Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net 1
Juniper NetworksRouterOverview
2Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Agenda! Product Suite! Architecture! M-Series Packet Flow Example! Interfaces! M & T Series Routers! JUNOS & Supported Protocols! Additional Information
3Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Comprehensive Product Suite
J20 GGSN
Mobile
M-series
HS Circuit Aggregation & Small/Med Core
T-series
Large Core & Metro Aggregation
ERX Family
BRAS & Low Speed Circuit Aggregation
Comprehensive portfolio of best-in-class IP solutions
4Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Juniper M & T Series Routers
JUNOSCommon software and features
Across all platforms
M-seriesT-series
M5/M10M20
M40M40e
M160
T320
T640
5Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Agenda! Product Suite! Architecture! M-Series Packet Flow Example! Interfaces! M & T Series Routers! JUNOS & Supported Protocols! Additional Information
6Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Architectural AdvantageCommon architecture across the entire M-Series product family
PacketPacketForwardingForwarding
EngineEngineusing IPIIusing IPII
RoutingRoutingEngine (RE)Engine (RE)
Data In Data Out
! Problem is broken into two roughly equally complex parts that interact infrequently
! Routing and other control plane events don’t interfere with packet forwarding
! Traffic load doesn’t interfere with stability of protocols or router management
! Facilitates independent hardware and software development and early software testing
7Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Routing Engine Overview! Multiple Versions Available
• RE-333, RE-600• Legacy versions
! Intel™ Pentium-based PC cards
! DRAM options (256MB – 2GB)
! Storage options• Flash memory• Hard drive• LS-120 floppy drive (some models)
! Redundancy Option• All except M5, M10, and M40
8Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
ASIC Based Forwarding and Services! All packet forwarding and advanced
services are executed in hardware on a custom designed ASIC, not on a CPU
! This ASIC is a programmable, high performance packet classifier and forwarding engine optimized for IPv4, IPv6, and MPLS
! Acts as a centralized resource enabling breakthrough support for performance-based, enhanced services on all interfaces
• filter based forwarding, packet filtering, packet sampling, rate limiting, traffic policing, and port mirroring
0%
20%
40%
60%
80%
100%
120%
Increasing number of packet filtersIncreasing number of packet filters
Packet ForwardingPacket Forwarding
CPUCPU--based routerbased routerJuniper RoutersJuniper Routers
9Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Physical Interface Cards (PICs)
! Each FPC has 4 PIC slots, any PIC can go into any slot
! Example: an M10 can be configured with OC-48 SONET, Gig-E, Fast-E, DS-3, and OC-12 SONET
! PIC choices include: Fast-E, Gig-E, T1, DS-3, OC3 (SONET & ATM) , OC12 (SONET & ATM), OC-48 SONET, OC-192 SONET, 10 Gig-E
Mix and Match PICs enable maximum configuration flexibility
10Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Flexible PIC Concentrators (FPC)! Multiple interface media per FPC slot
! PIC hot insert/removal! Adding additional flexible PIC controllers
(FPCs) adds additional shared memory • Available to any interface in the system• There is never a possibility of “memory
starvation”
PIC
PIC
PIC
PIC 1 x OC-192c
4 x OC-48c
1 x 10GE
Tunnel
11Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Agenda! Product Suite! Architecture! M-Series Packet Flow Example! Interfaces! M & T Series Routers! JUNOS & Supported Protocols! Additional Information
12Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
M-Series Packet Flow Example
FPC ASIC Mem
Backplane
Buffer Mgr 1 Buffer Mgr 2
FPC ASIC MemFPC ASIC Mem
! Packet arrives at PIC on fiber optic cable
SCB
FT
ASIC
FPC
ASIC ASIC ASIC ASIC
ASIC Mem
PIC PIC PIC PIC
FPC
ASIC ASIC ASIC ASIC
ASIC Mem
PIC PIC PIC PIC
PacketPacket
13Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
