You are on page 1of 160

Module 1:

Routing Platforms and Design

J6300

J4300

J2300

Proprietary and Confidential

www.businesscontinuity.com.mx

 Up to 2 Gbps+ performance
 T1, E1, FE, Serial, ISDN BRI, ADSL/2/2+ G.SHDSL,
DS3,E3, GE Interfaces
 4 fixed GE LAN ports, 4 PIM slots and 2
EPIM/PIM slots

 Up to 1 Gbps+ performance
 T1, E1, FE, Serial, ISDN BRI, ADSL/2/2+ G.SHDSL,
DS3,E3, GE Interfaces
 4 fixed GE LAN ports, 4 PIM slots and 2 EPIM/PIM
slots

 Up to 2XT1/E1 performance
 T1,E1,Serial Wan Interfaces
 Two fixed FE LAN ports and optional integrated
ISDN BRI backup
 Fixed configurations / not modular

J2300, J4300 & J6300 Family

J2350

J2320

Proprietary and Confidential

www.businesscontinuity.com.mx

Support for T1, E1, Synchronous Serial, ISDN BRI,


ADSL/2/2+, G.SHDSL, and Gigabit Ethernet Interfaces
Support for integrated IP Telephony*
4 fixed Gigabit Ethernet LAN ports, and 5 PIM slots
256 MB DRAM default, expandable to 1 GB DRAM
256 MB compact flash default, upgradeable to 1 GB
Hardware encryption acceleration (optional)
DC version available

Support for T1, E1, Synchronous Serial, ISDN Basic Rate Interface,
ADSL2/ADSL2+, G.SHDSL, and Gigabit Ethernet Interfaces
Support for integrated IP telephony*
4 fixed Gigabit Ethernet LAN ports, and 3 PIM slots
256 MB DRAM default, expandable to 1 GB DRAM
256 MB compact flash default, upgradeable to 1 GB
Hardware encryption acceleration (optional)

J2320, J2350 Family

J6350

J4350

Proprietary and Confidential

www.businesscontinuity.com.mx

Support for T1, E1, Fast Ethernet, Synchronous Serial, ISDN BRI,
ADSL2/ADSL2+, G.SHDSL, DS3, E3, Gigabit Ethernet Interfaces
Support for integrated IP telephony using the Avaya IG550
Integrated Gateway
4 fixed Gigabit Ethernet LAN ports, 2 PIM slots, and 4
EPIM/PIM slots
DC version available
1 GB DRAM default, expandable to 2 GB DRAM
256 MB compact flash default, upgradeable to 1 GB
Hardware encryption acceleration standard
Redundant AC or DC power supplies

Support for T1, E1, Fast Ethernet, Synchronous Serial, ISDN BRI,
ADSL2/ADSL2+, G.SHDSL, DS3, E3, Gigabit Ethernet Interfaces
Support for integrated IP telephony using the Avaya IG550 Integrated
Gateway
4 fixed Gigabit Ethernet LAN ports, 4 PIM slots, and 2 EPIM/PIM slots
DC version available
1 GB or 256 MB DRAM default, expandable to 2 GB DRAM
256 MB compact flash default, upgradeable to 1 GB
Hardware encryption acceleration (optional)

J4350 & J6350 Family

Console
Port

USB Port

Proprietary and Confidential

Power
Button

J2300 Services Router

Physical Interface
Module (PIM)

www.businesscontinuity.com.mx

LAN Ports

M10i

M7i

www.businesscontinuity.com.mx

 Up to 2 Gbps+ performance
 T1, E1, FE, Serial, ISDN BRI, ADSL/2/2+
G.SHDSL, DS3,E3, GE Interfaces
 4 fixed GE LAN ports, 4 PIM slots and 2
EPIM/PIM slots

 8.4 Gbps throughput rate (4.2-Gbps full


duplex)
 T1,E1,Serial, or G.SHDSL Wan Interfaces
 Two fixed FE LAN ports and optional
integrated ISDN BRI backup
 Fixed configurations / not modular

Proprietary and Confidential

M-series Routers

Proprietary and Confidential

www.businesscontinuity.com.mx

Enterprice Portafolio Summary

M7i

ESD
Point

Proprietary and Confidential

LAN
Ports

Routing
Engine

Physical
Interface
Module (PIM)

MGMT
Port

www.businesscontinuity.com.mx

Console
Port

Flexible PIC
Concentrator
(FPC)

RE1
RE0

M10i

Proprietary and Confidential

PICs

www.businesscontinuity.com.mx

Console
Port

FPC1

FPC0

Proprietary and Confidential

www.businesscontinuity.com.mx

 The Packet Forwarding


Engine is the central
location for the data packet
forwarding through the
router the router.

 The Routing Engine in a


Juniper Networks router is
the central location for
control of the system.

Juniper Networks Router Design

10

Proprietary and Confidential

www.businesscontinuity.com.mx

11

 The I/O Manager ASIC verifies the integrity of both the Layer 2 and Layer 3 headers.
 Provided the data packet is valid, the ASIC removes the Layer 2 header and
segments the packet into 64-byte units called a J-Cell.
 The I/O Manager ASIC sends these J-cells to the Distributed Buffer Manager ASIC for
storage in the shared memory pool.

