book

Juniper MX Series, 2nd Edition

by Douglas Richard Hanks, Harry Reynolds, David Roy

September 2016

Intermediate to advanced

1140 pages

30h 11m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Preface
Second Edition NotesNo ApologiesBook TopologyInterface NamesAggregate Ethernet AssignmentsLayer 2IPv4 AddressingIPv6 AddressingWhat’s in This Book?Conventions Used in This BookSafari® Books OnlineHow to Contact Us
1. Juniper MX Architecture
Junos OSOne JunosSoftware ReleasesJunos Continuity—JAMSoftware ArchitectureRouting SocketsJunos OS ModernizationJuniper MX ChassisvMXMX80MidrangeMX104MX240MX480MX960MX2010 and MX2020TrioTrio ArchitectureTrio GenerationsBuffering BlockLookup BlockInterfaces BlockDense Queuing BlockLine Cards and ModulesDense Port ConcentratorModular Port ConcentratorPacket WalkthroughModular Interface CardNetwork ServicesSwitch and Control BoardEthernet SwitchSwitch FabricMX Switch Control BoardEnhanced MX Switch Control BoardJ-CellSummaryChapter Review QuestionsChapter Review Answers
2. Bridging, VLAN Mapping, IRB, and Virtual Switches
Isn’t the MX a Router?Layer 2 NetworkingEthernet IIIEEE 802.1QIEEE 802.1QinQJunos InterfacesInterface Bridge ConfigurationBasic Comparison of Service Provider Versus Enterprise StyleService Provider Interface Bridge ConfigurationTaggingEncapsulationService Provider Bridge Domain ConfigurationEnterprise Interface Bridge ConfigurationInterface ModeVLAN RewriteService Provider VLAN MappingStack Data StructureStack OperationsStack Operations MapTag CountBridge Domain RequirementsExample: Push and PopExample: Swap-Push and Pop-SwapBridge DomainsLearning DomainBridge Domain ModesVLAN Normalization and Rewrite OperationsBridge Domain OptionsShow Bridge Domain CommandsClear MAC AddressesMAC AccountingIntegrated Routing and BridgingIRB AttributesVirtual SwitchConfigurationVXLANVXLAN as a Layer 2 OverlayVXLAN on MX SeriesSummaryChapter Review QuestionsChapter Review Answers
3. Stateless Filters, Hierarchical Policing, and Tri-Color Marking
Firewall Filter and Policer OverviewStateless Versus StatefulStateless Filter ComponentsFilters Versus Routing PolicyFilter ScalingFiltering Differences for MPC Versus DPCFilter OperationStateless Filter ProcessingPolicingRate Limiting: Shaping or Policing?Junos Policer OperationCascaded PolicersSingle and Two-Rate Three-Color PolicersHierarchical PolicersApplying Filters and PolicersFilter Application PointsApplying PolicersPolicer Context SummaryPolicer Application RestrictionsAdvanced Filtering FeaturesEnhanced Filter Modeflexible-match FilterFast Lookup FilterAdvanced Filtering SummaryBridge Filtering Case StudyFilter Processing in Bridged and Routed EnvironmentsMonitor and Troubleshoot Filters and PolicersBridge Family Filter and Policing Case StudyBridge Filtering SummaryService Provider DDOS Filtering Case StudySummaryChapter Review QuestionsChapter Review Answers
4. Routing Engine Protection and DDoS Prevention
RE Protection Case StudyIPv4 RE Protection FilterIPv6 RE Protection FilterDDoS Protection Case StudyThe Issue of Control Plane DepletionDDoS Operational OverviewDDoS Configuration and Operational VerificationDDoS Case StudyThe Attack Has Begun!Suspicious Control Flow DetectionSCFD VocabularyConfigure Flow DetectionCase Study: Suspicious Flow DetectionSuspicious Control Flow Detection SummaryMitigate DDoS AttacksBGP Flow-Specification to the RescueWhat’s New in the World of Flow-Spec?BGP Flow-Specification Case StudyLet the Attack Begin!SummaryChapter Review QuestionsChapter Review Answers
5. Trio Class of Service
