Juniper JUNOS OS 10.4 - PROTECTED SYSTEM DOMAIN Configuration Manual

Protected system domain configuration

Table of Contents

Quick Links

Download this manual

Junos

Protected System Domain Configuration Guide

Release

10.4

Published: 2010-10-04

Table of Contents

Summary of Contents for Juniper JUNOS OS 10.4 - PROTECTED SYSTEM DOMAIN

Page 2 Products made or sold by Juniper Networks or components thereof might be covered by one or more of the following patents that are owned by or licensed to Juniper Networks: U.S. Patent Nos. 5,473,599, 5,905,725, 5,909,440, 6,192,051, 6,333,650, 6,359,479, 6,406,312, 6,429,706, 6,459,579, 6,493,347, 6,538,518, 6,538,899, 6,552,918, 6,567,902, 6,578,186, and 6,590,785.
Page 3 REGARDING LICENSE TERMS. 1. The Parties. The parties to this Agreement are (i) Juniper Networks, Inc. (if the Customer’s principal office is located in the Americas) or Juniper Networks (Cayman) Limited (if the Customer’s principal office is located outside the Americas) (such applicable entity being referred to herein as “Juniper”), and (ii) the person or organization that originally purchased from Juniper or an authorized Juniper reseller the applicable...
Page 4 Customer shall be liable for any such violations. The version of the Software supplied to Customer may contain encryption or other capabilities restricting Customer’s ability to export the Software without an export license. Copyright © 2010, Juniper Networks, Inc.
Page 5 (including Juniper modifications, as appropriate) available upon request for a period of up to three years from the date of distribution. Such request can be made in writing to Juniper Networks, Inc., 1194 N. Mathilda Ave., Sunnyvale, CA http://www.gnu.org/licenses/gpl.html...
Page 19: About This Guide
Juniper Networks website at http://www.juniper.net/techpubs/ Juniper Networks supports a technical book program to publish books by Juniper Networks engineers and subject matter experts with book publishers around the world. These books go beyond the technical documentation to explore the nuances of network architecture, deployment, and administration using the Junos operating system (Junos OS) and Juniper Networks devices.
Page 20: Objectives
JUNOS 10.4 Protected System Domain Configuration Guide Objectives This guide is designed to provide an overview of the Juniper Networks JCS1200 Control System and the concept of Protected System Domains (PSDs). The JCS1200 platform, which contains up to 12 Routing Engines (or 6 redundant Routing Engine pairs) running Junos OS, is connected to up to three T Series routers , including any combination of T320 Core Routers, T640 Core Routers, and T1600 Core Routers.
Page 21: Supported Routing Platforms
For example, copy the following configuration to a file and name the file ex-script.conf Copy the file to the directory on your routing platform. ex-script.conf /var/tmp Copyright © 2010, Juniper Networks, Inc.
Page 22: Merging A Snippet
Merge the contents of the file into your routing platform configuration by issuing the configuration mode command: load merge relative [edit system scripts] user@host# load merge relative /var/tmp/ex-script-snippet.conf load complete For more information about the command, see the Junos OS CLI User Guide. load xxii Copyright © 2010, Juniper Networks, Inc.
Page 23: Documentation Conventions
Software release version (if applicable) Requesting Technical Support Technical product support is available through the Juniper Networks Technical Assistance Center (JTAC). If you are a customer with an active J-Care or JNASC support contract, or are covered under warranty, and need post-sales technical support, you can access our tools and resources online or open a case with JTAC.
Page 24: Self-Help Online Tools And Resources
7 days a week, 365 days a year. Self-Help Online Tools and Resources For quick and easy problem resolution, Juniper Networks has designed an online self-service portal called the Customer Support Center (CSC) that provides you with the following features: Find CSC offerings: http://www.juniper.net/customers/support/...
Page 25: Product Overview
PART 1 Product Overview JCS1200 Chassis and T Series Routers as a Single Platform on page 3 JCS1200 and T Series Platform Software Views on page 17 JCS1200 Platform Components on page 21 Copyright © 2010, Juniper Networks, Inc.
Page 27: Jcs1200 Chassis And T Series Routers As A Single Platform
Benefits of JCS1200 and T Series as a Single Platform on page 13 JCS1200 Chassis and T Series Core Routers as a Single Platform The Juniper Networks JCS1200 Control System (JCS) chassis interconnected with up to three T Series routing chassis enables the control plane (route processing) and forwarding plane (packet forwarding) to be scaled independently within a single platform.
Page 28: Root System Domains
1 and 2 belong to PSD1. In contrast, PSD2 is made up of the FPCs in slots 3 and 4 on the T Series router and the Routing Engines in slots 3 and 4 on the JCS1200 chassis. Copyright © 2010, Juniper Networks, Inc.
Page 29: Shared Interfaces
Benefits of JCS1200 and T Series as a Single Platform on page 13 Shared Interfaces A single Physical Interface Card (PIC) can host a physical interface that is shared by different Protected System Domains (PSDs). The Flexible PIC Concentrator (FPC) and Copyright © 2010, Juniper Networks, Inc.
Page 30: Figure 2: Shared Interfaces
The packets belonging to a shared interface pass between the Packet Forwarding Engine on the PIC in the RSD and the Packet Forwarding Engine on the uplink tunnel PIC in the PSD through a cross-connect in the forwarding fabric. Copyright © 2010, Juniper Networks, Inc.
Page 31: Table 2: Pics Supporting Shared Interfaces
1-port 10-Gigabit XENPAK PC-1XGE-XENPAK 4-port 10-Gigabit Ethernet LAN/WAN, PD-4XGE-XFP 10-port 1-Gigabit SFP PC-10GE-SFP SONET/SDH 4-port OC48 SONET, SFP PC-4OC48-SON-SFP 1-port OC192 SONET, XFP PC-10C192-SON-SFP 4-port OC192 SONET, XFP PD-4OC192-SON-XFP 1-port OC768 SONET, SR PD-1OC768-SON-SR Copyright © 2010, Juniper Networks, Inc.
Page 32: Inter-Psd Forwarding Overview
Larger networks with hundreds of routers, might have 20 router reflectors. Figure 3 on page 9 shows a typical network with route reflectors. These route reflectors are not in the forwarding path. Copyright © 2010, Juniper Networks, Inc.
Page 33: Figure 3: Typical Network Of Route Reflectors
12x as you incrementally add Routing Engines to the JCS1200 chassis and configure them for route reflection. You do not need to buy a new router to increase route reflector capacity. Copyright © 2010, Juniper Networks, Inc.
Page 34: Figure 5: Route Reflector Partitioning On The Jcs1200 Platform
LAN. Port sharing enables JCS1200 route reflectors to conserve Gigabit Ethernet ports and reduce the cost of adding additional line cards for connectivity to the network. The result is a cost-effective solution for networks where multiple route reflectors are deployed. Copyright © 2010, Juniper Networks, Inc.
Page 35: Connections Between Jcs1200 And T Series Chassis
Ethernet management ports. One port (fxp0.0) is connected to port 6 on the JCS switch module in bay 1, whereas the other port (fxp1.0) is connected to port 6 on the JCS switch module in bay 2. Each connection is a dedicated 1000-Mbps link. Copyright © 2010, Juniper Networks, Inc.
Page 36: Figure 7: Jcs Switch Module Ports
Figure 8 on page 12 provides a more detailed look at the connections between the two platforms. RE m indicates a master Routing Engine on the JCS1200 platform, whereas RE b represents a backup Routing Engine. Figure 8: Connections Between JCS1200 and T Series Platforms Copyright © 2010, Juniper Networks, Inc.
Page 37: Benefits Of Jcs1200 And T Series As A Single Platform
IP networks (voice and video, for example). PSDs enable carriers to consolidate and simplify network architecture. Rather than adding more routing at the edge to support individual services, a single platform provides service-specific virtualization in the core of the network. Copyright © 2010, Juniper Networks, Inc.
Page 38: Enhanced Security And Administration
Because each PSD maintains its own routing and processes in separate partitions, security is enhanced. With fault isolation, network anomalies in one PSD do not affect another PSD. Streamlined boundaries allow operational domains to be isolated logically, providing more control over router administration. Copyright © 2010, Juniper Networks, Inc.
Page 39: Cost Efficiency
Example: Configuring a JCS1200 Platform and a Single T Series Router on page 123 Documentation Example: Configuring a JCS1200 Platform and Multiple T Series Routers on page 128 Example: Configuring Shared Interfaces (Ethernet) on page 147 Example: Consolidating a Layer 2 VPN Network on page 177 Copyright © 2010, Juniper Networks, Inc.
Page 41: Jcs1200 And T Series Platform Software Views
PSD Administration View on page 19 Software Views Overview Configuring and managing the Juniper Networks JCS1200 control system and connected T Series routers requires three separate control points (views). Each view provides a different access to different parts of the system:...
Page 42: Types Of Jcs Users
Users are authenticated by the JCS management module before they can issue JCS commands. Login account configuration determines which commands are available. Two types of Juniper Networks-specific login accounts are available on the JCS: Supervisor—Login accounts configured with supervisor privileges enable you to view...
Page 43: Access Privileges
Junos OS running on the Routing Engines in the JCS chassis that belong to a particular PSD. Topics in this section include: Access Privileges on page 20 System Information on page 20 Management Tasks on page 20 Copyright © 2010, Juniper Networks, Inc.
Page 44: Access Privileges
PSD will reboot or go offline. Related JCS Administration View on page 17 Documentation RSD Administration View on page 18 Logging In to a PSD from the RSD on page 237 Junos OS Verification Tasks on page 238 Copyright © 2010, Juniper Networks, Inc.
Page 45: Jcs1200 Platform Components
The Routing Engine is installed in a slot in the JCS chassis and shares power, fans, switches, and ports with other Routing Engines. Routing Engines in the JCS1200 platform have the latest Junos OS preinstalled on them. Copyright © 2010, Juniper Networks, Inc.
Page 46: Management Module
1 and 2, management module slots 1 and 2, and switch module slots 1 and 2. Power supply modules in slots 3 and 4 supply power to Routing Engine slots 7 through 12. Copyright © 2010, Juniper Networks, Inc.
Page 47: Fan Modules
JCS Management Module CLI Overview The JCS management module command-line interface (CLI) is the software interface you use to access and configure the Juniper Networks Control System (JCS). You can access the JCS management module CLI through a local connection to the serial port on the JCS management module.
Page 48: Logging In To The Jcs Management Module Cli
— View/edit remote alarm recipients baydata — View/edit Blade Bay Data string For help on individual commands, enter , where is the name command -help command of the command for which you want help. For example: Copyright © 2010, Juniper Networks, Inc.
