Junosroutingoverviewall in One 140912210812 Phpapp01

Juniper Networks
Networking Essentials
Module 1: TCP/IP Internetworking
Copyright 2003, Juniper Networks, Inc.
IJNR-6.b.6.1.2
Module Objectives
After successfully completing this module, you will be
able to:
Identify the components of an internetwork and explain the
role of each component

Explain how packets are routed on a TCP/IP network
Describe the role of an IP address on an internetwork
Copyright 2003, Juniper Networks,

Inc.
Internetwork Example
Network 1
192.168.1.0
Network 2
192.168.2.0

Inc.
Local-Area Networks
A computer network that spans a small area
Confined to a single building or corporate campus
Can connect to other LANs through telephone lines
and wireless connections

LAN characteristics differentiated by:
Topology
Protocols
Media

Inc.
Wide-Area Networks
A computer network that spans a large geographical
area
WANs interconnect LANs
Computers connected to WAN through public
telephone system, leased lines, or wireless connection
The Internet consists of many WANs and WAN links

Inc.
Intermediate Internetworking Devices

Bridges
Connect multiple LAN segments to form a larger LAN
Usually the same media type
Bridges forward broadcasts by default
Routers
Connect multiple LANs but maintain LAN boundaries
Connect LANs across WAN links
LAN and WAN links may be different media types
Implement logical network structure (e.g., IP networks)

Routers block broadcasts by default
Switches
High-speed multi-port bridges with many ports
Many implement Virtual LANs (VLANs)

Inc.
Routing on a TCP/IP Network
Network 1
192.168.1.0
Network 2
192.168.2.0

Inc.
Role of IP and the IP Address
Application
Application
End-to-End Delivery
TCP/UDP
IP Address X
IP Protocol
Network-Dependent
Internet (IP)
TCP/UDP
IP Protocol
IP Address Y
Network-Dependent

Inc.
Format of the IP Address

IP address is a 32-bit numeric address
Written as four numbers separated by periods:
Dotted Quad notation for human convenience
Examples
10.0.15.1
172.20.10.24
192.168.94.122
The IP address is used to identify a particular network
and host on that network

Must be globally unique (with some exceptions)

Inc.
Relationship of the IP Address to the

Hardware Address
7
Application
Presentation
Session
Transport
Network
LLC
MAC
Physical
IP Address
802.2 Logical Link Control
802.3
CSMA/CD
802.4
Token Bus
OSI Reference Model

Inc.
802.5
Token Ring
Mapping Address Layers: ARP

Address Resolution Protocol (ARP) maps an IP address
to a physical MAC address

Host broadcasts an ARP request to obtain a physical address
IP: 192.168.2.1
IP: 192.168.2.23
MAC: 0000.2222.1111
MAC: 0000.2222.2323
(1) Requester sends

BROADCAST ARP_REQUEST
(MAC dest = ffff.ffff.ffff, target
IP = 192.168.2.23)
(4) Requester stores the

mapping in local ARP cache
and can now communicate
directly with target
(3) Target host responds to

requester via UNICAST
(192.168.2.23 maps to MAC
0000.2222.2323, MAC dest =
0000.2222.1111)
(2) ALL hosts read

ARP_REQUEST, but do not
respond if theyre not the
target
IP: 192.168.2.2
IP: 192.168.2.11
IP: 192.168.2.43
MAC: 0000.2222.2222
MAC: 0000.2222.0011
MAC: 0000.2222.4343

Inc.
Logical Network Types

Broadcast
Multiple sources and
destinations "on the wire"

One packet can be read by
many receivers
Typical for LANs
Example: Ethernet
Point-to-Point
Two ends/"stations"
Typical for WANs
Example: T1
Router A

Inc.
Router B
Review Questions
1. How does a router differ from a bridge?
2. What is ARP?
3. What are two types of Logical Networks?

Inc.
Juniper Networks
Module 2: IP Addressing
.
IJNR-6.b.6.1.2
Module Objectives
able to:
Create IP addresses in binary notation and decimal format,
and identify the corresponding address classes

Define subnetting and subnet masks, and create effective
subnets for a given network
Define classless interdomain routing (CIDR), and aggregate a
given range of network addresses to the highest degree
possible

Inc.
Importance of IP Addressing
Unique addresses make information delivery systems
work
Telephone numbers
Postal addresses
IP addressing scheme integral to process of routing IP
data through an internetwork

Two major Internet scaling issues:
IPv4 address space depletion
Routing traffic given increasing number of networks that
make up the Internet

Inc.
Classful IP Addressing
Original Classful IP addressing defines a 32-bit IP
address
Two-part Internet address structure
32-Bit IP Address
Network Part
Host Part

Inc.
Binary Overview
7
Bit position
27
26
25
24
23
22
21
20
2^(bit position)
1
2
8
6
4
3
2
1
6
Decimal value
128+16+8+2=154
16+4+2+1=23
128+64+32+8=232
64+1=65
128+64+32+16+8+4+2+1=255
128+32+8+4=172

Inc.
Primary Address Classes

8
No. of bits
Class A
24
Network
128 64 32 16 8
Host
2
Host
16
Class B
1 0
Network
Host
16
Network
Host
24
Class C
1 1 0
Network
Network
Host
8
Network

Inc.
Host
Dotted Decimal Notation
Bit#
31
10101100
172
00010000
00100011
16
00001000
35
172.16.35.8

Inc.
High-Order Bits
Class addresses specified by the high-order bits:
Class
Class A
Class B
Class C
High-Order Bits
0
10
110
IP Address 192.168.21.40 is a Class C address:

11000000.10101000.00010101.00101000

Inc.
First Octet Rule

Class determined by location of first 0 in binary
address:
Class
Class A
Class B
Class C
First Octet Range

00000001 01111110 (Binary)
1 126*
(Decimal)
10000000 10111111
128 191
11000000 11011111
192 223
*0 and 127 reserved

Inc.
First Octet Rule Examples
Address
Class
172. 18.192.34
10101100.00010010.11000000.00100010
10.155.128.2
00001010.10011011.10000000.00000010
192.12.3.42
11000000.00001100.00000011.00101010

Inc.
Default Masks
Identify the location of the network part (1s) and host
part (0s) of an address

Class A
Class B
Class C
11111111.00000000.00000000.00000000
255 .
0
.
0
.
0
11111111.11111111.00000000.00000000
255 . 255
.
0
.
0
11111111.11111111.11111111.00000000
255 . 255
.
255 .
0

Inc.
Reserved Addresses
Network Address: all host bits are binary 0
10.0.0.0
172.23.0.0
192.168.14.0
Broadcast Address: all host bits are binary 1
10.255.255.255
172.23.255.255
192.168.14.255

Inc.
IPv4 Address Management Issues

Central authority: IANA
Inefficient allocation of limited address space
IPv4 32-bit address space
Address allocations based on organizations requests
rather than actual need

Early depletion of Class B addresses

Inc.
IP Subnetting
All Classful IP addresses can be divided into smaller
networks called subnets
Class B Address: Before Subnetting

1 0
Network
Network
Host
Host
Subnet
Host
Class B Address: After Subnetting

1 0
Network
Network

Inc.
Problems Solved with Subnetting

Provides network administrators with extra flexibility
Provides more efficient use of network address
utilization
Contains broadcast traffic; broadcast will not cross a
router
Subnets under local administrator control
External users and organizations see only single
network

Inc.
Subnet Mask
Example subnet mask for Class B address

Network
Network
Binary 1 1 1 1 1 1 1 1
Representation
Dotted Decimal
Representation
255
Subnet
1 1 1 1 1 1 1 1
255
Host
1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0
255

Inc.
Subnet Example 1
Assigned Network Number: 172.25.0.0/16
Create 256 subnets
172.25.0.0/24
172.25.1.0/24
172.25.2.0/24
172.25.3.0/24
.
172.25.255.0/24

Inc.
Subnet Example 2
Create 4 subnets
192.168.1.0/26
192.168.1.64/26
192.168.1.128/26
192.168.1.192/26

Inc.
Subnet Example 3
Create 8 subnets
10.0.0.0/11
10.32.0.0/11
10.64.0.0/11
10.96.0.0/11
10.128.0.0/11
10.160.0.0/11
10.192.0.0/11
10.224.0.0/11

Inc.
Growth of the Internet

The Internet is todays largest public data network
Connects millions of users worldwide
Ongoing technical advancements in networking
hardware contribute to growth

Increasing number of networks over the past decade

Inc.
Growth of Internet Routing Tables

Caused by Internet expansion
Backbone routers must maintain complete Internet
routing information
Additional factors include:
Increased CPU processing speed for routing table topology
updates
Dynamic nature of todays WWW
Increased volume of diverse information
IP Next Generation (IPv6)

Long-term solution, but deployment is limited
IPv4 modified to allow continued growth

Inc.
Classless Inter-Domain Routing

CIDR ignores the concept of Network Address Classes
Reduces the amount of route advertisements
192.168.64.0
.65.0
.66.0
No CIDR
CIDR
192.168.64 /24
192.168.65 /24
192.168.66 /24
192.168.67 /24
.67.0

Inc.
192.168.64 /22
Implications of CIDR on the Router

CIDR officially documented in 1993
CIDR supports following important features that benefit
global Internet routing system:

Ignores traditional concept of Class A, B, and C network
addresses
Supports route aggregation where single routing table entry
can represent address space of thousands of traditional
classful routes

Inc.
CIDR Address Allocation Example

Allocate variable-length blocks from 192.168.16/20
192.168.30.0/23
192.168.28.0/23
Block
#4
Block
#3
Block
#1
Block
#2
192.168.24.0/22

Inc.
192.168.16.0/21
CIDR Routing in a Classless Environment

Organization 1
172.25.16.0/21
192.168.0.0/16
ISP 1
Organization 2
172.25.24.0/22
Internet
172.16.0.0/16
Organization 3
172.25.28.0/23
ISP 2
Organization 4
172.25.30.0/23

Inc.
JUNOS Support for CIDR

JUNOS supports CIDR
Defined in RFC 1519, Classless Inter-Domain Routing
(CIDR): An Address Assignment and Aggregation

Strategy

Inc.
Private IP Addresses (RFC 1918)

Sustained growth in TCP/IP technology
Increasing number of enterprises use TCP/IP for intra-
enterprise communications only

Concerns:
Limited global address space

Routing overhead increasing beyond capabilities of ISPs
RFC1918 allows enterprises and ISPs to use specific
address space so long as it is not advertised back out

to the Internet
10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16
ISPs continue to obtain blocks of public address space
from address registry and assign customers addresses

from within block based on customer requirement
Inc.
Review Questions
1. To select IP addresses for an ISP, where would you
begin?
2. How are subnets implemented on an IP network?
3. When would you implement CIDR on an IP network?
4. What is the purpose of Private Addressing and how is
it useful?

Inc.
Lab 1: IP Subnetting
Note: Various Junos CLI commands will be used during
this lab that have not yet been discussed. All CLI
commands will be fully explained in the sunsequent
sections.

Inc.
Juniper Networks
Module 3: Router Basics
IJNR-6.b.6.1.2
Module Objectives
After successfully completing this module, you should
be able to:
Describe the function of a router and explain how a router
works to route packets on a network

Explain the concepts of routing metrics and route selection on
an Internet network

Inc.
What Is Routing?
Act of moving information across logical path from a
source to a destination
Routers
Determine the best routing paths
Transport information groups, or packets, through an
internetwork
Routers vs. bridges and switches

Bridges and switches operate at Layer 2, the Data Link layer
Routers operate at Layer 3 (the Network layer)

Inc.
Basic Router Functions

Route determination/topology awareness
Routes are learned and recorded in the route table
Selection criteria are applied to determine the preferred route
or routes to each destination
The preferred routes are recorded in the forwarding table
Packet forwarding
Incoming packets are switched to outgoing interfaces based
on the forwarding table entries

Inc.
How Routers Operate

4
Application Layer
Consists of applications and
processes that use the network
Host-to-Host Transport Layer
Internetwork Layer
Frames are switched from one
interface to another, based on
packet information
Select interface to
which to send
encapsulated frames
Network Access Layer

Identifies bits on the medium
at router interfaces
Encapsulate frames
(such as Ethernet)
Transmit bits of the frame

Inc.
Packet Processing
(2) IP lookup
(3) Select outbound interface
Packet
(1) Inbound:
Receive bits
(4) Outbound:
Detect frame
Remove
encapsulation
Transmit bits
Re-encapsulate
1.
Receive packet, check L2 info.
2.
Read L3 header to determine destination address.
3.
Perform longest-match lookup for L3 destination in

forwarding table and select the appropriate outbound physical
interface.
4.
Encapsulate the packet with the appropriate L2 header/trailer

and transmit.
5.
GO TO STEP 1: Receiving router does it all over again.

Inc.
IP Packet Format
32 BITS
VERSION
IHL TYPE-OF-SERVICE
FLAGS
IDENTIFICATION
TIME-TO-LIVE
TOTAL LENGTH
PROTOCOL
FRAGMENT OFFSET
HEADER CHECKSUM
SOURCE ADDRESS
DESTINATION ADDRESS
OPTIONS (+ PADDING)
Router reads
destination
address to determine
how to route the packet
DATA (VARIABLE)

Inc.
IP Addresses Determine Route Destination

No. Bits
Class A
24
Network
128 64 32 16 8
4 2
Host
Host
14
Class B
1 0
Network
Host
16
Network
Host
21
Class C
1 1 0 Network
Network
Host
8
Network
What is the longest-match

prefix for this packet?

Inc.
Host
Selecting Routes for Forwarding

Routing
updates
Static
routes
Local
addresses
Policy
Routing
Table
Best
Routes
Yes
Forwarding
Table

Inc.
Routing Tables
Packets destination address is for:
One of the routers interfaces or a broadcast address
Packet is for an internal router process
Any other known address

Packet must be routed
Unknown address
Look for default route. If none exists, packet is dropped
Packet In
Packet Out

Inc.
Contents of a Routing Table

Minimum contents of routing table:
Destination prefix
Next-hop IP address
The next router downstream, closer to the destination
inet.0: 12 destinations, 12 routes (12 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both
10.0.21.0/24
*[Direct/0] 17:48:31
> via GigE0.0
10.0.21.2/32
*[Local/0] 17:48:31
Local
10.0.29.0/24
*[Direct/0] 17:48:31
> via GigE1.0
10.0.29.1/32
*[Local/0] 17:48:31
Local
192.168.16.0/24
*[RIP/100] 00:03:45
> to 10.0.21.1 via fxp0.0
192.168.17.0/24
*[RIP/100] 00:03:45
> to 10.0.21.1 via fxp0.0
192.168.28.0/24
*[Static/5] 16:48:05
Discard
192.168.29.0/24
*[Static/5] 16:48:05
Discard

Inc.
Populating a Routing Table

Static and default routes
Specific prefixes not learned via a protocol
Default used when a partial match cannot be made
Dynamic routing protocols
Routers communicate reachability information
10.0.21.0/24
*[Direct/0] 01:00:31
10.0.21.2/32
*[Local/0] 01:00:31
10.0.29.0/24
*[Direct/0] 01:00:31
10.0.29.1/32
*[Local/0] 01:00:31
192.168.16.0/24
*[RIP/100] 00:03:45
> via GigE0.0

Local
> via GigE1.0
Local
> to 10.0.21.1 via GigE0.0

Inc.
Route Selection
Route selection is based on:
Longest, or most specific, match
Preferences, for different protocols
Routing metrics, for same protocol
Given multiple routes to a destination, the router must
select the best route

Load balancing may be considered

Inc.
Route Selection: Longest Match

Most specific address is matched:
Host route
Subnet
Summary route, or group of subnets
Major network number
Supernet, or group of major networks
Default address

Inc.
Route Selection: Preference

Routing protocol processes calculate the active route
from all routes in the routing table

Preference routes are placed in the forwarding table
The active route is the route with the lowest preference
value
Preference is a value in the range of 0 through 255
Preference is used to rank routes received from different
protocols, interfaces, or remote systems
Identifies the believability of a source in determining
best route

Inc.
Route Selection: Routing Metrics

Routing metrics are generally a measurement of cost or
overhead
Metrics are protocol-specific
Used to determine the best route for a single protocol
Dont compare metrics from different routing protocols
apples vs. oranges

Inc.
Forwarding Table
nancy@sluggo.lab>
nancy@sluggo.lab> show
show route
route forwarding-table
forwarding-table
Internet:
Internet:
Destination
Type
Destination
Type RtRef
RtRef Nexthop
Nexthop
10.100.71.0/24
user
00 10.100.67.254
10.100.71.0/24
user
10.100.67.254
10.100.71.224/27
user
22 10.100.67.254
10.100.71.224/27
user
10.100.67.254
10.250.1.36/30
intf
0
ff.3.0.21
10.250.1.36/30
intf
0 ff.3.0.21
10.250.1.37/32
intf
00 10.250.1.37
10.250.1.37/32
intf
10.250.1.37
10.250.1.103/32
dest
00 10.250.1.103
10.250.1.103/32
dest
10.250.1.103
---(more)-----(more)---
Type
Type Index
Index NhRef
NhRef Netif
Netif
ucst
18
ucst
18 74212
74212 GigE0.0
GigE0.0
ucst
18
ucst
18 74212
74212 GigE0.0
GigE0.0
ucst
27
1
so-2/0/0.0
ucst
27
1 so-2/0/0.0
locl
26
11
locl
26
bcst
37
11 ge-7/2/0.0
bcst
37
ge-7/2/0.0

Inc.
Metrics
Possible routing metrics include:
Hop count
Composite index/metric
Bandwidth: Amount of data that can be transmitted in a fixed amount
of time
Delay: Transit latency of path
Common practice is to link bandwidth as a measure of
cost, like a toll for the router

Path metrics are calculated by adding the interface
metrics along the path

Inc.
Review Questions
1. What functions does a router perform?
2. What functions does a routing algorithm perform?
3. What is the relationship between a routing table and a
forwarding table?
4. What factors affect how a router makes a route
selection?
5. What is a metric and how does a router use metrics to
make routing decisions?

