Glossary - Junos Enterprise Switching

Data Encryption Standard. Triple DES.

Asynchronous Transfer Mode (ATM) adaptation layer. A series of protocols enabling various types of traffic, including voice, data, image, and video, to run over an ATM network.

Asynchronous Transfer Mode (ATM) adaptation Layer 5. One of four ATM adaptation layers (AALs) recommended by the ITU-T. AAL5 is used predominantly for the transfer of classical IP over ATM. AAL5 is the least complex of the current AAL recommendations. It offers low-bandwidth overhead and simpler processing requirements in exchange for reduced bandwidth capacity and error-recovery capability. It is a Layer 2 circuit transport mode that allows you to send ATM cells between ATM2 IQ interfaces across a Layer 2 circuit-enabled network. You use Layer 2 circuit AAL5 transport mode to tunnel a stream of AAL5-encoded ATM segmentation and reassembly Protocol Data Units (SAR-PDUs) over a Multiprotocol Label Switching (MPLS) or IP backbone.

See Also cell-relay mode, Layer 2 circuits, standard AAL5 mode, trunk mode.

Area border router. Router that belongs to more than one area. Used in Open Shortest Path First (OSPF).

See Also OSPF.

Router that acts as a server in a Point-to-Point Protocol over Ethernet (PPPoE) session—for example, an E Series router.

Method of collecting network data related to resource usage.

Address and Control Field Compression. Enables routers to transmit packets without the two 1-byte address and control fields (0xff and 0x03) which are normal for Point-to-Point Protocol (PPP)-encapsulated packets, thus transmitting less data and conserving bandwidth. ACFC is defined in RFC 1661, “The Point-to-Point Protocol (PPP).”

See Also PFC.

Route chosen from all routes in the routing table to reach a destination. Active routes are installed into the forwarding table.

Set of services or applications that you can configure on an Adaptive Services PIC (ASP). The services and applications include stateful firewall, Network Address Translation (NAT), intrusion detection services (IDSs), Internet Protocol Security (IPSec), Layer 2 Tunneling Protocol (L2TP), and voice services.

See Also tunneling protocol.

Use of an IP address as a match criterion in a routing policy or a firewall filter.

Portion of the local routing information that pertains to the reachability of a single neighbor over a single circuit or interface.

Logical software table that contains Border Gateway Protocol (BGP) routes received from a specific neighbor.

Logical software table that contains Border Gateway Protocol (BGP) routes to be sent to a specific neighbor.

Add/drop multiplexer. SONET functionality that allows lower-level signals to be dropped from a high-speed optical connection.

Asymmetrical digital subscriber line. A technology that allows more data to be sent over existing copper telephone lines, using the public switched telephone network (PSTN). ADSL supports data rates from 1.5 Mbps to 9 Mbps when receiving data (downstream rate) and from 16 Kbps to 640 Kbps when sending data (upstream rate).

Asymmetrical digital subscriber line interface. Physical WAN interface that connects a router to a digital subscriber line access multiplexer (DSLAM). An ADSL interface allocates line bandwidth asymmetrically. Downstream (provider-to-customer) data rates can be up to 8 Mbps for ADSL, 12 Mbps for ADSL2, and 25 Mbps for ADSL2+. Upstream (customer-to-provider) rates can be up to 800 Kbps for ADSL and 1 Mbps for ADSL2 and ADSL2+, depending on the implementation.

ADSL interface that supports ITU-T Standard G.992.3 and ITU-T Standard G.992.4. ADSL2 allocates downstream (provider-to-customer) data rates of up to 12 Mbps and upstream (customer-to-provider) rates of up to 1 Mbps.

ADSL interface that supports ITU-T Standard G.992.5. ADSL2+ allocates downstream (provider-to-customer) data rates of up to 25 Mbps and upstream (customer-to-provider) rates of up to 1 Mbps.

Advanced Encryption Standard. Defined in FIPS PUB 197. The AES algorithm uses keys of 128, 192, or 256 bits to encrypt and decrypt data in blocks of 128 bits.

Combination of groups of routes that have common addresses into a single entry in a routing table.

Logical bundle of physical interfaces. The aggregated interface is managed as a single interface with one IP address. Network traffic is dynamically distributed across ports, so administration of data flowing across a given port is done automatically within the aggregated link. Using multiple ports in parallel provides redundancy and increases the link speed beyond the limits of any single port.

Authentication header. A component of the IPSec protocol used to verify that the contents of a packet have not changed, and to validate the identity of the sender.

ATM line interface. Interface between Asynchronous Transfer Mode (ATM) and 3G systems.

See Also ATM.

American National Standards Institute. The U.S. representative to the International Organization for Standardization (ISO).

Access point name. When mobile stations connect to IP networks over a wireless network, the Gateway GPRS Support Node (GGSN) uses the APN to distinguish among the connected IP networks (known as APN networks). In addition to identifying these connected networks, an APN is also a configured entity that hosts the wireless sessions, which are called Packet Data Protocol (PDP) contexts.

Alternate priority queuing. Dequeuing method that has a special queue, similar to strict-priority queuing (SPQ), which is visited only 50% of the time. The packets in the special queue still have a predictable latency, although the upper limit of the delay is higher than that with SPQ. Since the other configured queues share the remaining 50% of the service time, queue starvation is usually avoided.

See Also SPQ.

Automatic Protection Switching. Technology used by SONET add/drop multiplexers (ADMs) to protect against circuit faults between the ADM and a router and to protect against failing routers.

1. Routing subdomain that maintains detailed routing information about its own internal composition as well as routing information that allows it to reach other routing subdomains. In Intermediate System-to-Intermediate System Level 1 (IS-IS), an area corresponds to a Level 1 subdomain. 2. In IS-IS and Open Shortest Path First (OSPF), a set of contiguous networks and hosts within an Autonomous System (AS) that have been administratively grouped together.

Address Resolution Protocol. Protocol used for mapping IPv4 addresses to Media Access Control (MAC) addresses.

See Also NDP.

Autonomous System. Set of routers under a single technical administration. Each AS normally uses a single Interior Gateway Protocol (IGP) and metrics to propagate routing information within the set of routers. Also called a routing domain.

Autonomous System Boundary Router. In Open Shortest Path First (OSPF), a router that exchanges routing information with routers in other Autonomous Systems (ASs).

OSPF link state advertisement (LSA) sent by an area border router (ABR) to advertise the router ID of an Autonomous System Boundary Router (ASBR) across an area boundary.

See Also ASBR.

OSPF link state advertisement (LSA) sent by Autonomous System Boundary Routers (ASBRs) to describe external routes that they have detected. These LSAs are flooded throughout the Autonomous System (AS) (except for stub areas).

Application-specific integrated circuit. Specialized processors that perform specific functions on the router.

Adaptive Services Module. On a Juniper Networks M7i router, provides the same functionality as the Adaptive Services PIC (ASP).

Any Source Multicast. A network that supports both one-to-many and many-to-many communication models. An ASM network must determine all the sources of a group and deliver all of them to interested subscribers.

Adaptive Services PIC.

See Also adaptive services.

In the Border Gateway Protocol (BGP), the route to a destination. The path consists of the Autonomous System (AS) numbers of all routers that a packet must go through to reach a destination.

Asynchronous Transfer Mode. A high-speed multiplexing and switching method utilizing fixed-length cells of 53 octets to support multiple types of traffic.

Asynchronous Transfer Mode (ATM) interface used to send network traffic through a point-to-point connection to a DSL access multiplexer (DSLAM). ATM-over-ADSL interfaces are intended for asymmetrical digital subscriber line (ADSL) connections only, not for direct ATM connections.

Smallest possible operation. An atomic operation is performed either entirely or not at all. For example, if machine failure prevents a transaction from completing, the system is rolled back to the start of the transaction, with no changes taking place.

Authentication center. Part of the Home Location Register (HLR) in third-generation (3G) systems; performs computations to verify and authenticate a mobile phone user.

Policer that allows you to provide strict service guarantees for network traffic. Such guarantees are especially useful in the context of differentiated services for traffic-engineered label-switched paths (LSPs), providing better emulation for Asynchronous Transfer Mode (ATM) wires over a Multiprotocol Label Switching (MPLS) network.

Used by Ethernet devices to configure interfaces automatically. If interfaces support different speeds or different link modes (half duplex or full duplex), the devices attempt to settle on the lowest common denominator.

OSPF link state advertisement (LSA) sent by Autonomous System Boundary Routers (ASBRs) to describe external routes that they have detected. These LSAs are flooded throughout the Autonomous System (AS) (except for stub areas).

In the Border Gateway Protocol (BGP), the route to a destination. The path consists of the Autonomous System (AS) numbers of all the routers a packet must pass through to reach a destination.

Method of electing and announcing the rendezvous point-to-group address mapping in a multicast network. JUNOS software supports this vendor-proprietary specification.

See Also RP.

In Open Shortest Path First (OSPF), an area that consists of all networks in area ID 0.0.0.0, their attached routers, and all area border routers (ABRs).

Open Shortest Path First (OSPF) router with all operational interfaces within area 0.0.0.0.

See midplane.

Open Shortest Path First (OSPF) router on a broadcast segment that monitors the operation of the designated router and takes over its functions if the designated router fails.

Behavior aggregate classifier. A method of classification that operates on a packet as it enters the router. The packet header contents are examined, and this single field determines the class-of-service (CoS) settings applied to the packet.

See Also multifield classifier.

Range of transmission frequencies a network can use, expressed as the difference between the highest and lowest frequencies of a transmission channel. In computer networks, greater bandwidth indicates a faster data transfer rate capacity.

In Differentiated Services-aware traffic engineering, determines the value of the available bandwidth advertised by the Interior Gateway Protocols (IGPs).

1. A technique to temporarily provide additional capacity on a link to handle bursts in data, videoconferencing, or other variable bit rate applications. Also called flexible bandwidth allocation. 2. On a Services Router, an Integrated Services Digital Network (ISDN) cost-control feature defining the bandwidth threshold that must be reached on links before a Services Router initiates additional ISDN data connections to provide more bandwidth.

Bearer channel. A 64 Kbps channel used for voice or data transfer on an Integrated Services Digital Network (ISDN) interface.

See Also D-channel.

Backward explicit congestion notification. In a Frame Relay network, a header bit transmitted by the destination device requesting that the source device send data more slowly. BECN minimizes the possibility that packets will be discarded when more packets arrive than can be handled.

See Also FECN.

Algorithm used in distance-vector routing protocols to determine the best path to all routes in the network.

Bit error rate test. A test that can be run on the following interfaces to determine whether they are operating properly: E1, E3, T1, T3, and channelized (DS3, OC3, OC12, and STM1) interfaces.

Bidirectional Forwarding Detection. A simple hello mechanism that detects failures in a network. Used with routing protocols to speed up failure detection.

Border Gateway Protocol. Exterior gateway protocol used to exchange routing information among routers in different Autonomous Systems (ASs).

Use of fields in the header of an IP packet as match criteria in a firewall filter.

Number of bits transmitted per second.

Building Integrated Timing Source. Dedicated timing source that synchronizes all equipment in a particular building.

Unpatented, symmetric cryptographic method developed by Bruce Schneier and used in many commercial and freeware software applications. Blowfish uses variable-length keys of up to 448 bits.

Bootstrap protocol. A User Datagram Protocol (UDP)/IP-based protocol that allows a booting host to configure itself dynamically and without user supervision. BOOTP provides a means to notify a host of its assigned IP address, the IP address of a boot server host, and the name of a file to be loaded into memory and executed. Other configuration information, such as the local subnet mask, the local time offset, the addresses of default routers, and the addresses of various Internet servers, can also be communicated to a host using BOOTP.

Single router in a multicast network responsible for distributing candidate rendezvous point (RP) information to all Physical Interface Module (PIM)-enabled routers.

Bridge Protocol Data Unit. A Spanning Tree Protocol (STP) hello packet that is sent out at intervals to exchange information across bridges and detect loops in a network topology.

Basic Rate Interface. Integrated Services Digital Network (ISDN) interface intended for home and small enterprise applications. BRI consists of two 64 Kbps B-channels to carry voice or data, and one 16 Kbps D-channel for control and signaling.

See Also B-channel, D-channel.

Device that uses the same communications protocol to connect and pass packets between two network segments. A bridge operates at Layer 2 of the Open Systems Interconnection (OSI) reference model.

Operation of sending network traffic from one network node to all other network nodes.

Base station controller. Key network node in third-generation (3G) systems that supervises the functioning and control of multiple base transceiver stations.

Base station subsystem. Composed of the base transceiver station (BTS) and base station controller (BSC).

Base Station System GPRS Protocol. Processes routing and quality-of-service (QoS) information for the base station subsystem (BSS).

Base transceiver station. Mobile telephony equipment housed in cabinets and collocated with antennas. (Also known as a radio base station.)

Memory space for handling data in transit. Buffers compensate for differences in processing speed between network devices and handle bursts of data until they can be processed by slower devices.

1. Multiple physical links of the same type, such as multiple asynchronous lines, or physical links of different types, such as leased synchronous lines and dial-up asynchronous lines. 2. Collection of software that makes up a JUNOS software release.

Carries traffic for a label-switched path (LSP) whose link-protected interface has failed. A bypass LSP uses a different interface and path to reach the same destination.

Certificate authority. A trusted third-party organization that creates, enrolls, validates, and revokes digital certificates. The CA guarantees a user’s identity and issues public and private keys for message encryption and decryption (coding and decoding).

Call admission control. In Differentiated Services-aware traffic engineering, checks for adequate bandwidth on the path before the label-switched path (LSP) is established. If the bandwidth is insufficient, the LSP is not established and an error is reported.

Cooperative Association for Internet Data Analysis. An association that provides tools and analyses promoting the engineering and maintenance of a robust, scalable Internet infrastructure. One tool, cflowd, allows you to collect an aggregate of sampled flows and send the aggregate to a specified host that runs the cflowd application available from CAIDA.

Alternative feature to dial-in that enables a J Series services router to call back the caller from the remote end of a backup Integrated Services Digital Network (ISDN) connection. Instead of accepting a call from the remote end of the connection, the router rejects the call, waits a configured period of time, and calls a number configured on the router’s dialer interface.

See Also dial-in.

Telephone number of the caller on the remote end of a backup Integrated Services Digital Network (ISDN) connection, used to dial in and to identify the caller. Multiple caller IDs can be configured on an ISDN dialer interface. During dial-in, the router matches the incoming call’s caller ID against the caller IDs configured on its dialer interfaces. Each dialer interface accepts calls only from callers whose caller IDs are configured on it.

Customized Applications of Mobile Enhanced Logic. An ETSI standard for GSM networks that enhances the provision of Intelligent Network services.

File maintained by the JUNOS software containing changes to the router’s active configuration. This file becomes the active configuration when a user issues the commit command.

Information sent by routers in a multicast network when they are configured as a local rendezvous point (RP). This information is unicast to the bootstrap router for the multicast domain.

Virtual private network (VPN) service supplied to a network service provider that is supplying either Internet service or VPN service to an end customer. For a carrier-of-carriers VPN, the customer’s sites are configured within the same Autonomous System (AS).

Control Board. On a T640 routing node, part of the host subsystem that provides control and monitoring functions for router components.

Cipher block chaining. A mode of encryption using 64 or 128 bits of fixed-length blocks in which each block of plain text is XORed with the previous cipher text block before being encrypted.

See Also XOR.

Constant bit rate. For ATM1 and ATM2 intelligent queuing (IQ) interfaces, data that is serviced at a constant, repetitive rate. CBR is used for traffic that does not need to periodically burst to a higher rate, such as nonpacketized voice and audio.

Circuit cross-connect. A JUNOS software feature that allows you to configure transparent connections between two circuits. A circuit can be a Frame Relay data-link connection identifier (DLCI), an Asynchronous Transfer Mode (ATM) virtual channel, a Point-to-Point Protocol (PPP) interface, a Cisco High-Level Data Link Control (HDLC) interface, or a Multiprotocol Label Switching (MPLS) label-switched path (LSP).

Code Division Multiple Access. Technology for digital transmission of radio signals between, for example, a mobile telephone and a base transceiver station (BTS).

Radio transmission and backbone technology for the evolution to third-generation (3G) mobile networks.

Call Detail Record. A record containing data (such as origination, termination, length, and time of day) unique to a specific call.

Customer edge device. Router or switch in the customer’s network that is connected to a service provider’s provider edge (PE) router and participates in a Layer 3 virtual private network (VPN).

Data transmission technology based on the use of small, fixed-size packets (cells) that can be processed and switched in hardware at high speeds. Cell relay is the basis for many high-speed network protocols, including Asynchronous Transfer Mode (ATM) and IEEE 802.6.

Layer 2 circuit transport mode that sends Asynchronous Transfer Mode (ATM) cells between ATM2 intelligent queuing (IQ) interfaces over a Multiprotocol Label Switching (MPLS) core network. You use Layer 2 circuit cell-relay transport mode to tunnel a stream of ATM cells over an MPLS or IP backbone.

