any questions?. interfaces physical –the actual media connections –fixed, transient, etc logical...
TRANSCRIPT
Any Questions?
Interfaces
• Physical– The actual media connections– Fixed, transient, etc
• Logical– Additional settings associated to the physical
ports
Pg 30
Interfaces
• JUNIPER and interfaces– Types– Naming– Properties
• How to configure– T1– Ethernet– Serial– Others
Pg 30
Interfaces
• Interface Types– Permanent
• Cannot be removed• Fixed, physical and built in logical interfaces
– Transient• Can be modified
Pg 30
Permanent Interfaces
• Always present– Management– Software pseudo-interface (tunnels)– Fixed port LAN/WAN
Pg 30
M/T series Permanent Interfaces
• Fxp0 interface– Out of Ban management Ethernet– Connected to Routing Engine (control Plane)– Non-Transit
• Traffic cannot enter here and go out LAN/WAN• Beware of routing to fxp0
• Fxp1– Internal interface between Routing Engine
(RE) and Packet Forwarding Engine (PFE)• Not configured, but helpful for troubleshooting
Pg 31
Permanent Psuedointerfaces• Not physical, used by router logic• lo0
– This is a loopback interface that ties to the router itself and not to any one physical interface. This is often assigned an address to provide a stable address for management traffic and routing protocols, which allows your router to adapt to network and physical interface failures. Also, when configured with firewall filters, this interface serves to protect the RE from attacks destined to the router.
• sp – This service interface is used when configuring features such as
Network Address Translation (NAT), IPSec, and stateful firewalls.• pd
– This Physical Interface Module (PIM) de-encapsulation interface allows a multicast rendezvous point (RP) to process PIM register messages.
Pg 31
Permanent Psuedointerfaces• pe
– This PIM encapsulation interface is used in multicast to create a unicast PIM register message to send to the RP.
• ip – This is an IP-over-IP encapsulation interface to create IP-in-IP
tunnels.• dsc
– This is a discard interface, which can be used to silently discard packets. This is often used to create a choke point for denial of service (DoS) attacks.
• tap – This is a virtual Ethernet interface historically used for monitoring
on FreeBSD systems. This interface could be used to monitor discarded packets on a router but is no longer officially supported.
Pg 31
Transient Interfaces• Interfaces that can be moved, removed or
replaced– Ports on M series routers, Phyical Interface Cards
(PICs), J-Series Phyiscal Interface Modules (PIMs)• Fast Ethernet• T1• ATM• SONET• Service based from PIC
– Tunnels– Multilink– etc
Pg 32
Any Questions?
Interface Naming• Naming is standardized• Interface type and three numbers
• MM-F/P/T, where:– MM = media type– F = chassis slot number– P = PIC slot number– T = port number
• For example – Fe-0/2/1
Pg 32
Media Type• ae
– Aggregated Ethernet, a logical linkage of multiple Ethernet interfaces defined in the IEEE 802.3ad standard.
• at – ATM, which sends fixed 53-byte cells over the transport media. This
interface could also be used for ATM over digital subscriber line (DSL) connections.
• br – Physical Integrated Services Digital Network (ISDN) interface.
• e1 – Standard digital communication standard over copper at a rate of 2.048
Mbps, used mostly in Europe.• e3
– Standard digital communication standard over copper at a rate of 34.368 Mbps, used mostly in Europe.
• t1 – Basic physical layer standard used by the digital signal level 1 at a rate
of 1.544 Mbps, used extensively in North America.Pg 32
Media Type• t3
– Basic physical layer standard used by the digital signal level 3 at a rate of 44.736 Mbps, used extensively in North America.
• fe – 100 Mbps standard initially created by Xerox in the 1970s for connecting
multiple computers together; referred to as a LAN today.• ge
– Higher-speed Ethernet standard at 1 Gbps or 10 Gbps.• se
– Interface used for serial communications (one bit at a time). Serial interfaces include standards such as EIA 530, V.35, and X.21.
• ct1 – T1 interface that is channelized by splitting the interface into 24 DSO
channels.
