Routing is the process of moving data between Layer 3 networks.
Two primary routing components:
- End-to-end physical communications path.
- Ensure all Layer 3 (routing) devices within the network path have the necessary routing information.
Routing Table
The Junos OS receives multiple routes for a given destination prefix, it selects a single route as the active route. It also support multiple, equal-cost routes.
Forwarding Table
The Junos OS uses the active route for each destination prefix to populate the forwarding table. The forwarding table determines the outgoing interface and Layer 2 rewrite information for each packet.
Multiple Routing Tables
The Junos OS can accommodate multiple routing tables and creates additional routing tables when the configuration requires it. The primary routing table inet.0 stores IPv4 unicast routes and inet6.0 for IPv6 unicast routes.
Preferred Routing Information Sources
The Junos OS uses route preferences (administrative distance/AD in Cisco) to differentiate routes received from different routing information sources. The lower preference values are preferred over high preference values.
Viewing the Route Table
[edit]
jadmin@JR-1# set routing-options ?
Possible completions:
> access Access routes
> access-internal Access-internal routes
> admin-groups-extended Extended administrative groups
> admin-groups-extended-range Extended administrative groups range
> aggregate Coalesced routes
+ apply-groups Groups from which to inherit configuration data
+ apply-groups-except Don't inherit configuration data from these groups
> auto-export Export routes between routing instances
> autonomous-system Autonomous system number
bgp-orf-cisco-mode Using BGP ORF capability code 130 and Prefix ORF type 128
> bmp BGP Monitoring Protocol (BMP) configuration
> confederation Confederation autonomous system number
> dynamic-tunnels Dynamic tunnel definitions
> fate-sharing Fate-sharing links or nodes database
> flow Locally defined flow routing information
> forwarding-table
> generate Route of last resort
> graceful-restart Graceful or hitless routing restart options
+ instance-export Export policy for instance RIBs
+ instance-import Import policy for instance RIBs
> interface-routes Define routing table groups for interface routes
> martians Invalid routes
> maximum-paths Maximum number of paths
> maximum-prefixes Maximum number of prefixes
med-igp-update-interval Delay (in minutes) in updating MED IGP for bgp groups
with 'delay-med-update'
> multicast Global multicast options
> options Miscellaneous options
> ppm Set periodic packet management properties
> resolution Route next-hop resolution options
> rib Routing table options
> rib-groups Group of routing tables
route-distinguisher-id Identifier used in route distinguishers for routing in
stances
route-record Enable route recording
router-id Router identifier
> source-routing Source-routing options
> srlg SRLG configuration
> static Static routes
> topologies Define routing topologies
> traceoptions Global routing protocol trace options
[edit]
jadmin@JR-1# set routing-options static ?
Possible completions:
+ apply-groups Groups from which to inherit configuration data
+ apply-groups-except Don't inherit configuration data from these groups
> defaults Global route options
rib-group Routing table group
> route Static route
[edit]
jadmin@JR-1# set routing-options static route ?
Possible completions:
<destination>
[edit]
jadmin@JR-1# set routing-options static route 192.168.1.0/24 ?
Possible completions:
active Remove inactive route from forwarding table
+ apply-groups Groups from which to inherit configuration data
+ apply-groups-except Don't inherit configuration data from these groups
> as-path Autonomous system path
backup-pe-group Multicast source redundancy group
> bfd-liveness-detection Bidirectional Forwarding Detection (BFD) options
> color Color (preference) value
> color2 Color (preference) value 2
+ community BGP community identifier
discard Drop packets to destination; send no ICMP unreachables
install Install route into forwarding table
> lsp-next-hop LSP next hop
> metric Metric value
> metric2 Metric value 2
> metric3 Metric value 3
> metric4 Metric value 4
+ next-hop Next hop to destination
next-table Next hop to another table
no-install Don't install route into forwarding table
no-readvertise Don't mark route as eligible to be readvertised
no-resolve Don't allow resolution of indirectly connected next hops
no-retain Don't always keep route in forwarding table
> p2mp-lsp-next-hop Point-to-multipoint LSP next hop
passive Retain inactive route in forwarding table
> preference Preference value
> preference2 Preference value 2
> qualified-next-hop Next hop with qualifiers
readvertise Mark route as eligible to be readvertised
receive Install a receive route for the destination
reject Drop packets to destination; send ICMP unreachables
resolve Allow resolution of indirectly connected next hops
retain Always keep route in forwarding table
> static-lsp-next-hop Static LSP next hop
> tag Tag string
> tag2 Tag string 2
[edit]
jadmin@JR-1# set routing-options static route 192.168.1.0/24 next-hop ?
Possible completions:
<value> Next hop to destination
[ Open a set of values
[edit]
jadmin@JR-1# set routing-options static route 192.168.1.0/24 next-hop 10.1.1.2
[edit]
jadmin@JR-1# commit
commit complete
jadmin@JR-1> show route // VIEW ROUTING TABLE
inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden) // THE inet.0 IS USED FOR IPv4 UNICAST ROUTES
+ = Active Route, - = Last Active, * = Both
10.1.1.0/24 *[Direct/0] 00:06:01 // AN ASTERISK (*) INDICATES AN ACTIVE ROUTE.
> via em0.0
10.1.1.1/32 *[Local/0] 04:50:06
Local via em0.0
192.168.1.0/24 *[Static/5] 00:00:06 // ROUTE SOURCE/PREFERENCE
> to 10.1.1.2 via em0.0
You can filter the show route output by destination prefix, protocol type and other attributes.
jadmin@JR-1> show route 10.1.1.1/24 ?
