Tag Archives: Fast Track

Half voucher for JNCIS-SP JN0-360

After do the preassessment for JNCIS-SP (FastTrack Program) exam i received the message below with the voucher code (50% off price), and because i used another voucher to do this exam i will not use it.

Feel free to use it :) and happy new year!

Congratulations on passing the JNCIS-SP Pre-assessment Exam! Your next step is to visit the Pearson VUE website to find one of 5,000 test sites near you, schedule your live exam and redeem your discount voucher during the registration process.

Voucher ID: JNFT8E445544

Voucher valid for 90 days

Expiration Date: Friday, March 27, 2015, you will need to register and sit for your exam before this date.

Exame JNCIS-SP JN0-360

Ontem realizei o exame JN0-360 da Juniper, este exame é também abrangido pelo “Fast track Program” e como tal 50% desconto se passar no assessment. Terei que aprofundar os conhecimentos em alguns dos tópicos tais como:IS-IS, Layer 2 VPNs

Pré-Requisitos

É necessário ter o JNCIA-Junos

Material de Estudo

Como material de estudo usei os documentos disponibilizados pela Juniper, para realizar o download será necessário realizar o registo no Learning Portal, este passo é importante pois o Pre-assessment que irá garantir o voucher será realizado apartir deste.

Para testar tecnologias como routing o Juniper Olive é perfeito, basicamente  é um junOS virtualizado/emulado. As relacionadas com Switching/High Availability/ Layer 2/3 VPNs entre outras usei os Virtual Labs (acho que só os partners têm acesso), o único senão é que a release dos EX/MX é a 11.x e a recomendada para estudo é a 14.1.

Deixo aqui as minhas notas para download, não estão tão resumidas como gostaria….

Em suma os passos foram:

Importante:É necessário estar autenticado no Learning Portal para aceder aos conteúdos

Após autenticar, abrir Fast Track Portal, são exibidas 2 colunas, abaixo encontra-se representada a coluna da direita. Escolher os recursos de estudo “Review study resources”

junos-ftrack_jncis-sp

Nota: Caso contenha um cadeado significa que ainda não se encontra autenticado

1. Praticar através dos 3 guides disponibilizados no Fast Track Portal

junos-ftrack_jncis-sp_guides

2. Day One Guides

3. Rever alguns dos Learning Bytes

4.Praticar os 2 testes de conhecimento
4.1  Practise Test
4.2  Pre-assessment Oficial (para obter o voucher)

Nota: Neste caso como realizei com sucesso aparece o resultado, mas deverá aparecer um link

Após passar o Pre-assessment Oficial, o voucher será enviado para o email registado no Learning Portal.

De seguida, agendar o Exame final em www.pearsonvue.com e usar o voucher :)

Objectivos Exame inclui:

  • Protocol-Independent Routing
  • Open Shortest Path First (OSPF)
  • Intermediate System to Intermediate System (IS-IS)
  • Border Gateway Protocol (BGP)
  • Layer 2 Bridging and VLANs
  • Spanning-Tree Protocols
  • Multiprotocol Label Switching (MPLS) and MPLS VPNs
  • IPv6
  • Tunnels
  • High Availability
**Clique para expandir/colapsar os objectivos em detalhe**

Exame

A prova tem a duração de 90 minutos com 70 questões. O minimo para passar é de 64%

Resultado

Como é hábito o resultado é provisório, mas recebi há minutos atrás o resultado final e Passei!

Para não haver dúvidas segundo o CertManager, é oficial. Agora é hora de descansar por uns dias!

juniper_certmanager_30122014

Este é o logo oficial

jncis-ent

Referências:

Juniper Fast Track

Juniper Learning Portal

Juniper JNCIS-SP

Junos documentation

Junos documentation for EX Series switches

Junos documentation for MX Series

Juniper Certificações Junho 2013

Exame JNCIA-Junos JN0-102

Notas estudo JNCIS-ENT parte 17

Nota: Este Post faz parte do guide de Routing.

[email protected]# run show isis interface
IS-IS interface database:
Interface L CirID Level 1 DR Level 2 DR L1/L2 Metric
em0.0 3 0x2 R2.00 R2.02 1000/10
em1.0 3 0x3 R2.03 R2.00 10/10
lo0.0 0 0x1 Passive Passive 0/0

Campos do output do comando show isis interface:
interface-name (detail output only) – Displays the name of the interface;
Index (detail output only) – Displays the interface index assigned by the junOS OS kernel;
State (detail output only) – Displays the internal implementation information;
Circuit ID (detail output only) – Displays the circuit identifier;
Circuit type (detail output only) – Displays the circuit type, which can be 1 —Level 1 only, 2 —Level 2 only, or 3 — Level 1 and Level 2;
LSP interval (detail output only) – Displays the interface’s link-state PDU interval;
Sysid (detail output only) – Displays the system identifier;
Interface (brief output only) – Displays the interface through which the adjacency is made.
Level 1 DR/Level 2 DR (brief output only) – Displays the Level 1 or Level 2 DIS;
L1/L2 Metric: Displays the interface’s metric for Level 1 and Level 2. If no information is present, the metric is 0;
Adjacencies (detail output only) – Displays the number of adjacencies established on the interface;
Priority (detail output only) – Displays the priority value for this interface;
Metric (detail output only) – Displays the metric value for this interface;
Hello(s) (detail output only) – Displays the interface’s hello interval; and
Hold(s) (detail output only) – Displays the interface’s hold time.

