You are previewing JUNOS® FOR DUMMIES®.
O'Reilly logo
JUNOS® FOR DUMMIES®

Book Description

If you’re in charge of a network, you’re probably aware that the only time anyone notices the network is when it goes down. With JUNOS software and JUNOS For Dummies, a friendly book to help you set it up and manage the software, you might be able to start convincing your clients to believe in magic. Here’s the help you need for switching, routing, security, interface configuration, and more.

Now, you can go inside JUNOS software and understand everything you need to know about operating a network with JUNOS. You’ll learn how the control plane handles packet delivery and establishes traffic policies and see how a single network operating system can add stability and reliability while saving administrative time. Plus, you’ll find out how to set up a routing protocol that automates configuration of routing tables for greater efficiency and how you can set up individual or group user accounts locally on the route, or on remote centralized authentication servers. By the time you finish this book, you’ll know how to:

  • Work with the JUNOS network operating system

  • Set up and configure a Juniper router

  • Connect, manage, and troubleshoot routers and other Juniper appliances

  • Make your network more efficient

  • Configure JUNOS default security features as well as restricted physical access to protect routers

  • Solve hardware, software, interface, and router problems

  • Integrate JUNOS with other systems

Complete with lists of the most useful commands, IOS-JUNOS command conversions, and the best place to seek additional help, JUNOSFor Dummies is your one-stop guide to getting started with and mastering JUNOS.