See Also AAL5 mode, Layer 2 circuits, standard AAL5 mode, trunk mode.

Physical transmission capacity used by header information when sending data packets in an Asynchronous Transfer Mode (ATM) network. Each ATM cell uses a 5-byte header.

Compact Forwarding Engine Board. In M7i and M10i routers, provides route lookup, filtering, and switching to the destination port.

Application available from CAIDA that collects an aggregate of sampled flows and sends the aggregate to a specified host running the cflowd application.

Cubic feet per minute. Measure of air flow in volume per minute.

Communication circuit linking two or more devices. A channel provides an input/output interface between a processor and a peripheral device, or between two systems. A single physical circuit can consist of one or many channels, or two systems carried on a physical wire or wireless medium. For example, the dedicated channel between a telephone and the central office (CO) is a twisted-pair copper wire.

See Also frequency-division multiplexed channel, time-division multiplexed channel.

Combination of DS0 interfaces partitioned from a channelized interface into a single logical bundle.

A 2.048 Mbps interface that can be configured as a single clear-channel E1 interface or channelized into as many as 31 discrete DS0 interfaces. On most channelized E1 interfaces, time slots are numbered from 1 through 32, and time slot 1 is reserved for framing. On some legacy channelized E1 interfaces, time slots are numbered from 0 through 31, and time slot 0 is reserved for framing.

Interface that is a subdivision of a larger interface, minimizing the number of Physical Interface Cards (PICs) or Physical Interface Modules (PIMs) that an installation requires. On a channelized PIC or PIM, each port can be configured as a single clear channel or partitioned into multiple discrete T3, T1, E1, and DS0 interfaces, depending on the size of the channelized PIC or PIM.

A 1.544 Mbps interface that can be configured as a single clear-channel T1 interface or channelized into as many as 24 discrete DS0 interfaces. Time slots are numbered from 1 through 24.

Challenge Handshake Authentication Protocol. A protocol that authenticates remote users. CHAP is a server-driven, three-step authentication mechanism that depends on a shared secret password that resides on both the server and the client.

Chassis daemon. A JUNOS software process responsible for managing the interaction of the router’s physical components.

Classless Inter-Domain Routing. A method of specifying Internet addresses in which you explicitly specify the bits of the address to represent the network address instead of determining this information from the first octet of the address.

Connector Interface Panel. On an M160 router, the panel that contains connectors for the routing engines (REs), BITS interfaces, and alarm relay contacts.

Committed information rate. The CIR specifies the average rate at which packets are admitted to the network. As each packet enters the network, it is counted. Packets that do not exceed the CIR are marked green, which corresponds to low loss priority. Packets that exceed the CIR but are below the peak information rate (PIR) are marked yellow, which corresponds to medium loss priority.

See Also trTCM, PIR.

Message advertised into a multicast network by a router configured as a local rendezvous point (RP) in an auto-RP network. A Cisco-RP-Announce message is advertised in Dense-mode Physical Interface Module (PIM) to the 224.0.1.39 multicast group address.

Message advertised by the mapping agent in an auto-RP network. A Cisco-RP-Discovery message contains the rendezvous point (RP) to multicast group address assignments for the domain. It is advertised in Dense-mode Physical Interface Module (PIM) to the 224.0.1.40 multicast group address.

In class of service (CoS), the examination of an incoming packet that associates the packet with a particular CoS servicing level. There are two kinds of classifiers: behavior aggregate (BA) and multifield.

See Also BA classifier, multifield classifier.

Method of reading a sequence of bits in a packet header or label and determining how the packet should be forwarded internally and scheduled (queued) for output.

In Differentiated Services-aware traffic engineering, a collection of traffic flows that are treated equally in a Differentiated Services domain. A class type maps to a queue and is much like a class-of-service (CoS) forwarding class in concept. It is also known as a traffic class.

Interface configured on a channelized Physical Interface Card (PIC) or Physical Interface Module (PIM) that operates as a single channel, does not carry signaling, and uses the entire port bandwidth.

(Pronounced “see-lek.”) Competitive local exchange carrier. Company that competes with the already established local telecommunications business by providing its own network and switching.

Common Language Equipment Identifier. Inventory code used to identify and track telecommunications equipment.

Command-line interface. Interface provided for configuring and monitoring the routing protocol software.

In a Border Gateway Protocol (BGP) route reflection, a member of a cluster that is not the route reflector.

See Also nonclient peer.

Connectionless Network Protocol. An ISO-developed protocol for Open Systems Interconnection (OSI) connectionless network service. CLNP is the OSI equivalent of IP.

Connectionless Network Service. A Layer 3 protocol, similar to Internet Protocol version 4 (IPv4). CLNS uses network service access points (NSAPs) instead of the prefix addresses found in IPv4 to specify end systems and intermediate systems.

In the Border Gateway Protocol (BGP), a set of routers that have been grouped together. A cluster consists of one system that acts as a route reflector, along with any number of client peers. The client peers receive their route information only from the route reflector system. Routers in a cluster do not need to be fully meshed.

Central office. The local telephone company building that houses circuit-switching equipment used for subscriber lines in a given area.

Name assigned to a pattern of code-point bits. This name is used, instead of the bit pattern, in the configuration of other class-of-service (CoS) components, such as classifiers, drop-profile maps, and rewrite rules.

Function of a router’s command-line interface (CLI) that allows a user to enter only the first few characters in any command. Users access this function through the space bar or Tab key.

JUNOS software command-line interface (CLI) configuration-mode command that saves changes made to a router configuration, verifies the syntax, applies the changes to the configuration currently running on the router, and identifies the resultant file as the current operational configuration.

Script that enforces custom configuration rules. A script runs each time a new candidate configuration is committed and inspects the configuration. If a configuration breaks your custom rules, the script can generate actions for the JUNOS software.

Sequence of commands that allows you to create custom configuration syntax to simplify the task of configuring a routing platform. By itself, your custom syntax has no operational impact on the routing platform. A corresponding commit script macro uses your custom syntax as input data for generating standard JUNOS configuration statements that execute your intended operation.

1. In the Border Gateway Protocol (BGP), a group of destinations that share a common property. Community information is included as one of the path attributes in BGP update messages. 2. In the Simple Network Management Protocol (SNMP), an authentication scheme that authorizes SNMP clients based on the source IP address of incoming SNMP packets, defines which Management Information Base (MIB) objects are available, and specifies the operations (read-only or read-write) allowed on those objects.

In the Border Gateway Protocol (BGP), a group of systems that appears to external Autonomous Systems (ASs) as a single AS.

JUNOS software mode that allows a user to alter the router’s current configuration.

Border Gateway Protocol (BGP) neighbor state in which the local router has initiated the Transmission Control Protocol (TCP) session and is waiting for the remote peer to complete the TCP connection.

In traffic engineering, a path determined using the CSPF algorithm. The ERO carried in the Resource Reservation Protocol (RSVP) packets contains the constrained path information.

See Also ERO.

Node that the Extensible Stylesheet Language for Transformations (XSLT) processor is currently examining. XSLT changes the context as it traverses the XML document’s hierarchy.

See Also XSLT.

Function of the router’s command-line interface (CLI) that allows a user to request information on the JUNOS software hierarchy. You can access context-sensitive help in both operational and configuration modes.

Active IP routes in the routing table that share the same most-significant bits and are more specific than an aggregate or generated route.

Virtual network path used to set up, maintain, and terminate data plane connections.

See Also data plane.

Central backbone of the network.

Class of service. Method of classifying traffic on a packet-by-packet basis using information in the type-of-service (ToS) byte to provide different service levels to different traffic.

Class-of-service (CoS) process that enables the routing platform to provide different levels of service to applications based on packet classifications.

Customer premises equipment. Telephone, modem, router, or other service provider equipment located at a customer site.

Mechanisms used by a Communication Workers of America craftsperson to operate, administer, and maintain equipment or provision data communications. On a Juniper Networks router, the craft interface allows you to view status and troubleshooting information and perform system control functions.

Certificate revocation list. A list of digital certificates that have been invalidated, including the reasons for revocation and the names of the entities that issued them. A CRL prevents usage of digital certificates and signatures that have been compromised.

Compressed Real-time Transport Protocol. Protocol that decreases the size of the IP, User Datagram Protocol (UDP), and Real-Time Transport Protocol (RTP) headers and works with reliable and fast point-to-point links for Voice over IP traffic. CRTP is defined in RFC 2508.

Processor card that speeds up certain cryptographic IP Security (IPSec) services on some J Series services routers. For the supported cryptographic algorithms, see the J Series documentation.

Superuser responsible for the proper operation of a router running JUNOS-FIPS software.

Class Selector code point. Eight Differentiated Services code point (DSCP) values of the form xxx000 (where x can be 0 or 1). Defined in RFC 2474.

Complete sequence number PDU. Packet that contains a complete list of all the label-switched paths (LSPs) in the Intermediate System-to-Intermediate System Level 1 (IS-IS) database.

Critical Security Parameter. On routers running JUNOS-FIPS software, a collection of cryptographic keys and passwords that must be protected at all times.

Constrained Shortest Path First. A Multiprotocol Label Switching (MPLS) algorithm that has been modified to take into account specific restrictions when calculating the shortest path across the network.

Channel service unit/data service unit. A channel service unit connects a digital phone line to a multiplexer or other digital signal device. A data service unit connects a data terminating equipment (DTE) device to a digital phone line.

Concurrent Versions System. A widely used version control system for software development or data archives.

Background process that performs operations for the system software and hardware. Daemons normally start when the system software is booted, and run as long as the software is running. In the JUNOS software, daemons are also referred to as processes.

Method of reducing the number of update messages sent between Border Gateway Protocol (BGP) peers, thereby reducing the load on these peers without adversely affecting the route convergence time for stable routes.

Open Shortest Path First (OSPF) packet type used in the formation of an adjacency. The packet sends summary information about the local router’s database to the neighboring router.

Data-driven multicast distribution tree (MDT) tunnel. A multicast tunnel created and deleted based on defined traffic loads and designed to ease loading on the default MDT tunnel.

Chunk of data transiting the router from the source to a destination.

Virtual network path used to distribute data between nodes.

See Also control plane.

Device control process. A JUNOS software interface process (daemon).

Data circuit-terminating equipment. An RS-232C device, typically used for a modem or printer, or a network access and packet switching node.

Delta channel. A circuit-switched channel that carries signaling and control for B-channels. In Basic Rate Interface (BRI) applications, it can also support customer packet data traffic at speeds up to 9.6 kbps.

See Also B-channel, BRI.

Destination class usage. A means of tracking traffic originating from specific prefixes on the customer edge router and destined for specific prefixes on the provider core router, based on the IP source and destination addresses.

Discard-eligible bit. In a Frame Relay network, a header bit notifying devices on the network that traffic can be dropped during congestion to ensure the delivery of higher-priority traffic.

Method of modifying the router’s active configuration. Portions of the hierarchy marked as inactive using this command are ignored during the router’s commit process as though they were not configured at all.

Amount of time that an Open Shortest Path First (OSPF) router maintains a neighbor relationship before declaring that neighbor as no longer operational. The JUNOS software uses a default value of 40 seconds for this timer.

See DPD.

Router address that is used as the source address on unnumbered interfaces.

Route used to forward IP packets when a more specific route is not present in the routing table. Often represented as 0.0.0.0/0, the default route is sometimes referred to as the route of last resort.

Network segment whose cost varies with usage, according to a service level agreement (SLA) with a service provider. Demand circuits limit traffic based on either bandwidth (bits or packets transmitted) or access time.

See Also multicast.

Method of forwarding multicast traffic to interested listeners. Dense mode forwarding assumes that most of the hosts on the network will receive the multicast data. Routers flood packets and prune unwanted traffic every three minutes.

Data Encryption Standard. A method for encrypting information using a 56-bit key. Considered to be a legacy method and insecure for many applications.

See Also 3DES.

In Open Shortest Path First (OSPF), a router selected by other routers that is responsible for sending link state advertisements (LSAs) that describe the network, thereby reducing the amount of network traffic and the size of the routers’ topological databases.

Number of bits of the network address used for the host portion of a Classless Inter-Domain Routing (CIDR) IP address.

Dynamic flow capture. Process of collecting packet flows that match a particular filter list to one or more content destinations using an on-demand control protocol that relays requests from one or more control sources.

Dynamic Host Configuration Protocol. Allocates IP addresses dynamically so that they can be reused when no longer needed.

Feature that reestablishes network connectivity through one or more backup Integrated Services Digital Network (ISDN) dialer interfaces after a primary interface fails. When the primary interface is reestablished, the ISDN interface is disconnected.

Stateless firewall filter that enables dial-on-demand routing backup when applied to a physical Integrated Services Digital Network (ISDN) interface and its dialer interface configured as a passive static route. The passive static route has a lower priority than dynamic routes. If all dynamic routes to an address are lost from the routing table and the router receives a packet for that address, the dialer interface initiates an ISDN backup connection and sends the packet over it.

See Also dial-on-demand routing (DDR) backup, floating static route.

Logical interface for configuring dialing properties and the control interface for a backup Integrated Services Digital Network (ISDN) connection.

Set of characteristics configured for the Integrated Services Digital Network (ISDN) dialer interface. Dialer profiles allow the configuration of physical interfaces to be separated from the logical configuration of dialer interfaces required for ISDN connectivity. This feature also allows physical and logical interfaces to be bound together dynamically on a per-connection basis.

Dial-on-demand routing (DDR) backup feature that provides reliable connectivity without relying on a dialer filter to activate the Integrated Services Digital Network (ISDN) interface. The ISDN dialer interface monitors the existence of each route on a watch list. If all routes on the watch list are lost from the routing table, dialer watch initiates the ISDN interface for failover connectivity.

See Also dial-on-demand routing (DDR) backup.

Feature that enables J Series services routers to receive calls from the remote end of a backup Integrated Services Digital Network (ISDN) connection. The remote end of the ISDN call might be a service provider, a corporate central location, or a customer premises equipment (CPE) branch office. All incoming calls can be verified against caller IDs configured on the router’s dialer interface.

See Also callback.

Feature that provides a J Series services router with full-time connectivity across an Integrated Services Digital Network (ISDN) line. When routes on a primary serial T1, E1, T3, E3, Fast Ethernet, or Point-to-Point Protocol over Ethernet (PPPoE) interface are lost, an ISDN dialer interface establishes a backup connection. To save connection time costs, the services router drops the ISDN connection after a configured period of inactivity. Services routers with ISDN interfaces support two types of DDR backup: on-demand routing with a dialer filter and with a dialer watch.

See Also dialer filter, dialer watch.

Type of constraint-based routing that can enforce different bandwidth constraints for different classes of traffic. It can also perform call admission control (CAC) on each traffic engineering class when a label-switched path (LSP) is established.

Routers in a network that have Differentiated Services enabled.

Method of key exchange across a nonsecure environment, such as the Internet. The Diffie-Hellman algorithm negotiates a session key without sending the key itself across the network by allowing each party to pick a partial key independently and send part of it to each other. Each side then calculates a common key value. This is a symmetrical method and keys are typically used for only a short time, then discarded and regenerated.

Differentiated Services (based on RFC 2474). DiffServ uses the type-of-service (ToS) byte to identify different packet flows on a packet-by-packet basis. DiffServ adds a Class Selector code point (CSCP) and a Differentiated Services code point (DSCP).

Paradigm that gives different treatment to traffic based on the experimental (EXP) bits in the Multiprotocol Label Switching (MPLS) label header and allows you to provide multiple classes of service (CoS).

Electronic file based on private and public key technology that verifies the identity of the certificate’s holder to protect data exchanged online. Digital certificates are issued by a certificate authority (CA).

See SPF.

Dual inline memory module. A 168-pin memory module that supports 64-bit data transfer.

See interface routes.

Method of modifying the router’s active configuration. When portions of the hierarchy are marked as disabled (mainly router interfaces), the router uses the configuration but ignores the disabled portions.

JUNOS software syntax command used in a routing policy or a firewall filter. The command halts the logical processing of the policy or filter when a set of match conditions is met. The specific route or IP packet is dropped from the network silently. It can also be a next hop attribute assigned to a route in the routing table.

Method used in Bellman-Ford routing protocols to determine the best path to all routers in the network. Each router determines the distance (metric) to the destination and the vector (next hop) to follow.

Juniper Networks ASIC responsible for managing the router’s packet storage memory.

Data-link connection identifier. Identifier for a Frame Relay virtual connection (also called a logical interface).

Data link switching. Method of tunneling IBM System Network Architecture (SNA) and NetBIOS traffic over an IP network. (The JUNOS software does not support NetBIOS.)

See Also tunneling protocol.

Path formed by establishing data link control (DLC) connections between an end system and a local router configured for DLSw. Each DLSw circuit is identified by the circuit ID that includes the end system Media Access Control (MAC) address, local service access point (LSAP), and DLC port ID. Multiple DLSw circuits can operate over the same DLSw connection.

Set of Transmission Control Protocol (TCP) connections between two data link switching (DLSw) peers that is established after the initial handshake and successful capabilities exchange.