Inc.
Introduction to Juniper Networks Routers
Module 4: M-series and T-series

Product Overview
IJNR-6.b.6.1.2
Module Objectives
able to:
Match Juniper Networks, Inc. products with typical
applications in a service provider network

Describe the architecture of Juniper Networks M-series and
T-series platforms
Describe the function of the RE, FPCs, PICs, System, and
Control boards
Operate the Craft Interface
Describe packet flow through M-series and T-series platforms
List three characteristics of JUNOS software

Inc.
Juniper Networks Role in the Internet

Where we are going
Networking hardware evolution
Juniper Networks: the company
Juniper Networks M-series and T-series platforms overview
M5/M10 and the M7i/M10i routers
M20 router
M40 router
M40e router
M160 router
T640 Internet routing node
T320 router
M320 Router

Inc.
Networking Hardware Evolution

The first routers were general-purpose computers
Single CPU, RAM, monolithic operating system
Low-speed serial interfaces
Networking advancements:
More PCs attached to networks
Increased application bandwidth consumption
Increased transmission speeds
Single-CPU router architecture could not keep up!
Juniper Networks broke tradition with:

Specialized operating system
Protected memory, multi-tasking
Hardware-based packet forwarding
Juniper Networks M-series and T-series routers implement key functions on

ASICs
Separation of two equally complex problemsInternet control and highperformance packet forwarding

Inc.
Juniper Networks: The Company

Business:
Converts bandwidth into scalable, differentiable IP services
using a new class of integrated silicon- and software-based
routing systems
Juniper Networks sells solutions, not just routers
Mission:
To be the primary supplier of scalable, reliable,
high-performance IP systems for the new IP infrastructure
Market:
Supplies systems to numerous worldwide markets that
provide high-speed IP services in both the core and edge

environments

Inc.
Juniper Networks Product Positioning

Consumer
Edge: B-RAS
(E-series Routers)
Service Provider
Network
Core
Residential
Education
PSTN/
Mobile
M-series/T-series
Platforms
SOHO/ROBO
Business Edge
(E-series/M-series
Routers)
Large Enterprise

Small/Medium Enterprise
Inc.
The E-series Family of Edge Routers

Series of high-performance broadband remote access
servers (B-RAS)
The result of Unisphere acquisition in mid-2002
ERX-310
ERX-700
ERX-1440
E-series
edge router operation and configuration is
covered in various E-series router-specific class offerings
See http://www.juniper.net/training for details

Inc.
M-series and T-series Product Line (1 of 2)

Family of router platforms that deliver:
Industry-leading core and dedicated-access platforms
Solutions that scale in multiple dimensions with market-leading port

density
Flexible and manageable traffic control

High reliability features
M160
Router
M40
Router
M5/M10
Routers
M20
Router
Forwarding
Performance
per Rack Inch
Copyright
2003,
March 2000Networks,
Sep. 1998
Sep. 2000
Dec.
1999 Juniper
Inc.
...
M-series and T-series Product Line (2 of 2)

Common software image/feature set across all platforms!
M40e
Router
T320 Router
M7i
M10i
T640 Internet
Routing Node
...
A Continuing History
of Rapid Innovation

Dec. 2001
August 2002
Sept. 2003
Inc. Feb. 2002

Inc.
M-series and T-series Hardware Overview

Where we are going
General M-series and T-series platform architecture
Hardware overview
Routing Engine
Packet Forwarding Engine (M-series and T-series)
The Craft Interface

Field Replaceable Units (FRUs)
Summary of platform characteristics

Inc.
Separation of Control and Forwarding

Routing Engine
RT
FT
JUNOS
Software
fxp1
Packet Forwarding Engine
CLI
FT
Packets Out
Packets In
All M-series and T-series platforms share the same basic
design philosophy
Clean separation of control and forwarding
Routing Engine maintains routing table (RT) and primary
copy of forwarding table (FT)

Packet Forwarding Engine receives FT from Routing
Engine

Inc.
Routing Engine Overview

JUNOS software resides in flash memory
Backup copy available on hard drive
Provides forwarding table to the Packet Forwarding
Engine
Not directly involved with packet forwarding
Runs various routing protocols
Implements CLI
Manages Packet Forwarding Engine

Inc.
Current Routing Engine Characteristics

RE Model
Processor/clock
Feature
Memory
Solid state
flash storage
Hard disk storage
External media
Supported Platforms
RE-333
RE-400
RE-600
Pentium III/333 MHz
Celeron/400 MHz
Pentium III/600 MHz
768 MB
256, 512, 768 MB
512, 2 GB
80 MB
256 MB
(Optional)
128 MB/256 MB
6.4+ GB
20 GB
30+ GB
PCMCIA
flash card/LS-120*
PCMCIA
flash card
(Optional)
PCMCIA
flash card/LS-120*
Originally shipped
on: M5/10/20/40/40e,
and M160
M7i/M10i Only
All M-series
and T-series except
M7i/M10i

* The M40 router continues to use the original LS-120 drive for external storage regardless of RE model.
Inc.
Packet Forwarding Engine Overview

Custom ASICs implement forwarding path
No process switching
Value-added services and features implemented in hardware
Multicast
CoS/queuing
Firewall filtering
Accounting
Divide-and-conquer architecture
Each ASIC provides a piece of the forwarding puzzle

Inc.
PFE Components: M-series

Physical Interface Cards (PICs)
Flexible PIC Concentrators (FPCs)
The system midplane
For M5/M10, M7i/M10i, M20, and M40
System Control
M5/M10 and M7i /M10i routersForwarding Engine Board/Compact

Forwarding Engine Board, combined FPC and System Control Board
M20 routerSystem Switching Board (SSB)
M40 routerSystem Control Board (SCB)
For M40e and M160

Switching and Forwarding Module (SFM)
Miscellaneous Control Subsystem (MCS)
Packet Forwarding Engine Clock Generator

Inc.
PFE Components: T-series

Physical Interface Cards (PICs)
T-series FPCs contain one or two PFE complexes
PFEs interface to other PFEs through the T-series switch
fabric
Nonblocking crossbar switch matrix with high-speed lines to each FPC
Switch fabric redundancy
Switching between PFEs performed by Switch
Interface Boards (SIBs)

Three SIBs comprise a T320 switch fabrictwo active, one
spare
Five SIBS comprise the T640 switch fabricfour active, one
spare
The system midplane

Inc.
Physical Interface Cards

PICs currently support from 0
Some PICs support channelized
and advanced CoS options

IP Service PICs (Tunnel,
Multilink, Monitoring, etc.)
Services PIC normally have no
physical ports
Switch Fabric
Memory
to 48 physical ports
Custom ASIC for each media
type
Status indicators
Hot-swappable on all
platforms except M20 and
M40 routers
Physical
Interface
Card (PIC)
PIC
PIC
ASIC
FPC

Inc.
PIC
General FPC features

Supports from 1 to 4 PICs
Hot-swappable on most platforms
PowerPC supervisory processor
Not used for packet forwarding
From 64 MB to 1.2 GB of memory
Pooled to create shared memory

switch fabric on M-series platforms
High aggregate throughput rates*

M5/M10, M7i/M10i, M20, M40, and
M40e routers: 6.4 Gbps per FPC
M160 router: 25.6 Gbps per FPC2
T640 Internet Routing Node: 80+
Gbps with FPC3
T320 router: 40+ Gbps with FPC3
*
Switch Fabric
Memory
The Flexible PIC Concentrator

PIC
PIC
PIC
ASIC
FPC
PIC
The numbersCopyright
quoted are two
times
the unidirectional
(Simplex) capacity of each
2003,
Juniper
Networks,
FPC.
Inc.
M-series System Boards

General System Board functions:
Forwarding table updates and route lookups
Management of ASICs and PFE hardware components
Environmental monitoring
Stratum 3 SONET clock generation
Handling exception/control packets
Names vary by platform
M5 and M10FEB
M20 and M40SSB and SCB
M7i and M10iCFEB
Enhanced System Boards feature the second
generation Internet Processor II ASIC

Inc.
Control Boards: M-series and T-series

General Control Board functions:
Component power up/down
Handling hardware faults
Controlling redundancy
Environmental monitoring
Distribution/generation of SONET clocking
M160/M40e control
Control provided by Miscellaneous Control Subsystem
(MCS); paired with a Routing Engine to form a Host Module
Host Module redundancy supported
T640/T320 control
Control provided by Control Board (CB); the CB is paired with
a Routing Engine to form a Host Subsystem
Host Subsystem redundancy supported

Inc.
Internet Processor II ASIC

The Internet Processor II
Provides industry-leading performance for longest-match
packet lookup
Numerous packet processing features:
Filtering, sampling, logging, counting, and improved load balancing
Second generation Internet Processor II available on
enhanced system boards

Inc.
System Midplane Examples

M10 System midplane:
FEB contains built-in FPCs,
eight PIC slots
System midplane
Connector Interface Panel
(CIP), eight FPC slots
M20 System midplane

System Switching Board
slots, Craft Interface slot, four
FPC slots
Connector Interface Panel
M40e, M160, T640, and T320
1 2 3 4 5 6
Primary SSB
Secondary SSB
Craft Interface
0
1
2
Copyright 2003, Juniper Networks,3

Inc.
The Craft Interface

Craft Interface overview
LCD display (M40, M40e, M160, T640, and T320 routers only)
FPC online/offline buttons (M20, M40, M40e, M160, T640,
and T320 platforms)
PIC online/offline buttons (M5/M10 and M7i/M10i routers)
Status LEDs
ACopyright
Typical Craft
Interface
(T320)
2003,
JuniperPanel
Networks,
Inc.
Craft Interface Status LEDs

Status LEDs
OK
Blinking = starting
Solid = running
FAIL
Solid = taken offline because of failure
Online/offline buttons
Press and hold for three seconds to take FPC (or PIC) offline

Inc.
Alarm Indications
Red alarm
Major failure that affects service/safety
Yellow alarm
Minor failure that needs attention but does not affect
service

Inc.
LCD Display
LCD display is available on M40, M160, T640, and T320 platforms only
Displays general system status when no alarms are present
Displays alarm information when alarms are present
Identifies the total number and types of alarms that are active
Currently, the navigation buttons are only used to obtain the status of certain PICs

Inc.
Dry Relay Contacts

Activated with first alarm
Yellow and red alarms
Can be disabled with ACO/LT button on Craft
Interface
New alarms reactivate relay

Alarm contacts supported on M20, M40, M40e, M160,
and T-series platforms
Relay contacts located on the Craft Interface or

Connector Interface panel

Inc.
Typical Router Components (T640)
Copyright
Front
Inc.
2003, Juniper Networks,
Back
Product Comparison: M-series

Platform
M5
Router
M7i
Router
M10
Router
Chassis
Throughput
(Aggregate)
6.4 Gbps
(40 Mpps)
9.4 Gbps
(8 Mpps)
12.8 Gbps
(40 Mpps)
Slot Throughput
(Aggregate)
6.4 Gbps
6.4 Gbps
1/4
Power
M10i
Router
M20
Router
M40
Router
12.8 Gbps
(16 Mpps)
25.6 Gbps
(40 Mpps)
51.2 Gbps
(40 Mpps)
51.2 Gbps
(40 Mpps)
204 Gbps
(160
Mpps)
6.4 Gbps
6.4 Gbps
6.4 Gbps
6.4 Gbps
6.4 Gbps
25.6 Gbps
1/6 (2
built-in
PICs)
2/8
2/8
4/16
8/32
8/32
8/32
AC/DC
AC/DC
AC/DC
AC/DC
AC/DC
AC/DC
AC/DC
DC Only
Units per Rack
15 per
rack
21 per
rack
15 per
rack
8 per rack
5 per rack
2 per rack
2 per rack
2 per rack
RE/Control
Redundancy
No
No
No
Yes
Yes
No
65 Lbs/29.5
Kg
65 Lbs/29.5
Kg
150
Lbs/68 Kg
Feature
Slots/PICs
Weight (Max)
61 Lbs/27.7
36.5
Kg
Lbs/16.6Kg
M40e
Router
Yes
M160
Router
Yes
280
370.5
370.5
Lbs/127 Kg Lbs/168 Kg Lbs/168 Kg

Inc.
* Numbers quoted are two times the unidirectional (simplex) capacity for each FPC or chassis.
Product Comparison: T-series

Platform
Feature
T640 Internet
Routing Node
T320
Router
Chassis
Throughput
(Aggregate)
640+ Gbps (640

Mpps)
320+ Gbps
(320 Mpps)
Slot
Throughput
(Aggregate)
FPC3 = 80+
Gbps
FPC 2 and 3
FPC3 = 40+
Gbps
FPC 1, 2, and 3
Slots/PICS
8/32
8/16
DC only
DC only
2 per
rack
3 per
rack
Yes
Yes
Power
Units Per Rack

RE/Control
Redundancy
Weight (typical)
565Lbs/256.28Kg
369.9
Lbs/167.78Kg

Inc.
* Numbers quoted are two times the unidirectional (simplex) capacity for each FPC or chassis.
PICs
Where we are going
Listing of common PICs
4-port and 48-port Fast Ethernet, 2-port STM1/OC3c ATM, and
OC-192c

Inc.
Common PICs
Basic
ATM
Channelized OC-12, STM1, DS3
DS-3, 4 port
T1, E1, T3, E3
Fast Ethernet
Gigabit Ethernet, 10 Gigabit Ethernet
SONET/SDH
IP Services
Tunnel Services, Encryption Services, Link Services, Multilink
Services, Monitoring services, and Adaptive Services PIC

(ASP)
Services (Q Performance Processor)

Channelized Services (E1, DS3, STM1, and OC12)
ATM Services (ATM-2)
Copyright
Ethernet
Services 2003, Juniper Networks,
Inc.
PIC Examples
4-port Fast Ethernet (M5/M10)
2-port STM1/OC3Copyright
ATM (M20/M40)
2003,
Inc.
48-port Fast Ethernet (M40e)
Quad-wide
STM-64/OC192c (M160)
Juniper
Networks,
M-series ASICs and Packet Flow

Where we are going
The M-series Packet Forwarding Engine
PIC Controller ASIC
I/O Manager ASIC
Distributed Buffer Management ASIC
Internet Processor II
M-series packet flow

Inc.
M-series ASICs
Internet
Processor II
M-series System Board

(For example, SSB, SFM)
Buffer
Manager 1
FPC
PICs
I/O
Manager
PIC I/O
Manager
PIC I/O
Manager
PIC I/O
Manager
PIC I/O
Manager
M
E
M
Forwarding
Table
Buffer
Manager 2
I/O
Manager
M
E
M
I/O
Manager
PIC I/O
Manager
PIC I/O
Manager

Inc.
M
E
M
PIC I/O
Manager
PIC I/O
Manager
M-series Packet Flow (1 of 5)
PIC
PIC I/O
I/O ASIC
ASIC
Connects
to
Connects
to FPC
FPC I/O
I/O ASIC
ASIC
Packet
Forwarding
Manages
Manages
physical-layer
Engine
Systemphysical-layer
framing
framing and
and bit-stream
bit-stream
Controller
signaling
(SSB, signaling
SFM, etc.)
Buffer
Detects
Detects link-layer
link-layer errors
errors (CRC)
(CRC)
Manager 1
Generates
data
link-layer
Generates data link-layer
alarms
alarms
FPC
PICs
I/O
Manager
PIC I/O
Manager
PIC I/O
Manager
PIC I/O
Manager
PIC I/O
Manager
Forwarding
Table
Internet
Processor II
M
E
M
Key
Buffer
Manager 2
I/O
Manager
M
E
M
Data
Notification
I/O
Manager
PIC I/O
Manager
PIC I/O
Manager

Inc.
M
E
M
PIC I/O
Manager
PIC I/O
Manager

Internet
Processor II

System Controller
(For example, SSB and SFM)
Buffer
Manager 1
FPC
PICs
I/O
Manager
PIC I/O
Manager
PIC I/O
Manager
PIC I/O
Manager
PIC I/O
Manager
M
E
M
Forwarding
Table
I/O
Buffer ASIC
I/O Manager
Manager
ASIC
Decodes
Manager 2
Layer
Decodes
Layer 22
encapsulation
encapsulation
Identifies
Identifies protocol
protocol and
and
checks
checks Layer
Layer 33 header
header
validity
validity
M
Classifies
traffic
Classifies
traffic
for CoS
CoSM
I/O
I/Ofor
E
E
Chops
incoming
packets
Manager
Manager
Chops
incoming
packets
M
M
into
into 64-byte
64-byte
chunks
chunks (J-cells)
(J-cells)
PIC I/O
PIC I/O
Sends
Sends J-cells
J-cells
to Buffer
Buffer
Managerto
Manager
Manager
Manager 11 ASIC
ASIC
PIC
I/O integrity
PIC I/O
Confirms
Confirms packet
packet
integrity
Manager
Manager

Inc.

Forwarding
Table
Internet
Processor II
Packet Forwarding
Engine System Controller
Buffer
Manager 1
Key
Buffer
Manager 2
Data
Notification
FPC
I/O
Manager
PIC I/O
Manager
PICs
PIC I/O
Manager
M
E
M
I/O
Manager
M
E
M
I/O
Manager
PIC I/O
Manager
Manager
ASICs
Distributed
Distributed Buffer
Buffer
Manager
ASICs
PIC I/O
PIC I/O
PIC I/O
Manage
packet
memory
shared
across
FPC
slots
Manager shared across FPC slots Manager
ManageManager
packet memory
Extract
Extract address
address information
information from
from packets
packets
Direct
FPCs
forward
packets
Direct
FPCs where
where
to
forward
packetsNetworks,
Copyright
to
2003,
Juniper
Inc.
M
E
M
PIC I/O
Manager
PIC I/O
Manager

Packet Forwarding
Engine System Controller
Forwarding
Table
Internet
Processor II
Buffer
Manager 1
Internet
Internet Processor
Processor IIII ASIC
ASIC
Extracts
Extracts next-hop
next-hop
information
information from
from system
system
forwarding
table
FP
forwarding table
M
Passes
C
Passes modified
modified I/O
E
notification
notification (next-hop
(next-hop
Manager
M
information
information added)
added) to
to
Buffer
Buffer Manager
Manager 22 ASIC
ASIC
Applies
PIC
I/O
PIC I/O
filtering
Applies packet
packet
filtering
Manager
Manager
and
and policy
policy rules
rules
PICs
Collects
Collects exception
exception
packets
PIC I/O packets
PIC I/O
for
queuing
to
Routing
Manager
Manager
for queuing to Routing
Engine
Engine
Key
Buffer
Manager 2
I/O
Manager
M
E
M
Data
Notification
I/O
Manager
PIC I/O
Manager
PIC I/O
Manager

Inc.
M
E
M
PIC I/O
Manager
PIC I/O
Manager
I/O
I/O Manager
Manager ASIC
ASIC
Packet
Forwarding
Receives
Receives 64-byte
64-byte
Internet
Processor II
Forwarding
Table
Enginechunks
Systemfrom
chunks
from Buffer
Buffer
Manager
Controller
Manager 22 ASIC
ASIC
Key
(SSB,
etc.)
SFM,
Adjusts
Buffer
Buffer
Adjusts any
any required
required
Data
protocol
Manager 2
protocol time-to-live
time-to-live Manager 1
Notification
values
values
Encapsulates
Encapsulates chunks
chunks
inside
inside appropriate
appropriate
data
data link
link layer
layer header
header
M
M
M
FPC
I/O
I/O
I/O
Sends
to
PIC
I/O
Sends to PIC I/O
E
E
E
Manager
Manager
Manager
Manager
M
M
M
Manager ASIC
ASIC for
for
transmission
transmission
PICs
PIC I/O
Manager
PIC I/O
Manager
PIC I/O
Manager
PIC I/O
Manager
PIC I/O
Manager
PIC I/O
Manager

Inc.
PIC I/O
Manager
PIC I/O
Manager
ASIC Functionality and Packet Flow

Where we are going
The T-series Packet Forwarding Engine
PIC Controller ASIC
Layer 2/Layer 3 Packet Processing ASIC
Switch Interface ASIC
Queuing and Memory Interface ASIC
Internet Processor II
T-series switch fabric overview

T-series packet flow

Inc.
T-series Packet Forwarding Engine

Each T-series PFE consists of:
One or more media-specific PIC ASIC
Handles physical layer signaling, alarms, and CRC processing
Layer 2/Layer 3 Packet Processing ASIC
Provides Link layer encapsulation and decapsulation
Manages division and reassembly of packets into J-cells
Queuing and Memory Interface ASICs
Manage data cell memory buffering
Manage notification queuing
Internet Processor II ASIC
Performs route lookups in forwarding table
Switch Interface ASICs
Extract route lookup keys
Manage cell flow across the switch fabric

Inc.
The T-series Switch Fabric

Nonblocking topology with any-to-any connectivity
No single point of failure, all SIBs fully redundant
Graceful degradation for multiple failures
T640 switch fabric consists of 5 Switch Interface Boards (SIBs) (5th is a

spare)
T320 switch fabric consists of 3 Switch Interface Boards (SIBs) (3rd is a

spare)
Packet order and CoS maintained across fabric
SIB 0
SIB 1
SIB 2
FPC 1
FPC 0
F16
F16
F16
Nf
40Gbps
HSLs
(FD)
Copyright
The T320 Switch Fabric
Inc.
T-series Packet Flow (1 of 10)

Key
Ingress PFE
Data
Notification
Packets
in
SONET
or
GigE
PIC
Layer2/Layer3
Packet
Processing
ASIC
Internet
Switch
Processor
Interface
II ASIC
ASIC
Switch
Interface
ASIC
Queuing
& Memory
Interface
ASIC
RDRAM
Switch
Queuing
& Memory
Interface
ASIC
Packets
Packets arrive
arrive at
at an
an incoming
incoming PIC
PIC
Fabric
RDRAM
interface
interface
Switch
SONET
Layer2/Layer3
Packet
or
Packet manages
Interface link layer

ASIC
s PIC
PIC controller
controller
ASIC
manages
link layer
GigE
Processing
ASIC
PIC of
out framing
ASIC
framing
of bit
bit stream
stream
Detects
Detects link
link layer
layer CRC
CRC errors
errors
Switch
Internet
Generates
Generates link
link layer
layer alarms
alarms
Processor
Interface
packets
to
FPC
Passes
II
ASIC
Passes packets
to FPC
Copyright
2003, Juniper Networks, ASIC
Inc.

