Запись презентации с партнерского саммита Juniper Networks от 21.04.2015.

1. JunOS Update
Andrey Nushtaev
Systems Engineer
21 April 2015

2. LEGAL STATEMENT
• This statement of product direction
sets forth Juniper Networks’
current intention and is subject to
change at any time without
notice. No purchases are
contingent upon Juniper Networks
delivering any feature or
functionality depicted in this
presentation.

3. Agenda
• Junos Modernization
• Junos new release model
• New Features introduced in 14.1 and 14.2
• Junos Automation & Programmability

4. Key Platform Improvements in 14.1
JAM (Juniper Agile Deployment Methodology)
 Release software support for new hardware as a dynamic pluggable and loadable module on
already released Junos versions/releases
 Provide customers with an option to adopt new hardware, using previously qualified and
hardened Junos versions
In-Service Software Upgrade (ISSU) Enhancements
 Extending ISSU support with MX-VC, LFM, LNS, LACP Fast Hellos
MX-VC “Locality Bias” Support
• Bias unicast transit traffic to prefer local chassis egress
• Prefer local-MX egress rather than remote-MX egress, in order to conserve VCP bandwidth
Inline MLPPP
 Enabling Multilink PPP using Inline Trio.
 This enables customers to use MLPPP on line card and avoid additional investment of Service
Card to just turn on LSQ interfaces.

5. Key Platform Improvements in 14.1
Load-balancing Enhancement
FAT PW
 Create a flow label based on indivisible packet flows entering a pseudowire.
 Use flow label for load balancing in LSR routers, which provides a better traffic distribution
across ECMP paths or link-bundled paths in the core.
Entropy Label (Trio/ICHIP)
 Add entropy label support in chassis which has Trio as Core facing and I-chip as CE facing.
Bottom 3 labeling hash
 Current implementation is with top-of-stack labels (max 3) + payload, which has some
inherent shortcomings with todays deployment of customers like customers going beyond 3
label stack and sometimes confuses with mac starting 0x4 or 0x6 even if it is top 3 labels.
 This new implementations resolves it with new knob by enabling using bottom-of-stack
label (max 3) + payload.

6. Key Platform Improvements in 14.1
Link Aggregation Enhancement
AE Mix with 10G,40G & 100G
 Mixed Mode Lag interface support with 100G, 40G and 10G speeds
 Upgrade path as user moves from a LAG with 10G links to bundle with 40G and/or
100G links and also protect the investment in 10G links.
Modify the Link protection behavior in Static LAG
 Currently in static link protection for AE, only traffic egressing out of the standby link
is dropped but all ingress traffic is accepted. Modify this behavior to drop the ingress
traffic as well for Standby links.
 Use case: Emulating an STP port in discarding mode without the overhead of STP or
ERP

7. Key IP/MPLS features in 14.1
Multicast Enhancements
Multicast only Fast Re-Route
 Fast Re-Route technology in Mulitcast Routing. Based on draft-karan-mofrr-02.
 Multicast only Fast Reroute functionality allows fast reroute of multicast video streaming
traffic, ensuring video quality does not suffer in event of network failures, congestion etc on
one path.
Group VPN Member support in MX
 Group Member support for any-to-any secure connectivity based on RFC 3547.
 Supported feature in SRX and extending in MX as a supported Group Member.
 Interoperability with Cisco GET VPN as a member for multi-vendor deployment.
CoS (forwarding class) Based Accounting
 Enable Forwarding Class with counters while they already have classification available.
 Provide packet/bytes statistics counter per protocol family (inet/inet6) for input & output
direction on IFL and IFD level.