Possible completions:
<[Enter]> Execute this command
active-path Show active paths
advertising-protocol Show information in format intended for particular routing protocol
all Show all entries, including hidden entries
aspath-regex BGP AS path regular expression for entries to match
best Show longest matching route
brief Display brief output
ccc Name of entry in MPLS table with a circuit cross-connect
interface
+ community Identifier for community (can include wildcards)
community-name Name of configured community policy to match
damping Show entries subjected to particular kind of route damping
detail Display detailed output
exact Show routes that match exactly
extensive Display extensive output
hidden Show hidden entries
inactive-path Show inactive paths
inactive-prefix Show inactive route destinations
label Label of entry in MPLS routing table
label-switched-path Name of LSP tunnel associated with entries
logical-system Name of logical system, or 'all'
match-prefix Regular expression to match formatted prefix
next-hop IP address of next hop that is destination for entries
no-community Show entries with no associated community
output Show entries sent out a particular interface
private Show private table routes
protocol Name of protocol that is source for entries
range Show all entries in prefix range
rd-prefix Route distinguisher with ip prefix (rd:prefix)
receive-protocol Show information in format received from particular routi
ng protocol
source-gateway IP address of source router for entries
static-label-switched-path Name of static LSP tunnel associated with entries
table Name of routing table
terse Display terse output
| Pipe through a command
jadmin@JR-1> show route 10.1.1.1/24 exact
inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.1.1.0/24 *[Direct/0] 00:02:24
> via em0.0
jadmin@JR-1> show route protocol ?
Possible completions:
access Access route
access-internal Access-internal route
aggregate Locally generated aggregate route
bgp Border Gateway Protocol
ccc Circuit cross-connect
direct Directly connected routes
dvmrp Distance Vector Multicast Routing Protocol
esis End System-to-Intermediate System
flow Locally defined flow route
isis Intermediate System-to-Intermediate System
l2circuit Layer 2 circuit
l2vpn Layer 2 virtual private network
ldp Label Distribution Protocol
local Local system addresses
mpls Multiprotocol Label Switching
msdp Multicast Source Discovery Protocol
mvpn BGP-MVPN Protocol
ospf Open Shortest Path First
ospf2 Open Shortest Path First Version 2
ospf3 Open Shortest Path First Version 3
pim Protocol Independent Multicast
rip Routing Information Protocol
ripng Routing Information Protocol for IPv6
rsvp Resource Reservation Protocol
rtarget Local route target VPN membership
static Statically defined prefixes
tunnel Dynamic tunnel
vpn Layer 3 virtual private network
jadmin@JR-1> show route protocol static
inet.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.1.0/24 *[Static/5] 00:03:24
> to 10.1.1.2 via em0.0
jadmin@JR-1> show route ?
Possible completions:
<[Enter]> Execute this command
<destination> IP address and optional prefix length of destination
active-path Show active paths
advertising-protocol Show information in format intended for particular routi
ng protocol
all Show all entries, including hidden entries
aspath-regex BGP AS path regular expression for entries to match
best Show longest matching route
brief Display brief output
ccc Name of entry in MPLS table with a circuit cross-connect
interface
+ community Identifier for community (can include wildcards)
community-name Name of configured community policy to match
damping Show entries subjected to particular kind of route damping
detail Display detailed output
exact Show routes that match exactly
export Show instance export information
extensive Display extensive output
flow Show flow routing information
forwarding-table Show entries in all forwarding tables
hidden Show hidden entries
inactive-path Show inactive paths
inactive-prefix Show inactive route destinations
instance Show routing instances information
label Label of entry in MPLS routing table
label-switched-path Name of LSP tunnel associated with entries
localization Show route localization information
logical-system Name of logical system, or 'all'
martians Show martian networks
match-prefix Regular expression to match formatted prefix
next-hop IP address of next hop that is destination for entries
no-community Show entries with no associated community
output Show entries sent out a particular interface
private Show private table routes
protocol Name of protocol that is source for entries
range Show all entries in prefix range
rd-prefix Route distinguisher with ip prefix (rd:prefix)
receive-protocol Show information in format received from particular routing protocol
resolution Show next-hop resolution database
rib-groups Show group of routing tables
snooping Show routes for multicast snooping
source-gateway IP address of source router for entries
static-label-switched-path Name of static LSP tunnel associated with entries
summary Show routing table statistics
table Name of routing table
terse Display terse output
| Pipe through a command
jadmin@JR-1> show route forwarding-table // VIEW FORWARDING TABLE
Routing table: default.inet
Internet:
Destination Type RtRef Next hop Type Index NhRef Netif
default perm 0 rjct 36 1 // WHEN NO PACKET MATCHING ENTRY EXIST EXCEPT FOR USER-DEFINE DEFAULT ROUTE; IT SENDS ICMP UNREACHABLE BACK TO THE SENDER
0.0.0.0/32 perm 0 dscd 34 1
10.1.1.0/24 intf 0 rslv 543 1 em0.0
10.1.1.0/32 dest 0 10.1.1.0 recv 541 1 em0.0
10.1.1.1/32 intf 0 10.1.1.1 locl 542 2
10.1.1.1/32 dest 0 10.1.1.1 locl 542 2
10.1.1.2/32 dest 0 10.1.1.2 hold 548 3 em0.0
10.1.1.10/32 dest 1 2:0:4c:4f:4f:50 ucst 547 2 em0.0
10.1.1.255/32 dest 0 10.1.1.255 bcst 540 1 em0.0
192.168.1.0/24 user 0 10.1.1.2 hold 548 3 em0.0
224.0.0.0/4 perm 0 mdsc 35 1
224.0.0.1/32 perm 0 224.0.0.1 mcst 31 1
255.255.255.255/32 perm 0 bcst 32 1
Routing table: __master.anon__.inet
Internet:
Destination Type RtRef Next hop Type Index NhRef Netif
default perm 0 rjct 517 1
0.0.0.0/32 perm 0 dscd 515 1
224.0.0.0/4 perm 0 mdsc 516 1
224.0.0.1/32 perm 0 224.0.0.1 mcst 512 1
255.255.255.255/32 perm 0 bcst 513 1
Routing table: default.iso
ISO:
Destination Type RtRef Next hop Type Index NhRef Netif
default perm 0 rjct 60 1
Routing table: __master.anon__.iso
ISO:
Destination Type RtRef Next hop Type Index NhRef Netif
default perm 0 rjct 523 1
Routing table: default.inet6
Internet6:
Destination Type RtRef Next hop Type Index NhRef Netif
default perm 0 rjct 44 1
::/128 perm 0 dscd 42 1
ff00::/8 perm 0 mdsc 43 1
ff02::1/128 perm 0 ff02::1 mcst 39 1
Routing table: __master.anon__.inet6
Internet6:
Destination Type RtRef Next hop Type Index NhRef Netif
default perm 0 rjct 532 1
::/128 perm 0 dscd 530 1
ff00::/8 perm 0 mdsc 531 1
ff02::1/128 perm 0 ff02::1 mcst 528 1
Routing table: default.mpls
MPLS:
Destination Type RtRef Next hop Type Index NhRef Netif
default perm 0 dscd 50 1
Routing table: :mpls-oam.mpls
MPLS:
Destination Type RtRef Next hop Type Index NhRef Netif
default perm 0 dscd 525 1
Routing table: default-switch.bridge
VPLS:
Destination Type RtRef Next hop Type Index NhRef Netif
default perm 0 dscd 536 1
Master Routing Instance (Global Routing in Cisco)
jadmin@JR-1> show route instance // DEFAULT UNICAST ROUTING "MASTER" INSTANCE
Instance Type
Primary RIB Active/holddown/hidden
master forwarding
inet.0 3/0/0
__juniper_private1__ forwarding // PRIVATE ROUTING INSTANCE USED FOR INTERNAL COMMUNICATIONS BETWEEN HARDWARE COMPONENTS (JUST IGNORE)
__juniper_private1__.inet.0 1/0/0
__juniper_private1__.inet6.0 1/0/0
__juniper_private2__ forwarding
__juniper_private2__.inet.0 0/0/1
__master.anon__ forwarding
User-Defined Routing Instance (Virtual Routing and Forwarding or VRF in Cisco)
jadmin@JR-1> configure
Entering configuration mode
Users currently editing the configuration:
jadmin terminal p2 (pid 2116) on since 2020-10-20 21:56:23 SGT, idle 01:50:11
[edit]
The configuration has been changed but not committed
[edit]
jadmin@JR-1# edit routing-instances ?
