Cisco versus Juniper
There have been many write-ups comparing Cisco and Juniper systems, so I feel confident that this will be grossly inadequate and incomplete. There are numerous differences in the forwarding (data) plane which would be hardware dependent, and feel like comparing apples and tomatoes, so I will ignore those for this discussion. The control plane, at least for the standards-based protocols, is similar. When there are differences, my experience is that Juniper tends to follow the standards more closely for various reasons. I will mostly ignore these differences as well. Therefore, I will focus on the management plane differences, which admittedly has had a great deal of exposure. And, contrary to my personality, I will even offer an opinion on my preference. :-)
CLI Modes
In Cisco, there are three modes. They are user, privileged (enabled), and configuration. The user and privileged modes hale to a time of local user accounts and privilege levels. Today, when using a centralized AAA system, it is very common to immediately be placed in privileged mode. The user mode allows a very minimal list of “show” commands. The privileged mode (level 15) allows access, by default, to all “show” commands along with “clear” commands, etc. The configuration mode allows altering the configuration. Different flavors of IOS may or may not allow show commands from the configuration mode.
In Juniper, there are two modes for the JunOS CLI. They are operational, and configuration. The operational mode is used for showing the state of the system, including status of the control plane, etc., as well as “clear” commands, reboot commands, etc. The configuration mode, as the name implies, is used for altering the configuration or viewing the configuration (although the configuration can be seen from the operational mode also). From the configuration mode, operational commands can be executed by prefacing them with “run”. There is a great guide here:
Configuration Concepts
In Cisco, there are two configurations. One is the running configuration, and the other is the “startup” configuration. The startup configuration is loaded when the router or switch reboots, as the default configuration. The running-configuration is the actively running configuration.
When in configuration mode, changes take immediate impact on the running configuration. This means that the configuration changes are executed in a line-by-line basis. Some configuration changes may create problems if they are all related, and need to be completed as a group. In such circumstances, they can be loaded as a file.
Resetting the configuration of a Cisco device to factory defaults means erasing the startup-configuration and rebooting the device.
Any changes made to the configuration of a Cisco device must be written to the startup-configuration so that the configuration will be loaded when the router reboots.
On a Juniper device, there are also two configurations. One is the active configuration, while the other is the candidate configuration. The active configuration is the one that is actively being used by the device. Any changes made in the configuration mode will be made to the candidate configuration, and will not become active until the configuration is committed. The active configuration is also saved so that it will be used on startup, so there is no concept of saving the configuration. Additionally, when the configuration is committed, a rollback copy is created. The Juniper will retain 50 previous configurations. A rollback can be done by simply rolling back to any of the previous configurations and recommitting. Additionally, there is a concept of “commit confirmed” in which the router will commit the current candidate configuration, wait a set period of time, and if it does not receive confirmation via an additional command, it will automatically rollback the configuration. This is a very useful and powerful feature when making potentially impacting changes on devices which are directly or indirectly managed in-band.
Resetting a Juniper device to factory defaults means loading the factory defaults via “load factory-default”, setting the root authentication password, and then committing the configuration. It is not necessary to reboot the device. On Juniper there is an additional configuration called the “rescue” configuration. This configuration can be set by the administrator, and contains the minimum functional configuration to allow the system to be rescued if something goes grossly wrong, such as impacting the authentication.
There is an additional feature on Juniper systems. The administrator can deactivate an entire section of the configuration. This allows the configuration to still exist, but not be used as part of the active configuration. This is useful for testing or staging configuration sections. You can also disable certain sections or configurations, leaving other parts intact. On Cisco, you must remove a configuration section if you do not want it to be used.
Configuration Tree
On a Cisco router, the configuration is very wide and shallow. That is to say, almost all the configuration options are available without going very deep in the configuration tree. Without enabling any additional features, the Cisco router has more than 100 options from the global configuration mode. This can be useful when unsure of the proper configuration option, but is overwhelming when scrolling through such a long list.
CiscoRouter(config)# ?