[email protected]# run show isis database
IS-IS level 1 link-state database:
LSP ID Sequence Checksum Lifetime Attributes
R1.00-00 0x1d 0xc00e 737 L1
R2.00-00 0x1a 0x1c02 341 L1 L2 Attached
R2.03-00 0x13 0x225d 341 L1 L2
3 LSPs

IS-IS level 2 link-state database:
LSP ID Sequence Checksum Lifetime Attributes
R1.00-00 0x5 0xa4c4 699 L1 L2
R2.00-00 0x21 0x6045 761 L1 L2
R2.02-00 0x16 0x4b30 341 L1 L2
R2.03-00 0x3 0 0 L1 L2
R3.00-00 0x1b 0x5e41 1013 L1 L2
5 LSPs

Campos do output do comando show isis database:
LSP ID – Displays the link-state PDU identifier;
Sequence – Displays the sequence number of the link-state PDU;
Checksum – Displays the checksum value of the link-state PDU;
Lifetime (secs) – Displays the remaining lifetime of the link-state PDU, in seconds;
IP prefix (detail and extensive output only) – Displays the prefix advertised by the link-state PDU;
IS neighbor (detail output only) – Displays an IS-IS neighbor of the advertising system; and
Metric (detail and extensive output only) – Displays the metric of the prefix or neighbor.

[email protected]# run show isis adjacency
Interface System L State Hold (secs) SNPA
em0.0 R3 2 Up 23 0:ab:44:8:f8:0
em1.0 R1 1 Up 25 0:ab:ae:99:e3:0

Interface – Displays the interface through wh ich the neighbor is reachable.
System (brief output only) – Displays the system identifier, printed as a name if possible.
L – Displays the level, which can be 1 —Level 1 only; 2 —Level 2 only;
or 3 —Level 1 and Level 2. An exclamation point ( ! ) preceding the level number indicates that the adjacency is missing an IP address.
State – Displays the state of the adjacency. It can be Up, Down, New , One-way, Initializing, or Rejected .
Hold (secs) (brief/standard output only) – Displays the remaining hold time of the adjacency. Note that the show isis adjacency command returns brief output by default.
SNPA (brief output only) – Displays the SNPA (MAC address of the next hop).

[email protected]# run show isis adjacency detail
R3
Interface: em0.0, Level: 2, State: Up, Expires in 24 secs
Priority: 64, Up/Down transitions: 1, Last transition: 00:14:29 ago
Circuit type: 3, Speaks: IP, IPv6, MAC address: 0:ab:44:8:f8:0
Topologies: Unicast
Restart capable: Yes, Adjacency advertisement: Advertise
LAN id: R2.02, IP addresses: 10.1.23.3

R1
Interface: em1.0, Level: 1, State: Up, Expires in 26 secs
Priority: 64, Up/Down transitions: 3, Last transition: 03:04:35 ago
Circuit type: 3, Speaks: IP, IPv6, MAC address: 0:ab:ae:99:e3:0
Topologies: Unicast
Restart capable: Yes, Adjacency advertisement: Advertise
LAN id: R2.03, IP addresses: 10.1.12.1

Campos do output do comando show isis adjacency detail:
Expires in (detail output only): Displays the time until the adjacency expires, in seconds;
Priority (detail output only): Displays the priority to become the DIS;
Up/Down transitions (detail output only): Displays the count of adjacency status changes from up to down or from down to up;
Last transition (detail output only): Displays the time of the last up or down transition;
Circuit type (detail output only): Displays the bit mask of levels on this interface, which can be 1 —Level 1 router, 2 —Level 2 router, or 1/2 —both Level 1 and Level 2 routers;
Speaks (detail output only): Displays the protocols supported by the neighbor; and
IP addresses (detail output only): Displays the IP address of the neighbor.

