APAC Cohesion: Juniper Automated WAN Systems (JAWS) Tech Roundup Q4-2022

Focusing on Paragon AI Driven Core Network Routing

Presented by Juniper Networks

Agenda

PTX Use Cases for Peering
MX10004 Modular 400G MSE
MX304 Compact 400G MSE

#1 Peering Vendor at London Internet Exchange

Juniper Networks holds the leading position as the #1 peering vendor at the London Internet Exchange, with 47.73% of deployed routers being Juniper-manufactured. This data is based on MAC address statistics from May 22, 2022.

Bar chart showing Juniper with 47.73%, Cisco with 38.86%, Arista with 5.03%, Huawei with 3.75%, Nokia with 2.56%, and Brocade with 2.07% market share among peering vendors at the London Internet Exchange.

Evolution of Express ASIC

Juniper's Express ASIC has seen continuous evolution, enhancing performance and capabilities across generations:

ASIC Generation	Slot Capacity (Gbps)	Key Features	Timeline
Express 1	120G/Chip, 1T/Slot	N/A	2012 (Broadway)
Express 2	500G/Chip, 3T/Slot, 3T/RU Fixed	Telemetry, IPFIX/JFlow, 2M+ FIB, Flexible Packet Processing	2016 (Paradise)
Express 3	1T/Chip, 8T & 16T Fixed	Up to 100GE MACSEC	2019 (ZX)
Express 4	3.6T/Chip, 14.4T/Slot, 9.6T Fixed	8M Counters, Up to 400GE MACSEC, SRv6, HQoS, BIER	2020 (BT)
Express 5	28.8T/Chip, 28.8T/Slot, 28.8T Fixed	Designed for 800GE, Up to 800GE MACSEC, INT-MD, Native IPFIX Export, 10M+ FIB	2022+ (BX)

PTX Product Portfolio: 400GE Generation

Juniper's PTX Series offers a range of fixed and modular platforms, along with line cards, designed for high-performance 400GE networking.

Product	Form Factor	Capacity	Port Configuration	Power (kW)
PTX10003	3RU, Fixed	8T to 16T	16-32 x 400GE, 80-160 x 100GE	1.6 - 3.1
PTX10001-36MR	1RU, Fixed	9.6T	24 x 400GE, 108 x 100GE	1.3
PTX10004	7RU, Fixed	57.6T	144 x 400GE, 576 x 100GE	11
PTX10008	13RU, Modular	115.2T	288 x 400GE, 1152 x 100GE	18
PTX10016	21RU, Modular	230.4T	576 x 400GE, 2304 x 100GE	TBD
LC1201-36CD	Line Card	14.4T	36 x 400GE, 144 x 100GE	N/A
LC1202-36MR	Line Card	4.8T	4 x 400G + 32 x 100G	N/A

The portfolio includes fixed and modular systems, as well as line cards, supporting 400GE and 100GE interfaces.

PTX10001-36MR: 9.6T Switching Capacity

The PTX10001-36MR offers 9.6T switching capacity with 24 QSFP56-DD ports and 12 QSFP28 ports. It is designed for applications such as peering, aggregation, content delivery networks, and data center interconnects, with metro connectivity enabled by 400GE QSFP ZR and ZR+.

Illustration of the PTX10001-36MR front panel showing port layout (e.g., 0/0, 0/1, 0/2) and interface types (400G, 100G) across different PICs and PFE modules.

Key features include secure MACsec connectivity, flexible filtering, high packet performance, and extensive statistics collection.

Metric	Value
Standard Power (W)	1.2-1.3KW
400GE	24 ports
100GE w/ QSFP28	36 ports
100GE w/ QSFP28DD	60 ports
100GE w/ QSFP56DD BO	108 ports
10GE w/ QSFPP BO	120 ports

EANTC Verification Test Results

Juniper PTX routers have undergone rigorous testing by EANTC, demonstrating superior performance in core and peering benchmarks compared to Cisco.

Charts illustrating EANTC test results for FIB Scale (M), Filter Scale (K), Sampling (K), and Performance. The results show Juniper PTX routers significantly outperforming Cisco in FIB scale and sampling.

Diagram of the EANTC test setup featuring Spirent TestCenter, Juniper PTX routers, and network connections (Internet Provider, Consumer Network, Corporate Network).