Key
Ingress PFE
Data
Internet
Switch
Processor
Interface
II ASIC
ASIC
Notification
Packets
in
Layer2/Layer3
Packet
Processing
ASIC
SONET
or
GigE
PIC
Switch
Interface
ASIC
Queuing
& Memory
Interface
ASIC
RDRAM
Switch
Queuing
& Memory
Interface
ASIC
2/Layer
33 Packet
Layer
LayerSONET
2/LayerLayer2/Layer3
Packet Processing
Processing
Switch
ASIC
and
validates
Layer
ASIC parses
parses
and
validates
Layer 22
or
Packet
Interface
GigE
Processing
and
33 headers
ASIC
and Layer
Layer
headers
PIC
ASIC
Classifies
Classifies traffic
traffic for
for CoS
CoS processing
processing
Divides
Divides the
the packets
packets into
into 64-byte
64-byte Internet
cells
cells
Processor
II ASIC
Sends
to
Interface
Sends cells
cells
to Switch
Switch
Interface
ASIC
Copyright
2003, ASIC
Juniper
Fabric
RDRAM
Packet
s
out
Inc.
Switch
Interface
Networks, ASIC

Key
Ingress PFE
Data
Notification
Packets
in
SONET
or
GigE
PIC
Layer2/Layer3
Packet
Processing
ASIC
Internet
Switch
Processor
Interface
II ASIC
ASIC
Switch
Interface
ASIC
Queuing
& Memory
Interface
ASIC
RDRAM
Switch
Queuing
& Memory
Interface
ASIC
the
Switch
Switch Interface
Interface ASIC
ASIC extracts
extracts
the
Switch
SONET
Inc.
RDRAM
Layer2/Layer3
route
key
or
Packet
route lookup
lookup
key
Interface
GigE
Processing
ASIC
PIC
Key
is
placed
in
a
notification
ASIC
Key is placed in a notification cell
cell and
and
passed
passed to
to the
the Internet
Internet Processor
Processor
Data
Data cells
cells are
are sent
sent to
to the
the Queuing
Queuing Internet
Processor
and
Interface
ASICs
and Memory
Memory
Interface
ASICs
II ASIC
Copyright 2003, Juniper
Packet
s
out
Fabric
Switch
Interface
Networks,
ASIC

Key
Ingress PFE
Data
Notification
Packets
in
SONET
or
GigE
PIC
Layer2/Layer3
Packet
Processing
ASIC
Internet
Switch
Processor
Interface
II ASIC
ASIC
Switch
Interface
ASIC
Queuing
& Memory
Interface
ASIC
RDRAM
Switch
Queuing
Queuing and
and Memory
Memory Interface
Interface
Queuing
& Memory
Interface
ASIC
Switch
SONET
Layer2/Layer3
ASICs
pass the
data
to
ASICs
data cells
cells
to
orpass the
Packet
Interface
GigE for buffering
Processing
memory
ASIC
memory
for buffering
PIC
ASIC
Internet
Internet Processor
Processor IIII ASIC
ASIC performs
performs
the
the route
route lookup
lookup and
and forwards
forwards the
the
Internet
notification
notification to
to the
the Switch
Switch Interface
InterfaceProcessor
ASIC
II ASIC
ASIC
Fabric
RDRAM
Packet
s
out
Inc.
Switch
Interface
Networks,
ASIC

Key
Ingress PFE
Data
Notification
Packets
in
SONET
or
GigE
PIC
Layer2/Layer3
Packet
Processing
ASIC
Internet
Switch
Processor
Interface
II ASIC
ASIC
Switch
Interface
ASIC
Queuing
& Memory
Interface
ASIC
RDRAM
Switch
Queuing
& Memory
Interface
ASIC
Switch
Switch Interface
Interface ASIC
ASIC sends
sends
Switch
SONET
Inc.
RDRAM
Layer2/Layer3
bandwidth
requests
through
or
Packet
Interface the
bandwidth
requests
through
the
GigE
Processing
ASIC
switch
the
switchPICfabric
fabric to
toASIC
the destination
destination PFE
PFE
Issues
Issues read
read requests
requests to
to the
the Queuing
Queuing
Internet
and
and Memory
Memory Interface
Interface ASIC
ASIC to
to begin
begin
Processor
reading
cells
out
of
memory
reading data
data
cells
out
of
memory
II ASIC
Packet
s
out
Fabric
Switch
Interface
Networks,
ASIC

Switch
Internet
Processor
Destination
Destination Switch
Switch Interface
Interface ASIC
ASIC
Interface
II ASIC
sends
sends grants
grants through
through the
the switch
switch
fabric
fabric
Layer2/Layer3
SONET
Switch
Switch
Interface
ASIC
Originating
Packet
Originating
Switch
Interface
ASIC
Packet
or
Interface
Queuing
s
Processing
GigE
&
sends
a
cell
through
the
switch
ASICswitch Memory
sends
the
ASIC
in
PIC a cell through
Interface
ASIC
fabric
to
the
destination
PFE
fabric to the destination PFE
ASIC
RDRAM
Switch
Queuing
& Memory
Interface
ASIC
Packets
out
Layer2/Layer3
Packet
Processing
ASIC
SONET
or
GigE
PIC
Notification
Interface
ASIC
Egress PFE
Copyright
2003,
Inc.
RDRAM
Switch
Key
Data
Fabric
Internet
Switch
Processor
Interface
II ASIC
Juniper
Networks,
ASIC

Switch
Internet
Switch
Processor
Switch Interface
Interface ASIC
ASIC extracts
extracts the
the
route
route lookup
lookup key,
key, places
places itit in
in aa
notification,
notification, and
and forwards
forwards to
to the
the
Internet
Processor
II
Internet
Processor
Layer2/Layer3II
SONET
Switch
Packet
Packet
or
Internet
Processor
II performs
route
Interface
Internet
Processor
Queuing
s
Processing II performs route
GigE
&
Memory
ASIC
ASIC
in lookup
PIC and
notification
to
lookup
and forwards
forwards
notification
to
Interface
ASIC
Queuing
Queuing and
and Memory
Memory Interface
Interface ASIC
ASIC
Interface
II ASIC
ASIC
RDRAM
Switch
Queuing
& Memory
Interface
ASIC
Packets
out
Layer2/Layer3
Packet
Processing
ASIC
SONET
or
GigE
PIC
Notification
Interface
ASIC
Egress PFE
Copyright
2003,
Inc.
RDRAM
Switch
Key
Data
Fabric
Internet
Switch
Processor
Interface
II ASIC
Juniper
Networks, ASIC

Switch
Internet
Processor
Queuing
Queuing and
and Memory
Memory Interface
Interface ASIC
ASIC
forwards
forwards notification
notification to
to the
the Switch
Switch
Interface
Interface ASIC
ASIC
Interface
ASIC
read
Switch
Switch
Interface
ASIC issues
issues
read
Layer2/Layer3
SONET
Switch
Packet requests
Packet
or
to
the
Queuing
and
requests
to
the
Queuing
and
Interface
Queuing
s
Processing
GigE
&
Memory
ASIC passes
ASIC ASIC
in Memory
PIC Interface
Memory
Interface
ASIC and
and
passes
Interface
cells
cells to
to L2/L3
L2/L3 Processing
Processing ASIC
ASIC ASIC
Interface
II ASIC
ASIC
RDRAM
Switch
Queuing
& Memory
Interface
ASIC
Packets
out
Layer2/Layer3
Packet
Processing
ASIC
SONET
or
GigE
PIC
Notification
Interface
ASIC
Egress PFE
Copyright
2003,
Inc.
RDRAM
Switch
Key
Data
Fabric
Internet
Switch
Processor
Interface
II ASIC
Juniper
Networks,
ASIC

Switch
Internet
Processor
Layer
Layer 2/Layer
2/Layer 33 Packet
Packet Processing
Processing II ASIC
ASIC
ASIC reassembles
reassembles the
the data
data cells
cells into
into
packets
packets
Layer2/Layer3
SONET
Switch
Adds
2
encapsulation
Packet
Adds Layer
Layer
2
encapsulation
Packet
or
Interface
Queuing
s
Processing
GigE
Sends
the
packets
to
the
outgoing
in
&
Memory
Sends PIC
the packets
outgoingInterface
ASIC to the ASIC
ASIC
PIC
PIC interface
interface
Interface
ASIC
RDRAM
Switch
Queuing
& Memory
Interface
ASIC
Packets
out
Layer2/Layer3
Layer2/Layer3
Packet
Packet
Processing
Processing
ASIC
ASIC
SONET
or
GigE
PIC
Notification
Interface
ASIC
Egress PFE
Copyright
2003,
Inc.
RDRAM
Switch
Key
Data
Fabric
Internet
Switch
Processor
Interface
II ASIC
Juniper
Networks,
ASIC

Internet
Switch
Processor
Interface
II ASIC
ASIC
Egress
Egress PIC
PIC ASIC
ASIC adds
adds physical
physical
layer
framing
and
layerSONET
framingLayer2/Layer3
and CRC
CRC Switch
Packet
Packet
or bit stream out toInterface
Sends
out to the
the
s Sends
Processing
GigEbit stream
ASIC
ASIC
in network
PIC
network
Queuing
& Memory
Interface
ASIC
RDRAM
Switch
Queuing
& Memory
Interface
ASIC
Packets
out
Layer2/Layer3
Packet
Processing
ASIC
SONET
or
GigE
PIC
Notification
Interface
ASIC
Egress PFE
Copyright
2003,
Inc.
RDRAM
Switch
Key
Data
Fabric
Internet
Switch
Processor
Interface
II ASIC
Juniper
Networks,
ASIC
Exception Packets
Exception packets
Local delivery
IP options
Source route, router alert, etc.
ICMP message generation
Generally processed by Packet Forwarding Engine
control CPU
Remaining traffic (local and control) sent to Routing Engine
via internal link
Rate limiting
Hardware-based WRR ensures control traffic is not starved

Inc.
JUNOS Software Overview

Where we are going
Features
Processes
Protocol support

Inc.
JUNOS Software Features

A single image runs on all M-series and T-series
platforms with all features

Free BSD-based environment
Fully independent software processes

Routing, interface control, management, chassis
management, SNMP, CLI, APS, VRRP, sampling, CoS, etc.
Protected memory environment
Serious error in one module does not impact other modules or packet
forwarding
Automatic core dumps for serious faults
Purpose built for performance and stability in the
Internet core
Inc.
JUNOS Software Processes

JUNOS Internet Software
SNMP
Routing
Engine
Routing
Tables
User
Routing
Protocol
Process
Interface
Process
Forwarding
Table
Forwarding
Table
Command-Line
Interface (CLI)
Chassis
Process
Kernel
Interface
Process
Distributed
ASICs
Chassis
Process
Embedded Microkernel
Packet
Forwarding
Engine
Microkernel

Inc.
The Kernel
The kernel
Provides the underlying infrastructure for all the JUNOS
software processes
Provides the link between the routing tables and the RE's forwarding
table
Responsible for all communication with the PFE, including keeping the
PFEs copy of the forwarding table synchronized
Routing
Protocol
Process
Forwarding
Table
Interface
Process
CommandLine
Interface (CLI)
Chassis
Process
Kernel

Inc.
Routing Protocol Process

Core functions
Controls routing protocols running on router
Starts all configured protocols
Handles all routing messages
Maintains routing tables
Implements routing policy
Routing
Tables
Routing
Protocol
Process
(rpd)
JUNOS Kernel

Inc.
Industrial-Strength Protocols
Unicast routing protocols
Intermediate System-to-Intermediate System (IS-IS)
Open Shortest Path First (OSPF and OSPF3)
Routing Information Protocol (RIP and RIPng)
Border Gateway Protocol (BGP)
Multicast routing protocols
Distance Vector Multicast Routing Protocol (DVMRP)
Protocol Independent Multicast (PIM)
Multicast Source Discovery Protocol (MSDP)
Internet Group Management Protocol (IGMP and MLD)
Session Announcement Protocol and Session Description
Protocol (SAP/SDP)
MPLS application protocols
Multiprotocol Label Switching (MPLS)
Provider-provisioned VPN support (Layer 2 and 3)
Resource Reservation Protocol (RSVP)

Label Distribution Protocol (LDP)
Inc.
Review Questions
1. Which Juniper Networks M-series or T-series
2.
3.
4.
5.
6.
routers are aimed at the Internet core? What

about the edge?
What are the primary responsibilities of the
Routing Engine and the Packet Forwarding
Engine?
What is the purpose of and relationship between
FPCs and PICs?
What is the purpose of the Craft Interface?
Describe packet flow through Juniper Networks
M-series and T-series platforms
Which software process maintains the routing
tables and implements routing policy?
Inc.
Juniper Networks
Module 5: Installation and

Initial Configuration
IJNR-6.b.6.1.2
Module Objectives
After completing this module, you should be able to
describe
Important installation issues
Initial configuration process
Software installation from scratch
Software component upgrades
How to back up existing router software

Inc.
Chassis Installation
M40/M160 Craft interface displays

Typical M160 weighs 300 pounds (135 kg)

Lifting requires three or more people
Remove heaviest components first

Power supplies
FPCs
Fan Trays
Lift into rack

Do not lift M40 by Routing Engine handles
Replace components

Inc.
Power Up and Power Down
Powerup
Perform more checks
Connect all cables
Turn on one power supply
Turn on second power supply
Powerdown
Shutdown Junos Routing software
CLI request system halt command

Turn off Power Supplies

Inc.
Visible Activity at Startup
M40/M160 Craft interface displays

Starting Routing Engine
Starting PFE
Starting cards
FPC LED
Blink green while testing
Become solid green when tests pass
Alarm LEDs light as needed

Inc.
Using serial console

Root password
Machine name
IP address (prefix) and prefix length assigned to
management interface (fxp0)
Default router
DNS server

Inc.
Troubleshooting
Craft interface
Red LEDs indicate failure

M40/M160 LCD displays all major and minor alarms
Syslog messages
Contain more detailed information

CLI show log messages command
CLI
Interactive failure analysis using show commands

monitor log files using monitor command

Inc.
Boot Devices and Media

Removable media
Used for install and upgrade, normally left empty
M40120-MB high-capacity floppy drive
M20/M160110-MB PCMCIA flash card
Flash drive
Solid-state nonrotating media
Primary source for booting software
Hard drive
Traditional rotating media
Secondary source for booting software

Inc.
Software Installation
Arrives preinstalled from factory onto
Flash drive
Hard drive (alternate copy)
Removable LS-120 floppy or PCMCIA flash card (use as a last resort)
Can boot from alternate copy

If flash drive fails, router can still boot from hard drive or removable
media
Upgradable
Upgrade packages available through the Internet or on removable
media

Inc.
Boot Sequence
Hardware controlled
Software notifies hardware when boot completes
Removable
media
Success?
Done
Solid-state
flash disk
Success?
Done
Rotating
disk
Success?
Done

Inc.
Halt
Root password
Root password not set at factory
Must use console to configure root password
Router and domain name
Management interface IP address and prefix length
Default router IP address
DNS server IP address

Inc.
Enter configuration mode
root@> configure
[edit]
root@#
Set root password

Plain text known
root@# set system root-authentication
plain-text-password
Pre-encrypted password
encrypted-password encrypted-password
SSH (secure shell) key

ssh-rsa key

Inc.
Set router name
[edit]
root@# set system host-name lab2
Set router domain name

[edit]
root@# set system domain-name juniper.net
Commit changes so far

[edit]
root@# commit
commit complete
[edit]
root@lab2#

Inc.
Set management Ethernet IP address and prefix
[edit]
root@lab2# set interfaces fxp0 unit 0 family inet address ipaddress/prefix-length
Set default route

[edit]
root@lab2# set system backup-router gateway-address
root@lab2# set routing-options static route default nexthop gatewayaddress retain no-readvertise
Set name server address

[edit]
root@lab2# set system name-server ns-address

Inc.
Full Installation
Reinstall JUNOS software if storage media fails or is
corrupted
Future major software revisions may require full
installation
Three steps
Prepare to reinstall JUNOS software
Reinstall JUNOS software
Configure JUNOS software

Inc.
Full Installation: Preparation

Record basic information
Router name
Management interface IP address and prefix length
Default router IP address
Domain name and DNS server IP address
Copy existing configuration file to a safe place on the network
Located in /config/juniper.conf
Full installation erases both flash and rotating drives
Locate your Juniper installation media
LS-120 floppy or PCMCIA card contains entire JUNOS distribution

Inc.
Full Installation: Reinstallation

Insert installation media into Routing Engine
M40LS-120 floppy
All othersPCMCIA flash card
Reboot router
Use the CLI from the serial console

root@lab2> request system halt
Power-cycle router
Follow prompts
Enter configuration information saved during installation preparation
System reboots automatically after installation completes

Inc.
Software Configuration
Log in as root
no-name (ttyd0)
login: root
Last login: date on ttyd0
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
The Regents of the University of California. All rights reserved.
---JUNOS 4.1R1 built 2000-07-24 09:29:44 UTC
#
Start CLI
# cli
root@no-name>

Inc.
Software Configuration
Enter configuration mode
root@no-name> configure
[edit]
root@no-name#
Set root password

Plain-text
root@no-name# set system root-authentication
plain-text-password text-password
Pre-encrypted password
encrypted-password encrypted-password
SSH key
ssh-rsa key

Inc.
Software Update Packages

JUNOS software updates are contained in four
packages
jkernelOperating system
jrouteRouting Engine software
jpfePacket Forwarding Engine software
jdocsOn-line documentation
jbundleAll four upgrade packages combined
jinstall-Upgrade to/from 5.0
Packages can be upgraded individually

CLI
show system software command displays
installed packages

Inc.
Jinstall vs. Jbundle

When to use jinstall
Upgrade 4.x to 5.y
Downgrade 5.y to 4.x
When to use jbundle
4.x to 4.y transition
5.x to 5.y transition

Inc.
Package Naming Convention

Software packages have standard names
package-m.nZnumber.tgz
m.n is the major version number
Z is a single uppercase letter
AAlpha
BBeta
RRelease
IInternal
number is the release number, which might include the build
number for that release
For example
jbundle-4.1R1.2.tgz

Inc.
Back Up Existing Software

System software and configuration can be backed up
to rotating disk
Best used
Before major upgrade to ensure system recovery if necessary
When system is judged to be stable
CLI request system snapshot command

Inc.
Upgrade Software Jbundle

Download current package from software download page at
www.juniper.net
Add new package
root@lab2> request system software add new-package-name
Checking available free disk space...11200k available,
6076k suggested.
Reboot router
root@lab2> request system reboot

Inc.
Upgrade Software jinstall

Prep the machine:
cli> file copy jinstall-url /var/tmp/jinstall-pkg
Copy customer configs and other files/executables
Do not worry about JUNOS configs, uncommitted config, log
files, SSH keys

Inc.
How to use jinstall

Add jinstall
cli> request system software add /var/tmp/ jinstall-pkg
Installing package '/var/tmp/jinstall-package name'...
WARNING: This package will load JUNOS software release-number.
WARNING: It will save JUNOS configuration files, log files, and SSH keys
WARNING: (if configured), but erase all other files and information
WARNING: stored on this machine. This is the pre-installation stage
WARNING: and all the software is loaded when you reboot the system.
WARNING: If you do not wish to proceed, you will be able to abort the
WARNING: installation.
Saving the config files ...
Installing the bootstrap installer ...