[email protected]# run show isis spf log
IS-IS level 1 SPF log:
Start time Elapsed (secs) Count Reason
Fri Jul 25 19:01:08 0.000200 3 Lost adjacency R3 on em0.0
Fri Jul 25 19:01:16 0.000189 2 Multi area attachment change
Fri Jul 25 19:15:55 0.000791 1 Periodic SPF
Fri Jul 25 19:19:08 0.000194 1 Updated LSP R3.00-00
Fri Jul 25 19:33:52 0.000201 1 Periodic SPF
Fri Jul 25 19:46:27 0.000353 1 Periodic SPF
Fri Jul 25 19:58:41 0.000201 1 Periodic SPF
Fri Jul 25 20:12:13 0.000216 1 Periodic SPF
Fri Jul 25 20:24:59 0.000187 1 Periodic SPF
Fri Jul 25 20:36:44 0.000276 1 Periodic SPF
Fri Jul 25 20:49:43 0.000207 1 Periodic SPF
Fri Jul 25 21:03:50 0.000207 1 Periodic SPF
Fri Jul 25 21:15:21 0.000252 1 Periodic SPF
Fri Jul 25 21:25:16 0.000215 1 Updated LSP R1.00-00
Fri Jul 25 21:25:26 0.000209 1 Updated LSP R1.00-00
Fri Jul 25 21:25:30 0.000123 1 Updated LSP R1.00-00
Fri Jul 25 21:25:41 0.000222 1 Updated LSP R1.00-00
Fri Jul 25 21:31:15 0.000191 3 Multi area attachment change
Fri Jul 25 21:32:21 0.000180 3 Multi area attachment change
Fri Jul 25 21:38:59 0.000193 1 Updated LSP R1.00-00

IS-IS level 2 SPF log:
Start time Elapsed (secs) Count Reason
Fri Jul 25 18:55:55 0.000060 1 Updated LSP R2.00-00
Fri Jul 25 19:01:08 0.000126 7 Lost adjacency R3 on em0.0
Fri Jul 25 19:01:09 0.000174 2 Updated LSP R2.00-00
Fri Jul 25 19:01:16 0.000388 1 Updated LSP R3.00-00
Fri Jul 25 19:13:30 0.000202 1 Periodic SPF
Fri Jul 25 19:26:28 0.000536 1 Periodic SPF
Fri Jul 25 19:38:54 0.000185 1 Periodic SPF
Fri Jul 25 19:52:54 0.000195 1 Periodic SPF
Fri Jul 25 20:07:49 0.000206 1 Periodic SPF
Fri Jul 25 20:19:58 0.000199 1 Periodic SPF
Fri Jul 25 20:34:46 0.000226 1 Periodic SPF
Fri Jul 25 20:46:44 0.000184 1 Periodic SPF
Fri Jul 25 21:00:02 0.000180 1 Periodic SPF
Fri Jul 25 21:14:24 0.000211 1 Periodic SPF
Fri Jul 25 21:25:16 0.000101 6 Topologies changed for adjacency R1 on em1.0
Fri Jul 25 21:25:30 0.000090 2 Purging LSP R1.00-00
Fri Jul 25 21:25:36 0.000063 1 Updated LSP R1.00-00
Fri Jul 25 21:31:15 0.000301 3 Lost adjacency R3 on em0.0
Fri Jul 25 21:32:21 0.000266 5 Topologies changed for adjacency R3 on em0.0
Fri Jul 25 21:39:21 0.000218 3 Lost adjacency R1 on em1.0

Campos do output do comando show isis spf log:
Node: Displays the system ID of a node;
Metric : Displays the metric to the node;
Interface: Displays the interface of the next hop;
Via : Displays the system ID of the next hop;
SNPA: Displays the SNPA (MAC address of the next hop);
Start time (log output only): Displays the time that the SPF computation started;
Elapsed time (log output only): Displays the length of time required to complete the SPF computation in seconds;
Count (log output only): Displays the number of times the SPF was triggered; and
Reason (log output only): Displays the reason that the SPF computation was completed.

[email protected]# run show isis statistics
IS-IS statistics for R2:
PDU type Received Processed Drops Sent Rexmit
LSP 75 75 0 186 0
IIH 5404 54 1567 12380 0
CSNP 0 0 0 2784 0
PSNP 7 7 0 0 0
Unknown 0 0 0 0 0
Totals 5486 136 1567 15350 0

Total packets received: 5486 Sent: 15350

SNP queue length: 0 Drops: 0
LSP queue length: 0 Drops: 0
SPF runs: 76
Fragments rebuilt: 112
LSP regenerations: 50
Purges initiated: 7

Campos do output do comando show isis statistics:
PDU type : Displays the PDU type.
Received : Displays the number of PDUs received since IS-IS started or since the statistics were zeroed.
Processed: Displays the number of PDUs received minus the number dropped.
Drops: Displays the number of dropped PDUs.
Sent: Displays the number of PDUs transmitted since IS-IS started or since the statistics were zeroed.
Rexmit : Displays the number of PDUs retransmitted since IS-IS started or since the statistics were zeroed.
Total packets received/sent: Displays the total number of PDUs received and transmitted since IS-IS started or since the statistics were zeroed.
SNP queue length : Displays the number of CSNPs and PSNPs sitting on the sequence number packets (SNP) queue waiting for processing. This value is almost always 0.
LSP queue length : Displays the number of link-state PDUs sitting on the link-state PDU queue waiting for processing. This value is almost always 0.
SPF runs : Displays the number of SPF calculations performed. If this number is incrementing rapidly, it indicates that the network is unstable.
Fragments rebuilt: Displays the number of link-state PDU fragments that the local system has computed.
LSP regenerations: Displays the number of link-state PDUs that were regenerated. A link-state PDU is regenerated when it is nearing the end of its lifetime and it has not changed.
Purges initiated: Displays the number of purges that the system initiated. A purge is initiated if the software decides that a link-state PDU must be removed from the network.

