Glossary - Junos Enterprise Switching

by Doug Marschke, Harry Reynolds

Author’s note: This is the same glossary we published in JUNOS Enterprise Routing, the companion volume to this book. We include it here for the reader focusing only on JUNOS switching and the EX platform.

JUNOS Enterprise Switching book cover

This excerpt is from JUNOS Enterprise Switching . JUNOS Enterprise Switching is the only detailed technical book on Juniper Networks' new Ethernet-switching EX product platform. This extremely practical book is a useful, hands-on field guide to the EX platform, and also makes a excellent study guide for certification exams in the JNTCP enterprise tracks. Includes all-inclusive coverage of Juniper Networks switching platforms, architecture and packet flow, management options, user interface options, JUNOS switch deployment, as well as configuration, maintenance, and troubleshooting guidelines.

buy button
3DES

Data Encryption Standard. Triple DES.

AAL

Asynchronous Transfer Mode (ATM) adaptation layer. A series of protocols enabling various types of traffic, including voice, data, image, and video, to run over an ATM network.

AAL5 mode

Asynchronous Transfer Mode (ATM) adaptation Layer 5. One of four ATM adaptation layers (AALs) recommended by the ITU-T. AAL5 is used predominantly for the transfer of classical IP over ATM. AAL5 is the least complex of the current AAL recommendations. It offers low-bandwidth overhead and simpler processing requirements in exchange for reduced bandwidth capacity and error-recovery capability. It is a Layer 2 circuit transport mode that allows you to send ATM cells between ATM2 IQ interfaces across a Layer 2 circuit-enabled network. You use Layer 2 circuit AAL5 transport mode to tunnel a stream of AAL5-encoded ATM segmentation and reassembly Protocol Data Units (SAR-PDUs) over a Multiprotocol Label Switching (MPLS) or IP backbone.

See Also cell-relay mode, Layer 2 circuits, standard AAL5 mode, trunk mode.

ABR

Area border router. Router that belongs to more than one area. Used in Open Shortest Path First (OSPF).

See Also OSPF.

access concentrator

Router that acts as a server in a Point-to-Point Protocol over Ethernet (PPPoE) session—for example, an E Series router.

accounting services

Method of collecting network data related to resource usage.

ACFC

Address and Control Field Compression. Enables routers to transmit packets without the two 1-byte address and control fields (0xff and 0x03) which are normal for Point-to-Point Protocol (PPP)-encapsulated packets, thus transmitting less data and conserving bandwidth. ACFC is defined in RFC 1661, “The Point-to-Point Protocol (PPP).”

See Also PFC.

active route

Route chosen from all routes in the routing table to reach a destination. Active routes are installed into the forwarding table.

adaptive services

Set of services or applications that you can configure on an Adaptive Services PIC (ASP). The services and applications include stateful firewall, Network Address Translation (NAT), intrusion detection services (IDSs), Internet Protocol Security (IPSec), Layer 2 Tunneling Protocol (L2TP), and voice services.

See Also tunneling protocol.

address match conditions

Use of an IP address as a match criterion in a routing policy or a firewall filter.

adjacency

Portion of the local routing information that pertains to the reachability of a single neighbor over a single circuit or interface.

Adjacency-RIB-In

Logical software table that contains Border Gateway Protocol (BGP) routes received from a specific neighbor.

Adjacency-RIB-Out

Logical software table that contains Border Gateway Protocol (BGP) routes to be sent to a specific neighbor.

ADM

Add/drop multiplexer. SONET functionality that allows lower-level signals to be dropped from a high-speed optical connection.

ADSL

Asymmetrical digital subscriber line. A technology that allows more data to be sent over existing copper telephone lines, using the public switched telephone network (PSTN). ADSL supports data rates from 1.5 Mbps to 9 Mbps when receiving data (downstream rate) and from 16 Kbps to 640 Kbps when sending data (upstream rate).

ADSL interface

Asymmetrical digital subscriber line interface. Physical WAN interface that connects a router to a digital subscriber line access multiplexer (DSLAM). An ADSL interface allocates line bandwidth asymmetrically. Downstream (provider-to-customer) data rates can be up to 8 Mbps for ADSL, 12 Mbps for ADSL2, and 25 Mbps for ADSL2+. Upstream (customer-to-provider) rates can be up to 800 Kbps for ADSL and 1 Mbps for ADSL2 and ADSL2+, depending on the implementation.

ADSL2 interface

ADSL interface that supports ITU-T Standard G.992.3 and ITU-T Standard G.992.4. ADSL2 allocates downstream (provider-to-customer) data rates of up to 12 Mbps and upstream (customer-to-provider) rates of up to 1 Mbps.

ADSL2+ interface

ADSL interface that supports ITU-T Standard G.992.5. ADSL2+ allocates downstream (provider-to-customer) data rates of up to 25 Mbps and upstream (customer-to-provider) rates of up to 1 Mbps.

AES

Advanced Encryption Standard. Defined in FIPS PUB 197. The AES algorithm uses keys of 128, 192, or 256 bits to encrypt and decrypt data in blocks of 128 bits.

aggregate route

Combination of groups of routes that have common addresses into a single entry in a routing table.

aggregated interface

Logical bundle of physical interfaces. The aggregated interface is managed as a single interface with one IP address. Network traffic is dynamically distributed across ports, so administration of data flowing across a given port is done automatically within the aggregated link. Using multiple ports in parallel provides redundancy and increases the link speed beyond the limits of any single port.

AH

Authentication header. A component of the IPSec protocol used to verify that the contents of a packet have not changed, and to validate the identity of the sender.

ALI

ATM line interface. Interface between Asynchronous Transfer Mode (ATM) and 3G systems.

See Also ATM.

ANSI

American National Standards Institute. The U.S. representative to the International Organization for Standardization (ISO).

APN

Access point name. When mobile stations connect to IP networks over a wireless network, the Gateway GPRS Support Node (GGSN) uses the APN to distinguish among the connected IP networks (known as APN networks). In addition to identifying these connected networks, an APN is also a configured entity that hosts the wireless sessions, which are called Packet Data Protocol (PDP) contexts.

APQ

Alternate priority queuing. Dequeuing method that has a special queue, similar to strict-priority queuing (SPQ), which is visited only 50% of the time. The packets in the special queue still have a predictable latency, although the upper limit of the delay is higher than that with SPQ. Since the other configured queues share the remaining 50% of the service time, queue starvation is usually avoided.

See Also SPQ.

APS

Automatic Protection Switching. Technology used by SONET add/drop multiplexers (ADMs) to protect against circuit faults between the ADM and a router and to protect against failing routers.

area

1. Routing subdomain that maintains detailed routing information about its own internal composition as well as routing information that allows it to reach other routing subdomains. In Intermediate System-to-Intermediate System Level 1 (IS-IS), an area corresponds to a Level 1 subdomain. 2. In IS-IS and Open Shortest Path First (OSPF), a set of contiguous networks and hosts within an Autonomous System (AS) that have been administratively grouped together.

ARP

Address Resolution Protocol. Protocol used for mapping IPv4 addresses to Media Access Control (MAC) addresses.

See Also NDP.

AS

Autonomous System. Set of routers under a single technical administration. Each AS normally uses a single Interior Gateway Protocol (IGP) and metrics to propagate routing information within the set of routers. Also called a routing domain.

ASBR

Autonomous System Boundary Router. In Open Shortest Path First (OSPF), a router that exchanges routing information with routers in other Autonomous Systems (ASs).

ASBR Summary LSA

OSPF link state advertisement (LSA) sent by an area border router (ABR) to advertise the router ID of an Autonomous System Boundary Router (ASBR) across an area boundary.

See Also ASBR.

AS external link advertisement

OSPF link state advertisement (LSA) sent by Autonomous System Boundary Routers (ASBRs) to describe external routes that they have detected. These LSAs are flooded throughout the Autonomous System (AS) (except for stub areas).

ASIC

Application-specific integrated circuit. Specialized processors that perform specific functions on the router.

ASM

Adaptive Services Module. On a Juniper Networks M7i router, provides the same functionality as the Adaptive Services PIC (ASP).

ASM

Any Source Multicast. A network that supports both one-to-many and many-to-many communication models. An ASM network must determine all the sources of a group and deliver all of them to interested subscribers.

ASP

Adaptive Services PIC.

See Also adaptive services.

AS path

In the Border Gateway Protocol (BGP), the route to a destination. The path consists of the Autonomous System (AS) numbers of all routers that a packet must go through to reach a destination.

ATM

Asynchronous Transfer Mode. A high-speed multiplexing and switching method utilizing fixed-length cells of 53 octets to support multiple types of traffic.

ATM-over-ADSL interface

Asynchronous Transfer Mode (ATM) interface used to send network traffic through a point-to-point connection to a DSL access multiplexer (DSLAM). ATM-over-ADSL interfaces are intended for asymmetrical digital subscriber line (ADSL) connections only, not for direct ATM connections.

atomic

Smallest possible operation. An atomic operation is performed either entirely or not at all. For example, if machine failure prevents a transaction from completing, the system is rolled back to the start of the transaction, with no changes taking place.

AUC

Authentication center. Part of the Home Location Register (HLR) in third-generation (3G) systems; performs computations to verify and authenticate a mobile phone user.

automatic policing

Policer that allows you to provide strict service guarantees for network traffic. Such guarantees are especially useful in the context of differentiated services for traffic-engineered label-switched paths (LSPs), providing better emulation for Asynchronous Transfer Mode (ATM) wires over a Multiprotocol Label Switching (MPLS) network.

auto-negotiation

Used by Ethernet devices to configure interfaces automatically. If interfaces support different speeds or different link modes (half duplex or full duplex), the devices attempt to settle on the lowest common denominator.

Autonomous System external link advertisement

OSPF link state advertisement (LSA) sent by Autonomous System Boundary Routers (ASBRs) to describe external routes that they have detected. These LSAs are flooded throughout the Autonomous System (AS) (except for stub areas).

Autonomous System path

In the Border Gateway Protocol (BGP), the route to a destination. The path consists of the Autonomous System (AS) numbers of all the routers a packet must pass through to reach a destination.

auto-RP

Method of electing and announcing the rendezvous point-to-group address mapping in a multicast network. JUNOS software supports this vendor-proprietary specification.

See Also RP.

backbone area

In Open Shortest Path First (OSPF), an area that consists of all networks in area ID 0.0.0.0, their attached routers, and all area border routers (ABRs).

backbone router

Open Shortest Path First (OSPF) router with all operational interfaces within area 0.0.0.0.

backplane

See midplane.

backup designated router

Open Shortest Path First (OSPF) router on a broadcast segment that monitors the operation of the designated router and takes over its functions if the designated router fails.

BA classifier

Behavior aggregate classifier. A method of classification that operates on a packet as it enters the router. The packet header contents are examined, and this single field determines the class-of-service (CoS) settings applied to the packet.

See Also multifield classifier.

bandwidth

Range of transmission frequencies a network can use, expressed as the difference between the highest and lowest frequencies of a transmission channel. In computer networks, greater bandwidth indicates a faster data transfer rate capacity.

bandwidth model

In Differentiated Services-aware traffic engineering, determines the value of the available bandwidth advertised by the Interior Gateway Protocols (IGPs).

bandwidth on demand

1. A technique to temporarily provide additional capacity on a link to handle bursts in data, videoconferencing, or other variable bit rate applications. Also called flexible bandwidth allocation. 2. On a Services Router, an Integrated Services Digital Network (ISDN) cost-control feature defining the bandwidth threshold that must be reached on links before a Services Router initiates additional ISDN data connections to provide more bandwidth.

B-channel

Bearer channel. A 64 Kbps channel used for voice or data transfer on an Integrated Services Digital Network (ISDN) interface.

See Also D-channel.

BECN

Backward explicit congestion notification. In a Frame Relay network, a header bit transmitted by the destination device requesting that the source device send data more slowly. BECN minimizes the possibility that packets will be discarded when more packets arrive than can be handled.

See Also FECN.

Bellman-Ford algorithm

Algorithm used in distance-vector routing protocols to determine the best path to all routes in the network.

BERT

Bit error rate test. A test that can be run on the following interfaces to determine whether they are operating properly: E1, E3, T1, T3, and channelized (DS3, OC3, OC12, and STM1) interfaces.

BFD

Bidirectional Forwarding Detection. A simple hello mechanism that detects failures in a network. Used with routing protocols to speed up failure detection.

BGP

Border Gateway Protocol. Exterior gateway protocol used to exchange routing information among routers in different Autonomous Systems (ASs).

bit field match conditions

Use of fields in the header of an IP packet as match criteria in a firewall filter.

bit rate

Number of bits transmitted per second.

BITS

Building Integrated Timing Source. Dedicated timing source that synchronizes all equipment in a particular building.

Blowfish

Unpatented, symmetric cryptographic method developed by Bruce Schneier and used in many commercial and freeware software applications. Blowfish uses variable-length keys of up to 448 bits.

BOOTP

Bootstrap protocol. A User Datagram Protocol (UDP)/IP-based protocol that allows a booting host to configure itself dynamically and without user supervision. BOOTP provides a means to notify a host of its assigned IP address, the IP address of a boot server host, and the name of a file to be loaded into memory and executed. Other configuration information, such as the local subnet mask, the local time offset, the addresses of default routers, and the addresses of various Internet servers, can also be communicated to a host using BOOTP.

bootstrap router

Single router in a multicast network responsible for distributing candidate rendezvous point (RP) information to all Physical Interface Module (PIM)-enabled routers.

BPDU

Bridge Protocol Data Unit. A Spanning Tree Protocol (STP) hello packet that is sent out at intervals to exchange information across bridges and detect loops in a network topology.

BRI

Basic Rate Interface. Integrated Services Digital Network (ISDN) interface intended for home and small enterprise applications. BRI consists of two 64 Kbps B-channels to carry voice or data, and one 16 Kbps D-channel for control and signaling.

See Also B-channel, D-channel.

bridge

Device that uses the same communications protocol to connect and pass packets between two network segments. A bridge operates at Layer 2 of the Open Systems Interconnection (OSI) reference model.

broadcast

Operation of sending network traffic from one network node to all other network nodes.

BSC

Base station controller. Key network node in third-generation (3G) systems that supervises the functioning and control of multiple base transceiver stations.

BSS

Base station subsystem. Composed of the base transceiver station (BTS) and base station controller (BSC).

BSSGP

Base Station System GPRS Protocol. Processes routing and quality-of-service (QoS) information for the base station subsystem (BSS).

BTS

Base transceiver station. Mobile telephony equipment housed in cabinets and collocated with antennas. (Also known as a radio base station.)

buffers

Memory space for handling data in transit. Buffers compensate for differences in processing speed between network devices and handle bursts of data until they can be processed by slower devices.

bundle

1. Multiple physical links of the same type, such as multiple asynchronous lines, or physical links of different types, such as leased synchronous lines and dial-up asynchronous lines. 2. Collection of software that makes up a JUNOS software release.

bypass LSP

Carries traffic for a label-switched path (LSP) whose link-protected interface has failed. A bypass LSP uses a different interface and path to reach the same destination.

CA

Certificate authority. A trusted third-party organization that creates, enrolls, validates, and revokes digital certificates. The CA guarantees a user’s identity and issues public and private keys for message encryption and decryption (coding and decoding).

CAC

Call admission control. In Differentiated Services-aware traffic engineering, checks for adequate bandwidth on the path before the label-switched path (LSP) is established. If the bandwidth is insufficient, the LSP is not established and an error is reported.

CAIDA

Cooperative Association for Internet Data Analysis. An association that provides tools and analyses promoting the engineering and maintenance of a robust, scalable Internet infrastructure. One tool, cflowd, allows you to collect an aggregate of sampled flows and send the aggregate to a specified host that runs the cflowd application available from CAIDA.

callback

Alternative feature to dial-in that enables a J Series services router to call back the caller from the remote end of a backup Integrated Services Digital Network (ISDN) connection. Instead of accepting a call from the remote end of the connection, the router rejects the call, waits a configured period of time, and calls a number configured on the router’s dialer interface.

See Also dial-in.

caller ID

Telephone number of the caller on the remote end of a backup Integrated Services Digital Network (ISDN) connection, used to dial in and to identify the caller. Multiple caller IDs can be configured on an ISDN dialer interface. During dial-in, the router matches the incoming call’s caller ID against the caller IDs configured on its dialer interfaces. Each dialer interface accepts calls only from callers whose caller IDs are configured on it.

CAMEL

Customized Applications of Mobile Enhanced Logic. An ETSI standard for GSM networks that enhances the provision of Intelligent Network services.

candidate configuration

File maintained by the JUNOS software containing changes to the router’s active configuration. This file becomes the active configuration when a user issues the commit command.

candidate RP advertisements

Information sent by routers in a multicast network when they are configured as a local rendezvous point (RP). This information is unicast to the bootstrap router for the multicast domain.

carrier-of-carriers VPN

Virtual private network (VPN) service supplied to a network service provider that is supplying either Internet service or VPN service to an end customer. For a carrier-of-carriers VPN, the customer’s sites are configured within the same Autonomous System (AS).

CB

Control Board. On a T640 routing node, part of the host subsystem that provides control and monitoring functions for router components.

CBC

Cipher block chaining. A mode of encryption using 64 or 128 bits of fixed-length blocks in which each block of plain text is XORed with the previous cipher text block before being encrypted.

See Also XOR.

CBR

Constant bit rate. For ATM1 and ATM2 intelligent queuing (IQ) interfaces, data that is serviced at a constant, repetitive rate. CBR is used for traffic that does not need to periodically burst to a higher rate, such as nonpacketized voice and audio.

CCC

Circuit cross-connect. A JUNOS software feature that allows you to configure transparent connections between two circuits. A circuit can be a Frame Relay data-link connection identifier (DLCI), an Asynchronous Transfer Mode (ATM) virtual channel, a Point-to-Point Protocol (PPP) interface, a Cisco High-Level Data Link Control (HDLC) interface, or a Multiprotocol Label Switching (MPLS) label-switched path (LSP).

CDMA

Code Division Multiple Access. Technology for digital transmission of radio signals between, for example, a mobile telephone and a base transceiver station (BTS).

CDMA2000

Radio transmission and backbone technology for the evolution to third-generation (3G) mobile networks.

CDR

Call Detail Record. A record containing data (such as origination, termination, length, and time of day) unique to a specific call.

