JUNOS Enterprise Switching. A Practical Guide to JUNOS Switches and Certification (e-book) Kalety

JUNOS Enterprise Switching is the only detailed technical book on Juniper Networks new Ethernet-switching EX product platform. With this book, youll learn all about the hardware and ASIC design prowess of the EX platform, as well as the JUNOS Software that powers it. Not only is this extremely practical book a useful, hands-on manual to the EX platform, it also makes an excellent study guide for certification exams in the JNTCP enterprise tracks. The authors have based JUNOS Enterprise Switching on their own Juniper training practices and programs, as well as the configuration, maintenance, and troubleshooting guidelines they created for their bestselling companion book, JUNOS Enterprise Routing. Using a mix of test cases, case studies, use cases, and tangential answers to real-world problems, this book covers: Enterprise switching and virtual LANs (VLANs) The Spanning tree protocol and why its needed Inter-VLAN routing, including route tables and preferences Routing policy and firewall filters Switching security, such as DHCP snooping Telephony integration, including VLAN voice Part of the Juniper Networks Technical Library<™>, JUNOS Enterprise Switching provides all-inclusive coverage of the Juniper Networks EX product platform, including architecture and packet flow, management options, user interface options, and complete details on JUNOS switch deployment. Spis treści: JUNOS Enterprise Switching SPECIAL OFFER: Upgrade this ebook with OReilly Foreword Evolution of the Bridging World What Is the Big Deal About Switching Anyway? How This Book Will Help You (a.k.a. Whats in It for Me?) Preface What Is JUNOS Enterprise Switching? The Juniper Networks Technical Certification Program (JNTCP) How to Use This Book Whats in This Book? Topology of This Book Conventions Used in This Book Using Code Examples Safari Books Online Comments and Questions About Scott Morris, Lead Tech Reviewer Acknowledgments From Doug Marschke From Harry Reynolds 1. LAN and Internetworking Overview What Is a Network? The OSI Model Layer functions Network Types and Communication Modes Communication modes So, Where Did We LANd? Ethernet Technologies A Brief Look Back Ethernet or 802.3, That Is the Question The MAC Layer CSMA/CD The shift away from shared media MAC addressing Ethernet Standards Wrap-Up A word on auto-negotiation Ethernet Technology Summary The TCP/IP Suite Enter OSI Exit OSI, Enter IP The IP Stack, in a Nutshell The network that lies beneath ARP me, Amadeus IP, freely IP addressing Hierarchical Classless is the norm (or, how we learned to subnet) ICMP, the bad news protocol UDP, multiplexing, and not much else TCP, a transport for all seasons Whats this Internet thing for again, eh, sonny? IP encapsulation example Internet Protocol Summary LAN Interconnection Repeaters Bridges Protocol-agnostic Loops are bad, really, really bad Bridge processing in detail So much for the 80/20 rule Routers Multi-Protocol Routing One protocol to rule them all LAN Interconnect Summary Conclusion Chapter Review Questions Chapter Review Answers 2. EX Platform Overview EX Hardware Overview The EX8200 Series Separate Control and Forwarding: Its a Good Thing EX Hardware: The Numbers EX Feature Support Layer 2 features Layer 3 and general system features EX Hardware Summary EX Series Architecture The EX-PFE ASIC EX3200 Architecture EX4200 Architecture Front-panel LEDs A Day in the Life of a Packet Layer 2 switching Output processing: Layer 2 switching Layer 3 routing EX Series Architecture Summary JUNOS Software Overview JUNOS Software Summary CLI Overview J-Web and EZSetup EZSetup CLI Operational Modes and General Features Operational mode Command completion Emacs keys The pipe Configuration Mode Navigating the configuration hierarchy Active and candidate configurations, commits, and rollbacks Commit confirmed Loading and saving configurations The JUNOS CLI Summary Advanced CLI and Other Cool Stuff SOS Scheduled Commits and Wildcards Wildcards and regular expressions Copying, Renaming, and Inserting Conclusion Chapter