[email protected]# run show isis route
IS-IS routing table Current version: L1: 36 L2: 40
IPv4/IPv6 Routes
—————-
Prefix L Version Metric Type Interface NH Via
10.10.10.1/32 1 36 10 int em1.0 IPV4 R1
10.10.10.3/32 2 40 10 int em0.0 IPV4 R3

Campos do output do comando show isis route:
Current version: Displays the number of the current version of the IS-IS routing table.
L1: Displays the version of the Level 1 SPF that was run.
L2: Displays the version of the Level 2 SPF that was run.
Prefix : Displays the destination of the route.
L : Displays the level, which can be 1 —Level 1 only; 2 —Level 2 only; and 3 —Level 1 and Level 2.
Version: Displays the version (or run) of SPF that generated the route.
Metric : Displays the metric value associated with the route.
Type: Displays the metric type. It can be int (internal) or ext (external).
Interface: Displays the interface to the next hop.
Via : Displays the system ID of the next hop, displayed as a name if possible.

[email protected]# run show isis database extensive
IS-IS level 1 link-state database:

R1.00-00 Sequence: 0x1d, Checksum: 0xc00e, Lifetime: 700 secs
IS neighbor: R2.03 Metric: 10
Two-way fragment: R2.03-00, Two-way first fragment: R2.03-00
IP prefix: 10.1.12.0/24 Metric: 10 Internal Up
IP prefix: 10.10.10.1/32 Metric: 0 Internal Up

Header: LSP ID: R1.00-00, Length: 141 bytes
Allocated length: 284 bytes, Router ID: 10.10.10.1
Remaining lifetime: 700 secs, Level: 1, Interface: 66
Estimated free bytes: 164, Actual free bytes: 143
Aging timer expires in: 700 secs
Protocols: IP, IPv6

Packet: LSP ID: R1.00-00, Length: 141 bytes, Lifetime : 1198 secs
Checksum: 0xc00e, Sequence: 0x1d, Attributes: 0x1 <L1>
NLPID: 0x83, Fixed length: 27 bytes, Version: 1, Sysid length: 0 bytes
Packet type: 18, Packet version: 1, Max area: 0

TLVs:
Area address: 49.0001 (3)
Speaks: IP
Speaks: IPV6
IP router id: 10.10.10.1
IP address: 10.10.10.1
Hostname: R1
IS neighbor: R2.03, Internal, Metric: default 10
IS extended neighbor: R2.03, Metric: default 10
IP address: 10.1.12.1
Local interface index: 64, Remote interface index: 0
IP prefix: 10.1.12.0/24, Internal, Metric: default 10, Up
IP prefix: 10.10.10.1/32, Internal, Metric: default 0, Up
IP extended prefix: 10.1.12.0/24 metric 10 up
IP extended prefix: 10.10.10.1/32 metric 0 up
No queued transmissions

Campos do output do comando show isis database extensive:
LSP ID : Displays the link-state PDU identifier;
Sequence : Displays the sequence number of the link-state PDU;
Checksum : Displays the checksum value of the link-state PDU;
Lifetime (in seconds): Displays the remaining lifetime of the link-state PDU, in seconds;
IP prefix (detail and extensive output only): Displays the prefix advertised by this link-state PDU;
IS neighbor (detail output only): Displays an IS-IS neighbor of the advertising system; and
Metric (detail and extensive output only): Displays the metric of the prefix or neighbor.

IP Configuration is Not necessary

O IS-IS permite formar adjacencias entre neighbors que não estejam configurados com a mesma subnet, isto porque não se baseia no IP.

Troubleshooting No adjacency

Mismatched Areas
MTU minimo 1492
Sem NET configurado

Referências:

Notas estudo JNCIS-ENT parte 1

Notas estudo JNCIS-ENT parte 2

Notas estudo JNCIS-ENT parte 3

Notas estudo JNCIS-ENT parte 4

Notas estudo JNCIS-ENT parte 5

Notas estudo JNCIS-ENT parte 6

Notas estudo JNCIS-ENT parte 7

Notas estudo JNCIS-ENT parte 8

Notas estudo JNCIS-ENT parte 9

Notas estudo JNCIS-ENT parte 10

Notas estudo JNCIS-ENT parte 11

Notas estudo JNCIS-ENT parte 12

Notas estudo JNCIS-ENT parte 13

Notas estudo JNCIS-ENT parte 14

Notas estudo JNCIS-ENT parte 15

Notas estudo JNCIS-ENT parte 16

Notas estudo JNCIS-ENT parte 16

Nota: Este Post faz parte do guide de Routing.