Table 8: FIB Scale Results of PTX10001-36MR and PTX10008-LC1201
IP Prefix Type	Packet Size	Maximum No. of installed Routes in FIB	Throughput per 400GbE Port, bi-directional	Packet Loss Percentage
IPv4 Consecutive	IMIX	4M	320 Gbp/s	0.00%
IPv4 Internet	IMIX	3.32M	320 Gbp/s	0.00%
IPv6 Consecutive IP prefix length /64	IMIX	2M	320 Gbp/s	0.00%
IPv6 Consecutive IP prefix length /126	IMIX	900,000	320 Gbp/s	0.00%
IPv6 Internet	IMIX	420,000	320 Gbp/s	0.00%

External links to the EANTC report and related Juniper blogs are provided for further details.

PTX & MX: SmartWall TDD 11.5 Summary

This section summarizes the integration of MX and PTX series with SmartWall TDD 11.5 for enhanced network security and visibility.

Integration of MX and PTX series.
Continuous monitoring of mirror traffic.
Detection and mitigation in under 10-20 seconds.
Juniper Trio ASIC-based payload matching.

Diagram illustrating the SmartWall TDD system architecture. It shows data flow from network devices (Cybercriminals, Real Users, IoT Botnets) through mirror traffic and ingress ports to the SmartWall TDD system, which then processes traffic and interacts with the SP Network and Juniper MX Series Universal Routing Platform to protect customers.

Continuous Monitoring: Mirror samples and streaming telemetry from Juniper MX and PTX routers are fed into the TDD system.

Real-time Detection: Corero TDD inspects all packets and automatically detects large-scale DDoS attacks within seconds.

Line-rate Mitigation and Visibility: TDD automatically generates firewall filters to block DDoS packets via NETCONF, and integrates with Splunk for comprehensive visibility before, during, and after attacks.

Monitoring and Mitigation Approach

This table compares the capabilities of MX and PTX platforms regarding traffic collection, attack protection/mitigation, and telemetry/visibility, using Junos Integrated and BGP Flowspec.

Capability	MX		PTX (Junos Evo)		Information
	Junos Integrated	BGP Flowspec	Junos Integrated	BGP Flowspec
Traffic Collection/Awareness	■ Packet Mirroring	■	■ Packet Mirroring	■	Recommended methods for sending network traffic to TDD.
Attack Protection/Mitigation	■ Firewall Filter	■	■ Firewall Filter	■	5-tuple, fragment flag, packet length, TTL, TCP flags. Trio & MX Flex Payload Matching. Actions: Block, Detect, Redirect, Policier (Rate Limit).
	■ BGP Flowspec Policy	-	■ BGP Flowspec Policy	-	5-tuple matching. Actions: Block, Redirect, Policier (Rate Limit).
Telemetry/Visibility	■ Junos Native and gRPC	■	■ Junos Native and gRPC	■	Supports both Junos Native (UDP) and gRPC for telemetry.
	■ Multi-tenant Portal	■	■	■	Optional add-on (J-COR-PORTAL-...).
	■ IP Intelligence Plugin (GeoIP & ASN)	■	■	■	Optional add-on (J-COR-INTEL...).

Note: Solid squares (■) indicate full support. Purple squares indicate telemetry not supported by BGP Flowspec. A star indicates TDD v10.3+ or TDD v11.5+ requirement.

PTX10001-36MR Power Consumption

The PTX10001-36MR power estimator provides insights into the power usage based on different configurations.

PTX10001-36MR Power Estimator
FRU	Number of FRUs in system	Typical FRU Power (W)	Maximum FRU Power (W)	Typical Power for all FRUs (W)	Maximum Power for all FRUs (W)
PTX10001-36MR	1	1344	1558	1344	1558
400G Optics (FR4, DR4, 4x1)	24	12	14	288	336
400G Optics (ZR)	0	20	20	0	0
100G Optics (SR4, LR4, CWDM)	12	3.5	3.5	42	42
Total Power				1674	1936

Key points:

Actual power consumption depends on the fiber optics used.
The base system's maximum power consumption is 1558W (with 3PFE enabled).
Power can be saved by turning off unused ASICs; turning off one ASIC saves approximately 130W.

PTX10001-36MR Licensing

The PTX10001-36MR offers flexible licensing options based on bandwidth and feature tiers.

Diagram illustrating licensing tiers: Premium2, Premium1, Advanced2, Advanced1, and Base HW. Each tier includes specific use cases and features, with varying scale capabilities (FIB, RIB, VRF, LSP).

