pag 20-60

Routing Engine Components 21
match This option prompts the router to display only lines in the output containing the text
string you provide.
no-more This option causes the router to not paginate the output.
resolve This option causes the router to resolve IP addresses in the output to hostnames, if
possible. You must configure the router with the IP address of a domain name server to use this
option effectively.
save This option automatically saves the output to the filename you provide. You see a single
line returned with the number of lines saved to the file; for example, Wrote 27 lines of
output to 'saved-file'.
trim This option prompts the router to omit the number of columns you supply from the output,
beginning with the left-hand side of the output. You might use this command when your
terminal width is small and you need to see data without a line wrap.
The router also gives you the ability to combine multiple pipe options together for maximum
flexibility. Suppose you want to know how many logical interfaces on your router have an IP
address configured. The show interfaces terse command supplies this information:
user@Merlot> show interfaces terse
Interface Admin Link Proto Local Remote
fe-0/0/0 up up
fe-0/0/0.100 up up ccc
fe-0/0/0.200 up up ccc
fe-0/0/1 up up
fe-0/0/1.0 up up inet 10.0.31.1/24
fe-0/0/2 up down
fe-0/0/3 up down
so-0/3/0 up up
so-0/3/0.0 up up inet 10.0.24.2 --> 0/0
mpls
so-0/3/1 up down
so-0/3/2 up down
so-0/3/3 up down
fxp0 up up
fxp0.0 up up inet 172.64.0.24/16
fxp1 up up
fxp1.0 up up tnp 4
gre up up
ipip up up
lo0 up up
lo0.0 up up inet 192.168.24.1 --> 0/0
lsi up up
mtun up up
22 Chapter 1  The Components of a Juniper Networks Router
pimd up up
pime up up
tap up up
You can find the IP addresses by displaying only lines with the inet string:
user@Merlot> show interfaces terse | match inet
fe-0/0/1.0 up up inet 10.0.31.1/24
so-0/3/0.0 up up inet 10.0.24.2 --> 0/0
fxp0.0 up up inet 172.64.0.24/16
lo0.0 up up inet 192.168.24.1 --> 0/0
Finally, you can allow the router to count the output lines for you:
user@Merlot> show interfaces terse | match inet | count
Count: 4 lines
We discuss the assignment of IP addresses to interfaces and the meaning of
inet in Chapter 2, “Interfaces.”
Modifying the Command Output
Each time you enter a command, the router generates the entire output before displaying any
characters on your screen and stores that information in a buffer. When the display output
is longer than your terminal length, the router paginates the output by displaying a prompt
of ---(more 18%)---. Not only does this tell you that more information is to follow, but it
also reveals how much of the output buffer you have seen. In our case, we’ve viewed 18 percent
of the total output.
Each time the router stops at a page break, you have the option of modifying and manipulating
the output. You access these features by pressing the h key at the (more) prompt. The list
of options looks like this:
---(Help for CLI automore)---
Clear all match and except strings: c or C
Display all line matching a regexp: m or M
Display all lines except those matching a regexp: e or E
Display this help text: h
Don't hold in automore at bottom of output: N
Hold in automore at bottom of output: H
Move down half display: TAB, d, or ^D
Move down one line: Enter, j, ^N, ^X, ^Z, or Down-Arrow
Move down one page: Space, f, ^F, or Right-Arrow
Routing Engine Components 23
Move to bottom of output: G, ^E, or End
Move to top of output: g, ^A, or Home
Move up half display: u or ^U
Move up one line: k, Delete, Backspace, ^P, or Up-Arrow
Move up one page: b, ^B, or Left-Arrow
Quit automore: q, Q, ^K, or Clear
Redraw display: ^L or ^R
Repeat a keystroke command 1 to 9 times: Meta-1..9
Repeat last search: n
Save output to a file: s or S
Search backwards thru the output: ?
Search forwards thru the output: /
---(End of Help)---
While the number of possible options and keystrokes is too numerous to detail here, we
can point out some commonly used ones. You access the bottom (or end) of the output buffer
with the Ctrl+E keystroke. This is useful when examining log files where new information is
placed at the end of the file. You can move backward through any router output with the
Ctrl+B sequence. This is handy for viewing information earlier in the output without retyping
the command over again. You can exit from the output and return to the command line at any
time by using the q key. Finally, you can search for a particular string in the output with the
forward slash (/) key. This moves your prompt to the first occurrence of the supplied string
and paginates the output at that point. This is similar to the find pipe variable.
Configuration Mode
At some point, you’re going to want to configure your router. After all, a router without configured
interfaces and routing protocols is a large hunk of steel and circuitry that doesn’t accomplish
much. You access the router’s configuration mode hierarchy with either the configure or
edit command:
user@Merlot> configure
Entering configuration mode
[edit]
user@Merlot#
As with operational mode, the router uses the prompt to visually show you that you are in
configuration mode. The > is changed into the pound character (#), and your current level in the
hierarchy is displayed above the router’s hostname. The [edit] portion of the output on Merlot
tells us that we are at the top of the configuration hierarchy. We can view the command
options at this level with the context-sensitive help system:
[edit]
user@Merlot# ?
24 Chapter 1  The Components of a Juniper Networks Router
Possible completions:
<[Enter]> Execute this command
activate Remove the inactive tag from a statement
annotate Annotate the statement with a comment
commit Commit current set of changes
copy Copy a statement
deactivate Add the inactive tag to a statement
delete Delete a data element
edit Edit a sub-element
exit Exit from this level
help Provide help information
insert Insert a new ordered data element
load Load configuration from an ASCII file
quit Quit from this level
rename Rename a statement
rollback Roll back database to last committed version
run Run an operational-mode command
save Save configuration to an ASCII file
set Set a parameter
show Show a parameter
status Display users currently editing the configuration
top Exit to top level of configuration
up Exit one level of configuration
update Update private database
Using the run Command
One very useful command that exists in configuration mode is run. When you use this command,
the router allows you access to operational mode commands from within the configuration. This
flexibility enables you to easily verify information on the router. Let’s look at an example.