CE device

Customer edge device. Router or switch in the customer’s network that is connected to a service provider’s provider edge (PE) router and participates in a Layer 3 virtual private network (VPN).

cell relay

Data transmission technology based on the use of small, fixed-size packets (cells) that can be processed and switched in hardware at high speeds. Cell relay is the basis for many high-speed network protocols, including Asynchronous Transfer Mode (ATM) and IEEE 802.6.

cell-relay mode

Layer 2 circuit transport mode that sends Asynchronous Transfer Mode (ATM) cells between ATM2 intelligent queuing (IQ) interfaces over a Multiprotocol Label Switching (MPLS) core network. You use Layer 2 circuit cell-relay transport mode to tunnel a stream of ATM cells over an MPLS or IP backbone.

See Also AAL5 mode, Layer 2 circuits, standard AAL5 mode, trunk mode.

cell tax

Physical transmission capacity used by header information when sending data packets in an Asynchronous Transfer Mode (ATM) network. Each ATM cell uses a 5-byte header.

CFEB

Compact Forwarding Engine Board. In M7i and M10i routers, provides route lookup, filtering, and switching to the destination port.

cflowd

Application available from CAIDA that collects an aggregate of sampled flows and sends the aggregate to a specified host running the cflowd application.

CFM

Cubic feet per minute. Measure of air flow in volume per minute.

channel

Communication circuit linking two or more devices. A channel provides an input/output interface between a processor and a peripheral device, or between two systems. A single physical circuit can consist of one or many channels, or two systems carried on a physical wire or wireless medium. For example, the dedicated channel between a telephone and the central office (CO) is a twisted-pair copper wire.

See Also frequency-division multiplexed channel, time-division multiplexed channel.

channel group

Combination of DS0 interfaces partitioned from a channelized interface into a single logical bundle.

channelized E1

A 2.048 Mbps interface that can be configured as a single clear-channel E1 interface or channelized into as many as 31 discrete DS0 interfaces. On most channelized E1 interfaces, time slots are numbered from 1 through 32, and time slot 1 is reserved for framing. On some legacy channelized E1 interfaces, time slots are numbered from 0 through 31, and time slot 0 is reserved for framing.

channelized interface

Interface that is a subdivision of a larger interface, minimizing the number of Physical Interface Cards (PICs) or Physical Interface Modules (PIMs) that an installation requires. On a channelized PIC or PIM, each port can be configured as a single clear channel or partitioned into multiple discrete T3, T1, E1, and DS0 interfaces, depending on the size of the channelized PIC or PIM.

channelized T1

A 1.544 Mbps interface that can be configured as a single clear-channel T1 interface or channelized into as many as 24 discrete DS0 interfaces. Time slots are numbered from 1 through 24.

CHAP

Challenge Handshake Authentication Protocol. A protocol that authenticates remote users. CHAP is a server-driven, three-step authentication mechanism that depends on a shared secret password that resides on both the server and the client.

chassisd

Chassis daemon. A JUNOS software process responsible for managing the interaction of the router’s physical components.

CIDR

Classless Inter-Domain Routing. A method of specifying Internet addresses in which you explicitly specify the bits of the address to represent the network address instead of determining this information from the first octet of the address.

CIP

Connector Interface Panel. On an M160 router, the panel that contains connectors for the routing engines (REs), BITS interfaces, and alarm relay contacts.

CIR

Committed information rate. The CIR specifies the average rate at which packets are admitted to the network. As each packet enters the network, it is counted. Packets that do not exceed the CIR are marked green, which corresponds to low loss priority. Packets that exceed the CIR but are below the peak information rate (PIR) are marked yellow, which corresponds to medium loss priority.

See Also trTCM, PIR.

Cisco-RP-Announce

Message advertised into a multicast network by a router configured as a local rendezvous point (RP) in an auto-RP network. A Cisco-RP-Announce message is advertised in Dense-mode Physical Interface Module (PIM) to the 224.0.1.39 multicast group address.

Cisco-RP-Discovery

Message advertised by the mapping agent in an auto-RP network. A Cisco-RP-Discovery message contains the rendezvous point (RP) to multicast group address assignments for the domain. It is advertised in Dense-mode Physical Interface Module (PIM) to the 224.0.1.40 multicast group address.

classification

In class of service (CoS), the examination of an incoming packet that associates the packet with a particular CoS servicing level. There are two kinds of classifiers: behavior aggregate (BA) and multifield.

See Also BA classifier, multifield classifier.

classifier

Method of reading a sequence of bits in a packet header or label and determining how the packet should be forwarded internally and scheduled (queued) for output.

class type

In Differentiated Services-aware traffic engineering, a collection of traffic flows that are treated equally in a Differentiated Services domain. A class type maps to a queue and is much like a class-of-service (CoS) forwarding class in concept. It is also known as a traffic class.

clear channel

Interface configured on a channelized Physical Interface Card (PIC) or Physical Interface Module (PIM) that operates as a single channel, does not carry signaling, and uses the entire port bandwidth.

CLEC

(Pronounced “see-lek.”) Competitive local exchange carrier. Company that competes with the already established local telecommunications business by providing its own network and switching.

CLEI

Common Language Equipment Identifier. Inventory code used to identify and track telecommunications equipment.

CLI

Command-line interface. Interface provided for configuring and monitoring the routing protocol software.

client peer

In a Border Gateway Protocol (BGP) route reflection, a member of a cluster that is not the route reflector.

See Also nonclient peer.

CLNP

Connectionless Network Protocol. An ISO-developed protocol for Open Systems Interconnection (OSI) connectionless network service. CLNP is the OSI equivalent of IP.

CLNS

Connectionless Network Service. A Layer 3 protocol, similar to Internet Protocol version 4 (IPv4). CLNS uses network service access points (NSAPs) instead of the prefix addresses found in IPv4 to specify end systems and intermediate systems.

cluster

In the Border Gateway Protocol (BGP), a set of routers that have been grouped together. A cluster consists of one system that acts as a route reflector, along with any number of client peers. The client peers receive their route information only from the route reflector system. Routers in a cluster do not need to be fully meshed.

CO

Central office. The local telephone company building that houses circuit-switching equipment used for subscriber lines in a given area.

code-point alias

Name assigned to a pattern of code-point bits. This name is used, instead of the bit pattern, in the configuration of other class-of-service (CoS) components, such as classifiers, drop-profile maps, and rewrite rules.

command completion

Function of a router’s command-line interface (CLI) that allows a user to enter only the first few characters in any command. Users access this function through the space bar or Tab key.

commit

JUNOS software command-line interface (CLI) configuration-mode command that saves changes made to a router configuration, verifies the syntax, applies the changes to the configuration currently running on the router, and identifies the resultant file as the current operational configuration.

commit script

Script that enforces custom configuration rules. A script runs each time a new candidate configuration is committed and inspects the configuration. If a configuration breaks your custom rules, the script can generate actions for the JUNOS software.

commit script macro

Sequence of commands that allows you to create custom configuration syntax to simplify the task of configuring a routing platform. By itself, your custom syntax has no operational impact on the routing platform. A corresponding commit script macro uses your custom syntax as input data for generating standard JUNOS configuration statements that execute your intended operation.

community

1. In the Border Gateway Protocol (BGP), a group of destinations that share a common property. Community information is included as one of the path attributes in BGP update messages. 2. In the Simple Network Management Protocol (SNMP), an authentication scheme that authorizes SNMP clients based on the source IP address of incoming SNMP packets, defines which Management Information Base (MIB) objects are available, and specifies the operations (read-only or read-write) allowed on those objects.

confederation

In the Border Gateway Protocol (BGP), a group of systems that appears to external Autonomous Systems (ASs) as a single AS.

configuration mode

JUNOS software mode that allows a user to alter the router’s current configuration.

Connect

Border Gateway Protocol (BGP) neighbor state in which the local router has initiated the Transmission Control Protocol (TCP) session and is waiting for the remote peer to complete the TCP connection.

constrained path

In traffic engineering, a path determined using the CSPF algorithm. The ERO carried in the Resource Reservation Protocol (RSVP) packets contains the constrained path information.

See Also ERO.

context node

Node that the Extensible Stylesheet Language for Transformations (XSLT) processor is currently examining. XSLT changes the context as it traverses the XML document’s hierarchy.

See Also XSLT.

context-sensitive help

Function of the router’s command-line interface (CLI) that allows a user to request information on the JUNOS software hierarchy. You can access context-sensitive help in both operational and configuration modes.

contributing routes

Active IP routes in the routing table that share the same most-significant bits and are more specific than an aggregate or generated route.

control plane

Virtual network path used to set up, maintain, and terminate data plane connections.

See Also data plane.

core

Central backbone of the network.

CoS

Class of service. Method of classifying traffic on a packet-by-packet basis using information in the type-of-service (ToS) byte to provide different service levels to different traffic.

cosd

Class-of-service (CoS) process that enables the routing platform to provide different levels of service to applications based on packet classifications.

CPE

Customer premises equipment. Telephone, modem, router, or other service provider equipment located at a customer site.

craft interface

Mechanisms used by a Communication Workers of America craftsperson to operate, administer, and maintain equipment or provision data communications. On a Juniper Networks router, the craft interface allows you to view status and troubleshooting information and perform system control functions.

CRL

Certificate revocation list. A list of digital certificates that have been invalidated, including the reasons for revocation and the names of the entities that issued them. A CRL prevents usage of digital certificates and signatures that have been compromised.

CRTP

Compressed Real-time Transport Protocol. Protocol that decreases the size of the IP, User Datagram Protocol (UDP), and Real-Time Transport Protocol (RTP) headers and works with reliable and fast point-to-point links for Voice over IP traffic. CRTP is defined in RFC 2508.

Crypto Accelerator Module

Processor card that speeds up certain cryptographic IP Security (IPSec) services on some J Series services routers. For the supported cryptographic algorithms, see the J Series documentation.

Crypto Officer

Superuser responsible for the proper operation of a router running JUNOS-FIPS software.

CSCP

Class Selector code point. Eight Differentiated Services code point (DSCP) values of the form xxx000 (where x can be 0 or 1). Defined in RFC 2474.

CSNP

Complete sequence number PDU. Packet that contains a complete list of all the label-switched paths (LSPs) in the Intermediate System-to-Intermediate System Level 1 (IS-IS) database.

CSP

Critical Security Parameter. On routers running JUNOS-FIPS software, a collection of cryptographic keys and passwords that must be protected at all times.

CSPF

Constrained Shortest Path First. A Multiprotocol Label Switching (MPLS) algorithm that has been modified to take into account specific restrictions when calculating the shortest path across the network.

CSU/DSU

Channel service unit/data service unit. A channel service unit connects a digital phone line to a multiplexer or other digital signal device. A data service unit connects a data terminating equipment (DTE) device to a digital phone line.

CVS

Concurrent Versions System. A widely used version control system for software development or data archives.

daemon

Background process that performs operations for the system software and hardware. Daemons normally start when the system software is booted, and run as long as the software is running. In the JUNOS software, daemons are also referred to as processes.

damping

Method of reducing the number of update messages sent between Border Gateway Protocol (BGP) peers, thereby reducing the load on these peers without adversely affecting the route convergence time for stable routes.

database description packet

Open Shortest Path First (OSPF) packet type used in the formation of an adjacency. The packet sends summary information about the local router’s database to the neighboring router.

data-MDT

Data-driven multicast distribution tree (MDT) tunnel. A multicast tunnel created and deleted based on defined traffic loads and designed to ease loading on the default MDT tunnel.

data packet

Chunk of data transiting the router from the source to a destination.

data plane

Virtual network path used to distribute data between nodes.

See Also control plane.

dcd

Device control process. A JUNOS software interface process (daemon).

DCE

Data circuit-terminating equipment. An RS-232C device, typically used for a modem or printer, or a network access and packet switching node.

D-channel

Delta channel. A circuit-switched channel that carries signaling and control for B-channels. In Basic Rate Interface (BRI) applications, it can also support customer packet data traffic at speeds up to 9.6 kbps.

See Also B-channel, BRI.

DCU

Destination class usage. A means of tracking traffic originating from specific prefixes on the customer edge router and destined for specific prefixes on the provider core router, based on the IP source and destination addresses.

DE

Discard-eligible bit. In a Frame Relay network, a header bit notifying devices on the network that traffic can be dropped during congestion to ensure the delivery of higher-priority traffic.

deactivate

Method of modifying the router’s active configuration. Portions of the hierarchy marked as inactive using this command are ignored during the router’s commit process as though they were not configured at all.

dead interval

Amount of time that an Open Shortest Path First (OSPF) router maintains a neighbor relationship before declaring that neighbor as no longer operational. The JUNOS software uses a default value of 40 seconds for this timer.

dead peer detection

See DPD.

default address

Router address that is used as the source address on unnumbered interfaces.

default route

Route used to forward IP packets when a more specific route is not present in the routing table. Often represented as 0.0.0.0/0, the default route is sometimes referred to as the route of last resort.

demand circuit

Network segment whose cost varies with usage, according to a service level agreement (SLA) with a service provider. Demand circuits limit traffic based on either bandwidth (bits or packets transmitted) or access time.

See Also multicast.

Dense mode

Method of forwarding multicast traffic to interested listeners. Dense mode forwarding assumes that most of the hosts on the network will receive the multicast data. Routers flood packets and prune unwanted traffic every three minutes.

DES
PROD: XREF below ("See also 3DES") is hardcoded and unresolved because there is no "3DES" entry in the glossary. --Tools

Data Encryption Standard. A method for encrypting information using a 56-bit key. Considered to be a legacy method and insecure for many applications.

See Also 3DES.

designated router

In Open Shortest Path First (OSPF), a router selected by other routers that is responsible for sending link state advertisements (LSAs) that describe the network, thereby reducing the amount of network traffic and the size of the routers’ topological databases.

destination prefix length

Number of bits of the network address used for the host portion of a Classless Inter-Domain Routing (CIDR) IP address.

DFC

Dynamic flow capture. Process of collecting packet flows that match a particular filter list to one or more content destinations using an on-demand control protocol that relays requests from one or more control sources.

DHCP

Dynamic Host Configuration Protocol. Allocates IP addresses dynamically so that they can be reused when no longer needed.

dial backup

Feature that reestablishes network connectivity through one or more backup Integrated Services Digital Network (ISDN) dialer interfaces after a primary interface fails. When the primary interface is reestablished, the ISDN interface is disconnected.

dialer filter

Stateless firewall filter that enables dial-on-demand routing backup when applied to a physical Integrated Services Digital Network (ISDN) interface and its dialer interface configured as a passive static route. The passive static route has a lower priority than dynamic routes. If all dynamic routes to an address are lost from the routing table and the router receives a packet for that address, the dialer interface initiates an ISDN backup connection and sends the packet over it.

See Also dial-on-demand routing (DDR) backup, floating static route.

dialer interface (dl)

Logical interface for configuring dialing properties and the control interface for a backup Integrated Services Digital Network (ISDN) connection.

dialer profile

Set of characteristics configured for the Integrated Services Digital Network (ISDN) dialer interface. Dialer profiles allow the configuration of physical interfaces to be separated from the logical configuration of dialer interfaces required for ISDN connectivity. This feature also allows physical and logical interfaces to be bound together dynamically on a per-connection basis.

dialer watch

Dial-on-demand routing (DDR) backup feature that provides reliable connectivity without relying on a dialer filter to activate the Integrated Services Digital Network (ISDN) interface. The ISDN dialer interface monitors the existence of each route on a watch list. If all routes on the watch list are lost from the routing table, dialer watch initiates the ISDN interface for failover connectivity.

See Also dial-on-demand routing (DDR) backup.

dial-in

Feature that enables J Series services routers to receive calls from the remote end of a backup Integrated Services Digital Network (ISDN) connection. The remote end of the ISDN call might be a service provider, a corporate central location, or a customer premises equipment (CPE) branch office. All incoming calls can be verified against caller IDs configured on the router’s dialer interface.

See Also callback.

dial-on-demand routing (DDR) backup

Feature that provides a J Series services router with full-time connectivity across an Integrated Services Digital Network (ISDN) line. When routes on a primary serial T1, E1, T3, E3, Fast Ethernet, or Point-to-Point Protocol over Ethernet (PPPoE) interface are lost, an ISDN dialer interface establishes a backup connection. To save connection time costs, the services router drops the ISDN connection after a configured period of inactivity. Services routers with ISDN interfaces support two types of DDR backup: on-demand routing with a dialer filter and with a dialer watch.

See Also dialer filter, dialer watch.

Differentiated Services-aware traffic engineering

Type of constraint-based routing that can enforce different bandwidth constraints for different classes of traffic. It can also perform call admission control (CAC) on each traffic engineering class when a label-switched path (LSP) is established.

Differentiated Services domain

Routers in a network that have Differentiated Services enabled.

Diffie-Hellman

Method of key exchange across a nonsecure environment, such as the Internet. The Diffie-Hellman algorithm negotiates a session key without sending the key itself across the network by allowing each party to pick a partial key independently and send part of it to each other. Each side then calculates a common key value. This is a symmetrical method and keys are typically used for only a short time, then discarded and regenerated.

DiffServ

Differentiated Services (based on RFC 2474). DiffServ uses the type-of-service (ToS) byte to identify different packet flows on a packet-by-packet basis. DiffServ adds a Class Selector code point (CSCP) and a Differentiated Services code point (DSCP).

DiffServ-aware

Paradigm that gives different treatment to traffic based on the experimental (EXP) bits in the Multiprotocol Label Switching (MPLS) label header and allows you to provide multiple classes of service (CoS).

digital certificate

Electronic file based on private and public key technology that verifies the identity of the certificate’s holder to protect data exchanged online. Digital certificates are issued by a certificate authority (CA).

Dijkstra algorithm

See SPF.

DIMM

Dual inline memory module. A 168-pin memory module that supports 64-bit data transfer.

direct routes

See interface routes.

disable

Method of modifying the router’s active configuration. When portions of the hierarchy are marked as disabled (mainly router interfaces), the router uses the configuration but ignores the disabled portions.

discard

JUNOS software syntax command used in a routing policy or a firewall filter. The command halts the logical processing of the policy or filter when a set of match conditions is met. The specific route or IP packet is dropped from the network silently. It can also be a next hop attribute assigned to a route in the routing table.

distance-vector

Method used in Bellman-Ford routing protocols to determine the best path to all routers in the network. Each router determines the distance (metric) to the destination and the vector (next hop) to follow.

Distributed Buffer Manager ASIC

Juniper Networks ASIC responsible for managing the router’s packet storage memory.

DLCI

Data-link connection identifier. Identifier for a Frame Relay virtual connection (also called a logical interface).

DLSw

Data link switching. Method of tunneling IBM System Network Architecture (SNA) and NetBIOS traffic over an IP network. (The JUNOS software does not support NetBIOS.)

See Also tunneling protocol.