8. EVPN Active/Active Multihoming
 Interconnecting data centers across a wide area through Active-Active forwarding.
 Provides load balancing of unicast traffic on both Active links to load balance traffic and
better utilize their networks.
VXLAN Gateway (VTEP) Trio Support
 Providing an overlay of L2 network over L3 network by encapsulating L2 frames in L3
(IP/UDP) packets.
VXLAN - EVPN A/S stitching
 Ability to stitch and interoperate between EVPN Active-standby and VXLAN, while the
former is providing inter-DC connectivity and the latter is providing intra-DC connectivity
Key Data center and Ethernet features in 14.1

9. Key Data center and Ethernet features in 14.1
OVSDB Support in MX
 OVSDB support on MX-series to interoperate with VMware's NSX.
 SDN Controller for provisioning VXLAN and exchange MAC to VTEP binding
between different VTEPs
MAC pinning & MAC move-VPLS
 MAC pinning is a feature where dynamically learned MAC over 'MAC Pinning
Enabled interfaces’ is not allowed to be re-learned on any other interface till MAC
address timeout (or Aging) in the same bridge domain or VPLS.
 Provides protection in L2 network to avoid MAC move in hardware and loop in L2
bridges.

10. Key Services Features in 14.1
Traffic Detection Function (14.X55)
 Enable policy and control for a standalone Traffic Detection Function (TDF) on the
SDG using the Gx interface. Policy enforcement is for L3 to L7 policies (i.e. DPI).
 Usecase: Subscriber monetization in wireless and wireline networks.
Increase ALG Support for CGN
 Further enhancement of ALG (Application Layer Gateway) supported list in CGN.
 Improve further transparency and avoid breaking application in CGN deployment
by increasing ALG supported list.

11. Key Platform Improvements in 14.2
Inline GRE Defragmentation
 Implementation of inline GRE reassembly
 Allows customers to use Trio based MPCs for GRE tunnels
CNH optimization and VRF LOCALIZATION
 Improve Chain Composite NH (CNH) memory footprint to increase overall scale
 optimize certain data structures to improve scale
 Selectively download a VPN FIB to only those PFEs where the customer connection is
terminating
 Allow PFEs to scale independently; increase the overall L3VPN FIB scale of MX
Interface DAMPENING
 Instantaneous Multiple Flaps with very short UP/DOWN duration (in milliseconds)
 Periodic Flaps with long UP/DOWN duration (in seconds)

12. Key Platform Improvements in 14.2
Logical Systems support on MX-VC
Enhanced Link Aggregation (LAG)
 Removes next hop dependency in LAG environments
 FIB scale, and FIB convergence time improves when this feature is utilized
Fast Interface Shutdown (3sec) after Final RE Failure
 The goal is to shutdown/power off line card ports within 3 sec when “Final RE” is lost.
 “Final RE” is the sole RE on a single RE chassis and it is the Master RE when the other RE is
not ready for GRES in a dual RE chassis router
Adaptive load balancing for ECMP next hops
 Addresses traffic load imbalance issue caused by hashing algorithm
 Link utilization based flow rebalance
 Per-packet based random spray

13. Key Platform Improvements in 14.2
8K SCALE for VRRP
 Improve the scalability and convergence of VRRP, when running over AE and IRB
interfaces
MS-MPC & MS-MIC support on MX-VC
 The infrastructure for this feature provides support for all hardware based ejunos services
NAT with Port bucket allocation (PBA)
 Reduce the number of logs created while using CGNAT and deliver a cost effective solution

14. Key IP/MPLS features in 14.2
MPLS On-demand Loss & Delay measurement
 Introduces LSP SLA measurement as define in RFC 6374 for the following KPIs
 Loss Measurement (packet and octet)
 Throughput Measurement (packet and octet)
 Two-way channel delay (CD)
 Round-trip delay (RTT)
 Inter-Packet Delay Variation (IPDV)
MVPN MIB
 Provides the following read-only capability into MVPN state. Aids in troubleshooting
 Multicast VRF
 Tunnel information
 State information