Possible completions:
<[Enter]> Execute this command
<instance_name> Routing instance name
| Pipe through a command
[edit]
jadmin@JR-1# edit routing-instances CUST-A
[edit routing-instances CUST-A]
jadmin@JR-1# set ?
Possible completions:
> access Network access configuration
> access-profile Access profile for this instance
+ apply-groups Groups from which to inherit configuration data
+ apply-groups-except Don't inherit configuration data from these groups
description Text description of routing instance
> forwarding-options Forwarding options configuration
instance-role Primary role of L2Backhaul-vpn router
instance-type Type of routing instance
> interface Interface name for this routing instance
> l2vpn-id Layer-2 vpn-id for this instance
no-vrf-advertise Don't advertise this instance to remote PEs
no-vrf-propagate-ttl Disable TTL propagation from IP to MPLS (on push) and MP
LS to IP (on pop)
> protocols Routing protocol configuration
> provider-tunnel Provider tunnel configuration
> route-distinguisher Route distinguisher for this instance
> routing-options Protocol-independent routing option configuration
> services Service PIC daemon configuration
> system System parameters
vlan-model Subscriber vlan-model in L2Wholesale framework
> vrf-advertise-selective Override no-vrf-advertise knob for the specified addr
ess family
+ vrf-export Export policy for VRF instance RIBs
+ vrf-import Import policy for VRF instance RIBs
vrf-propagate-ttl Enable TTL propagation from IP to MPLS (on push) and MPLS
to IP (on pop)
> vrf-table-label Advertise a single VPN label for all routes in the VRF
> vrf-target VRF target community configuration
[edit routing-instances CUST-A]
jadmin@JR-1# set instance-type ?
Possible completions:
forwarding Forwarding instance
l2vpn Layer 2 VPN routing instance
mpls-internet-multicast Internet Multicast over MPLS routing instance
no-forwarding Nonforwarding instance
virtual-router Virtual routing instance
vpls VPLS routing instance
vrf Virtual routing forwarding instance
[edit routing-instances CUST-A]
jadmin@JR-1# set instance-type virtual-router
[edit routing-instances CUST-A]
jadmin@JR-1# set interface lo0.10
[edit routing-instances CUST-A]
jadmin@JR-1# set routing-options static route 0.0.0.0/0 next-hop 172.16.1.1
[edit routing-instances CUST-A]
jadmin@JR-1# show
instance-type virtual-router;
interface lo0.10; ## 'lo0.10' is not defined
routing-options {
static {
route 0.0.0.0/0 next-hop 172.16.1.1;
}
}
[edit routing-instances CUST-A]
jadmin@JR-1# commit
commit complete
Static Routes
Static routing is ideal in small networks or where absolute control of routing is necessary. All static routes are configured in the edit routing-options hierarchy. By default, the next-hop IP address of the static routes configured must be reachable using a direct route since Junos OS doesn't perform a recursive lookup of next hops by default.
Next-hop value can be a bit bucket, which is analogous to dropping the packet. You can use keywords reject (the system sends an ICMP unreachable back to the source) or discard (drops the packet silently).
jadmin@JR-1> configure
Entering configuration mode
[edit]
jadmin@JR-1# edit routing-options
[edit routing-options]
jadmin@JR-1# show
static {
route 192.168.1.0/24 next-hop 10.1.1.2;
}
[edit routing-options]
jadmin@JR-1# set static route 192.168.2.0/24 next-hop 10.1.1.3 ?
Possible completions:
<[Enter]> Execute this command
active Remove inactive route from forwarding table
+ apply-groups Groups from which to inherit configuration data
+ apply-groups-except Don't inherit configuration data from these groups
> as-path Autonomous system path
backup-pe-group Multicast source redundancy group
> bfd-liveness-detection Bidirectional Forwarding Detection (BFD) options
> color Color (preference) value
> color2 Color (preference) value 2
+ community BGP community identifier
install Install route into forwarding table
> lsp-next-hop LSP next hop
> metric Metric value
> metric2 Metric value 2
> metric3 Metric value 3
> metric4 Metric value 4
+ next-hop Next hop to destination
no-install Don't install route into forwarding table
no-readvertise Don't mark route as eligible to be readvertised
no-resolve Don't allow resolution of indirectly connected next hops
no-retain Don't always keep route in forwarding table
> p2mp-lsp-next-hop Point-to-multipoint LSP next hop
passive Retain inactive route in forwarding table
> preference Preference value
> preference2 Preference value 2
> qualified-next-hop Next hop with qualifiers
readvertise Mark route as eligible to be readvertised
resolve Allow resolution of indirectly connected next hops
retain Always keep route in forwarding table
> static-lsp-next-hop Static LSP next hop
> tag Tag string
> tag2 Tag string 2
| Pipe through a command
[edit routing-options]
jadmin@JR-1# set static route 192.168.2.0/24 next-hop 10.1.1.3 no-readvertise
[edit routing-options]
jadmin@JR-1# set rib ?