Domain Name System. A system that stores information about hostnames and domain names. DNS provides an IP address for each hostname, and lists the email exchange servers accepting email addresses for each domain.

Denial of service. A system security breach in which network services become unavailable to users.

Dead peer detection. Protocol that recognizes the loss of the primary IPSec Internet Key Exchange (IKE) peer and establishes a secondary IPSec tunnel to a backup peer.

Dynamic random access memory. Storage source on the router that can be accessed quickly by a process.

Percentage value that expresses the likelihood that an individual packet will be dropped from the network.

See Also drop profile.

Mechanism of random early detection (RED) that defines parameters that allow packets to be dropped from the network. When you configure drop profiles, there are two important values: the queue fullness and the drop probability.

See Also drop probability, queue fullness, RED.

Destination service access point. Service access point (SAP) that identifies the destination for which a Logical Link Control Protocol Data Unit (LPDU) is intended.

Digital signal level 0. In T-carrier systems, a basic digital signaling rate of 64 Kbps. The DS0 rate forms the basis for the North American digital multiplex transmission hierarchy.

Digital signal level 1. In T-carrier systems, a digital signaling rate of 1.544 Mbps. A standard used in telecommunications to transmit voice and data among devices. Also known as T1.

See Also T1.

Digital signal level 3. In T-carrier systems, a digital signaling rate of 44.736 Mbps. This level of carrier can transport 28 DS1-level signals and 672 DS0-level channels within its payload. Also known as T3.

See Also T3.

Differentiated Services code point or DiffServ code point. Values for a 6-bit field defined for IPv4 and IPv6 packet headers that can be used to enforce class-of-service (CoS) distinctions in routers.

Data service unit. A device used to connect data terminal equipment (DTE) to a digital phone line. DSU converts digital data from a router to voltages and encoding required by the phone line.

See Also CSU/DSU.

Dynamic Tasking Control Protocol. A means of communicating filter requests and acknowledgments between one or more clients and a monitoring platform, used in dynamic flow capture (DFC) and flow-tap configurations. The protocol is defined in Internet draft draft-cavuto-dtcp-00.txt.

Document type definition. Defines the elements and structure of an Extensible Markup Language (XML) document or data set.

Data terminal equipment. An RS-232-C interface that a computer uses to exchange information with a serial device.

Distance Vector Multicast Routing Protocol. Distributed multicast routing protocol that dynamically generates IP multicast delivery trees using a technique called reverse-path multicasting (RPM) to forward multicast traffic to downstream interfaces.

Dense wavelength-division multiplexing. Technology that enables data from different sources to be carried together on an optical fiber, with each signal carried on its own separate wavelength.

Multiprotocol Label Switching (MPLS) network path established by signaling protocols such as the Resource Reservation Protocol (RSVP) and Label Distribution Protocol (LDP).

High-speed WAN digital communications protocol that operates at a rate of 2.048 Mbps.

High-speed WAN digital communications protocol that operates at a rate of 34.368 Mbps and uses time-division multiplexing to carry 16 E1 circuits.

Common Criteria Evaluation Assurance Level 3. Evaluation Assurance Level is an assurance and compliance requirement defined by Common Criteria. Higher levels have more stringent requirements.

External BGP. A Border Gateway Protocol (BGP) configuration in which sessions are established between routers in different Autonomous Systems (ASs).

E stands for European. Standards that form part of the Synchronous Digital Hierarchy (SDH), in which groups of E1 circuits are bundled onto higher-capacity E3 links between telephone exchanges or countries. E-carrier standards are used just about everywhere in the world except North America and Japan, and are incompatible with the T-carrier standards.

Error checking and correction. The process of detecting errors during the transmission or storage of digital data and correcting them automatically. This usually involves sending or storing extra bits of data according to specified algorithms.

Exchange Carriers Standards Association. A standards organization created after the divestiture of the Bell System to represent the interests of interexchange carriers.

In Multiprotocol Label Switching (MPLS), a router located at the beginning or end of a label-switching tunnel. An edge router at the beginning of a tunnel applies labels to new packets entering the tunnel. An edge router at the end of a tunnel removes labels from packets exiting the tunnel.

See Also MPLS.

Shortcut keystrokes used within the router’s command-line interface (CLI). These macros move the cursor and delete characters based on the sequence you specify.

Exterior Gateway Protocol; an example is the Border Gateway Protocol (BGP).

In Multiprotocol Label Switching (MPLS), the last router in a label-switched path (LSP).

See Also ingress router.

Electronic Industries Association. A U.S. trade group that represents manufacturers of electronic devices and sets standards and specifications.

Serial interface that employs the EIA-530 standard for the interconnection of data terminating equipment (DTE) and data circuit-terminating equipment (DCE).

Equipment identity register. A mobile network database that contains information about devices using the network.

Software used by a Juniper Networks router to operate the physical router components.

Electromagnetic interference. Any electromagnetic disturbance that interrupts, obstructs, or otherwise degrades or limits the effective performance of electronics or electrical equipment.

In Intermediate System-to-Intermediate System Level 1 (IS-IS), a network entity that sends and receives packets.

Early packet discard. For ATM2 interfaces only, a limit on the number of transmit packets that can be queued. Packets that exceed the limit are dropped.

See Also queue length.

Explicit Route Object. An extension to the Resource Reservation Protocol (RSVP) that allows an RSVP PATH message to traverse an explicit sequence of routers that is independent of conventional shortest-path IP routing.

Electrostatic discharge. Stored static electricity that can damage electronic equipment and impair electrical circuitry when released.

End System-to-Intermediate System. Protocol that resolves Layer 3 ISO network service access points (NSAPs) to Layer 2 addresses. ES-IS resolution is similar to the way the Address Resolution Protocol (ARP) resolves Layer 2 addresses for IPv4.

Encapsulating Security Payload. A protocol for securing packet flows for IPSec using encryption, data integrity checks, and sender authentication, which are added as a header to an IP packet. If an ESP packet is successfully decrypted, and no other party knows the secret key the peers share, the packet was not wiretapped in transit.

See Also AH.

Border Gateway Protocol (BGP) neighbor state that represents a fully functional BGP peering session.

Local area network (LAN) technology used for transporting information from one location to another, formalized in the IEEE standard 802.3. Ethernet uses either coaxial cable or twisted-pair cable. Transmission speeds for data transfer range from the original 10 Mbps, to Fast Ethernet at 100 Mbps, to Gigabit Ethernet at 1000 Mbps.

European Telecommunications Standardization Institute. A nonprofit organization that produces voluntary telecommunications standards used throughout Europe.

Event policy process that performs configured actions in response to events on a routing platform that trigger system log messages.

JUNOS software routing policy match type that represents only the route specified in a route filter.

IP packet that is not processed by the normal packet flow through the Packet Forwarding Engine. Exception packets include local delivery information, expired Time to Live (TTL) packets, and packets with an IP option specified.

Open Shortest Path First (OSPF) adjacency state in which two neighboring routers are actively sending database description packets to each other to exchange their database contents.

Experimental bits, also known as the class-of-service (CoS) bits, located in each Multiprotocol Label Switching (MPLS) label and used to encode the CoS value of a packet as it traverses a label-switched path (LSP).

Placing of routes from the routing table into a routing protocol.

Open Shortest Path First (OSPF) adjacency state in which the neighboring routers negotiate to determine which router is in charge of the synchronization process.

See XML.

Cost included in a route when Open Shortest Path First (OSPF) exports route information from external Autonomous Systems (ASs). There are two types of external metrics: Type 1 and Type 2. Type 1 external metrics are equivalent to the link-state metric; that is, the cost of the route, used in the internal AS. Type 2 external metrics are greater than the cost of any path internal to the AS.

Forwarding adjacency. Resource Reservation Protocol (RSVP) label-switched path (LSP) tunnel through which one or more other RSVP LSPs can be tunneled.

Identify a packet as high or low priority based on its forwarding class, and associate schedulers with the fabric priorities.

Process by which a standby or secondary system component automatically takes over the functions of an active or primary component when the primary component fails or is temporarily shut down or removed for servicing. During failover, the system continues to perform normal operations with little or no interruption in service.

See Also GRES.

Term encompassing a number of Ethernet standards that carry traffic at the nominal rate of 100 Mbps, instead of the original Ethernet speed of 10 Mbps.

See Also Ethernet, Gigabit Ethernet.

Fast Ethernet port on a J4300 services router, and either a Fast Ethernet port or DS3 port on a J6300 services router. Only enabled ports are counted. A two-port Fast Ethernet Physical Interface Module (PIM) with one enabled port counts as one fast port. The same PIM with both ports enabled counts as two fast ports.

Mechanism for automatically rerouting traffic on a label-switched path (LSP) if a node or link in an LSP fails, thus reducing the loss of packets traveling over the LSP.

Filter-based forwarding. A filter that classifies packets to determine their forwarding path within a router. FBF is used to redirect traffic for analysis.

Frame check sequence. A calculation that is added to a frame for error control. FCS is used in High-level Data Link Control (HDLC), Frame Relay, and other Data Link layer protocols.

Fiber Distributed Data Interface. A set of ANSI protocols for sending digital data over fiber-optic cable. FDDI networks are token-passing networks, and support data rates of up to 100 Mbps (100 million bits). FDDI networks are typically used as backbones for WANs.

Far-end alarm and control. A T3 signal used to send alarm or status information from the far-end terminal back to the near-end terminal, and to initiate T3 loopbacks at the far-end terminal from the near-end terminal.

Forwarding Engine Board. In M5 and M10 routers, provides route lookup, filtering, and switching to the destination port.

Forwarding equivalence class. Criterion used to forward a set of packets, with similar or identical characteristics, using the same Multiprotocol Label Switching (MPLS) label. Forwarding equivalence classes are defined in the base Label Distribution Protocol (LDP) specification and can be extended through the use of additional parameters. FECs are also represented in other LDPs.

Forward explicit congestion notification. In a Frame Relay network, a header bit transmitted by the source device requesting that the destination device slow down its requests for data. FECN and backward explicit congestion notification (BECN) minimize the possibility that packets will be discarded when more packets arrive than can be handled.

See Also BECN.

First in, first out. Scheduling method in which the first data packet stored in the queue is the first data packet removed from the queue. All JUNOS software interface queues operate in this mode by default.

Process or device that screens packets based on certain characteristics, such as source address, destination address, or protocol, and forwards or discards packets that match the filter. Filters are used to control data packets or local packets.

See Also packet.

Federal Information Processing Standards. Defines, among other things, security levels for computer and networking equipment. FIPS is usually applied to military environments.

Security gateway positioned between two networks, usually between a trusted network and the Internet. A firewall ensures that all traffic that crosses it conforms to the organization’s security policy. Firewalls track and control communications, deciding whether to pass, reject, discard, encrypt, or log them. Firewalls also can be used to secure sensitive portions of a local network.

See stateful firewall filter.

Instructions and data programmed directly into the circuitry of a hardware device for the purpose of controlling the device. Firmware is used for vital programs that must not be lost when the device is powered off.

See FIFO.

See damping.

See route flapping.

Non-volatile memory card in Juniper Networks M Series and T Series routing platforms used for storing a copy of the JUNOS software and the current and most recent router configurations. It also typically acts as the primary boot device.

See FPC.

Route with an administrative distance greater than the administrative distance of the dynamically learned versions of the same route. The static route is used only when the dynamic routes are no longer available. When a floating static route is configured on an interface with a dialer filter, the interface can be used for backup.

Method of forwarding multicast data packets in a Dense-mode network. Flooding and pruning occur every three minutes.

Stream of routing information and packets that are handled by the Routing Engine (RE) and the Packet Forwarding Engine (PFE). The RE handles the flow of routing information between the routing protocols and the routing tables and between the routing tables and the forwarding tables, as well as the flow of local packets from the router physical interfaces to the RE. The PFE handles the flow of data packets into and out of the router’s physical interfaces.

Interface that combines multiple cflowd records into a compressed ASCII data file and exports the file to an FTP server for storage and analysis, allowing users to manipulate the output from traffic monitoring operations.

JUNOS software syntax used in a routing policy or firewall filter. It alters the default logical processing of the policy or filter when a set of match conditions is met.

Application that monitors the flow of traffic and enables lawful interception of packets transiting between two routers. Traffic flows can be passively monitored by an offline router or actively monitored by a router participating in the network.

Application that uses Dynamic Tasking Control Protocol (DTCP) requests to intercept IPv4 packets in an active monitoring router and send a copy of packets that match filter criteria to one or more content destinations. Flow-tap configurations can be used in flexible trend analysis for detecting new security threats and lawfully intercepting data.

Affect the forwarding, scheduling, and marking policies applied to packets as they transit a routing platform. The forwarding class plus the loss priority define the per-hop behavior. Also known as ordered aggregates in the IETF Differentiated Services architecture.

JUNOS software forwarding information base. The JUNOS routing protocol process installs active routes from its routing tables into the routing engine (RE) forwarding table. The kernel copies this forwarding table into the Packet Forwarding Engine (PFE), which determines which interface transmits the packets.

Flexible PIC Concentrator. An interface concentrator on which Physical Interface Cards (PICs) are mounted. An FPC is inserted into a slot in a Juniper Networks router.

See Also PIC.

Interface that contains one or more of the 32 DS0 time slots that can be reserved from an E1 interface. (The first time slot is reserved for framing.)

Interface that contains one or more DS0 time slots reserved from an E1 or T1 interface. Fractional interfaces allow service providers to provision part of an E1 or T1 interface to one customer and the other part to another customer. The individual fractional interfaces connect to different destinations, and customers pay for only the bandwidth fraction used and not for the entire E1 or T1 interface.

Fractional interfaces can be configured on both channelized Physical Interface Cards (PICs) and Physical Interface Modules (PIMs) and unchannelized, regular E1 and T1 PICs and PIMs.

Interface that contains one or more of the 24 DS0 time slots that can be reserved from a T1 interface.

In the Transmission Control Protocol/Internet Protocol (TCP/IP), the process of breaking packets into the smallest maximum size packet data unit (PDU) supported by any of the underlying networks. In the OSI reference model, this process is known as segmentation. For JUNOS applications, split Layer 3 packets can then be encapsulated in Multilink Frame Relay (MLFR) or the Multilink Point-to-Point Protocol (MLPPP) for transport.

Efficient replacement for the older X.25 protocol that does not require explicit acknowledgment of each frame of data. Frame Relay allows private networks to reduce costs by using shared facilities between the endpoint switches of a network managed by a Frame Relay service provider. Individual data-link connection identifiers (DLCIs) are assigned to ensure that each customer receives only its own traffic.

Signals carried at different frequencies and transmitted over a single wire or wireless medium.

Frame Relay Forum. A technical committee that promotes Frame Relay by negotiating agreements and developing standards.

End-to-end Frame Relay Implementation Agreement. An implementation of Multilink Frame Relay (MLFR) using multiple virtual connections to aggregate logical bandwidth for end-to-end Frame Relay. Released by the Frame Relay Forum.

Multilink Frame Relay Implementation Agreement. An implementation of Multilink Frame Relay (MLFR) in which a single logical connection is provided by multiplexing multiple physical interfaces for user-to-network interface and network-to-network interface (UNI/NNI) connections. Released by the Frame Relay Forum.

Field Replaceable Unit. A router component that customers can replace onsite.

File Transfer Protocol. Application protocol that is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol stack. Used for transferring files among network nodes. FTP is defined in RFC 959.

Open Shortest Path First (OSPF) adjacency state that represents a fully functional neighbor relationship.

See management Ethernet interface.

JUNOS software permanent interface used for communications between the routing engine (RE) and the Packet Forwarding Engine (PFE). This interface is not present in all routers.

JUNOS software permanent interface used for communications between the routing engine (RE) and the Packet Forwarding Engine (PFE). This interface is not present in all routers.

Timer used in a distance-vector network that represents the time remaining before a route is removed from the routing table.

GGSN call detail record. Collection of charges in ASN.1 format that is eventually billed to a mobile station user.

Summary route that uses an IP address next hop to forward packets in an IP network. A generated route is functionally similar to an aggregated route.

Gateway GPRS support node. A router that serves as a gateway between mobile networks and packet data networks.

Term describing various technologies for implementing Ethernet networking at a nominal speed of one gigabit per second. Gigabit Ethernet is supported over both optical fiber and twisted-pair cable. Physical layer standards include 1000Base-T, 1 Gbps over CAT-5e copper cabling, and 1000Base-SX for short to medium distances over fiber.

See Also Ethernet, Fast Ethernet.

Generalized Multiprotocol Label Switching. A protocol that extends the functionality of Multiprotocol Label Switching (MPLS) to include a wider range of label-switched path (LSP) options for a variety of network devices.

General Packet Radio System. A packet-switched service that allows full mobility and wide-area coverage as information is sent and received across a mobile network.

Process that allows a router whose control plane is undergoing a restart to continue to forward traffic while recovering its state from neighboring routers. Without Graceful Restart, a control plane restart disrupts services provided by the router.

