www.it-ebooks.info www.it-ebooks.info Juniper MX Series Douglas Richard Hanks, Jr and Harry Reynolds Beijing • Cambridge • Farnham • Kưln • Sebastopol • Tokyo www.it-ebooks.info Juniper MX Series by Douglas Richard Hanks, Jr and Harry Reynolds Copyright © 2012 Douglas Hanks, Jr., Harry Reynolds All rights reserved Printed in the United States of America Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472 O’Reilly books may be purchased for educational, business, or sales promotional use Online editions are also available for most titles (http://my.safaribooksonline.com) For more information, contact our corporate/institutional sales department: 800-998-9938 or corporate@oreilly.com Editors: Mike Loukides and Meghan Blanchette Development Editor: Patrick Ames Production Editor: Holly Bauer Copyeditor: Absolute Service, Inc Proofreader: Rachel Leach October 2012: Indexer: Bob Pfahler Cover Designer: Karen Montgomery Interior Designer: David Futato Illustrator: Rebecca Demarest First Edition Revision History for the First Edition: 2012-09-24 First release See http://oreilly.com/catalog/errata.csp?isbn=9781449319717 for release details Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of O’Reilly Media, Inc Juniper MX Series, the image of a tawny-shouldered podargus, and related trade dress are trademarks of O’Reilly Media, Inc Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks Where those designations appear in this book, and O’Reilly Media, Inc., was aware of a trademark claim, the designations have been printed in caps or initial caps While every precaution has been taken in the preparation of this book, the publisher and authors assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein ISBN: 978-1-449-31971-7 [LSI] 1348575579 www.it-ebooks.info Dedicated to my wife and my parents You guys are the best Love you —Douglas www.it-ebooks.info www.it-ebooks.info I would like to acknowledge my wife, Anita, and our two lovely daughters, Christina and Marissa, for once again understanding and accommodating my desire to engage in this project And thanks to Doug, that plucky young lad who managed to goad me into engaging in this project when my day job was already rather action-packed A special thanks to my manager, Andrew Pangelinan at Juniper Networks, for his understanding and support in this project —Harry www.it-ebooks.info www.it-ebooks.info Table of Contents About the Authors xv Preface xvii Juniper MX Architecture Junos One Junos Software Releases Three Release Cadence Software Architecture Daemons Routing Sockets Juniper MX Chassis MX80 Midrange MX240 MX480 MX960 Trio Trio Architecture Buffering Block Lookup Block Interfaces Block Dense Queuing Block Line Cards and Modules Dense Port Concentrator Modular Port Concentrator Packet Walkthrough Modular Interface Card Network Services Switch and Control Board 3 11 13 14 17 18 20 21 24 25 26 27 28 30 30 31 32 41 44 46 47 vii www.it-ebooks.info Ethernet Switch Switch Fabric J-Cell MX Switch Control Board Enhanced MX Switch Control Board MX2020 Architecture Summary Chapter Review Questions Chapter Review Answers 48 52 55 57 60 61 61 67 69 70 Bridging, VLAN Mapping, IRB, and Virtual Switches 71 Isn’t the MX a Router? Layer Networking Ethernet II IEEE 802.1Q IEEE 802.1QinQ Junos Interfaces Interface Bridge Configuration Basic Comparison of Service Provider versus Enterprise Style Service Provider Interface Bridge Configuration Tagging Encapsulation Service Provider Bridge Domain Configuration Enterprise Interface Bridge Configuration Interface Mode VLAN Rewrite Service Provider VLAN Mapping Stack Data Structure Stack Operations Stack Operations Map Tag Count Bridge Domain Requirements Example: Push and Pop Example: Swap-Push and Pop-Swap Bridge Domains Learning Domain Bridge Domain Modes Bridge Domain Options Show Bridge Domain Commands Clear MAC Addresses MAC Accounting Integrated Routing and Bridging viii | Table of Contents www.it-ebooks.info 71 73 73 74 75 77 80 80 83 84 87 91 94 94 97 99 99 100 103 106 107 107 109 111 112 115 131 135 137 139 141 switch fabric planes, 53–55 N NAT (Network Address Translation) about, 601 Destination NAT (DNAT) configuration, 618–621 service sets, NAT components in creating, 604–605 interface style service sets, 613–618 next-hop style implementation, 605– 613 rules, components in creating, 608 SNAT rule, with interface-style service sets, 615–617 SNAT rule, with next-hop style