Possible completions:
<rib_name> Routing table name
[edit routing-options]
jadmin@JR-1# set rib inet6.0 ?
Possible completions:
> access Access routes
> access-internal Access-internal routes
> aggregate Coalesced routes
+ apply-groups Groups from which to inherit configuration data
+ apply-groups-except Don't inherit configuration data from these groups
> generate Route of last resort
> martians Invalid routes
> maximum-paths Maximum number of paths
> maximum-prefixes Maximum number of prefixes
> static Static routes
[edit routing-options]
jadmin@JR-1# set rib inet6.0 static ?
Possible completions:
+ apply-groups Groups from which to inherit configuration data
+ apply-groups-except Don't inherit configuration data from these groups
> defaults Global route options
rib-group Routing table group
> route Static route
[edit routing-options]
jadmin@JR-1# set rib inet6.0 static route ?
Possible completions:
<destination>
[edit routing-options]
jadmin@JR-1# set rib inet6.0 static route 0::/0 ?
Possible completions:
active Remove inactive route from forwarding table
+ apply-groups Groups from which to inherit configuration data
+ apply-groups-except Don't inherit configuration data from these groups
> as-path Autonomous system path
backup-pe-group Multicast source redundancy group
> bfd-liveness-detection Bidirectional Forwarding Detection (BFD) options
> color Color (preference) value
> color2 Color (preference) value 2
+ community BGP community identifier
discard Drop packets to destination; send no ICMP unreachables
install Install route into forwarding table
> lsp-next-hop LSP next hop
> metric Metric value
> metric2 Metric value 2
> metric3 Metric value 3
> metric4 Metric value 4
+ next-hop Next hop to destination
next-table Next hop to another table
no-install Don't install route into forwarding table
no-readvertise Don't mark route as eligible to be readvertised
no-resolve Don't allow resolution of indirectly connected next ho
no-retain Don't always keep route in forwarding table
> p2mp-lsp-next-hop Point-to-multipoint LSP next hop
passive Retain inactive route in forwarding table
> preference Preference value
> preference2 Preference value 2
> qualified-next-hop Next hop with qualifiers
readvertise Mark route as eligible to be readvertised
receive Install a receive route for the destination
reject Drop packets to destination; send ICMP unreachables
resolve Allow resolution of indirectly connected next hops
retain Always keep route in forwarding table
> static-lsp-next-hop Static LSP next hop
> tag Tag string
> tag2 Tag string 2
[edit routing-options]
jadmin@JR-1# set rib inet6.0 static route 0::/0 next-hop ?
Possible completions:
<value> Next hop to destination
[ Open a set of values
[edit routing-options]
jadmin@JR-1# set rib inet6.0 static route 0::/0 next-hop 2001::1
jadmin@JR-1# show
rib inet6.0 {
static {
route 0::/0 next-hop 2001::1; // IPv6 DEFAULT STATIC ROUTE
}
}
static {
route 192.168.1.0/24 next-hop 10.1.1.2;
route 192.168.2.0/24 {
next-hop 10.1.1.3;
no-readvertise; // RESTRICT A ROUTE FROM BEING ADVERTISED INTO A DYNAMIC ROUTING PROTOCOL THROUGH ROUTING POLICY; RECOMMENDED FOR STATIC ROUTES USED FOR MANAGEMENT TRAFFIC
}
}
[edit routing-options]
jadmin@JR-1# commit
commit complete
[edit routing-options]
jadmin@JR-1# run show route protocol ?
Possible completions:
access Access route
access-internal Access-internal route
aggregate Locally generated aggregate route
bgp Border Gateway Protocol
ccc Circuit cross-connect
direct Directly connected routes
dvmrp Distance Vector Multicast Routing Protocol
esis End System-to-Intermediate System
flow Locally defined flow route
isis Intermediate System-to-Intermediate System
l2circuit Layer 2 circuit
l2vpn Layer 2 virtual private network
ldp Label Distribution Protocol
local Local system addresses
mpls Multiprotocol Label Switching
msdp Multicast Source Discovery Protocol
mvpn BGP-MVPN Protocol
ospf Open Shortest Path First
ospf2 Open Shortest Path First Version 2
ospf3 Open Shortest Path First Version 3
pim Protocol Independent Multicast
rip Routing Information Protocol
ripng Routing Information Protocol for IPv6
rsvp Resource Reservation Protocol
rtarget Local route target VPN membership
static Statically defined prefixes
tunnel Dynamic tunnel
vpn Layer 3 virtual private network
[edit routing-options]
jadmin@JR-1# run show route protocol static // DISPLAY STATIC ROUTES
inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
192.168.1.0/24 *[Static/5] 00:09:31
> to 10.1.1.2 via em0.0
192.168.2.0/24 *[Static/5] 00:00:10
> to 10.1.1.3 via em0.0
[edit routing-options]
Indirect Next Hop
By default, Junos OS requires the next-hop IP address of static routes to be reachable using a direct route since it doesn't perform a recursive lookups. You can use the resolve option to alter this behavior. It's recommended to use a dynamic routing protocol instead of a static route to resolve indirect next hops.
jadmin@JR-1> edit // ALTERNATE TO configure
Entering configuration mode
Users currently editing the configuration:
jadmin terminal p0 (pid 3731) on since 2020-10-21 00:45:43 SGT, idle 00:08:09
[edit routing-options]
[edit]
jadmin@JR-1# edit routing-options
[edit routing-options]
jadmin@JR-1# set static route 192.168.3.0/24 next-hop 10.1.1.3 ?