Page 49: Setting The Jcs Management Module Command Target
You can use the JCS management module CLI to direct commands to the management module or other devices installed in the JCS chassis. The device where the command takes effect is called the command target. By default, the command target is system (the JCS chassis). Copyright © 2010, Juniper Networks, Inc.
Page 50: Jcs Switch Module Script
JCS Switch Module Script The JCS switch module includes a menu-based interface that runs on the JCS1200 platform. However, instead of using menus to configure the switch, Juniper Networks provides a script you can use for configuring the switch. Copyright © 2010, Juniper Networks, Inc.
Page 51: Jcs1200 Platform Graceful Routing Engine (Gres) Switchover
IQ2 PICs. IQ2 PICs supported on the JCS1200 platform include 1-, 4-, and 8-port Gigabit Ethernet IQ2 PICs and 1-port 10-Gigabit Ethernet IQ2 PICs. Related Junos High Availability Configuration Guide Documentation Configuring a PSD with Redundant Routing Engines on page 89 Copyright © 2010, Juniper Networks, Inc.
Page 55: Before You Begin
Version 6.4, the FPC will not come online. To upgrade the firmware, you must contact your Juniper Networks customer support representative. To determine if you need to upgrade the FPC firmware, display the version of the firmware...
Page 56: Keeping The Jcs Management Module Default Snmp Setting
Do not disable SNMP. If you disable SNMP, your system might not function correctly. Also, do not erase or change the SNMP default c1 community. Related Verifying the FPC BootROM Version on page 31 Documentation Configuring SNMP Traps on page 43 Configuration Roadmap on page 33 Copyright © 2010, Juniper Networks, Inc.
Page 57: Configuration Roadmap
Configure the time zone. Configure the system name and contact information. Configure Secure Shell (SSH) access. Configure Simple Network Management Protocol (SNMP) traps. Configure the JCS switch module. Configure the Routing Engines (blades) on the JCS1200 platform: Copyright © 2010, Juniper Networks, Inc.
Page 58: Step Two: Configure The T Series Router
To configure a PSD, connect to the console port on the Routing Engine on the JCS1200 platform for the PSD you want to configure and, using the Junos OS CLI, include the following information: Hostname Domain name Ethernet management IP addresses IP address of a backup router Copyright © 2010, Juniper Networks, Inc.
Page 59: Step Four: Configure Shared Interfaces (Optional)
The logical unit number of the tunnel interface must be the same as the one that is configured on the SONET or Ethernet interface. c. Configure the protocol family and IP address of the logical SONET or Ethernet interface. Configure the physical tunnel interface. Copyright © 2010, Juniper Networks, Inc.
Page 60 Configuring a PSD with a Single Routing Engine on page 87 Configuring a PSD with Redundant Routing Engines on page 89 Configuring Shared Interfaces on the RSD on page 95 Configuring Shared Interfaces on a PSD on page 97 Copyright © 2010, Juniper Networks, Inc.
Page 61: Configuring The Jcs1200 Platform
PART 3 Configuring the JCS1200 Platform Configuring Basic System Parameters on page 39 Configuring the Routing Engines on the JCS1200 Platform on page 49 Summary of JCS Management Module Configuration Commands on page 53 Copyright © 2010, Juniper Networks, Inc.
Page 63: Configuring Basic System Parameters
Configuring the Switch Module Ethernet Interface on page 41 Configuring User Accounts on page 42 Configuring the NTP Server on page 42 Configuring the Time Zone on page 43 Configuring the System Name and Contact Information on page 43 Copyright © 2010, Juniper Networks, Inc.
Page 64: Restoring The Default Jcs Management Module Configuration
Log in to the JCS management module. Use the command to set JCS management module 1 ( mm[1] ) as the configuration target. For example: system:mm[1]> env —T mm[1] Use the command to configure the interface. For example: ifconfig Copyright © 2010, Juniper Networks, Inc.
Page 65: Configuring The Switch Module Ethernet Interface
In this example, the Ethernet interface for JCS switch module 2 is configured for an IP address of and a gateway address of . The subnet mask 192.168.171.99 192.168.171.254 255.255.252.0 . The external ports ( ) of the switch module are enabled. Copyright © 2010, Juniper Networks, Inc.
Page 66: Configuring User Accounts
JCS management module 1 ( ) as the configuration mm[1] target. For example: system> env —T mm[1] Use the command to configure an NTP server. For example: system:mm[1]> ntp —i 172.17.28.5 —f 60 —en enabled Copyright © 2010, Juniper Networks, Inc.
Page 67: Configuring The Time Zone
Software Lab Configuring SNMP Traps The Simple Network Management Protocol (SNMP) enables the monitoring of network devices from a central location. This section describes how to configure SNMP traps on the JCS management module. Copyright © 2010, Juniper Networks, Inc.
Page 68: Configuring The Snmp Community
In this example, the alert recipient number is , the recipient is named , the alert trap status is , alert filtering is (all alerts are received, not just critical alerts), and none the alert type is SNMP Copyright © 2010, Juniper Networks, Inc.
Page 69: Configuring Monitored Alerts For Snmp Traps
This section describes how to use JCS commands to configure SSH access to the JCS1200 platform. Tasks to configure SSH include: Generating the Host Key on page 46 Adding the User Public Key on page 46 Copyright © 2010, Juniper Networks, Inc.
Page 70: Generating The Host Key
—2 - n chang - a Role:supervisor Number of SSH public keys installed for this user: 1 Last login: 1/28/08 09:26:59 Log out, and then use SSH to log back in. For example: Copyright © 2010, Juniper Networks, Inc.
Page 71: Configuring The Jcs Switch Module
You must run the configuration script on both JCS switch modules. Related Configuring JCS Management Module Settings on page 39 Documentation Configuring the Routing Engine Parameters (Blade Bay Data) on page 51 Configuring the Routing Engine (Blade) Name on page 52 Copyright © 2010, Juniper Networks, Inc.
Page 73: Configuring The Routing Engines On The Jcs1200 Platform
Junos OS release requirements—64-bit Junos OS is supported from Junos OS Release 10.3. This topic includes the following tasks: Downloading 64-Bit Junos OS on page 49 Installing 64-Bit Junos OS on page 50 Downloading 64-Bit Junos OS To download 64-bit Junos OS: Copyright © 2010, Juniper Networks, Inc.
Page 74: Installing 64-Bit Junos Os
JUNOS 10.4 Protected System Domain Configuration Guide Download the 64-bit software package from the Juniper Networks Support website . Under Download Software, select either Junos http://www.juniper.net/support/ (US & Canada) or Junos (Worldwide). To download the software package, you must have a service contract and an access account.
Page 75: Configuring The Routing Engine Parameters (Blade Bay Data)
Routing Engine is installed. In the absence of any Junos OS CLI configuration that affects mastership, the Routing Engine in the slot indicated REB will boot as the backup. Routing platform type. The accepted values are T1600 T640 T320 , or (standalone control element). Copyright © 2010, Juniper Networks, Inc.
Page 76: Configuring The Routing Engine (Blade) Name
In this example, the blade name is BLADE01 . This name identifies the JCS Routing Engine on the network, and it appears in monitoring command output. Related env on page 62 Documentation config on page 60 Copyright © 2010, Juniper Networks, Inc.
Page 77: Summary Of Jcs Management Module Configuration Commands
NOTE: The JCS management module command-line interface (CLI) provides a large number of commands and command options. This section describes only the subset of commands and command options that we recommend for configuring the JCS1200 platform in a Juniper Networks environment. Copyright © 2010, Juniper Networks, Inc.
Page 78: Alertentries
Table 6 on page 54 lists the output fields for the command. Output fields are alertentries listed in the approximate order in which they appear. Table 6: alertentries Output Fields Field Name Field Description Alert status for the specified recipient. Alert status is -status Copyright © 2010, Juniper Networks, Inc.
Page 79 Alert notification method. alertentries (Display) alertentries (Display) system> alertentries -T system:mm[1] -2 —status on -n test1 -f critical -t snmp alertentries system> alertentries -T system:mm[1] -3 -f none -n trap -status on -t snmp (Configure) Copyright © 2010, Juniper Networks, Inc.
Page 80: Baydata
(standalone control element). T1600 T640 T320, Required Privilege supervisor Level Related Configuring the Routing Engine Parameters (Blade Bay Data) on page 51 Documentation control-slot-numbers on page 114 control-system-id on page 115 root-domain-id on page 119 Copyright © 2010, Juniper Networks, Inc.
Page 81: Table 7: Baydata Output Fields
No blade present No blade present baydata (Configure a system> baydata —b 05 —data “V01–JCS01–SD01–PSD01–REP05–REB06–PRDT1600” Routing Engine) baydata (Clear a system> baydata –b 06 —clear Routing Engine) baydata (Clear All system> baydata —clear Routing Engines) Copyright © 2010, Juniper Networks, Inc.
Page 82: Clear
List of Sample Output clear on page 58 Output Fields No results are returned from this command. After the JCS management module resets, you must start a new CLI session. clear clear system> clear —config –T system:mm[1] Copyright © 2010, Juniper Networks, Inc.
Page 83: Clock
When you enter this command, you are provide with feedback on the status of your request. clock (Display) clock (Display) system> clock –T system:mm[1] 03/31/2008 16:27:11 GMT+5:00 dst uc clock (Configure) system> clock -d 04/01/2008 -t 22:12:04 dst uc –T system:mm[1] Copyright © 2010, Juniper Networks, Inc.
Page 84: Config
Configuring the Routing Engine (Blade) Name on page 52 List of Sample Output config (Display) on page 61 config (Configure a JCS Management Module) on page 61 config (Configure a Routing Engine) on page 61 Copyright © 2010, Juniper Networks, Inc.
Page 85: Table 8: Config Output Fields
-contact John Markham -loc QA Lab config (Configure a JCS system> config –T system:mm[1] -contact “George Chu x2556” -name SW-MM1 -loc “SW Lab” Management Module) config (Configure a system> config –T system:blade[2] -name QA-Blade2 Routing Engine) Copyright © 2010, Juniper Networks, Inc.
Page 86: Env
When you enter this command, you are provided feedback on the status of your request. The command prompt changes to reflect the new command target. env (JCS Management env (JCS Management system> env –T system:mm[1] Module) Module) system:mm[1]> Copyright © 2010, Juniper Networks, Inc.
Page 87: Exit
JCS1200 Software Components on page 23 Documentation List of Sample Output exit on page 63 Output Fields When you enter this command, no feedback is provided. Instead, the user login prompt appears. exit exit system> exit –T system:mm[1] username: Copyright © 2010, Juniper Networks, Inc.
Page 88: Help