service sets, 608–611 traffic directions, 618 types of, 601 nesting filters, 198 next-header, as bane of stateless filters, 260– 261 Network Address Translation (NAT) about, 601 Destination NAT (DNAT) configuration, 618–621 service sets, NAT components in creating, 604–605 interface style service sets, 613–618 next-hop style implementation, 605– 613 rules, components in creating, 608 SNAT rule, with interface-style service sets, 615–617 SNAT rule, with next-hop style service sets, 608–611 traffic directions, 618 services inline interface, 603–604 Network Instruction Set Processor (NISP), 25 network services line cards and, 46 options for, 46–47 Network-layer Reachability Information (NLRI), 295 next-header nesting, as bane of stateless filters, 260–261 next-hop-group modifier, nonterminating action, 172 next-term modifier, flow control action, 172– 173 NISP (Network Instruction Set Processor), 25 NLRI (Network-layer Reachability Information), 295–296 nonterminating action, 170 NSB (Nonstop Bridging) about, 722, 741, 767–768 configuring, 783–785 Layer state and, 768–769 support for, 769 troubleshooting verifying problems, 808– 813 verifying, 786–808 NSR (Nonstop Routing) about, 722, 741 BFD and, 771–772 BFD support for, 770–772 caution about using, 776–781 configuring, 783–785 for R2 VCP Interface, 567 debugging tools, 784–785 /GRES event, statistics kept during, 274 ISSU and, 761 PIM and, 774–775 protocol replication and, 762–767 RSVP-TE LSPs and, 775–776 support for, 769–770 tips for switchover, 781–782 verifying, 786–808 about, 786 BGP replication, 794–796, 798–800 confirm pre-NSR replication state, 793 confirming pre-NSR protocol state, 789– 793 IS-IS replication, 797–798 Layer verification, 800–807 perform NSR, 808 troubleshooting problems, 808–813 VRRP and, 776 O One Junos, Open Systems Interconnection (OSI) model seven-layer, Layer network in, 73 operation verification, port-level, 408 Operational and Business Support Systems (OSS/BSS), virtual chassis and, 538, 540, 543 856 | Index www.it-ebooks.info OSI (Open Systems Interconnection) model seven-layer, Layer network in, 73 OSPF routing protocol and OSPFv3, graceful restart enabled for, 748 basic information about, xviii configuring GR for, 751–752 GR operation in, 741–747 hello packets, 725, 745–747, 752 verifying GR for, 752–760 OSS/BSS (Operational and Business Support Systems), virtual chassis and, 538, 543 output interface filters, 197 output-vlan-map function about, 103–105 options, 105 vs input-vlan-map, 106 overhead-accounting option, 429–430 oversubscription, intelligent, 331–333 P packet flow, filter processing and, 213–214 Packet Forwarding Engines (PFEs) control traffic converging at, 273 in software architecture, 5–6 J-cells and, 55–57 policers default values from protocol group properties, 282 switch fabric connecting, 52 Packet Loss Priority (PLP) default routing-engine CoS and and, 388 three-color policer and, 189 packet walkthough, MX-VC, 557–558 payload, field in Ethernet II frame, 74 PBR (Policy Based Routing), 154 PCP (Priority Code Point), as subdivided part of TCI, 75 PDM (Power Distribution Modules), 63 PE (Provider Equipment) multiple customers connected on, 83 routers R1 and R2, 751 Peak Burst Size (PBS), trTCM parameter, 187 Peak Information Rate (PIR), 350 (see also shaping-rate) about, 349 excess rate excess-rate mode, 381 PIR Mode, 381 PIR/CIR Mode, 381 interfaces operating in PIR mode, 369, 440–448 PIR/CIR mode, 369, 442 mode, about, 350 trTCM parameter, 187–189 PEM (Power Entry Module), 15 PFEs (Packet Forwarding Engines) filter application points, Trio, 195 in software architecture, 5–6 input interface filters and, 197 J-cells and, 55–57 output interface filters and, 197 policers default values from protocol group properties, 282 switch fabric connecting, 52 Trio, 331 physical interface policers, 206–212 PIC arrangements comparing scheduler parameters by platform and, 428 for queue distribution on MPC1-3D-Q, 325–328 PIM (Protocol Independent Multicast) NSR and, 774–775 PIM sparse mode routing protocol, graceful restart enabled for, 748 PIR (Peak Information Rate), 350 (see also shaping-rate) about, 349 excess rate excess-rate mode, 381 PIR Mode, 381 PIR/CIR Mode, 381 interfaces operating in PIR mode, 369, 440–448 PIR/CIR mode, 369, 442 mode, about, 350 trTCM parameter, 187–189 PLP (Packet Loss Priority), three-color policer and, 189 PoC (Proof of Concept) test lab, Trio CoS about, 