Category Archives: Juniper

Renewing my JNCIP-ENT

Once you got the email from the vendor saying something like “Your certification is about to expire”, the only thing which come to my mind is “Dam it! Again…..”

So long story short, the exam is 120 minutes, 65 questions  and the same blueprint from last time. The only change i noticed was the Junos Software release, it is 15.1 now
I used my notes here from my previous studies.
There is another exam to achieve the JNCIP-ENT (JN0-646) which has the same blueprint but uses an Enhanced Layer 2 Software (ELS). The CLI it’s slightly on switching configs.

I got 73%, so it’s a pass! Maybe i get energy to face the JNCIE before i receive again the famous email “…about to expire”

I don’t remember the price of the JNCIP exam because i did it 3 years ago, but by the priced published by PearsonVue it increased apparently

Share

Juniper Networks Certified Expert Data Center (JNCIE-DC) Open for Registration

At the pinnacle of the Data Center certification track is the 1-day JNCIE-DC practical exam. This exam is designed to validate the networking professionals’ ability to deploy, configure, manage, and troubleshoot Junos-based platforms. Throughout this 8-hour practical exam, candidates will build a data center network consisting of multiple MX Series and QFX Series devices. Successful candidates will perform system configuration on all devices including management capabilities, a Clos IP fabric, EVPN/VXVLAN, DCI, and CoS features.

The JNCIE-DC is valid for three years. Recertification is achieved by passing the current version of the JNCIP-DC exam or by attending a corresponding course.

Exam Overview

Exam code: JPR-980

Lab Exam (Hands-on Lab)

Held at selected Juniper Networks testing centers

Exam length: 8 hours

Prerequisite certification: JNCIP-DC

The lab will be available 3 April 2017

Junos Software Release:

  • MX80 3D Universal Edge Router: 16.1
  • QFX5100 Ethernet Switch: 14.1
  • vMX 3D Universal Edge Router: 15.1
  • vSRX Services Gateway: 12.1

Topics for the Exam

    Management

  • On-box Scripts
    • Event scripts
    • Commit scripts
    • Operation scripts
  • Junos Space
    • Auto discover
    • Configuration management
  • ZTP
    • Initial provisioning of QFX switches using a CentOS DHCP server
  • NETCONF

   Layer 2 Underlay

  • VCF configurations
    • Master and backup RE
    • Inactive state VCF member
    • VCP port setup
  • Convert interface speed
    • 40G to 4x10G
  • MC-LAG
    • Interchassis link (ICL) redundancy
    • IRB MAC Sync
    • Layer 3 gateway function
    • ICCP

Layer 3 Underlay

  • BGP for an IP Clos fabric
    • Clos IP fabric
    • Loopback interface for routing updates
    • EBGP in an IP fabric
    • Avoid blackholing traffic
    • Routing policies

    Controllerless Overlay

  • EVPN control plane
    • EVPN signaling
    • EVPN routes
    • VNI target communities
    • Prevent suboptimal routing
    • Inter-VRF routing
    • Automatic route-target
    • Load balancing
    • Anycast Gateway
  • EVPN/VXLAN
    • Virtual tunnel end point function
    • VXLAN learning process
    • MAC address learning
    • Passing traffic between VNIs

    Data Center Interconnect (DCI)

  • DCI
    • EVPN signaled VXLAN
    • L3VPN implementation
    • EVPN MPLS

    Security

  • Control plane protection
    • Firewall filters
    • Role-base access control (RBAC)
  • SRX Series device as a gateway
    • Security zones
    • Security policies

    Class of Service (CoS)

  • CoS features
    • Loss priority
    • Rewrite rules
    • Shaping and policing
    • Scheduling
    • BA and MF classification
    • Drop profiles
    • Traffic control profiles

Share

Juniper New SDN and Automation Track

Juniper updated their Certification Program with a new Track, SDN and Automation. A Specialist exam (JN0-410) is only available for now,  JNCIA is a pre-requirement, but the Professional level should be expected next year (2017). This exam covers SDN foundations, NFV, Contrail and OpenStack Platforms.

juniper_cert_program_nov2016

This list provides a general view of the skill set required to successfully complete the specified certification exam. Topics listed are subject to change.