Suppose that you connect to a router using Telnet and enter configuration mode to enable
the OSPF routing protocol. After navigating to the [edit protocols ospf] hierarchy directory,
you can’t recall the interface names on this particular router. You could look at a network
map for this information, but this option is not always available. You are now left to ask the
router for the information. A router from another vendor may require you to exit the configuration
to use the show interfaces command. The JUNOS software, however, provides this
ability from within the configuration:
[edit protocols ospf]
Routing Engine Components 25
user@Merlot# run show interfaces
Physical interface: so-0/0/0, Enabled, Physical link is Up
Interface index: 11, SNMP ifIndex: 13
Description: Sydney to Sao Paulo
Link-level type: PPP, MTU: 4474, Clocking: Internal, SONET mode,
Speed: OC3, Loopback: None, FCS: 16, Payload scrambler: Enabled
Device flags : Present Running
Interface flags: Point-To-Point SNMP-Traps
Link flags : Keepalives
Keepalive settings: Interval 10 seconds, Up-count 1, Down-count 3
Keepalive: Input: 27244 (00:00:06 ago), Output: 27293 (00:00:06 ago)
LCP state: Opened
NCP state: inet: Opened, inet6: Not-configured, iso: Opened, mpls: Opened
CHAP state: Not-configured
Last flapped : 2002-09-30 12:12:42 UTC (3d 03:21 ago)
Input rate : 0 bps (0 pps)
Output rate : 0 bps (0 pps)
SONET alarms : None
SONET defects : None
(Note: Information deleted for brevity)
Another requirement that network engineers often encounter is the desire to examine the current
routing table. Again, the router provides this ability from within configuration mode:
[edit protocols ospf]
user@Merlot# run show route
inet.0: 23 destinations, 24 routes (23 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
1.1.1.0/24 *[OSPF/10] 00:40:41, metric 4
> via so-0/0/0.0
10.200.200.0/24 *[Direct/0] 1d 17:31:30
> via fe-0/3/0.0
10.200.200.1/32 *[Local/0] 3d 03:24:34
Local via fe-0/3/0.0
10.222.3.0/24 *[OSPF/10] 00:40:41, metric 3
> via so-0/0/0.0
10.222.5.2/32 *[Local/0] 3d 03:24:35
Reject
26 Chapter 1  The Components of a Juniper Networks Router
Just because you’ve entered configuration mode, the router doesn’t stop assisting you as it
did in operational mode. The pipe variables are available with each command, the output paginates
with the (more) prompt, and the Emacs editor strings are a usable feature in configuration
mode. The CLI stills uses the command-completion function:
[edit]
user@Merlot# status
Users currently editing the configuration:
user terminal d0 (pid 23892) on since 2002-09-25 14:30:27 UTC
[edit]
If you examine the command options for configuration mode, you’ll notice that the st characters
are the most significant way to access the status command. The output from the Merlot
router shows the users who are currently in configuration mode, how long they have been in
that mode, and what their current configuration hierarchy level is.
Navigating within the Hierarchy
One method for conceptually viewing the configuration mode hierarchy is in a vertical fashion,
with the top of the directory structure at the top of a tree. Each branch of the tree below the root
forms a subdirectory below it. As is common with a directory system, each top-level subdirectory
can branch out into its own set of subdirectories, as shown in Figure 1.3.
You navigate downward through this structure to the next lower directory by using the edit
command:
[edit]
user@Merlot# edit protocols
[edit protocols]
user@Merlot#
10.222.6.0/24 *[OSPF/10] 00:40:41, metric 2
> via so-0/0/0.0
10.222.44.0/24 *[OSPF/10] 00:40:41, metric 3
> via so-0/0/0.0
10.222.45.0/24 *[OSPF/10] 00:40:41, metric 3
> via so-0/0/0.0
(Note: Information deleted for brevity)
These are only two examples of using the run command to your advantage. Just keep in mind
that this capability is usable for any operational-mode command within the JUNOS software.
Routing Engine Components 27
We continue into one of the next lower directories:
[edit protocols]
user@Merlot# edit ospf
[edit protocols ospf]
user@Merlot#
FIGURE 1 . 3 Configuration mode hierarchy directories
After reaching your desired directory, you can change the current configuration by using either
the set or delete command as discussed in the next section, “Altering the Configuration.”
The vertical nature of the configuration hierarchy requires you to always move in an up/
down direction. We looked at how to move down to a directory, so let’s see how to move up
a directory. Quite simply, you use the up command to move up a directory level:
[edit protocols ospf]
user@Merlot# up
[edit protocols]
user@Merlot# up
backup-router
dhcp-relay
diag-port-authentication
inet6-backup-router
location
login
name-server
ntp
ports
processes
radius-server
root-authentication
services
static-host-mapping
syslog
tacplus-server
aggregated-devices
alarm
fpc
redundancy
bgp
connections
dvmrp
igmp
isis
l2circuit
lsp
mpls
msdp
ospf
pim
rip
ripng
router-advertisement
router-discovery
rsvp
sap
vrrp
top
chassis protocols system
28 Chapter 1  The Components of a Juniper Networks Router
[edit]
user@Merlot#
The JUNOS software allows you to reach any lower directory in the hierarchy by entering
multiple directories with the edit command:
[edit]
user@Merlot# edit protocols ospf
[edit protocols ospf]
user@Merlot#
Conversely, the top command takes you to the top of the configuration hierarchy in a
single step:
[edit protocols ospf]
user@Merlot# top
[edit]
user@Merlot#
Finally, if you are currently in a lower configuration directory, such as [edit protocols ospf],
and you wish to move to a different directory, such as [edit routing-options static], you can
do so by combining the top and edit commands:
[edit protocols ospf]
user@Merlot# top edit routing-options static
[edit routing-options static]
user@Merlot#
Altering the Configuration
While moving around the configuration hierarchy is a valuable skill, at some point you are
going to want to actually configure the router. Each directory in the hierarchy may contain variables
that you can add or remove from the configuration. Continuing our tree analogy results
in these variables becoming the leaves on each branch of the tree. You enter new information
into the configuration with the set command:
[edit]
user@router# edit system
[edit system]
user@router# set host-name Merlot
Routing Engine Components 29
The router now has a hostname of Merlot instead of router. Notice that the host-name
variable is actually in the [edit system] hierarchy directory. We used the edit command to
move into that directory and then configured the hostname. In the previous section, “Navigating
within the Hierarchy,” we described the ability to add multiple directories to the edit command.
The set command works in a similar manner. You can enter multiple directory names
between the variable and the set command as long as the directories are in a direct downward
line. Let’s move back to the top of the hierarchy and change the hostname to Shiraz:
[edit system]
user@router# top
[edit]
user@router# set system host-name Shiraz
You can view the changes you’ve made to the configuration by issuing the show command.
This command displays any configuration in your current directory and all subdirectories
below your current location. Using this command at the top of the hierarchy displays the
entire configuration:
[edit]
user@router# show
version 5.3R1.2;
system {
host-name Shiraz;
root-authentication {
encrypted-password "$1$ZwtQb$cDpgAVcfDl/MLhTC1ZqQ4/"; # SECRET-DATA
}
login {
user user {
class super-user;
authentication {
encrypted-password "$1$/7NAOjwP$iwCrhoAqH38Kqh91AQFuY."; #
SECRET-DATA
}
}
}
radius-server {
172.30.10.1;
}
services {
telnet;
}
syslog {
user * {
30 Chapter 1  The Components of a Juniper Networks Router
any emergency;
}
file messages {
any notice;
authorization info;
}
}
}
To view the configuration just within the [edit system] directory, you may either move to
that level with the edit command or add the hierarchy name to the show command from the
top of the configuration:
[edit]
user@router# show system
host-name Shiraz;
root-authentication {
encrypted-password "$1$ZwtQb$cDpgAVcfDl/MLhTC1ZqQ4/"; # SECRET-DATA
}
login {
user user {
class super-user;
authentication {
encrypted-password "$1$/7NAOjwP$iwCrhoAqH38Kqh91AQFuY."; # SECRET-DATA
}
}
}
radius-server {
172.30.10.1;
}
services {
telnet;
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
}
Routing Engine Components 31
Using the set Command
We discussed how you have the ability to use the set command from the top of the configuration
to change variables in the configuration. As you become more proficient with using the
JUNOS software CLI, you might start taking advantage of this capability. To assist you in this
making this transition, let’s examine some details of the router’s output.
