Slide 80

Default Routing Instance


The master routing instance is the primary instance for all devices running Junos OS and includes inet.0 route table
Might include other route tables, such as inet6.0
user@host> show route instance Instance Type Primary RIB Active/holddown/hidden master forwarding inet.0 3/0/1 inet6.0 4/0/0 Participating route tables; the presence of Routing instance name inet6.0 table indicates IPv6 is in use

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 80

Master Routing Instance Junos OS creates a default unicast routing instance called the master routing instance. By default, the master routing instance includes the inet.0 route table, which the device uses for IPv4 unicast routing. The software creates other route tables, such as inet6.0, adds them to their respective routing instance, and displays them when required by the configuration. The Junos OS also creates private routing instances, which the device uses for internal communications between hardware components. You can safely ignore these instances and their related information when planning your network.

SSFJUN01B

Juniper Networks, Inc.

81

Junos Operating System Highlights

Slide 81

User-Defined Routing Instances


You configure user-defined routing instances at the [edit routing-instances] hierarchy level
Typically used for filter-based forwarding, VPN services, and system virtualization; routing instance types include:
[edit routing-instances <instance-name>] user@host# set instance-type ? Possible completions: forwarding Forwarding instance l2vpn Layer 2 VPN routing instance no-forwarding Nonforwarding instance virtual-router Virtual routing instance vpls VPLS routing instance vrf Virtual routing forwarding instance

Note: Actual routing instance types vary between platforms running Junos OS; Check product documentation for actual support
2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 81

User-Defined Routing Instances For added flexibility, Junos OS allows you to configure additional routing instances under the [edit routinginstances] hierarchy. User-defined routing instances can be used for a variety of different situations and provide users a great amount of flexibility in their respective environments. We also commonly refer to filter-based forwarding as policy-based routing (PBR). Some typical uses of user-defined routing instances include filter-based forwarding (FBF), Layer 2 and Layer 3 VPN services, and system virtualization. The following are some of the common routing instance types: forwarding: Used to implement filter-based forwarding for common Access Layer applications; l2vpn: Used in Layer 2 VPN implementations; no-forwarding: Used to separate large networks into smaller administrative entities; virtual-router: Used for non-VPN-related applications such as system virtualization; vpls: Used for point-to-multipoint LAN implementations between a set of sites in a VPN; and vrf: Used in Layer 3 VPN implementations. Note that the actual routing instance types vary between platforms running Junos OS . Be sure to check the technical documentation for your specific product.

SSFJUN01B

Juniper Networks, Inc.

82

Junos Operating System Highlights

Slide 82

Configuration Example
Routing instance configuration example:
[edit routing-instances new-instance] Routing instance name is user-defined user@host# show instance-type virtual-router; Routing instance type interface ge-0/0/0.0; Define interfaces under the [edit interface ge-0/0/1.0; interfaces] hierarchy and reference interface lo0.1; them under the routing instance routing-options { static { route 0.0.0.0/0 next-hop 172.26.25.1; } } protocols { ospf { area 0.0.0.0 { interface ge-0/0/0.0; interface ge-0/0/1.0; interface lo0.1; } } }
2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 82

Configuration Example: Routing Instances The slide illustrates a basic routing instance configuration example.

SSFJUN01B

Juniper Networks, Inc.

83

Junos Operating System Highlights

Slide 83

Working with Routing Instances (1 of 2)


Reference the corresponding IP unicast table for a given instance to view the route table contents:
user@host> show route table new-instance.inet.0 new-instance.inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 172.25.182.0/24 172.25.182.5/32 172.26.25.0/24 172.26.25.5/32 192.168.100.52/32 *[Static/5] 02:06:18 > to 172.26.25.1 via ge-0/0/0.0 *[Direct/0] 02:06:18 Software automatically creates IP > via ge-0/0/1.0 unicast table when you configure *[Local/0] 02:06:18 the corresponding routing instance Local via ge-0/0/1.0 *[Direct/0] 02:06:18 > via ge-0/0/0.0 *[Local/0] 02:06:18 Local via ge-0/0/0.0 *[Direct/0] 02:06:18 > via lo0.1

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 83

Working with Routing Instances: Part 1 Once you configure a routing instance and the device learns routing information within the instance, Junos OS automatically generates a route table. If you use IPv4 routing, the software creates an IPv4 unicast routing table. The name of the route table uses the format instance-name.inet.0, where instance-name is the name of the routing instance within the configuration. Likewise, if you use IPv6 within the instance, the software creates an IPv6 unicast routing table and it follows the format instance-name.inet6.0. As illustrated on the slide, to view a routing table associated with a specific routing instance, you simply use the show route table table-name CLI command.