Inc.
How to use jinstall

Type yes to reboot:
WARNING: A reboot is required to load this software correctly. If you
WARNING: wish to abort the installation, enter 'no' below.
Reboot the system (yes/no) [no] ? yes
Shutting down in 10 seconds ...
Saving package file in /var/sw/pkg/jinstall-packagename ...
Saving state for rollback ...
*** FINAL System shutdown message from user@host ***
System going down IMMEDIATELY
Shutdown NOW!
Go for a coffee. Router will be up in 5-7 min.

Inc.
Cautions
5.0 will reformat the disk. Customer configs and other
files/executables will be lost.

Connect to the router via the management ethernet
If the juniper.conf has statements not supported in the
new release, then mgd may fail during commit

Inc.
Jinstall internal mechanics

Preinstall phase does various checks. Stores preinstall
information in /var/tmp/preinstall
Reboot to come up on the installer:
Perform more checks
Reformat the disk
Lay a base OS (files that are needed but not in jbundle)
Lay the jbundle
Second reboot to come up on the new JUNOS

Inc.
End of Life Procedures

Hardware EOL
Notifcation 180 day in Advance

During notification period can continue to purchase
Repaired or Replaced upto 3 years after EOL date
Software EOL
Software Support covers most recent release and two

previous (e.g. 4.3, 4.2, 4.1)
New Releases schedule for FRS every 3 months
Major Release 6 month notice of EOL

Inc.
Review Questions
1. What JUNOS boot Sequence?
2. What are the JUNOS software update Packages?
3. Describe the Package naming convention.
4. Explain the difference between Jbundle and Jinstall.

Inc.
Juniper Networks
Module 6: JUNOS Configuration Basics
IJNR-6.b.6.1.2
Module Objectives
be able to:
Explain how to gain access to a Juniper router
Describe the difference between the CLI command mode and
configuration mode
Describe how to navigate and modify the Candidate
configuration
Describe how to change the Active configuration
Explain the method used to describe a customer interface
Describe how to configure the physical and logical properties
of an interface on a Juniper router

Inc.
Access to Router
Console
Management port, using Telnet, ssh, RADIUS
OFFLINE ONLINE MASTER
NC
C
NO
FAIL
OK
FAIL
OK
FAIL
OK
FAIL
OK
FPC0
RE0
ACO/LT
AUX/MODEM
MGMT
FPC1
CONSOLE
NC
C
NO
FPC2
RE1
OFFLINE ONLINE MASTER

Inc.
FPC3
User Authentication
Name and password
Individual accounts
Per-user command "class" permissions
lab2 (ttyd0)
login: nigel
Password:

Inc.
Features
Line editing
Command history
Command completion
Context-sensitive help

Inc.
CLI Modes
nigel@lab2>
Operational mode
Monitor and troubleshoot the software, the network
connectivity, and the router
nigel@lab2#
Configuration mode
Configure the router, including interfaces, general routing
information, routing protocols, user access, and system

hardware properties

Inc.
CLI Commands
Command hierarchy
clear
bgp
brief
configure
chassis
exact
monitor
interfaces
protocol
set
isis
table
show
ospf
terse
route
version

Inc.
Logging In
lab2 (ttyd0)
login: nigel
Password:
Last login: Fri Feb 18 19:23:16 on ttyd0
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
The Regents of the University of California.
---JUNOS 4.1R1 built 2000-07-24 09:29:44 UTC
nigel@lab2>

Inc.
Help
Type ? anywhere on command line
lab@omaha> ?
Possible completions:
clear
Clear information in the system
configure
Manipulate software configuration information
file
Perform file operations
help
Provide help information
lab@omaha> show ?
aps
Show APS information
arp
Show system ARP table entries
as-path
Show table of known AS paths

Inc.
Editing Command Lines

lab@omaha> show interfaces
Ctrl-b
Ctrl-a
Ctrl-f
Ctrl-e

Inc.
Command Completion
<space> completes a command
root@lab2> sh<space>ow i<space>
'i' is ambiguous.
igmp
Show information about IGMP
interfaces
Show interface information
isis
Show information about IS-IS
root@lab2> show i

Inc.
Software Configuration Overview

Create a hierarchy of configuration statements
Enter commands in CLI configuration mode
root@lab2# set chassis alarm sonet lol red
ASCII text file and display
chassis {
alarm {
sonet {
lol red;
}
}
}

Inc.
Activating a Configuration
commit
Candidate
Configuration
Active
Configuration
0
rollback n
Rollback files stored in

/config/juniper.conf.n (n=1-3)
/var/db/config/juniper.conf.n (n=4-9)

Inc.
...
Statement Hierarchy
top
Less Specific
chassis
firewall
alarm
atm
interfaces
clock
e3
ethernet
protocols
system
more
fpc
sonet
t3
More Specific

Inc.
Entering Configuration Mode

Type
configure or edit at the CLI
operational mode prompt
root@lab2> configure
Entering configuration mode
[edit]
root@lab2#

Inc.
Moving Between Levels

Moving between levels of the statement hierarchy
[edit]
user@host# edit chassis alarm ethernet
[edit chassis alarm ethernet]
top
chassis
firewall
alarm
atm
interfaces
clock
e3
ethernet
protocols
system
fpc
sonet
t3

Inc.
more
Moving Between Levels

user@host# up
[edit chassis alarm]
user@host# top
[edit]
top
top
chassis
firewall
alarm
interfaces
clock
protocols
system
fpc
up
atm
e3
ethernet
sonet
t3

Inc.
more
Displaying Current Configuration

[edit]
user@host# show chassis alarm
sonet {
lol red;
pll yellow;
}
[edit]
user@host# edit chassis alarm
user@host# show
sonet {
lol red;
pll yellow;
}

Inc.
Exiting Configuration Mode

exit from top level
exit configuration-mode from any level
Operational
mode
exit configuration-mode
exit
top
edit/configure
[edit]
edit chassis
[edit chassis]
edit alarm
exit/up
[edit chassis
alarm]

Inc.
Standard Interfaces
Interface contained on
PIC
PIC plugs into FPC
Physical
Interface
Card
FPC has room for four
PICs
PIC
FPC plugs into chassis
PIC
FPC

Inc.
PIC
Standard Interfaces
System uses consistent names for all customer
interfaces
Based on
Interface port type
FPC slot number
PIC slot number within FPC
Port number within PIC

Inc.
Interface Port Type

at ATM over SONET/SDH ports
e1 E1 ports
e3 E3 ports
fe Fast Ethernet ports
so SONET/SDH ports
t1 T1 ports
t3 DS-3 ports
ge Gigabit Ethernet ports
ae- Bundled Ethernet ports

Inc.
FPC Slot Numbers
M40
M2
0
0 1 2 3
4 5 6 7
0
1
2
M16
0
M1
0
0 1 2 3 4 5 6 7
0
1

Inc.
PIC Slot Numbers

0
M40 and M160

Top to bottom
1
2
3
All others
Right to left
3

Inc.
Port Numbers
M40 and M160
Top to bottom
Right to left
All others
Right to left
Bottom to top

Inc.
Interface Names
Physical interfaces have
standard names
Type
FPC slot
PIC slot
Port number
so-5/2/3

Inc.
Typical FPC and PIC Placement

Typical FPC and PIC Numbering
(T640)
Transient interfaces identified
according to FPC/PIC/port
convention
FPC and PIC numbering
varies by platform
M40/M160 platforms support
eight FPCs, numbered from left

to right
FPCs 07
(Left to right)
PICs numbered from top to

bottom (03)
M20 platform supports four
FPCs numbered from top to

bottom
PICs 03
(Top to bottom)
PICs numbered from right to left

(03)
FPC slot and PIC port
numbers are labeled!

Inc.
Interface Names
Logical interfaces are used to set up Frame
Relay DLCIs or ATM virtual circuits
so-5/2/3.43
Interface number is separate in meaning from
the actual DLCI or ATM VC and can be any

arbitrary value
Suggested convention is to keep them the
same whenever possible

Inc.
Permanent Interfaces
Router has two permanent interfaces
Out-of-band management interface is called
fxp0
Internal Routing Engine to PFE connection is called

Inc.
fxp1
Configure Interfaces

Inc.
Two steps
Configure physical properties
Configure logical properties

Inc.
Physical properties
Clocking
Scrambling
Frame check sequence (FCS)
Maximum transmission unit (MTU)
Keepalives
Other link characteristics
Logical properties
Protocol family (Internet, ISO, MPLS)
Addresses (IP address, ISO NET address)
Virtual circuits (VCI/VPI, DLCI)
Other characteristics

Inc.
Standard configuration statement hierarchy
interfaces {
interface-name {
physical-properties;
[]
unit unit-number {
logical-properties;
[]
}
}
}

Inc.
Configure Physical Properties

Configure physical properties of the interface using the
set command:
set interface so-1/0/3 no-keepalives
Or park yourself in the interfaces section of the
hierarchy and set many options

lab@omaha> configure
[edit]
lab@omaha# edit interfaces so-1/0/3
[edit interfaces so-1/0/3]
lab@omaha# set no-keepalives
lab@omaha# set sonet-options fcs 32
lab@omaha# commit

Inc.
Default Settings
Default settings for an interface are usually enough to
get you talking

Most interfaces do not need complex setup

Inc.
Logical Interface Settings

Each physical interface has one or more logical interfaces
Logical interface separates configuration information for each
ATM virtual circuit, Frame Relay DLCI, or VLAN

Some physical interface encapsulations allow only one possible
logical interface
PPP
HDLC

Inc.
Logical Interface Settings

Logical settings
Protocol family (Internet, ISO, MPLS)
Protocol MTU
IP address
Other protocol options
Virtual circuit identifiers (VPI.VCI, DLCI)

Other according to-circuit characteristics

Inc.
Unit Numbers
Each logical interface has a unit number
Number can be arbitrary
Typically, the unit number is the same as the VC or DLCI number
Some physical interfaces have only one possible logical interface,
and one unit number only, which must be configured as unit zero

Inc.
Configure Logical Interfaces

Use the set command to configure a logical interface,
using the unit number

For example
set interface so-1/0/3 unit 40 dlci 40
Or park yourself at the unit level

[edit]
lab@omaha# edit interfaces so-1/0/3 unit 40
[edit interfaces so-1/0/3 unit 40]
lab@omaha# set dlci 40
lab@omaha# set family inet address 10.0.20.1/24
lab@omaha# commit

Inc.
Configure Protocol Families

Each major protocol is called a family
Internet protocol has TCP, UDP, and ICMP as family
members
Most common protocol families are
Internet (inet)
International Standards Organization (iso)
Traffic engineering (mpls)
Multiple families can live on one logical interface

Inc.

Internet protocol family (inet)
Allows you to set
IP address: address A.B.C.D/prefix_length
Remote address on point-to-point links: destination A.B.C.D
Broadcast address: broadcast A.B.C.D
MTU size: mtu bytes
ICMP redirect control: no-redirects

Inc.

Minimal sample configuration
[edit]
lab@omaha# edit interfaces so-1/0/3
[edit interfaces so-1/0/3]
lab@omaha# set unit 0 family inet address 10.0.20.1/24
lab@omaha# commit
Displayed as
interfaces {
so-1/0/3 {
unit 0 {
family inet {
address 10.0.20.1/24;
}
}
}
}

Inc.
Review Questions
1.
2.
3.
4.
5.
6.
What are the two types of CLI modes?

What are the interface types and names?
What are the two permanent interfaces?
What are the two basic interface characteristics?
What are some examples of physical interface settings?
What are some examples of logical interface settings?

Inc.
Lab 2: CLI Configuration
Lab objective:
Introduction to Juniper CLI

Inc.
Juniper Networks
Module 7: Routing Protocol Basics
IJNR-6.b.6.1.2
Module Objectives
be able to:
Explain the difference between static routing and dynamic
routing, and explain when to use each type of routing

Describe the characteristics and operation of distance vector
and link-state routing protocols
Explain how network convergence occurs and provide real-life
examples
Explain how routes are selected on a routed network and
routing metrics
Explain the role of interior gateway protocols and exterior
gateway protocols, including Border Gateway Protocol (BGP)
Explain how JUNOS software implements routing tables and
routing policy

Inc.
Types of Routes
Static
All packets forwarded to predetermined destinations defined
by an administrator
Dynamic
Packets are forwarded to dynamically calculated routes
determined by a routing protocol

Inc.
Static Routing
Benefits
Good for small networks
Can help create a secure network
Efficiently uses router resources
Drawbacks
Does not handle network failures well
Does not scale well

Inc.
Static Routing Example

Destination
Next Hop
10
Direct
172.16
Router B
192.168.5
Router C
192.168.6
Router C
Network
10
Router A
Destination
Next Hop
10
Router A
172.16
Direct
192.168.5
Router C
192.168.6
Router C
Destination
Next Hop
10
Router A
172.16
Router B
192.168.5
Direct
192.168.6
Router D
Router C
Router B
Network
192.168.5
Network
172.16
Router D
Destination
Next Hop
192.168.6
Direct
Default Router C

Network 192.168.6
Inc.
Static Routing with Link Failure

Destination
Next Hop
10
Direct
172.16
Router B
192.168.5
Router C
192.168.6
Router C
Network
10
Router A
Destination
Next Hop
10
Router A
172.16
Direct
192.168.5
Router C
192.168.6
Router C
Destination
Next Hop
10
Unreachable
172.16
Router B
192.168.5
Direct
192.168.6
Router D
Router C
Router B
Network
192.168.5
Network
172.16
Router D
Destination
Next Hop
192.168.6
Direct
Default Router C
Network 192.168.6
Inc.
Floating Static Routes

Static routes CAN
handle link failures!

A floating static route is
a backup static route
that is less preferred
than more direct routes
(static or dynamic)
Floating static route is
used only when the
preferred route is
unavailable
Use with caution!
Router A
Router B
Destination
Next Hop
Destination
Next Hop
Network X
Router C
Network X
Router C
Network X
Router B
Network X
Router A
Router C
Network X

Inc.
Dynamic Routing
Communicate
what?
Distance-Vector
Link-State
Between
whom?
Routing tables
Neighbors
Interface status
All routers

Inc.
Routing Protocol Convergence

Convergence: when all routers in a given routing domain achieve
a consistent view of that routing domain

Routing protocols must achieve convergence in order to route
packets consistently from one location to another

Inc.
Interior and Exterior Gateway Protocols

Interior Gateway Protocols (IGPs)
Routing protocols that run within an autonomous system (AS)
to exchange network reachability information
Exterior Gateway Protocols (EGPs)
Routing protocols that exchange routing information between
autonomous systems
AS 1
IGP
AS 2
EGP
IGP
IGPs
RIP
OSPF
IS-IS
Border
Gateway
Protocol

Inc.
Distance Vector Protocols

Distance vector neighbors exchange vectors
Metric is typically hop count
Vectors reflect both distance and direction
Vectors are stored in the routing table
Entire table or a portion of table is sent
The longest network path is limited
Each router sends a routing table update periodically

Inc.
When to Use Distance Vector Routing

Use in very small networks that have few, if any,
redundant paths and no stringent network performance

requirements
Epitome of the distance-vector routing protocol is
Routing Information Protocol (RIP)
Distance vector drawbacks:
Long convergence time
Simplistic metrics

Inc.
Distance Vector Stability Issues

Counting to infinity
Routing loops
Network A
Network A = 1 hop
Network A = 2 hops
3
R3
4
5
6
R1
R2

Inc.
Link-State Routing Protocols

Link-state routing protocols build and maintain a
database of link state information

Hello messages are used to discover neighbors
Costs are associated with links
Updates are sent to communicate link state changes
Information is flooded to all neighbors who create a
link state database

Inc.
The Link-State Database (LSDB)

The LSDB is like a puzzle that, when complete, is an
accurate picture of the network

LSDB entries are like puzzle pieces that can describe:
Routers and their attached links

Links and their attached routers
Routing information from outside the network
Link metrics, often represented as Cost
Each router maintains its own copy of the LSDB

Each router stores a copy of every LSDB entry in the
network
Different protocols use different names for LSDB
entries
More on that later

Inc.
When to Use Link-State Routing

Use link-state routing with:
Any size, well-designed network
Any network that requires network scalability
Larger, more complicated networks
Faster convergence required
Drawbacks
Can flood the network's transmission facilities, thereby
significantly decreasing the network's capability to

transport data
Memory and processor intensive

Inc.
Martian Addresses
Host or network addresses about which all routing
information is ignored
Commonly sent by improperly configured systems on
the network and have destination addresses that are
obviously invalid
In IPv4, these are the default martian addresses:
0.0.0.0/8
127.0.0.0/8
128.0.0.0/16
191.255.0.0/16
192.0.0.0/24
223.255.255.0/24
240.0.0.0/4