Suppose we begin configuring the router in the [edit system] directory. The possible options
at that hierarchy level are:
[edit system]
user@router# set ?
Possible completions:
+ apply-groups Groups from which to inherit configuration data
+ authentication-order Order in which authentication methods are invoked
> backup-router IPv4 router to use while booting
compress-configuration-files Compress the router configuration files
default-address-selection Use system address for locally originated traffic
> dhcp-relay BOOTP/DHCP relay configuration
> diag-port-authentication Authentication for the diagnostic port
domain-name Domain name for this router
+ domain-search List of domain names to search
host-name Host name for this router
> inet6-backup-router IPv6 router to use while booting
> location Location of the system, in various forms
> login Users, their classes and passwords
mirror-flash-on-disk Mirror contents of the flash drive onto hard drive
> name-server DNS name servers
no-redirects Disable ICMP redirects
no-saved-core-context Don't save context information for core files
> ntp Network Time Protocol services
> ports Craft interface RS-232 ports
> processes Process control
> radius-server RADIUS server configuration
> root-authentication Authentication information for the root login
saved-core-context Save context information for core files
> services System services
> static-host-mapping Static host name database mapping
32 Chapter 1  The Components of a Juniper Networks Router
You remove variables from the configuration with the delete command. Examining the earlier
output shows that the router is currently configured to communicate with a remote authentication
(RADIUS) server at address 172.30.10.1. This requirement is no longer valid, so we
remove it from the router’s configuration and verify that it is deleted:
[edit]
user@router# delete system radius-server 172.30.10.1
[edit]
user@router# show system
host-name Shiraz;
root-authentication {
encrypted-password "$1$ZwtQb$cDpgAVcfDl/MLhTC1ZqQ4/"; # SECRET-DATA
}
login {
user user {
class super-user;
authentication {
encrypted-password "$1$/7NAOjwP$iwCrhoAqH38Kqh91AQFuY."; # SECRET-DATA
}
}
}
> syslog System logging facility
> tacplus-server TACACS+ server configuration
time-zone Time zone definition name (/)
[edit system]
user@router# set
When you examine the output closely, you might notice that some command options are preceded
with a character—either an angle bracket (>) or a plus sign (+). These characters, as well
as their absence, carry a special meaning when you use the set command.
The angle bracket is used to designate lower-level directories. In our case, the name-server
option is really a subdirectory of [edit system]. The plus sign shows command variables you
can configure that may have multiple values assigned. For example, the authentication-order
option tells the router how to authenticate users who log in. You can assign a single authentication
method or multiple methods. Finally, some options do not have any characters preceding
them. These are configurable variables, such as host-name, that may contain only a single
possible value.
Routing Engine Components 33
services {
telnet;
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
}
The Candidate Configuration
You may have noticed that we’ve been changing the hostname of the router but that the router’s
prompt hasn’t changed. This brings us to a very important point concerning how a Juniper Networks
router behaves. When you enter configuration mode, you are actually viewing (and changing)
a file called the candidate configuration. The candidate configuration allows you to make
configuration changes without causing operational changes to the current operating configuration,
called the active configuration. The router implements the changes in the candidate configuration
when you use the commit command. (We discuss this function in the “Using the commit
Command” section later in this chapter.) This abstraction allows you the flexibility to alter your
configuration without causing damage to your current network operations.
You may enter or exit configuration mode as many times as you wish without implementing
your changes. If you do this several times, you may find that you’ve forgotten the exact
changes you’ve made. In this situation, you can utilize a pipe command called compare in
conjunction with the show command. This prompts the router to compare the current candidate
configuration to the active configuration running on the router. Differences between the
two files are displayed with either a plus (+) or a minus (-) sign. The plus sign represents variables
in the candidate configuration that are not present in the active configuration; you’ve
added them to the file. The minus sign shows the opposite; you’ve deleted variables from the file.
In other words, the candidate configuration doesn’t have items found in the active configuration.
Let’s use this command on our router to see the difference between the candidate and active
configurations:
[edit]
user@router# show | compare
[edit system]
- host-name router;
+ host-name Shiraz;
34 Chapter 1  The Components of a Juniper Networks Router
We see that host-name Shiraz was added to the candidate configuration and that host-name
router has been removed. This follows the configuration changes we implemented in the previous
section, “Altering the Configuration.”
The show | compare command displays only the differences between the two
files. All other portions of the configuration files are not shown.
Saving and Loading Configuration Files
The fact that the candidate configuration is a file that you edit also provides other advantages to
you. You can save the current candidate configuration to a file on the router. Alternatively, you
can load existing files into the router. Let’s examine one example of how to use these options.
Suppose you are burning in (initially configuring) a number of routers in your network. You
might want to have the common configuration components from the first router saved to more
easily configure the remaining routers. Let’s configure the first router with the common elements
and use the save command from the top of the configuration hierarchy:
[edit]
user@router# show
version 5.3R1.2;
system {
host-name Shiraz;
root-authentication {
encrypted-password "$1$ZwtQb$cDpgAVcfDl/MLhTC1ZqQ4/"; # SECRET-DATA
}
login {
user user {
class super-user;
authentication {
encrypted-password "$1$/7NAOjwP$iwCrhoAqH38Kqh91AQFuY."; #
SECRET-DATA
}
}
}
services {
telnet;
}
syslog {
file messages {
any notice;
authorization info;
Routing Engine Components 35
}
}
}
[edit]
user@router# save common
Wrote 24 lines of configuration to 'common'
The router creates (or overwrites) the file called common and places the candidate configuration
in it. We place these configuration elements on other routers with the load command. You
have two main options for loading the files—override and merge. As you might guess from
their names, the override option completely erases the current candidate configuration and
replaces it with the contents of the file you specify. The merge function combines the file with
the candidate configuration. Elements in the file that are not in the candidate are added. Variables
in the candidate configuration that are not in the merging file are left unchanged. When
an item is in both the merging file and the candidate configuration, the router uses the value
specified in the file.
On the next router to be configured, we use the load override command to enter the common
configuration elements:
[edit]
root# show
system {
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
}
}
[edit]
root# load override common
load complete
[edit]
root# show
version 5.3R1.2;
system {
36 Chapter 1  The Components of a Juniper Networks Router
host-name Shiraz;
root-authentication {
encrypted-password "$1$ZwtQb$cDpgAVcfDl/MLhTC1ZqQ4/"; # SECRET-DATA
}
login {
user user {
class super-user;
authentication {
encrypted-password "$1$/7NAOjwP$iwCrhoAqH38Kqh91AQFuY."; #
SECRET-DATA
}
}
}
services {
telnet;
}
syslog {
file messages {
any notice;
authorization info;
}
}
}
The previous output displays no hostname for the router. This is expected with
a new router because no configuration has yet taken place.