DLSw circuit

Path formed by establishing data link control (DLC) connections between an end system and a local router configured for DLSw. Each DLSw circuit is identified by the circuit ID that includes the end system Media Access Control (MAC) address, local service access point (LSAP), and DLC port ID. Multiple DLSw circuits can operate over the same DLSw connection.

DLSw connection

Set of Transmission Control Protocol (TCP) connections between two data link switching (DLSw) peers that is established after the initial handshake and successful capabilities exchange.

DNS

Domain Name System. A system that stores information about hostnames and domain names. DNS provides an IP address for each hostname, and lists the email exchange servers accepting email addresses for each domain.

DoS

Denial of service. A system security breach in which network services become unavailable to users.

DPD

Dead peer detection. Protocol that recognizes the loss of the primary IPSec Internet Key Exchange (IKE) peer and establishes a secondary IPSec tunnel to a backup peer.

DRAM

Dynamic random access memory. Storage source on the router that can be accessed quickly by a process.

drop probability

Percentage value that expresses the likelihood that an individual packet will be dropped from the network.

See Also drop profile.

drop profile

Mechanism of random early detection (RED) that defines parameters that allow packets to be dropped from the network. When you configure drop profiles, there are two important values: the queue fullness and the drop probability.

See Also drop probability, queue fullness, RED.

DSAP

Destination service access point. Service access point (SAP) that identifies the destination for which a Logical Link Control Protocol Data Unit (LPDU) is intended.

DS0

Digital signal level 0. In T-carrier systems, a basic digital signaling rate of 64 Kbps. The DS0 rate forms the basis for the North American digital multiplex transmission hierarchy.

DS1

Digital signal level 1. In T-carrier systems, a digital signaling rate of 1.544 Mbps. A standard used in telecommunications to transmit voice and data among devices. Also known as T1.

See Also T1.

DS3

Digital signal level 3. In T-carrier systems, a digital signaling rate of 44.736 Mbps. This level of carrier can transport 28 DS1-level signals and 672 DS0-level channels within its payload. Also known as T3.

See Also T3.

DSCP

Differentiated Services code point or DiffServ code point. Values for a 6-bit field defined for IPv4 and IPv6 packet headers that can be used to enforce class-of-service (CoS) distinctions in routers.

DSU

Data service unit. A device used to connect data terminal equipment (DTE) to a digital phone line. DSU converts digital data from a router to voltages and encoding required by the phone line.

See Also CSU/DSU.

DTCP

Dynamic Tasking Control Protocol. A means of communicating filter requests and acknowledgments between one or more clients and a monitoring platform, used in dynamic flow capture (DFC) and flow-tap configurations. The protocol is defined in Internet draft draft-cavuto-dtcp-00.txt.

DTD

Document type definition. Defines the elements and structure of an Extensible Markup Language (XML) document or data set.

DTE

Data terminal equipment. An RS-232-C interface that a computer uses to exchange information with a serial device.

DVMRP

Distance Vector Multicast Routing Protocol. Distributed multicast routing protocol that dynamically generates IP multicast delivery trees using a technique called reverse-path multicasting (RPM) to forward multicast traffic to downstream interfaces.

DWDM

Dense wavelength-division multiplexing. Technology that enables data from different sources to be carried together on an optical fiber, with each signal carried on its own separate wavelength.

dynamic label-switched path

Multiprotocol Label Switching (MPLS) network path established by signaling protocols such as the Resource Reservation Protocol (RSVP) and Label Distribution Protocol (LDP).

E1

High-speed WAN digital communications protocol that operates at a rate of 2.048 Mbps.

E3

High-speed WAN digital communications protocol that operates at a rate of 34.368 Mbps and uses time-division multiplexing to carry 16 E1 circuits.

EAL3

Common Criteria Evaluation Assurance Level 3. Evaluation Assurance Level is an assurance and compliance requirement defined by Common Criteria. Higher levels have more stringent requirements.

EBGP

External BGP. A Border Gateway Protocol (BGP) configuration in which sessions are established between routers in different Autonomous Systems (ASs).

E-carrier

E stands for European. Standards that form part of the Synchronous Digital Hierarchy (SDH), in which groups of E1 circuits are bundled onto higher-capacity E3 links between telephone exchanges or countries. E-carrier standards are used just about everywhere in the world except North America and Japan, and are incompatible with the T-carrier standards.

ECC

Error checking and correction. The process of detecting errors during the transmission or storage of digital data and correcting them automatically. This usually involves sending or storing extra bits of data according to specified algorithms.

ECSA

Exchange Carriers Standards Association. A standards organization created after the divestiture of the Bell System to represent the interests of interexchange carriers.

edge router

In Multiprotocol Label Switching (MPLS), a router located at the beginning or end of a label-switching tunnel. An edge router at the beginning of a tunnel applies labels to new packets entering the tunnel. An edge router at the end of a tunnel removes labels from packets exiting the tunnel.

See Also MPLS.

editor macros (Emacs)

Shortcut keystrokes used within the router’s command-line interface (CLI). These macros move the cursor and delete characters based on the sequence you specify.

EGP

Exterior Gateway Protocol; an example is the Border Gateway Protocol (BGP).

egress router

In Multiprotocol Label Switching (MPLS), the last router in a label-switched path (LSP).

See Also ingress router.

EIA

Electronic Industries Association. A U.S. trade group that represents manufacturers of electronic devices and sets standards and specifications.

EIA-530

Serial interface that employs the EIA-530 standard for the interconnection of data terminating equipment (DTE) and data circuit-terminating equipment (DCE).

EIR

Equipment identity register. A mobile network database that contains information about devices using the network.

embedded OS software

Software used by a Juniper Networks router to operate the physical router components.

EMI

Electromagnetic interference. Any electromagnetic disturbance that interrupts, obstructs, or otherwise degrades or limits the effective performance of electronics or electrical equipment.

end system

In Intermediate System-to-Intermediate System Level 1 (IS-IS), a network entity that sends and receives packets.

EPD

Early packet discard. For ATM2 interfaces only, a limit on the number of transmit packets that can be queued. Packets that exceed the limit are dropped.

See Also queue length.

ERO

Explicit Route Object. An extension to the Resource Reservation Protocol (RSVP) that allows an RSVP PATH message to traverse an explicit sequence of routers that is independent of conventional shortest-path IP routing.

ESD

Electrostatic discharge. Stored static electricity that can damage electronic equipment and impair electrical circuitry when released.

ES-IS

End System-to-Intermediate System. Protocol that resolves Layer 3 ISO network service access points (NSAPs) to Layer 2 addresses. ES-IS resolution is similar to the way the Address Resolution Protocol (ARP) resolves Layer 2 addresses for IPv4.

ESP

Encapsulating Security Payload. A protocol for securing packet flows for IPSec using encryption, data integrity checks, and sender authentication, which are added as a header to an IP packet. If an ESP packet is successfully decrypted, and no other party knows the secret key the peers share, the packet was not wiretapped in transit.

See Also AH.

Established

Border Gateway Protocol (BGP) neighbor state that represents a fully functional BGP peering session.

Ethernet

Local area network (LAN) technology used for transporting information from one location to another, formalized in the IEEE standard 802.3. Ethernet uses either coaxial cable or twisted-pair cable. Transmission speeds for data transfer range from the original 10 Mbps, to Fast Ethernet at 100 Mbps, to Gigabit Ethernet at 1000 Mbps.

ETSI

European Telecommunications Standardization Institute. A nonprofit organization that produces voluntary telecommunications standards used throughout Europe.

eventd

Event policy process that performs configured actions in response to events on a routing platform that trigger system log messages.

exact

JUNOS software routing policy match type that represents only the route specified in a route filter.

exception packet

IP packet that is not processed by the normal packet flow through the Packet Forwarding Engine. Exception packets include local delivery information, expired Time to Live (TTL) packets, and packets with an IP option specified.

Exchange

Open Shortest Path First (OSPF) adjacency state in which two neighboring routers are actively sending database description packets to each other to exchange their database contents.

EXP bits

Experimental bits, also known as the class-of-service (CoS) bits, located in each Multiprotocol Label Switching (MPLS) label and used to encode the CoS value of a packet as it traverses a label-switched path (LSP).

export

Placing of routes from the routing table into a routing protocol.

ExStart

Open Shortest Path First (OSPF) adjacency state in which the neighboring routers negotiate to determine which router is in charge of the synchronization process.

Extensible Markup Language

See XML.

external metric

Cost included in a route when Open Shortest Path First (OSPF) exports route information from external Autonomous Systems (ASs). There are two types of external metrics: Type 1 and Type 2. Type 1 external metrics are equivalent to the link-state metric; that is, the cost of the route, used in the internal AS. Type 2 external metrics are greater than the cost of any path internal to the AS.

FA

Forwarding adjacency. Resource Reservation Protocol (RSVP) label-switched path (LSP) tunnel through which one or more other RSVP LSPs can be tunneled.

fabric schedulers

Identify a packet as high or low priority based on its forwarding class, and associate schedulers with the fabric priorities.

failover

Process by which a standby or secondary system component automatically takes over the functions of an active or primary component when the primary component fails or is temporarily shut down or removed for servicing. During failover, the system continues to perform normal operations with little or no interruption in service.

See Also GRES.

Fast Ethernet

Term encompassing a number of Ethernet standards that carry traffic at the nominal rate of 100 Mbps, instead of the original Ethernet speed of 10 Mbps.

See Also Ethernet, Gigabit Ethernet.

fast port

Fast Ethernet port on a J4300 services router, and either a Fast Ethernet port or DS3 port on a J6300 services router. Only enabled ports are counted. A two-port Fast Ethernet Physical Interface Module (PIM) with one enabled port counts as one fast port. The same PIM with both ports enabled counts as two fast ports.

fast reroute

Mechanism for automatically rerouting traffic on a label-switched path (LSP) if a node or link in an LSP fails, thus reducing the loss of packets traveling over the LSP.

FBF

Filter-based forwarding. A filter that classifies packets to determine their forwarding path within a router. FBF is used to redirect traffic for analysis.

FCS

Frame check sequence. A calculation that is added to a frame for error control. FCS is used in High-level Data Link Control (HDLC), Frame Relay, and other Data Link layer protocols.

FDDI

Fiber Distributed Data Interface. A set of ANSI protocols for sending digital data over fiber-optic cable. FDDI networks are token-passing networks, and support data rates of up to 100 Mbps (100 million bits). FDDI networks are typically used as backbones for WANs.

FEAC

Far-end alarm and control. A T3 signal used to send alarm or status information from the far-end terminal back to the near-end terminal, and to initiate T3 loopbacks at the far-end terminal from the near-end terminal.

FEB

Forwarding Engine Board. In M5 and M10 routers, provides route lookup, filtering, and switching to the destination port.

FEC

Forwarding equivalence class. Criterion used to forward a set of packets, with similar or identical characteristics, using the same Multiprotocol Label Switching (MPLS) label. Forwarding equivalence classes are defined in the base Label Distribution Protocol (LDP) specification and can be extended through the use of additional parameters. FECs are also represented in other LDPs.

FECN

Forward explicit congestion notification. In a Frame Relay network, a header bit transmitted by the source device requesting that the destination device slow down its requests for data. FECN and backward explicit congestion notification (BECN) minimize the possibility that packets will be discarded when more packets arrive than can be handled.

See Also BECN.

FIFO

First in, first out. Scheduling method in which the first data packet stored in the queue is the first data packet removed from the queue. All JUNOS software interface queues operate in this mode by default.

filter

Process or device that screens packets based on certain characteristics, such as source address, destination address, or protocol, and forwards or discards packets that match the filter. Filters are used to control data packets or local packets.

See Also packet.

FIPS

Federal Information Processing Standards. Defines, among other things, security levels for computer and networking equipment. FIPS is usually applied to military environments.

firewall

Security gateway positioned between two networks, usually between a trusted network and the Internet. A firewall ensures that all traffic that crosses it conforms to the organization’s security policy. Firewalls track and control communications, deciding whether to pass, reject, discard, encrypt, or log them. Firewalls also can be used to secure sensitive portions of a local network.

firewall filter

See stateful firewall filter.

firmware

Instructions and data programmed directly into the circuitry of a hardware device for the purpose of controlling the device. Firmware is used for vital programs that must not be lost when the device is powered off.

first in, first out

See FIFO.

flap damping

See damping.

flapping

See route flapping.

flash drive

Non-volatile memory card in Juniper Networks M Series and T Series routing platforms used for storing a copy of the JUNOS software and the current and most recent router configurations. It also typically acts as the primary boot device.

Flexible PIC Concentrator

See FPC.

floating static route

Route with an administrative distance greater than the administrative distance of the dynamically learned versions of the same route. The static route is used only when the dynamic routes are no longer available. When a floating static route is configured on an interface with a dialer filter, the interface can be used for backup.

flood and prune

Method of forwarding multicast data packets in a Dense-mode network. Flooding and pruning occur every three minutes.

flow

Stream of routing information and packets that are handled by the Routing Engine (RE) and the Packet Forwarding Engine (PFE). The RE handles the flow of routing information between the routing protocols and the routing tables and between the routing tables and the forwarding tables, as well as the flow of local packets from the router physical interfaces to the RE. The PFE handles the flow of data packets into and out of the router’s physical interfaces.

flow collection interface

Interface that combines multiple cflowd records into a compressed ASCII data file and exports the file to an FTP server for storage and analysis, allowing users to manipulate the output from traffic monitoring operations.

flow control action

JUNOS software syntax used in a routing policy or firewall filter. It alters the default logical processing of the policy or filter when a set of match conditions is met.

flow monitoring

Application that monitors the flow of traffic and enables lawful interception of packets transiting between two routers. Traffic flows can be passively monitored by an offline router or actively monitored by a router participating in the network.

flow-tap application

Application that uses Dynamic Tasking Control Protocol (DTCP) requests to intercept IPv4 packets in an active monitoring router and send a copy of packets that match filter criteria to one or more content destinations. Flow-tap configurations can be used in flexible trend analysis for detecting new security threats and lawfully intercepting data.

forwarding classes

Affect the forwarding, scheduling, and marking policies applied to packets as they transit a routing platform. The forwarding class plus the loss priority define the per-hop behavior. Also known as ordered aggregates in the IETF Differentiated Services architecture.

forwarding table

JUNOS software forwarding information base. The JUNOS routing protocol process installs active routes from its routing tables into the routing engine (RE) forwarding table. The kernel copies this forwarding table into the Packet Forwarding Engine (PFE), which determines which interface transmits the packets.

FPC

Flexible PIC Concentrator. An interface concentrator on which Physical Interface Cards (PICs) are mounted. An FPC is inserted into a slot in a Juniper Networks router.

See Also PIC.

fractional E1

Interface that contains one or more of the 32 DS0 time slots that can be reserved from an E1 interface. (The first time slot is reserved for framing.)

fractional interface

Interface that contains one or more DS0 time slots reserved from an E1 or T1 interface. Fractional interfaces allow service providers to provision part of an E1 or T1 interface to one customer and the other part to another customer. The individual fractional interfaces connect to different destinations, and customers pay for only the bandwidth fraction used and not for the entire E1 or T1 interface.

Fractional interfaces can be configured on both channelized Physical Interface Cards (PICs) and Physical Interface Modules (PIMs) and unchannelized, regular E1 and T1 PICs and PIMs.

fractional T1

Interface that contains one or more of the 24 DS0 time slots that can be reserved from a T1 interface.

fragmentation

In the Transmission Control Protocol/Internet Protocol (TCP/IP), the process of breaking packets into the smallest maximum size packet data unit (PDU) supported by any of the underlying networks. In the OSI reference model, this process is known as segmentation. For JUNOS applications, split Layer 3 packets can then be encapsulated in Multilink Frame Relay (MLFR) or the Multilink Point-to-Point Protocol (MLPPP) for transport.

Frame Relay

Efficient replacement for the older X.25 protocol that does not require explicit acknowledgment of each frame of data. Frame Relay allows private networks to reduce costs by using shared facilities between the endpoint switches of a network managed by a Frame Relay service provider. Individual data-link connection identifiers (DLCIs) are assigned to ensure that each customer receives only its own traffic.

frequency-division multiplexed channel

Signals carried at different frequencies and transmitted over a single wire or wireless medium.

FRF

Frame Relay Forum. A technical committee that promotes Frame Relay by negotiating agreements and developing standards.

FRF.15

End-to-end Frame Relay Implementation Agreement. An implementation of Multilink Frame Relay (MLFR) using multiple virtual connections to aggregate logical bandwidth for end-to-end Frame Relay. Released by the Frame Relay Forum.

FRF.16

Multilink Frame Relay Implementation Agreement. An implementation of Multilink Frame Relay (MLFR) in which a single logical connection is provided by multiplexing multiple physical interfaces for user-to-network interface and network-to-network interface (UNI/NNI) connections. Released by the Frame Relay Forum.

FRU

Field Replaceable Unit. A router component that customers can replace onsite.

FTP

File Transfer Protocol. Application protocol that is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol stack. Used for transferring files among network nodes. FTP is defined in RFC 959.

Full

Open Shortest Path First (OSPF) adjacency state that represents a fully functional neighbor relationship.

fxp0

See management Ethernet interface.

fxp1

JUNOS software permanent interface used for communications between the routing engine (RE) and the Packet Forwarding Engine (PFE). This interface is not present in all routers.

fxp2

JUNOS software permanent interface used for communications between the routing engine (RE) and the Packet Forwarding Engine (PFE). This interface is not present in all routers.

Garbage Collection Timer

Timer used in a distance-vector network that represents the time remaining before a route is removed from the routing table.

G-CDR

GGSN call detail record. Collection of charges in ASN.1 format that is eventually billed to a mobile station user.

generated route

Summary route that uses an IP address next hop to forward packets in an IP network. A generated route is functionally similar to an aggregated route.

GGSN

Gateway GPRS support node. A router that serves as a gateway between mobile networks and packet data networks.

Gigabit Ethernet

Term describing various technologies for implementing Ethernet networking at a nominal speed of one gigabit per second. Gigabit Ethernet is supported over both optical fiber and twisted-pair cable. Physical layer standards include 1000Base-T, 1 Gbps over CAT-5e copper cabling, and 1000Base-SX for short to medium distances over fiber.

See Also Ethernet, Fast Ethernet.

GMPLS

Generalized Multiprotocol Label Switching. A protocol that extends the functionality of Multiprotocol Label Switching (MPLS) to include a wider range of label-switched path (LSP) options for a variety of network devices.

GPRS

General Packet Radio System. A packet-switched service that allows full mobility and wide-area coverage as information is sent and received across a mobile network.

