JNCDA

Ace your homework & exams now with Quizwiz!

LAG

"LAG" stands for "Link Aggregation Group." In the modern world we are ever more connected through an expansive array of wires, fiber, and even wirelessly. There are thousands of various networking features that exist in network gear to keep our world connected.

VPLS (Virtual Private LAN Service)

Virtual Private LAN Service (VPLS) is a way to provide Ethernet-based multipoint to multipoint communication over IP or MPLS networks. It allows geographically dispersed sites to share an Ethernet broadcast domain by connecting sites through pseudowires. ... VPLS is a virtual private network (VPN) technology. Standards - open solution

NETCONF

A protocol defined by the IETF for installing, manipulating, and deleting the configuration of network devices.

SCP (Secure Copy Protocol)

A protocol that uses SSH to securely copy files between a local and a remote host, or between two remote hosts.

ADVPN

VPN Tunnels to be established dynamically between spokes Auto Discovery VPN (ADVPN) is a technology that allows the central HUB to dynamically inform spokes about a better path for traffic between two spokes.

PKI (Public Key Infrastructure)

** Cryptographically Secure Public key infrastructure (PKI) provides a way of verifying the identity of a remote site by using a digital certificate. PKI uses a certificate authority (CA) to validate your information and to sign it with a digital signature such that neither your information nor the signature can be modified. An encryption system that is composed of a CA, certificates, software, services, and other cryptographic components, for the purpose of verifying authenticity and enabling validation of data and entities.

VRRP (Virtual Router Redundancy Protocol)

** Standards - open solution A standard that assigns a virtual IP address to a group of routers. At first, messages routed to the virtual IP address are handled by the master router. If the master router fails, backup routers stand in line to take over responsibility for the virtual IP address. VRRPs can contain two different routing platforms

Route Summarization Benefits

** To reduce routing overhead ** To benefit from a hierarchical IP addressing plan - Saves memory: routing tables will be smaller which reduces memory requirements. - Saves bandwidth: there are less routes to advertise so we save some bandwidth. - Saves CPU cycles: less packets to process and smaller routing tables to work on. - Stability: Prevents routing table instability due to flapping networks.

LAG Benefits

- Increased reliability and availability. If one of the physical links in the LAG goes down, traffic is dynamically and transparently reassigned to one of the other physical links. - Better use of physical resources. - Traffic can be load-balanced across the physical links. - Increased bandwidth. The aggregated physical links deliver higher bandwidth than each individual link. - Incremental increase in bandwidth. A physical upgrade could produce a tenfold increase in bandwidth; LAG produces a two- or fivefold increase, useful if only a small increase is needed.

Network Capacity Planning 101: Performance & Visibility Requirements

- Types of network traffic. - Capacity of current network infrastructure. - Network utilization at various points in the network. - Current network traffic volumes for both the internal network and connectivity to external networks. ** Need a network management platform to use as a capacity tool to map the network & gather statistics on performance.

Enterprise Campus Design Considerations

-Network Geography - Network Applications - Data Link Layer Technology (shared or switched) - L2/L3 Switching - Transmission Media (Physical Cabling)

Load Balancer

A load balancer is a device that acts as a reverse proxy and distributes network or application traffic across a number of servers. Load balancers are used to increase capacity (concurrent users) and reliability of applications. ... Load balancers are generally grouped into two categories: Layer 4 and Layer 7.

gRPC

= modern open source RPC framework that runs in any environment. efficiently connects services in and across data centers w/ pluggable support for load balancing, tracing, health checking & authentication. applicable in last mile of distributed computing to connect devices, mobile applications and browsers to backend services. If you're new to gRPC, read this: https://grpc.io/docs/guides/

HSRP (Hot Standby Router Protocol)

A Cisco proprietary redundancy protocol for establishing a fault-tolerant default gateway. ** Juniper does not support - VRRP is the standard version (interoperability) The protocol establishes an association between gateways in order to achieve default gateway failover if the primary gateway becomes inaccessible. HSRP gateways send multicast hello messages to other gateways to notify them of their priorities (which gateway is preferred) and current status (active or standby).

