ssmt01b

education services courseware

M Series for the

Service Provider Technical Overview

Student Guide

M Series for the Service Provider Technical Overview

Course SSMT01 © Juniper Networks, Inc. 2

NOTE: Please note this Student Guide has been developed from an audio narration. Therefore it will have

conversational English. The purpose of this transcript is to help you follow the online presentation and may require

reference to it.

Slide 2

© 2011 Juniper Networks, Inc. All rights reserved. | www.juniper.net | Proprietary and Confidential

M Series for the


M Series for theService Provider Technical OverviewM Series for theService Provider Technical OverviewM Series for theService Provider Technical OverviewM Series for theService Provider Technical Overview Welcome to Juniper Networks M Series for the Service Provider Technical Overview eLearning module. In this course we will discuss the challenges that are impacting our customers networks and learn how Junos and the M Series routers are the solution to the challenges our customers face. We will describe the M Series router portfolio and take a detailed look into the architecture, components, and characteristics of these high-performance routers. We will also take a look at Junos Space and the Junos SDK as a way to manage, integrate, and gain control of the network. We will compare and contrast the M Series routers to the competition and finish by summarizing the value of M Series routers.



Slide 3

© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net |CONFIDENTIAL SSMT01 03

Throughout this module, you will find slides with valuable detailed information. You can stop any slide with the Pause button to study the details. You can also read the notes by using the Notes tab. You can click the Feedback link at anytime to submit suggestions or corrections directly to the Juniper Networks eLearning team.



Slide 4

© 2011 Juniper Networks, Inc. All rights reserved. www.juniper.net |CONFIDENTIAL SSMT01

Course Objectives

� After successfully completing this course, you will be

able to:

•Describe the M Series portfolio

•Describe the various M Series models, their architecture,

characteristics, and components

•Describe the available interface options

•Discuss how the Junos OS, Junos Space, and the Junos SDK

help customers gain more control of their network

•Discuss the M Series advantages against the competition

04

Course ObjectivesCourse ObjectivesCourse ObjectivesCourse Objectives After successfully completing this course, you will be able to: •Describe the M Series portfolio •Describe the various M Series models, their architecture, characteristics, and components •Describe the available interface options •Discuss how the Junos OS, Junos Space, and the Junos SDK help customers gain more control of their network •Discuss the M Series advantages against the competition



Slide 5


Agenda: M Series for theService Provider Technical Overview

� Introduction to M Series Routers

� The M Series Product Portfolio

� Deployment Scenarios

� Junos Space and Junos SDK

� Competitive Comparison

05

Agenda: M Series for the Service Provider Technical OverviewAgenda: M Series for the Service Provider Technical OverviewAgenda: M Series for the Service Provider Technical OverviewAgenda: M Series for the Service Provider Technical Overview This course consists of five sections. The five main sections are as follows: •Introduction to M Series routers •The M Series product portfolio •Deployment scenarios •Junos space and Junos software development kit (SDK) •Competitive comparison



Slide 6


Introduction to M Series Routers

M Series for the


Introduction to M Series RoutersIntroduction to M Series RoutersIntroduction to M Series RoutersIntroduction to M Series Routers In this section we will introduce Juniper Networks M Series Multiservice Edge Routers. We will investigate the key characteristics and features of the M Series routers. Advanced routing features such as graceful Routing Engine switchover (GRES), non-stop active routing, and unified in-service software upgrades (ISSU) will be discussed.



Slide 7


Section Objectives

� After successfully completing this section, you will be

able to:

•Discuss current network trends

•Describe where the M Series fits within the Juniper

high-end routing portfolio

•Discuss the Intelligent Services Edge

•Describe advanced routing features available on

the M Series routers

07

Section ObjectivesSection ObjectivesSection ObjectivesSection Objectives After successfully completing this section, you will be able to: •Discuss current network trends •Describe where the M Series fits within the Juniper high-end routing portfolio •Discuss the Intelligent Services Edge •Describe advanced routing features available on the M Series routers



Slide 8


ConsolidationConsolidationConsolidationConsolidationConsolidate IT resources out of branch offices Consolidate IT resources out of branch offices Consolidate IT resources out of branch offices Consolidate IT resources out of branch offices andandandand

place them in centralized data centersplace them in centralized data centersplace them in centralized data centersplace them in centralized data centers

Security and ComplianceSecurity and ComplianceSecurity and ComplianceSecurity and ComplianceSecure everyone from Secure everyone from Secure everyone from Secure everyone from threatsthreatsthreatsthreats

by by by by anyoneanyoneanyoneanyone

Be available 100% Be available 100% Be available 100% Be available 100% of the timeof the timeof the timeof the time

ReliabilityReliabilityReliabilityReliability

Support any Support any Support any Support any communication applicationcommunication applicationcommunication applicationcommunication application

IncreasedIncreasedIncreasedIncreased ComplexityComplexityComplexityComplexity

Sustainability Sustainability Sustainability Sustainability

Cloud Computing

Green Green Green Green

NetworksNetworksNetworksNetworks

Evolution of Enterprise NetworksCritical to Business and Competitive Advantage

08

Evolution of Enterprise Networks Critical to Business and Competitive AdvantageEvolution of Enterprise Networks Critical to Business and Competitive AdvantageEvolution of Enterprise Networks Critical to Business and Competitive AdvantageEvolution of Enterprise Networks Critical to Business and Competitive Advantage Enterprise networks have become critical to business and provide companies a competitive advantage in today’s highly competitive world market. The following are some of the current networking trends : •Consolidation: Over the last decade or so, as enterprises grew, data centers expanded into several locations to accommodate for space. Customers ended up having hundreds of data centers across the world which became very difficult and expensive to manage. Now, enterprises are looking to consolidate and centralize. The current trend is to consolidate IT resources such as servers, applications, and storage out of branch offices and to place them in centralized data centers. •Complexity: Networks have become very complex because they have to connect billions of users and devices, thousands of super data centers, and support many communication applications. The trend is towards convergence of voice, video, and data into single-application architectures, service-oriented architectures, and software is being delivered as a service. •Reliability: Users and businesses are now global. The requirement is not only to be reliable but 100% available because today’s IT staff needs to provide around the clock service. For example, people who work in the Americas might need access to servers in APAC and vice versa. •Security and Compliance: Everybody has heard of denial of services (DoS) attacks and knows how extremely important it is that all of the network infrastructure is as secure as possible. Two other considerations within today’s network are cloud computing and implementation of green networks. Furthermore, now that the network is critical to business,



you need a high-performance network that is fast, reliable, and secure. Juniper Networks is uniquely positioned to deliver high-performance networks for high-performances businesses.



Slide 9


Business Trends

� Data center consolidation

� Data center colocation

� Data center migration

� More security and privacy

� Device upgrades

Virtualization

� Cloud computing

� Live server migration

� Virtual desktops

Applications

� Video

� Mission critical applications

09

Triggers For WAN Investments

Triggers For WAN InvestmentsTriggers For WAN InvestmentsTriggers For WAN InvestmentsTriggers For WAN Investments WAN bandwidth is 1 to 2 orders of magnitude slower than LAN; this impacts application performance. Enterprise networks have become critical to business and provide companies a competitive advantage in a highly competitive world market. Data center consolidation, virtualization, and mission critical applications are all putting pressure on the WAN. Juniper has solutions to address current and future networking requirements.



Slide 10


Juniper’s High-End Routing Portfolio

10

Juniper’s Juniper’s Juniper’s Juniper’s HighHighHighHigh----End RoutingEnd RoutingEnd RoutingEnd Routing PortfolioPortfolioPortfolioPortfolio This slide highlights the three high-end routing products from Juniper which are as follows: •The MX Series, which focuses on high density 1-Gigabit and 10-Gigabit Ethernet interfaces; •The M Series routers, which focus on a wide array of WAN interfaces and proven performance; and •The T Series routers which focus on high-performance and reliability at scale.



Slide 11


M Series and MX Series Positioning

11

M Series and MX Series PositioningM Series and MX Series PositioningM Series and MX Series PositioningM Series and MX Series Positioning This slide outlines the key differentiators between the M Series and the MX Series routers. The MX routers provide routing and switching whereas the M Series routers have no Ethernet switching capability. The MX routers are focused on high-density Ethernet interfaces while the M Series routers have Ethernet interfaces they do not have the density of the MX products. However, the M Series has a wide array of WAN interfaces.



Slide 12


� M Series success

•Over 40,000 units shipped

•Over 2,000+ customers

•Enterprise, wireline, and wireless markets

� Any service to any customer

� Services scaled with proven:

•Stability

•Security

•Performance

•Availability

M Series Multiservice Edge Routers Portfolio

Multicast

Security Services

Voice and Video

Services

Circuit Emulation

Ethernet VPLS

Layer 2 and

Layer 3 VPNs

IPv6

12

M Series Multiservice Edge Routers PortfolioM Series Multiservice Edge Routers PortfolioM Series Multiservice Edge Routers PortfolioM Series Multiservice Edge Routers Portfolio The M Series is a family of multi-service Edge Routers with over ten years of continuous innovation; the M Series has been largely adopted across the world. With over 40,000 units shipped to over 2,000 customers, the M Series product line has leadership positions in the enterprise as well as wireline and wireless service provider markets. It is designed to deliver any service to any customer, independently of its access interface—be it SONET, T1/E1, channelized SDH, Frame Relay, ATM, Ethernet, or DSL technology.

The set of services delivered by the M Series product line is immense and includes any combination of Layer 2 and Layer 3 virtual provate network (VPN), Ethernet VPLS, circuit emulation, voice and video service, security services, multicast, IPv6, and many others. The M Series delivers all these services at uncompromised stability, security, performance, and availability.



Slide 13


M Series Continuous Innovation—Juniper’s Silicon Development

MartiniChipset

� Lower cost of ownership

� Advanced features

� Scaling

GimletChipset

FPC

LLLL

LLLL

RRRR

MMMMDDDD

PhysicalPhysicalPhysicalPhysical

InterfaceInterfaceInterfaceInterface

CardCardCardCard

NfNfNfNf NwNwNwNwMqMqMqMq

PICPICPICPIC

PICPICPICPIC

PICPICPICPIC

Recent M Series HW innovation� Enhanced CFEB

� Enhanced IQ2

� Enhanced IQ

13

M Series Continuous InnovationM Series Continuous InnovationM Series Continuous InnovationM Series Continuous Innovation————Juniper’sJuniper’sJuniper’sJuniper’s Silicon DevelopmentSilicon DevelopmentSilicon DevelopmentSilicon Development The M Series product line has continuously benefitted from Juniper’s silicon innovation, which combines their silicon design expertise with state-of-the-art technologies to bring more features and scale at a lower cost of ownership. For example, Juniper’s initial Martini chipset, which was available on the M5, M10, and M40 routers, evolved over the years to the Gimlet chipset, which was featured on the T Series routers and the M320 routers. This complex chipset, which included many different application-specific integrated circuits (ASICs), was later collapsed into a more efficient and cost-optimized ASIC called the I-chip. This I-chip was initially delivered to equip the M120 routers, but was later included in the M Series routers and the MX Series routers. Relying on the same forwarding chipset across the M Series product line, and across M Series and MX Series routers enables simplified development cycles for Juniper and feature consistency for our customers, which translates into simpler operations and validation. Some recent M Series hardware innovations include the Enhanced Compact Forwarding Engine Board (CFEB-E) on the M7i and M10i (which features the I-chip), the Enhanced IQ2 PICs 9which brings enhanced queuing capabilities to Ethernet PICs), and the Enhanced IQ PICs (which feature further queuing and channelization capabilities for the channelized PIC).



Slide 14


Enables high performance and scale, service flexibility and velocity, and operational efficiency.Enables high performance and scale, service flexibility and velocity, and operational efficiency.Enables high performance and scale, service flexibility and velocity, and operational efficiency.Enables high performance and scale, service flexibility and velocity, and operational efficiency.

WAN EdgeWAN EdgeWAN EdgeWAN Edge Ethernet Service EdgeEthernet Service EdgeEthernet Service EdgeEthernet Service Edge Multiservice EdgeMultiservice EdgeMultiservice EdgeMultiservice Edge

The Intelligent Services Edge

New New New New

ApplicationApplicationApplicationApplication

EnablingEnablingEnablingEnabling

HardwareHardwareHardwareHardware

New New New New ServiceServiceServiceService

Enabling Enabling Enabling Enabling

Applications Applications Applications Applications

ServiceServiceServiceService

CentricCentricCentricCentric

PlatformsPlatformsPlatformsPlatforms

Service Service Service Service RichRichRichRich

SoftwareSoftwareSoftwareSoftware

Intrusion Detection Intrusion Detection Intrusion Detection Intrusion Detection and Preventionand Preventionand Preventionand Prevention

Integrated Integrated Integrated Integrated ServicesServicesServicesServices

Dynamic Application Dynamic Application Dynamic Application Dynamic Application AwarenessAwarenessAwarenessAwareness

14

The Intelligent Services EdgeThe Intelligent Services EdgeThe Intelligent Services EdgeThe Intelligent Services Edge What is the Intelligent Services Edge (ISE)? ISE is not a product; it is a collection of hardware and software features and enhancements that can be deployed on a variety of purpose built platforms. ISE is Juniper’s name for a portfolio of service-enabling hardware and software that leverages unmatched architectural integrity to support high performance and scale, provide service flexibility and velocity, and increase operational efficiency. This drives network monetization, enabling new revenue-generating services while reducing costs. All ISE capable platforms share the following key Juniper design principles: •Separate control and data planes •Junos software •Advanced silicon (ASICs, I-chips, Ethernet Services Engine complexes) What does the Intelligent Services enable? For enterprises, ISE aligns the network infrastructure with business goals. Enterprises require high-performance and versatile network infrastructure to efficiently support evolving business processes, underpin new business strategies, deploy strategic applications, and improve security. ISE can provide the following enhancements to the enterprise: •High performance and scale •Service flexibility and velocity •Operational efficiency



Slide 15


Architectural Integrity is theFoundation for the Intelligent Service Edge

15

Architectural Integrity is the Foundation for the Intelligent Service EdgeArchitectural Integrity is the Foundation for the Intelligent Service EdgeArchitectural Integrity is the Foundation for the Intelligent Service EdgeArchitectural Integrity is the Foundation for the Intelligent Service Edge Architectural integrity describes Juniper’s adherence to a product design and development discipline that is based on the separation of the control plane, services plane, and forwarding plane, which allows parallel innovation within each lane. Architectural Integrity is further defined by the consistent use of the following: •Advanced silicon on the forwarding plane across all platforms •Junos software as the control plane across all platforms •Dedicated hardware assisted processing for CPU intensive services across all platforms Beyond parallel, non-disruptive development in each plane, architectural integrity allows Juniper to deliver a consistent feature set across the portfolio—so customers continually get innovative new features, feature consistency, operational efficiency, and investment protection.