— View/edit advanced failover mode alarm — Manage Telco System Management alarm(s) alertcfg — Displays/Configures the global remote alert systems alertentries — View/edit remote alarm recipients baydata — View/edit Blade Bay Data string Copyright © 2010, Juniper Networks, Inc.
Page 89: Ifconfig (Jcs Management Module)
Table 9: ifconfig Output Fields Field Name Field Description IP address of the Ethernet interface on the JCS management module. Gateway IP address of the Ethernet interface on the JCS management module. Copyright © 2010, Juniper Networks, Inc.
Page 90 (Display) ifconfig (Display) system> ifconfig -T system:mm[1] -eth0 Enabled -i 192.168.171.96 -g 192.168.171.254 —s 255.255.252.0 -c static ifconfig (Configure) system> ifconfig -T system:mm[1] —eth0 -c static —i 157.210.171.96 -g 157.210.171.254 —s 255.255.252.0 Copyright © 2010, Juniper Networks, Inc.
Page 91: Ifconfig (Jcs Switch Module)
Required Privilege operator (display) Level supervisor (display or configure) Related Configuring the Switch Module Ethernet Interface on page 41 Documentation List of Sample Output ifconfig (Display) on page 68 ifconfig (Configure) on page 68 Copyright © 2010, Juniper Networks, Inc.
Page 92: Table 10: Ifconfig Output Fields
(Display) ifconfig (Display) system> ifconfig -T system:switch[1] -i 192.168.171.96 -g 192.168.171.254 —s 255.255.252.0 -c static ifconfig (Configure) system> ifconfig -T system:switch[1] -c static –em enabled —ep enabled —i 157.210.171.98 -g 157.210.171.254 —s 255.255.252.0 Copyright © 2010, Juniper Networks, Inc.
Page 93: Monalerts
Table 11 on page 69 lists the output fields for the command. Output fields are monalerts listed in the approximate order in which they appear. Table 11: monalerts Output Fields Field Name Field Description Status ( enabled disabled ) of critical alert monitoring. Copyright © 2010, Juniper Networks, Inc.
Page 94 Status ( ) of warning alert monitoring. enabled disabled monalerts (Display) monalerts (Display) system> monalerts -T system:mm[1] -ca enabled -ec enabled -ia disabled -wa disabled monalerts (Configure) system> monalerts -T system:mm[1] -ia enable -wa enable Copyright © 2010, Juniper Networks, Inc.
Page 95 Output Fields When you enter this command, you are provided feedback on the status of your request. mt (Configure) mt (Configure) system:mm[1]> mt -T system —b 12 mt (Display) system:mm[1]> mt -T system -b 12 Copyright © 2010, Juniper Networks, Inc.
Page 96: Ntp
IP address or hostname of the NTP server. How often (in minutes) the JCS management module is updated by the NTP server. -v3en V3 authentication status ( enabled disabled ) between the JCS management module and the NTP server. Copyright © 2010, Juniper Networks, Inc.
Page 97 Chapter 8: Summary of JCS Management Module Configuration Commands ntp (Display) ntp (Display) system> ntp -T system:mm[1] -en enabled -i timeserver -f 5 -v3en disabled ntp (Configure) system> ntp -T system:mm[1] -en enable -I timeserver2 -f 15 Copyright © 2010, Juniper Networks, Inc.
Page 98: Snmp
Table 13 on page 74 lists the output fields for the command. Output fields are listed snmp in the approximate order in which they appear. Table 13: snmp Output Fields Field Name Field Description Status of the SNMP agent (enabled or disabled) Copyright © 2010, Juniper Networks, Inc.
Page 99 Contact name for the SNMP community host server Location of the SNMP community host server snmp (Display) snmp (Display) system> snmp -T system:mm[1] To be provided. snmp (Configure) system> snmp -T system:mm[1] -ca1 trap -c1 Traps -c3i1 192.168.171.100 Copyright © 2010, Juniper Networks, Inc.
Page 100: Sshcfg
CLI SSH port Port number assigned to the CLI SSH server. sstatus Status of the SMASH (secure mashup) SSH server (enabled or disabled). Port number assigned to the SMASH SSH server. SMASH SSH port Copyright © 2010, Juniper Networks, Inc.
Page 101 SMASH SSH port 50024 ssh-dss 2048 bit fingerprint: 27:ee:bd:a9:27:28:d8:a5:93:03:3d:8e:77:d0:38:2c ssh-rsa 2048 bit fingerprint: 66:c9:73:4f:18:11:02:10:f3:05:6e:d7:27:05:a5:01 2 SSH public keys installed 10 locations available to store SSH public keys sshcfg (Configure) system> sshcfg -T system:mm[1] -hk gen -cstatus enabled Copyright © 2010, Juniper Networks, Inc.
Page 102: Users
User ID Authority level assigned to the user. Users can have either Role supervisor authority. operator Routing Engines (blades) to which the user has access. By default, Blades users have access to all Routing Engines. Copyright © 2010, Juniper Networks, Inc.
Page 103 11. <not used> 12. <not used> users (Configure a User system:mm[1]> users –5 akbar –p PWD.2 –a super Account) users (Clear a User system:mm[1]> users –3 -clear Account) users (Clear All User system:mm[1]> users -clear Accounts) Copyright © 2010, Juniper Networks, Inc.
Page 105: Configuring The Junos Os
Configuring an RSD and Creating PSDs on page 83 Configuring Basic System Properties on a New PSD on page 87 Configuring Shared Interfaces on page 93 Configuring Inter-PSD Forwarding on page 107 Summary of Junos Configuration Statements on page 113 Copyright © 2010, Juniper Networks, Inc.
Page 107: Configuring An Rsd And Creating Psds
{ control-plane-bandwidth-percent percent; control-slot-numbers [ slot-numbers ]; control-system-id control-system-id; description description; fpcs [ slot-numbers ]; root-domain-id root-domain-id; Related Protected System Domains on page 4 Documentation Configuring an RSD and Creating PSDs on page 84 Copyright © 2010, Juniper Networks, Inc.
Page 108: Configuring An Rsd And Creating Psds
For Junos OS Release 9.4, supported values for through slot-numbers —Assign an ID to the JCS1200 platform. The control-system-id control-system-id value for can be through control-system-id The value for this statement must match the value set through the baydata command. Copyright © 2010, Juniper Networks, Inc.
Page 109 System Domains Configuration Hierarchy on page 83 Example: Configuring a JCS1200 Platform and a Single T Series Router on page 123 Example: Configuring a JCS1200 Platform and Multiple T Series Routers on page 128 Copyright © 2010, Juniper Networks, Inc.
Page 111: Configuring Basic System Properties On A New Psd
Configure the routing platform’s domain name: [edit] root# set system domain-name domain-name Configure the IP addresses and prefix lengths for one or both of the router management Ethernet interfaces ( fxp0 fxp1 ) on each Routing Engine. [edit] Copyright © 2010, Juniper Networks, Inc.
Page 112 Junos System Basics Configuration Guide. You will need to commit your configuration changes to activate them on the routing platform. Exit from the Junos OS configuration mode. Copyright © 2010, Juniper Networks, Inc.
Page 113: Configuring A Psd With Redundant Routing Engines
You can see that you are the root root user, because the prompt on the routing platform shows the username root@% Start the Junos OS command-line interface (CLI): root@% cli root@> Enter Junos OS configuration mode: cli> configure [edit] root# Copyright © 2010, Juniper Networks, Inc.
Page 114 Configure the IP address of a backup or default routing platform. [edit] root# set system backup-router address Choose a router that is directly connected to the local routing platform by way of the management interface. Copyright © 2010, Juniper Networks, Inc.
Page 115 When the cable is unplugged from the Routing Engine, the user is not logged out of the console session. Related Configuring an RSD and Creating PSDs on page 84 Documentation Configuring a PSD with a Single Routing Engine on page 87 Copyright © 2010, Juniper Networks, Inc.
Page 117: Configuring Shared Interfaces
{ ge-fpc/pic/slot { vlan-tagging; shared-interface; unit logical-unit-number { vlan-id number; peer-interface interface-name; interface-shared-with psdn; family family { address ip-address; so-fpc/pic/slot { encapsulation frame-relay; shared-interface; unit logical-unit-number { dlci dlci-identifier; peer-interface interface-name; interface-shared-with psdn; Copyright © 2010, Juniper Networks, Inc.
Page 118: Configuring Shared Interfaces
Then configure the assigned logical interfaces under it and bind each one to a peer interface on the Tunnel PIC owned by the PSD. When you configure shared interfaces, the values for several parameters configured on the RSD and the PSD must match: Copyright © 2010, Juniper Networks, Inc.
Page 119: Configuring Shared Interfaces On The Rsd
For Frame Relay encapsulation, use the statement at encapsulation frame-relay hierarchy level. [edit interfaces so-fpc/pic/slot] For VLAN tagging, use the vlan-tagging statement at one of the following hierarchy levels: [edit interfaces ge-fpc/pic/slot] [edit interfaces xe-fpc/pic/slot] Copyright © 2010, Juniper Networks, Inc.
Page 120 PSD1, whereas PSD2 so-0/0/0.0 so-0/0/0.1 owns so-0/0/0.2 interfaces { so-0/0/0 { encapsulation frame-relay; unit 0 { dlci 100; interface-shared-with psd1; unit 1 { dlci 101; interface-shared-with psd1; unit 2 { dlci 102; interface-shared-with psd2; Copyright © 2010, Juniper Networks, Inc.
Page 121: Configuring Shared Interfaces On A Psd
Configuring Shared Interfaces on a PSD To configure shared interfaces on a PSD: Configure the physical interface at the hierarchy level by doing one [edit interfaces] of the following: Configure the physical SONET interface using the so-fpc/pic/slot statement. Copyright © 2010, Juniper Networks, Inc.
Page 123 0 { dlci 100; peer-interface ut-1/0/0.0; family inet { address 10.10.10.1/24; unit 1 { dlci 101; peer-interface ut-1/0/0.1 family inet { address 10.10.11.1/24; ut-1/0/0 { unit 0 { peer-interface so-0/0/0.0; unit 1 { peer-interface so-0/0/0.1; Copyright © 2010, Juniper Networks, Inc.
Page 124 1{ vlan-id 100; peer-interface ut-3/0/0.1; family inet { address 10.10.13.1/24; unit 2{ vlan-id 101; peer-interface ut-4/0/0.2 family inet { address 10.10.14.1/24; ut-3/0/0 { unit 1{ peer-interface ge-1/0/0.1; unit 2{ peer-interface ge-1/0/0.2; Copyright © 2010, Juniper Networks, Inc.
Page 125 { address 10.1.1.2/30; family inet6 { address ::10.1.1.2/126; unit 1{ vlan-id 200; peer-interface ut-2/0/0.1 family inet { address 11.1.1.2/30; family inet6 { address ::11.1.1.2/126; ut-2/0/0 { unit 0{ peer-interface xe-5/0/0.0; unit 1{ peer-interface xe-5/0/0.1; Copyright © 2010, Juniper Networks, Inc.
Page 126: Configuring Firewall Filters On Shared Interfaces
[edit firewall family any filter hierarchy level. filter-name term term-name] Apply the firewall filter to the logical interface on the shared interface by including filter output filter-name statement at the [edit interfaces interface-name unit hierarchy level. logical-unit-number] Copyright © 2010, Juniper Networks, Inc.
Page 127 3 { then policer iflpolicer; interfaces { ut-1/2/3 { unit 0 { peer-interface so-4/5/6.0; so-4/5/6 { encapsulation frame-relay; unit 0 { peer-interface ut-1/2/3.0; filter output filter-out; family inet { address 192.168.0.1/24; Copyright © 2010, Juniper Networks, Inc.
Page 128: Configuring Cos Features On Shared Interfaces
RSD. If you issue the command on the PSD, the system displays this message: “Egress queue statistics are not applicable to this interface.” For more information about CoS features, see the Junos OS Class of Service Configuration Guide. Copyright © 2010, Juniper Networks, Inc.