First Hop Redundancy Protocol (FHRP)

A class of protocols that includes HSRP, VRRP, and GLBP, which allows multiple redundant routers on the same subnet to act as a single default router (first-hop router). A first hop redundancy protocol (FHRP) is a computer networking protocol which is designed to protect the default gateway used on a subnetwork by allowing two or more routers to provide backup for that address;[1][2] in the event of failure of an active router, the backup router will take over the address, usually within a few seconds

SSL VPN

A type of VPN that uses SSL encryption. Clients connect to the VPN server using a standard Web browser, with the traffic secured using SSL. The two most common types of SSL VPNs are SSL portal VPNs and SSL tunnel VPNs. A secure sockets layer VPN (SSL VPN) enables individual users to access an organization's network, client-server applications, and internal network utilities and directories without the need for specialized software. SSL VPNs provide safe, secure communication via an encrypted connection for all types of devices, regardless of whether access to the network is via the public internet or another secure network. All traffic between a web browser and an SSL VPN device is encrypted with either the SSL or transport layer security (TLS) protocol. Individual users of the SSL VPN do not have to decide which protocol to use for the VPN to do its job. Instead, the SSL VPN automatically uses the newest, most updated cryptographic protocol that has been installed on the user's browser. Users do not need to worry about updating the protocol on their browser either. Whenever a browser or an operating system (OS) is updated, the newest version of the protocol is updated along with it.

Root Protection (Campus/Access Layer)

Additional Protection that prohibits superior BPDUs, sent from rogue devices or through a misconfiguration on an authorized access switch, from being processed & causing the spanning tree to be recalculated in an unwanted manner. Enabled on interfaces that should not be elected as the root port. *Used to avoid unwanted STP topology changes & root bridge placement (configured on root bridge eligible switches).

Internet Key Exchange

An Internet, IPsec, key-establishment protocol [R4306] for putting in place authenticated keying material (a) for use with ISAKMP and (b) for other security associations, such as in AH and ESP. In computing, Internet Key Exchange (IKE, sometimes IKEv1 or IKEv2, depending on version) is the protocol used to set up a security association (SA) in the IPsec protocol suite. IKE builds upon the Oakley protocol and ISAKMP.[1] IKE uses X.509 certificates for authentication ‒ either pre-shared or distributed using DNS (preferably with DNSSEC) ‒ and a Diffie-Hellman key exchange to set up a shared session secret from which cryptographic keys are derived.[2][3] In addition, a security policy for every peer which will connect must be manually maintained.[2]

Full Mesh VPN

VPN topology is set to 'Full Mesh,' when the purpose of the VPN is to provide full connectivity without access controls between all VPN endpoints. In a full-mesh VPN, each site in the VPN can communicate with every other site in that same VPN.

1-Tier / 2-Tier Routers

As far as Tiers of routers, I've heard it used to explain the core/edge scenario as far as security is concerned. A Tier 1 router is going to be on your edge and a Tier 2 will be an internal router usually separated by some sort of firewall.

Network Segmentation

Network segmentation is the separation of critical networks from the Internet and other internal, less sensitive networks. Network segmentation, which involves splitting the larger network into smaller network segments, can be accomplished through firewalls, virtual local area networks, and other separation techniques

ADVPN

Auto Discovery VPN (ADVPN) allows to dynamically establish direct tunnels (called shortcuts) between the spokes of a traditional Hub and Spoke architecture. After a shortcut tunnel is established between two spokes and routing has converged, spoke to spoke traffic no longer needs to flow through the Hub.

BPDU

Bridge Protocol Data Units are frames that contain information about the spanning tree protocol. A switch sends BPDUs using a unique source MAC address from its origin port to a multicast address with destination MAC *easier to troubleshoot than STP

BYOD

Bring your own device. A policy allowing employees to connect personally owned devices, such as tablets and smartphones, to a company network. Data security is often a concern with BYOD policies and organizations often use VLANs to isolate mobile devices.

CoS

Class of Service (CoS) is a way of managing traffic in a network by grouping similar types of traffic -- such as email, streaming video, voice over IP and large document file transfer -- together and treating each type as a class with its own level of network service priority

Closed Loop Automation

Closed-loop automation continuously assesses real-time network conditions, traffic demands, and resource availability to determine the best placement of traffic for optimal service quality and resource utilization, according to operator-defined policies

Junos Space Network Director

On-Prem Centralized Campus Management Network analytic & visibility Junos Space Network Director enables unified management of EX Series Ethernet Switches, MX Series routers, QFX Series switches, and Junos Fusion Enterprise in your network. ... You can install Network Director in either Juniper Networks JA2500 Junos Space Hardware Appliance or a Junos Space Virtual Appliance https://www.juniper.net/us/en/products/sdn-and-orchestration/junos-space-management-applications/network-director.html

