This book was written for network engineers by network engineers. The ultimate goal of this book is to share with the reader the logical underpinnings of the Juniper MX. Each chapter represents a specific vertical within the Juniper MX and will provide enough depth and knowledge to provide the reader with enough confidence to implement and design new architectures for their network using the Juniper MX.
Here’s a short summary of the chapters and what you’ll find inside:
Learn a little bit about the history and pedigree of the Juniper MX and what factors prompted its creation. Junos is the “secret sauce” that’s common throughout all of the hardware; this chapter will take a deep dive into the control plane and explain some of the recent important changes to the release cycle and support structure of Junos. The star of the chapter is of course the Juniper MX; the chapter will thoroughly explain all of the components such as line cards, switch fabric, and routing engines.
It always seems to surprise people that the Juniper MX is capable of switching; not only can it switch, it has some of the best bridging features and scalability on the market. The VLAN mapping is capable of popping, swapping, and pushing new IEEE 802.1Q headers with ease. When it comes to scale, it can support over 8,000 virtual switches.
Discover the world of advanced policing where the norm is creating two-rate three-color markers, hierarchical policers, cascading firewall filters, and logical bandwidth policers. You think you already know about Junos policing and firewall filters? You’re wrong; this is a must-read chapter.
Everyone has been through the process of creating a 200-line
firewall filter and applying it to the loopback interface to protect
the routing engine. This chapter presents an alternative method of
creating a firewall filter framework and only applies the filters
that are specific to your network via firewall filter chains. As of
Junos 10.4, there’s a new feature called Distributed
Denial-of-Service Protection (
ddos-protection) that can be combined with
firewall filters to add an extra layer of security to the routing
This chapter answers the question, “What is hierarchical class of service and why do I need it?” The land of CoS is filled with mystery and adventure; come join Harry and discover the advantages of hierarchical scheduling.
What’s better than a Juniper MX router? Two Juniper MX routers, of course, unless you’re talking about virtual chassis; it takes several Juniper MX Routers and combines them into a single, logical router.
Services such as Network Address Translation (NAT), IP Information Flow Export (IPFIX), and tunneling protocols traditionally require a separate services card. Trio inline services turns this model upside down and allows the network engineer to install network services directly inside of the Trio chipset, which eliminates the need for special services hardware.
An alternative to virtual chassis is a feature called MC-LAG, which allows two routers to form a logical IEEE 802.3ad connection to a downstream router and appear as a single entity. The twist is that MC-LAG allows the two routers to function independently.
Some of us take high availability for granted. GRES, NSR, NSB, and ISSU make you feel warm and fuzzy. But how do you really know they work? Put on your hard hat and go spelunking inside of these features and protocols like you never have before.
Each chapter includes a set of review questions and exam topics, all designed to get you thinking about what you’ve just read and digested. If you’re not in the certification mode, the questions will provide a mechanism for critical thinking, potentially prompting you to locate other resources to further your knowledge.