Graceful Restart

Process that allows a router whose control plane is undergoing a restart to continue to forward traffic while recovering its state from neighboring routers. Without Graceful Restart, a control plane restart disrupts services provided by the router.

graceful switchover

JUNOS software feature that allows a change from the primary device, such as a routing engine (RE), to the backup device without interruption of packet forwarding.

gratuitous

ARP broadcast request for a router’s own IP address to check whether that address is being used by another node. Primarily used to detect IP address duplication.

GRE

Generic Routing Encapsulation. A general tunneling protocol that can encapsulate many types of packets to enable data transmission through a tunnel. GRE is used with IP to create a virtual point-to-point link to routers at remote points in a network.

See Also tunneling protocol.

GRES

Graceful Routing Engine Switchover. In a router that contains a master and a backup routing engine (RE), allows the backup RE to assume mastership automatically, with no disruption of packet forwarding.

group

Collection of related Border Gateway Protocol (BGP) peers.

group address

IP address used as the destination address in a multicast IP packet. The group address functionally represents the senders and interested receivers for a particular multicast data stream.

G.SHDSL

Symmetric high-speed digital subscriber line (SHDSL). Standard published in 2001 by the ITU-T with recommendation ITU G.991.2 G.SHDSL. G.SHDSL incorporates features of other DSL technologies such as asymmetrical DSL (ADSL).

See Also SHDSL, ADSL.

GSM

Global System for Mobile Communications. A second-generation (2G) mobile wireless networking standard defined by ETSI that uses TDMA technology and operates in the 900 MHz radio band.

See Also TDMA.

GTP

GPRS tunneling protocol. A protocol that transports IP packets between an SGSN and a GGSN.

See Also tunneling protocol.

GTP-C

GGSN tunneling protocol, control. A protocol that allows an SGSN to establish packet data network access for a mobile station.

See Also tunneling protocol.

GTP-U

GGSN tunneling protocol, user plane. A protocol that carries mobile station user data packets.

See Also tunneling protocol.

hashing

Cryptographic technique applied over and over (iteratively) to a message of arbitrary length to produce a hash “message digest” or “signature” of fixed length that is appended to the message when it is sent. In security, used to validate that the contents of a message have not been altered in transit. The Secure Hash Algorithm (SHA-1) and Message Digest 5 (MD5) are commonly used hashes.

See Also SHA-1, MD5.

HDLC

High-Level Data Link Control. An International Telecommunication Union (ITU) standard for a bit-oriented Data Link layer protocol on which most other bit-oriented protocols are based.

health monitor

JUNOS software extension to the RMON alarm system that provides predefined monitoring for filesystem, CPU, and memory usage. The health monitor also supports unknown or dynamic object instances such as JUNOS processes.

hello interval

Amount of time an Open Shortest Path First (OSPF) router continues to send a hello packet to each adjacent neighbor.

hello mechanism

Process used by a Resource Reservation Protocol (RSVP) router to enhance the detection of network outages in a Multiprotocol Label Switching (MPLS) network.

HLR

Home Location Register. Database containing information about a subscriber and the current location of a subscriber’s mobile station.

HMAC

Hashed Message Authentication Code. A mechanism for message authentication that uses cryptographic hash functions. HMAC can be used with any iterative cryptographic hash function—for example, Message Digest 5 (MD5) or Secure Hash Algorithm (SHA-1)—in combination with a secret shared key. The cryptographic strength of HMAC depends on the properties of the underlying hash function. Defined in RFC 2104, “HMAC: Keyed-Hashing for Message Authentication.”

hold down

Timer used by distance-vector protocols to prevent the propagation of incorrect routing knowledge to other routers in the network.

hold time

Maximum number of seconds allowed to elapse between successive keepalive or update messages that a Border Gateway Protocol (BGP) system receives from a peer.

host membership query

Internet Group Management Protocol (IGMP) packet sent by a router to determine whether interested receivers exist on a broadcast network for multicast traffic.

host membership report

Internet Group Management Protocol (IGMP) packet sent by an interested receiver for a particular multicast group address. Hosts send report messages when they first join a group or in response to a query packet from the local router.

host module

On an M160 router, provides the routing and system management functions of the router. Consists of the routing engine (RE) and Miscellaneous Control Subsystem (MCS).

host subsystem

On a T640 routing node, provides the routing and system management functions of the router. Consists of a routing engine (RE) and an adjacent Control Board (CB).

hot standby

In JUNOS, method used with link services intelligent queuing interfaces (LSQs) to enable rapid switchover between primary and secondary (backup) Physical Interface Cards (PICs).

See Also warm standby.

HSCSD

High-Speed Circuit Switched Data. Circuit-switched wireless data transmission for mobile users, at data rates up to 38.4 Kbps.

HTTP

Hypertext Transfer Protocol. Method used to publish and receive information on the Web, such as text and graphics files.

HTTPS

Hypertext Transfer Protocol over Secure Sockets Layer. Similar to HTTP, with an added encryption layer that encrypts and decrypts user page requests and pages that are returned by a web server. Used for secure communication, such as payment transactions.

IANA

Internet Assigned Numbers Authority. A regulatory group that maintains all assigned and registered Internet numbers, such as IP and multicast addresses.

IBGP

Internal BGP. A Border Gateway Protocol (BGP) configuration in which sessions are established between routers in the same Autonomous System (AS).

ICMP

Internet Control Message Protocol. Used in router discovery, ICMP allows router advertisements that enable a host to discover addresses of operating routers on the subnet.

IDE

Integrated Drive Electronics. Type of hard disk on a routing engine (RE).

IDEA

International Data Encryption Algorithm. An algorithm that uses a 128-bit key and is one of the methods at the heart of Pretty Good Privacy (PGP). IDEA is patented by Ascom Tech AG and is popular in Europe.

Idle

Initial Border Gateway Protocol (BGP) neighbor state in which the local router refuses all incoming session requests.

IDS

Intrusion detection service. A service that inspects all inbound and outbound network activity and identifies suspicious patterns that may indicate a network or system attack from someone attempting to break into or compromise a system.

IEC

International Electrotechnical Commission.

See Also ISO.

IEEE

Institute of Electrical and Electronics Engineers. An international professional society for electrical engineers.

IETF

Internet Engineering Task Force. An international community of network designers, operators, vendors, and researchers concerned with the evolution of Internet architecture and the smooth operation of the Internet.

I-frame

Information frame used to transfer data in sequentially numbered logical link control Protocol Data Units (LPDUs) between link stations.

IGMP

Internet Group Management Protocol. Used with multicast protocols to determine whether group members are present.

IGP

Interior Gateway Protocol, such as Intermediate System to Intermediate System Level 1 (IS-IS), Open Shortest Path First (OSPF), and the Routing Information Protocol (RIP).

IKE

Internet Key Exchange. Part of IPSec that provides ways to securely negotiate the shared private keys that the authentication header (AH) and Encapsulating Security Payload (ESP) portions of IPSec need to function properly. IKE employs Diffie-Hellman methods and is optional in IPSec (the shared keys can be entered manually at the endpoints).

ILMI

Integrated Local Management Interface. A specification developed by the ATM Forum that incorporates network management capabilities into the Asynchronous Transfer Mode (ATM) user-to-network interface (UNI) and provides bidirectional exchange of management information between UNI management entities (UMEs).

IMEI

International Mobile Station Equipment Identity. A unique code used to identify an individual mobile station to a GSM network.

import

Installation of routes from the routing protocols into a routing table.

IMSI

International Mobile Subscriber Identity. Information that identifies a particular subscriber to a GSM network.

IMT-2000

International Mobile Telecommunications 2000. Global standard for third-generation (3G) wireless communications, defined by a set of interdependent ITU recommendations. IMT-2000 provides a framework for worldwide wireless access by linking the diverse systems of terrestrial and satellite-based networks.

inet.0

Default JUNOS software routing table for IPv4 unicast routers.

inet.1

Default JUNOS software routing table for storing the multicast cache for active data streams in the network.

inet.2

Default JUNOS software routing table for storing unicast IPv4 routes specifically used to prevent forwarding loops in a multicast network.

inet.3

Default JUNOS software routing table for storing the egress IP address of a Multiprotocol Label Switching (MPLS) label-switched path.

inet.4

Default JUNOS software routing table for storing information generated by the Multicast Source Discovery Protocol (MSDP).

inet6.0

Default JUNOS software routing table for storing unicast IPv6 routes.

infinity metric

Metric value used in distance-vector protocols to represent an unusable route. For the Routing Information Protocol (RIP), the infinity metric is 16.

ingress router

In Multiprotocol Label Switching (MPLS), the first router in a label-switched path (LSP).

See Also egress router.

Init

Open Shortest Path First (OSPF) adjacency state in which the local router has received a hello packet but bidirectional communication is not yet established.

insert

JUNOS software command that allows a user to reorder terms in a routing policy or a firewall filter, or to change the order of a policy chain.

instance.inetflow.0

Routing table that shows route flows through the Border Gateway Protocol (BGP).

inter-AS routing

Routing of packets among different Autonomous Systems (ASs).

See Also EBGP.

intercluster reflection

In a Border Gateway Protocol (BGP) route reflection, the redistribution of routing information by a route reflector system to all nonclient peers (BGP peers not in the cluster).

See Also route reflection.

interface cost

Value added to all received routes in a distance-vector network before they are placed into the routing table. The JUNOS software uses a cost of 1 for this value.

interface preservation

See link-state replication.

interface routes

Routes that are in the routing table because an interface has been configured with an IP address. Also called direct routes.

intermediate system

In Intermediate System-to-Intermediate System Level 1 (IS-IS), the network entity that sends and receives packets and can also route packets.

Internet Processor ASIC

Juniper Networks ASIC responsible for using the forwarding table to make routing decisions within the Packet Forwarding Engine (PFE). The Internet Processor ASIC also implements firewall filters.

interprovider VPN

Virtual private network (VPN) that provides connectivity between separate Autonomous Systems (ASs) with separate border edge routers. It is used by VPN customers who have connections to several different Internet service providers (ISPs), or different connections to the same ISP in different geographic regions, each of which has a different AS.

intra-AS routing

Routing of packets within a single Autonomous System (AS).

See Also IBGP.

I/O Manager ASIC

Juniper Networks ASIC responsible for segmenting data packets into 64-byte J-cells and for queuing resultant cells before transmission.

IP

Internet Protocol. The protocol used for sending data from one point to another on the Internet.

IPCP

IP Control Protocol. Protocol that establishes and configures IP over the Point-to-Point Protocol (PPP).

IPSec

IP Security. A standard way to add security to Internet communications. The secure aspects of IPSec are usually implemented in three parts: the authentication header (AH), the Encapsulating Security Payload (ESP), and the Internet Key Exchange (IKE).

IQ

Intelligent queuing. M Series and T Series routing platform interfaces that offer granular quality-of-service (QoS) capabilities; extensive statistics on packets and bytes that are transmitted, received, or dropped; and embedded diagnostic tools.

IRDP

ICMP Router Discovery Protocol. A protocol that enables a host to determine the address of a router that it can use as a default gateway.

ISAKMP

Internet Security Association and Key Management Protocol. A protocol that allows the receiver of a message to obtain a public key and use digital certificates to authenticate the sender’s identity. ISAKMP is key-exchange-independent; that is, it supports many different key exchanges.

See Also IKE, Oakley.

ISDN

Integrated Services Digital Network. A set of digital communications standards that enable the transmission of information over existing twisted-pair telephone lines at higher speeds than standard analog telephone service. An ISDN interface provides multiple B-channels (bearer channels) for data and one D-channel for control and signaling information.

See Also B-channel, D-channel.

IS-IS

Intermediate System-to-Intermediate System. A link-state, interior gateway routing protocol for IP networks that also uses the Shortest Path First (SPF) algorithm to determine routes.

ISO

International Organization for Standardization. A worldwide federation of standards bodies that promotes international standardization and publishes international agreements as International Standards.

ISP

Internet service provider. Company that provides access to the Internet and related services.

ITU-T

International Telecommunication Union Telecommunication Standardization (formerly known as the CCITT). Group supported by the United Nations that makes recommendations and coordinates the development of telecommunications standards for the entire world.

ITU-T Rec. G.992.1

International standard that defines the asymmetrical digital subscriber line (ADSL). Annex A defines how ADSL works over twisted-pair copper (POTS) lines. Annex B defines how ADSL works over Integrated Services Digital Network (ISDN) lines.

jbase

JUNOS software package containing updates to the kernel.

jbundle

JUNOS software package containing all possible software package files.

J-cell

A 64-byte data unit used within the Packet Forwarding Engine (PFE). All IP packets processed by a Juniper Networks router are segmented into J-cells.

jdocs

JUNOS software package containing the documentation set.

jitter

Small random variation introduced into the value of a timer to prevent multiple timer expirations from becoming synchronized. In real-time applications such as Voice over IP and video, variation in the rate at which packets in a stream are received that can cause quality degradation.

jkernel

JUNOS software package containing the basic components of the software.

Join message

Physical Interface Module (PIM) message sent hop by hop upstream toward a multicast source or the rendezvous point (RP) of the domain. It requests that multicast traffic be sent downstream to the router originating the message.

jpfe

JUNOS software package containing the embedded OS software for operating the Packet Forwarding Engine (PFE).

jroute

JUNOS software package containing the software used by the routing engine (RE).

J-Web

Graphical web browser interface to the JUNOS Internet software on routing platforms. With the J-Web interface, you can monitor, configure, diagnose, and manage the routing platform from a PC or laptop that has Hypertext Transfer Protocol (HTTP) or HTTP over Secure Sockets Layer (HTTPS) enabled.

keepalive message

Message sent between network devices to inform each other that they are still active.

kernel

Basic software component of the JUNOS software. The kernel operates the various processes used to control the router’s operations.

kernel forwarding table

See forwarding table.

kmd

Key management process that provides IPSec authentication services for encryption of Physical Interface Cards (PICs).

L2TP

Layer 2 Tunneling Protocol. A procedure for secure communication of data across a Layer 2 network that enables users to establish Point-to-Point Protocol (PPP) sessions between tunnel endpoints. L2TP uses profiles for individual user and group access to ensure secure communication that is as transparent as possible to both end users and applications.

See Also tunneling protocol.

label

In Multiprotocol Label Switching (MPLS), a 20-bit unsigned integer from 0 through 1,048,575, used to identify a packet traveling along a label-switched path (LSP).

Label Distribution Protocol

See LDP.

label object

Resource Reservation Protocol (RSVP) message object that contains the label value allocated to the next downstream router.

label pop operation

Function performed by a Multiprotocol Label Switching (MPLS) router in which the top label in a label stack is removed from the data packet.

label push operation

Function performed by a Multiprotocol Label Switching (MPLS) router in which a new label is added to the top of the data packet.

label request object

Resource Reservation Protocol (RSVP) message object that requests each router along the path of a label-switched path (LSP) to allocate a label for forwarding.

label swap operation

Function performed by a Multiprotocol Label Switching (MPLS) router in which the top label in a label stack is replaced with a new label before the data packet is forwarded to the next hop router.

label values

A 20-bit field in a Multiprotocol Label Switching (MPLS) header used by routers to forward data traffic along an MPLS label-switched path (LSP).

LAN PHY

Local Area Network Physical Layer Device. A physical layer device that allows 10 Gigabit Ethernet wide area links to use existing Ethernet applications.

See Also PHY, WAN PHY.

Layer 2 circuits

Collection of transport modes that accept a stream of Asynchronous Transfer Mode (ATM) cells, convert them to an encapsulated Layer 2 format, and then tunnel them over a Multiprotocol Label Switching (MPLS) or IP backbone, where a similarly configured routing platform segments these packets back into a stream of ATM cells, to be forwarded to the virtual circuit configured for the far-end routing platform. Layer 2 circuits are designed to transport Layer 2 frames between provider edge (PE) routing platforms across a Label Distribution Protocol (LDP)-signaled MPLS backbone.

See Also AAL5 mode, cell-relay mode, standard AAL5 mode, trunk mode.

Layer 2 VPN

Provides a private network service among a set of customer sites using a service provider’s existing Multiprotocol Label Switching (MPLS) and IP network. A customer’s data is separated from other data using software rather than hardware. In a Layer 2 VPN, the Layer 3 routing of customer traffic occurs within the customer’s network.

Layer 3 VPN

Provides a private network service among a set of customer sites using a service provider’s existing Multiprotocol Label Switching (MPLS) and IP network. A customer’s routes and data are separated from other routes and data using software rather than hardware. In a Layer 3 VPN, the Layer 3 routing of customer traffic occurs within the service provider’s network.

LCC

Line Card Chassis. Term used by the JUNOS command-line interface (CLI) to refer to a T640 routing node in a routing matrix.

LCP

Link Control Protocol. A traffic controller used to establish, configure, and test data-link connections for the Point-to-Point Protocol (PPP).

LDAP

Lightweight Directory Access Protocol. Software protocol used for locating resources on a public or private network.

LDP

Label Distribution Protocol. A protocol for distributing labels in non-traffic-engineered applications. LDP allows routers to establish label-switched paths (LSPs) through a network by mapping network-layer routing information directly to Data Link layer switched paths.

leaf node

Terminating node of a multicast distribution tree. A router that is a leaf node only has receivers and does not forward multicast packets to other routers.

LFI

Link fragmentation and interleaving. A method that reduces excessive delays by fragmenting long packets into smaller packets and interleaving them with real-time frames. For example, short delay-sensitive packets, such as packetized voice, can race ahead of larger delay-insensitive packets, such as common data packets.

liblicense

Library that includes messages generated for routines for software license management.

libpcap

Implementation of the pcap application programming interface. libpcap is used by a program to capture packets traveling over a network.

See Also pcap.

limited operational environment

Term used to describe the restrictions placed on FIPS-certified equipment.

See Also FIPS.

line loopback

Method of troubleshooting a problem with physical transmission media in which a transmission device in the network sends the data signal back to the originating router.

link

Communication path between two neighbors. A link is up when communication is possible between the two endpoints.

link protection

Method of establishing bypass label-switched paths (LSPs) to ensure that traffic going over a specific interface to a neighboring router can continue to reach the router if that interface fails. The bypass LSP uses a different interface and path to reach the same destination.

link services intelligent queuing interfaces

See LSQ.

link-state acknowledgment

Open Shortest Path First (OSPF) data packet used to inform a neighbor that a link-state update packet has been successfully received.

link-state database

All routing knowledge in a link-state network is contained in this database. Each router runs the Shortest Path First (SPF) algorithm against this database to locate the best network path to each destination in the network.

link-state PDU

Packet that contains information about the state of adjacencies to neighboring systems.

link-state replication

Addition to the SONET Automatic Protection Switching (APS) functionality that helps promote redundancy of the link Physical Interface Cards (PICs) used in LSQ configurations. If the active SONET PIC fails, links from the standby PIC are used without causing a link renegotiation. Also called interface preservation.

link-state request list

List generated by an Open Shortest Path First (OSPF) router during the exchange of database information while forming an adjacency. Advertised information by a neighbor that the local router does not contain is placed in this list.

link-state request packet

Open Shortest Path First (OSPF) data packet used by a router to request database information from a neighboring router.

link-state update

Open Shortest Path First (OSPF) data packet that contains one of multiple link state advertisements (LSAs). It is used to advertise routing knowledge into the network.

