Juniper_student

juniper AXI520/580 router is used to JUNOS.

520 power supports AC and DC
580 only support DC

JUNOS software feature include:
routing protocol process;
interface process;
chassis process;
snmp process;
management process;
command line interface.

Software monitoring tools
Management Ports

industrial strength protocols:
Unicast routing protocols:
IS-IS,OSPF,RIP,BGP.

Multicast Routing protocols:
DVMRP,PIM,MSDP,IGMP,SAP/SDP

MPLS application protocols:
MPLS,RSVP,LDP

JUNOS supports SNMP v1 and v2
use command line is set command limited in support.

Software Monitoring tools have :
CLI is used display information and check network connectivity;
SNMP MIB 2 SNMP v1 traps and v2 notifications
SNMP v1 only support one protocol,v2 supports multiply protocol and support authentication crypto.

Tracing and logging

Software support covers most recent release and two previous(e.g.5.1,5.0,4.4)

头一次登录junos需要输入username and password。
login：
password：

例如：Doug

CLI（command-line mode）：
Operational(操作) mode：
Doug@lab2>

Configuration mode:
[edit]
Doug@lab2#

常用命令：
在 Operational Mode下：
clear bgp brief
configure chassis exact
monitor interface protocol
set isis table
show ospf terse
route
version

In operational mode commands:
在user@host>
show 显示
request 请求
restart 重启
ping
traceroute
clear
monitor
file 文件拷贝
test 测试
telnet
set 设置
ssh
start 开始
quit
!

using command 格式：
using | (pipe 管道命令)
| compare 比较命令
| count 计数
| display 显示
| except 不计
| find 发现
| hold 控制、保留
| match 匹配
| no-more
| resolve 解决
| save
| trim 修整
set cli command to:
-- screen-length 设置屏幕长度
-- screen-width 设置屏幕宽度
-- idle-timeout 设置空闲时间
-- prompt 设置提示字符串
-- terminal 设置终端类型
!
查找命令可以使用space 建 或 table 建。
!
也可以使用?进行命令查询
!
由 Operational 进入 configuration 输入命令：
configure or edit command-line
系统界面为：
[edit] 代表根底
Doug@lab2#
!
配置命令可以直接设置：例如
set chassis alarm sonet lol red
!
也可以一级一级进入后设置：例如
edit chassis alarm ethernet
!
[edit chassis alarm ethernet]
!
回到上一级格式目录下输入：up
例如：
[edit chassis alarm ethernet]
user@host# up
[edit chassis alarm]
user@host#
!
直接回到根底：输入 top
[edit chassis alarm ethernet]
user@host# top
[edit] 代表根底
user@lab2#

!
显示查询配置文件时可以采用两种方式：

[edit] 代表根底
user@lab2#show classis alarm
sonet {
lol red;
pll yellow;
}
[edit]
!
or
[edit] 代表根底
user@lab2#edit chassis alarm
[edit chassis alarm]
user@host#show
sonet {
lol red;
pll yellow;
}
[edit chassis alarm]
!
改变一个活动的配置
[edit chassis]
user@host# set alarm sonet lol red
user@host# delete alarm sonet pll yellow
!
通过管道输出命令显示修改后的不同处，前面会加上+ 或者 - 代表add 和 delete
[edit chassis]
user@host#show | compare
alarm {
sonet {
+ lol red
los red;
- pll yellow;
}
!
other command options
[edit chassis]
user@host#show | compare filename
user@host#show | compare rollback number
!
[edit]
user@host# set groups re0 system host-name Sanjose-re0
[edit]
user@sanjose-re0#set interfaces fxp0 unit 0 family inet address 192.168.200.51/24 apply-groups re0
!
[edit]
user@sanjose-re0#show groups re0
re0{
system{
host-name SanJose-re0;
}
interface{
fxp0{
unit 0{
family inet {
address 192.168.200.51/24;
}
}
}
}
}
!
Supported protocol families are:
internet (inet)
IPv6(inet6)
international standards organization(ISO)
traffic engineering(MPLS)
!
inet下的命令：
IP address: address a.b.c.d/prefix_length
remote address on point-to-point links:
destination a.b.c.d
Broadcast address: broadcast a.b.c.d
Primary address:primary
Preferred address:preferred
MTU size:mtu bytes
ICMP redirect control:no-redirects
Multicast only:multicast-only
!
例如配置IP地址：
lab@host>configure
[edit]
lab@host>edit interfaces so-1/0/3
[edit interfaces so-1/0/3]
lab@host#set unit 0 family inet address 10.0.20.1/24
lab@host# commit (必须敲)
!
lab@host#show interfaces
interfaces{
so-1/0/3{
unit 0 {
family inet {
address 10.0.20.1/24;
}
}
}
}
!
Add the inactive: tag to a statement, effectively commenting out the statement or identifier from the configuration
user@host# deactivate at-5/2/0
[edit interfaces]
user@host# show
inactive: at-5/2/0
Disable an interface or a logical unit, effectively unconfiguring it
user@host# set so-1/1/0 disable
[edit interfaces]
user@host# show so-1/1/0
so-1/1/0 {
disable; # Interface is marked as disabled
mtu 8000;
clocking internal;
!


