Last Updated: 3/17/26

Table of Contents

  1. Networking Fundamentals
  2. Junos OS Fundamentals
  3. User Interfaces
  4. Configuration Basics
  5. Operational Monitoring and Maintenance
  6. Routing Fundamentals
  7. Routing Policy and Firewall Filters
  8. Glossary

Networking Fundamentals

  • Function of routers and switches

    • Routers use l3 information to forward packets between networks
    • Switches use l2 info to forward packets on the lan

  • Ethernet networks

    • Major concept here is Mac addresses
      • Physical address made up of 48 bits and displayed using hexadecimal format
      • Broadcast address is ffff.ffff.ffff
    • Uses mac addresses to forward ethernet frame
    • Ethernet header + trailing checksum

    • Preamble - Tells the receiving side that a frame is coming and allows synchronization
    • SFD - Start Frame Delimiter - Signals the D-MAC is next
    • Dest MAC - MAC address of the frames destination
    • SRC MAC - MAC address of the frame sender
    • Type - Defines the type of protocol found inside the frame. IE v4 vs v6
    • Data + padding - The frame payload and optional padding to get it to a minimum of 46 bytes in this field.
    • FCS - Frame Check Sequence - Contains a 32 bit CRC which checks for corrupted data

  • Layer 2 addressing, including address resolution Layer 3 / IP addressing including subnet masks

    • ARP - Address resolution protocol acts at layer2 and is a process for mapping mac addresses to IP addresses.

  • IPv4 Fundamentals

    • 32 bit addresses
    • The data unit at layer 3 is called a packet
    • Packet header:

  • IPv6 Fundamentals

    • No broadcast traffic
      • Anycast used instead
    • Made up of 128 bits
    • 8 groups of 4 hex characters
      • For each group you can eliminate leading zeros You can also remove 0 groups that are in order one time using double colon
      • 2001:0FA7:0000:0000:00E2:0000:0000:BEEF
      • Becomes - 2001:FA7::E2:0:0:BEEF
    • Every interface requires a Link local address used for communications on the subnet that the host is connected to
      • will not be forwarded by the router
      • Not guaranteed to be unique
        • DAD - (Deduplicate Address Detection) - check if its unique
      • Assigned from fe80::/10 generally by stateless address autoconfiguration
      • Takes the above prefix, adds some padding and the mac address to automatically configure the link local
    • Routable addresses are assigned from 2000::/3
    • Fragmentation only happens at the source node
    • Header was designed to be simpler and easier to process.

  • Subnetting and supernetting

    • Subnetting is a skill that requires practice but does not require any special knowledge. Practice, practice, practice
    • Supernetting
      • Radix trees used to evaluate prefixes for route filters (follow up on this)

  • Longest match routing

    • An algorithm used by IP routers to select an entry from a routing table. The router uses the longest match to determine the egress interface and the address of the next device to which to send a packet
    • When routing to 192.168.1.10 and you have 192.168.1.0/28 and 192.168.1.0/24 in the routing table the router will use 192.168.1.0/28

  • CoS

    • Class of service allows you to divide traffic into classes and offer various levels of throughput and packet loss when congestion occurs.

  • Connection-oriented vs. connectionless protocols

    • TCP - Connection oriented
      • Uses the three-way handshake to set up a session
      • Syn, syn-ack, ack
      • Receiving side responds with acks after receiving segments (AKA tcp data frame)
        • Window size is beyond the scope of JNCIA
      • Guarantees delivery
    • UDP - Connectionless
      • Ideal for real time communication and streaming media
      • Fast which is what is needed
      • If a packet is dropped it ends up being noise in the stream. IE degraded video for streaming but does not cause a failure

Junos OS Fundamentals

  • Software architecture

    • Each process operates in its own protected memory space
    • Two benefits of the disaggregated Junos OS
      • Platform drivers and forwarding engine are removed from the control plane to increase performance
      • The Architecture facilitates programmability through provisioning the control plane, the data path, and the platform APIs
    • Junos release types
      • R1 - first widely distributed version
      • R2, R3 - maintenance releases
    • Junos version breakdown M.nZb.s
      • M - major release
      • n - minor release
      • Z - type
      • b - build number
      • s - spin number

  • Control and forwarding planes

    • There’s a rate limiter configured by default between the control and forwarding planes
    • Control traffic is given higher priority than exception traffic if the link is congested
    • fxp1, em1, or similar (vs em0 and fxp0 which are oob mgmt)

