|
BGP Path Selection Process Decision Steps |
IOS |
JUNOS |
|
| Next-Hop accessible/resolvable (mandatory attribute) |
By default, the NEXT-HOP is changed for EBGP and is unchanged for iBGP.
The NEXT-HOP identifies the EBGP speaker in the adjoining AS, and IGP will not carry this route, thereby leading to an unreachable next hop. |
||
|
Synchronization |
BGP process expects the IGP to have a copy of each route before that route can be advertised by BGP. This is why disabling synchronization is the 1st step in IOS configuration. |
NONE. |
|
| Weight (Influences OUTBOUND traffic, but apply on inbound). | This is Cisco proprietary parameter given to a route on a particular router and is used only within that router. The weight is never given to other routers.
*Default weight = 0, except for locally sourced routes which get a default weight = 32,768. The maximum weight is 65,535. *Weight value => the higher the better. |
NONE. |
|
| Local Preference (Influences OUTBOUND traffic, but apply on inbound). (discretionary attribute)
|
Local preferences are shared among iBGP routers, but they are NOT shared with external BGP routers.
*Default Local_PREF = 100. *Local_PREF value => the higher the better. |
||
|
Self-Originated |
BGP routes prefer routes that originate inside their own AS. That is, to choose the route that originated with BGP on this router. | ||
| AS Path (Influences INBOUND traffic, but apply on outbound). (mandatory attribute) |
By default, BGP discards any route advertisement that contains its local AS number in the AS path to prevent routing loop. For routes that originate outside of the AS, BGP will prefer the one with the shortest path. | ||
| Origin. (mandatory attribute)
ORIGIN has 3 values: 0 = IGP, 1 = EGP, 2 = Incomplete |
BGP selects IGP routes in preference to EGP, and EGP in preference to INCOMPLETE routes. An INCOMPLETE route is one that is injected into BGP via redistribution. *Origin value => the lower the better. |
||
| MED (Influences INBOUND traffic, but apply on outbound). (nontransitive attribute)
Use MED to tell your ISPs which of several entrances to your |
MED is used by the local AS to influence the routing decisions in an adjacent AS for traffic that is inbound to the local AS. BGP selects the route with the lowest MED value. MED actually leaves your AS and tells your neighbor routers which link we want them to talk to.
*Default MED = 0. *MED value => the lower the better |
||
| MED is used ONLY if both routes are received from the same AS, or if the command “bgp always-compare-med” has been enabled.
With “bgp always-compare-med” enabled, BGP will compare MED values even if they come from different ASes, although to reach this step the AS_PATHs must have the same length. You should use this command throughout the AS or you risk creating routing loops. |
|
||
| External
BGP prefer the paths learned using EBGP over paths learned using iBGP to eliminate loops. |
EBGP AD = 20 is lower than other IGP because it should go out of the AS instead of staying in AS.
iBGP AD = 200 is higher than other IGP because if it¡¯s an internal route, it should use internal IGP. |
BGP default protocol preference = 170 | |
| IGP Cost
BGP prefers paths with the lowest IGP metric. |
a. Make sure disabling synchronization.
b. Choose the routes with the lowest IGP administrative distance. |
a. Examine route tables inet.0 and inet.3 for the BGP next hop, and then install the physical next hop for the route with the better preference.
b. For preference ties, install the physical next hop found in inet.3. c. For preference ties within the same route table, install the physical next hop where the greater number of equal-cost paths exists. |
|
| eBGP Peering/Ages of the routes |
BGP will look at the ages of the routes and use the oldest route to particular destination for stability. | ||
| Router ID | A router’s ID is the IP address assigned to the loopback interface or the highest IP address on an active interface at boot time.
*Router ID => the lower the better |
||
November 6, 2009
Decision of BGP Path Selection on IOS and JUNOS
October 20, 2009
JUNOS Default Policies
LS protocol (Link-State protocol): OSPF and ISIS
1. LS default policy:
a. default import policy:
1) accept all routes learned through LS protocol
2) for OSPF, filter external routes from being installed into the route table.
b. default export policy:
1) reject everything
2) for OSPF, LSA flooding is not affected by export policy. The advertisement of local interfaces are enabled to run OSPF, the readvertisement (flooding) of LSAs received fro other routers.