Appendix B IS-IS

IS-IS Protocol

Protocolo IGP, usa informação link-state e o algoritmo SPF a semelhança do OSPF

ISO

Protocolo desenvolvido pelo International Organization for Standardization (ISO) para o ISO’s Connectionless
Network Protocol (CLNP), descrito no ISO 10589

Dual IS-IS

Extensão do IS-IS para suportar a transição de TCP/IP para OSI. Também conhecido como integrated IS-IS. O Protocolo foi desenhado para suportar CLNP e IP, podendo opera-los em simultâneo.

Single Algorithm

Apenas e usado um algoritmo em ambos os ambientes (IP ou CLNP)

Link-State PDUs

Os pacotes IS-IS standard são alterados para suportar multiplos Network Layer Protocols
Nem todos os junOS devices suportam CLNP ou CLNS routing

A level-1 router cria LSPs level-1
A level-2 router cria LSPs level-2
A level-1-2 router cria LSPs level-1 e LSP level-2

Operation IS-IS

IS-IS consiste num AS com end systems (ESs) e intermediate systems (ISs)

IS-IS Areas

Existem 2 Levels: Level 1 e Level 2
Level 1: Roteia dentro da mesma area
Level 2: Roteia entre areas e interliga com outros ASs

Um router pode assumir a função de L1, L2 ou L1/L2
Um router L1/L2 funciona como um ABR semelhante ao OSPF. Este activa o bit no PDUS Level 1 indicando que e um backbone border router, os routers L1 criam uma default route a apontar para o router L1/L2 mais perto (metrica)

Cada router e identificado com Network Entity Title (NET), o NET e um NSAP onde o n-selector e 0

NSAP and Addressing

NSAP: Network Service Access Point
Total length between 8 and 20 bytes
Area Address: variable length field (up to 13 bytes)
System ID: defines an ES or IS in an area.
NSEL: N-selector. identifies a network service user (transport entity or the IS network entity itself)

NET: the address of the network entity itself

Formato NSAP Address
First 8 bits – escolher um numero (tipicamente 49)
Next 16 bits – area
Next 48 bits – router loopback address
Final 8 bits – zero

Exemplo 1:
NSAP:49.0001.1921.6800.1001.00
Router:192.168.1.1(loopback)in Area 1

Exemplo 2:
NSAP:49.0001.1921.6801.0010
192.168.10.10  -> 192.168.010.010  -> system ID 1921.6801.0010
Router:192.168.10.10(loopback)in Area 1

IS-IS PDUs

IS-IS uses the following PDUs to exchange protocol information:

IS-IS Hello (IIH) PDUs – IS-IS broadcasts these PDUs to discover the identity of neighboring IS-IS systems and to
determine whether the neighbors are Level 1 or Level 2 ISs.
Link-state PDUs – These PDUs contain information about the state of adjacencies to neighboring IS-IS systems. Link-state PDUs are flooded periodically throughout an area.
Complete sequence number PDUs (CSNPs) – CSNPs contain a complete description of all link-state PDUs in the IS-IS database. IS-IS periodically sends CSNPs on all links, and the receiving systems use the information in the CSNP to update and synchronize their link-state PDU databases. The designated router multicasts CSNPs on broadcast links in place of sending explicit acknowledgments for each link-state PDU.
Partial sequence number PDUs (PSNPs) – A receiver multicasts these PDUs when it detects that it is missing a link-state PDU or when its link-state PDU database is out of date. The receiver sends a PSNP to the system that transmitted the CSNP, effectively requesting that the missing link-state PDU be transmitted. That router, in turn, forwards the missing link-state PDU to the requesting router.
TLVs – IS-IS PDUs use TLV encoding as the basic structure for all routing information. TLV encoding requires that the
length of any field be defined explicitly when the field is used in a PDU.

IIH PDU Types

LAN hello PDUs – Pode ser divido entre Level 1 and Level 2 hello PDUs, o formato é idêntico. Num broadcast medium os hellos Level 1 e Level 2 usam
o multicast 01-80-C2-00-00-14 ou 01-80-C2-00-00-15, respectivamente.

point-to-point hello PDUs

Hello Transmission

DIS router – envia hellos a cada 3 segundos
non-DIS router – envia hellos a cada 9 segundos
PDU Fields

Circuit type – Defines the router as Level 1, Level 2, or a Level 1 and Level 2 router
Source ID – Identifies the system ID of the router that originated the hello PDU
Holding time – Specifies the period a neighbor should wait to receive the next hello PDU before declaring the originating router dead
PDU length – Specifies the length of the entire PDU in octets
Priority – Provides a value between 0 and 127 used for DIS election
LAN ID – Identifies the system ID or the DIS plus one more octet (the pseudo-node ID) to differentiate this LAN ID from another LAN ID that might have the same designated router