Review Questions Chapter Review Answers 3. Initial Configuration and Maintenance The Factory-Default Configuration and EZSetup Factory-Default Configuration EZSetup Factory-Default Configuration and EZSetup Summary Initial Configuration Using the CLI CLI Configuration Summary Secondary Configuration Customized User Accounts, Authentication, and Authorization User authentication case study Out of Band Network Remote Access Dynamic Host Configuration Protocol DHCP server configuration in JUNOS DHCP relay configuration in JUNOS Secondary Configuration Summary EX Interfaces Permanent Interfaces Network Interfaces Network interface naming Logical units Interface Configuration Physical properties Logical properties EX Interface Configuration Examples Layer 2 interface Layer 3 interface Interface Troubleshooting JUNOS troubleshooting tools Syslog Monitor interface Monitor traffic Operational mode show commands Ethernet OAM Diagnostic commands Loopbacks Hard loops EX Interface Summary Basic Switch Maintenance Chassis Health Check Syslog Syslog case study SNMP NTP Is NTP really working? Rescue Configuration Password Recovery Switch Maintenance Summary Conclusion Chapter Review Questions Chapter Review Answers 4. EX Virtual Chassis The EX Virtual Chassis Virtual Chassis Overview Virtual Chassis Control Protocol Member roles within a VC Member ID Mastership priority Default election algorithm Virtual Chassis Identifier Virtual Chassis Design and Deployment Options VCP topologies VCP single rack rings VCP multiple rack rings VCP serial chain VCE topologies Extending the VC Packet Flow in a Virtual Chassis Virtual chassis topology discovery The SPF calculation A bifurcated VC: Its a bad thing Virtual chassis packet walk-through Intersystem packet flows Virtual Chassis Summary Configuration, Operation, and Maintenance Virtual Chassis Configuration Modes Hot or cold insertion: when does a VC addition become a VC merge? Virtual Chassis Configuration Virtual management address Virtual chassis member parameters VCEs Virtual chassis configuration summary Virtual Chassis Operation and Maintenance Operational mode commands with member context VC monitoring commands Monitor the VC control protocol VC tracing VC maintenance VC adds, moves, and changes Connecting to non-master members Using the no-management-vlan option Configuration, Operation, and Maintenance Summary Virtual Chassis Case Study Prepare for the Merge Configure VC Parameters Confirm initial VC operation Expand the VC with VCE Links Prepare the new switch Configure the VCE ports Case Study Summary Conclusion Chapter Review Questions Chapter Review Answers 5. Virtual LANs and Trunking Virtual LANs and Trunking Port Modes Tagging User Traffic QinQ, a.k.a. provider bridging The Native and Default VLANs The native VLAN The default VLAN Putting it all together Generic Attribute Registration Protocol Cisco and GVRP VLAN and Trunking Summary EX to Catalyst VLAN Integration Default VLAN/Trunking Behavior Define VLANs Configure and confirm IOS VLANs and trunking JUNOS VLAN and trunk configuration Troubleshoot a VLAN problem Add Native VLAN Support Getting Loopy with It VLAN Integration Summary Conclusion Chapter Review Questions Chapter Review Answers 6. Spanning Tree Protocol Feeling a Little Loopy Stupid Is As Stupid Does Loop Issue Summary Spanning Tree Protocol STP Basics Calculating and Maintaining the Spanning Tree Bridge Protocol Data Units BPDU Learning and Port States Protocol Timers Table age Hello time Message age Forwarding delay Putting the Theory Together STP Issues STP Summary Rapid Spanning Tree Protocol New BPDU Definition and Function Interface Types and States RSTP Convergence Topology changes Link failures Link Cost in RSTP Compatibility with STP Interoperability Between Juniper and Cisco RSTP Summary Spanning Tree Configuration Failures with Default Parameters Configuring RSTP When RSTP isnt going to be rapid RSTP design consideration Spanning Tree Configuration Summary Multiple Spanning Tree Protocol MSTP Configuration MSTP Summary Redundant Trunk Groups RTG Configuration RTG Summary Conclusion Chapter Review Questions Chapter