admiralarjun Intro Based on FreeBSD Unix Functionalities are compartmentalized into multiple software processes. So they run in it’s own protected memory space. So if a single process fails, the entire system doesn’t go down. Control Plane Routing Engine (RE) The brain of the device that performs protocol updates and system management Based on x86 or PowerPC architecture. Maintains routing tables, bridging tables and primary forwarding table. Routing Table (RT) contains all known routes as Routing table (1 or more) and the active routes are present in Forwarding Table (FT). FT is built by RT. A copy of FT is sent to the Packet Forwarding Engine via the internal link. Also responsible for controlling interfaces, chassis components, system management and access to the device. Provides CLI and J-Web GUI. Forwarding Plane Packet Forwarding Engine (PFE) Runs on separate hardware from that of the Routing Engine giving hardware-level isolation for fault tolerance. Forwards transit traffic (Any traffic that enter via one interface goes out into another, The current router is not the destination.) through the device. Receives copy of FT via Internal Link. Updates are incremental meaning only the changes made are copied each time instead of full info. Since the PFE have copy of RT, RE remains undisturbed for each and every lookup as it’s the brain of the device it should not be dumped up. In Some cases its uses ASICs - Application Specific Integrated Circuits for better performance. Provides services like Rate Limiting, Stateless Firewall filters, Class of Service (CoS) Protocol Daemons Each process that runs in its own protected memory space is known as a daemon. Each daemon has a specific function. Few important Daemons includes: rpd - Routing Protocol Daemon: Provides routing protocol intelligence. dcd - Device Control Deamon: Managing interfaces. mgd - Management Daemon: Provides CLI alarmd - System alarm notifications syslogd - System Log Daemon: For logging activities and functions Can view Daemons by a command - show system processes Transit Traffic Enters an ingress port, is compared against the forwarding table (FT) and is finally forwarded out an egress port. for the traffic to be forwarded, the forwarding table must have an entry for the destination else the packet is dropped. Transit traffic is handled only by the forwarding plane. Transit traffic can be either unicast or multicast too. Exception Traffic Does not pass through the local device but requires special handling. Any traffic that is destined to terminate on the Junos Device itself, meaning when the device is the destination for that traffic. Eg, Ping a Junos device, this ping packet should terminate within that device right. SSH into a Junos device, the traffic should end with that right. Packets addressed to the chassis such as routing protocol updates, traceroute TCP/IP packets with the IP options field, by setting this options field you request for a special handling on that packet. So if the “IP option” field is set, it’s also a exception traffic. All traffic destined to the RE is sent over the internal link which is rate limited to protect against DoS. This rate limiter is not configurable.