CFM
-
Upload
vaibhav-agrawal -
Category
Documents
-
view
9 -
download
1
description
Transcript of CFM
Introduction of Juniper Network Routers for CFM Bharti-Airtel:Ashish Bhatnagar ([email protected])
2 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda•Hardware Architecture
•Juniper Portfolio
•JUNOS Overview
•JUNOS CLI Operation Mode
Session 1
3 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
• Hardware Architecture
•Juniper Portfolio
•JUNOS Overview
•JUNOS CLI Operation Mode
4 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
The router architecture consists of two major components:
• Packet Forwarding Engine—Performs Layer 2 and Layer 3
packet switching, route lookups, and packet forwarding.
• Routing Engine—Provides Layer 3 routing services and
network management.
Systems OverviewSystems Overview
5 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Systems Overview - PFESystems Overview - PFE
MEM
MEM
ASICsInternet Processo
rForwarding
table
Buffer Manager 1
Buffer Manager 2
I/OManager
I/OManager
I/OManager
PIC I/OManage
rPIC I/OManage
r
PIC I/OManage
rPIC I/OManage
r
PIC I/OManage
rPIC I/OManage
r
PIC I/OManage
rPIC I/OManage
r
FPC
PICs
MEM
PFE SystemController(SSB, SFM,
etc.)
6 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
The Routing Engine is an Intel-based PCI platform running the JUNOS Internet software, which Juniper Networks has developed and optimized to handle large numbers of network interfaces and routes. The software consists of a set of system processes running in protected memory modules on top of an independent operating system. The JUNOS kernel supports JUNOS system processes, which handle system management processes, routing protocols, and control functions.The Routing Engine has a dedicated 100-Mbps internal connection to the Packet Forwarding Engine.
Systems Overview - RESystems Overview - RE
7 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
The Routing Engine provides the following functions and features:• Processing of routing protocol packets• Software modularity• In-depth Internet functionality• Scalability• Management interface• Storage and change management• Monitoring efficiency and flexibility
Systems Overview - RESystems Overview - RE
8 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda
• Hardware Architecture
•Juniper Portfolio
•JUNOS Overview
•JUNOS CLI Operation Mode
•JUNOS CLI Configuration Mode
9 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
JUNIPER PRODUCT PORTFOLIO
J Series
M Series
MX Series
T Series
TX Matrix Plus
IDP
WX
SA & UAC
APP-LAYER S
ERVICES
SWIT
CHES
ROUTERSSECURITY
SRX5000
SRX650
SRX240
SRX210
SRX3000
EX2500
EX3200
EX8208
EX8216
EX2200
EX4200
10 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
2.5G
1G
Gbps
PIC slots
Secondary
Uplink
10G
M7i
M10i
4 PIC slots (+1 fixed)
8 PIC slots 32 PIC slots
M40eM20
16 PIC slots
320
40
20
10
7
Primary Sm PoP PE / Lg Enterprise Med PoP PE Large PoP PE
Small Core / Peering / RR Small/Med Core Med Core Collapsed P/PE
M320
120M120
M-series Portfolio
11 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Any service to any customer
Lowest operational cost
Services scaled with proven stability security
• performance• availability
InfranetInfranetLayer 3 VPNsLayer 3 VPNs
Layer 2 VPNsLayer 2 VPNs
Ethernet VPLSEthernet VPLS
Content servicesContent services
Dedicated Internet AccDedicated Internet Acc
Security servicesSecurity services
Bandwidth on demandBandwidth on demand
VoiceVoice
Channelized
FR/ATM
Ethernet
N x T1/E1, DS3/E3
SONET/SDH
Multiservice Edge• Single entry point to IP/MPLS• 1000’s services, 1000’s customers
M-series Delivers at the Multiservice Edge
12 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
M-Series Routers
M7i M10i M20 M40e M320
Network Location
Small PoP PE, campus border
router, enterprise
Med PoP PE, campus border
router
Med PoP PE Med/Large PoPs Large PoPs
System Bandwidth 7+ Gbps 10+Gbps 20+Gbps 40+ Gbps 320 Gbps
Maximum Speed
DS-0 to OC-12c/STM-4 and
GE
DS-0 to OC-48c/STM-16
DS0 to OC-48c/STM-16
DS0 to OC-48c/STM-16
DS0 to OC-192/10GE
Density Sweet Spot
48 DS-3 16 OC-3
96 DS-332 OC-3
192 DS-3, 64 OC-3, 16 OC-12
384 DS-3128 OC-3, 32 OC-12,
8 OC-48
384 DS-3128 OC-3,
128 OC-12, 64 OC-48
PICs Per Chassis
4 (+2FE or 1 GE
fixed)
8 16 32 32
Chassis Per Rack
24 9 5 2 2
Redundancy Power & Cooling Yes Yes Yes Yes
13 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda•Introduction to Juniper Networks
• Hardware Architecture
•Juniper Portfolio
•JUNOS Overview
•JUNOS CLI Operation Mode
•JUNOS CLI Configuration Mode
14 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
JUNOS Architecture
15 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Operating SystemOperating System
Pro
tocols
Inte
rface M
gm
t
Ch
assis
Mg
mt
SN
MP
Secu
rity
Single JUNOS Binary Image Across All M/T Platforms
Consistent Services to all Serving Areas Lowest Operational Cost
M7i
M10i
M320
M40e
M20
320
40
20
10
5
M160Consistent s
ervices
160T640
640
16 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
JUNOS Software Components
The Junos software is actually made up of multiple pieces working together to control the routers functions. Each software is referred to as package and contains files specific to its particular function.
Jkernel: The jkernel package contains the basic components of the JUNOS software operating
system.
JBase: The jbase package contains additions to the JUNOS software since the last revision of the jkernel package
Jroute: The jroute package contains software that operates on the Routing Engine. This controls the unicast routing protocols, the multicast routing protocols, and Multiprotocol Label Switching signaling protocols. The package also contains the software for some deamons such as mgd.
Jpfe: The jfpe package contains the Embedded OS software that controls the components of the Packet Forwarding Engine.
Jdocs: The jdocs package contains the complete JUNOS software documentation set.
Jcrypto: The jcrypto package contains software that controls various security functions, such as IPSEC, and SSH
Jbundle: The jbundle package is a single file that contains all the other packages.