Table of Contents

  1. Copyright
  2. About the Authors
  3. Authors' Acknowledgments
  4. Introduction
    1. About This Book
    2. Conventions Used in This Book
    3. What You're Not to Read
    4. Foolish Assumptions
    5. How This Book Is Organized
      1. Part I: Exploring JUNOS Software
      2. Part II: Working with JUNOS
      3. Part III: Deploying JUNOS
      4. Part IV: Managing JUNOS Software
      5. Part V: The Part of Tens
    6. Icons Used in the Book
    7. Where to Go from Here
  5. I. Exploring JUNOS Software
  6. 1. Getting Familiar with JUNOS Software
    1. 1.1. Exploring the Functions of Network Operating Systems
      1. 1.1.1. It's all about control
      2. 1.1.2. Moving on: Packet forwarding
    2. 1.2. Taking Advantage of One Network OS
    3. 1.3. Taking a Peek Inside JUNOS Software
      1. 1.3.1. Going their separate ways: Functions
      2. 1.3.2. Plain smart: The planes of JUNOS software
      3. 1.3.3. That's not a problem: The many benefits of modular architecture
    4. 1.4. Developing JUNOS Software
      1. 1.4.1. Reaping the benefits of a single release train
      2. 1.4.2. Hup 1, 2, 3, 4: JUNOS software release numbering
  7. 2. Operating Your Network with JUNOS Software
    1. 2.1. Introducing the Command-Line Interface
      1. 2.1.1. Handy command-line tools
      2. 2.1.2. Commit, confirm, and rollback functions
    2. 2.2. Boosting Productivity with Automated Tools
      1. 2.2.1. Automation scripts
      2. 2.2.2. On-board monitoring, logging and support
    3. 2.3. Integrating with Other Vendors' Systems
      1. 2.3.1. Interoperability
      2. 2.3.2. Management
      3. 2.3.3. Integration
      4. 2.3.4. Open development
    4. 2.4. Upgrading to New Releases
      1. 2.4.1. JUNOS software support
      2. 2.4.2. Downloading new releases
  8. 3. Switching to JUNOS
    1. 3.1. It's All about Perspective: Switching and Your Network
      1. 3.1.1. Layers of switching
      2. 3.1.2. Switching away to the destination
      3. 3.1.3. What about the L3 view?
    2. 3.2. A Switch of All Trades: Doing More than Just Switching
      1. 3.2.1. Delivering unified communications
      2. 3.2.2. Controlling network access
      3. 3.2.3. Scaling the data center
    3. 3.3. Choosing the Right Hardware
  9. 4. Ramping Up to Routing
    1. 4.1. The View, Routing Style
      1. 4.1.1. Addressing the packet
    2. 4.2. The View, MPLS Style
      1. 4.2.1. Reasons to use MPLS
      2. 4.2.2. The workings of MPLS
    3. 4.3. Choosing the Right Hardware
  10. 5. Locking-in on JUNOS Software Security and High Availability
    1. 5.1. Securing Your Network
      1. 5.1.1. Firewall filters — what you let in and out
      2. 5.1.2. Stateful firewall — what's going on
      3. 5.1.3. Address translation — secret identities
      4. 5.1.4. Secure VPNs tunnels — armored traffic
    2. 5.2. Delivering without Down Time
      1. 5.2.1. Planned events
      2. 5.2.2. Unplanned events
      3. 5.2.3. Human factors
  11. II. Working with JUNOS
  12. 6. Getting to Know Command-Line Interface Essentials
    1. 6.1. Logging in to Your Router for the First Time
    2. 6.2. Taking a Look at Two Command Modes
    3. 6.3. Bringing Order to Chaos: Hierarchy of Commands
      1. 6.3.1. A commanding hierarchy: Operational mode
      2. 6.3.2. Making a statement: Configuration mode
    4. 6.4. Keeping One Eye Open at All Times: Operational Mode Commands
    5. 6.5. Changing the Router's Look: Configuration Mode Commands
    6. 6.6. Lending a Helping Hand: The Help Command
    7. 6.7. A Need for Speed: Command Completion and Keyboard Sequences
      1. 6.7.1. Command completion
      2. 6.7.2. Keyboard sequences
    8. 6.8. Committing a Configuration
      1. 6.8.1. The commit process
      2. 6.8.2. Confirm before you commit
    9. 6.9. Working with Archived Configurations
      1. 6.9.1. Archiving manually from a server
      2. 6.9.2. Creating and saving configurations
    10. 6.10. Getting the Router Up on the Network
  13. 7. Setting Up the Routers
    1. 7.1. Creating a Banner at Login
    2. 7.2. Logging Out
    3. 7.3. Setting Up Router User Accounts
    4. 7.4. Tracking Events with SNMP and Logging
      1. 7.4.1. Tracking with SNMP
      2. 7.4.2. Using logs to track the router's events
    5. 7.5. Setting the Router's Time and Time Zone
    6. 7.6. Configuring Interfaces
    7. 7.7. Assigning an IP Address to an Interface
    8. 7.8. Putting the Interfaces to Work
  14. 8. Setting Up the Network
    1. 8.1. Understanding Network Routing