439 about ratios, 440 CIR mode, configuring change in, 448–527 PIR mode example, 440–448, 442 PIR/CIR mode example, 442 policer modifier, nonterminating action, 171 policers Index | 857 www.it-ebooks.info aggregate (logical interface), 192, 200–206 application restrictions, 212 applying, 200–212 as term-specific, 206 cascaded, 181–183 color modes for TCM, 189 default settings in DDoS Protection case study, 273, 279, 281 default values from protocol group properties for PFE- and FPC-level, 282 DHCP using aggregate-level, 278 disabling RE, 280 filter-evoked logical interface policers, 206 hierarchical, 192–195 logical interface (aggregate), 192, 200–206 monitoring and troubleshooting filters and, 214–220 physical interface, 206–212 single-rate Three-Color Marker (srTCM) configuring, 189 vs two-rate Three-Color Marker, 184– 192 srTCM, 186 trTCM, 188 two-rate Three-Color Marker (trTCM), 191–192 policing about, 173 about firewall filter and, 153–154 bandwidth policer, 181 setting using bandwidth-limit keyword, 178 basic example of, 180 burst size setting using burst-size limit keyword, 179 suggested, 179 classification and, in Trio CoS flow, 336 disable at FPC level, 280 disable policing at FPC level, 280 DS and, 154 hard model, 180 hierarchical, 278–279 Junos policer operation, 178–181 points for PPPoE family, 278 priority-based, 385 shaping vs., 173–177 soft model, 180 Policy Based Routing (PBR), 154 policy, routing vs firewall filters, 161–162 pop operation example of push and, 107–109 in stack data structure, 99–101 in stack operations, 100, 101 pop-pop operation, in stack operations, 102 pop-swap operation example of swap-push and, 109–111 in stack operations, 103 port-based MPCs, in CoS processing, 334–339 port-based queuing, MPCs, 320 port-level operation verification, 408 queuing, 403–408 port-mirror modifier, nonterminating action, 172 Power Distribution Modules (PDM), 63 Power Entry Module (PEM), 15 power supply MX2020, 63, 64 MX960, 23 Power Supply Modules (PSM), 63 PPPoE (PPP over Ethernet) protocol group, DDoS policing hierarchies in, 278– 279 PQ-DWRR (Priority Queue Deficit Weighted Round Robin) scheduling, 393 preamble, field in Ethernet II frame, 73 preclassification feature, Trio CoS flow and, 331–333 prefix-action modifier, nonterminating action, 172 premium policer rates, in configuring hierarchical policer, 192 preprovisioned option, in specifying serial number for each member, 567 Priority Code Point (PCP), as subdivided part of TCI, 75 priority demotion setting, priority inheritance scheme and, 358 priority levels scheduler, 395–403 priority promotion and demotion, 357, 402– 403 priority propagation in scheduler modes, 398–402 in scheduler nodes, 399, 401, 402 858 | Index www.it-ebooks.info priority variable defining APQ-DWRR scheduler, 394 priority, queue-level configuration option in H-CoS model, 353 priority-based policing, 385 queuing, 396 shaping, 319, 384–385 process failure induced switchovers, as GRES option, 730–731 promotion and demotion, priority, 357 Proof of Concept (PoC) test lab, Trio CoS about, 439 about ratios, 440 CIR mode, configuring change in, 448–527 PIR mode example, 440–448, 442 PIR/CIR mode example, 442 protocol families, as stateless filter component, 157 protocol family mode, logical interface (aggregate) policer, 201–203 protocol group properties, configuring, 282– 283 Protocol Independent Multicast (PIM) encapsulation and decapsulation, 621 NSR and, 774–775 protocol match condition, matching on protocol field and, 158–160 protocol replication, NSR and, 762–767 protocol-based profiles, WRED, 339 protocols, with preclassification feature, 332 Provider Equipment (PE) routers R1 and R2, 751 Provider Equipment (PE), multiple customers connected on, 83 PSM (Power Supply Modules), 63 push operation example of pop and, 107–109 in stack data structure, 99–101 in stack operations, 100, 101 push-push operation in stack operations, 100, 102 Q QoS vs CoS, using, 323 quantum variable, defining APQ-DWRR scheduler, 394 queue bandwidth, priority-based policing and, 385 queue transmit rate, 356 queue-based MPCs, in CoS processing, 334– 339 queue-level configuration options in H-CoS model, 350–354 queues allocated to IFL, controlling, 328 APQ-DWRR scheduler variables and, 393– 395 between Interfaces and Buffering Block, 28 configuring H-CoS at level of, 423–430 default mappings for RE-generated traffic, 388 defining priority level for