17 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
jinstall-m.nZo.p-domestic.tgz or jinstall-m.nZo.p-export.tgz
jbundle-m.nZo.p-domestic.tgz or jbundle-m.nZo.p-export.tgz
E.g. jinstall-7.4R1.7-domestic.tgz
m.n is the major version
o.p is the minor version
Z is a single uppercase letter A - Alpha B - Beta R - Release I - Internal Test or Experimental
Domestic version supports SSH; Export does not.
JUNOS Software Naming Convention
18 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
•Introduction to Juniper Networks
• Hardware Architecture
•Juniper Portfolio
•JUNOS Overview
•JUNOS CLI Operation Mode
•JUNOS CLI Configuration Mode
Agenda
19 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Out of Band DB9 DTE Console and Auxiliary Ports (e.g. via Reverse Telnet to
Terminal Server) 10/100 Management Ethernet Port (called fxp0)
In-Band Telnet ssh
Authentication using TACACS+, RADIUS, or Local Database
Methods of Accessing the router
20 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
CLI Operational Mode Indicated by the ">" prompt Preceded by string containing user and Router Name Default Mode after logging on e.g. user@router>
CLI Configuration Mode Indicated by the "#" prompt Access Configuration Mode from Operational Mode using the CLI
command “configure”/”configure private” e.g. [edit] user@router#
Two Command Line Interface (CLI) modes: Operational and Configuration
21 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
AA: Interface Type “at-”: atm, “ge-”: GigE, “t3-”:DS3, “so-”:Sonet, “fe-”: FE
B: FPC Slot (numbered from 0, left to right)
C: PIC Slot (numbered from 0, top to bottom)
D: Port (numbered from 0, labelled on PIC)
E.g.
t3-0/1/2 (DS3 Port: FPC0, PIC1, Port2)
at-3/2/1 (ATM Port: FPC3, PIC2,Port1)
Reserved Ports: fxp0 (Mgt Ethernet), fxp1 (RE<-->Pfe)
Interface Naming Convention AA-B/C/D
22 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Context Sensitive Help using “?”
user@router> ? Possible completions: clear Clear information in the system configure Manipulate software configuration information file Perform file operations help Provide help information monitor Show real-time debugging information ping Ping remote target..
user@router> c? Possible completions: clear Clear information in the system configure Manipulate software configuration information
CLI Help (Operational/Config Modes)
23 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Command and Keyword automatically completed using <SPACE> or <TAB> if partial string uniquely identifies it
user@router> sh<SPACE>ve<RETURN>
Expanded to: user@router> show version Hostname: routerModel: m320JUNOS Base OS boot [7.4R1.7]JUNOS Base OS Software Suite [7.4R1.7]JUNOS Kernel Software Suite [7.4R1.7]JUNOS Packet Forwarding Engine Support (M320) [7.4R1.7]JUNOS Routing Software Suite [7.4R1.7]JUNOS Online Documentation [7.4R1.7]JUNOS Crypto Software Suite [7.4R1.7]
Auto-Completion of Commands/Keywords
24 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Use “|” to Filter output
Use regex (Unix Regular Expression) to specify pattern
user@router> show configuration | ? Possible completions: compare Compare configuration changes with prior version count Count occurrences display Show additional kinds of information except Show only text that does not match a pattern find Search for first occurrence of pattern hold Hold text without exiting the --More-- prompt last Display end of output only match Show only text that matches a pattern no-more Don't paginate output request Make system-level requests resolve Resolve IP addresses save Save output text to file trim Trim specified number of columns from start of line
CLI Command Output Post Processing(“Pipe”)
25 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
. Any character* Zero or more occurrence of previous character.* Zero of more occurrence of any characters+ One or more occurrence of previous character.+ at least one of any character^ Beginning of line$ End of line[ ] Any Characters specified within the brackets| Or() Grouping
\ Treat the next character literally, e.g. “\*” means the “*” character
CLI Command Output Filtering usingREGEX
26 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
user@router> show configuration | no-more .. (display output without pagination or “more” prompt)
user@router> show configuration | count Count: 2884 lines
user@router> show interfaces terse | match "ge.*up +inet" ge-0/2/0.400 up up inet 40.10.2.1/24 ge-0/2/0.422 up up inet 221.0.0.25/29 ge-0/2/0.425 up up inet 192.85.4.1/24 ge-1/1/0.0 up up inet 144.133.144.172/27
user@router> show log messages | last .. (display last page of messages file)
CLI Command Output Filtering Examples
27 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda•Interface Configuration
•System Management
•AAA Configurations
•Syslog
•USER Configuration
•Misc System Management Features
•Troubleshooting
•Session 2
28 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
For the interfaces on a router to function, you must:
• configure them
• specifying properties:
• the interface location
• which slot the FPC is installed
• in and which location on the FPC the PIC is installed in
• the interface type (such as SONET or ATM)
• encapsulation
• interface-specific properties.
You can configure the interfaces that are currently present in the router, and you
can also configure interfaces that are not currently present but that you
might be adding in the future. When a configured interface appears, the JUNOS
software detects its presence and applies the appropriate configuration to it.
OverviewOverview
29 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Each router has two permanent interfaces:
• Management Ethernet interface—Provides an out-of-band method for connecting to
the router. You can connect to the management interface over the network using utilities
such as ssh and Telnet. SNMP can use the management interface to gather statistics from
the router.
• Internal Ethernet interface—Connects the Routing Engine (the portion of the router
running the JUNOS Internet software) to the System Control Board (SCB), the System and
Switch Board (SSB), the Forwarding Engine Board (FEB), or the System and Forwarding
Module (SFM), depending on router model, which is part of the Packet Forwarding Engine.
The router uses this interface as the main communications link between the JUNOS
software and the components of the Packet Forwarding Engine and runs the embedded
microkernel.
Permanent InterfacePermanent Interface
30 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
The router contains slots for installing FPC boards, and each FPC can
accommodate up to four PICs. These physical interfaces are the router’s
transient interfaces. They are referred to as transient because you can hot-
swap an FPC and its PICs at any time.
