You are previewing JUNOS Enterprise Switching.
O'Reilly logo
JUNOS Enterprise Switching

Book Description

JUNOS Enterprise Switching is the only detailed technical book on Juniper Networks' new Ethernet-switching EX product platform. With this book, you'll learn all about the hardware and ASIC design prowess of the EX platform, as well as the JUNOS Software that powers it. Not only is this extremely practical book a useful, hands-on manual to the EX platform, it also makes an excellent study guide for certification exams in the JNTCP enterprise tracks. The authors have based JUNOS Enterprise Switching on their own Juniper training practices and programs, as well as the configuration, maintenance, and troubleshooting guidelines they created for their bestselling companion book, JUNOS Enterprise Routing. Using a mix of test cases, case studies, use cases, and tangential answers to real-world problems, this book covers:

  • Enterprise switching and virtual LANs (VLANs)

  • The Spanning tree protocol and why it's needed

  • Inter-VLAN routing, including route tables and preferences

  • Routing policy and firewall filters

  • Switching security, such as DHCP snooping

  • Telephony integration, including VLAN voice

Part of the Juniper Networks Technical Library, JUNOS Enterprise Switching provides all-inclusive coverage of the Juniper Networks EX product platform, including architecture and packet flow, management options, user interface options, and complete details on JUNOS switch deployment.