M-Series Packet Flow Example
FPC ASIC Mem
Backplane
Buffer Mgr 1 Buffer Mgr 2
FPC ASIC MemFPC ASIC Mem
SCB
FT
ASIC
FPC
ASIC ASIC ASIC
ASIC Mem
PIC PIC PIC PIC
FPC
ASIC ASIC ASIC ASIC
ASIC Mem
PIC PIC PIC PIC
! PIC ASIC extracts data, gives to FPC ASIC
PacketPacket
ASIC
14Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
M-Series Packet Flow Example
FPC ASIC Mem
Buffer Mgr 1 Buffer Mgr 2
FPC ASIC MemFPC ASIC Mem
SCB
FT
ASIC
FPC
ASIC ASIC ASIC ASIC
Mem
PIC PIC PIC PIC
FPC
ASIC ASIC ASIC ASIC
ASIC Mem
PIC PIC PIC PIC
PacketPacket
Backplane
Indicates parallel operation
! FPC ASIC chops up data, feeds to Buffer Mgr 1
ASIC
15Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
M-Series Packet Flow Example
FPC ASIC Mem
Buffer Mgr 1 Buffer Mgr 2
FPC ASIC MemFPC ASIC Mem
SCB
FT
ASIC
FPC
ASIC ASIC ASIC ASIC
Mem
PIC PIC PIC PIC
FPC
ASIC ASIC ASIC ASIC
ASIC Mem
PIC PIC PIC PIC
PacketPacket
Backplane
ASIC
! Buffer Mgr 1 sprays J-cells to shared FPC memory
16Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
M-Series Packet Flow Example
FPC ASIC Mem
Buffer Mgr 1 Buffer Mgr 2
FPC ASIC MemFPC ASIC Mem
SCB
FT
ASIC
FPC
ASIC ASIC ASIC ASIC
Mem
PIC PIC PIC PIC
FPC
ASIC ASIC ASIC ASIC
ASIC Mem
PIC PIC PIC PIC
Backplane
ASIC
! Buffer Mgr 1 tells Internet Processor destination address and locations of stored J-cells
17Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
M-Series Packet Flow Example
FPC ASIC Mem
Buffer Mgr 1 Buffer Mgr 2
FPC ASIC MemFPC ASIC Mem
SCB
FT
ASIC
FPC
ASIC ASIC ASIC ASIC
Mem
PIC PIC PIC PIC
FPC
ASIC ASIC ASIC ASIC
ASIC Mem
PIC PIC PIC PIC
Backplane
ASIC
! Internet Processor looks up destination FPC and notifies Buffer Mgr 2, which passes notification to destination FPC(s).
18Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
M-Series Packet Flow Example
FPC ASIC Mem
Buffer Mgr 1 Buffer Mgr 2
FPC ASIC MemFPC ASIC Mem
SCB
FT
ASIC
FPC
ASIC ASIC ASIC ASIC
Mem
PIC PIC PIC PIC
FPC
ASIC ASIC ASIC ASIC
Mem
PIC PIC PIC PIC
Backplane
ASIC
ASIC
! FPC ASIC performs queuing and CoS then requests J-cells from shared memory and adds appropriate link encapsulation on way to PIC
19Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
M-Series Packet Flow Example
FPC ASIC Mem
Buffer Mgr 1 Buffer Mgr 2
FPC ASIC MemFPC ASIC Mem
SCB
FT
ASIC
FPC
ASIC ASIC ASIC ASIC
Mem
PIC PIC PIC PIC
FPC
ASIC ASIC ASIC ASIC
Mem
PIC PIC PIC PIC
Backplane
ASIC
ASIC
PacketPacket
! PIC ASIC adds physical layer framing, CRC and sends bit stream out to the “wire”
20Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Agenda! Product Suite! Architecture! M-Series Packet Flow Example! Interfaces! M & T Series Routers! JUNOS & Supported Protocols! Additional Information
21Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Low-speed Interfaces (PICs)
•••••••Multilink T1
••••••••Fractional T1
••••••••••Tunnel Services
••••••••56k / 64k
••••••••T1 / E1
••••••••T3/E3
•••••••••OC-3c/STM-1
••••••••••Fast Ethernet
•••V.35/X.21
T640T320M160
M40eM40M20M5M10
ERX1440
ERX1410
ERX705
22Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Service PICs
22
Encryption Services PIC
Service PIC Description
Multilink Services PIC
Tunnel Services PIC
Delivers high performance – 800Mbps -throughput for IPSec tunneling in PE applications and IPSec transport
Industry-leading scalability for NxT1/E1 services. 32- and 128-bundles versions enable 1.5-12Mbps services and bonding of any T1/E1 (up to 8 per bundle) per chassis
Up to an OC-12/STM-4 worth of tunneling bandwidth for GRE, IP-IP, PIM-SM, and/or L3 VPNs
23Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
High-speed Interfaces (PICs)
•••10 Gigabit Ethernet•••OC-192c/STM-64
•••••••••ATM OC-3 / STM-1
•••••••••PoS OC-3c/ STM-1
•••••••••ATM OC-12/STM-4
••••••••••PoS OC-12c/STM-4 ••••••••••Gigabit Ethernet
••••••M10 Only
•OC-48c/STM-16
•••CHOC-3 / STM-1
T640T320M160
M40eM40M20M5M10
ERX1440
ERX1410
ERX705
24Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Agenda! Product Suite! Architecture! M-Series Packet Flow Example! Interfaces! M & T Series Routers! JUNOS & Supported Protocols! Additional Information
25Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
20+Gbps10+Gbps5+GbpsSystem Bandwidth
M20M10M5
YesNoNoRedundancy
51515Chassis Per Rack
1684PICs Per Chassis
OC-48c/STM-16OC-48c/STM-16OC-12c/STM-4Maximum Speeds
High Speed Circuit Aggregation, metro core, mobile core
Managed Service, Small Core
Managed Service, Small CoreKey Applications
M-Series Routers
26Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
M-Series Routers (Cont)
160 Gbps40 Gbps40 GbpsSystem Bandwidth
M160M40eM40
YesYesNoRedundancy
222Chassis Per Rack
323232PICs Per Chassis
OC-192c/STM-64OC-48c/STM-16OC-48c/STM-16Maximum Speeds
Med/Large Core, Very high-speed dedicated access
Dense High Speed Circuit aggregation
Medium Core, Dedicated AccessKey Applications
27Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
T-Series Routing Platforms
YesYesRedundancy
High-Speed Core Routing
Core Routing, Metro Ethernet AggregationKey Applications
T640T320
YesNoMatrix Technology
23Chassis Per Rack
(32) 10-Gbps(16) 10-GbpsPICs Per Chassis
OC-192c/STM-64OC-192c/STM-64Maximum Speeds
640 Gbps320 GbpsSystem Bandwidth
28Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Platform Capabilities
1) M20 - Redundant SSB with cold standby 2) M40e - Redundant SFM; Hot Standby with Automatic Failover (plan)
3) M160 – 4 x SFM; failure of one does not effect forwarding but reduces effective throughput by ¼ 4) T640 - 5 SIB out of which one is redundant
5) T320 – 3 SIB out of which one is redundant 6) PIC hot-swap without a FPC reset
1 2 3 4
66
Routing Engine
Switching Plane
Power Supplies
Interface Serviceability(Hot Swap)
Redundant Component
M5/M10 M20 M40 M160 T640T320 ERXM40e
Cooling
6
5
29Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Agenda! Product Suite! Architecture! M-Series Packet Flow Example! Interfaces! M & T Series Routers! JUNOS & Supported Protocols! Additional Information
30Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Operating SystemOperating System
Pro
toco
ls
Inte
rfac
e M
gmt
Ch
assi
s M
gmt
SNM
P
Secu
rity
JUNOS Internet Software! Common across ALL platforms
• Ensures feature consistency• Ensures service velocity
! Internet-class operating system! Based on BSD UNIX! Modular design for high availability ! Best-in-class routing protocols! Foundation for MPLS-based
services• Standards-based services
31Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Design and Operations Simplicity
Fewer variables and a simpler process mean less time is spent planning, provisioning, and deploying your networks
" CLI enhancements (access controls, command line completion, context sensitive help, rich set of show commands, ect.)
" Industry-standard management protocols (XML, SYSlog, and SNMP)" User-friendly configuration syntax: hierarchical (easy to read), editor
supports local scoping, and comments/inactive command support
New Features and FunctionalityNew Features and Functionality
Single Binary Image on All PlatformsSingle Binary Image on All Platforms
6.06.05.35.3 5.45.4 5.55.5 5.65.6 5.75.7
32Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
11.0BT11.0BT
11.1AA11.1AA11.0NA11.0NA
11.3DB11.3DB
12.0DC12.0DC
12.0DB12.0DB
11.2(4)XA11.2(4)XA
11.3AA11.3AA
11.2(9)XA11.2(9)XA
12.0(5)XA12.0(5)XA
12.0(.6)WAS12.0(.6)WAS
11.3DA11.3DA
11.3NA11.3NA11.3WA11.3WA
12.0S12.0S
12.0W5(x)12.0W5(x)
12.0(2)XH12.0(2)XH
12.0(4)XI12.0(4)XI
10.x10.x 11.011.09.x9.x 11.211.211.111.1
12.012.0
12.0T12.0T
11.3T11.3T
11.311.311.2F11.2F
11.2P11.2P
11.3(2)XA11.3(2)XA
11.2BC11.2BC
11.2SA11.2SA
11.2GS11.2GS
11.2WA311.2WA3
12.0(1)XA12.0(1)XA
12.0(1)XB12.0(1)XB
12.0(4)XJ12.0(4)XJ
12.0(5)XK12.0(5)XK
12.0(4)XL12.0(4)XL
12.0(4)XM12.0(4)XM
12.0(2)XC12.0(2)XC
12.0(2)XD12.0(2)XD
12.0XE12.0XE
12.0(2)XF12.0(2)XF
12.0(3)XG12.0(3)XG
11.1CA11.1CA
11.1CC11.1CC
11.1CT11.1CT
11.1IA11.1IA
Source:www.cisco.com/warp/public/620/roadmap.shtml
Example of Complexity
33Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
! Hardware-based forwarding• Non-blocking multicast performance • Packet processing • Concurrent with IPv4, IPv6, MPLS….
