Juniper路由器参考大全(英文版) (2010 年度畅销榜NO.1896 )

　　本书全面系统地介绍了Juniper路由器方方面面的知识，全书共分为16章，分别介绍了硬件与体系结构、Juniper软件设计、JUNOS软件命令行接口、系统管理与服务、接口配置与控制、协议独立的路由、路由策略、RIP、OSPF理论与配置、IS-IS、域间路由选择理论与案例研究、MPLS概述、MPLS VPN概述、Internet Processors Ⅱ与防火墙过滤器等。
　　本书由知名的网络专家编写，是学习Juniper路由器知识的必备教材，本书还可以作为一些疑难问题的速查手册。

Contents

1　Hardware and Architecture　1
* System Evolution　2
* Router Functionality　2
·Routing Engine　3
·Packet Forwarding Engine　5
·Packet Flow　8
* The Craft Interface　12
·Using the Craft Interface　13
* Product Features　14
·M40/M20　14
·M160　16
·M5/M10　18

2　Juniper Software Design　21
* Ensuring Performance with Juniper Networks Routers　22
·Divide and Conquer　22
·At the Core: UNIX　23
·Processes and Daemons　24
·JUNOS Software Optimizations　24
* Juniper Networks Router Processes and Functions　25
·The Kernel Process　27
·The init Process　29
·syslogd　30
·mgd and cli　30
·rpd　30
·dcd　32
·snmpd　32
·mib2d　33
·ilmid　33
·vrrpd　33
·apsd　33
·chassisd　33
·sampled　34
·alarmd　34
·Embedded JUNOS Software(PFE OS)　34
* Routing Information Databases　35
·Boot Order and Process Interaction　36
* The File System　45
·File System Components　45
·Important Directories　47
·Boot Source Sequence　48
* Software Mechanics　50
·JUNOS Software Release Structure　51
·Installing and Upgrading　53
·JUNOS Software Documentation　55

3　JUNOS Software Command Line Interface　57
* Introduction to JUNOS Software CLI　58
·CLI Architecture　59
·CLI Keystrokes　62
·CLI Modes　69
* CLI Features　78
·Automatic Command Completion　79
·Simultaneous Multiple User Access　80
·Configuration Commit Model　82
·Using Operational Mode Commands
·in Configuration Mode　92
·Online Documentation　93
·Scrolling Large Files Feature　95
·Command Pipe Option　97

4　System Management and Services　99
* Operating System and File Locations　100
·Root Account　101
* Managing User Accounts and Access　103
·User Accounts　103
* RADIUS and TACACS+　113
·TACACS+　113
·Authentication Order　118
* Services and Processes　119
·Host Names and DNS　120
·Static Host Tables　121
·DNS　122
·Telnet　124
·SSH　125
·Finger　127
·File Transfer Protocol　128
·Setting Time and Location　129
·NTP　130
·SNMP　138
* Diagnostic Tools　149
·PING　150
·Traceroute　156
·Syslog　158
·Traceoptions　164

5　Interface Configuration and Control　171
* Permanent vs. Transient Interfaces　172
·Slot and Port Numbering on Juniper Networks Routers　173
·Interface and Address Categories　175
·Clocking　176
* Configuring the Juniper Networks Interface　176
·Physical Layer Parameters　177
·Logical Interface Configuration　177
* Configuring SONET Interfaces　182
·Physical Interface Card Properties　182
·SONET Options　183
·Automatic Protection Switching　183
·Frame Check Sequence　189
·Loopback　189
·SONET Path-Trace　190
·Payload Scrambling　191
·RFC 2615　191
·Maximum Transmission Unit　192
·Interoperability　192
* Configuring the ATM Interface　192
·Physical Interface Properties　193
·Logical Interface Properties　197
* Configuring the Plesiochronous Digital Hierarchy: T-1/E-1　203
·Framing Methods　204
·Linecodes and Ones Density　206
·Data Inversion　209
·Simple Test Patterns　209
·Line Buildout　210
·Idle-Cycle Flag and Transmission Efficiency　210
·Subrate and Timeslot Configuration　210
·Frame Check Sequence　211
·Encapsulations　211
* Configuring the Plesiochronous Digital Hierarchy:T-3/E-3 Interfaces　211
·Framing Mode　212
·FCS　212
·Idle-Cycle Flag and Transmission Efficiency　212
·Line Buildout　212
·CSU Compatibility Mode/Subrate　213
·Encapsulations　213
* Configuring Ethernet Interfaces: Gigabit Ethernet and Fast Ethernet　213
·MAC Address Setting　214
·VLAN Tagging　214
·Fast Ethernet/Gigabit Ethernet Options　215
·Source Filtering　216
·Logical Interface Parameters　217
·Configuring Encapsulations　220
* Configuring Tunnel Interfaces　221
·Multicasting and Tunnel PICs　221
·Generic Route Encapsulation/IP-IP and Tunnel PICs　222
·Management Interface Configuration　223
* Troubleshooting　224
·The monitor interface Command　224
·The show interfaces extensive Command　224
·Loopback　227