Possible completions:
<[Enter]> Execute this command
active Remove inactive route from forwarding table
+ apply-groups Groups from which to inherit configuration data
+ apply-groups-except Don't inherit configuration data from these groups
> as-path Autonomous system path
backup-pe-group Multicast source redundancy group
> bfd-liveness-detection Bidirectional Forwarding Detection (BFD) options
> color Color (preference) value
> color2 Color (preference) value 2
+ community BGP community identifier
install Install route into forwarding table
> lsp-next-hop LSP next hop
> metric Metric value
> metric2 Metric value 2
> metric3 Metric value 3
> metric4 Metric value 4
+ next-hop Next hop to destination
no-install Don't install route into forwarding table
no-readvertise Don't mark route as eligible to be readvertised
no-resolve Don't allow resolution of indirectly connected next hops
no-retain Don't always keep route in forwarding table
> p2mp-lsp-next-hop Point-to-multipoint LSP next hop
passive Retain inactive route in forwarding table
> preference Preference value
> preference2 Preference value 2
> qualified-next-hop Next hop with qualifiers
readvertise Mark route as eligible to be readvertised
resolve Allow resolution of indirectly connected next hops
retain Always keep route in forwarding table
> static-lsp-next-hop Static LSP next hop
> tag Tag string
> tag2 Tag string 2
| Pipe through a command
[edit routing-options]
jadmin@JR-1# set static route 192.168.3.0/24 next-hop 10.1.1.3 resolve
[edit routing-options]
jadmin@JR-1# show
rib inet6.0 {
static {
route 0::/0 next-hop 2001::1;
}
}
static {
route 192.168.1.0/24 next-hop 10.1.1.2;
route 192.168.2.0/24 {
next-hop 10.1.1.3;
no-readvertise;
}
route 192.168.3.0/24 {
next-hop 10.1.1.3;
resolve;
}
}
[edit routing-options]
Qualified Next Hop (Floating Static Route)
The qualified-next-hop option allows independent preferences for static routes towards the same destination network.
jadmin@JR-1> configure
Entering configuration mode
Users currently editing the configuration:
jadmin terminal p0 (pid 3731) on since 2020-10-21 00:45:43 SGT, idle 00:19:00
[edit routing-options]
[edit]
jadmin@JR-1# edit routing-options
[edit routing-options]
jadmin@JR-1# set static route 0.0.0.0/0 next-hop 192.168.10.1 ?
Possible completions:
<[Enter]> Execute this command
active Remove inactive route from forwarding table
+ apply-groups Groups from which to inherit configuration data
+ apply-groups-except Don't inherit configuration data from these groups
> as-path Autonomous system path
backup-pe-group Multicast source redundancy group
> bfd-liveness-detection Bidirectional Forwarding Detection (BFD) options
> color Color (preference) value
> color2 Color (preference) value 2
+ community BGP community identifier
install Install route into forwarding table
> lsp-next-hop LSP next hop
> metric Metric value
> metric2 Metric value 2
> metric3 Metric value 3
> metric4 Metric value 4
+ next-hop Next hop to destination
no-install Don't install route into forwarding table
no-readvertise Don't mark route as eligible to be readvertised
no-resolve Don't allow resolution of indirectly connected next hops
no-retain Don't always keep route in forwarding table
> p2mp-lsp-next-hop Point-to-multipoint LSP next hop
passive Retain inactive route in forwarding table
> preference Preference value
> preference2 Preference value 2
> qualified-next-hop Next hop with qualifiers
readvertise Mark route as eligible to be readvertised
resolve Allow resolution of indirectly connected next hops
retain Always keep route in forwarding table
> static-lsp-next-hop Static LSP next hop
> tag Tag string
> tag2 Tag string 2
| Pipe through a command
[edit routing-options]
jadmin@JR-1# set static route 0.0.0.0/0 next-hop 192.168.10.1 qualified-next-hop ?
Possible completions:
<nexthop> Next hop to destination
[edit routing-options]
jadmin@JR-1# set static route 0.0.0.0/0 next-hop 192.168.10.1 qualified-next-hop 192.168.10.254
jadmin@JR-1# set static route 0.0.0.0/0 next-hop 192.168.10.1 qualified-next-hop 192.168.10.254 ?
Possible completions:
<[Enter]> Execute this command
+ apply-groups Groups from which to inherit configuration data
+ apply-groups-except Don't inherit configuration data from these group
> bfd-liveness-detection Bidirectional Forwarding Detection (BFD) optio
interface Interface of qualified next hop
mac-address Next-hop Mac Address
metric Metric of qualified next hop
preference Preference of qualified next hop
| Pipe through a command
[edit routing-options]
jadmin@JR-1# set static route 0.0.0.0/0 next-hop 192.168.10.1 qualified-next-hop 192.168.10.254 preference ?
Possible completions:
<preference> Preference of qualified next hop
[edit routing-options]
jadmin@JR-1# set static route 0.0.0.0/0 next-hop 192.168.10.1 qualified-next-hop 192.168.10.254 preference 7
[edit routing-options]
jadmin@JR-1# show
rib inet6.0 {
static {
route 0::/0 next-hop 2001::1;
}
}
static {
route 192.168.1.0/24 next-hop 10.1.1.2;
route 192.168.2.0/24 {
next-hop 10.1.1.3;
no-readvertise;
}
route 192.168.3.0/24 {
next-hop 10.1.1.3;
resolve;
}
route 0.0.0.0/0 {
next-hop 192.168.10.1; // PRIMARY NEXT HOP WITH DEFAULT PREFERENCE 5
qualified-next-hop 192.168.10.254 { // SECONDARY NEXT HOP WITH USER DEFINED PREFERENCE 7; FLOATING STATIC ROUTE IN CISCO
preference 7;
}
}
}
Dynamic Routing
You simply configure the network interfaces to participate in a dynamic routing protocol. Devices running the same routing protocol can dynamically learn routing information from each other.
The benefits of dynamic routing include:
- Lower administrative overhead - the device learns routing information automatically, which eliminates the need for manual route definition.
- Increased network availability - during a network failure, dynamic routing can reroute traffic automatically
- Greater network scalability -
the device easily manage network growth by dynamically learning routes
I modified my Juniper virtual by directly connecting two Juniper VM routers.
To view the network adapter in VirtualBox, go to Tools > Network.
By default, there's only a single VirtualBox Host-Only Ethernet Adapter. You can add network adapters for the VM as needed.