Inc.
Route Flapping
What is route flapping?
Instability in the reachability of a prefix
Occurs during a topology change
In an unstable network, routers might be unable to decide on
a route to a destination
Dealing with route flapping
Different protocols have different solutions

Inc.
JUNOS Routing Policy

Controls routing information transferred between
routing table and each routing protocol

Incoming routing information can be ignored or changed
Outgoing routing information can be suppressed or changed
Some match conditions are protocol-specific

Inc.
When to Apply Policy

You do not want to import all learned routes into the
routing table
You do not want to advertise all learned routes to
neighboring routers
You want one protocol to receive routes from another
protocol
You want to modify information associated with a route

Inc.
Import and Export

Policy filtering is done with respect to the JUNOS
routing table
Export policy is applied to active paths in the routing
table
Neighbors
Neighbors
Import
Routes
Routing
table
Export
Protocol
Routes
Protocol
PFE
Forwarding
table

Inc.
Routing Policy
Allows you to filter and control routing information
entering and leaving the router

Separate policy for each routing protocol
Neighbors
Neighbors
Import policy #1
Routes
Import policy #2
Routing
table
Export policy #1
Routes
Export policy #2
Protocol
Protocol
PFE
Forwarding
table

Inc.
Routing Policy
Policies can be chained together to increase their
effectiveness
Accept
Route
Policy
Policy
Reject
Accept
...
Reject
Accept
Last
policy
Accept
Default
policy
Reject

Inc.
Reject
Routing Policy
Policies contain collections of terms
Terms contain a condition and an action to apply to
each route
Accept
Route
Term
Term
Reject
Accept
...
Reject
Accept
Last
term
Next
policy
Reject

Inc.
Default Routing Policy Actions

Different default policies for each protocol being
imported or exported describe default protocol

behavior
Reaching the end of a policy, or chain of policies,
invokes default policy for that protocol

Inc.
How Routing Policies Are Evaluated
Accept
Accept
Continue
evaluating
Route
Policy
Policy
Reject
Continue
evaluating
until
Reject
Accept
Last
Configured
policy
Accept
Default
policy
action
Reject

Inc.
Reject
Routing Policy Example

Route
Policy 1
Policy 2
Term
Additional
Policies
Term
Accept
or reject
Term
Accept
or reject
Term
Accept
or reject
Default
action
Term
Accept
or reject
Term
Accept
or reject
Term
Accept
or reject
Accept
or reject

Inc.
Routing Policy Example

Route
Policy term
Source
Conditions
Destination
Conditions
Match
Does not
match all
conditions
Default
action
Actions

Inc.
JUNOS Routing Databases

Routing Engine
Routing
Protocol Process
JUNOS kernel
Routing table
Master forwarding table
Forwarding table
Network interfaces

Inc.
Review Questions
1. When would you implement static routing? Dynamic
2.
3.
4.
5.
routing?
What are the primary differences between distancevector protocols and link-state protocols?
How does a distance-vector protocol handle router
updates?
What happens when the network converges?
(Describe the process.)
Describe the JUNOS routing policy and its
implementation.

Inc.
Lab 3: Static Routing

Inc.
Juniper Networks
Module 8: Interior Gateway Protocols
IJNR-6.b.6.1.2
Module Objectives
After successfully completing this module, you should be able to:
Describe RIP architectural features, standards, limitations, and
packet format
Explain JUNOS support for RIP
Configure a Juniper Networks router with a minimum RIP
configuration
Describe OSPF standards, terminology, routing algorithms, packet
format, external metrics, designated routers, and traffic engineering
extensions
Explain JUNOS software support for OSPF
Configure a Juniper Networks router with a minimum OSPF
configuration
Describe IS-IS standards, terminology, network addressing, packet
format, and traffic engineering extensions
Explain JUNOS software support for IS-IS
Configure a Juniper Networks router with a minimum ISIS
configuration

Inc.
IGPs vs EGPs
IGP Internal Gateway Protocol
Used to optimize the route a packet takes between points
within an Autonomous System(AS network infrastructure
under a unique set of administrative and technical policies)
EGP External Gateway Protocol
Used to provide for the exchange of routing information
between Autonomous Systems
Typically designed for doing policy routing, providing control
over routes leaving and entering an AS

Inc.
What Is OSPF?
An interior gateway protocol (IGP) based on the
shortest path first (SPF) algorithm, also known as the

Dijkstra algorithm
Created to fill the need for a high-functionality,
standards-based IGP for the TCP/IP protocol family
Main RFCs:
1587 OSPF NSSA Option
2328 OSPF Version 2 (current implementation)

Inc.
What Is a Link-State Protocol ?

Link = router interface
State = description of interface and its relationship to
neighboring routers
OSPF routers send link-state advertisements (LSAs) to
all other routers within the same hierarchical area
Routers store information in a link-state, or topological,
database
Each OSPF router uses the SPF algorithm to calculate
the shortest path to each node

Inc.
What Is SPF?
Places each router at the root of a tree and calculates
the shortest path to each destination based on the

cumulative cost to reach that destination
Each router has its own view of the topology, even
though all the routers build a shortest-path tree using
the same link-state database

Inc.
OSPF Routing Hierarchy

Largest entity is the autonomous system (AS)
An AS can be divided into areas, groups of contiguous
networks, and hosts

Routers within a single area have identical link-state
databases
Area Border Routers (ABRs): routers with interfaces in
multiple areas
AS Boundary Routers (ASBRs): routers that act as gateways
to other protocols or another AS

Inc.
OSPF Backbone
OSPF backbone (Area 0) distributes routing
information between areas

Contains all area border routers and backbone routers
All traffic between areas goes through the backbone
Backbone is itself an OSPF area

If backbone is configured as not contiguous, must
configure virtual links

Between any backbone routers that share a link to a
nonbackbone area, or the transit area

Function as direct links

Inc.
OSPF Area Relationships

Intra-area routes
Area 1
Inter-area routes
(Summary routes)
Area 3
Area 2
Backbone
(0.0.0.0)
RIP
External routes
BGP

Inc.
OSPF Stub Areas

Stub areas
Do not carry external routes
Virtual links cannot be configured across
Cannot contain ASBR
Totally stubby areas
Stub area that only receives the default route from the
backbone
Not-so-stubby areas
Allows limited importing of external routes
Transit areas
Used to pass traffic from one adjacent area to the backbone,
or to another area if the backbone is more than two hops away
from an area

Inc.
OSPF Area Types

Intra-area routes
Stub
area
Inter-area routes
(summary routes)
Default route
Not-so-stubby
area
Backbone
(0.0.0.0)
Totally stubby
area
RIP
External routes
BGP

Inc.
OSPF Neighbors
Routers that share a common segment within a single
area are neighbors

Neighbors become adjacent to exchange LSAs
The goal: to achieve identical link-state databases

Inc.
Neighbors Exchange Link-State Info

Neighbors exchange link-state update packets
containing LSAs at initialization and when routing

information changes
Link-states exchanged by flooding: Each router that
receives a link-state update stores a copy in its linkstate database and then propagates the update to other
routers
Once the database is complete, the router calculates an
SPF Tree to all destinations using the Dijkstra
algorithm
OSPF activity determined by the amount of change
the less change, the less activity
Inc.
OSPF Packet Types

Hello: Establishes and maintains neighbor relationships
Database Description: Describes the contents of the link-state
database by sending LSA headers. Exchanged when an adjacency

is initialized.
Link-State Request: Requests specific LSAs from neighbor
routers. Exchanged after a router discovers that parts of its
database are missing or out of date.
Link-State Update: Responds to a link-state request packet. Also
used for the regular dispersal of LSAs to reflect topology changes.
Several LSAs can be included within a single link-state update
packet.
Link-State Acknowledgment: Acknowledges receipt of link-state
update packets. Implements guaranteed flooding.

Inc.
OSPF Routing
Link-state advertisements
Summary Links
Types 3 and 4
Router Links
Type 1
ABR
Describe the state and cost of the routers

links (interfaces) to the area (Intra-area).
Network Links
Type 2
DR
Originated by ABRs only.

Describe networks in the AS but outside of area
(Inter-area).
Also describe the location of the ASBR.
External Links
Type 5
ASBR
NSSA External Links

Type 7
NSSA
ASBR
Originated for multi-access segments with

more than one attached router. Describe
all routers attached to the specific
segment. Originated by a Designated
Router (discussed later on).
Originated by an ASBR.
Describe destinations external
to the autonomous system or a
default route to the outside AS.
Used by not-so-stubby areas to

import external routes into a stub
area.

Inc.
Link-State Advertisements
Field length,
in bytes
Version
Type
number
# of LSAs
Packet
length
Router ID
LSA
Header
Area ID
LSA Data
Variable
Checksum
Authentication
type
Authentication
Data
LSA
Header
LSA Data

Inc.
Designated Router
One designated router (DR) and one backup designated
router (BDR) per multi-access segment

Minimizes amount of information exchange on the
segment
Designated
Router
Backup
Designated
Router

Inc.
External Routes
ASBRs discover external routes
Static routes
Exterior gateway protocol, such as BGP, for example
External Type 1
Cost = external cost + internal cost
Preferred over Type 2
External Type 2
Cost = external cost

Inc.
When to Use OSPF

Faster convergence than distance vector
Supports much larger networks
Less susceptible to bad routing information

Inc.
OSPF Design Tips

Number of routers per area
Depends on many factors
Number of neighbors
Fewer neighbors = better performance
Link State Database grows proportionately to the number of
links in an area
Number of areas per ABR
Fewer areas = better performance
Full mesh vs. partial mesh

Partial works better

Inc.
JUNOS OSPF Support

OSPF Version 2, including:
Virtual links
Stub areas
Authentication

Inc.
Configuring OSPF
Minimal configuration example
protocols {
ospf {
area 0.0.0.0 {
interface interface-name;
interface interface-name;
}
}

Inc.
Useful Commands
show ospf neighbor displays state of neighbors/adjacencies
Address
Intf
State
ID
Pri Dead
172.16.30.254
fe-0/0/0.0
Full
10.250.240.8
128
30
area 0.0.0.5, opt 0x2, DR 172.16.30.254, BDR 172.16.30.253
Up 00:10:50, adjacent 00:10:50
172.16.30.253
fe-0/0/0.0
Full
10.250.240.35
area 0.0.0.5, opt 0x2, DR 172.16.30.254, BDR 172.16.30.253
Up 00:10:50, adjacent 00:10:52
128
30
172.16.30.252
fe-0/0/0.0
2Way
10.250.240.32
area 0.0.0.5, opt 0x2, DR 172.16.30.254, BDR 172.16.30.253
Up 00:08:10
64
38
show ospf interface displays state of interfaces

Interface
fe-0/0/0.0
fe-0/0/1.0
State
DR
DR
Area
0.0.0.0
0.0.0.0
DR ID
192.168.12.1
192.168.12.1
BDR ID
192.168.8.1
0.0.0.0

Inc.
Nbrs
1
0
Useful Commands (contd)

show ospf database displays all learned OSPF LSAs
OSPF link state database, area 0.0.0.0
Type
ID
Adv Rtr
Router *10.250.240.8
10.250.240.8
Router
10.250.240.17
10.250.240.17
Router
10.250.240.32
10.250.240.32
Router
10.250.240.35
10.250.240.35
Network 192.168.254.230 10.250.240.8
Summary 10.1.2.0
10.250.240.17
Summary 10.1.3.34
10.250.240.8
OSPF link state database, area 1.0.0.0
Type
ID
Adv Rtr
Router
10.250.240.9
10.250.240.9
[additional information]
Seq
0x800001fc
0x80000217
0x80000232
0x80000291
0x800001cc
0x80000216
0x8000013a
Age
2388
1835
1876
1100
117
1535
2217
Cksum Len
0x3684 36
0x444c 36
0x0158 36
0x4aa5 36
0xab67 40
0x1729 28
0x842f 28
Seq
0x80000267
Age
116
Cksum Len
0x1bb3 36

Inc.
Lab 5: OSPF Configuration Lab

Lab objective:
Configure a Juniper Networks router with a minimal
OSPF configuration

Inc.
Review Questions
1. What type of routing protocol is RIP?
2. What algorithm is used by RIP to determine the best
3.
4.
5.
6.
7.
8.
9.
path to forward data?

What type of metric does RIP use?
What is the maximum network diameter, in terms of
hop count, for RIP?
What is a Link-State protocol?
Describe the types of areas that can be used by
OSPF?
Describe the purpose of the DR in OSPF?
What are ISIS packets called?
Describe some similarities between OSPF and ISIS?
Inc.
Juniper Networks
Module 9: BGP Protocol
IJNR-6.b.6.1.2
Module Objectives
be able to:
Describe the definition, use, operation, implementation, and
interoperability considerations for BGP

Describe BGP standards, autonomous systems, AS path and
attributes, external and internal operational features, routes,
and messages
Explain JUNOS software support for BGP

Inc.
What Is BGP?
BGP is an inter-domain routing protocol that
communicates prefix reachability

BGP is a path vector protocol
Similar to distance vector
BGP views the Internet as a collection of autonomous
systems
Stability is very important to the Internet and BGP
BGP supports CIDR
BGP routers exchange routing information between
peers
Defined in RFC 1771
Inc.
BGP Fundamentals
Routes consist of destination prefixes with an AS path
and BGP-specific attributes

Each BGP update contains one path advertisement and
attributes
Many destinations can share the same path
BGP compares the AS path and attributes to choose
the best path

Unfeasible routes can be advertised
Unreachable routes are withdrawn

Inc.
BGP Connections
BGP updates are incremental
No regular refreshes
Except at session establishment, when volume of routing
can be high
BGP runs over TCP connections
TCP port 179
TCP Services
Fragmentation, Acknowledgments, Checksums, Sequencing, and
Flow Control
No automatic neighbor discovery

Inc.
BGP Peering
BGP sessions are established between peers
BGP Speakers
Two types of peering sessions
E-BGP (external) peers with different AS's
I-BGP (internal) peers within the same AS
Still requires interior gateway protocols (IGPs)
IGP connects BGP speakers within the AS
IGP advertises internal routes

Inc.
E-BGP and I-BGP

ISP-X AS 2
E-BGP
E-BGP
I-BGP
I-BGP
OSPF
OSPF
Customer AS 1
E-BGP
E-BGP
I-BGP
I-BGP
No AS number;
uses default route
to the Internet
Customer 2
ISP-Y AS 3

Inc.
I-BGP Loopback Interfaces

I-BGP peering is often done using loopback interfaces
Loopback interfaces are more stable
Not tied to a single physical path
The AS needs an IGP so that I-BGP speakers can reach each
others loopback address
Lo0: 192.168.255.2/32
Lo0: 192.168.255.1/32
Router A
Router C
Full-Mesh
Full-Mesh
I-BGP
I-BGP
Router B
Lo0: 192.168.255.3/32
AS 1

Inc.
E-BGP Multihop and Load Balancing

E-BGP Multihop
Need TTL >1
Loopback interface 0: 172.25.1.1
E-BGP
192.168.1.3
192.168.1.2
AS 1
Router A
Router B
E-BGP Load Balancing
Dont limit E-BGP session to 1 physical link
10.1.1.1
AS 1
172.16.0.0
10.2.2.1
Router A
AS 3
E-BGP
10.1.1.2
10.2.2.2
Router B

Inc.
AS 2
172.18.0.0
BGP Route Advertisement

Advertise only the active BGP routes to peers
BGP next-hop must be reachable
Never forward I-BGP routes to I-BGP peers
Prevents loops
Withdraw routes if active BGP routes become
unreachable

Inc.
Default BGP Advertisement Rules

ISP 1 AS 2
I-BGP
I-BGP
E-BGP
E-BGP
I-BGP
I-BGP
Customer AS 1
(1) I-BGP advertises

routes learned from
E-BGP, and
(2) E-BGP advertises any

route learned from I-BGP
or E-BGP, but
(3) I-BGP does not
advertise any routes
learned via I-BGP

Inc.
The Need for a Full I-BGP Mesh

How do the default rules
of I-BGP/E-BGP impact
AS2?
AS1
R11
R22
N22
Advertise
N22
Advertise
N22
N23
X N23
E-BGP
R12
Advertise
N22
N23
AS2
Advertise
N22
N23
R21
I-BGP
N22
Advertise
N23
N23
R23
R13

Inc.
BGP Message Types

Four BGP message types:
Open
Update
Keepalive
Notification
Messages use a common header

Inc.
When to Use BGP

Enterprise network that is multihomed to two or
more ISPs
To support full or partial routes
To participate as an Internet Backbone Provider
Internet
ISP 1
ISP 2
Corporate
Network

Inc.
JUNOS Software Support for BGP

RFC 1771, A Border Gateway Protocol 4 (BGP-4)
RFC 1772, Application of the Border Gateway Protocol in the
Internet
RFC 1965, Autonomous System Confederations for BGP
RFC 1966, BGP Route Reflection: An Alternative to Full-Mesh
I-BGP
RFC 1997, BGP Communities Attribute
RFC 2270, Using a Dedicated AS for Sites Homed to a Single
Provider
RFC 2283, Multiprotocol Extensions for BGP-4
RFC 2385, Protection of BGP Sessions through the TCP MD5
Signature Option
RFC 2439, BGP Route Flap Damping
RFC 2842, Capabilities Advertisement with BGP-4

Inc.
JUNOS BGP Routing Table

BGP stores routes in the JUNOS software routing table
(inet.0)
Routing table stores
Routing information learned from update messages
Local routing information selected by applying local policies
to routes received in update messages

Information selected to advertise to BGP peers

Inc.
Basic BGP Configuration

routing-options {
autonomous-system 64;
}
protocols {
bgp {
group external-peer1 {
type external;
peer-as 1234;
neighbor 10.0.0.1;
}
group internal-peers {
type internal;
local-address 192.168.1.1;
neighbor 10.0.5.1;
neighbor 10.0.6.1;
}
}
}

Inc.
Basic Routing Policy

JUNOS software policy is used to insert prefixes into
BGP updates
Import and Export policies can be defined
Import policies control which routes are placed in the local
routing table
Export policies control which routes are advertised from local
routing table to neighbors

Inc.
Basic Policy Configuration

First, define the policy:
policy-statement redistribute-static-routes {
from protocol static;
then accept;
}
Then apply the policy under BGP:

protocols {
bgp {
export redistribute-static-routes;
}
}

Inc.
Show BGP Neighbor

user@host> show bgp neighbor
Peer: 10.1.1.2+179 AS 29
Local: 10.1.1.1+1048 AS 29
Type: Internal State: Established
Flags: <>
Last State: OpenConfirm
Last Event: RecvKeepAlive
Last Error: None
Options: <Preference HoldTime>
Holdtime: 90
Preference: 170
Number of flaps: 1
Error: "Cease" Sent: 1 Recv: 0
Peer ID: 10.1.1.2
Local ID: 0.0.0.0
Active Holdtime: 90
NLRI advertised by peer: unicast
NLRI for this session: unicast
Group Bit: 0 Send state: in sync
Table inet.0
Active Prefixes: 0
Received Prefixes: 0
Suppressed due to damping: 0
Table inet.2
Active Prefixes: 0
Received Prefixes: 0
Suppressed due to damping: 0
Last traffic (seconds):
Received 25
Sent 21 Checked 21
Input messages:
Total 4143
Updates 0
Octets 78717
Output messages:
Total 4156
Updates 10
Octets 79303
Output Queue[0]: 0
Output Queue[1]: 0

Inc.
Show BGP Summary

show bgp summary
View basic information about all BGP neighbors
Groups: 12
Peer
172.17.0.2
192.168.1.1
192.168.1.97
192.168.1.100
Peers: 26
AS
45
33
23
432
InPkt
1225
911
10458
10458
Unestablished peers: 2
OutPkt
55263
0
2201
163
OutQ Flaps Last Up/Dn

50511
0
18:22:14
0
0
18:22:27
41043
0
18:22:03
17643
0
17:01:18
State|#Act/Recv/Da
47769/50591/0
Active
0/0/0
Active

Inc.
Show BGP Routes

show route receive-protocol bgp <addr>
Look at routes received by a peer before policy is applied
user@host> show route receive-protocol bgp 11.1.1.1
Prefix
Nexthop
MED
Lclpref AS path
10.0.0.0/8
192.168.1.1
100
I
172.16.0.0/12
172.19.1.1
100
I
show route advertising-protocol bgp <addr>

Look at routes being advertised to a specific peer
user@host> show route advertising-protocol bgp 10.1.1.2
Prefix
Nexthop
MED
Lclpref AS path
10.0.0.0/8
Self
100
I
172.16.0.0/12
Self
100
I

Inc.
Lab 7: BGP Configuration Lab
Lab objective:
Configure a Juniper Networks router with a minimal
BGP configuration

Inc.
Review Questions
1. On what type of network would you implement BGP?
2. How does BGP advertise routes?
3. How would a typical ISP design a network to support
BGP? Draw a sample network.

