Juniper路由器设计的核心,路由器上把控制层面和转发层面分开。
1.路由引擎routing engine:
juniper路由系统的核心,智能化操作、软件的升级,维护。 监控和配置路由器也通过接入路由引擎完成。
例如:接入路由器时,输入用户名密码,认证完之后进行的config操作,telnet/ping/traceroute等排错
尽管对路由器的控制动作发生在路由引擎上,但在逻辑上这个行为是基于junos软件对我们呈现的。
路由引擎主导所有的路由协议和路由表的选择,构建关于去往目的地址{zj0}路径的主路由表,
接着路由引擎放置这些{zj0}路径到forwarding table里,并且产生一份拷贝给包转发引擎packet forwarding engine
包转发引擎packet forwarding engine上的转发表真实的来转发我们用户的数据
1.1物理构成:
相比junos软件,juniper路由器的硬件部分是很常见的,路由引擎inte由l的pci主板构成
Routing Engine 2
2代引擎:M5 ,M10, M20, M40, M40e, M160;包括333MHZ的处理器,和768M的RAM,80M的内部flash卡,6.4G 的传统的硬盘驱动器,除了M40使用LS120disk作为外部文件存储,
其他路由都用可移动的pcmia flash卡
Routing Engine 3
3代引擎:t320,t640,{zx1}的junos版本也可以让它在诸多m路由器中使用;包括600MHZ处理器,2G RAM ,128M FLASH,30G硬盘,pcmia flash卡做外部存储。
RAM:路由表 转发表 链路状态数据库
flash:junos软件、配置文件
hard drive:junos软件备份 log文件 用户文件
Junos软件对这些硬件的支持使用统一的版本号,不存在特制的版本
2.包转发引擎 packet forwarding engine
最值得一提的是ASIC application specific integrated circuits 特殊用途的电路
包转发引擎最重要的部分是physical interface card物理接口卡,flexible pic concentrator灵活的物理接口卡集中器,swithcing control board交换控制板
这三者里都包含了juniper设计ibm生产的ASIC芯片
swicthing control board
包含powerpc cpu 64M RAM用于电路板自身的操作,不参与包转发。添加的8M或16M同步静态内存SSRAM用来存储转发表,控板上的internet线程ASIC用来达成转发表盒路由查询,控板上还有一个ASIc用于包转发的记忆存储管理
flexible pic concentrator
FPC通过包转发引擎来连接交换控制板和路由接口
通过ASIC来处理数据包进入和输出路由接口
PIC
连接在FPC上 ,每个pic都有一个特殊的ASIC
3. 路由引擎软件架构
junos软件基于FREEBSD, kernel是junos软件的关键
包括RPD DCD MGD chassisd pfed
软件里有,jkernel\jbase\jroute\jpfe\jdocs\jcrypto\jbundle 包括了基本的操作,路由、文档等内容
> help topic ospf area-backbone 使用help topic 命令可以从junos里得到关于概念理解上的帮助
Configuring the Backbone Area
You must create a backbone area if your network consists of multiple
areas. An ABR must have at least one interface in the backbone area, or it
must have a virtual link to a router in the backbone area. The backbone
comprises all area border routers and all routers that are not included in
any other area. You configure all these routers by including the following
area statement:
(ospf | ospf3) {
area 0.0.0.0;
}
For a list of hierarchy levels at which you can configure this statement,
see the statement summary section for this statement.
> help reference ospf authentication 使用help refernce命令可以得到具体的命令配置
authentication
Syntax
authentication {
md5 key-id {
key [ key-values ];
}
simple-password key-id;
}
Hierarchy Level
[edit logical-routers logical-router-name protocols ospf area area-id
interface interface-name],
[edit logical-routers logical-router-name protocols ospf area area-id
virtual-link],
[edit logical-routers logical-router-name routing-instances
routing-instance-name
protocols ospf area area-id interface interface-name],
[edit logical-routers logical-router-name routing-instances
routing-instance-name
protocols ospf area area-id virtual-link],
[edit protocols ospf area area-id interface interface-name],
[edit protocols ospf area area-id virtual-link],
[edit routing-instances routing-instance-name protocols ospf area
area-id interface
interface-name],
[edit routing-instances routing-instance-name protocols ospf area
area-id virtual-link]
Release Information
Statement introduced before JUNOS Release 7.4.