      1. 8.1.1. Dynamic routing protocols
      2. 8.1.2. Routing tables
    2. 8.2. Choosing the Best Route
    3. 8.3. Running RIP on Your Network
    4. 8.4. Running OSPF on Your Network
      1. 8.4.1. Dividing an OSPF network into areas
      2. 8.4.2. Configuring and monitoring OSPF
    5. 8.5. Running IS-IS on Your Network
      1. 8.5.1. Using IS-IS addresses only when needed
      2. 8.5.2. Minding your IS-IS areas
      3. 8.5.3. Configuring and monitoring IS-IS
  15. 9. Adding Security
    1. 9.1. Stop! Physical Security
    2. 9.2. Go! JUNOS Default Security Features
      1. 9.2.1. Encryption and hashing algorithms
      2. 9.2.2. Tighten the root login account
    3. 9.3. Checking Who's on the Router
      1. 9.3.1. Knowing who's logged in
      2. 9.3.2. Figuring out who's configuring
    4. 9.4. Logging Out
    5. 9.5. Controlling SSH and Telnet Access to the Router
    6. 9.6. Limiting Traffic on Router Interfaces
    7. 9.7. Protecting the Routing Engine: A More Complete Strategy
    8. 9.8. Securing Routing Protocols
      1. 9.8.1. Securing RIP
      2. 9.8.2. Securing IS-IS and OSPF
      3. 9.8.3. Securing OSPF
      4. 9.8.4. Authenticating BGP peers
      5. 9.8.5. Enabling authentication on MPLS signaling protocols
  16. 10. Setting Up the Switches
    1. 10.1. Setting Up the Switch
      1. 10.1.1. Racking the switch
      2. 10.1.2. Configuring the switch initially
      3. 10.1.3. Plugging devices into the switch
      4. 10.1.4. Connecting switches together
    2. 10.2. Segmenting a LAN
      1. 10.2.1. Configuring the default VLAN
      2. 10.2.2. Configuring more VLANs
      3. 10.2.3. Trunking together VLANs
      4. 10.2.4. Controlling access to VLANs
    3. 10.3. Interconnecting Switches
      1. 10.3.1. Going virtual
      2. 10.3.2. Virtual chassis, real redundancy
    4. 10.4. Using the Switch as a Router
      1. 10.4.1. Connecting to the Internet
      2. 10.4.2. Connecting to a router in your LAN
  17. III. Deploying JUNOS
  18. 11. Managing Remotely
    1. 11.1. Choosing an Interface
    2. 11.2. Setting Up Out-of-Band Management
    3. 11.3. Setting Up In-Band Management
    4. 11.4. Accessing Your Router
      1. 11.4.1. Tel(net)
      2. 11.4.2. SSH
    5. 11.5. Monitoring a Router Using System Logging
      1. 11.5.1. Delving into syslog messages
      2. 11.5.2. Mood music: Turning on logging
      3. 11.5.3. Viewing syslog messages
      4. 11.5.4. Filtering syslog to different files
      5. 11.5.5. Refining your access to events
      6. 11.5.6. Managing your log files
    6. 11.6. Using Trace Logging to Monitor the Router
  19. 12. Configuring Interfaces
    1. 12.1. Types of Physical Interfaces
      1. 12.1.1. T1 interfaces
      2. 12.1.2. Serial interfaces
      3. 12.1.3. ADSL
    2. 12.2. The Logical and Physical Properties of Interfaces
      1. 12.2.1. Logical properties
      2. 12.2.2. Physical properties
    3. 12.3. Configuring Interfaces
      1. 12.3.1. Configuring T1 interfaces
      2. 12.3.2. Configuring serial interfaces
      3. 12.3.3. Configuring ADSL interfaces
      4. 12.3.4. Configuring the point-to-point protocol
      5. 12.3.5. Using CHAP to authenticate PPP sessions
      6. 12.3.6. Measuring the bit error rate
  20. 13. Working with Border Gateway Protocol (BGP)
    1. 13.1. An Island of Their Own: Autonomous Systems
    2. 13.2. Making AS Connections
    3. 13.3. Configuring BGP
    4. 13.4. Monitoring BGP
      1. 13.4.1. Knowing why you can't ping
      2. 13.4.2. Configuring routing policies that advertise their routes
      3. 13.4.3. Using next-hop addresses
      4. 13.4.4. Pinging to the loopbacks
    5. 13.5. Configuring Route Reflection
      1. 13.5.1. Route reflectors on large networks
      2. 13.5.2. Route reflector configuration
      3. 13.5.3. Dual route reflectors for backup
  21. 14. Working with Routing Policies
    1. 14.1. Constructing Routing Policies
      1. 14.1.1. Terms
      2. 14.1.2. Match conditions
      3. 14.1.3. Match actions
      4. 14.1.4. Default actions
      5. 14.1.5. Application of policies
      6. 14.1.6. Evaluation of routing policies
    2. 14.2. Configuring Route Filters
      1. 14.2.1. Prefixes and prefix lengths
      2. 14.2.2. Match types
      3. 14.2.3. Match actions
    3. 14.3. Configuring an Aggregate Route
  22. 15. Enabling Class of Service (COS)
    1. 15.1. Knowing What Pieces a COS Configuration Requires
    2. 15.2. Classifying Inbound Traffic
      1. 15.2.1. Differentiated Services Code Points (DSCP)