? aaa??????????????????? Configure aaa functions
? acllog???????????????? Configure ACL logging
? analytics????????????? Feature Analytics
? apply????????????????? Apply a config-profile
? archive??????????????? Configuration archive
? as-format????????????? Configure the router's Autonomous system number (ASN)
???????????????????????? notation
? banner???????????????? Configure banner message
? bloggerd?????????????? Blogger commands
? boot?????????????????? Configure boot mode
? boot?????????????????? Configure boot variables
? callhome?????????????? Enter the callhome configuration mode
? cdp??????????????????? Configure CDP parameters
? cfs??????????????????? CFS configuration commands
? chassis??????????????? Chassis configuration
? class-map????????????? Configure a class map
? cli??????????????????? Configure CLI commands
? clock????????????????? Clock
? congestion-control???? Congestion control protocol
? control-plane????????? Enter to control-plane sub-mode
? copp?????????????????? Control-Plane Policing
? crypto???????????????? Set crypto settings
? debug????????????????? Debugging functions
? default??????????????? Rollback to default configuration
? diagnostic???????????? Diagnostic commands
? ecp??????????????????? ECP (Edge Control Protocol)
? email????????????????? Configure pipe email
? errdisable???????????? Error disable
? event????????????????? Event Manager commands
? evpn?????????????????? VxLAN evpn feature
? fabric???????????????? Fabric
? feature??????????????? Command to enable/disable features
? feature-set??????????? Enable feature-set
? fips?????????????????? Enable/Disable FIPS mode
? hardware?????????????? Hardware Internal Information
? hardware?????????????? Hardware internal mtc-usd ttag-eth-type <ethtype>
? hostname?????????????? Configure system's host name
? hw-module????????????? Enable/Disable OBFL information
? icam?????????????????? Intelligent CAM
? install??????????????? Install a feature-set
? interface????????????? Configure interfaces
? ip???????????????????? Configure IP features
? ipv4?????????????????? Configure IP features
? ipv6?????????????????? Configure IPv6 features
? ipv6?????????????????? Display IPv6 information
? key??????????????????? Key Management
? key-chain????????????? Keychain Management
? l2protocol???????????? Layer 2 Protocol
? l2rib????????????????? Layer 2 routing information base
? lcnd?????????????????? LCND configuration
? license??????????????? License related commands
? line?????????????????? Configure a terminal line
? logging??????????????? Modify message logging facilities
? login????????????????? Login
? m2rib????????????????? Configure m2rib
? mac??????????????????? MAC configuration commands
? mac-learn????????????? Mac Learning disable/enable
? mac-list?????????????? Build a mac list
? monitor??????????????? Configure Ethernet SPAN sessions
? mpls?????????????????? MPLS information
? mpls?????????????????? MPLS access-list configuration commands
? mts??????????????????? MTS component
? multicast????????????? Multicast
? mvr-config???????????? Enable IGMP MVR
? no???????????????????? Negate a command or set its defaults
? ntp??????????????????? NTP configuration
? nv???????????????????? Command to enable/disable features
? object-group?????????? Configure ACL object groups
? param-list???????????? Configure a parameter list
? password?????????????? Password for the user
? personality??????????? Config Personality
? platform?????????????? Platform configuration commands
? pnp??????????????????? Plug and play
? policy-map???????????? Configure a policy map
? port-channel?????????? Configure port channel parameters
? port-profile?????????? Configure a port-profile
? power????????????????? Configure power supply
? priority-flow-control? Global priority-flow-control settings
? priority-flow-control? Pfc related commands
? python???????????????? Run a python command/script, or enter python mode (if
???????????????????????? no arg)
? qos??????????????????? QoS Global Commands
? radius-server????????? Configure RADIUS related parameters
? rate-limit???????????? Set packet per second rate limit
? resequence???????????? Resequence a list with sequence numbers
? rmon?????????????????? Remote Monitoring
? role?????????????????? Configure roles
? route????????????????? Display routing information
? route-map????????????? Create route-map or enter route-map command mode
? router???????????????? Enable a routing process
? router-guard?????????? Configures router guard for all interfaces
? service??????????????? Service
? show?????????????????? Show running system information
? sleep????????????????? Sleep for the specified number of seconds
? slot?????????????????? Configure a slot
? snmp?????????????????? Configure snmp
? snmp-server??????????? Configure snmp server
? sockets??????????????? Negate a command or set its defaults
? spanning-tree????????? Spanning Tree Subsystem
? ssh??????????????????? SSH to another system
? switching-mode???????? Configure the operating switching-mode of asics
? switchname???????????? Configure system's host name
? system???????????????? System configuration commands
? system???????????????? System Management Commands
? system???????????????? System Management commands
? system???????????????? System management commands
? telnet???????????????? Telnet login
? terminal?????????????? Configure terminal settings
? test?????????????????? Test commad
? test?????????????????? Test command
? time-range???????????? Define time range entries
? track????????????????? Object tracking deletion command
? ucs-infra????????????? Configure VLAN id and IPV6 address
? udf??????????????????? Define the User Defined Field (UDF)
? user?????????????????? Configure system-wide user settings
? username?????????????? Configure user information.