SSFJUN01B

Juniper Networks, Inc.

84

Junos Operating System Highlights

Slide 84

Working with Routing Instances (2 of 2)


Reference the routing instance name when viewing information for a given instance or sourcing traffic from a given instance:
user@host> show interfaces terse routing-instance new-instance Interface Admin Link Proto Local ge-0/0/0.0 up up inet 172.26.25.5/24 ge-0/0/1.0 up up inet 172.25.182.5/24 lo0.1 up up inet 192.168.100.52

Remote

--> 0/0

user@host> ping 172.26.25.1 rapid count 25 routing-instance new-instance PING 172.26.25.1 (172.26.25.1): 56 data bytes !!!!!!!!!!!!!!!!!!!!!!!!! --- 172.26.25.1 ping statistics --25 packets transmitted, 25 packets received, 0% packet loss round-trip min/avg/max/stddev = 1.014/1.875/2.073/0.285 ms

user@host> traceroute 192.168.100.25 routing-instance new-instance traceroute to 192.168.100.25 (192.168.100.25), 30 hops max, 40 byte packets 1 192.168.100.25 (192.168.100.25) 4.536 ms 4.503 ms 2.209 ms
CONFIDENTIAL

2010 Juniper Networks, Inc. All rights reserved.

SSFJUN01B

www.juniper.net | 84

Working with Routing Instances: Part 2 You can filter many of the common outputs generated through CLI show commands by referencing the name of a given routing instance. The first example on the slide shows a practical way of viewing interfaces that belong to a specific routing instance. You can also source traffic from a specific routing instance by referencing the name of the desired routing instance. The last two examples on the slide show this option in action with the ping and traceroute utilities.

SSFJUN01B

Juniper Networks, Inc.

85

Junos Operating System Highlights

Slide 85

Static Routes
Manually configured routes added to routing table
Defined under [edit routing-options] hierarchy

Require a valid next hop


Typically the IP address of a directly connected device; other options exist such as the bit bucket (discard or reject)
Network A 172.29.100.0/24
ge-0/0/1

.1

.2

.1

Internet

172.30.25.0/30 192.168.63.14 user@host> show route 192.168.63.14 inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both

0.0.0.0/0

*[Static/5] 01:09:34 > to 172.30.25.1 via ge-0/0/1.0


CONFIDENTIAL

Default static route

2010 Juniper Networks, Inc. All rights reserved.

SSFJUN01B

www.juniper.net | 85

Static Routes Static routes are used in a networking environment for multiple purposes, including a default route for the autonomous system (AS) and as routes to customer networks. Unlike dynamic routing protocols, you manually configure the routing information provided by static routes on each router or multilayer switch in the network. All configuration for static routes occurs at the [edit routing-options] level of the hierarchy. Next Hop Required Static routes must have a valid next-hop defined. Often that next-hop value is the IP address of the neighboring router headed toward the ultimate destination. On point-to-point interfaces, you can specify the egress interface name rather than the IP address of the remote device. Another possibility is that the next-hop value is the bit bucket. This phrase is analogous to dropping the packet off the network. Within Junos Software, the way to represent the dropping of packets is with the keywords reject or discard. Both options drop the packet from the network. The difference between them is in the action the device running Junos Software takes after the drop action. If you specify reject as the next-hop value, the system sends an ICMP message (the network unreachable message) back to the source of the IP packet. If you specify discard as the next-hop value, the system does not send back an ICMP message; the system drops the packet silently. By default, the next-hop IP address of static routes configured in Junos Software must be reachable using a direct route. Unlike with software from other vendors, Junos Software does not perform recursive lookups of next hops by default. Static routes remain in the routing table until you remove them or until they become inactive. One possible scenario in which a static route becomes inactive is when the IP address used as the next hop becomes unreachable.

SSFJUN01B

Juniper Networks, Inc.

