JUNOSEnterpriseRouting
byDougMarschke;HarryReynolds
Publisher:O'Reilly
PubDate:March27,2008
PrintISBN-13:978-0-596-51442-6
Pages:812
TableofContents|Index

Overview
WrittenbytheinstructorsandcreatorsoftheJNTCP-ER
CertificationExams,JUNOSEnterpriseRoutingistheonly
comprehensivebookforJuniperenterpriseandedgerouting
environments.Itofferscompletecoverageofalltheservices
availabletotheJUNOSadministrator,includingJUNOS
EnhancedServices(ES).Thisbookistheofficialstudyguidefor
allthreeJuniperEnterpriseRoutingcertificationexams,andis
highlyrecommendedreadingtopasstheexams.Withitsfieldguideemphasisonpracticalsolutions,youcaneasilytakethe
bookbeyondtheclassroomandintoworkingnetworksasa
design,maintenance,andtroubleshootingreferencepar
excellence.JUNOSEnterpriseRoutingcoversallthree
certificationexamsinthistrack:
JuniperNetworksCertifiedInternetAssociate(JNCIA-ER)
JuniperNetworksCertifiedInternetSpecialist(JNCIS-ER)
JuniperNetworksCertifiedInternetExpert(JNCIE-ER)
Withmoreservicessuchasvoice,conference,andmulticaston
theIProuterplatform,themarketforenterpriseroutersis
growingexponentially,andtheneedforcertifiedengineersto
keepupwithnetworkdevelopmentsinprotocolsandsecurityis
paramount.ForeveryonewhoworkswithJuniperenterprise
andedgeroutingenvironments,thisisamust-havebook.

JUNOSEnterpriseRouting
byDougMarschke;HarryReynolds
Publisher:O'Reilly
PubDate:March27,2008
PrintISBN-13:978-0-596-51442-6
Pages:812
TableofContents|Index

Foreword
Credits
Preface
Chapter1.IntroductiontoJUNOSEnterpriseRouting
Section1.1.JUNOSOverview
Section1.2.CLIReview
Section1.3.AdvancedCLIandOtherCoolStuff
Section1.4.Conclusion
Section1.5.ExamTopics
Section1.6.ChapterReviewQuestions
Section1.7.ChapterReviewAnswers
Chapter2.Interfaces
Section2.1.PermanentInterfaces
Section2.2.TransientInterfaces
Section2.3.InterfaceProperties
Section2.4.InterfaceConfigurationExamples
Section2.5.InterfaceTroubleshooting
Section2.6.Conclusion
Section2.7.ExamTopics
Section2.8.ChapterReviewQuestions
Section2.9.ChapterReviewAnswers

Chapter3.ProtocolIndependentPropertiesandRoutingPolicy
Section3.1.ProtocolIndependentProperties


Section3.2.RoutingPolicy
Section3.3.Conclusion
Section3.4.ExamTopics
Section3.5.ChapterReviewQuestions
Section3.6.ChapterReviewAnswers
Chapter4.InteriorGatewayProtocolsandMigrationStrategies
Section4.1.IGPOverview
Section4.2.RIPDeploymentScenario
Section4.3.IGPMigration
Section4.4.OverlayMigrationScenario:RIPtoOSPF
Section4.5.EIGRP-to-OSPFMigration
Section4.6.Conclusion
Section4.7.ExamTopics
Section4.8.ChapterReviewQuestions
Section4.9.ChapterReviewAnswers
Chapter5.BorderGatewayProtocolandEnterpriseRouting
Policy
Section5.1.WhatIsBGP?
Section5.2.InternalandExternalBGP
Section5.3.BGPandtheEnterprise
Section5.4.AsymmetricLinkSpeedSupport
Section5.5.BGPDeployment:AsymmetricLoadBalancing
Section5.6.EnterpriseRoutingPolicy
Section5.7.MultihomeBeer-Co
Section5.8.InboundPolicy
Section5.9.Conclusion

Section5.10.ExamTopics
Section5.11.ChapterReviewQuestions
Section5.12.ChapterReviewAnswers
Chapter6.AccessSecurity
Section6.1.SecurityConcepts
Section6.2.SecuringAccesstotheRouter