LLC

Logical Link Control. Data Link layer protocol used on a LAN. LLC1 provides connectionless data transfer, and LLC2 provides connection-oriented data transfer.

LLC frame

Unit of data that contains specific information about the LLC layer and identifies line protocols associated with the layer.

See Also LLC.

LMI

Local management interface. Enhancements to the basic Frame Relay specifications, providing support for the following:

  • A keepalive mechanism that verifies the flow of data

  • A multicast mechanism that provides a network server with a local data-link connection identifier (DLCI) and multicast DLCI

  • In Frame Relay networks, global addressing that gives DLCIs global instead of local significance

  • A status mechanism that provides a switch with ongoing status reports on known DLCIs

LMP

Link Management Protocol. Part of GMPLS, a protocol used to define a forwarding adjacency between peers and to maintain and allocate resources on the traffic engineering links.

load balancing

Process that installs all next hop destinations for an active route in the forwarding table. You can use load balancing across multiple paths between routers. The behavior of load balancing depends on the version of the Internet Processor ASIC in the router. Also called per-packet load balancing.

loading

Open Shortest Path First (OSPF) adjacency state in which the local router sends link-state request packets to its neighbor and waits for the appropriate link-state updates from that neighbor.

local packet

Chunk of data destined for or sent by the routing engine (RE).

local preference

Optional Border Gateway Protocol (BGP) path attribute carried in internal BGP update packets that indicate the degree of preference for an external route.

local RIB

Logical software table that contains Border Gateway Protocol (BGP) routes used by the local router to forward data packets.

local significance

Concept used in a Multiprotocol Label Switching (MPLS) network where the label values are unique only between two neighbor routers.

logical interface

On a physical interface, the configuration of one or more units that include all addressing, protocol information, and other logical interface properties that enable the physical interface to function.

logical operator

Characters used in a firewall filter to represent a Boolean AND or OR operation.

logical router

Logical routing device that is partitioned from an M Series or T Series routing platform. Each logical router independently performs a subset of the tasks performed by the main router and has a unique routing table, interfaces, policies, and routing instances.

longer

JUNOS software routing policy match type that represents all routes more specific than the given subnet, but not the given subnet itself. It is similar to a mathematical greater-than operation.

loopback interface (lo0)

Interface that is always available because it is independent of any physical interfaces. When configured with an address, the loopback interface is the default address for the routing platform and any unnumbered interfaces.

See Also unnumbered interface.

loose hop

In the context of traffic engineering, a path that can use any router or any number of other intermediate (transit) points to reach the next address in the path. (Definition from RFC 791, modified to fit LSPs.)

loss-priority map

Maps the loss priority of incoming packets based on code point values.

lower-speed IQ interfaces

E1, NxDS0, and T1 interfaces configured on an intelligent queuing (IQ) Physical Interface Card (PIC).

LPDU

LLC protocol Data Unit. LLC frame on a data link switching (DLSw) network.

See Also LLC frame.

LSA

Link state advertisement. Open Shortest Path First (OSPF) data structure that is advertised in a link-state update packet. Each LSA uniquely describes a portion of the OSPF network.

LSI

Label-switched interface. A logical interface supported by the JUNOS software that provides virtual private network (VPN) services (such as VPLS and Layer 3 VPNs) normally provided by a Tunnel Services PIC.

LSP
PROD: Note that I have used a <link> in the definition below, rather than a <glossseealso> element, in order to keep the DocBook valid and the reference inline in the text to preserve the formatting in the Word doc. (It’s not valid DocBook to have both a <glosssee> and a <glossdef>.) --Tools

1. Label-switched path. Sequence of routers that cooperatively perform Multiprotocol Label Switching (MPLS) operations for a packet stream. The first router in an LSP is called the ingress router, and the last router in the path is called the egress router. An LSP is a point-to-point, half-duplex connection from the ingress router to the egress router. (The ingress and egress routers cannot be the same router.) 2. See link-state PDU.

LSQ

Link services intelligent queuing interfaces. Interfaces configured on the Adaptive Services PIC (ASP) or Adaptive Services Module (ASM) that support Multilink Point-to-Point Protocol (MLPPP) and Multilink Frame Relay (MLFR) traffic and also fully support JUNOS class-of-service (CoS) components.

LSR

Label-switching router. A router on which Multiprotocol Label Switching (MPLS) is enabled and that can process label-switched packets.

MAC

Media Access Control. In the OSI seven-layer networking model defined by the IEEE, MAC is the lower sublayer of the Data Link layer. The MAC sublayer governs protocol access to the physical network medium. By using the MAC addresses that are assigned to all ports on a router, multiple devices on the same physical link can uniquely identify one another at the Data Link layer.

See Also MAC address.

MAC address

Serial number permanently stored in a device adapter to uniquely identify the device.

See Also MAC.

MAM

Maximum allocation bandwidth constraints model. In Differentiated Services-aware traffic engineering, a constraint model that divides the available bandwidth among the different classes. Sharing of bandwidth among the class types is not allowed.

management Ethernet interface

Permanent interface that provides an Out-of-Band method, such as Secure Shell (SSH) and Telnet, to connect to the routing platform. The Simple Network Management Protocol (SNMP) can use the management interface to gather statistics from the routing platform. Called fxp0 on some routing platforms.

See Also permanent interface.

mapping agent

Router used in an auto-RP multicast network to select the rendezvous point (RP) for all multicast group addresses. The RP is then advertised to all other routers in the domain.

martian address

Network address about which all information is ignored.

martian route

Network routes about which all information is ignored. The JUNOS software does not allow martian routes in the inet.0 routing table.

MAS

Mobile network access subsystem. A GSN application subsystem that contains the access server.

master

Router in control of the Open Shortest Path First (OSPF) database exchange during an adjacency formation.

match

Logical concept used in a routing policy or firewall filter. A match denotes the criteria used to find a route or IP packet before an action is performed.

match type

JUNOS software syntax used in a route filter to better describe the routes that should match the policy term.

MBGP

Multiprotocol Border Gateway Protocol. An extension to the Border Gateway Protocol (BGP) that allows you to connect multicast topologies within and between BGP Autonomous Systems (ASs).

MBone

Multicast Backbone. An interconnected set of subnetworks and routers that support the delivery of IP multicast traffic. The MBone is a virtual network that is layered on top of sections of the physical Internet.

MCS

Miscellaneous Control Subsystem. On the M40e and M160 routers, provides control and monitoring functions for router components and SONET clocking for the router.

MD5

Message Digest 5. A one-way hashing algorithm that produces a 128-bit hash used for generating message authentication signatures. MD5 is used in authentication header (AH) and Encapsulating Security Payload (ESP).

See Also hashing, SHA-1.

MDRR

Modified deficit round robin. A method for selecting queues to be serviced.

See Also queue.

MDT

Multicast distribution tree. The path between the sender (host) and the multicast group (receiver or listener).

mean time between failures

See MTBF.

MED

Multiple exit discriminator. An optional Border Gateway Protocol (BGP) path attribute consisting of a metric value that is used to determine the exit point to a destination when all other factors determining the exit point are equal.

mesh

Network topology in which devices are organized in a manageable, segmented manner with many, often redundant, interconnections between network nodes.

message aggregation

Extension to the Resource Reservation Protocol (RSVP) specification that allows neighboring routers to bundle up to 30 RSVP messages into a single protocol packet.

mgd

Management daemon. JUNOS software process responsible for managing all user access to the router.

MIB

Management Information Base. Definition of an object that can be managed by the Simple Network Management Protocol (SNMP).

midplane

Physically separates front and rear cavities inside the chassis, distributes power from the power supplies, and transfers packets and signals between router components, which plug into it.

MLD

Multicast listener discovery. A protocol that manages the membership of hosts and routers in multicast groups. IPv6 multicast routers use MLD to learn, for each of their attached physical networks, which groups have interested listeners.

MLFR

Multilink Frame Relay. Logically ties together individual circuits, creating a bundle. The logical equivalent of the Multilink Point-to-Point Protocol (MLPPP), MLFR is used for Frame Relay traffic instead of Point-to-Point Protocol (PPP) traffic. FRF.15 and FRF.16 are two implementations of MLFR.

MLPPP

Multilink Point-to-Point Protocol. Enables you to bundle multiple Point-to-Point Protocol (PPP) links into a single logical link between two network devices to provide an aggregate amount of bandwidth. The technique is often called bonding or link aggregation. Defined in RFC 1990.

See Also PPP.

MMF

Multimode fiber. Optical fiber supporting the propagation of multiple frequencies of light. MMF is used for relatively short distances because the modes tend to disperse over longer lengths (called modal dispersion). For longer distances, single-mode fiber (sometimes called monomode) is used.

See Also single-mode fiber.

mobile station

Mobile device, such as a cellular phone or a mobile personal digital assistant (PDA).

mobile transport subsystem

See MTS.

MPLS

Multiprotocol Label Switching. Mechanism for engineering network traffic patterns that functions by assigning to network packets short labels that describe how to forward them through the network. Also called label switching.

See Also traffic engineering.

MPLS EXP classifier

Class-of-service (CoS) behavior classifier for classifying packets based on the Multiprotocol Label Switching (MPLS) experimental bit.

See Also EXP bits.

MPS

Mobile point-to-point control subsystem. A GGSN application subsystem that controls all functionality associated with a particular connection.

MRRU

Maximum received reconstructed unit. Similar to the maximum transmission unit (MTU), but is specific to link services interfaces.

See Also MTU.

MSA

Multisource Agreement. The definition of a fiber-optic transceiver module that conforms to the 10 Gigabit Ethernet standard.

See Also XENPAK module.

MSC

Mobile Switching Center. Provides origination and termination functions to calls from a mobile station user.

MSDP

Multicast Source Discovery Protocol. A protocol used to connect multicast routing domains to allow the domains to discover multicast sources from other domains. It typically runs on the same router as the Physical Interface Module (PIM) Sparse mode rendezvous point (RP).

MSISDN

Mobile Station Integrated Services Digital Network number. A number that callers use to reach a mobile services subscriber.

MTBF

Mean time between failures. Measure of hardware component reliability.

MTS

Mobile transport subsystem. A GSN application subsystem that implements all the protocols used by the GSN.

MTU

Maximum transmission unit. Limit on the data size for a network.

multicast

Operation of sending network traffic from one network node to multiple network nodes.

multicast-scope number

Number used for configuring the multicast scope. Configuring a scope number constrains the scope of a multicast session. The number value can be any hexadecimal number from 0 through F. The multicast-scope value is a number from 0 through 15, or a specified keyword with an associated prefix range. For example, link-local (value = 2), corresponding prefix 224.0.0.0/24.

multiclass LSP

In Differentiated Services-aware traffic engineering, a multiclass label-switched path (LSP) functions like a standard LSP, but also allows you to reserve bandwidth for multiple class types. The experimental (EXP) bits of the Multiprotocol Label Switching (MPLS) header are used to distinguish between class types.

multiclass MLPPP

Enables multiple classes of service while using the Multilink Point-to-Point Protocol (MLPPP). Defined in RFC 2686, “The Multi-Class Extension to Multi-Link PPP.”

multifield classifier

Method for classifying traffic flows. Unlike a behavior aggregate (BA) classifier, a multifield classifier examines multiple fields in the packet to apply class-of-service (CoS) settings. Examples of fields that a multifield classifier examines include the source and destination addresses of the packet, as well as the source and destination port numbers of the packet.

See Also BA classifier, classification.

multihoming

Network topology that uses multiple connections between customer and provider devices to provide redundancy.

MVS

Mobile visitor register subsystem.

named path

JUNOS software syntax that specifies a portion of or the entire network path that should be used as a constraint in signaling a Multiprotocol Label Switching (MPLS) label-switched path (LSP).

NAPT

Network Address Port Translation. A method that translates the addresses and transport identifiers of many private hosts into a few external addresses and transport identifiers to make efficient use of globally registered IP addresses. NAPT extends the level of translation beyond that of basic Network Address Translation (NAT).

See Also NAT.

NAT

Network Address Translation. A method of concealing a set of host addresses on a private network behind a pool of public addresses. It can be used as a security measure to protect the host addresses from direct targeting in network attacks.

NCP

Network Control Protocol. A traffic controller used to establish and configure different network layer protocols for the Point-to-Point Protocol (PPP).

NDP

Neighbor Discovery Protocol. Protocol used by IPv6 nodes on the same link to discover each other’s presence, determine each other’s Link layer addresses, find routers, and maintain reachability information about the paths to active neighbors. NDP is defined in RFC 2461 and is equivalent to the Address Resolution Protocol (ARP) used with IPv4.

See Also ARP.

neighbor

Adjacent system reachable by traversing a single subnetwork. An immediately adjacent router. Also called a peer.

NET

Network entity title. Network address defined by the ISO network architecture and used in CLNS-based networks.

NetBIOS

Network basic input/output system. An application programming interface used by programs on a LAN. NetBIOS provides a uniform set of commands for requesting the lower-level services required to manage names, conduct sessions, and send datagrams between nodes on a network.

network interface

Interface, such as an Ethernet or SONET/SDH interface, that primarily provides traffic connectivity.

See Also PIC, services interface.

network link advertisement

Open Shortest Path First (OSPF) link state advertisement (LSA) flooded throughout a single area by designated routers to describe all routers attached to the network.

network LSA

Open Shortest Path First (OSPF) link state advertisement (LSA) sent by the designated router on a broadcast or NBMA segment. It advertises the subnet associated with the designated router’s segment.

network summary LSA

Open Shortest Path First (OSPF) link state advertisement (LSA) sent by an area border router (ABR) to advertise internal OSPF routing knowledge across an area boundary.

See Also ABR.

NIC

Network Information Center. Internet authority responsible for assigning Internet-related numbers, such as IP addresses and Autonomous System (AS) numbers.

See Also IANA.

NIST

National Institute of Standards and Technology. A nonregulatory U.S. federal agency whose mission is to develop and promote measurement, standards, and technology.

NLRI

Network layer reachability information. Information carried in Border Gateway Protocol (BGP) packets and used by the Multiprotocol Border Gateway Protocol (MBGP).

nonclient peer

In a Border Gateway Protocol (BGP) route reflection, a BGP peer that is not a member of a cluster.

See Also client peer.

notification cell

JUNOS software data structure generated by the Distribution Buffer Manager ASIC that represents the header contents of an IP packet. The Internet Processor ASIC uses the notification cell to perform a forwarding table lookup.

Notification message

A Border Gateway Protocol (BGP) message that informs a neighbor about an error condition, and then in some cases terminates the BGP peering session.

not-so-stubby area

See NSSA.

NSAP

Network service access point. Connection to a network that is identified by a network address.

n-selector

Last byte of a nonclient peer address.

NSR

Nonstop routing. A high-availability feature that allows a routing platform with redundant routing engines (REs) to preserve routing information on the backup RE and switch over from the primary RE to the backup RE without alerting peer nodes that a change has occurred. NSR uses the Graceful RE Switchover (GRES) infrastructure to preserve interface, kernel, and routing information.

NSSA

Not-so-stubby area. In Open Shortest Path First (OSPF), a type of stub area in which external routes can be flooded.

NTP

Network Time Protocol. A protocol used to synchronize computer clock times on a network.

Null Register message

Physical Interface Module (PIM) message sent by the first hop router to the rendezvous point (RP). The message informs the RP that the local source is still actively sending multicast packets into the network.

See Also RP.

numeric range match conditions

Use of numeric values (protocol and port numbers) in the header of an IP packet to match criteria in a firewall filter.

Oakley

Key determination protocol based on the Diffie-Hellman algorithm that provides added security, including authentication. Oakley was the key-exchange algorithm mandated for use with the initial version of ISAKMP, although other algorithms can be used. Oakley describes a series of key exchanges called modes and details the services provided by each; for example, Perfect Forward Secrecy for keys, identity protection, and authentication.

See Also ISAKMP.

OAM

Operation, Administration, and Maintenance. An ATM Forum specification for monitoring Asynchronous Transfer Mode (ATM) virtual connections. OAM performs standard loopback, fault detection and notification, and remote defect identification for each connection, verifying that the connection is up and the router is operational.

OC

Optical carrier. In SONET, the OC level indicates the transmission rate of digital signals on optical fiber.

OC3

SONET line with a transmission speed of 155.52 Mbps (payload of 150.336 Mbps) using fiber-optic cables. For SDH interfaces, OC3 is also known as STM1.

OC12

SONET line with a transmission speed of 622 Mbps using fiber-optic cables.

Open message

Border Gateway Protocol (BGP) message that allows two neighbors to negotiate the parameters of the peering session.

OpenConfirm

Border Gateway Protocol (BGP) neighbor state that shows that a valid Open message was received from the remote peer.

OpenSent

Border Gateway Protocol (BGP) neighbor state that shows that an Open message was sent to the remote peer and the local router is waiting for an Open message to be returned.

operational mode

JUNOS software mode that allows a user to view statistics and information about the router’s current operating status.

op script

Operational script. Extensible Stylesheet Language for Transformations (XSLT) script written to automate network troubleshooting and network management. Op scripts can perform any function available through JUNOScript remote procedure calls (RPCs).

origin

In the Border Gateway Protocol (BGP), an attribute that describes the source of the route.

orlonger

JUNOS software routing policy match type that represents all routes more specific than the given subnet, including the given subnet itself. It is similar to a mathematical greater-than-or-equal-to operation.

OSI

Open Systems Interconnection. Standard reference model for how messages are transmitted between two points on a network.

OSPF

Open Shortest Path First. A link-state Interior Gateway Protocol (IGP) that makes routing decisions based on the Shortest Path First (SPF) algorithm (also referred to as the Dijkstra algorithm).

OSPF hello packet

Message sent by each Open Shortest Path First (OSPF) router to each adjacent router. It is used to establish and maintain the router’s neighbor relationships.

overlay network

Network design in which a logical Layer 3 topology (IP subnets) is operating over a logical Layer 2 topology (Asynchronous Transfer Mode permanent virtual circuits [ATM PVCs]). Layers in the network do not have knowledge of each other, and each layer requires separate management and operation.

oversubscription

Method that allows provisioning of more bandwidth than the line rate of the physical interface.