JUNOS software feature that allows a change from the primary device, such as a routing engine (RE), to the backup device without interruption of packet forwarding.

ARP broadcast request for a router’s own IP address to check whether that address is being used by another node. Primarily used to detect IP address duplication.

Generic Routing Encapsulation. A general tunneling protocol that can encapsulate many types of packets to enable data transmission through a tunnel. GRE is used with IP to create a virtual point-to-point link to routers at remote points in a network.

See Also tunneling protocol.

Graceful Routing Engine Switchover. In a router that contains a master and a backup routing engine (RE), allows the backup RE to assume mastership automatically, with no disruption of packet forwarding.

Collection of related Border Gateway Protocol (BGP) peers.

IP address used as the destination address in a multicast IP packet. The group address functionally represents the senders and interested receivers for a particular multicast data stream.

Symmetric high-speed digital subscriber line (SHDSL). Standard published in 2001 by the ITU-T with recommendation ITU G.991.2 G.SHDSL. G.SHDSL incorporates features of other DSL technologies such as asymmetrical DSL (ADSL).

See Also SHDSL, ADSL.

Global System for Mobile Communications. A second-generation (2G) mobile wireless networking standard defined by ETSI that uses TDMA technology and operates in the 900 MHz radio band.

See Also TDMA.

GPRS tunneling protocol. A protocol that transports IP packets between an SGSN and a GGSN.

See Also tunneling protocol.

GGSN tunneling protocol, control. A protocol that allows an SGSN to establish packet data network access for a mobile station.

See Also tunneling protocol.

GGSN tunneling protocol, user plane. A protocol that carries mobile station user data packets.

See Also tunneling protocol.

Cryptographic technique applied over and over (iteratively) to a message of arbitrary length to produce a hash “message digest” or “signature” of fixed length that is appended to the message when it is sent. In security, used to validate that the contents of a message have not been altered in transit. The Secure Hash Algorithm (SHA-1) and Message Digest 5 (MD5) are commonly used hashes.

See Also SHA-1, MD5.

High-Level Data Link Control. An International Telecommunication Union (ITU) standard for a bit-oriented Data Link layer protocol on which most other bit-oriented protocols are based.

JUNOS software extension to the RMON alarm system that provides predefined monitoring for filesystem, CPU, and memory usage. The health monitor also supports unknown or dynamic object instances such as JUNOS processes.

Amount of time an Open Shortest Path First (OSPF) router continues to send a hello packet to each adjacent neighbor.

Process used by a Resource Reservation Protocol (RSVP) router to enhance the detection of network outages in a Multiprotocol Label Switching (MPLS) network.

Home Location Register. Database containing information about a subscriber and the current location of a subscriber’s mobile station.

Hashed Message Authentication Code. A mechanism for message authentication that uses cryptographic hash functions. HMAC can be used with any iterative cryptographic hash function—for example, Message Digest 5 (MD5) or Secure Hash Algorithm (SHA-1)—in combination with a secret shared key. The cryptographic strength of HMAC depends on the properties of the underlying hash function. Defined in RFC 2104, “HMAC: Keyed-Hashing for Message Authentication.”

Timer used by distance-vector protocols to prevent the propagation of incorrect routing knowledge to other routers in the network.

Maximum number of seconds allowed to elapse between successive keepalive or update messages that a Border Gateway Protocol (BGP) system receives from a peer.

Internet Group Management Protocol (IGMP) packet sent by a router to determine whether interested receivers exist on a broadcast network for multicast traffic.

Internet Group Management Protocol (IGMP) packet sent by an interested receiver for a particular multicast group address. Hosts send report messages when they first join a group or in response to a query packet from the local router.

On an M160 router, provides the routing and system management functions of the router. Consists of the routing engine (RE) and Miscellaneous Control Subsystem (MCS).

On a T640 routing node, provides the routing and system management functions of the router. Consists of a routing engine (RE) and an adjacent Control Board (CB).

In JUNOS, method used with link services intelligent queuing interfaces (LSQs) to enable rapid switchover between primary and secondary (backup) Physical Interface Cards (PICs).

See Also warm standby.

High-Speed Circuit Switched Data. Circuit-switched wireless data transmission for mobile users, at data rates up to 38.4 Kbps.

Hypertext Transfer Protocol. Method used to publish and receive information on the Web, such as text and graphics files.

Hypertext Transfer Protocol over Secure Sockets Layer. Similar to HTTP, with an added encryption layer that encrypts and decrypts user page requests and pages that are returned by a web server. Used for secure communication, such as payment transactions.

Internet Assigned Numbers Authority. A regulatory group that maintains all assigned and registered Internet numbers, such as IP and multicast addresses.

Internal BGP. A Border Gateway Protocol (BGP) configuration in which sessions are established between routers in the same Autonomous System (AS).

Internet Control Message Protocol. Used in router discovery, ICMP allows router advertisements that enable a host to discover addresses of operating routers on the subnet.

Integrated Drive Electronics. Type of hard disk on a routing engine (RE).

International Data Encryption Algorithm. An algorithm that uses a 128-bit key and is one of the methods at the heart of Pretty Good Privacy (PGP). IDEA is patented by Ascom Tech AG and is popular in Europe.

Initial Border Gateway Protocol (BGP) neighbor state in which the local router refuses all incoming session requests.

Intrusion detection service. A service that inspects all inbound and outbound network activity and identifies suspicious patterns that may indicate a network or system attack from someone attempting to break into or compromise a system.

International Electrotechnical Commission.

See Also ISO.

Institute of Electrical and Electronics Engineers. An international professional society for electrical engineers.

Internet Engineering Task Force. An international community of network designers, operators, vendors, and researchers concerned with the evolution of Internet architecture and the smooth operation of the Internet.

Information frame used to transfer data in sequentially numbered logical link control Protocol Data Units (LPDUs) between link stations.

Internet Group Management Protocol. Used with multicast protocols to determine whether group members are present.

Interior Gateway Protocol, such as Intermediate System to Intermediate System Level 1 (IS-IS), Open Shortest Path First (OSPF), and the Routing Information Protocol (RIP).

Internet Key Exchange. Part of IPSec that provides ways to securely negotiate the shared private keys that the authentication header (AH) and Encapsulating Security Payload (ESP) portions of IPSec need to function properly. IKE employs Diffie-Hellman methods and is optional in IPSec (the shared keys can be entered manually at the endpoints).

Integrated Local Management Interface. A specification developed by the ATM Forum that incorporates network management capabilities into the Asynchronous Transfer Mode (ATM) user-to-network interface (UNI) and provides bidirectional exchange of management information between UNI management entities (UMEs).

International Mobile Station Equipment Identity. A unique code used to identify an individual mobile station to a GSM network.

Installation of routes from the routing protocols into a routing table.

International Mobile Subscriber Identity. Information that identifies a particular subscriber to a GSM network.

International Mobile Telecommunications 2000. Global standard for third-generation (3G) wireless communications, defined by a set of interdependent ITU recommendations. IMT-2000 provides a framework for worldwide wireless access by linking the diverse systems of terrestrial and satellite-based networks.

Default JUNOS software routing table for IPv4 unicast routers.

Default JUNOS software routing table for storing the multicast cache for active data streams in the network.

Default JUNOS software routing table for storing unicast IPv4 routes specifically used to prevent forwarding loops in a multicast network.

Default JUNOS software routing table for storing the egress IP address of a Multiprotocol Label Switching (MPLS) label-switched path.

Default JUNOS software routing table for storing information generated by the Multicast Source Discovery Protocol (MSDP).

Default JUNOS software routing table for storing unicast IPv6 routes.

Metric value used in distance-vector protocols to represent an unusable route. For the Routing Information Protocol (RIP), the infinity metric is 16.

In Multiprotocol Label Switching (MPLS), the first router in a label-switched path (LSP).

See Also egress router.

Open Shortest Path First (OSPF) adjacency state in which the local router has received a hello packet but bidirectional communication is not yet established.

JUNOS software command that allows a user to reorder terms in a routing policy or a firewall filter, or to change the order of a policy chain.

Routing table that shows route flows through the Border Gateway Protocol (BGP).

Routing of packets among different Autonomous Systems (ASs).

See Also EBGP.

In a Border Gateway Protocol (BGP) route reflection, the redistribution of routing information by a route reflector system to all nonclient peers (BGP peers not in the cluster).

See Also route reflection.

Value added to all received routes in a distance-vector network before they are placed into the routing table. The JUNOS software uses a cost of 1 for this value.

See link-state replication.

Routes that are in the routing table because an interface has been configured with an IP address. Also called direct routes.

In Intermediate System-to-Intermediate System Level 1 (IS-IS), the network entity that sends and receives packets and can also route packets.

Juniper Networks ASIC responsible for using the forwarding table to make routing decisions within the Packet Forwarding Engine (PFE). The Internet Processor ASIC also implements firewall filters.

Virtual private network (VPN) that provides connectivity between separate Autonomous Systems (ASs) with separate border edge routers. It is used by VPN customers who have connections to several different Internet service providers (ISPs), or different connections to the same ISP in different geographic regions, each of which has a different AS.

Routing of packets within a single Autonomous System (AS).

See Also IBGP.

Juniper Networks ASIC responsible for segmenting data packets into 64-byte J-cells and for queuing resultant cells before transmission.

Internet Protocol. The protocol used for sending data from one point to another on the Internet.

IP Control Protocol. Protocol that establishes and configures IP over the Point-to-Point Protocol (PPP).

IP Security. A standard way to add security to Internet communications. The secure aspects of IPSec are usually implemented in three parts: the authentication header (AH), the Encapsulating Security Payload (ESP), and the Internet Key Exchange (IKE).

Intelligent queuing. M Series and T Series routing platform interfaces that offer granular quality-of-service (QoS) capabilities; extensive statistics on packets and bytes that are transmitted, received, or dropped; and embedded diagnostic tools.

ICMP Router Discovery Protocol. A protocol that enables a host to determine the address of a router that it can use as a default gateway.

Internet Security Association and Key Management Protocol. A protocol that allows the receiver of a message to obtain a public key and use digital certificates to authenticate the sender’s identity. ISAKMP is key-exchange-independent; that is, it supports many different key exchanges.

See Also IKE, Oakley.

Integrated Services Digital Network. A set of digital communications standards that enable the transmission of information over existing twisted-pair telephone lines at higher speeds than standard analog telephone service. An ISDN interface provides multiple B-channels (bearer channels) for data and one D-channel for control and signaling information.

See Also B-channel, D-channel.

Intermediate System-to-Intermediate System. A link-state, interior gateway routing protocol for IP networks that also uses the Shortest Path First (SPF) algorithm to determine routes.

International Organization for Standardization. A worldwide federation of standards bodies that promotes international standardization and publishes international agreements as International Standards.

Internet service provider. Company that provides access to the Internet and related services.

International Telecommunication Union Telecommunication Standardization (formerly known as the CCITT). Group supported by the United Nations that makes recommendations and coordinates the development of telecommunications standards for the entire world.

International standard that defines the asymmetrical digital subscriber line (ADSL). Annex A defines how ADSL works over twisted-pair copper (POTS) lines. Annex B defines how ADSL works over Integrated Services Digital Network (ISDN) lines.

JUNOS software package containing updates to the kernel.

JUNOS software package containing all possible software package files.

A 64-byte data unit used within the Packet Forwarding Engine (PFE). All IP packets processed by a Juniper Networks router are segmented into J-cells.

JUNOS software package containing the documentation set.

Small random variation introduced into the value of a timer to prevent multiple timer expirations from becoming synchronized. In real-time applications such as Voice over IP and video, variation in the rate at which packets in a stream are received that can cause quality degradation.

JUNOS software package containing the basic components of the software.

Physical Interface Module (PIM) message sent hop by hop upstream toward a multicast source or the rendezvous point (RP) of the domain. It requests that multicast traffic be sent downstream to the router originating the message.

JUNOS software package containing the embedded OS software for operating the Packet Forwarding Engine (PFE).

JUNOS software package containing the software used by the routing engine (RE).

Graphical web browser interface to the JUNOS Internet software on routing platforms. With the J-Web interface, you can monitor, configure, diagnose, and manage the routing platform from a PC or laptop that has Hypertext Transfer Protocol (HTTP) or HTTP over Secure Sockets Layer (HTTPS) enabled.

Message sent between network devices to inform each other that they are still active.

Basic software component of the JUNOS software. The kernel operates the various processes used to control the router’s operations.

See forwarding table.

Key management process that provides IPSec authentication services for encryption of Physical Interface Cards (PICs).

Layer 2 Tunneling Protocol. A procedure for secure communication of data across a Layer 2 network that enables users to establish Point-to-Point Protocol (PPP) sessions between tunnel endpoints. L2TP uses profiles for individual user and group access to ensure secure communication that is as transparent as possible to both end users and applications.

See Also tunneling protocol.

In Multiprotocol Label Switching (MPLS), a 20-bit unsigned integer from 0 through 1,048,575, used to identify a packet traveling along a label-switched path (LSP).

See LDP.

Resource Reservation Protocol (RSVP) message object that contains the label value allocated to the next downstream router.

Function performed by a Multiprotocol Label Switching (MPLS) router in which the top label in a label stack is removed from the data packet.

Function performed by a Multiprotocol Label Switching (MPLS) router in which a new label is added to the top of the data packet.

Resource Reservation Protocol (RSVP) message object that requests each router along the path of a label-switched path (LSP) to allocate a label for forwarding.

Function performed by a Multiprotocol Label Switching (MPLS) router in which the top label in a label stack is replaced with a new label before the data packet is forwarded to the next hop router.

A 20-bit field in a Multiprotocol Label Switching (MPLS) header used by routers to forward data traffic along an MPLS label-switched path (LSP).

Local Area Network Physical Layer Device. A physical layer device that allows 10 Gigabit Ethernet wide area links to use existing Ethernet applications.

See Also PHY, WAN PHY.

Collection of transport modes that accept a stream of Asynchronous Transfer Mode (ATM) cells, convert them to an encapsulated Layer 2 format, and then tunnel them over a Multiprotocol Label Switching (MPLS) or IP backbone, where a similarly configured routing platform segments these packets back into a stream of ATM cells, to be forwarded to the virtual circuit configured for the far-end routing platform. Layer 2 circuits are designed to transport Layer 2 frames between provider edge (PE) routing platforms across a Label Distribution Protocol (LDP)-signaled MPLS backbone.

See Also AAL5 mode, cell-relay mode, standard AAL5 mode, trunk mode.

Provides a private network service among a set of customer sites using a service provider’s existing Multiprotocol Label Switching (MPLS) and IP network. A customer’s data is separated from other data using software rather than hardware. In a Layer 2 VPN, the Layer 3 routing of customer traffic occurs within the customer’s network.

Provides a private network service among a set of customer sites using a service provider’s existing Multiprotocol Label Switching (MPLS) and IP network. A customer’s routes and data are separated from other routes and data using software rather than hardware. In a Layer 3 VPN, the Layer 3 routing of customer traffic occurs within the service provider’s network.

Line Card Chassis. Term used by the JUNOS command-line interface (CLI) to refer to a T640 routing node in a routing matrix.

Link Control Protocol. A traffic controller used to establish, configure, and test data-link connections for the Point-to-Point Protocol (PPP).

Lightweight Directory Access Protocol. Software protocol used for locating resources on a public or private network.

Label Distribution Protocol. A protocol for distributing labels in non-traffic-engineered applications. LDP allows routers to establish label-switched paths (LSPs) through a network by mapping network-layer routing information directly to Data Link layer switched paths.

Terminating node of a multicast distribution tree. A router that is a leaf node only has receivers and does not forward multicast packets to other routers.

Link fragmentation and interleaving. A method that reduces excessive delays by fragmenting long packets into smaller packets and interleaving them with real-time frames. For example, short delay-sensitive packets, such as packetized voice, can race ahead of larger delay-insensitive packets, such as common data packets.

Library that includes messages generated for routines for software license management.

Implementation of the pcap application programming interface. libpcap is used by a program to capture packets traveling over a network.

See Also pcap.

Term used to describe the restrictions placed on FIPS-certified equipment.

See Also FIPS.

Method of troubleshooting a problem with physical transmission media in which a transmission device in the network sends the data signal back to the originating router.

Communication path between two neighbors. A link is up when communication is possible between the two endpoints.

Method of establishing bypass label-switched paths (LSPs) to ensure that traffic going over a specific interface to a neighboring router can continue to reach the router if that interface fails. The bypass LSP uses a different interface and path to reach the same destination.

See LSQ.

Open Shortest Path First (OSPF) data packet used to inform a neighbor that a link-state update packet has been successfully received.

All routing knowledge in a link-state network is contained in this database. Each router runs the Shortest Path First (SPF) algorithm against this database to locate the best network path to each destination in the network.

Packet that contains information about the state of adjacencies to neighboring systems.

Addition to the SONET Automatic Protection Switching (APS) functionality that helps promote redundancy of the link Physical Interface Cards (PICs) used in LSQ configurations. If the active SONET PIC fails, links from the standby PIC are used without causing a link renegotiation. Also called interface preservation.