I/0 Manager ASIC

Proprietary and Confidential

www.businesscontinuity.com.mx

12

 Every Juniper Networks router contains a single Internet Processor ASIC on the
control board in the Packet Forwarding Engine.
 The Internet Processor ASIC is the heart of the Packet Forwarding Engine. It is the
only ASIC in the forwarding path that accesses the forwarding table, performs route
lookups, and makes forwarding decisions.
 It receives notification cells from the Inbound Distributed Buffer Manager ASIC and
transforms them into result cells after performing a route lookup.

ASIC Internet Processor II

Proprietary and Confidential

www.businesscontinuity.com.mx

Scalable Control & Forwarding Plane

13

Module 3:
JUNOS Software CLI Review

14

Configuration
in text file

Candidate
configuration

Proprietary and Confidential

copy,
save

load

Configuration

Automatic
Rollback

Active
Configuration

www.businesscontinuity.com.mx

Commit

Configure

Confirmed

Configuration changes:
Made in candidate configuration
When you select Apply or OK using JWEB; written to Active
Configuration
Interim
Rollback up to 50 versions

Configuration Manipulation

15

Proprietary and Confidential

Command Line Interface (CLI) access


Console Port
Auxiliary Port
Out-of-band Ethernet Port
Console cable (9-pin female to 9-pin female)
Communications application (Hyperterminal)
Initial boot-up default configuration
Initiate the Command Line Interface

Accessing the CLI

www.businesscontinuity.com.mx

16

Proprietary and Confidential

version 8.0R2.8;
system {
services {
web-management {
http;
}
}
syslog {
file messages {
any any;
}
}
}

Factory Default

www.businesscontinuity.com.mx

 Note: If any configuration is made and


committed, auto installation is disabled.
If no IP address is configured on your fe
interface you will lose connectivity

 None of the above are viewable in the


active configuration

 IP address 192.168.1.1/24 & DHCP


server enabled fe-0/0/1

17

Proprietary and Confidential

www.businesscontinuity.com.mx

Configuration modeComplete set of commands to configure the routing


platform.

Operational modeComplete set of commands to control the CLI environment,


monitor and troubleshoot network connectivity, manage the routing platform,
and enter configuration mode.

The CLI has two modes:

CLI Overview

CLI

18

Proprietary and Confidential

Operational Mode

www.businesscontinuity.com.mx

19

Proprietary and Confidential

Context-Sensitive Help

Operational Mode

www.businesscontinuity.com.mx

20

Proprietary and Confidential

www.businesscontinuity.com.mx

21

We further complete our command with the letter c followed by the Tab key:

Command Completion

Proprietary and Confidential

www.businesscontinuity.com.mx

22

We further complete our command with the letter c followed by the Tab key:

Command Completion

Proprietary and Confidential

www.businesscontinuity.com.mx

23

As with operational mode, the router uses the prompt to visually show you that
you are in configuration mode. The > is changed into the pound character (#),
and your current level in the hierarchy is displayed above the routers
hostname. The [edit] portion of the output on Merlot tells us that we are at the
top of the configuration hierarchy.

Configuration Mode

Proprietary and Confidential

www.businesscontinuity.com.mx

You enter new information into the configuration with the set command.

Altering the Configuration

24

Proprietary and Confidential

www.businesscontinuity.com.mx

You can view the changes youve made to the configuration by issuing the
show command.

Altering the Configuration

25

Proprietary and Confidential

www.businesscontinuity.com.mx

The existing active configuration is saved on the router for future use.

Using the commit Command

26

Proprietary and Confidential

www.businesscontinuity.com.mx

If there was an error in the configuration we just committed. In that case,


the router does not implement the changes we made and supplies an error
message informing us of the problem.

Using the commit Command

27

operator
read-only
super-user
unauthorized

Login Classes

Proprietary and Confidential

www.businesscontinuity.com.mx

permissions [ clear network reset trace view ]


permissions [ view ]
permissions [ all ]
permissions [ none ]

User Authentication

28

Proprietary and Confidential

www.businesscontinuity.com.mx

[edit system login class class-name]


permissions [ permissions ];

29

Each top-level command-line interface (CLI) operational mode command and


each configuration statement is associated with an access privilege level.
Users can execute only those commands and configure and view only those
statements for which they have access privileges.

Using Permission Flags to Configure Access

Proprietary and Confidential

www.businesscontinuity.com.mx

Configuring Access Privilege Levels

30

[edit system login class class-name]


user@host# set allow-commands configure

[edit system login class class-name]


allow-command regular-expression;

Proprietary and Confidential

www.businesscontinuity.com.mx

31

Example: Configuring Access Privileges to Individual Operational Mode Commands


[edit]
system {
login {
# This login class has operator privileges and the additional ability to
# reboot the router.
class operator-and-boot {
permissions [ clear network reset trace view ];
allow-commands "request system reboot";
}

Example

Specifying Operational Mode Commands

Allowing or Denying Invidual Commands

Proprietary and Confidential

Configuring a Host name


Configuring a Domain Name
Configuring name server
Configuring root authentication
Configuring users

www.businesscontinuity.com.mx

You have just installed and turned on a router and are configuring the
JUNOS software for the first time.

