Virtually Multiplicity

Last Session, we left off with configuring ISDN as a backup link and talked a bit about DSL...In this lastest installment on our road to Juniper certification, we will explore Multi-link PPP, Generic Routing Encapsulation or GRE, and Virtual Router Redundancy Protocol.(VRRP) We will then move to some common interface troubleshooting techniques.



PPP has a lot going for it in terms of a protocol. In addition to authentication and support for multiple protocol types, individual PPP links can be combined using the Multi-Link Point-to-Point protocol. RFC 1990 details the "software bundling" of multiple PPP links together as one. JUNOS allows for up to eight physical interface links to be assigned to a bundle.



In order to support MLPPP on Juniper equipment, you need a hardware PIC in the case of M/T Series routers or appropriate software support in the J-Series platform. We will discuss configuration steps next:

1. Configure the pseudolink interface appropriate for your routing platform



2. Our new link will have all the properties of a regular PPP interface but will have a multi-link ppp encapsulation. The links will be assigned as multiple unit numbers. In the following configuration, the bundle will be assigned to unit 0:

ls0-0/0/0{

unit 0{

encapsulation multilink-ppp;

family inet{

address 172.8.17.30/30;

}
}

}

Next we will configure the links and link service interface. Interfaces se-1/0/0 and se-1/0/1 are added to the bundle on the ls-0/0/0 interface. (Our link service logical interface.)

se1/0/0{

unit 0{

family mlppp{

bundle ls-0/0/0;

}

}

}

se-0/0/1{

unit 0{

family mlppp{

bundle ls-0/0/0.0;

}

}

}

We can verify the status of our newly created bundle with the show interfaces terse command. The link service interface will remain in the up state as long as one of our physical interfaces is up. This behaviour can be modified with the minimum-links command in the link service interface hierarchy.

While we are on the subject of protocols and their associated encapsulations, let's delve into Generic Routing Encapsulation. GRE is a "stateless" tunneling protocol. Stateless in this context refers to a connection that is created with no monitoring of the endpoint or other tunnel endpoints. It is mostly used in conjunction with Virtual Private networks or VPNs. It can also be used to establish back up links to a location or to carry non IP traffic over an IP network (Frame Relay,ATM, or Ethernet.)

In order to create a GRE tunnel, a Juniper device must be equipped with the Layer 2 services PIC (M and T-Series) or is native in the J-Series platform. When you activate the service, a pseudo interface called 'gr' is created. You need three things in terms of configuration to make our new interface useful:

1. inteface must be configured with the source IP for the GRE packets (where they are originating from)


2. The tunnel's destination


3. Protocols that the GRE will carry (An IP address for the 'gr' interface is not required, but is good to have for management purposes.)

Note: Remember the gre interface is used by the router internally and should not be configured to be a GRE tunnel.

Here is an example of a configured gr interface for GRE:

gr-0/0/0{

unit 0

tunnel{

source 10.20.1.38;

destination 172.66.13.1

}

family inet

}

}

Now all that remains, is to map traffic for use by the GRE tunnel. You can do this with a static route with a destination next-hop address of the gr interface, or using a protocol such as OSPF(Open Shortest Path First.)

Logical Versus Physical

All interfaces in JUNOS and most other networking devices have two properties; logical and physical. Physical properties belong to an entire physical port, whereas logical properties correspond to the portion of the interface represented by a unit or channel number. Depending on the type of physical port installed, a large number of properties can be configured. We will detail some of the most common here:

• Clocking: Aligns bits as they are transmitted out of the interface. A clock signal can be supplied by a Service Provider or by the router.



• Encapsulation: Layer 2 encapsulation used on the interface. Examples include Frame Relay, Point to Point Protocol or PPP, and Cisco Highlevel Data Link Control or HDLC



• MTU: Maximum Transmission Unit, which is the maximum size of the frame transmitted from the interface.



• Keepalives: Used to verify the operation of the interface. Most encapsulations enable keepalives by default, but they can be disabled to aid troubleshooting.