excess traffic, 379 distribution on MPC1-3d-q, PIC arrangements, 325–328 dropping priorities, 393 for each IFL in per-unit mode scheduling, 414 handling priority promotion and demotion, 357 input queuing on Trio, 345 port-level, 403–408 predicting throughput of about, 434–437 priority-based, 396 restricted, on Trio MPCs, 329 scaling and subscriber scaling, 324 scheduler node scaling and, 324 scheduling stage and, 393 transmit rate percentage, 415 vs scheduler nodes, 403 warnings about low, 328 Queuing, Enhanced (EQ) MPC1 and MPC2 with, 41–42 MPC3E and, 38 Trio MPC/MIC interfaces, 339, 346 R R1 (Router 1) VCP Interface configuring GRES and NSR on, 567 configuring R1 on VCP, 563–565 preconfigurating R2 checklist for, 567–568 R2 (Router 2) VCP Interface configuring R2 on VCP, 568–569 preconfigurating checklist for, 567–568 RADIUS services in virtual chassis, 538 Rapid Deployment, 541 Index | 859 www.it-ebooks.info rate limiting about, 173 policing, 176–177 shaping leaky bucket algorithm, 173–174 token bucket algorithm, 174, 176 ratios, 440 RE (Routing-Engine) protection case study, 235–236 DDoS Protection case study disabling RE policers, 280 RE policer rates, 282 IPv4 RE protection filter, 236–260 applying filter list, 237 before activating lo0 application, 256– 257 building filter, 240–256 confirming proper operation of filter, 258–260 policy configuration, 238–240 principle behind operation of filter, 237 IPv6 RE protection filter about, 260–261 IPv6 RE protection filter, 270–271 sample filter, 262–269 RE (Routing-Engine) switchover, in GRES process, 725–727 RE protection, loopback filters and, 196 RE-generated traffic default queue mappings for, 388 default ToS markings for, 388 "Recommendations for Filtering ICMPv6 Messages in Firewalls" (RFC 4890), 262 Reduced-latency Dynamic Random Access Memory (RLDRAM), 27 reject, as terminating action, 169 Remaining Traffic Profile (RTP), 367–368, 400, 509 remaining, traffic profile, 359, 362–368 Remote Triggered Black Holes (RTBH), BGPbased, 295 replication mode, as AE interface mode for HCoS, 423 restart kernel-replication command, 732 restricted queues, on Trio MPCs, 329 rewrite marker templates, default BA classifiers and, 432 rewrite rules creating VCP interfaces, 580–581 Reynolds, Harry, Junos Enterprise Switching, 560, 573 RIB (Routing Information Base) about, 141–142 and Bridge-Domain Integration, illustration of, 141 RIP and RIPng routing protocol, graceful restart enabled for, 749 RLDRAM (Reduced-latency Dynamic Random Access Memory), 27 routed environments, filter processing in bridged and, 213 routers logical, 238–239 modern multiservice, 274 security of, 238 routers, oversubscribed and dropping packets, 29 routing and bridging, integrated, 141–144 Routing and Forwarding Information Bases (RIB/FIB), 742 routing engine failures, on MX-VC, 548–554 routing engine, virtual chassis apply-groups names for, 568 groups, 564–565 switchover for nonstop routing, 568 Routing Information Base (RIB) about, 141–142 and Bridge-Domain Integration, illustration of, 141 attributes, 142–144 routing policy vs firewall filters, 161–162 routing protocol daemon (rpd), Junos, 8–9 routing protocols IS-IS routing protocols basic, information about, xviii OSPF routing protocol basic information about, xviii type for ToS markings for RE-generated traffic, 388 routing sockets about, 11 architecture, 11 RSVP routing protocol -TE LSPs and, 775–776 graceful restart enabled for, 749–751 rt sockmon command, 12 860 | Index www.it-ebooks.info RTBH (Remote Triggered Black Holes), BGPbased, 295 RTP (Remaining Traffic Profile), 367–368, 509 S S-VLAN, 350 Safari Books Online, xxix sample modifier, nonterminating action, 172 scalable CoS, highly, as CoS differentiator, 319 scale mode, as AE interface mode for H-CoS, 421–422 SCB (Switch and Control Board) about, 47–48 components, 47 Enhanced MX, 58, 60–61 Ethernet switch in, 48–51 J-cells about, 55 flow, 56 format of, 55–56 request and grant process, 57 MX, 56–59 MX-SCB Ethernet switch connectivity, 48 port assignments, 50 MX240 support of modular routing engine, 18 slots available for routing engine, 21 SCBE (Enhanced MX Switch Control Board), 60–61 scheduler modes of operation, 403–421 per unit scheduler, 414–421 port-level operation verification, 408 port-level queuing, 403 priority propagation, 398–402 scheduler nodes about, 349 configuring excess bandwidth and, 378– 379 overbooked G-Rates and, 357 