Inc.
Advanced VPNs
Module 10: MPLS Review and

Background Information
IJNR-6.b.6.1.2
Module Objectives
Basic Review of MPLS
High-Level Overview of Traffic Engineering
MPLS Terminology
Resource Reservation Protocol
Named Path via Explicit Route Objects
Constraint-Based Routing Overview
Administrative Groups
Fast Reroute
Circuit Cross-Connect Overview
Label Distribution Protocol
Basic MPLS Configuration Summary

Inc.
Agenda: MPLS Review

MPLS Terminology
Fast Reroute

Inc.
MPLS Benefits
Fully integrates IP routing and Layer 2 switching
Leverages existing IP infrastructures
Optimizes IP networks by facilitating traffic engineering
Enables multi-service networking
Integrates private and public networks seamlessly

Inc.
Traffic Engineering
Source
Destination
Layer 3 Routing
Traffic Engineering
Ability to control traffic flows in the network

Optimizes available resources
Moves traffic from IGP path to less congested path

Inc.
Traffic Engineering Uses

With traffic engineering, you can:
Route paths around bottlenecks
Provide concise traffic control
Provide efficient bandwidth use
Enhance an ISPs traffic-oriented performance
Enhance statistically bound performance characteristics of
the network
Provide more options, lower costs, and better service

Inc.

Inc.
Agenda: MPLS Review

MPLS Terminology
Fast Reroute

Inc.

Information distribution component
Path selection component
Path signaling component
Packet forwarding component

Inc.

Inc.

Inc.
Information Distribution
IGP extensions propagate information
IS-IS uses type/length/value (TLV) tuples
OSPF uses opaque LSA type 10
Information is propagated within area/level only
Information propagated
Bandwidth available
Preemption priority
Link affinity (link colors)
Router ID

Inc.

Inc.
Path Selection
Egress
LSR
Ingress
LSR
LSP
Two main approaches or a hybrid approach

Offline path calculation (in-house or third-party tools)
Online path calculation (constraint-based routing)
Hybrid approach provides the accuracy of offline approach
with failure recovery capability

Inc.
Path Signaling
Dynamic path creation requires a signaling protocol to:
Coordinate label distribution
Route the LSP explicitly
Reserve bandwidth (optional)
Provide class-of-service capability (DiffServ style)
Reassign resources (like bandwidth)
Preempt existing LSPs
Prevent loops

Inc.
Path Signaling Protocols

The IETF MPLS architecture does not assume
a single protocol for assigning and distributing labels

LDP
Executes hop by hop
Selects same physical path as IGP
Supports reduced LSP complexity
RSVP
Extends easily for explicit routes and label distribution
Deployed by providers in production networks
A well-known signaling protocol
CR-LDP
Extends LDP to support explicit routes
Functionally identical to RSVP
Not supported by Juniper Networks

Inc.

Inc.
Packet Forwarding
Ingress router examines IP header
Packet is then:
Classified for interface output queue
Assigned a label
Encapsulated in an MPLS header
Forwarded toward the next hop in the LSP

Inc.
Agenda: MPLS Review

MPLS Terminology
Fast Reroute

Inc.
MPLS Terminology
Forward equivalence class (FEC)
Stream/flow of IP packets
FEC/label binding mechanism
Label
Fixed length
Local significance
Label distribution, retention, and control
Downstream on demand/unsolicited downstream
Liberal/conservative
Independent/ordered
LSR label processing

Push/swap/pop/multi-push/swap-push

Inc.

Inc.
MPLS Terminology: MPLS Shim Header

Label (20 bits)
L2 Header
MPLS Header
CoS S
IP Packet
32
bits
MPLS shim header fields:

Label (L)
Experimental (CoS)
Stacking bit (S)
Time to live (TTL)
Reserved and pre-defined label values

Inc.
TTL

Inc.

Inc.
MPLS Terminology: Label Swapping

Connection Table
IP 25
Port 1
Port 3
In
Out
Label
(port, label) (port, label) Operation
Port 2
Port 4
IP 19
(1, 22)
(2, 17)
Swap
(1, 24)
(3, 17)
(1, 25)
(4, 19)
Swap
Swap
(2, 23)
(3, 12)
Swap

Inc.
MPLS Terminology: Router Types

Egress
LSR
Ingress
LSR
San
Francisco
Transit
LSR
New York
Transit
LSR
Penultimate
Router
LSP

Inc.

Inc.
Packet Forwarding
Source
Ingress
LSR
Egress
LSR
Paris
Rome
Ingress LSR determines FEC and assigns a label

Forwards Paris traffic on the green LSP
Forwards Rome traffic on the blue LSP
Traffic is label-swapped at each transit LSR
Egress LSR
Removes MPLS header (dependent upon penultimate hop
pop)
Forwards packet based on destination address
Inc.
Packet Forwarding Example

134.5.6.1
134.5.1.5
Lo0:192.168.2.1
Egress Routing Table
200.3.2.7
3
Ingress Routing Table
200.3.2.7 99
Destination
Next Hop
BGP Next Hop
134.5/16
(3,99)
192.168.2.1
200.3.2/24
(3, 99)
192.168.2.1
200.3.2.7
Next Hop
134.5/16
134.5.6.1
200.3.2/24
200.3.2.1
200.3.2.7
200.3.2.7 56
MPLS Table
Destination
MPLS Table
In
Out
In
Out
(1, 99)
(2, 56)
(3, 56)
(5, 3)
200.3.2.1

Inc.
200.3.2.7
Test for Understanding

Label Stacking
IP
25
Penultimate Hop Pops Label
IP
42
24
IP
18
24
IP
24
IP
56
Penultimate LSR
Tunneling LSP
What label value does the egress LSR for the tunneling
LSP signal to the penultimate LSR so that label 18 is
popped off the top of the stack?

Inc.
Agenda: MPLS Review

MPLS Terminology
Fast Reroute

Inc.

Internet standard for resource reservation
Originally intended for IP QoS
Not a routing protocol
Transports and maintains traffic and policy parameters that
are opaque to RSVP
Simplex reservations for unicast traffic
Receiver-oriented resource allocation
Maintains soft state for graceful changes of:
Multicast membership
Routing
Multiple reservation styles

Supports IPv4 and IPv6

Inc.
RSVP Session
Ingress
Router
Egress
Router
PATH
RESV
Host
R1
R4
R8
R9
Host
Can have simultaneous, multiple, independent
sessions
Session is data flow defined by three parameters (destination
address, protocol ID, destination port)

RSVP sessions are between hosts, not just routers
Use traceoptions to show session creation information:
May
May
May
8 13:26:42 RSVP new Session 192.168.80.1(port 17) Proto 0

8 13:26:42 RSVP new path state, session 192.168.80.1(port 17) Proto 0
8 13:26:42 RSVP new resv state, session 192.168.80.1(port 17) Proto 0

Inc.
RSVP Messaging Protocol

Establish Path
State Block
Ingress
Router
Egress
Router
Path
Resv
Host
R1
R4
R8
Establish Resv
State Block
R9
RSVP message types

Path: establishes state
Resv: reserves resources
PathTear: removes path state
ResvTear: removes reservation state
PathErr: error message sent upstream to sender
ResvErr: establishes blockade state
ResvConf: message confirming reservation request
Path and resv state block data structures store soft

state information
Inc.
Host

Inc.
Traffic Engineering Extensions

Path message extensions
Mandatory:
Session object: identifies that the RSVP session will be an LSP tunnel
Label request object: requests LSRs to provide a label binding
Optional:
Explicit route object (ERO): specifies predetermined path, independent of
IGP path
Record route object (RRO): lists the LSRs that the LSP tunnel traverses
Session attribute object: aids in session identification, and also controls
path setup priority, holding priority, and local-rerouting features
Resv message extensions

Mandatory:
Label object: performs the upstream-on-demand label distribution
process
Session object: uniquely identifies the LSP being established
Style object: specifies the reservation style (fixed-filter or
shared-explicit)
Optional:
Record route object: returns the LSPs path to the sender of the path
message
Inc.
Path Message
Ingress
LSR
Explicit Route = {R1, R2, R3, R4}

PATH
ERO= {R2, R3, R4}
R1
PATH
ERO= {R3, R4}
PATH
ERO= {R4}
Egress
LSR
R2
R3
R4
Establish Path
State Block
Establish Path
State Block
Establish Path
State Block
RSVP path message

Explicit route is passed to R1
R1 transmits a path message addressed to R4
Label request object requests label binding
ERO = {strict R2, strict R3, strict R4} (optional field)
Record route object lists nodes visited (optional field)
Session object identifies LSP name
Session attributes controls priority, preemption, fast reroute (optional
field)
Sender Tspec requests bandwidth reservation
Each router
acts on
because
of router alert
Copyright
RSVP
2003,packet
Juniper
Networks,
option
Inc.

Inc.

Inc.
Resv Message
Ingress
LSR
i2
R1
Egress
LSR
Penultimate
LSR
RESV
i3
Label = 17
MPLS Table
i6
R2
RESV
Label = 20
i2
i5
RESV
R3
MPLS Table
i4
Label = 3
R4
MPLS Table
In
Out
In
Out
In
Out
IP Route
(2, 17)
(3, 17)
(6, 20)
(2, 20)
(5, Pop)
Resv message
R4 transmits a resv message to R3
Label = 3 (indicates that penultimate LSR should pop header)

Session object uniquely identifies the LSP
Style object identifies fixed filter or shared explicit
Record route object lists nodes visited (optional field)
R3 and R2
Stores outbound label, allocates an inbound label
Transmits resv message with inbound label to upstream LSR

R1 binds label to FEC
Inc.

Inc.
Agenda: MPLS Review

MPLS Terminology
Fast Reroute

Inc.
Named Path via Explicit Route Object

Permits explicit path assignment
Used to specify the route RSVP path messages take for
setting up LSP
Can specify loose or strict routes
Loose routes rely on routing table to find destination
Strict routes specify the directly connected next hop
A route can have both loose and strict components
Uses ERO processing algorithm

Inc.

Inc.
Named Path ERO: Strict Route

Next hop must be directly connected to previous hop
ERO
B strict
C strict
E strict
D strict
F strict
A
Ingress
LSR
Strict

Inc.
Egress
LSR
Named Path ERO: Loose Route

Consult the routing table at each hop to determine the
best path
ERO
D loose
A
Ingress
LSR
Loose

Inc.
Egress
LSR
Named Path ERO: Strict/Loose Path

Strict and loose routes can be mixed
ERO
Strict
C strict
D loose
F strict
A
Ingress
LSR
Loose

Inc.
Egress
LSR
Named Path Code

mpls {
traffic-engineering bgp-igp;
label-switched-path Blue1 {
to 192.168.24.1;
primary one;
}
label-switched-path Blue2 {
to 192.168.12.1;
primary one;
}
path one {
192.168.20.1 loose;
Use loopback address

instead of interface address,
so loose section of path
can reroute if necessary
}
isis {
traffic-engineering shortcuts;
interface all {
level 1 disable;
}
}

Inc.
Named Path Verification

lab@HongKong> show mpls lsp
Ingress LSP: 2 label-switched paths

To
From
State Rt ActivePath
LSPname
192.168.12.1
192.168.16.1
Up
2 one
Blue2
192.168.24.1
192.168.16.1
Up
5 one
Blue1
Total 2 displayed, Up 2, Down 0
Egress RSVP: 0 sessions

Transit RSVP: 0 sessions


Inc.
Agenda: MPLS Review

MPLS Terminology
Fast Reroute

Inc.
Constraint-Based Routing Overview (1 of 2)

Modified shortest path first algorithm
Integrates TED data
IGP topology information

Available bandwidth
Link color
Path determined according to administrative constraints of
LSP
Maximum hop count
Bandwidth
Strict or loose routing
Administrative groups
Priority
Prunes non-qualifying paths then performs an SPF
algorithm on remaining routes

Inc.
Constraint-Based Routing Overview (2 of 2)

Operations Performed by the Ingress LSR
Extended IGP
Routing Table
Traffic Engineering
Database (TED)
Constrained
Shortest Path First
1) Stores information from IGP flooding

2) Stores traffic engineering information
Explicit Route
3) Examines user-defined constraints

4) Calculates the physical path for the LSP
5) Represents path as an explicit route
6) Passes ERO to RSVP for signaling
RSVP Signaling

Inc.
User
Constraints
IGP Extensions
Extended IGP
Routing Table
Traffic Engineering
Database (TED)
Constrained Shortest
Path First (CSPF)
Distributes topology and traffic
engineering information using

IGP extensions
Explicit Route
Maximum reservable bandwidth

Remaining reservable bandwidth
Link administrative groups
RSVP Signaling
(color)
Mechanisms
Opaque
LSAs for
OSPF
Copyright
NewInc.
TLVs for IS-IS
User
Constraints
Traffic Engineering Database

Traffic engineering database
Used exclusively for calculating explicit paths for the
placement of LSPs across the physical topology
Maintains traffic engineering information learned from the
extended IGP
Contents
Up-to-date network topology information
Current reservable bandwidth of links
Link administrative groups (colors)
Link priority information

Inc.
User Constraints
Extended IGP
Routing Table
Traffic Engineering
Database (TED)
Path First (CSPF)
User-defined constraints applied
to path selection
Explicit Route
Bandwidth requirements
Hop count limitations (for fast reroute)
Administrative groups (colors)
Priority (setup and hold)

Explicit route (strict or loose)*
* Also specified for signaled LSPs (no-cspf)
RSVP Signaling

Inc.
User
Constraints
Constrained Shortest Path First

Extended IGP
Routing Table
Traffic Engineering
Database (TED)
Path First (CSPF)
For LSP = (highest priority) to (lowest priority)
Prune links with insufficient bandwidth
Prune links that do not contain an included

color
Prune links that contain an excluded color
Calculate shortest path from ingress to egress

consistent with ERO
Select among equal-cost paths (least hop,

then fill)
Pass explicit route to RSVP
End for
Explicit Route
RSVP Signaling

Inc.
User
Constraints
RSVP Signaling
CSPF
ERO
Egress
LSR
PATH
RSVP
RESV
Ingress
LSR
RSVP signaling
Explicit route calculated by CSPF is handed to RSVP
RSVP is unaware of how the ERO was calculated
RSVP establishes LSP
Path: Establishes state and requests label assignment
Copyright
Resv: Distributes labels and reserves resources
Inc.
Agenda: MPLS Review

MPLS Terminology
Fast Reroute

Inc.
Administrative Groups (1 of 7)
Thirty-two named groups, 0 through 31carried as
32-bit value in IGP updates
Groups assigned to interfaces
Silver
Gold
San
Francisco
Bronze

Inc.
1 1 0 0 0 0 0 0
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1
1 1
Colors advertised on a per-link basis via IGP: 0xC000000E
Colors on router: internal management, bronze, silver, gold

Inc.
[edit protocols]
mpls {
admin-groups {
good 1;
silver 2;
bronze 3;
management 30;
internal 31;
}
interface so-0/0/0 {
admin-group [ good management ]
}
admin-group silver;
}
admin-group good;
}
admin-group good;
}
}

Inc.
CSPF can include and exclude groups in automatic
path calculation
Logical groupings are supported
mpls {
label-switched-path to-miami {
to 1.1.1.1;
primary use-fargo {
admin-group {
Logical
include gold;
exclude [ bronze silver ]
}
}
}
Logical OR
path use-fargo {
10.0.1.2 loose;
}
}
AND

Inc.
A-D-H has the lowest IGP metric4
1
A
1
5
3

Inc.
Choose the path from A to H using:
admin group {
include [copper bronze];
exclude admin;
}
d
ol
G
o
r
B
Silver
E
er
Co 2
pp
er
Copp
e
2 ze
n
C
op
Br 3
on
ze
Gold
e
nz
ro
B
Admi
n
Copper
Admin
Bronze
in
Adm
I
Cop
per
1
H

Inc.
A-D-E-G-I-H is the shortest path excluding the admin
class and including copper or bronze
d
ol
G
o
r
B
Silver
E
er
Co 2
pp
er
Copp
e
2 ze
n
C
op
Br 3
on
ze
Gold
e
nz
ro
B
Admi
n
Copper
Admin
Bronze
in
Adm
I
Cop
per
1
H

Inc.
Agenda: MPLS Review

MPLS Terminology
Fast Reroute

Inc.
Fast-Reroute Overview
Short-term solution to reduce packet lossif node or
link fails, upstream node:

Immediately detours
Signals failure to ingress LSR
Ingress LSR knows traffic engineering constraints

Ingress router computes alternate route based on configured
secondary paths; tries to reestablish primary path
Initiates long-term reroute solution
By default, reroute paths inherit administrative groups only
no other parameters

Inc.
Fast-Reroute Operation
Fast reroute in operation:
Configured on ingress router only
Detours around node or link failure
~100s of ms reroute time
Detour paths immediately available

Uses TED to calculate detour

Inc.
Fast-Reroute Example
Enable fast reroute on ingress LSR
SF creates detour around LA
LA creates detour around Austin
Austin creates detour around Miami
Fargo
New York
San
Francisco
Los Angeles
Miami
Austin Networks,
Inc.
Fast-Reroute Example: Short Term

LA to Austin link fails
LA immediately detours around Austin
LA signals to SF that failure occurred
Fargo
New York
San
Francisco
Miami
Los Angeles
Austin

Inc.
Fast-Reroute Example: Long Term

SF fails over to secondary path
Fargo
New York
San
Francisco
Miami
Los Angeles
Austin

Inc.
Fast Reroute
protocols mpls
label-switched-path Tom {
to 192.168.24.1;
protocols mpls
path top {
primary top;
192.168.0.1 loose;
secondary bottom {
192.168.2.1 loose;
bandwidth 75m;
priority 5 5;
path bottom {
192.168.8.1 loose;
standby;
192.168.12.1 loose;
}
fast-reroute;

Inc.
Agenda: MPLS Review

MPLS Terminology
Fast Reroute

Inc.