? userpassphrase???????? User passphrase
? vdc??????????????????? Manage Virtual Device Context
? virtual-service??????? Virtual service global settings
? vlan?????????????????? Vlan commands
? vrf??????????????????? Configure VRF parameters
? wedge????????????????? Configure wedge Board Management controller ip address
? xml??????????????????? Xml agent
? end??????????????????? Go to exec mode
? exit?????????????????? Exit from command interpreter
? pop??????????????????? Pop mode from stack or restore from name
? push?????????????????? Push current mode to stack or save it under name
? where????????????????? Shows the cli context you are in
CiscoRouter(config)#
There is a concept on some Cisco devices of profiles, which creates a single level of inheritance. The profile can define default options which can be overridden at the more specific level.
Showing the configuration with all default options (“show running-config all”) produces a VERY LONG configuration, especially if the details are part of the global configuration.
CiscoRouter(config)# show running-config interface eth1/1 all
!Command: show running-config interface Ethernet1/1 all
!Running configuration last done at: Tue Aug 16 13:40:00 2022
!Time: Tue Aug 16 13:41:43 2022
version 9.3(5) Bios:version
interface Ethernet1/1
? no description
? cdp enable
? no switchport
? priority-flow-control mode auto
? priority-flow-control watch-dog-interval off
? buffer-boost
? flowcontrol receive off
? flowcontrol send off
? delay 1
? snmp trap link-status
? mtu 1500
? link debounce time 100
? no beacon
? no link transmit reset-skip
? link mac-up timer 0
? speed auto
? duplex auto
? fec auto
? link dfe adaptive-tuning
? no link loopback
? negotiate auto
? logging event port link-status default
? logging event port trunk-status default
? storm-control broadcast level 100.00
? storm-control multicast level 100.00
? storm-control unicast level 100.00
? no storm-control action
? bandwidth 1000000
? no bandwidth inherit
? load-interval counter 1 30
? load-interval counter 2 300
? no load-interval counter 3
? no switchport block multicast
? no switchport block unicast
? no mac-address
? medium broadcast
? no switchport mac-learn disable
? no shutdown lan
? ip address 10.0.0.2/24
? no shutdown
CiscoRouter(config)#
On Juniper, the configuration is much more organized into sections. There are roughly 30 classes of configurations, such as “interfaces”, “system”, “protocols”, etc. It is likely that the average configuration will not use more than 10 of those. Since they are organized into groups, it is much easier to find the correct configuration object.
领英推荐
[edit]
admin@WANBPE# set ?
Possible completions:
> access?????????????? Network access configuration
> access-profile?????? Access profile for this instance
> accounting-options?? Accounting data configuration
> applications???????? Define applications by protocol characteristics
+ apply-groups???????? Groups from which to inherit configuration data
> bridge-domains?????? Bridge domain configuration
> chassis????????????? Chassis configuration
> class-of-service???? Class-of-service configuration
> diameter???????????? Diameter protocol layer
> dynamic-profiles???? Dynamic profiles configuration
> event-options??????? Event processing configuration
> fabric?????????????? Fabric configuration
> firewall???????????? Define a firewall configuration
> forwarding-options?? Configure options to control packet forwarding
> groups?????????????? Configuration groups
> interfaces?????????? Interface configuration
> jsrc???????????????? JSRC partition configuration
> jsrc-partition?????? JSRC partition configuration
> logical-systems????? Logical systems
> multi-chassis??????? Multi-chassis configuration
> multicast-snooping-options? Multicast snooping option configuration
> poe????????????????? Power over Ethernet options
> policy-options?????? Policy option configuration
> protocols??????????? Routing protocol configuration
> routing-instances??? Routing instance configuration
> routing-options????? Protocol-independent routing option configuration
> security???????????? Security configuration
> services???????????? Service PIC applications settings
> session-limit-group? Session-limit-group configuration
> snmp???????????????? Simple Network Management Protocol configuration
> switch-options?????? Options for default routing-instance of type virtual-switch
> system?????????????? System parameters
> unified-edge???????? Unified edge configuration
> virtual-chassis????? Virtual chassis configuration
> vmhost?????????????? VM Host configurations
[edit]
admin@WANBPE#
There are several levels of configuration inheritance, based on where a “group” configuration is applied. The more specific the configuration (meaning the more specific) the higher the priority in the applied configuration. The actual configuration including the inherited values can all be viewed together via “show | display inheritance”. Adding “default” to the end of the command will show the default configuration options. Because the configuration tree is more organized, the inheritance displayed will be more specific to what you want to see.