You can insert any FPC into any of the router’s slots, and you can generally place any combination
of PICs in any location on an FPC. (You are limited by the total FPC bandwidth (OC-48) and by the
fact that some PICs physically require two or four of the PIC locations on the FPC).
You must configure each of the transient interfaces based on the slot in which the FPC is installed,
the location in which the PIC is installed, and for some PICs, the port to which you are connecting.
You can configure the interfaces on PICs that are already installed in the router as well as
interfaces on PICs that you plan to install later.
Transient InterfaceTransient Interface
31 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
! Aggregated Ethernet
! Aggregated SONET/SDH
! ATM
! Channelized DS-3 to DS-0
! Channelized DS-3 to DS-1
! Channelized E1
! Channelized OC-3 to T1
! Channelized OC-12 to DS-3
! Channelized STM-1 to E1
! DS-3
! E1
! E3
! Encryption interfaces
! Ethernet (internal router interfaces only)
! Fast Ethernet
! Gigabit Ethernet
! GRE tunnel
! IP-IP tunnel
! Loopback (internal router interface)
! Multicast tunnel (internal router interface
for VPNs)
! Multilink Frame Relay
! Multilink PPP
! SONET/SDH
! T1
! T3
! VPN tunnel
Supported Interface TypesSupported Interface Types
32 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
When you configure an interface, you are effectively specifying the
properties for a physical interface descriptor. In most cases, the physical
interface descriptor corresponds to a single physical device and consists
of the following parts:
! The interface name, which defines the media type
! The slot in which the FPC is located
! The location on the FPC in which the PIC is installed
! The PIC port
! The interface’s channel and logical unit numbers (optional)
Configuring Interface – Physical DescriptorConfiguring Interface – Physical Descriptor
33 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Each interface has an interface name, which specifies the media type,
the slot the FPC is located in, the location on the FPC that the PIC is
installed in, and the PIC port. The interface name uniquely identifies an
individual network connector in the system. You use the interface name
when configuring interfaces and when enabling various functions and
properties, such as routing protocols, on individual interfaces. The
system uses the interface name when displaying information about the
interface, for example, in the show interfaces command.
The interface name is represented by a physical part, a logical part, and
a channel part in the following format:
physical<:channel>.logical
Configuring Interface – NameConfiguring Interface – Name
34 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
The physical part of an interface name identifies the physical device,
which corresponds to a single physical network connector. Format:
type-fpc/pic/port
Refer next slides for different types of interfaces.
The logical unit part of the interface name corresponds to the logical unit
number, which can be a number in the range 0 through 16384.
Configuring Interface – Physical/ Logical partConfiguring Interface – Physical/ Logical part
35 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
! ae— Aggregated Ethernet interface.
! as— Aggregated SONET/SDH interface.
! at— ATM interface.
! ds— DS-0 interface (configured on either Channelized DS-3 to DS-0 PIC or Channelized E1
PIC).
! e1— E1 interface (including Channelized STM-1 to E1 interfaces).
! e3— E3 interface.
! es— Encryption interface.
! fe— Fast Ethernet interface.
! fxp— Management and internal Ethernet interfaces.
! ge— Gigabit Ethernet interface.
! gr— Generic Route Encapsulation tunnel interface.
! ip— IP-over-IP encapsulation tunnel interface.
! lo— Loopback interface.
! ml— Multilink interface.
! mt— Multicast tunnel interface.
! so— SONET/SDH interface.
! t1— T1 interface (including Channelized DS-3 and Channelized OC-3 to T1 interfaces).
! t3— T3 interface (including Channelized OC-12 interfaces).
! vt— VPN interface (used for one type of VPN tunnel).
Configuring Interface – Types of InterfacesConfiguring Interface – Types of Interfaces
36 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Physical Interface have standard names:
• Type
• FPC Slot
• PIC Slot
• Port Number
S0-5/1/3
Configuring Interface – Naming exampleConfiguring Interface – Naming example
37 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
The channel identifier part of the interface name is required only on
channelized interfaces. Channel 0 identifies the first channelized interface.
A nonconcatenated (that is, channelized) SONET/SDH OC-48 interface
has four OC-12 channels, numbered 0 through 3. A Channelized OC-12
interface has twelve DS-3 channels, numbered 0 through 11.
For an FPC in slot 1 with two OC-3 SONET PICs in PIC positions 0 and 1,
each PIC with two ports uses the following names:
so-1/0/0.0
so-1/0/1.0
so-1/1/0.0
so-1/1/1.0
Configuring Interface – Naming exampleConfiguring Interface – Naming example
38 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Interface Type Default Media Maximum Default IP Protocol
MTU (Bytes) MTU (Bytes) MTU (Bytes)
ATM 4482 9192 4470
E1/T1 1504 9192 1500
E3/T3 4474 9192 4470
Fast Ethernet 1514 9192 1500 (IPv4), 1497 (ISO)
Gigabit Ethernet 1514 9192 1500 (IPv4), 1497 (ISO)
SONET/SDH 4474 9192 4470
Configuring Interface – MTU’s Configuring Interface – MTU’s
39 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
By default, the JUNOS software uses the physical interface’s speed for
the MIB-II object, ifSpeed. You can configure the logical unit to populate
the ifSpeed variable by configuring a bandwidth value for the logical
interface.
The bandwidth statement sets an informational-only parameter; you
cannot adjust the actual bandwidth of an interface with this statement.
To configure the bandwidth value for a logical interface, include the
bandwidth statement at the [edit interfaces interface-name unit logical-
unit-number] hierarchy level:
[edit interfaces interface-name unit logical-unit-number]
bandwidth rate;
rate is the peak rate, in bps or cps.
Configuring Interface – Interface Speed Configuring Interface – Interface Speed
40 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda•Interface Configuration
•System Management
•Syslog
•AAA Configurations
•USER Configurations
•Misc System Management Features
•Troubleshooting
41 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Many statements in the JUNOS software configuration include an option to
specify an IP address or route prefix. In this manual, this option is
represented in one of the following ways:
• network/prefix-length—Network portion of the IP address, followed by a
slash and the destination prefix length (previously called the subnet mask).
For example, 10.0.0.1/8.
• network—IP address. An example is 10.0.0.2.
• destination-prefix/prefix-length—Route prefix, followed by a slash and the
destination prefix length. For example, 192.168.1.10/32.