Connects two Layer 2 circuits
Supports:
PPP, Cisco HDLC, Frame Relay, ATM, and VLAN 802.1Q
Based on Layer 2 circuit ID

Carries any protocol
Connects only like interfaces (for example, Frame Relay to Frame
Relay, or ATM to ATM)
Three types of cross-connects:

Layer 2 switching
MPLS tunneling
Stitching MPLS LSPs

Inc.
CCC MPLS Interface Tunneling (1 of 2)

ATM Access Network
ATM VC 514
IP Backbone
M40
MPLS LSP
ATM Access Network
M20
ATM VC 590
Transports packets from one interface through an
MPLS LSP to a remote interface

Supports tunneling between two like interfaces, such as
ATM, Frame Relay, PPP, and Cisco HDLC connections

Bridges Layer 2 packets from end to end
ATM operation

Inc.
CCC MPLS Interface Tunneling (2 of 2)

ATM Access Network
ATM VC 514
IP Backbone
M40
ATM Access Network
MPLS LSP1
M20
ATM VC 590
MPLS LSP2
at-7/1/1.514
[edit protocols]
user@M40# show
connections {
remote-interface-switch m40-to-m20
interface at-7/1/1.514;
transmit-lsp lsp1;
receive-lsp lsp2;
}
at-3/0/1.590
[edit protocols]
user@M20# show
connections {
remote-interface-switch m20to-m40
interface at-3/0/1.590;
transmit-lsp lsp2;
receive-lsp lsp1;
}

Inc.
Special Caveats for CCC

VLAN CCC caveats
VLAN tagging at physical interface
VLAN 0-511 on unit with ccc-encap support 802.1Q VLAN
VLAN 512-4094 only VLAN IDs that support CCC
GE PICs must be Rev B
Frame Relay: encapsulates frame-relay-ccc at physical
interface
DLCI 1-511 on unit is normal Frame Relay
DLCI 512-1022 on unit is CCC Frame Relay
Layer 2 switching cross-connect: PPP and HDLC must be
unit 0
ATM: cannot configure family on unit if atm-ccc-vc-mux
encapsulation is set

Inc.

Inc.
Agenda: MPLS Review

MPLS Terminology
Fast Reroute

Inc.
Purpose of LDP (1 of 2)
Creates forwarding equivalence class
A group of IP packets which are forwarded in the same
manner (RFC 3031)
Manages LSP to egress router
New concept
LDP associates the FEC with each LSP it creates
Solves problems
Enables VPNs
Allows traffic class mapping

Inc.
Purpose of LDP (2 of 2)
LDP creates an LSP tree for each FEC from every
possible ingress router to egress router
LDP LSP
Egress
RSVP LSP
G
I
E
D
C
H
F

Inc.
Only one LDP LSP,

while four RSVP
LSPs
Label Distribution Protocol (1 of 2)

Downstream
LDP Peer
Upstream
LDP Peer
Discovery (Hello messages)
TCP Session Establishment
Session
Initialization Messages
Label Request Messages
Label Mapping Messages
Advertisement
Distributes label binding information

Runs on LSRs in conjunction with IP routing protocols
Labels are periodically refreshed
LDP messages types
Discovery: locates potential LDP peers

Session: manages peer-to-peer TCP sessions
Advertisement:
changes,
deletes label mappings
Copyrightcreates,
2003,
JuniperorNetworks,
Notification: provides advisory information
Inc.

Inc.
Label Distribution Protocol (2 of 2)

Net: 11.0.0.0
Net: 10.0.0.0
Label: 17
Upstream
LDP Peer
i3
i1
LSR
i4
MPLS Table
In
Out
(3, 35)
(1, 17)
Advertise
Incoming
Label
N
Ne et:
t: 10
La 11. .0.0
be 0.0 .0
l:
.
53 0
Net: 11.0.0.0
Downstream
Net: 10.0.0.0
LDP Peer
Label: 52
i1
i2
i5
MPLS Table
In
Out
(4, 17)
(5, 52)
Receive
Outgoing
Label
i3
i4
MPLS Table
In
Out
(2, 52)
(3, 29)
Net: 10.0.0.0
Label: 29
Net
:1
Lab 1.0.0.0
el:
29
LDP label mapping

Downstream peer assigns labels
Benefits
Traffic engineering information is not piggybacked on routing
protocols
Limitations
LSPs follow the conventional IGP path
Copyright
2003, Juniper
Does
not support explicit routing
Inc.
Networks,
LDP Tunneling through RSVP-TE LSP (1 of 2)

Router B
Router A
RSVP
LDP
LDP
protocols {
mpls {
label-switched-path lsp-path-name {
from source;
to destination;
ldp-tunneling;
}
}

Inc.
LDP Tunneling through RSVP-TE LSP (2 of 2)
P
D
L
LD
P
LDP
LDP
R
SV
P
RS
VP
RS
VP
P
V
RS

Inc.
Agenda: MPLS Review

MPLS Terminology
Fast Reroute

Inc.

MPLS configuration summary
Configure MPLS and RSVP protocols
Configure family MPLS on interfaces
Configure an LSP
Configure basic IP stuff (for example, addresses and
protocols)

Inc.
Basic RSVP-Signaled LSP

[EDIT]#
Lab@host#set protocols mpls interface all
Lab@host#set protocols rsvp interface all
Lab@host#set interface IN-#/#/# unit 0 family mpls
Lab@host#set protocols mpls label-switched-path TOM to IP address no-cspf

Inc.
Displaying MPLS LSPs

lab@SanFrancisco> show mpls lsp

To
192.168.8.1
From
192.168.2.1
State
Up
Rt ActivePath
LSPname
sf-to-ny
se-gold
Egress RSVP: 2 sessions, 1 detours

To
From
State
Rt Style Labelin Labelout LSPname
192.168.2.1
192.168.8.1
Up
1 FF
NYC-to-SF
192.168.2.1
192.168.8.1
Up
1 FF
NYC2-to-SF


Inc.

Inc.
Displaying Additional MPLS Information

lab@SanFrancisco> show mpls lsp extensive
192.168.8.1
From: 192.168.2.1, State: Up, ActiveRoute: 1, LSPname: sf-to-ny
ActivePath: use-gold (primary)
LoadBalance: Random
*Primary
use-gold
State: Up
Include: gold
Computed ERO (S [L] denotes strict [loose] hops): (CSPF metric: 30)
10.0.5.2 S
10.0.7.2 S
10.0.9.2 S
102 Jan
5 12:12:28 Selected as active path
101 Jan
5 12:11:58 Record Route: 10.0.5.2 S 10.0.7.2 S 10.0.9.2 S
100 Jan
5 12:11:58 Up
99 Jan
5 12:11:58 Clear Call
98 Jan
5 12:11:58 CSPF: computation result accepted
97 Jan
5 12:11:43 Record Route: 10.0.3.1 S 10.0.1.2 S 10.0.14.1

Copyright
Inc.

Inc.
Displaying the MPLS Switching Table

lab@Montreal>show route table mpls.0
mpls.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)
0
*[MPLS/0] 02:47:47, metric 1

Receive
*[MPLS/0] 02:47:47, metric 1

Receive
100003
*[RSVP/7] 00:00:53, metric 1

> to 10.0.24.2 via fe-0/0/2.0, label-switched-path HK-AM1
100003(S=0)
*[RSVP/7] 00:00:53, metric 1

100004
*[RSVP/7] 00:00:53, metric 1

100004(S=0)
*[RSVP/7] 00:00:53, metric 1


Inc.
Displaying RSVP Session Information

lab@SanFrancisco> show rsvp session
Ingress RSVP: 2 sessions

To
From
State Rt Style Labelin
Labelout LSPname
192.168.8.1
192.168.2.1
Up
1 FF
100010
sf-to-ny
192.168.8.1
192.168.2.1
Up
1 FF
100058
sf-to-ny
Egress RSVP: 2 sessions, 1 detours

To
From
State Rt Style Labelin
Labelout LSPname
192.168.2.1
192.168.8.1
Up
1 FF
NYC-to-SF
192.168.2.1
192.168.8.1
Up
1 FF
NYC2-to-SF


Inc.

Inc.
Displaying Neighbor Information
lab@SanFrancisco> show rsvp neighbor

RSVP neighbor: 3 learned
Address
Idle
Up/Dn
LastChange
10.0.3.1
1/0
10.0.4.2
1/0
10.0.5.2
1/0
HelloInt
HelloTx/Rx
5:35:37
2w1d 22:54:25
5:35:42
3
3
MsgRcvd MsgType
29326/6556
448522/448391
29316/6557

Inc.
850 Path,Resv
61407 Path,Resv
30587 Path,Resv
Displaying RSVP-Enabled Interfaces
lab@SanFrancisco> show rsvp interface

RSVP interface: 3 active
Active Subscr- Static
iption
Available
Reserved
Highwater
BW
BW
BW
mark
Interface
State resv
fxp0.0
Up
100%
100Mbps
100Mbps
0bps
0bps
fe-0/0/2.0
Up
100%
100Mbps
100Mbps
0bps
0bps
ge-0/1/0.0
Up
100%
1000Mbps
1000Mbps
0bps
0bps

Inc.
Next Hop Resolution

NJ
I-BGP
.1
SF
192.168.16.1 .1
.1
Denver
10.0.1/30
.2
192.168.1.1
DC
.1
10.0.
24/3
.1 0
192.168.4.1
.2
1021
1056
Dallas
10.0.20/30
.2
192.168.8.1
AS64512
10
.0.
29
/30
/30
.16
0
.
10
.2
Boston
134.112/16
134.112/16
LSP SF-to-NY
lo0 192.168.24.1
AS2
E-BGP
.1
.2
1/30
10.0.2
NY
192.168.24.1
Configure nexthop self
lab@SF> show route 192.168.24.1

192.168.24.1/32
*[IS-IS/18] 00:26:50, metric 30, tag 2

> to 10.0.16.2 via fe-0/0/0.0

192.168.24.1/32
to_ny
*[RSVP/7] 00:00:53, metric 0

> to 10.0.16.2 via fe-0/0/0.0, label-switched-path

Inc.
Using traceroute to Prove LSP Works

lab@SF> traceroute 134.112.1.1
traceroute to 134.112.1.1 (134.112.1.1), 30 hops max, 40 byte
packets
1
10.0.16.2 (10.0.16.2)
0.766 ms
0.662 ms
0.612 ms
MPLS Label=1056 CoS=0 TTL=1 S=1

2
10.0.1.2 (10.0.1.2)
0.709 ms
0.654 ms
0.738 ms
MPLS Label=1021 CoS=0 TTL=1 S=1

3
10.0.24.2 (10.0.24.2)
0.648 ms
0.632 ms
0.610 ms
.
.
.

Inc.
Module Review
1. What are the main benefits of MPLS?
2. How does traffic engineering differ from plain MPLS?
3. Can you describe basic RSVP operation?
4. What is the advantage of using fast reroute?
5. Can you describe the basic operation of LDP?
6. What commands can you use to monitor the
operational status of LSPs on Juniper Networks

M-series and T-series routers?

Inc.

Inc.
Advanced VPNs
Module 11: Layer 3 VPNs
IJNR-6.b.6.1.2
Module Objectives
able to:
Define the roles of P, PE, and CE routers
Describe the format of VPN-IPv4 addresses
Explain the role of the route distinguisher
Describe the flow of RFC 2547bis control information
Explain the operation of the RFC 2547bis forwarding plane

Inc.
Agenda: Layer 3 MPLS VPNs

RFC 2547bis Terminology
VPN-IPv4 Address Structure
Operational Characteristics
Policy-Based Routing Information Exchange
Traffic Forwarding

Inc.

Traffic Forwarding

Inc.
Customer Edge Routers

Customer Edge
PE
VPN A
CE
VPN A
PE
VPN B
CE
CE
CE
PE
VPN B
Customer edge (CE) routers

Located at customer premises
Provide access to the service provider network
Can use any access technology or routing protocol for the
CE/PE connection

Inc.
Provider Edge Routers

Provider Edge
PE
VPN A
CE
VPN A
PE
VPN B
CE
CE
CE
PE
VPN B
Provider edge (PE) routers

Maintain VPN-specific forwarding tables
Exchange VPN routing information with other PE routers
using BGP
Use MPLS LSPs to forward VPN traffic

Inc.
Provider Routers
Provider Routers
PE
VPN A
CE
VPN A
PE
VPN B
CE
CE
CE
PE
VPN B
Provider (P) routers

Forward VPN data transparently over established LSPs
Do not maintain VPN-specific routing information

Inc.
VPN Sites
VPN Site
PE
VPN A
CE
VPN A
PE
VPN B
CE
CE
CE
PE
VPN B
A site is a collection of machines that can
communicate without traversing the service provider

backbone
Each VPN site is mapped to a PE router interface
Routing information is stored in different tables for each site

Inc.
VPN Routing and Forwarding Tables

A VRF is created
for each site
connected to the PE
VPN A
Site 1
VPN A
Site 2
CEA2
VPN B
Site 2
CEA1
P
VPN B
Site 1
PE 2
CEB2
Static
Routing
VPN A
Site 3
PE 1
CEA3
CEB1
PE 3
BGP
Routing
CEB3
CEC1
VPN C
Site 1
OSPF
Routing
CEC2
VPN B
Site 3

Inc.
VPN C
Site 2
VRFs
Each VRF is populated with:
Routes received from directly connected CE sites associated
with the VRF
Routes received from other PE routers with acceptable
MP-BGP attributes
Packets from a given site are only matched against the
sites corresponding VRF

Provides isolation between VPNs

Inc.

Traffic Forwarding

Inc.
Overlapping Address Spaces

10.1/16
CEA1
VPN A
Site 1
VPN A
Site 2
10.1/16
PE 1
CEA2
?
PE 2
10.1/16
VPN B
Site 1
CEB1
CEB2
VPN B
Site 2
10.1/16
VPNs A and B use the same address space

PE 1 uses a separate routing table (VRF) for each VPN site
PE 2 would normally choose between the two 10.1/16 routes

Inc.
MPLS/BGP VPNs solve this problem with the route distinguisher
VPN-IPv4 NLRI Format

Route Distinguisher
Mask
MPLS Label
(3 bytes)
(1 byte)
Type
Administrator
Assigned
Number
(2 bytes)
(variable
length)
(variable
length)
Subscriber IPv4 Prefix

(04 bytes)
VPN-IPv4 address family

New BGP-4 sub-address family identifier (SAFI 128)
Consists of MPLS label + route distinguisher + subscriber IPv4 prefix
Route distinguisher disambiguates IPv4 addresses
Allows service provider to administer its own numbering space
VPN-IPv4 addresses are distributed by MP-BGP

Uses multiprotocol extensions for BGP4 (RFC 2283)
A /32 IPv4 prefix produces a mask of /120 (15 octets)
JUNOS software CLI displays (and the examples in this class)
only show IPv4 prefix length (that is, /32)

Inc.
Route Distinguisher Formats

8-Byte Route Distinguisher
(Type)
(Adm)
4-Byte IP
Address
(AN)
Assigned Number Field: number assigned by the
identified authority for a particular purpose
Administration Field: identifies the assigned number authority
2-Byte Type Field: determines the lengths of the other two fields
Two values are defined for type field: 0 and 1

Type 0: adm field = 2 bytes, AN field = 4 bytes
Adm field should contain an autonomous system number (ASN) from

IANA
AN field is a number assigned by service provider
Type 1: adm field = 4 bytes, AN field = 2 bytes
Administration field should contain an IP address assigned by IANA
Assigned number field is a number assigned by service provider
Copyright
2003, Juniper
Networks,
Examples:
10458:22:10.1.0.0/16
or 1.1.1.1:33:10.1.0.0/16
Inc.
The VPN-IPv4 Address Family

Route distinguisher disambiguates IPv4 addresses
VPN-IPv4 routes
Ingress PE router prepends route distinguisher to IPv4
prefix of routes received from each CE device
VPN-IPv4 routes are exchanged between PE routers using
MP-BGP
Egress PE router converts VPN-IPv4 routes into IPv4
routes before inserting into sites routing table (VRF)
VPN-IPv4 is used only in the control plane
Data plane uses MPLS-encapsulated IPv4 packets

Inc.
Using Route Distinguishers to

Disambiguate Addresses
10.1/16
CEA1
VPN A
Site 1
VPN A
Site 2
10458:22:10.1/16
PE 1
CEA2
PE 2
10458:23:10.1/16
VPN B
Site 1
CEB1
CEB2
VPN B
Site 2
10.1/16
The overlapping routes from A and B cannot be compared as they have unique
route distinguishers

Inc.

Traffic Forwarding

Inc.
2547bis: Operational Overview

VPN A
Site 1
VPN A
Site 2
CEA2
VPN B
Site 2
CEA1
P
PE 2
PE 1
VPN B
Site 1
P
CEB1
CEB2
PE 3
VPN A
Site 3
CEA3
Control flow (signaling plane)

Routing information exchange between CE and PE routers
Independent at both ends
Routing information exchange between PE routers

LSP establishment between PE routers (RSVP or LDP signaling)
Data flow (forwarding plane)

Forwarding user traffic
Inc.
RFC 2547bis Policies

VPNs defined by administrative policies
Used for connectivity and QoS guarantees
Defined by customers
Implemented by service providers
Full-mesh or hub-and-spoke connectivity
Logical VPN topology results from the application of export
and import route target policies

Inc.
PE-PE Route Distribution

Distribution of routes is controlled by BGP extended
community attributes and VRF policy

Route target
Identifies a set of VRFs to which a PE router distributes routes
Site of origin/route origin
Identifies the specific site from which a PE router learns a route
Structured similarly to the route distinguisher

8 bytes in length
2-byte type field, 6-byte value field
Type 0
2-byte global administrator subfield (ASN)
4-byte local administrator subfield
Type 1
4-byte global administrator subfield (IANA-assigned IP Address)
2-byte local administrator subfield

Inc.
Route Target Extended Community

Each VPN-IPv4 route advertised through MP-BGP
is associated with a route target community

Export policy or explicit configuration define the targets
associated with routes a PE router sends
Upon receipt of a VPN-IPv4 route, a PE router
decides whether to add that route to a VRF

Import policies or explicit configuration define which
routes to add to a given VRF
Route isolation between VRFs is accomplished
through careful policy administration

Service provider provisioning tools can determine the
appropriate export and import targets automatically

Inc.
Exchange of Routing Information (1 of 7)

VPN B
Site 1
PE-1
CE-3
VPN A
Site 1
MP-IBGP Session
CE-1
CE-2
PE-2
VRF
VRF
VRF
VRF
VPN B
Site 2
CE-4
OSPF
VPN A
Site 2
10.1/16
1
CE device advertises route to PE router

Using traditional routing techniques (for example, OSPF,
RIP, BGP, and static routes)

Inc.

