Certificate authority. A trusted third-party organization that creates, enrolls, validates, and revokes digital certificates. The CA guarantees a user's identity and issues public and private keys for message encryption and decryption (coding and decoding).


Call admission control. In Differentiated-Services-aware traffic engineering, checks for adequate bandwidth on the path before the LSP is established. If the bandwidth is insufficient, the LSP is not established and an error is reported.


Cooperative Association for Internet Data Analysis. An association that provides tools and analyses promoting the engineering and maintenance of a robust, scalable Internet infrastructure. One tool, cflowd, allows you to collect an aggregate of sampled flows and send the aggregate to a specified host that runs the cflowd application available from CAIDA.

call admission control

See CAC.

Call Detail Record

See CDR.


Customized Applications of Mobile Enhanced Logic. An ETSI standard for GSM networks that enhances the provision of Intelligent Network services.

candidate configuration

File maintained by the JUNOS software containing changes to the router's active configuration. This file becomes the active configuration when a user issues the commit command.


Information sent by routers in a multicast network when they are configured as a local rendezvous point. This information is unicast to the bootstrap router for the multicast domain.

carrier-of-carriers VPN

Virtual private network (VPN) service supplied to a network service provider that is supplying either Internet service or VPN service to an end customer. For a carrier-of-carriers VPN, the customer's sites are configured within the same autonomous system (AS).


Control Board. On a T640 routing node, part of the host subsystem that provides control and monitoring functions for router components.


Cipher block chaining. A mode of encryption using 64 or 128 bits of fixed-length blocks where each block of plain text is XORed with the previous cipher text block before being encrypted. See also XOR.


Constant bit rate. For ATM1 and ATM2 IQ interfaces, data that is serviced at a constant, repetitive rate. CBR is used for traffic that does not need to periodically burst to a higher rate, such as nonpacketized voice and audio.


Circuit cross-connect. A JUNOS software feature that allows you to configure transparent connections between two circuits, where a circuit can be a Frame Relay DLCI, an ATM virtual channel (VC), a PPP interface, a Cisco HDLC interface, or an MPLS label-switched path (LSP).


Code Division Multiple Access. Technology for digital transmission of radio signals between, for example, a mobile telephone and a base transceiver station (BTS).


Radio transmission and backbone technology for the evolution to third-generation (3G) mobile networks.


Call Detail Record. A record containing data (such as origination, termination, length, and time of day) unique to a specific call.

CE device

Customer edge device. Router or switch in the customer's network that is connected to a service provider's provider edge (PE) router and participates in a Layer 3 VPN.

cell relay

Data transmission technology based on the use of small, fixed-size packets (cells) that can be processed and switched in hardware at high speeds. Cell relay is the basis for many high-speed network protocols, including ATM and IEEE 802.6.

cell-relay mode

Layer 2 circuit transport mode that sends ATM cells between ATM2 intelligent queuing (IQ) interfaces over an MPLS core network. You use Layer 2 circuit cell-relay transport mode to tunnel a stream of ATM cells over an MPLS or IP backbone. See also AAL5 mode, Layer 2 circuits, standard AAL5 mode, and trunk mode.

cell tax

Physical transmission capacity used by header information when sending data packets in an ATM network. Each ATM cell uses a 5-byte header.

central office

See CO.

certificate authority

See CA.


Compact Forwarding Engine Board. In M7i and M10i routers, provides route lookup, filtering, and switching to the destination port.


Application available from CAIDA that collects an aggregate of sampled flows and sends the aggregate to a specified host running the cflowd application.


Cubic feet per minute. Measure of air flow in volume per minute.

Challenge Handshake Authentication Protocol



Communication circuit linking two or more devices. A channel provides an input/output interface between a processor and a peripheral device, or between two systems. A single physical circuit can consist of one or many channels, or two systems carried on a physical wire or wireless medium. For example, the dedicated channel between a telephone and the central office (CO) is a twisted-pair copper wire. See also frequency-division multiplexed channel and time-division multiplexed channel.

channel service unit



Challenge Handshake Authentication Protocol. A protocol that authenticates remote users. CHAP is a server-driven, three-step authentication mechanism that depends on a shared secret password that resides on both the server and the client.


Chassis daemon. A JUNOS software process responsible for managing the interaction of the router's physical components.

chassis daemon

See chassisd.


Classless interdomain routing. A method of specifying Internet addresses in which you explicitly specify the bits of the address to represent the network address instead of determining this information from the first octet of the address.


Connector Interface Panel. On an M160 router, the panel that contains connectors for the Routing Engines, BITS interfaces, and alarm relay contacts.

cipher block chaining

See CBC.


Committed information rate. The CIR specifies the average rate at which packets are admitted to the network. As each packet enters the network, it is counted. Packets that do not exceed the CIR are marked green, which corresponds to low loss priority. Packets that exceed the CIR but are below the peak information rate (PIR) are marked yellow, which corresponds to medium loss priority. See also trTCM and PIR.

circuit cross-connect

See CCC.


Message advertised into a multicast network by a router configured as a local rendezvous point (RP) in an auto-RP network. A Cisco-RP-Announce message is advertised in dense-mode PIM to the multicast group address.


Message advertised by the mapping agent in an auto-RP network. A Cisco-RP-Discovery message contains the rendezvous point (RP) to multicast group address assignments for the domain. It is advertised in dense-mode PM to the multicast group address.


In class of service (CoS), the examination of an incoming packet that associates the packet with a particular CoS servicing level. There are two kinds of classifiers, behavior aggregate and multifield. See also BA classifier and multifield classifier.