Section6.3.FirewallFilters
Section6.4.SpoofPrevention(uRPF)
Section6.5.MonitoringtheRouter
Section6.6.Conclusion
Section6.7.ExamTopics
Section6.8.ChapterReviewQuestions
Section6.9.ChapterReviewAnswers
Chapter7.IntroductiontoJUNOSServices
Section7.1.JUNOSServices
Section7.2.Layer2Services
Section7.3.Layer3Services
Section7.4.Layer3ServicesConfiguration
Section7.5.AdditionalServiceOptions
Section7.6.Conclusion
Section7.7.ExamTopics
Section7.8.ChapterReviewQuestions
Section7.9.ChapterReviewAnswers
Chapter8.AdvancedJUNOSServices
Section8.1.RouteTablesandNextHopServiceSets
Section8.2.IPSecVPNs
Section8.3.NAT
Section8.4.CombiningServices

Section8.5.TheLifeofaPacket
Section8.6.Conclusion
Section8.7.ExamTopics
Section8.8.ChapterReviewQuestions
Section8.9.ChapterReviewAnswers
Chapter9.ClassofService
Section9.1.WhatIsIPCoS,andWhyDoINeedIt?
Section9.2.IPDifferentiatedServices
Section9.3.M7iandJ-SeriesCoSCapabilities
Section9.4.DiffServCoSDeploymentandVerification


Section9.5.J-SeriesAdaptiveShapersandVirtualChannels
Section9.6.Conclusion
Section9.7.ExamTopics
Section9.8.ChapterReviewQuestions
Section9.9.ChapterReviewAnswers
Chapter10.IPMulticastintheEnterprise
Section10.1.WhatIsMulticast?
Section10.2.MulticastProtocols
Section10.3.PIMSparseMode:StaticRP
Section10.4.ConfigurePIMSparseModewithBootstrapRP
Section10.5.PIM-BasedAnycast-RP
Section10.6.Conclusion
Section10.7.ExamTopics
Section10.8.ChapterReviewQuestions
Section10.9.ChapterReviewAnswers
Chapter11.JUNOSSoftwarewithEnhancedServices
Section11.1.JUNOSSoftwarewithEnhancedServices
Overview

Section11.2.MigratingfromJUNOStoJUNOSSoftwarewith
EnhancedServices
Section11.3.ServiceMigrationCaseStudy:JUNOSto
JUNOSSoftwarewithEnhancedServices
Section11.4.Conclusion
Section11.5.ExamTopics
Section11.6.ChapterReviewQuestions
Section11.7.ChapterReviewAnswers
Glossary
Colophon
Index


JUNOSEnterpriseRouting
byDougMarschkeandHarryReynolds
Copyright©2008DougMarschkeandHarryReynolds.All
rightsreserved.
PrintedintheUnitedStatesofAmerica.
PublishedbyO'ReillyMedia,Inc.,1005GravensteinHighway
North,Sebastopol,CA95472.
O'Reillybooksmaybepurchasedforeducational,business,or
salespromotionaluse.Onlineeditionsarealsoavailablefor
mosttitles(safari.oreilly.com).Formoreinformation,contact
ourcorporate/institutionalsalesdepartment:(800)998-9938or

Editor:

MikeLoukides

DevelopmentalEditor:


PatrickAmes

ProductionEditor:

SumitaMukherji

Copyeditor:

AudreyDoyle

Proofreader:

MaryBrady

Indexer:

AngelaHoward

CoverDesigner:

KarenMontgomery

InteriorDesigner:

DavidFutato

Illustrator:

JessamynRead


PrintingHistory:
March2008:

FirstEdition.


NutshellHandbook,theNutshellHandbooklogo,andthe
O'ReillylogoareregisteredtrademarksofO'ReillyMedia,Inc.
JUNOSEnterpriseRouting,theimageofTengmalm'sowl,and
relatedtradedressaretrademarksofO'ReillyMedia,Inc.
Manyofthedesignationsusedbymanufacturersandsellersto
distinguishtheirproductsareclaimedastrademarks.Where
thosedesignationsappearinthisbook,andO'ReillyMedia,Inc.
wasawareofatrademarkclaim,thedesignationshavebeen
printedincapsorinitialcaps.
Whileeveryprecautionhasbeentakeninthepreparationofthis
book,thepublisherandauthorsassumenoresponsibilityfor
errorsoromissions,orfordamagesresultingfromtheuseof
theinformationcontainedherein.
ThisbookusesRepKover™,adurableandflexiblelay-flat
binding.
ISBN:978-0-596-51442-6
[M]