Slide 16


Junos Reduce Network Complexity:Single Operating System

� Paralyzing complexity

� Consumes operational time

� Increases risk of downtime

� Unpredictable performance

� A pacing factor to business innovation

and speed

� One operating system across all platforms

� One release train providing stable delivery of

new features

� Accelerate advance services & Application

deployment

� Centralized NSM to manage the entire life-cycle

of ALL network devices

16

Junos Reduce Network Complexity: Single Operating SystemJunos Reduce Network Complexity: Single Operating SystemJunos Reduce Network Complexity: Single Operating SystemJunos Reduce Network Complexity: Single Operating System As the physical network has grown, legacy operating systems have also multiplied, which creates the following difficulties for the IT staff: •Paralyzing complexity: Impossible to manage code branches and feature support across large networks; •Consumes operational time: Time to test different codes across multiple platforms for new feature support often requires a dedicated staff; •Increases risk of downtime: Inconsistency across the network increases risk of downtime when new features are enabled, or new configurations applied; •Unpredictable performance: Performance for new applications in individual environments is less predictable, due to the possible variations of operating systems; and •A pacing factor to business innovation and speed: All of the factors we just mentioned make it difficult to adapt to new opportunities as the business grows and changes/ The power of one operating system across all your network products simplifies operations and reduces network complexity in the following ways: •One operating system across multiple platforms decreases the IT staff’s workload; •One software release train provides stable delivery of new features in a steady, time-tested cadence; and •One modular software architecture provides highly available, secure, and evolutionary software.



Slide 17


Juniper Advantages

17

Juniper AdvantagesJuniper AdvantagesJuniper AdvantagesJuniper Advantages The elements that provide the Juniper advantage in high-end routing include the following: •Advanced silicon and an advanced hardware portfolio; •Junos as the single operating system across multiple platforms; •Advanced routing features implemented on the routing platform which provides a competitive edge and address the challenges facing enterprises; and •A two-tiered collapsed architecture that simplifies the architecture, requires fewer devices which lowers latency, reduces space, power, and cooling requirements, and simplifies management and support. Let’s explore each of these elements further. Advanced Silicon and a Comprehensive Product Portfolio Juniper strives for consistency across the product line. Solving massive scale problem called for radical change in the way routers were designed. Juniper’s approach was to move packets through hardware on a set of silicon chips without the intervention of software. Juniper offers a high-performance network infrastructure that supports converged networks where data, voice, and video traffic are running in parallel and one that keeps pace with the escalating demands of high-performance businesses. Junos Junos is one network operating system for multiple platforms with a single release train that enables features and functionality to be consistently implemented across the network without compromise or complication. This drives significant operational efficiency and



enables network administrators to spend more time innovating. Junos software is fundamentally different in not only its architectural design, but also in its development. Junos provides the power of one benefits that we mentioned in the previous slide—one operating system, one release train, and one common modular software architecture. Cisco builds different capabilities to every single platform over time. It takes a long time for features to percolate to all platforms. Juniper builds a feature once and releases it to all platforms all at once. The result: Junos has experienced tremendous market success, capturing a significant portion of its available market in just 10 years, serving the most demanding customers in the world. Advanced Routing Capabilities Juniper Networks offers industry leading high performance routers with the most complete advanced routing features in the industry—without compromising performance. These features include traffic segmentation and virtualization with MPLS, ultra low-latency multicast, carrier-class reliability, a comprehensive QoS implementation, and security. Two Tiered Architecture Juniper enables you to build a highly virtualized and secure data center network that eeeeliminates the aggregation layer, simplifies the architecture, requires fewer devices, reduces space, power, and cooling requirements, and simplifies management and support by using a single network OS.



Slide 18


MPLS Network Virtualization

� Support network segmentationand privacy

• Regional, departmental, and project-oriented groups can have control over their network assets and configurations

� Enhances end-user application experience

• Traffic engineering enables a fine-tuning of the network to deliver appropriate levels of services

� Improve network resiliency

• with features like fast re-route—Enabling sub-50 millisecond reroute to maintain real-time traffic during a node or link failure

� Boost network scalability and performance

� Scales for future growth

Seamless NetworkSeamless NetworkSeamless NetworkSeamless NetworkConnectivityConnectivityConnectivityConnectivity

MPLSMPLSMPLSMPLS

BackboneBackboneBackboneBackbone

NetworkNetworkNetworkNetwork

SegmentationSegmentationSegmentationSegmentation

Enhance User Enhance User Enhance User Enhance User

ExperienceExperienceExperienceExperience

Improve NetworkImprove NetworkImprove NetworkImprove Network

ResiliencyResiliencyResiliencyResiliency

Scale for FutureScale for FutureScale for FutureScale for Future

GrowthGrowthGrowthGrowth

PrivacyPrivacyPrivacyPrivacy

18

MPLS Network VirtualizationMPLS Network VirtualizationMPLS Network VirtualizationMPLS Network Virtualization One single technology can provide segmentation, privacy, scalability, and reliability and provide a better user experience—MPLS traffic engineering. Traditional private IP networks do not optimally support “real-time” applications. IP networks lack granular traffic control; and for sub-50 millisecond link and node failure detection and re-routing, the alternative is to deploy SONET/SDH. This requires an additional transport layer in the private WAN and data center, which comes with an additional significant expense. MPLS, however, provides a cost-effective alternative for the highly resilient network supporting “real-time” communications. MPLS can be deployed without the additional cost and complexity of SONET/SDH. In addition, today's enterprises have several groups of users with specific needs. As the number of groups increases, keeping them separate and secure is a challenge to IT departments. In addition, regulatory environments and business operations sometimes require guarantees of business unit and subsidiary separation. Traditional practices required separate physical and redundant networks to be built. However, the cost of building redundant networks is extremely high. Each separate and redundant network requires its own equipment, WAN access, space and power, provisioning and management—making this an expensive proposition. MPLS, however, provides a cost effective alternative to building and maintaining redundant networks. MPLS enables one physical network to be configured and operated as many separate virtual networks with Layer 2 or Layer 3 VPN services.



MPLS can offer the following: •Enables consolidation of disparate networks onto a single network; •Delivers control through traffic segmentation; •Provides resiliency with fast reroute and traffic engineering; and •Scales for future growth without compromising performance.



Slide 19


Graceful Routing Engine Switchover

19

Graceful Routing Engine Switchover Graceful Routing Engine Switchover Graceful Routing Engine Switchover Graceful Routing Engine Switchover With graceful Routing Engine switchover, the main point to highlight is the fact that the backup Routing Engine has all the state that the primary Routing Engine has, and we have a “keep alive” mechanism between the Routing Engines so that a failure can be detected as quickly as possible. The backup engine, then, takes over the entire system.



Slide 20


Nonstop Active Routing

20

Nonstop Active Routing Nonstop Active Routing Nonstop Active Routing Nonstop Active Routing In order to have in-service software upgrade (ISSU) capabilities, you need not only graceful Routing Engine switchover, but also to be able to maintain all the state across the Routing Engines. By maintaining all the routing information, from Layer 2 and Layer 3, and all the protocols across the Routing Engines, there is no latency when switching from one Routing Engine to another Routing Engine. While our competitor claims ISSU, they do not have the ability to maintain state.



Slide 21


Unified In-Service Software Upgrade

Network globalization means no off-peak traffic periods

• Maintenance windows become difficult to schedule

Need to reduce time and risk of upgrade

•Unstable software with too many fixes and fixes of fixes

•Common industry practice is12-24 months between stable releases of generally deployable code

•Requires extensive manual planning and verification

In-service migration of one Junos

release to another� Upgrade of entire system

• preserves full integrity of quality

and regression testing

� Upgrade path available from

any release to another

Minimizes upgrade time & risk•Automates operations

functions to planand implement upgrade

•No disruption of control plane and minimal disruption oftraffic

Graceful Routing Engine

switchover and non-stop routing

are prerequisites

10.x10.x10.x10.x 10.y10.y10.y10.y

Avoids drawbacks

in piecemeal system update

21

Unified InUnified InUnified InUnified In----Service Software UService Software UService Software UService Software Upgradepgradepgradepgrade Graceful Routing Engine switchover and non-stop routing are prerequisites to ISSU. ISSU allows you to is go from one Junos version to another without having to restart and obtain the state information from your neighbors. For example, Junos 9.1 is in the primary Routing Engine. First, install Junos 9.4 in the standby Routing Engine. When the secondary Routing Engine boots up, it collects all the state information and synchronizes with the primary Routing Engine. Then you can execute the switchover. The backup becomes the primary, the primary becomes the standby—in case there is a need to fall back, from a routing perspective—and then over time, once you are happy with the upgrade to the newest Junos release, you can upgrade the standby Routing Engine with the same release you just deployed. This way, you then have the ability to do nonstop active routing in case there is a failure of the primary Routing Engine. Cisco does not have the full support of non-stop routing. They claim ISSU but, in reality, they do have to reestablish some state after they switch over the Routing Engine which can cause issues.



Slide 22


Quality of Service

� Flexible and rich set of QoS features

• Classification, marking, policing & scheduling

� Flexible system-wide configuration• Consistent modular QoS policy configuration across platforms

• Verify configurations before committing changes

• After verification, commit all changes at once without single line execution

• Roll back in case of configuration issues

Improved End User ExperienceImproved End User ExperienceImproved End User ExperienceImproved End User Experience

22

Line rate throughput—No

performance degradation� For QoS functionality such as

extended ACLS, and so on

Standard eight hardware queues per

port for all Juniper platforms� Option for products with 1000+

hardware queues

Consistency across IPv4, IPv6, MPLS, and multicast traffic

� Option for products with 1000+ hardware queues

Quality of ServiceQuality of ServiceQuality of ServiceQuality of Service Juniper has flexibility in quality of service (QoS) implementation, providing consistency in configuration across all platforms because of the ASIC design line-rate throughput. The Juniper M Series, MX Series, and T Series routers offer a rich set of QoS Diffserv features—classification, rewrite and marking, policing and scheduling. The modular CLI offers a wide variety of ways to provision QoS—by customer, by protocol, by interface, and so on. In addition, the QoS policies are consistent throughout the product portfolio, allowing for easier migration and easier provisioning. In addition you have the ability to verify configurations before committing. All QoS features are implemented natively in the ASICs and in hardware. Therefore, the router continues to forward traffic at line-rate without taking a hit in performance. The products offer the standard 8 hardware queues per port with an option to go to thousands of queues if desired.



Slide 23


QoS Packet Handling Introduction

Hierarchical

Hierarchical

Packet Forwarding Engine

Packet Forwarding Engine

Ingress IQIngress IQIngress IQIngress IQ----E E E E PICPICPICPIC

FC+PLPFC+PLPFC+PLPFC+PLP

Scheduling

And shaping

Scheduling

Shaping

FC -> Qn

Qn+PLP -> WRED

FC and PLP

Determine

Rewrite value

MF classification

Policing

Can overwrite

FC and PLP

BA Classification

Forwarding class and

packet loss priority

Scheduling

And shaping

Switch Fabric Switch Fabric Switch Fabric Switch Fabric

23

QoS Packet Handling IntroductionQoS Packet Handling IntroductionQoS Packet Handling IntroductionQoS Packet Handling Introduction This slide shows an overview of the QoS packet flow which is as follows: •A packet first arrives at a PIC where the Layer 2 processing is done. Our next-generation, IQ2 Ethernet PICs offer QoS functionality at input. For example, IQ2 provides ingress queuing, shaping, and policing. IQ2 PICs also classify packets using a variety of techniques. Next-generation channelized IQ PICs will provide ingress policing and ingress DiffServ code point (DSCP) rewrite functionality also. The packet then enters the Packet Forwarding Engine. The QoS characteristics that this packet will use in this router are determined by behavior aggregate (BA) or multifield (MF) classification. The result of BA (first) and MF (later) provides forwarding class (FC) and packet loss priority (PLP). After MF, only FC and PLP is used for scheduling, shaping, weighted random early detection (WRED), and rewrite value. The ingress PIC, or the interface, is where classification, hierarchical policing, and DSCP rewrite begins. In the Packet Forwarding Engine, you do a lot of the policing, and you can override the priority drop capabilities. Then, it goes through the switch fabric to the other Packet Forwarding Engine and that is what allows you to utilize priority dropping. Then you start doing outbound queuing and outbound drops if you need to because of congestion. You decide whether you need to actually do rewrites of the QoS parameters, and then finally, if you are doing hierarchical scheduling and shaping, you determine the priority for the packets to actually leave the interface. What is forwarding-class?