Method of reading a sequence of bits in a packet header or label and determining how the packet should be forwarded internally and scheduled (queued) for output.

classless interdomain routing


class of service

See CoS.

Class Selector code point


class type

In Differentiated-Services-aware traffic engineering, a collection of traffic flows that is treated equivalently in a Differentiated Services domain. A class type maps to a queue and is much like a class-of-service (CoS) forwarding class in concept. It is also known as a traffic class.


(Pronounced "see-lek") Competitive local exchange carrier. Company that competes with the already established local telecommunications business by providing its own network and switching.


Common Language Equipment Identifier. Inventory code used to identify and track telecommunications equipment.


Command-line interface. Interface provided for configuring and monitoring the routing protocol software.

client peer

In a BGP route reflection, a member of a cluster that is not the route reflector. See also nonclient peer.


Connectionless Network Protocol. An ISO-developed protocol for OSI connectionless network service. CLNP is the OSI equivalent of IP.


Connectionless Network Service. A Layer 3 protocol, similar to Internet Protocol version 4 (IPv4). CLNS uses network service access points (NSAP) instead of the prefix addresses found in IPv4 to specify end systems and intermediate systems.


In BGP, a set of routers that have been grouped together. A cluster consists of one system that acts as a route reflector, along with any number of client peers. The client peers receive their route information only from the route reflector system. Routers in a cluster do not need to be fully meshed.


Central office. The local telephone company building that houses circuit switching equipment used for subscriber lines in a given area.

Code Division Multiple Access


command completion

Function of a router's command-line interface (CLI) that allows a user to enter only the most significant characters in any command. Users access this function through the spacebar or Tab key.

command-line interface

See CLI.


JUNOS software command-line interface (CLI) configuration-mode command that saves changes made to a router configuration, verifies the syntax, applies the changes to the configuration currently running on the router, and identifies the resulting file as the current operational configuration.

commit script

Script that enforces custom configuration rules. A script runs each time a new candidate configuration is committed and inspects the configuration. If a configuration breaks your custom rules, the script can generate actions for the JUNOS software.

commit script macro

Sequence of commands that allow you to create custom configuration syntax to simplify the task of configuring a routing platform. By itself, your custom syntax has no operational impact on the routing platform. A corresponding commit script macro uses your custom syntax as input data for generating standard JUNOS configuration statements that execute your intended operation.

committed information rate

See CIR.

Common Language Equipment Identifier



  1. In BGP, a group of destinations that share a common property. Community information is included as one of the path attributes in BGP update messages.

  3. In SNMP, an authentication scheme that authorizes SNMP clients based on the source IP address of incoming SNMP packets, defines which MIB objects are available, and specifies the operations (read-only or read-write) allowed on those objects.


Compact Forwarding Engine Board


competitive local exchange carrier


Complete sequence number PDU


Compressed Real-Time Transport Protocol


Concurrent Versions System

See CVS.


In BGP, a group of systems that appears to external autonomous systems as a single autonomous system.

configuration mode

JUNOS software mode that allows a user to alter the router's current configuration.


BGP neighbor state in which the local router has initiated the TCP session and is waiting for the remote peer to complete the TCP connection.

Connectionless Network Protocol


Connectionless Network Service


Connector Interface Panel

See CIP.

constant bit rate

See CBR.

constrained path

In traffic engineering, a path determined using the CSPF algorithm. The ERO carried in the RSVP packets contains the constrained path information. See also ERO.

Constrained Shortest Path First


context node

Node that the Extensible Stylesheet Language for Transformations (XSLT) processor is currently examining. XSLT changes the context as it traverses the XML document's hierarchy. See also XSLT.

context-sensitive help

Function of the router's command-line interface (CLI) that allows a user to request information on the JUNOS software hierarchy. You can access context-sensitive help in both operational and configuration mode.

contributing routes

Active IP routes in the routing table that share the same most-significant bits and are more specific than an aggregate or generate route.

Control Board

See CB.

control plane

Virtual network path used to set up, maintain, and terminate data plane connections. See also data plane.

Cooperative Association for Internet Data Analysis



Central backbone of the network.


Class of service. Method of classifying traffic on a packet-by-packet basis using information in the type-of-service (ToS) byte to provide different service levels to different traffic.


Customer premises equipment. Telephone, modem, router, or other service provider equipment located at a customer site.

craft interface

Mechanisms used by a Communication Workers of America craftsperson to operate, administer, and maintain equipment or provision data communications. On a Juniper Networks router, the craft interface allows you to view status and troubleshooting information and perform system control functions.

Critical Security Parameters

See CSP.


Compressed Real-Time Transport Protocol. Protocol that decreases the size of the IP, UDP, and RTP headers and works with reliable and fast point-to-point links for voice over IP (VoIP) traffic. Specified in RFC 2509.

Crypto Officer

Superuser responsible for the proper operation of a router running JUNOS-FIPS software.


Class Selector code point. Eight Differentiated Services code point (DSCP) values of the form 'xxx000' (where x may be '0' or '1'). Defined in RFC 2474.


Complete sequence number PDU. Packet that contains a complete list of all the LSPs in the IS-IS database.


Critical Security Parameter. Routers running JUNOS-FIPS software have CSPs of cryptographic keys and passwords that must be protected at all times.


Constrained Shortest Path First. An MPLS algorithm that has been modified to take into account specific restrictions when calculating the shortest path across the network.


Channel service unit/data service unit. A channel service unit connects a digital phone line to a multiplexer or other digital signal device. A data service unit connects a DTE to a digital phone line.

customer edge device

See CE device.

customer premises equipment

See CPE.

Customized Applications of Mobile Enhanced Logic



Concurrent Versions System. A widely used version control system for software development or data archives.