Foreword
In1998,JuniperNetworkslauncheditsfirstproduct,theM40
router,andindoingsosparkedaperiodofinnovationinIP
routingthatcontinuestoaccelerate.AlthoughtheM40was

designedtocarryInternettrafficforInternetserviceproviders
(ISPs),thebenefitsofIPnetworkingwerebecomingapparent
toothercompaniesaswell,andashorttimelaterJuniper
begantobuildrouterswiththespecificgoalsoftherapidly
developingIPbusinessnetworkmarketinmind.
Thebookyou'reholdingexiststohelpyouunderstandand
implementthemostcriticalelementsofbusinessnetworking
usingJuniperNetworksroutersrunningtheJUNOSoperating
system.JUNOScontainsasetofpowerfultoolsthatallow
intelligentpoliciestoreplacelargeamountsofbasic
configuration,whichgivestheengineerabrilliantlypractical
waytodeployservicesbeyondsimplerouting.JUNOS
representsthemostvaluablecontributiontonetworkingthat
Juniperhasmade:it'sreliable,flexible,secure,andsimpleto
use,andanincreasingnumbersofbusinessesarefindingthat
thesequalitiesarecompellingenoughtomovetoJuniperand
awayfromlegacy"first-generation"routersandtheirless
capableoperatingsystems.

P2.1.WhyEnterpriseRouting?
ManybookshavebeenwrittenaboutJUNOS,butthisbookis
uniqueinthatitwillprepareyoutouseJUNOSinanenterprisecentricsense.Enterpriseisatermthatequipment
manufacturersandothersusetodistinguishtheinternal
networksof"normal"businessesfromthetypicallylargerones
runbyserviceproviders,phonecompanies,andothernetwork
providers.Althoughthereare,ofcourse,similarities,everytype
ofbusinessrequiresitsownuniquesetofcapabilitiesfromits
networkinfrastructureregardlessofitssize:financial
institutionshavedifferentneedsfromthoseofretailchains,
whichthemselvesdifferfromgovernmentsanduniversities.



Enterprisebusinessnetworksarenotsimplysmallservice
providernetworks.Althoughsomeaspectsofnetworking
technology—suchasfasterinterfacesandgreaterdegreesof
reliability—continuetobeattributesofbothenvironments,their
designgoalsandoperationaltechniquesdiffergreatly.Aservice
providerusuallymaintainsanetworkforthebenefitofpaying
customerswhoproducerevenue,whereasthenetworkofan
enterprisesuchasabankhastraditionallybeenviewedasan
investmentwhoseoperationalexpenseshouldbeminimized.
Thisessentialdifferencehasmeantthatserviceprovidershave
usuallybeenseenasthecustodiansofnetworkinnovation,with
enterprisesreluctanttoinvestmorethanthebareminimumin
theirinfrastructurebecauseoftheuncertaintyofrealreturnon
theirinvestment.
Therearesignsthatthisattitudeischanging.Companiesin
virtuallyeveryindustryhaveembracedtheideathatmore
effectiveuseoftheirITinfrastructurecanmakethemmore
competitiveandefficient.Tothatend,enterpriseexecutivesare
increasinglyinterestedininnovativewaystocapitalizeontheir
investmentsindatanetworks.Thistrendismostpronouncedin
data-intensiveindustriessuchasbanking,finance,and
insurance,butitextendsintoevenlessobviousareassuchas
manufacturingandtransportation.
Serviceproviderandenterprisenetworkscontinuetobe
differentintermsoftheircustomerbaseandtheirrelationship
totechnology,butnetworkingingeneralisbecoming
increasinglyimportanttothecompetitivenessofalltypesof
companies.Someofthemostoutstandingexamplesofthe

waysthatnetworkingcanimprovebusinessfundamentalsare
thoserelatedtodevelopmentsinIProuting,andmanyofthose
developmentshaverecentlycomefromJuniperNetworks.

P2.2.WhyIsRoutingSoImportant?
RoutingisthehubaroundwhichallofIPconnectivityrevolves.
Atthesimplestlevel,routingestablishesbasicinternetwork


communications,implementsanaddressingstructurethat
uniquelyidentifieseachdevice,andorganizesindividualdevices
intoahierarchicalnetworkstructure.Traditionally,routershave
alsoservedasthemediaadaptersthathaveconnectedremote
officestotheheadquartersviaaWAN.Themostrecenttrend,
though,istoseeroutersastheintegrationplatformsforawide
varietyofnetworkenhancementssuchassecurity,policy,and
servicesthatextendthecapabilitiesofIPtosupporttelephony,
video,legacyserviceintegration,andotherapplicationsovera
convergednetwork.
Thismeanstherouterhasbecometheprimarycontrolpointin
theincreasinglycomplexnetworkenvironment,holding
responsibilityforservicequalityandsecurity,monitoringand
efficiency,andotherattributesthatallownetworkstoadd
value.Ifyoucontroltherouters,youcontrolthenetwork.This
istrueinastaticnetwork,ofcourse,butevenmoresoin
today'stypicalcaseofarapidlyevolvingenterprise,where
migrationtofullyIP-basedservicesisunderway.Thisbookwill
showyouhowyoucanuseJuniperrouterstoeasethis
migrationandarriveatamoresuccessfuloutcomewithless
workthanotherplatformswouldrequire.Thisisimportant