Routing Protocols
On Cisco, routing tables are organized by VRFs. Populating a routing table via redistribution can be done with a single command. Route-maps can be configured to allow filtering or altering the details when moving routes between protocols. For example, on a Nexus 9000v, there are 14 items against which an administrator can match, plus another 4 for IP address matching. Reordering the route-map usually requires re-writing it, and switching. Renaming a VRF usually means removing the entire configuration related to the VRF, and build a new configuration. Re-ordering an ACL used to require rewriting the ACL. However, with seq numbers, it is possible to do some reordering.
CiscoRouter(config)# route-map test
CiscoRouter(config-route-map)# match ?
? as-number??????? Match BGP peer AS number
? as-path????????? Match BGP AS path list
? community??????? Match BGP community list
? evpn???????????? Match BGP EVPN Routes
? extcommunity???? Match BGP community list
? interface??????? Match first hop interface of route
? ip?????????????? Configure IP features
? ipv6???????????? Configure IPv6 features
? mac-list???????? Match entries of mac-lists
? metric?????????? Match metric of route
? ospf-area??????? Match ospf area
? route-type?????? Match route-type of route
? source-protocol? Match source protocol
? tag????????????? Match tag of route
CiscoRouter(config-route-map)# match ip ?
? address?????? Match address of route or match packet
? multicast???? Match multicast attributes
? next-hop????? Match next-hop address of route
? route-source? Match advertising source address of route
CiscoRouter(config)#
On a Juniper, the routing tables are organized by routing-instance, and protocol. It is possible to utilize another routing table and mix routes between tables in a couple different ways. Redistribution between routing protocols is done via import and export policies. These policies can be have nearly 50 different matching items. Redistributing anything between any protocols will require a policy, which sometimes can be cumbersome. However, the policy can be as simple as a single line, “accept”, which permits everything. Altering that policy in the future is rather simple. Reordering policies can be done rather easily using the “insert” command. The same holds for so-called firewall rules (ACLs), which can be reordered or altered, or renamed without recreating the rule. Any object, including a routing-instance (VRF) can be renamed without destroying and recreating.
admin@WANBPE# set policy-options policy-statement test term final from ?
Possible completions:
? aggregate-contributor? Match more specifics of an aggregate
+ apply-groups???????? Groups from which to inherit configuration data
+ apply-groups-except? Don't inherit configuration data from these groups
? area???????????????? OSPF area identifier
+ as-path????????????? Name of AS path regular expression (BGP only)
> as-path-calc-length? Number of BGP ASes excluding confederations
+ as-path-group??????? Name of AS path group (BGP only)
> as-path-unique-count? Number of unique BGP ASes excluding confederations
? color??????????????? Color (preference) value
? color2?????????????? Color (preference) value 2
+ community??????????? BGP community
> community-count????? Number of BGP communities
+ condition??????????? Condition to match on
> external???????????? External route
? family
? instance???????????? Routing protocol instance
? instance-any???????? Any routing protocol instance
+ instance-list??????? A list of routing protocol instances
+ interface??????????? Interface name or address
? level??????????????? IS-IS level
? local-preference???? Local preference associated with a route
? metric?????????????? Metric value
? metric2????????????? Metric value 2
? metric3????????????? Metric value 3
? metric4????????????? Metric value 4
> multicast-scope????? Multicast scope to match
+ neighbor???????????? Neighboring router
+ next-hop???????????? Next-hop router
? next-hop-type??????? Next-hop type
+ nlri-route-type????? Route type from NLRI (1..10)
? origin?????????????? BGP origin attribute
+ policy?????????????? Name of policy to evaluate
? preference?????????? Preference value
? preference2????????? Preference value 2
> prefix-list????????? List of prefix-lists of routes to match
> prefix-list-filter?? List of prefix-list-filters to match
+ protocol???????????? Protocol from which route was learned
? rib????????????????? Routing table
+ route-distinguisher? Name of the route-distinguisher
> route-filter???????? List of routes to match
> route-filter-list??? List of route-filter-lists of routes to match
? route-type?????????? Route type
> rtf-prefix-list????? List of rtf-prefix-lists of routes to match
> source-address-filter? List of source addresses to match
> source-address-filter-list? List of source-address-filter-lists of routes to match
? state??????????????? Route state
+ tag????????????????? Tag string
? tag2???????????????? Tag string 2
> traffic-engineering? Traffic-Engineering related parameters
? validation-database? Name to identify a validation-state
[edit]
admin@WANBPE#
Here is an example of creating, reordering and renaming objects.