Hub & Spoke VPN

Each pair of terminals can communicate to each other only by going through the headquarters All VPN tunnels converge at one location. This can be used to achieve global data visibility and control at a central location. VPN Hub and Spoke Connectivity VPN connections can be setup in a Hub and Spoke VPN topology, or also known as Site-to-Multi site VPN topology. In this scenario, all branch offices are connected to the head office. This topology does not only support traffic between the head office and its branch offices, but any traffic between the branch offices can communicate with each other via the head office VPN device. In this topology, the head office is the hub, and the branch offices are the spokes connecting to the hub. The head office VPN appliance would need to be powerful and scalable to provide secure connectivity to all branch offices. This is a secure and best practice method when providing connectivity between branches and branches to the head office. This is because the hub is able to see and control all traffic between all sites.

Hub-and-Spoke VPN (Goes through HQ)

Each pair of terminals can communicate to each other only by going through the headquarters. Solution Overview. In a centralized VPN configuration, also referred to as hub and spoke, all VPN tunnels converge at one location. This can be used to achieve global data visibility and control at a central location.

GRE

Generic Routing Encapsulation. A tunneling protocol developed by Cisco Systems. Generic Routing Encapsulation is a tunneling protocol developed by Cisco Systems that can encapsulate a wide variety of network layer protocols inside virtual point-to-point links or point-to-multipoint links over an Internet Protocol network ** Layer 3

What would the oversubscription be if RSTP or MSTP was used?

If RSTP is used, only one of the uplink connections from the access tier to the aggregation tier will be used because of STP blocking when the tree is built. In this case, oversubscription is around 1:48 (assuming most/all ports are used) If MSTP is used and network traffic is distributed between two separate root bridges at the core tier, then oversubscription might be closed to 1:24 (assuming most/all ports are used). While the 1:24 oversubscription ratio may work fine in this environment, the 1:48 ration may be too high and cause issues with latency sensitive. To lower the ratio, you could add more uplink connections & create LAHs between each access & aggregation pair or use 10GbE uplink connections instead of 1GbE.

Supplicant

In computer networking, a supplicant is an entity at one end of a point-to-point LAN segment that seeks to be authenticated by an authenticator attached to the other end of that link. The IEEE 802.1X standard uses the term "supplicant" to refer either to hardware or to software.

HSRP

In computer networking, the Hot Standby Router Protocol is a Cisco proprietary redundancy protocol for establishing a fault-tolerant default gateway. Version 1 of the protocol was described in RFC 2281 in 1998

DMZ

In computer security, a DMZ or demilitarized zone is a physical or logical subnetwork that contains and exposes an organization's external-facing services to an untrusted, usually larger, network such as the Internet

Modular Design

Is a design approach that subdivides a system into smaller parts called modules or skids, that can be independently created and then used in different systems. (think modular chassis - w/ plug-in modules designed for expansion)

Data-Interchange format for automating JUNOS

JSON & YAML

Contrail Cloud

Juniper® Contrail® Cloud is a fully managed telco cloud solution for running Network Functions Virtualization Infrastructure (NFVI) with always-on reliability and service assurance for virtualized network functions (VNFs). Contrail Cloud components are tested and integrated to guarantee interoperability, stability, and high performance. Based on open-source technologies such as OpenStack, OpenContrail, and Ceph with standard APIs, the platform provides the freedom to add third-party components as needed. Contrail Cloud combines products from industry leaders in cloud infrastructure (compute, storage, networking virtualization) and application management software into a single solution that provides high scale, high availability, and high performance with always-on service reliability. The platform can be deployed over any compatible compute, storage, or networking hardware, including SmartNIC for transparent network offload acceleration.

Junos PyEZ

Junos PyEZ is a microframework for Python that enables you to manage and automate devices running the Junos operating system (Junos OS). Junos PyEZ is designed to provide the capabilities that a user would have on the Junos OS command-line interface (CLI) in an environment built for automation tasks.

Which JUNOS Space application can be used to manage L3 VPNS on MX devices?

Junos Space Connectivity Services Director https://www.juniper.net/us/en/products/sdn-and-orchestration/junos-space-management-applications/connectivity-services-director.html

Network Latency

Latency is a measure of delay. In a network, latency measures the time it takes for some data to get to its destination across the network. It is usually measured as a round trip delay - the time taken for information to get to its destination and back again. The round trip delay is an important measure because a computer that uses a TCP/IP network sends a limited amount of data to its destination and then waits for an acknowledgement to come back before sending any more. Thus, the round trip delay has a key impact on the performance of the network.