becausealthoughthebasicsofroutingremainsomewhatthe
same,themoreadvancedaspectsareunderconstant
development,andtheauthorshavedoneagreatjobofshowing
youhowtoaddressthecontinuallychangingenterprisenetwork
environment.
Juniperhaslongunderstoodthatconstantchangeisafactof
today'snetworks,andhasworkedtobringnewlevelsof
performance,dependability,andscalabilitytoroutingplatforms
andthesoftwarethatrunsthem.CIOsandITdepartments
realizethatbydeployingamorepowerful,flexibletoolattheir
networks'controlpoints,theyenabletheirnetworkstoaddress
newchallengesmoreeasilyandeconomically,andthat'sthe
bestwaytosupportthecompetitivenessoftheircompany.

P2.3.HowThisBookWillHelpYou


IhaveknownandworkedwithDougandHarryforyears,and
havewatchedbothofthemaddtotheirearliercareersin
telecommunicationswithoutstandingworkforJuniperandSNT.
Bothhaveextensiveexperienceintrainingandcertification,and
bothareestablishedauthorsofeducationalmaterials,course
guides,andbooksthathavehelpedthousandsofnetworking
engineersobtainknowledgetosetthemapartfromthe
competitivefield.Theirstudentsandreadershavegoneonto
formanelitegroup.
Thisbookwillservetwopurposesforyou.First,itwillallowyou
toquicklyacquiretheknowledgetosucceedinimplementing
enterprisenetworks,nomatterhowadvanced,withJuniper
Networksrouters.Second,itwillhelpyoutoproveyour

knowledgebypassingtheJuniperNetworksCertifiedInternet
Expert(JNCIE-ER)examination,oneofthemosthighly
regardedcertificationsintheindustry.Eachchapter'stutorial
trainsyouinthemostessentialelementsofthesubject,and
thereviewquestionsattheendofeachchapterallowyouto
confirmtheknowledgeyou'veacquired.DougandHarryhave
extensiveexperienceinboththepracticalandthepedagogical
componentsofthismission,andthisbookisanexcellent
exampleofhowtheoryandpracticecancometogetherinone
comprehensiveyetconcisepackage.
JuniperNetworksroutersandtheJUNOSoperatingsystemare
changingthewayITdepartmentsareregardingtheirIP
networks,allowingthemtoputgreatertrustinthecapabilities
oftheirroutinginfrastructuresandtherebydelivermuch
greatervaluetothebottomlinesoftheirorganizations.With
thisbook,DougandHarryhavedeliveredthetoolsnecessary
foreverynetworkengineertoaddvaluableknowledgeandskills
tohisprofessionalportfolio,andtohelphiscompanyreapthe
benefitsoftheenterpriseIPrevolution.Allthat'srequiredisfor
youtoacceptthechallenge!
—MattKolon
HongKong,January2008


Credits
P3.1.AbouttheLeadTechnical
Reviewers
MarioPurasisaJuniperNetworkssystemsengineer
supportingmajorenterpriseandstategovernmentaccountsin
Florida.Hehasmorethan10yearsofexperienceinthe

networkingindustry,focusingonprovidingrouting,switching,
andsecuritysolutionsforlargeenterpriseandserviceproviders.
HeisJNCIP#119-certifiedandholdsaJNCIA-FW,JNCIA-WX,
andvariousotherindustrycertifications.PriortojoiningJuniper
Networks,MarioservedintheU.S.Armyandworkedat
Metrolink,DuroCommunications,andSolunetInc.Heis
marriedtohisbestfriendof12years,Stacy.
JackW.Parkshasmorethan15yearsofexperienceinITand
hasworkedinalmosteverypositionknownintherealmofIT.
Mostrecently,hehasfocusedonenterpriseroutingand
switching,serviceproviderrouting,andMPLSandVPNs.Jack
holdsaBSinbusinessinformationsystemsfromJohnBrown
Universityandhasreceivedseveralindustrycertifications,
includingCCI#11685,JNCIS-M,JNCIA-SSL,andJNCIA-FWV.
AfterservingeightyearsintheU.S.AirForce,Jacktransitioned
intothecorporateworldworkingforserviceprovidersinthe
enterpriseandISPmarketspaces.JackiscurrentlyaJuniper
systemsengineerbasedinAtlanta.