VPN B
Site 1
CE-2
PE-2
PE-1
CE-3
VPN A
Site 1
MP-IBGP Session
CE-1
VRF
VRF
VRF
VRF
VPN B
Site 2
CE-4
OSPF
10458:23:10.1/16
2
IPv4 address is added to the appropriate VRF

Inc.
VPN A
Site 2
10.1/16

VPN B
Site 1
CE-2
PE-2
PE-1
CE-3
VPN A
Site 1
MP-IBGP Session
CE-1
VRF
VRF
VRF
VRF
VPN B
Site 2
CE-4
OSPF
10458:23:10.1/16
3 VPN RED Export
VRF is configured to advertise the routes in the
VRF as L3VPN routes using MP-BGP
VRF configuration adds VPN RED route target
community

Inc.
VPN A
Site 2
10.1/16

VPN B
Site 1
MP-IBGP Session
CE-1
CE-2
PE-2
PE-1
VRF
VRF
VRF
VRF
CE-3
VPN A
Site 1
VPN B
Site 2
CE-4
OSPF
10458:23:10.1/16
VPN RED Export
Label Z
Next Hop PE-2
VPN A
Site 2
10.1/16
VPN-IPv4 NLRI is advertised to other PE routers

Inner label (a.k.a VRF label, BGP label)
Extended communities
Route target
Site of origin
BGP next hop (RID of advertising PE router)

Inc.

VPN B
Site 1
CE-2
PE-2
PE-1
CE-3
VPN A
Site 1
MP-IBGP Session
CE-1
VRF
VRF
VRF
VRF
CE-4
OSPF
VPN RED Import

5
MBGP
VPN B
Site 2
10458:23:10.1/16
VPN RED Export
Label Z
Next Hop PE-2
VPN A
Site 2
10.1/16
Each PE router is configured with import route targets

Import route target is used to incorporate VPN-IPv4 routes
into VRFs selectively
If import route target matches route target attribute in BGP route, the
route is installed into the bgp.l3vpn table and copied into appropriate
VRF(s)
Based on configured route target or import policies, 10458:23:10.1/16
is copied into the red VRF but not the blue VRF

Inc.

VPN B
Site 1
VRF
VRF
VRF
VRF
10458:23:10.1/16
BGP Label (Inner) Label (Z)
MPLS (Outer) Label (y)
MBGP
VPN B
Site 2
CE-4
OSPF
VPN RED Import

6
CE-2
PE-2
PE-1
CE-3
VPN A
Site 1
MP-IBGP Session
CE-1
10458:23:10.1/16
VPN RED Export
Label Z
Next Hop PE-2
VPN A
Site 2
10.1/16
Each VPN-IPv4 route in a VRF is associated with:

Inner (VRF) label to reach the advertised NLRI (carried in
MP-BGP update)
Outer label to reach the PE router
All routes associated with the same VRF interface can
Copyright
share a common
label
Inc.

VPN B
Site 1
MP-IBGP Session
CE-1
PE-1
CE-3
VPN A
Site 1
CE-2
PE-2
VRF
VRF
VRF
VRF
VPN B
Site 2
CE-4
VPN A
Site 2
10.1/16 Next Hop PE1

7
Each IPv4 route installed in a VRF can be advertised
to the CEs associated with that VRF

For example, RIP, OSPF, and BGP
Routing policy can be used on the PE-CE link to control
the exchange of routing information further

Inc.

Traffic Forwarding

Inc.
Data Flow (1 of 7)
VPN B
Site 1
CE-1
PE-1
CE-3
VPN A
Site 1
LSP
CE-2
PE-2
VRF
VRF
VRF
VRF
VPN B
Site 2
CE-4
VPN A
Site 2
10.1/16
The PE-to-PE LSP must be in place before
forwarding data across the MPLS backbone

LSPs are signaled through LDP or RSVP

Inc.
Data Flow (2 of 7)
VPN B
Site 1
CE-2
CE-1
PE-1
VRF
VRF
VRF
VRF
CE-3
VPN A
Site 1
PE-2
IP
10.1.2.3
VPN B
Site 2
CE-4
VPN A
Site 2
10.1/16
The CE device performs a traditional IPv4 lookup and

sends packets to the PE router

Inc.
Data Flow (3 of 7)
PE-1
1) Look up route in
Red VRF
2) Push BGP label (z)
3) Push outer label (x)
VPN B
Site 1
CE-2
CE-1
PE-1
VRF
VRF
VRF
VRF
CE-3
VPN A
Site 1
PE-2
CE-4
IP
10.1.2.3
The PE router consults the appropriate VRF for
the inbound interface

Two labels are derived from the VRF route
lookup and are pushed onto the packet
Inc.
VPN B
Site 2
VPN A
Site 2
10.1/16
Data Flow (4 of 7)
PE-1
1) Look up route in
Red VRF
2) Push BGP label (z)
3) Push outer label (x)
VPN B
Site 1
CE-2
CE-1
PE-2
PE-1
VRF
VRF
VRF
VRF
CE-3
VPN A
Site 1
outer label (x)

BGP label (z)
IP
10.1.2.3
IP
10.1.2.3
VPN B
Site 2
CE-4
VPN A
Site 2
10.1/16
Packets are forwarded using two-level label stack

Outer (MPLS) label
Identifies the LSP to egress PE router

Resolves BGP next hop through inet.3
Distributed by RSVP or LDP
Inner (MP-BGP) label
Identifies outgoing interface from egress PE to CE

Copyright
2003, updates
Juniper
Networks,
Communicated
in MP-BGP
(control
plane)
Inc.
Data Flow (5 of 7)
VPN B
Site 1
PE-2
PE-1
CE-3
VPN A
Site 1
CE-2
CE-1
VRF
VRF
VRF
VRF
outer label (x)
BGP label (z)
IP
10.1.2.3
VPN B
Site 2
CE-4
VPN A
Site 2
10.1/16
After packets exit the ingress PE router, the outer label
is used to traverse the service provider

P routers are not VPN-aware

Inc.
Data Flow (6 of 7)
Penultimate
Pop top label
VPN B
Site 1
CE-2
CE-1
PE-2
PE-1
VRF
VRF
VRF
VRF
CE-3
VPN A
Site 1
VPN B
Site 2
CE-4
VPN A
Site 2
BGP label (z)

IP
10.1.2.3
10.1/16
Penultimate hop popping (before reaching the egress PE

router) removes the outer label

Inc.
Data Flow (7 of 7)
VPN B
Site 1
CE-2
CE-1
PE-1
VRF
VRF
VRF
VRF
CE-3
VPN A
Site 1
PE-2
VPN B
Site 2
CE-4
VPN A
Site 2
IP
10.1.2.3
10.1/16
The inner label is removed at the egress PE router

The native IPv4 packet is sent to the outbound
interface associated with the label

Inc.
Module Review
1. Can you define the roles of P, PE, and CE routers?
2. What is the format of VPN-IPv4 addresses?
3. What is the role of the route distinguisher?
4. Can you describe the flow of 2547bis control
information?
5. Can you explain the operation of the 2547bis
forwarding plane?

Inc.

Inc.
Introduction to Juniper Networks Routers
Module 12: Routing Policy
IJNR-6.b.6.1.2
Module Objectives
able to:
State the purpose of routing policy
Explain the difference between import and export policies
Describe the default policy for OSPF, IS-IS, and BGP
Compare route filter match types
Write multiterm policies
Correctly apply policy to BGP
Use the CLI to monitor policy operation
Describe advanced policy capabilities

Inc.
Routing Policy
Where we are going
Overview
When to use policy
Import vs. export policy
Routing policy flow
Generic policy syntax
Match conditions
Match actions
Default policies
Policy examples
Applying policy
Route filters
Advanced policy overview

Inc.
Policy Overview
Controls routing information transferred into and out of
the routing table

Can ignore or change incoming routing information
Can suppress or change outgoing routing information
Policies are made up of match/action pairs

Match conditions can be protocol specific

Inc.
When to Apply Policy

Apply policy when:
You do not want to import all learned routes into the routing
table
You do not want to advertise all learned routes to
neighboring routers
You want one protocol to receive routes from another
protocol
You want to modify information associated with a route

Inc.
Import and Export Policies

Perform policy filtering with respect to the JUNOS
software routing table

JUNOS software applies import policy prior to inclusion
in the routing table

JUNOS software applies export policy only to active
routes in the routing table
Neighbors
Neighbors
Import
Routes
Routing
Table
Export
Routes
Protocol
Protocol
PFE
Copyright
Inc.
Forwarding
Table
2003,
Juniper
Networks,
Routing Policy Flow

Policies can be chained together
Evaluation normally proceeds left to right until a
terminating action is reached
Terminating actions are accept or reject
Individual policies can contain a collection of terms

Flow control actions such as next-policy supported
Route
Policy 1
Policy 2
Term A
Term A
Accept
or Reject
Term B
Policy n
Accept
or Reject
Term A
Accept
or Reject
Default
Policy
Accept
or Reject
Term B
Accept
or Reject
Term C
Term C
Accept
Copyright
or Reject
Inc.
2003,
Accept
Accept
Juniper
Networks,
or Reject
Reject
Generic Policy Syntax

Basic policy syntax:
policy-options {
policy-statement policy-name {
term term-name {
from {
match-conditions;
}
then {
action;
}
}
}
}

Inc.
A policy
can have
multiple
terms
Match Conditions
Policies typically contain some form of match criterion
Possibilities include:
Neighbor address
Protocol (source of information)
BGP, direct, DVMRP, IS-IS, local, MPLS, OSPF,

PIM, RIP, static, aggregate
Routing protocol information
OSPF area ID
IS-IS level number
BGP attributes
Regular expression-based matches for AS path and
communities

Inc.
Match Actions
The action associated with a given term/policy is
performed for matching routes:

Terminating actions
Accept route
Reject (or suppress) route
Flow control actions
Skip to next policy
Skip to next term
Modify attributes actions
Metric
Preference
Color
Next-hop address

Inc.
Default Policies
Every protocol has a default policy
The default policy is applied implicitly at the end of the policy chain;
can be overridden with default-action statement
IS-IS and OSPF
Import: Accept all routes learned from that protocol
Technically, accept all LSPs/LSAs flooded by that protocol
Export: Reject everything
LSP/LSA flooding announces (IS-IS/OSPF) learned and local routes
RIP
Import all learned RIP routes, export nothing
RIP requires export policy to announce RIP (or other) routes
BGP
Import all routes learned from BGP neighbors
Export all active routes learned from BGP neighbors to all BGP
neighbors
EBGP-learned routes are exported to all BGP peers

IBGP-learned routes are exported to all EBGP peers (assumes logical IBGP full
mesh)

Inc.
A Policy Example
Write a policy statement at the [edit policy-
options] hierarchy:
[edit policy-options]
user@host# show policy-statement advertise-ospf
term pick-ospf {
from protocol ospf;
then accept;
}
Apply the policy to one or more routing protocol in the
import, export, or both directions:

[edit protocols bgp]
user@host# set export advertise-ospf

Inc.
Another Policy Example

Specifying multiple conditions in a from statement
means that all criteria must match before the action is
taken
[edit]
user@host# show policy-options
policy-statement isis-level2 {
term find-level2-routes {
from {
protocol isis;
Logical AND Function
level 2;
}
then accept;
}
}

Inc.
Applying Policy
You must apply policies before they can take effect
Link-state protocols (IS-IS and OSPF) have only export
filtering points
BGP and RIP support both import and export policies
[edit protocols]
user@host# show
bgp {
import bgp-import;
export bgp-export;
}
ospf {
export ospf-export;
}
Copyright
Inc.
Apply Routing Policy to BGP

BGP has three filtering points per direction:
Global
Groups of neighbors
Individual neighbors
Only the most specific policies are applied to a
particular peer
Neighbor policy overrides group and global policies
Group policy overrides global policy

Inc.
BGP Policy Application Example

[edit protocols]
user@host# show
bgp {
export local-customers;
group meganet-inc {
type external;
import [ martian-filter long-prefix-filter as-47-filter ];
peer-as 47;
neighbor 1.2.2.4;
neighbor 1.2.2.5;
}
group problem-child {
type external;
import [ as-47-filter long-prefix-filter martian-filter ];
export kill-private-addresses;
peer-as 54;
neighbor 1.2.2.6;
neighbor 1.2.2.7;
neighbor 1.2.2.8 {
import [ reject-unwanted as-666-routes ];
}
}
}

Inc.
Route Filters
Use route filters to match an individual route (or
groups of routes)
You can specify multiple route filters within a single term
General syntax in the form of:
route-filter prefix/prefix-length match-type actions;
Route filter evaluation has special rules according to
the match type

Match types specify different sets of routes:
exact
orlonger
longer
upto
through
prefix-length-range
Policy test function is useful for route-filter debugging

Inc.
Route Filter Match Types (1 of 2)

exact
Match the specified prefix and mask exactly
No other routes will be included
from route-filter 192.168/16 exact;
orlonger
Also match any routes that start with the same prefix and have longer
masks
longer
from route-filter 192.168/16 orlonger;
Do not match the specified prefix and mask exactly
Match only the routes that start with the same prefix and have longer
masks
from route-filter 192.168/16 longer;

Inc.
Route Filter Match Types (2 of 2)

upto
Also match any routes that start with the same prefix and have
a mask no longer than the second value specified
from route-filter 192.168/16 upto /24;
through
Match the first specified prefix and mask exactly
Match the second specified prefix and mask exactly
Match all prefixes directly between the two prefixes
from route-filter 192.168/16 through 192.168.16/20;
prefix-length-range
Match only routes that start with the same prefix and have a
mask between the two values specified (inclusive match)
from route-filter 192.168/16 prefix-length-range /20-/24;

Inc.
Match Types Summary

Given a starting prefix of 192.168/16, what matches with
each option?
192.168/16
192.168/16
orlonger (down to /32)
exact
192.168/16
longer (down to /32)
192.168/16
/x

Networks,
/y
prefix-length-range /x-/y
Inc.
upto
192.168/16
192.168/16
through
Route Filter Actions

term term-name {
from {
route-filter dest-prefix match-type actions;
route-filter dest-prefix match-type actions;
}
then actions;
}
LongestMatch
Lookup
Only one route filter in a given term can be considered a
match
Longest-match lookup is performed on the prefix being
evaluated
If an action is specified to a route filter, it takes effect
immediately
The global then portion of the term is ignored
If specific actions are not defined, the then portion of the term is
executed for matching prefixes

Inc.
Test Your Knowledge (1 of 2)

Which action is taken when this policy evaluates
10.0.67.43/32?
[edit policy-options policy-statement pop-quiz]
user@host# show
from {
route-filter 10.0.0.0/16 orlonger accept;
route-filter 10.0.67.0/24 orlonger;
route-filter 10.0.0.0/8 orlonger reject;
}
then {
metric 10;
accept;
}

Inc.
Test Your Knowledge (2 of 2)

Which action is taken when this policy evaluates
10.0.55.2/32?
[edit policy-options policy-statement pop-quiz]
user@host# show
from {
route-filter 10.0.0.0/16 orlonger accept;
route-filter 10.0.67.0/24 orlonger;
route-filter 10.0.0.0/8 orlonger reject;
}
then {
metric 10;
accept;
}

Inc.
Monitoring Policy Operation

Neighbors
Routes
Route
Filters
Import
Policy
Export
Policy
Routing
Table
Neighbors
Routes
Protocol
Protocol
show route receive-protocol bgp neighbor

Show routes before import policy
show route advertising-protocol bgp neighbor

Shows routes after export policy
The show route receive-protocol and show
route advertising-protocol commands:
Display routing updates received before import and after
export policy processing, respectively
Filtered routes are the exception for import policy
Question: How can you monitor the effects of your

import policy?
Inc.
Review Questions
1. What is the purpose of routing policy?
2. The terms import and export are based on the
3.
4.
5.
6.
7.
perspective of which entity within the router?

How does the default policy for OSPF differ from that
of BGP?
What types of match conditions are supported in
policy?
What types of match actions can you use in policy?
Explain the difference between applying policy at the
global, group, and peer levels of BGP.
What command would you use to monitor the effects of
your import policy?
Inc.
Lab 5: Routing Policy
Lab Objective:
Configure routing policy on your router using
JUNOS software. You will complete this lab by
configuring a policy to the RIP configuration
left in place from the last lab.

Inc.

Junosroutingoverviewall in One 140912210812 Phpapp01

Загружено:

Сведения о документе

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Junosroutingoverviewall in One 140912210812 Phpapp01

Загружено:

Авторское право:

Доступные форматы

Juniper Networks

Module 1: TCP/IP Internetworking

Copyright 2003, Juniper Networks, Inc.

role of each component

Copyright 2003, Juniper Networks,

Copyright 2003, Juniper Networks,

and wireless connections

Copyright 2003, Juniper Networks,

Copyright 2003, Juniper Networks,

Intermediate Internetworking Devices

Bridges forward broadcasts by default

Implement logical network structure (e.g., IP networks)

Copyright 2003, Juniper Networks,

Routing on a TCP/IP Network

Copyright 2003, Juniper Networks,

Role of IP and the IP Address

Copyright 2003, Juniper Networks,

Format of the IP Address

The IP address is used to identify a particular network

and host on that network

Copyright 2003, Juniper Networks,

Relationship of the IP Address to the

OSI Reference Model

Copyright 2003, Juniper Networks,

Mapping Address Layers: ARP

to a physical MAC address

(1) Requester sends

(4) Requester stores the

(3) Target host responds to

(2) ALL hosts read

Copyright 2003, Juniper Networks,

Logical Network Types

Multiple sources and

destinations "on the wire"

Copyright 2003, Juniper Networks,

Copyright 2003, Juniper Networks,

Copyright 2003, Juniper Networks, Inc.

and identify the corresponding address classes

Copyright 2003, Juniper Networks,

IP addressing scheme integral to process of routing IP

data through an internetwork

make up the Internet

Copyright 2003, Juniper Networks,

Copyright 2003, Juniper Networks,

Copyright 2003, Juniper Networks,

Primary Address Classes

Copyright 2003, Juniper Networks,

Dotted Decimal Notation

Copyright 2003, Juniper Networks,

IP Address 192.168.21.40 is a Class C address:

Copyright 2003, Juniper Networks,

First Octet Rule

First Octet Range

Copyright 2003, Juniper Networks,

First Octet Rule Examples

Copyright 2003, Juniper Networks,

part (0s) of an address

Copyright 2003, Juniper Networks,

Copyright 2003, Juniper Networks,

IPv4 Address Management Issues

rather than actual need

Copyright 2003, Juniper Networks,

networks called subnets

Class B Address: Before Subnetting