List generated by an Open Shortest Path First (OSPF) router during the exchange of database information while forming an adjacency. Advertised information by a neighbor that the local router does not contain is placed in this list.

Open Shortest Path First (OSPF) data packet used by a router to request database information from a neighboring router.

Open Shortest Path First (OSPF) data packet that contains one of multiple link state advertisements (LSAs). It is used to advertise routing knowledge into the network.

Logical Link Control. Data Link layer protocol used on a LAN. LLC1 provides connectionless data transfer, and LLC2 provides connection-oriented data transfer.

Unit of data that contains specific information about the LLC layer and identifies line protocols associated with the layer.

See Also LLC.

Local management interface. Enhancements to the basic Frame Relay specifications, providing support for the following:

Link Management Protocol. Part of GMPLS, a protocol used to define a forwarding adjacency between peers and to maintain and allocate resources on the traffic engineering links.

Process that installs all next hop destinations for an active route in the forwarding table. You can use load balancing across multiple paths between routers. The behavior of load balancing depends on the version of the Internet Processor ASIC in the router. Also called per-packet load balancing.

Open Shortest Path First (OSPF) adjacency state in which the local router sends link-state request packets to its neighbor and waits for the appropriate link-state updates from that neighbor.

Chunk of data destined for or sent by the routing engine (RE).

Optional Border Gateway Protocol (BGP) path attribute carried in internal BGP update packets that indicate the degree of preference for an external route.

Logical software table that contains Border Gateway Protocol (BGP) routes used by the local router to forward data packets.

Concept used in a Multiprotocol Label Switching (MPLS) network where the label values are unique only between two neighbor routers.

On a physical interface, the configuration of one or more units that include all addressing, protocol information, and other logical interface properties that enable the physical interface to function.

Characters used in a firewall filter to represent a Boolean AND or OR operation.

Logical routing device that is partitioned from an M Series or T Series routing platform. Each logical router independently performs a subset of the tasks performed by the main router and has a unique routing table, interfaces, policies, and routing instances.

JUNOS software routing policy match type that represents all routes more specific than the given subnet, but not the given subnet itself. It is similar to a mathematical greater-than operation.

Interface that is always available because it is independent of any physical interfaces. When configured with an address, the loopback interface is the default address for the routing platform and any unnumbered interfaces.

See Also unnumbered interface.

In the context of traffic engineering, a path that can use any router or any number of other intermediate (transit) points to reach the next address in the path. (Definition from RFC 791, modified to fit LSPs.)

Maps the loss priority of incoming packets based on code point values.

E1, NxDS0, and T1 interfaces configured on an intelligent queuing (IQ) Physical Interface Card (PIC).

LLC protocol Data Unit. LLC frame on a data link switching (DLSw) network.

See Also LLC frame.

Link state advertisement. Open Shortest Path First (OSPF) data structure that is advertised in a link-state update packet. Each LSA uniquely describes a portion of the OSPF network.

Label-switched interface. A logical interface supported by the JUNOS software that provides virtual private network (VPN) services (such as VPLS and Layer 3 VPNs) normally provided by a Tunnel Services PIC.

1. Label-switched path. Sequence of routers that cooperatively perform Multiprotocol Label Switching (MPLS) operations for a packet stream. The first router in an LSP is called the ingress router, and the last router in the path is called the egress router. An LSP is a point-to-point, half-duplex connection from the ingress router to the egress router. (The ingress and egress routers cannot be the same router.) 2. See link-state PDU.

Link services intelligent queuing interfaces. Interfaces configured on the Adaptive Services PIC (ASP) or Adaptive Services Module (ASM) that support Multilink Point-to-Point Protocol (MLPPP) and Multilink Frame Relay (MLFR) traffic and also fully support JUNOS class-of-service (CoS) components.

Label-switching router. A router on which Multiprotocol Label Switching (MPLS) is enabled and that can process label-switched packets.

Media Access Control. In the OSI seven-layer networking model defined by the IEEE, MAC is the lower sublayer of the Data Link layer. The MAC sublayer governs protocol access to the physical network medium. By using the MAC addresses that are assigned to all ports on a router, multiple devices on the same physical link can uniquely identify one another at the Data Link layer.

See Also MAC address.

Serial number permanently stored in a device adapter to uniquely identify the device.

See Also MAC.

Maximum allocation bandwidth constraints model. In Differentiated Services-aware traffic engineering, a constraint model that divides the available bandwidth among the different classes. Sharing of bandwidth among the class types is not allowed.

Permanent interface that provides an Out-of-Band method, such as Secure Shell (SSH) and Telnet, to connect to the routing platform. The Simple Network Management Protocol (SNMP) can use the management interface to gather statistics from the routing platform. Called fxp0 on some routing platforms.

See Also permanent interface.

Router used in an auto-RP multicast network to select the rendezvous point (RP) for all multicast group addresses. The RP is then advertised to all other routers in the domain.

Network address about which all information is ignored.

Network routes about which all information is ignored. The JUNOS software does not allow martian routes in the inet.0 routing table.

Mobile network access subsystem. A GSN application subsystem that contains the access server.

Router in control of the Open Shortest Path First (OSPF) database exchange during an adjacency formation.

Logical concept used in a routing policy or firewall filter. A match denotes the criteria used to find a route or IP packet before an action is performed.

JUNOS software syntax used in a route filter to better describe the routes that should match the policy term.

Multiprotocol Border Gateway Protocol. An extension to the Border Gateway Protocol (BGP) that allows you to connect multicast topologies within and between BGP Autonomous Systems (ASs).

Multicast Backbone. An interconnected set of subnetworks and routers that support the delivery of IP multicast traffic. The MBone is a virtual network that is layered on top of sections of the physical Internet.

Miscellaneous Control Subsystem. On the M40e and M160 routers, provides control and monitoring functions for router components and SONET clocking for the router.

Message Digest 5. A one-way hashing algorithm that produces a 128-bit hash used for generating message authentication signatures. MD5 is used in authentication header (AH) and Encapsulating Security Payload (ESP).

See Also hashing, SHA-1.

Modified deficit round robin. A method for selecting queues to be serviced.

See Also queue.

Multicast distribution tree. The path between the sender (host) and the multicast group (receiver or listener).

See MTBF.

Multiple exit discriminator. An optional Border Gateway Protocol (BGP) path attribute consisting of a metric value that is used to determine the exit point to a destination when all other factors determining the exit point are equal.

Network topology in which devices are organized in a manageable, segmented manner with many, often redundant, interconnections between network nodes.

Extension to the Resource Reservation Protocol (RSVP) specification that allows neighboring routers to bundle up to 30 RSVP messages into a single protocol packet.

Management daemon. JUNOS software process responsible for managing all user access to the router.

Management Information Base. Definition of an object that can be managed by the Simple Network Management Protocol (SNMP).

Physically separates front and rear cavities inside the chassis, distributes power from the power supplies, and transfers packets and signals between router components, which plug into it.

Multicast listener discovery. A protocol that manages the membership of hosts and routers in multicast groups. IPv6 multicast routers use MLD to learn, for each of their attached physical networks, which groups have interested listeners.

Multilink Frame Relay. Logically ties together individual circuits, creating a bundle. The logical equivalent of the Multilink Point-to-Point Protocol (MLPPP), MLFR is used for Frame Relay traffic instead of Point-to-Point Protocol (PPP) traffic. FRF.15 and FRF.16 are two implementations of MLFR.

Multilink Point-to-Point Protocol. Enables you to bundle multiple Point-to-Point Protocol (PPP) links into a single logical link between two network devices to provide an aggregate amount of bandwidth. The technique is often called bonding or link aggregation. Defined in RFC 1990.

See Also PPP.

Multimode fiber. Optical fiber supporting the propagation of multiple frequencies of light. MMF is used for relatively short distances because the modes tend to disperse over longer lengths (called modal dispersion). For longer distances, single-mode fiber (sometimes called monomode) is used.

See Also single-mode fiber.

Mobile device, such as a cellular phone or a mobile personal digital assistant (PDA).

See MTS.

Multiprotocol Label Switching. Mechanism for engineering network traffic patterns that functions by assigning to network packets short labels that describe how to forward them through the network. Also called label switching.

See Also traffic engineering.

Class-of-service (CoS) behavior classifier for classifying packets based on the Multiprotocol Label Switching (MPLS) experimental bit.

See Also EXP bits.

Mobile point-to-point control subsystem. A GGSN application subsystem that controls all functionality associated with a particular connection.

Maximum received reconstructed unit. Similar to the maximum transmission unit (MTU), but is specific to link services interfaces.

See Also MTU.

Multisource Agreement. The definition of a fiber-optic transceiver module that conforms to the 10 Gigabit Ethernet standard.

See Also XENPAK module.

Mobile Switching Center. Provides origination and termination functions to calls from a mobile station user.

Multicast Source Discovery Protocol. A protocol used to connect multicast routing domains to allow the domains to discover multicast sources from other domains. It typically runs on the same router as the Physical Interface Module (PIM) Sparse mode rendezvous point (RP).

Mobile Station Integrated Services Digital Network number. A number that callers use to reach a mobile services subscriber.

Mean time between failures. Measure of hardware component reliability.

Mobile transport subsystem. A GSN application subsystem that implements all the protocols used by the GSN.

Maximum transmission unit. Limit on the data size for a network.

Operation of sending network traffic from one network node to multiple network nodes.

Number used for configuring the multicast scope. Configuring a scope number constrains the scope of a multicast session. The number value can be any hexadecimal number from 0 through F. The multicast-scope value is a number from 0 through 15, or a specified keyword with an associated prefix range. For example, link-local (value = 2), corresponding prefix 224.0.0.0/24.

In Differentiated Services-aware traffic engineering, a multiclass label-switched path (LSP) functions like a standard LSP, but also allows you to reserve bandwidth for multiple class types. The experimental (EXP) bits of the Multiprotocol Label Switching (MPLS) header are used to distinguish between class types.

Enables multiple classes of service while using the Multilink Point-to-Point Protocol (MLPPP). Defined in RFC 2686, “The Multi-Class Extension to Multi-Link PPP.”

Method for classifying traffic flows. Unlike a behavior aggregate (BA) classifier, a multifield classifier examines multiple fields in the packet to apply class-of-service (CoS) settings. Examples of fields that a multifield classifier examines include the source and destination addresses of the packet, as well as the source and destination port numbers of the packet.

See Also BA classifier, classification.

Network topology that uses multiple connections between customer and provider devices to provide redundancy.

Mobile visitor register subsystem.

JUNOS software syntax that specifies a portion of or the entire network path that should be used as a constraint in signaling a Multiprotocol Label Switching (MPLS) label-switched path (LSP).

Network Address Port Translation. A method that translates the addresses and transport identifiers of many private hosts into a few external addresses and transport identifiers to make efficient use of globally registered IP addresses. NAPT extends the level of translation beyond that of basic Network Address Translation (NAT).

See Also NAT.

Network Address Translation. A method of concealing a set of host addresses on a private network behind a pool of public addresses. It can be used as a security measure to protect the host addresses from direct targeting in network attacks.

Network Control Protocol. A traffic controller used to establish and configure different network layer protocols for the Point-to-Point Protocol (PPP).

Neighbor Discovery Protocol. Protocol used by IPv6 nodes on the same link to discover each other’s presence, determine each other’s Link layer addresses, find routers, and maintain reachability information about the paths to active neighbors. NDP is defined in RFC 2461 and is equivalent to the Address Resolution Protocol (ARP) used with IPv4.

See Also ARP.

Adjacent system reachable by traversing a single subnetwork. An immediately adjacent router. Also called a peer.

Network entity title. Network address defined by the ISO network architecture and used in CLNS-based networks.

Network basic input/output system. An application programming interface used by programs on a LAN. NetBIOS provides a uniform set of commands for requesting the lower-level services required to manage names, conduct sessions, and send datagrams between nodes on a network.

Interface, such as an Ethernet or SONET/SDH interface, that primarily provides traffic connectivity.

See Also PIC, services interface.

Open Shortest Path First (OSPF) link state advertisement (LSA) flooded throughout a single area by designated routers to describe all routers attached to the network.

Open Shortest Path First (OSPF) link state advertisement (LSA) sent by the designated router on a broadcast or NBMA segment. It advertises the subnet associated with the designated router’s segment.

Open Shortest Path First (OSPF) link state advertisement (LSA) sent by an area border router (ABR) to advertise internal OSPF routing knowledge across an area boundary.

See Also ABR.

Network Information Center. Internet authority responsible for assigning Internet-related numbers, such as IP addresses and Autonomous System (AS) numbers.

See Also IANA.

National Institute of Standards and Technology. A nonregulatory U.S. federal agency whose mission is to develop and promote measurement, standards, and technology.

Network layer reachability information. Information carried in Border Gateway Protocol (BGP) packets and used by the Multiprotocol Border Gateway Protocol (MBGP).

In a Border Gateway Protocol (BGP) route reflection, a BGP peer that is not a member of a cluster.

See Also client peer.

JUNOS software data structure generated by the Distribution Buffer Manager ASIC that represents the header contents of an IP packet. The Internet Processor ASIC uses the notification cell to perform a forwarding table lookup.

A Border Gateway Protocol (BGP) message that informs a neighbor about an error condition, and then in some cases terminates the BGP peering session.

See NSSA.

Network service access point. Connection to a network that is identified by a network address.

Last byte of a nonclient peer address.

Nonstop routing. A high-availability feature that allows a routing platform with redundant routing engines (REs) to preserve routing information on the backup RE and switch over from the primary RE to the backup RE without alerting peer nodes that a change has occurred. NSR uses the Graceful RE Switchover (GRES) infrastructure to preserve interface, kernel, and routing information.

Not-so-stubby area. In Open Shortest Path First (OSPF), a type of stub area in which external routes can be flooded.

Network Time Protocol. A protocol used to synchronize computer clock times on a network.

Physical Interface Module (PIM) message sent by the first hop router to the rendezvous point (RP). The message informs the RP that the local source is still actively sending multicast packets into the network.

See Also RP.

Use of numeric values (protocol and port numbers) in the header of an IP packet to match criteria in a firewall filter.

Key determination protocol based on the Diffie-Hellman algorithm that provides added security, including authentication. Oakley was the key-exchange algorithm mandated for use with the initial version of ISAKMP, although other algorithms can be used. Oakley describes a series of key exchanges called modes and details the services provided by each; for example, Perfect Forward Secrecy for keys, identity protection, and authentication.

See Also ISAKMP.

Operation, Administration, and Maintenance. An ATM Forum specification for monitoring Asynchronous Transfer Mode (ATM) virtual connections. OAM performs standard loopback, fault detection and notification, and remote defect identification for each connection, verifying that the connection is up and the router is operational.

Optical carrier. In SONET, the OC level indicates the transmission rate of digital signals on optical fiber.

SONET line with a transmission speed of 155.52 Mbps (payload of 150.336 Mbps) using fiber-optic cables. For SDH interfaces, OC3 is also known as STM1.

SONET line with a transmission speed of 622 Mbps using fiber-optic cables.

Border Gateway Protocol (BGP) message that allows two neighbors to negotiate the parameters of the peering session.

Border Gateway Protocol (BGP) neighbor state that shows that a valid Open message was received from the remote peer.

Border Gateway Protocol (BGP) neighbor state that shows that an Open message was sent to the remote peer and the local router is waiting for an Open message to be returned.

JUNOS software mode that allows a user to view statistics and information about the router’s current operating status.

Operational script. Extensible Stylesheet Language for Transformations (XSLT) script written to automate network troubleshooting and network management. Op scripts can perform any function available through JUNOScript remote procedure calls (RPCs).

In the Border Gateway Protocol (BGP), an attribute that describes the source of the route.

JUNOS software routing policy match type that represents all routes more specific than the given subnet, including the given subnet itself. It is similar to a mathematical greater-than-or-equal-to operation.

Open Systems Interconnection. Standard reference model for how messages are transmitted between two points on a network.

Open Shortest Path First. A link-state Interior Gateway Protocol (IGP) that makes routing decisions based on the Shortest Path First (SPF) algorithm (also referred to as the Dijkstra algorithm).

Message sent by each Open Shortest Path First (OSPF) router to each adjacent router. It is used to establish and maintain the router’s neighbor relationships.

Network design in which a logical Layer 3 topology (IP subnets) is operating over a logical Layer 2 topology (Asynchronous Transfer Mode permanent virtual circuits [ATM PVCs]). Layers in the network do not have knowledge of each other, and each layer requires separate management and operation.

Method that allows provisioning of more bandwidth than the line rate of the physical interface.

See point-to-multipoint LSP.

Collection of files that make up a JUNOS software component.

Fundamental unit of information (message or fragment of a message) carried in a packet-switched network; for example, the Internet.

See Also PSN.

Occurs when packets in the output buffer are overwritten by newly arriving packets. This happens because the available buffer size is greater than the available transmission bandwidth.

