科技行者

行者学院 转型私董会 科技行者专题报道 网红大战科技行者

知识库

知识库 安全导航

至顶网网络频道路由交换Juniper路由系统架构

Juniper路由系统架构

  • 扫一扫
    分享文章到微信

  • 扫一扫
    关注官方公众号
    至顶头条

Juniper路由器设计的核心,路由器上把控制层面和转发层面分开。

来源:比特网 2012年12月7日

关键字: 路由器 Juniper

  • 评论
  • 分享微博
  • 分享邮件

Juniper路由器设计的核心,路由器上把控制层面和转发层面分开。

1.路由引擎routing engine:

juniper路由系统的核心,智能化操作、软件的升级,维护。 监控和配置路由器也通过接入路由引擎完成。

例如:接入路由器时,输入用户名密码,认证完之后进行的config操作,telnet/ping/traceroute等排错

尽管对路由器的控制动作发生在路由引擎上,但在逻辑上这个行为是基于junos软件对我们呈现的。

路由引擎主导所有的路由协议和路由表的选择,构建关于去往目的地址最佳路径的主路由表,

接着路由引擎放置这些最佳路径到forwarding table里,并且产生一份拷贝给包转发引擎packet forwarding engine

包转发引擎packet forwarding engine上的转发表真实的来转发我们用户的数据

1.1物理构成:

相比junos软件,juniper路由器的硬件部分是很常见的,路由引擎inte由l的pci主板构成

Routing Engine 2

2代引擎:M5 ,M10, M20, M40, M40e, M160;包括333MHZ的处理器,和768M的RAM,80M的内部flash卡,6.4G的传统的硬盘驱动器,除了M40使用LS120disk作为外部文件存储,

其他路由都用可移动的pcmia flash卡

Routing Engine 3

3代引擎:t320,t640,最新的junos版本也可以让它在诸多m路由器中使用;包括600MHZ处理器,2G RAM ,128M FLASH,30G硬盘,pcmia flash卡做外部存储。

RAM:路由表 转发表 链路状态数据库

flash:junos软件、配置文件

hard drive:junos软件备份 log文件 用户文件

Junos软件对这些硬件的支持使用统一的版本号,不存在特制的版本

2.包转发引擎 packet forwarding engine

最值得一提的是ASIC application specific integrated circuits 特殊用途的电路

包转发引擎最重要的部分是physical interface card物理接口卡,flexible pic concentrator灵活的物理接口卡集中器,swithcing control board交换控制板

这三者里都包含了juniper设计ibm生产的ASIC芯片

swicthing control board

包含powerpc cpu 64M RAM用于电路板自身的操作,不参与包转发。添加的8M或16M同步静态内存SSRAM用来存储转发表,控板上的internet线程ASIC用来达成转发表盒路由查询,控板上还有一个ASIc用于包转发的记忆存储管理

flexible pic concentrator

FPC通过包转发引擎来连接交换控制板和路由接口

通过ASIC来处理数据包进入和输出路由接口

PIC

连接在FPC上 ,每个pic都有一个特殊的ASIC

3. 路由引擎软件架构

junos软件基于FREEBSD, kernel是junos软件的关键

包括RPD DCD MGD chassisd pfed

软件里有,jkernel\jbase\jroute\jpfe\jdocs\jcrypto\jbundle 包括了基本的操作,路由、文档等内容

> help topic ospf area-backbone 使用help topic 命令可以从junos里得到关于概念理解上的帮助

Configuring the Backbone Area

You must create a backbone area if your network consists of multiple

areas. An ABR must have at least one interface in the backbone area, or it

must have a virtual link to a router in the backbone area. The backbone

comprises all area border routers and all routers that are not included in

any other area. You configure all these routers by including the following

area statement:

(ospf | ospf3) {

area 0.0.0.0;

}

For alistof hierarchy levels at which you can configure this statement,

see the statement summary section for this statement.

> help reference ospf authentication 使用help refernce命令可以得到具体的命令配置

authentication

Syntax

authentication {

md5 key-id {

key [ key-values ];

}

simple-password key-id;

}

Hierarchy Level

[edit logical-routers logical-router-name protocols ospf area area-id

interface interface-name],

[edit logical-routers logical-router-name protocols ospf area area-id

virtual-link],

[edit logical-routers logical-router-name routing-instances

routing-instance-name

protocols ospf area area-id interface interface-name],

[edit logical-routers logical-router-name routing-instances

routing-instance-name

protocols ospf area area-id virtual-link],

[edit protocols ospf area area-id interface interface-name],

[edit protocols ospf area area-id virtual-link],

[edit routing-instances routing-instance-name protocols ospf area

area-id interface

interface-name],

[edit routing-instances routing-instance-name protocols ospf area

area-id virtual-link]

Release Information

Statement introduced before JUNOS Release 7.4.