You enter all IP addresses in classless mode.
System Management: IP addressSystem Management: IP address
42 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda•Interface Configuration
•System Management
•AAA Configurations
•Syslog
•USER Configurations
•Misc System Management Features
•Policy and Firewall Filter
•Basic Troubleshooting
•Class of Service
43 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Radius Server Configurations
To use RADIUS authentication on the router, configure information about one or more RADIUS servers on the network.
[edit system]– radius-server server-address{
- accounting-port number;
- port number;
- secret seconds;
Server-address is the address of the Radius Server.
You can specify a port on which to contact the RADIUS server. By default port number 1812 is used (RFC 2865)
The secret used by the local router must match that used by server.
To configure multiple Radius servers, include multiple radius-server statements.
44 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Authentication Order and Source AddressAuthentication Order and Source Address
If you configure the router to use both the Radius and local database for authentication you prioritize the order in which the software tries the different authentication methods when verifying that a user can access the router.
[edit system]– authentication-order [authentication-methods]
In authentication-methods, specify one or more of the following in the preferred order, radius – verify the user using Radius authentication methods
tacplus – Verify the user using TACACS+ authentication services
Password- Verify the user the password configured for the user with the authentication statement at the [edit system login user] hierarchy level
You can specify which source address the JUNOS software uses when accessing your network to contact an external RADIUS server for authentication.
[edit system radius-server server-address]– source-address source-address
45 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda•Interface Configuration
•System Management
•AAA Configurations
•Syslog
•USER Configurations
•Misc System Management Features
•Policy and Firewall Filter
•Basic Troubleshooting
•Class of Service
•Misc System Management Features
46 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Syslog ConfigurationsSyslog Configurations
JUNOS Software generates system log messages to record events that occur on the routing platform, including the following;
Routing operations, such as creation of an OSPF protocol adjacency or a user login into the configuration database
Failure and error conditions, such as failure to access a configuration file ot unexpected closure of a connection to a child or peer process.
Emergency or critical conditions such as routing platform power-down due to excessive temperature.
When you configure system logging, you can direct messages to one or more destinations by including the appropriate statement at the [edit system syslog]
To a named file in local file system, by including file statement To a terminal session of one or more specific users when they are logged in the routing
platform, by including the user statement. To the routing platform console, by including the console statement. To a remote machine that is running the syslogd facility or to the other Routing Engine
on the routing platform, by including the host statement.
47 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Syslog ConfigurationsSyslog Configurations
[edit system] syslog{
– archive{
- file number;
- size size;
- (World-readable | no-world-readable)
- }
– file filename{
- facility severity;
- explicit-priority;
- match “regular-expression”
- }
– host hostname{
- facility severity;
- explicit-priority;
- facility-override;
- match “regular-expression”
- }
48 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda•Interface Configuration
•System Management
•AAA Configurations
•Syslog
•USER Configurations
•Misc System Management Features
•Policy and Firewall Filter
•Class Of Service
49 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
User ConfigurationUser Configuration
User accounts provide one way for users to access the router. For each account you define the login name for the user name and optionally information that identifies the user.
After you have created an user account, the software creates a home directory for the user.
To create the user accounts
[edit system login] user username{
– full-name complete-name;
– uid uid-value;
– class class-name;
– authentication{
- (encrypted-password “password” | plain-text password);
- ssh-rsa “public-key”
- ssh-dsa “public-key”
- }
– }
50 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Login Class ConfigurationLogin Class Configuration
Default system login class Login Permission Bits set
Operator Clear, network, reset, trace,view
Read-only View
Super-user All
Unauthorized None
Denying or Allowing individual commands: Users can execute only those commands and view only those statements for which they have access privileges. For
each login class, you can explicitly deny or allow the use of operational and configuration mode commands that would otherwise be permitted or not allowed by privilege level specified in the permissions statement.
You can use regular expressions with the allow-commands and deny-commands statements to define user’s access privileges to individual operational commands.
Operator Match….
| One of the two terms on either side of the pipe
^ At the beginning of an expression, used to denote where the command begins
$Character at the end of a command. Used to denote a command that must be matched
upto that point
[ ] Range of letters or digits
( )A group of commands, indicating an expression to be evaluated; the result is the
evaluated part of the overall expression
51 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda•Interface Configuration
•System Management
•AAA Configurations
•Syslog
•USER Configurations
•Misc System Management Features
•Troubleshooting
52 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
NTP ConfigurationNTP Configuration
Network Time Protocol (NTP) provides the mechanisms to synchronize time and coordinate time distribution in a large, diverse network.
NTP should be configured to provide accurate time stamps in the syslog messages.
Configuration statement for NTP: [edit system]
ntp {– server address;
– boot-server address;
– authentication-key number type type value password;
– trusted-key [key-numbers];
– }
NTP Boot server: When the router boots, it issues an ntpdate request, which polls the network server to determine the local date and time. You need to configure a server that the router uses to determine the time when the router boots.
53 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
DNS Name serverDNS Name server
To have the router resolve the hostname into addresses, you must configure one or more Domain Name System (DNS) name servers as below:
[edit system] name-server {
– address;
– }
Root AuthenticationRoot Authentication
JUNOS software is preinstalled on the router. When the routers is powered on, it is ready to be configured. Initially, you log in to the router as the user “root” with no password. After you log in, you should configure the root (super-user) password as shown:
[edit system] root-authentication {
– (encrypted-password “password” | plain-text password);
– ssh-rsa “public-key”;
– ssh-dsa “public-key”;
– }
54 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Service ConfigurationsService Configurations
For security reasons, the remote access to the router is disabled by default. You must configure the router explicitly so that user on remote systems can access it.
The router can be access from a remote system by means of DHCP, finger, FTP, JUNOScript clear-text, JUNOScript secure sockets layer (SSL), rlogin, SSH and telnet services.