2. RIP default policy:
a. default import policy: accept all received RIP routes that pass a sanity check
b. default export policy: advertise no routes
*You’ll need to create and apply a custom export policy to readvertise RIP learned and direct routes for interfaces running RIP to other RIP speakers.
3. BGP default policy:
a. default import policy: accept all received BGP routes that pass a sanity check
b. default export policy: readvertise all learned BGP routes to all BGP speakers
October 15, 2009
IOS ADs vs JUNOS Preferences
| Source | IOS administrative distance | JUNOS protocol preference | Purpose |
| Local | 0 | 0 | Local IP of the interface |
| Connected Interface | 0 | 0 | Subnet corresponding to the directly connected interface |
| System Routes | 4 | ||
| Static | 1 | 5 | Static routes |
| RSVP | 7 | Routes learned from the Resource Reservation Protocol used in MPLS | |
| LDF | 8 | ||
| LDP | 9 | Routes learned from the Label Distribution Protocol used in MPLS | |
| OSPF internal route | 10 | OSPF internal routes such as interfaces that are running OSPF | |
| IS-IS Level 1 internal route | 15 | IS-IS Level 1 internal routes such as interfaces that are running ISIS | |
| IS-IS Level 2 internal route | 18 | IS-IS Level 2 internal routes such as interfaces that are running ISIS | |
| EBGP | 20 | ||
| Redirects | 30 | Routes from ICMP redirect | |
| Kernel | 40 | Routes learned via route socket from kernel | |
| SNMP | 50 | Routes installed by NMS through the SNMP | |
| Router discovery | 55 | Routes installed by ICMP Router Discovery | |
| Internal EIGRP | 90 | Cisco proprietary routing protocol | |
| RIP | 100 | Routes from Routing Information Protocol (IPv4) | |
| RIPng | 100 | Routes from Routing Information Protocol (IPv6) | |
| IGRP | 100 | Internal Gateway Routing Protocol | |
| PIM | 105 | Routes from Protocol Independent Multicast | |
| DVMRP | 110 | Routes from Distance Vector Multicast | |
| OSPF | 110 | ||
| IS-IS | 115 | ||
| RIP | 120 | Routes from Routing Information Protocol | |
| Aggregate | 130 | Aggregate and generated routes | |
| EGP | 140 | Routes from Exterior Gateway Protocol | |
| OSPF AS external routes | 150 | Routes from OSPF that have been redistributed into OSPF | |
| ODR | 160 | On Demand Routing | |
| IS-IS Level 1 external route | 160 | Routes from IS-IS Level 1 that have been redistributed into ISIS | |
| IS-IS Level 2 external route | 165 | Routes from IS-IS Level 2 that have been redistributed into ISIS | |
| BGP | 170 | Routes from BGP | |
| MSDP | 175 | ||
| External EIGRP | 170 | ||
| iBGP | 200 | ||
| Unknown | 255 | 255 |
September 29, 2009
Basic Config of JUNOS
17. The loop argument to the autonomous-system statement allows you to configure tolerance for occurrences of the local ASN in received route updates. It indicates a BGP routing loop and results in the related route being discarded. The default setting of 1 will reject any route with 1 instance of the local AS number. That is, the route with a single instance of the local ASN should be discarded. To support reception of routes with a single instance of the local ASN, specify a loop value of 2.
jc@Junos# set routing-options autonomous-system loops 3
Tolerates as many as 2 instances of the local AS number in received route updates.