login router configure
username is root
例如：
login：root
this is module does not have password，需要人为配置。
开始进入CLI时，输入：cli，进入root@amnesiac>
!
Enter configuration mode：
root@amnesiac>configure
[edit]
root@#
&
set root password:
Plain text(明文密码)
root@#set system root-authentication plain-text-password
!
Pre-encrypted password(加密)
root@#set system root-authentication encrypted-p

assword encrypted-password
!
SSH(secure shell) key:
root@#set system root-authentication ssh-rsa key
!
&
set router name:
[edit]
root@am#set system host-name lab2
!
set router domain name:
[edit]
root@am#set domain-name https://www.doczj.com/doc/f15243023.html,
!
commit changes so far:
[edit]
root@# commit
commit complete
!
&
set management Ethernet IP address and prefix:
[edit]
root@lab2#set interfaces fxp0 unit 0 family inet address ip-address/prefix-length
!
set default route:
[edit]
root@lab2# set system backup-router gateway-address ;
root@lab2# set routing-options static route default nexthop gateway-address retain no-readvertise ;
例如：
set routing-options static route 0.0.0.0/0 next-hop 1.1.1.1
!
set name server address:
[edit]
root@lab2#set system name-server ns-address
!
set remote access
[edit]
root@lab2# set system services ssh
!
查看系统安装包文件命令：
show system software
!
软件包的名称格式：
https://www.doczj.com/doc/f15243023.html,number.tgz
---m.n is the major version number（软件版本）
---Z is a single uppercase letter
. A-Alpha 透明度
. B-Beta 测试版本
. R-Release 版本
. I-Internal内部的
---number is the release number（版本号）
---For example(例如：jbundle-5.1R2.4.tgz
!
软件更新包下载地址：https://www.doczj.com/doc/f15243023.html,
添加新更新包命令：
在Operational mode 下：
root@lab2> request system software add new-packege-name
!
重启路由器：
root@lab2> request system reboot
!
request system snapshot (备份映射文件)
!
mirror flash on disk （恢复映射文件）
!
CLI> file copy jinstall-url /var/tmp/jinstall-pkg
文件复制，相当于cisco的copy running-config started-config 命令
!
加载软件安装文件包命令：
CLI>request system software add/var/tmp/jinstall-pkg
!
路由器启动时间在5至7分钟。
!
配置的基本信息：
router name
management interface IP address
default router IP address
domain name and DNS server IP address
!
配置文件保存的定点位置是：/config/juniper.conf
!
恢复系统初始化命令：
root@lab2> request system halt
!
显示关于底部信息的命令：
user@host> show chassis ...
!
for example:
FPCs/PICs/FEB,SCB,SFM,SSB/Fans/Power supplies
!
For example:
user@host> show chassis hardware
!查看系统模块
user@host> show chassis alarms
!查看硬件报警信息
user@host> show chassis environment
!查看硬件底部个模块信息的运行状态和环境。
user@host> show chassis craft-interface
!显示硬件底部通用端口状态。
user@host> show chassis firmware
!显示硬件固件信息的版本
user@host> show chassis feb
!显示关于系统控制口的信息如：FEB、SCB、SFM or SSB
user@host> show chassis fpc
!显示CPU、内存使用率的情况FPC
show chassis fpc detail 0
!显示关于0槽位CPU内存使用率的情况。
show chassis fpc pic-status
!显示PICs的状态。
show system processes extensive
!显

示系统处理进程的信息
show system boot-messages
!显示系统引导信息

user@host> show system ...
--information about the software processes
!显示系统软件信息
user@host> show log ...
--Displays information in the log file specified
!显示日志文件信息
缺省的日志信息文件是“message”
!
Juniper路由器端口类型如下：
LAN/broadcast multiaccess(Fast/Gigabit Ethernet)
Point-to-point(SONET/SDH,T3/E3,T1/E1 - PPP or Cisco-HDLC)
Point-to-multipoint (SONET/SDH,T3/E3,T1/E1-Frame-relay or ATM-VC)
!
show interface extensive
以上命令是显式所有端口输入输出的信息。
!
在端口上进行环路测试（打环测试链路的联通性）
[edit interfaces s0-0/1/0]
set sonet-options loopback local/remote(本地和远程)
!
通过show interfaces s0-0/1/0查看端口的运行状态，如果提示：present running loop-detected表示此端口被打环。
!
BERT testing（测试技术）
!
相应的测试参数有：（在端口模式下执行）
bert-algorithm algorithm；
bert-error-rate rate；
bert-period seconds；
!
开始运行测试的命令：
test interface t3-1/0/1 bert-start
停止命令：
test interface t3-1/0/1 bert-stop
!
LAB:端口配置和排错操作：

Juniper路由器创建路由部分：
1.RID（router ID）
2.Local AS number
3.static routes
4.aggregated routes
5.generated routes
6.martian routes
7.routing tables and route preferences
8.Load balancing
!
Default protocols are:
--Direct (直连)
--Local (本地)
--static (静态)
--RSVP
--LDP (标签发现协议)
--OSPF
--IS-IS
--RIP
--Aggregate (汇总)
--BGP
!
协议优先级：
Direct=0
local=0
static=5
RSVP=7
LDP=9
OSPF=10
ISIS(L1)=15
ISIS(L2)=18
RIP=100
Aggregate=130
BGP=170
!
查看路由表命令：
show route
!
启动路由表中的load-balance（负载）命令：
set routing-options forwarding-table export please-load-balance;
set policy-options policy-statement please-load-balance term balance then load-balance per-packet;
!
显式输出参数如下:
[edit]
routing-options {
forwarding-table {
export please-load-balance;
}
policy-options {
policy-statement please-load-balance {
term balance {
then {
load-balance per-packet;
}
}
!


