Home

Wiley JUNOS OS For Dummies, 2nd Edition

1. monitors and manages everything The many processes to control the network delivery of packets fill the industry with all those three and four letter acronyms that you ve somehow managed to file into your memory Service functions The service needs of users grow with new applications triggering new requirements for quality security addressing and content delivery among others Applying the specialized processing is the role of the services plane For example as the packets flow through each device the devices must typi cally apply a range of filters policies and services for protecting the network and its clients and applications and assigning priorities for the use of its resources Visualize watching a YouTube video Now visualize all your users watching the video all at the same time because some clown in your office passed along an e mail with the link to everyone And now think about all the traffic hitting your network all at once just as your president is on a critical call with your biggest customer Oofta Chapter 1 Junos Is Everywhere You Need to Be This is just one example of where you may want to define a few of those extra rules that your network can follow in making its packet deliveries We pro vide Chapter 15 to help you set up class of service in your devices Forwarding functions Along with assembling the intelligence to properly deliver the traffic from one place to another and applying services t
2. the same way on the different platforms whether they are routers switches or security devices One oper ating system therefore saves you time potentially lots of it in everything from training to setup to ongoing operations Also if you plan changes in the network one operating system can save you time there too With far less variation to evaluate test and deploy it s less effort for feature roll out soft ware upgrades and other network modifications 2 Part I Discovering Junos OS Taking a Peek Inside the Junos OS PCS Figure 1 1 Architecture of the Junos OS How engineers design a network operating system impacts the reliability security scalability and performance of not just the devices but also the overall network particularly in large scale systems The operating system must handle the many different processes essential to running today s global networks while also assuring fair sharing of resources so that no process or service can starve out others World class architecture The architecture of the Junos operating system cleanly divides the functions of control services and forwarding into different planes The control and ser vices planes include many different processes that run in different modules of the operating system The explicit division of responsibility allows the soft ware to run on different engines of processing memory and other resources This division of labor is what enables Jun
3. to automate network operations and increase operator efficiency The software includes a scalable runtime environment with multitenant hot pluggable network application support a network application development framework and a Web 2 0 user interface Junos Space provides a development environment for fast development of network aware applications The application development framework includes a common infrastructure a software development kit SDK with prebuilt core services and widgets to allow easy user interface prototyping and standards based APIs for third party application integration Using the Junos Space SDK developers have the option of creating different classes of applications These include mashups customized business process work flows and native applications Junos Pulse Junos Pulse is an integrated multi service network client to secure and con trol application delivery on mobile and personal computing devices The client is both identity and location aware enabling seamless migration from one access method to another so that users effortlessly yet securely retain access to their applications regardless of their location Users can download the Junos Pulse client free of charge from most mobile application stores In this way the solution can support not only devices 17 8 Part l Discovering Junos OS managed by the network provider but also those managed by the user Once installed the client pro
4. Chapter 1 Junos Is Everywhere You Need to Be In This Chapter Understanding the functions of a network operating system Discovering how Junos OS is different Looking beyond the operating system to the Junos Platform J Junos operating system Junos OS is the software that runs network ing and security devices from Juniper Networks Administrators use Junos OS to set up devices and connect them together in a network and dictate how the devices move service and secure traffic across the network They also use it to monitor and when necessary restore the network Note In this book we use both Junos OS and Junos as one and the same This chapter introduces Junos OS by describing the functions of a network operating system and then discussing how they work in Junos The chapter also explores key differences in how Juniper develops Junos software versus how other vendors create their network operating systems and introduces additional components of the Junos portfolio Functions of a Network OS Networks consist of specialized devices that pass along traffic from one to another Each device must know what to do with each arriving bundle of traf fic or packet so that the packet can continue its journey to its destination The devices perform three primary functions to process each packet Y Controls where the device sends the packets 1 Applies services such as prioritization or security 1 Forwards the packet to the next co
5. New features Ask what steps do develop ment engineers follow when adding new features How do they support changes and fixes to the features in different software versions or release trains You also want to know how they decide which features to add to which version Fixes Ask about the steps for adding fixes to the code What procedures ensure that a new fix is a part of all releases includ ing those in the future In what types of releases are fixes available and how often Testing Find out how the vendor tests newly developed features and fixes What guidelines determine when a release is ready for customers How thoroughly is each type of release tested before being released to customers Ask whether a new release can affect previously working features and find out whether the vendor s testing includes use cases to assess how features interact Ask how the vendor per forms performance and scalability testing When it s time to upgrade you simply choose a higher release number and not only do you get all the newly developed features you also keep all the important features you ve already been using in your network Also you re not running a specialized version of software that may be prone to issues you re running software used by Juniper customers everywhere Find out more about Junos release versions and upgrades in Chapter 3 Beyond the OS Since we wrote the first edition of this book Juniper has e