16. Martian routes:
jc@Junos> show route martians table inet.0 inet.0: 0.0.0.0/0 exact -- allowed 0.0.0.0/8 orlonger -- disallowed 127.0.0.0/8 orlonger -- disallowed 128.0.0.0/16 orlonger -- disallowed 191.255.0.0/16 orlonger -- disallowed 192.0.0.0/24 orlonger -- disallowed 223.255.255.0/24 orlonger -- disallowed 240.0.0.0/4 orlonger -- disallowed
15. Security:
a. SSH:
jc@Junos> set system services ss
b. Direct broadcast msgs:
Junos doesn’t forwared these msgs to prevent DoS, which are datagrams with a destination address of an IP subnetwork broadcast address.
c. Martian addresses:
Martian addresses are host or network addresses about which all routing information is ignored.
(1) In IPv4: 0.0.0.0/8, 127.0.0.0/8, 128.0.0.0/16, 191.255.0.0/16, 192.0.0.0/24, 223.255.255.0/24, 240.0.0.0/4
(2) In IPv6: the loopback address, the reserved and unassigned prefixes from RFC 2373, and the link-local unicast prefix are the default martian addresses
d. Who’s logged in:
jc@Junos> show system users
jc@Junos> request system logout mike
jc@Junos> request message user mike message "End router session now!"
jc@Junos> request message all message "End router session now!"
e. Who’s configuring:
jc@Junos# status
Users currently editing the configuration:
fred terminal p0 (pid 13329) on since 2008-03-23 15:15:12 UTC
f. Ensure no one else can modify the router while u’re editing:
jc@Junos# configure exclusive
14. IS-IS:
a. IS-IS runs directly on the data link layer (Layer 2). As a result, each interface that runs IS-IS doesn’t need an IP address to exchange IS-IS information.
b. It was developed as part of the OSI network protocols and not part of TCP/IP, thus IS-IS doesn’t use IP addresses.
c. IS-IS addresses are called NETs (Network Entity Titles). NETs can be 8~20 bytes long, but are generally 10 bytes long:
d. All the routers within an area exchange their network topology information in IS-IS LSPs, and run the SPF calculation to keep their link-state database identical.
e. Routers within an area can send summaries of their routes to other areas in the IS-IS network.
f. Two types of routers:
(1) Level 1 systems: When they receive traffic destined for somewhere outside the area, they send the packet toward a Level 2 system.
(2) Level 2 systems:
(2.1) Route traffic b/w 2 IS-IS areas.
(2.2) They route traffic to other ASs.
g. Configure IS-IS:
jc@Junos> set interfaces ge-1/0/0 unit 0 family iso jc@Junos> set protocols isis interface ge-1/0/0.0
e. Monitor IS-IS:
jc@Junos> show isis database jc@Junos> show isis adjacency => displays the neighbors jc@Junos> show ospf interface jc@Junos> show ospf route jc@Junos> show route protocol isi
13. OSPF:
a. Link-state protocols run a SPF algorithm to create a database of the network’s topology to determine the best path to a destination.
b. Each router goes through the following process to discover the network topology and determine the best path to each destination:
1) OSPF creates LSAs which describe the network topology that the router has in its link-state database.
2) The router floods the LSAs to all routers in the domain.
3) When the router receives LSAs from other routers, it adds the information to its link-state database.
4) The router runs the Dijkstra SPF calculation to determine the shortest path to each destination in the domain. The result of the calculation is the destination address and the next hop. OSPF places this information in its OSPF routing database. Each router performs the SPF calculation independently, all routers end up with identical link-state databases thought the routers may have different next hops for the destination.
5) When changes occur in the domain, this information is transmitted in LSAs, and all the OSPF routers rerun the SPF calculation and update their link-state database.
c. As an OSPF network gets larger, one of the challenges is keeping all the link-state statements on all routers in sync. => divide it into smaller areas
1) Each area has the same properties: All the routers within the area exchange their network topology information in LSAs, and this smaller group of routers run the SPF calculation to keep their link-state databases identical.
2) ABRs – run 2 SPF calculations, maintain 2 link-state databases, pass route information between the 2 areas but summarize it before sending it into the neighboring area.
Summarization improves the overall stability of the OSPF network.
3) ASBRs – are responsible to advertise externally learned routes into the OSPF administrative domains.
4) All routers in the OSPF backbone must be physically connected to each other. If any routers aren’t physically contiguous, they must be connected by an OSPF virtual link so that they appear to be contiguous.