基本的RIP路由配置：
set protocols rip group (group-name) neighbor interface-name;
!
显式输出如下：
protocols {
rip {
group group-name {
neighbor interface-name;
}
}
}
!
添加路由策略的RIP路由配置：
set policy-options policy-statement statics-to-rip from protocol static;
set policy-options policy-statement statics-to-rip then accept;
!
调用该策略：
set protocols rip group rip-neighbors export statics-to-rip;
set protocols rip group rip-neighbors neighbor fe-0/0/0.0;
set protocols rip group rip-neighbors neighbor fe-0/0/1.0;
!
第二种方法

：
[edit]
router@host>edit policy-options
[edit policy-options]
router@host>edit policy-statement statics-to-rip
[edit policy-options policy-statement statics-to-rip]
router@host>set from protocol static
router@host>set then accept
router@host>top (回到根)
!
[edit]
router@host>edit protocols rip
[edit protocols rip]
router@host>edit group rip-neighbors
[edit protocols rip group rip-neighbors]
router@host>set export statics-to-rip
router@host>set neighbor fe-0/0/0.0
router@host>set neighbor fe-0/0/1.0
!
显式输出为:
Determine which routes to advertise and create export policy
policy-options {
policy-statement statics-to-rip {
from protocol static;
then accept;
}
}

Apply export policy to RIP neighbors
protocols {
rip {
group rip-neighbors {
export statics-to-rip;
neighbor fe-0/0/0.0;
neighbor fe-0/0/1.0;
}

查询RIP协议状态命令：
查询邻居关系的命令：
show rip neighbor
!
查询所有是通过RIP学习的路由
show route protocol rip
!
查询由RIP路由发送的网段命令：
show route advertising-protocol rip x.x.x.x
!
查询由RIP路由学习到的网段命令：
show route receive-protocol rip
!
查询RIP路由状态表：
show rip statistics
!
RIPv1 日志追踪配置操作：
[edit protocols rip]
traceoptions {
file name ....
!
RIPv2 标记追踪操作：
[edit protocols rip]
traceoptions {
flag flag ;
all
auth
..
....
.....
!
Route Policy:
1.Basic policy syntax
policy-options {
policy-statement policy-name {
term term-name {
from {
match-conditions;
}
then {
action;
}
}
}
}
Note:A policy can have multiple terms.
!
Every policy can contain a match criterion
每一个策略能包含一个匹配的规则!
所有包含的事项：（possibilities include)
--neighbor address
--Protocol(source of information)
.BGP,direct,dvmrp,isis,local,mpls,ospf,pim,rip
static,aggregate;
--Routing protocol information
.ospf area ID
.IS-IS level number
.BGP attributes
!
match actions(匹配的动作)
terminate(停止):
-- Accept route
-- Reject(or suppress) route
Flow control
-- Skip to next policy
-- Skip to next term
Modify attributes
-- Metric
-- Preference
-- Color
-- Next-hop address
!
routing policy example:
policy-options{
policy-statement advertise-ospf{
term pick-ospf {
from protocol ospf;
then accept;
}
}
}
protocols bgp {
export advertise-ospf;
}
!
Specifying multiple conditions in a “from” statement means that all must match before the action is taken
policy-options {
policy-statement isis-level2 {
term find-level2-routes {
from {
protocol isis;
level 2;
}
then accept;
}
}
}
proto

cols bgp {
export isis-level2;
}
!
Applying policy(策略应用):
Link-state protocols(IS-IS and OSPF) have only export filtering points:
protocols {
isis {
export [ policy-1 policy-2 ... ];
}
ospf {
export [ policy-1 policy-2 ... ];
}
}
!
BGP routing policy has three filtering points:
-- Global
-- Groups of neighbors
-- individual neighbors
!
其中：
-- neighbor policy overrides group and global policies;
邻居策略代替组策略和全局策略；
-- 组策略代替全局策略；
!
for example：
protocols {
bgp {
export local-customers;
group meganet-inc {
type external;
peer-as 47;
import [ martian-filter long-prefix-filter as-47-filter ];
neighbor 1.2.2.4;
neighbor 1.2.2.5;
}
group problem-child {
type external;
peer-as 54;
export kill-private-addresses;
import [ as-47-filter long-prefix-filter martian-filter ];
neighbor 1.2.2.6;
neighbor 1.2.2.7;
neighbor 1.2.2.8 {
import [ reject-unwanted as-666-routes ];
}
}
}
}
!
Router Filters(路由过滤)
命令格式：
route-filter prefix/prefix-length match-type ;
!
多个路由过滤条目可以组成一个区间规则。
!
match-types (匹配类型):
. exact 精确 只匹配指定的路由条目;
from route-filter 192.168/16 exact;
. orlonger 匹配精确以及只要符合匹配路由条目范围内的；
from route-filter 192.168/16 orlonger;
. longer 匹配精确路由条目以外的路由条目；
from route-filter 192.168/16 longer;
. upto 匹配路由的条目不超过第二个值的；
from route-filter 192.168/16 upto /24;
. through 匹配指定路由条目范围内的，必须前缀保持一至或直连的。
from route-filter 192.168/16 through 192.168.16/20
. prefix-length-range
只匹配指定路由条目范围内包含的后两位前缀范围内的路由条目。