Pg 33
Slot Number
• MM-F/P/T, where:– Chassis Slot Number F
• Flexible PIC concentrator slot on M/T– Can be horizontal or vertical– Vertical count left to right– Horizontal count top to bottom
Pg 33
Slot Number
• Chassis Slot Number F– PIM Slot on J series
• Fixed port are slot 0• PIM slots are 1-6 from top to bottom and left to
right
Pg 33
PIC Slot
• MM-F/P/T, where: P PIC Slot number
• M-Series– 4 PICs can fit a single FPC slot
• Verticals are top to bottom• Horizontal varies
• J-Series– No PIC slot numbers– Set to 0
Pg 34
Port Number
• MM-F/P/T, where: T is port number
• Actual physical port on the PIC– Numbering varies-horizontal or vertical
Pg 36
Horizontal Vertical
Port Number
• MM-F/P/T, where: T is port number
• J Series is easier– Always left to right
Pg 36
Interface Examples
• MM-F/P/T, where:
• se-1/0/0– Serial interface in FPC slot 1, PIC slot 0, and
port 0
• fe-0/2/1– Fast Ethernet interface in FPC slot 0, PIC slot
2, and port 2
• t1-1/0/1– T1 interface in FPC slot 1, PIC slot 0, and port
Pg 38
Any Questions?
Logical Unit and Channel Number
• Logical Unit– Subdividing the physical interface into logical
units• Subinterface OR channel
– Designated by a .• Number is arbitrary
– Fe-0/0/0.0» Logical unit 0
– E3-1/0/2.12» Logical unit 12
Pg 38
Logical Unit and Channel Number
• Channel Number– For specifying specific channels– Noted by a colon :– T1 for example
• Ct-1/1/2:14– Channel 14 on a channelized T1
Pg 38
Interface Properties
• Physical Prosperities– Tied to entire physical port
• Logical Properties– Only for channel or unit number
Pg 38
Physical Properties• Clocking
– This aligns the bits as they are transmitted out of the interface. The clocking can be learned either from an external source or from the router itself.
• Encapsulation– This is the Layer 2 encapsulation that is going to be used on the interface.
Examples include Frame Relay, Point-to-Point Protocol (PPP), and Cisco High-Level Data Link Control (HDLC).
• MTU– This is the maximum transmission unit, which is the maximum size of the frame
transmitted from the interface.• Keepalives
– These are mechanisms used to verify the operation of the interface. Most encapsulations have keepalives enabled by default, but you can disable them to aid in troubleshooting.
• Layer 1/2 options– These are various bit and byte settings for the interface media. For a T1
interface, this includes byte encodings, framing, frame check sequences (FCSs), and line buildouts. In comparison, a Fast Ethernet interface might have options such as flow control, loopbacks, and source address filters.
Pg 39
Physical Properties
• Physical Properties should be configured before logical identifiers
se-0/0/2 {
no-keepalives;
encapsulation cisco-hdlc;
serial-options {
clocking-mode internal;
}
unit 0;
}
Pg 39
Logical Properties
• All router interfaces that will send and receive transit traffic require a logical unit
• Logical units create sub interfaces– For Exampl-VLANs for ethernet
• All Logical properties must be configured on a logical unit number– Different from Cisco
Pg 39
Common Logical Properties• Protocol family
– Indicates which Layer 3 protocols can be sent and received on the interface. The router can have one protocol family per logical unit or multiple families per logical unit configured. The most common family configured is family inet, which enables the sending and receiving of all packets in the Transmission Control Protocol/Internet Protocol (TCP/IP) suite (e.g., TCP, User Datagram Protocol [UDP], Internet Control Message Protocol [ICMP], and IP). Other common families are inet6 (IPv6), Multiprotocol Label Switching (MPLS), and ISO (ISIS packets).
• Protocol address– The Layer 3 family address, such as a family inet IP address.
• Virtual circuit address– Circuit identifier used when dividing the physical interface into
multiple logical interfaces. These could be the VLAN ID, Frame Relay data-link connection identifiers (DLCIs), or ATM virtual path/Virtual Channel Identifier (VP/VCIs).