1. Packet sampling method in which entire IPv4 packets flowing through a router are captured for analysis. Packets are captured in the routing engine (RE) and stored as libpcap-formatted files on the router. Packet capture files can be opened and analyzed offline with packet analyzers such as tcpdump and Ethereal. 2. J-Web packet sampling method for quickly analyzing router control traffic destined for or originating from the RE. You can either decode and view the captured packets in the J-Web interface as they are captured, or save the packets to a file and analyze them offline with packet analyzers such as Ethereal. J-Web packet capture does not capture transient traffic.

See Also traffic sampling.

Portion of the router that processes packets by forwarding them between input and output interfaces.

Transmission of packets from many sources over a switched network.

PPPoE Active Discovery Initiation packet. A Point-to-Point Protocol over Ethernet (PPPoE) initiation packet that is broadcast by the client to start the discovery process.

PPPoE Active Discovery Offer packet. A Point-to-Point Protocol over Ethernet (PPPoE) offer packet that is sent to the client by one or more access concentrators in reply to a PPPoE Active Discovery Initiation (PADI) packet.

PPPoE Active Discovery Request packet. A Point-to-Point Protocol over Ethernet (PPPoE) packet sent by the client to one selected access concentrator to request a session.

PPPoE Active Discovery Session Confirmation packet. A Point-to-Point Protocol over Ethernet (PPPoE) packet sent by the selected access concentrator to confirm the session.

PPPoE Active Discovery Termination packet. A Point-to-Point Protocol over Ethernet (PPPoE) packet sent by either the client or the access concentrator to terminate a session.

Technique to intercept and observe specified data network traffic by using a routing platform such as a monitoring station that is not participating in the network.

Information about a Border Gateway Protocol (BGP) route, such as the route origin, Autonomous System (AS) path, and next hop router.

Resource Reservation Protocol (RSVP) message indicating that an error has occurred along an established label-switched path (LSP). The message is advertised upstream toward the ingress router and does not remove any RSVP soft state from the network.

Resource Reservation Protocol (RSVP) message indicating that the established label-switched path (LSP) and its associated soft state should be removed by the network. The message is advertised downstream hop by hop toward the egress router.

Software library for packet capturing.

See Also libpcap.

(Previously known as a PCMCIA Card.) The removable storage media that ships with each router that contains a copy of the JUNOS software. The PC Card is based on standards published by the Personal Computer Memory Card International Association (PCMCIA).

Peripheral Component Interconnect. Standard, high-speed bus for connecting computer peripherals. Used on the routing engine (RE).

Peripheral Component Interconnect Express. Next-generation, higher-bandwidth bus for connecting computer peripherals. A PCI Express bus uses point-to-point bus topology with a shared switch rather than the shared bus topology of a standard PCI bus. The shared switch on a PCI Express bus provides centralized traffic routing and management and can prioritize traffic. On some J Series services routers, PCI Express slots are backward compatible with PCI and can accept Physical Interface Modules (PIMs) intended for either PCI Express or PCI slots.

Personal Computer Memory Card International Association. Industry group that promotes standards for credit-card-size memory and I/O devices.

Plesiochronous Digital Hierarchy. Developed to carry digitized voice more efficiently. Evolved into the North American, European, and Japanese Digital Hierarchies, in which only a discrete set of fixed rates is available; namely, NxDS0 (DS0 is a 64 kbps rate).

Packet data protocol. Network protocol, such as IP, used by packet data networks connected to a GPRS network.

Protocol Data Unit. A packet of data passed across a network. The term refers to a specific layer of the OSI seven-layer model and a specific protocol.

Policing equivalence classes. In traffic policing, a set of packets that are treated the same way by the packet classifier.

Immediately adjacent router with which a protocol relationship has been established. Also called a neighbor.

Practice of exchanging Internet traffic with directly connected peers according to commercial and contractual agreements.

1. Privacy Enhanced Mail. A technique for securely exchanging electronic mail over a public medium. 2. Power Entry Module. Distributes DC power within the router chassis. Supported on M40e, M160, M320, and T Series routing platforms.

Last transit router before the egress router in a Multiprotocol Label Switching (MPLS) label-switched path (LSP).

Interface that is always present in the routing platform.

See Also management Ethernet interface, transient interface.

Commit-script-generated configuration change that is copied to the candidate configuration. Persistent changes remain in the candidate configuration unless you explicitly delete them.

See Also transient change.

Provider edge router. A router in the service provider’s network that is connected to a customer edge (CE) device and participates in a virtual private network (VPN).

Protocol Field Compression. Normally, Point-to-Point Protocol (PPP)-encapsulated packets are transmitted with a 2-byte protocol field. For example, IPv4 packets are transmitted with the protocol field set to 0x0021, and Multiprotocol Label Switching (MPLS) packets are transmitted with the protocol field set to 0x0281. For all protocols with identifiers from 0x0000 through 0x00ff, PFC enables routers to compress the protocol field to one byte, as defined in RFC 1661, “The Point-to-Point Protocol (PPP).” PFC allows you to conserve bandwidth by transmitting less data.

See Also ACFC.

Perfect Forward Secrecy protocol. A protocol derived from an encryption system that changes encryption keys often and ensures that no two sets of keys have any relationship to each other. If one set of keys is compromised, only communications using those keys are at risk. An example of a system that uses PFS is Diffie-Hellman.

Pragmatic General Multicast. A protocol layer that can be used between the IP layer and the multicast application on sources, receivers, and routers to add reliability, scalability, and efficiency to multicast networks.

Pretty Good Privacy. A strong cryptographic technique invented by Philip Zimmerman in 1991.

Penultimate hop popping. A mechanism used in a Multiprotocol Label Switching (MPLS) network that allows the transit router before the egress router to perform a label pop operation and forward the remaining data (often an IPv4 packet) to the egress router.

1. Special electronic integrated circuit or functional block of a circuit that performs encoding and decoding between a pure digital domain (on-off) and a modulation in the analog domain. 2. Open Systems Interconnection (OSI) physical layer. Layer 1 of the OSI model that defines the physical link between devices.

See Also LAN PHY, WAN PHY.

Port on a Physical Interface Card (PIC) or Physical Interface Module (PIM).

A network interface card installed in a J Series services router to provide physical connections to a LAN or WAN. PIMs can be fixed or removable and interchangeable. The PIM receives incoming packets from the network and transmits outgoing packets to the network. Each PIM is equipped with a dedicated network processor that forwards incoming data packets to and receives outgoing data packets from the routing engine (RE). During this process, the PIM performs framing and line-speed signaling for its medium type—for example, E1, serial, Fast Ethernet, or Integrated Services Digital Network (ISDN).

Physical Interface Card. A network interface-specific card that can be installed on a Flexible PIC Concentrator (FPC) in the router.

Juniper Networks ASIC responsible for receiving and transmitting information on the physical media. It performs media-specific tasks within the Packet Forwarding Engine (PFE).

Peak information rate. The PIR must be equal to or greater than the committed information rate (CIR), and both must be configured to be greater than 0. Packets that exceed the PIR are marked red, which corresponds to high loss priority.

See Also CIR, trTCM.

Public key infrastructure. A hierarchy of trust that enables users of a public network to securely and privately exchange data through the use of public and private cryptographic key pairs that are obtained and shared with peers through a trusted authority.

Public Land Mobile Network. A telecommunications network for mobile stations.

Packet loss priority. Used to determine the random early detection (RED) drop profile when a packet is queued. You can set it by configuring a classifier or policer. The system supports two PLP designations: low and high.

Packet loss priority bit. Used to identify packets that have experienced congestion or are from a transmission that exceeded a service provider’s customer service license agreement. This bit can be used as part of a router’s congestion control mechanism and can be set by the interface or by a filter.

Point of local repair. The ingress router of a backup tunnel or a detour label-switched path (LSP).

Unidirectional connection in which a single source system transmits data to multiple destination end systems. Point-to-multipoint is one of two fundamental connection types.

See Also point-to-point connection.

Resource Reservation Protocol (RSVP)-signaled label-switched path (LSP) with a single source and multiple destinations.

Unidirectional or bidirectional connection between two end systems. Point-to-point is one of two fundamental connection types.

See Also point-to-multipoint connection.

Method used in distance-vector networks to avoid routing loops. Each router advertises routes back to the neighbor it received them from with an infinity metric assigned.

Filter that limits traffic of a certain class to a specified bandwidth or burst size. Packets exceeding the policer limits are discarded, or assigned to a different forwarding class, a different loss priority, or both.

Method of applying rate limits on bandwidth and burst size for traffic on a particular interface.

Application of multiple routing policies in a single location. The policies are evaluated in a predefined manner and are always followed by the default policy for the specific application location.

Removal of the last label, by a router, from a packet as it exits a Multiprotocol Label Switching (MPLS) domain.

Method in which a copy of an IPv4 packet is sent from the routing platform to an external host address or a packet analyzer for analysis.

Point-to-Point Protocol. A Link layer protocol that provides multiprotocol encapsulation. PPP is used for Link layer and Network layer configuration. Provides a standard method for transporting multiprotocol datagrams over point-to-point links. Defined in RFC 1661.

Point-to-Point Protocol daemon that processes packets that use the Point-to-Point Protocol (PPP).

Point-to-Point Protocol over Ethernet. Network protocol that encapsulates Point-to-Point Protocol (PPP) frames in Ethernet frames and connects multiple hosts over a simple bridging access device to a remote access concentrator.

Point-to-Point Protocol over Ethernet frames in Asynchronous Transfer Mode. Network protocol that encapsulates Point-to-Point Protocol over Ethernet (PPPoE) frames in Asynchronous Transfer Mode (ATM) frames for digital subscriber line (DSL) transmission, and connects multiple hosts over a simple bridging access device to a remote access concentrator.

First three bits in the type-of-service (ToS) byte. On a Juniper Networks router, these bits are used to sort or classify individual packets as they arrive at an interface. The classification determines the queue to which the packet is directed upon transmission.

Desirability of a route to become the active route. A route with a lower preference value is more likely to become the active route. The preference is an arbitrary value from 0 through 255 that the routing protocol process uses to rank routes received from different protocols, interfaces, or remote systems.

On an interface, the default local address used for packets sourced by the local router to destinations on the subnet.

JUNOS software routing policy match type representing all routes that share the same most-significant bits. The prefix length of the route must also lie between the two supplied lengths in the route filter.

On an interface, the address used by default as the local address for broadcast and multicast packets sourced locally and sent out the interface.

Contributing route with the numerically smallest prefix and smallest JUNOS software preference value. This route is the default next hop used for a generated route.

Router interface that packets go out on when no interface name is specified and when the destination address does not specify a particular outgoing interface.

Used with Asynchronous Transfer Mode (ATM) CCC Cell Relay encapsulation, enables mapping of all incoming cells from an interface port or from a virtual path (VP) to a single label-switched path (LSP) without restricting the VCI number.

Logical Layer 3 address assigned to an interface within the JUNOS software.

Grouping of logical properties within an interface configuration; for example, the inet, inet4, and Multiprotocol Label Switching (MPLS) families.

A protocol-independent multicast routing protocol. PIM Dense mode is a flood-and-prune protocol. PIM Sparse mode routes to multicast groups that use join messages to receive traffic. PIM Sparse-Dense mode allows some multicast groups to be dense groups (flood and prune) and some groups to be sparse groups (join and leave).

A 32-bit value assigned to all routes placed into the routing table. The protocol preference is used as a tiebreaker when multiple exact routes are placed into the table by different protocols.

Router in the service provider’s network that is not connected to a customer edge (CE) device.

Physical Interface Module (PIM) message sent upstream to a multicast source or the rendezvous point (RP) of the domain. The message requests that multicast traffic stop being transmitted to the router originating the message.

Packet-switched network. Network in which messages or fragments of messages (packets) are sent to their destinations through the most expedient route, as determined by a routing algorithm. Packet switching optimizes bandwidth in a network and minimizes latency.

Partial sequence number PDU. A packet that contains only a partial list of the label-switched paths (LSPs) in the Intermediate System-to-Intermediate System Level 1 (IS-IS) link-state database.

See PKI.

Addition of a label or stack of labels, by a router, to a packet as it enters a Multiprotocol Label Switching (MPLS) domain.

Permanent virtual circuit. A software-defined logical connection in a network.

See Also SVC.

Quality of service. Performance, such as transmission rates and error rates, of a communications channel or system.

Type of Physical Interface Card (PIC) that combines the PIC and Flexible PIC Concentrator (FPC) within a single FPC slot.

Next hop for a static route that allows a second next hop for the same static route to have different metric and preference properties from the original next hop.

Physical Interface Module (PIM) router on a broadcast subnet responsible for generating Internet Group Management Protocol (IGMP) query messages for the segment.

First-in, first-out (FIFO) number of packets waiting to be forwarded over a router interface. You can configure the minimum and maximum sizes of the packet queue, queue admission policies, and other parameters to manage the flow of packets through the router.

For random early detection (RED), the memory used to store packets expressed as a percentage of the total memory allocated for that specific queue.

See Also drop profile.

For ATM1 interfaces only, a limit on the number of transmit packets that can be queued. Packets that exceed the limit are dropped.

See Also EPD.

In routing, the arrangement of packets waiting to be forwarded. Packets are organized into queues according to their priority, time of arrival, or other characteristics, and are processed one at a time. After a packet is sent to the outgoing interface on a router, it is queued for transmission on the physical media. The amount of time a packet is queued on the router is determined by the availability of the outgoing physical media, bandwidth, and amount of traffic using the interface.

Registration authority. A trusted third-party organization that acts on behalf of a certificate authority (CA) to verify the identity of a digital certificate user.

See RFI.

Remote Authentication Dial-In User Service. An authentication method for validating users who attempt to access the router using Telnet.

(Pronounced “are-bock.”) Regional Bell operating company. Regional telephone companies formed as a result of the divestiture of the Bell System.

RSA codes. A family of proprietary (RSA Data Security, Inc.) encryption schemes often used in web browsers and servers. These codes use variable-length keys up to 2,048 bits.

Relational database management system. A system that presents data in a tabular form with a means of manipulating the tabular data with relational operators.

Russian-dolls bandwidth allocation model. An allocation model that makes efficient use of bandwidth by allowing the class types to share bandwidth. RDM is defined in the Internet draft draft-ietf-tewg-diff-te-russian-03.txt, “Russian Dolls Bandwidth Constraints Model for Diff-Serv-aware MPLS Traffic Engineering.”

Next hop for a static route that allows all matching packets to be sent to the routing engine (RE) for processing.

Method of consulting the routing table to locate the actual physical next hop for a route when the supplied next hop is not directly connected.

Random early detection. Gradual drop profile for a given class that is used for congestion avoidance. RED tries to anticipate incipient congestion by dropping a small percentage of packets from the head of the queue to ensure that a queue never actually becomes congested.

In the Resource Reservation Protocol (RSVP), an extension that addresses the problems of scaling, reliability, and latency when Refresh messages are used to cover message loss.

Physical Interface Module (PIM) message unicast by the first hop router to the rendezvous point (RP) that contains the multicast packets from the source encapsulated within its data field.

Physical Interface Module (PIM) message sent by the rendezvous point (RP) to the first hop router to halt the sending of encapsulated multicast packets.

See RA.

Next hop for a configured route that drops all matching packets from the network and returns an Internet Control Message Protocol (ICMP) message to the source IP address. Also used as an action in a routing policy or firewall filter.

JUNOS software command that allows a user to change the name of a routing policy, firewall filter, or any other variable character string defined in the router configuration.

Routing Information Protocol (RIP) message used by a router to ask for all or part of the routing table from a neighbor.

Next hop for a static route that allows the router to perform a recursive lookup to locate the physical next hop for the route.

Routing Information Protocol (RIP) message used to advertise routing information into a network.

JUNOS software data structure generated by the Internet Processor ASIC after performing a forwarding table lookup.

Resource Reservation Protocol (RSVP) message that allows the egress router to receive an explicit confirmation message from a neighbor that its Resv message was received.

Resource Reservation Protocol (RSVP) message indicating that an error has occurred along an established label-switched path (LSP). The message is advertised downstream toward the egress router and it does not remove any RSVP soft state from the network.

Resource Reservation Protocol (RSVP) message indicating that the established label-switched path (LSP) and its associated soft state should be removed by the network. The message is advertised upstream toward the ingress router.

For SONET Automatic Protection Switching (APS), a timer that specifies the amount of time (in seconds) to wait after the working circuit has become functional before making the working circuit active again.

Set the appropriate class-of-service (CoS) bits in an outgoing packet. This allows the next downstream router to classify the packet into the appropriate service group.

Request for Comments. Internet standard specifications published by the Internet Engineering Task Force (IETF).

Radio frequency interface. Interference from high-frequency electromagnetic waves emanating from electronic devices.

Routing information base. A logical data structure used by the Border Gateway Protocol (BGP) to store routing information.

See Also routing table.

Router ID. An IP address used by a router to uniquely identify itself to a routing protocol. This address may not be equal to a configured interface address.

Routing Information Protocol. Used in IPv4 networks, a distance-vector interior gateway protocol that makes routing decisions based on hop count.