6　Protocol-Independent Routing　229
* Route Types　230
·Static Routes　230
·Aggregate Routes　234
·Generated Routes　237
* Martian Routes　239
* Routing Tables　240
·Interpreting the Output　241
·Protocols and Preferences　242
·Additional Route Tables　244
·Rib-Groups　245
* Other Features　246
·Router ID　246
·Autonomous System Number　247
·Autonomous System Confederations　247
·Load Balancing　248

7　Routing Policy　251
* Basic Routing Policy　252
·An Example Policy Scenario　252
·Creating a Routing Policy　254
* Basic Routing Policy　254
·Definition　254
·Parameters　255
·Application　255
·Results　256
·Evaluation　257
* The JUNOS Software Policy Framework　257
·Policy Components　258
·Setting Parameters　261
·Applying Policies　262
·Evaluation　267
* Policy Framework Mechanics　267
·Flow Control Actions　268
·Default Policies　269
·Policy Chains　270
·User-Defined Policies　273
·Terms　275
·Match Conditions　283
·Side-Effects　301
·Expressions　302
·Subroutines　314
* Protocol-Specific Policy　317
·Protocol-Specific Match Conditions　317
·Regular Expressions　319
* Troubleshooting Policy　321
·Test Policy　321
·Policy Tracing　325
·Debug Communities　336
* Policy Design　337
·Tactics for Improving Policies　338
·Strategies for Implementing Routing Policies　351
·Designing Subroutine Policies　358
·Subroutines and Expressions　362
* Summary　368

8　Routing Information Protocol　371
* Distance Vector Routing Protocols　372
·What Is Distance Vector?　373
·Distance Vector Problems and Solutions　376
* Introduction to RIP　385
·RIPv1　386
·RIPv2 Extensions　387
·Configuring RIPv2　392
·Troubleshooting RIPv2　407

9　OSPF Theory　411
* OSPF: A Link-State Routing Protocol　412
·Shortest Path First Computation　413
* OSPF Network Types　416
·Point-to-Point Network　416
·Broadcast Multi-access Network　416
·Non-Broadcast Multi-access Network　417
·Point-to-Multipoint Network　417
·Considerations for Multi-access Networks　418
·Multi-access Network Rules　420
* Adjacency Establishment　422
·Hello Protocol　422
·OSPF Authentication　424
·OSPF Adjacency State Machine　424
* OSPF Packets　428
·Database Description Packet　428
·Link-State Request Packet　429
·Link-State Update Packet　431
·Link-State Acknowledgement Packet　432
* Flooding　433
·Flooding Procedure　433
* The Link-State Database　433
·Router-LSA　435
·Network-LSA　437
·Summary-LSA　438
·AS-External-LSA　439
* Topology Maintenance　442
* OSPF Hierarchy　443
·OSPF Router Classification　444
·Virtually Attached OSPF Areas　447
·OSPF Extensions　450

10　OSPF Configuration　457
* OSPF Minimum Configuration Requirements　458
* Case Study 1: Point-to-Point Network with Unnumbered Interfaces　459
·Viewing OSPF Interfaces　461
·Viewing OSPF Neighbors　464
·Interface Priority Configuration　465
·Viewing the OSPF Link-State Database　466
·Viewing OSPF Routes　470
* Case Study 2: P2P Network with Numbered Interfaces　471
* Case Study 3: BMA Network　474
* Case Study 4: Hierarchical Routing-Multiple-Area Configuration　479
* Case Study 5: Route Redistribution into OSPF　482
* Case Study 6: Stub Area Configuration　488
* Case Study 7: OSPF Route Summarization　492
* Case Study 8: NSSA Configuration　496
* Case Study 9: Virtual Link Configuration　504
* Case Study 10: OSPF Metrics and Shortest Path Calculation　511