15. Key IP/MPLS features in 14.2
Link state distribution via BGP
 Uses BGP as the distribution mechanism for traffic engineering data between routers in
different IGP areas and/or Autonomous Systems
 The mechanism can also be used to exchange topology and TE data between the network
and external network-aware applications
Dynamic ingress LSP splitting
 Elastic sizing of LSPs and creation/removal of LSPs based on actual traffic patterns
 Overcome current limitations of Auto-Bandwidth
 Solve bin packing without the need for additional provisioning efforts
Remote LFA in IS-IS
 Enable next-next hop neighbors a.k.a PQ node to the destination as a valid conduit to route
MPLS traffic from primary to secondary in case of a link or node failure condition

16. Key MANAGEABILITY Features in 14.2
IPv6: RFC3162 Radius over IPv6 for system AAA
 With this feature, JUNOS users should be able to login to the router authenticated
through RADIUS over an IPv6 network
UI: Locks for Protected Data
 This feature implements "apply-lock" statement that controls who can "unprotect“
protected configuration data.
UI: Commit time Improvement: Export functionality optimization and Persist groups
optimization
 The commit time is improved by adding a new daemon to handle export functionality
 The second feature is to optimize the Persist groups feature to make it proportional to
size of change to help improve overall commit time.

17. Junos Modernization

18. BSD 10 Upgrade
Junos Kernel modernization
• New development tools
• Faster BSD security updates
• Clean separation of Junos and Free BSD
SMP Infrastructure
• New RPD modularity
• New SMP capabilities
• S&P increase foundation
Modular
Control
Plane
Data Plane
Phased Delivery
• MX introduction 1H2015
• EX, QFX, PTX, introduction 2H2015
• TBD for high end SRX
Customer Experience
• Smarter platform packaging
• Improved modularity
• Boot resiliency media usage change
• Faster future Free BSD Upgrades

19. Junos Kernel Modernization
• Performance improvement
– Boot time/Commit time improvement
– Control Plane performance improvement
• Remove “Giant lock” - Path to user space multithreading support (Run any Junos daemon with multi
core/multi thread)
• Increased BSD Reliability
– BSD community is active on 10.x
– Numerous security updates
• FIPS crypto compliance (FIPS and Common Criteria certification at FRS)
– File system improvements for stability
• Improved supportability/stability
– Resilient Boot
– File system/driver improvements, supportability enhancement, etc
– Faster snapshot capability / Multiple system snapshots

20. SMP Benefits
Preliminary results*
• ~2x faster in subscriber scaling
• ~2x faster in 128K IFL creation time using multi-core
• ~2x increase in BGP Receive path performance with logical
router configurations
• ~80% increase in the rate of creating 256K IFLs
• ~30% increase in the rate of installing 400K BGP routes in
the FIB
– * Note: Final characterization on production releases/configs
coming soon

21. Routing Engine Processor Memory Connection to PFEs Disk Media
First Junos OS
Support
RE-S-1300-2048 1.3-GHz Pentium 2048 MB Gigabit Ethernet 40 GB Hard disk 1 GB CompactFlash
card
8.2
RE-S-2000-4096 2.0-GHz Pentium 4096 MB Gigabit Ethernet 40 GB Hard disk 1 GB CompactFlash
card
8.2
RE-S-1800x2 1800-MHz 8 GB or 16 GB Gigabit Ethernet 32 GB SSD 4 GB CompactFlash
card
10.4
RE-S-1800x4 1800-MHz 8GB or 16 GB Gigabit Ethernet 32 GB SSD 4 GB CompactFlash
card
10.4
RE-MX2000-1800x4 1800-GHz 16 GB Gigabit Ethernet – 4 GB Fixed Internal
CompactFlash card
12.3R2
MX High End Platform Migration Plan at 15.1
• 15.1 Supports MX240, MX480, MX960, MX2010/2020 with following REs
All MX SCBs will be supported. No PFE changes
Linecards and MICs remains unaffected.
SMP capable RE