Page 129 Related Shared Interfaces on page 5 Documentation Configuring Shared Interfaces on the RSD on page 95 Configuring Shared Interfaces on a PSD on page 97 Configuring Firewall Filters on Shared Interfaces on page 102 Copyright © 2010, Juniper Networks, Inc.
Page 131: Configuring Inter-Psd Forwarding
Inter-PSD Forwarding Overview on page 8 Documentation Configuring Inter-PSD Forwarding on a PSD on page 108 Configuring Inter-PSD Forwarding Before You Configure Inter-PSD Forwarding on page 108 Configuring Inter-PSD Forwarding on a PSD on page 108 Copyright © 2010, Juniper Networks, Inc.
Page 132: Before You Configure Inter-Psd Forwarding
Repeat this procedure for each PSD that you want to include in inter-PSD forwarding. In the example illustrated in Figure 12 on page 109, a cross-connect using a tunnel interface transports packets between the logical interfaces configured on each PSD. Copyright © 2010, Juniper Networks, Inc.
Page 133: Figure 12: Example: Inter-Psd Forwarding
PSD 5 is configured as follows: interfaces { xt-4/3/0 { unit 1 { peer-psd psd7; peer-interface xt-3/3/0.1; encapsulation frame-relay; point-to-point; dlci 1; family inet { address 10.0.0.2/32 { destination 10.0.0.1; family inet6 { address 2121:2121::2/64; unit 2 { Copyright © 2010, Juniper Networks, Inc.
Page 134 { address 10.1.1.1/32 { destination 10.1.1.2; In this example, the hierarchy on PSD 3 is configured as follows: [edit interfaces] interfaces { xt-2/3/0 { unit 1 { peer-psd psd5; peer-interface xt-4/3/0.2; encapsulation frame-relay; point-to-point; Copyright © 2010, Juniper Networks, Inc.
Page 135 2; family inet { address 10.1.1.2/32 { destination 10.1.1.1; Related Inter-PSD Forwarding Overview on page 8 Documentation Interface Hierarchy on page 107 Before You Configure Inter-PSD Forwarding on page 108 Copyright © 2010, Juniper Networks, Inc.
Page 137: Summary Of Junos Configuration Statements
—Percentage of bandwidth. Range: through Required Privilege view-level—To view this statement in the configuration. Level control-level—To add this statement to the configuration. Related Configuring an RSD and Creating PSDs on page 84 Documentation Copyright © 2010, Juniper Networks, Inc.
Page 138: Control-Slot-Numbers
Required Privilege view-level—To view this statement in the configuration. Level control-level—To add this statement to the configuration. Related Configuring an RSD and Creating PSDs on page 84 Documentation baydata on page 56 Copyright © 2010, Juniper Networks, Inc.
Page 139: Control-System-Id
Options description —Description for the PSD. Required Privilege view-level—To view this statement in the configuration. Level control-level—To add this statement to the configuration. Related Configuring an RSD and Creating PSDs on page 84 Documentation Copyright © 2010, Juniper Networks, Inc.
Page 140: Fpcs
Level control-level—To add this statement to the configuration. Related Configuring Shared Interfaces on the RSD on page 95. Documentation Configuring Shared Interfaces on a PSD on page 97. shared-interface on page 119 Copyright © 2010, Juniper Networks, Inc.
Page 141: Peer-Interface
Range: through Required Privilege view-level—To view this statement in the configuration. Level control-level—To add this statement to the configuration. Related Configuring Inter-PSD Forwarding on a PSD on page 108. Documentation peer-interface on page 117 Copyright © 2010, Juniper Networks, Inc.
Page 142: Protected-System-Domains
The remaining statements are described separately. Required Privilege view-level—To view this statement in the configuration. Level control-level—To add this statement to the configuration. Related Configuring an RSD and Creating PSDs on page 84 Documentation Copyright © 2010, Juniper Networks, Inc.
Page 143: Root-Domain-Id
Level control-level—To add this statement to the configuration. Related Configuring Shared Interfaces on the RSD on page 95. Documentation Configuring Shared Interfaces on a PSD on page 97. interface-shared-with on page 116 Copyright © 2010, Juniper Networks, Inc.
Page 144: System-Domains
Options All statements are described separately. Required Privilege view-level—To view this statement in the configuration. Level control-level—To add this statement to the configuration. Related Configuring an RSD and Creating PSDs on page 84 Documentation Copyright © 2010, Juniper Networks, Inc.
Page 147: Configuration Examples
This configuration example requires the following hardware and software components: Junos OS Release 9.1 or later JCS1200 platform with Routing Engines in slots 1, 2, 3, and 4 T640 router with FPCs in slots 0, 1, 2, and 3 Copyright © 2010, Juniper Networks, Inc.
Page 148 (Routing Engine) slot, and specifies the following parameters: —Product version. —JCS platform identifier. —RSD identifier. —PSD identifier. —Slot in which the primary (or master) Routing Engine resides. —Slot in which the backup Routing Engine resides. —Juniper Networks router product. Copyright © 2010, Juniper Networks, Inc.
Page 149 Include the statement to identify the JCS1200 platform. control-system-id 1 c. Include the control-slot-numbers 3 control-slot-numbers 4 statement to assign the Routing Engines in slots 3 and 4 in the JCS chassis to PSD2. Copyright © 2010, Juniper Networks, Inc.
Page 150 Routing Engines on the JCS1200 platform. Action Issue the command: show chassis hardware PSD1 user@psd1> show chassis hardware rsd-re0: -------------------------------------------------------------------------- Hardware inventory: Item Version Part number Serial number Description Chassis S19068 T1600 Midplane REV 04 710-002726 AX5666 T640 Backplane Copyright © 2010, Juniper Networks, Inc.
Page 151 Item Version Part number Serial number Description Chassis 740-023156 SNJCSJCSAC00 JCS1200 AC Chassis Routing Engine 1 REV 01 740-023157 SNBLJCSAC005 RE-JCS1200-1x2330 Routing Engine 2 REV 01 740-023158 SNBLJCSAC006 RE-JCS1200-1x2330 PSD2 user@psd2> show chassis hardware Copyright © 2010, Juniper Networks, Inc.
Page 152: Example: Configuring A Jcs1200 Platform And Multiple T Series Routers
Example: Configuring a JCS1200 Platform and Multiple T Series Routers In this configuration example, the JCS1200 platform is connected to multiple T Series routers. The configuration is described in the following sections: Requirements on page 129 Overview on page 129 Copyright © 2010, Juniper Networks, Inc.
Page 153: Table 17: Jcs Chassis Routing Engine Assignments
Refer to the data presented in Table 17 on page 129 for Routing Engine assignments. Table 17: JCS Chassis Routing Engine Assignments Primary Backup Routing RSD ID PSD ID Routing Engine Engine Routing Platform T320 T640 Copyright © 2010, Juniper Networks, Inc.
Page 154 Display the results of the configuration: system> baydata Status Definition Supported V01 JCS01 SD01 PSD01 REP01 REB02 PRDT320 Supported V01 JCS01 SD01 PSD01 REP01 REB02 PRDT320 Supported V01 JCS01 SD01 PSD02 REP03 REB04 PRDT320 Copyright © 2010, Juniper Networks, Inc.
Page 155: Table 18: T320 Router Configuration
Include the statement to identify the JCS1200 platform. control-system-id 1 c. Include the control-slot-numbers 3 control-slot-numbers 4 statement to assign the Routing Engines in slots 3 and 4 in the JCS chassis to PSD2. Copyright © 2010, Juniper Networks, Inc.
Page 156: Table 19: T640 Router Configuration
Include the statement to identify the JCS1200 platform. control-system-id 1 c. Include the statement to assign control-slot-numbers 5 control-slot-numbers 6 the Routing Engines in slots 5 and 6 in the JCS chassis to PSD3. Copyright © 2010, Juniper Networks, Inc.
Page 157: Table 20: T1600 Router Configuration
At the hierarchy level of the Junos OS CLI, include [edit chassis system-domains] statement to identify the RSD. root-domain-id 3 At the hierarchy level, include the [edit chassis system-domains] statement to create PSD5. protected-system-domains psd5 Copyright © 2010, Juniper Networks, Inc.
Page 158 Verifying Configured PSDs on page 134 Verifying PSD Ownership of FPCs on page 135 Verifying PSD Ownership of Routing Engines on page 135 Verifying Configured PSDs Purpose Verify that the PSDs configured under each RSD are online. Copyright © 2010, Juniper Networks, Inc.
Page 159 On each PSD, issue the command. For example: show chassis routing-engine user@psd2> show chassis routing-engine Routing Engine status: Slot 0: Physical Slot Current state Master Election priority Master (default) DRAM 13312 MB Memory utilization 11 percent Copyright © 2010, Juniper Networks, Inc.
Page 160: Example: Configuring Shared Interfaces (Sonet)
In this configuration example, two Protected System Domains (PSDs) share a single interface on a Flexible PIC Controller (FPC) that is owned by the Root System Domain (RSD). Requirements on page 137 Overview on page 137 Configuration on page 137 Verification on page 143 Copyright © 2010, Juniper Networks, Inc.
Page 161: Figure 13: Example: Shared Interfaces (Sonet)
(CLI). Then, configure each T Series router using the Junos OS CLI. JCS1200 Configuration on page 138 RSD Configuration on page 138 PSD5 Configuration on page 140 PSD6 Configuration on page 142 Copyright © 2010, Juniper Networks, Inc.
Page 162 Include the statement to assign the FPCs in slots 1, 2, and 3 fpcs 1 fpcs 2 fpcs 3 to PSD1. b. Include the statement to identify the JCS1200 platform. control-system-id 1 Copyright © 2010, Juniper Networks, Inc.
Page 163 —Configure the data-link connection identifier (DLCI) for the dlci dlci-identifier point-to-point Frame Relay connection: For unit 0, the value is For unit 1, the value is For unit 2, the value is For unit 3, the value is Copyright © 2010, Juniper Networks, Inc.
Page 164 [edit interfaces] ut-1/0/0 the physical tunnel interface. At the [edit interfaces ut-1/0/0] hierarchy level, include the unit 0 unit 1 , and unit 2 statements to configure the logical tunnel interfaces. Copyright © 2010, Juniper Networks, Inc.
Page 165 , the value is unit 1 17.17.17.1/30 , the value is unit 2 18.18.18.1/30 Results Display the results of the configuration: interfaces { ut-1/0/0 { unit 0 { peer-interface so-6/0/0.0; unit 1 { peer-interface so-6/0/0.1; Copyright © 2010, Juniper Networks, Inc.
Page 166 SONET interface as the shared physical shared-interface interface. At the hierarchy level, include the statement to [edit interfaces so-6/0/0] unit 3 configure the logical interface. At the hierarchy level, include the following [edit interfaces so-6/0/0 unit 3] statements: Copyright © 2010, Juniper Networks, Inc.
Page 167 ANSI LMI settings: n391dte 6, n392dte 3, n393dte 4, t391dte 10 seconds LMI: Input: 0 (never), Output: 0 (never) DTE statistics: Enquiries sent Full enquiries sent Enquiry responses received Full enquiry responses received DCE statistics: Copyright © 2010, Juniper Networks, Inc.
Page 168 Tunnel token: Rx: 2.333, Tx: 1.334 Input packets : 0 Output packets: 0 DLCI 18 Flags: Active Total down time: 00:01:09 sec, Last down: 284:58:21 ago Input packets : 0 Output packets: 0 DLCI statistics: Active DLCI Inactive DLCI Copyright © 2010, Juniper Networks, Inc.