Preface
TheworldofenterpriseroutingwithJuniperNetworksdevicesis
gettingveryexciting—newtechnologies,products,andnetwork
developmentsaremakingtheenterprisenetworkenvironment
oneofthemostdynamicplacestobe.However,we,the
authors,hopetofocusthatenergybyprovidingyouwitha
detailedandpracticalfoundationthatensureseffectiveuseof
JUNOSsoftwareinyourday-to-dayjob.
Becausewearealsoinvolvedinthedevelopmentandtestingof
certificationexams,includingthoseforenterpriserouting,this

bookdoesdoubleduty.Itisbothafieldguideandacertification
studyguide.ReaderswhoareinterestedinattainingaJuniper
Networkscertificationlevelarewisetonotethatwediscussand
covertopicsthatarerelevanttotheofficialexams(hint,hint),
andtheendofeachchapterprovidesalistingofexamination
topicscoveredaswellasaseriesofreviewquestionsthatallow
youtotestyourcomprehension.
Regardlessofone'scertificationplans,thisone-of-a-kindbook
willnotbeobsoletejustbecauseyoupassanexam.Infact,we
wrotethismaterialtoserveasafieldguidetobeusefulalmost
anytimeyoulogontoaJuniperNetworksrouter.Theextensive
useoftutorials,samplesofactualcommandoutput,and
detailedtheoreticalcoveragegowellbeyondanycertification
exam,toprovideyouwithsomethingthatcan'tbetested—
gettingthingstoworktherightway,andonthefirsttime.
WhenplanAfails,thematerialalsoprovidesthestepsneeded
tomonitornetworkoperationandquicklyidentifyandresolve
therootcauseofmalfunctions.
Astrainerswhodealwithlargenumbersofbothexperienced
andinexperiencedusersonaregularbasis,wehaveseenitall.
Withinthisguide,youwillfindthemanypearlsofour
accumulatedwisdom,anyoneofwhichcaneasilypayforthis
bookmanytimesoverinincreasednetworkuptimeand
performance.


Someofourchapterstendtobeonthelongerside,simply
becausetheyarepackedwithdetailedinformationregarding
theory,configuration,andtroubleshootingforeachtopic.Rather
thancreatemorechapters,"softbreaks"andsummarieswithin

thechaptersareusedtoidentifyboundarieswithinthematerial
thataffordaconvenientplacetotakeabreather,orasweoften
provideinourtrainingclasses,a"biologybreakandstretch."
Dog-earthepages,writenotesinthemargins,augmentthe
topologyillustrationswithsomethingmoreakintoyournetwork
—justrememberthatthisisabeastlyJUNOSbook:partexam,
parttrainingclass,partknowledgebase.It'smeanttobeused,
abused,andputtowork.Let'sgetgoing.

P4.1.WhatIsEnterpriseRouting?
Afteryou'vespentsometimeinthenetworkingfield,youtend
tonoticethatthereisrarelyasinglewaytodothings,andin
manycases,asingleprecisedefinitionforterms.Afterall,often
anetworkengineer'sbestansweris"itdepends."Suchisthe
casewithenterpriserouting,solet'sstartoffwithadefinition
question:whatisanenterprisenetwork?Isitalarge
multinationalnetworkusedbyamanufacturingcompany;isita
governmentnetworksupportingastateoracounty;isita
regionalnetworkusedbyapartsdistributor;orisitanetwork
thatsupportsyourlocaldentist'soffice?
Ofcourse,it'sprobablyallofthese,andmanymore.Atavery
highlevel,youcanstatethatanenterprisenetworkisonethat
isusedtosupportactivitiesasopposedtogeneratingrevenue,
asinaserviceprovider'snetwork.Somemightsaythatif
someonepaysyoutoaccessyournetwork,youareprovidinga
servicetohimandyou'renolongeranenterprisenetwork.But
thatsweepingstatementdoesn'treallyapplyifthatsomeoneis
payingyoutocoveryourcoststoprovidethatservice.So,as
youcansee,itdepends.
Defininganenterprisenetworkalsomanifestsitselfintohow