Lab 1: Command Line Interface Review

32

Module 4:
Initial Configuration

33

Proprietary and Confidential

www.businesscontinuity.com.mx

34

Include the apply-groups [ group-names ] statement anywhere in the configuration


that the configuration statements contained in a configuration group are needed.

To configure configuration groups and inheritance, you can include the groups
statement at the [ edit ] hierarchy level:

Configurations Groups Configuration Statements

Proprietary and Confidential

www.businesscontinuity.com.mx

35

group-name is the name of a configuration group. You can configure more than one
configuration group by specifying multiple group-name statements. However, you
cannot use the prefix junos- in a group name because it is reserved for use by the
JUNOS software.

To create a configuration group, include the groups statement at the [edit] hierarchy
level:

Creating a Configuration Group

Proprietary and Confidential

www.businesscontinuity.com.mx

36

In this example, the Simple Network Management Protocol (SNMP) configuration is


divided between the group basic and the normal configuration hierarchy.

Example: Configuration and Applying Configurations


Groups

Proprietary and Confidential

www.businesscontinuity.com.mx

The JUNOS software follows a specific naming convention of packagemajor_version <stage>released_version-type.

JUNOS Software Naming Convention

37

Proprietary and Confidential

Upload Package

www.businesscontinuity.com.mx

38

Proprietary and Confidential

Installing Package

www.businesscontinuity.com.mx

39

Proprietary and Confidential

www.businesscontinuity.com.mx

40

Rollback with CONFIG Button


Press for approx 5 seconds and release
Rescue Configuration loaded and committed
Note : You must have created a Rescue Configuration for
this option to work and the LED will turn RED for a few
seconds
Press for approx 15 seconds and release
All configurations including Rescue are deleted red LED
Blinks, and command prompt returns you to root%
Factory configuration loaded and committed
Default behavior can be changed

Manual Configuration Recovery

Proprietary and Confidential

www.businesscontinuity.com.mx

unit - The logical portion of the interface that contains properties, such
as an IP address.

port - The location on the PIC where the interface port is located.

pic - The slot on the FPC that contains the interface.

fpc - The physical slot in the chassis where the interface is located.

media_type - A two-character designator that uniquely identifies the


type of physical interface.

Interface Naming Structure

41

Proprietary and Confidential

www.businesscontinuity.com.mx

ae Aggregated Ethernet interface


as Aggregated SONET/SDH interface
at Asynchronous Transfer Mode (ATM) interface
ds DS0 interface (including Multichannelized DS-3 interfaces)
e1 E1 interface (including Channelized STM-1 to E1 interfaces)
e3 E3 interface
es Encryption interface
fe Fast Ethernet interface
fxp Management and Internal Ethernet interfaces
ge Gigabit Ethernet interface
gr Generic Route Encapsulation tunnel interface
ip IP-over-IP encapsulation tunnel interface
lo Loopback interface
so SONET/SDH interface
t1 T1 interface (including Channelized DS-3)
t3 T3 interface (including Channelized OC-12 interfaces)

Media Type Interfaces

42

Proprietary and Confidential

The OC-48 SONET FPC in an M40 router is an


example of a quad-wide PIC. Should thisPIC
be installed in slot 6, it appears as PIC slot 0
with a single port 0. The JUNOS software
representation becomes:

When an FPC in slot 3contains four OC-12


ATM PICs, the FPC becomes fully
populated.Each PIC supports a single physical
port. The interface names when each port
has a single logicalunit assigned are:

www.businesscontinuity.com.mx

so-6/0/0.0

at-3/1/0.0
at-3/2/0.0
at-3/3/0.0

at-3/0/0.0

Interfaces Naming Examples

43

Proprietary and Confidential

1-port Channelized STM-1 PIC

2-port ATM OC-3/STM-1 PIC

Interfaces Supported

www.businesscontinuity.com.mx

4-port E1 PIC

4-port Fast Ethernet PIC

44

Proprietary and Confidential

www.businesscontinuity.com.mx

Interfaces in the JUNOS software contain both physical and logical


properties. The actual media type (such as Ethernet or SONET) often
determines the physical properties of the interface. An interfaces
logical properties represent the Layer 3 routing and Layer 2 transmission
parameters needed to operate the interface in a network.

Interfaces Properties

45

Proprietary and Confidential

Description
Diagnostic characteristics
Encapsulation
Frame check sequence (FCS)
Interface clock source
Interface MTU size
Keepalives
Payload scrambling

Physical Properties

www.businesscontinuity.com.mx

46

inet
inet6
iso
Mpls

Proprietary and Confidential

 Protocol Families

Logical Properties

www.businesscontinuity.com.mx

47

Proprietary and Confidential

www.businesscontinuity.com.mx

[edit interfaces fxp0]


user@Cabernet# set unit 0 family inet address 172.16.0.1/24
user@Cabernet# set description "This is the Ethernet management interface"

IP Version 4

Enable an Interface

48

www.businesscontinuity.com.mx

[edit interfaces]
user@Cabernet# show
inactive: fxp0 {
description " This is the Ethernet
management interface;
unit 0 {