5) Area ID 0 is normally written as the 32-bit value 0.0.0.0.
6) Stub areas — receive only summarized routing information about other areas within the OSPF domain, and don’t receive any information about external OSPF routes. => Stub areas can’t connect to external networks.
7) NSSAs – can connect to external networks.
d. Configure OSPF:
[edit protocols]
jc@Junos# set ospf area 0.0.0.0 interface ge-1/3/0.0 authentication md5 123456
e. Monitor OSPF:
jc@Junos> show ospf database
jc@Junos> show ospf database summary
jc@Junos> show ospf database brief
jc@Junos> show ospf database router
jc@Junos> show ospf interface
jc@Junos> show ospf neighbor
jc@Junos> show ospf route
jc@Junos> show ospf overview
jc@Junos> show route protocol ospf
12. RIP:
[edit protocols]
jc@Junos# set rip group fred-group neighbor ge-0/0/1.0
a. All RIP neighbors needs to be part of a group with group keyword. (i.e. fred-group)
jc@Junos> show rip neighbor
Source Destination Send Receive In
Neighbor State Address Address Mode Mode Met
-------- ----- ------- ----------- ---- ------- ---
ge-0/0/1.0 Up 10.0.29.2 224.0.0.9 mcast both 1
b. The last column reports the inbound metric, which is how many hops will be added to received routes.
11. Default Route Preferences:
| How Route is Learned | Default Route Preference |
| Directly connected router or network | 0 |
| Configured static routes | 5 |
| MPLS | 7 |
| LDP (Label Distribution Protocol) | 9 |
| OSPF internal routes | 10 |
| IS-IS Level 1 internal routes | 15 |
| IS-IS Level 2 internal routes | 18 |
| SNMP | 50 |
| RIP | 100 |
| PIM | 105 |
| DVMRP | 110 |
| Aggregate | 130 |
| OSPF external routes | 150 |
| IS-IS Level 1 external routes | 160 |
| IS-IS Level 2 external routes | 165 |
| BGP | 170 |
| MSDP | 175 |
a. LDP – MPLS-specific protocol that LSRs can use to exchange information about the labels for each FEC so that they can assign the correct labels to each of their forwarding paths.
1) LSR (Label Switching Router) — a networking device that can run the MPLS protocols
2) LSP (Lable Switched Path) — the end-to-end, unidirectional path established through the MPLS network
3) FEC (Forward Equivalency Class) — the set of IP packets assigned to a particular path and identified by its label
10. Routing Table:
| Routing Table | Description |
| inet.0 | Default table for IPv4 unicast routes, including configured static routes, RIP, OSPF, IS-IS, and BGP. |
| inet.1 | Multicast forwarding cache, used by DVMRP and PIM |
| inet.3 | Stores paths and label information for traffic engineering (MPLS) |
| inet.6.0 | Default table for IPv6 unicast routes |
| iso.0 | ISO routes for IS-IS |
| mpls.0 | Next hops for MPLS label-switched paths (LSPs) |
jc@Junos> show route inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 2.0.0.0/24 *[Direct/0] 9w3d 17:41:54 > via ge-0/0/2.0 2.0.0.120/32 *[Local/0] 9w3d 17:41:57 Local via ge-0/0/2.0 10.5.0.0/16 *[Static/5] 9w3d 17:41:56 > to 10.93.15.254 via fxp0.0 10.10.0.0/16 *[Static/5] 9w3d 17:41:56 > to 10.93.15.254 via fxp0.0 10.93.4.52/32 *[Direct/0] 9w3d 17:43:44 > via lo0.0 [Static/5] 9w3d 17:43:44 __juniper_private1__.inet.0: 14 destinations, 14 routes (8 active, 0 holddown, 6 hidden) + = Active Route, - = Last Active, * = Both 10.0.0.0/8 *[Direct/0] 9w3d 17:43:44 > via fxp1.0 10.0.0.1/32 *[Local/0] 9w3d 17:41:57 Local __juniper_private1__.inet6.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both fe80::/64 *[Direct/0] 9w3d 17:43:44 > via fxp1.0 fe80::200:ff:fe00:4/128 *[Local/0] 9w3d 17:41:57 Local via fxp1.0
a. hold-down state — it occurs before a route is removed from the routing table
b. hidden state — it a result of a plicy that you’ve configured on the router a problem with the route
9. Static Route:
[edit routing-options]
jc@Junos# set static route 192.168.1.1 next-hop 10.1.0.1
8. Interface:
[edit]
jc@Junos# set interfaces ge-1/2/0 unit 0 family inet address 192.168.10.40/24
jc@Junos# set ge1-1/3/0 unit 0 family inet6 address::2/64
jc@Junos# set ge-1/3/0 unit 0 family iso
a. four levels:
physical interface — unit – family – protocol family
1) unit is a logical interface
2) at least one family on each logical itnerface
3) at least one protocol family on each logical interface to allow it to receive and transmit protocol traffic
b. common protocols on interfaces:
1) inet – for IPv4
2) inet6 – for IPv6
3) iso – for the interfaces that need to support CLNS, which is the ISO network layer service protocol that is used by IS-IS.
