Contents

About This Guide
E-Series Routers
Audience
Conventions
Documentation
MIBS
Release Notes
Abbreviations
Web Access
Comments About the Documentation
Contacting Customer Support
Routing Policy
Configuring Routing Policy
Overview
References
Route Maps
Sample Route Map
Multiple Values in a Match Entry
Negating Match Clauses
Matching a Community List Exactly
Removing Community Lists from a Route Map
Redistributing Access Routes
Access Lists
Filtering Prefixes
Filtering AS Paths
Using Access Lists in a Route Map
Creating Table Maps for Access Routes
Using the Null Interface
Prefix Lists
Using a Prefix List
Prefix Trees
Using a Prefix Tree
Community Lists
Extended Community Lists
Using Regular Expressions
AS-path Lists
Community Lists
Community Numbers
Metacharacters
Using Metacharacters as Literal Tokens
Regular Expression Examples
Managing the Routing Table
Troubleshooting Routing Policy
Monitoring Routing Policy
Internet Protocol
Configuring IP
Overview
IP Packets
IP Functions
Moving Data Between Layers
Routing Datagrams to Remote Hosts
Fragmenting and Reassembling Datagrams
IP Layering
Network Interface Layer
Internet Layer
Transport Layer
Application Layer
References
IP Features
IP Addressing
Physical and Logical Addresses
Internet Addresses
Subnet Addressing
Classless Addressing with CIDR
Adding and Deleting Addresses
Adding a Primary Address
Deleting a Primary Address
Adding a Secondary (Multinet) Address
Deleting a Secondary Address
ip address Command
Before You Configure IP
Creating a Profile
Assigning a Profile
Address Resolution Protocol (ARP)
How ARP Works
MAC Address Validation
Broadcast Addressing
Broadcast Tasks
Fragmentation
IP Routing
Routing Information Tables
Setting the Administrative Distance for a Route
Setting the Metric for a Route
Routing Operations
Identifying a Router Within an Autonomous System
Establishing a Static Route
Setting Up Default Routes
Setting Up an Unnumbered Interface
Adding a Host Route to a Peer on a PPP Interface
Enabling Source Address Validation
Shutting Down an IP Interface
Removing the IP Configuration
Clearing IP Routes
Clearing IP Interfaces
Setting a Baseline
Disabling Forwarding of Packets
Enabling Forwarding of Source-Routed Packets
Forcing an Interface to Appear Up
Specifying a Debounce Time
Adding a Description
Enabling Link Status Traps
Configuring the Speed
Configuring Equal-Cost Multipath Load Sharing
Setting a TTL Value
Shared IP Interfaces
Configuring Prefixes for Dynamic Shared IP Interfaces
Configuring Shared IP Interfaces
Moving IP Interfaces
IP Shared Interface Statistics
Subscriber Interfaces
Internet Control Message Protocol
ICMP Tasks
Specifying a Source Address for ICMP Messages
Reachability Commands
Response Time Reporter
Configuration Tasks
Configuring the Probe Type
Configuring Optional Characteristics
Capturing Statistics
Collecting History
Setting Reaction Conditions
Scheduling the Probe
Shutting Down the Probe
Monitoring RTR
Monitoring IP
Establishing a Baseline
IP show Commands
Configuring IPv6 and Neighbor Discovery
Overview
References
IPv6 Packet Headers
IPv4 and IPv6 Header Differences
Standard IPv6 Headers
Extension Headers
IPv6 Addressing
Address Representation
IPv6 Address Compression
IPv6 Address Prefix
Address Types
Address Scope
Address Structure
ICMP Support
Understanding Neighbor Discovery
Before You Configure IPv6 or Neighbor Discovery
IPv6 Configuration Tasks
Configuring an IPv6 License
Creating an IPv6 Profile
Assigning a Profile
Establishing a Static Route
Specifying an IPv6 Hop Count Limit
Managing IPv6 Interfaces
Adding a Description
Removing an IPv6 Configuration
Clearing IPv6 Routes
Creating Static IPv6 Neighbors
Neighbor Discovery Configuration Tasks
Configuring Neighbor Discovery
Configuring Proxy Neighbor Advertisements
Configuring Duplicate Address Detection Attempts
Clearing IPv6 Neighbors
Monitoring IPv6 and Neighbor Discovery
Establishing a Baseline
IPv6 show Commands
Configuring NAT
Overview
NAT Configurations
Traditional NAT
Basic NAT
NAPT
Bidirectional NAT
Twice NAT