Table of Contents

  1. JUNOS Enterprise Switching
  2. Foreword
    1. Evolution of the Bridging World
    2. What Is the Big Deal About Switching Anyway?
    3. How This Book Will Help You (a.k.a. What’s in It for Me?)
  3. Preface
    1. What Is JUNOS Enterprise Switching?
    2. The Juniper Networks Technical Certification Program (JNTCP)
    3. How to Use This Book
    4. What’s in This Book?
      1. Topology of This Book
    5. Conventions Used in This Book
    6. Using Code Examples
    7. Safari® Books Online
    8. Comments and Questions
    9. About Scott Morris, Lead Tech Reviewer
    10. Acknowledgments
      1. From Doug Marschke
      2. From Harry Reynolds
  4. 1. LAN and Internetworking Overview
    1. What Is a Network?
      1. The OSI Model
        1. Layer functions
      2. Network Types and Communication Modes
        1. Communication modes
      3. So, Where Did We LANd?
    2. Ethernet Technologies
      1. A Brief Look Back
      2. Ethernet or 802.3, That Is the Question
      3. The MAC Layer
        1. CSMA/CD
          1. The shift away from shared media
        2. MAC addressing
      4. Ethernet Standards Wrap-Up
        1. A word on auto-negotiation
      5. Ethernet Technology Summary
    3. The TCP/IP Suite
      1. Enter OSI
      2. Exit OSI, Enter IP
      3. The IP Stack, in a Nutshell
        1. The network that lies beneath
        2. ARP me, Amadeus
        3. IP, freely
        4. IP addressing
          1. Hierarchical
          2. Classless is the norm (or, how we learned to subnet)
        5. ICMP, the bad news protocol
        6. UDP, multiplexing, and not much else
        7. TCP, a transport for all seasons
        8. What’s this Internet thing for again, eh, sonny?
        9. IP encapsulation example
      4. Internet Protocol Summary
    4. LAN Interconnection
      1. Repeaters
      2. Bridges
        1. Protocol-agnostic
        2. Loops are bad, really, really bad
          1. Bridge processing in detail
          2. So much for the 80/20 rule
      3. Routers
        1. Multi-Protocol Routing
          1. One protocol to rule them all
      4. LAN Interconnect Summary
    5. Conclusion
    6. Chapter Review Questions
    7. Chapter Review Answers
  5. 2. EX Platform Overview
    1. EX Hardware Overview
      1. The EX8200 Series
      2. Separate Control and Forwarding: It’s a Good Thing
      3. EX Hardware: The Numbers
      4. EX Feature Support
        1. Layer 2 features
        2. Layer 3 and general system features
      5. EX Hardware Summary
    2. EX Series Architecture
      1. The EX-PFE ASIC
      2. EX3200 Architecture
      3. EX4200 Architecture
        1. Front-panel LEDs
      4. A Day in the Life of a Packet
        1. Layer 2 switching
        2. Output processing: Layer 2 switching
        3. Layer 3 routing
      5. EX Series Architecture Summary
    3. JUNOS Software Overview
      1. JUNOS Software Summary
    4. CLI Overview
      1. J-Web and EZSetup
        1. EZSetup
      2. CLI Operational Modes and General Features
        1. Operational mode
        2. Command completion
          1. Emacs keys
          2. The pipe
      3. Configuration Mode
        1. Navigating the configuration hierarchy
        2. Active and candidate configurations, commits, and rollbacks
          1. Commit confirmed
        3. Loading and saving configurations
      4. The JUNOS CLI Summary
    5. Advanced CLI and Other Cool Stuff
      1. SOS
      2. Scheduled Commits and Wildcards
        1. Wildcards and regular expressions
      3. Copying, Renaming, and Inserting
    6. Conclusion
    7. Chapter Review Questions
    8. Chapter Review Answers
  6. 3. Initial Configuration and Maintenance
    1. The Factory-Default Configuration and EZSetup
      1. Factory-Default Configuration
      2. EZSetup
      3. Factory-Default Configuration and EZSetup Summary
    2. Initial Configuration Using the CLI
      1. CLI Configuration Summary
    3. Secondary Configuration
      1. Customized User Accounts, Authentication, and Authorization
        1. User authentication case study
      2. Out of Band Network
      3. Remote Access
      4. Dynamic Host Configuration Protocol
        1. DHCP server configuration in JUNOS
        2. DHCP relay configuration in JUNOS
      5. Secondary Configuration Summary
    4. EX Interfaces
      1. Permanent Interfaces
      2. Network Interfaces
        1. Network interface naming
        2. Logical units
      3. Interface Configuration
        1. Physical properties
        2. Logical properties
      4. EX Interface Configuration Examples
        1. Layer 2 interface
        2. Layer 3 interface
      5. Interface Troubleshooting
        1. JUNOS troubleshooting tools
          1. Syslog
          2. Monitor interface
          3. Monitor traffic
          4. Operational mode show commands
          5. Ethernet OAM
          6. Diagnostic commands
          7. Loopbacks
          8. Hard loops
      6. EX Interface Summary
    5. Basic Switch Maintenance