[edit interfaces]
user@Cabernet# show
fxp0 {
description " This is the Ethernet
management interface ";
unit 0 {

Proprietary and Confidential

[edit interfaces]
user@Cabernet# deactivate fxp0

[edit interfaces]
user@Cabernet# activate fxp0

Disabling or Deactivating an Interface

49

Proprietary and Confidential

www.businesscontinuity.com.mx

[edit interfaces fxp0]


user@Cabernet# delete unit 0 family inet address 172.16.0.1/24

IP Version 4

Deleting an Interface

50

Proprietary and Confidential

Errors
Policy discards
L3 incompletes
L2 channel errors
L2 mismatch timeouts
SRAM errors
HS link CRC errors
Carrier transitions
Errors
Drops
Aged packets

show interfaces extensive

www.businesscontinuity.com.mx

Useful Interface Commands

51

Cabernet
Seconds
Time
Interface
Link
Current Delta
Statistics

monitor interface

Proprietary and Confidential

www.businesscontinuity.com.mx

Useful Interface Commands

52

show arp

Proprietary and Confidential

www.businesscontinuity.com.mx

Useful Interface Commands

53

Proprietary and Confidential

local Loopback

Loopback Testing

www.businesscontinuity.com.mx

remote Loopback

Interface Diagnostic Commands

54

BERT Testing

Proprietary and Confidential

www.businesscontinuity.com.mx

Stopping the Test

Starting the Test

Interface Diagnostic Commands

55

Proprietary and Confidential

www.businesscontinuity.com.mx

Setting an IP Address for the Router


Configuring an IPv4 Address on an Interface
Configuring an Interface Description
Using the Management Interface
Configuring Ethernet Interfaces
Dealing with Nonconfigurable Interfaces

Lab 2: Initial System Configuration

56

Module 5: Protocol
Independent Routing
Properties

57

Proprietary and Confidential

www.businesscontinuity.com.mx

It requires no convergence time and utilizes a minimum of router


resources.

A static route within the JUNOS software is a route to a destination with


an assigned next hop.
If we want to place the route into the routing table, the next hop must be
valid. This means that the router is able to forward packets using the next
hop.

Static Routes

58

Proprietary and Confidential

Example of static route use.

Static Routes

www.businesscontinuity.com.mx

59

Proprietary and Confidential

Static routes in a service provider.

www.businesscontinuity.com.mx

Using a static route when you have a single physical connection is a valid
consideration.

Static Routes

60

Proprietary and Confidential

www.businesscontinuity.com.mx

Directly connected IP address An IP address belonging to a physically


connected subnet is often used as the next hop for a static route. The
interface connected to the remote router is used to forward user packets.
Remote IP address You can also use any known IP address in the network
as a next hop. The local router performs a recursive lookup in the inet.0
routing table to find a physical next hop to the configured address. You
enable this functionality by adding the resolve keyword when defining the
IP address.
Reject The value reject is a configured null value. Route lookups that
match a static route with a reject next hop are dropped.
Discard The value discard is also a configured null value. Route lookups
matching this nexthop value are also dropped.

next-hop Options

61

Proprietary and Confidential

routing-options {
static {
defaults {
static-options;
}
route destination-prefix {
next-hop next-hop;
qualified-next-hop address {
metric metric;
preference preference;
}
lsp-next-hop lsp-name{
metric metric;
preference preference;
}
static-options;
}
}
}

Static Routes Attributes

www.businesscontinuity.com.mx

62

preference
Readvertise
retain

community

install

metric

Proprietary and Confidential

www.businesscontinuity.com.mx

passive

as-path

no-install

no-readvertise

active

63

Some of the options available for configuration on a static route are outlined here. Not
every route requires the configuration of each attribute.

Static Routes Attributes

Proprietary and Confidential

www.businesscontinuity.com.mx

64

[edit routing-options]
user@Chardonnay# show
static {
route 192.168.16.0/24 next-hop 1.1.1.1;
}

[edit routing-options]
user@Chardonnay# set static route 192.168.16/24 next-hop 1.1.1.1

Configuration Examples

Proprietary and Confidential

www.businesscontinuity.com.mx

inet.0: 13 destinations, 15 routes (13 active, 0 holddown, 0 hidden)


+ = Active Route, - = Last Active, * = Both
192.168.16.0/24 *[Static/5] 00:03:58
> to 1.1.1.1 via fe-0/0/0.0
192.168.32.0/24 *[Static/5] 00:01:14
> to 1.1.1.1 via fe-0/0/0.0
192.168.48.0/24 *[Static/5] 00:01:14
> to 1.1.1.1 via fe-0/0/0.0

user@Chardonnay> show route protocol static

We configure the routes for 192.168.32.0 /24 and 192.168.48.0 /24 in a similar manner.
Once completed, the routing table looks like this:

Configuration Examples

65

Proprietary and Confidential

192.168.16.0/24 *[Static/200] 00:03:58


> to 1.1.1.1 via fe-0/0/0.0
192.168.32.0/24 *[Static/200] 00:01:14
> to 1.1.1.1 via fe-0/0/0.0
192.168.48.0/24 *[Static/200] 00:01:14
> to 1.1.1.1 via fe-0/0/0.0

www.businesscontinuity.com.mx

inet.0: 13 destinations, 15 routes (13 active, 0 holddown, 0 hidden)