Comparing the results of the load override command with the common file we saved earlier
shows that only the elements detailed in the file are now in the candidate configuration. Specifically,
the user * portion of the syslog directory is not in the common file and is removed. The
load merge command provides you with different results:
[edit]
root# show
system {
syslog {
user * {
any emergency;
}
file messages {
Routing Engine Components 37
any notice;
authorization info;
}
}
}
[edit]
root# load merge common
load complete
[edit]
root# show
version 5.3R1.2;
system {
host-name Shiraz;
root-authentication {
encrypted-password "$1$ZwtQb$cDpgAVcfDl/MLhTC1ZqQ4/"; # SECRET-DATA
}
login {
user user {
class super-user;
authentication {
encrypted-password "$1$/7NAOjwP$iwCrhoAqH38Kqh91AQFuY."; #
SECRET-DATA
}
}
}
services {
telnet;
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
}
}
The existing user * configuration remains as a result of the load merge command.
38 Chapter 1  The Components of a Juniper Networks Router
Cutting and Pasting Configuration Files
The ability to cut and paste portions of configuration files between routers is valuable when
operating a network. Within the JUNOS software, you accomplish this with the load merge
terminal command. In place of a file, the router expects you to enter keystrokes from the terminal
directly. You may actually type portions of the configuration yourself, or more often
paste text into the terminal window.
Suppose you have the following configuration within [edit protocols] on one of your routers:
[edit]
user@Shiraz# show | find protocols
protocols {
bgp {
group internal {
type internal;
local-address 192.168.16.1;
neighbor 192.168.24.1;
neighbor 192.168.12.1;
}
}
ospf {
area 0.0.0.0 {
interface all;
interface fxp0.0 {
disable;
}
}
}
}
You would like to copy the OSPF portion of the configuration to other routers in your network.
To accomplish this, copy the output shown previously and place it into a text editor. Edit the
text to look like the following:
protocols {
ospf {
area 0.0.0.0 {
interface all;
Routing Engine Components 39
Using the commit Command
We mentioned the commit command in the “The Candidate Configuration” section earlier in
this chapter. Because no changes you make to the router become effective until you use this command,
let’s spend some time exploring its functionality.
Each time you commit your configuration, the router performs several tasks. The candidate
configuration is examined for syntax and semantic problems and if any single problem exists,
the candidate is not implemented. One example of a possible problem is referencing a routing
interface fxp0.0 {
disable;
}
}
}
}
You should ensure that all of the configuration hierarchy is accounted for—the router returns
an error message if it does not receive the proper information. Type the load merge terminal
command on your router and paste the text from your text editor into the router. After all of the
text is entered, press Ctrl+D to close the paste window. You should see a load complete message
if you are successful:
[edit]
user@Shiraz# load merge terminal
[Type ^D to end input]
protocols {
ospf {
area 0.0.0.0 {
interface all;
interface fxp0.0 {
disable;
}
}
}
}
load complete
[edit]
user@Shiraz#
After some practice to fully understand the procedure, you’ll find this to be a valuable tool for
operating and configuring your network.
40 Chapter 1  The Components of a Juniper Networks Router
policy without creating that policy. (We discuss routing policies in Chapter 4, “Routing Policy.”)
If the candidate configuration possesses no errors, the router then implements the new
configuration and makes changes to the operating environment as needed. Finally, the existing
active configuration is saved on the router for future use.
You now decide to implement the changes to the router’s configuration:
[edit]
user@router# commit
commit complete
[edit]
user@Shiraz#
The commit complete message tells us that the process was successful. Notice a change of the
router’s hostname from router to Shiraz. We used the commit command from the top of the
configuration hierarchy, but you can issue it from any level you wish. Unlike many other configuration
mode commands that affect only the current configuration level and lower branches, the
commit process always implements the entire configuration at once. Any errors encountered during
a commit procedure result in no portion of the configuration changing.
Suppose that there was an error in the configuration we just committed. In that case, the
router does not implement the changes we made and supplies an error message informing us of
the problem:
[edit]
user@router# commit
Policy error: Policy Advertise-Routes referenced but not defined
error: configuration check-out failed
[edit]
user@router#
In addition to the configuration check-out failed message, we see that the router’s
hostname did not change. It appears that a policy called Advertise-Routes was referenced in
the configuration without ever being created in the first place. We remove the offending policy
and successfully commit the configuration.
[edit]
user@router# delete protocols ospf export Advertise-Routes
[edit]
user@router# commit
commit complete
[edit]
user@Shiraz#
Routing Engine Components 41
Command Options
The commit command has several options you may use to alter its operation. Let’s view them
on the Shiraz router:
[edit]
user@Shiraz# commit ?
Possible completions:
<[Enter]> Execute this command
and-quit Quit configuration mode if commit succeeds
at Time at which to activate the configuration changes
check Check only, do not apply changes
confirmed Automatically rollback if not confirmed
synchronize Synchronize commit on both routing engines
| Pipe through a command
[edit]
user@Shiraz# commit
The router always remains in configuration mode, by default, after committing the configuration.
You may exit back to operational mode with the addition of the and-quit option:
[edit]
user@Shiraz# commit and-quit
commit complete
Exiting configuration mode
user@Shiraz>
The router exits configuration mode only after a successful commit process. If
any errors are encountered, they are reported and the router remains in configuration
mode.
You can have the router verify the validity of the configuration without implementing the
changes by using the check option. You might use this option after making a number of changes
to the router and you want to be sure you have all of the required portions of the configuration
in place. After running the syntax and semantic checks, the router does not implement the
changes. You’re either notified of a successful check or your errors are reported to you:
[edit]
user@Shiraz# commit check
configuration check succeeds
[edit]
user@Shiraz#
42 Chapter 1  The Components of a Juniper Networks Router
The syntax and semantic checks the router performs verify only that information is present
in the configuration that allows the router to implement the candidate file. No verification is
ever completed to see if the configuration actually does what you wanted it to do in the network;
that is your job. If you are concerned that changes you made will either lock you out of your
router or cause harm to the operation of the network, you should use the confirmed option.
This option provides a safety net to the user in case of operational problems with your new configuration
and is designed to allow the router to return to a working configuration automatically.
After you issue the commit confirmed command, the router implements the changes you
requested and starts a 10-minute timer. If you are happy with the new configuration, you must
issue a normal commit command to stop the timer and end the operation of the confirmed
option. If you don’t stop the timer, the router automatically returns to the last operational configuration
and implements those changes.
[edit]
user@router# commit confirmed
commit confirmed will be automatically rolled back in 10 minutes unless
confirmed
commit complete
[edit]
user@Shiraz#
The output of the commit confirmed command is no different from that of a normal commit
operation. The router either reports an error or displays the commit complete message. Additionally,
you have the option of altering the timer value used with the confirmed option. The possible
values range from 1 minute to 65,535 minutes (45 days, 12 hours, and 15 minutes).
The last option you may use with the commit command is synchronize. When you have a
router with two Routing Engines installed, you can have the router apply the candidate configuration
to both Routing Engines.