MX CoS CapabilitiesPort Versus Hierarchical Queuing MPCsCoS Capabilities and ScaleTrio CoS FlowIntelligent OversubscriptionThe Remaining CoS Packet FlowCoS Processing: Port- and Queue-Based MPCsKey Aspects of the Trio CoS ModelTrio CoS Processing SummaryHierarchical CoSThe H-CoS Reference ModelLevel 4: QueuesLevel 3: IFLLevel 2: IFL-SetsLevel 1: IFDRemainingInterface Modes and Excess Bandwidth SharingPriority-Based ShapingFabric CoSControl CoS on Host-Generated TrafficH-CoS SummaryPer-VLAN Queuing for Non-Queuing MPCsPer-Unit Scheduler Case Study on MPC4ePer-Unit Scheduling for Non-Q MPC SummaryTrio Scheduling and QueuingScheduling DisciplineScheduler Priority LevelsScheduler ModesH-CoS and Aggregated Ethernet InterfacesSchedulers, Scheduler Maps, and TCPsTrio Scheduling and Priority SummaryMX Trio CoS DefaultsFour Forwarding Classes, but Only Two QueuesDefault BA and Rewrite Marker TemplatesMX Trio CoS Defaults SummaryFlexible Packet RewritePolicy Map SummaryPredicting Queue ThroughputWhere to Start?Trio CoS Proof-of-Concept Test LabPredicting Queue Throughput SummaryCoS LabConfigure Unidirectional CoSVerify Unidirectional CoSConfirm Scheduling BehaviorAdd H-CoS for Subscriber AccessConfigure H-CoSVerify H-CoSTrio CoS SummaryChapter Review QuestionsChapter Review Answers
6. MX Virtual Chassis
What Is Virtual Chassis?MX-VC TerminologyMX-VC Use CaseMX-VC RequirementsMX-VC ArchitectureMX-VC Interface NumberingMX-VC Packet WalkthroughVirtual Chassis TopologyMastership ElectionPreserving VCP BandwidthSummaryMX-VC ConfigurationChassis Serial NumberMember IDR1 VCP InterfaceRouting Engine GroupsVirtual Chassis ConfigurationR2 VCP InterfaceVirtual Chassis VerificationRevert to StandaloneSummaryVCP Interface Class of ServiceVCP Traffic EncapsulationVCP Class of Service WalkthroughForwarding ClassesSchedulersClassifiersRewrite RulesFinal ConfigurationVerificationSummaryChapter Review QuestionsChapter Review Answers
7. Trio Load Balancing
Junos Load Balancing OverviewPer-Prefix Versus Per-Flow Load BalancingHashingHash ComputationThe Next-HopJunos Load Balancing SummaryTrio Load Balancing and Backward CompatibilityHost Outbound Load BalancingConfigure Per-Family Load BalancingFamily and Enhanced Hash Field SummaryWhat About Multicast?Advanced Load BalancingThe Problem of PolarizationSymmetric Load BalancingConsistent HashingAdaptive Load BalancingSummaryChapter Review QuestionsChapter Review Answers
8. Trio Inline Services
What Are Trio Inline Services?J-FlowJ-Flow EvolutionInline IPFIX PerformanceInline IPFIX Software ArchitectureInline IPFIX ConfigurationInline IPFIX VerificationIPFIX SummaryNetwork Address TranslationTypes of NATServices Inline InterfaceService SetsDestination NAT ConfigurationNetwork Address Translation SummaryTunnel ServicesEnabling Tunnel ServicesA Tunneled Packet WalkthroughTunnel Services RedundancyInline GRE with Filter-Based TunnelCase Study: Traffic Mitigation Based on GRE Filter-Based TunnelCase Study: Interconnect Logical and Physical RoutersTunnel Services SummaryPort MirroringPort Mirror Supported FamiliesPort Mirroring Case StudyPort Mirroring SummaryLayer 2 AnalyzerLayer 2 Analyzer ConfigurationLayer 2 Analyzer Case StudyLayer 2 Analyzer SummarySummaryChapter Review QuestionsChapter Review Answers
9. Multi-Chassis Link Aggregation
Multi-Chassis Link AggregationMC-LAG State OverviewMC-LAG Family SupportMulti-Chassis Link Aggregation Versus MX Virtual ChassisMC-LAG SummaryInter-Chassis Control ProtocolICCP HierarchyICCP Topology GuidelinesHow to Configure ICCPICCP Configuration GuidelinesICCP Split BrainICCP SummaryMC-LAG ModesActive-StandbyActive-ActiveMC-LAG Modes SummaryCase StudyLogical Interfaces and Loopback AddressingLayer 2Layer 3MC-LAG ConfigurationConnectivity VerificationCase Study SummarySummaryChapter Review QuestionsChapter Review Answers