[edit system services] ftp {
– <connection-limit limit>;
– <rate-limit limit>;
– }
telnet {– <connection-limit limit>;
– <rate-limit limit>;
– }
ssh {– root-login (allow | deny | deny-password)
– protocol-version [v1 | v2]
– <connection-limit limit>;
– <rate-limit limit>;
– }
55 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda•Interface Configuration
•System Management
•AAA Configurations
•Syslog
•USER Configurations
•Misc System Management Features
•Troubleshooting
56 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Agenda•Interface Configuration•System Management•AAA Configurations•Syslog•USER Configurations•Misc System Management Features•Troubleshooting
57 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Basic Router Component Monitoring Basic Router Component Monitoring
SNMP
The Simple Network management (SNMP) network manager running on a NMS in NOC discovers, polls and exchanges network management information.
The SNMP network manager software collects information about router connectivity, operation and events.
The SNMP agent responds to requests for information and controls access to its Management Information Bases (MIBs). The MIBs define all the objects that can be managed on the router via SNMP.
Router Craft Interface
The craft interface provides status and troubleshooting information at a glance and lets you perform many system control functions.
58 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Basic Router Component MonitoringBasic Router Component Monitoring
System Log File
The messages system log file records the messages generated by component operational events, including error messages generated by component failures. To view the messages use the following CLI command
show system log messages
The chassis daemon (chassisd) log file keeps track of the state of each chassis environment. To view the chassisd log file, use the following CLI command
show log chassisd
59 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Routing Engine Troubleshooting CommandsRouting Engine Troubleshooting Commands
Routing Engine StatusShow chassis routing-engine
Show chassis environment routing-engine
Redundant Routing Engine status
Show chassis craft-interface
Routing Engine rebootsShow log messages
file list /var/crash
Routing Engine fails to boot
Show system storage
Show system boot-messages
Show log messages
Check router file system and boot disk
Show system storage
Display current routing engine alarms
Show chassis alarms
60 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
FPC Troubleshooting CommandsFPC Troubleshooting Commands
FPC Status and Utilization Show chassis FPC
FPC Status and Uptime Show chassis fpc detail fpc-slot
Current FPC alarms Show chassis alarms
FPC error in system log Show log messages | match “fpc | kernel | tnp”
FPC error in chassis daemon log file
Show log chassisd | match fpc
FPC hardware information Show chassis hardware
61 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
PIC Troubleshooting CommandsPIC Troubleshooting Commands
PIC Media type and FPC status
Show chassis fpc pic-status
Show chassis pic pic-slot # fpc-flot#
PIC Interface Status show interface terse
Current Chassis AlarmShow chassis alarms
Show chassis craft-interface
Display error messages in the system log
Show log messages | match pic
Display PIC hardware information
Show chassis hardware
62 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Useful Commands for TroubleshootingUseful Commands for Troubleshooting
> show bgp summary
> show isis neighbor
> show bgp summary instance <VRF instance>
> show ospf neighbor instance <VRF instance>
> show route table inet.3
> show route table <VRF instance>
> show ldp neighbor
> show route protocol ospf | match <matching-critieria>
> show route protocol bgp | match <matching-critieria>
> show route receiving-protocol bgp <neighbor peer>
> show route advertising-protocol bgp <neighbor-peer>
> ping <IP address>, traceroute <IP address>
> show interface terse | match inet
63 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Layer 1 Monitoring and Troubleshooting ps@dunkel-re0> show interfaces so-2/0/0 extensive
Physical interface: so-2/0/0, Enabled, Physical link is Up
Interface index: 162, SNMP ifIndex: 154, Generation: 163
Link-level type: PPP, MTU: 4474, Clocking: Internal, SONET mode, Speed: OC12,
Loopback: None, FCS: 16, Payload scrambler: Enabled
Device flags : Present Running
Interface flags: Point-To-Point SNMP-Traps Internal: 0x4000
Link flags : Keepalives
Hold-times : Up 0 ms, Down 0 ms
Keepalive settings: Interval 10 seconds, Up-count 1, Down-count 3
Keepalive statistics:
Input : 0 (last seen: never)
Output: 0 (last sent: never)
LCP state: Opened
NCP state: inet: Opened, inet6: Not-configured, iso: Not-configured, mpls:
Not-configured
CHAP state: Closed
PAP state: Closed
CoS queues : 8 supported, 8 maximum usable queues
64 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Details of OutputsDetails of Outputs
FCS
The FCS, or frame checksum, is used for packet validation. Juniper’s default behavior is to use a 16-bit frame checksum, but can also be configured with a 32-bit checksum that improves reliability, but might not be supported on all network elements.
The quickest way to identify a checksum error is to monitor for framing errors by repeatedly running the show interface [interface name] extensive command or using the monitor interface [interface name] command. Rapidly increasing framing errors are generally indicative of a checksum error.
Payload Scrambling
Payload scrambling, bolded in the show command output, is a common culprit in a malfunctioning a SONET connection. Like many SONET parameters, payload-scrambling must agree between the two ends of a circuit, and a conflict between the two sides causes SONET errors.
the side with payload-scrambling enabled logs input errors which a Juniper Networks router presents as input giants. The side of the connection without payload-scrambling configured will display framing errors.
Input Errors
Many different SONET errors can trigger input errors and while their causes vary, they are indicative of a problem and their cause should be examined and corrected. Framing errors, runts, and giants are typically due to misconfiguration. Framing errors can be caused by an FCS mismatch (16 on one side and 32 on the other, for example) or payload-scrambling mismatches.
65 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Details of OutputsDetails of OutputsPoliced discards Displays the frames discarded due to an unrecognized format. This fieldnormally reports received protocol packets that the JUNOS software does not understand. Forexample, if the family iso command were not used, then received IS-IS packets would incrementthis counter. In addition, protocols such as the Cisco Discovery Protocol (CDP) are notrecognized and thus increment this counter.
L3 incompletes Displays the number of times a received packet fails a Layer 3 header check.For example, a frame with fewer than 20 bytes of available IP header is discarded and the counteris incremented.
L2 channel errors Displays the number of received packets with an unknown Layer 2address. For example, a packet with DLCI100 as an address is discarded when that DLCI valueis not configured on the interface.
L2 mismatch timeouts Displays the number of malformed packets that cause the incominginterface to discard the frame as unreadable.
