Welcome to the Junos OS basic design architecture module. By the end of this module, you should be able to describe the Junos OS and its basic design architecture. Junos OS functionality is compartmentalized into multiple software processes. Each process handles a portion of the devices functionality. Each process runs in its own protected memory space, ensuring that one process cannot directly interfere with another. When a single process fails, the entire system does not necessarily fail. This modularity also ensures that new features can be added with less likelihood of breaking the current functionality. Junos OS is the trusted, secure network operating system powering the high-performance network infrastructure offered by Juniper Networks. Depending on the platform, Junos OS runs on a modified and hardened version of either FreeBSD or Linux. Junos OS runs on both physical and virtual network devices. Physical devices include hardware routers such as Juniper MX series, switches such as Juniper EX series and QFX series, and security devices such as Juniper SRX series. Virtual devices include virtual MX or VMX, and virtual SRX or VSRX running as virtual machines. Another aspect of Junos modularity is the separation of the control plane and the forwarding or data plane. The processes that control routing and switching protocols are cleanly separated from the processes that forward frames, packets, or both through the device running the Junos OS. This design permits you to tune each process for maximum performance and reliability. The separation of the control and forwarding planes is one of the key reasons why the Junos OS can support many different platforms from a common code base. The diagram illustrates a basic view of the Junos OS architecture and highlights the control and forwarding planes. The control plane runs on the Routing Engine. The Routing Engine is the brain of the platform. It is responsible for performing protocol updates and system management. The Routing Engine runs various protocol and management software processes that reside inside a protected memory environment. The Routing Engine is based on an X86 or PowerPC architecture, depending on the specific platform running the Junos OS. The Routing Engine maintains the routing tables also known as routing information base or RIB. Bridging table and primary forwarding table also known as forwarding information base or FIB, and connects to the packet forwarding engine or PFE through an internal link. Although all Junos devices share this common design goal, the actual components that make up the control and forwarding planes vary between different Junos devices. For additional details about a specific Junos' device, refer to the Juniper Networks Tech Library website. You can access the website from the reference links document. The PFE usually runs on separate hardware and is responsible for forwarding transit traffic through the device. In many platforms running the Junos OS, the PFE uses A6 for increased performance because this architecture separates control operations, such as protocol updates and system management from forwarding operations. Platforms running the Junos OS can deliver superior performance and highly reliable deterministic operation. The PFE receives the forwarding table from the Routing Engine by means of an internal link. Forwarding table updates are a high priority for the Junos OS kernel and are performed incrementally. Because the Routing Engine provides the intelligence side of the equation, the PFE can simply perform as it is instructed. That is, it forwards frames, packets, or both, with a high degree of stability and deterministic performance. This architectural design also makes possible the incorporation of high availability features like graceful routing engine switchover or GRES, nonstop active routing or NSR, and unified in-service software upgrades or ISSUs. The Routing Engine handles all protocol processes in addition to other software processes that control the devices interfaces, the chassis components, system management, and user access to the device. These software processes run on top of the Junos kernel, which interacts with the PFE. The software directs all protocol traffic from the network to the Routing Engine for the required processing. The Routing Engine provides the user interfaces, namely CLI, J-web GUI, and Junos APIs such as network configuration protocol or NETCONF, representational state transfer or REST, and Juniper extension toolkit or JET. These user-interfaces run on top of the Junos kernel and provide user access and control of the device. Also, the Routing Engine performs configuration management. Junos OS chassis process or chassis D enables you to configure and control the properties of the router, including conditions that trigger alarms. The chassis D on the Routing Engine communicates directly with its peer processes running on the PFE. The Routing Engine controls the PFE by providing accurate, up-to-date Layer 2 and Layer 3 forwarding tables and by downloading microcode and managing software processes that reside in the PFEs microcode. The Routing Engine receives hardware and environmental status messages from the PFE and acts upon them as appropriate. The PFE is the central processing component of the forwarding plane. The PFE systematically forwards traffic based on its local copy of the forwarding table. The PFEs forwarding table is a synchronized copy of the information created on and provided by the Routing Engine. Storing and using a local copy of the forwarding table enables the PFE to forward traffic more efficiently and eliminates the need to consult the Routing Engine each time a packet needs to be processed. Using this local copy of the forwarding table also permits platforms running Junos OS to continue forwarding traffic during control plane instabilities. The PFE also maintains Layer 2 bridging information. In addition to forwarding traffic, the PFE also implements a number of advanced services. Some examples of advanced services implemented through the PFE include polices that provide rate-limiting, stateless firewall filters in class of service or COS. Other services are available through special interface cards that you can add to the PFE complex.
