Using Intercept Libraries
Junos OS Evolved is the same as Junos OS except that it runs on native Linux and, therefore, can accommodate running third-party applications. There are some differences between the way Linux displays requested network topology information such as interface and route data and the way Junos OS displays this information. The CLI is designed to overcome these differences. But typically, third-party applications running on native Linux obtain this information directly from the native Linux sources using shell commands.
Junos OS Evolved comes equipped with an intercept mechanism that redirects shell requests for network topology information away from the Linux stack to a space where the information can be obtained from Junos OS. This intercept mechanism is accomplished through intercept libraries, libsi.so and libnli.so, that you preload. After you preload the intercept library, certain types of requests are intercepted and show Junos OS information.
The intercept libraries are optional; they are needed only if the application requires the APIs mentioned in Table 1:
Table 1: APIs That Require Intercept Libraries
API | Description |
|---|---|
Packet IO and Linux socket APIs | Ability to send and receive packets over management and/or data interfaces. Standard libc, such as send, receive, listen. |
Ability to use rtnetlink to query networking state like interfaces, routes. | |
Ability to configure network devices. | |
Ability to query kernel data structures using standard interfaces provided by Linux kernel. | |
Junos APIs | Ability to access Juniper North Bound APIs - NetConf/JET/Telemetry. |
Junos OS Evolved Release 20.1R1 supports the following features:
Use the set system netlink-async-mode configuration to enable NETLINK_ROUTE asynchronous notifications. This feature is disabled by default. Use show nsld mode to show the current netlink asynchronous mode.
SIOCETHTOOL ioctl, which can be used by other applications.
Multipath next-hop route information through netlink route attributes.
Example of a Preloaded Linux Command
An example how the preload directive works follows using the
command ifconfig, which displays interfaces.
If you preload the ifconfig command
with the intercept library, Junos OS interface information is returned.
Notice that the intercept library only translates logical interfaces.
In this example, because there are logical interfaces only on lo0
and re0:mgmt-0.0, the output displays only these two interfaces for
the preloaded ifconfig command.
[vrf:none] user@host_RE0:~# LD_PRELOAD=libnli.so
ifconfig lo0_0 Link encap:Ethernet HWaddr 00:00:00:00:00:00
inet addr:128.102.224.244 Mask:255.255.255.255
inet6 addr: abcd::128:102:224:244/128 Scope:Global
inet6 addr: fe80::5668:a6f0:6e:b79/128 Scope:Link
UP LOOPBACK RUNNING MTU:65535 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
mgmt-0-00-0000 Link encap:Ethernet HWaddr 56:68:a6:6e:0b:79
inet addr:10.102.224.244 Bcast:10.102.239.255 Mask:255.255.240.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1103938 errors:0 dropped:0 overruns:0 frame:0
TX packets:1905 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:85166899 (81.2 MiB) TX bytes:243066 (237.3 KiB)
You can get the same results by running jbash, which is a shell provided with Junos OS Evolved that preloads libnli.so and libsi.so by default.
Only use jbash to get the network state information. Don’t use jbash as your default shell.
If you issue the command without preloading it with the intercept library, the output shown is from Linux. Notice that the following output is longer than that from Junos OS. Linux does not make the distinction between physical interfaces and logical interfaces that the Junos CLI does.