86

Junos Operating System Highlights

Slide 86

Configuring Static Routing


Static route configuration example:
[edit routing-options] user@host# show rib inet6.0 { static { route 0::/0 next-hop 3001::1; } } static { route 0.0.0.0/0 next-hop 172.30.25.1; route 172.28.102.0/24 { next-hop 10.210.11.190; no-readvertise; } }

IPv6 default static route

IPv4 default static route

Restricts route from being advertised into a routing protocol through routing policy; Highly suggested for static routes used for management traffic

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 86

Configuration Example: Static Routing The slide illustrates the basic configuration syntax for IPv4 and IPv6 static routes. The slide also highlights the no-readvertise option which prohibits the redistribution of the associated route through routing policy into a dynamic routing protocol such as OSPF. We highly suggest that you use the noreadvertise option on static routes that direct traffic out the management Ethernet interface and through the management network. Note that IPv6 support varies between Junos OS platforms. Be sure to check the technical documentation for your specific product for support information.

SSFJUN01B

Juniper Networks, Inc.

87

Junos Operating System Highlights

Slide 87

Monitoring Static Routing


Monitoring:
Use show route protocol static to display static routes:
user@host> show route protocol static inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 Default static route Route source and preference *[Static/5] 00:41:59 > to 172.30.25.1 via ge-0/0/1.0 Next-hop interface and IP address

Use the ping utility to verify end-to-end reachability:


user@host> ping 192.168.63.14 rapid count 25 PING 192.168.63.14 (192.168.63.14): 56 data bytes Test confirms reachability !!!!!!!!!!!!!!!!!!!!!!!!! --- 192.168.63.14 ping statistics --25 packets transmitted, 25 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.027/0.057/0.145/0.032 ms

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 87

Monitoring Static Routing The slide shows the basic verification steps when determining proper operation of static routing.

SSFJUN01B

Juniper Networks, Inc.

88

Junos Operating System Highlights

Slide 88

Next Hop Resolution


Resolving indirect next hops:
By default, the software can resolve only directly connected next hops Use the resolve option to allow resolution of indirectly connected next hops:
Host-A .1 .2 172.25.1.0/30 [edit routing-options] user@Host-A# show static { route 172.20.3.0/24 { next-hop 172.25.1.6; resolve; } }
2010 Juniper Networks, Inc. All rights reserved.

Host-B .5 .6 172.25.1.4/30

Host-C .1 172.20.3.0/24

Indirect next hop

resolve option required

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 88

Resolving Indirect Next Hops By default, Junos OS requires that the next-hop IP address of static routes be reachable using a direct route. Unlike software from other vendors, Junos OS does not perform recursive lookups of next hops by default. As illustrated on the slide, you can alter the default next-hop resolution behavior using the resolve CLI option. In addition to the resolve CLI option, a route to the indirect next hop is also required. Indirect next hops can be resolved through another static route or through a dynamic routing protocol. We recommend, whenever possible, that you use a dynamic routing protocol as your method of resolution. Using a dynamic routing protocol, rather than a static route to resolve indirect next hops, dynamically removes the static route if the indirect next hop becomes unavailable.

SSFJUN01B

Juniper Networks, Inc.

89

Junos Operating System Highlights

Slide 89

Qualified Next Hops


Use qualified-next-hop to allow independent preference for static routes to the same destination:
172.30.25.0/30
ge-0/0/1

Network A 172.29.100.0/24

.2 .1
se-1/0/0

primary secondary

.1
Internet

.6

.5

172.30.25.4/30
[edit routing-options] user@host# show static { route 0.0.0.0/0 { next-hop 172.30.25.1; qualified-next-hop 172.30.25.5 { preference 7; } } }
2010 Juniper Networks, Inc. All rights reserved.

Primary next hop due to default route preference (5)

Secondary next hop due to configured route preference (7)

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 89

Qualified Next Hops The qualified-next-hop option allows independent preferences for static routes to the same destination. The slide shows an example using the qualified-next-hop option. In the sample configuration shown on the slide, the 172.30.25.1 next hop assumes the default static route preference of 5, whereas the qualified 172.30.25.5 next hop, uses the defined route preference of 7. All traffic using this static route uses the 172.30.25.1 next hop unless it becomes unavailable. If the 172.30.25.1 next hop becomes unavailable, the device uses the 172.30.25.5 next hop. Some vendors refer to this implementation as a floating static route.

SSFJUN01B

Juniper Networks, Inc.