Pg 40
Common Logical Properties
• Logical Unit number can be anything from 0-16, 385
• Best practice is to use a logical number that matches circuit information– Match vlan number– Match dlci
• However, for point to point circuit or non-VLAN ethernet, use logical number 0
Pg 40
Common Logical Properties
• Examplet1-0/0/2 {
unit 0 {
family inet {
address 66. 32. 3. 2/30;
}
}
• How would we create this config in the CLI???
Pg 40
Any Questions?
Interface Config Examples
• Basic Examples– FYI-References to Porter should be to ALE
• Lager to Ale configroot@Lager> show interfaces terse fe-2/0/1
Interface Admin Link Proto Local Remote
fe-2/0/1 up up
[ edit]
root@Lager# edit interfaces fe-2/0/1
[ edit interfaces fe-2/0/1]
root@Lager# set unit 0 family inet address 10. 10. 20. 122/24
Pg 40
Interface Config Examples• CLI-show the details
[ edit interfaces fe-2/0/1]root@Lager# showunit 0 { family inet { address 10. 10. 20. 122/24; }}
• Commit changes[ edit interfaces fe-2/0/1]root@Lager# commit and-quitcommit completeExiting configuration mode
Pg 42
Interface Config Examples• See changes
root@Lager> show interfaces terse fe-2/0/1Interface Admin Link Proto Local Remotefe-2/0/1 up upfe-2/0/1. 0 up up inet 10. 10. 20. 122/24
• Test Connectivityroot@Lager> ping 10. 10. 20. 121PING 10. 10. 20. 121 (10. 10. 20. 121) : 56 data bytes64 bytes from 10. 10. 20. 121: icmp_seq=0 ttl=64 time=7. 758 ms64 bytes from 10. 10. 20. 121: icmp_seq=1 ttl=64 time=10. 394 ms^C
Pg 42
Any Questions?
Interface Config Examples• See changes
root@Lager> show interfaces terse fe-2/0/1Interface Admin Link Proto Local Remotefe-2/0/1 up upfe-2/0/1. 0 up up inet 10. 10. 20. 122/24
• Test Connectivityroot@Lager> ping 10. 10. 20. 121PING 10. 10. 20. 121 (10. 10. 20. 121) : 56 data bytes64 bytes from 10. 10. 20. 121: icmp_seq=0 ttl=64 time=7. 758 ms64 bytes from 10. 10. 20. 121: icmp_seq=1 ttl=64 time=10. 394 ms^C
Pg 42
Fast Ethernet with VLAN
• VLAN between Lager and ALE– Enable vlan on lager
• Interface property
root@Lager> configure
[ edit]
root@Lager# edit interfaces fe-2/0/1
[ edit interfaces fe-2/0/1]
root@Lager# set vlan-tagging
[ edit interfaces fe-2/0/1]
root@Lager# set unit 0 vlan-id 100
Pg 43
Fast Ethernet with VLAN[ edit interfaces fe-2/0/1]root@Lager# showvlan-tagging;unit 0 { vlan-id 100; family inet { address 10. 10. 20. 122/24; }}
Pg 43
Fast Ethernet with VLAN• Best practice is to have the logical unit match the vlan• Change the vlan to 100
– Rename command
[ edit interfaces fe-2/0/1]root@Lager# rename unit 0 to unit 100
[ edit interfaces fe-2/0/1]root@Lager# showvlan-tagging;unit 100 { vlan-id 100; family inet { address 10. 10. 20. 122/24; }}
Pg 43
T1 with Cisco HDLC
• Cisco default is HDLC– Cisco added a proprietary field
t1-0/0/2 {
encapsulation cisco-hdlc;
unit 0 {
family inet {
address 10. 200. 8. 9/30;
}
}
}
Pg 43
Serial Interface with PPP
• V.35 is common in US
• DTE or DCE connections
• DCE provides the clocking– Usually a CSU/DSU
• With Lab setups, routers are often configured “back-to-back”– With a special crossover cable
• One side must provide the clocking
Pg 44
Serial Interface with PPProot@ale# run show interfaces se-1/0/0 extensive | find "serial media" Serial media information: Line protocol: v. 35 Resync history: Sync loss count: 0 Data signal: Rx Clock: OKControl signals: Local mode: DCE To DTE: CTS: up, DCD: up, DSR: up From DTE: DTR: up, RTS: up DCE loopback override: Off Clocking mode: internal Clock rate: 8. 0 MHz Loopback: none Tx clock: non-invert Line encoding: nrz