Network and Address Terms
Inside Local Addresses
Inside Global Addresses
Outside Local Addresses
Outside Global Addresses
Understanding Address Translation
Inside Source Translation
Outside Source Translation
Address Assignment Methods
Static Translations
Dynamic Translations
Order of Operations
References
Before You Begin
Limiting Translation Entries
Specifying Inside and Outside Interfaces
Defining Static Address Translations
Creating Inside Source Translations
Creating Outside Source Translations
Defining Dynamic Translations
Creating Access List Rules
Defining Address Pools
Defining Translation Rules
Creating Dynamic Inside Source Translations
Creating Dynamic Outside Source Translations
Defining Translation Time-Outs
Clearing Dynamic Translations
Configuration Examples
NAPT Example
Bidirectional NAT Example
Twice NAT Example
Cross-VRF Example
Monitoring NAT
Displaying Translation Statistics
Displaying Translation Entries
Internet Protocol Routing
Configuring IP Multicasting
Overview
References
Before You Begin
Enabling IP Multicasting
Deleting Multicast Forwarding Entries
Reverse-Path Forwarding
Multicast Packet Forwarding
Disabling RPF Checks
Using Unicast Routes for RPF
Monitoring IP Multicast Settings
Support for Multicast Router Information
IGMP
IGMP Operation
Group Membership Queries
Group Membership Reports
Leave Group Membership Messages
Configuring Static and Dynamic IGMP Interfaces
Enabling IGMP on an Interface
Configuring IGMP Settings for an Interface
Assigning a Multicast Group to an Interface
Specifying Multicast Groups
Limiting the Number of Accepted IGMP Groups
Including and Excluding Traffic
Accepting IGMP Reports from Remote Subnets
Disabling and Removing IGMP
Monitoring IGMP
IGMP Proxy
Overview
Configuring IGMP Proxy
Setting the IGMP Proxy Baseline
Monitoring IGMP Proxy
PIM
PIM DM
Overriding Prunes
Preventing Duplication
PIM SM
Joining Groups
Remote Neighbors
Timers
PIM S-DM
PIM SSM
Enabling and Disabling PIM on a VR
Enabling PIM on an Interface
Configuring an RP Router for PIM SM and PIM S-DM
Configuring a Static RP Router
Configuring an Auto-RP Router for PIM SM
Configuring an Auto-RP Router for PIM S-DM
Switching to an SPT for PIM SM
Configuring PIM SM Remote Neighbors
Configuration Example
Configuring PIM SSM
Removing PIM
Resetting PIM Counters and Mappings
Monitoring PIM
Monitoring PIM Events
Monitoring PIM Settings
DVMRP
Identifying Neighbors
Advertising Routes
Enabling DVMRP on a VR
Activating DVMRP on an Interface
Configuring DVMRP Limits
Filtering DVMRP Reports
Configuring DVMRP Summary Addresses
Changing the Metric for a Route
Importing Routes from Other Protocols
Specifying Routes to Be Advertised
Preventing Dynamic Route Distribution
Exchanging DVMRP Unicast Routes
Disabling and Removing DVMRP
Deleting DVMRP Routes
Configuring DVMRP Tunnels
Monitoring DVMRP
BGP Multicasting
Investigating Multicast Routes
Configuring IP Tunnels
Overview
GRE Tunnels
DVMRP Tunnels
Line Module Requirements
Managing TSMs
References
Configuration Tasks
Configuration Example
Configuring IP Tunnels to Forward IP Frames
Preventing Recursive Tunnels
Monitoring IP Tunnels
IP Reassembly for Tunnels
Overview
Reassembly Processing Within the System
Configuring IP Reassembly
Monitoring IP Reassembly
Configuring RIP
Overview
RIP Metric
RIP Messages
References
Features
Route Tags
Authentication
Subnet Masks
Next Hop
Multicasting
Route Summaries
Split Horizon
Equal-Cost Multipath
Applying Route Maps
Before You Run RIP
Configuration Tasks
Relationship Between address and network Commands
Using RIP Routes for Multicast RPF Checks
Remote Neighbors
Monitoring RIP
debug Commands
show Commands
Configuring OSPF
Overview
Terms
References
Features
Intra-area, Interarea, and External Routes
Routing Priority
Virtual Links
Authentication
Opaque LSAs
Route Leakage
Equal-Cost Multipath
OSPF MIB
Interacting with Other Routing Protocols
With IS-IS
With RIP
With BGP
Configuration Tasks
Configuring OSPF Interfaces
Enabling OSPF
Creating a Range of OSPF Interfaces
Creating a Single OSPF Interface