90

Junos Operating System Highlights

Slide 90

Dynamic Routing
Method of dynamically learning routing information Dynamic routing has the following benefits:
Lower administrative overhead Increased network availability Greater network scalability

Static routing

Dynamic routing

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 90

Dynamic Routing Static routing is ideal in small networks where only a few routes exist or in networks where absolute control of routing is required. However, static routing has certain drawbacks that might make it cumbersome and hard to manage in large environments where growth and change are constant. For large networks or networks that change regularly, dynamic routing might be the best option. With dynamic routing, you simply configure the network interfaces to participate in a routing protocol. Devices running routing protocols can dynamically learn routing information from each other. When a device adds or removes routing information for a participating device, all other devices automatically update. Benefits of Dynamic Routing Dynamic routing resolves many of the limitations and drawbacks of static routing. Some of the general benefits of dynamic routing include: Lower administrative overhead: The device learns routing information automatically, which eliminates the need for manual route definition; Increased network availability: During failure situations, dynamic routing can reroute traffic around the failure automatically (the ability to react to failures when they occur can provide increased network uptime); and Greater network scalability: The device easily manages network growth by dynamically learning routes and calculating the best paths through a network.

SSFJUN01B

Juniper Networks, Inc.

91

Junos Operating System Highlights

Slide 91

Dynamic Routing Protocols


A summary of dynamic routing protocols:
IGPs operate within a single autonomous system
Single network administration that provides for unique routing policy and flexible use of network resources Examples include RIP, IS-IS, and OSPF

EGPs operate among different autonomous systems


Independent administrative entities that communicate between independent network infrastructures Current EGP in use today is BGP
AS 64513

IGP
IGP IBGP

IGP

AS 64512

AS 65535

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 91

A Summary of Dynamic Routing Protocols Our main objective is to provide a basic summary of dynamic routing protocols. Advanced coverage of routing protocols is outside the scope of this class. The slide provides a high-level summary of Interior Gateway Protocols (IGPs) and Exterior Gateway Protocols (EGPs).

SSFJUN01B

Juniper Networks, Inc.

92

Junos Operating System Highlights

Slide 92

OSPF Protocol Overview


OSPF is a link-state IGP that:
Reliably floods link-state information to neighbors Creates a complete database of network Calculates best path to each destination Uses areas to incorporate hierarchy and allow for scalability

AS 64512

Area 0.0.0.1

Area 0.0.0.0

Area 0.0.0.2

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 92

OSPF Protocol OSPF is a link-state routing protocol designed for use within an AS. OSPF is an IGP. Link-state protocols allow for faster reconvergence, support larger internetworks, and are less susceptible to bad routing information than distance-vector protocols. It is common to refer to distancevector protocols learning as learning by rumor, where a router learns about prefixes from neighboring routers perspectives. Routers using link-state routing protocols learn network topology by propaganda, where they learn the topology from all the routers directly. Devices running OSPF send out information about their network links and the state of those links to other routers in the AS. This information transmits reliably to all other routers in the AS by means of link-state advertisements (LSAs). The other routers receive this information, and each router stores it locally. This total set of information now contains all possible links in the network. In addition to flooding LSAs and discovering neighbors, a third major task of the link-state routing protocol is establishing the link-state database. The link-state (or topological) database stores the LSAs as a series of records. The important information for the shortest path determination process is the advertising routers ID, its attached networks and neighboring routers, and the cost associated with those networks or neighbors. OSPF uses the shortest-path-first (SPF) algorithm (also called the Dijkstra algorithm) to calculate the shortest paths to all destinations. It does this calculation by calculating a tree of shortest paths incrementally and picking the best candidate from that tree. OSPF uses areas to allow for a hierarchical organization and facilitate scalability. An OSPF area is a logical group of routers. The software can summarize the routing information from an OSPF area and the device can pass it to the rest of the network. Areas can reduce the size of the link-state database on an individual router. Each OSPF router maintains a separate link-state database for each area to which it is connected. The link-state database for a given area is identical for all participating routers within that area. To ensure correct routing knowledge and connectivity, OSPF maintains a special area called the backbone area. OSPF designates the backbone area as Area 0.0.0.0. All other OSPF areas must connect themselves to the backbone for connectivity. All data traffic between OSPF areas must transit the backbone.