      1. Chassis Health Check
      2. Syslog
        1. Syslog case study
      3. SNMP
      4. NTP
        1. Is NTP really working?
      5. Rescue Configuration
      6. Password Recovery
      7. Switch Maintenance Summary
    6. Conclusion
    7. Chapter Review Questions
    8. Chapter Review Answers
  7. 4. EX Virtual Chassis
    1. The EX Virtual Chassis
      1. Virtual Chassis Overview
        1. Virtual Chassis Control Protocol
        2. Member roles within a VC
        3. Member ID
        4. Mastership priority
        5. Default election algorithm
        6. Virtual Chassis Identifier
      2. Virtual Chassis Design and Deployment Options
        1. VCP topologies
        2. VCP single rack rings
        3. VCP multiple rack rings
        4. VCP serial chain
        5. VCE topologies
        6. Extending the VC
      3. Packet Flow in a Virtual Chassis
        1. Virtual chassis topology discovery
        2. The SPF calculation
        3. A bifurcated VC: It’s a bad thing
        4. Virtual chassis packet walk-through
        5. Intersystem packet flows
      4. Virtual Chassis Summary
    2. Configuration, Operation, and Maintenance
      1. Virtual Chassis Configuration Modes
        1. Hot or cold insertion: when does a VC addition become a VC merge?
      2. Virtual Chassis Configuration
        1. Virtual management address
        2. Virtual chassis member parameters
        3. VCEs
        4. Virtual chassis configuration summary
      3. Virtual Chassis Operation and Maintenance
        1. Operational mode commands with member context
        2. VC monitoring commands
        3. Monitor the VC control protocol
        4. VC tracing
        5. VC maintenance
        6. VC adds, moves, and changes
        7. Connecting to non-master members
        8. Using the no-management-vlan option
      4. Configuration, Operation, and Maintenance Summary
    3. Virtual Chassis Case Study
      1. Prepare for the Merge
      2. Configure VC Parameters
        1. Confirm initial VC operation
      3. Expand the VC with VCE Links
        1. Prepare the new switch
        2. Configure the VCE ports
      4. Case Study Summary
    4. Conclusion
    5. Chapter Review Questions
    6. Chapter Review Answers
  8. 5. Virtual LANs and Trunking
    1. Virtual LANs and Trunking
      1. Port Modes
      2. Tagging User Traffic
        1. QinQ, a.k.a. provider bridging
      3. The Native and Default VLANs
        1. The native VLAN
        2. The default VLAN
        3. Putting it all together
      4. Generic Attribute Registration Protocol
        1. Cisco and GVRP
      5. VLAN and Trunking Summary
    2. EX to Catalyst VLAN Integration
      1. Default VLAN/Trunking Behavior
      2. Define VLANs
        1. Configure and confirm IOS VLANs and trunking
        2. JUNOS VLAN and trunk configuration
        3. Troubleshoot a VLAN problem
      3. Add Native VLAN Support
      4. Getting Loopy with It
      5. VLAN Integration Summary
    3. Conclusion
    4. Chapter Review Questions
    5. Chapter Review Answers
  9. 6. Spanning Tree Protocol
    1. Feeling a Little Loopy
      1. Stupid Is As Stupid Does
      2. Loop Issue Summary
    2. Spanning Tree Protocol
      1. STP Basics
      2. Calculating and Maintaining the Spanning Tree
      3. Bridge Protocol Data Units
      4. BPDU Learning and Port States
      5. Protocol Timers
        1. Table age
        2. Hello time
        3. Message age
        4. Forwarding delay
      6. Putting the Theory Together
      7. STP Issues
      8. STP Summary
    3. Rapid Spanning Tree Protocol
      1. New BPDU Definition and Function
      2. Interface Types and States
      3. RSTP Convergence
        1. Topology changes
        2. Link failures
      4. Link Cost in RSTP
      5. Compatibility with STP
      6. Interoperability Between Juniper and Cisco
      7. RSTP Summary
    4. Spanning Tree Configuration
      1. Failures with Default Parameters
      2. Configuring RSTP
        1. When RSTP isn’t going to be rapid
        2. RSTP design consideration
      3. Spanning Tree Configuration Summary
    5. Multiple Spanning Tree Protocol
      1. MSTP Configuration
      2. MSTP Summary
    6. Redundant Trunk Groups
      1. RTG Configuration
      2. RTG Summary
    7. Conclusion
    8. Chapter Review Questions
    9. Chapter Review Answers
  10. 7. Routing on the EX
    1. EX Routing Overview
      1. What Is Routing?
        1. Interior Gateway Protocol overview
      2. EX Routing Capabilities
        1. What’s missing?
        2. Layer 3 scaling limits
      3. JUNOS Routing Concepts
        1. Global route preference
        2. Routing tables and RIB groups
        3. The inet.0 table
        4. Routing policy
        5. Router ID and Autonomous System Number
      4. Summary of EX Routing Capabilities
    2. Inter-VLAN Routing
      1. A Router on a Stick
      2. Enter the Routed VLAN Interface
        1. Full Layer 3 functionality
      3. Deploy an RVI
        1. Configure and test an RVI