JuniperNetworksdefinesitsproductswithintheenterprise


world.Ontheonehand,Juniperdesignatescertainhardware
platformsasenterpriserouters,butthenmanyenterprise
networksrequiredensityandthroughputoptionsfroma
platformlistedasaserviceproviderproduct.Fromthesoftware
sideofthings,thesameissuearrives.Whereasatechnology
suchasIPSecisusedbyalltypesofnetworksaroundtheglobe,
isitusedmorebyenterprisenetworksthanbyserviceprovider
networks?Someengineerswouldansweryestothatquestion,
butthen,youcan'tsaythataserviceproviderwillneveruse
IPSec.
Fromtheperspectiveofhardwareplatforms,JuniperNetworks
hasdesignatedthefollowingasenterpriseproducts:
J-seriesrouterstoincludetheJ2300,J2320,J2350,J4350,
andJ6350
M7iandM10irouters
M120routers
However,largerenterprisenetworksmayfindplatformssuchas
theM320andMX960/480veryusefulfortheirenvironments.In
fact,thereverseisalsotrueinthatatraditionalservice
providernetworkmayverywellfindanappropriateneedand
useforplatformsdesignatedasenterpriserouters.
Thegoodnewsinallthisisthatyouhaveawell-thought-out
operatingsysteminJUNOS.TheJUNOSsoftwareisasingle
trainoffeaturesthatoperatesacrossallofthevariousrouting
platforms.So,whetheryourunanenterprisenetworkora
serviceprovidernetwork,andregardlessofyouractual
hardwareplatform,thereisasingleversionofsoftwarecodeto

load.Althoughthissinglecodetrainhaslotsofhiddenbenefits,
suchasstability,easeofexpandability,lowertotaloperational
costs,andmore,whatitreallymeansistheabilitytohavethe
samefeaturesavailableonalldevices.So,fromalearning
perspective,wecantalkaboutthesoftwareanditsfeatures
withouthavingtoconstantlycaveatourdiscussionwith"except


foronthisplatform"or"onlyontheseparticularplatforms."
Althoughsuchexceptionsdooccur,andtheyresultfrom
hardwareenhancementsthatareuniquetoaparticular
platform,thesecasestendtobeexceptionsandareinfrequent
enoughtoremember.
Throughoutthisbook,wewillattempttosimplifythediscussion
bylimitingourselvestotheJ-seriesplatformsandtheM7i
routeraswediscussthevariousfeaturesandoptionsavailable
toconfigure.Wealsofocusonthosetopicsthatthevast
majorityofenterprisenetworkscareaboutandactuallyuse.We
willalsodefineanenterprisenetworkasonethatusesan
Internetconnectionasopposedtoanetworkthatprovides
connectivitytotheInternetasitssolefunction.

P4.2.JuniperNetworksTechnical
CertificationProgram(JNTCP)
ThisbookisanofficialstudyguidefortheJNTCPEnterprise
Routingtracks.UseittoprepareandstudyfortheJNCIA-ER,
JNCIS-ER,andJNCIE-ERcertificationexams.Forthemost
currentinformationonJuniperNetworks'EnterpriseRouting
certificationtracks,visittheJNTCPwebsiteat
/>

P4.3.HowtoUseThisBook
Let'slookatsomespecificsonhowthisbookcanhelpyou.We'll
talkaboutwhatwecoverinthevariouschapters,howthebook
islaidout,andsomeresourcestohelpyoualongtheway.To
start,let'sdiscusswhatyoushouldknowbeforeyoubeginto
readthisbook.
Weareassumingacertainlevelofknowledgeonthereader's
part.Thisisimportantbecauseweareassumingyoutobe
conversantinthefollowingtopicareas:
OSImodel


TheOpenSystemsInterconnection(OSI)modeldefines
sevendifferentlayersoftechnology:Physical,DataLink,
Network,Transport,Session,Presentation,andApplication.
Thismodelallowsnetworkengineersandnetworkvendors
toeasilydiscussandapplytechnologytoaspecificOSI
level.Thissegmentationletsengineersdividetheoverall
problemofgettingoneapplicationtotalktoanotherinto
discretepartsandmoremanageablesections.Eachlevel
hascertainattributesthatdescribeitandeachlevel
interactswithitsneighboringlevelsinaverywell-defined
manner.

Switches
ThesedevicesoperateatLayer2oftheOSImodelanduse
logicallocaladdressingtomoveframesacrossanetwork.
DevicesinthiscategoryincludeEthernet,Asynchronous
TransferMode(ATM),andFrameRelayswitches.


Routers
ThesedevicesoperateatLayer3oftheOSImodeland
connectIPsubnetstoeachother.Routersmovepackets
acrossanetworkinahop-by-hopfashion.

Ethernet
Thesebroadcastdomainsconnectmultiplehoststogether
onacommoninfrastructure.Hostscommunicatewitheach
otherusingLayer2mediaaccesscontrol(MAC)addresses.