SRAM errors Displays hardware errors in the static random access memory (SRAM) on thePIC itself. This should always be a value of 0. If not, the PIC is malfunctioning.HS link CRC errors Displays the errors on the
66 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Monitor Commands The monitor interface interface-name command displays per-second real-time statistics for a physical interface. The output of this command shows how often each field has changed since the command was executed. You can also view common interface failures, such as alarms, errors,or loopback settings.user@Cabernet> monitor interface so-2/0/0Cabernet Seconds: 11 Time: 12:41:55Delay: 2/0/2Interface: so-2/0/0, Enabled, Link is UpEncapsulation: PPP, Keepalives, Speed: OC3Traffic statistics: Current deltaInput bytes: 1103360 (40 bps) [36]Output bytes: 1190328 (48 bps) [26]Input packets: 13839 (0 pps) [3]Output packets: 15246 (0 pps) [2]Encapsulation statistics:Input keepalives: 410 [1]Output keepalives: 407 [1]LCP state: OpenedError statistics:Input errors: 0 [0]Input drops: 0 [0]Input framing errors: 0 [0]Input runts: 0 [0]Input giants: 0 [0]Policed discards: 235 [0]L3 incompletes: 0 [0]L2 channel errors: 0 [0]
67 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
monitor trafficThe monitor traffic command prints packet headers to your terminal screen for information sent or received by the RE user@Cabernet> monitor traffic interface so-2/0/0Listening on so-2/0/015:09:05.467601 Out LCP echo request (type 0x09 id 0x76 len 0x0008)15:09:05.468244 In LCP echo reply (type 0x0a id 0x76 len 0x0008)15:09:08.017283 In LCP echo request (type 0x09 id 0x1a len 0x0008)15:09:08.017301 Out LCP echo reply (type 0x0a id 0x1a len 0x0008)15:09:15.667708 Out LCP echo request (type 0x09 id 0x77 len 0x0008)15:09:15.668403 In LCP echo reply (type 0x0a id 0x77 len 0x0008)
user@Cabernet> show arpMAC Address Address Name Interface00:a0:a5:28:15:f5 172.16.0.1 172.16.0.1 fxp0.000:a0:a5:12:29:bd 172.16.5.1 172.16.5.1 fxp0.000:a0:a5:12:2a:4b 172.16.8.1 172.16.8.1 fxp0.0
user@Cabernet> ping 10.0.1.1PING 10.0.1.1 (10.0.1.1): 56 data bytes64 bytes from 10.0.1.1: icmp_seq=0 ttl=255 time=1.086 ms64 bytes from 10.0.1.1: icmp_seq=1 ttl=255 time=0.934 ms64 bytes from 10.0.1.1: icmp_seq=2 ttl=255 time=0.912 ms
user@Cabernet> traceroute 192.168.5.1traceroute to 192.168.5.1 (192.168.5.1), 30 hops max, 40 byte packets1 10.0.2.2 (10.0.2.2) 0.432 ms 0.347 ms 0.320 ms2 192.168.5.1 (192.168.5.1) 1.210 ms 1.005 ms 0.919 ms
68 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
SONET Alarms and Defects Loss of Signal (LOS)
A loss of signal (LOS) alarm indicates that there is a physical link problem with the connection to the
router receive port from the neighboring SONET equipment transmit port.
- Loss of Frame (LOF) SONET uses the A1 and A2 bytes in the section overhead to align frames using specific bit patterns. If an
element detects errors in this pattern for three consecutive milliseconds, an LOF error is issued. If you receive an LOF error, check the connection between the router and the first SONET network element and ensure that there is no framing mismatch (for example, SONET or SDH) between network elements.
- Alarm Indication Signal (AIS)
An AIS signal is sent downstream to signal an error condition.
- Remote Defect Indication (RDI)
The RDI is the complement to the AIS and is sent upstream when an error is detected
- Bit Error Rate (BER) Bit error rate alarms are declared when the number of BIP-B2 errors hits a certain threshold. there are
two types of BER alarms. In both cases, the interface is taken down.
69 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Layer 2 Monitoring and Troubleshooting ps@dunkel-re0> show interfaces so-1/2/3
Physical interface: so-1/2/3, Enabled, Physical link is Up
Interface index: 148, SNMP ifIndex: 133
Description: Connection to kenny so-1/2/3
Link-level type: PPP, MTU: 4474, Clocking: Internal, SONET mode, Speed: OC3,
Loopback: None, FCS: 16, Payload scrambler: Enabled
Device flags : Present Running
Interface flags: Point-To-Point SNMP-Traps Internal: 0x4000
Link flags : Keepalives
Keepalive settings: Interval 10 seconds, Up-count 1, Down-count 3
Keepalive: Input: 275076 (02:44:12 ago), Output: 275032 (02:44:09 ago)
LCP state: Opened
NCP state: inet: Opened, inet6: Not-configured, iso: Not-configured, mpls:
Not-configured
CHAP state: Closed
PAP state: Closed
CoS queues : 4 supported, 4 maximum usable queues
Last flapped : 2010-04-09 14:38:52 PDT (2d 23:50 ago)
Input rate : 656 bps (0 pps)
Output rate : 696 bps (0 pps)
SONET alarms : None
SONET defects : None
Logical interface so-1/2/3.0 (Index 69) (SNMP ifIndex 142)
Flags: Point-To-Point SNMP-Traps 0x4000 Encapsulation: PPP
Protocol inet, MTU: 4470
Flags: None
Addresses, Flags: Is-Preferred Is-Primary
Destination: 10.33.18.4/30, Local: 10.33.18.6, Broadcast: 10.33.18.7
70 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