4) mpls
7. Traceoptions:
[edit] jc@Junos# set protocols ospf traceoptions file ospf.log jc@Junos# set protocols ospf traceoptions flag all jc@Junos# set security traceoptions flag policy-manager jc@Junos# set security traceoptions flag general jc@Junos# set routing-options traceoptions file trace-events world-readable jc@Junos# set routing-options traceoptions flag all
6. Syslog:
[edit system] jc@Junos# set syslog file ? Possible completions: <file-name> Name of file in which to log data cli-commands Name of file in which to log data emergency Name of file in which to log data firewall Name of file in which to log data messages Name of file in which to log data [edit system] jc@Junos# set syslog file messages any notice jc@Junos# set syslog file messages authorization info jc@Junos# set syslog file cli-commands interactive-commands any jc@Junos# set syslog file emergency any emergency jc@Junos# set syslog file firewall firewall notice
| Types of Logging Events | Logging Se verity Levels |
| any | notice |
| Any router event | General router operational events of more interest than “info” |
| authorization | info |
| Authentication and authorization attempts | General router operation |
| interactive-commands | any |
| Commands typed at the command-line interface or by a JUNOScript client application | All events |
| any | emergency |
| Errors that cause the router to stop operating | |
| firewall | notice |
| Packet filtering performed by firewall filters |
5.RADIUS:
[edit system] jc@Junos# set radius-server 192.168.10.1 port 1812 secret 123456 jc@Junos# set radius-server 192.168.10.1 timeout 1 jc@Junos# set radius-server 192.168.10.1 retry 1 jc@Junos# set radius-server 192.168.10.1 source-address 192.168.200.2 [edit system] jc@Junos# show radius-server { 192.168.10.1 { port 1812; secret "$9$SZQUk.fTz6Ct5TcyevLX"; ## SECRET-DATA timeout 1; retry 1; source-address 192.168.200.2; } } [edit system] jc@Junos# set authentication-order [ radius password ]
4. Junos encrypts all passwords and marks them as ## SECRET-DATA. It allows you to hide the fact that a password is even present in the configuration.
[edit system login]
jc@Junos# show | except SECRET-DATA
class operation {
idle-timeout 0;
permissions all;
}
user operation {
full-name "Operation Team";
uid 2000;
class operation;
authentication {
}
}
user jc {
uid 2005;
class operation;
}
3. User Acct:
jc@Junos# set user jc class super-user jc@Junos# set user jc authentication plain-text-password
2. Banner:
jc@Junos# set system login message "--------------------\nWARNING: Unauthorized access prohibited. --------------------\n" jc@Junos# set system announcement "Network maintenance announcement."