22. Junos 2015 Release Model

23. Junos release model evolution
Focus
on turning
around
quality
Support
the growth of
the business
Required Maturity / Quality / Efficiency
- More products
- More complexity
- More engineers
- Higher Customer Expectations
- More SW focus in Networks
- More responsive to Customer needs
2010 2012 2015
Innovation
Release
Major
Release
Junos 2015 Model
(Starting with 15.1)
DESIGN
REQUIREMENT
ANALYSIS
CODE REVIEWCODING & TESTING
Feature Development
Top Of Tree (TOT)
Single Integration Branch
Scale + Performance + Multi Dimensional + Sanity
PDT + User Case + Regression
Regression
IB FRS
MR+SR Testing
Feature Automation + Static Analysis + Code Coverage
R1 R2 R3
F1 F2

24. 2015 New Release Model
• Two Major releases a year
– Focused on Quality and Schedule
– Regular cadence of maintenance and service releases
– 3 Years of Engineering Support + 6 months of Service Support
• Four Innovation Releases a Year:
– Added new release vehicle for faster Innovation and agility
– Innovation Releases four times a year; two Innovation Releases
between each Major release with on demand service releases for
critical fixes
– 6 months of Engineering Support + 6 months of Service Support

25. New Release Model: Customer View
CUSTOMER BENEFITS: CURRENT RELEASE
MODEL
NEW RELEASE MODEL
Major Releases 3 times/year 2 times/year
Number of EEOL
Major Release
1 2
Minor / Innovation
Releases
None 4 times/year
Maintenance
Releases
Bug fixes
& New features
Bug fixes only
Engineering
Support
Two releases
24 months;
One release
36 months
Major (EEOL)
36 months;
Minor (Innovation)
6 months
• Choice: Conservative Major Release or
Aggressive Innovation Release
• Faster time to mature for Major
Releases
• Rapid and agile time to market for new
features in Innovation Releases
• 2 EEOL releases per year, total of 6
formally supported releases per year

26. Junos Programmability

27. Definition
• Automation
– “Automatically controlled operation of an apparatus,
process, or system by mechanical or electronic devices
that take the place of human labor” http://www.merriam-webster.com/dictionary/automation
• Programmability:
– “Having the ability to accept a sequence of coded
instruction in order to achieve a specific result”

28. Frameworks
• Puppet*
– EX, MX and QFX standalone
– Phys Int, L2 ports, VLANs, LAG
– ERB templates on Roadmap
• Chef*
– EX and QFX standalone
– Phys Int, L2 ports, VLANs, LAG
– ERB templates on Roadmap
*Requires agent on device
• Ansible
– Uses PyEZ modules (Python and YAML based)
– Greenfield and Bench Testing
– RPCs on roadmap

29. Building Blocks
• SLAX
– On and Off Box automation scripting
– Syntax overlay for XSLT
• PyEZ
– Python framework for any device 11.4
and later
– Device mgmt. and “fact gathering”
– Op and config data
– Utils for software upgrade, file-system
and SCP
• Python on-box
- Enabling Python on the box
- “Everything” that is possible with SLAX can be
done with Python
- API is Python/PyEZ
- Part of core Junos image
- Will be supported on major platforms supporting
Junos release 15.2 or later

30. DIY NETCONF LIBRARIES*
Language of API Mode of
Distribution
Maturity Support URL Additional Notes
Ruby Open Source Most popular. 3200+
downloads.
Open Source Click Wins big on ease of installation,
features, limited dependencies and
active support.
Java via Juniper website. Will
be shortly available on
github.
Already being used by
enterprise customers.
JTAC Click Very simple to get started. Easy on
installation. Single .jar file to use/zero
dependencies.
Python Open Source Based on an already
popular open source
client.
Open Source. Click Favorite language of scripters.
Perl via Juniper website. Most ancient of all API’s.
Needs work to ease
installation
JTAC Click Installation of the API is not entirely
smooth and needs further work to
simplify the process.
PHP Open Source Not in a ready to use
state yet.
Open Source Click Still in development stage.

31. Thank you!