Learn a little bit about the history and pedigree of the Juniper MX and what factors prompted its creation. Junos is the “secret sauce” that’s common throughout all of the hardware; this chapter will take a deep dive into the control plane and explain some of the recent important changes to the release cycle and support structure of Junos. The star of the chapter is of course the Juniper MX; the chapter will thoroughly explain all of the components such as line cards, switch fabric, and routing engines.

It always seems to surprise people that the Juniper MX is capable of switching; not only can it switch, it has some of the best bridging features and scalability on the market. The VLAN mapping is capable of popping, swapping, and pushing new IEEE 802.1Q headers with ease. When it comes to scale, it can support over 8,000 virtual switches.

Discover the world of advanced policing where the norm is creating two-rate three-color markers, hierarchical policers, cascading firewall filters, and logical bandwidth policers. You think you already know about Junos policing and firewall filters? You’re wrong; this is a must-read chapter.

Everyone has been through the process of creating a 200-line firewall filter and applying it to the loopback interface to protect the routing engine. This chapter presents an alternative method of creating a firewall filter framework and only applies the filters that are specific to your network via firewall filter chains. As of Junos 10.4, there’s a new feature called Distributed Denial-of-Service Protection (ddos-protection) that can be combined with firewall filters to add an extra layer of security to the routing engine.

This chapter answers the question, “What is hierarchical class of service and why do I need it?” The land of CoS is filled with mystery and adventure; come join Harry and discover the advantages of hierarchical scheduling.

What’s better than a Juniper MX router? Two Juniper MX routers, of course, unless you’re talking about virtual chassis; it takes several Juniper MX Routers and combines them into a single, logical router.

Services such as Network Address Translation (NAT), IP Information Flow Export (IPFIX), and tunneling protocols traditionally require a separate services card. Trio inline services turns this model upside down and allows the network engineer to install network services directly inside of the Trio chipset, which eliminates the need for special services hardware.

An alternative to virtual chassis is a feature called MC-LAG, which allows two routers to form a logical IEEE 802.3ad connection to a downstream router and appear as a single entity. The twist is that MC-LAG allows the two routers to function independently.

Some of us take high availability for granted. GRES, NSR, NSB, and ISSU make you feel warm and fuzzy. But how do you really know they work? Put on your hard hat and go spelunking inside of these features and protocols like you never have before.