Description

Configure an authentication key (password). Neighboring routers use the

password to verify the authenticity of packets sent from this interface.

All routers that are connected to the same IP subnet must use the same

authentication scheme and password.

Options

The statements are explained separately.

Usage Guidelines

See "Configuring Authentication for OSPFv2".

Required Privilege Level

routing--To view this statement in the configuration.

routing-control--To add this statement to the configuration.

authentication-type

> file list 可以查看当前位置下的文件,也可以加上具体文件位置例如/var/home等

/var/home/huxiaoming/:

.ssh/

> file list /dev 硬件也是以文件的形式可显示的

> file list /packages 查看加载的内容

/packages:

check.jpfe*

cleanup-pkgs@ -> /packages/mnt/jbase/sbin/cleanup-pkgs

jbase@ -> jbase-8.5R1.14

jbase-8.5R1.14

jbase-8.5R1.14.md5

jbase-8.5R1.14.sha1

jbase.symlinks

jcrypto@ -> jcrypto-8.5R1.14

jcrypto-8.5R1.14

jcrypto-8.5R1.14.md5

jcrypto-8.5R1.14.sha1

jcrypto.symlinks

jdocs@ -> jdocs-8.5R1.14

jdocs-8.5R1.14

jdocs-8.5R1.14.md5

jdocs-8.5R1.14.sha1

jdocs.symlinks

jkernel@ -> jkernel-8.5R1.14

jkernel-8.5R1.14

jkernel-8.5R1.14.md5

jkernel-8.5R1.14.sha1

jkernel.symlinks

jpfe@ -> jpfe-M40-8.5R1.14

jpfe-M40-8.5R1.14

jpfe-M40-8.5R1.14.md5

jpfe-M40-8.5R1.14.sha1

jpfe-common@ -> jpfe-common-8.5R1.14

jpfe-common-8.5R1.14

jpfe-common-8.5R1.14.md5

jpfe-common-8.5R1.14.sha1

jpfe-common.symlinks

jpfe.symlinks

jroute@ -> jroute-8.5R1.14

jroute-8.5R1.14

jroute-8.5R1.14.md5

jroute-8.5R1.14.sha1

jroute.symlinks

jweb@ -> jweb-8.5R1.14

jweb-8.5R1.14

jweb-8.5R1.14.md5

jweb-8.5R1.14.sha1

jweb.symlinks

mnt/

mount.jcrypto@ -> mount.jcrypto-8.5R1.14

mount.jcrypto-8.5R1.14*

mount.jdocs@ -> mount.jdocs-8.5R1.14

mount.jdocs-8.5R1.14*

mount.jkernel@ -> mount.jkernel-8.5R1.14

mount.jkernel-8.5R1.14*

mount.jpfe@ -> mount.jpfe-M40-8.5R1.14

mount.jpfe-M40-8.5R1.14*

mount.jpfe-common@ -> mount.jpfe-common-8.5R1.14

mount.jpfe-common-8.5R1.14*

mount.jroute@ -> mount.jroute-8.5R1.14

mount.jroute-8.5R1.14*

mount.jweb@ -> mount.jweb-8.5R1.14

mount.jweb-8.5R1.14*

umount.jcrypto@ -> umount.jcrypto-8.5R1.14

umount.jcrypto-8.5R1.14*

umount.jdocs@ -> umount.jdocs-8.5R1.14

umount.jdocs-8.5R1.14*

umount.jkernel@ -> umount.jkernel-8.5R1.14

umount.jkernel-8.5R1.14*

umount.jpfe@ -> umount.jpfe-M40-8.5R1.14

umount.jpfe-M40-8.5R1.14*

umount.jpfe-common@ -> umount.jpfe-common-8.5R1.14

umount.jpfe-common-8.5R1.14*

umount.jroute@ -> umount.jroute-8.5R1.14

umount.jroute-8.5R1.14*

umount.jweb@ -> umount.jweb-8.5R1.14

umount.jweb-8.5R1.14*

> filelist/cf/packages 在SRX上也可以使用这样的命令来查看

/cf/packages:

junos@ -> junos-10.0R1.8-domestic

junos-10.0R1.8-domestic

junos-10.0R1.8-domestic.certs

junos-10.0R1.8-domestic.sha1

junos-10.0R1.8-domestic.sig

mnt/

    • 评论
    • 分享微博
    • 分享邮件
    邮件订阅

    如果您非常迫切的想了解IT领域最新产品与技术信息,那么订阅至顶网技术邮件将是您的最佳途径之一。

    重磅专题
    往期文章
    最新文章