Over the past decade, network service providers have been adding high-performance Juniper Networks routers to their networks to run their IP backbones. With the recent introduction of smaller routers with the same basic functionality as the larger core routers, more people will be using Juniper Networks routers in their business networks and will need to learn how to configure and run the JUNOS software that runs on their routers. JUNOS Cookbook explains the design of the JUNOS software and provides recipes and guidelines for setting up common features that you need to configure and secure your Juniper Networks router.
For those of you who are familiar with Cisco IOS or other routers, you will find the JUNOS software and the design of the router hardware similar to the other routers in some ways, but very different in many ways. The initial design of the JUNOS software began in 1996, when the TCP/IP protocol suite was already mature and it was clear that this protocol suite was the only one needed for network devices to run on the Internet. Those involved in developing the original JUNOS software and router hardware all had previous experience designing similar products and were intent on building something better. Some of the JUNOS features that improve the router operation include:
- Software modularity
The JUNOS software comprises several dozen processes, or daemons, rather than a single process, so you can stop a single process and restart it without having to reboot the entire router.
- Separation of forwarding and routing
The actual forwarding of packets is performed by custom high-speed Application-Specific Integrated Circuits (ASICs), while routing is performed by a CPU in a small PC that is built into the router. This separation of the routing and forwarding functions improves router performance.
- Powerful configuration editor and batch configuration activation
The JUNOS configuration editor supports command completion and text files and allows you to return to previous configurations. Activating JUNOS configurations is a batch process, and interdependent configuration segments take effect at the same time.
- Hard disk in the router
Having a built-in hard disk provides storage on the router for software images needed for software upgrades, core dumps, and JUNOS documentation, which is accessed with online help.
The first version of JUNOS software, released in 1998 with the first router, the M40 router, focused on features for large-capacity Internet service provider (ISP) and telephone company (telco) networks. Like any network operating system, additions are regularly being made to the software to incorporate new technologies, protocols, and feature sets. The JUNOS software is updated four times per year. JUNOS Cookbook was written for Release 7.4, which shipped at the end of 2005. You will find, however, that most of the recipes in this book also work on earlier software releases, and they should continue to work on future releases. All recipes in this book were developed on M7i or J2300 routers. And, except where noted, they should run on any Juniper Networks J-series, M-series, and T-series routing platform. I have indicated when I use features that are available only with certain software releases or hardware.
Given the diversity and complexity of the JUNOS software, this book cannot cover the entire operating system. Instead, JUNOS Cookbook consists of a collection of sample router configurations for the proper installation, configuration, and optimization of your Juniper Networks routers and is focused on helping you set up the common components of your router: the network interfaces and the routing protocols themselves.
JUNOS Cookbook is not intended to replace the detailed feature information available on the Juniper Networks web site (http://www.juniper.net). This book doesn’t have the space to provide details about how particular protocols actually work, and you can find this information in the Internet Engineering Task Force (IETF) Request for Comment (RFC) and Internet draft documents (http://www.ietf.org), as well as in a wide variety of books.
I welcome feedback from readers. If you have comments, suggestions, or ideas for other recipes, please let me know. If there are future editions of the JUNOS Cookbook, I will include any suggestions that I think are especially useful. You can reach me at aviva@juniper.net.
As the name suggests, JUNOS Cookbook is organized as a series of recipes. Each recipe begins with a problem statement that describes a common situation you might face. After each problem statement is a brief solution that shows a sample router configuration or script that you can use to resolve that particular problem. A discussion section then describes the solution, how it works, and when you should or should not use it.
I have tried to construct the recipes so that you can turn directly to the one that addresses your specific problem and find a useful solution without needing to read the entire book. If the solution includes terms or concepts you are not familiar with, the chapter introductions should help bridge the gap. Many recipes refer to other recipes or chapters that discuss related topics. I have also included a variety of references to other sources in case you need more background information on a particular subject.
The chapters are organized by the feature or protocol discussed. If you are looking for information on a particular feature such as BGP, MPLS, or SNMP, you can turn to that chapter and find a variety of related recipes. Most chapters list basic problems first and any unusual or complicated situations last. But there are some exceptions to this, such as where I have instead grouped related recipes together.