10. Junos High Availability on MX Routers
Junos High-Availability Feature OverviewGraceful Routing Engine SwitchoverThe GRES ProcessConfigure GRESGRES SummaryGraceful RestartGR ShortcomingsGraceful Restart Operation: OSPFGraceful Restart and Other Routing ProtocolsConfigure and Verify OSPF GRGraceful Restart SummaryNonstop Routing and BridgingReplication, the Magic That Keeps Protocols RunningNonstop BridgingCurrent NSR/NSB SupportThis NSR Thing Sounds Cool: So What Can Go Wrong?Configure NSR and NSBVerify NSR and NSBNSR SummaryIn-Service Software UpgradesISSU OperationISSU Layer 3 Protocol SupportISSU Layer 2 SupportISSU: A Double-Edged KnifeISSU SummaryISSU LabVerify ISSU ReadinessPerform an ISSUSummaryChapter Review QuestionsChapter Review Answers
11. The Virtual MX
Why Use vMX and for What Purpose?Physical or VirtualBenefits of Using vMXDeployments to Use with vMXA Technical Overview of vMXSeveral vMX Instances per ServerNetwork Virtualization Techniques for vMXvMX LicensingSummaryvMX and the Virtual WorldVirtualization ConceptsSummaryResources for Installing vMX for Lab SimulationvMX Initial ConfigurationTechnical Details of the vMXVCP/VFP ArchitecturevMX Packet WalkthroughThe vMX QoS ModelSummaryChapter Review QuestionsChapter Review Answers
Index

Content preview from Juniper MX Series, 2nd Edition

Chapter 1. Juniper MX Architecture

Back in 1998, Juniper Networks released its first router, the M40. Leveraging Application-Specific Integrated Circuits (ASICs), the M40 was able to outperform any other router architecture. The M40 was also the first router to have a true separation of the control and data planes, and the M Series was born. Originally, the model name M40 referred to its ability to process 40 million packets per second (Mpps). As the product portfolio expanded, the “M” now refers to the multiple services available on the router, such as MPLS with a wide variety of VPNs. The primary use case for the M Series was to allow Service Providers to deliver services based on IP while at the same time supporting legacy frame relay and ATM networks.

Fast-forward 10 years and the number of customers that Service Providers have to support has increased exponentially. Frame relay and ATM have been decimated, as customers are demanding high-speed Layer 2 and Layer 3 Ethernet-based services. Large Enterprise companies are becoming more Service Provider-like and are offering IP services to departments and subsidiaries.

Nearly all networking equipment connects via Ethernet. It’s one of the most well understood and deployed networking technologies used today. Companies have challenging requirements to reduce operating costs and at the same time provide more services. Ethernet enables the simplification in network operations, administration, and maintenance.

The MX Series was introduced ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781491932711Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Juniper MX Series, 2nd Edition

by Douglas Richard Hanks, Harry Reynolds, David Roy

Chapter 1. Juniper MX Architecture

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.