11　IS-IS　517
* Introduction and Historical Background　518
·History of IS-IS　518
* Sample Network　520
* IS-IS Terminology　522
* Link-State Protocol Fundamentals and Introduction to IS-IS　523
·Distribution by Flooding, Aging, and Reflooding　523
·Hierarchical Routing　534
·Pseudonodes and Designated Routers on Broadcast LANs　538
·SPF-Based Route Calculation　540
·ISO Addressing　541
·Fragmentation of Large LSPs　544
·OSI Model and the IS-IS Stack　545
·IS-IS Packet Types　548
·IS-IS TLV Types　563
* Troubleshooting IS-IS　590
·Case Study: Broken IS-IS Adjacency　591
·Case Study: Unintentionally Injecting 100,000 Prefixes into IS-IS　601
·Case Study: Leaking Level 2 Prefixes into Level 1　604
·Case Study: Leaking External Level 1 Prefixes into Level 2　609

12　Interdomain Routing Theory　615
* BGP Overview　616
·History of BGP　617
·What Is Different About BGP v4?　621
·Why Use TCP as a Transport?　622
·Peering　622
·BGP Message Types　628
·Finite-State Machine　638
·Routing Information Bases(RIBs)　640
·IBGP and EBGP Basics　643
·Protocol Differences　647
·BGP Decision Process　660
* BGP Basics　663
·Attributes　663
·Attribute Classes　664
·Multihop　672
·Multipath　672
·Aggregation　673
·Synchronization　677
·Capabilities Advertisement　678
* Scaling BGP　679
·The IBGP Full-Mesh Problem　679
·Route Reflection　680
·Confederations　693
* Resolving BGP Next-Hop Addresses　697
·Next-Hop Self Policy　697
·Passive Interface　698
·Static Routes　699
·Export Direct　699
* Hot-Potato Routing　699
* Damping　701
·Figure of Merit　702
·Suppress Threshold　702
·Half-Life for Exponential Decay　702
·Reuse Threshold　702
·Maximum Suppress　702
* Internal BGP Timers　705
* New BGP v4 Knobs and Features　706
·Multiprotocol Extensions for BGP v4　706
·Extended Communities　707
·Route Refresh　709
·Cooperative Route-Filtering Capability　710
·Graceful Restart Mechanism for BGP　710

13　Interdomain Routing Case Studies　713
* Basic BGP Configuration and Best Practices　714
* ISP Design Using Routing Policy for BGP Control　722
·Exporting Routes　722
·Importing Routes　727
* Load Balancing with BGP　739
·Load Balancing with EBGP Using Multipath　740
·Load Balancing with IBGP Using Multipath　745
·Load Balancing with BGP Using Multihop　746
* Route Reflection and Path Selection in a Multi-Vendor Network　749
·Issues with Route Reflection and next-hop-self　755
* Persistent Route Oscillation with Route Reflection　760
·First Update　761
·Second Update　762
·Third Update　763
·Fourth Update　763
·Fifth Update　764
·Prevention of Persistent Route Oscillation　764
* Using Confederations for BGP Scalability　765
* BGP in the Enterprise　773
·Existing Network Connectivity　774
·New Network Design　775
·Default Routes　781

14　Introduction to MPLS　783
* History of MPLS　784
·Cell Switch Router and IP Switch　784
·ARIS　785
·Tag Switching　786
·MPLS　786
·JUNOS Software and MPLS　787
* Overview of MPLS　787
·Multi-Protocol Label Switching Terminology　787
·Structure of the MPLS Label　792
·Distribution of Labels　798
* Static LSPs　800
* Signaled LSPs　805
·RSVP Protocol　806
·RSVP Signaled LSPs　810
·Traffic Protection　833
·Advanced Route Resolution　844
·MPLS Load Balancing　851
·The Label Distribution Protocol　855

15　Introduction to MPLS Virtual Private Networks　865
* 2547bis MPLS Virtual Private Networks　867
·2547bis MPLS VPN Components　867
·2547bis MPLS VPN Operation　868
·Additional Notes on 2547bis MPLS VPN　883
* Circuit Cross-Connect　887
·MPLS Tunnel Cross-Connect　887
·LSP Stitching Cross-Connect　891
* Layer 2 MPLS Virtual Private Networks　892
·Layer 2 MPLS VPN Components　893
·Layer 2 MPLS VPN Operation　899