Page 169 Addresses, Flags: Is-Preferred Is-Primary Destination: 16.16.0.0/30, Local: 16.16.0.1, Broadcast: 16.16.0.3 DLCI 16 Flags: Active Total down time: 00:00:00 sec, Last down: 00:00:55 ago Input packets : 9 Output packets: 10 DLCI statistics: Active DLCI Inactive DLCI Copyright © 2010, Juniper Networks, Inc.
Page 170 Link-level type: Frame-Relay, MTU: 4474, Clocking: Internal, Speed: OC192, Loopback: None, FCS: 16, Payload scrambler: Enabled Device flags : Present Running Interface flags: Point-To-Point SNMP-Traps Internal: 0x4000 Shared-interface : Non-Owner Link flags : No-Keepalives DTE Copyright © 2010, Juniper Networks, Inc.
Page 171: Example: Configuring Shared Interfaces (Ethernet)
This configuration example requires the following hardware and software components: Junos OS Release 9.4 or later JCS1200 platform with Routing Engines in slots 5, 6, and 7 T640 router with FPCs in slots 1 through 7 Copyright © 2010, Juniper Networks, Inc.
Page 172: Figure 14: Example: Shared Interfaces (Gigabit Ethernet)
Assign the Routing Engines in slots 5 (primary) and 6 (backup) to RSD3 and PSD1. Assign the Routing Engine in slot 7 to RSD3 and PSD2. system> baydata —b 05 —data “V01–JCS01–SD03–PSD01–REP05–REB06–PRDT640” system> baydata —b 06 —data “V01–JCS01–SD03–PSD01–REP05–REB06–PRDT640” Copyright © 2010, Juniper Networks, Inc.
Page 173 Include the statement to assign the FPCs in slots 4, 5, fpcs 4 fpcs 5 fpcs 6 fpcs 7 6, and 7 to PSD2. b. Include the statement to identify the JCS1200 platform. control-system-id 1 Copyright © 2010, Juniper Networks, Inc.
Page 174 { root-domain-id 3; protected-system-domains { psd5 { description customerA; fpcs [ 1 2 3 ]; control-system-id 1; control-slot-numbers [ 5 6 ]; control-plane-bandwidth-percent 50; psd6 { description customerB; fpcs [ 4 5 7 ]; Copyright © 2010, Juniper Networks, Inc.
Page 175 [edit interfaces ge-6/0/0] hierarchy level, include unit 0 unit 1 , and unit 2 statements to configure logical interfaces. At the [ ] hierarchy level, include the following edit interfaces ge-6/0/0 unit n statements: Copyright © 2010, Juniper Networks, Inc.
Page 176 2 { peer-interface ge-6/0/0.2; ge-6/0/0 { vlan-tagging; shared-interface; unit 0 { peer-interface ut-1/0/0.0; vlan-id 16; family inet { address 10.70.0.1/30; unit 1 { peer-interface ut-1/0/0.1; vlan-id 17; family inet { address 17.17.17.1/30; Copyright © 2010, Juniper Networks, Inc.
Page 177 —Configure the IP version 4 (IPv4) suite protocol family. Results Display the results of the configuration: interfaces { ut-7/0/0 { unit 0 { peer-interface ge-6/0/0.3; ge-6/0/0 { vlan-tagging; unit 3 { peer-interface ut-7/0/0.0; vlan-id 100; Copyright © 2010, Juniper Networks, Inc.
Page 178 Input packets : 0 Output packets: 0 Protocol multiservice, MTU: Unlimited Flags: None Logical interface ge-0/6/0.3 (Index 69) (SNMP ifIndex 236) Flags: SNMP-Traps 0x4000 VLAN-Tag [ 0x8100.10 ] Encapsulation: ENET2 Shared-interface: Shared with: psd6 Copyright © 2010, Juniper Networks, Inc.
Page 179 Peer interface: ut-1/0/0.1 Tunnel token: Rx: 2.530, Tx: 1.520 Input packets : 0 Output packets: 0 Protocol inet, MTU: 1500 Addresses, Flags: Is-Preferred Is-Primary Destination: 16.16.0.0/30, Local: 16.16.0.1, Broadcast: 16.16.0.3 Protocol multiservice, MTU: Unlimited Flags: None Copyright © 2010, Juniper Networks, Inc.
Page 180 Input packets : 13 Output packets: 7774 Output Filters: filter-safari Protocol inet, MTU: 1500 Addresses, Flags: Dest-route-down Is-Preferred Is-Primary Destination: 173.16.254.0/30, Local: 173.16.254.1, Broadcast: 173.16.254.3 Protocol inet6, MTU: 1500 Flags: None Addresses, Flags: Dest-route-down Is-Preferred Is-Primary Copyright © 2010, Juniper Networks, Inc.
Page 181: Example: Configuring Route Reflection-Roadmap
This configuration example requires the following hardware and software components: Junos OS Release 9.5 or later One JCS1200 platform with Routing Engines in slots 1, 2, 3, and 4 One T640 router with FPCs in slots 0, 1, and 2 Copyright © 2010, Juniper Networks, Inc.
Page 182: Figure 15: Example: Route Reflection
PSD13 Routing Engine in slot 3 FPC in slot 0 (FPC0) (bcgcpu4) Configuration The configuration of route reflection is described in the following sections: JCS1200 Configuration on page 159 RSD Configuration on page 161 Copyright © 2010, Juniper Networks, Inc.
Page 183 REB00 is no backup Routing Engine. PRDSCE —Juniper Networks router product. There is a special product type for the route reflector: Standalone Control Element ( Configure the Routing Engine that is part of PSD11 This Routing Engine is located in slot of the JCS chassis and acts as standalone router (not a route reflector).
Page 184 REB00 is no backup Routing Engine. PRDT640 —Juniper Networks router product, which is the T640 router. Configure the Routing Engine that is part of PSD12. This Routing Engine is located in slot of the JCS chassis and acts as standalone router (not a route reflector).
Page 185 FPC in slot 2 to PSD12. fpcs 2 c. Include the control-system-id 1 statement to identify the JCS1200 platform. d. Include the statement to assign the Routing Engine in control-slot-numbers 3 slot 3 in the JCS chassis to PSD12. Copyright © 2010, Juniper Networks, Inc.
Page 186 2 (the route reflector domain) or any protected-system-domains PSD15 statements for the route reflector PSD. This is because the route reflector is self-contained within the JCS chassis and does not require configuration on the T640 router. Copyright © 2010, Juniper Networks, Inc.
Page 187 [edit interfaces ge-1/1/0 unit 0] hierarchy level, include the family inet address statement to configure the IPv4 suite protocol family. 10.12.100.10/30 At the [edit interfaces] hierarchy level, include the ge-1/1/1 statement to configure the internal Ethernet interface. Copyright © 2010, Juniper Networks, Inc.
Page 188 0 statement to configure the logical interface. At the hierarchy level, include the [edit interfaces ge-2/0/3 unit 0] family inet address 10.12.100.1/30 statement to configure the IPv4 suite protocol family. Copyright © 2010, Juniper Networks, Inc.
Page 189 [edit interfaces ge-0/1/0] unit 0 configure the logical interface. At the hierarchy level, include the [edit interfaces ge-0/1/0 unit 0] family inet address statement to configure the IPv4 suite protocol family. 10.12.100.17/30 Copyright © 2010, Juniper Networks, Inc.
Page 190: Example: Configuring Client-To-Client Reflection (Ospf)
This example requires the following hardware and software components: Junos OS Release 9.5 or later One JCS1200 platform with Routing Engines in slots 1,2, 3, and 4 One T640 router with FPCs in slots 0, 1, and 2 Copyright © 2010, Juniper Networks, Inc.
Page 191: Figure 16: Example: Configuring Client-To-Client Reflection (Ospf)
First, configure protocols for the route reflector (RR), then configure protocols for the routers (R1, R2, and R3). PSD15 Configuration (Route Reflector) on page 168 PSD11 Configuration (Router 1) on page 169 PSD12 Configuration (Router 2) on page 172 PSD13 Configuration (Router 3) on page 174 Copyright © 2010, Juniper Networks, Inc.
Page 192 333 minimum interval at which the local router transmits a hello packet and then expects to receive a reply from its BFD neighbor. Repeat Steps 7 through 9 for the internal Ethernet interface: fxp0.1 Copyright © 2010, Juniper Networks, Inc.
Page 193 To configure the route reflector (PSD11): Procedure At the [edit routing-options] hierarchy level, include the autonomous-system 2 statement to configure the router’s AS number. At the hierarchy level, include the statement to enable BGP on [edit protocols] the router. Copyright © 2010, Juniper Networks, Inc.
Page 194 At the [edit policy-options nh-self] hierarchy level, include the term b statement to define the next term for the policy. nh-self At the hierarchy level, include the following [edit policy-options nh-self term b] statements: Copyright © 2010, Juniper Networks, Inc.
Page 195 { policy-statement nh-self { term a { from { protocol static; route-filter 0.0.0.0/0 exact; then reject; term b { from protocol static; then { next-hop self; accept; term c { then reject; Copyright © 2010, Juniper Networks, Inc.
Page 196 [edit protocols ospf area 0.0.0.0 interface ge-2/0/1.0] hierarchy level, include statement to specify bidirectional failure detection timers. bfd-liveness-detection At the [edit protocols ospf area 0.0.0.0 interface ge-2/0/1.0 bfd-liveness-detection] hierarchy level, include the minimum-interval 333 statement to specify 333 Copyright © 2010, Juniper Networks, Inc.
Page 197 [edit policy-options nh-self term c] then reject statement to reject all other routes. Results Display the results of the configuration: routing-options { autonomous-system 2; protocols { bgp { group int { type internal; local-address 10.12.1.3; export nh-self; Copyright © 2010, Juniper Networks, Inc.
Page 198 BGP on [edit protocols] the router. At the [edit protocols bgp] hierarchy level, include the group int statement to define the routing group. At the hierarchy level: [edit protocols bgp group int] Copyright © 2010, Juniper Networks, Inc.
Page 199 At the [edit policy-options nh-self term a] hierarchy level, include the following statements to specify that any static route with destination prefix 0.0.0.0/0 rejected: from { protocol static; Copyright © 2010, Juniper Networks, Inc.
Page 200 10.12.1.4; export nh-self; neighbor 10.12.1.1; ospf { area 0.0.0.0 { interface ge-0/2/3.0; interface ge-0/1/7.0; interface ge-0/1/0.0 { bfd-liveness-detection { minimum-interval 333; policy-options { policy-statement nh-self { term a { from { Copyright © 2010, Juniper Networks, Inc.
Page 201: Example: Consolidating A Layer 2 Vpn Network
Ethernet interface between the customer LAN and the provider core network. Provider (P) routers are located in the core of the provider network, and provider edge (PE) routers sit at the edge of the network. Copyright © 2010, Juniper Networks, Inc.
Page 202: Figure 17: Typical Layer 2 Vpn Network Topology
T640 router for each PSD. Table 22: Chassis Parameters JCS1200 Platform T640 Routing Node PSD1 Routing Engine in slot 4 FPC in slot 4 (with PICs supporting Fast Ethernet and SONET interfaces) Copyright © 2010, Juniper Networks, Inc.
Page 203 REB00 is no backup Routing Engine. PRDT640 —Juniper Networks router product, which is a T640 router. Configure the command parameters for the Routing Engines that are part baydata of PSD2. The Routing Engine in slot 5 is the master, whereas the Routing Engine in slot 6 is the backup Routing Engine.
Page 204 REP05 REB06 —Slot in which the backup Routing Engine resides, which is —Juniper Networks router product, which is a T640 router. PRDT640 b. To configure the Routing Engine in slot 6, issue the following command: system> baydata —b 06 —data “V01–JCS01–SD01–PSD02–REP05–REB06–PRDT640”...
Page 205 Include the control-system-id 1 statement to identify the JCS1200 platform. c. Include the statement to assign control-slot-numbers 5 control-slot-numbers 6 the Routing Engines in slot 5 and slot 6 in the JCS chassis to PSD2. Copyright © 2010, Juniper Networks, Inc.