+ = Active Route, - = Last Active, * = Both

We check our routing table and see that our change took effect:
user@Chardonnay> show route protocol static

[edit routing-options]
user@Chardonnay# set static defaults preference 200

Configuration Floating Static Examples

66

Proprietary and Confidential

www.businesscontinuity.com.mx

* We are only covering unicast routes

Routing Tables
inet.0 - UniCast Routes *
inet.1 Multicast forwarding cache
inet.2 - MBGP RPF
inet.3 - MPLS Path
inet6.0 - IPv6 Routes
mpls.0 MPLS next hops

JUNOS Software Route Table

67

Proprietary and Confidential

www.businesscontinuity.com.mx

Next hop information When multiple next hops exist, the routing table selects a single next hop
to be placed in the forwarding table. Multiple next-hop values can be placed in the forwarding
table.

Protocol preference Protocol preference. This preference value assists the routing table in
selecting the active route when more than one version of a route exists.

Protocol name This name tells you how the routing table learned the route. This name is also
used by routing policies to advertise and filter routes.

Route status active route (+)


last active route ()
both (*)
inactive routes (no icon is used).

Table inet.0

68

Proprietary and Confidential

Table inet.0

www.businesscontinuity.com.mx

69

Proprietary and Confidential

www.businesscontinuity.com.mx

JUNOS Software Preference Values

70

Module 6: Routing Policy

71

Proprietary and Confidential

www.businesscontinuity.com.mx

Although it is tempting to jump right into configuring routing policies, we first


need to understand why policies are needed and how they are implemented. In
this section, we review the purpose of routing tables, the selection process for
active routes, and reasons for modifying the selection process. After that, we
consider how routing policies affect the routers view of the network.

What is a Routing Policy?

72

Proprietary and Confidential

www.businesscontinuity.com.mx

Using the default behavior of routing protocols is certainly enough to maintain


connectivity in a simple network, but what happens when the network grows in
complexity? A single protocol often cannot maintain enough information to ensure
that all routers are utilizing the best paths available.

Why Modify the Routing Table?

Routing Policy

73

Proprietary and Confidential

www.businesscontinuity.com.mx

Modifying the Default Protocol Route Selection

74

Policy Processing

Proprietary and Confidential

accept
reject
next policy

Forming a Policy

www.businesscontinuity.com.mx

75

Proprietary and Confidential

Forming a Policy

www.businesscontinuity.com.mx

76

Proprietary and Confidential

Multiterm Policy

www.businesscontinuity.com.mx

77

Proprietary and Confidential

www.businesscontinuity.com.mx

The match conditions available within the JUNOS software provide numerous
ways to identify routes of interest. All of the criteria will be defined using either
the from or the to syntax.

from and to

78

Proprietary and Confidential

Match criteria

www.businesscontinuity.com.mx

79

Proprietary and Confidential

www.businesscontinuity.com.mx

lets say that you wanted to accept all BGP routes from neighbor 1.1.1.1 only if the
routes have a MED value of 10. You could configure a policy that looks like the
following:

Defining Multiple Criteria

80

Proprietary and Confidential

www.businesscontinuity.com.mx

lets say that you wanted to accept all BGP routes from neighbor 1.1.1.1 only if the
routes have a MED value of 10. You could configure a policy that looks like the
following:

Route Filters

81

Proprietary and Confidential

www.businesscontinuity.com.mx

Setting an IP Address for the Router


Configuring an IPv4 Address on an Interface
Configuring an Interface Description
Using the Management Interface
Configuring Ethernet Interfaces
Dealing with Nonconfigurable Interfaces

Lab 2: Initial System Configuration

82

Module 7: RIP

83

RIPv1 sends messages to the broadcast address (255.255.255.255) on broadcast-capable


networks such as Ethernet. This means the RIP messages are sent to all devices on the
subnetincluding the RIP routers and all other hosts on the subnet, many of which do not
need the information.

RIP sends routing update messages at regular intervals (30 seconds) and when warranted by
network topology changes.

84

The metric (hop count) is a measure of the distance from the source of the update to the
destination network. Each hop in the path is assigned a value, which is typically 1. Most
implementations (including the JUNOS software) let you alter this value.

www.businesscontinuity.com.mx

RIP routers exchange packets with their neighbors; the packets contain network addresses
and an associated metric, or hop count, to reach those addresses.

Proprietary and Confidential

RIP routers use UDP (User Datagram Protocol) port 520 to send messages to their
neighbors.

RIP Features

Proprietary and Confidential

www.businesscontinuity.com.mx

Counting to infinity: initial route advertisements.

Infinity Metric

85

Proprietary and Confidential

www.businesscontinuity.com.mx

Counting to infinity: a routing loop is formed.

Infinity Metric

86

Proprietary and Confidential

www.businesscontinuity.com.mx

Response Messages
In response to a Request message generated by the local router.
A regular (unsolicited) Response message sent by a neighbor.
A triggered update Response message sent by a neighbor.

87

Request Messages
The purpose of a Request message is to ask for all or some part of the local routers
current routing table. An optimum time to observe a Request message is when a
router first boots up or its routing process is restarted.