P2MP LSP

See point-to-multipoint LSP.

package

Collection of files that make up a JUNOS software component.

packet

Fundamental unit of information (message or fragment of a message) carried in a packet-switched network; for example, the Internet.

See Also PSN.

packet aging

Occurs when packets in the output buffer are overwritten by newly arriving packets. This happens because the available buffer size is greater than the available transmission bandwidth.

packet capture
PROD: Note that "see also" element here has been moved from the end of definition 1 to the end of the entry for consistency with other entries. --Tools

1. Packet sampling method in which entire IPv4 packets flowing through a router are captured for analysis. Packets are captured in the routing engine (RE) and stored as libpcap-formatted files on the router. Packet capture files can be opened and analyzed offline with packet analyzers such as tcpdump and Ethereal. 2. J-Web packet sampling method for quickly analyzing router control traffic destined for or originating from the RE. You can either decode and view the captured packets in the J-Web interface as they are captured, or save the packets to a file and analyze them offline with packet analyzers such as Ethereal. J-Web packet capture does not capture transient traffic.

See Also traffic sampling.

Packet Forwarding Engine

Portion of the router that processes packets by forwarding them between input and output interfaces.

packet or cell switching

Transmission of packets from many sources over a switched network.

PADI

PPPoE Active Discovery Initiation packet. A Point-to-Point Protocol over Ethernet (PPPoE) initiation packet that is broadcast by the client to start the discovery process.

PADO

PPPoE Active Discovery Offer packet. A Point-to-Point Protocol over Ethernet (PPPoE) offer packet that is sent to the client by one or more access concentrators in reply to a PPPoE Active Discovery Initiation (PADI) packet.

PADR

PPPoE Active Discovery Request packet. A Point-to-Point Protocol over Ethernet (PPPoE) packet sent by the client to one selected access concentrator to request a session.

PADS

PPPoE Active Discovery Session Confirmation packet. A Point-to-Point Protocol over Ethernet (PPPoE) packet sent by the selected access concentrator to confirm the session.

PADT

PPPoE Active Discovery Termination packet. A Point-to-Point Protocol over Ethernet (PPPoE) packet sent by either the client or the access concentrator to terminate a session.

passive flow monitoring

Technique to intercept and observe specified data network traffic by using a routing platform such as a monitoring station that is not participating in the network.

path attribute

Information about a Border Gateway Protocol (BGP) route, such as the route origin, Autonomous System (AS) path, and next hop router.

PathErr message

Resource Reservation Protocol (RSVP) message indicating that an error has occurred along an established label-switched path (LSP). The message is advertised upstream toward the ingress router and does not remove any RSVP soft state from the network.

PathTear message

Resource Reservation Protocol (RSVP) message indicating that the established label-switched path (LSP) and its associated soft state should be removed by the network. The message is advertised downstream hop by hop toward the egress router.

pcap

Software library for packet capturing.

See Also libpcap.

PC Card

(Previously known as a PCMCIA Card.) The removable storage media that ships with each router that contains a copy of the JUNOS software. The PC Card is based on standards published by the Personal Computer Memory Card International Association (PCMCIA).

PCI

Peripheral Component Interconnect. Standard, high-speed bus for connecting computer peripherals. Used on the routing engine (RE).

PCI Express

Peripheral Component Interconnect Express. Next-generation, higher-bandwidth bus for connecting computer peripherals. A PCI Express bus uses point-to-point bus topology with a shared switch rather than the shared bus topology of a standard PCI bus. The shared switch on a PCI Express bus provides centralized traffic routing and management and can prioritize traffic. On some J Series services routers, PCI Express slots are backward compatible with PCI and can accept Physical Interface Modules (PIMs) intended for either PCI Express or PCI slots.

PCMCIA

Personal Computer Memory Card International Association. Industry group that promotes standards for credit-card-size memory and I/O devices.

PDH

Plesiochronous Digital Hierarchy. Developed to carry digitized voice more efficiently. Evolved into the North American, European, and Japanese Digital Hierarchies, in which only a discrete set of fixed rates is available; namely, NxDS0 (DS0 is a 64 kbps rate).

PDP

Packet data protocol. Network protocol, such as IP, used by packet data networks connected to a GPRS network.

PDU

Protocol Data Unit. A packet of data passed across a network. The term refers to a specific layer of the OSI seven-layer model and a specific protocol.

PEC

Policing equivalence classes. In traffic policing, a set of packets that are treated the same way by the packet classifier.

peer

Immediately adjacent router with which a protocol relationship has been established. Also called a neighbor.

peering

Practice of exchanging Internet traffic with directly connected peers according to commercial and contractual agreements.

PEM

1. Privacy Enhanced Mail. A technique for securely exchanging electronic mail over a public medium. 2. Power Entry Module. Distributes DC power within the router chassis. Supported on M40e, M160, M320, and T Series routing platforms.

penultimate router

Last transit router before the egress router in a Multiprotocol Label Switching (MPLS) label-switched path (LSP).

permanent interface

Interface that is always present in the routing platform.

See Also management Ethernet interface, transient interface.

persistent change

Commit-script-generated configuration change that is copied to the candidate configuration. Persistent changes remain in the candidate configuration unless you explicitly delete them.

See Also transient change.

PE router

Provider edge router. A router in the service provider’s network that is connected to a customer edge (CE) device and participates in a virtual private network (VPN).

PFC

Protocol Field Compression. Normally, Point-to-Point Protocol (PPP)-encapsulated packets are transmitted with a 2-byte protocol field. For example, IPv4 packets are transmitted with the protocol field set to 0x0021, and Multiprotocol Label Switching (MPLS) packets are transmitted with the protocol field set to 0x0281. For all protocols with identifiers from 0x0000 through 0x00ff, PFC enables routers to compress the protocol field to one byte, as defined in RFC 1661, “The Point-to-Point Protocol (PPP).” PFC allows you to conserve bandwidth by transmitting less data.

See Also ACFC.

PFS

Perfect Forward Secrecy protocol. A protocol derived from an encryption system that changes encryption keys often and ensures that no two sets of keys have any relationship to each other. If one set of keys is compromised, only communications using those keys are at risk. An example of a system that uses PFS is Diffie-Hellman.

PGM

Pragmatic General Multicast. A protocol layer that can be used between the IP layer and the multicast application on sources, receivers, and routers to add reliability, scalability, and efficiency to multicast networks.

PGP

Pretty Good Privacy. A strong cryptographic technique invented by Philip Zimmerman in 1991.

PHP

Penultimate hop popping. A mechanism used in a Multiprotocol Label Switching (MPLS) network that allows the transit router before the egress router to perform a label pop operation and forward the remaining data (often an IPv4 packet) to the egress router.

PHY
PROD: Note that "see also" elements here have been moved from the end of definition 1 to the end of the entry for consistency with other entries. --Tools

1. Special electronic integrated circuit or functional block of a circuit that performs encoding and decoding between a pure digital domain (on-off) and a modulation in the analog domain. 2. Open Systems Interconnection (OSI) physical layer. Layer 1 of the OSI model that defines the physical link between devices.

See Also LAN PHY, WAN PHY.

physical interface

Port on a Physical Interface Card (PIC) or Physical Interface Module (PIM).

Physical Interface Module

A network interface card installed in a J Series services router to provide physical connections to a LAN or WAN. PIMs can be fixed or removable and interchangeable. The PIM receives incoming packets from the network and transmits outgoing packets to the network. Each PIM is equipped with a dedicated network processor that forwards incoming data packets to and receives outgoing data packets from the routing engine (RE). During this process, the PIM performs framing and line-speed signaling for its medium type—for example, E1, serial, Fast Ethernet, or Integrated Services Digital Network (ISDN).

PIC

Physical Interface Card. A network interface-specific card that can be installed on a Flexible PIC Concentrator (FPC) in the router.

PIC I/O Manager

Juniper Networks ASIC responsible for receiving and transmitting information on the physical media. It performs media-specific tasks within the Packet Forwarding Engine (PFE).

PIR

Peak information rate. The PIR must be equal to or greater than the committed information rate (CIR), and both must be configured to be greater than 0. Packets that exceed the PIR are marked red, which corresponds to high loss priority.

See Also CIR, trTCM.

PKI

Public key infrastructure. A hierarchy of trust that enables users of a public network to securely and privately exchange data through the use of public and private cryptographic key pairs that are obtained and shared with peers through a trusted authority.

PLMN

Public Land Mobile Network. A telecommunications network for mobile stations.

PLP

Packet loss priority. Used to determine the random early detection (RED) drop profile when a packet is queued. You can set it by configuring a classifier or policer. The system supports two PLP designations: low and high.

PLP bit

Packet loss priority bit. Used to identify packets that have experienced congestion or are from a transmission that exceeded a service provider’s customer service license agreement. This bit can be used as part of a router’s congestion control mechanism and can be set by the interface or by a filter.

PLR

Point of local repair. The ingress router of a backup tunnel or a detour label-switched path (LSP).

point-to-multipoint connection

Unidirectional connection in which a single source system transmits data to multiple destination end systems. Point-to-multipoint is one of two fundamental connection types.

See Also point-to-point connection.

point-to-multipoint LSP

Resource Reservation Protocol (RSVP)-signaled label-switched path (LSP) with a single source and multiple destinations.

point-to-point connection

Unidirectional or bidirectional connection between two end systems. Point-to-point is one of two fundamental connection types.

See Also point-to-multipoint connection.

poison reverse

Method used in distance-vector networks to avoid routing loops. Each router advertises routes back to the neighbor it received them from with an infinity metric assigned.

policer

Filter that limits traffic of a certain class to a specified bandwidth or burst size. Packets exceeding the policer limits are discarded, or assigned to a different forwarding class, a different loss priority, or both.

policing

Method of applying rate limits on bandwidth and burst size for traffic on a particular interface.

policy chain

Application of multiple routing policies in a single location. The policies are evaluated in a predefined manner and are always followed by the default policy for the specific application location.

pop

Removal of the last label, by a router, from a packet as it exits a Multiprotocol Label Switching (MPLS) domain.

port mirroring

Method in which a copy of an IPv4 packet is sent from the routing platform to an external host address or a packet analyzer for analysis.

PPP

Point-to-Point Protocol. A Link layer protocol that provides multiprotocol encapsulation. PPP is used for Link layer and Network layer configuration. Provides a standard method for transporting multiprotocol datagrams over point-to-point links. Defined in RFC 1661.

pppd

Point-to-Point Protocol daemon that processes packets that use the Point-to-Point Protocol (PPP).

PPPoE

Point-to-Point Protocol over Ethernet. Network protocol that encapsulates Point-to-Point Protocol (PPP) frames in Ethernet frames and connects multiple hosts over a simple bridging access device to a remote access concentrator.

PPPoE over ATM

Point-to-Point Protocol over Ethernet frames in Asynchronous Transfer Mode. Network protocol that encapsulates Point-to-Point Protocol over Ethernet (PPPoE) frames in Asynchronous Transfer Mode (ATM) frames for digital subscriber line (DSL) transmission, and connects multiple hosts over a simple bridging access device to a remote access concentrator.

precedence bits

First three bits in the type-of-service (ToS) byte. On a Juniper Networks router, these bits are used to sort or classify individual packets as they arrive at an interface. The classification determines the queue to which the packet is directed upon transmission.

preference

Desirability of a route to become the active route. A route with a lower preference value is more likely to become the active route. The preference is an arbitrary value from 0 through 255 that the routing protocol process uses to rank routes received from different protocols, interfaces, or remote systems.

preferred address

On an interface, the default local address used for packets sourced by the local router to destinations on the subnet.

prefix-length-range

JUNOS software routing policy match type representing all routes that share the same most-significant bits. The prefix length of the route must also lie between the two supplied lengths in the route filter.

primary address

On an interface, the address used by default as the local address for broadcast and multicast packets sourced locally and sent out the interface.

primary contributing route

Contributing route with the numerically smallest prefix and smallest JUNOS software preference value. This route is the default next hop used for a generated route.

primary interface

Router interface that packets go out on when no interface name is specified and when the destination address does not specify a particular outgoing interface.

promiscuous mode

Used with Asynchronous Transfer Mode (ATM) CCC Cell Relay encapsulation, enables mapping of all incoming cells from an interface port or from a virtual path (VP) to a single label-switched path (LSP) without restricting the VCI number.

protocol address

Logical Layer 3 address assigned to an interface within the JUNOS software.

protocol families

Grouping of logical properties within an interface configuration; for example, the inet, inet4, and Multiprotocol Label Switching (MPLS) families.

Protocol Independent Multicast (PIM)

A protocol-independent multicast routing protocol. PIM Dense mode is a flood-and-prune protocol. PIM Sparse mode routes to multicast groups that use join messages to receive traffic. PIM Sparse-Dense mode allows some multicast groups to be dense groups (flood and prune) and some groups to be sparse groups (join and leave).

protocol preference

A 32-bit value assigned to all routes placed into the routing table. The protocol preference is used as a tiebreaker when multiple exact routes are placed into the table by different protocols.

provider router

Router in the service provider’s network that is not connected to a customer edge (CE) device.

Prune message

Physical Interface Module (PIM) message sent upstream to a multicast source or the rendezvous point (RP) of the domain. The message requests that multicast traffic stop being transmitted to the router originating the message.

PSN

Packet-switched network. Network in which messages or fragments of messages (packets) are sent to their destinations through the most expedient route, as determined by a routing algorithm. Packet switching optimizes bandwidth in a network and minimizes latency.

PSNP

Partial sequence number PDU. A packet that contains only a partial list of the label-switched paths (LSPs) in the Intermediate System-to-Intermediate System Level 1 (IS-IS) link-state database.

public key infrastructure

See PKI.

push

Addition of a label or stack of labels, by a router, to a packet as it enters a Multiprotocol Label Switching (MPLS) domain.

PVC

Permanent virtual circuit. A software-defined logical connection in a network.

See Also SVC.

QoS

Quality of service. Performance, such as transmission rates and error rates, of a communications channel or system.

quad-wide

Type of Physical Interface Card (PIC) that combines the PIC and Flexible PIC Concentrator (FPC) within a single FPC slot.

qualified next hop

Next hop for a static route that allows a second next hop for the same static route to have different metric and preference properties from the original next hop.

querier router

Physical Interface Module (PIM) router on a broadcast subnet responsible for generating Internet Group Management Protocol (IGMP) query messages for the segment.

queue

First-in, first-out (FIFO) number of packets waiting to be forwarded over a router interface. You can configure the minimum and maximum sizes of the packet queue, queue admission policies, and other parameters to manage the flow of packets through the router.

queue fullness

For random early detection (RED), the memory used to store packets expressed as a percentage of the total memory allocated for that specific queue.

See Also drop profile.

queue length

For ATM1 interfaces only, a limit on the number of transmit packets that can be queued. Packets that exceed the limit are dropped.

See Also EPD.

queuing

In routing, the arrangement of packets waiting to be forwarded. Packets are organized into queues according to their priority, time of arrival, or other characteristics, and are processed one at a time. After a packet is sent to the outgoing interface on a router, it is queued for transmission on the physical media. The amount of time a packet is queued on the router is determined by the availability of the outgoing physical media, bandwidth, and amount of traffic using the interface.

RA

Registration authority. A trusted third-party organization that acts on behalf of a certificate authority (CA) to verify the identity of a digital certificate user.

radio frequency interference

See RFI.

RADIUS

Remote Authentication Dial-In User Service. An authentication method for validating users who attempt to access the router using Telnet.

RBOC

(Pronounced “are-bock.”) Regional Bell operating company. Regional telephone companies formed as a result of the divestiture of the Bell System.

RC2, RC4, RC5

RSA codes. A family of proprietary (RSA Data Security, Inc.) encryption schemes often used in web browsers and servers. These codes use variable-length keys up to 2,048 bits.

RDBMS

Relational database management system. A system that presents data in a tabular form with a means of manipulating the tabular data with relational operators.

RDM

Russian-dolls bandwidth allocation model. An allocation model that makes efficient use of bandwidth by allowing the class types to share bandwidth. RDM is defined in the Internet draft draft-ietf-tewg-diff-te-russian-03.txt, “Russian Dolls Bandwidth Constraints Model for Diff-Serv-aware MPLS Traffic Engineering.”

receive

Next hop for a static route that allows all matching packets to be sent to the routing engine (RE) for processing.

recursive lookup

Method of consulting the routing table to locate the actual physical next hop for a route when the supplied next hop is not directly connected.

RED

Random early detection. Gradual drop profile for a given class that is used for congestion avoidance. RED tries to anticipate incipient congestion by dropping a small percentage of packets from the head of the queue to ensure that a queue never actually becomes congested.

refresh reduction

In the Resource Reservation Protocol (RSVP), an extension that addresses the problems of scaling, reliability, and latency when Refresh messages are used to cover message loss.

Register message

Physical Interface Module (PIM) message unicast by the first hop router to the rendezvous point (RP) that contains the multicast packets from the source encapsulated within its data field.

Register Stop message

Physical Interface Module (PIM) message sent by the rendezvous point (RP) to the first hop router to halt the sending of encapsulated multicast packets.

registration authority

See RA.

reject

Next hop for a configured route that drops all matching packets from the network and returns an Internet Control Message Protocol (ICMP) message to the source IP address. Also used as an action in a routing policy or firewall filter.

rename

JUNOS software command that allows a user to change the name of a routing policy, firewall filter, or any other variable character string defined in the router configuration.

Request message

Routing Information Protocol (RIP) message used by a router to ask for all or part of the routing table from a neighbor.

resolve

Next hop for a static route that allows the router to perform a recursive lookup to locate the physical next hop for the route.

Response message

Routing Information Protocol (RIP) message used to advertise routing information into a network.

result cell

JUNOS software data structure generated by the Internet Processor ASIC after performing a forwarding table lookup.

ResvConf message

Resource Reservation Protocol (RSVP) message that allows the egress router to receive an explicit confirmation message from a neighbor that its Resv message was received.

ResvErr message

Resource Reservation Protocol (RSVP) message indicating that an error has occurred along an established label-switched path (LSP). The message is advertised downstream toward the egress router and it does not remove any RSVP soft state from the network.

ResvTear message

Resource Reservation Protocol (RSVP) message indicating that the established label-switched path (LSP) and its associated soft state should be removed by the network. The message is advertised upstream toward the ingress router.

revert timer

For SONET Automatic Protection Switching (APS), a timer that specifies the amount of time (in seconds) to wait after the working circuit has become functional before making the working circuit active again.

rewrite rules

Set the appropriate class-of-service (CoS) bits in an outgoing packet. This allows the next downstream router to classify the packet into the appropriate service group.

RFC

Request for Comments. Internet standard specifications published by the Internet Engineering Task Force (IETF).