Bandwidth licensing is based on aggregated configuration bandwidth. For example:

Example 1: 400 + 400 + 100 + 100 = 1000 Gbps
Example 2: 100 + 40 + 100 + 100 = 340 Gbps

Minimum attach rate for 400G increments is 3 * 400G.

MX10004 Modular 400G MSE & MX304 Compact 400G MSE

Introduction to the MX10004 Modular 400G MSE and MX304 Compact 400G MSE platforms.

Juniper Trio: Packet Forwarding Processor

Juniper Trio is a multi-service, custom-designed packet processing engine known for its advanced architecture.

Architecture: Matrix of processing engines (non-pipelined), highly programmable, single-chip design.
Features: Turbo Filter, integrated MACSEC, Telemetry Export, integrated H-QOS, large-scale H-QOS, route and flow scaling.
PHY Timestamp: Enables programmable packet processing.

Timeline showing the evolution of Juniper Trio ASICs from Trio 1.0 (2009) to Trio 7.0 (Planned). Each generation (2.0, 3.0, 4.0, 5.0, 6.0) introduced enhanced features and performance, including support for 400GE and improved power efficiency.

Introduction of New MX10004 and MX304 Platform Scale-out

Juniper introduces new MX10004 and MX304 platforms designed for service providers, cloud, and enterprise customers, offering enhanced scalability in smaller form factors.

Feature	MX304	MX10004
System Capacity	3.2T or 4.8T (Dual or Single RE)	Up to 38.4T
Rack Unit	2RU	7RU
Packet Forwarding	TRIO 6 ASIC + ZF Fabric	TRIO ASIC + ZF Fabric
Standard Power	~ 1.5KW	~ 7.5KW
Processor (RE)	Intel Ice Lake 8-Core	Intel Broadwell 10-Core

These platforms are designed for service providers, cloud, and enterprise markets, offering a smaller form factor with significant scalability.

MX10004: MX10K Compact Modular

The MX10K modular family is expanded with the addition of a universal compact chassis. This allows for reuse of MX10K4/8/16 line cards and chassis common components (RE, PSU), enabling large-capacity, distributed deployments.

Supports 400G MACSEC.
Overview: Features 4 line card slots, redundant REs (1+1), fabric cards (5+1), power supplies (2+1), and fan trays (1+1). Chassis depth is 889mm (1005.68mm with fan tray, handle, air filter).

MX10K-LC480 Line Card:

480G capacity, based on 2x Trio4.0 ASICs.
Supports 48x10GE/1GE and 1G Cu SFP ports.
Offers support for Advanced Timing & MACSec.

MX10K-LC9600 Line Card:

24 ports of 400GE via QSFP56 DD.
96 ports of 100GE via 4x100GE QSFP56 DD optics.
Supports 48x100G using Mini CS connectors with 2x100GE optics.
Supports 24x100G using single 100GE optics.

Illustration of the MX10004 chassis showing 4 slots for line cards. Images of the MX10K-LC480 and MX10K-LC9600 line cards with their port configurations (e.g., 1.9T for LC480, 9.6T/38.4T for LC9600) and interface types (1G/10G, 400GE, 100GE).

MX304

The MX304 features redundant control planes, power, and cooling, designed for high-performance networking.

Illustration of the MX304 chassis showing Routing Engine 0 and Routing Engine 1/Interface Card slots, with numerous 400G and 100G ports on the interface cards. The chassis is 2RU.

Highlights:

Capacity: 3.2T with 8x400G QSFP56DD / 32x 100G QSFP28, or 4.8T with 12x400G QSFP56DD / 48x100G QSFP28 (single RE).
Features: Supports MACsec, Class C* timing features, FIPS-CC, GR-3160-CORE.
Environment: Operates at ambient temperatures of 0-40°C @ 6000 ft (DC-NEBS).
Licensing: Supports Pay-As-You-Go (PAYG) bandwidth licensing from 800G to 1.6Tbps (roadmap for H1 2023).
Connectivity: Supports 1GE (max packet size 2008 bytes) (roadmap for H1 2023), no copper or color optics, QSA/breakout cable options available.
Services: BNG support (roadmap).

LMIC Removal/Replacement:

Step-by-step diagrams showing the procedure for removing and inserting LMIC (Line Module Interface Card) on the MX304. This involves taking the MPC offline, waiting for LMIC LEDs to turn off, safely unplugging/replacing the LMIC, and then bringing the MPC back online.