OSPF路由设置：
show ospf neighbor extensive
!
JUNOS software OSPF support:
OSPFv2,including:
. Virtual links
. stub areas,Not So Stubby Areas(NSSA),Totally Stubby Areas
. Authentication
. Summarization
. Traffic Engineering (LSA type 10 support)
!
configure OSPF (Single Area)：
[edit]
user@host# set protocols ospf area 0 interface ge-0/0/0
!
[edit]
user@host# show protocols ospf
ospf {
area 0.0.0.0 {
interface ge-0/0/0.0;
}
}
!
[edit]
user@host# set protocols ospf area 1 interface at-0/1/1.100;
[edit]
user@host# show protocols ospf
ospf {
area 0.0.0.0 {
interface ge-0/0/0.0;
}
area 0.0.0.1 {
interface at-0/1/1.100;
}
}
!
"show" commands include:
show ospf interface
neighbor
log
statistics
Routes
database
!
use "show ospf interface" commands 查看路由跟踪表，主要包括个端口的信息如：interface、state、Area、DR ID、BDR ID 和 neigh

bors。
!
show ospf neighbor 查看OSPF的邻接关系：
包括：IP address、Interface、state、ID、priority和 Dead
!
clear ospf neighbor 用于清除OSPF邻接关系
!
show ospf log 用于显示日志信息
!
show ospf statistics 显示OSPF状态信息
!
show OSPF route detail 用于OSPF详细路由信息
!
show route protocol ospf 用于显示从OSPF路由学习到的路由条目.
!
show ospf database 查看OSPF数据库
!
Definded in ISO/IEC 10589,RFC 1195 and RFC 2763
!
TLVs(Type-Length-Values):
code: defined in: used for:
1 ISO 10589 area addresses
2 ISO 10589 IS neighbor Metrics
6 ISO 10589 Neighbor LAN ID
8 ISO 10589 Padding
9 ISO 10589 LSP Entries
10 ISO 10589 Authentication
128 RFC 1195 IP Prefix,Mask,and Metrics
129 RFC 1195 Protocols Supported
130 RFC 1195 IP External Information
132 RFC 1195 IP Interface address
137 RFC 2763 Dynamic Hostname Mapping
!
supported minimum MTU value is 1492
!
any single link can have a maximum value of 63
!
default metric with a maximum path value of 1024
!
JUNOS IS-IS support with:
.Multiple areas
.Multiple levels
.Authentication
.Summarization
.Route leaking
.Traffic Engineering TLVs
.Wide metrics
.Mesh groups
.Overload
.Hello interva,LSP lifetime,etc.
!
configuring IS-IS :
[edit]
user@host# set protocols isis interface ge-0/0/0.0 level 1 disable
!
[edit]
user@host#set protocols isis interface at-0/1/1.100 level 2 disable
!
[edit]
user@host#show protocols isis
isis {
interface ge-0/0/0.0 {
level 1 disable;
}
interface at-0/1/1.100 {
level 2 disable;
}
}
!
在一个网络中所有的端口上要想运行IS-IS，必须在其中一个端口下包含主ISO，在这里我们例如：loopback 0 接口。
!
[edit]
user@host#show interfaces
ge-0/1/0 {
unit 0 {
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 192.168.2.1/32;
}
family iso {
address 49.0001.0192.0168.0201.00;
}
}
}
!
通过show命令查看IS-IS的操作。
如下所示：
show isis .interface .adjacency .spf log .statistics
.route .database
!
show isis interface 命令可以查看接口的参数：
is-is interface database：
type:
interface L(level) level 1 DR level 2 DR L1/L2 metric
!
show isis adjacency 命令可以查看邻接的关心状态：
包括的参数：
interface system L state Hold（secs）SNPA
!
show isis statistics 命令可以查看ISIS的运行状态详细内容包括：
PDU（协议数据单元）类型（LSP、IIH、CSNP、PSNP、Unknown and Totals）
Received （收到包的状态）processed（处理包的状态）Drops（丢掉包的状态）Send（发送包的状态）
!
show isis route查看ISIS路由状态
包