In my Junos virtual lab, I just needed one VirtualBox Ethernet adapter to connect between two Junos Olive VM.
Under DHCP Server > deselect Enable.
To add the Junos VM in VirtualBox, go to File > Import Appliance.
Locate the Juniper Olive VM OVA file > click Next.
Deselect DVD and Sound Card > review VM settings > click Import.
Select the Junos VM > click Settings.
Go to Network > Adapter 1 tab > select: Enable Network Adapter > select Attached to: Bridged Adapter.
Select Name: Microsoft Loopback Adapter > click OK.
This will be the connection between my Windows machine and Junos VM for local management access (Telnet/SSH).
Leave the default settings under the Advanced section.
Go to Adapter 2 tab > select: Enable Network Adapter > select Attached to: Host-only Adapter > select Name: VirtualBox Host-Only Ethernet Adapter > click OK.
Leave the default settings under the Advanced section.
Rename the Junos VM under General > Basic tab > Name: JR1 > click OK.
Create another Junos Olive VM using the same steps above except there's only a Host-Only Network Adapter.
You can either manually import the VM again or clone by doing a right-click on JR1 VM > select Clone.
The JR1 VM will have interfaces em0 (Adapter 1) and em1 (Adapter 2), respectively.
Interface em0 will be the configured to connect my Windows machine and em1 for the link to JR2.
Below are the base configuration commands in JR1.
configure
set system host-name JR1
set system root-authentication plain-text-password
juniper123
set system services telnet
set system services ssh root-login allow
set system login message "Juniper VM Lab - JR1 "
set interfaces em0 unit 0 family inet address 10.1.1.1/24
set interfaces em1 unit 0 family inet address 172.25.1.1/30
set interfaces lo0 unit 0 family inet address 172.20.1.1/32
edit system login
set user jadmin class super-user
set user jadmin authentication plain-text-password
jadmin123
commit
jadmin@JR1> request system configuration rescue save // SAVE A BASELINE CONFIG IN CASE OF A ROLLBACK
jadmin@JR1> show configuration
## Last commit: 2020-10-25 10:35:53 UTC by jadmin
version 12.1R1.9;
system {
host-name JR1;
root-authentication {
encrypted-password "$1$z1.L2Pfo$sR97/UUK7PPZX2RA2Fumz1"; ## SECRET-DATA
}
login {
message "Juniper VM Lab - JR1";
user jadmin {
uid 2000;
class super-user;
authentication {
encrypted-password "$1$A42xsAPa$JTE2sbr19Nw1D6.QzhoWF."; ## SEC
ET-DATA
}
}
}
services {
ssh {
root-login allow;
}
telnet;
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
em0 {
unit 0 {
family inet {
address 10.1.1.1/24;
}
}
}
em1 {
unit 0 {
family inet {
address 172.25.1.1/30; // LAYER 3 LINK TO JR2
}
}
}
lo0 {
unit 0 {
family inet {
address 172.20.1.1/32;
}
}
}
}
Below are the base configuration on JR2. Notice there's only em0 interface (Adapter 1).
jadmin@JR1> telnet 172.25.1.2
Trying 172.25.1.2...
Connected to 172.25.1.2.
Escape character is '^]'.
Juniper VM Lab - JR2
JR2 (ttyp0)
login: jadmin
Password:
--- JUNOS 12.1R1.9 built 2012-03-24 12:52:33 UTC
jadmin@JR2> show configuration
## Last commit: 2020-10-25 10:44:03 UTC by root
version 12.1R1.9;
system {
host-name JR2;
root-authentication {
encrypted-password "$1$rP2JRJrT$OduXdfKa5/ZvMyrI44PiI."; ## SECRET-DATA
}
login {
message "Juniper VM Lab - JR2";
user jadmin {
uid 2000;
class super-user;
authentication {
encrypted-password "$1$Z7dp.tdz$1p0033n2IiAt9nCYId1HM0"; ## SECR
ET-DATA
}
}
}
services {
ssh {
root-login allow;
}
telnet;
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
em0 {
unit 0 {
family inet {
address 172.25.1.2/30; // LAYER 3 LINK TO JR1
}
}
}
lo0 {
unit 0 {
family inet {
address 172.20.2.1/32;
}
}
}
}
jadmin@JR2> ping 172.25.1.1 count 10 rapid
PING 172.25.1.1 (172.25.1.1): 56 data bytes
!!!!!!!!!!
--- 172.25.1.1 ping statistics ---
10 packets transmitted, 10 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.451/0.839/1.591/0.348 ms
jadmin@JR2> request system configuration rescue save
Case Study: Configuring OSPF
jadmin@JR1> configure
Entering configuration mode
Users currently editing the configuration:
root terminal v0 (pid 1488) on since 2020-10-25 10:26:47 UTC, idle 00:29:19
[edit system login]
[edit]
jadmin@JR1# edit protocols ?
Possible completions:
<[Enter]> Execute this command
> ancp Access Node Control Protocol options
> bfd Bidirectional Forwarding Detection (BFD) options
> bgp BGP options
> connections Circuit cross-connect configuration
> dot1x 802.1X options
> dvmrp DVMRP options
> igmp IGMP options
> ilmi Interim Local Management Interface Protocol configuration
> isis IS-IS options
> l2circuit Configuration for Layer 2 circuits over MPLS
> l2iw Configuration for Layer 2 interworking
> lacp Link Aggregation Control Protocol configuration
> ldp LDP options
> link-management LMP options
> lldp Link Layer Detection Protocol
> mld MLD options
> mpls Multiprotocol Label Switching options
> msdp MSDP configuration
> mvrp MVRP configuration
> oam Operation, Administration, and Management configuration
> ospf OSPF configuration
> ospf3 OSPFv3 configuration
> pgm PGM options
> pim PIM configuration
> ppp Configure PPP process
> ppp-service Configure PPP service
> pppoe Configure PPPoE process
> rip RIP options
> ripng RIPng options
> router-advertisement IPv6 router advertisement options
> router-discovery ICMP router discovery options
> rsvp RSVP options
> sap Session Advertisement Protocol options
> vrrp VRRP options
| Pipe through a command
[edit]
jadmin@JR1# edit protocols ospf
[edit protocols ospf]
jadmin@JR1# set area ?