      4. Use VRRP with an RVI
      5. Restricting RVI Communications
        1. RVI and Layer 3 filters
      6. RVI Summary
    3. Static Routing
      1. Next Hop Types
        1. Forwarding next hop qualifiers
      2. Route Attributes and Flags
      3. Floating Static Routes
      4. EX Static Routing Scenario
        1. Static routing in the Internet router
        2. EX static routing
      5. Static Routing Summary
    4. RIP Routing
      1. RIP Overview
        1. RIP stability and performance tweaks
        2. RIP and RIPv2
      2. RIP Deployment Scenario
        1. Configure RIP
        2. Vodkila’s RIP configuration
      3. Verify RIP
      4. RIP Summary
    5. Conclusion
    6. Chapter Review Questions
    7. Chapter Review Answers
  11. 8. Routing Policy and Firewall Filters
    1. Routing Policy
      1. What Is Routing Policy, and When Do I Need One?
      2. Where and How Is Policy Applied?
        1. Applying policy to link state routing protocols
        2. Applying policy to RIP
      3. Policy Components
        1. Logical OR and AND functions within terms
      4. Policy Match Criteria and Actions
        1. Policy match criteria
        2. Policy actions
      5. Route Filters
        1. Binary trees
        2. Route filters and match types
        3. Longest match wins, but may not…
      6. Default Policies
        1. OSPF default policy
        2. IS-IS default policy
        3. RIP default policy
        4. BGP default policy
      7. Testing and Monitoring Policy
        1. Testing policy results
        2. Policy tracing
      8. Policy Case Study
      9. Routing Policy Summary
    2. Firewall Filters
      1. Types of Filters
      2. Filter Term Processing
      3. Filter Match Conditions
      4. Filter Actions
      5. Applying a Filter
        1. Applying a filter at the port level
        2. Applying a filter at the VLAN level
        3. Applying a filter at the Layer 3 level
      6. Transit Filter Case Study
        1. Layer 3 filter
        2. VLAN filters
      7. Case Study: Loopback Filters
      8. Policers
        1. Burst-size-limit mystery
        2. Policer actions
        3. Configuring and applying policers
        4. Policer example
      9. Storm Control and Rate Limiting
      10. Filters and Policers Summary
    3. Conclusion
    4. Chapter Review Questions
    5. Chapter Review Answers
  12. 9. Port Security and Access Control
    1. Layer 2 Security Overview
      1. EX Layer 2 Security Support
    2. MAC Limiting, DHCP, and ARP
      1. MAC Limiting
        1. Limiting MAC moves
        2. MAC limit actions
        3. Deploy and verify MAC limiting
      2. DHCP Snooping and ARP Inspection
        1. Securing DHCP and ARP
        2. Deploy DHCP snooping and ARP inspection
        3. Confirm DHCP snooping and ARP inspection
      3. MAC Limiting, DHCP, and ARP Summary
    3. IEEE 802.1X Port-Based Authentication
      1. Terminology and Basic Operation
        1. Extensible Authentication Protocol
      2. JUNOS 802.1X Feature Support
        1. Administrative modes
        2. Supplicant modes
        3. Additional capabilities
      3. Deploy and Verify 802.1X
        1. RADIUS server configuration
        2. EAP-MD5 supplicant configuration
        3. Configure RADIUS parameters
        4. Configure 802.1X authenticator properties
        5. Verify 802.1X authentication
        6. Configure MAC-based RADIUS authentication
      4. 802.1X Port-Based Authentication Summary
    4. Conclusion
    5. Chapter Review Questions
    6. Chapter Review Answers
  13. 10. IP Telephony
    1. Deployment Scenarios
      1. QoS or CoS?
      2. Deployment Scenarios Summary
    2. Power over Ethernet
      1. JUNOS Support for PoE
      2. PoE Summary
    3. Link Layer Discovery Protocol
      1. JUNOS LLDP
      2. LLDP Summary
    4. LLDP with Media Endpoint Discovery
      1. LLDP-MED and JUNOS
      2. LLDP-MED Summary
    5. Voice VLAN
    6. Case Studies
      1. Without LLDP-MED Support
        1. Plug-and-play solution without LLDP-MED
        2. Voice VLAN and IP phone configuration
      2. With LLDP-MED Support
      3. Case Study Summary
    7. Conclusion
    8. Chapter Review Questions
    9. Chapter Review Answers
  14. 11. High Availability
    1. Hardware Redundancy
      1. Routing Engine Failover
      2. Default Failover Layer 2
      3. Default Failover Layer 3
      4. Graceful Routing Engine Switchover
        1. GRES with Layer 2
        2. GRES with Layer 3
      5. Graceful Restart
      6. Non-Stop Routing
      7. GRES, GR, NSR, Oh My!
    2. VRRP
    3. In-Service Software Upgrades
    4. Aggregated Ethernet
      1. LACP in Action
      2. JUNOS Configuration
        1. Additional configuration options
        2. Load balancing over AE
    5. Bidirectional Forwarding Detection (BFD)
      1. High Availability Summary
    6. Conclusion
    7. Chapter Review Questions
    8. Chapter Review Answers
  15. Glossary
  16. Index
  17. About the Authors
  18. Colophon
  19. Copyright