括的信息参数：prefix（address） Level version Metric type
interface VIA
!
Advanced IS-IS Topics：Authentication，route leaking，Mesh Groups，Multilevel，Overload bit，IS-IS Multicast Extensions
!
What is BGP?
.BGP is an inter-domain routing protocol that communicates prefix reachability
.BGP is a "path vector" protocol
.BGP views the internet as a collection of autonomous systems
.BGP supports CIDR
.BGP routers exchange routing information between peers
.defined in RFC 1771
!
许多前缀能够共享相同的路径。
BGP可以根据AS path 和其他 属性进行最好的路径选择。
BGP运行的TCP connections port is 179.
TCP services have：
.fragmentation
.Acknowledgments
.Checksums
.Sequencing
.Flow Control
!
没有自动邻居发现。
!
BGP TCP neighbor states connectivity have: idle、Connect and Active
BGP connectivity states have：OpenSent、OpenConfirm and Established。
!
BGP Message types have: .open .update .keepalive .notification
Messages uss a common header.
!
BGP attributes: next-hop
.an ip address of a BGP peer(一个IP对应一个BGPduideng)
.BGP next-hop must be reachable by router prior to placing an advertised route into the RIB-LOCAL.(BGP 下一跳的地址必须能够首先出现在经过的路由器的内部RIB中)
.value is changed by default only across EBGP links.(缺省情况下只有通过EBGP链路的值可以改变)
.value is not changed by default across IBGP links.
.value can be changed by a policy(策略的值是可以改变的)
.Attribute is always present and is transmitted across all BGP links.(通过所有的BGP链路的属性是永远出现和传输的)
!
BGP Attributes:Local-Pref:
.Is used to decide the preferred path out of the AS.(是用于决定优选哪个路径进行AS输出)
.所有BGP流量在一个AS将通过最高Local-Pref进行对等转发。
.该值只用于一单一个别的AS内，从不通过EBGP链路发送。
!
BGP attributes:AS-path:
Provides a path back to the source of the route,preventing routing loops.
-----Routes with the router's own AS number in the path must be looped;these routes will be dropped immediately
!
Each router on the edge of the AS adds their AS number to the front of the path,for example:
------ 34 67 195 6743 701
!
this attribute is always present and is transmitted across all BGP links.
!
BGP attributes : Origin
describes where the first router received the information : I = IGP (0) E= EGP (1) ?=incomplete (3)
!
BGP attributes:MED(Multi-exit-discriminator):
By default,used only when there are multiple links between the same two autonomous systems.
is used to help influence the preferred path back into an AS -- Lower the value better is the metric.
attribute need not be present on a route --- when present,it is transmitted on all BGP links.
!
BGP attributes: Community.
Generic mechanism for tagging routes.
Communities can be:
---used by policy to perform an action on a particular

set of routes that have been tagged with a community.
---added to the community list(community add)
---Deleted from current community list(community delete)
---set to the community list (community set)
!
BGP sessions are established between peers ----- BGP speakers
BGP 会话是通过BGP会话对等体建立的。
Two types of peering sessions：
分别包括两个类型：EBGP and IBGP
!
BGP Route Selection(BGP路由选择)\
Can the BGP next-hop be resolved-else stop
---Prefer the highest LOCAL-PREF value
---Prefer the shortest AS-PATH length
---Prefer the lowest ORIGIN value
---Prefer the lowest MED value
---Prefer routes learned via EBGP over routes via IBGP
---Prefer routes with the lowest IGP metric
--- 7a - Prefer routes from inet.3 over inet.0
--- 7b - Prefer routes with a greater number of next-hops
--- 7c - if you're doing Route Reflectors,prefer the route with the shorter cluster list.
---Prefer routes from the peer with the lowest RID.
---Prefer routes from the peer with the lowest peer ID.
!
IBGP loopback interfaces
IBGP peering is often done using loopback interfaces.
---- loopback interfaces are more stable(loopback端口更加稳定)
---- not tied to a single physical path
The AS needs an IGP so that IBGP speakers can reach each others'loopback address
!
BGP Route Advertisement Rules
Advertise only the active BGP routes to peers
--- BGP next-hop must be reachable
Never forward IBGP routes to IBGP peers
--- Prevents loops
Withdraw routes if active BGP routes become unreachable
!
JUNOS Software Support for BGP:
RFC 1771,A Border Gateway Protocol 4(BGP-4)
RFC 1772,Application of the Border Gateway Protocol in the internet
RFC 1966,BGP Route Reflection:An Alternative to Full-Mesh IBGP
RFC 1997,BGP communities Attribute
RFC 2270,Using a Dedicated AS for Sites Homed to a Single Provider
RFC 2283,Multiportocol Extensions for BGP-4
RFC 2385,Protection of BGP Sessions through the TCP MD5 Signature Option
RFC 2439,BGP Route Flap Damping
RFC 2842,Capabilities Advertisement with BGP-4
RFC 3065,Autonomous System Confederations for BGP
!
A Basic BGP Configuration

routing-options {
autonomous-system 64;
}
protocols {
bgp {
group external-peer1 {
type external;
peer-as 1;
neighbor 10.0.3.6;
}
group internal-peers {
type internal;
local-address 192.168.24.1;
neighbor 192.168.16.1;
neighbor 192.168.6.1;
}
}
}
!
Several commands display a wide variety of BGP information, either from the protocol itself or from BGP routes

user@host> show bgp ?
Possible completions:
group Show the BGP group database
neighbor Show the BGP neighbor database
summary