Page 206 { host-name customer-a; backup-router 192.168.71.254 destination [ 172.16.0.0/12 192.168.0.0/16 207.17.136.192/32 10.9.0.0/16 10.10.0.0/16 10.13.10.0/23 10.84.0.0/16 10.5.0.0/16 10.6.128.0/17 192.168.102.0/23 207.17.136.0/24 10.209.0.0/16 10.227.0.0/16 10.150.0.0/16 10.157.64.0/19 10.204.0.0/16 ]; interfaces { fxp0 { unit 0 { family inet { Copyright © 2010, Juniper Networks, Inc.
Page 207 { mpls { interface all; bgp { group ibgp { type internal; local-address 10.255.171.124; import match-all; family l2vpn { signaling; export match-all; neighbor 10.255.171.125; isis { interface fe-4/2/3.0 { level 2 metric 10; Copyright © 2010, Juniper Networks, Inc.
Page 208 { then reject; policy-statement match-all { then accept; community frame-relay-vpn-comm members target:65299:400; routing-instances { frame-relay-vpn { instance-type l2vpn; interface so-4/0/3.2; route-distinguisher 10.255.171.124:4; vrf-import frame-relay-vpn-import; vrf-export frame-relay-vpn-export; protocols { Copyright © 2010, Juniper Networks, Inc.
Page 209 0 family inet] fxp0 Results Display the results of the configuration: re0 { system { host-name customer-b; backup-router 192.168.71.254 destination [ 172.16.0.0/12 192.168.0.0/16 207.17.136.192/32 10.9.0.0/16 10.10.0.0/16 10.13.10.0/23 10.84.0.0/16 10.5.0.0/16 Copyright © 2010, Juniper Networks, Inc.
Page 210 { address 10.5.1.1/30; family iso; family mpls; fe-5/1/2 { unit 0 { family inet { address 10.8.1.1/30; family iso; family mpls; so-5/3/0 { encapsulation frame-relay-ccc; unit 1 { encapsulation frame-relay-ccc; dlci 512; Copyright © 2010, Juniper Networks, Inc.
Page 211 { disable; interface lo0.0 { passive; ldp { interface all; interface lo0.0; policy-options { policy-statement frame-relay-vpn-export { term a { then { community add frame-relay-vpn-comm; accept; term b { then reject; Copyright © 2010, Juniper Networks, Inc.
Page 212 Verifying PSD Routing Engine Information on page 190 Verifying PSD Ethernet Switch Statistics on page 191 Verifying Configured PSDs Purpose Verify that PSD1 and PSD2 are configured and online. Action On the RSD, issue the show chassis psd command. {master} Copyright © 2010, Juniper Networks, Inc.
Page 213 Version Part number Serial number Description Chassis 740-023156 SNJCSJCSAC00 JCS1200 AC Chassis Routing Engine 0 REV 01 740-023157 SNBLJCSAC004 RE-JCS1200-1x2330 The following example displays the hardware components belonging to PSD2: user@psd2> show chassis hardware Copyright © 2010, Juniper Networks, Inc.
Page 214 The following example displays detailed information about the Routing Engine assigned to PSD1. user@psd1> show chassis routing-engine Routing Engine status: Slot 0: Physical Slot Current state Master Election priority Master (default) DRAM 13312 MB Memory utilization 10 percent Copyright © 2010, Juniper Networks, Inc.
Page 215 11 hours, 49 minutes, 36 seconds Meaning field displays the JCS chassis slot number in which each Routing Engine Physical Slot is installed. Verifying PSD Ethernet Switch Statistics Purpose Display the Ethernet switch statistics for each PSD. Copyright © 2010, Juniper Networks, Inc.
Page 216 Statistics for switch[2] port INT4 connected to fpx1: TX Octets 3973176699 TX Unicast Packets 27784685 TX Multicast Packets 90293282 TX Broadcast Packets 35160560 Tx Discards TX Errors RX Octets 2278093260 RX Unicast Packets 10421370 RX Multicast Packets RX Broadcast Packets 1881084 Copyright © 2010, Juniper Networks, Inc.
Page 217 RX Unknown Protocol Link State Changes Statistics for switch[1] port EXT1 connected to RSD 1: TX Octets 2206358846 TX Unicast Packets 23930762 TX Multicast Packets 413155 TX Broadcast Packets 4850581 Tx Discards TX Errors Copyright © 2010, Juniper Networks, Inc.
Page 218 RX Unknown Protocol Link State Changes Statistics for switch[2] port EXT6 connected to external management: TX Octets 778154 TX Unicast Packets 4244 TX Multicast Packets TX Broadcast Packets Tx Discards TX Errors RX Octets 732481038 Copyright © 2010, Juniper Networks, Inc.
Page 219 EXT1 provides the connection between the JCS switch module and the RSD. EXT6 provides the connection between the JCS switch module and the management ports on each Routing Engine in the JCS chassis. Related Configuring an RSD and Creating PSDs on page 84 Documentation Copyright © 2010, Juniper Networks, Inc.
Page 221: Managing The Jcs1200 Platform
PART 6 Managing the JCS1200 Platform Managing the JCS1200 Platform on page 199 Summary of JCS Management Module Monitoring Commands on page 209 Copyright © 2010, Juniper Networks, Inc.
Page 223: Managing The Jcs1200 Platform
“Displaying System Component Status” on page 204 System configuration Display the system configuration list. “Displaying a List of Components” on page 205 Temperature Display component temperature values and ranges. “Displaying Temperature Information” on page 206 Copyright © 2010, Juniper Networks, Inc.
Page 224: Displaying Vital Product Data
–T mm[1] Name: bcgmm1 UUID: 369C 7EB6 4067 11DC AAAE 0014 5EDF 924E Manufacturer ID: 20301 Product code: JCS Adv Management Module Serial number: Not Available Part no.: 740-023172 Copyright © 2010, Juniper Networks, Inc.
Page 225 Part no.: 740-023157 Component serial no.: JCS-BLADE-SN-BCG001 CLEI: Not Available MAC Address 1: 00:1A:64:32:E4:D8 MAC Address 2: 00:1A:64:32:E4:DA BIOS Build ID: LJE104BUS Rel date: 12/11/2007 Rev: 1.00 Diagnostics Build ID: BCYT24AUS Rel date: 08/27/2007 Copyright © 2010, Juniper Networks, Inc.
Page 226: Clearing The Event Log
Routine operations, such as configuration changes and user login activities. Failure and error conditions. Emergency and critical conditions, such as power-off due to excessive temperature. You can display the event log to monitor JCS1200 platform operations and to diagnose and troubleshoot problems. Copyright © 2010, Juniper Networks, Inc.
Page 227: Displaying Power Domain Information
2. Power domain B supports slots 7 though 14 and uses power modules 3 and 4. NOTE: To support devices in power domain B, a power-supply option (consisting of two power modules) must be installed. Action Display power domain information using the JCS CLI fuelg command. Copyright © 2010, Juniper Networks, Inc.
Page 228: Displaying System Component Status
You can display the current health status for the JCS1200 platform to determine if system components are operating properly. For each component, health status can be: Warning Critical Action Display health status for the JCS1200 platform using the JCS management module CLI command. health Copyright © 2010, Juniper Networks, Inc.
Page 229: Displaying A List Of Components
Display a list of components in the JCS chassis using the JCS management module CLI command. list The following sample output appears when the list is displayed for all components installed in the JCS chassis: system> list —l a system mm[1] primary mm[2] standby power[1] power[2] Copyright © 2010, Juniper Networks, Inc.
Page 230: Displaying Temperature Information
Display temperature information (in degrees Fahrenheit) for components in the JCS chassis using the JCS CLI command. temps The following sample output appears when temperature information is displayed for a JCS management module: system> temps –T mm[1] Warning Component Value Warning Reset Hysteresis Copyright © 2010, Juniper Networks, Inc.
Page 231: Displaying Voltage Information
–T blade[1] Source Value Critical --------------- ------- ---------------- Planar 0.9V +0.88 (+0.40,+1.50) Planar 12V +12.12 (+10.20,+13.80) Planar 3.3V +3.30 (+2.78,+3.79) Planar 5V +4.90 (+4.23,+5.74) Planar VBAT +3.05 (+2.54,+3.44) Related volts on page 231 Documentation Copyright © 2010, Juniper Networks, Inc.
Page 233: Summary Of Jcs Management Module Monitoring Commands
NOTE: The JCS management module CLI provides a large number of commands and command options. This section describes only the subset of commands and command options that we recommend for monitoring the JCS1200 platform in a Juniper Networks environment. Copyright © 2010, Juniper Networks, Inc.
Page 234: Boot
224 Documentation List of Sample Output boot on page 210 Output Fields When you enter this command, you are provided feedback on the status of your request. boot boot system> boot –T system:blade[10] Copyright © 2010, Juniper Networks, Inc.
Page 235: Clearlog
211 Output Fields When you enter this command, you are provided feedback on the status of your request. The command prompt changes to reflect the new command target. clearlog clearlog system> clearlog –T system:mm[1] Copyright © 2010, Juniper Networks, Inc.
Page 236: Displaylog
—JCS media tray. Replace with a value of mt_x —JCS power supply. Replace with a value of through power_x —JCS switch module. Replace with a value of switch_x Required Privilege supervisor Level Copyright © 2010, Juniper Networks, Inc.
Page 237: Table 24: Displaylog Output Fields
1 E SERVPROC 01/27/08 19:42:58 Failure reading I2C device. Check bus 4. Severity) 2 E SERVPROC 01/27/08 19:41:53 Blower 2 Fault Multiple blower failures. 3 E SERVPROC 01/27/08 19:41:53 Blower 1 Fault Single blower failure. Copyright © 2010, Juniper Networks, Inc.
Page 238: Fuelg
Bay (slot) number and power value (in watts) for the power supply. Bay x Total amount of power (in watts) allocated to the domain. Power Budget Amount of power (in watts) held in reserve. Reserved Power Copyright © 2010, Juniper Networks, Inc.
Page 239 Status: Power domain status is good. Modules: Bay 3: 1800 Bay 4: 1800 Power Budget: 2880 Reserved Power: 0 Remaining Power: 2880 Power in Use: 0 fuelg (Configure) system> fuelg –T system:mm[1] -qm off Copyright © 2010, Juniper Networks, Inc.
Page 240: Health
When you enter this command, you are provided feedback on the status of your request. health (All) health (All) system> health -l a mm[1]: OK mm[2]: OK blade[1]: OK blade[2]: OK blade[3]: OK blade[4]: OK blade[5]: Minor blade[6]: OK power[1]: OK power[2]: OK Copyright © 2010, Juniper Networks, Inc.
Page 241 -T system:blade[5] blade[5]: Minor Engine) health (with Alerts) system> health -l a -f system: Major blade[5]: Minor 5V over voltage CPU1 temperature warning power[2]: Minor 5V over voltage switch[1]: Major temperature fault Copyright © 2010, Juniper Networks, Inc.
Page 242: History
0 dns 1 dns —on 2 dns 3 dns —i1 192.168.70.29 4 dns 5 dns —i1 192.168.70.29 —on 6 dns 7 history history (Reentering a system:mm[1]> !2 Command) Enabled -i1 192.168.70.29 -12 0.0.0.0 -i3 0.0.0.0 Copyright © 2010, Juniper Networks, Inc.
Page 243: Info
(Management Module) on page 221 info (Routing Engine) on page 221 Output Fields Table 26 on page 220 lists the output fields for the command. Output fields are listed info in the approximate order in which they appear. Copyright © 2010, Juniper Networks, Inc.
Page 244: Table 26: Info Output Fields
UUID: 597A 6B81 C99F 9DE7 A3D4 52F9 95D1 Manufacturer: ZX1234 Manufacturer ID: 20301 Product code: System Enclosure/CHAS-BP-JCS1200 S Serial number: 02 Part no.: 740-025747 Component serial no.: ZX0001 CLEI: Not Available AMM slots: 2 Blade slots: 12 I/O Module slots: 10 Copyright © 2010, Juniper Networks, Inc.
Page 245 08/27/2007 Rev: 1.04 Blade sys. mgmt. proc. Build ID: BCBT42B Rev: 1.11 Local Control KVM: Media Tray: SCOD: Unknown Power On Time: 5 days 20 hours 35 min 12 secs Number of Boots: 3 Copyright © 2010, Juniper Networks, Inc.
Page 246: List