1. Keyboard shortcuts:
Ctrl+a — move to beginning of command line
Ctrl+e — move to end of command line
Ctrl+k — delete all text from cursor to end of command line
Esc+b — move back one word
Esc+f — move forward one word
Esc+d — delete the word after the cursor
Esc+Backspace — delete the word before the cursor
August 21, 2009
Routing Engine and Packet Forwarding Engine
RE (Routing Engine)
PFE (Packet Forwarding Engine)
PIC (PPhysical Interface Card)
FPC (Flexible PIC Concentrator)
SCB (Switching Control Board)
Router Design Concept
GRES (graceful Routing Engine switchover) – In a router that contains a master and a backup Routing Engine, allows the backup Routing Engine to assume mastership automatically, with no disruption of packet forwarding.
Graceful switchover — JUNOS software feature that allows a change from the primary device, such as a Routing Engine, to the backup device without interruption of packet forwarding.
(lecture by Tim Chung)
1. Basic Router and Routing:
a. R1 and R2 has routing protocol (i.e RIP or OSPF), so the computer can reach the destination server 10.0.0.1.
b. R2 is a single CPU router which is like a Linux server doing a routing job.
c. A single CPU needs to process all of the packets whichever goes through the router. If the computer is sending too many data packets through R2, then the CPU of R2 is going to be occupied by the data packets.
d. When CPU is too busy (up to 99%~100% usage) on processing the data packets, other important packets for control, such as routing protocols, SNMP, wouldn’t be processed in time which would cause routing adjacency dropped. All of the data packets would not reach the destination.
e. Thus, Cisco 2800 series can only do T1 since it’s a single RISC processor, and Juniper J-series is also single IBM CPU. They both couldn’t handle high traffic. They are both software based routers.
2. For modern routers, they have more than 1 CPU doing data packet forwarding and processing control information.
a. Take Juniper router as an example, a router has 2 plane: RE and PFE. All of the data packets going through PFE and goes out.
b. PFE passes all important control packets to RE.
c. In this way, router wouldn’t drop the adjacency which wont lose the routes. Data packets can be sent to the destination.
3. For Redundancy:
a. Uses fabric between RE and PFE and PIC for high traffic transmissions.
b. Uses full-mesh x-bar for PFEs.
4. For more redundancy with GRES:
August 5, 2009
Beginning of JUNOS
1. First time login:
root@Junos% cli
root@Junos>
2. Find network topic:
jc@Junos> help topic ospf area-backbone
3. View specific configuration information:
jc@Junos> help reference ospf area
4. Upgrade Junos software:
jc@Junos> show version brief Hostname: Junos Model: m10i JUNOS Base OS boot [9.2-20090320.0] JUNOS Base OS Software Suite [9.2-20090320.0] JUNOS Kernel Software Suite [9.2-20090320.0] JUNOS Crypto Software Suite [9.2-20090320.0] JUNOS Packet Forwarding Engine Support (M/T Common) [9.2-20090320.0] JUNOS Packet Forwarding Engine Support (M7i/M10i) [9.2-20090320.0] JUNOS Online Documentation [9.2-20090320.0] JUNOS Routing Software Suite [9.2-20090320.0] jc@Junos> request system software add jbundle-5.3R2.4-domestic-signed.tgz (domestic -- security jcrypto) (signed -- MD5) OR jc@Junos> request system software add jbundle-5.3R2.4-domestic-signed.tgz reboot
5. Boot Sequence:
a. Display alert msg when booting from HD:
--- NOTICE: System is running on alternate media device (/dev/ad1s1a).
b. Backup Junos and other files to HD:
jc@Junos> request system snapshot
c. contact JTAC if boot from HD
6. About CLI:
jc@Junos> show cli CLI complete-on-space set to on CLI idle-timeout disabled CLI restart-on-upgrade set to on CLI screen-length set to 49 CLI screen-width set to 98 CLI terminal is 'xterm' CLI is operating in enhanced mode CLI timestamp disabled CLI working directory is '/var/home/netops' jc@Junos> show cli ? Possible completions: <[Enter]> Execute this command authorization Show authorization and authentication information directory Show current working directory history Show list of previous commands | Pipe through a command jc@Junos> show cli | ? Possible completions: count Count occurrences display Show additional kinds of information except Show only text that does not match a pattern find Search for first occurrence of pattern hold Hold text without exiting the --More-- prompt last Display end of output only match Show only text that matches a pattern no-more Don't paginate output request Make system-level requests resolve Resolve IP addresses save Save output text to file trim Trim specified number of columns from start of line
7. Restore old configuration:
a. When router commits a config, it also save the existing configuration to a file (up to 9).