      2. 15.2.2. Configuring BA classifiers
    3. 15.3. Controlling Outbound Traffic
      1. 15.3.1. Scheduling configuration
      2. 15.3.2. Shaping outbound traffic
      3. 15.3.3. Setting up outbound buffers
      4. 15.3.4. Configuring priority scheduling
    4. 15.4. Massaging BA Classifiers for Core Transit
      1. 15.4.1. Matching traffic based on the source address
      2. 15.4.2. Matching traffic based on destination port
      3. 15.4.3. Setting DSCP values for transit
  23. 16. Using MPLS
    1. 16.1. Packet-Switched Networking
      1. 16.1.1. Label switching
      2. 16.1.2. Label-switched paths
      3. 16.1.3. Label-switching routers
      4. 16.1.4. Labels
      5. 16.1.5. Label operations
    2. 16.2. Establishing Label-Switched Paths
    3. 16.3. Signaling Protocols
    4. 16.4. Configuring RSVP-Signaled LSPs
      1. 16.4.1. Enabling MPLS and RSVP
      2. 16.4.2. Turning on MPLS on your transit interfaces
      3. 16.4.3. Configure an LSP
      4. 16.4.4. Verify the LSPs
    5. 16.5. Placing Constraints on Packet Forwarding
      1. 16.5.1. Reserve bandwidth on an LSP
      2. 16.5.2. Verifying traffic using the LSP
  24. 17. Configuring Tunnels for Secure Packet Exchange
    1. 17.1. Getting an Overview of Secure Tunnels
      1. 17.1.1. Tunneling
      2. 17.1.2. IPSec protocols
      3. 17.1.3. Security algorithms
      4. 17.1.4. Authentication methods
      5. 17.1.5. Security associations
    2. 17.2. Configuring an IPSec Tunnel on an Encryption Interface
      1. 17.2.1. Defining security associations
      2. 17.2.2. Creating firewall filters
      3. 17.2.3. Applying the SA and filters
      4. 17.2.4. Checking to see whether the tunnel is functioning
    3. 17.3. Hiding Internal Addresses from the Internet
  25. IV. Managing JUNOS Software
  26. 18. Monitoring Your Network
    1. 18.1. Checking Host-to-Host
    2. 18.2. Tracerouting Your Network
    3. 18.3. Working with Common Diagnostic Commands
      1. 18.3.1. Monitoring your interfaces
      2. 18.3.2. Monitoring your routing information
    4. 18.4. Keeping an Eye on Latency
      1. 18.4.1. Real-time performance monitoring
      2. 18.4.2. Configuring RPM
      3. 18.4.3. Monitoring RPM tests
  27. 19. Troubleshooting Your Network
    1. 19.1. Following General Troubleshooting Tips
    2. 19.2. Peeling the Onion to See Your Network's Layers
    3. 19.3. Creating a Troubleshooting Toolkit
    4. 19.4. Troubleshooting: A Case Study
      1. 19.4.1. Being proactive before you experience problems
      2. 19.4.2. Pinpointing the problem
      3. 19.4.3. Hardware troubleshooting
      4. 19.4.4. Software troubleshooting
      5. 19.4.5. Interface troubleshooting
      6. 19.4.6. Routing troubleshooting
      7. 19.4.7. MTU troubleshooting
  28. 20. JOUOScriptin
    1. 20.1. Minimizing Network Downtime
      1. 20.1.1. Why is it always my fault?
      2. 20.1.2. Minimizing the effects of software issues
    2. 20.2. Reducing Network Downtime with JUNOScript
      1. 20.2.1. No. 1: Constrain the configuration
      2. 20.2.2. No. 2: Change the configuration
      3. 20.2.3. No. 3: Simplify the configuration
      4. 20.2.4. No. 4: Create custom logic for operational commands
      5. 20.2.5. No. 5: React to live events
    3. 20.3. Invoking JUNOScripts
      1. 20.3.1. Writing scripts
      2. 20.3.2. Invoking scripts
    4. 20.4. Putting JUNOScripts in Motion
      1. 20.4.1. Example 1: Constraining configuration
      2. 20.4.2. Example 2: Changing configuration
      3. 20.4.3. Example 3: Simplifying configuration
      4. 20.4.4. Example 4: Creating custom logic for operational commands
  29. V. The Part of Tens
  30. 21. The Ten Most Used Categories of JUNOS Commands
    1. 21.1. Show Me the JUNOS Software Running in the Device
    2. 21.2. Show Me Something about the Device
    3. 21.3. Show Me and Confirm My Configuration
    4. 21.4. Back Up and Rollback My Configurations
    5. 21.5. Show Me the Interfaces in the Device
    6. 21.6. Give Me More Detail about the Interfaces
    7. 21.7. Show Me Something about Routing
    8. 21.8. Give Me More Detail about Routing
    9. 21.9. Show Me Something about Switching
    10. 21.10. Show Me Details for Maintenance
  31. 22. The Ten Best Places to Get Help
    1. 22.1. Command Line Interface
    2. 22.2. Technical Publications
    3. 22.3. Forums
    4. 22.4. Literature/Media
    5. 22.5. Books
    6. 22.6. Training
    7. 22.7. Certification
    8. 22.8. Support
    9. 22.9. Customer Care
    10. 22.10. JTAC