priority propagation, 399, 401, 402 queue and scaling, 325 vs queues, 403 scheduler-maps, 425 schedulers about, 350 assigning to forwarding classes for VC, 576– 578 CLI priorities, 396–398 comparing parameters by PIC/platform, 428 defining at H-CoS hierarchy, 424–425 handling priority promotion and demotion, 357 priority levels, 395–403 variables defining APQ-DWRR, 393–395 scheduling about, 393 discipline, 393–395 in CoS lab applying schedulers and shaping, 471– 473 scheduler block, 465–470 selecting scheduling mode, 470–471 per port, 403–408 scheduling hierarchy three-level, 361 two-level, 359–361 Secure Shell (SSH), in virtual chassis, 538 service filter, stateless filter type, 156 Service Level Agreements (SLAs), 173 Service Provider-style bridging about, 80 domain configuration, 91–93 interface bridge configuration encapsulation, 87–91 tagging, 83–87 using in bridge domain mode all, 119 VLAN mapping default bridge domain and, 107 example of push and pop operation, 107–109 example of swap-push and pop-swap operation, 109–111 stack data structure, 99–101 stack operations, 100–104, 100–104 stack operations map, 103 tag count, 106 vs Enterprise Style, 80–83 Service Provider’s network, VLAN IDs operating inside of, 75–77 service sets, NAT components in creating, 604–605 interface style service sets, 613–618 next-hop style implementation, 605–613 Index | 861 www.it-ebooks.info rules, components in creating, 608 SNAT rule with interface-style service sets, 615– 617 with next-hop style service sets, 608– 611 traffic directions, 618 services-load balancing load balancing statement, 340 set task accounting command in routing protocol daemon, SFB (Switch Fabric Board), MX2020, 62–63 SFD (Start Frame Delimiter), field in Ethernet II frame, 73 SFW device, 155 shaper burst size and, 369–372 delay buffers and, 375–376 granularity, Trio, 346–347 use of, 369 shaping priority-based, 319, 384–385 vs policing, 173–177 with exact vs excess priority none, 380 shaping-rate, 350 (see also PIR (Peak Information Rate)) about, 350 queue-level configuration option in H-CoS model, 352 shaping–based demotion, at nodes, 357 show bridge-domain commands, 135–137 show chassis hardware command, 321, 561– 562, 736 show family bridge, TCP flag matching for, 224 simple filters, stateless filter type, 156 Simple Network Management Protocol (SNMP), 538 single learning domain, 112 Single System Image (SSI), 537 single-rate Three-Color Marker (srTCM) about, 180 as bandwidth policer, 181 color modes for, 189 policers, 186, 189–190 support of, 178 traffic parameters, 185–187 vs two-rate Three-Color Marker, 184–192 SLAs (Service Level Agreements), 173 SNAT rule, NAT with interface-style service sets, 615–617 with next-hop style service sets, 608–611 SNMP (Simple Network Management Protocol), 538 Source Address (SA), field in Ethernet II frame, 74 source NAT, 601 spanning tree, information about, xvii–xviii SSH (Secure Shell), in virtual chassis, 538 SSI (Single System Image), 537 stack about, 99 data structure, 99–101 operations about, 100–104 map, 103 tag count, 106 stack operation option in input-vlan-map, 105 in output-vlan-map, 105 stacked-vlan-tagging, on IFD, 85–86 stacking devices vs virtual chassis, 537, 560 Start Frame Delimiter (SFD), 73–74 stateless firewall filters about policing and, 153 bit field matching, 160–161 components of filter matching, 159–161 filter terms, 157–158 filter types, 155–156 implicit deny-all terms, 158–159 protocol families, 157 filter processing about, 167–168 filter actions, 168 flow control actions, 172–173 nonterminating actions, 170 terminating actions, 169 filters and fragments, 257 IPv4 RE protection filter about, 237 applying filter list, 237 before activating lo0 application, 256– 257 building filter, 240–256 confirming proper operation of filter, 258–260 policy configuration, 238–240 862 | Index www.it-ebooks.info principle behind operation of filter, 237 IPv6 RE protection filter about, 260–261 sample filter, 262–269 stateless firewall filters confirming proper operation of filter, 270–271 vs stateful, 154–155 statistics, show bridge, 136 storage media failures, 730 strict priority, about, 393 strict-high priority queues, 394 subscriber scaling queue scaling and, 324 swap operation in stack data structure, 99–101 in stack operations, 100, 101 swap-push operation example of pop-swap and, 109–111 in stack operations, 102, 103 swap-swap operation in stack operations, 