Forwarding-class is meant to carry classification information from BA or MF classifiers to features. Classifiers set forwarding-class. Shapers, schedulers, WRED, and markers use forwarding-class. Forwarding-class plus loss priority provide an ID for the class of service (CoS) treatment of a packet inside the router. Up to 16 forwarding classes can be defined and up to four loss priorities can be defined per class.

What is class and loss priority? Class is mapped into the queue that the packet goes into. Until a few years back, class equaled queue. We increased the number of classes so you can map multiple classes into the same queue. The reason for increasing the number of classes is primarily to be able to offer more flexibility in how various classes of traffic are managed . In the service provider world, the number of classes was increased so that they could have a core facing set of classes and an edge facing set of classes that they manage separately. The same can apply to the enterprise as well. You can have an internal facing set of classes and an external set of classes, and you can manage them very cleanly using the fact that you can have up to sixteen forwarding classes. In summary, packet loss priority is an ability to have a finer set of prioritization and, mostly, bandwidth control and buffer control within a set of queues.



Slide 24


Section Summary

� In this section, we:

•Discuss current network trends

•Described where the M Series fits within the Juniper

high-end routing portfolio

•Discussed the Intelligent Services Edge

•Described advanced routing features available on

the M Series routers

24

Section SummarySection SummarySection SummarySection Summary In this section, we: •Discussed current network trends •Described where the M Series fits within the Juniper high-end routing portfolio •Discussed the Intelligent Services Edge •Described advanced routing features available on the M Series routers



Slide 25


Learning Activity 1: Question 1

� ISSU requires which three of the following? (Select

three.)

25

A) Two Routing Engines

B) DiffServ codepoint functionality

C) Non-stop active routing capability

D) Graceful Routing Engine switchover capability

Learning Activity 1: Question 1 ISSU requires which three of the following? (Select three.)



Slide 26



� True or False: The M Series offers more WAN

interface options than the MX Series routers.

26

A) True

B) False

Learning Activity 1: Question 2 True or false: M Series routers offers more WAN interface options than the MX Series routers.



Slide 27


The M Series Product Portfolio

M Series for the


The M Series Product PortfolioThe M Series Product PortfolioThe M Series Product PortfolioThe M Series Product Portfolio In this section we will explore the M Series Multiservice Edge Routers in more detail. We will investigate the key characteristics and features of the M Series routers, discuss the underlying architecture and its components, and explore some of the available interface options. This section will also introduce some of the M Series competitive advantages and present some deployment scenarios.



Slide 28


Section Objectives


able to:

•Describe the M Series portfolio

•Discuss the underlying architecture, its characteristics, and

components

•Discuss the various interface options

•Describe the details of the individual M Series models

28

Section ObjectivesSection ObjectivesSection ObjectivesSection Objectives After successfully completing this section, you will be able to: •Describe the M Series portfolio •Discuss the underlying architecture, its characteristics, and components •Discuss the various interface options •Describe the details of the individual M Series models



Slide 29


M Series Multiservice Edge Router Portfolio

120G120G120G120G

10G10G10G10G

320G320G320G320G

40G40G40G40G

Campus/EnterpriseCampus/EnterpriseCampus/EnterpriseCampus/Enterprise Medium/Large POPMedium/Large POPMedium/Large POPMedium/Large POP Large POPLarge POPLarge POPLarge POP

40k+ M Series deployed40k+ M Series deployed40k+ M Series deployed40k+ M Series deployed

M7iM7iM7iM7i

M10iM10iM10iM10i

M120M120M120M120

M320M320M320M320

Multiservice Edge Router for Enterprise and Service Provider ApplicationsMultiservice Edge Router for Enterprise and Service Provider ApplicationsMultiservice Edge Router for Enterprise and Service Provider ApplicationsMultiservice Edge Router for Enterprise and Service Provider Applications

29

M Series Multiservice Edge Router PortfolioM Series Multiservice Edge Router PortfolioM Series Multiservice Edge Router PortfolioM Series Multiservice Edge Router Portfolio The M Series portfolio covers needs from the enterprise campus or high-end CPE to the large service provider points of presence (PoPs). The throughput of the product line ranges from 10 Gbps with the M7i router up to 320 Gbps with the M320 router. On the lower end we find the M7i and M10i routers, which are compact form factor routers aimed at campus or high-end enterprise needs. They share interfaces and are capable of aggregating up to five Gigabit Ethernet interfaces (on the M7i) or eight Gigabit Ethernet interfaces (on the M10i). On the higher end we find the M120 and M320 routers. The M120 router aggregates up to six 10-Gigabit Ethernet interfaces and has throughput of 120 Gbps. The M120 router also features unique edge redundancy capabilities. The M320 router is the M Series most powerful platform with up to 320 Gbps of throughput and sixteen 10-Gigabit Ethernet interfaces. All of these platforms run the Junos OS, which provides a rich and consistent feature set across the product line.



Slide 30


M SeriesMultiservice Edge Router Specifications

30

M Series Multiservice Edge Router SpecificationsM Series Multiservice Edge Router SpecificationsM Series Multiservice Edge Router SpecificationsM Series Multiservice Edge Router Specifications The slide shows a breakdown of speeds and feeds on the M Series product family. From small POPs, to the largest service provider or data center, the M Series can fit any customer’s need.



Slide 31


Modular Interface Architecture

M320

1 x OC-48c

4 x ChOC12/STM4

8 x GE

Multiservices PIC

PIC

PIC

PIC

PIC

FPC

� Physical interface cards known as PICs

� PICs plug into Flexible PIC Concentrators (FPCs)

� Advantages:

•Mix and match interface media per FPC slot

•PIC portability (for example, migration from one platform to

another)

•PIC hot insert and removal

31

Modular Interface Modular Interface Modular Interface Modular Interface ArchitectureArchitectureArchitectureArchitecture One of the key features of the M Series product line is its flexibility, which is largely an attribute of its modular interface architecture. The physical interface cards are known as PICs on the complete portfolio. Examples of those PICs are depicted in the diagram on the slide and include one OC-48c interface, four channelized OC12/STM4 interfaces, 8 Gigabit Ethernet interfaces or a Multiservices PIC. These PICs can be flexibly combined in a Flexible PIC Concentrator (FPC) module. For the M7i and M10i routers, these FPCs are integrated. The main advantage of this architecture is that you can mix and match interface media in the same FPC slot. It also enables PIC portability across different platforms. The M7i and M10i routers share exactly the same PICs, and the M40e, M120, and M320 routers share most of their PICs. Finally, this architecture also improves operational efficiency by enabling insertion and removal of a specific PIC while the router is running, without interrupting packet forwarding on the other interfaces.



Slide 32


Platform Reliability

� Fundamentally sound architecture

� Fault protected modular OS

� Fully redundant common

hardware

� Hot swappable FPCs and PICs

� Graceful protocol restart

� Hitless switchover (graceful

Routing Engine switchover)

� ISSU

32

Platform ReliabilityPlatform ReliabilityPlatform ReliabilityPlatform Reliability There are many factors to consider when evaluating a products reliability. The separation of control plane and data plane has proven to be a fundamentally sound architecture. The modular Junos operating system (Junos OS) protects other modules from faults in one module. The ability to have redundant common equipment and hot swappable PICs and FPCs is another factor to consider when evaluating reliability. Features that enable a graceful protocol restart, enable a hitless switchover, and ISSU further enhance the reliability of the system.



Slide 33


High Availability

33

High AvailabilityHigh AvailabilityHigh AvailabilityHigh Availability High availability (HA) is prevalent in any aspect of the M Series product line design. On the software side, the Junos OS provides HA through a set of features, including graceful Routing Engine switchover, non-stop active routing, and unified ISSU. The Junos OS is also production hardened and has been deployed in the most demanding networks around the world for more than ten years. On the hardware side, the M Series features component redundancy at all levels and most modules are hot-swappable. On the network side, the M Series provides system failure protection, fault transparency, and minimized service interruption through protocols such as Virtual Router Redundancy Protocol (VRRP), Automatic Protection Switching (APS), MPLS fast reroute (FRR), MLPPP, or Ethernet Link Aggregation. The reliability of the Juniper hardware and software platforms largely comes from a high-quality development process, which includes automated testing, mean time between failures (MTBF) tracking, and release integrity.



Slide 34


Integrated Security: Holistic Control and Forwarding Plane Protection

� Router-based

• MD5 auth for BGP, LDP, OSPF

• Filter-based packet sampling

• Per flow mirroring on multiple egress ports

� Robust DDOS protection

• Line rate filtering with 1000s of filters

• Unicast RPF

• Rate limiting

� Protected control plane

• All measures can be applied to traffic destined to control plane

� PIC-based

• Services PICs

• Stateful firewall and NAT

• J-Flow accounting

• IPsec

• Monitoring PIC

• Active Monitoring (J-Flow)

• Passive Monitoring (J-Flow)

34

Integrated Security: Holistic Control and Forwarding Plane ProtectionIntegrated Security: Holistic Control and Forwarding Plane ProtectionIntegrated Security: Holistic Control and Forwarding Plane ProtectionIntegrated Security: Holistic Control and Forwarding Plane Protection In addition to the large set of connectivity options provided by the family of PICs available for the M Series, the product line also features integrated security—which provides holistic control and forwarding plane protection. Router-based capabilities include MD5 authentication for all routing protocols, filter-based packet sampling, and per flow mirroring on multiple egress ports. The M Series features robust distributed denial of service (DDOS) protection through line-rate filtering with thousands of filters, Unicast reverse path forwarding (RPF), or rate-limiting at wire speed. Additionally, the M Series enables control plane protection, all security measures can be applied to traffic destined for the control plane. Another set of integrated security features is PIC-based security, which includes all the capabilities that are available through our Services PIC family, and adds dedicated, integrated security capabilities to the routers in order to provide advanced services—such as stateful firewall, network address translation (NAT), J-Flow accounting, or IPsec encryption.



Slide 35


Industry’s Most Comprehensive VPN Portfolio

� VPN portfolio to meet Layer 2 or Layer 3 needs of any customer

� VPNs scaled in world’s largest production networks

� Portfolio of VPN-enhancing services to add new revenues

• QoS for prioritized traffic within VPN, such as voice and video

• VPN-aware multicast, encryption, firewall, IPv6, and other services

35

Industry’Industry’Industry’Industry’s Most Comprehensive VPN Portfolios Most Comprehensive VPN Portfolios Most Comprehensive VPN Portfolios Most Comprehensive VPN Portfolio Next, we will describe some of the tools that Juniper uses to support current and emerging Layer 2 and Layer 3 services on a single platform. One of the keys critical to the multiservice edge is that together, the M Series routers and Junos OS offer the industry’s most comprehensive VPN portfolio. This VPN portfolio allows service providers to meet—with a single platform—the Layer 2 or Layer 3 service needs of any customer. Because each VPN can address different customer requirements, the ability to run multiple VPNs on a single platform enables providers to reach the highest number of customers, maximize revenues, and minimize the infrastructure. In addition, these VPNs have been scaled in the world’s largest production networks. One of Juniper’s key advantages is the ability to scale VPN services with stability in a single routing platform. Juniper also has a portfolio of VPN-enhancing services that can provide additional revenue. For example, once the customers start accessing their networks through VPN, QoS can be enabled for prioritized traffic such as real-time voice, video applications, and best effort data. Other capabilities that can be activated to generate new revenues include VPN-aware multicast, VPN-aware stateful firewall, IPsec within VPN, and many others. Therefore, multiple VPNs and multiple VPN-aware services deliver a platform that can generate high revenues.



Slide 36


Network Virtualization Components

DeviceDeviceDeviceDevice

PartitioningPartitioningPartitioningPartitioning

1 : N1 : N1 : N1 : N

VLAN

VRF

IRB

Virtual Routers

Virtual Bridging

Logical SystemsLogical SystemsLogical SystemsLogical Systems

JCS1200

DeviceDeviceDeviceDevice

AggregationAggregationAggregationAggregation

N : 1N : 1N : 1N : 1

Virtual ChassisVirtual ChassisVirtual ChassisVirtual Chassis

Multi-Chassis LAG

TX Matrix

JCS 1200

NetworkNetworkNetworkNetwork

CommunicationCommunicationCommunicationCommunication

N : MN : MN : MN : M

Layer 3 VPN (MPLSMPLSMPLSMPLS, GRE, IPsec)

Layer 2 VPN (VPLSVPLSVPLSVPLS, Pseudo-wires, 802.1q)

Circuit to Packet (TDM, Serial, and so on to IP)

Pepe Garcia 36

Network Virtualization ComponentsNetwork Virtualization ComponentsNetwork Virtualization ComponentsNetwork Virtualization Components The M Series routers enable several different types of virtualization to enable customers to do the following: •Partition a single system into multiple logical systems; •Virtualize their network bandwidth with MPLS VPNs; and •Aggregate multiple chassis into a single virtual chassis for simplified management.



Slide 37


VPN-Aware Stateful Firewall and NAT

� Create new service revenues with network based security

� Gain competitive advantage by being able to offer single access

link for both VPNs and internet access

� Reduced costs and complexity for enterprises

� Enable NAT and firewall per Layer 3 2547 VRF through Multi

Services PIC

Customer with Private

Addresses 10.x.x.x

Services PIC

Internet

CE MPLS VPN

NAT Private

Addresses

Private

Addresses

stay private

Site-to-site IPsec tunnel to extranet partner on demand

37

VPNVPNVPNVPN----Aware Stateful Firewall and NATAware Stateful Firewall and NATAware Stateful Firewall and NATAware Stateful Firewall and NAT Service providers are able to use the multi services PIC to create new service revenues based on VPN-aware security features. Each VPN might be a different customer with different security policy requirements. With VPN-aware security features the service provider can offer a single access link to customers while providing both VPN and internet access over the same link. The multi services PIC enables enterprises to secure their WAN connections and reduce costs and complexity by integrating multiple products and possibly operating systems into one M Series router.