RIP routers can receive two types of messages from their neighbors: Request
messages and Response messages. Each of these message types performs a specific
function.

Input Processing

RIP Operations

Proprietary and Confidential

Resulting from a network topology change

www.businesscontinuity.com.mx

Expiration of the Update timer every 30 seconds.

Processing of a Request message

88

A router may send a Response message to a neighbor in response to the following


triggers:

Output Processing

RIP Operations

Proprietary and Confidential

Resulting from a network topology change

www.businesscontinuity.com.mx

Expiration of the Update timer every 30 seconds.

Processing of a Request message

89

A router may send a Response message to a neighbor in response to the following


triggers:

Output Processing

RIP Operations

Proprietary and Confidential

Split Horizon
Split Horizon with Poisoned Reverce

Stability Features

www.businesscontinuity.com.mx

90

Triggered Updates
Hold-Downs
Timers

Proprietary and Confidential

Stability Features

www.businesscontinuity.com.mx

91

www.businesscontinuity.com.mx

Noncontiguos networks that are not visible

Classfull Routing Protocol

Noncontiguous networks that are not visible

Classful routing protocol

Proprietary and Confidential

Nonhierarchical design

Suboptimal routing

Slow convergence

Small hop count limit

Scalability

Limitations

92

RIPv1 packet format

Proprietary and Confidential

Packet Types

www.businesscontinuity.com.mx

93

RIPv2 packet format

Proprietary and Confidential

Packet Types

www.businesscontinuity.com.mx

94

Proprietary and Confidential

Next hop address

Route tag

Authentication

Multicast announcesments

VLSM support

RIPv2 Extensions

www.businesscontinuity.com.mx

95

Proprietary and Confidential

www.businesscontinuity.com.mx

Minumum RIP Configuration

96

Proprietary and Confidential

www.businesscontinuity.com.mx

Minumum RIP Configuration

97

Proprietary and Confidential

Applying Export Policy

www.businesscontinuity.com.mx

98

Proprietary and Confidential

Applying Import Policy

www.businesscontinuity.com.mx

99

Proprietary and Confidential

www.businesscontinuity.com.mx

Modifiying the Outgoing Metric

100

MD5 authentication

Proprietary and Confidential

Simple authentication

www.businesscontinuity.com.mx

Configuring Authentication

101

Proprietary and Confidential

www.businesscontinuity.com.mx

102

To have your RIP systems communicate with the rest of your network, you enable
RIP on each interface that is directly connected to a RIP neighbor. You do this by
defining a group in which you identify each RIP device by the name of the
interface that is directly connected to the RIP device. In this example, the Fast
Ethernet interface fe-0/0/0 is the connection to your RIP device.

Lab 3: RIP

Module 8: OSPF

103

Proprietary and Confidential

Forming Adjacencies

www.businesscontinuity.com.mx

104

Proprietary and Confidential

www.businesscontinuity.com.mx

The first step in building an OSPF network is advertising the networks connected to
the local router. This information is contained in the router LSA, type code 1, which
displays data about the local router. This includes all links connected to the router,
the metrics of those interfaces, and the OSPF capabilities of the router.

The Router LSA

105

Proprietary and Confidential

Flooding the router LSA

www.businesscontinuity.com.mx

106

Proprietary and Confidential

Router Types
Internal router
Backbone router
Area Border Router
Autonomous System boundary router

OSPF Area

www.businesscontinuity.com.mx

107

show ospf interface

Proprietary and Confidential

www.businesscontinuity.com.mx

108

Once youve committed your configuration to the router and returned to the user
operational mode, you may find that the network isnt quite right. Configuration
issues often appear as problems with your OSPF interfaces and neighbors. We have
the ability to verify these issues within the software.

Troubleshooting Your Configuration

Proprietary and Confidential

www.businesscontinuity.com.mx

109

Once you are certain the interfaces are properly assigned and operational, you should
check the status of the neighbors adjacency by using the show ospf neighbor
command:

show ospf network

Troubleshooting Your Configuration

Proprietary and Confidential

www.businesscontinuity.com.mx

110

The show ospf database command is an excellent tool in troubleshooting OSPF. If the information
is not in the database, it will not appear in the routing table. The output shows summary
information about each LSA on a per-area basis:

show ospf network

Troubleshooting the Routing Protocol

Proprietary and Confidential

www.businesscontinuity.com.mx

111

The show ospf database command is an excellent tool in troubleshooting OSPF. If the information
is not in the database, it will not appear in the routing table. The output shows summary
information about each LSA on a per-area basis:

clear ospf database

Troubleshooting the Routing Protocol

Proprietary and Confidential

www.businesscontinuity.com.mx

112

The show ospf database command is an excellent tool in troubleshooting OSPF. If the information
is not in the database, it will not appear in the routing table. The output shows summary
information about each LSA on a per-area basis:

clear ospf database

Troubleshooting the Routing Protocol

Proprietary and Confidential

www.businesscontinuity.com.mx

113

The show ospf database command is an excellent tool in troubleshooting OSPF. If the information
is not in the database, it will not appear in the routing table. The output shows summary
information about each LSA on a per-area basis:

clear ospf log

Troubleshooting the Routing Protocol

show ospf log

Proprietary and Confidential

www.businesscontinuity.com.mx

Troubleshooting the Routing Protocol

114

Proprietary and Confidential

www.businesscontinuity.com.mx

115

The show ospf statistics command displays counters based on the OSPF packet type.
Boththe total number of packets and the number in the last 5 seconds is shown.