PSNPs

Um receiver multicast PSNPs quando detecta a falta de um link-state PDU ou link-state database está desatualizada

CSNPs

Contem uma descrição completa de todos os link-state PDUs na database. O IS-IS envia CSNPs periodicamente por todos os links.
O designated router multicast CNSPs em links broadcast em vez de enviar ACK explicitamente por cada link-state PDU

IS-IS Information Objects

OS PDUs usam TLV encoding como estrutura básica de toda a routing information. IS-IS ignora TLVs desconhecidos

Consultar TLV do IS-IS no URL http://www.iana.org/assignments/isis-tlv-codepoints/isis-tlv-codepoints.xhtml

IS-IS Adjacency Rules

Router Level 1 nunca forma adjacência com router Level 2 ou vice-versa
Para adjacências Level 1 a AREA deve ser igual
Para adjacências Level 2 a AREA deve ser diferente

DIS Election

O processo de eleição e garantido atribuindo a priority (entre 0 a 127) a cada interface em Level 1 ou Level 2.
Priority by default e 64 para ambos os Levels, se a priority for 0 o router fica fora do processo de seleção. As interfaces NonBroadcast tem por default priority 0
Router com a maior priority torna-se Designated Router, em caso de empate o router com o subnetwork point of attachment (SNPA) (que e o MAC-address) mais alto ganha a eleição.

Pseudo-Node

Mesmo conceito do OSPF

DIS Characteristics

não existe o conceito de Backup DR, se o IS-IS DIS falhar e eleito um novo. E feito preempt caso exista um router com uma best priority ou SNPA (MAC address) + alto

IS-IS Metrics

O IS-IS usa 1023 como default metric máxima, este valor é definido pelo network administrator.
Qualquer single link pode ter o valor máximo 63,a métrica é o suma dos custos dos links.

Level 1
Internal route preference: 15
External route preference: 160
Wide metrics are enabled, Narrow metrics are enabled
Level 2
Internal route preference: 18
External route preference: 165
Wide metrics are enabled, Narrow metrics are enabled

IS-IS define 3 metrics ou costs opcionais:

delay cost
cost metric
error cost

IS-IS mantém o mapeamento desta 4 métricas para o QoS option no CLNP packet header. O IS-IS usa estes mapeamentos para calcular rotas

Wide Metrics

O IS-IS também usa Wide metrics. E possível definir uma métrica ate 2^24. As Wide Metrics permite um network diameter ate 256 hops.
Este diameter resulta num maximum total path de 2^32.
By default o junOS envia as wide metrics e standard (Narrow) metrics, a wide metric e 63 caso seja usado em simultâneo a standard metric.
Para beneficiar das wide metric pode ser desativado as standard usando wide-metrics-only per level.

set protocols isis level 1 wide-metrics-only

Configuring IS-IS

set protocols isis interface ge-0/0/0.0 level 1 disable
set protocols isis interface at-0/1/1.100 level 2 disable

By default todas as interfaces especificadas no IS-IS são consideradas como Level 1 e Level 2

set interface ge-0/1/0.0 family iso
set interface ge-0/1/0.0 family inet address 10.0.24.1/24

set interface lo0.0 family inet address 192.168.2.1/32
set interface lo0.0 family iso address 49.0001.0192.0168.0201.00

Para usar o IS-IS, deve ser configurado o network entity title (NET) em uma das interfaces (preferencialmente o loopback), e configurar o iso family em todas as interfaces que desejamos executar IS-IS.

O junOS suporta ter múltiplas ISO NETs na interface loopback do router.

Referências:

Notas estudo JNCIS-ENT parte 1

Notas estudo JNCIS-ENT parte 2

Notas estudo JNCIS-ENT parte 3

Notas estudo JNCIS-ENT parte 4

Notas estudo JNCIS-ENT parte 5

Notas estudo JNCIS-ENT parte 6

Notas estudo JNCIS-ENT parte 7

Notas estudo JNCIS-ENT parte 8

Notas estudo JNCIS-ENT parte 9

Notas estudo JNCIS-ENT parte 10

Notas estudo JNCIS-ENT parte 11

Notas estudo JNCIS-ENT parte 12

Notas estudo JNCIS-ENT parte 13

Notas estudo JNCIS-ENT parte 14

Notas estudo JNCIS-ENT parte 15

Notas estudo JNCIS-ENT parte 15

Nota: Este Post faz parte do guide de Routing.