Pg 44
Serial Interface with PPP[ edit interfaces]root@ale# show se-1/0/0serial-options { clocking-mode internal;}unit 0 { family inet { address 172. 16. 1. 1/30; }}
Pg 44
Serial Interface with PPP[ edit interfaces se-1/0/1]root@Bock#run show interfaces se-1/0/1 extensive | find "serial media" Serial media information: Line protocol: v. 35 Resync history: Sync loss count: 0 Data signal: Rx Clock: OK Control signals: Local mode: DTE To DCE: DTR: up, RTS: up From DCE: CTS: up, DCD: up, DSR: up Clocking mode: loop-timed Clock rate: 8. 0 MHz Loopback: none Tx clock: non-invert Line encoding: nrz
Pg 44
Serial Interface with Frame Relayse-1/0/0 { encapsulation frame-relay; unit 645 { description "to R3"; dlci 645; family inet { address 172. 17. 24. 130/30; } }}
Pg 47
Interface Troubleshooting
• Common Configuration issues– IP address configs
• Router Logical Units allow multiple IP addresses– Must be careful when you make changes– Issuing a second command creates a second
address• Delete first Address
– Or rename details on original settingsPg 59
Interface Troubleshooting• Original Settings
[ edit interfaces fe-2/0/1]root@Lager# showvlan-tagging;unit 100 { vlan-id 100; family inet { address 10. 10. 20. 122/24; }}
• If we need it to be /27[ edit interfaces fe-2/0/1]root@Lager# set unit 100 family inet address 10. 10. 20. 122/27
Pg 59
Interface Troubleshooting
• Check details[ edit interfaces fe-2/0/1]root@Lager# showvlan-tagging;unit 100 { vlan-id 100; family inet { address 10. 10. 20. 122/24; address 10. 10. 20. 122/27; }}
Pg 59
Interface Troubleshooting
• Must remove the wrong address information
• Delete command[ edit interfaces fe-2/0/1]
root@Lager# delete unit 100 family inet address 10. 10. 20. 122/24
Pg 59
Interface Troubleshooting
• Or, instead of adding and deleting[ edit interfaces fe-2/0/1]
root@Lager# set unit 100 family inet address 10. 10. 20. 122/27
root@Lager# delete unit 100 family inet address 10. 10. 20. 122/24
• Renameroot@Lager# rename address 10. 10. 20. 122/24 to address 10. 10. 20. 122/27
Pg 59
Primary and Preferred addressing
• Juniper interfaces can have multiple addresses on a single logical unit
• Router needs to know how to choose the source IP for traffic– Each logical unit can only have one primary IP
address but multiple preferred addresses
• If only one address, it is primary and preferred
Pg 60
Primary and Preferred addressing
Pg 60
Encapsulation Mismatch
• Both sides of a connection need the same layer encpsulation
• Point to Point Connections
• Frame Relay
• Ethernet– Watch out for one side with VLAN tagging and
the other without– Must check the details of traffic
Pg 61
Encapsulation Mismatch
• Monitor traffic– Allows you to watch the packets/frames– See the type of the frames being sent
• If you monitor on both sides, you will see the difference
Pg 61
MTU and fragmentation
• Certain applications will send larger frames
• Interfaces have a limit to the size of the frame/packet they will send– Maximum Transmission Unit (MTU)
• You can find the MTU by using a ping with the size command and do not fragment– This will warn you if the packet needed to be
fragmented.Pg 64
Looped interfaces
• You can set looping in two directions– Loopback local
• Point back towards you
– Loopback remote• Loops toward the network
Pg 66