  • Routing Engine

    • Maintains Routing table
    • Maintains Forwarding table
    • Control/maintain chassis
    • Manages the PFE
    • Provides CLI or web interface

  • Packet Forwarding Engine

    • Implement services
      • Policing, Stateless FW filters, QOS
    • Uses the L2 and L3 forwarding tables to pass traffic
    • Transit traffic processing
    • When a packet arrives and does not match an entry in the forwarding table the PFE drops the packet and sends a destination unreachable icmp reply

  • Exception traffic

    • Destined for the local system
    • Needs an icmp response

User Interfaces

  • CLI modes

    • > user mode
    • % shell mode
    • reached by default when root user connects to the device
    • cli brings the user back to the user mode
    • # configure mode

  • CLI navigation

    • Ctrl + a – beginning of line
    • Ctrl + e – end of line
    • Ctrl + d – delete character under cursor
    • Ctrl + w – delete word left of cursor
    • Ctrl + k – delete everything right of cursor
    • edit “level” -> to go to the specific spot of the config hierarchy
    • up “number” -> to move up in the config hierarchy

  • CLI Help

    • help topic interfaces address -> Written documentation detailing how to configure interface addresses
    • help reference interfaces address -> provides the syntax to configure this
    • help apropos snmp -> all commands with “snmp” in them

  • Filtering output

    • Useful Pipe commands
      • | match - show all lines of output with the given string
      • | find - start output at first instance of string and then everything
        afterwards
      • | count - show how many lines in the given command
        • root@network-hub-1> show interfaces terse | count
        • Count: 49 lines
      • | last - display the last X amount of output
      • | except - anything but the specified string

  • Active versus candidate configuration

    • Active configuration is the config that the device is using
    • Candidate config is where changes are made while in config mode
      • Once committed it becomes the active configuration

  • Reverting to previous configurations

    • root@network-hub-1# rollback 1 — Loads the previous active config into the candidate config

  • Modifying, managing, and saving configuration files Viewing, comparing, and loading configuration files

    • root@network-hub-1# show | compare rollback 0
      • Compares current candidate config to current active config

  • J-Web (core/common functionality only)

    • Same authentication as cli
    • set system services web management http (or https this required for j-web to work)
    • System identity sub page
      • Configurable: Hostname, root password, dns servers, domain name

Configuration Basics

  • Factory-default state

    • Can revert to the factory default with:
    • load factory-default
    • set system root-authentication plain-text-password
    • commit

  • Initial configuration

  • User accounts

    • Member of a single login class

  • Login classes

    • A named container that groups together a set of one or more permission flags
    • Four predefined classes
      • Super-user - all permissions
      • operator - clear, network, reset, trace, view
      • Read-only - view only
      • unauthorized - no permissions

  • User authentication methods

    • Local database
      • Name and password individually for each user
    • Radius and TACACS+
      • Can be mapped to locally defined template users
      • Radius uses udp and encrypts the pass
      • TACACS+ uses tcp and encrypts everything
    • show system authentication-order
      • Goes through the order trying one after the other even on rejects
      • If local authentication is not in the authentication order it is only used if there was no response from the other options

  • Interface types and properties

    • fpc - flexible pic concentrator
    • pic - port interface concentrator
    • Port #
    • ge-{{fpc}}/{{pic}}/{{port#}} - ge-0/0/0
    • When multiple IPs are on an interface belonging to the same subnet you can use preferred to set the ip you want to respond for the interface

  • Configuration groups

    • Use pipe command | display inheritance to show config with any config inherited from config groups included
    • Allows you to separate common config from interface specific config

  • Additional initial configuration elements, such as NTP, SNMP, and syslog

    • SNMP:
      • MIB
        • Used to define managed objects on a network device
        • Designed in a hierarchical tree structure
        • Standard or enterprise specific

  • Configuration archival

  • Logging and tracing

    • By default messages are saved to /var/log including traceoptions

  • Rescue configuration

    • Recommended to contain the minimal configuration needed to allow connectivity
    • save active config as rescue using:
    • request system configuration rescue save
    • rollback rescue
    • commit

  • Interface Configurations

    • All configuration directly under the ge-0/0/0 hierarchy is considered physical configuration. (MTU, lag interface, speed, duplex, encap, etc)
    • All configuration under the unit # is considered logical configuration
      • family inet, family ethernet-switching, aka the protocol on the interface