Routing Information Protocol next generation. Used in IPv6 networks, a distance-vector interior gateway protocol that makes routing decisions based on hop count.

Remote monitoring. A standard Management Information Base (MIB) that defines current and historical Media Access Control (MAC)-layer statistics and control objects, allowing you to capture real-time information across the entire network. This allows you to detect, isolate, diagnose, and report potential and actual network problems.

Radio network controller. Manages the radio part of the network in UMTS.

A 6-byte value identifying a virtual private network (VPN) that is prefixed to an IPv4 address to create a unique IPv4 address. The new address is part of the VPN IPv4 address family, which is a Border Gateway Protocol (BGP) address family added as an extension to BGP. It allows you to configure private addresses within the VPN by preventing overlap with the private addresses in other VPNs.

JUNOS software syntax used in a routing policy to match an individual route or a group of routes.

Condition of network instability whereby a route is announced and withdrawn repeatedly, often as a result of an intermittently failing link.

IP address of the router from which a Border Gateway Protocol (BGP), Interior Gateway Protocol (IGP), or Open Shortest Path First (OSPF) packet originated.

Method of placing learned routes from one protocol into another protocol operating on the same router. The JUNOS software accomplishes this with a routing policy.

In the Border Gateway Protocol (BGP), the configuration of a group of routers into a cluster in which one system acts as a route reflector, redistributing routes from outside the cluster to all routers in the cluster. Routers in a cluster do not need to be fully meshed.

See RID.

Open Shortest Path First (OSPF) link state advertisement (LSA) flooded throughout a single area by all routers to describe the state and cost of the router’s links to the area.

Open Shortest Path First (OSPF) link state advertisement (LSA) sent by each router in the network. It describes the local router’s connected subnets and their metric values.

Numerical value assigned to an Open Shortest Path First (OPSF) or Intermediate System-to-Intermediate System Level 1 (IS-IS) interface that is used as the first criterion in electing the designated router or designated intermediate system, respectively.

Portion of the router that handles all routing protocol processes, as well as other software processes that control the router’s interfaces, some of the chassis components, system management, and user access to the router.

Collection of routing tables, interfaces, and routing protocol parameters. The set of interfaces is contained in the routing tables, and the routing protocol parameters control the information in the routing tables.

Terabit routing system interconnecting up to four T640 routing nodes and a TX Matrix platform to deliver up to 2.56 terabits per second (Tbps) of subscriber switching capacity.

Common database of routes learned from one or more routing protocols. All routes are maintained by the JUNOS routing protocol process.

Rendezvous point. For Physical Interface Module (PIM) Sparse mode, a core router acting as the root of the distribution tree in a shared tree.

Remote procedure call. A type of protocol that allows a computer program running on one computer to cause a function on another computer to be executed without explicitly coding the details for this interaction.

JUNOS software routing protocol process (daemon). A user-level background process responsible for starting, managing, and stopping the routing protocols on a Juniper Networks router.

Reverse path forwarding. An algorithm that checks the unicast routing table to determine whether there is a shortest path back to the source address of the incoming multicast packet. Unicast RPF helps to determine the source of denial-of-service (DoS) attacks and rejects packets from unexpected source addresses.

1. Reverse-path multicasting. Routing algorithm used by the Distance Vector Multicast Routing Protocol (DVMRP) to forward multicast traffic. 2. Real-time Performance Monitoring. A tool for creating active probes to track and monitor traffic.

Record route object. A Resource Reservation Protocol (RSVP) message object that notes the IP address of each router along the path of a label-switched path (LSP).

Resource Reservation Protocol. A signaling protocol that establishes a session between two routers to transport a specific traffic flow.

Resource Reservation Protocol (RSVP) message sent by the ingress router downstream toward the egress router. It begins the establishment of a soft state database for a particular label-switched path (LSP).

Resource Reservation Protocol (RSVP) message sent by the egress router upstream toward the ingress router. It completes the establishment of the soft state database for a particular label-switched path (LSP).

Label-switched path (LSP) that is dynamically established using Resource Reservation Protocol (RSVP) Path and Resv messages.

RSVP traffic engineering; Resource Reservation Protocol (RSVP) with traffic engineering extensions as defined by RFC 3209. These extensions allow RSVP to establish label-switched paths (LSPs) in Multiprotocol Label Switching (MPLS) networks.

See Also MPLS, RSVP.

Real-time Transport Protocol. An Internet protocol that provides mechanisms for the transmission of real-time data, such as audio, video, or voice, over IP networks. Compressed RTP is used for Voice over IP traffic.

Real-time variable bit rate. For ATM2 intelligent queuing (IQ) interfaces, data that is serviced at a higher priority rate than other VBR data. RTVBR is suitable for carrying packetized video and audio. RTVBR provides better congestion control and latency guarantees than non-real-time VBR.

Security association. An IPSec term that describes an agreement between two parties about what rules to use for authentication and encryption algorithms, key exchange mechanisms, and secure communications.

Method whereby the sampling key based on the IPv4 header is sent to the routing engine (RE). There, the key is placed in a file, or cflowd packets based on the key are sent to a cflowd server.

1. Session Announcement Protocol. Used with multicast protocols to handle session conference announcements. 2. Service access point. Device that identifies routing protocols and provides the connection between the network interface card and the rest of the network.

Segmentation and reassembly. Buffering used with Asynchronous Transfer Mode (ATM).

System Control Board. On an M40 router, the part of the Packet Forwarding Engine (PFE) that performs route lookups, monitors system components, and controls Flexible PIC Concentrator (FPC) resets.

Switch-card chassis. Term used by the JUNOS command-line interface (CLI) to refer to the TX Matrix platform in a routing matrix.

Simple Certificate Enrollment Protocol. A protocol for digital certificates that supports certificate authority (CA) and registration authority (RA) public key distribution, certificate enrollment, certificate revocation, certificate queries, and certificate revocation list (CRL) queries.

SONET Clock Generator. On a T640 routing node, provides the Stratum 3 clock signal for the SONET/SDH interfaces. Also provides external clock inputs.

In class of service (CoS), associate schedulers with forwarding classes.

See Also schedulers, forwarding classes.

Define the priority, bandwidth, delay buffer size, rate control status, and random early detection (RED) drop profiles to be applied to a particular forwarding class for packet transmission.

See Also scheduler maps.

Method of determining which type of packet or queue is transmitted before another. An individual router interface can have multiple queues assigned to store packets. The router then determines which queue to service based on a particular method of scheduling. This process often involves a determination of which type of packet should be transmitted before another. For example, first in, first out (FIFO).

See Also FIFO.

Secure copy. Means of securely transferring computer files between a local and remote host or between two remote hosts, using the Secure Shell (SSH) protocol.

Source class usage. A means of tracking traffic originating from specific prefixes on the provider core router and destined for specific prefixes on the customer edge router, based on the IP source and destination addresses.

Synchronous Digital Hierarchy. A CCITT variation of the SONET standard.

Session Description Protocol. Used with multicast protocols to handle session conference announcements.

Synchronous dynamic random access memory. An electronic standard in which the inputs and outputs of SDRAM data are synchronized to an externally supplied clock, allowing for extremely fast consecutive read and write capacity.

Service Deployment System software. A customizable Juniper Networks product with which service providers can rapidly deploy IP services—such as video on demand (VoD), IP television, stateful firewalls, Layer 3 virtual private networks (VPNs), and bandwidth on demand (BoD)—to hundreds of thousands of subscribers over a variety of broadband access technologies.

Interface that provides specific capabilities for manipulating traffic before it is delivered to its destination; for example, the adaptive services interface and the tunnel services interface.

See Also network interface.

Resource Reservation Protocol (RSVP) message object used to control the priority, preemption, affinity class, and local rerouting of the label-switched path (LSP).

Switching and Forwarding Module. On an M160 router, a component of the Packet Forwarding Engine (PFE) that provides route lookup, filtering, and switching to Flexible PIC Concentrators (FPCs).

Small Form-factor Pluggable transceiver. A transceiver that provides support for optical or copper cables. SFPs are hot-insertable and hot-removable.

See Also XFP.

Serving GPRS Support Node. Device in the mobile network that requests PDP contexts with a GGSN.

Secure Hash Algorithm 1. A secure hash algorithm standard defined in FIPS PUB 180-1 (SHA-1). Developed by the National Institute of Standards and Technology (NIST), SHA-1 (which effectively replaces SHA-0) produces a 160-bit hash for message authentication. Longer-hash variants include SHA-224, SHA-256, SHA-384, and SHA-512 (sometimes grouped under the name “SHA-2”). SHA-1 is more secure than Message Digest 5 (MD5).

See Also hashing, MD5.

Unnumbered point-to-point intra-area link advertised by a type 1 link state advertisement (LSA).

In class of service (CoS), controls the maximum rate of traffic transmitted on an interface.

See Also traffic shaping.

Allocation of separate pools of shared resources to subsets of logical interfaces belonging to the same physical port.

Multicast forwarding tree established from the rendezvous point (RP) to the last hop router for a particular group address.

Symmetric high-speed digital subscriber line. A standardized multirate symmetric DSL that transports rate-adaptive symmetrical data across a single copper pair at data rates from 192 Kbps to 2.3 Mbps, or from 384 Kbps to 4.6 Mbps over two pairs, covering applications served by HDSL, SDSL, T1, E1, and services beyond E1. SHDSL conforms to the following recommendations: ITU G.991.2 G.SHDSL, ETSI TS 101-524 SDSL, and the ANSI T1E1.4/2001-174 G.SHDSL.

See Also G.SHDSL.

Location of the Multiprotocol Label Switching (MPLS) header in a data packet. The JUNOS software always places (shims) the header between the existing Layer 2 and Layer 3 headers.

See SPF.

See SPT.

Switch Interface Board. On a T640 routing node, provides the switching function to the destination Packet Forwarding Engine (PFE).

In traffic engineering, an explicit path; that is, a path determined using Resource Reservation Protocol (RSVP) signaling. The ERO carried in the packets contains the explicit path information.

See SNMP.

Interface that treats packets it receives from itself as the result of a software loopback process. The interface does not consider these packets when determining whether the interface is functional.

Optical fiber designed for transmission of a single ray or mode of light as a carrier and used for long-distance signal transmission. For short distances, multimode fiber is used.

See Also MMF.

Session Initiation Protocol. An Adaptive Services application protocol option used for setting up sessions between endpoints on the Internet. Examples include telephony, fax, videoconferencing, file exchange, and person-to-person sessions.

System Network Architecture. IBM proprietary networking architecture consisting of a protocol stack that is used primarily in banks and other financial transaction networks.

Simple Network Management Protocol. A protocol governing network management and the monitoring of network devices and their functions.

In Resource Reservation Protocol (RSVP), controls state in hosts and routers that expires if not refreshed within a specified amount of time.

Synchronous Optical Network. A high-speed (up to 2.5 Gbps) synchronous network specification developed by Bellcore and designed to run on optical fiber. STS1 is the basic building block of SONET. Approved as an international standard in 1988.

See Also SDH.

Multicast forwarding tree established from the source of traffic to all interested receivers for a particular group address. It is often used in a Dense-mode forwarding environment.

Method of operating a multicast domain where sources of traffic and interested receivers meet at a central rendezvous point (RP). A Sparse-mode network assumes that there are very few receivers for each group address.

Shortest Path First. An algorithm used by Intermediate System-to-Intermediate System Level 1 (IS-IS) and Open Shortest Path First (OSPF) to make routing decisions based on the state of network links. Also called the Dijkstra algorithm.

Security Parameter Index. In IPSec, a numeric identifier used with the destination address and security protocol to identify a security association (SA). When Internet Key Exchange (IKE) is used to establish an SA, the SPI is randomly derived. When manual configuration is used for an SA, the SPI must be entered as a parameter.

Service Profile Identifier. Used only in Basic Rate Interface (BRI) implementations of the Integrated Services Digital Network (ISDN). The SPID specifies the services available on the service provider switch and defines the feature set ordered when the ISDN service is provisioned.

Method used in distance-vector networks to avoid routing loops. Each router does not advertise routes back to the neighbor from which it received them.

Strict-priority queuing. A dequeuing method that provides a special queue that is serviced until it is empty. The traffic sent to this queue tends to maintain a lower latency and more consistent latency numbers than traffic sent to other queues.

See Also APQ.

Shortest-path tree. An algorithm that builds a network topology that attempts to minimize the path from one router (the root) to other routers in a routing area.

Structured Query Language. International standard language used to create, modify, and select data from relational databases.

Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) port for the source IP address in a packet.

Signaling System 7. A protocol used in telecommunications for delivering calls and services.

Source service access point. Device that identifies the origin of an LPDU on a data link switching (DLSw) network.

System and Switch Board. On an M20 router, a Packet Forwarding Engine (PFE) component that performs route lookups and component monitoring and monitors Flexible PIC Concentrator (FPC) operation.

Secure Shell. A protocol that uses strong authentication and encryption for remote access across a nonsecure network. SSH provides remote login, remote program execution, file copy, and other functions. In a Unix environment, SSH is intended as a secure replacement for rlogin, rsh, and rcp.

Secure Shell with Transport Layer Security. A combination of two standard methods used to secure communications over the Internet. TLS is the name of a standard protocol based on SSL 3.0 and is defined in RFC 2246. In combination, SSH/TLS is also known as SSHv2 and uses FIPS-restricted cipher sets in a FIPS environment.

Secure Sockets Layer. A protocol that encrypts security information using public-private key technology, which requires a paired private key and authentication certificate, before transmitting data across a network.

Source-specific multicast. A service that allows a client to receive multicast traffic directly from the source. Typically, SSM uses a subset of the Physical Interface Module (PIM) Sparse-mode functionality along with a subset of IGMPv3 to create a shortest-path tree (SPT) between the client and the source, but it builds the SPT without the help of a rendezvous point (RP).

Switch-to-Switch Protocol. Protocol implemented between two data link switching (DLSw) routers that establishes connections, locates resources, forwards data, and handles error recovery and flow control.

Synchronous static random access memory. Used for storing routing tables, packet pointers, and other data such as route lookups, policer counters, and other statistics to which the microprocessor needs quick access.

Transport mode that allows multiple applications to tunnel the Protocol Data Units of their Layer 2 protocols over an Asynchronous Transfer Mode (ATM) virtual circuit. You use this transport mode to tunnel IP packets over an ATM backbone.

See Also AAL5 mode, cell-relay mode, Layer 2 circuits, trunk mode.

Problem that occurs when lower-priority traffic, such as data and protocol packets, is locked out (starved) because a higher-priority queue uses all of the available transmission bandwidth.

Type of firewall filter that evaluates the context of connections, permits or denies traffic based on the context, and updates this information dynamically. Context includes IP source and destination addresses, port numbers, Transmission Control Protocol (TCP) sequencing information, and TCP connection flags. The context established in the first packet of a TCP session must match the context contained in all subsequent packets if a session is to remain active.

See Also stateless firewall filter.

Recovery strategy that preserves parameters concerning the history of connections, sessions, or application status before failure.

See Also stateless firewall recovery.

Type of firewall filter that statically evaluates the contents of packets transiting the router and packets originating from or destined for the routing engine (RE). Packets are accepted, rejected, forwarded, or discarded and collected, logged, sampled, or subjected to classification according to a wide variety of packet characteristics. Sometimes called access control lists (ACLs) or simply firewall filters, stateless firewall filters protect the processes and resources owned by the RE. A stateless firewall filter can evaluate every packet, including fragmented packets. In contrast to a stateful firewall filter, a stateless firewall filter does not maintain information about connection states.

See Also stateful firewall filter.

Recovery strategy that does not attempt to preserve the history of connections, sessions, or application status before failure.

See Also stateful firewall recovery.

See static path.

In the context of traffic engineering, a static route that requires hop-by-hop manual configuration. No signaling is used to create or maintain the path. Also called a static LSP.

Explicitly configured route that is entered into the routing table. Static routes have precedence over routes chosen by dynamic routing protocols.

One of three methods of learning the rendezvous point (RP) to group address mapping in a multicast network. Each router in the domain must be configured with the required RP information.

System reference point/terminal reference point interface. A four-pair connection between the Integrated Services Digital Network (ISDN) provider service and the customer terminal equipment.

Synchronous transport module. CCITT specification for SONET at 155.52 Mbps.

In the context of traffic engineering, a route that must go directly to the next address in the path. (Definition from RFC 791, modified to fit LSPs.)

Routers in a Multiprotocol Label Switching (MPLS) named path that must be directly connected to the previous router in the configured path.

Synchronous transport signal. Synchronous transport signal level 1 is the basic building block signal of SONET, operating at 51.84 Mbps. Faster SONET rates are defined as STS-n, where n is an integer by which the basic rate of 51.84 Mbps is multiplied.

See Also SONET.

In Open Shortest Path First (OSPF), an area through which, or into which, Autonomous System (AS) external advertisements are not flooded.

Symmetric high-speed digital subscriber line (SHDSL) transceiver unit—central office. Equipment at the telephone company central office that provides SHDSL connections to remote user terminals.