ps@dunkel-re0> ping 10.33.18.5 count 5 PING 10.33.18.5 (10.33.18.5): 56 data bytes --- 10.33.18.5 ping statistics --- 5 packets transmitted, 0 packets received, 100% packet loss ps@dunkel-re0> show interfaces so-1/2/3 Physical interface: so-1/2/3, Enabled, Physical link is Up Interface index: 148, SNMP ifIndex: 133 Description: Connection to maibock Link-level type: PPP, MTU: 4474, Clocking: Internal, SONET mode, Speed: OC3, Loopback: None, FCS: 16, Payload scrambler: Enabled Device flags : Present Running Interface flags: Point-To-Point SNMP-Traps Internal: 0x4000 Keepalive settings: Interval 10 seconds, Up-count 1, Down-count 3 Keepalive: Input: 0 (never), Output: 0 (never) LCP state: Down NCP state: inet: Not-configured, inet6: Not-configured, iso: Not-configured, mpls:
Not-configured
71 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
ps@dunkel-re0> show ppp interface so-1/2/3 extensive Sessions for interface so-1/2/3 Session so-1/2/3.0, Type: PPP, Phase: Establish LCP State: Creq-sent Last started: 2010-04-12 16:16:16 PDT Last completed: 2010-04-12 16:16:14 PDT Negotiated options: Authentication protocol: CHAP, Authentication algorithm: MD5, Magic number: 2543706641, MRU: 4470 Authentication: CHAP State: Closed Last started: 2010-04-12 16:16:14 PDT Last completed: 2010-04-12 16:13:26 PDT IPCP State: Closed Last started: 2010-04-12 16:13:26 PDT Last completed: 2010-04-12 16:13:26 PDT Negotiated options: Local address: 10.33.18.6, Remote address: 10.33.18.4, Primary DNS: 0.0.0.0,
Secondary DNS: 0.0.0.0
72 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Layer 3 Monitoring (ISIS and BGP)
Various show commands exist to provide detailed information on the operation of IS-IS
show isis interface
show isis adjacency
show isis spf log
show isis statistics
show isis route
show isis database
73 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
ps@dunkel-re0> show isis adjacency Interface System L State Hold (secs) SNPA so-2/0/0.0 pilsener-re0 2 New 23 ps@dunkel-re0> show isis adjacency Interface System L State Hold (secs) SNPA so-2/0/0.0 pilsener-re0 2 Initializing 26 ps@dunkel-re0> show isis adjacency Interface System L State Hold (secs) SNPA
so-2/0/0.0 pilsener-re0 2 Up 26
ps@dunkel-re0> show isis database detail IS-IS level 1 link-state database: IS-IS level 2 link-state database: pilsener-re0.00-00 Sequence: 0x7, Checksum: 0xd28e, Lifetime: 1155 secs IS neighbor: dunkel-re0.00 Metric: 10 IP prefix: 10.200.7.2/32 Metric: 0 Internal Up IP prefix: 18.32.74.0/30 Metric: 10 Internal Up dunkel-re0.00-00 Sequence: 0x1e5, Checksum: 0x75f2, Lifetime: 1163 secs IS neighbor: pilsener-re0.00 Metric: 10 IP prefix: 10.200.7.1/32 Metric: 0 Internal Up
IP prefix: 18.32.74.0/30 Metric: 10 Internal Up
ps@dunkel-re0> show route protocol isis inet.0: 8 destinations, 9 routes (8 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 10.200.7.2/32 *[IS-IS/18] 00:00:41, metric 10
> to 18.32.74.2 via so-2/0/0.0
74 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
The show bgp summary provides you with a good snapshot of the protocol on your router.user@M20> show bgp summaryGroups: 2 Peers: 4 Down peers: 0Table Tot Paths Act Paths Suppressed History Damp State Pendinginet.0 12 12 0 0 0 0Peer AS I nPkt OutPkt OutQ Flaps Last Up/Dwn State172.16.1.1 10 428 430 0 0 3:33:00 4/4/0172.16.2.1 30 428 430 0 0 3:32:56 4/4/0192.168.6.6 20 392 392 0 0 3:14:30 2/2/0192.168.7.7 20 390 391 0 0 3:14:02 2/2/0
To view the configured groups on your router, use show bgp group command
user@M20> show bgp groupGroup Type: External Local AS: 20Name: ebgp-peersTotal peers: 2 Established: 2172.16.1.1+179172.16.2.1+179Route Queue Timer: unset Route Queue: empty
75 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
To receive most detailed information about your BGP neighbor use show bgo neighbor command
user@Shiraz> show bgp neighbor 172.16.1.1Peer: 172.16.1.1+179 AS 10 Local: 172.16.1.2+1028 AS 20Type: External State: Established Flags: <>Last State: OpenConfirm Last Event: RecvKeepAliveLast Error: NoneOptions: <Preference HoldTime PeerAS Refresh>Holdtime: 90 Preference: 170Number of flaps: 0Peer ID: 192.168.2.2 Local ID: 192.168.5.5 Active Holdtime: 90Keepalive Interval: 30Local Interface: so-0/0/1.0NLRI advertised by peer: inet-unicastNLRI for this session: inet-unicastPeer supports Refresh capability (2)Table inet.0 Bit: 10000Send state: in syncActive prefixes: 4Received prefixes: 4Suppressed due to damping: 0Last traffic (seconds): Received 13 Sent 13 Checked 13Input messages: Total 438 Updates 4 Refreshes 0 Octets 8473Output messages: Total 440 Updates 4 Refreshes 0 Octets 8526Output Queue[0]: 0
76 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
show route receive-protocol bgp addressDisplays routes received by a peer before policy is applied
user@M20> show route receive-protocol bgp 192.168.7.7inet.0: 26 destinations, 27 routes (26 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both10.20.3.0/24192.168.7.7 0 100 I10.20.4.0/24192.168.7.7 0 100 I
Show route advertising-protocol bgp addressDisplays routes advertised to specific peer
user@Chablis> show route advertising-protocol bgp 192.168.5.5inet.0: 21 destinations, 22 routes (13 active, 0 holddown, 8 hidden)+ = Active Route, - = Last Active, * = Both10.20.3.0/24Self 0 100 I10.20.4.0/24Self 0 100 I