show ospf statistics

Troubleshooting the Routing Protocol

Proprietary and Confidential

www.businesscontinuity.com.mx

116

The show ospf route command displays the results of the SPF algorithm. These are the routes that
OSPF is handing off to the routing table. Each destination route includes a type (internal versus
external), the LSA type used to find the route, a metric, and an outgoing interface name or IP
address:

show ospf route

Viewing OSPF Routes

Proprietary and Confidential

show route protocol ospf

Viewing OSPF Routes

www.businesscontinuity.com.mx

117

Proprietary and Confidential

The show route protocol ospf


command displays routes after
they have been placed in the
routing table. As such, each
route is displayed in a similar
format to routes from other
protocols.

show route protocol ospf

Viewing OSPF Routes

www.businesscontinuity.com.mx

118

Proprietary and Confidential

Lab 3: OSPF

www.businesscontinuity.com.mx

119

Module 9: IS-IS

120

Proprietary and Confidential

www.businesscontinuity.com.mx

121

Level 2
Two IS-IS routers form an adjacency and share database information when both ends of
their common link are configured for Level 2. Lets take a look at Figure.

IS-IS Levels

Proprietary and Confidential

www.businesscontinuity.com.mx

122

Level 1
The requirements for a Level 1 adjacency are a bit different. Two IS-IS routers form an
adjacency when each end of the common network link is configured for Level 1 and the
IS-IS area value of each router is identical.

IS-IS Levels

Proprietary and Confidential

www.businesscontinuity.com.mx

123

Reject Upon an authentication failure, an IS-IS router will transition between this state and the Down
state.

Down This represents a nonfunctioning adjacency. An IS-IS router moves to this state for one of several
reasons, including area mismatches, expiration of the hold time, and authentication failures.

Up This is a fully functioning state for IS-IS. An adjacency relationship is formed and the databases have
been exchanged.

Initializing When a local router sees itself in a neighbors hello, it transitions to this state. This state shows
that bidirectional communications are established.

One-Way Your IS-IS router transitions to this state after sending an IS-IS Hello PDU. In addition, any
received hellos do not contain the local routers address as a neighbor.

New This state is seen when the IS-IS adjacency process is just beginning. Start events could include
router boot-up or initial configuration.

IS-IS Adjacency States

Proprietary and Confidential

www.businesscontinuity.com.mx

General IS-IS Information Exchange

124

Proprietary and Confidential

www.businesscontinuity.com.mx

Designated Intermediate System

125

Proprietary and Confidential

www.businesscontinuity.com.mx

Configuration Commands

126

Proprietary and Confidential

www.businesscontinuity.com.mx

Configuration Physical Interface

127

Proprietary and Confidential

Configuring Protocol

www.businesscontinuity.com.mx

128

Proprietary and Confidential

Configuring Protocol

www.businesscontinuity.com.mx

129

show isis adjacency

Proprietary and Confidential

Configuring Protocol

www.businesscontinuity.com.mx

130

Proprietary and Confidential

show isis adjacency detail

Configuring Protocol

www.businesscontinuity.com.mx

131

clear isis adjancency

Proprietary and Confidential

Configuring Protocol

www.businesscontinuity.com.mx

132

show isis interface

Proprietary and Confidential

Configuring Protocol

www.businesscontinuity.com.mx

133

show isis interface

Proprietary and Confidential

Configuring Protocol

www.businesscontinuity.com.mx

134

show isis spf log

Proprietary and Confidential

Configuring Protocol

www.businesscontinuity.com.mx

135

show isis statistics

Proprietary and Confidential

Configuring Protocol

www.businesscontinuity.com.mx

136

show isis route

Proprietary and Confidential

www.businesscontinuity.com.mx

137

Verification and Troubleshooting Commands

Proprietary and Confidential

Lab 4: IS-IS

www.businesscontinuity.com.mx

138

Module 10: BGP

139

Proprietary and Confidential

www.businesscontinuity.com.mx

140

BGP exchanges its routing information between two routers, called peers or neighbors.
This connection is logical in nature and relies on the establishment of a TCP session
between thepeers. The session is established across a direct physical link or a number
of intermediate links.

Peers

Proprietary and Confidential

www.businesscontinuity.com.mx

141

When two BGP routers are in different AS networks, the session between them is
considered an external BGP (EBGP) connection. By default, an EBGP connection is
formed between directly connected peers.

External BGP Sessions

Proprietary and Confidential

www.businesscontinuity.com.mx

142

The connection of two BGP routers within the same AS is called an internal BGP
(IBGP) connection. Unlike the EBGP variety, there is no requirement for physical
connectivity betweenIBGP peers.