Disaster Recovery Plan (DRP) Best Practice

Leveraging Multiple Data Centers (DCI)

LAG

Link aggregation (LAG) is used to describe various methods for using multiple parallel network connections to increase throughput beyond the limit that one link (one connection) can achieve. For link aggregation, physical ports must reside on a single switch

FXP0 Link

Management Ethernet Interface Overview To connect to the router via the management port, use the management Ethernet interface. This topic provides you an overview of the management Ethernet Interface and describes how to configure the IP address and MAC address for the interface. The router's management Ethernet interface, fxp0 or em0, is an out-of-band management interface that needs to be configured only if you want to connect to the router through the management port on the front of the router. You can configure an IP address and prefix length for this interface, which you commonly do when you first install the Junos OS:

Which factors determine the maximum distance of a fiber connection between an access switch and its upstream aggregation switch?

Maximum distance for a fiber connection depends on whether an MMF or SMF is used, what category of fiber (OM1, OM2, OM3, OM4), the type & the speed of the optics. As well as the communication protocol. In general, MMF can be used in situations that require less than 400 meters (or 1312 ft) when modern fiber (OM3/OM4) is used and for optic types that support speeds of less than 10Gbps. Note that for distances beyond 400 meters SMF is required! ** Fiber is unidirectional

MQTT

Message Queue Telemetry Transport

MPLS

Multi-Protocol Label Switching (MPLS) converts routed network to something closer to a switched network and offers information transfer speeds that are not available in a traditional IP-routed network. Instead of forwarding packets on a hop-by-hop basis, paths are established for particular source-destination pairs. ** Layer 2.5

Multi-Mode Fiber

Multi-mode fiber is the most common fiber type used for network backbone inside buildings. It is the fiber type that the IEEE, ANSI, TIA, and ISO standards typically define in fiber LAN specifications. The most commonly installed multi-mode core size is 62.5 micrometers (μm). The associated cladding size is 125 μm. But other core sizes are available, like 50 μm, 100 μm, 62.5/125 μm, and 50/125 μm. Multi-mode features: - Multiple light paths - Relatively inexpensive - Modal-bandwidth limited - Primarily used for LANs

OSPF

Open Shortest Path First is a routing protocol for Internet Protocol networks. It uses a link state routing algorithm and falls into the group of interior gateway protocols, operating within a single autonomous system. It is defined as OSPF Version 2 in RFC 2328 for IPv4 When configured, OSPF will listen to neighbors and gather all link state data available to build a topology map of all available paths in its network and then save the information in its topology database, also known as its Link-State Database (LSDB).

PPP

Point-to-Point Protocol. A protocol that provides router-to-router and host-to-network connections over synchronous point-to-point and asynchronous point-to-point circuits. In computer networking, Point-to-Point Protocol (PPP) is a data link layer (layer 2) communication protocol between two routers directly without any host or any other networking in between. It can provide connection authentication, transmission encryption,[1] and data compression. PPP is used over many types of physical networks, including serial cable, phone line, trunk line, cellular telephone, specialized radio links, ISDN, and fiber optic links such as SONET. Since IP packets cannot be transmitted over a modem line on their own without some data link protocol that can identify where the transmitted frame starts and where it ends, Internet service providers (ISPs) have used PPP for customer dial-up access to the Internet. Two derivatives of PPP, Point-to-Point Protocol over Ethernet (PPPoE) and Point-to-Point Protocol over ATM (PPPoA), are used most commonly by ISPs to establish a digital subscriber line (DSL) Internet service connection with customers. ** Layer 2

QoE

Quality of experience (QoE) is a measure of the delight or annoyance of a customer's experiences with a service (e.g., web browsing, phone call, TV broadcast). QoE focuses on the entire service experience; it is a holistic concept, similar to the field of user experience, but with its roots in telecommunication.

RPC Execution

RPC is a request-response protocol. An RPC is initiated by the client, which sends a request message to a known remote server to execute a specified procedure with supplied parameters. The remote server sends a response to the client, and the application continues its process.

Chassis Clustering

SRX (must be identical. The cluster nodes are connected together with two links called control link and fabric link and devices in a chassis cluster synchronize the configuration, kernel, and PFE session states across the cluster to facilitate high availability, failover of stateful services, and load balancing. The Junos OS provides high availability on SRX Series device by using chassis clustering. SRX Series Services Gateways can be configured to operate in cluster mode, where a pair of devices can be connected together and configured to operate like a single node, providing device, interface, and service level redundancy.