! JUNOS• Industry leading (S,G) state capacity
• 150,000 tested and verified• Integral to JUNOS since launch• Same multicast feature/functionality across all platforms
and interfaces• Stability, Scale, Speed, Accuracy and Feature Velocity
! Feature-rich deployment• PIM, MSDP, DVMRP, MBGP
Multicast Performance and Scale
34Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Juniper IPv6 Solution
Supported on all M &T-series platforms
! ISIS! OSPFv3! BGPv6! RIPng! Static! PIM & MLD
! Forwarding in hardware
! Addressing
• Link, site, global
• Stateless autoconfiguration
! Neighbor discovery
! Common support! ICMPv6! IPv6 MIBS! IP applications
• Ping, telnet, etc.
! Transition• Configured
tunnels• Dual stack
Addressing & Forwarding
Operations & Transition
Routing Protocols
35Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
IPv6 Bi-directional ThroughputM40 OC48 with No Filters
0
500,000
1,000,000
1,500,000
2,000,000
2,500,000
3,000,000
3,500,000
4,000,000
4,500,000
5,000,000
0 200 400 600 800 1000 1200 1400 1600
IPv6 PDU Size (Bytes)
Thro
ughp
ut (P
PS)
IPv6 Performance – no compromise!
! No filters enabled
! Performance maintained up to 1500-byte packets
TheoreticalTheoretical
Actual
! 5,000 filters enabled
! Performance maintained up to 1500-byte packets
IPv6 Bi-directional ThroughputM40 OC-48 with 5,000 Filters
0500,000
1,000,0001,500,0002,000,0002,500,0003,000,0003,500,0004,000,0004,500,0005,000,000
0 200 400 600 800 1000 1200 1400 1600
IP-PDU Size (Bytes)
Thro
ughp
ut (P
PS)
IPv6 LineIPv6 Line--rate Performance without rate Performance without compromise ! compromise !
TheoreticalTheoretical
Actual
36Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
JUNOS Security FeaturesJUNOS Security Features•• Advanced User AdministrationAdvanced User Administration•• TacasTacas+/Radius+/Radius•• Protocol AuthenticationProtocol Authentication•• SSHV2SSHV2•• H/W Based Packet FilteringH/W Based Packet Filtering•• Individual Command AuthorizationIndividual Command Authorization•• Traffic PolicingTraffic Policing•• FirewallFirewall SyslogsSyslogs/MIB/MIB•• H/W Based Router ProtectionH/W Based Router Protection•• PortPort--MirroringMirroring•• IPSEC Encryption (Control and Transit IPSEC Encryption (Control and Transit
traffictraffic•• UnicastUnicast RPFRPF•• Radius Support for PPP/CHAPRadius Support for PPP/CHAP•• OPEN SSH3.0.2OPEN SSH3.0.2•• SNMV3SNMV3
Enabled Applications•Hardware-Based Router Protection•IPSec Encryption of Control Traffic•Source Address Verification•Real-time Traffic Analysis•Real-time DDoS Identification•I/O Filters To Block Attack Flows•Rate Limiting•Hitless Filter Implementation
Security Features
37Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
interfaces {fxp0 {
unit 0 {family inet {
address 10.0.0.20/24;}
}}
}routing-options {
static {route default {
gateway 10.0.0.1;retain;no-readvertise;
}}
}
Software Usability and Operations ! Command Line Interface
• User & group access control• Flexible config management• Commit & rollback• Hierarchical, easy to read
! Protocols & Tools• SNMP v1, 2 (v3 in 5.4)• Telnet and FTP• Syslog and NTP• TACACS+ and RADIUS• SSH and SCP • Ping and Traceroute
Benefit: Simpler OperationsBenefit: Simpler Operations
38Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
JUNOScript"XML based Application Programming Interface
# Standardized “web based” application protocol
"Communication method for JUNOS kernel # Even the CLI is converted to XML
"Simplifies development for Software Vendors# XML remains unchanged as CLI evolves# New commands/features immediately available from XML
"Secure# Can use SSH to encrypt dialogue
39Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Agenda! Product Suite! Architecture! M-Series Packet Flow Example! Interfaces! M & T Series Routers! JUNOS & Supported Protocols! Additional Information
40Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Additional Information! M Series Routers
• www.juniper.net/products/ip_infrastructure/m_series
! T Series Routers • www.juniper.net/products/ip_infrastructure/t_series
! JUNOS Software• www.juniper.net/products/ip_infrastructure/junos
Copyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net 41
Questions?
www.juniper.netwww.juniper.net/education
Top Related