2.2 Junos OS Architecture
Key Takeaways
- Junos separates the control plane (Routing Engine) from the forwarding plane (Packet Forwarding Engine), which keeps forwarding fast and predictable even under heavy control activity
- The Routing Engine runs Junos, builds the routing table, and computes the forwarding table; the PFE receives a copy of the forwarding table and moves transit packets at line rate
- Junos is a modular, FreeBSD-based OS where independent daemons (such as rpd, mgd, dcd) handle distinct functions, so one process failing does not crash the whole system
- One Junos: a single, consistent code base and CLI is used across Juniper platforms, so concepts learned on one device transfer to others
- Junos uses a clear software release model with a base architecture that is consistent across hardware, simplifying operations and certification study
Why Junos Architecture Matters for JNCIA-Junos
Quick Answer: Junos OS is built on a strict separation between the control plane, run by the Routing Engine (RE), and the forwarding plane, run by the Packet Forwarding Engine (PFE). The RE runs Junos, builds routing tables, and computes the forwarding table; the PFE forwards transit packets at high speed using a copy of that forwarding table. This split, plus a modular daemon design and the one-Junos code base, is a core JNCIA-Junos objective.
Understanding this architecture explains almost every operational behavior the exam tests: why control-plane load does not necessarily slow forwarding, why a single failing process does not take down the device, and why the routing table and forwarding table are related but distinct.
Routing Engine vs Packet Forwarding Engine
A Juniper device is logically two cooperating systems:
| Component | Plane | Responsibilities |
|---|---|---|
| Routing Engine (RE) | Control plane | Runs the Junos OS, CLI, and management; runs routing protocols; maintains the master routing table; computes the forwarding table; handles system management and configuration |
| Packet Forwarding Engine (PFE) | Forwarding plane | Receives a copy of the forwarding table from the RE; forwards transit traffic at line rate; applies firewall filters, CoS, and other per-packet operations in hardware/microcode |
The RE is the "brain": it decides what the best paths are. The PFE is the "muscle": it moves the packets using the decisions the RE already made. The RE pushes a forwarding-table copy down to the PFE so the PFE never has to consult the RE on a per-packet basis.
+---------------------------+
| Routing Engine (RE) | <- control plane
| Junos OS, rpd, mgd, ... |
| routing table -> FIB |
+-------------+-------------+
| internal link (forwarding table copy)
+-------------v-------------+
| Packet Forwarding Engine | <- forwarding plane
| (PFE): line-rate path |
+---------------------------+
Control Plane vs Forwarding Plane
- Control plane (RE): protocol adjacencies, route computation, configuration, management sessions, and producing the forwarding table. It deals with how the network should behave.
- Forwarding plane (PFE): the actual movement of transit packets, filter evaluation, class-of-service treatment, and statistics. It deals with each packet, right now.
Because the planes are separated, a burst of routing-protocol churn on the control plane does not directly stall the forwarding plane, and conversely heavy transit forwarding does not block the CLI. This separation is the conceptual basis for Routing Engine protection (covered in the next section) — you protect the brain so the muscle keeps working.
Junos Modular Design and Daemons
Junos is a modular operating system built on a hardened FreeBSD-based kernel. Instead of one monolithic program, Junos runs many independent daemons (processes), each owning a specific function. If one daemon fails or restarts, the rest of the system keeps running, which improves stability and availability.
| Daemon | Role |
|---|---|
| rpd (routing protocol daemon) | Runs routing protocols, builds the routing table |
| mgd (management daemon) | Handles the CLI, configuration commits, and management requests |
| dcd (device control daemon) | Manages interface configuration |
| chassisd (chassis daemon) | Monitors and manages hardware components |
| snmpd | Handles SNMP requests |
Knowing that rpd owns routing and mgd owns the CLI/commit is the level of daemon detail JNCIA-Junos expects — you do not need to memorize every process, but you should understand the modular fault-isolation benefit.
The One-Junos Concept
One Junos means Juniper uses a single, consistent Junos code base and operating model across its routing, switching, and security platforms. The benefits the exam expects you to recognize:
- The same CLI structure, configuration hierarchy, and commit model work across product lines.
- Skills and operational knowledge transfer between platforms, lowering training cost.
- Feature behavior is consistent, which simplifies design, troubleshooting, and certification study.
Junos Software Release Model
Juniper ships Junos in a structured release model with a consistent base architecture across hardware. The JNCIA-Junos exam does not require you to memorize specific version numbers; it expects you to understand that Junos follows a predictable, versioned release process and that the underlying architecture (RE/PFE split, modular daemons, one CLI) stays consistent across releases and platforms. This consistency is exactly what makes the one-Junos model valuable operationally.
Which component runs the Junos OS, executes routing protocols, and computes the forwarding table?
Why does Junos copy the forwarding table from the Routing Engine down to the Packet Forwarding Engine?
A single Junos daemon restarts unexpectedly, but the rest of the device keeps operating. Which Junos design property explains this behavior?
What is the practical benefit of the one-Junos concept for a network operator studying for JNCIA-Junos?