[edit]
user@router# commit synchronize
re0: configuration check succeeds
re1: configuration check succeeds
re0: commit complete
re1: commit complete
[edit]
user@Shiraz#
This option is helpful in the event of a Routing Engine failure; the backup Routing Engine
now has the latest operational parameters in the network.
Routing Engine Components 43
We discuss the fail-over operation of the Routing Engine in the section “Routing
Engine Redundancy” later in this chapter.
Restoring an Old Configuration
When the router commits a configuration, it also saves the existing configuration to a file. It is
this saved file that the router uses during the commit confirmed process. This single file is not
the only old configuration file saved, however. The JUNOS software saves up to nine previous
configuration files for your use. The current active configuration is named junper.conf and is
file number 0. The most recent active configuration is called juniper.conf.1.gz and is file
number 1. This naming convention continues with each older file incrementing by 1 until the
juniper.conf.9.gz file is reached.
You place one of these files into the candidate configuration with the rollback command.
This command functions exactly like the load override command in that the existing candidate
configuration is removed and the new file is put into its place. To actually implement the
old configuration file, you must still issue the commit command to make the candidate configuration
the new active configuration.
Suppose that we’ve altered the properties of the configuration on the Shiraz router. After
committing the configuration, we realize that the new configuration is not performing as we
wanted it to. So we load the most recent configuration and commit that change:
[edit]
user@Shiraz# rollback 1
load complete
[edit]
user@Shiraz# commit
commit complete
[edit]
user@Shiraz#
The router never automatically commits a rollback file for you. The only exception
is a commit confirmed operation where the router issues both a rollback 1
and a commit command.
44 Chapter 1  The Components of a Juniper Networks Router
Manipulating Files on the Router
The JUNOS software stores multitudes of information in files on the router. Thus far, we’ve discussed
configuration and rollback files, files we stored using the save command, and new versions
of the JUNOS software itself. The router stores these files in various directories, including:
/config This directory is located on the router’s internal flash drive. It contains the active
configuration (juniper.conf) and rollback files 1, 2, and 3.
/var/db/config This directory is located on the router’s hard drive and contains rollback
files 4 through 9.
/var/tmp This directory is located on the router’s hard drive. It holds core files from the various
daemons on the Routing Engines. Core files are generated when a particular daemon crashes and
are used by Juniper Networks engineers to diagnose the reason for failure.
/var/log This directory is located on the router’s hard drive. It contains files generated by
both the router’s logging function as well as the traceoptions command.
/var/home This directory is located on the router’s hard drive. It contains a subdirectory for
each configured user on the router. These individual user directories are the default file location
for many JUNOS software commands.
/altroot This directory is located on the router’s hard drive and contains a copy of the root
file structure from the internal flash drive. This directory is used in certain disaster-recovery
modes where the internal flash drive is not operational.
/altconfig This directory is located on the router’s hard drive and contains a copy of the
/config file structure from the internal flash drive. This directory is also used in certain disasterrecovery
modes where the internal flash drive is not operational.
You can view the router’s directory structure as well as individual files by issuing the file
command in operational mode:
user@Shiraz> file ?
Possible completions:
compare Compare files (local)
copy Copy files (local or remote)
delete Delete files from the system (local)
list List file information (local)
rename Rename files (local)
show Display file contents (local)
As you can see, the file command gives you several options for manipulating files, but we’ll
focus on the list option here to see the directory structure of the router. The default directory
for the file list command is the home directory of the user logged into the router. In fact,
the user’s home directory is the default directory for the majority of the JUNOS software commands
requiring a filename. We currently have the following files in our home directory on the
Shiraz router.
Routing Engine Components 45
user@Shiraz> file list
.ssh/
common
You have the ability to view the contents of other file directories by specifying the directory
structure:
user@Shiraz> file list /config
juniper.conf
juniper.conf.1.gz
juniper.conf.2.gz
juniper.conf.3.gz
The router’s context-sensitive help system is also available to assist you in locating the
desired directory:
user@Shiraz> file list /?
Possible completions:
<[Enter]> Execute this command
Path to list
/COPYRIGHT Size: 4735, Last changed: Mar 31 2001
/altconfig/ Last changed: Dec 11 2001
/altroot/ Last changed: Dec 11 2001
/bin/ Last changed: Aug 26 08:49:25
/boot/ Last changed: Oct 03 16:27:55
/config/ Last changed: Oct 03 16:27:56
/dev/ Last changed: Sep 30 12:10:56
/etc/ Last changed: Oct 03 16:27:56
/kernel Size: 9302545, Last changed: Apr 30 02:00:21
/mnt/ Last changed: Dec 11 2001
/modules/ Last changed: Aug 26 08:43:17
/packages/ Last changed: Aug 26 08:49:45
/proc/ Last changed: Oct 04 10:20:32
/root/ Last changed: Aug 26 08:47:33
/sbin/ Last changed: Aug 26 08:49:45
/tmp/ Last changed: Oct 03 16:27:55
/usr/ Last changed: Dec 11 2001
/var/ Last changed: Dec 27 2001
user@Shiraz> file list /var/?
Possible completions:
<[Enter]> Execute this command
Path to list
46 Chapter 1  The Components of a Juniper Networks Router
/var/crash/ Last changed: Sep 16 09:03:30
/var/cron/ Last changed: Dec 27 2001
/var/db/ Last changed: Oct 03 16:27:56
/var/etc/ Last changed: Oct 03 16:27:56
/var/home/ Last changed: Oct 03 15:07:40
/var/log/ Last changed: Oct 03 16:27:56
/var/run/ Last changed: Oct 04 10:07:53
/var/sw/ Last changed: Dec 27 2001
/var/tmp/ Last changed: Sep 30 12:11:28
user@Shiraz> file list /var/log
messages
(Note: Information deleted for brevity)
Routing Engine Redundancy
Certain Juniper Networks routers have the ability to contain two Routing Engines in the physical
chassis. For the M-series platforms, the M20, M40e, and M160 support this configuration.
Only one of the Routing Engines is considered the master at any point in time, and it controls
the router’s operations. The other Routing Engine, the backup, is available in the chassis to provide
fail-over capability should the master cease to function.
By default, the router does not automatically enable the backup Routing Engine to assume
the master role. You have to enable this functionality:
[edit chassis]
user@Shiraz# set redundancy failover on-loss-of-keepalives
[edit chassis]
lab@SanJose# show
redundancy {
failover on-loss-of-keepalives;
}
The master and backup Routing Engines begin generating keepalive signals to each other. If
the backup Routing Engine fails to receive keepalives for 20 seconds (a non-configurable timer),
it enters a message in the messages log file. After 300 seconds, the default fail-over timer, the
backup Routing Engine attempts to assume the master role for the router. When it succeeds, an
alarm is generated to notify you that the master Routing Engine failed.
You can adjust the fail-over timer to between 2 and 10,000 seconds by using the keepalivetime
command. Here, we’ve decided that the Shiraz router should use a 30-second timer value:
[edit chassis]
user@Shiraz# set redundancy keepalive-time 30
Packet Forwarding Engine Components 47
[edit chassis]
lab@SanJose# show
redundancy {
failover on-loss-of-keepalives;
keepalive-time 30;
}
Both the master and backup Routing Engines must be operating the same version
of the JUNOS software for the redundancy process to function correctly.