6. h In particular separation lets the PFE and services throughput follow in lock step with the increasing speeds of the custom Application Specific Integrated Circuits ASICs on which the PFE and services run in the largest platforms Separating the engines also reduces interdependencies between them Not only does this separation help preserve the operation of each when another is experiencing problems it also gives the Juniper engineers more ways to provide system redundancy and failover For example you find dual REs in some platforms whereas the EX Series Ethernet Switches offer a capability called Virtual Chassis to provide redundancy among other benefits See Chapter 11 for the details of this switching feature Plain smart The planes of Junos OS Each of the planes of Junos OS provides a critical set of functionality in the operation of the network It s all under control All the functions of the control plane run on the Routing Engine whether you have a router switch or security platform running Junos Figure 1 1 shown earlier in this chapter shows the high level design of the control plane a set of modules with clean interfaces between them and an underlying kernel that controls the modules and manages all the needed communication back and forth among all the components The kernel also handles the RE com munications with the Packet Forwarding Engine and the services Each of the different modules provides a diffe
7. he network operating system and its hardware must actually deliver packets to the correct destination using this intelligence Moving packets through a networking device is the function of the network operating system s forwarding plane also sometimes known as the data plane Packet forwarding takes care of the handling required to move each packet quickly from its inbound device interface to the proper outbound interface s For large networking devices that carry terabits of traffic this handling must occur at an ultra iiber fast rate to maintain the high packet throughput of the machines Taking Advantage of One Network OS Network operating systems have a lot do and can have a big impact on the performance ease of operations reliability and security of your network Junos OS is different in that it s one operating system But why does having one operating system matter One operating system means the Juniper engineers build upon the same set of code and then share this code as appropriate across all the platforms running Junos For example enterprise platforms use the same hardened implementation of the routing protocol Open Shortest Path First OSPF that has been running in large service provider networks for many years It s not a different code set but the same one To set up OSPF see Chapter 10 So if your responsibilities include administrating the network you find that many features are configured and managed in
8. ility with the high performance that you expect For example among the integrations to Junos OS are the security services derived from Juniper s ScreenOS operating system You can find out more about some of these fea tures in Chapter 12 Developing Junos OS Ey Figure 1 2 Junos release path Software development probably isn t a topic that you expected to find in a networking book After all you don t need to build the Junos operating system Juniper s engineers do that for you However we include a little about this topic because we think it s important The disciplined development process is an essential reason why Junos OS is different Unlike most other vendors Juniper develops new versions of the operating system along a common release path as shown in Figure 1 2 Part I Discovering Junos OS Asking the right questions Consider reviewing the software development processes of vendors as a part of your evalu ation of new network and security equipment because it can save you time and money down the road Here are some questions that you can ask vendors about their software development processes Software versions Find out how many different software versions exist for the products you are buying and ask why the different versions exist Know the differ ences between versions and when to use one version versus another Also ask about the support and end of life policies for each version
9. nnecting device 10 Part I Discovering Junos OS These actions are the primary functions of the network operating system that runs on the device In simplest terms the control plane of the network operat ing system is the brain of the device with the forwarding plane providing the brawn to quickly move packets through the system Depending on the type of packet the services plane may also provide packet services such as address translation prioritization and security Control functions This essential map for connectivity security and other orchestrating pro cesses is the function of the network operating system s control plane The processes and information of the control plane must provide answers to two essential questions 1 How does the network direct the delivery of packets from one place to another In other words what are the routes or paths to establish how do they change and how does each device know which route to use for each packet 1 What does the network do with each of the packets along its journey In other words what are the handling rules or policies along with the security and services plane established for traffic delivery Although the questions can be simply stated the possible responses are virtually limitless You can define dozens and dozens of protocols to answer these questions for different types of network maps and all the different types of traffic not to mention how the control plane
10. os to run all types of platforms in all matter of sizes from a small box in a home office to the largest boxes in the world handling terabits of data every second Figure 1 1 provides a high level view of the Junos OS software architecture with its three functional processing planes Shown above the dashed line is the control plane that runs on what is known as the Routing Engine RE of the Juniper device Below the dashed line is the packet forwarding plane which runs on a separate Packet Forwarding Engine PFE in larger Juniper platforms The services plane which provides specialized processing such as for quality classification and security is on the right z Pa o g gt 5 S a 2 a 2 8 NAT VPN e J 2 e ee eee a D 2 aos S Services Ww Physical Interfaces Plane Chapter 1 Junos Is Everywhere You Need to Be 13 Do you want faster platforms in your network That s like asking if you d like to have today off with pay of course Yes it would be good to have the network go a little faster Faster faster faster is a constant drumbeat for net works In over ten years of product delivery Juniper has scaled the through put of its fastest devices from 40GB per second to multiple terabits per second with a fast expanding set of services The use of separate processors for the RE the PFE and services cards has been the essential architecture element to each performance breakthroug