102 Switch and Control Board (SCB) about, 47–48 components, 47 Enhanced MX, 58, 60–61 Ethernet switch in, 48–51 J-cells about, 55 flow, 56 format of, 55–56 request and grant process, 57 MX, 56–59 MX-SCB Ethernet switch connectivity, 48 port assignments, 50 MX240 support of modular routing engine, 18 slots available for routing engine, 21 Switch Fabric Board (SFB), MX2020, 62–63 switch fabric planes about, 52 MX240 and MX480, 52–53 MX960, 53–55 switch fabric ports traffic received from, 332 switch fabric priorities, mapping to, 331–333 switches, acting as CE devices, 674, 687 switching vs bridging, 72 switchover tips for NSR, 781–782 symmetry, load balancing and, 344 synchronization, in GRES process, 723–725 syslog modifier, nonterminating action, 170 system log for errors, monitoring, 220 T TACACS+ services, in virtual chassis, 538 Tag Control Identifier (TCI), subdivided parts of, 75 tag count, in stack operations, 106 Tag Protocol Identifier (TPID), IEEE 802.1Q standard and, 75 tag-protocol-id option in input-vlan-map, 105 in output-vlan-map, 105 tagging types of VLAN tagging with Service Provider Style interface, 84–87 TCI (Tag Control Identifier), subdivided parts of, 75 TCPs (Traffic Control Profiles) about, 350 applying to H-CoS hierarchy, 423–430 connection establishment and BGP replication, 763–764 container options, 429 flag matching for family bridge, 224 overhead-accounting in option, 429–430 policers and, 173, 179 protocol in filter tests, 158 match to destination port, 223–224 term-order keyword, 296 terminating actions, 169 Three-Color Marker (srTCM), single-rate about, 180 as bandwidth policer, 181 color modes for, 189 policers, 186 support of, 178 traffic parameters, 185–187 vs two-rate Three-Color Marker, 184–192 Three-Color Marker (trTCM), two-rate color modes for, 189 policers, 191–192 support, 178 traffic parameters, 187–189 Index | 863 www.it-ebooks.info vs single-rate Three-Color Marker (srTCM), 184–192 three-color-policer modifier, nonterminating action, 172 token bucket algorithm, 174, 176 ToS mappings, useful CLI, 479 ToS markings RE-generated traffic default, 388 resetting or normalization of, 433 TPID (Tag Protocol Identifier), IEEE 802.1Q standard and, 75 tracing, enabling, 281–282 traditional switch vs MX routers, 71–73 traffic BUM, 199–200 conditioner, 177 congestion management using WRED, 171, 176 EF traffic and non-EF, 168, 192 policing, 176–177, 176 (see also policing) shaping, 173–176 using shaper for smoothing, 369 Traffic Control Profiles (TCPs) about, 350 applying to H-CoS hierarchy, 423–430 container options, 429 flag matching for family bridge, 224 overhead-accounting in option, 429–430 policers and, 173, 179 protocol match to destination port, 223–224 traffic encapsulation, VCP interface, 573–574 traffic-class modifier, nonterminating action, 172 transmit rate percentage, of queues, 415 transmit-rate, queue-level configuration option in H-CoS model, 352 Trio bandwidth MPCs and, 33 Trio chipset about, 25 architecture about, 25–26 Buffering Block, 26, 28–30 building blocks diagram, 26 Dense Queuing Block, 30 Lookup Block, 27–28 inline IPFIX performance implemented through, 591–592 processing stages and, 331 Trio Class of Service (CoS) about CoS vs QoS, 323 aggregated Ethernet modes for H-CoS, 421– 423 differentiators, 319 flow about, 330–331 Buffer Block (MQ) stage, 334 hashing and load balancing, 339–344 port and queuing MPC in, 334–339 preclassification feature and, 331–333 Hierarchical CoS (see H-CoS (Hierarchical CoS)) key aspects of model, 344–348 MX capabilities about, 319–320 about shell commands, 321 port vs hierarchical queuing MPCs, 320–323 scale and, 323–330 MX defaults, 430–434 predicting queue throughput about, 434–437 about ratios, 440 Proof of Concept test lab, 439–441 queues APQ-DWRR scheduler variables and, 393–395 configuring H-CoS at level of, 423–430 dropping priorities, 393 priority-based queuing, 396 scheduling stage and, 393 vs scheduler nodes, 403 queuing, port-level, 403–408 scheduler chassis, 426 defining at H-CoS hierarchy, 424–425 modes (see scheduler modes of operation) priority levels, 395–403 scheduling about, 393 discipline, 393–395 Trio CoS differentiators, 319 Trio inline services about, 589–590 864 | Index www.it-ebooks.info J-Flow network services about, 590–591 inline IPFIX performance, 601 Network Address Translation (see Network Address Translation (NAT)) port mirroring, 632–639 tunnel