Operational Monitoring and Maintenance

  • Show commands

    • show chassis routing-engine - shows the RE’s temp, cpu util, memory util, serial, and uptime
    • show system alarms - displays current alarms
    • show interfaces {{ name }}
    • show interfaces terse - shows interfaces and port status along with protocol and IP if it has one
    • show interfaces {{ name }} extensive
      • Shows errors, physical counters
    • Monitor interface {{ name }}
      • Shows realtime info on packet and byte counters
      • Error and alarms
    • monitor interface traffic – to see traffic on all interfaces in real time

  • Interface statistics and errors

  • Network tools, such as ping, traceroute, telnet, SSH, etc

    • ping sends continues icmp messages to specified destination
    • monitor traffic - captures traffic headed to the RE
      • Can save these using write-file option and then open in wireshark
    • traceroute -
      • Transmits UDP Packets
      • Receives ICMP time-exceeded packets

  • Junos OS installation and upgrades

    • request system software add {{ image name }} – to upgrade
    • Need to reboot the device afterwards
    • Unified in-service software upgrade ISSU
      • Enables you to upgrade between two different Junos OS releases with no disruption on the control plane
      • Only supported on dual RE platforms
      • Require Nonstop active routing (NSR)
        • Basically runs the routing daemons on the backup RE
      • Step 1: Enable GRES and NSR and verify the re’s are synced
      • Step 2: Download the image
      • Step 3: request system software in-service-upgrade - on the primary RE

  • Storage operations

    • show system storage – make sure there’s space for another image
    • request system storage cleanup
    • request system zeroize - clears config along with all logs
      • Add media option to sanitize all storage on the device

  • Powering on and shutting down Junos devices

  • Root password recovery

    • Requires a console connection
    • Can be disabled with: set system ports console insecure
    • Steps for password recovery
      • Step 1: Reboot the system
        • Press space bar when prompted
        • Enter boot -s to access single user mode
      • Step 2: Enter recovery when prompted to go into recovery mode
      • Step 3: Configure root password
      • Step 4: commit and-quit and reboot when prompted

Routing Fundamentals

  • Traffic forwarding concepts

  • Routing tables

    • Common tables
      • inet.0 - used for ipv4 unicast routes
      • inet.1 - used for multicast forwarding cache
      • inet.4 - used for Multicast BGP routes for rpf checking
      • inet.3 - used for mpls path info
      • inet.4 - used for MSDP route entries
      • inet6.0 - used for ipv6 unicast routes

  • Routing versus forwarding tables

  • Route preference

    • Juniper’s way of saying administrative distance
    • Used to differentiate routes learned from different protocols
    • Values
      • Direct : 0
      • Local : 0
      • Static : 5
      • Ospf : 10
      • RIP : 100
      • BGP : 170

  • Routing instances - A collection of routing tables, interfaces, and routing protocol parameters. The set of interfaces belongs to the routing tables, and the routing protocol parameters control the information in the routing tables.

  • Static routing

    • Need a valid next hop
      • Ip address of interface on neighboring router
      • Egress port
      • bit bucket (reject/discard)
    • Qualified next hop function
      • If primary becomes unavailable use defined next hop with a higher preference value

  • Advantages of and use cases for dynamic routing protocols

    • Less administrative overhead
    • Dynamically route around failures

  • OSPF

    • Link state protocol
      • Faster reconvergence
      • Support larger networks
      • Less susceptible to insufficient routing info than distant vector
    • Main objectives of a link state protocol
      • Reliably flood link-state info to neighbors
      • Create a complete database of the network
      • Calculate the best path to each destination
    • LSAs (Link State Advertisements)
      *
    • LSDB (Link-State Database)
      • Stores the LSAs as a series of records
    • Areas
      • Uses Areas to incorporate hierarchy and enable scalability
      • Software can summarize routing info from an OSPF area and pass it to the rest of the network
      • Each OSPF router maintains a separate LSDB for each area its a part of
        • LSDB is identical for all participating routers in an area
      • All areas must connect to area 0
      • All data traffic between areas, must transit the backbone area
    • Neighbor Adjacency States
      • Attempt
      • Down
      • Exchange
      • ExStart
      • Full - up and running
      • Init
      • Loading
      • 2-way
    • Display Commands
      • show route protocol ospf