16　Internet Processor II and Firewall Filters　911
* Overview of IP2 Features and Capabilities　912
·“Performance Without Compromise”　912
·Overview of IP2 Firewall Features　914
·Rate Limiting with the IP2　916
·Filter Based Forwarding　917
·Logging and Statistical Sampling　917
·The IP2 and Non-Internet Protocols　917
·IP1 vs. IP2: Features Summary　918
·Determining Whether Your Router Is IP2 Equipped　918
* Firewall Filter Syntax and Operation　919
·Stateful Inspection vs. Packet Filtering　920
·IP, TCP, and UDP Structural and Operational Review　920
·JUNOS Firewall Syntax and Processing Rules　929
·The Need for Multiple Terms in a Firewall Filter　931
·The JUNOS Firewall from Statement　931
·The JUNOS Firewall then Statement　937
·Resequencing and Deleting Firewall Terms　945
·Applying JUNOS Firewall Filters　948
* Case Study 1: Routing Engine Protection　952
·Security Models: Permissive vs. Prudent　952
·What Should Be Allowed?　953
·Filter Direction　954
·Filter Construction and Application　954
·Filter Verification　961
* Case Study 2: Transit Filtering　964
·Firewall Requirements　965
·Filter Analysis and Verification　965
* IP2 Rate Limiting　973
·Shaping vs. Policing　973
·IP2 Rate Limiting Syntax and Processing　976
* Case Study 3: Rate Limiting　978
·Policer Requirements　978
·Policer Configuration and Verification　979
* IP2 Statistical Sampling　983
·The Need for Statistical Sampling　983
·Sampling Configuration　983
* Case Study 4: Statistical Sampling　987
·The Sampling Filter　989
·Forwarding Options　989
·Sampling Verification and Analysis　990
·The Need for Post Processing　993
* Case Study 5: Tracing and Minimizing DoS Attacks　1000
·The Initial Filter　1001
·Log Analysis and Filter Modification　1002

Index　1005

From the introduction of the M40 router in 1998, Juniper Networks has risen to a position of considerable leadership the Internet router marketplace, a position it has maintained through the introduction of multiple succeeding router models and software releases. That leadership has been acquired in large part by offering a product with best-in-class forwarding and routing performance, but also by providing an alternative to the incumbent router vendor for sources of information about the challenges that Internet Service Providers and other users of high-speed routers face, and by providing solutions to these challenges. We offer this book in that same spirit: providing solutions to those who seek a better way. This book is intended to serve as a reference for networking professionals who wish to learn about the operation and configuration of Juniper Networks M-series routers. As you can see by the cover and title page, writing it has been a collaborative effort involving a large team of people. Our mission has been to produce--in a relatively short period of time a single volume that could be used by both novices and experienced router jockeys as an aid in the operational aspects of using Juniper Networks routers. Because router operation is so closely linked with the routing protocols they implement, we have also addressed the protocols in detail. This should obviate your need to combine this book with other "background" books on individual protocols. You will find excellent introductions as well to some of the ancillary protocols and techniques that are becoming important to the core of the Internet, such as traffic engineering with MPLS and packet filtering for security. The chapters of the book are arranged to educate you in these topics as though you were studying in a hands-on classroom. Therefore, we begin with the hardware and software components of the router platform, and proceed through the syntax of the user interface and components of system management to give you a foundation in the tools of the platform and their control and operation. Building upon this foundation, we next explore the control of traffic interfaces, protocol-independent routing issues, and the central role of routing policy control in controlling the distribution of routing information. Our routing protocol coverage extends to those protocols implemented by Juniper Networks that are in common use in today's Internet: RIP, OSPF, IS-IS, and BGP. We close the book with chapters on MPLS and firewall filters. One note on the title: "The Complete Reference" is something of a misnomer. At this stage of the Internet's growth, and with the rapid pace of hardware, software, and protocol development, to write a truly complete reference to any modem platform or operating system is an impossible task. To address this point, we have concentrated on the features that are most likely to be used by the majority of router professionals as they complete their day-to-day tasks.