b. Current active config => juniper.conf
c. most recent active config => juniper.conf.1.gz (file #1)
8. Redundancy:
a. by default, router doesn’t automatically enable the backup Routing Engine.
b. enable backup Routing Engine:
jc@Junos# set redundancy failover on-loss-of-keepalives jc@Junos# show redundancy { failover on-loss-of-keepalives; }
c. keepalives:
1) If the backup Routing Engine fails to receive keepalives for 20 secs, it enters a message in the messages log file.
2) After 300 secs, default fail-over timer, backup Routing Engine attempts to assumes the master role for the router.
3) When it successed, an alarm is generated to notify you the master Routing failed.
jc@Junos# set redundancy keepalive-time 30 jc@Junos# show redundancy { failover on-loss-of-keepalives; keepalive-time 30; }
4) Both master and backup Routing Engine must be operating the same version of Junos.
July 30, 2009
Commit Junos Configuration
1. Candidate Configuration: You always enter your configuration or changes as a condidate file.
2. “show|compre“: see exactly changes you made and look for any last-minute typos.
3. “commit check“: The system verifies the logic and completeness of your new configuration entries without activating any changes.
4. “commit confirmed“: If you don’t confirm your changes by entering commit within 10 minutes of activation, the device reverts back to the prior configuration.
5. “rollback“: lets you restore the rescue or any of the prior 50 configurations. A quick rollback is much easier than undoing one command at a time.
June 26, 2009
JUNOS Commands for IOS Users
A. Basic CLI and Systems Management Commands:
| IOS Command | JUNOS Command |
| clock set | set date |
| reload | request system reboot |
| send | request message |
| show clock | show system uptime |
| show environment | show chassis environment |
| show history | show cli history |
| show ip traffic | show system statistics |
| show logging | show log show log file name |
| show processes | show system processes |
| show running config | show configuration |
| show tech-support | request support information |
| show users | show system users |
| show version | show version show chassis hardware |
| terminal length | set cli screen-length |
| terminal width | set cli screen-width |
| trace | traceroute |
B. Switching Commands:
| IOS Command | JUNOS Command |
| –none– | show ethernet-switching interfaces |
| show spanning-tree | show spanning-tree bridge |
| show mac address-table | show ethernet-switching table |
C. Interface Commands:
| IOS Command | JUNOS Command |
| clear counters | clear interface statistics |
| show interfaces | show interfaces show interfaces detail show interfaces extensive |
| show ip interface brief | show interfaces terse |
D. Routing Protocol-Independent Commands:
| IOS Command | JUNOS Command |
| clear arp-cache | clear arp |
| show arp | show arp |
| show ip route | show route |
| show ip route summary | show route summary |
| show route-map | show policy show policy policy-name |
| show tcp | show system connections |
1. OSPF Commands:
| IOS Command | JUNOS Command |
| show ip ospf database | show ospf database |
| show ip ospf interface | show ospf interface |
| show ip ospf neighbor | show ospf neighbor |
2. BGP Commands:
| IOS Command | JUNOS Command |
| clear ip bgp | clear bgp neighbor |
| clear ip bgp dampening | clear bgp damping |
| show ip bgp | show route protocol bgp |
| show ip bgp community | show route community |
| show ip bgp dampened paths | show route damping decayed |
| show ip bgp neighbors | show bgp neighbor |
| show ip bgp neighbors address advertised-routes | show route advertising-protocol bgp address |
| show ip bgp neighbors address received-routes | show route receive-protocol bgp address |
| show ip bgp peer-group | show bgp group |
| show ip bgp regexp | show route aspath-regex |
| show ip bgp summary | show bgp summary |