Slide 38


Flow

Export

Flow Accounting

� Benefits

•Detailed usage data

•Bill by application and destination

•Capacity planning

•Security monitoring

Billing Collector/Engine

M Series

Enterprise

asp

M Series

Internet

Services PIC

Flow Analysis

38

Flow AccountingFlow AccountingFlow AccountingFlow Accounting The flow accounting features on the services PICs enable enterprises and service providers to get detailed usage data by application and bill by application, source, or destination. This also enables customers to do capacity planning to determine what applications are on their network, how much bandwidth is being used, and when. Flow accounting also enables security to monitor application usage on the network to determine the appropriate policies for each application.



Slide 39


Intelligent Queuing PICs

� ATM2 IQ PICs

� Channelized IQ-E PICs

� Gigabit Ethernet IQ2-E PICs

� Discrete IQ PICs (e.g. E3, DS3)

� Granular per-logical interface QoS

• VC, VP, DLCI, VLAN

� Dense multi-level channelization to

DS0

• With per channel QoS

� Granular accounting

and statistics

� Extensive diagnostics

� VLAN tagging, deleting,

and rewrite

39

Intelligent Queuing PICsIntelligent Queuing PICsIntelligent Queuing PICsIntelligent Queuing PICs One of the key requirements at the edge is to provide dense aggregation with rich queuing. This is provided by a variety of interfaces called intelligent queuing PICs (IQ PICs). The IQ PICs have intelligence capabilities such as granular per-logical interface quality of service (QoS) at the virtual circuit (VC), virtual path (VP), data-link connection Identifier (DLCI), or virtual LAN (VLAN) level; dense multi-level channelization down to DS0 for channelized interfaces, granular accounting and statistics, extensive diagnostics options, or VLAN tag manipulations, and are available for our ATM2 IQ PICs, channelized IQ enhanced PICs, Gigabit Ethernet IQ2 enhanced PICs, or discrete IQ PICs. The IQ PICs enable you to flexibly combine advanced QoS capabilities like policing, classification, shaping, strict priority, weighted round robin (WRR), WRED, and marking over a large number of interfaces to deliver different shaded services and enable the generation of new revenue.



Slide 40


Enhanced IQ (IQ-E) PIC FamilyProduct Overview

� Next-Gen Intelligent Queuing Interfaces

•Non-Channelized

•Channelized

• Deep channelization support

� Increased channel scaling

� Advanced CoS for NGN

•Enhanced Policing

•Dual-rate Shapers

•Enhanced H-CoS

•Increased Delay Buffers

� Supported on all M and T Series

•Future support on M7i and M10i40

Enhanced IQ (IQEnhanced IQ (IQEnhanced IQ (IQEnhanced IQ (IQ----E) PIC Family Product OverviewE) PIC Family Product OverviewE) PIC Family Product OverviewE) PIC Family Product Overview The enhanced IQ PIC family provides channelized and non-channelized next generation intelligent queuing interfaces on the M and T Series routers. On the channelized versions, enhanced IQ PIC features increase channelization capabilities. These PICs also feature advanced class of service (CoS) for next generation networks, which include the following: •Enhanced policing •Dual-rate shapers •Enhanced hierarchical-CoS, and •Increased delay buffers These PICs are already supported on all M and T Series products except the M7i and M10i. Support will be provided on those two platforms in the near future.



Slide 41


TDM, SONET, and SDH Based IQ PICs Versus IQE PICs RR = Round robin

HP = High priority

41

TDM, SONET, and SDH Based IQ PICs Versus IQE PICsTDM, SONET, and SDH Based IQ PICs Versus IQE PICsTDM, SONET, and SDH Based IQ PICs Versus IQE PICsTDM, SONET, and SDH Based IQ PICs Versus IQE PICs This slide and the next slide outline the differences between the Intelligent Queuing PICs and the Enhanced Intelligent Queuing PICs for TDM, SONET, and SDH interfaces.



Slide 42


Ethernet Based IQ2 PICs Versus IQ2E PICs

42

Ethernet Based IQ2 PICs Versus IQ2E PICsEthernet Based IQ2 PICs Versus IQ2E PICsEthernet Based IQ2 PICs Versus IQ2E PICsEthernet Based IQ2 PICs Versus IQ2E PICs This slide is provided for your reference and compares the Ethernet IQ2 PICs to the Enhanced IQ2 PICs.



Slide 43


Circuit Emulation PICs

� Cost effectively transform legacy voice and TDM data transport

networks to next generation packet based infrastructure

• Leverages market-leading position in IP/MPLS and edge routing

� Two versions:

• 12-port T1/E1 PIC

• 4-port channelized OC3/STM1 PIC

� Features includes:

• SAToP support

• MPLS over IP (RFC 4023)

• Stitching of PWE3 to BGP Layer 2 VPN

• Static Pseudowires

• ATM

• IMA (future)

43

Circuit Emulation PICsCircuit Emulation PICsCircuit Emulation PICsCircuit Emulation PICs As legacy networks are progressively being migrated to MPLS and IP, the circuit emulation PICs and the M Series routers enable cost effective transport of legacy voice and time-division multiplexing (TDM) data over next generation, packet-based infrastructure. The PICs are available in two versions; a 12-port T1/E1 PIC and a 4-port channelized OC3/STM1 PIC. These interfaces combine the advanced Junos feature set with some specific hardware capabilities to deliver features including Structure-Agnostic TDM-over-Packet (SAToP) support, MPLS over IP, stitching of PWE3 to BGP Layer 2 VPN, static pseudowires, ATM, and Inverse Multiplexing for ATM (IMA).



Slide 44


� Adds a ‘service plane’ to routing

and forwarding planes

� Services with unprecedented scale

and performance

� Modular implementation

for success based growth

� Multiple SW programmable

execution engines

IP Services PICsAdvanced Services Features

� Multiservices PIC

• NAT, stateful firewall,

J-Flow accounting, IPsec, Tunnel,

cRTP, LNS,

• Session Border Controller

• Dynamic Application Awareness

� Encryption Services PIC

• IPsec Monitoring Services PIC

• J-Flow (cflowd v5 & v8)

� Tunnel Services PIC

• GRE, IP in IP, VT, LT

� Link Services PIC

• MLPPP, MLFR (FRF.15, FRF.16),

LFI, FRF.12, Tunnel

44

IP Services PICs Advanced Services FeaturesIP Services PICs Advanced Services FeaturesIP Services PICs Advanced Services FeaturesIP Services PICs Advanced Services Features Another important family of PICs supported on the M Series is the IP Services PIC family. This family of PICs adds a service plane to the routing and forwarding planes, enabling the delivery of advanced services at unprecedented scale and performance. The modular service implementation enables you to add service resources in the form of PICs to the router to scale the service components to meet the service requirement needs. Within this family of PICs, the most versatile is the Multiservices PIC. The Multiservices PIC combines most of the services available across the other services PICs. Services supported on the Multiservices PIC include Network Address Translation (NAT), stateful firewall, J-Flow accounting, IPsec, tunneling, Compressed Real-Time Transport Protocol (CRTP), and L2TP network server (LNS). Other advanced features include Session Border Controller, and Dynamic Application Awareness. Additionally, the Multiservices PIC enables the integration of third-party applications through Junos SDK integration. Other PICs in this family include the Encryption Services PIC (which provides IP Security [IPsec] encryption), the Monitoring Services PIC (which provides J-Flow processing [cflowd]), the Tunnel Services PIC (which includes generic routing encapsulation [GRE], IP-in-IP, virtual tunnel (VT), and LT tunneling capabilities), and the Link Services PIC (which provides Multilink Point-to-Point Protocol [MLPPP], Multilink Frame Relay [MLFR], link fragmentation and interleaving [LFI], FRF.12, and tunneling capabilities).



All these PICs are available in different formats to be accommodated on any of the M Series products ranging from the M7i routers to the M320 routers.



Slide 45


M7i Multiservice Edge Router

� Integrated J-protect security• Adaptive Services Module

• Dedicated network processor and memory

• NAT, stateful firewall, IPsec, J-Flow, and

Link Services

� 1 fixed Gigabit Ethernet or 2 fixed Fast

Ethernet ports• Fully routed with QoS

� Built for compact environments• 2 rack units high

• Class B emissions

� Full Junos IP/MPLS PE functionality

� Performance and features, no trade offs• 16 Mpps lookup performance

ASMASMASMASM

NATNATNATNAT

IPsecIPsecIPsecIPsec

FirewallFirewallFirewallFirewall

FlowFlowFlowFlowAcctAcctAcctAcct

45

M7i Multiservice Edge RouterM7i Multiservice Edge RouterM7i Multiservice Edge RouterM7i Multiservice Edge Router The following is a list of the M7i Multiservice Edge Router highlights: •Integrates ASIC-based J-Protect Security; •Leverages production proven technology; •Runs feature rich Junos software; •Is ideal for compact environments; •Is 2 rack units in height; •Uses AC or DC power—AC power is key for many small environments; •Has Class B EMI rating for close proximity to other electronics; •Has 2 fixed Fast Ethernet or 1 fixed Gigabit Ethernet interfaces for WAN or LAN connectivity; and •Integrates ASIC-based J-Protect Security including:

• NAT; • Stateful firewall; • IPsec; and • J-Flow accounting.

These integrated hardware accelerated security functions do not take up a PIC slot, and enable this cost effective platform to work well as a campus border router or in a managed services enterprise environment. The M7i also [provides the following: •Comprehensive IP/MPLS PE functionality; •Rich MPLS VPN portfolio, MPLS TE, MPLS FRR, IPv6 over MPLS, and so on; •Granular, per logical circuit QoS across any access type for per customer services;



•Hardware-based IPv6 performance; •Able to leverage the integrated security to deliver network based security services; and •The M7i uses M5 and M10 PICs for investment protection.



Slide 46


M7i Components

46

M7i ComponentsM7i ComponentsM7i ComponentsM7i Components Key hardware components of the M7i router are the PICs, Fixed Interface Card (FIC), Compact Forwarding Engine Board (CFEB), ASICs, and Routing Engine. High-density PICs provide a complete range of fiber optic and electrical transmission interfaces to the network. In addition, IP services PICs provide hardware-accelerated services for uncompromising performance. The FIC houses the fixed interfaces and is accessed from the front of the chassis. The FIC also provides control and monitoring functions, such as power, temperature, fans, and system resets. There are two versions of the FIC, one with two Fast Ethernet connections and another with one Gigabit Ethernet connection The CFEB houses the forwarding engine and is accessed from the rear of the chassis. The CFEB is available in two versions, standard version and one that includes the Adaptive Services Module. The feature-rich programmable ASICs deliver a comprehensive hardware-based system for packet processing without compromise. The Routing Engine maintains the routing tables and controls the routing protocols, as well as the Junos software processes that control the platform’s interfaces, the chassis components, system management, and user access to the platform. It is accessed from the front of the chassis.



Slide 47


M7i Packet Forwarding Architecture

47

M7i Packet Forwarding ArchitectureM7i Packet Forwarding ArchitectureM7i Packet Forwarding ArchitectureM7i Packet Forwarding Architecture The packet forwarding architecture of the M7i router is based on the I-Chip. The I-Chip is a Juniper designed ASIC. The forwarding tables that the I-Chip uses for making packet routing decisions are updated based on information from the Routing Engine. All the customer data packets are forwarded in the I-Chip hardware ASIC, none of the customer data packets are required to go through the control plane in the Routing Engine. This separation between the control plane and the data plane enables high-performance, low-latency forwarding that scales to multi Gigabits of traffic.



Slide 48


M7i and M10i: CFEB andEnhanced CFEB Comparison

48

M7i and M10i: CFEB and Enhanced CFEB ComparisonM7i and M10i: CFEB and Enhanced CFEB ComparisonM7i and M10i: CFEB and Enhanced CFEB ComparisonM7i and M10i: CFEB and Enhanced CFEB Comparison There are also two versions of CFEB, the older ABC chipset CFEB and the newer I-Chip based Enhanced CFEB. As you can see in the chart the I-Chip enables more queuing, higher performance, and unified ISSU. The feature-rich programmable ASICs deliver a comprehensive hardware-based system for packet processing without compromise.



Slide 49


M7i and M10i:RE-400 and RE-850 Comparison

49

M7i and M10i: REM7i and M10i: REM7i and M10i: REM7i and M10i: RE----400 and RE400 and RE400 and RE400 and RE----850 Comparison850 Comparison850 Comparison850 Comparison The Routing Engine maintains the routing tables and controls the routing protocols, as well as the Junos software processes that control the platform’s interfaces, the chassis components, system management, and user access to the platform. It is accessed from the front of the chassis. The chart on the slide compares the RE-400 to the RE-850. Both Routing Engines are available for the M7i and M10i, however the RE-850 has been announced as end of life and the end of sale date is October 11, 2011. The RE-400 will continue to be available after the end of sale date of the RE-850. A new higher performance routing engine will be released in Junos 11.4R3 .