The differences between Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP), and Multiple Spanning Tree Protocol (MSTP):

STP: only supports a single instance. RSTP: supports fast convergence and a single instance. MSTP: includes the advantages of RSTP, and supports multiple instances.

SNMP

Simple Network Management Protocol is an Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. SNMP is inherently insecure because SNMP messages are not encrypted. SNMP works by sending messages, called protocol data units (PDUs), to devices within your network that "speak" SNMP. ... Using these requests, network administrators can track virtually any data values they specify. All of the information SNMP tracks can be provided to a product that asks for it.

Single-Mode Fiber

Single-mode fiber is used in more demanding applications. Single-mode uses a smaller core diameter (between 8 and 12 μm, with 9 μm being the average) and the same cladding diameter as multi-mode fiber. Single-mode features: - 9/125 μm - Single light path - Somewhat more costly - More difficult to terminate - Essentially unlimited bandwidth -Primarily used for MAN/WANs

TCP-MSS

TCP-MSS, Transmission Control Protocol- Maximum Segment Size, is a parameter of the options field of the TCP header that specifies the largest amount of data, specified in bytes, that a computer or communications device can receive in a single TCP segment

MSTP

The Multiple Spanning Tree Protocol (MSTP) and algorithm, provides both simple and full connectivity assigned to any given Virtual LAN (VLAN) throughout a Bridged Local Area Network. MSTP uses BPDUs to exchange information between spanning-tree compatible devices, to prevent loops in each MSTI (Multiple Spanning Tree Instances) and in the CIST (Common and Internal Spanning Tree), by selecting active and blocked paths. This is done as well as in STP without the need of manually enabling backup links and getting rid of bridge loops danger. Moreover, MSTP allows frames/packets assigned to different VLANs to follow separate paths, each based on an independent MSTI, within MST Regions composed of LANs and or MST Bridges. These Regions and the other Bridges and LANs are connected into a single Common Spanning Tree (CST).

Spanning Tree Protocol

The Spanning Tree Protocol is a network protocol that builds a loop-free logical topology for Ethernet networks. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them. The most serious shortcoming is that STP has a brittle failure mode that can bring down entire data center or campus networks when something goes wrong. ... It remains risky to create VLANs and modify the STP configuration

VRRP

The Virtual Router Redundancy Protocol is a computer networking protocol that provides for automatic assignment of available Internet Protocol routers to participating hosts. This increases the availability and reliability of routing paths via automatic default gateway selections on an IP subnetwork.

Active/Passive vs Active/Active WAN Design

The key difference between these two architectures is performance. Active-active clusters give you access to the resources of all your servers during normal operation. In an active-passive cluster, the backup server only sees action during failover. Thanks to the 24/7 availability of the internet, businesses need networks that are designed to assure high availability (H/A). The two most popular methods adopted by network managers today to achieve this are to use clustering to deal with failover (Active/Passive Mode) and load balancing. Alternatively, Active/Active mode is employed to provide for database or session replication and to support redundancy. Load balancers can be placed in the network to direct server requests according to server performance and the method of traffic distribution chosen, such as round robin for example. In certain cases, network managers prefer to place tload balancers outside the cluster to provide for increased horizontal scalability.

SSL VPN

The primary reason to use an SSL VPN product is to prevent unauthorized parties from eavesdropping on network communications and extracting or modifying sensitive data. An SSL VPN generally provides two things: secure remote access via a web portal, and network-level access via an SSL-secured tunnel between the client and the corporate network. The primary benefit of an SSL VPN is data security and privacy. ... Most SSL VPNs also integrate with multiple authentication mechanisms.

Which approaches can be used to interconnect the switches on different floors at different locations?

The recommendations may be one of two general approaches. The access switches on the various floors at each of the two remote locations will either all need to be interconnected in a loop fashion so they can participate in a virtual chassis, or each access switch could be individually connected to the proposed access switches on Floor 1 (or some other switches specifically designated as aggregation switches that would also be added to Floor 1). In either case, you should consider and discuss the choices and trade-offs in each design option. Also note that the selected method for interconnecting the switches can ultimately impact the switch model you propose. For example, if you decide to interconnect the switches in a single virtual chassis as each location, you may not be able to propose the EX2200 series because they only up to four members in a virtual chassis compared to 10 members of other models.