(All) on page 222 Output Fields When you enter this command, you are provided feedback on the status of your request. list (All) list (All) system> list -l a mm[1] primary mm[2] standby power[1] power[2] power[3] power[4] Copyright © 2010, Juniper Networks, Inc.
Page 247 Chapter 16: Summary of JCS Management Module Monitoring Commands blower[1] blower[2] blower[3] blower[4] switch[1] switch[2] blade[1] bcgcpu1 cpu[1] blade[3] bcgcpu3 cpu[1] blade[4] bcgcpu4 cpu[1] blade[5] bcgcpu5 cpu[1] blade[6] bcgcpu6 cpu[1] mt[1] mt[2] mux[1] mux[2] Copyright © 2010, Juniper Networks, Inc.
Page 248: Power
When you enter this command, you are provided feedback on the status of your request. power (On) power (On) system> power –T system:switch[1] —on power (Cycle) system> power –T system:switch[1] —cycle power (State) system> power –T system:blade[3] —state Copyright © 2010, Juniper Networks, Inc.
Page 250: Read
Restart the MM for the new settings to take effect. When you enter this command, the amm.cfg file will be loaded from the TFTP server that corresponds with the IP address you entered. system> read -T mm[1] -config file -i 172.17.59.183 -l amm.cfg Copyright © 2010, Juniper Networks, Inc.
Page 251: Reset
List of Sample Output reset (Switch) on page 227 Output Fields When you enter this command, you are provided feedback on the status of your request. reset (Switch) reset (Switch) system> reset –T system:switch[2] Copyright © 2010, Juniper Networks, Inc.
Page 252: Shutdown
224 Documentation List of Sample Output shutdown on page 228 Output Fields When you enter this command, you are provided feedback on the status of your request. shutdown shutdown system> shutdown -f -T system:blade[6] Copyright © 2010, Juniper Networks, Inc.
Page 253: Temps
The amount the temperature must decrease below the Warning Hysteresis threshold before the warning is cleared. temps (Routing temps (Routing system> temps -T system:blade[3] Component Value Warning Reset Hysteresis Engine) Engine) CPU1 38.00 85.00 95.00 (7.00) CPU2 35.00 85.00 95.00 (7.00) Copyright © 2010, Juniper Networks, Inc.
Page 254 JUNOS 10.4 Protected System Domain Configuration Guide temps (JCS system> temps -T system:mm[2] Component Value Warning Reset Hysteresis Management Module) MM Ambient 43.00 60.00 55.00 (5.00) Copyright © 2010, Juniper Networks, Inc.
Page 255: Volts
The amount the voltage must decrease below the Warning threshold before the warning is cleared. volts (JCS volts (JCS system> volts -T system:mm[1] Management Module) Management Module) Source Value Warning Reset Hysteresis +4.84 (+4.50,+5.25) (+4.85,+5.15) (+0.35,+0.10) +3.3v +3.26 (+3.00,+3.47) (+3.20,+3.40) (+0.20,+0.07) Copyright © 2010, Juniper Networks, Inc.
Page 256 (Routing Engine) system> volts -T system:blade[5] Source Value Warning 1.8 V Sense +1.79 (+1.61,+1.97) 1.8VSB Sense +1.83 (+1.61,+1.97) 12V Sense +12.33 (+10.79,+13.21) 12VSB Sense +12.30 (+10.74,+13.19) 3.3V Sense +3.31 (+2.96,+3.62) 5V Sense +5.06 (+4.39,+5.48) Copyright © 2010, Juniper Networks, Inc.
Page 257: Write
Configuration settings were successfully saved to the chassis. When you enter this command, the configuration file will be named “amm.cfg” and saved on the TFTP server at 172.17.59.183. system> write -T mm[1] -config file -i 172.17.59.183 -l amm.cfg Copyright © 2010, Juniper Networks, Inc.
Page 261: Managing The Junos Os
In the following example, the RSD administrator logs in to the master Routing Engine on PSD1: {master} user@rsd> request routing-engine login psd 1 re0 €login: regress Password: --- JUNOS 9.1-20080321.0 built 2008-03-21 05:43:06 UTC % cli user@psd1> Related RSD Administration View on page 18 Documentation Copyright © 2010, Juniper Networks, Inc.
Page 262: Junos Os Verification Tasks
Modules (PEMs), and fans. Action Display hardware information using the command. show chassis hardware On the RSD The following example provides output from the command issued show chassis hardware from the RSD. user@rsd> show chassis hardware Copyright © 2010, Juniper Networks, Inc.
Page 263 710-010169 HS9939 FPC CPU-Enhanced PIC 0 REV 04 750-001894 HA9485 1x G/E, 1000 BASE-SX PIC 1 REV 08 750-001072 AB1688 1x G/E, 1000 BASE-SX PIC 2 REV 03 750-000603 AC2769 4x OC-3 SONET, SMIR Copyright © 2010, Juniper Networks, Inc.
Page 264 MMB 1 REV 01 710-005555 AZ2106 MMB-288mbit PPB 0 REV 02 710-003758 HC0895 PPB Type 2 PPB 1 REV 02 710-003758 HC0954 PPB Type 2 FPC 2 REV 04 710-013558 JP3361 E2-FPC Type 2 Copyright © 2010, Juniper Networks, Inc.
Page 265: Displaying Configured Psds
RSD Administration View on page 18 Documentation PSD Administration View on page 19 Displaying Configured PSDs Purpose The RSD administrator can use the command to view which PSDs are show chassis psd configured within the RSD. Copyright © 2010, Juniper Networks, Inc.
Page 266: Displaying Routing Engine Information
Backup Election priority Backup (default) Temperature 55 degrees C / 131 degrees F CPU temperature 63 degrees C / 145 degrees F DRAM 14336 MB Memory utilization 9 percent CPU utilization: User 0 percent Copyright © 2010, Juniper Networks, Inc.
Page 267 Start time 2008-03-12 23:39:21 PDT Uptime 10 hours, 50 minutes, 58 seconds Load averages: 1 minute 5 minute 15 minute 0.00 0.00 0.00 Related Configuring an RSD and Creating PSDs on page 84 Documentation Copyright © 2010, Juniper Networks, Inc.
Page 268: Displaying Ethernet Switch Statistics
Statistics for switch[1] port EXT6 connected to external management: TX Octets 642418689 TX Unicast Packets 6759043 TX Multicast Packets 19307 TX Broadcast Packets 4187 Tx Discards TX Errors RX Octets 4028111190 RX Unicast Packets 209472631 Copyright © 2010, Juniper Networks, Inc.
Page 269: Displaying Shared Interface Information
RX Discards 38969195 RX Errors 3081169 RX Unknown Protocol Link State Changes Related Connections Between JCS1200 and T Series Chassis on page 11 Documentation Displaying Shared Interface Information Purpose Display information about shared interfaces. Copyright © 2010, Juniper Networks, Inc.
Page 270 ANSI LMI settings: n391dte 6, n392dte 3, n393dte 4, t391dte 10 seconds LMI: Input: 0 (never), Output: 0 (never) DTE statistics: Enquiries sent Full enquiries sent Enquiry responses received Full enquiry responses received DCE statistics: Enquiries received Full enquiries received Copyright © 2010, Juniper Networks, Inc.
Page 271 Peer interface: ut-1/0/0.0 Tunnel token: Rx: 2.518, Tx: 1.518 Input packets : 9 Output packets: 10 Protocol inet, MTU: 4470 Addresses, Flags: Is-Preferred Is-Primary Destination: 16.16.0.0/30, Local: 16.16.0.1, Broadcast: 16.16.0.3 DLCI 16 Flags: Active Copyright © 2010, Juniper Networks, Inc.
Page 272 Last flapped : Never Input rate : 0 bps (0 pps) Output rate : 0 bps (0 pps) Active alarms : None Active defects : None Logical interface ge-0/3/0.0 (Index 72) (SNMP ifIndex 1220) Copyright © 2010, Juniper Networks, Inc.
Page 273: Displaying Inter-Psd Forwarding Information
Logical interface xt-5/0/0.1 (Index 71) (SNMP ifIndex 645) Flags: Point-To-Point SNMP-Traps 0x4000 DLCI 1 Encapsulation: FR-NLPID Input packets : 0 Output packets: 7841 Protocol inet, MTU: Unlimited Addresses, Flags: Is-Preferred Is-Primary Destination: 10.0.0.2, Local: 10.0.0.1 Copyright © 2010, Juniper Networks, Inc.
Page 277: Troubleshooting
To manually load the Junos OS on a specific Routing Engine in the JCS chassis: Obtain the Junos OS package from the Juniper Networks support Web site and transfer the software onto a USB device. For more information, contact your Juniper Networks support representative.
Page 278: Restarting A Routing Engine On The Jcs1200 Platform
Junos OS CLI to restart the Routing Engine. For example: jcs-control user@host> restart chassis-control gracefully From the JCS management module, you can use the command in the JCS reset management module CLI to restart the Routing Engine. For example: system> reset -T blade[1] Copyright © 2010, Juniper Networks, Inc.
Page 279: Glossary
Physical Interface Card. A network interface-specific card that can be installed on an FPC in the router. Protected System One or more Flexible PIC Concentrators (FPCs) on a Juniper Networks router matched with a Domain (PSD) Routing Engine (or redundant pair) on the JCS1200 platform to form a secure, virtual hardware router.
Page 280 JUNOS 10.4 Protected System Domain Configuration Guide Root System Domain A pair of redundant Routing Engines on a Juniper Networks router connected to the switch (RSD) fabric on the Juniper Control System (JCS) platform. The configuration on the Routing Engines on a single Juniper Networks router provides the RSD identification and the configuration of up to eight Protected System Domains (PSDs).
Page 283: Index
JCS management module....40 description statement............115 usage guidelines............84 CIP port (Connector Interface Panel).......11 displaylog command............212 class of service See CoS usage guidelines..........46, 203 clear command...............58 DLCI....................95 usage guidelines............40 Copyright © 2010, Juniper Networks, Inc.
Page 284 (uplink tunnel) RSD................95 shared interfaces fuelg command..............214 PSD................99 usage guidelines............203 interfaces statement (XFP) fxp0 interface, configuring..........88, 90 shared interfaces fxp1 interface, configuring...........88, 90 RSD................95 internal LAN connections............12 generating host key for SSH..........46 JCS administration view............17 Copyright © 2010, Juniper Networks, Inc.
Page 285 JCS management module, configuring....42 hardware components..........21 JCS switch module, configuring........47 managing................199 software components..........23 Juniper Networks JCS1200 Control System See operator security role.............42 JCS1200 Junos OS copying to the Routing Engine on JCS peer-interface statement........98, 99, 117 chassis................71 peer-psd statement...............117...
Page 286 SNMP monitored alerts, configuring.......45 operational mode command options....238 SNMP trap alert recipients system information, displaying........19 configuring on JCS switch module....44, 47 RSD administration view............18 SNMP traps configuring on JCS management module....43 configuring on JCS switch module......47 Copyright © 2010, Juniper Networks, Inc.
Page 287 Routing Engine.........253 unit statement shared interfaces PSD................98 RSD................96 user accounts, configuring..........42 users command...............78 JCS management module.........46 usage guidelines.............42 virtual LAN identifier See VLAN ID vital product data, displaying .........200 VLAN ID..................95 Copyright © 2010, Juniper Networks, Inc.
Page 290 JUNOS 10.4 Protected System Domain Configuration Guide show chassis routing-engine command.....242 show interfaces (SONET/SDH)........245 shutdown command............228 snmp command..............74 sshcfg command.............46, 76 system-domains statement..........120 temps command............206, 229 users command...............78 volts command.............207, 231 write command..............233 Copyright © 2010, Juniper Networks, Inc.