Slide 50


M7i and M10i:RE-850 and RE-B-1800 Comparison

50

M7i and M10i: REM7i and M10i: REM7i and M10i: REM7i and M10i: RE----850 and RE850 and RE850 and RE850 and RE----BBBB----1800 Comparison1800 Comparison1800 Comparison1800 Comparison As mentioned on the last slide the RE-850 has been announced as end of life. The new routing engine that will be released in Junos 11.4R3 is the RE-B-1800. The chart on the slide compares the two routing engines.



Slide 51


M7i and M10i:Adaptive Services and Multi Services PICs

51

M7i and M10i: Adaptive Services and Multi Services PICsM7i and M10i: Adaptive Services and Multi Services PICsM7i and M10i: Adaptive Services and Multi Services PICsM7i and M10i: Adaptive Services and Multi Services PICs The M7i and M10i support two different Services PICs. The Multi Service (MS) PIC is much higher performing than the Adaptive Services PIC, however the MS PIC requires the I-Chip on the Enhanced CFEB.



Slide 52


M10i Multiservice Edge Router

� Most compact M Series with fully redundant

common hardware

� Built for compact environments

•5 rack units high

•Class B emissions

� Full Junos IP/MPLS PE functionality

� Performance and features,

no trade offs

Note: No integrated ASM or fixed portsNote: No integrated ASM or fixed portsNote: No integrated ASM or fixed portsNote: No integrated ASM or fixed ports

RedundantRedundantRedundantRedundant

Routing EngineRouting EngineRouting EngineRouting Engine

Forwarding EngineForwarding EngineForwarding EngineForwarding Engine

PowerPowerPowerPower

Cooling Cooling Cooling Cooling

52

M10i Multiservice Edge RouterM10i Multiservice Edge RouterM10i Multiservice Edge RouterM10i Multiservice Edge Router The following is a list of the M10i Multiservice Edge Router highlights: •Leverages production proven technology; •Feature rich Junos software; •Redundant Forwarding Engine board; •Redundant Routing Engine; •Redundant cooling; •Redundant power; •Rich MPLS VPN portfolio, MPLS TE, MPLS FRR, IPv6 over MPLS, and so on; •Granular per logical circuit QoS across any access type for per customer services; •Hardware-based IPv6 performance; and •Like the M7i, the M10i uses M5 and M10 PICs for investment protection.



Slide 53


M10i Components

53

M10i ComponentsM10i ComponentsM10i ComponentsM10i Components This slide illustrates the M10i routers components. The main item to highlight regarding the M10i components is the fact that this platform, unlike the M7i, has redundant Routing Engines and redundant CFEB. You therefore have the ability to add a higher density of PICs, and they are all interchangeable between the M71 and the M10i. The M10i platform is 5 rack units high; it has the ability to accommodate 8 PICs, as opposed to 4 PIC slots in the M7i router. It has fully redundant fan trays. It has fully redundant capabilities for either AC or DC power supplies; fully redundant capabilities for the Routing Engine and the CFEB (which is the switch fabric on the M Series product line).



Slide 54


M7i and M10i PIC Portfolio

(*) M10i only(*) M10i only(*) M10i only(*) M10i only

and IQ2E

54

M7i and M10i PIC PortfolioM7i and M10i PIC PortfolioM7i and M10i PIC PortfolioM7i and M10i PIC Portfolio The chart on the slide outlines the wide array of PICs available for the M7i and M10i routers. There are Ethernet PICs, discrete interfaces (T1, E1, and DS3 type connections), channelized interfaces (that is, ATM and SONET), multi-rate (meaning the same PIC gives you the option of one port of OC12 or 4 ports of OC3), services (so you can install a PIC that allows you to add capabilities like stateful firewall, encryption, Link Services, and J-Flow), and circuit emulation PICs. All of these PICs can be mixed and matched in the M7i or M10i chassis as long as you have PIC slot capacity.



Slide 55


M120 Multiservice Edge Router

� Dense aggregation and service scalability• Service rich Junos

• 10 Gbps uplinks, 120 Gbps throughput

• 90 Mpps lookup

• Increased hardware scalability

� Optimized for QoS and multi-service• 8 queues per interface

• Jitter and latency optimized for low speed interfaces

• Rich Layer 2 QoS, VPN, and interworking capabilities

� Investment protection• PIC portability from M40e/M160/M320/T-series

� High availability• Redundant Forwarding Engines

• FPCs replaced without re-racking or rebooting chassis

� Collocation friendly Design• Chassis depth-reduction: Fits in 800 mm cabinets

Fully RedundantFully RedundantFully RedundantFully Redundant

Routing Engines

System switch boards

Forwarding Engine

Power

Cooling

55

M120 Multiservice Edge Router M120 Multiservice Edge Router M120 Multiservice Edge Router M120 Multiservice Edge Router The M120 Multi Service Edge Router provides dense aggregation with high performance services running Junos. It scales to support 10 Gbps interfaces and up to 120 Gigabits of throughput with 90 Million packets per second lookup. The high performance Routing Engine or control plane increases BGP sessions, routes, and virtual routing and forwarding tables. The M120 is optimized for increased logical and channelized services with 8 queues per interface, extremely low jitter and latency, and rich layer 2 QoS and VPN interworking features. The M120 provides investment protection for older and newer M Series products and the Flexible PIC Concentrators (FPCs) can be replaced without rebooting the chassis. The M120 meets the collocation requirement to fit into 800 mm deep cabinets with both AC and DC power supply modules sized to less than 60 AMP feeds.



Slide 56


M120 Architecture

� Distributed architecture

� 4 FPC slots and 2 CFPC slots

� One Packet Forwarding Engine

(I-Chip I2.0) per FEB

� 10 Gbps full duplex per slot

� 15 Mpps per FEB

56

M120 ArchitectureM120 ArchitectureM120 ArchitectureM120 Architecture The FPCs provide the infrastructure to power and control PICs and to translate packets to and from each PIC into a standard interface that the FEB processes. The M120 architecture is very similar to all other M Series routers with PICs that plug into FPCs. Each Packet Forwarding Engine receives incoming packets from the PICs installed on the FPC and forwards them through the switch planes to the appropriate destination FPC and port. There are four FPC slots on the M120 plus two Compact FPC slots. Each FPC contains a crossbar connection to the FEBs. The FPCs interface with the following router system components: the Power Entry Modules (PEMs), Control Boards (CBs), FEBs, and PICs. Two Compact FPCs (CFPCs) are available for the M120 router: a 10-Gigabit Ethernet CFPC and an OC192 CFPC. Each CFPC is rated at 10 Gigabits per second full duplex. Each CB works with an installed Routing Engine to provide control and monitoring functions for the router. These functions include determining Routing Engine mastership; controlling power and reset for the other router components; connecting the FEBs and FPCs; monitoring and controlling fan speed; and monitoring system status. You can install one or two CBs in the router. The CBs install vertically into the rear of the chassis in the slots labeled CB0 and CB1. If two CBs are installed, one functions as the master CB and the other as its backup. If the master fails or is removed, the backup restarts and becomes the master.



With redundant CBs, the backup CB is hot-removable and hot-insertable, but the master CB is only hot-pluggable. If a CB fails and switches mastership to the redundant CB, the Routing Engine mastership switches as well.



Slide 57


M120 Components (Front)

Craft Interface

PIC

Upper Fan Tray

CFPC

(10-Gigabit Ethernet

or OC192)

ESD Point

Air Intake

Lower Fan Tray

Front Mounting Flange

FPC

4 PICs per Type 1 FPC

4 PICs per Type 2 FPC

1 PIC per Type 3 FPC

H: 20.75” (12RU)

W: 17.5”

D: 25.7”

Weight: NTE 230 lbs

57

M120 Components (Front)M120 Components (Front)M120 Components (Front)M120 Components (Front) This slide shows the front of the M120 system. The M120 is 12 rack units in height. The air intake is at the bottom. On the right hand side you can see two FPCs that hold only one PIC. The next two FPCs have four PICs each. On the far left hand side are the two CFEBs. Again, the 6 slots give you a total of 120 Gigs of throughput on the system with any combination of interfaces.



Slide 58


M120 Components (Rear)

58

M120 Components (Rear)M120 Components (Rear)M120 Components (Rear)M120 Components (Rear) This slide shows the M120 components located on the rear of the chassis. There are the two control boards, six FEBs, and DC or AC power modules. The Routing Engines install into the rear of the chassis in vertical slots directly into the CB labeled CB0 and CB1. The Routing Engine runs the Junos OS. The software processes that run on the Routing Engine maintain the routing tables, manage the routing protocols used on the router, control the router interfaces, control some chassis components, and provide the interface for system management and user access to the router.



Slide 59


M120 Components

FEB LEDs

Connector Interface Panel and Front Panel Display Board

59

M120 ComponentsM120 ComponentsM120 ComponentsM120 Components The connector interface panel (CIP) and the front panel display board identify any critical [red LED] or warning [yellow LED] alarms. It also displays all of the FEB LEDs. The CIP is where all console and Ethernet management access is located for the M120. Alarm relay contacts are also located on the connector interface panel.



Slide 60


M120 IP Services PIC

� Adds a ‘service plane’ to routing

and forwarding planes

� Services with unprecedented

scale and performance

� Modular implementation

for success based growth

� Multiple software programmable

execution engines

� Encryption Services PIC

• IPsec

� Monitoring Services PIC

• J-Flow (cflowd v5 & v8)

� Tunnel Services PIC

• GRE, IP-in-IP, VT, LT

� Multi-Services PIC and Adaptive

Services PIC

• NAT, stateful firewall, J-Flow

accounting, IPSec, Tunnel, cRTP

� Link Services PIC

• MLPPP, MLFR (FRF.15, FRF.16),

LFI, FRF.12, Tunnel

60

M120 IP Services PICM120 IP Services PICM120 IP Services PICM120 IP Services PIC The IP Services PICs provide hardware acceleration for various packet processing intensive services. First, the Encryption Services PIC provides full-strength IP Security (IPsec) encryption at rates exceeding 800 Mbps half duplex. Second, the Monitoring Services PIC supports J-Flow accounting by exporting standards-based V5 and V8 flow accounting records. Third, the Tunnel Services PIC supports various tunneling mechanisms such as GRE tunneling, IP-in-IP tunneling, and so on, at very high speeds. Next, the Link Services PIC supports multilink Point-to-Point Protocol (PPP), multilink frame relay, link fragmentation interleaving, as well as tunnel services. Finally, the Adaptive Services PIC, is designed to support multiple services, including NAT, stateful firewall, J-Flow accounting, IPsec, tunnel services, and Compressed Real-Time Transport Protocol (CRTP). The IP Services PICs, in conjunction with the IQ PICs and the M Series routers, enable rich service creation capabilities at the edge without compromising on performance.



Slide 61


M320 Multiservice Edge Router

� Dense aggregation and service scalability• Service rich Junos, scaled in production

• 10 Gbps uplinks, 320 Gbps throughput

• 385 Mpps lookup

• High performance control plane hardware for increases in BGP sessions, routes, and VRFs

• Increased logical and channelized interfaces

� Optimized for QoS and multi-service• 8 queues per interface

• Jitter and latency optimized for low speed interfaces

• Rich layer 2 QoS/VPN and interworking capabilities

� Investment protection• PIC portability from M40e, M160, M120, and T Series

• FPCs replaced without re-racking or rebooting chassis

� Collocation Friendly Design• Chassis depth-reduction: Fits in 800 mm cabinets

• AC and DC PEMs sized to less than 60 AMP feeds

Fully RedundantFully RedundantFully RedundantFully Redundant

Routing EnginesRouting EnginesRouting EnginesRouting Engines

Switch boardsSwitch boardsSwitch boardsSwitch boards

PowerPowerPowerPower

CoolingCoolingCoolingCooling

61

M320 Multiservice Edge RouterM320 Multiservice Edge RouterM320 Multiservice Edge RouterM320 Multiservice Edge Router The M320 Multi Service Edge Router provides dense aggregation with high performance services running Junos. It has the same architecture and the same component design as the M120, but in a different form factor. It scales to support 10 Gbps interfaces and up to 320 Gigabits of throughput with 285 Million packets per second lookup. The high performance Routing Engine or control plane increases BGP sessions, routes and virtual routing and forwarding tables. The M320 is optimized for increased logical and channelized services with 8 queues per interface extremely low jitter and latency and rich layer 2 quality of service and VPN interworking features. The M320 provides investment protection for older and newer M Series products and the Flexible PIC Concentrators can be replaced without rebooting the chassis. The M320 also meets the collocation requirement to fit into 800 mm deep cabinets with both AC and DC power supply modules sized to less than 60 AMP feeds



Slide 62


M320 Forwarding Architecture

� 4 Switch Interface Boards 4 Switch Interface Boards 4 Switch Interface Boards 4 Switch Interface Boards (SIBs)(SIBs)(SIBs)(SIBs)

� NonNonNonNon----blocking anyblocking anyblocking anyblocking any----totototo----any any any any connectivityconnectivityconnectivityconnectivity

• 2x speedup for non-blocking

� All SIBs fully redundantAll SIBs fully redundantAll SIBs fully redundantAll SIBs fully redundant

• Graceful degradation

� Packet order maintainedPacket order maintainedPacket order maintainedPacket order maintained

• Sequence ID used on ingress

• Reorder buffer resequenceson egress

� QoSQoSQoSQoS maintainedmaintainedmaintainedmaintained

• Strict Priority queueing on ingress PFE

• Parallel virtual paths for high and low priority packets

62

Distributed architecture

� 8 FPC slots

� One PFE per FPC� 20 Gbps full duplex per slot

� 40 Mpps per FPC

M320 Forwarding ArchitectureM320 Forwarding ArchitectureM320 Forwarding ArchitectureM320 Forwarding Architecture The M320 forwarding architecture is similar to the other M Series routers with PIC modules plugged into FPCs. There are three different types of FPCs that support the different PICs available. The I-Chip ASICs are located on the FPCs in the M320. There are 8 FPC slots with one Packet Forwarding Engine per FPC. Each FPC supports 20 Gigabits full duplex throughput per slot and 40 Million packets per second. The four switch interface boards (SIBs) provide non-blocking any-to-any connectivity between all the FPCs. All SIBs are fully redundant. The M320 architecture uses sequence IDs on the ingress of each packet so that on the egress packets can be resequenced if needed to maintain the correct packet order. The ability to have strict priority queuing and parallel virtual paths through the system enable QoS requirements to be maintained through the router.



