Upload
lemien
View
231
Download
4
Embed Size (px)
Citation preview
Juniper Operating System Fundamental for APNIC Training Lab APNIC Technical Workshop
June 18, 2015, APNIC Office In-house training.
Acknowledgment
• APNIC training lab facilitate hands-on training and workshop requirement for APNIC community in AP region.
• APNIC training continues its best effort to support multi vendor/open standard technology and software when deliver hands-on training.
• This presentation is prepared to support JunOS specific hands-on lab exercises in APNIC training lab.
• APNIC acknowledging Juniper Technology to use its JNCIA-Junos Study Guide and other publicly available Juniper documents to prepare this presentation.
Overview
• JunOS Operating System Fundamental
• JunOS User Interface and CLI
• Basic & Interface Configuration on APNIC Training Lab
• JunOS Routing Fundamentals & Policy Control
• Operational Monitoring and Maintenance
JunOS Fundamental
• Robust, Modular and Scalable
• Single Source Code Base
• Separate Control and Forwarding Planes
Robust, Modular and Scalable
• Run multiple software process.
• Each process controls a portion of device hardware functionality.
• Each process runs in its own protected memory space so one process cannot directly interfere with another.
• So one process failure/upgrade doesn’t require system reboot.
Single Source Code Base
• The JunOS kernel is based on the open source FreeBSD UNIX operating system.
• All Juniper device running the same JunOS use the same software source code base within their platform-specific images.
• It ensures core features work consistently across all platforms running the JunOS.
• Since many features and services use the same JunOS code so configured and management tasks are simplified.
Separate Control & Forwarding Plane
• The processes that control the routing & switching protocol parameter and forwards data frames are clearly separated in JunOS devices.
• Forwarding plane functions are mostly done based on the application-specific integrated circuits (ASICs) for increased performance.
• This design allows to tune each process for maximum performance and reliability.
• The separation of the control and forwarding planes is one of the key reasons that JunOS can support many different platforms from a common code base.
Separate Control & Forwarding Plane
Routing Engine (RE) • The control plane runs on the Routing Engine (RE) that is the brain of the
device. It is responsible for performing protocol updates and system management functions.
• RE is mainly based on X86 or PowerPC architecture, depending on the specific platform and it runs various protocol and management software processes that reside inside a protected memory environment.
• RE maintains the routing tables, bridging table, and primary forwarding table and connects to the Packet Forwarding Engine (PFE) through an internal link.
Separate Control & Forwarding Plane
Packet Forwarding Engine (PFE) • PFE receives the forwarding table (FT) from the RE by means of an internal
link and simply forwards frames, packets, or both with a high degree of stability and deterministic performance.
• The PFE usually runs on separate hardware / in many case application-specific integrated circuits (ASICs) and is responsible for forwarding transit traffic through the device.
• This architectural design makes it possible to incorporate high availability features of JunOS i.e Graceful Routing Engine Switchover (GRES), Nonstop Active Routing (NAR) etc.
Separate Control & Forwarding Plane
Forwards Traffic • The PFE is the central processing component of the forwarding
plane. • The PFE forwards traffic based on its local copy of the forwarding
table created by a regular synchronization with the RE. • PFE also implements a number of advanced services like rate
limiting, stateless firewall and other services through special interface cards that can be add to the PFE complex.
Traffic Processing Behaviour
Transit Traffic • Transit traffic defined as the traffic enters an ingress network port, compared against
the forwarding table entries, and is forwarded out an egress network port toward the final destination.
• For transit traffic a forwarding table entry must be exist to successfully forward transit traffic to that destination.
• Transit traffic passes through the forwarding plane only and is never sent to or processed by the control plane.
• Forwarding plane only processing of the transit traffic in JunOS devices can achieve predictably high performance rates.
Traffic Processing Behaviour
Exception Traffic: • Exception traffic is defined as the traffic does not pass through the local
device. It is destined to the local device and require special handling. I.e. – Packet addressed to the chassis, such as routing update packets, telnet/ssh
session to the device replies to the transit source. – IP packet with IP option field. PFE are not purposely designed to process IP option
field. – Traffic that requires the generation of Internet Control Message Protocol (ICMP)
messages. • I.e. Unreachable, TTL expire,
Traffic Processing Behaviour
Built-in Rate Limit for Exception Traffic: • In JunOS all exception traffic destined to RE are sent through an
“Internal Link” which connects the RE and PFE. • JunOS has a hardware based rate limiting on the internal link that
protects the JunOS device RE from any potential DoS attacks. • During the time of congestion JunOS device gives preference to
local and control traffic destine to RE. • This built-in rate limit is not configurable/modifiable.
Appendix Slides
For APNIC in house training only.
Juniper Product Range
Three Type of Equipment: • Routing Devices
• Switching Device
• Security/Firewall Device
Juniper Routing Product Series
Juniper Switching Product Series
Juniper Security Product Series
JunOS User Interface and CLI Hands on lab instruction provided
JunOS CLI Introduction
JunOS CLI Introduction
Switch Between Different Mode:
user> configure
[edit]
user# exit
user>
JunOS CLI Introduction
JunOS CLI Introduction Type “?” to get Available Command from the Hierarchy:
root> configure ?
Possible completions:
<[Enter]> Execute this command
batch Work in batch mode dynamic Work in dynamic database
exclusive Obtain exclusive lock
private Work in private database
| Pipe through a command
JunOS CLI Introduction
JunOS CLI Introduction
JunOS CLI Introduction
JunOS CLI Introduction Execute Command from Different Hierarchy:
JunOS CLI Introduction Execute Command from Different Hierarchy:
JunOS CLI Introduction Save Configuration and Exit:
[edit]
root@Router21# commit and-quit
root@Router21>
JunOS CLI Introduction
JunOS CLI Introduction
Check the Rollback & Restore: root# rollback ?
Possible completions:
<[Enter]> Execute this command
0 2015-06-17 12:37:31 UTC by root via cli
1 2015-06-17 12:35:15 UTC by root via cli
2 2015-06-17 12:34:33 UTC by root via cli
rescue 2015-06-17 12:36:00 UTC by root via cli
[edit]
root@Router21# rollback rescue
JunOS CLI Introduction To get a Unix shell:
root@Router21> start shell
[will support standard unix command line]
Switch to JunOS CLI:
root@Router21% cli
[Come back to JunOS command line]
Questions
APNIC Training Lab Exercises. Hands on lab instruction provided