services about, 621–622 case study, 623–632 enabling, 622–623 Trio MPCs, restricted queues on, 329 Trio PFE CoS processing and, 331 default MPLS EXP classifier or rewrite rule in effect, 347–348 supporting priority-based MDWRR, 395, 396 to alter packet’s FC, 171 Trio PFE filter application points, 195 Trio-based line cards, as requirement for MXVC, 542 trunk mode, interface-mode option, 94, 95 tunnel services about, 621–622 case study, 623–632 enabling, 622–623 twice NAT, 601–603 Two-Color Marker (srTC), support of, 178– 181 two-rate Three-Color Marker (trTCM) color modes for, 189 policers, 191–192 support of, 178 traffic parameters, 187–189 vs single-rate Three-Color Marker (srTCM), 184–192 U unidirectional CoS configuring about, 453–455 applying schedulers and shaping, 471– 473 configuring baseline, 459–465 establish a CoS baseline, 456–458 scheduler block, 465–470 selecting scheduling mode, 470–471 verifying checking for any log errors, 488–493 confirming scheduling details, 483–488 unit, as Service Provider Style interface requirement, 80 untagged interfaces, 88 User Interface (UI), Junos, V variable, based on request, type for ToS markings for RE-generated traffic, 389 VC (Virtual Chassis), 539 VC-B (Virtual Chassis Backup) about, 539 illustration of interface numbering with, 555 virtual chassis components with, 540 virtual chassis kernel replication with, 545 kernel synchronization and, 544–547 VC-Bb (Backup Routing Engine in VC-B), 539, 553 VC-Bm (Master Routing Engine in VC-B), 539, 545–548, 551–553 VC-L (Virtual Chassis Line Card) about, 539 illustration of interface numbering with, 555 virtual chassis components with, 540 virtual chassis kernel replication with, 545 kernel synchronization and, 544–547 VC-Lb (Backup Routing Engine in VC-L), 539, 554 VC-Lm (Master Routing Engine in VC-L), 539, 553 VC-M (Virtual Chassis Master) about, 539 illustration of interface numbering with, 555 virtual chassis components with, 540 virtual chassis kernel replication with, 545 kernel synchronization and, 544–547 mastership election for, 559–560 VC-Mb (Backup Routing Engine in VC-M), 539, 545–548, 550 VC-Mm (Master Routing Engine in VC-M), 539, 549–550 Index | 865 www.it-ebooks.info VCCP (Virtual Chassis Control Protocol), 539, 559, 563, 568 VCP (Virtual Chassis Port) interfaces about, 537, 539 class of service about, 573 classifiers, 578–580 final configuration, 581–583 forwarding classes, 574–576 schedulers assigned to forwarding classes for VC, 576–578 traffic encapsulation, 573–574 walkthrough, 574–575 configuring on R1 on, 563–565 configuring on R2 on, 568–569 interface speed requirement for MX-VC, 542 VID (VLAN Identifier), as subdivided part of TCI, 75 Virtual Chassis (MX-VC), MX about, 537–538 architecture, 543–554, 543–554 about, 543–554 kernel synchronization, 544–548 routing engine failures, 548–554 case for, 540 chassis serial number, 561–562, 568 configuring about, 561 finding chassis numbers, 566 GRES and NSR on VC, 566–567 on R1, 566–567 VC on R1, 566–567 VC verification, 570–571 deconfiguring, back to standalone, 572– 573 engine terminology, 539 illustration of interface numbering, 555 VC concept, 543 virtual chassis components, 540 virtual chassis kernel replication, 545 interface numbering, 554–557 mastership election for VC-M in, 559–560 packet walkthough, 557–558 R1 VCP Interface configuring R1 on VCP, 563–565 preconfiguring R2 checklist, 567–568 R2 VCP Interface configuring R2 on VCP, 568–569 preconfigurating checklist for, 567–568 requirements, 541–542 routing engine apply-groups names for, 568 groups, 564–565 switchover for nonstop routing, 568 terminology, 539–540 topology, 558, 559 types of virtualization, 541 unique member ID, 562–563 VCP class of service about, 573 classifiers, 578–580 final configuration, 581–583 schedulers assigned to forwarding classes for VC, 576–578 VCP traffic encapsulation, 573–574 verifying configuration, 583–584 walkthrough, 574–575 Virtual Chassis (VC), 539 Virtual Chassis Backup (VC-B) about, 539 illustration of interface numbering with, 555 virtual chassis components with, 540 virtual chassis kernel replication with, 545 kernel synchronization and, 544–547 Virtual Chassis Control Protocol (VCCP), 539, 559 Virtual Chassis Line Card (VC-L) about, 539 illustration of interface numbering with, 555 virtual chassis components with, 540 virtual chassis kernel replication with, 545 kernel synchronization and, 544–547 Virtual