Possible completions:
<area_id> Area ID
[edit protocols ospf]
jadmin@JR1# set area 0 interface em0.0 ?
Possible completions:
<[Enter]> Execute this command
+ apply-groups Groups from which to inherit configuration data
+ apply-groups-except Don't inherit configuration data from these groups
> authentication
> bandwidth-based-metrics Configure bandwidth based metrics
> bfd-liveness-detection Bidirectional Forwarding Detection options
dead-interval Dead interval (seconds) (1..65535)
demand-circuit Interface functions as a demand circuit
disable Disable OSPF on this interface
dynamic-neighbors Learn neighbors dynamically on a p2mp interface
flood-reduction Enable flood reduction
hello-interval Hello interval (seconds) (1..255)
interface-type Type of interface
ipsec-sa IPSec security association name
> ldp-synchronization Advertise maximum metric until LDP is operational
link-protection Protect interface from link faults only
metric Interface metric (1..65535)
> neighbor NBMA neighbor
no-eligible-backup Not eligible to backup traffic from protected interfaces
no-interface-state-traps Do not send interface state change traps
no-neighbor-down-notification Don't inform other protocols about neighbor dow
n events
node-link-protection Protect interface from both link and node faults
> passive Do not run OSPF, but advertise it
poll-interval Poll interval for NBMA interfaces (1..65535)
priority Designated router priority (0..255)
retransmit-interval Retransmission interval (seconds) (1..65535)
secondary Treat interface as secondary
te-metric Traffic engineering metric (1..4294967295)
> topology Topology specific attributes
transit-delay Transit delay (seconds) (1..65535)
| Pipe through a command
[edit protocols ospf]
jadmin@JR1# set area 0 interface em0.0 passive // THE passive OPTION PROHIBITS FORMING OSPF NEIGHBOR ADJACENCY SINCE IT'S A LAN SUBNET AND NOT ANOTHER JUNIPER DEVICE
[edit protocols ospf]
jadmin@JR1# set area 0 interface em1.0
[edit protocols ospf]
jadmin@JR1# set area 0 interface lo0.0
[edit protocols ospf]
jadmin@JR1# show
area 0.0.0.0 {
interface em0.0 {
passive;
}
interface em1.0;
interface lo0.0;
}
[edit protocols ospf]
jadmin@JR1# commit and-quit
commit complete
Exiting configuration mode
jadmin@JR1> show ospf ?
Possible completions:
backup Show OSPF backup information
context-identifier Show OSPF context identifier information
database Show OSPF link-state database
interface Show OSPF interface status information
io-statistics Show OSPF I/O statistics
log Show shortest-path-first calculations from OSPF log
neighbor Show OSPF neighbor status information
overview Show overview of OSPF information
route Show OSPF routing table
statistics Show OSPF statistics
jadmin@JR1> show ospf neighbor
Address Interface State ID Pri Dead
172.25.1.2 em1.0 Full 172.20.2.1 128 31 // FULL MEANS OSPF NEIGHBORS CAN EXCHANGE ROUTING INFO
jadmin@JR1> show ospf database
OSPF database, Area 0.0.0.0
Type ID Adv Rtr Seq Age Opt Cksum Len
Router *172.20.1.1 172.20.1.1 0x80000004 103 0x22 0x79b1 60
Router 172.20.2.1 172.20.2.1 0x80000004 99 0x22 0xb192 48
Network *172.25.1.1 172.20.1.1 0x80000001 103 0x22 0xb774 32
jadmin@JR1> show ospf interface
Interface State Area DR ID BDR ID Nbrs
em0.0 DRother 0.0.0.0 0.0.0.0 0.0.0.0 0
em1.0 DR 0.0.0.0 172.20.1.1 172.20.2.1 1
lo0.0 DR 0.0.0.0 172.20.1.1 0.0.0.0 0
jadmin@JR1> show ospf io-statistics
Packets read: 9, average per run: 1.00, max run: 0
Receive errors:
None
jadmin@JR1> show ospf log
Topology default SPF log:
Last instance of each event type
When Type Elapsed
00:02:36 SPF 0.000133
00:02:36 Stub 0.000062
00:02:36 Interarea 0.000116
00:02:36 External 0.000003
00:02:36 NSSA 0.000003
00:02:36 Cleanup 0.003071
Maximum length of each event type
When Type Elapsed
00:02:43 SPF 0.002320
00:07:42 Stub 0.001925
00:02:36 Interarea 0.000116
00:02:43 External 0.000003
00:07:47 NSSA 0.000009
00:02:36 Cleanup 0.003071
Last 100 events
When Type Elapsed
00:07:47 SPF 0.000019
00:07:47 Stub 0.000011
00:07:47 Interarea 0.000001
00:07:47 External 0.000001
00:07:47 NSSA 0.000009
00:07:47 Cleanup 0.000923
00:07:47 Total 0.001435
00:07:42 SPF 0.000016
00:07:42 Stub 0.001925
00:07:42 Interarea 0.000003
00:07:42 External 0.000002
00:07:42 NSSA 0.000002
00:07:42 Cleanup 0.000029
00:07:42 Total 0.001998
00:02:43 SPF 0.002320
00:02:43 Stub 0.000015
00:02:43 Interarea 0.000003
00:02:43 External 0.000003
00:02:43 NSSA 0.000002
00:02:43 Cleanup 0.000028
00:02:43 Total 0.002451
00:02:36 SPF 0.000133
00:02:36 Stub 0.000062
00:02:36 Interarea 0.000116
00:02:36 External 0.000003
00:02:36 NSSA 0.000003
00:02:36 Cleanup 0.003071
00:02:36 Total 0.003569
jadmin@JR1> show ospf overview
Instance: master
Router ID: 172.20.1.1
Route table index: 0
LSA refresh time: 50 minutes
Area: 0.0.0.0
Stub type: Not Stub
Authentication Type: None
Area border routers: 0, AS boundary routers: 0
Neighbors
Up (in full state): 1
Topology: default (ID 0)
Prefix export count: 0
Full SPF runs: 4
SPF delay: 0.200000 sec, SPF holddown: 5 sec, SPF rapid runs: 3
Backup SPF: Not Needed
jadmin@JR1> show ospf route
Topology default Route Table:
Prefix Path Route NH Metric NextHop Nexthop
Type Type Type Interface Address/LSP
172.20.2.1 Intra Router IP 1 em1.0 172.25.1.2
10.1.1.0/24 Intra Network IP 1 em0.0
172.20.1.1/32 Intra Network IP 0 lo0.0
172.20.2.1/32 Intra Network IP 1 em1.0 172.25.1.2
172.25.1.0/30 Intra Network IP 1 em1.0
jadmin@JR1> show ospf statistics
Packet type Total Last 5 seconds
Sent Received Sent Received
Hello 72 29 1 0
DbD 3 2 0 0
LSReq 1 1 0 0
LSUpdate 2 2 0 0
LSAck 2 1 0 0
DBDs retransmitted : 0, last 5 seconds : 0
LSAs flooded : 0, last 5 seconds : 0
LSAs flooded high-prio : 2, last 5 seconds : 0
LSAs retransmitted : 0, last 5 seconds : 0
LSAs transmitted to nbr: 1, last 5 seconds : 0
LSAs requested : 1, last 5 seconds : 0
LSAs acknowledged : 2, last 5 seconds : 0
Flood queue depth : 0
Total rexmit entries : 0
db summaries : 0
lsreq entries : 0
Receive errors:
None
jadmin@JR1> show route protocol ?