Port Configuration

Detailed port configuration options for QSFP28/QSFP+ ports, including breakout modes and port dependencies.

Diagram illustrating port grouping (PG 0, PG 1, PG 2, PG 3) and port configuration rules. It shows how ports can be configured for 4x10/25GE, 2 ports of 40GE, or 4 ports of 10/25G with QSA adapters. It also details port dependencies in breakout mode, indicating which ports support specific configurations and when upper even ports are disabled.

Another diagram showing port configurations for 400GE and All 100G ports, detailing breakout options and supported configurations, including port dependencies and when ports are disabled.

MX304 Licensing and Ordering

This section outlines the licensing structure for the MX304, including Premium, Advanced, and Base tiers, and explains the license SKU decoder.

License Tiers:

Premium Tier (includes Advanced Tier features): Large-scale IP-VPN (>32), Large-scale Multicast VPN (>8), IP Fabric (SRv6, SRm6), L3VPNs/BNG, Inline NAT, Inline MDI, 1:1 Inline jflow.
Advanced Tier: Internet eBGP Peering, BGP Multihoming, EPE, BGP PIC, BGP Flowspec, All L2 Services (E-LINE, E-LAN, E-TREE), limited IP VPNs (32), limited NG-MVPN (8), all MPLS transport (LDP, RSVP-TE, SR, SR-TE, MPLS-FRR), IP Fabric (GRE, MPLS0UDP, VxLAN, IPinIP), Streaming Telemetry, SNMP, Policier, Firewall Filter, jflow, sFlow, VLAN queuing, Timing, OAM (BFD, CFM/LFM, MPLS/SR, service OAM, RPM, TWAMP).
Base Tier (included by default): Port and single-level VLAN (dot1Q), LAG for bridging.

License SKU Decoder:

Diagram explaining the MX304 License SKU Decoder. It shows how to select the MX chassis (BASE, RE, PREM) and the license components (LMIC, S-MX-(N)C-(XX)-C1-(Y)). The decoder explains fields for number of 100G ports (N), license term (Y: 1, 3, 5 years, or Perpetual), and SKU class (C1 for MX204, MX10K3, MX304). It also indicates options for Advanced (A1) or Premium (P1).

Note: 100G increments. Minimum attach rate is 8 * 100G per MX304-LMIC16.

	Juniper Validated Design for Enterprise WAN Advanced Core and Edge Services A comprehensive guide to deploying Juniper Networks solutions for advanced enterprise WAN core and edge services, focusing on MPLS-based backbones, EVPN, and Segment Routing for enhanced connectivity, scalability, performance, and security.
	Juniper Paragon Automation 2.1.0 Supported Hardware This document lists the hardware devices, both Juniper Networks and Cisco Systems, that can be managed through Juniper Paragon Automation version 2.1.0.
	Junos OS Evolved Release Notes 23.2R2 Release notes for Junos OS Evolved Release 23.2R2, detailing new and updated features, software limitations, and open issues for various Juniper Networks devices.
	Junos OS Evolved Release 21.1R1 Release Notes for PTX and QFX Devices This document provides release notes for Junos OS Evolved Release 21.1R1, detailing new features, changes, limitations, and resolved issues for Juniper Networks PTX10001-36MR, PTX10003, PTX10004, PTX10008, QFX5130-32CD, and QFX5220 devices.
	Juniper PTX10000 Series Modular Routers Datasheet Comprehensive datasheet for Juniper Networks PTX10000 Series modular routers, detailing their features, specifications, silicon innovations, and deployment capabilities for cloud and 5G networks.
	Junos OS Evolved Release 24.2R1 Release Notes Discover the new features, updated functionalities, software limitations, and known issues in Junos OS Evolved Release 24.2R1 for Juniper Networks ACX Series routers. This document details enhancements in areas such as Authentication and Access Control, Class of Service, EVPN, Interfaces, and more.
	PTX10008 Packet Transport Router Hardware Guide A comprehensive hardware guide for the Juniper Networks PTX10008 Packet Transport Router, covering system overview, chassis, cooling, power, routing and control boards, switch fabric, line cards, and troubleshooting.
	Juniper Validated Design: 5G Mobile xHaul with Seamless MPLS Segment Routing Explore Juniper Networks' validated design for 5G xHaul networks, detailing seamless MPLS Segment Routing, ACX7000 series, MX series, and PTX series integration, performance, and QoS for mobile backhaul and fronthaul applications.