Point-to-pointlinks
ThesenetworksegmentsareoftenthoughtofasWANlinks


inthattheydonotcontainanyendusers.Often,theselinks
areusedtoconnectrouterstogetherindisparate
geographicalareas.Possibleencapsulationsusedonthese
linksincludeATM,FrameRelay,Point-to-PointProtocol
(PPP),andHigh-LevelDataLinkControl(HDLC).

IPaddressingandsubnetting
HostsusingIPtocommunicatewitheachotheruse32-bit
addresses.Humansoftenuseadotteddecimalformatto
representthisaddress.Thisaddressnotationincludesa
networkportionandahostportion,whichisnormally
displayedas192.168.1.1/24.

TCPandUDP
TheseLayer4protocolsdefinemethodsforcommunicating
betweenhosts.TheTransmissionControlProtocol(TCP)

providesforconnection-orientedcommunications,whereas
theUserDatagramProtocol(UDP)usesaconnectionless
paradigm.OtherbenefitsofusingTCPincludeflowcontrol,
windowing/buffering,andexplicitacknowledgments.

ICMP
Networkengineersusethisprotocoltotroubleshootand
operateanetworkasitisthecoreprotocolusedbytheping
andtraceroute(onsomeplatforms)programs.Inaddition,
theInternetControlMessageProtocol(ICMP)isusedto
signalerrorandothermessagesbetweenhostsinanIPbasednetwork.

JUNOSCLI


Thecommand-lineinterface(CLI)usedbyJuniperNetworks
routers,whichistheprimarymethodforconfiguring,
managing,andtroubleshootingtherouter.JUNOS
documentationcoverstheCLIindetail,anditisfreely
availableontheJuniperNetworkswebsite
().

P4.4.What'sinThisBook?
Theultimatepurposeofthisbookistobethesingle,most
completesourceforworkingknowledgerelatedtoJuniper
Networksenterpriserouting.Althoughyouwon'tfindmuch
focusonactualpacketformatsandfields,topicsforwhichthere
isalreadyplentifulcoverageontheInternetandinbookstores,
youwillfindhowtoeffectivelydeployJUNOStechnologyinyour
network.

Here'sashortsummaryofthechaptersandwhatyou'llfind
inside:

Chapter1
Thischapterprovidesanoverviewofthehardwareand
softwarearchitectureonJuniperenterpriserouters,aswell
asanoverviewoftheJUNOSCLIforbothnewand
experiencedusers.

Chapter2
ThischapterprovidesanoverviewofJUNOSinterface
organization.Thenitdivesintosomeofthemostcommon
interfacetypesandconfigurationsseeninnetworkstoday.
Finally,itconcludeswithatroubleshootingsectionwithreallifescenariosseeneveryday.


Chapter3
Thischapterprovidesacondensedbutcomprehensive
overviewofJUNOSProtocolIndependentProperties(PIPs),
suchasstaticandaggregateroute,andofroutingpolicy,
whichisusedtocontrolrouteadvertisement,redistribution,
andattributemanipulation.

Chapter4
ThischapterprovidesadetailedreviewofInteriorGateway
Protocol(IGP)operation,andthenfocusesonmultivendor
deploymentsoftheRoutingInformationProtocol(RIP)and
OpenShortestPathFirst(OSPF).Thematerialalsofocuses
onIGPmigrationstrategiesandincludesanEIGRP-to-OSPF
migrationcasestudy.


Chapter5
AfterprovidingadetailedreviewofwhattheBorder
GatewayProtocol(BGP)isandhowitcanbenefitan
enterprise,thischapterprovidesaseriesofcasestudies
thatbuildincomplexity,startingwithasinglehomed
networkwithnoInternalBGP(IBGP)speakerandending
withamultihomed-to-multiple-providersscenario,to
includearedundantIBGProutereflectiondesignthatavoids
runningIBGPonallinternalrouters.Thepolicytreatmentis
focusedonpracticalenterpriseroutinggoals,anditdetails
bothinboundandoutboundpolicythatincludes
autonomoussystem(AS)pathregexmatchingandBGP
attributemanipulation.

Chapter6
Thischapterprovidesanoverviewofalargevarietyof


securityconceptsandthetoolsavailabletodeploythem.
Thesetoolsincludeuserauthenticationandauthorization,
remoteaccess,firewallfilters,policers,UnicastReverse
PathForwarding,theSimpleNetworkManagementProtocol
(SNMP),andsyslog.

