Loading...
This site is best viewed in a modern browser with JavaScript enabled.
Something went wrong while trying to load the full version of this site. Try hard-refreshing this page to fix the error.
Juniper Junos OS internal architecture overview | JNCIA Junos
admiralarjun
Intro
Based on FreeBSD Unix
Functionalities are compartmentalized into multiple software processes. So they run in it’s own protected memory space.
So if a single process fails, the entire system doesn’t go down.
Control Plane
Routing Engine (RE)
The brain of the device that performs protocol updates and system management
Based on x86 or PowerPC architecture.
Maintains routing tables, bridging tables and primary forwarding table.
Routing Table
(RT) contains all known routes as Routing table (1 or more) and the active routes are present in
Forwarding Table
(FT). FT is built by RT.
A copy of FT is sent to the Packet Forwarding Engine via the internal link.
Also responsible for controlling interfaces, chassis components, system management and access to the device. Provides CLI and J-Web GUI.
Forwarding Plane
Packet Forwarding Engine (PFE)
Runs on separate hardware from that of the Routing Engine giving hardware-level isolation for fault tolerance.
Forwards transit traffic (Any traffic that enter via one interface goes out into another, The current router is not the destination.) through the device.
Receives copy of FT via Internal Link. Updates are incremental meaning only the changes made are copied each time instead of full info.
Since the PFE have copy of RT, RE remains undisturbed for each and every lookup as it’s the brain of the device it should not be dumped up.
In Some cases its uses
ASICs - Application Specific Integrated Circuits
for better performance.
Provides services like Rate Limiting, Stateless Firewall filters, Class of Service (CoS)
Protocol Daemons
Each process that runs in its own protected memory space is known as a daemon.
Each daemon has a specific function.
Few important Daemons includes:
rpd
- Routing Protocol Daemon: Provides routing protocol intelligence.
dcd
- Device Control Deamon: Managing interfaces.
mgd
- Management Daemon: Provides CLI
alarmd
- System alarm notifications
syslogd
- System Log Daemon: For logging activities and functions
Can view Daemons by a command -
show system processes
Transit Traffic
Enters an ingress port, is compared against the forwarding table (FT) and is finally forwarded out an egress port.
for the traffic to be forwarded, the forwarding table must have an entry for the destination else the packet is dropped.
Transit traffic is handled only by the forwarding plane.
Transit traffic can be either unicast or multicast too.
Exception Traffic
Does not pass through the local device but requires special handling.
Any traffic that is destined to terminate on the Junos Device itself, meaning when the device is the destination for that traffic.
Eg,
Ping a Junos device, this ping packet should terminate within that device right.
SSH into a Junos device, the traffic should end with that right.
Packets addressed to the chassis such as routing protocol updates, traceroute
TCP/IP packets with the IP options field, by setting this options field you request for a special handling on that packet. So if the “IP option” field is set, it’s also a exception traffic.
All traffic destined to the RE is sent over the internal link which is
rate limited to protect against DoS
. This rate limiter is not configurable.