  • SDN Theory and Applications
  • OpenStack
  • Contrail
  • Contrail Service Chaining
  • Contrail Analytics
  • Troubleshooting

SDN Theory and Applications

  • Identify SDN concepts.
    • SDN definitions
    • SDN versus NFV
    • SDN applications (data center, enterprise, WAN, transport networks)

OpenStack

  • Identify OpenStack concepts.
    • Components (Nova, Neutron, and so on)
    • VM creation
    • Tenancy
    • Network policies
  • Demonstrate knowledge of configuring, monitoring, or implementing OpenStack.
    • VM creation
    • Snapshots

Contrail

  • Identify Contrail architectural concepts.
    • Controller versus orchestration
    • Node types
    • vRouters
    • Layer 2 versus Layer 3 overlay networks
    • Contrail API
    • Storage
    • Route distribution, protocols
  • Demonstrate knowledge of configuring, monitoring, or implementing Contrail.
    • Traffic path verification
    • Configuration process, dependencies
    • Analytic node configuration

Contrail Service Chaining

  • Identify Contrail service chaining concepts.
    • In-network service chain
    • Transparent service chain
    • Source NAT
    • Heat templates
  • Demonstrate knowledge of configuring, monitoring, or implementing Contrail service chaining.
    • Analyzer service virtual machine
    • Third-party services
    • Traffic path verification

Contrail Analytics

  • Identify Contrail analytics concepts.
    • Infrastructure workspace
    • Networking workspace
    • Traffic analysis
  • Demonstrate knowledge of configuring, monitoring, or implementing Contrail analytics.
    • Underlay and overlay monitoring
    • Event monitoring
    • Traffic monitoring

Troubleshooting

  • Demonstrate knowledge of troubleshooting Contrail.
    • Route availability in the controller
    • Virtual router programming
    • Contrail CLI commands
    • Fabric scripts
    • Contrail Introspect
    • vRouter commands
    • Top of rack service node (TSN)
  • Demonstrate knowledge of troubleshooting OpenStack.
    • Log monitoring
    • Privilege, authentication
    • Component interaction

References:

Juniper Networks Certified Specialist SDN and Automation (JNCIS-SDNA)

Share

Renew your Expired Juniper Certification until March 2017

The JNCP is offering a recertification grace period to candidates whose certifications expired in 2016. Expired certifications may be renewed between January 1, 2017 and March 31, 2017 by taking the same or higher level exam or using the Continuing Education option. This means candidates with Specialist through Expert-level certifications that have expired do not have to start at the JNCIA-level.

To renew an expired certification, candidates must pass the appropriate exam or attend an appropriate course by March 31, 2017. See the Recent News section of the Certification Website for instructions on how to take advantage of this offer

Share

Juniper new Champion Program Design Track

Juniper launched the new Champion Program Design Track through the Innovative Level! This new track complements their existing program for Routing, Switching, Security, Enterprise, and Service Provider, featuring the same program policies and reward structure.

Current components of the track are available to achieve Aspiring and Innovative Champion levels; the Ingenious tier is planned for 2017 when the professional-level design certifications become available.

You can find the design track by logging into your Learning Academy account and navigating to the new offering in the “My Curriculum” section.

My status today:

juniper_champion_design_track_status

References:

Champion Partner Program

Share

New Juniper Service Provider Routing and Switching JN0-661 Exam

On July 7, 2016 the JN0-660 Service Provider Routing and Switching exam will be replaced with the JN0-661 Service Provider Routing and Switching exam.

Detailed exam information for the  Service Provider Routing and Switching exam can be found here.