Show an overview of the BGP information
!
Show bgp group
View information about a BGP group

user@host> show bgp group
Group Type: Internal AS: 65412 Local AS: 65412
Name: int-peers
Total peers: 1 Established: 1
192.168.16.1+2127
Route Queue Timer: unset Route Queue: empty

Group Type: External Local AS: 65412
Name: ext-peers
Total peers: 2 Established: 1
10.0.29.1
10.0.3.6+4272
Route Queue Timer: unset Route Queue: empty
!
user@host> show bgp neighbor
Peer: 10.0.3.6+4272 AS 1 Local: 10.0.3.7+179 AS 65412
Type: External State: Established Flags: <>
Last State: OpenConfirm Last Event: RecvKeepAlive
Last Error: None
Options:
Holdtime: 90 Preference: 170
Number of flaps: 0
Error: 'Cease' Sent: 1 Recv: 0
Peer ID: 192.168.28.1 Local ID: 192.168.24.1 Active Holdtime: 90
Keepalive Interval: 30
NLRI advertised by peer: inet-unicast
NLRI for this session: inet-unicast
Peer supports Refresh capability (2)
Table inet.0 Bit: 10001
Send state: in sync
Active prefixes: 0
Received prefixes: 0
Suppressed due to damping: 0
Last traffic (seconds): Received 30 Sent 30 Checked 30
Input messages: Total 13 Updates 0 Refreshes 0 Octets 273
Output messages: Total 14 Updates 0 Refreshes 0 Octets 292
Output Queue[0]: 0
!
Use the show bgp summary command to view basic information about all BGP neighbors

Groups: 2 Peers: 3 Down peers: 1
Table Tot Paths Act Paths Suppressed History Damp State Pending
inet.0 0 0 0 0 0 0
inet.2 0 0 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/DwnState
192.168.16.1 65412 39 40 0 0 18:41 0/0/0
10.0.3.6 1 16 17 0 0 7:15 0/0/0
10.0.29.1 1 0 0 0 0 18:53 Active
!
Show BGP Route Advertisements
show route receive-protocol bgp
Look at routes received by a peer before policy is applied

user@host> show route receive-protocol bgp 11.1.1.1
inet.0: 6 destinations, 6 routes (5 active, 0 holddown, 1 hidden)
Prefix Nexthop MED Lclpref AS path
10.0.0.0/8 192.168.1.1 100 I
172.16.0.0/12 172.19.1.1 100 I

show route advertising-protocol bgp
Look at routes being advertised to a specific peer

user@host> show route advertising-protocol bgp 10.1.1.2
inet.0: 10 destinations, 10 routes (8 active, 0 holddown, 2 hidden)
Prefix Nexthop MED Lclpref AS path
10.0.0.0/8 Self 100 I
172.16.0.0/12 Self 100 I
!
Show BGP Rout

es
user@host> show route protocol bgp ?
Possible completions:
<[Enter]> Execute this command
Destination prefix and prefix length information
advertising-protocol Information transmitted by a particular routing protocol
all All entries including hidden entries
aspath-regex Entries learned via a specific AS path
best Show longest match
brief Brief view
+ community A community to match, possibly including wildcards
damping Entries that have been subjected to route damping
detail Detailed view
exact Show exact match
extensive Extensive view
hidden Hidden entries
inactive Inactive entries
label-switched-path Entries associated with a particular LSP tunnel
next-hop Entries pointing to a particular next hop
output Entries sending packets out a particular interface
range Show entire prefix range
receive-protocol Information learned from a particular routing protocol
source-gateway Entries learned from a particular router
table Entries in a particular routing table
terse Terse view
| Pipe through a command
!
Use the show route extensive to look at specific entries in the routing table

user@host> show route 192.168.1/24 extensive

inet.0: 20 destinations, 20 routes (20 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

192.168.1.0/24 (1 entry, 1 announced)
TSI:
Path 192.168.1.0 from 10.0.18.2 Vector len 4. Val: 0 1
BGP_Sync_Any dest 192.168.1.0/24 MED 0

*BGP Preference: 170/-101
Nexthop: 10.0.18.2 via so-0/1/2.0, selected
State:
Local AS: 1 Peer AS: 10
Age: 47:59
Task: BGP_10.10.0.18.2+1724
Announcement bits (3): 2-KRT 3-BGP.0.0.0.0+179 4-BGP_Sync_Any
AS path: 10 I
Localpref: 100
Router ID: 192.168.0.1
!
Regular Expressions
---Regular expressions are a powerful pattern matching engine
---It is the combination of text and special operators that make up a regular expression
---Regular expressions allow for things to be found in context, not as isolated instances
---Used to match AS Paths and Communities
-------JUNOS Software AS Path Regex is not POSIX Compliant
-----------No need for “^” and “$”
-----------The “.” matches complete AS number, not a single digit
---Community Regex are POSIX compliant
!
Regular Expression Operators
---Regular expressions take form term
---Operator is an optional pattern matching character that applies to a single term:
------Operators immediately follow the term referenced
---------“1024? 2685”
------The pipe ( | ) oper

ator is used between terms
---------“1024 | 2685”
------The dash ( - ) operator is used between terms
---------“1024 – 2685”
!
Routes can be filtered using AS-path and community regular expressions:

lab@router> show route aspath-regex "()"

inet.0: 16 destinations, 16 routes (16 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.0.0.0/24 *[OSPF/10] 00:32:40, metric 3
> to 10.0.3.1 via fe-0/0/0.0

lab@router> show route community 65412:200


vpna.inet.0: 14 destinations, 14 routes (14 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.0.4.0/30 *[BGP/170] 00:00:16, localpref 100, from 192.168.20.1
AS path: 65000 I
> to 10.0.3.1 via fe-0/0/0.0, label-switched-path test
!
Tracing BGP
Configure BGP routing protocol trace flags