Packet Forwarding Engine Components
We now investigate the details of the Packet Forwarding Engine. This is a shorter discussion
than the components of the Routing Engine, since your interaction with the Packet Forwarding
Engine is through the CLI and the JUNOS software. The components of the Packet Forwarding
Engine fall into two main subsets: the Embedded OS software operating the circuit
boards themselves and the ASICs actually participating in packet forwarding. After covering
the details of these two components, we discuss examples of the data packet flow through the
forwarding plane.
Embedded OS Software
As the router boots, the Embedded OS software (microcode) is downloaded from the Routing
Engine to the CPUs on the circuit boards. Built by Juniper Networks engineers, the Embedded OS
software contains a microkernel and individual threads that operate like the daemons on the Routing
Engine. In stark contrast to the JUNOS software on the Routing Engine, the Embedded OS software
on the Packet Forwarding Engine is fairly non-intelligent. It contains only enough capabilities
to operate the control board, the FPCs, and the PICs. Perhaps most important, the Embedded OS
software also begins the operation of the ASICs in the Packet Forwarding Engine.
Application-Specific Integrated Circuits
Each circuit board in the Packet Forwarding Engine contains at least one ASIC, with some
boards containing multiple chips. It is the interaction of these ASICs that provide the forwarding
path through the router and supply the industry-leading forwarding performance of Juniper
Networks routers.
For the remainder of this book, we focus only on the ASICs found within the
M-series family of routers.
48 Chapter 1  The Components of a Juniper Networks Router
PIC I/O Manager ASIC
Each PIC in the router contains an individual PIC I/O Manager ASIC that is unique to the specific
media type on the PIC. For example, a PIC with Asynchronous Transfer Mode (ATM)
interfaces has a different ASIC than a PIC with Synchronous Optical Network (SONET)/
Synchronous Digital Hierarchy (SDH) interfaces. The requirement for this individuality arises
from the tasks of the ASIC.
The PIC I/O Manager ASIC handles media-specific tasks such as verifying data-link framing,
detecting link-level errors, and generating link-level alarms. Specialized functions such as ATM
segmentation and reassembly (SAR) takes place on the PIC ASIC as well.
Generally speaking, the PIC I/O Manager ASIC is responsible for removing data packets
from the physical media and placing data packets back on the physical media. It connects
directly to the I/O Manager ASIC on the FPC containing the PIC.
I/O Manager ASIC
Each FPC contains a single I/O Manager ASIC that connects to both the PIC I/O Manager
ASIC and the Distributed Buffer Manager ASIC (which we discuss next) on the control board.
The I/O Manager ASIC performs multiple functions on each data packet.
As a data packet enters the router, the I/O Manager ASIC verifies the integrity of both the
Layer 2 and Layer 3 headers. Provided the data packet is valid, the ASIC removes the Layer 2
header and segments the packet into 64-byte units called a J-cell. The I/O Manager ASIC sends
these J-cells to the Distributed Buffer Manager ASIC for storage in the shared memory pool.
Each I/O Manager ASIC in the router contributes memory to the shared memory packet storage
on the router, controlled by the ASICs on the router’s control board. The Distributed Buffer
Manager ASIC instructs the I/O Manager ASIC to place and retrieve individual J-cells in the
memory on its FPC.
On the outgoing side of the router, the I/O manager queues a special J-cell called the result
cell. The result cell contains the next-hop information for the packet as well as other information
about which queue to store the packet in. When the router is ready to send the data packet
out an interface, the I/O manager ASIC receives all of the packet’s J-cells from the packet buffer
storage via the Distributed Buffer Manager ASIC. The I/O Manager ASIC re-forms the data
packet and adjusts any protocol time-to-live (TTL) values before encapsulating the packet into
the appropriate Layer 2 format. Finally, the packet is sent to the PIC I/O Manager ASIC for
placement on the physical media.
Distributed Buffer Manager ASIC
Each control board in the router contains two Distributed Buffer Manager ASICs. The ASICs
connect to the I/O Manager ASIC on the FPC and to the Internet Processor ASIC, which is also
on the control board. The ASIC is logically split into two components, each with an important
function. One of the ASICs, which we refer to as the Inbound Distributed Buffer Manager ASIC,
is responsible for handling inbound J-cells. Its partner, the Outbound Distributed Buffer Manager
ASIC, handles outbound J-cells.
Packet Forwarding Engine Components 49
The two ASICs work in conjunction with each other to store and retrieve J-cells in the shared
packet buffer pool. In addition, the Inbound Distributed Buffer Manager ASIC also generates a
special J-cell called the notification cell. The notification cell contains information from the data
packet, such as source and destination IP addresses, source and destination port numbers, the
incoming interface on the router, Quality of Service (QoS) settings, and the existing protocol TTL
value of the packet. The ASIC then sends the notification cell to the Internet Processor ASIC.
Internet Processor ASIC
Every Juniper Networks router contains a single Internet Processor ASIC on the control board
in the Packet Forwarding Engine. In many respects, the Internet Processor ASIC is the heart of
the Packet Forwarding Engine. It is the only ASIC in the forwarding path that accesses the forwarding
table, performs route lookups, and makes forwarding decisions. It receives notification
cells from the Inbound Distributed Buffer Manager ASIC and transforms them into result cells
after performing a route lookup. Additionally, the Internet Processor ASIC performs firewall
packet filtering, enforces policy controls on data packets, and collects exception packets for
transmission to the routing engine.
We discuss exception packets in the section “Exception Packets” later in this
chapter.
Packet Flow
By understanding the functionality of the different ASICs in the Packet Forwarding Engine, you
may already have a good idea of how a data packet flows through the forwarding path of the
router. To provide a complete picture to use as a concise guide, we follow a unicast packet as
it enters and then leaves the Packet Forwarding Engine. We then examine the differences in the
forwarding path for multicast packets and discuss what exception packets are and how they are
handled.
Unicast Packets
Each unicast packet received on a router’s interface is treated in a similar fashion. At a high
level, the packet is stored in the shared memory pool, a route lookup is performed, and the
packet is transmitted out one of the router’s interfaces. Figure 1.4 displays a simplified view of
the Packet Forwarding Engine ASICs and their representation to each other.
50 Chapter 1  The Components of a Juniper Networks Router
FIGURE 1 . 4 Unicast packet flow
Let’s use Figure 1.4 as a reference for the detailed steps of the unicast packet flow:
1. A data packet arrives on one of the router’s interfaces. The PIC I/O Manager ASIC formulates
the packet and performs link-layer error checking, if appropriate.
2. The PIC I/O Manager ASIC transmits the data packet, complete with Layer 2 and Layer 3
headers, to the I/O Manager ASIC on its FPC.
3. The I/O Manager ASIC verifies the integrity of the Layer 2 and Layer 3 headers. Provided a
valid protocol packet remains, the I/O Manager ASIC removes the Layer 2 header and segments
the data packet into 64-byte J-cells. It then sends those J-cells to the Inbound Distributed
Buffer Manager ASIC.