SSFJUN01B

Juniper Networks, Inc.

93

Junos Operating System Highlights

Slide 93

Case Study: Objective and Topology


Use a single OSPF area to provide connectivity among all connected subnets and loopback addresses; ensure that no adjacencies are formed on interfaces connecting to the 172.20.x.0/24 subnets
Host-A lo0: 192.168.100.1/32

OSPF Area 0
ge-0/0/2 .1 .10 172.25.1.0/30 .2

Host-B lo0: 192.168.100.2/32 .1

172.20.1.0/24

.1 ge-0/0/3

172.20.2.0/24

.5

ge-0/0/1

.9 Host-C lo0: 192.168.100.3/32 .1

.6

172.20.3.0/24
2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 93

Case Study: Objective and Topology The slide provides the objective and sample topology used in this case study.

SSFJUN01B

Juniper Networks, Inc.

94

Junos Operating System Highlights

Slide 94

Case Study: Configuring OSPF


Sample OSPF configuration taken from Host-A:
[edit protocols ospf] user@Host-A# set area 0 interface ge-0/0/1.0 [edit protocols ospf] user@Host-A# set area 0 interface ge-0/0/2.0

Specify the logical interface. If unit is not referenced, Junos Software assumes unit 0. Use passive option to prohibit adjacency formation.

[edit protocols ospf] user@Host-A# set area 0 interface ge-0/0/3.0 passive [edit protocols ospf] user@Host-A# set area 0 interface lo0.0 [edit protocols ospf] user@Host-A# show area 0.0.0.0 { interface ge-0/0/1.0; interface ge-0/0/2.0; interface ge-0/0/3.0 { passive; } interface lo0.0; }
2010 Juniper Networks, Inc. All rights reserved.

Junos Software converts area 0 to its proper dotted decimal notation (0.0.0.0).

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 94

Case Study: Configuring OSPF Note that you must include the lo0 interface if you want the associated IP address(es) advertised into OSPF. Prior to software Release 8.5, the IP address associated with the lo0 interface was automatically advertised into OSPF as a router LSA. The slide illustrates the required OSPF configuration for Host-A. Although not shown, Host-B and Host-C require a similar OSPF configuration to establish adjacencies and share routing information.

SSFJUN01B

Juniper Networks, Inc.

95

Junos Operating System Highlights

Slide 95

Case Study: Verifying OSPF Neighbor State


Use show ospf neighbor to display adjacencies
Use detail or extensive options for added information
user@Host-A> show ospf neighbor Address Interface 172.25.1.9 ge-0/0/1.0 172.25.1.2 ge-0/0/2.0 State Full Full ID 192.168.100.3 192.168.100.2 Pri 128 128 Dead 38 35

The state of the adjacencies shows Full, which means neighbors can exchange routing information

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 95

Case Study: Verifying OSPF Neighbor State The slide shows the CLI command used to determine OSPF adjacencies. In the sample output on the slide, you can see that Host-A has formed adjacencies with both Host-B and Host-C. The following is a description of the fields displayed in the output: Address: The address of the neighbor. Interface: The interface through which the neighbor is reachable. State: The state of the neighbor, which can be Attempt, Down, Exchange, ExStart, Full, Init, Loading, or 2 Way. ID: The router ID of the neighbor. Pri: The priority of the neighbor to become the designated router, only used on broadcast networks during designated router elections. By default, this value is set to 128, indicating the highest priority and the most likely router to be elected designated router. Dead: The number of seconds until the neighbor becomes unreachable.

SSFJUN01B

Juniper Networks, Inc.

96

Junos Operating System Highlights

Slide 96

Case Study: Viewing OSPF Routes


Use show route protocol ospf to display OSPF routes
user@Host-A> show route protocol ospf inet.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both

172.20.2.0/24
172.20.3.0/24 172.25.1.4/30

192.168.100.2/32 192.168.100.3/32 224.0.0.5/32

*[OSPF/10] 00:03:55, > to 172.25.1.2 via *[OSPF/10] 00:00:04, > to 172.25.1.9 via *[OSPF/10] 00:03:46, > to 172.25.1.9 via to 172.25.1.2 via *[OSPF/10] 00:03:55, > to 172.25.1.2 via *[OSPF/10] 00:03:46, > to 172.25.1.9 via *[OSPF/10] 00:16:13, MultiRecv

metric 2 ge-0/0/2.0 metric 2 ge-0/0/1.0 metric 2 ge-0/0/1.0 ge-0/0/2.0 metric 1 ge-0/0/2.0 metric 1 ge-0/0/1.0 metric 1

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 96

Case Study: Viewing OSPF Routes The slide illustrates the show route protocol ospf command, which displays OSPF routes learned by Host-A. Note that Host-A does not actually install its directly connected subnets in its route table as OSPF routesit installs them as direct routes.