Chapter7
ThischapterprovidesanoverviewoftheLayer2andLayer
3servicesthatcanbedeployedonaJuniperNetworks
router.Layer2servicesincludefeaturessuchaslink
bundlingandGenericRoutingEncapsulation(GRE),whereas

Layer3servicesincludestatefulfirewalls,IPSec,and
NetworkAddressTranslation(NAT).Thischapteralsolays
theCLIfoundationtodiscussmorescenariosinChapter8.

Chapter8
Thischapterdivesintothecomplexscenariosofthe
featuresdiscussedinChapter7.Itwalksthroughvarious
deployedNATs,IPSecvirtualprivatenetworks(VPNs),IPSec
overGRE,andallpossibleLayer3servicescombined.

Chapter9
ThischapterprovidesanoverviewofIPclassofservice
(CoS)andincludesadetailedprimeronIPDiffServ.The
materialthendetailsthesimilaritiesanddifferencesinCoS
handlingbetweentheJ-seriesandM7irouters,whichisa
commonsourceofconfusion.ApracticalCoScasestudy
servesasthefoundationforCoSdeploymentand
operationalverification.Thechapteralsodemonstratesthe
J-series-specificVirtualChannelCoSfeature.


Chapter10
Multicasttendstoseelittledeploymentandisacommon
areaofconfusion.ThischapterdetailsIPmulticast
concepts,providesanoverviewofmulticastprotocols,and
thendemonstratesseveralPhysicalInterfaceModule(PIM)
sparsemodescenarios,toincludePIMsparsemodewith
static,bootstrap,andAnycast-RP.Throughalltheexamples,
practicalverificationandfaultisolationstepsareprovided.


Chapter11
Thishot-off-the-presschapterincludesthefirstofficial
coverageofthenewJUNOSsoftwarewithenhanced
servicesrelease.Thischaptergivesyoutheheads-up
neededtounderstandwhatJUNOSsoftwarewithenhanced
servicesoffers,howtomigratefromJUNOStoJUNOS
softwarewithenhancedservices,andthevariousthingsyou
needtoknowbeforedeployingJUNOSsoftwarewith
enhancedservices.
Inaddition,youcanalsousethisbooktoattainoneofthe
JuniperNetworkscertificationlevelsrelatedtoenterprise
routing.Tothatend,eachchapterinthebookincludesasetof
reviewquestionsandexamtopicsthathavebeencovered,allof
itdesignedtogetyouthinkingaboutwhatyou'vejustreadand
digested.Ifyou'renotinthecertificationmode,thequestions
willprovideamechanismforcriticalthinking,potentially
promptingyoutolocateotherresourcestofurtheryour
knowledge.

P4.4.1.TopologyofThisBook
FigureP4-1displaysthetopologyofthebookthatappears
beginninginChapter3.Itconsistsof11J-seriesrouters
runningversion8.0R1.9and2CiscoroutersrunningIOS
Release12.3(15b).TheCiscoroutersareprimaryemployedin


Chapter4,wheretheyareusedforbothRIPinteroperability
andaspartofanEIGRP-to-OSPFmigrationexercise.The
topologyusesonlyFastEthernetandT1interfaces;however,
otherinterfacetypesareexaminedinChapter2.Youmight

recognizethehostnamesoftherouters—theyallrelatetoa
beveragethatwascreatedmorethan7,000yearsago(with
evidencetoconsumption)inMesopotamia.Thenamesare
chosenduetotheinternationalappealoftheresultantproduct
andfortheresultantfoodvalueonly,asbeerisanexcellent
waytopreservethenutritionalvalueofgrain.
FigureP4-1.Thisbook'stopology


P4.5.ConventionsUsedinThisBook
Thefollowingtypographicalconventionsareusedinthisbook:

Italic
Indicatesnewterms,URLs,emailaddresses,filenames,file
extensions,pathnames,directories,andUnixutilities


Constantwidth
Indicatescommands,options,switches,variables,
attributes,keys,functions,types,classes,namespaces,
methods,modules,properties,parameters,values,objects,
events,eventhandlers,XMLtags,HTMLtags,macros,the
contentsoffiles,andtheoutputfromcommands

Constantwidthbold
Showscommandsandothertextthatshouldbetyped
literallybytheuser,aswellasimportantlinesofcode

Constantwidthitalic
Showstextthatshouldbereplacedwithuser-supplied

values
Thisiconsignifiesatip,suggestion,orgeneral
note.

Thisiconindicatesawarningorcaution.

P4.6.UsingCodeExamples
Thisbookisheretohelpyougetyourjobdone.Ingeneral,you
mayusethecodeinthisbookinyourownconfigurationand
documentation.Youdonotneedtocontactusforpermission