[edit protocols bgp]
traceoptions {
flag flag ;
Tracing flags:
all Trace everything
aspath Trace aspath processing
damping Trace damping events
general Trace general events
keepalive Trace BGP keepalive packets
normal Trace normal events
open Trace BGP open packets
packets Trace all BGP protocol packets
policy Trace policy processing
route Trace routing information
state Trace state transitions
task Trace routing protocol task processing
timer Trace routing protocol timer processing
update Trace BGP update packets
!
Advanced BGP Topics
Scaling
---Route Reflection
---Confederations
---Prefix limits
Authentication
Multi-path and multi-hop (load balancing)
Damping
MBGP
Local AS
Remove Private, AS-loops
!
Agenda:Interface Troubleshooting:
---interface troubleshooting overview
--- the demarcation point,minimizing disruption,common commands.
---LAN Topologies
---Point-to-point topologies
---Loopback testing
---T3/E3 troubleshooting
---T1/E1 troubleshooting
---SONET troubleshooting
---Multipoint technologies
---Frame Relay and ATM troubleshooting
!
Interface Troubleshooting Overview
---Understanding the demarcation
---Europe typically excludes the CSU/DSU (CPE perspective) because it is owned by the Telco.
---North America typically includeds the CSU/DSU(CPE perspective) because it is owned by the customer.
---Topology will determine troubleshooting approach.
Essentially three topology types to consider when troubleshooting:
--- LAN/broadcast multiaccess(Fast/Gigabit Ethernet)
--- Point-to-point(SONET/SDH,T3/E3,T1/E1 - PPP or Cisco-HDLC)
--- Point-to-multipoint(SONET/SDH,T3/E3,T1/E1 - Frame Relay or ATM-VC)
---Tools available and approach for each type will vary
!
when links are flapping,disable or remove them from the IGP
--- this limits the impact for flooding LSA's/LSP's,running SPF etc.
For OSPF
[edit protocols ospf area 0]
user@router#set interface so-0/1/1 disable
!
For IS-IS
[edit protocols isis]
user@router#set

interface so-0/1/1 disable
!
Command:show interfaces extensive
The show interfaces extensive command produces similar output for all interfaces types
!
user@router> monitor traffic ?
Possible completions:
<[Enter]> Execute this command
absolute-sequence Display absolute TCP sequence numbers
brief Show brief output
count Number of packets to receive (0..1000000 packets)
detail Display detailed output
extensive Display extensive output
interface Monitor traffic on a given interface
matching Receive packets whose headers match this expression
no-domain-names Don't display the domain portion of host names
no-resolve Don't attempt to print addresses symbolically
no-timestamp Don't print a timestamp on each dump line
print-ascii When printing in hex, print in ASCII too
print-hex Print each packet in hex
size Receive the given number of bytes for each packet (bytes)
!
LAN topologies:
Port types: fe- ge- fxp0
link-mode(full or half duplex)
Tools:ping loopback(local) show interfaces extensive show interface media
show arp monitor traffic monitor interface clear statistics
!
Fast Ethernet/Gigabit Ethernet
---set loopback(local only)
--- verify the Ethernet hardware
---ping a locally connected host/router
--- show arp
user@host> show arp
MAC Address Address Name Flags
00:00:0c:06:2c:0d 192.168.1.2 https://www.doczj.com/doc/f15243023.html,
!
Cable lengths and physical layer standards
--Cat 5 UTP copper: 100 meters
--Multimode fiber: Check the port specifications
--Single-mode fiber: Check the port specifications (IR, LR)
Check Encapsulation Types (802.3 LLC, 802.3 SNAP, DIXv2)
--show interfaces extensive
--monitor interfaces
!
Typical monitor interface Output:
user@router Seconds: 55 Time: 19:12:00
?
Interface: ge-0/2/0, Enabled, Link is Down
Encapsulation: Ethernet, Speed: 1000mbps
Traffic statistics: Current Delta
Input bytes: 17707053 (0 bps) [0]
Output bytes: 10369709 (0 bps) [312]
Input packets: 292046 (0 pps) [0]
Output packets: 147886 (0 pps) [4]
Error statistics:
Input errors: 0 [0]
Input drops: 0 [0]
Input framing errors: 0 [0]
Policed discards: 14355 [0]
L3 incompletes: 261 [0]
L2 channel errors: 0 [0]
L2 mismatch timeouts: 156 [0]
Carrier transitions: 2 [1]
Output

errors: 0 [0]
Output drops: 0 [0]
Aged packets: 0 [0]
Active alarms : LINK
Active defects: LINK
Input MAC/Filter statistics:
Unicast packets 104547 [0]
Packet error count 0 [0]
?Interface warnings:
o Outstanding LINK alarm
?
!
Ping VRRP VIP address:
[edit interfaces fe-0/1/0]
user@router# show
vlan-tagging;
unit 100 {
vlan-id 100;
family inet {
address 1.1.1.1/24 {
vrrp-group 8 {
virtual-address 1.1.1.254;
priority 127;
preempt;
accept-data;
}
}
}
[edit interfaces fe-0/1/0]