4. The Inbound Distributed Buffer Manager ASIC begins to receive J-cells from the I/O Manager
ASIC. The notification cell is built and is transmitted to the Internet Processor ASIC.
5. The J-cells that make up the data packet are stored in the shared memory pool. Each FPC supplies
the physical components of the shared memory, and the Inbound Distributed Buffer
Manager ASIC sends the packet’s J-cells to all FPCs in the router on a round-robin basis.
6. The I/O Manager ASIC on each FPC receives the J-cells and stores them in its physical memory
as instructed by the Inbound Distributed Buffer Manager ASIC.
Internet
Processor ASIC
Forwarding
Table
Inbound I/O
Manager ASIC
Outbound I/O
Manager ASIC
I/O Manager ASIC
(on each FPC)
Inbound PIC I/O
Manager ASIC
Outbound PIC I/O
Manager ASIC
Shared
Memory Pool
Inbound Distributed
Buffer Manager ASIC
Outbound Distributed
Buffer Manager ASIC
3
4
1
2
5
8
10 8 10
10 11
12
9
6
7
Packet Forwarding Engine Components 51
7. While the J-cells are being stored in memory, the Internet Processor ASIC receives the notification
cell and performs a route lookup in the forwarding table. The next-hop router along
the path of the route and the outgoing interface on the router is determined. This next-hop
information is stored in the notification cell, which now becomes the result cell.
8. The Internet Processor ASIC sends the result cell to the Outbound Distributed Buffer Manager
ASIC, which examines the cell to locate the outgoing interface. The result cell is then
sent to the appropriate FPC for queuing and transmission.
9. The I/O Manager ASIC queues the result cell and applies appropriate queuing mechanisms.
When the result cell reaches the head of the queue, the I/O Manager ASIC requests
the packet’s J-cells from the Outbound Distributed Buffer Manager ASIC.
10. The Outbound Distributed Buffer Manager ASIC copies the J-cells from the packet storage
buffer and sends them to the I/O Manager ASIC on the outgoing FPC.
11. The I/O Manager ASIC re-forms the data packet into a single unit and alters any protocol
TTL values. The ASIC then appends the appropriate Layer 2 header information and sends
the packet to the PIC I/O Manager ASIC.
12. The PIC I/O Manager ASIC performs any link-layer duties, if required, and transmits the
data packet out the router’s interface.
Multicast Packets
A Juniper Networks router handles multicast data packets in a very similar fashion to unicast
packets. There is only one major difference between the two, so we won’t repeat the packet flow
steps in detail here.
Refer back to Figure 1.4 and the steps outlined in the previous section, and focus on steps 7 and
8. When the Internet Processor ASIC performs its route lookup on a multicast packet, it often
finds multiple next-hop interfaces in the forwarding table. Information about all the outgoing
interfaces is placed in the result cell and sent to the Distributed Buffer Manager ASIC. This ASIC
examines the result cell and finds several outgoing interfaces. It generates a copy of the result cell
for each interface and sends those cells to the appropriate I/O Manager ASICs on the FPCs. The
queuing and transmission of the multicast packets at this point then follows the unicast packet
steps outlined previously.
Exception Packets
The Packet Forwarding Engine can’t process some data packets in your network in its normal
fashion. A prime example of these packets is routing protocol updates addressed to the router
itself. There is no outgoing interface for these packets; they should be sent to the Routing Engine
instead. The CPU on the router’s control board handles this type of traffic, called an exception
packet.
Other forms of exception packets include:
 Packets addressed to the router, such as ICMP pings, Telnet, and SSH traffic
 Packets requiring the generation of an ICMP error message, including traceroute responses
and destination unreachable messages
 Packets containing an IP Options field
52 Chapter 1  The Components of a Juniper Networks Router
The control board CPU handles different types of exception traffic differently. For example,
routing protocol updates are sent to the Routing Engine over the fxp1 interface. Local delivery
packets (Telnet, for example) and IP Options packets are sent to the Routing Engine as well. The
control board CPU itself generates any ICMP error messages and sends them to the appropriate
IP source address.
Summary
This chapter discussed the basic router design of a Juniper Networks router. We examined the
basic functionality and components of both the Routing Engine and the Packet Forwarding
Engine.
We further explored the Routing Engine with a look at the JUNOS software architecture,
its naming convention, and operational parameters. Next, we discussed the router’s CLI by
examining the operational and configuration modes of the router. We saw how to navigate
through the CLI, use the context-sensitive help system, understand the command completion
process, and modify the output of commands. We then discussed the differences between the
candidate and active configurations, including a look at the router’s rollback functionality.
We also examined the various ways to use the commit command and where the router stores
configuration and user files.
We concluded the chapter by looking at the Packet Forwarding Engine. This discussion centered
on how the ASICs and control boards forward user data packets through the router. We
examined the handling of both unicast and multicast packets. Finally, we defined an exception
packet and explained how the router handles them.
Exam Essentials
Understand the basic functions of the Routing Engine and the Packet Forwarding Engine. The
Routing Engine is the intelligence of the router. It operates the routing protocols and builds a routing
and forwarding table. The forwarding table is copied to the Packet Forwarding Engine, where
the actual transmission of user data packets is handled.
Be able to identify the JUNOS software boot locations and the default boot sequence. The
JUNOS software is stored on the internal flash drive, the internal hard drive, and the removable
flash media. When the router begins to boot, the removable media is checked first, followed by
the internal flash drive, and finally the internal hard drive.
Understand the JUNOS software commands associated with configuration files. You may
save the router’s configuration to the hard drive with the save command. The load command
restores files to the candidate configuration. The candidate configuration becomes the active
configuration with the commit command. You can easily return to a previous configuration
with the rollback command.
Exam Essentials 53
Be able to identify the ASICs used in the Packet Forwarding Engine. There are four main
ASICs used in the Packet Forwarding Engine: the Internet Processor ASIC, the Distributed
Buffer Manager ASIC, the I/O Manager ASIC, and the PIC I/O Manager ASIC.
Be able to describe the flow of a packet through the Packet Forwarding Engine. A packet is
received on an interface and is segmented into J-cells by the I/O Manager ASIC. The Distributed
Buffer Manager ASIC stores the packet in the shared memory pool. The Internet Processor ASIC
performs a route lookup and sends the result to the Distributed Buffer Manager ASIC, which
forwards it to the outgoing I/O Manager ASIC. After queuing the packet, the I/O Manager ASIC
receives the J-cells from the memory pool and re-forms the packet. It is sent to the outgoing
PIC I/O Manager ASIC for transmission into the network.
Understand what an exception packet is and how the router handles those packets. An
exception packet could be a routing protocol update, a locally addressed packet, or a packet
requiring the generation of an ICMP error message. The CPU on the router’s control board
handles these exception packets and performs the appropriate action.