VRRP Defined

RFC 2338

Terms and Concepts

VRRP Router
Master Router
Backup Routers
Virtual Router

VRRP Communications

VRRP version 2
Usa Multicast 224.0.0.18
Default advertisement 1 segundo
E possível usar subsecond usando o comando fast-interval (o valor pode variar entre 100-999 milisegundos)
O MAC-ADDRESS do VIP tem o formato 00-00-5E-00-01-VRID
O Master state e elegido através da priority mais alta (entre 1 -255), by default e 100
Caso o router tenha o próprio VIP configurado como IP da interface deve ser configurado a priority 255 e ativado automaticamente o preempt.
Em ambientes onde o router não tem o próprio VIP como IP é possível desativar o preempt

VRRP States

Initialize
Master
Backup
Transition – Estado apenas transitório entre Backup e Master. Neste estado não existe forwarding

VRRP Configuration

set interfaces ge-0/0/4.0 family inet addres 172.25.100.2/24 vrrp-group 10 virtual-address 172.25.100.1 priority 200

outras opções:

track
accept-data – Permite que o master responda a ICMP com destino ao VIP. Caso o master tenha o proprio VIP responde by default a ICMP
authenticatioon-type – 3 types:none,simple,MD5
authenticatioon-key
no-preempt

É possível usar o inherit da config quando existem múltiplos grupos VRRP na mesma interface física usando assim algumas das mesmas características.
Com a opcao vrrp-inheret-from as características usadas são:advertise-interval, authentication-key, authentication-type, fast-interval, no-preempt, preempt, track interface, e track route

Unified ISSU

Apenas suportado em chassis com 2 REs e com os serviços GRES e NSR activos. Ambos os REs devem executar a mesma versão de software

Para iniciar o processo deve ser executado o comando request system software-in-service-upgrade no master RE

Para verificar o estados dos FPCs após o ultimo Unified ISSU:

[email protected]>  show chassis in-service-upgrade
Item           Status                  Reason
FPC 0          Online
FPC 1          Online
FPC 2          Online
PIC 0        Online
PIC 1        Online
FPC 3          Offline                 Offlined by CLI command
FPC 4          Online
PIC 1        Online
FPC 5          Online
PIC 0        Online
FPC 6          Online
PIC 3        Online
FPC 7          Online

!Cancelar o processo de upgrade (unified ISSU)
[email protected]>  request system abort software-in-service-upgrade

 
Appendix A IPv6

Alguns dos benefícios do IPv6
More efficient routing
Quality of service (QoS)
Elimination of the NAT requirement
Network Layer security with end-to-end IPsec
Ease of management using stateless address autoconfiguration
Improved header format to reduce header overhead

O header IPv6 tem 40 bytes (fixos) e inclui os seguintes campos:

Version: 4-bit field containing the number 6, indicating IPv6
Traffic class: 8-bit field that determines the traffic priority
Flow label: 20-bit field used for QoS management
Payload length: 16-bit field indicates the size of the payload in octets
Next header: 8-bit field indicating the next encapsulated protocol
Hop limit : 8-bit field replaces the time-to-live (TTL) field in IPv4
Source address : 128 bits
Destination address: 128 bits

IPv6 Defines Six Extension Headers

As extensões possíveis no header:

Hop-by-hop options: Signifies that the options need to be examined by each node along the path of a packet
Routing: Provides a list of intermediate nodes that should be visited on the path to the packet’s destination
Fragment: Signals when a packet has been fragmented by the source
Destination options: Options examined only by the destination node , and capable of appearing twice in a packet
Authentication header: Used with IPsec to verify  authenticity of a packet
Encrypted security payload: Used with IPsec and carries encrypted data for secure communication

IPv6 Address Types

3 Tipos de endereços IPv6:
• Unicast
• Multicast
• Anycast

Prefix Notation

O RFC4291 define as ultimas regras sobre prefix notation

::/128 : unspecified;
::1/128: This prefix notation should be used for the loopback;
FF00::/8 : Multicast
FE80::/10: Local-Link

Special Addresses
Link-Local Unicast Addresses – Prefix (10bits) + SubnetID (54bits) + Interface ID (64bits)
Site-Local Unicast Addresses – Enderecos Privatos a semelhanca do RFC1918 em IPv4. Prefix (10bits) + SubnetID (54bits) + Interface ID (64bits)
Global Unicast Addresses – Enderecos roteados na Internet. FP (3bits) + GlobalRouting Prefix (45bits) + SID (16bits) + Interface ID (64bits)

Stateless Autoconfiguration

Permitir atribuir IP automaticamente sem a necessidade de DHCP.