Symmetric high-speed digital subscriber line (SHDSL) transceiver unit—remote. Equipment at the customer premises that provides SHDSL connections to remote user terminals.

Part of a point-to-multipoint label-switched path (LSP). A sub-LSP carries traffic from the main LSP to one of the egress Provider Edge (PE) routers. Each point-to-multipoint LSP has multiple sub-LSPs.

See Also point-to-multipoint LSP.

Number of bits of the network address used for the host portion of a Class A, Class B, or Class C IP address.

Value that reduces the maximum allowable peak rate by limiting the High-level Data Link Control (HDLC)-encapsulated payload. The subrate value must exactly match that of the remote channel service unit (CSU).

Open Shortest Path First (OSPF) link-state advertisement (LSA) flooded throughout the advertisement’s associated areas by area border routers (ABRs) to describe the routes that they know about in other areas.

Switched virtual connection. A dynamically established, software-defined logical connection that stays up as long as data is being transmitted. When transmission is complete, the software tears down the SVC.

See Also PVC.

System identifier. Portion of the ISO nonclient peer. The system ID can be any six bytes that are unique throughout a domain.

System log. A method for storing messages to a file for troubleshooting or record-keeping. It can also be used as an action within a firewall filter to store information to the messages file.

Basic physical layer protocol used by the Digital Signal level 1 (DS1) multiplexing method in North America. A T1 interface operates at a bit rate of 1.544 Mbps and can support 24 DS0 channels.

Physical layer protocol used by the Digital Signal level 3 (DS3) multiplexing method in North America. A T3 interface operates at a bit rate of 44.736 Mbps.

Terminal Access Controller Access Control System Plus. Authentication method for validating users who attempt to access the router using Telnet.

Queue management algorithm for dropping packets from the input end (tail) of the queue when the length of the queue exceeds a configured threshold.

See Also RED.

Generic designator for any of several digitally multiplexed telecommunications carrier systems originally developed by Bell Labs and used in North America and Japan.

Tricolor marking. Traffic policing mechanism that extends the functionality of class-of-service (CoS) traffic policing by providing three levels of drop precedence (loss priority or PLP) instead of two. There are two types of TCM: single-rate and two-rate. The JUNOS software currently supports two-rate TCM only.

See Also trTCM.

Transmission Control Protocol. Works in conjunction with IP to send data over the Internet. Divides a message into packets and tracks the packets from point of origin to destination.

Unix packet monitoring utility used by the JUNOS software to view information about packets sent or received by the routing engine (RE).

Well-known port number used by the Border Gateway Protocol (BGP) to establish a peering session with a neighbor.

Time-Division Multiplex Access. A type of multiplexing in which two or more channels of information are transmitted over the same link, where the channels take turns to use the link. Each link is allocated a different time interval (“slot” or “slice”) for the transmission of each channel. For the receiver to distinguish one channel from the other, some kind of periodic synchronizing signal or distinguishing identifier is required.

See Also GSM.

Terminal Endpoint Identifier. A terminal endpoint can be any Integrated Services Digital Network (ISDN)-capable device attached to an ISDN network. The TEI is a number between 0 and 127, where 0 through 63 are used for static TEI assignment, 64 through 126 are used for dynamic assignment, and 127 is used for group assignment.

Action in a routing policy or firewall filter that halts the logical software processing of a policy or filter.

Used in a routing policy or firewall filter to segment the policy or filter into small match and action pairs.

JUNOS software routing policy match type representing all routes that fall between the two supplied prefixes in the route filter.

See TDMA.

Channel derived from a given frequency and transmitted over a single wire or wireless medium. The channel is preassigned a time slot whether or not there is data to transmit.

Used in a distance-vector protocol to ensure that the current route is still usable for forwarding traffic.

Trivial Network Protocol. A Juniper Networks proprietary protocol automatically configured on an internal interface by the JUNOS software. TNP is used to communicate between the routing engine (RE) and components of the Packet Forwarding Engine (PFE), and is critical to the operation of the router.

Used in a rate-policing application to enforce an average bandwidth while allowing bursts of traffic up to a configured maximum value.

Type of service. The method of handling traffic using information extracted from the fields in the ToS byte to differentiate packet flows.

Open Shortest Path First (OSPF) area type that prevents Type 3, 4, and 5 link state advertisements (LSAs) from entering the nonbackbone area.

Process of selecting the paths chosen by data traffic to balance the traffic load on the various links, routers, and switches in the network. (Definition from http://www.ietf.org/internet-drafts/draft-ietf-mpls-framework-04.txt.)

See Also MPLS.

In Differentiated Services-aware traffic engineering, a paired class type and priority.

In Differentiated Services-aware traffic engineering, a map among the class types, priorities, and traffic engineering classes. The traffic engineering class mapping must be consistent across the Differentiated Services domain.

Examines traffic flows and discards or marks packets that exceed service-level agreements (SLAs).

Method used to capture individual packet information of traffic flow at a specified time period. The sampled traffic information is placed in a file and stored on a server for various types of analysis.

See Also packet capture.

Reduces the potential for network congestion by placing packets in a queue with a shaper at the head of the queue. Traffic shaping tools regulate the rate and volume of traffic admitted to the network.

See Also shaping rate.

Commit-script-generated configuration change that is loaded into the checkout configuration, but not into the candidate configuration. Transient changes are not saved in the configuration if the associated commit script is deleted or deactivated.

See Also persistent change.

Interface that can be configured on a routing platform depending on your network needs. Unlike a permanent interface that is required for router operation, a transient interface can be disabled or removed without affecting the basic operation of the router.

See Also FPC, PIC, permanent interface.

In Open Shortest Path First (OSPF), an area used to pass traffic from one adjacent area to the backbone or to another area if the backbone is more than two hops away from an area.

In Multiprotocol Label Switching (MPLS), any intermediate router in the label-switched path (LSP) between the ingress router and the egress router.

IPSec mode of operation in which the data payload is encrypted, but the original IP header is left untouched. The IP addresses of the source or destination can be modified if the packet is intercepted. Because of its construction, transport mode can be used only when the communication endpoint and cryptographic endpoint are the same. Virtual private network (VPN) gateways that provide encryption and decryption services for protected hosts cannot use transport mode for protected VPN communications.

See Also tunnel mode.

See data plane.

Reports significant events occurring on a network device, most often errors or failures. Simple Network Management Protocol (SNMP) traps are defined in either standard or enterprise-specific Management Information Bases (MIBs).

Used in a distance-vector protocol to reduce the time for the network to converge. When a router has a topology change, it immediately sends the information to its neighbors instead of waiting for a timer to expire.

Two-rate TCM polices traffic according to the color classification (loss priority) of each packet. Traffic policing is based on two rates: the committed information rate (CIR) and the peak information rate (PIR). Two-rate TCM is defined in RFC 2698, “A Two Rate Three Color Marker.”

See Also CIR, PIR.

Layer 2 circuit cell-relay transport mode that allows you to send Asynchronous Transfer Mode (ATM) cells between ATM2 intelligent queuing (IQ) interfaces over a Multiprotocol Label Switching (MPLS) core network. You use Layer 2 circuit trunk mode (as opposed to standard Layer 2 circuit cell-relay mode) to transport ATM cells over an MPLS core network that is implemented between other vendors’ switches or routers. The multiple connections associated with a trunk increase bandwidth and provide failover redundancy.

See Also AAL5 mode, cell-relay mode, Layer 2 circuits, standard AAL5 mode.

Resource Reservation Protocol (RSVP) message object that contains information such as the bandwidth request of the label-switched path (LSP) as well as the minimum and maximum packets supported.

Private, secure path through an otherwise public network.

Last node of a tunnel where the tunnel-related headers are removed from the packet, which is then passed on to the destination network.

Network protocol that encapsulates one protocol or session inside another. When protocol A is encapsulated within protocol B, A treats B as though it were a Data Link layer. Tunneling can be used to transport a network protocol through a network that would not otherwise support it. Tunneling can also be used to provide various types of virtual private network (VPN) functionality such as private addressing.

IPSec mode of operation in which the entire IP packet, including the header, is encrypted and authenticated and a new virtual private network (VPN) header is added, protecting the entire original packet. This mode can be used by both VPN clients and VPN gateways, and protects communications that come from or go to non-IPSec systems.

See Also transport mode.

Provides the capability of a Tunnel Services PIC on an Adaptive Services PIC (ASP).

See Also Tunnel Services PIC.

Physical Interface Card (PIC) that allows the router to perform the encapsulation and de-encapsulation of IP datagrams. The Tunnel Services PIC supports IP-IP, Generic Routing Encapsulation (GRE), and Physical Interface Module (PIM) register encapsulation and de-encapsulation. When the Tunnel Services PIC is installed, the router can be a PIM rendezvous point (RP) or a PIM first hop router for a source that is directly connected to the router.

Routing platform that provides the centralized switching fabric of the routing matrix.

User Datagram Protocol. In Transmission Control Protocol/Internet Protocol (TCP/IP), a connectionless transport layer protocol that exchanges datagrams without acknowledgments or guaranteed delivery, requiring that error processing and retransmission be handled by other protocols.

User reference point interface. A single-pair connection between the local Integrated Services Digital Network (ISDN) provider and the customer premises equipment.

UNI management entity. The code residing in the Asynchronous Transfer Mode (ATM) devices at each end of a UNI (user-to-network interface) circuit that functions as a Simple Network Management Protocol (SNMP) agent, maintaining network and connection information specified in a Management Information Base (MIB).

Universal mobile telecommunications system. Provides third-generation (3G), packet-based transmission of text, digitized voice, video, and multimedia, at data rates up to 2 Mbps.

User-to-network interface. ATM Forum specification that defines an interoperability standard for the interface between a router or an Asynchronous Transfer Mode (ATM) switch located in a private network and the ATM switches located within the public carrier networks. Also used to describe similar connections in Frame Relay networks.

Operation of sending network traffic from one network node to another individual network node.

JUNOS software syntax that represents the logical properties of an interface.

Logical interface that is configured without an IP address.

Border Gateway Protocol (BGP) message that advertises path attributes and routing knowledge to an established neighbor.

Used in a distance-vector protocol to advertise routes to a neighbor on a regular basis.

Uninterruptible power supply. A device that sits between a power supply and a router or other device and prevents power-source events, such as outages and surges, from affecting or damaging the device.

JUNOS software routing policy match type representing all routes that share the same most-significant bits and whose prefix length is smaller than the supplied subnet in the route filter.

Coordinated Universal Time. Historically referred to as Greenwich Mean Time (GMT), a high-precision atomic time standard that tracks Universal Time (UT) and is the basis for legal civil time all over the world. Time zones around the world are expressed as positive and negative offsets from UTC.

UMTS Terrestrial Radio Access Network. The WCDMA radio network in UMTS.

Variable bit rate. For ATM1 and ATM2 intelligent queuing (IQ) interfaces, data that is serviced at a varied rate within defined limits. VBR traffic adds the ability to statistically oversubscribe user traffic.

Virtual circuit. A software-defined logical connection between two network devices that is not a dedicated connection but acts as though it is. It can be either permanent (PVC) or switched (SVC). VCs are used in Asynchronous Transfer Mode (ATM), Frame Relay, and X.25. In EX-specific context, VC stands for “Virtual Chassis,” which refers to the interconnection of up to 10 ERX 4200s to form a single logical entity.

See Also VPI, VCI, PVC, SVC.

1. Vapor corrosion inhibitor. Small cylinder packed with the router that prevents corrosion of the chassis and components during shipment. 2. Virtual circuit identifier. A 16-bit field in the header of an Asynchronous Transfer Mode (ATM) cell that indicates the particular virtual circuit the cell takes through a virtual path. Also called a logical interface.

See Also VPI.

Enables queuing, packet scheduling, and accounting rules to be applied to one or more logical interfaces.

See Also virtual channel group.

Combines virtual channels into a group and then applies the group to one or more logical interfaces.

See Also virtual channel.

Represents a logical connection between two Layer 2 devices in a network.

In Open Shortest Path First (OSPF), a link created between two routers that are part of the backbone but are not physically contiguous.

See VT.

Combination of multiple virtual circuits between two devices in an Asynchronous Transfer Mode (ATM) network.

Virtual LAN. A logical group of network devices that appear to be on the same LAN, regardless of their physical location. VLANs are configured with management software, and are extremely flexible because they are based on logical, rather than physical, connections.

Tagged frame whose tag header carries both virtual LAN (VLAN) identification and priority information.

Virtual path identifier. An 8-bit field in the header of an Asynchronous Transfer Mode (ATM) cell that indicates the virtual path the cell takes.

See Also VCI.

Virtual private LAN service. An Ethernet-based multipoint-to-multipoint Layer 2 virtual private network (VPN) service used for interconnecting multiple Ethernet LANs across a Multiprotocol Label Switching (MPLS) backbone. VPLS is specified in the IETF draft “Virtual Private LAN Service.”

Virtual private network. A private data network that uses a public Transmission Control Protocol/Internet Protocol (TCP/IP) network, typically the Internet, while maintaining privacy with a tunneling protocol, encryption, and security procedures.

See Also tunneling protocol.

Virtual private network (VPN) routing and forwarding instance. A Virtual Route and Forwarding (VRF) instance for a Layer 3 VPN implementation consists of one or more routing tables, a derived forwarding table, a set of interfaces that use the forwarding table, and a set of policies and routing protocols that determine what goes into the forwarding table.

Routing instance table that stores Virtual Route and Forwarding (VRF) routing information.

See Also VRF instance.

Virtual Router Redundancy Protocol. On Fast Ethernet and Gigabit Ethernet interfaces, allows you to configure virtual default routers.

Virtual loopback tunnel interface. VT interface that loops packets back to the Packet Forwarding Engine (PFE) for further processing, such as looking up a route in a Virtual Route and Forwarding (VRF) routing table or looking up an Ethernet Media Access Control (MAC) address. A virtual loopback tunnel interface can be associated with a variety of Multiprotocol Label Switching (MPLS) and virtual private network (VPN)-related applications, including VRF routing instances, VPLS routing instances, and point-to-multipoint label-switched paths (LSPs).

Method that enables one backup Adaptive Services PIC (ASP) to support multiple active ASPs, without providing guaranteed recovery times.

Wide Area Network Physical Layer Device. A physical layer device that allows 10 Gigabit Ethernet wide-area links to use fiber-optic cables and other devices intended for SONET/SDH.

See Also LAN PHY, PHY.

Wireless Application Protocol. A standard protocol that enables mobile users to access the Internet in a limited fashion if WAP is supported and enabled on the mobile device, server, and wireless network. WAP users can send and receive email and access websites in text format only (WAP does not support graphics).

Wideband Code Division Multiple Access. Radio interface technology used in most third-generation (3G) systems.

Wavelength-division multiplexing. Technique for transmitting a mix of voice, data, and video over various wavelengths (colors) of light.

Windows Internet Name Service. A Windows name resolution service for network basic input/output system (NetBIOS) names. WINS is used by hosts running NetBIOS over TCP/IP (NetBT) to register NetBIOS names and resolve NetBIOS names to IP addresses.

Weighted round-robin. Scheme used to decide the queue from which the next packet should be transmitted.

Standard that defines a type of pluggable fiber-optic transceiver module that is compatible with the 10 Gigabit Ethernet (10 GE) standard.

10 Gigabit Ethernet fiber-optic transceiver. XENPAK modules are hot-insertable and hot-removable.

See Also MSA.

See MSA.

Media type that supports a link length of 26 meters on standard Fiber Distributed Data Interface (FDDI)-grade multimode fiber (MMF). Up to 300-meter link lengths are possible with 2000 MHz/km MMF (OM3).

Media type used for long-reach, single-mode (80–120 km) 10 Gigabit Ethernet metro applications.

10 Gigabit Small Form-factor Pluggable transceiver. A transceiver that provides support for fiber-optic cables. XFPs are hot-insertable and hot-removable.

See Also SFP.

Extensible Markup Language. Language used for defining a set of markers, called tags, which define the function and hierarchical relationships of the parts of a document or data set.

Definition of the elements and structure of one or more Extensible Markup Language (XML) documents. Similar to a document type definition (DTD), but with additional information and written in XML.

Exclusive or. A logical operator (exclusive disjunction) in which the operation yields the result of true when one, and only one, of its operands is true.

Standard used in Extensible Stylesheet Language for Transformations (XSLT) to specify and locate elements in the input document’s Extensible Markup Language (XML) hierarchy. XPath is fully described in the World Wide Web Consortium (W3C) specification at http://w3c.org/TR/xpath.

Extensible Stylesheet Language for Transformations. A standard for processing Extensible Markup Language (XML) data developed by the World Wide Web Consortium (W3C). XSLT performs XML-to-XML transformations, turning an input XML hierarchy into an output XML hierarchy. The XSLT specification is on the W3C website at http://www.w3c.org/TR/xslt.

Process of removing all sensitive information, such as cryptographic keys and user passwords, from a router running JUNOS-FIPS.