Chassis Master (VC-M) about, 539 illustration of interface numbering with, 555 virtual chassis components with, 540 virtual chassis kernel replication with, 545 kernel synchronization and, 544–547 mastership election for, 559–560 Virtual Chassis Port (VCP) interfaces 866 | Index www.it-ebooks.info about, 537, 539 class of service about, 573 classifiers, 578–580 final configuration, 581–583 schedulers assigned to forwarding classes for VC, 576–578 VCP traffic encapsulation, 573–574 verifying configuration, 583–584 walkthrough, 574–575 configuring on R1 on, 563–565 configuring on R2 on, 568–569 interface speed requirement for MX-VC, 542 Virtual Router Redundancy Protocol (VRRP), 646, 694–695 virtual switch about, 144 configuration, 145–149 hierarchy, 145 virtualization, about, 72 VLAN bridging, extended, 88 VLAN Identifier (VID), as subdivided part of TCI, 75 VLAN IDs associating to IFL, 84 bridge-domain modes using (see bridgedomain) operating inside of Service Provider’s network, 75–77 rewriting, 97–99 VLAN normalization or rewriting, 93 vlan-id as Enterprise Style interface requirement, 82 bridge-domain modes using (see bridgedomain) option, 105 in output-vlan-map, 105 setting in access mode, 95 vlan-id-range, 84, 122 vlan-tagging as Service Provider Style interface requirement, 80 to IFD, 84–87 VLANs (Virtual Local Area Networks) Ethernet II in, 74–75 about, 73 IEEE 802.1Q standard and, 74–75 rewriting, 97–99 Service Provider mapping of bridge-domain requirements, 107 example of push and pop operation, 107–109 example of swap-push and pop-swap operation, 109–111 stack data structure, 99–101 stack operations, 100–104 stack operations map, 103 tagging types of Service Provider-style interface, 84–87 VPLS encapsulation, 87 VPLS family, MC-LAG family support for, 646 VRRP (Virtual Router Redundancy Protocol), 646, 694–695, 776 W WAN interface egress packet processing and, 43 ingress packet processing and, 43 MPC1 and MPC2 with enhanced queuing and, 41–42 of Buffering Block, 30 WAN ports, prioritizing network control traffic received over, 331–333 WRED congestion management using, 176 drop-profiles as queue-level configuration option in H-CoS model, 354 configuring, 426–428 inTrio profile, 338 protocol-based profiles, 339 loss-priority modifier for making decisions related to, 171 purpose of, 338 Index | 867 www.it-ebooks.info www.it-ebooks.info Colophon The animal on the cover of Juniper MX Series is the tawny-shouldered podargus (Podargus humeralis), a type of bird found throughout the Australian mainland, Tasmania, and southern New Guinea These birds are often mistaken for owls and have yellow eyes and a wide beak topped with a tuft of bristly feathers They make loud clacking sounds with their beaks and emit a reverberating, booming call These birds hunt at night and spend the day roosting on a dead log or tree branch close to the tree trunk Their camouflage is excellent—staying very still and upright, they look just like part of the branch The tawny-shouldered podargus is almost exclusively insectivorous, feeding rarely on frogs and other small prey They catch their prey with their beaks rather than with their talons, and sometimes drop from their perch onto the prey on the ground The bird's large eyes and excellent hearing aid in nocturnal hunting Tawny-shouldered podargus pairs stay together until one of the pair dies After mating, the female lays two or three eggs onto a lining of green leaves in the nest Both male and female take turns sitting on the eggs to incubate them until they hatch about 25 days later, and both parents help feed the chicks The cover image is from Wood’s Animate Creation The cover font is Adobe ITC Garamond The text font is Linotype Birka; the heading font is Adobe Myriad Condensed; and the code font is LucasFont’s TheSansMonoCondensed www.it-ebooks.info www.it-ebooks.info ... www.it-ebooks.info Chapter 6, MX Virtual Chassis What’s better than a Juniper MX router? Two Juniper MX routers, of course, unless you’re talking about virtual chassis; it takes several Juniper MX Routers and... 529 529 532 MX Virtual Chassis 537 What is Virtual Chassis? MX- VC Terminology MX- VC Use Case MX- VC Requirements MX- VC Architecture MX- VC Interface... Migrations, Wiley Juniper Networks Certified Internet Expert, Juniper Networks Juniper Networks Certified Internet Professional, Juniper Networks Juniper Networks Certified Internet Specialist, Juniper