“Automation” piece is no covered on new exam

Detailed Exam Objectives include:

  • OSPF
  • IS-IS
  • BGP
  • Class of Service (CoS)
  • IP Multicast
  • MPLS
  • Layer 3 VPNs
  • Layer 2 VPNs

Share

BGP Free Core

“BGP Free Core” is a typical topology in MPLS Service Provider Networks where you run IGP+Label. This allows traffic to transit over devices which don’t know traffic final destination, instead they look only for labels, bring more performance at the end. MPLS allow applications such as L2VPN, L3VPN and much more.

bgp-free-core

Normal Forwarding

In normal forwarding traffic towards to destination will go hop-by-hop (lookup next-hop) until reach destination

R4#show ip route
Codes: L – local, C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
ia – IS-IS inter area, * – candidate default, U – per-user static route
o – ODR, P – periodic downloaded static route, H – NHRP, l – LISP
a – application route
+ – replicated route, % – next hop override

Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 20 subnets, 2 masks
i L2     10.1.1.1/32 [115/30] via 10.4.12.12, 00:13:18, GigabitEthernet1.412
[115/30] via 10.2.4.2, 00:13:18, GigabitEthernet1.24
i L2     10.1.2.0/24 [115/20] via 10.2.4.2, 00:13:18, GigabitEthernet1.24
i L2     10.1.11.0/24 [115/30] via 10.4.12.12, 00:13:18, GigabitEthernet1.412
[115/30] via 10.2.4.2, 00:13:18, GigabitEthernet1.24
i L2     10.1.12.0/24 [115/20] via 10.4.12.12, 00:15:50, GigabitEthernet1.412
i L2     10.2.2.2/32 [115/20] via 10.2.4.2, 00:13:18, GigabitEthernet1.24
C        10.2.4.0/24 is directly connected, GigabitEthernet1.24
L        10.2.4.4/32 is directly connected, GigabitEthernet1.24
i L2     10.2.11.0/24 [115/20] via 10.2.4.2, 00:13:18, GigabitEthernet1.24
i L2     10.2.12.0/24 [115/20] via 10.4.12.12, 00:13:18, GigabitEthernet1.412
[115/20] via 10.2.4.2, 00:13:18, GigabitEthernet1.24
i L2     10.2.13.0/24 [115/20] via 10.4.13.13, 00:13:18, GigabitEthernet1.413
[115/20] via 10.2.4.2, 00:13:18, GigabitEthernet1.24
C        10.4.4.4/32 is directly connected, Loopback0
C        10.4.12.0/24 is directly connected, GigabitEthernet1.412
L        10.4.12.4/32 is directly connected, GigabitEthernet1.412
C        10.4.13.0/24 is directly connected, GigabitEthernet1.413
L        10.4.13.4/32 is directly connected, GigabitEthernet1.413
i L2     10.11.11.11/32
[115/30] via 10.4.12.12, 00:13:18, GigabitEthernet1.412
[115/30] via 10.2.4.2, 00:13:18, GigabitEthernet1.24
i L2     10.11.12.0/24 [115/20] via 10.4.12.12, 00:15:50, GigabitEthernet1.412
i L2     10.12.12.12/32
[115/20] via 10.4.12.12, 00:15:50, GigabitEthernet1.412
i L2     10.12.13.0/24 [115/20] via 10.4.13.13, 00:15:50, GigabitEthernet1.413
[115/20] via 10.4.12.12, 00:15:50, GigabitEthernet1.412
i L2     10.13.13.13/32
[115/20] via 10.4.13.13, 00:15:50, GigabitEthernet1.413