54 Chapter 1  The Components of a Juniper Networks Router
Key Terms
Before you take the exam, be certain you are familiar with the following terms:
active configuration jdocs
application-specific integrated circuits (ASICs) jkernel
backup jpfe
candidate configuration jroute
Chassis Daemon (chassid) kernel
command completion Management Daemon (mgd)
command-line interface (CLI) master
configuration mode Memory Mezzanine Board (MMB)
context-sensitive help notification cell
Device Control Daemon (dcd) operational mode
Distributed Buffer Manager ASIC package
editor macros (Emacs) Packet Forwarding Engine
Embedded OS software Packet Forwarding Engine Daemon (pfed)
exception packet Physical Interface Card (PIC)
Flexible PIC Concentrator (FPC) PIC I/O Manager ASIC
Forwarding Engine Board (FEB) result cell
forwarding table Routing Engine
I/O Manager ASIC Routing Protocol Daemon (rpd)
Internet Processor ASIC routing table
jbase Switching and Forwarding Module (SFM)
jbundle System Control Board (SCB)
J-cell System Switching Board (SSB)
jcrypto
Review Questions 55
Review Questions
1. What are the functions of the Routing Engine? (Choose three.)
A. Operates routing protocols
B. Segments data packets into J-cells
C. Loads the JUNOS software
D. Controls the CLI
2. Which router component is responsible for creating the forwarding table?
A. Packet Forwarding Engine
B. Routing Engine
C. Flexible PIC Controller
D. Physical Interface Card
3. The PIC I/O Manager ASIC is responsible for what function?
A. Creating J-cells
B. Performing route lookups
C. Transmitting packets
D. Storing packets in memory
4. The Internet Processor ASIC is responsible for what function?
A. Creating J-cells
B. Performing route lookups
C. Transmitting packets
D. Storing packets in memory
5. The I/O Manager ASIC is responsible for what function?
A. Creating J-cells
B. Performing route lookups
C. Transmitting packets
D. Creating notification cells
6. The Distributed Buffer Manager ASIC is responsible for what function?
A. Creating J-cells
B. Performing route lookups
C. Transmitting packets
D. Storing packets in memory
56 Chapter 1  The Components of a Juniper Networks Router
7. A unicast packet is flowing through the Packet Forwarding Engine. Which ASIC receives the
packet after the incoming PIC I/O Manager ASIC performs its functions?
A. Incoming I/O Manager ASIC
B. Outgoing I/O Manager ASIC
C. Incoming Distributed Buffer Manager ASIC
D. Outgoing Distributed Buffer Manager ASIC
8. What component of the router is responsible for handling exception packets?
A. Internet Processor ASIC
B. Switching control board CPU
C. Routing Engine
D. Flexible PIC Controller CPU
9. Which types of packets are considered exception packets? (Choose two.)
A. IP packets with TTL=1
B. HTTP packets
C. SMTP packets
D. Routing protocol updates
10. Which JUNOS software daemon is responsible for operating the CLI?
A. chassisd
B. rpd
C. mgd
D. dcd
11. Which JUNOS software daemon is responsible for controlling the routing protocols?
A. chassisd
B. rpd
C. mgd
D. dcd
12. When issued from the top of the configuration hierarchy, which command creates a file called
saved-file that contains the entire candidate configuration?
A. file save saved-file
B. save saved-file
C. run file save saved-file
D. run save saved-file
Review Questions 57
13. Which command places the juniper.conf.5.gz file in the candidate configuration?
A. rollback 5
B. run rollback 5
C. load override juniper.conf.5.gz
D. load merge juniper.conf.5.gz
14. Where does the router store each user’s home directory?
A. /var/db/config
B. /var/log
C. /var/home
D. /var/usr
15. What is the primary boot media for the JUNOS software?
A. Removable media
B. Internal flash drive
C. External flash drive
D. Internal hard drive
16. What is the secondary boot media for the JUNOS software?
A. Removable media
B. Internal flash drive
C. External flash drive
D. Internal hard drive
17. Which command loads a new version of the JUNOS software into the internal flash drive?
A. load upgrade filename
B. request system software add filename
C. load software filename
D. request system load filename
18. Which Emacs keystroke takes the cursor to the beginning of the command line?
A. Ctrl+A
B. Ctrl+D
C. Ctrl+E
D. Ctrl+W
58 Chapter 1  The Components of a Juniper Networks Router
19. Which command allows you to paste text directly into the candidate configuration?
A. load override
B. load override filename
C. load merge
D. load merge terminal
20. When you’re committing your configuration, what command allows the router to automatically
return to a previous configuration?
A. commit
B. commit and-quit
C. commit check
D. commit confirmed
Answers to Review Questions 59
Answers to Review Questions
1. A, C, D. The Routing Engine performs multiple functions, including operating the routing protocols
on the router, loading the JUNOS software, and controlling the CLI. The Packet Forwarding
Engine controls packet forwarding.
2. B. The Routing Engine builds the master routing table, selects the best path to each route, and
places those next hops into the forwarding table.
3. C. The PIC I/O Manager ASIC is responsible for receiving and transmitting data packets from
the physical media connected to the PIC.
4. B. The Internet Processor ASIC consults the forwarding table on the control board to determine
the next-hop router along the path to the destination.
5. A. The I/O manager ASIC is responsible for multiple functions in the router. One of those is the
creation of J-cells from the original data packet.
6. D. The primary role of the Distributed Buffer Manager ASIC is storing and retrieving J-cells
from the packet storage buffer.
7. A. After receiving the packet from the physical media and performing any link-layer functions,
the incoming PIC I/O Manager ASIC sends the packet to the incoming I/O Manager
ASIC on its FPC.
8. B. The CPU on the router’s control board is responsible for handing exception packets. Some
of those exception packets might reach the Routing Engine.
9. A, D. Routing protocol updates and packets requiring an ICMP error message (TTL = 1) are considered
exception packets. A Juniper Networks router does not communicate using the HTTP or
SMTP protocols. Therefore, these packets must be transiting the router and are handled by the
Packet Forwarding Engine.
10. C. The Management Daemon (mgd) is responsible for controlling the CLI process.
11. B. The Routing Protocol Daemon (rpd) is responsible for all routing protocol activity on the
router.
12. B. The save command takes portions of the candidate configuration and places them in a file
you specify. When used from the top of the hierarchy, this process saves the entire candidate
configuration.
13. A. Only the rollback 5 command places the fifth rollback file in the candidate configuration.
Options C and D will look for the juniper.conf.5.gz file in the user’s home directory, where
it is not stored by default.
14. C. Each user configured on the router receives his or her own home directory in the /var/home
section of the hard drive.
15. B. The router’s internal flash drive is the primary boot location for the JUNOS software.
60 Chapter 1  The Components of a Juniper Networks Router
16. D. The router’s internal hard drive is the secondary boot location for the JUNOS software.
17. B. The request system software add filename command loads a copy of the JUNOS software
onto the router’s flash drive.
18. A. To reach the beginning of the command line, use the Ctrl+A keystroke. Ctrl+E takes you to
the end and Ctrl+W deletes the previous word. Ctrl+D closes your terminal during a load merge
terminal operation.
19. D. The load merge terminal command allows you to cut and paste configuration directly
into the router.
20. D. The commit confirmed command allows the router to return to the previous configuration
automatically if you don’t issue a regular commit within the default 10-minute timer.