[edit]
admin@WANBPE# set policy-options policy-statement test term final then accept
[edit]
admin@WANBPE# set policy-options policy-statement test term new then reject
[edit]
admin@WANBPE# show policy-options | display set
set policy-options policy-statement test term final then accept
set policy-options policy-statement test term new then reject
[edit]
admin@WANBPE# insert policy-options policy-statement test term new before term final
[edit]
admin@WANBPE# show policy-options | display set
set policy-options policy-statement test term new then reject
set policy-options policy-statement test term final then accept
[edit]
admin@WANBPE# rename policy-options policy-statement test to policy-statement MyPolicy
[edit]
admin@WANBPE# rename policy-statement MyPolicy term final to term notfinal
[edit]
admin@WANBPE# show policy-options | display set
set policy-options policy-statement MyPolicy term new then reject
set policy-options policy-statement MyPolicy term notfinal then accept
[edit]
admin@WANBPE#
Show and Debug Commands
The Cisco device has almost 150 options under “show”, sometimes making it very difficult to find the correct option to display the required information if looking for something uncommon. The information displayed is usually adequate, but is not always sufficient, so debugging may be required. The debug commands spit data directly to the terminal, and may impede the ability of the administrator to stop the debug, so great care must be taken when enabling debug on a Cisco device. Most administrators very rarely, if ever use debug options for this reason.
CiscoRouter# show ip bgp neighbors 10.0.0.1
BGP neighbor is 10.0.0.1, remote AS 65000, ebgp link, Peer index 3
? BGP version 4, remote router ID 172.16.0.1
? Neighbor previous state = OpenConfirm
? BGP state = Established, up for 00:49:18
? Neighbor vrf: default
? Peer is directly attached, interface Ethernet1/1
? Last read 00:00:02, hold time = 9, keepalive interval is 3 seconds
? Last written 0.979338, keepalive timer expiry due 00:00:02
? Received 1198 messages, 1 notifications, 0 bytes in queue
? Sent 1192 messages, 0 notifications, 0(0) bytes in queue
? Enhanced error processing: On
??? 0 discarded attributes
? Connections established 2, dropped 1
? Last reset by peer 00:49:29, due to session cleared
? Last error length received: 0
? Reset error value received 0
? Reset error received major: 6 minor: 4
? Notification data received:
? Last reset by us never, due to No error
? Last error length sent: 0
? Reset error value sent: 0
? Reset error sent major: 0 minor: 0
? Notification data sent:
? Neighbor capabilities:
? Dynamic capability: advertised (mp, refresh, gr)
? Dynamic capability (old): advertised
? Route refresh capability (new): advertised received
? Route refresh capability (old): advertised received
? 4-Byte AS capability: advertised received
? Address family IPv4 Unicast: advertised received
? Graceful Restart capability: advertised received
? Graceful Restart Parameters:
? Address families advertised to peer:
??? IPv4 Unicast
? Address families received from peer:
? Forwarding state preserved by peer for:
? Restart time advertised to peer: 120 seconds
? Stale time for routes advertised by peer: 300 seconds
? Restart time advertised by peer: 120 seconds
? Additional Paths capability: received
? Additional Paths Capability Parameters:
? Receive capability received from Peer for AF:
??? IPv4 Unicast
? Extended Next Hop Encoding Capability: advertised
? Message statistics:
????????????????????????????? Sent?????????????? Rcvd
? Opens:???????????????????????? 2????????????????? 2
? Notifications:???????????????? 0????????????????? 1
? Updates:?????????????????????? 4????????????????? 6
? Keepalives:???????????????? 1188?????????????? 1189
? Route Refresh:???????????????? 0????????????????? 0
? Capability:??????????????????? 0????????????????? 0
? Total:????????????????????? 1192?????????????? 1198
? Total bytes:?????????????? 22674????????????? 22834
? Bytes in queue:??????????????? 0????????????????? 0
? For address family: IPv4 Unicast
? BGP table version 8, neighbor version 8
? 1 accepted prefixes (1 paths), consuming 240 bytes of memory
? 0 received prefixes treated as withdrawn
? 1 sent prefixes (1 paths)
? Last End-of-RIB sent 00:00:01 after session start
? First convergence 00:00:01 after session start with 1 routes sent
? Local host: 10.0.0.2, Local port: 28774
? Foreign host: 10.0.0.1, Foreign port: 179
? fd = 66
Cisco has a watch command which is very similar to the Linux equivalent, allowing a command to be repeated multiple times, highlighting the differences. This can be very helpful during maintenance windows or for troubleshooting.