R4#show ip cef
Prefix               Next Hop             Interface
0.0.0.0/0            no route
0.0.0.0/8            drop
0.0.0.0/32           receive
10.1.1.1/32          10.2.4.2             GigabitEthernet1.24
10.4.12.12           GigabitEthernet1.412
10.1.2.0/24          10.2.4.2             GigabitEthernet1.24
10.1.11.0/24         10.2.4.2             GigabitEthernet1.24
10.4.12.12           GigabitEthernet1.412
10.1.12.0/24         10.4.12.12           GigabitEthernet1.412
10.2.2.2/32          10.2.4.2             GigabitEthernet1.24
10.2.4.0/24          attached             GigabitEthernet1.24
10.2.4.0/32          receive              GigabitEthernet1.24
10.2.4.2/32          attached             GigabitEthernet1.24
10.2.4.4/32          receive              GigabitEthernet1.24
10.2.4.255/32        receive              GigabitEthernet1.24
10.2.11.0/24         10.2.4.2             GigabitEthernet1.24

What is the exact path(or multiple)?

R4#trace 10.1.1.1
Type escape sequence to abort.
Tracing the route to 10.1.1.1
VRF info: (vrf in name/id, vrf out name/id)
1 10.2.4.2 3 msec
10.4.12.12 4 msec
10.2.4.2 3 msec
2 10.1.12.1 3 msec
10.1.2.1 3 msec
10.1.12.1 2 msec

CSR-4#show mpls forwarding-table
no MPLS apps enabled or MPLS not enabled on any interfaces

MPLS Forwarding

On MPLS we have LIB and LFIB. LIB essentially holds all the labels and associated information, while LFIB do the forwarding based on incoming labeled packets. CEF is a pre-requirement to run MPLS.
For MPLS the routing table (RIB) still the same as we see on Normal Forwarding.

This is the LFIB table….

R4#show mpls forwarding-table
Local      Outgoing   Prefix           Bytes Label   Outgoing   Next Hop
Label      Label      or Tunnel Id     Switched      interface
16         Pop Label  10.12.12.12/32   0             Gi1.412    10.4.12.12
17         Pop Label  10.13.13.13/32   0             Gi1.413    10.4.13.13
18         Pop Label  10.1.12.0/24     0             Gi1.412    10.4.12.12
19         Pop Label  10.2.12.0/24     0             Gi1.24     10.2.4.2
Pop Label  10.2.12.0/24     0             Gi1.412    10.4.12.12
20         Pop Label  10.11.12.0/24    0             Gi1.412    10.4.12.12
21         Pop Label  10.12.13.0/24    0             Gi1.412    10.4.12.12
Pop Label  10.12.13.0/24    0             Gi1.413    10.4.13.13
22         Pop Label  10.2.13.0/24     0             Gi1.24     10.2.4.2
Pop Label  10.2.13.0/24     0             Gi1.413    10.4.13.13
23         22         10.11.11.11/32   0             Gi1.24     10.2.4.2
24001      10.11.11.11/32   0             Gi1.412    10.4.12.12
24         16         10.1.1.1/32      0             Gi1.24     10.2.4.2
24003      10.1.1.1/32      0             Gi1.412    10.4.12.12
25         17         10.1.11.0/24     0             Gi1.24     10.2.4.2
24004      10.1.11.0/24     0             Gi1.412    10.4.12.12
26         Pop Label  10.2.11.0/24     0             Gi1.24     10.2.4.2
27         Pop Label  10.1.2.0/24      0             Gi1.24     10.2.4.2
28         Pop Label  10.2.2.2/32      0             Gi1.24     10.2.4.2

Doing a trace to R1 we get a labeled path

R4#trace 10.1.1.1
Type escape sequence to abort.
Tracing the route to 10.1.1.1
VRF info: (vrf in name/id, vrf out name/id)
1 10.2.4.2 [MPLS: Label 16 Exp 0] 3 msec
10.4.12.12 [MPLS: Label 24003 Exp 0] 10 msec
10.2.4.2 [MPLS: Label 16 Exp 0] 3 msec
2 10.1.12.1 3 msec
10.1.2.1 3 msec *

Share