Slide 63


E3 FPC Overview

� Enhanced III FPCs for M320•Type 1, 2, and 3

• M320-FPC1-E3, 4 PICs



•I3.0 based PFE

� Enhancements•Additional QoS capabilities

•Increased scaling

•Eliminate PIC configuration rules

•Enhance multicast performance

IIIIP I CP I CP I CP I C

P I CP I CP I CP I C



IIII

IIII



IIII

FPC1FPC1FPC1FPC1and FPC2and FPC2and FPC2and FPC2

FPC3FPC3FPC3FPC3

63

E3 FPC OverviewE3 FPC OverviewE3 FPC OverviewE3 FPC Overview The M320 router supports the following types of FPCs: •FPC1: Rated at 4 Gbps full duplex; supports up to four PICs; •FPC2: Rated at 16 Gbps full duplex; supports up to four PICs; and •FPC3:Rated at 20 Gbps full duplex; supports up to two PICs, including higher-speed PICs. You can install any combination of these FPC types in the M320 router.



Slide 64


M320 Components (Front)

H: 35 in. (1/2 rack)

W: 17.3 in.

D: 29.84 in.

Weight: NTE 480 lbs

8 FPC slots

� Type 1 (4 PICs per FPC Slot)



Upper Fan Tray

with 4 fans , FRU

Lower Fan Tray

with 4 fans, FRU

Front Panel

Connector Panel, FRU

Air Filter, FRU

Cable Management

64

M320 Components (Front)M320 Components (Front)M320 Components (Front)M320 Components (Front) The M320 router is half a rack high, 35 inches in height. The M320 front panel displays the status of the routing engines, SIBs, and power supplies along with any critical [red LED] or warning [yellow LED] alarms. The CIP on the far left consists of Ethernet, console, and auxiliary connectors for the Routing Engines and alarm relay contacts. You can install up to eight FPCs vertically in the front of the routing platform. The FPCs are numbered FPC 0 to FPC 7 from left to right. The cooling system components work together to keep all router components within the acceptable temperature range. All fan trays and filters are hot-insertable and hot-removable. The two front fan trays are interchangeable. The front and rear fan trays are not interchangeable. When the router is operating normally, the fans function at lower than full speed. If a fan fails or the ambient temperature rises above a threshold, the speed of the remaining fans is automatically adjusted to keep the temperature within the acceptable range.



Slide 65


M320 Components (Rear)

Redundant

Switch Interface

Boards

Front to back

cooling

Redundant

Control Boards

& external clock

inputs

Redundant Power Supplies AC

PEM: 3+1 (1250 W, 15A)

DC PEM: 2+2 (1870 W, 50A)

Target Max Input: 3700 W

Redundant RE 4Redundant RE 4Redundant RE 4Redundant RE 4

CPUCPUCPUCPU 2 Ghz Intel Celeron M

DRAMDRAMDRAMDRAM 4 GB

HDHDHDHD 40 GB

FlashFlashFlashFlash 1 GB

65

M320 Components (RM320 Components (RM320 Components (RM320 Components (Rear)ear)ear)ear) The back of the M320 router is where the redundant Routing Engines, control boards, switch interface boards, and power supplies are located. Each control board works with an adjacent Routing Engine to provide control and monitoring functions for the router. These functions include determining Routing Engine mastership, controlling power and reset for the other router components, monitoring and controlling fan speed, and monitoring system status. The SIBs provide the switching function to the destination FPC at a total of 385 Million packets per second of forwarding.



Slide 66


M120 and M320 PIC Portfolio

66

M120 and M320 PIC PortfolioM120 and M320 PIC PortfolioM120 and M320 PIC PortfolioM120 and M320 PIC Portfolio The chart on this slide outlines the wide array of PICs available for the M120 and M320 routers. This chart is similar to chart for the M7i and the M10i, but there is a more extensive PIC portfolio between the M120 and the M320; Ethernet discrete interfaces, channelized interfaces, ATM, SONET, multi-RAID, and so on. There are many different combinations of ports. The PICs are shared between the M120 and the M320, just like the PIC sharing between the M7i and M10i.



Slide 67


Section Summary


•Described the M Series portfolio

•Discussed the underlying architecture, its characteristics,

and components

•Discussed the various interface options

•Described the details of the individual M Series models

67

Section SummarySection SummarySection SummarySection Summary In this section, we: •Described the M Series portfolio •Discussed the underlying architecture, its characteristics, and components •Discussed the various interface options •Described the details of the individual M Series models



Slide 68



� The M Series product line supports throughput within

which of the following ranges?

68

A) 7 Gbps to 420 Gbps

B) 10 Gbps to 320 Gbps

C) 5 Gbps to 960 Gbps

D) 12 Gbps to 640 Gbps

Learning Activity 2: Question 1 The M Series product line supports throughput within which of the following ranges?



Slide 69



� PICs are installed into which component?

69

A) SIBs

B) FEBs

C) FPCs

D) CBs

Learning Activity 2: Question 2 PICs are installed into which component?



Slide 70


M Series for the


Deployment Scenarios

Deployment ScenariosDeployment ScenariosDeployment ScenariosDeployment Scenarios This section will provide a look at different deployment scenarios where the M Series routers can be utilized. Drivers and requirements of different solution sets will be discussed.



Slide 71


Section Objectives


able to:

•Discuss six deployment scenarios for the M Series routers

•Describe the requirements and drivers of four particular

solution sets

71

Section ObjectivesSection ObjectivesSection ObjectivesSection Objectives After successfully completing this section, you will be able to: •Discuss six deployment scenarios for the M Series routers •Describe the requirements and drivers of four particular solution sets



Slide 72


Sample Deployment Scenarios

Inter-Data center transport network

Server live migration across data centers

Enterprise-wide virtualization

Regulatory compliance

Low latency multicast

High availability

1111

2222

3333

4444

5555

6666

72

Sample Deployment ScenariosSample Deployment ScenariosSample Deployment ScenariosSample Deployment Scenarios We are going to take a look at several sample deployment scenarios. These six scenarios are common deployments for Juniper customers.



Slide 73


Inter-Data Center Transport Network 1111

73

Internternternter----Data Center Transport NetworkData Center Transport NetworkData Center Transport NetworkData Center Transport Network The diagram on the slide depicts the logical connectivity for a large bank that purchased another large bank. The different colored lines show that each application is allowed to operate as though it has a private network over a cost-effective, shared infrastructure while maintaining QoS and latency requirements for the applications. In case of a primary path failure (either of the black or orange lines) , the critical application is protected with a secondary/standby label-switched path (LSP) (red line) with the same QoS guarantees and latency, going through the third data center. The challenge is how to cost-effectively connect the data centers of the two banks. Use of SONET is very expensive for connecting data centers across the country. The merged organization needs to support many more access nodes and hence scalability and flexibility of the existing infrastructure is of paramount importance. To adhere to regulations the merged bank needs to maintain traffic segmentation across specific departments and maximizing existing equipment the most effective way. In the proposed new design the expensive SONET links were replaced with a private cloud of Ethernet links that run MPLS. The resulting cloud is called the “Super Core” which is a transport core only and is a strict demarcation from the existing WAN—no routing interaction. All links are point-to-point Layer 2 VPNs. The traffic engineering component of MPLS guarantees bandwidth and thus offers QoS for the delay sensitive applications. MPLS VPNs provide logical separation of different traffic between the data centers and thereby ensure security and privacy.



The highly available and resilient data center Super Core provides the following: •Guaranteed bandwidth allocation for critical application; •More predictable latency characteristics; and •Resiliency and availability with faster failure detection and re-route recovery.



Slide 74


Server Live Migration Across Data Centers

74

Server Live Migration across Data CentersServer Live Migration across Data CentersServer Live Migration across Data CentersServer Live Migration across Data Centers A large health care provider in the US requires reliability and rapid access to data and its services must be available around the clock. One way they achieve this availability is through collocation of data centers. Furthermore, the hospital needs to comply with several regulations and requires securing and isolating patient information. For Layer 2 connectivity, the hospital uses multiple 10-Gigabit Ethernet inter-data center links for 40 applications with the utilization of less than 1% on each link. We recommended that customers move the bandwidth to the MPLS core and inter-connect with VPLS through the core. With QoS and traffic engineering you can allocate the necessary bandwidth specific to each application. Therefore, this customer was able to have optimal bandwidth utilization thereby reducing capital expenditures (CapEx) and operating expenditures (OpEx).



Slide 75


Enterprise-Wide Virtualization

Distributed Enterprise/BranchDistributed Enterprise/BranchDistributed Enterprise/BranchDistributed Enterprise/Branch

Extended EnterpriseExtended EnterpriseExtended EnterpriseExtended Enterprise

CampusCampusCampusCampus

Data CenterData CenterData CenterData Center

Enterprise Core or Enterprise Core or Enterprise Core or Enterprise Core or

WANWANWANWAN

3333

75

EnterpriseEnterpriseEnterpriseEnterprise----Wide VirtualizationWide VirtualizationWide VirtualizationWide Virtualization MPLS VPN deployment at the WAN edge and core-aggregation layer provides unique traffic separation capabilities. It enables logical separation of network services—one physical network and as many virtual networks as needed. For example, different organizational units or departments on a single physical companywide network can be segmented to have independent logical networks. This allows for privacy and control across lines of business and applications and ensures a more optimal utilization of network resources. In this scenario a very large US governmental agency needed to provide authenticated access to customers, employees, many databases and application servers that host hundreds of applications, and web servers that host many web pages for its portals. It was faced with the challenge of how to enforce strict security policies on the use of specific applications to different departments in various locations as well as allowing controlled access to external users. The firewalls had proliferated in order to separate applications and enforce policy and the access control lists (ACLs) on the edge routers had become unmanageable—hundreds to thousands of ACLs on each router to allow for logical separation by Layer 2 VLANs at edge. Therefore enforcement of security policy no longer scaled well and was very costly to implement. Deployment considerations included the following:



•Scaled and secured support for a large number of application being used by different locations and departments (security zones); •Easily enforce security policies for each application and location; and •Simplify management and reduce total cost of ownership (TCO). The proposed design implemented MPLS at the core where the MPLS WAN “Super Core” separated security zones. Therefore, the individual security zones become MPLS Layer 3 VPNs (VPN routing and forwarding tables [VRFs]); MPLS implicitly denies access between security zones therefore, there is no need for extensive router ACLs; endpoints are mapped into security zones by Unified Access Control where policy is enforced by a firewall or a Intrusion Detection and Prevention (IDP) device at zone boundaries. The illustration on the slide depicts how multiple security zones are maintained between different physical locations. For example, only campus and data center are on the red security zone, while the branch office and extended enterprise are prevented from accessing the data or applications on the red zone. In summary, network-wide virtualization with MPLS provides the following: •Allows separate Layer 3 VPN connectivity across data centers through a “super core” network; •Provides multipoint Layer 2 VLAN networks across MPLS core to different facilities and locations; •Allows separation of Layer 3 traffic across core network for business service and application requirements or for compliance by mapping of VLANs to VRFs to maintain consistent segmentation end-to-end; and •Provides circuit cross connects (pseudo-wires) by sending Layer 2 services such as Ethernet, Frame Relay, and ATM across an MPLS network.



Slide 76


Regulatory Compliance

Power Generation

Stations

Transmission

Distribution

Consumer

Internet

Smart Meter

Converged MPLS-based Network

Juniper Router

Utility Provider Utility Provider Utility Provider Utility Provider

Administrative VPN NetworkAdministrative VPN NetworkAdministrative VPN NetworkAdministrative VPN Network

SCADA/Control System SCADA/Control System SCADA/Control System SCADA/Control System

VPN NetworkVPN NetworkVPN NetworkVPN Network

Juniper RouterJuniper RouterJuniper RouterJuniper Router

4444

76

Regulatory ComplianceRegulatory ComplianceRegulatory ComplianceRegulatory Compliance Note that the message here is not that MPLS by itself will allow you to meet your regulatory compliance requirements The key point is that companies need to meet regulatory compliance mandates for security and data integrity. Juniper has comprehensive compliance mechanisms through STRM and firewalls that protect the servers. Now segmentation can be extended to the network. Customers can allow their branches and partners to communicate with each another easily and yet still comply with security and privacy regulations by using MPLS. With MPLS, you can guarantee reliability, segmentation, and privacy and assign specific bandwidth from one site to another across the same physical network infrastructure.