[vrf:none] user@host_RE0:~# ifconfig -aeth0 Link encap:Ethernet HWaddr 56:68:a6:6e:0b:79
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:1608443 errors:44 dropped:0 overruns:0 frame:44
TX packets:2652 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:150837081 (143.8 MiB) TX bytes:341675 (333.6 KiB)
eth1 Link encap:Ethernet HWaddr 56:68:a6:6e:0b:7e
UP BROADCAST RUNNING PROMISC MULTICAST MTU:9600 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:418 (418.0 B)
eth2 Link encap:Ethernet HWaddr 56:68:a6:6e:0b:83
UP BROADCAST RUNNING PROMISC MULTICAST MTU:9600 Metric:1
RX packets:907046 errors:0 dropped:0 overruns:0 frame:0
TX packets:926156 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:70342248 (67.0 MiB) TX bytes:119965968 (114.4 MiB)
eth3 Link encap:Ethernet HWaddr 56:68:a6:6e:0b:8d
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
eth4 Link encap:Ethernet HWaddr 56:68:a6:6e:0b:9d
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:1607983 errors:44 dropped:0 overruns:0 frame:44
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:150335380 (143.3 MiB) TX bytes:0 (0.0 B)
ingvrf Link encap:Ethernet HWaddr 12:6e:39:d6:5a:64
UP RUNNING NOARP MASTER MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
iri Link encap:Ethernet HWaddr 4e:a2:93:c0:ac:67
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP RUNNING NOARP MASTER MTU:65536 Metric:1
RX packets:2199380 errors:0 dropped:0 overruns:0 frame:0
TX packets:2216726 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:674308465 (643.0 MiB) TX bytes:735412009 (701.3 MiB)
jtd0 Link encap:Ethernet HWaddr 06:50:4e:19:c6:c5
inet6 addr: fe80::450:4eff:fe19:c6c5/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:210 (210.0 B)
jtdrop Link encap:Ethernet HWaddr ba:d0:d0:72:7e:eb
inet6 addr: fe80::b8d0:d0ff:fe72:7eeb/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:210 (210.0 B)
jtdv0 Link encap:Ethernet HWaddr 56:2a:0c:39:f1:5d
inet6 addr: fe80::542a:cff:fe39:f15d/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:280 (280.0 B)
jtdv50 Link encap:Ethernet HWaddr 56:5e:67:d6:e2:d2
inet6 addr: fe80::545e:67ff:fed6:e2d2/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:280 (280.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:32 errors:0 dropped:0 overruns:0 frame:0
TX packets:32 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:2144 (2.0 KiB) TX bytes:2144 (2.0 KiB)
mgmt_junos Link encap:Ethernet HWaddr 6a:75:4b:20:d0:4e
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP RUNNING NOARP MASTER MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
sit0 Link encap:UNSPEC HWaddr 00-00-00-00-30-30-30-00-00-00-00-00-00-00-00-00
NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
tunl0 Link encap:IPIP Tunnel HWaddr
NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
vcb Link encap:Ethernet HWaddr 56:68:a6:6e:0b:83
inet addr:176.1.1.1 Bcast:0.0.0.0 Mask:255.255.255.252
UP BROADCAST RUNNING PROMISC MULTICAST MTU:9600 Metric:1
RX packets:907043 errors:0 dropped:0 overruns:0 frame:0
TX packets:924347 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:57643466 (54.9 MiB) TX bytes:118743890 (113.2 MiB)
vfb Link encap:Ethernet HWaddr 56:68:a6:6e:0b:7e
UP BROADCAST RUNNING PROMISC MULTICAST MTU:9600 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
vib Link encap:Ethernet HWaddr 3e:fb:67:87:16:1a
inet addr:128.0.0.4 Bcast:0.0.0.0 Mask:255.0.0.0
inet6 addr: fe80::3cfb:67ff:fe87:161a/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:74 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:3420 (3.3 KiB)
vmb0 Link encap:Ethernet HWaddr 56:68:a6:6e:0b:79
inet addr:10.102.224.244 Bcast:0.0.0.0 Mask:255.255.240.0
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:1602504 errors:0 dropped:0 overruns:0 frame:0
TX packets:2645 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:124666750 (118.8 MiB) TX bytes:340201 (332.2 KiB)
vmb1 Link encap:Ethernet HWaddr 56:68:a6:6e:0b:9d
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:1602784 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:124008554 (118.2 MiB) TX bytes:0 (0.0 B)
vrf0 Link encap:Ethernet HWaddr ca:12:9e:40:a8:01
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP RUNNING NOARP MASTER MTU:65536 Metric:1
RX packets:124413 errors:0 dropped:0 overruns:0 frame:0
TX packets:2597 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:19087613 (18.2 MiB) TX bytes:338185 (330.2 KiB)
vrf50 Link encap:Ethernet HWaddr 06:de:d7:3d:18:be
UP RUNNING NOARP MASTER MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interface Name Translation
One limiting factor to using this intercept mechanism is that Linux interface naming is incompatible with the Junos OS interface naming. Linux supports 15-byte interface names (15 + null-character); network interface names that exceed this limit are truncated in outputs. Junos OS logical interface names could be longer than 15 bytes, for example, et-0/0/10:2.32767.