SSFJUN01B

Juniper Networks, Inc.

97

Junos Operating System Highlights

Slide 97

Lab 3- Configuring OSPF


Configure and monitor static routing Configure and monitor OSPF https://virtuallabs.juniper.net/
Download and print Lab Instructions

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 72

Lab 3- Configuring OSPF Configure and monitor static routing Configure and monitor OSPF Lab instructions: https://www.juniper.net/partners/partner_center/common/training/downloads/pdfs/ssfjun1b_lab.pdf Enter Virtual Lab https://virtuallabs.juniper.net/

SSFJUN01B

Juniper Networks, Inc.

98

Junos Operating System Highlights

Slide 98

Section Objectives
In this section, you have learned how to:
Explain basic routing operations and concepts View and describe routing and forwarding tables Configure and monitor static routing Configure and monitor OSPF

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 98

In this section, you have learned: Basic routing operations and concepts; Routing and forwarding tables; Configuration and monitoring of static routing; and Configuration and monitoring of basic OSPF.

SSFJUN01B

Juniper Networks, Inc.

99

Junos Operating System Highlights

Slide 99

Learning Activity 4, Question 1:


In Junos OS, route preference is similar to what Cisco concept?
a) Administrative distance setting b) c) d) Route hierarchy Destination table Routing table

Submit Submit

Clear Clear

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 99

SSFJUN01B

Juniper Networks, Inc.

100

Junos Operating System Highlights

Slide 100

Learning Activity 4, Question 2:


What are three benefits of Dynamic Routing?
a) b) c) d)

Useful for small networks where only a few routes exist


Lower administrative overhead Increased network availability Greater network scalability

Submit Submit

Clear Clear

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 100

SSFJUN01B

Juniper Networks, Inc.

101

Junos Operating System Highlights

Slide 101

Junos OS Adoption

2009 Juniper Networks, Inc. All rights reserved. | www.juniper.net | Proprietary and Confidential

Adoption of any new product or technology initially requires some effort; however, Junipers customers have consistently found the initial short-term activities of Junos adoption to be far outweighed by the longterm benefits. This section introduces the interoperability features and migration tools available to Juniper customers to make the move to Junos simple and safe.

SSFJUN01B

Juniper Networks, Inc.

102

Junos Operating System Highlights

Slide 102

Section Objectives
In this section, you will learn how to:
Discuss how Junos OS interoperates with other devices and integrates to other systems Introduce Junipers Advanced Insight Solutions Present ways in which Juniper eases Junos OS adoption for new customers

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 102

In this section, you have learned how to: Discuss how Junos interoperates with other devices and integrates to other systems Introduce Junipers Advanced Insight Solutions Present ways in which Juniper eases Junos adoption for new customers

SSFJUN01B

Juniper Networks, Inc.

103

Junos Operating System Highlights

Slide 103

Time Tested Interoperability


Commitment to standards
IETF leadership Extensive set of networking protocols

Pragmatic approach
Run vendor interoperability tests Interoperability that works
Not just compliance to standards

Extensive field experience


Top service providers Thousands of business, government, and education networks Most deployments are mixed environments
2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 103

Do any of your customers have only one vendor in their network? For the most part, probably not. Just as most of your customers likely have multiple vendors for servers, storage, and other IT systems, its good practice to use multiple vendors in the network, as overall, an organization is likely to get better solutions for lower costs. So how Junos interoperates and integrates into existing infrastructure is essential. Juniper engineers have long been involved in building open standards for interoperability in industry organizations. For example, Junos developers have been at the forefront of defining and implementing MPLS applications, next-generation multicast VPN architectures, and high-availability features such as nonstop active routing and in-service software upgrades. Junos protocols engineers authored or co-authored more than 20 IETF drafts in 2008 alone. Junos OS supports hundreds of networking protocols standards such as spanning tree, LLDP, OSPF, BGP, IPv6, and MPLS, to name just a few. Nonetheless, the practicalities of interoperability require that Juniper goes beyond simply implementing the standards. For example, filling in gaps in cases of differences in interpretation or where de-facto standards are used. This practical approach is necessary to support the thousands of customers of Junos. Interoperability between Juniper and other large networking vendors has been proven several times over, in the best possible way, with live network implementations in the largest networks over the past decade.