Slide 77


Low Latency Scenario:Financial Market Data Distribution 5555

77

Low Latency Scenario: Financial Market Data DistributionLow Latency Scenario: Financial Market Data DistributionLow Latency Scenario: Financial Market Data DistributionLow Latency Scenario: Financial Market Data Distribution Optimized content delivery has become a critical requirement due to the increased level of media-rich traffic on networks. Financial services, news services, and stock exchanges have high-touch content that requires low latency, a high level of resiliency, and high security. Although native IP multicast can achieve these broadcast requirements, it lacks the security offered by combining multicast virtual private Network (MVPN) services and a point-to-multipoint LSP delivery mechanism. In this scenario, a very large stock exchange needs to broadcast rapid market quotes (through multicast) every few microseconds to financial institutions which in turn use unicast to communicate back to the exchange. The performance of the trading network is absolutely critical for the success of the exchange. More than any other business “time is money” in this industry and competitiveness of the market is no longer measured in milliseconds (ms), but in microseconds (µs). Therefore, reducing every microsecond is a competitive advantage for the exchange. The large network of the organization and large volumes of data creates a challenge for scaling traditional multicast technologies. Traditionally for multicast traffic, an ingress router must replicate the traffic on a pseudo-wire to every remote location in the network. As the number of remote locations increases, the traffic in the core for replication also proportionately increases. Therefore, this approach increases bandwidth consumption in the core network, reducing the efficiency.



In addition, traditional data center design is comprised of three layers—access, aggregation, and core. This architecture requires a large number of devices to deploy and manage which requires larger capital investment, increased and unpredictable latency, more rack space and increased power requirements. Deployment Considerations are as follows: •Provide consistent and ultra-low latency multicast to large number of end points such as financial institutions. •Any delay or queuing inserted into the trading path must be eliminated. •Ensure that high volumes of multicast do not impact the unicast traffic as that is the communication that closes the deals. The proposed new design included running point-to multipoint multicast. The Juniper MPLS infrastructure design involved the use of point-to multipoint LSPs. Point-to multipoint multicast traffic engineering capabilities allow complete path control with resource reservation that guarantees QOS for the LSP from end-to-end. Point-to multipoint multicast also supports fast reroute, which can deliver high availability with failover times of approximately 50 millisecond for deterministic routing. The illustration on the slide shows how the exchange can send out multicast traffic (red lines) to a large number of financial institutions while the financial institutions can send unicast traffic back to the exchange (dotted green lines) for closing the transaction. Point-to multipoint multicast in the core is used to reduce the latency to near zero. The proposed new network design includes the following: •High performance, ASIC based M Series hardware for near-zero latency; •High speed interfaces to reduce transmission latency; •Use of point-to multipoint to place upper-bounds on latency by pre-establishing paths; and •Applying the same QoS policies to multicast and unicast packets. In summary, competitiveness in the global financial markets is measured in microseconds. The exchange’s new trading platform is one of the world's premiere high-performance networks, supporting billions of transactions each day. Juniper's high performance routers with advanced routing services will lead to the creation of a robust infrastructure that will deliver a collapsed data center architecture along with point-to multipoint multicast for ultra low-latency multicast traffic with great scale, performance and simplicity.



Slide 78


High Availability High Availability High Availability High Availability NonNonNonNon----stop Active Routing and In Service Software Upgradesstop Active Routing and In Service Software Upgradesstop Active Routing and In Service Software Upgradesstop Active Routing and In Service Software UpgradesHigh Availability (1 of 2) 6666

78

High Availability: Part 1High Availability: Part 1High Availability: Part 1High Availability: Part 1 This slide depicts end-to-end high availability (HA) with various mechanisms including node, link, and router resilience deployed in the network.



Slide 79


High Availability (2 of 2) 6666

79

High Availability: Part 2High Availability: Part 2High Availability: Part 2High Availability: Part 2 Our customers are increasingly operating in a 24-by-7 world, so high availability is critical. Juniper provides this in a number of ways. The software provides such things as graceful switchover, nonstop active routing, and unified ISSU. There is automatic protection switching (APS) in our SONET switching circuits. The network itself has system failure protection, and fault transparency to minimize service interruption. Our hardware is hot-swappable, and key components are provided in redundant configurations. Juniper’s release process is fully tested, and our MTBF times are tracked for continual improvement.



Slide 80


Solution Sets

80

Solution SetsSolution SetsSolution SetsSolution Sets This slide highlights four solution sets for Juniper routers: WAN Core, Internet Edge, Data Center Interconnect, and WAN Aggregation. The following slides will discuss these solution sets individually.



Slide 81


WAN Core

WAN CoreWAN CoreWAN CoreWAN Core The WAN core solution enables cloud computing and advanced real-time mission critical video applications. The key requirements are scalability, reliability, and segmentation of services with classification. Juniper’s M Series router solutions enable much higher performance, reliability, and a wide array of WAN interfaces that exceed our competitors solutions.



Slide 82


Internet Edge

Internet Edge Internet Edge Internet Edge Internet Edge The Internet Edge solution requires segmentation of traffic so that mission critical data, including video, is classified and handled differently at the Internet edge. Requirements for IPv4, IPv6, and security are key. The Juniper M Series advantage is the wide array of scalable WAN interfaces, security features that do not impact performance, support for full Internet routing tables, and advanced MPLS for traffic engineering and VPNs.



Slide 83


Data Center Interconnect

83

Data Center InterconnectData Center InterconnectData Center InterconnectData Center Interconnect The Data Center Interconnect solution set enables businesses to consolidate data centers, provide live server migration, V-motion across the WAN, and prepare for cloud and data center outsourcing. The key requirements for the network include the ability to move, add, and change services easily, segment services and classify each service differently, and provide a secure environment for all transactions. With Juniper M Series routers customers can take advantage of three times the performance of competing solutions and flatten their network with Layer 2 stretch capabilities and MPLS VPNs for service segmentation, classification, and security.



Slide 84


WAN Aggregation—Campus Core

WAN AggregationWAN AggregationWAN AggregationWAN Aggregation————Campus Core Campus Core Campus Core Campus Core The WAN Aggregation solution enables the enterprise to isolate the traffic from different departments and provide service level agreements (SLAs) for each department using MPLS VPNs, security services, QoS, and flow based accounting. The M Series provides high performance routing and low latency for advanced services such as webinars or web based learning.



Slide 85


Section Summary


•Discussed six deployment scenarios for the M Series routers

•Described the requirements and drivers of four particular

solution sets

85

Section SummarySection SummarySection SummarySection Summary In this section, we: •Discussed six deployment scenarios for the M Series routers •Described the requirements and drivers of four particular solution sets



Slide 86



� True or False: MPLS implicitly denies access between

security zones therefore, there is no need for

extensive router ACLs.

86

A) True

B) False

Learning Activity 3: Question 1 True or false: MPLS implicitly denies access between security zones therefore, there is no

need for extensive router ACLs.



Slide 87


M Series for the


Junos Space and Junos SDK

Junos Space and Junos SDKJunos Space and Junos SDKJunos Space and Junos SDKJunos Space and Junos SDK This section will introduce Junos Space. We will also discuss how Juniper’s open standards can help customers integrate, innovate, and gain more control of their network.



Slide 88


Section Objectives


able to:

•Describe how Junos Space can simplify network

management

•Discuss how the Junos OS, Junos Space, and the Junos SDK

help customers gain more control of their network

88

Section ObjectivesSection ObjectivesSection ObjectivesSection Objectives After successfully completing this section, you will be able to: •Describe how Junos Space can simplify network management •Discuss how the Junos OS, Junos Space, and the Junos SDK help customers gain more control of their network



Slide 89


Junos Space:Simplicity, Reliability, and Scalability

89

Junos Space: Simplicity, Reliability, and ScalabilityJunos Space: Simplicity, Reliability, and ScalabilityJunos Space: Simplicity, Reliability, and ScalabilityJunos Space: Simplicity, Reliability, and Scalability Junos Space is a management system that can be used with the M Series routers and other Juniper devices. The system enables campus management, data center management, and security management through plug and play applications. The applications enable fast provisioning of new services, monitoring to validate SLA’s, and diagnostics for troubleshooting network issues. Although new applications will be developed and introduced by Juniper, Junos Space is also open to third-party application development.



Slide 90


Junos Space:Smart Plug-Ins: New Functionality In a Click

� Hot pluggable applications

� Hot pluggable device adds

and updates using DMI

� In service application and

device upgrades

The Simple and Smart Way To Manage Your NetworkThe Simple and Smart Way To Manage Your NetworkThe Simple and Smart Way To Manage Your NetworkThe Simple and Smart Way To Manage Your Network

90

Junos SpaceJunos SpaceJunos SpaceJunos Space: Smart Plug: Smart Plug: Smart Plug: Smart Plug----Ins: New Functionality In a ClickIns: New Functionality In a ClickIns: New Functionality In a ClickIns: New Functionality In a Click One of the challenges of enterprise ITs is adding new services and applications to meet the ever growing demands of their customers. Historically this has been not easy, requiring months of planning, and working within strict maintenance windows. With the Junos Space network application platform, a user can seamlessly add new applications as they become available from Juniper and the eco-system, without having to restart the system. Not only can you add new applications but you can also add new devices and perform device updates.



Slide 91


Automate Provisioning and Monitoring

Provisioning Provisioning Provisioning Provisioning � Junos Space

� Commit script

Monitoring Monitoring Monitoring Monitoring

� NMS

� Event script

TroubleshootingTroubleshootingTroubleshootingTroubleshooting

� Operation script

MigrationMigrationMigrationMigration� I2J configuration

conversion

91

Automate Provisioning and MonitoringAutomate Provisioning and MonitoringAutomate Provisioning and MonitoringAutomate Provisioning and Monitoring Junos has embedded script tools to simplify and automate some tasks for network engineers. Commit Scripts, Op Scripts, and Event Scripts provide self-monitoring, self diagnosing, and self-healing capabilities to the network. Combined together, these tools offer an almost infinite number of applications to reduce downtime, minimize human error, accelerate service deployment, and reduce operational costs Juniper also offers many products that are developed internally and by partners through the open Junos Space platform. One of the best things about the MPLS network core is that it is a dynamic, black box. Yet one of the most frustrating things for customers used to circuit-oriented services that are deterministic in nature is that MPLS is a dynamic, black box. Route Insight is essentially “TiVo for the MPLS core”—it peers instead of polls into the infrastructure, collecting, aggregating, and visualizing this information so customers can more easily plan, simulate, model, and diagnose issues in their MPLS network. Route Insight performs its magic across any MPLS network, but works best with Juniper T and M Series routers. Ethernet Design provides workflows and configuration that operationalize the entire enterprise infrastructure. This includes campus or headquarters, data centers, branch offices, and remote users. Focused on enterprise campus and data center infrastructure deployment, Ethernet Design provides scalable workflow to apply best practice



configurations on a large selection of switches. Best practice configurations includes port security, QoS, and Spanning Tree Protocol (STP). Network Activate is an application designed for service providers to quickly, accurately, and easily create secure communications channels for their customers. In fact, compared to the current best in class tools, Network Activate hosted within Junos Space provides a 10x advantage in throughput with the ability to provision 200 VPNs per operator hour—that is a VPN every 18 seconds—essentially it allows services like VPLS on-demand, automates network resource management, includes a best practice service definition catalog for ELINE, ELAN, and ETREE services, and a point-and-click interface for rapid service roll out and verification. Best of all, Junos Space with Network Activate is ready to do business within 30 minutes. Simply download, start, discover your network infrastructure, and start provisioning. Have you ever had a problem with highly technical equipment and called the vendor for assistance? How much time did you spend explaining the basics: who you were, what the equipment was, model numbers, serial numbers, software versions, configuration, diagnostic codes, and so on. With Service Now, you avoid the tiresome, expensive, and slow “20 questions” process because automated diagnostics on the Junos OS collect all of that information in advance and on-demand, then presents the user with a choice about how much to share and what to share with Juniper support. Once cleared for transmission, this information is used to open a case and start the resolution process. Customers have stated that Service Now has reduced their mean-time-to-recover by 30x over the traditional approach



Slide 92


Partner Solution Development Platform

� Enables customers and partners to build specialized

applications on Junos software

• Allows 3rd party applications to run on or integrate

with Junos

• Delivers competitive advantage and greater choice

and control

� Powerful set of resources, including a SDK

• Intelligent and secure interfaces to Junos routing and service

functions

� Built to ensure security, performance, and reliability

• PSDP design includes multiple layers

of business and technical protections

• Junos modularity delivers inherit security and

performance safeguards

• Junos platforms run only the applications you choose, none by

default

92

Partner Solution Development PlatformPartner Solution Development PlatformPartner Solution Development PlatformPartner Solution Development Platform Juniper has developed an API for third-party developers to develop and run application that integrate with Junos. Juniper is providing access to routing functionality and the full data streams—the real value is in the synthesis of these two areas, not just a “computer on a blade”. More than an SDK, this platform provides the following: •The architecture of Junos and the Partner Solution Development Platform design ensures high-performance •Very tight business and technical controls for the development and deployment of the new applications •Inherently takes advantage of the architectural strengths of Junos in preserving security, performance, and stability •Assures that each customer is affected only by the applications that they choose



Slide 93


Section Summary


•Described how Junos Space can simplify network

management

•Discussed how the Junos OS, Junos Space, and the Junos

SDK help customers gain more control of their network

93

Section SummarySection SummarySection SummarySection Summary In this section, we: •Described how Junos Space can simplify network management •Discussed how the Junos OS, Junos Space, and the Junos SDK help customers gain more control of their network



Slide 94



� True or False: Junos Space is open to third-party

application development.

94

A) True

B) False

Learning Activity 4: Question 1 True or false: Junos Space is open to third-party application development.



Slide 95



� Which Junos Space application would you use to

apply best practice configurations on a large selection

of switches?

95

A) Service Now

B) Route Insight

C) Ethernet Design

D) Network Activate

Learning Activity 4: Question 2 Which Junos Space application would you use to apply best practice configurations on a

large selection of switches?



Slide 96


M Series for the


Competitive Comparison and

Summary

Competitive Comparison and Summary Competitive Comparison and Summary Competitive Comparison and Summary Competitive Comparison and Summary In this section we will take a look at how the M Series routers compare to their main competition. This section will also summarize the attributes, features, and advantages of the M Series routers.