Possible completions:
access Access route
access-internal Access-internal route
aggregate Locally generated aggregate route
bgp Border Gateway Protocol
ccc Circuit cross-connect
direct Directly connected routes
dvmrp Distance Vector Multicast Routing Protocol
esis End System-to-Intermediate System
flow Locally defined flow route
isis Intermediate System-to-Intermediate System
l2circuit Layer 2 circuit
l2vpn Layer 2 virtual private network
ldp Label Distribution Protocol
local Local system addresses
mpls Multiprotocol Label Switching
msdp Multicast Source Discovery Protocol
mvpn BGP-MVPN Protocol
ospf Open Shortest Path First
ospf2 Open Shortest Path First Version 2
ospf3 Open Shortest Path First Version 3
pim Protocol Independent Multicast
rip Routing Information Protocol
ripng Routing Information Protocol for IPv6
rsvp Resource Reservation Protocol
rtarget Local route target VPN membership
static Statically defined prefixes
tunnel Dynamic tunnel
vpn Layer 3 virtual private network
jadmin@JR1> show route protocol ospf
inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
172.20.2.1/32 *[OSPF/10] 00:04:12, metric 1
> to 172.25.1.2 via em1.0
224.0.0.5/32 *[OSPF/10] 00:09:23, metric 1
MultiRecv
jadmin@JR2> configure
Entering configuration mode
Users currently editing the configuration:
root terminal v0 (pid 1482) on since 2020-10-25 10:39:29 UTC, idle 00:19:03
[edit system login]
[edit]
jadmin@JR2# edit protocols ospf
[edit protocols ospf]
jadmin@JR2# set area 0 interface em0.0
[edit protocols ospf]
jadmin@JR2# set area 0 interface lo0.0
[edit protocols ospf]
jadmin@JR2# show
area 0.0.0.0 {
interface em0.0;
interface lo0.0;
}
[edit protocols ospf]
jadmin@JR2# commit and-quit
Exiting configuration mode
jadmin@JR2> show ospf neighbor
Address Interface State ID Pri Dead
172.25.1.1 em0.0 Full 172.20.1.1 128 39
jadmin@JR2> show route protocol ospf
inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.1.1.0/24 *[OSPF/10] 00:07:07, metric 2
> to 172.25.1.1 via em0.0
172.20.1.1/32 *[OSPF/10] 00:07:07, metric 1
> to 172.25.1.1 via em0.0
224.0.0.5/32 *[OSPF/10] 00:11:25, metric 1
MultiRecv
jadmin@JR1# show | display set
set version 12.1R1.9
set system host-name JR1
set system root-authentication encrypted-password "$1$z1.L2Pfo$sR97/UUK7PPZX2RA2
Fumz1"
set system login message "Juniper VM Lab - JR1"
set system login user jadmin uid 2000
set system login user jadmin class super-user
set system login user jadmin authentication encrypted-password "$1$A42xsAPa$JTE2
sbr19Nw1D6.QzhoWF."
set system services ssh root-login allow
set system services telnet
set system syslog user * any emergency
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set interfaces em0 unit 0 family inet address 10.1.1.1/24
set interfaces em1 unit 0 family inet address 172.25.1.1/30
set interfaces lo0 unit 0 family inet address 172.20.1.1/32
set routing-options static route 0.0.0.0/0 next-hop 10.1.1.10
set protocols ospf export default-route-ospf
set protocols ospf area 0.0.0.0 interface em0.0 passive
set protocols ospf area 0.0.0.0 interface em1.0
set
protocols ospf area 0.0.0.0 interface lo0.0
jadmin@JR2# show | display set
set version 12.1R1.9
set system host-name JR2
set system root-authentication encrypted-password "$1$rP2JRJrT$OduXdfKa5/ZvMyrI4
4PiI."
set system login message "Juniper VM Lab - JR2"
set system login user jadmin uid 2000
set system login user jadmin class super-user
set system login user jadmin authentication encrypted-password "$1$Z7dp.tdz$1p00
33n2IiAt9nCYId1HM0"
set system services ssh root-login allow
set system services telnet
set system syslog user * any emergency
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set interfaces em0 unit 0 family inet address 172.25.1.2/30
set interfaces lo0 unit 0 family inet address 172.20.2.1/32
set protocols ospf area 0.0.0.0 interface lo0.0
set protocols ospf area 0.0.0.0 interface em0.0
Below are the configuration commands in JR1 and JR2, respectively.
JR1
edit protocols ospf
set area 0 interface em0.0 passive
set area 0 interface em1.0
set area 0 interface lo0.0
show
commit and-quit
show ospf neighbor
show route protocol ospf
JR2
edit protocols ospf
set area 0 interface em0.0
set area 0 interface lo0.0
show
commit and-quit
show ospf neighbor
show route protocol ospf