RFI

Radio frequency interface. Interference from high-frequency electromagnetic waves emanating from electronic devices.

RIB

Routing information base. A logical data structure used by the Border Gateway Protocol (BGP) to store routing information.

See Also routing table.

RID

Router ID. An IP address used by a router to uniquely identify itself to a routing protocol. This address may not be equal to a configured interface address.

RIP

Routing Information Protocol. Used in IPv4 networks, a distance-vector interior gateway protocol that makes routing decisions based on hop count.

RIPng

Routing Information Protocol next generation. Used in IPv6 networks, a distance-vector interior gateway protocol that makes routing decisions based on hop count.

RMON

Remote monitoring. A standard Management Information Base (MIB) that defines current and historical Media Access Control (MAC)-layer statistics and control objects, allowing you to capture real-time information across the entire network. This allows you to detect, isolate, diagnose, and report potential and actual network problems.

RNC

Radio network controller. Manages the radio part of the network in UMTS.

route distinguisher

A 6-byte value identifying a virtual private network (VPN) that is prefixed to an IPv4 address to create a unique IPv4 address. The new address is part of the VPN IPv4 address family, which is a Border Gateway Protocol (BGP) address family added as an extension to BGP. It allows you to configure private addresses within the VPN by preventing overlap with the private addresses in other VPNs.

route filter

JUNOS software syntax used in a routing policy to match an individual route or a group of routes.

route flapping

Condition of network instability whereby a route is announced and withdrawn repeatedly, often as a result of an intermittently failing link.

route identifier

IP address of the router from which a Border Gateway Protocol (BGP), Interior Gateway Protocol (IGP), or Open Shortest Path First (OSPF) packet originated.

route redistribution

Method of placing learned routes from one protocol into another protocol operating on the same router. The JUNOS software accomplishes this with a routing policy.

route reflection

In the Border Gateway Protocol (BGP), the configuration of a group of routers into a cluster in which one system acts as a route reflector, redistributing routes from outside the cluster to all routers in the cluster. Routers in a cluster do not need to be fully meshed.

router ID

See RID.

router-link advertisement

Open Shortest Path First (OSPF) link state advertisement (LSA) flooded throughout a single area by all routers to describe the state and cost of the router’s links to the area.

router LSA

Open Shortest Path First (OSPF) link state advertisement (LSA) sent by each router in the network. It describes the local router’s connected subnets and their metric values.

router priority

Numerical value assigned to an Open Shortest Path First (OPSF) or Intermediate System-to-Intermediate System Level 1 (IS-IS) interface that is used as the first criterion in electing the designated router or designated intermediate system, respectively.

routing engine

Portion of the router that handles all routing protocol processes, as well as other software processes that control the router’s interfaces, some of the chassis components, system management, and user access to the router.

routing instance

Collection of routing tables, interfaces, and routing protocol parameters. The set of interfaces is contained in the routing tables, and the routing protocol parameters control the information in the routing tables.

routing matrix

Terabit routing system interconnecting up to four T640 routing nodes and a TX Matrix platform to deliver up to 2.56 terabits per second (Tbps) of subscriber switching capacity.

routing table

Common database of routes learned from one or more routing protocols. All routes are maintained by the JUNOS routing protocol process.

RP

Rendezvous point. For Physical Interface Module (PIM) Sparse mode, a core router acting as the root of the distribution tree in a shared tree.

RPC

Remote procedure call. A type of protocol that allows a computer program running on one computer to cause a function on another computer to be executed without explicitly coding the details for this interaction.

rpd

JUNOS software routing protocol process (daemon). A user-level background process responsible for starting, managing, and stopping the routing protocols on a Juniper Networks router.

RPF

Reverse path forwarding. An algorithm that checks the unicast routing table to determine whether there is a shortest path back to the source address of the incoming multicast packet. Unicast RPF helps to determine the source of denial-of-service (DoS) attacks and rejects packets from unexpected source addresses.

RPM

1. Reverse-path multicasting. Routing algorithm used by the Distance Vector Multicast Routing Protocol (DVMRP) to forward multicast traffic. 2. Real-time Performance Monitoring. A tool for creating active probes to track and monitor traffic.

RRO

Record route object. A Resource Reservation Protocol (RSVP) message object that notes the IP address of each router along the path of a label-switched path (LSP).

RSVP

Resource Reservation Protocol. A signaling protocol that establishes a session between two routers to transport a specific traffic flow.

RSVP Path message

Resource Reservation Protocol (RSVP) message sent by the ingress router downstream toward the egress router. It begins the establishment of a soft state database for a particular label-switched path (LSP).

RSVP Resv message

Resource Reservation Protocol (RSVP) message sent by the egress router upstream toward the ingress router. It completes the establishment of the soft state database for a particular label-switched path (LSP).

RSVP signaled LSP

Label-switched path (LSP) that is dynamically established using Resource Reservation Protocol (RSVP) Path and Resv messages.

RSVP-TE

RSVP traffic engineering; Resource Reservation Protocol (RSVP) with traffic engineering extensions as defined by RFC 3209. These extensions allow RSVP to establish label-switched paths (LSPs) in Multiprotocol Label Switching (MPLS) networks.

See Also MPLS, RSVP.

RTP

Real-time Transport Protocol. An Internet protocol that provides mechanisms for the transmission of real-time data, such as audio, video, or voice, over IP networks. Compressed RTP is used for Voice over IP traffic.

RTVBR

Real-time variable bit rate. For ATM2 intelligent queuing (IQ) interfaces, data that is serviced at a higher priority rate than other VBR data. RTVBR is suitable for carrying packetized video and audio. RTVBR provides better congestion control and latency guarantees than non-real-time VBR.

SA

Security association. An IPSec term that describes an agreement between two parties about what rules to use for authentication and encryption algorithms, key exchange mechanisms, and secure communications.

sampling

Method whereby the sampling key based on the IPv4 header is sent to the routing engine (RE). There, the key is placed in a file, or cflowd packets based on the key are sent to a cflowd server.

SAP

1. Session Announcement Protocol. Used with multicast protocols to handle session conference announcements. 2. Service access point. Device that identifies routing protocols and provides the connection between the network interface card and the rest of the network.

SAR

Segmentation and reassembly. Buffering used with Asynchronous Transfer Mode (ATM).

SCB

System Control Board. On an M40 router, the part of the Packet Forwarding Engine (PFE) that performs route lookups, monitors system components, and controls Flexible PIC Concentrator (FPC) resets.

SCC

Switch-card chassis. Term used by the JUNOS command-line interface (CLI) to refer to the TX Matrix platform in a routing matrix.

SCEP

Simple Certificate Enrollment Protocol. A protocol for digital certificates that supports certificate authority (CA) and registration authority (RA) public key distribution, certificate enrollment, certificate revocation, certificate queries, and certificate revocation list (CRL) queries.

SCG

SONET Clock Generator. On a T640 routing node, provides the Stratum 3 clock signal for the SONET/SDH interfaces. Also provides external clock inputs.

scheduler maps

In class of service (CoS), associate schedulers with forwarding classes.

See Also schedulers, forwarding classes.

schedulers

Define the priority, bandwidth, delay buffer size, rate control status, and random early detection (RED) drop profiles to be applied to a particular forwarding class for packet transmission.

See Also scheduler maps.

scheduling

Method of determining which type of packet or queue is transmitted before another. An individual router interface can have multiple queues assigned to store packets. The router then determines which queue to service based on a particular method of scheduling. This process often involves a determination of which type of packet should be transmitted before another. For example, first in, first out (FIFO).

See Also FIFO.

SCP

Secure copy. Means of securely transferring computer files between a local and remote host or between two remote hosts, using the Secure Shell (SSH) protocol.

SCU

Source class usage. A means of tracking traffic originating from specific prefixes on the provider core router and destined for specific prefixes on the customer edge router, based on the IP source and destination addresses.

SDH

Synchronous Digital Hierarchy. A CCITT variation of the SONET standard.

SDP

Session Description Protocol. Used with multicast protocols to handle session conference announcements.

SDRAM

Synchronous dynamic random access memory. An electronic standard in which the inputs and outputs of SDRAM data are synchronized to an externally supplied clock, allowing for extremely fast consecutive read and write capacity.

SDX software

Service Deployment System software. A customizable Juniper Networks product with which service providers can rapidly deploy IP services—such as video on demand (VoD), IP television, stateful firewalls, Layer 3 virtual private networks (VPNs), and bandwidth on demand (BoD)—to hundreds of thousands of subscribers over a variety of broadband access technologies.

services interface

Interface that provides specific capabilities for manipulating traffic before it is delivered to its destination; for example, the adaptive services interface and the tunnel services interface.

See Also network interface.

session attribute object

Resource Reservation Protocol (RSVP) message object used to control the priority, preemption, affinity class, and local rerouting of the label-switched path (LSP).

SFM

Switching and Forwarding Module. On an M160 router, a component of the Packet Forwarding Engine (PFE) that provides route lookup, filtering, and switching to Flexible PIC Concentrators (FPCs).

SFP

Small Form-factor Pluggable transceiver. A transceiver that provides support for optical or copper cables. SFPs are hot-insertable and hot-removable.

See Also XFP.

SGSN

Serving GPRS Support Node. Device in the mobile network that requests PDP contexts with a GGSN.

SHA-1

Secure Hash Algorithm 1. A secure hash algorithm standard defined in FIPS PUB 180-1 (SHA-1). Developed by the National Institute of Standards and Technology (NIST), SHA-1 (which effectively replaces SHA-0) produces a 160-bit hash for message authentication. Longer-hash variants include SHA-224, SHA-256, SHA-384, and SHA-512 (sometimes grouped under the name “SHA-2”). SHA-1 is more secure than Message Digest 5 (MD5).

See Also hashing, MD5.

sham link

Unnumbered point-to-point intra-area link advertised by a type 1 link state advertisement (LSA).

shaping rate

In class of service (CoS), controls the maximum rate of traffic transmitted on an interface.

See Also traffic shaping.

shared scheduling and shaping

Allocation of separate pools of shared resources to subsets of logical interfaces belonging to the same physical port.

shared tree

Multicast forwarding tree established from the rendezvous point (RP) to the last hop router for a particular group address.

SHDSL

Symmetric high-speed digital subscriber line. A standardized multirate symmetric DSL that transports rate-adaptive symmetrical data across a single copper pair at data rates from 192 Kbps to 2.3 Mbps, or from 384 Kbps to 4.6 Mbps over two pairs, covering applications served by HDSL, SDSL, T1, E1, and services beyond E1. SHDSL conforms to the following recommendations: ITU G.991.2 G.SHDSL, ETSI TS 101-524 SDSL, and the ANSI T1E1.4/2001-174 G.SHDSL.

See Also G.SHDSL.

shim header

Location of the Multiprotocol Label Switching (MPLS) header in a data packet. The JUNOS software always places (shims) the header between the existing Layer 2 and Layer 3 headers.

Shortest Path First

See SPF.

shortest-path tree

See SPT.

SIB

Switch Interface Board. On a T640 routing node, provides the switching function to the destination Packet Forwarding Engine (PFE).

signaled path

In traffic engineering, an explicit path; that is, a path determined using Resource Reservation Protocol (RSVP) signaling. The ERO carried in the packets contains the explicit path information.

Simple Network Management Protocol

See SNMP.

simplex interface

Interface that treats packets it receives from itself as the result of a software loopback process. The interface does not consider these packets when determining whether the interface is functional.

single-mode fiber

Optical fiber designed for transmission of a single ray or mode of light as a carrier and used for long-distance signal transmission. For short distances, multimode fiber is used.

See Also MMF.

SIP

Session Initiation Protocol. An Adaptive Services application protocol option used for setting up sessions between endpoints on the Internet. Examples include telephony, fax, videoconferencing, file exchange, and person-to-person sessions.

SNA

System Network Architecture. IBM proprietary networking architecture consisting of a protocol stack that is used primarily in banks and other financial transaction networks.

SNMP

Simple Network Management Protocol. A protocol governing network management and the monitoring of network devices and their functions.

soft state

In Resource Reservation Protocol (RSVP), controls state in hosts and routers that expires if not refreshed within a specified amount of time.

SONET

Synchronous Optical Network. A high-speed (up to 2.5 Gbps) synchronous network specification developed by Bellcore and designed to run on optical fiber. STS1 is the basic building block of SONET. Approved as an international standard in 1988.

See Also SDH.

source-based tree

Multicast forwarding tree established from the source of traffic to all interested receivers for a particular group address. It is often used in a Dense-mode forwarding environment.

Sparse mode

Method of operating a multicast domain where sources of traffic and interested receivers meet at a central rendezvous point (RP). A Sparse-mode network assumes that there are very few receivers for each group address.

SPF

Shortest Path First. An algorithm used by Intermediate System-to-Intermediate System Level 1 (IS-IS) and Open Shortest Path First (OSPF) to make routing decisions based on the state of network links. Also called the Dijkstra algorithm.

SPI

Security Parameter Index. In IPSec, a numeric identifier used with the destination address and security protocol to identify a security association (SA). When Internet Key Exchange (IKE) is used to establish an SA, the SPI is randomly derived. When manual configuration is used for an SA, the SPI must be entered as a parameter.

SPID

Service Profile Identifier. Used only in Basic Rate Interface (BRI) implementations of the Integrated Services Digital Network (ISDN). The SPID specifies the services available on the service provider switch and defines the feature set ordered when the ISDN service is provisioned.

split horizon

Method used in distance-vector networks to avoid routing loops. Each router does not advertise routes back to the neighbor from which it received them.

SPQ

Strict-priority queuing. A dequeuing method that provides a special queue that is serviced until it is empty. The traffic sent to this queue tends to maintain a lower latency and more consistent latency numbers than traffic sent to other queues.

See Also APQ.

SPT

Shortest-path tree. An algorithm that builds a network topology that attempts to minimize the path from one router (the root) to other routers in a routing area.

SQL

Structured Query Language. International standard language used to create, modify, and select data from relational databases.

src port

Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) port for the source IP address in a packet.

SS7

Signaling System 7. A protocol used in telecommunications for delivering calls and services.

SSAP

Source service access point. Device that identifies the origin of an LPDU on a data link switching (DLSw) network.

SSB

System and Switch Board. On an M20 router, a Packet Forwarding Engine (PFE) component that performs route lookups and component monitoring and monitors Flexible PIC Concentrator (FPC) operation.

SSH

Secure Shell. A protocol that uses strong authentication and encryption for remote access across a nonsecure network. SSH provides remote login, remote program execution, file copy, and other functions. In a Unix environment, SSH is intended as a secure replacement for rlogin, rsh, and rcp.

SSH/TLS

Secure Shell with Transport Layer Security. A combination of two standard methods used to secure communications over the Internet. TLS is the name of a standard protocol based on SSL 3.0 and is defined in RFC 2246. In combination, SSH/TLS is also known as SSHv2 and uses FIPS-restricted cipher sets in a FIPS environment.

SSL

Secure Sockets Layer. A protocol that encrypts security information using public-private key technology, which requires a paired private key and authentication certificate, before transmitting data across a network.

SSM

Source-specific multicast. A service that allows a client to receive multicast traffic directly from the source. Typically, SSM uses a subset of the Physical Interface Module (PIM) Sparse-mode functionality along with a subset of IGMPv3 to create a shortest-path tree (SPT) between the client and the source, but it builds the SPT without the help of a rendezvous point (RP).

SSP

Switch-to-Switch Protocol. Protocol implemented between two data link switching (DLSw) routers that establishes connections, locates resources, forwards data, and handles error recovery and flow control.

SSRAM

Synchronous static random access memory. Used for storing routing tables, packet pointers, and other data such as route lookups, policer counters, and other statistics to which the microprocessor needs quick access.

standard AAL5 mode

Transport mode that allows multiple applications to tunnel the Protocol Data Units of their Layer 2 protocols over an Asynchronous Transfer Mode (ATM) virtual circuit. You use this transport mode to tunnel IP packets over an ATM backbone.

See Also AAL5 mode, cell-relay mode, Layer 2 circuits, trunk mode.

starvation

Problem that occurs when lower-priority traffic, such as data and protocol packets, is locked out (starved) because a higher-priority queue uses all of the available transmission bandwidth.

stateful firewall filter

Type of firewall filter that evaluates the context of connections, permits or denies traffic based on the context, and updates this information dynamically. Context includes IP source and destination addresses, port numbers, Transmission Control Protocol (TCP) sequencing information, and TCP connection flags. The context established in the first packet of a TCP session must match the context contained in all subsequent packets if a session is to remain active.

See Also stateless firewall filter.

stateful firewall recovery

Recovery strategy that preserves parameters concerning the history of connections, sessions, or application status before failure.

See Also stateless firewall recovery.

stateless firewall filter

Type of firewall filter that statically evaluates the contents of packets transiting the router and packets originating from or destined for the routing engine (RE). Packets are accepted, rejected, forwarded, or discarded and collected, logged, sampled, or subjected to classification according to a wide variety of packet characteristics. Sometimes called access control lists (ACLs) or simply firewall filters, stateless firewall filters protect the processes and resources owned by the RE. A stateless firewall filter can evaluate every packet, including fragmented packets. In contrast to a stateful firewall filter, a stateless firewall filter does not maintain information about connection states.

See Also stateful firewall filter.

stateless firewall recovery

Recovery strategy that does not attempt to preserve the history of connections, sessions, or application status before failure.

See Also stateful firewall recovery.

static LSP

See static path.

static path

In the context of traffic engineering, a static route that requires hop-by-hop manual configuration. No signaling is used to create or maintain the path. Also called a static LSP.

static route

Explicitly configured route that is entered into the routing table. Static routes have precedence over routes chosen by dynamic routing protocols.

static RP

One of three methods of learning the rendezvous point (RP) to group address mapping in a multicast network. Each router in the domain must be configured with the required RP information.

S/T interface

System reference point/terminal reference point interface. A four-pair connection between the Integrated Services Digital Network (ISDN) provider service and the customer terminal equipment.

STM

Synchronous transport module. CCITT specification for SONET at 155.52 Mbps.

strict

In the context of traffic engineering, a route that must go directly to the next address in the path. (Definition from RFC 791, modified to fit LSPs.)

strict hop

Routers in a Multiprotocol Label Switching (MPLS) named path that must be directly connected to the previous router in the configured path.

STS

Synchronous transport signal. Synchronous transport signal level 1 is the basic building block signal of SONET, operating at 51.84 Mbps. Faster SONET rates are defined as STS-n, where n is an integer by which the basic rate of 51.84 Mbps is multiplied.

See Also SONET.

stub area

In Open Shortest Path First (OSPF), an area through which, or into which, Autonomous System (AS) external advertisements are not flooded.