SSFJUN01B

Juniper Networks, Inc.

104

Junos Operating System Highlights

Slide 104

What Doesnt Work?


Proprietary
EIGRP PVST and PVST+ HSRP WCCP Etc.

Legacy
IPX Appletalk Etc.

Bleeding edge
New protocols that are draft standards
Synchronize over time
104
2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 104

A few organizations may still be running proprietary or legacy protocols within their network. In these cases, the customer will either have to transition to modern standards or adopt one of the available methods of supporting these protocols over a standards-based infrastructure. For example, there are various approaches to simultaneously running EIGRP and OSPF in legacy routers to support a long term transition to OSPF. By moving to open standards, organizations benefit from the collective innovation of the industry; open standards generally offer a broader set of capabilities than protocols developed exclusively by one vendor.

SSFJUN01B

Juniper Networks, Inc.

105

Junos Operating System Highlights

Slide 105

Standards-Based Integration to Systems


Integration to NMS and other operations tools
Retrieve operational and configuration information Efficiently search, modify, and upload full or partial device configuration information Standardized system logging messages and SNMP interfaces

NETCONF XML Interface


Defines an XML-based data encoding for configuration data as well as the protocol messages Enables other systems to request and change configuration information in a standard way

NETCONF XML

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 105

Operations teams use tens, sometimes hundreds, of different tools to manage their networks, for examples tools for inventory, configuration, provisioning, monitoring, and managing faults. Many are home grown while others are purchased from one of the many independent software vendors who develop network management products. Juniper works in close partnership with these vendors to integrate management of Junos into their solutions. Juniper streamlines integration of partner and customer systems by providing a number of open, standard interfaces in Junos. In addition to the CLI, standardized system logging messages, SNMP interfaces, and onboard instrumentation systems, Junos also provides an XML (eXtensible Markup Language) interface. All these open options let network management tools interact with Junos in a reliable and predictable way. For customers who want to use Juniper element management, Juniper provides its Network and Security Manager (NSM), a powerful, centralized management solution that controls the entire device life cycle across the broad portfolio of Junipers enterprise platforms, including firewall/IPSec VPN, Secure Access (SSL), Infranet Controller, the J Series, M Series, and MX Series routing platforms and EX Series switches.

SSFJUN01B

Juniper Networks, Inc.

106

Junos Operating System Highlights

Slide 106

Automate Technical Support with


Deliver automated incident management and proactive analysis assistance Increase availability, streamline operational efficiency, and lower costs Begin troubleshooting an issue with a JTAC case already opened
Advanced Insight Solutions

customer controlled, secure exchanges

Advanced Insight Manager

security

switching

routing

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 106

Advanced Insight Solutions (AIS) is a new Juniper offering that revolutionizes problem detection and resolution for IP networks. With AIS, Juniper pledges to solve customers network problems fasteror prevent them in the first place. AIS provides a comprehensive set of tools and technologies to automate the delivery of tailored, proactive network intelligence and support services offered by the Juniper Networks Technical Assistance Center (JTAC). By distributing advanced support intelligence from Juniper engineers and systems, automating support steps for customers, and providing proactive insight into software device operations, AIS enables network operations to become simpler, more reliable, and more cost-effective. Many customers also deploy the Service Now application running on Junos Space to ease management when they have a large number of devices subscribed to AIS.

SSFJUN01B

Juniper Networks, Inc.

107

Junos Operating System Highlights

Slide 107

Junos OS Certification
Comprehensive certification tracks
New user to expert

Fast Track program


Offers significant time/ cost savings for enterprise certs For experienced professionals Training materials available online at no charge
2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 107

Our customers have consistently found the short-term efforts of Junos adoption to be far outweighed by the long-term benefitsfrom significant cost savings, to greatly improved operations efficiency, to the increased availability, performance, and security of business applications. Juniper Networks provides a wide array of training programs and a range of technical certifications including its Fast Track program design specifically to expedite training and certification of experienced networking professionals along with operations tools that ease migration.