Review Answers 7. Routing on the EX EX Routing Overview What Is Routing? Interior Gateway Protocol overview EX Routing Capabilities Whats missing? Layer 3 scaling limits JUNOS Routing Concepts Global route preference Routing tables and RIB groups The inet.0 table Routing policy Router ID and Autonomous System Number Summary of EX Routing Capabilities Inter-VLAN Routing A Router on a Stick Enter the Routed VLAN Interface Full Layer 3 functionality Deploy an RVI Configure and test an RVI Use VRRP with an RVI Restricting RVI Communications RVI and Layer 3 filters RVI Summary Static Routing Next Hop Types Forwarding next hop qualifiers Route Attributes and Flags Floating Static Routes EX Static Routing Scenario Static routing in the Internet router EX static routing Static Routing Summary RIP Routing RIP Overview RIP stability and performance tweaks RIP and RIPv2 RIP Deployment Scenario Configure RIP Vodkilas RIP configuration Verify RIP RIP Summary Conclusion Chapter Review Questions Chapter Review Answers 8. Routing Policy and Firewall Filters Routing Policy What Is Routing Policy, and When Do I Need One? Where and How Is Policy Applied? Applying policy to link state routing protocols Applying policy to RIP Policy Components Logical OR and AND functions within terms Policy Match Criteria and Actions Policy match criteria Policy actions Route Filters Binary trees Route filters and match types Longest match wins, but may not Default Policies OSPF default policy IS-IS default policy RIP default policy BGP default policy Testing and Monitoring Policy Testing policy results Policy tracing Policy Case Study Routing Policy Summary Firewall Filters Types of Filters Filter Term Processing Filter Match Conditions Filter Actions Applying a Filter Applying a filter at the port level Applying a filter at the VLAN level Applying a filter at the Layer 3 level Transit Filter Case Study Layer 3 filter VLAN filters Case Study: Loopback Filters Policers Burst-size-limit mystery Policer actions Configuring and applying policers Policer example Storm Control and Rate Limiting Filters and Policers Summary Conclusion Chapter Review Questions Chapter Review Answers 9. Port Security and Access Control Layer 2 Security Overview EX Layer 2 Security Support MAC Limiting, DHCP, and ARP MAC Limiting Limiting MAC moves MAC limit actions Deploy and verify MAC limiting DHCP Snooping and ARP Inspection Securing DHCP and ARP Deploy DHCP snooping and ARP inspection Confirm DHCP snooping and ARP inspection MAC Limiting, DHCP, and ARP Summary IEEE 802.1X Port-Based Authentication Terminology and Basic Operation Extensible Authentication Protocol JUNOS 802.1X Feature Support Administrative modes Supplicant modes Additional capabilities Deploy and Verify 802.1X RADIUS server configuration EAP-MD5 supplicant configuration Configure RADIUS parameters Configure 802.1X authenticator properties Verify 802.1X authentication Configure MAC-based RADIUS authentication 802.1X Port-Based Authentication Summary Conclusion Chapter Review Questions Chapter Review Answers 10. IP Telephony Deployment Scenarios QoS or CoS? Deployment Scenarios Summary Power over Ethernet JUNOS Support for PoE PoE Summary Link Layer Discovery Protocol JUNOS LLDP LLDP Summary LLDP with Media Endpoint Discovery LLDP-MED and JUNOS LLDP-MED Summary Voice VLAN Case Studies Without LLDP-MED Support Plug-and-play solution without LLDP-MED Voice VLAN and IP phone configuration With LLDP-MED Support Case Study Summary Conclusion Chapter Review Questions Chapter Review Answers 11. High Availability Hardware Redundancy Routing Engine Failover Default Failover Layer 2 Default Failover Layer 3 Graceful Routing Engine Switchover GRES with Layer 2 GRES with Layer 3 Graceful Restart Non-Stop Routing GRES, GR, NSR, Oh My! VRRP In-Service Software Upgrades Aggregated Ethernet LACP in Action JUNOS Configuration Additional configuration options Load balancing over AE Bidirectional Forwarding Detection (BFD) High Availability Summary Conclusion Chapter Review Questions Chapter Review Answers Glossary Index About the Authors Colophon SPECIAL OFFER: Upgrade this ebook with OReilly