STU-C

Symmetric high-speed digital subscriber line (SHDSL) transceiver unit—central office. Equipment at the telephone company central office that provides SHDSL connections to remote user terminals.

STU-R

Symmetric high-speed digital subscriber line (SHDSL) transceiver unit—remote. Equipment at the customer premises that provides SHDSL connections to remote user terminals.

sub-LSP

Part of a point-to-multipoint label-switched path (LSP). A sub-LSP carries traffic from the main LSP to one of the egress Provider Edge (PE) routers. Each point-to-multipoint LSP has multiple sub-LSPs.

See Also point-to-multipoint LSP.

subnet mask

Number of bits of the network address used for the host portion of a Class A, Class B, or Class C IP address.

subrate value

Value that reduces the maximum allowable peak rate by limiting the High-level Data Link Control (HDLC)-encapsulated payload. The subrate value must exactly match that of the remote channel service unit (CSU).

summary link advertisement

Open Shortest Path First (OSPF) link-state advertisement (LSA) flooded throughout the advertisement’s associated areas by area border routers (ABRs) to describe the routes that they know about in other areas.

SVC

Switched virtual connection. A dynamically established, software-defined logical connection that stays up as long as data is being transmitted. When transmission is complete, the software tears down the SVC.

See Also PVC.

sysid

System identifier. Portion of the ISO nonclient peer. The system ID can be any six bytes that are unique throughout a domain.

syslog

System log. A method for storing messages to a file for troubleshooting or record-keeping. It can also be used as an action within a firewall filter to store information to the messages file.

T1

Basic physical layer protocol used by the Digital Signal level 1 (DS1) multiplexing method in North America. A T1 interface operates at a bit rate of 1.544 Mbps and can support 24 DS0 channels.

T3

Physical layer protocol used by the Digital Signal level 3 (DS3) multiplexing method in North America. A T3 interface operates at a bit rate of 44.736 Mbps.

TACACS+

Terminal Access Controller Access Control System Plus. Authentication method for validating users who attempt to access the router using Telnet.

tail drop

Queue management algorithm for dropping packets from the input end (tail) of the queue when the length of the queue exceeds a configured threshold.

See Also RED.

T-carrier

Generic designator for any of several digitally multiplexed telecommunications carrier systems originally developed by Bell Labs and used in North America and Japan.

TCM

Tricolor marking. Traffic policing mechanism that extends the functionality of class-of-service (CoS) traffic policing by providing three levels of drop precedence (loss priority or PLP) instead of two. There are two types of TCM: single-rate and two-rate. The JUNOS software currently supports two-rate TCM only.

See Also trTCM.

TCP

Transmission Control Protocol. Works in conjunction with IP to send data over the Internet. Divides a message into packets and tracks the packets from point of origin to destination.

tcpdump

Unix packet monitoring utility used by the JUNOS software to view information about packets sent or received by the routing engine (RE).

TCP port 179

Well-known port number used by the Border Gateway Protocol (BGP) to establish a peering session with a neighbor.

TDMA

Time-Division Multiplex Access. A type of multiplexing in which two or more channels of information are transmitted over the same link, where the channels take turns to use the link. Each link is allocated a different time interval (“slot” or “slice”) for the transmission of each channel. For the receiver to distinguish one channel from the other, some kind of periodic synchronizing signal or distinguishing identifier is required.

See Also GSM.

TEI

Terminal Endpoint Identifier. A terminal endpoint can be any Integrated Services Digital Network (ISDN)-capable device attached to an ISDN network. The TEI is a number between 0 and 127, where 0 through 63 are used for static TEI assignment, 64 through 126 are used for dynamic assignment, and 127 is used for group assignment.

terminating action

Action in a routing policy or firewall filter that halts the logical software processing of a policy or filter.

terms

Used in a routing policy or firewall filter to segment the policy or filter into small match and action pairs.

through

JUNOS software routing policy match type representing all routes that fall between the two supplied prefixes in the route filter.

Time-Division Multiplex Access

See TDMA.

time-division multiplexed channel

Channel derived from a given frequency and transmitted over a single wire or wireless medium. The channel is preassigned a time slot whether or not there is data to transmit.

timeout timer

Used in a distance-vector protocol to ensure that the current route is still usable for forwarding traffic.

TNP

Trivial Network Protocol. A Juniper Networks proprietary protocol automatically configured on an internal interface by the JUNOS software. TNP is used to communicate between the routing engine (RE) and components of the Packet Forwarding Engine (PFE), and is critical to the operation of the router.

token-bucket algorithm

Used in a rate-policing application to enforce an average bandwidth while allowing bursts of traffic up to a configured maximum value.

ToS

Type of service. The method of handling traffic using information extracted from the fields in the ToS byte to differentiate packet flows.

totally stubby area

Open Shortest Path First (OSPF) area type that prevents Type 3, 4, and 5 link state advertisements (LSAs) from entering the nonbackbone area.

traffic engineering

Process of selecting the paths chosen by data traffic to balance the traffic load on the various links, routers, and switches in the network. (Definition from http://www.ietf.org/internet-drafts/draft-ietf-mpls-framework-04.txt.)

See Also MPLS.

traffic engineering class

In Differentiated Services-aware traffic engineering, a paired class type and priority.

traffic engineering class map

In Differentiated Services-aware traffic engineering, a map among the class types, priorities, and traffic engineering classes. The traffic engineering class mapping must be consistent across the Differentiated Services domain.

traffic policing

Examines traffic flows and discards or marks packets that exceed service-level agreements (SLAs).

traffic sampling

Method used to capture individual packet information of traffic flow at a specified time period. The sampled traffic information is placed in a file and stored on a server for various types of analysis.

See Also packet capture.

traffic shaping

Reduces the potential for network congestion by placing packets in a queue with a shaper at the head of the queue. Traffic shaping tools regulate the rate and volume of traffic admitted to the network.

See Also shaping rate.

transient change

Commit-script-generated configuration change that is loaded into the checkout configuration, but not into the candidate configuration. Transient changes are not saved in the configuration if the associated commit script is deleted or deactivated.

See Also persistent change.

transient interface

Interface that can be configured on a routing platform depending on your network needs. Unlike a permanent interface that is required for router operation, a transient interface can be disabled or removed without affecting the basic operation of the router.

See Also FPC, PIC, permanent interface.

transit area

In Open Shortest Path First (OSPF), an area used to pass traffic from one adjacent area to the backbone or to another area if the backbone is more than two hops away from an area.

transit router

In Multiprotocol Label Switching (MPLS), any intermediate router in the label-switched path (LSP) between the ingress router and the egress router.

transport mode

IPSec mode of operation in which the data payload is encrypted, but the original IP header is left untouched. The IP addresses of the source or destination can be modified if the packet is intercepted. Because of its construction, transport mode can be used only when the communication endpoint and cryptographic endpoint are the same. Virtual private network (VPN) gateways that provide encryption and decryption services for protected hosts cannot use transport mode for protected VPN communications.

See Also tunnel mode.

transport plane

See data plane.

trap

Reports significant events occurring on a network device, most often errors or failures. Simple Network Management Protocol (SNMP) traps are defined in either standard or enterprise-specific Management Information Bases (MIBs).

triggered updates

Used in a distance-vector protocol to reduce the time for the network to converge. When a router has a topology change, it immediately sends the information to its neighbors instead of waiting for a timer to expire.

trTCM

Two-rate TCM polices traffic according to the color classification (loss priority) of each packet. Traffic policing is based on two rates: the committed information rate (CIR) and the peak information rate (PIR). Two-rate TCM is defined in RFC 2698, “A Two Rate Three Color Marker.”

See Also CIR, PIR.

trunk mode

Layer 2 circuit cell-relay transport mode that allows you to send Asynchronous Transfer Mode (ATM) cells between ATM2 intelligent queuing (IQ) interfaces over a Multiprotocol Label Switching (MPLS) core network. You use Layer 2 circuit trunk mode (as opposed to standard Layer 2 circuit cell-relay mode) to transport ATM cells over an MPLS core network that is implemented between other vendors’ switches or routers. The multiple connections associated with a trunk increase bandwidth and provide failover redundancy.

See Also AAL5 mode, cell-relay mode, Layer 2 circuits, standard AAL5 mode.

Tspec object

Resource Reservation Protocol (RSVP) message object that contains information such as the bandwidth request of the label-switched path (LSP) as well as the minimum and maximum packets supported.

tunnel

Private, secure path through an otherwise public network.

tunnel endpoint

Last node of a tunnel where the tunnel-related headers are removed from the packet, which is then passed on to the destination network.

tunneling protocol

Network protocol that encapsulates one protocol or session inside another. When protocol A is encapsulated within protocol B, A treats B as though it were a Data Link layer. Tunneling can be used to transport a network protocol through a network that would not otherwise support it. Tunneling can also be used to provide various types of virtual private network (VPN) functionality such as private addressing.

tunnel mode

IPSec mode of operation in which the entire IP packet, including the header, is encrypted and authenticated and a new virtual private network (VPN) header is added, protecting the entire original packet. This mode can be used by both VPN clients and VPN gateways, and protects communications that come from or go to non-IPSec systems.

See Also transport mode.

tunnel services interface

Provides the capability of a Tunnel Services PIC on an Adaptive Services PIC (ASP).

See Also Tunnel Services PIC.

Tunnel Services PIC

Physical Interface Card (PIC) that allows the router to perform the encapsulation and de-encapsulation of IP datagrams. The Tunnel Services PIC supports IP-IP, Generic Routing Encapsulation (GRE), and Physical Interface Module (PIM) register encapsulation and de-encapsulation. When the Tunnel Services PIC is installed, the router can be a PIM rendezvous point (RP) or a PIM first hop router for a source that is directly connected to the router.

TX Matrix platform

Routing platform that provides the centralized switching fabric of the routing matrix.

UDP

User Datagram Protocol. In Transmission Control Protocol/Internet Protocol (TCP/IP), a connectionless transport layer protocol that exchanges datagrams without acknowledgments or guaranteed delivery, requiring that error processing and retransmission be handled by other protocols.

U interface

User reference point interface. A single-pair connection between the local Integrated Services Digital Network (ISDN) provider and the customer premises equipment.

UME

UNI management entity. The code residing in the Asynchronous Transfer Mode (ATM) devices at each end of a UNI (user-to-network interface) circuit that functions as a Simple Network Management Protocol (SNMP) agent, maintaining network and connection information specified in a Management Information Base (MIB).

UMTS

Universal mobile telecommunications system. Provides third-generation (3G), packet-based transmission of text, digitized voice, video, and multimedia, at data rates up to 2 Mbps.

UNI

User-to-network interface. ATM Forum specification that defines an interoperability standard for the interface between a router or an Asynchronous Transfer Mode (ATM) switch located in a private network and the ATM switches located within the public carrier networks. Also used to describe similar connections in Frame Relay networks.

unicast

Operation of sending network traffic from one network node to another individual network node.

unit

JUNOS software syntax that represents the logical properties of an interface.

unnumbered interface

Logical interface that is configured without an IP address.

Update message

Border Gateway Protocol (BGP) message that advertises path attributes and routing knowledge to an established neighbor.

update timer

Used in a distance-vector protocol to advertise routes to a neighbor on a regular basis.

UPS

Uninterruptible power supply. A device that sits between a power supply and a router or other device and prevents power-source events, such as outages and surges, from affecting or damaging the device.

upto

JUNOS software routing policy match type representing all routes that share the same most-significant bits and whose prefix length is smaller than the supplied subnet in the route filter.

UTC

Coordinated Universal Time. Historically referred to as Greenwich Mean Time (GMT), a high-precision atomic time standard that tracks Universal Time (UT) and is the basis for legal civil time all over the world. Time zones around the world are expressed as positive and negative offsets from UTC.

UTRAN

UMTS Terrestrial Radio Access Network. The WCDMA radio network in UMTS.

VBR

Variable bit rate. For ATM1 and ATM2 intelligent queuing (IQ) interfaces, data that is serviced at a varied rate within defined limits. VBR traffic adds the ability to statistically oversubscribe user traffic.

VC

Virtual circuit. A software-defined logical connection between two network devices that is not a dedicated connection but acts as though it is. It can be either permanent (PVC) or switched (SVC). VCs are used in Asynchronous Transfer Mode (ATM), Frame Relay, and X.25. In EX-specific context, VC stands for “Virtual Chassis,” which refers to the interconnection of up to 10 ERX 4200s to form a single logical entity.

See Also VPI, VCI, PVC, SVC.

VCI

1. Vapor corrosion inhibitor. Small cylinder packed with the router that prevents corrosion of the chassis and components during shipment. 2. Virtual circuit identifier. A 16-bit field in the header of an Asynchronous Transfer Mode (ATM) cell that indicates the particular virtual circuit the cell takes through a virtual path. Also called a logical interface.

See Also VPI.

virtual channel

Enables queuing, packet scheduling, and accounting rules to be applied to one or more logical interfaces.

See Also virtual channel group.

virtual channel group

Combines virtual channels into a group and then applies the group to one or more logical interfaces.

See Also virtual channel.

virtual circuit

Represents a logical connection between two Layer 2 devices in a network.

virtual link

In Open Shortest Path First (OSPF), a link created between two routers that are part of the backbone but are not physically contiguous.

virtual loopback tunnel interface

See VT.

virtual path

Combination of multiple virtual circuits between two devices in an Asynchronous Transfer Mode (ATM) network.

VLAN

Virtual LAN. A logical group of network devices that appear to be on the same LAN, regardless of their physical location. VLANs are configured with management software, and are extremely flexible because they are based on logical, rather than physical, connections.

VLAN-tagged frame

Tagged frame whose tag header carries both virtual LAN (VLAN) identification and priority information.

VPI

Virtual path identifier. An 8-bit field in the header of an Asynchronous Transfer Mode (ATM) cell that indicates the virtual path the cell takes.

See Also VCI.

VPLS

Virtual private LAN service. An Ethernet-based multipoint-to-multipoint Layer 2 virtual private network (VPN) service used for interconnecting multiple Ethernet LANs across a Multiprotocol Label Switching (MPLS) backbone. VPLS is specified in the IETF draft “Virtual Private LAN Service.”

VPN

Virtual private network. A private data network that uses a public Transmission Control Protocol/Internet Protocol (TCP/IP) network, typically the Internet, while maintaining privacy with a tunneling protocol, encryption, and security procedures.

See Also tunneling protocol.

VRF instance

Virtual private network (VPN) routing and forwarding instance. A Virtual Route and Forwarding (VRF) instance for a Layer 3 VPN implementation consists of one or more routing tables, a derived forwarding table, a set of interfaces that use the forwarding table, and a set of policies and routing protocols that determine what goes into the forwarding table.

VRF table

Routing instance table that stores Virtual Route and Forwarding (VRF) routing information.

See Also VRF instance.

VRRP

Virtual Router Redundancy Protocol. On Fast Ethernet and Gigabit Ethernet interfaces, allows you to configure virtual default routers.

VT

Virtual loopback tunnel interface. VT interface that loops packets back to the Packet Forwarding Engine (PFE) for further processing, such as looking up a route in a Virtual Route and Forwarding (VRF) routing table or looking up an Ethernet Media Access Control (MAC) address. A virtual loopback tunnel interface can be associated with a variety of Multiprotocol Label Switching (MPLS) and virtual private network (VPN)-related applications, including VRF routing instances, VPLS routing instances, and point-to-multipoint label-switched paths (LSPs).

warm standby

Method that enables one backup Adaptive Services PIC (ASP) to support multiple active ASPs, without providing guaranteed recovery times.

WAN PHY

Wide Area Network Physical Layer Device. A physical layer device that allows 10 Gigabit Ethernet wide-area links to use fiber-optic cables and other devices intended for SONET/SDH.

See Also LAN PHY, PHY.

WAP

Wireless Application Protocol. A standard protocol that enables mobile users to access the Internet in a limited fashion if WAP is supported and enabled on the mobile device, server, and wireless network. WAP users can send and receive email and access websites in text format only (WAP does not support graphics).

WCDMA

Wideband Code Division Multiple Access. Radio interface technology used in most third-generation (3G) systems.

WDM

Wavelength-division multiplexing. Technique for transmitting a mix of voice, data, and video over various wavelengths (colors) of light.

WINS

Windows Internet Name Service. A Windows name resolution service for network basic input/output system (NetBIOS) names. WINS is used by hosts running NetBIOS over TCP/IP (NetBT) to register NetBIOS names and resolve NetBIOS names to IP addresses.

WRR

Weighted round-robin. Scheme used to decide the queue from which the next packet should be transmitted.

XENPAK

Standard that defines a type of pluggable fiber-optic transceiver module that is compatible with the 10 Gigabit Ethernet (10 GE) standard.

XENPAK module

10 Gigabit Ethernet fiber-optic transceiver. XENPAK modules are hot-insertable and hot-removable.

See Also MSA.

XENPAK Multisource Agreement

See MSA.

XENPAK-SR 10Base-SR XENPAK

Media type that supports a link length of 26 meters on standard Fiber Distributed Data Interface (FDDI)-grade multimode fiber (MMF). Up to 300-meter link lengths are possible with 2000 MHz/km MMF (OM3).

XENPAK-ZR 10GBase-ZR XENPAK

Media type used for long-reach, single-mode (80–120 km) 10 Gigabit Ethernet metro applications.

XFP

10 Gigabit Small Form-factor Pluggable transceiver. A transceiver that provides support for fiber-optic cables. XFPs are hot-insertable and hot-removable.

See Also SFP.

XML

Extensible Markup Language. Language used for defining a set of markers, called tags, which define the function and hierarchical relationships of the parts of a document or data set.

XML schema

Definition of the elements and structure of one or more Extensible Markup Language (XML) documents. Similar to a document type definition (DTD), but with additional information and written in XML.

XOR

Exclusive or. A logical operator (exclusive disjunction) in which the operation yields the result of true when one, and only one, of its operands is true.

XPath

Standard used in Extensible Stylesheet Language for Transformations (XSLT) to specify and locate elements in the input document’s Extensible Markup Language (XML) hierarchy. XPath is fully described in the World Wide Web Consortium (W3C) specification at http://w3c.org/TR/xpath.

XSLT

Extensible Stylesheet Language for Transformations. A standard for processing Extensible Markup Language (XML) data developed by the World Wide Web Consortium (W3C). XSLT performs XML-to-XML transformations, turning an input XML hierarchy into an output XML hierarchy. The XSLT specification is on the W3C website at http://www.w3c.org/TR/xslt.

zeroize

Process of removing all sensitive information, such as cryptographic keys and user passwords, from a router running JUNOS-FIPS.

If you enjoyed this excerpt, buy a copy of JUNOS Enterprise Switching .