Stateless autoconfiguration consiste em varios elementos:

• Extended unique identifier (EUI)
• Router advertisement message
• Router solicitation message
• Prefix list

Neighbor Discovery (ND)

É o processo de tracking dos neighbors no mesmo local link.
O ND é opcional nos devices IPv6.
Após o host enviar um Router Solicitation (RS) o router confirma enviando um Router Advertisement (RA) com a prefix list. O host o endereçamento no prefix-list para efectuar a autoconfiguracao

Stateful Autoconfiguration

O DHCPv6 e conhecido como stateful, definido no RFC3315

set interfaces ge1/1/0.110 family inet6 address fec0:0:0:2003::1/64

[email protected]# run show interfaces terse ge-1/1/0
Interface               Admin Link Proto    Local                 Remote
ge-1/1/0                up    up
ge-1/1/0.110            up    up   inet     172.16.110.1/24
inet6    fe80::8271:1f00:6ec1:a278/64
fec0:0:0:2003::1/64

[email protected]# run show route table inet6.0

inet6.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
Restart Complete
+ = Active Route, – = Last Active, * = Both

fe80::/64          *[Direct/0] 00:02:24
> via ge-1/1/0.110
fe80::8271:1f00:6ec1:a278/128
*[Local/0] 00:02:24
Local via ge-1/1/0.110
fec0:0:0:2003::/64 *[Direct/0] 00:02:24
> via ge-1/1/0.110
fec0:0:0:2003::1/128
*[Local/0] 00:02:24
Local via ge-1/1/0.110

[email protected]# run show ipv6 neighbors
IPv6 Address                 Linklayer Address  State       Exp Rtr Secure Interface
fec0:0:0:2003::2             80:71:1f:c1:c3:78  reachable   34  yes no      ge-1/1/0.110

IPv6 Multicast Address

No IPv6 o ICMPv6 é usado no multicast group management  para optimizar o tráfego multicast. Este processo é referido como Multicast Listener Discovery (MLD)

Os enderecos multicast segundo o RFC 4291:

• Solicited-node multicast addresses are for Neighbor Solicitation (NS) messages;
• All-nodes multicast addresses are for Router Advertisement (RA) messages; and
• All-routers multicast addresses are for Router Solicitation (RS) messages.

IPv6 Anycast Address

Definido no RFC 2526
Permite que o mesmo IP esteja distribuído, mas apenas um Host irá receber o tráfego

set routing-options rib inet6.0 static route 0::/0 next-hop FEc0:0:0:2003::2 preference 250

OSPFv3 Configuration Example

O processo de selecao do RID no OSPFv3 e identico ao da v2, o RID continua a ser IPv4

Monitoring OSPFv3 Operations

show ospf3 neighbor
show ospf3 interface
show ospf3 database
show ospf3 route

IS-IS Configuration

set interfaces ge1/1/0.110 family iso
set interfaces ge1/1/0.110 family inet6 address fec0:0:0:2003::1/64

set interfaces lo0 unit 0 family iso address 49.0002.1111.1111.1111.00
set interfaces lo0 unit 0 family inet6 address fec0:0:0:1001::1/128

Monitoring IS-IS Operations

[email protected]# run show isis interface
IS-IS interface database:
Interface             L CirID Level 1 DR        Level 2 DR        L1/L2 Metric
ge-1/1/0.110          3   0x1 mxA-1.00          mxA-1.00               10/10
lo0.0                 0   0x1 Passive           Passive                 0/0

[edit]
[email protected]# run show isis adjacency

BGP Configuration

!eBGP Peering
set protocols bgp group ext-65501 type external
set protocols bgp group ext-65501 peer-AS 65501
set protocols bgp group ext-65501 neighbor fec0:0:0:2003::2

Monitoring BGP Operations

show bgp summary

Tunneling IPv6 Traffic

Por vezes e necessário encapsular trafego IPv6 em IPv4.

Alguns dos mecanismos de transicao
•IPv4-compatible addressing
•Configured tunnels
•6to4
•6over4

!Site A
set interface gr-0/0/0.0 tunnel source 172.16.110.1 destination 172.16.110.2
set interface gr-0/0/0.0 family inet6 address fec0:0:0:1000::1/126
set routing-options rib inet6.0 static route fec0:0:0:2000::/64 next-hop gr-0/0/0.0
set routing-options rib inet6.0 static route fec0:0:0:1001::/64 next-hop gr-0/0/0.0

!Site B
set interface gr-0/0/0.0 tunnel source 172.16.110.2 destination 172.16.110.1
set interface gr-0/0/0.0 family inet6 address fec0:0:0:1000::2/126
set routing-options rib inet6.0 static route fec0:0:0:2000::/64 next-hop gr-0/0/0.0
set routing-options rib inet6.0 static route fec0:0:0:1001::/64 next-hop gr-0/0/0.0

Referências:

Notas estudo JNCIS-ENT parte 1

Notas estudo JNCIS-ENT parte 2

Notas estudo JNCIS-ENT parte 3

Notas estudo JNCIS-ENT parte 4

Notas estudo JNCIS-ENT parte 5

Notas estudo JNCIS-ENT parte 6

Notas estudo JNCIS-ENT parte 7

Notas estudo JNCIS-ENT parte 8

Notas estudo JNCIS-ENT parte 9

Notas estudo JNCIS-ENT parte 10

Notas estudo JNCIS-ENT parte 11

Notas estudo JNCIS-ENT parte 12

Notas estudo JNCIS-ENT parte 13

Notas estudo JNCIS-ENT parte 14