Internal BGP Sessions

Proprietary and Confidential

Adjacency-RIB-in
Local-RIB
Adjacency-Out

Routing Information Bases

Idle
Connect
Active
OpenSent
OpenConfirm
Estableshed

www.businesscontinuity.com.mx

Establishing Relationships

143

Proprietary and Confidential

Assigning an AS Number

www.businesscontinuity.com.mx

144

Proprietary and Confidential

www.businesscontinuity.com.mx

Configuring an EBGP peer Session

145

Proprietary and Confidential

www.businesscontinuity.com.mx

Configuring an IBGP peer Session

146

show bgp summary

Proprietary and Confidential

www.businesscontinuity.com.mx

Verifying Your BGP Sessions

147

show bgp group

Proprietary and Confidential

www.businesscontinuity.com.mx

Verifying Your BGP Sessions

148

show bgp neighbor

Proprietary and Confidential

www.businesscontinuity.com.mx

Verifying Your BGP Sessions

149

show bgp neighbor

Proprietary and Confidential

www.businesscontinuity.com.mx

Verifying Your BGP Sessions

150

Proprietary and Confidential

Lab 4: BGP

www.businesscontinuity.com.mx

151

Module 11: Overview of


Troubleshooting

152

boot: -s <====== Type "-s"

>> BOOT @ 0x10000: 639/64512 k of memory, serial/dual console


Boot default: 0:wd(0,a)kernel
Usage: bios_drive:interface(unit,partition)kernel_name options
interface fd, wd or sd
unit
0, 1, ...
partition a, c, ...
kernel_name name of kernel, or ? for list of files in root directory
options -c (userconfig) -s (single user) -v (verbose)
-D (dual consoles) -h (alternate console) -P (probe kbd)

Obtain console access


Power off the system and boot it up in single user mode. This is done by typing "-s" at the boot: prompt.

Proprietary and Confidential

/usr/libexec/ui/recovery-mode

www.businesscontinuity.com.mx

3. Next, the system will run the normal bootup process. When prompted for "pathname" enter:

1.
2.

Password Recovery JUNOS 4.X.

153

Proprietary and Confidential

[edit]
root# commit and-quit
commit complete
Exiting configuration mode

[edit]
root# delete system root-authentication

root> configure
Entering configuration mode

www.businesscontinuity.com.mx

5. Enter configuration mode and edit or delete the root authentication password.

4. The system will finish booting up and display the "root>" prompt.
NOTE: the system
Starting CLI ...
root>

Enter pathname of shell or RETURN for sh: /usr/libexec/ui/recovery-mode

This will run a script for PW recovery.

Password Recovery JUNOS 4.X.

154

Proprietary and Confidential

www.businesscontinuity.com.mx

System watchdog timer disabled


Jan 1 00:36:47 init: /etc/spwd.db: No such file or directory
Enter full pathname of shell or RETURN for /bin/sh:

3. Enter the shell:

Type '?' for a list of commands, 'help' for more detailed help.
ok boot -s

2. Enter into single-user mode:

< Press the space bar at this point >

Hit [Enter] to boot immediately, or any other key for command prompt.
Booting [kernel] in 9 seconds...

1. From console, interrupt the boot routine:

Password Recovery JUNOS 5.X.

155

Proprietary and Confidential

# /usr/libexec/ui/recovery-mode

5. Enter recovery mode:

www.businesscontinuity.com.mx

NOTE: to go to multi-user operation, exit the single-user shell (with ^D)


# cd /packages
# ./mount.jbase
Mounted jbase package on /dev/vn1...
# ./mount.jkernel
Mounted jkernel package on /dev/vn2...
# ./mount.jroute
Mounted jroute package on /dev/vn3...

4. Mount the virtual file systems (for JUNOS 5.4 and above, it is not necessary to mount the jbase
package, however the other packages still need to be mounted):

Password Recovery JUNOS 5.X.

156

Proprietary and Confidential

[edit]
root@router# exit
Exiting configuration mode

[edit]
root # commit
commit complete

7. Commit the changes, and exit configuration mode

[edit]
root# set system root-authentication plain-text-password
New password:
Retype new password:

root> configure
Entering configuration mode

www.businesscontinuity.com.mx

6. Enter configuration mode and change the root authentication password:

Password Recovery JUNOS 5.X.

157

Proprietary and Confidential

soporte@businesscontinuity.com.mx
eespinosa@businesscontinuity.com.mx

bc@lab> show log messages | no-more

bc@lab> request support information | no-more

BC & JTAC Procedures

www.businesscontinuity.com.mx

158

Proprietary and Confidential

www.businesscontinuity.com.mx

M10i Router Installation and Hardware Replacement


http://www.juniper.net/training/elearning/m10i.html

M7i Router Installation and Hardware Replacement


http://www.juniper.net/training/elearning/m7i.html

J4350 and J6350 Hardware Installation and Configuration


http://www.juniper.net/training/elearning/j4350.html

Additional Informaton

159

Proprietary and Confidential

www.businesscontinuity.com.mx

160

The Release Notes describe the documentation for the routing platforms and known
problems with the software. JUNOS software runs on all Juniper Networks J-series,
M-series, MX-series, and T-series routing platforms. You can also find these release
notes on the Juniper Networks Technical Publications Web page, which is located at
http://www.juniper.net/techpubs/.

Managing Informaton