Slide 97


Section Objectives


able to:

•Discuss the M Series main competition

•Describe Juniper’s advantages over the competition

•Summarize the M Series features and advantages

97

Section ObjectivesSection ObjectivesSection ObjectivesSection Objectives After successfully completing this section, you will be able to: •Discuss the M Series main competition •Describe Juniper’s advantages over the competition •Summarize the M Series features and advantages



Slide 98


Competitive Strengths, Weaknesses, Opportunities and Threats

StrengthsStrengthsStrengthsStrengthsBrand

Junos

Installed Base

Interface Diversity

WeaknessesWeaknessesWeaknessesWeaknessesEthernet Density / Pricing

Roadmap

OpportunitiesOpportunitiesOpportunitiesOpportunitiesLegacy Networks

Circuit Emulation

Technology Upgrades

ThreatsThreatsThreatsThreatsCisco

Alcatel-Lucent

98

Competitive Strengths, Weaknesses, Opportunities and ThreatsCompetitive Strengths, Weaknesses, Opportunities and ThreatsCompetitive Strengths, Weaknesses, Opportunities and ThreatsCompetitive Strengths, Weaknesses, Opportunities and Threats The M Series competitive strengths are as follows: •The brand “Juniper Networks” is known for producing high performance routers for the core of the Internet: •The Junos OS is known in the industry as a proven, reliable operating system: •The very large, installed base of routers in the service providers and large enterprise markets: and •The wide array of interfaces available for legacy services and WAN interconnections. The new opportunities for M Series routers are as follows: •The transition of legacy networks to IP networks using the wide array of interfaces available on the M-Series routers; •The transition of legacy networks to IP networks using circuit emulation technology to tunnel the non-IP aware applications over the IP network to enable the elimination of multiple networks and the convergence of all traffic on one IP/MPLS network; and •Technology upgrades as customers move from Frame Relay and ATM networks to IP networks. The competitve threat to the M Series routers is from Cisco and Alcatel-Lucent. These companies have router platforms with similar interfaces as the M Series, however the competitive differentiators in favor of the M Series are performance without compromise, the Junos OS, circuit emulation, and our proven performance in the largest IP/MPLS networks in the world.



The weakness for the M Series routers is Ethernet density, however the M Series is not meant to be a dense Ethernet router; it is focused on multi-services. For dense Ethernet, customers should consider the MX Series routers. Another weakness with the M Series routers is the roadmap for new interfaces and features, however this should be viewed as a strength because the M Series is so feature rich already and provides such a wide array of interfaces the roadmap does not “need” new interfaces and features.



Slide 99


Competitive Matrix

M7iM7iM7iM7i M10iM10iM10iM10i M120M120M120M120 M320M320M320M320

Cisco ASR1KCisco ASR1KCisco ASR1KCisco ASR1K Primary Primary

CiscoCiscoCiscoCisco XR 12KXR 12KXR 12KXR 12K Primary Primary

Cisco CRSCisco CRSCisco CRSCisco CRS Secondary

Cisco 7600Cisco 7600Cisco 7600Cisco 7600 Secondary Secondary Primary Primary

ALU 7750ALU 7750ALU 7750ALU 7750 Secondary Secondary Secondary Secondary

HuaweiHuaweiHuaweiHuawei NENENENE Primary (APAC) Primary (APAC)

99

Competitive MatrixCompetitive MatrixCompetitive MatrixCompetitive Matrix This competitive matrix shows the primary and secondary competitors for each M Series router platform.



Slide 100


Comparison to the Cisco 7200 and 7300

100

Comparison to the Cisco 7200 and 7300Comparison to the Cisco 7200 and 7300Comparison to the Cisco 7200 and 7300Comparison to the Cisco 7200 and 7300 The M Series, and specifically the M7i, M10i and M120, can be advantageously proposed as an upgrade for the legacy 7200 and 7300 from Cisco, as well as the Cisco ASR 1000. Juniper’s competition is proposing a migration from an outdated product that is over 10 years old, with very limited performance and scalability, to an immature product line, which lacks features and which brings another operating system into the network—increasing the operational complexity. The Juniper solution is based on one operating system—the Junos OS—and one hardware base, which brings, among other advantages, hardware-based forwarding, incremental service capabilities through the multiservice PICs, a breadth of interfaces, and the feature-richness of the Junos OS.



Slide 101


� XR 12000 upgrade supports only engine 3 and 5 LC

� IOS-XR high transition risk

� Limited performance

Outdated IOS, limited performance

Replacing the Cisco GSR 12000

M120

M320/T640/MX

Proven and feature-rich

More power and space efficient

Line card redundancy (M120)

XR12000 / CRS-1

EOL’ed

GSR

101

Replacing the Cisco GSR 12000Replacing the Cisco GSR 12000Replacing the Cisco GSR 12000Replacing the Cisco GSR 12000 Similarly, our M120 and M320 routers, as well as our T Series or MX Series platforms, can be advantageously positioned against the ongoing process of upgrading from legacy, outdated GSR platforms to Cisco XR12000 or CRS-1 products. The upgrade path proposed by Cisco again brings many hardware and software inconsistencies, a new operating system, and limited performance, which puts a burden on customers. Juniper’s feature-consistent hardware and software approach brings a next-generation solution to this evolutionary process. Besides being proven and feature rich, the Juniper solutions are also more power efficient and space efficient and can bring unique features such as the line card redundancy that is available on the M120 routers. The M120 router is ideally suited for replacing the 120xx and the 124xx, whereas the M320 routers, T Series, and MX Series are ideally suited to replace the 12416 or the 12816.



Slide 102


ASR 1002 – 5Gbps

Positioned against M7i

ASR 1004 – 5 /10Gbps

Positioned against M7i and M10i

Redundant ASR 1006

10Gbps / 20Gbps

Positioned against M10i

M7i router with in built Gigabit Ethernet and Optional Service PIC

8.4 Gbps forwarding

Redundant M10i router

12.8 Gbps forwarding

Cisco ASR Family Versus Juniper M Series

102

CiscoCiscoCiscoCisco ASR Family Versus Juniper M SeriesASR Family Versus Juniper M SeriesASR Family Versus Juniper M SeriesASR Family Versus Juniper M Series As shown on the slide, Juniper beats Cisco as far as overall throughput is concerned. Keep this in mind as we take a look at the next couple slides.



Slide 103


Juniper’s Performance Advantage

JuniperJuniperJuniperJuniper:~28% Throughput advantage for M Series routersM Series routersM Series routersM Series routers

Cisco:~50% Performance loss with ACL/QoS/RPF/sampling

~85% Performance loss with services

103

JuniperJuniperJuniperJuniper’s Performance Advantages Performance Advantages Performance Advantages Performance Advantage Juniper provides consistency when adding additional services. When adding NAT and firewall services to an existing Cisco ASR, as depicted on the slide, there is a performance loss on the Cisco router. Even when adding a minimal number of access control lists (ACL’s) to the Cisco device, we can see almost an 85% decrease in performance throughput.



Slide 104


Juniper Advantages

104

Juniper AdvantagesJuniper AdvantagesJuniper AdvantagesJuniper Advantages Juniper advantages far outweigh those of a Cisco router. Looking at the table on the slide, we can see that Juniper’s M Series provides 16 times the throughput of the equivalent Cisco router. We also see that Cisco’s 7600 series family is built on a switching architecture which makes it extremely unstable. Whereas the M Series is built on a non-blocking switch fabric. The M Series also has the ability to handle more services out of the box, with HA and MPLS features natively running on the M Series routers.



Slide 105


Over 2,000 M Series Customers

105

Over 2,000 M Series CustomersOver 2,000 M Series CustomersOver 2,000 M Series CustomersOver 2,000 M Series Customers Illustrated on the slide is a small grouping of the over 2000 M Series customers.



Slide 106


M Series Summary (1 of 2)

� Any service to any customer

• Any access technology

• Rich services

• Consistency across all M Series

� Services scaled with stability, security, performance, and availability

• Production experience

• Modular, proven Junos operating system

• ASIC-based forwarding

� Lowest operational cost

• Single OS

• Stability, availability, and security = Uptime

� Market leadership

• I-chip CoS and scale

• Continuous innovation

106

M Series Summary: Part 1M Series Summary: Part 1M Series Summary: Part 1M Series Summary: Part 1 In summary, the M Series routers enable any service to any customer with a wide array of access interfaces and WAN interfaces. The M Series routers have proven performance and availability that scales. Adding advanced services for security, QoS, accounting, and tunneling does not impact performance. The separation of the control plane, data plane, and services plane enables high performance, stability, and consistency. The single Junos OS across all platforms makes operations and management easier and the modular Junos OS with ASIC based forwarding has enabled Juniper to be a leader in the high performance routing market for both service provider and enterprise customers.



Slide 107


M Series Summary (2 of 2)

107

M Series Summary: Part 2M Series Summary: Part 2M Series Summary: Part 2M Series Summary: Part 2 As organizations rely more heavily on the network to run their business, they recognize the need for a solid network foundation that allows them to seamlessly scale performance, reliability, and security as they support more people and services, without driving up the cost and complexity of the network. Juniper provides best-in-class technologies and a comprehensive high-performance routing portfolio with powerful switching and security features that deliver unmatched flexibility and reliability to support advanced services and applications. The Juniper high-end routing portfolio delivers the most advanced routing features, as well as the ability to scale functionality without compromising performance. Advanced routing features available on the Juniper routers include MPLS network virtualization, low-latency multicast, QoS, and HA. Juniper continues to meet high-performance routing requirements of the most demanding organizations in the world, including the following: •The world’s top 65 network and content service providers •Top Fortune 100 enterprises, each with large-scale, high-stake customer interactions and transactions, including online content providers as well as the world’s largest stock exchanges, banks, insurance agencies, and healthcare organizations •Large government deployments, including defense, intelligence, and civilian agencies, as well as the top research and educational institutions in the country



Slide 108


Section Summary


•Discussed the M Series main competition

•Described Juniper’s advantages over

the competition

•Summarized the M Series features and advantages

108

Section SummarySection SummarySection SummarySection Summary In this section, we: •Discussed the M Series main competition •Described Juniper’s advantages over the competition •Summarized the M Series features and advantages



Slide 109



� Which three of the following Cisco products are the

main competition for the M7i and M10i routers?

(Select three.)

109

A) 7200

B) 7300

C) ASR 1000

D) GSR 12000

Learning Activity 5: Question 1 Which three of the following Cisco products are the main competition for the M7i and M10i

routers? (Select three.)



Slide 110



� Which three of the following are considered

competitive strengths of the M Series routers? (Select

three.)

110

A) The Juniper brand

B) Junos OS

C) Ethernet interface density

D) A large, installed base

Learning Activity 5: Question 2 Which three of the following are considered competitive strengths of the M Series routers? (Select three.)



Slide 111


Course Summary

� In this Course, we:

•Described the M Series portfolio

•Described the various M Series models, their architecture,

characteristics, and components

•Described the available interface options

•Discussed how the Junos OS, Junos Space, and the Junos

SDK help customers gain more control of their network

•Discussed the M Series advantages against the competition

111

Course SummaryCourse SummaryCourse SummaryCourse Summary In this Course, we: •Described the M Series portfolio •Described the various M Series models, their architecture, characteristics, and components •Described the available interface options •Discussed how the Junos OS, Junos Space, and the Junos SDK help customers gain more control of their network •Discussed the M Series advantages against the competition



Slide 112


Additional Resources

� Education Services training classes

•http://www.juniper.net/training/technical_education/

� Juniper Networks Certification Program Web site

•www.juniper.net/certification

� Juniper Networks documentation and white papers

•www.juniper.net/techpubs

� To submit errata or for general questions

•[email protected]

112

Additional ResourcesAdditional ResourcesAdditional ResourcesAdditional Resources For additional resources or to contact the Juniper Networks eLearning team, click the links on the screen.



Slide 113


Evaluation and Survey

� You have reached the end of this Juniper Networks

eLearning module

� You should now return to your Juniper Learning

Center to take the assessment and the student

survey

•After successfully completing the assessment, you will earn

credits that will be recognized through certificates and

non-monetary rewards

•The survey will allow you to give feedback on

the quality and usefulness of the course

113

Evaluation and SurveyEvaluation and SurveyEvaluation and SurveyEvaluation and Survey You have reached the end of this Juniper Networks eLearning module. You should now return to your Juniper Learning Center to take the assessment and the student survey. After successfully completing the assessment, you will earn credits that will be recognized through certificates and non-monetary rewards. The survey will allow you to give feedback on the quality and usefulness of the course.



Slide 114


© 2011 Juniper Networks, Inc.

Juniper Networks, Junos, Steel-Belted Radius, NetScreen, and

ScreenOS are registered trademarks of Juniper Networks, Inc. in the

United States and other countries. The Juniper Networks Logo, the

Junos logo, and JunosE are trademarks of Juniper Networks, Inc. All

other trademarks, service marks, registered trademarks, or registered

service marks are the property of their respective owners. Juniper

Networks reserves the right to change, modify, transfer, or otherwise

revise this publication without notice.

114

Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper Networks logo, Junos, NetScreen and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. JunosE is a trademark of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks or registered service marks are the property of their respective owners. Juniper Networks reserves the right to change, modify, transfer or otherwise revise this publication without notice.



Slide 115

CONFIDENTIAL

ssmt01b

Documents

alarm relay contacts

connector interface panel

nonstop active routing

flexible pic concentrators

routing engine maintains

standby routing engine

server live migration

data center interconnect