To work around this difference, Junos OS Evolved uses a translation rule (see Table 2) to render logical interface names in a Linux-compliant format. The translation renders a format such as name-fpcSlot/picSlot/port:channelId.subUnit to nn-ffpttccssss. Using interface names translated according to this rule, third-party applications can effectively fetch the topology information from Junos OS.
Only translation of logical interface names is supported, and translation of both channelized and nonchannelized logical interface names is supported.
Table 2: Translation Rule for Interface Names
Value | Description | Allotted Space (in bytes) | Range |
|---|---|---|---|
nn | mapped name bytes | 2 | |
ff | fpc in hex | 2 | 0-255 |
p | pic in hex | 1 | 0-15 |
tt | port number in hex | 2 | 0-255 |
cc | channel in hex; use “xx” if not present | 2 | 0-255 |
ssss | subunit in hex | 4 | 0-65535 |
Except for management interfaces, if the logical interface name does not have a hyphen (-) in it, the dot (.) in the name is changed to an underscore (_), for example: ifdname.subunit gets translated to ifdname_subunit. | |||
For management interfaces, reX:mgmt-Y.Z translates to mgmt-x-yy-zzzz, where x, yy, zzzz are in hex-padded with 0 for a fixed length. And the reverse translation happens on the same lines. | |||
See Table 3 for examples of Junos logical interface names and their Linux-compliant forms.
Table 3: Examples of Translated Logical Interface Names
Junos Logical Interface Name | Translated Linux-Compliant Interface Name |
|---|---|
et-1/2/3.4 | et-01203xx0004 |
ge-1/2/3.32 | ge-01203xx0020 |
et-1/15/3.4 | et-01f03xx0004 |
et-1/2/255:6.7 | et-012ff060007 |
et-1/2/4:5.32767 | et-01204057fff |
re0:mgmt-1.2 | mgmt-0-01-0002 |
ae0.1 | ae0_1 |
irb0.11 | irb0_11 |
When accessing Junos OS states by preloading libnli.so, the interface name in the output is shown as a translated Linux-compliant interface name. You must also use the translated Linux-compliant interface name when using it as an argument in a command. The translated et-01000000000 interface name is used as an argument in the following example:
[vrf:none] user@host_RE0:~# LD_PRELOAD=libnli.so
ifconfig et-01000000000 et-01000000000 Link encap:Ethernet HWaddr 5c:31:b0:35:01:ff
inet addr:20.20.20.24 Bcast:20.20.20.255 Mask:255.255.255.0
inet6 addr: 2000:200:20::2/64 Scope:Global
inet6 addr: fe80::5e31:b0ff:fe35:1ff/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1514 Metric:1
RX packets:312 errors:0 dropped:0 overruns:0 frame:0
TX packets:156 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:31004 (30.2 KiB) TX bytes:21346 (20.8 KiB)
Other Caveats for the Intercept Feature
This intercept feature supports read-only requests. Any write request returns an error.
Representation of certain Junos network state may not be mappable to Linux equivalents. In these cases, the data is either be omitted or re-mapped to a comparable Linux model. For example, Junos OS Evolved supports a rich suite of nexthop types such as composite or unilist that do not have comparable implementations in native Linux.
Third-party applications that are linked statically cannot be intercepted and, therefore, are not supported by this feature.