CiscoRouter# watch differences interval 10 show ip bgp sumary
Every 10.0s:? vsh -c "show ip bgp sum"???? CiscoRouter: Tue Aug 16 14:10:59 2022
BGP summary information for VRF default, address family IPv4 Unicast
BGP router identifier 172.16.1.1, local AS number 65001
BGP table version is 8, IPv4 Unicast config peers 1, capable peers 1
2 network entries and 2 paths using 488 bytes of memory
BGP attribute entries [2/344], BGP AS path entries [1/6]
BGP community entries [0/0], BGP clusterlist entries [0/0]
Neighbor??????? V??? AS MsgRcvd MsgSent?? TblVer? InQ OutQ Up/Down? State/PfxRcd
10.0.0.1??????? 4 65000??? 1172??? 1166??????? 8??? 0??? 0 00:47:58 1
On a Juniper device, there are about 110 options under show. Like Cisco, finding details can be difficult if the administrator is not familiar with the commands. However, almost all commands have two additional options: “detailed”, and “extensive”. Detailed is often the default, and gives adequate information. Extensive lists a very large amount of information which may make debugging unnecessary. The following shows a BGP connection with multiple address families.
admin@JuniperRouter> show bgp neighbor 192.168.1.1
Peer: 192.168.1.1+179 AS 101?? Local: 192.168.1.3+49218 AS 101
? Group: WAN?????????????????? Routing-Instance: master
? Forwarding routing-instance: master
? Type: Internal??? State: Established??? Flags: <Sync>
? Last State: OpenConfirm?? Last Event: RecvKeepAlive
? Last Error: Cease
? Options: <Preference LocalAddress AddressFamily PeerAS LocalAS Rib-group Refresh>
? Address families configured: inet-vpn-unicast inet6-vpn-unicast
? Local Address: 192.168.1.3 Holdtime: 90 Preference: 170 Local AS: 101
? Local System AS: 0
? Number of flaps: 2
? Last flap event: Stop
? Error: 'Cease' Sent: 2 Recv: 0
? Peer ID: 192.168.1.1???? Local ID: 192.168.1.3?????? Active Holdtime: 90
? Keepalive Interval: 30???????? Group index: 0??? Peer index: 0??? SNMP index: 0
? I/O Session Thread: bgpio-0 State: Enabled
? BFD: disabled, down
? NLRI for restart configured on peer: inet-vpn-unicast inet6-vpn-unicast
? NLRI advertised by peer: inet-vpn-unicast inet6-vpn-unicast
? NLRI for this session: inet-vpn-unicast inet6-vpn-unicast
? Peer supports Refresh capability (2)
? Stale routes from peer are kept for: 300
? Peer does not support Restarter functionality
? Restart flag received from the peer: Notification
? NLRI that restart is negotiated for: inet-vpn-unicast inet6-vpn-unicast
? NLRI of received end-of-rib markers: inet-vpn-unicast inet6-vpn-unicast
? NLRI of all end-of-rib markers sent: inet-vpn-unicast inet6-vpn-unicast
? Peer does not support LLGR Restarter functionality
? Peer supports 4 byte AS extension (peer-as 101)
? Peer does not support Addpath
? Table bgp.l3vpn.0
??? RIB State: BGP restart is complete
??? RIB State: VPN restart is complete
??? Send state: not advertising
??? Active prefixes:????????????? 1
??? Received prefixes:??????????? 1
??? Accepted prefixes:??????????? 1
??? Suppressed due to damping:??? 0
? Table bgp.l3vpn-inet6.0
??? RIB State: BGP restart is complete
??? RIB State: VPN restart is complete
??? Send state: not advertising
??? Active prefixes:????????????? 1
??? Received prefixes:??????????? 1
??? Accepted prefixes:??????????? 1
??? Suppressed due to damping:??? 0
? Table GRT0.inet.0 Bit: 40000
??? RIB State: BGP restart is complete
??? RIB State: VPN restart is complete
??? Send state: in sync
??? Active prefixes:????????????? 1
??? Received prefixes:??????????? 1
??? Accepted prefixes:??????????? 1
??? Suppressed due to damping:??? 0
??? Advertised prefixes:????????? 1
? Table GRT6.inet6.0 Bit: 50000
??? RIB State: BGP restart is complete
??? RIB State: VPN restart is complete