77 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Class of Service troubleshootingClass of Service troubleshootingashjun@NDL-MPL-PE-RTR-37-93> show interfaces queue ge-2/0/1Physical interface: ge-2/0/1, Enabled, Physical link is Up Interface index: 302, SNMP ifIndex: 192 Description: Connected to NDL-MPL-GSR-RTR-37-199 Port: Gi10/0/2Forwarding classes: 16 supported, 7 in useIngress queues: 8 supported, 7 in useQueue: 0, Forwarding classes: STANDARD Queued: Packets : 412421291968 35363 pps Bytes : 217459184260522 161272672 bps Transmitted: Packets : 412421291968 35363 pps Bytes : 217459184260522 161272672 bps Tail-dropped packets : Not Available RED-dropped packets : 0 0 pps Low, non-TCP : 0 0 pps Low, TCP : 0 0 pps High, non-TCP : 0 0 pps High, TCP : 0 0 pps RED-dropped bytes : 0 0 bps Low, non-TCP : 0 0 bps Low, TCP : 0 0 bps High, non-TCP : 0 0 bps High, TCP : 0 0 bpsQueue: 1, Forwarding classes: BUSINESS Queued: Packets : 20523685161 1048 pps Bytes : 5425232937778 3077432 bps Transmitted: Packets : 20523685161 1048 pps Bytes : 5425232937778 3077432 bps Tail-dropped packets : Not Available RED-dropped packets : 0 0 pps Low, non-TCP : 0 0 pps Low, TCP : 0 0 pps High, non-TCP : 0 0 pps High, TCP : 0 0 pps RED-dropped bytes : 0 0 bps Low, non-TCP : 0 0 bps Low, TCP : 0 0 bps High, non-TCP : 0 0 bps High, TCP : 0 0 bps
78 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
VPN TroubleshootingVPN Troubleshootingashjun@NDL-MPL-PE-RTR-37-93> show interfaces terse routing-instance alle1-2/1/2:1:2.0 up up inet 172.34.134.149/30 ADIGEAR-MNG-3-He1-2/1/2:1:3.0 up up inet 172.34.136.53/30 COMPTROLLER-AUDITOR-3-Me1-2/1/2:1:4.0 up up inet 10.101.10.161/30 HDFC-M
ashjun@NDL-MPL-PE-RTR-37-93> show route table HDFC-MHDFC-M.inet.0: 781 destinations, 3173 routes (781 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both
0.0.0.0/0 *[BGP/170] 00:20:41, MED 0, localpref 100, from 202.123.37.4 AS path: 65001 I > to 202.92.226.61 via ge-2/0/0.0, Push 5555, Push 1159(top) to 202.92.229.197 via ge-2/0/1.0, Push 5555, Push 391(top) to 202.92.226.113 via xe-1/0/0.0, Push 5555, Push 391(top) [BGP/170] 00:20:41, MED 0, localpref 100, from 202.123.37.9 AS path: 65001 I > to 202.92.226.61 via ge-2/0/0.0, Push 5555, Push 1159(top) to 202.92.229.197 via ge-2/0/1.0, Push 5555, Push 391(top) to 202.92.226.113 via xe-1/0/0.0, Push 5555, Push 391(top) [BGP/170] 00:20:41, MED 0, localpref 100, from 202.123.37.12 AS path: 65001 I> to 202.92.226.61 via ge-2/0/0.0, Push 5555, Push 1159(top) to 202.92.229.197 via ge-2/0/1.0, Push 5555, Push 391(top) to 202.92.226.113 via xe-1/0/0.0, Push 5555, Push 391(top) [BGP/170] 00:20:41, MED 0, localpref 100, from 202.123.37.224 AS path: 65001 I > to 202.92.226.61 via ge-2/0/0.0, Push 5555, Push 1159(top) to 202.92.229.197 via ge-2/0/1.0, Push 5555, Push 391(top) to 202.92.226.113 via xe-1/0/0.0, Push 5555, Push 391(top)10.1.5.120/32 *[BGP/170] 00:20:41, MED 0, localpref 100, from 202.123.37.4 AS path: 65001 I to 202.92.226.61 via ge-2/0/0.0, Push 8536, Push 1159(top) > to 202.92.229.197 via ge-2/0/1.0, Push 8536, Push 391(top) to 202.92.226.113 via xe-1/0/0.0, Push 8536, Push 391(top) [BGP/170] 00:20:41, MED 0, localpref 100, from 202.123.37.9 AS path: 65001 I to 202.92.226.61 via ge-2/0/0.0, Push 8536, Push 1159(top) > to 202.92.229.197 via ge-2/0/1.0, Push 8536, Push 391(top) to 202.92.226.113 via xe-1/0/0.0, Push 8536, Push 391(top) [BGP/170] 00:20:41, MED 0, localpref 100, from 202.123.37.12 AS path: 65001 I to 202.92.226.61 via ge-2/0/0.0, Push 8536, Push 1159(top)
79 Copyright © 2009 Juniper Networks, Inc. www.juniper.net
Different Route Tables in JunosDifferent Route Tables in Junosashjun@NDL-MPL-PE-RTR-37-93> show route table inet.0
inet.0: 1500 destinations, 1500 routes (1500 active, 0 holddown, 0 hidden)Restart Complete+ = Active Route, - = Last Active, * = Both
1.1.1.0/30 *[IS-IS/18] 13w5d 15:09:11, metric 3 > to 202.92.226.61 via ge-2/0/0.01.1.3.0/30 *[IS-IS/18] 13w5d 15:09:11, metric 3 > to 202.92.226.61 via ge-2/0/0.01.1.4.0/30 *[IS-IS/18] 13w5d 15:09:11, metric 3
ashjun@NDL-MPL-PE-RTR-37-93> show route table inet.3
inet.3: 300 destinations, 300 routes (300 active, 0 holddown, 0 hidden)Restart Complete+ = Active Route, - = Last Active, * = Both
59.145.4.245/32 *[LDP/9] 4d 11:17:35, metric 1 > to 125.62.148.118 via ae1.500, Push 1763.218.164.7/32 *[LDP/9] 00:55:38, metric 1 > to 202.92.226.61 via ge-2/0/0.0, Push 1059125.62.129.148/30 *[LDP/9] 4d 11:17:35, metric 1 > to 125.62.148.118 via ae1.500ashjun@NDL-MPL-PE-RTR-37-93> show route table mpls.0
mpls.0: 571 destinations, 571 routes (571 active, 0 holddown, 0 hidden)Restart Complete+ = Active Route, - = Last Active, * = Both
0 *[MPLS/0] 26w1d 02:01:54, metric 1 Receive1 *[MPLS/0] 26w1d 02:01:54, metric 1 Receive2 *[MPLS/0] 26w1d 02:01:54, metric 1 Receiveashjun@NDL-MPL-PE-RTR-37-93> show route table inet6.0
inet6.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)Restart Complete+ = Active Route, - = Last Active, * = Both
fe80::2a0:a5ff:fe63:9f5c/128 *[Direct/0] 26w1d 02:02:53 > via lo0.0