What's the maximum distance of a cable running between an integrated revenue port on an access switch and the IP phone at a user's workstation

The structured cabling standards (EIA/TIA 568) have long commanded that "Category" UTP cables cannot exceed a maximum distance of 100 meters/328 feet for a proper connection between two LAN devices such as a network switch and an IP surveillance camera. The maximum distance for a 1GbE 1000BASE-T copper connection, which is what is required for the access connection to the user's IP phone (and technically including the second connection from the IP phone to the user's/laptop/workstation) is 100 meters (or 328 feet)

Console Port

The type of port on a router used to communicate with the router itself, such as when making programming changes to the device.

Firewall Architectures

There are three-tier levels of firewall architecture. Single tier places the private network behind the firewall, two-tier use one firewall with three or more interfaces in a series, and three-tier use multiple subnets between private network and the internet separated by firewalls.

1-Tier & 2-Tier Data Centers

Tier 1: A Tier 1 data center has a single path for power and cooling and few, if any, redundant and backup components. ... Tier 2: A Tier 2 data center has a single path for power and cooling and some redundant and backup components. It has an expected uptime of 99.741% (22 hours of downtime annually).

TCP/IP

Transmission Control Protocol/Internet Protocol. Protocol that connects computers to the Internet. Tells computers how to exchange information over the Internet. TCP is concerned with making sure all of the packets of your data get to their destination safely, and in the correct order. It requires that only a certain amount of data is transmitted before waiting for an acknowledgement.

Virtual Chassis

Using Virtual Chassis technology here reduces the number of devices that need to be managed. Collapsing several individual devices into a single logical device eliminates the need for STP, eliminating delays resulting from network convergence while enhancing performance and improving resource utilization.

VCF Benefits

VCF is an evolution of the Virtual Chassis feature, which enables you to interconnect multiple devices into a single logical device, inside of a fabric architecture. The VCF architecture is optimized to support small and medium-sized data centers that contain a mix of 1-Gbps, 10-Gbps, and 40-Gbps Ethernet interfaces.

VLAN Tagging

VLANs keep traffic from different networks separated when traversing shared links and devices within a topology. This process, also known as VLAN tagging, is invaluable to limiting broadcast network traffic and securing network segments. A VLAN tag is included in the header of every frame sent by an end-station on a VLAN. On receiving a tagged frame, the switch inspects the frame header and, based on the VLAN tag, identifies the VLAN. The switch then forwards the frame to the destination in the identified VLAN.

Loop Protection (Campus/Access Layer)

When enabled, the spanning-tree topology detects root ports & blocked ports & ensures that both are receiving BPDUs. If an interface with loop protection enabled stops receiving BPDUs from its designated port, it does not transition the interface to a forwarding state. Instead, it transitions the interface to a loop-inconsistent state. It recovers when it receives a BPDU. It's recommended, if you enable it, that you do so on all switch interfaces that have a chance of becoming root or designated ports. It's most effective when enables on all switches within a network.

BDPU Protection (Campus/Access Layer)

You can enable BPDU protection on switch interfaces on which no BPDUs are expected. If a protected interface receives BPDUs the switch disables the interface & stops forwarding frames by transitioning the interface to a blocking state. *Prevents rogue switches from connecting to the network & causing undesired L2 topology changes & possible outages.

Junos Space Ethernet

the IP address type of the node management interface (eth0) is considered for communication with managed devices eth0—Use the eth0 interface to configure the virtual IP (VIP) address of a fabric and the IP address of the node as well as to access the managed devices. The VIP address and the IP address of the node should be on the same subnet. The eth0:0 subinterface provides access to the Junos Space Network Management Platform GUI. You can access the GUI by using the VIP address of the fabric. eth1—Use the eth1 interface as an administrative interface of a Junos Space node. Use SSH to access a Junos Space node through this interface. The eth0 interface and the eth1 interface can be on different subnets. If you configure eth1, you cannot access the Junos Space nodes using the eth0 interface. You can access the CLI of the Junos Space node only through the eth1 interface. eth2—The eth2 interface is reserved for future use. eth3—Use the eth3 interface as the device management interface for SSH access to managed devices when the managed devices are on an out-of-band management subnet or on a subnet not accessible through the eth0 interface.


Related study sets

BIO416 SBA Chapter 19 - Regulation of Metabolism

View Set

Endocrinology Quiz 1 - Practice Questions

View Set