Aggregating OSPF Networks
Configuring OSPF Interfaces
address Commands
ip ospf Commands
Comparison Example
Precedence of Commands
Configuring OSPF Areas
Configuring Authentication
Authentication Requirements
Configuring Additional Parameters
Default Metrics
Configuring OSPF for NBMA Networks
Traffic Engineering
Configuring OSPF for TE
Using OSPF Routes for Multicast RPF Checks
OSPF and BGP/MPLS VPNs
Remote Neighbors
Disabling and Reenabling Incremental SPF
Configuring OSPF Traps
Monitoring OSPF
debug Commands
show Commands
Configuring IS-IS
Overview
Terms
ISO Network Layer Addresses
Level 1 Routing
Level 2 Routing
Dynamic Hostname Resolution
Authentication
Commands
Specifying Start and Stop Timing
Halting MD5 Authentication
Managing and Replacing Keys
Extensions for Traffic Engineering
Integrated IS-IS
Equal-Cost Multipath
References
Features
Before You Run IS-IS
Configuration Tasks
Enabling IS-IS
Summary Example
Configuring IS-IS Interface-Specific Parameters
Summary Example
Configuring Global IS-IS Parameters
Setting Authentication Passwords
Configuring Redistribution
Redistributing Routes Between Levels
Controlling Granularity of Routing Information
Configuring Metric Type
Setting the Administrative Distance
Configuring Default Routes
Setting Router Type
Summarizing Routes
Configuring the Router to Be Ignored
Ignoring LSP Errors
Logging Adjacency State Changes
Configuring LSP Parameters
Specifying the SPF Interval
Defining the SPF Route Calculation Level
Setting CLNS Parameters
Setting the Maximum Parallel Routes
Configuring a Virtual Multiaccess Network
Summary Example
Configuring IS-IS for MPLS
Using IS-IS Routes for Multicast RPF Checks
Monitoring IS-IS
Monitoring IS-IS Parameters
Displaying CLNS
Configuring VRRP
Overview
Terminology
References
How VRRP Works
Configuration Examples
Basic VRRP Configuration
Commonly Used VRRP Configuration
VRRP Configuration Without the Real Address Owner
How VRRP Is Implemented in the E-Series Router
Router Election Rules
Configuring VRRP
Configuring the IP Interface
Creating VRIDs
Configuration Steps
Monitoring VRRP
Internet Protocol Security
Configuring IPSec
Overview
Terms
References
IPSec Concepts
Secure IP Interfaces
RFC 2401 Compliance
IPSec Protocol Stack
Security Parameters
Manual Versus Signalled Interfaces
Operational Virtual Router
Transport Virtual Router
Perfect Forward Secrecy
Lifetime
Inbound and Outbound SAs
Transform Sets
Other Security Features
IP Security Policies
ESP Processing
AH Processing
IPSec Maximums Supported
IKE Overview
Main Mode and Aggressive Mode
Aggressive Mode Negotiations
IKE Policies
Priority
Encryption
Hash Function
Authentication Mode
Diffie-Hellman Group
Lifetime
IKE SA Negotiation
Configuration Tasks
Configuring an IPSec License
Configuring IPSec Parameters
Creating an IPSec Tunnel
Defining an ISAKMP/IKE Policy
Refreshing SAs
Configuration Examples
Configuration Notes
Example 1
Example 2
Monitoring IPSec
System Event Logs
show Commands
Configuring Digital Certificates
Overview
Terms
References
IKE Authentication Using Digital Certificates
Signature Authentication
Generating Private/Public Key Pairs
Obtaining a Public Key Certificate
Obtaining a Root CA Certificate
Authenticating the Peer
Checking CRLs
File Extensions
Configuration Tasks
Monitoring Digital Certificates
Configuring L2TP with IPSec
Overview
References
How Secure Remote Access Works
Setting Up the Secure Connection
L2TP with IPSec Control and Data Frames
Compatibility and Requirements
End-to-End Security
Client Software Supported
Interactions with NAT
Tunnel Creation
Interaction Between IPSec and PPP
Number of L2TP/IPSec Connections
LNS Change of Address
LNS Change of Port
Group Preshared Key
Configuration Tasks for Client PC
Configuration Tasks for E-Series Routers
Configuring L2TP Destination Profiles
Configuring IPSec Transport Profiles
Monitoring L2TP over IPSec
System Event Logs
show Commands
Index
Copyright © 1998-2005, Juniper Networks, Inc. All Rights Reserved. Trademark Notice. Privacy.
home | contact us | search | feedback