This manual is also suitable for:

Junos os 10.4

Juniper JUNOS OS 10.4 - PROTECTED SYSTEM DOMAIN Configuration Manual

Chapter 1 JCS1200 Chassis and T Series Routers as a Single Platform

Chapter 2 JCS1200 and T Series Platform Software Views

Chapter 3 JCS1200 Platform Components

Chapter 4 Before You Begin

Chapter 5 Configuration Roadmap

Chapter 6 Configuring Basic System Parameters

Chapter 7 Configuring the Routing Engines on the JCS1200 Platform

Chapter 8 Summary of JCS Management Module Configuration Commands

Chapter 9 Configuring an RSD and Creating Psds

Chapter 10 Configuring Basic System Properties on a New PSD

Chapter 11 Configuring Shared Interfaces

Chapter 12 Configuring Inter-PSD Forwarding

Chapter 13 Summary of Junos Configuration Statements

Chapter 14 Configuration Examples

Chapter 15 Managing the JCS1200 Platform

Chapter 16 Summary of JCS Management Module Monitoring Commands

Chapter 17 Managing the Junos os

Appendix A Troubleshooting

Quick Links

Related Manuals for Juniper JUNOS OS 10.4 - PROTECTED SYSTEM DOMAIN

Summary of Contents for Juniper JUNOS OS 10.4 - PROTECTED SYSTEM DOMAIN