Description
Configure an authentication key (password). Neighboring routers use the
password to verify the authenticity of packets sent from this interface.
All routers that are connected to the same IP subnet must use the same
authentication scheme and password.
Options
The statements are explained separately.
Usage Guidelines
See "Configuring Authentication for OSPFv2".
Required Privilege Level
routing--To view this statement in the configuration.
routing-control--To add this statement to the configuration.
authentication-type
> file list 可以查看当前位置下的文件,也可以加上具体文件位置例如/var/home等
/var/home/huxiaoming/:
.ssh/
> file list /dev 硬件也是以文件的形式可显示的
> file list /packages 查看加载的内容
/packages:
check.jpfe*
cleanup-pkgs@ -> /packages/mnt/jbase/sbin/cleanup-pkgs
jbase@ -> jbase-8.5R1.14
jbase-8.5R1.14
jbase-8.5R1.14.md5
jbase-8.5R1.14.sha1
jbase.symlinks
jcrypto@ -> jcrypto-8.5R1.14
jcrypto-8.5R1.14
jcrypto-8.5R1.14.md5
jcrypto-8.5R1.14.sha1
jcrypto.symlinks
jdocs@ -> jdocs-8.5R1.14
jdocs-8.5R1.14
jdocs-8.5R1.14.md5
jdocs-8.5R1.14.sha1
jdocs.symlinks
jkernel@ -> jkernel-8.5R1.14
jkernel-8.5R1.14
jkernel-8.5R1.14.md5
jkernel-8.5R1.14.sha1
jkernel.symlinks
jpfe@ -> jpfe-M40-8.5R1.14
jpfe-M40-8.5R1.14
jpfe-M40-8.5R1.14.md5
jpfe-M40-8.5R1.14.sha1
jpfe-common@ -> jpfe-common-8.5R1.14
jpfe-common-8.5R1.14
jpfe-common-8.5R1.14.md5
jpfe-common-8.5R1.14.sha1
jpfe-common.symlinks
jpfe.symlinks
jroute@ -> jroute-8.5R1.14
jroute-8.5R1.14
jroute-8.5R1.14.md5
jroute-8.5R1.14.sha1
jroute.symlinks
jweb@ -> jweb-8.5R1.14
jweb-8.5R1.14
jweb-8.5R1.14.md5
jweb-8.5R1.14.sha1
jweb.symlinks
mnt/
mount.jcrypto@ -> mount.jcrypto-8.5R1.14
mount.jcrypto-8.5R1.14*
mount.jdocs@ -> mount.jdocs-8.5R1.14
mount.jdocs-8.5R1.14*
mount.jkernel@ -> mount.jkernel-8.5R1.14
mount.jkernel-8.5R1.14*
mount.jpfe@ -> mount.jpfe-M40-8.5R1.14
mount.jpfe-M40-8.5R1.14*
mount.jpfe-common@ -> mount.jpfe-common-8.5R1.14
mount.jpfe-common-8.5R1.14*
mount.jroute@ -> mount.jroute-8.5R1.14
mount.jroute-8.5R1.14*
mount.jweb@ -> mount.jweb-8.5R1.14
mount.jweb-8.5R1.14*
umount.jcrypto@ -> umount.jcrypto-8.5R1.14
umount.jcrypto-8.5R1.14*
umount.jdocs@ -> umount.jdocs-8.5R1.14
umount.jdocs-8.5R1.14*
umount.jkernel@ -> umount.jkernel-8.5R1.14
umount.jkernel-8.5R1.14*
umount.jpfe@ -> umount.jpfe-M40-8.5R1.14
umount.jpfe-M40-8.5R1.14*
umount.jpfe-common@ -> umount.jpfe-common-8.5R1.14
umount.jpfe-common-8.5R1.14*
umount.jroute@ -> umount.jroute-8.5R1.14
umount.jroute-8.5R1.14*
umount.jweb@ -> umount.jweb-8.5R1.14
umount.jweb-8.5R1.14*
> file list /cf/packages 在SRX上也可以使用这样的命令来查看
/cf/packages:
junos@ -> junos-10.0R1.8-domestic
junos-10.0R1.8-domestic
junos-10.0R1.8-domestic.certs
junos-10.0R1.8-domestic.sha1
junos-10.0R1.8-domestic.sig
mnt/
4.junos启动过程