• Layer 1/2 Options: Various bit and byte settings for the interface media such as framing, flow control, and source address filters

All router interfaces sending and recieving traffic or packets require a logical unit to be configured. This way, an interface may be divided into multiple logical interfaces (subinterfaces in Cisco) This division then could be used to create multiple Virtual Local Area Networks or VLANs with their own logical unit. Note: Many router vendors do not require a subinterface or logical unit on every physical interface but a Juniper router does. Even point-to-point interfaces and non VLAN tagged interfaces need a logical unit to be configured.

In JUNOS, unit numbers MUST be configured before any other logical configuration is applied. Here are some of the common logical properties that can be configured.

• Protocol Family refers to the Layer 3 protocols that can be sent and recieved on this interface. The most common is family inet. Other protocol amilies include IPv6, Multi Protocol Label Switching or MPLS, and ISO (Intermediate System to Intermediate System IS-IS)



• Protocol Address: Layer 3 family address such as family inet (IP address)



• Virtual Circuit Address: Circuit identifier use when an interface is divided logically. Logical interfaces include VLAN IDs, Frame Relay Data Link Connection Identifier or DLCI, or ATM virtual path/Virtual Connection Identifiers (VP/VCI)



• Logical unit numbers can range from 0-16,385



• The best practice is to keep circuit address the same as the unit number for ease of toubleshooting.



• Note: If you are configuring a point to point interface the unit number MUST be zero!

"More Interface Configuration Examples"

Let's demonstrate configuring a Fast Ethernet interface in JUNOS:

Note: Remember interfaces in JUNOS are 'automatically enabled' when the physical connection is wired. So, after cabling up, we check the status of our Fast Ethernet Interface:

1. root@routername> show interfaces terse fe-2/0/1


2. Once we determine that the interface is up, we enter configuration mode: root@routername#configure
   
3. We are brought to the [edit] hierarchy and now, to edit our interface: root@routername# edit interfaces fe-2/0/1


4. Establish the unit: root@routername#set unit 0 family inet address 10.10.20.122/24


5. JUNOS software requires a mask for every IP address in the classless CIDR notation (Classless Inter Domain Routing). This is denoted by the / (slash)


6. Execute a show command: root@routername#show to verify our newly created interface


7. Activate our new changes with commit: root@routername# commit-and-quit


8. Let's verify our newly created interface with ping: root@routername#ping 10.10.20.121 count 3

The reason for the count command with ping is, a Juniper router will send an endless number of pings unless a number of packets is specified or you use Ctrl-C

We will all become white rappers and call ourselves "config t"

Hi everyone! Welcome again to another thrilling installment of my Juniper blog! In the last session we talked mainly about operational mode commands and moving about the CLI. In this installment, we will focus on configuration mode and the JUNOS hierarchy. To enter configuration mode in JUNOS you issue the configure command from within the CLI. The router prompt will change:


Eg:

user@routername#


"It's all about multiplicity"


The default operation of configuration mode is that multiple users can edit the router's configuration at the same time.

• configure private command allows only one user to configure the router


• configure exclusive will allow multiple users to edit different portions of the configuration

Use set commands to add configuration to the router.

Eg: user@routername# set system services telnet

In JUNOS, the top level directory is edit with several sub directories below it. View them with the set ? command. The opposite of placing configuration into the router with the set command is the delete command.

Note: Do not use the delete command carelessly as it may delete a whole directory if you do not specify a particular command!

You can use the up command followed by a number to traverse a specified number of levels under the edit hierarchy. The top command will take you to the root directory, edit.
With such a plethora of commands in this section and previous sections, it has now become time to activate our new configuration statements!

This is accomplished with the commit command. The commit command activates the configuration we were just editing, called the candidate configuration.

"More on active configuration versus candidate configuration..."

In a Juniper router there are two configurations always present:

• Active configuration Current configuration running on the router (running-config in Cisco)
• Candidate configuration (The configuration we edit until we issue a commit.)

In the next session we will talk more about syntax "sanity checking" and rolling back...

Welcome to My Juniper Blog!

Hello Everyone,

This is my Juniper Networks certification and resource blog! I will post my study notes, thoughts and caveats on Juniper and the JNCIA-ER. Feel free to offer up resources that you feel would be helpful to those persuing Juniper Certifications.

Enjoy!