The first chapters cover essential system administration functions of the router:
- Chapter 1, Router Configuration and File Management
Covers router configuration and file management issues
- Chapter 2, Basic Router Security and Access Control
Focuses on router security, describing user access and privileges on the router and how to protect your router from undesired access
- Chapter 3, IPSec
Describes how to use IPSec to encrypt and secure traffic
The next three chapters focus on managing the router:
- Chapter 4, SNMP
Discusses how to use the Internet standard SNMP protocol to remotely manage your router
- Chapter 5, Logging
Explains how to log events that occur on the router so you can trace the causes of router and network malfunctions
- Chapter 6, NTP
Explains how to properly set the time on your router, both manually and using NTP, to synchronize time across all network devices
- Chapter 7, Router Interfaces
Discusses router interfaces and how to configure interface properties, including the physical device itself as well as all network addresses associated with an interface, including IPv4, IPv6, and ISO addresses
The next six chapters cover various aspects of IP routing:
- Chapter 8, IP Routing
Looks at IP routing in general, including routing tables, route preferences, and selecting active routes
- Chapter 9, Routing Policy and Firewall Filters
Discusses routing policy, which control the routes that are stored in and advertised from the routing tables. This chapter also covers firewall filters, which are applied to traffic entering and exiting router interfaces
- Chapter 10, RIP
Looks at RIP, including both Versions 1 and 2 and RIPng
- Chapter 11, IS-IS
Looks at IS-IS
- Chapter 12, OSPF
Discusses OSPF
- Chapter 13, BGP
Discusses the BGP protocol, which controls all IP routing through the backbone of the Internet
The remaining chapters all cover separate topics:
- Chapter 14, MPLS
Discusses MPLS, which is commonly used along with RSVP for traffic engineering
- Chapter 15, VPNs
Covers BGP-MPLS (Layer 3) VPNs, which are an application of BGP and MPLS that provides private virtual networks
- Chapter 16, IP Multicast
Covers the IP multicast protocols
The following formatting conventions are used throughout this book:
- Italic
Used for commands, filenames, directories, script variables, keywords, emphasis, technical terms, and Internet domain names
-
Constant width Used for code sections, interface names, and IP addresses
-
Constant width italic Used for replaceable text
-
Constant width bold Used for user input and emphasis within code
-
Constant width bold italic Used to highlight replaceable items within code
Please address comments and questions about this book to the publisher:
| O’Reilly Media, Inc. |
| 1005 Gravenstein Highway North |
| Sebastopol, CA 95472 |
| (800) 998-9938 (in the United States or Canada) |
| (707) 829-0515 (international/local) |
| (707) 829-0104 (fax) |
There is a web page for this book, which lists errata, examples, or any additional information. You can access this page at:
| http://www.oreilly.com/catalog/junosckbk |
To comment or ask technical questions about this book, send email to:
| bookquestions@oreilly.com |
For more information about books, conferences, Resource Centers, and the O’Reilly Network, see the O’Reilly web site at:
| http://www.oreilly.com |
When you see a Safari® Enabled icon on the cover of your favorite technology book, that means the book is available online through the O’Reilly Network Safari Bookshelf.
Safari offers a solution that’s better than e-books. It’s a virtual library that lets you easily search thousands of top tech books, cut and paste code samples, download chapters, and find quick answers when you need the most accurate, current information. Try it for free at http://safari.oreilly.com.
I have been a professional technical writer for 25 years, and I never imagined how huge an undertaking it would be to write a book on JUNOS software as the sole responsible author. Writing any technical book, especially one like this, is never a project that a single person does by herself. There are always many people involved to review the topics included in the book, answer questions, review drafts, and set up and maintain lab equipment. Many people helped me in all these areas, providing me both with general help and with comments in their particular area or areas of JUNOS and networking expertise. Without their time and patience, this book would not have been possible. These people include Zaid Albanna, Arthi Ayyangar, Serpil Bayraktar, Ron Bonica, Avram Dorfman, Jeff Doyle, Simon Gerraty, Steve Gill, Lenny Giuliano, Walter Goralski, Hannes Gredler, Steve Holman, Ian Jarrett, Dave Katz, Steven Lin, Julian Lucek, Ivan Lum, Umesh Mangla, Pedro Marques, Brian Matheson, Scott McIntyre, Ina Minei, Andrew Partan, Prakesh Patil, David Ranch, Yakov Rehkter, Rich Salaiz, Phil Shafer, Nischal Sheth, Gary Tate, Paras Trivedi, Quaizar Vohra, Jim Washburn, Chris White, and Kiho Yum. Vijay Gill, John Heasley, and Scott McIntyre helped by providing JUNOS output used to explain a few of the recipes.
Mike Bushong was a great help in setting up and maintaining the router labs used to develop this book. Richard Hendricks, Brian Matheson, and Michael Estrada also helped with the lab. Sonia Saruba considerably improved on my writing by editing the entire manuscript.
I would also like to thank a few key people who encouraged me to undertake and continue this project, especially Patrick Ames, who kept me focused, and also Michael Taillon, Scott Kriens, and Allen Lo.
Everybody at O’Reilly was great to work with. I particularly appreciate the input from my editors, David Brickner and Mike Loukides. They helped to create a book of which we can all be proud.
Finally, I must thank my husband David and my daughter Sage for helping me through this project.
—Aviva Garrett Saratoga, California
Get JUNOS Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