!
Point-to-Point Topologies:
Media types: T3 E3 T1 E1 SO
!
encapsulation: PPP Cisco HDLC
!
Tools: ping loopback local/remote BERT test (Bit Error Rate Test) T3 & E3
show interface extensive monitor traffic monitor interface
clear statistics
!
Overview of T3/E3 interface status:
user@router>show interfaces terse t3*
Interface Admin Link Proto Local Remote
t3-1/0/0 down down administratively disabled
t3-1/0/0.0 up down inet 1.1.1.1/30
t3-1/0/1 up down
t3-1/0/1.0 up down inet 2.2.2.2/30 link layer down
t3-1/0/2 up up
t3-1/0/2.0 up up inet 3.3.3.3/30 link layer up
!
Physical Logical Reason
down down - Admin disabled
up down - Router interface problem
- Interface mis-configured (encapsulation)
- Keepalive sequencing not incrementing
- CSU/DSU failure
- Carrier problem (noisy line, timing mismatches)
!
user@router> monitor interface t3-1/0/1
router Seconds: 78 Time: 21:44:15
?
Interface: t3-1/0/1, Enabled, Link is Down
Encapsulation: Cisco-HDLC, Keepalives, Speed: T3
Traffic statistics: Current Delta
Input bytes: 0 (0 bps) [0]
Output bytes: 207 (184 bps) [184]
Input packets: 0 (0 pps) [0]
Output packets: 9 (1 pps) [8]
Encapsulation statistics:
Input keepalives: 0 [0]
Output keepalives: 9 [8]
Error statistics:
Input errors: 0 [0]
Input drops: 0 [0]
Input framing errors: 9 [8]
CCV 0 [0]
?
Interface warnings:

o Received keepalive count is zero
o Framing errors, check FCS, scrambling and subrate configuration
?
?Next='n', Quit='q' or ESC, Freeze='f', Thaw='t', Clear='c', Interface='i'

Check the port- Physical loopback TX - RX by connecting cables and setting"clock internal"

Check the compatibility mode when connecting to other vendors' equipment.
[edit interfaces t3-0/1/1 t3-options]
set compatibility-mode (digital-link|kentrox|larscom) ;
!
Clocking - internal or external
Check miscellaneous settings at both ends
-- frame

第二部分
Describe the basic concept of MPLS
Explain the evolution of traffic engineering
Explain why IGP based traffic engineering is problematic
List some of the drawbacks to ATM based overlay networks
!
Traffic Engineering Overview:
.the concept of MPLS
.Traffic engineering definition
.IGP based traffic engineering
.The overlay network
.Router evolution
!
MPLS:the concept(概念)
.Multiprotocol label switching(MPLS) is a mechanism for engineering traffic,independent of routing tables
.多协议标签交换是一个流量工程机制，独立于路由表。
.Analysis of a packet's destination is performed just once (ingress),then placed in a preconfigured tunnel.
.分析一个数据包目的是履行一次入口，当放置在一个改装隧道中的。
.JUNOS software supports multiple RFCs and Internet drafts related to MPLS.
.JUNOS 软件支持多种RFC和互联网精选讲述的MPLS标准。

Module Objectives
.Explain the benefits and applications for MPLS
.Describe MPLS based traffic engineering
.Define the terms LSR,Ingress,Egress,and LSP
.describe the Push,Pop, and Swap label operations
.Explain Penultimate hop popping
.Describe MPLS flow and packet processing from ingress to egress router
.Label stacking
.Advanced topics overview


Enabling MPLS:
.enable MPLS packet forwarding on each logical interface you intend to use for MPLS
[edit interfaces]
user@host# set unit family mpls
!
.enable MPLS routing on the entire router
[edit protocols]
user@host# set mpls interface all
!
.enabling MPLS installs default labels 0 and 1 into mpls.0 switching table
!
Static LSP Router Configurations
.Ingress,transit,and egress routers must be configured separately
--- Manually assign label numbers
--- 16 - 1023 reserved for static labels
.Static LSP appears in ingress router's inet.0 table as static route to egress router
.Not recommended for large-scale deployment
---No path "keepalive"checking
---No automatic failover
---Little operational visibility
!
for exmplation
.....
router 1 to router 2
mpls {
static-path inet {
134.112/16 {
nexthop 10.0.1.2;
push 202;
}
}
}
router 2 to router 3
mpls {
interface name {
label-map 202 {
nexthop 10.0.3.39;
swap 303;
}
}
}
router 3 to router end
mpls

{
interface name {
label-map 303 {
nexthop 10.0.5.4;
swap 0;
}
}
}
.Using operational commands to monitor and troubleshoot static lsps
---show mpls interface
---show route
---show route table mpls.0
!