  • IPv6 routing

    • Enabling on interface using family inet6
      • Once enabled the link-local ip is configured and the interface will now process IPv6 traffic
    • To configure a v6 static route
      • set routing-options rib inet6.0 static route 2001::0/20 next-hop 2001::1
      • Need to include the inet6.0 routing table for v6
      • You can use a link local address as the next-hop but will need to include the interface as well
    • Ospfv3 or Ospf for v6
      • Fundamentally no different than vanilla ospf
      • Config is the same syntax as vanilla ospf just being done under protocol ospf3 vs protocol ospf

Routing Policy and Firewall Filters

  • Default routing policies

    • OSPF
      • Import - Accept all OSPF routes and import into the inet.0 routing table
      • Export - Reject everything. (The protocol uses flooding to announce local routes and any learned routes.)
    • BGP
      • Import - Accept all received BGP IPv4 routes learned from configured neighbors and import into the inet.0 routing table. Accept all received BGP IPv6 routes learned from configured neighbors and import into the inet6.0 routing table.
      • Export - Readvertise all active BGP routes to all BGP speakers, while following protocol-specific rules that prohibit one IBGP speaker from readvertising routes learned from another IBGP speaker, unless it is functioning as a route reflector.

  • Import and export policies

  • Routing policy flow

  • Effect of policies on routes and routing tables

  • Policy structure and terms

  • Policy match criteria, match types, and actions

  • Firewall filter concepts

    • aka acls
    • Stateless filter
      • Does not detect connections
      • Looks at each packet
      • Needs to be applied on egress and ingress
    • Stateful
      • Keeps state
      • Only needs to permit traffic in one direction

  • Filter structure and terms

    • Default action of firewall filters is discard
    • The order of terms in a filter is important

  • Filter match criteria and actions

    • Match Conditions for firewall filters
      • Numeric range, Address, Bit-field
    • Terminating Actions
      • accept - accept the packet and continue the in/out processing
      • discard - silently drop the packet without responding to source
      • reject - Causes the system to discard the packet and send an icmp message back to the source address
    • Other Actions
      • next term - causes junos os to evaluate the next term
        • Can be used to set a policer or dscp value and then continue to evaluate the traffic in the rest of the filter
      • action modifiers - count, log, syslog, policer, forwarding-class

  • Firewall operational commands

    • show firewall counter filter {{filter_name}} {{counter_name}}

  • Policing

    • Rate limiting
    • Work with firewall filters to stop ddos attacks

  • Unicast reverse-path-forwarding (RPF)

    • Don’t run it on ports where you don’t need it because it eats up control plane resources
    • Strict mode - The packet is not accepted when either:
      • The packet has a source address that does not match a prefix in the routing table.
      • The interface does not expect to receive a packet with this source address prefix.
    • Loose mode - The packet is not accepted when the packet has a source address that does not match a prefix in the routing table.

Glossary

  • Junos Architecture & Operations

    • RE (Routing Engine): The “brain” of the device. It handles the control plane, running the Junos OS, managing routing tables, and controlling the user interface (CLI).
    • PFE (Packet Forwarding Engine): The “brawn” of the device. It handles the data plane, performing hardware-based packet switching, filtering, and queuing.
    • Transit Traffic: Traffic that enters one port and exits another. This is handled entirely by the PFE.
    • Exception Traffic: Traffic destined for the device itself (e.g., SSH, BGP updates, or ICMP). This is passed from the PFE to the RE for processing.
    • Active vs. Candidate Configuration: Junos uses a “check-out” system. You edit a Candidate config; it does not take effect until you Commit it to become the Active config.

  • Interface Terminology

    • FPC (Flexible PIC Concentrator): A physical slot or card in a chassis (e.g., ge-0/x/x).
    • MAC: Typically referring to the mac address, the layer 2 address used to for frames in a broadcast domain.
    • Logical Unit: In Junos, you must define a logical unit (usually unit 0) even for physical interfaces to assign an IP address.
    • Family: Defines the protocol stack on an interface. Common types include inet (IPv4), inet6 (IPv6), and mpls.

  • Routing & Protocols

    • RT (Routing Table): The master list of all paths learned by the RE (e.g., inet.0 for IPv4).
    • FT (Forwarding Table): A streamlined version of the RT sent down to the PFE for high-speed lookups.
    • Route Preference: Juniper’s term for Administrative Distance. Lower numbers are more preferred (e.g., Direct = 0, OSPF = 10, BGP = 170).
    • Routing Policy: Used to control the flow of routing information into or out of the Routing Table.