SSFJUN01B

Juniper Networks, Inc.

108

Junos Operating System Highlights

Slide 108

Professional Services

Education Services

Improve the productivity and selfsufficiency of your technical staff


Consulting Services

Accelerate your networks value with expert assistance


Installation/Config Services

Start your high-performance, high-value network rapidly, confidently


Technical Services

Protect your high-performance business investment through operational assistance

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 108

Besides a full portfolio of training courses, Juniper offers to you and your customers a wide range of professional consulting services and technical support, enabling your customers to take advantage of Junipers breadth of internetwork and security hands-on experiences.

SSFJUN01B

Juniper Networks, Inc.

109

Junos Operating System Highlights

Slide 109

X2J Conversion Tools


Converts Cisco IOS to Juniper Networks Junos OS Routing and switching protocols Review to ensure complete translation Available on the Juniper support site Offered through AES 256-bit encrypted website Translation support includes: Interfaces Routing protocols Routing policy Packet filters Switching features And more
https://i2j.juniper.net/release/index.jsp

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 109

Are your customers migrating from Cisco to Juniper? Ease the transition with the I2J tool, a configuration translator that converts Cisco IOS software configurations to Junos OS configurations. Automatic access to the tool at https://i2j.juniper.net/release/index.jsp is provided at no charge to JNASC Support Manager, JNASC Support Provider, Premier Accounts and all support contract customers.

SSFJUN01B

Juniper Networks, Inc.

110

Junos Operating System Highlights

Slide 110

Section Objectives
In this section, you have learned how to:
Discuss how Junos OS interoperates with other devices and integrates to other systems Introduce Junipers Advanced Insight Solutions Present ways in which Juniper eases Junos adoption for new customers

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 110

In this section, you have learned how to: Discuss Junos interoperability with other devices and its integration into other systems Introduce Junipers Advanced Insight Solutions Present ways in which Juniper eases Junos adoption for new customers

SSFJUN01B

Juniper Networks, Inc.

111

Junos Operating System Highlights

Slide 111

Learning Activity 5, Question 1: True or False: Junos OS is designed for Junos-only networks
a)
b)

True
False

Submit Submit

Clear Clear

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 111

SSFJUN01B

Juniper Networks, Inc.

112

Junos Operating System Highlights

Slide 112

Learning Activity 5, Question 2: What does Advanced Insight Solutions (AIS) provide to help the customer?
a) b) c) d) Robust fail-fast and rollover features in our Junos based platforms A comprehensive set of tools and technologies to automate relations with Juniper JTAC

Fault-tolerant redundancy in key router components


Subscription-based access to JUNIPER product wikis
Submit Submit Clear Clear

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 112

SSFJUN01B

Juniper Networks, Inc.

113

Junos Operating System Highlights

Slide 113

Evaluation and Survey


You have reached the end of this Juniper Networks eLearning module You should now return to your Juniper Learning Center to take the Practice Test and the Student Survey
The test will allow you to gauge your knowledge of the material covered in this course The survey will allow you to give feedback on the quality and usefulness of the course

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 113

You have reached the end of this Juniper eLearning module. You should now return to your Juniper Learning Center to take the Practice Test and the Student Survey. The test will allow you to gauge your knowledge of the material covered in this course. The survey will allow you to give feedback on the quality and usefulness of the course.

SSFJUN01B

Juniper Networks, Inc.

114

Junos Operating System Highlights

Slide 114

2010 Juniper Networks, Inc.

Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper Networks logo, Junos, NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. Junose is a trademark of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners. Juniper Networks reserves the right to change, modify, transfer or otherwise revise this publication without notice.

2010 Juniper Networks, Inc. All rights reserved.

CONFIDENTIAL

SSFJUN01B

www.juniper.net | 114

Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper Networks logo, Junos, NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. Junose is a trademark of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners. Juniper Networks reserves the right to change, modify, transfer or otherwise revise this publication without notice.

SSFJUN01B

Juniper Networks, Inc.

115

Junos Operating System Highlights

Slide 115

CONFIDENTIAL

SSFJUN01B

Juniper Networks, Inc.

116

Corp orat e and Sales Head q uart ers

APAC Head q uart ers

EMEA Head q uart ers

You might also like