11. rent control process such as control for the chassis components Ethernet switching routing protocols interfaces management and so on The basis of the Junos kernel comes from the FreeBSD UNIX operating system an open source software system This mature general purpose system pro vides many of the essential functions of an operating system such as the scheduling of resources To transform it into a network operating system the Juniper engineers extensively modified and hardened the code for the special ized requirements of networking 14 Part I Discovering Junos OS You may be wondering if you have a way in Junos OS to protect the control plane itself from a security attack Yes you can configure filters and rate limit the traffic that reaches your RE For more on this topic see Chapter 9 Moving forward The Packet Forwarding Engine is the central processing element of the for warding plane systematically moving the packets in and out of the device In the Junos OS the PFE has a locally stored forwarding table The forward ing table is a synchronized copy of all the information from the RE that the forwarding plane needs to handle each packet including outgoing interfaces addresses and so on Storing a local copy of this information allows the PFE to get its job done without going to the control plane every time that it needs to process a packet Another benefit to having a local copy is that the PFE can continue for
12. vides secure authenticated access to corporate net works and resources using SSL VPN technology Junos Pulse provides a com prehensive mobile security management and control solution to protect end devices from viruses malware spam loss theft physical compromise and other threats
13. ward ing packets even when a disruption occurs to the control plane such as when a routing or other process issue happens At your service The services plane provides special handling required by many different types of packets By separating the processing of services from other func tions of the operating systems Junos OS is able to support a wide variety of different service types in different kinds of platforms These services might include prioritizing a packet carrying time sensitive information such as a voice call ahead of others on a congested link guard ing which users can get to what sections or applications of the network translating addresses where one network meets another or mediating how the network serves video content That s not a problem The many benefits of modular architecture Have you ever had a router continually reboot and when you look on the console you see that an error occurred in a single nonessential process With the Junos OS you don t see that problem The modular architecture of Junos OS allows individual control plane processes to run in their own module also sometimes called a daemon Each module has specified pro cessing resources and runs in its own protected memory space avoiding the processing conflicts that can occur in other platforms If a malfunction in a module causes an issue the rest of the system can continue to operate For example one module can t disrupt another b
14. xpanded its Junos software portfolio beyond the operating system adding new capabilities to link into the application space as well as client software for mobile and per sonal computing devices Together the Junos operating system the Junos Space network application platform and the Junos Pulse client form the Junos Platform By integrating these software layers of the network into one platform Juniper is expanding the ways that applications can interact with the network from the cloud out to the end user Chapter 1 Junos Is Everywhere You Need to Be As part of the Junos Platform Juniper provides a set of programming inter faces and software development kits SDKs that developers can use to spec ify the application interactions Unlike other platforms that merely enable third parties to interface through APIs these SDKs give application develop ers a broad set of development interfaces and tools to build a wide variety of applications richly integrated to the Junos Platform The following sections provide a short introduction to these additional com ponents of the Junos portfolio To learn more about Junos Space and Junos Pulse visit http www juniper net us en products services software junos platform Junos Space Junos Space is an open network platform for developing and hosting applica tions that interact with the network The Junos Space platform provides mul tilayered network abstractions and workflows that allow users
15. y scribbling on its memory Chapter 1 Junos Is Everywhere You Need to Be 15 What about a minor hiccup in SNMP bringing down your whole system That s another misfortune that you won t miss with Junos OS because its clean separation between control processes helps to isolate small problems so that they can t create worse havoc In our many discussions with users we hear over and over that the stability of Junos OS is the biggest difference that they see after deploying Juniper platforms in their network They tell us about their boxes running for months and months even years without interruption How they popped the device into the rack set up the configuration and never looked back It just keeps going and going and going oh that s another company s line The modular architecture also eases fault isolation With each process func tioning within its own module when the occasional problem does occur pin pointing the exact reason is far less complicated for both you and the Juniper support team With quick identification and a good understanding of the root cause you can apply a fix that works the first time you try We have one more benefit to highlight flexible innovation The organized structure of the architecture enables deep integration of new capabilities with high functioning interaction with existing processes For you this means that native support of new services and features delivers a richness of capa b

Wiley JUNOS OS For Dummies, 2nd Edition

Contents

Download Pdf Manuals

Related Search

Related Contents