??? Send state: in sync
??? Active prefixes:????????????? 1
??? Received prefixes:??????????? 1
??? Accepted prefixes:??????????? 1
??? Suppressed due to damping:??? 0
??? Advertised prefixes:????????? 1
? Table GRT6.inet.0 Bit: 60000
??? RIB State: BGP restart is complete
??? RIB State: VPN restart is complete
??? Send state: in sync
??? Active prefixes:????????????? 0
??? Received prefixes:??????????? 0
??? Accepted prefixes:??????????? 0
??? Suppressed due to damping:??? 0
??? Advertised prefixes:????????? 0
? Table GRT0.inet6.0 Bit: 70000
??? RIB State: BGP restart is complete
??? RIB State: VPN restart is complete
??? Send state: in sync
??? Active prefixes:????????????? 0
??? Received prefixes:??????????? 0
??? Accepted prefixes:??????????? 0
??? Suppressed due to damping:??? 0
??? Advertised prefixes:????????? 0
? Last traffic (seconds): Received 5226 Sent 320? Checked 5226
? Input messages:? Total 16???? Updates 4?????? Refreshes 0???? Octets 473
? Output messages: Total 16???? Updates 2?????? Refreshes 0???? Octets 473
? Output Queue[3]: 0??????????? (GRT0.inet.0, inet-vpn-unicast)
? Output Queue[4]: 0??????????? (GRT6.inet6.0, inet6-vpn-unicast)
? Output Queue[5]: 0??????????? (GRT6.inet.0, inet-vpn-unicast)
? Output Queue[6]: 0??????????? (GRT0.inet6.0, inet6-vpn-unicast)
? Trace options: update
? Trace file: /var/log/debugbgp size 100000 files 10
To debug on Juniper, an administrator configures the “trace options” by setting a file name, and optionally a file size, number of files, etc. Then by setting a “flag”, which is defines what to debug, the system will write the log file. This doesn’t clog the interface, and is rather easy to shut off either with a rollback or just deleting the flag. The files can then be used offline. The files CAN be viewed in real-time via a monitor command, but this is not the default. There are limited options to repeat an arbitrary command.
Cliff’s Opinion
Both Cisco and Juniper make good equipment. Each has a slight advantage in certain configurations and uses. Both are considered very mainstream and can likely meet the needs of even the corner-case niche configuration requirements. It would take a healthy amount of writing to compare all the options. Sometimes, preferences in this environment are just preferences, not due to functionality. The availability of information in "show" makes me like Juniper on the WAN for higher-speed networks, especially running label switching or other advanced features. Given the long history and use cases, I prefer Cisco on the network edges toward carriers. I actually have other preferences within the data center, depending on size and construction, but those preferences are outside the scope of this writeup. :)
So which is right for you? That depends on what you are doing. You should not underestimate the operational considerations of running multiple vendors, but given the current trend of all vendors to attempt to force brand loyalty, running multiple vendors is becoming a MUST! Don't be afraid of Juniper, Arista, Aruba, Cisco, Cumulus, or any of the other major brands. They all have something to offer. Running multiple products helps keep the vendors honest, which is very important.
I hope this has been helpful.
Network Engineer @ Advanced Information Security Solutions | CCNP SP, Risk management
8 个月Very helpful thax
Dedicated Sales Professional | Network Engineering | Solutions Architecture | Sales Engineering | Innovative Solutions | Cost Control | Efficiency Improvements
2 年Excellent tutorial cliff. Nice job
Builder of Creative GTM Strategies.
2 年Excellent read, thx Cliff
Secure, simple, reliable connectivity #NileSecure #NaaS
2 年Love it Clifford Haas. Excellent write up.