Junos High Availability Best Practices For High Network Uptime 1st Edition James Sonderegger

Junos High Availability Best Practices For High
Network Uptime 1st Edition James Sonderegger
download
https://ebookbell.com/product/junos-high-availability-best-
practices-for-high-network-uptime-1st-edition-james-
sonderegger-4681878
Explore and download more ebooks at ebookbell.com

Here are some recommended products that we believe you will be
interested in. You can click the link to download.
Introduction To The Junos Operating System 12a Highlevel Lab Guide
https://ebookbell.com/product/introduction-to-the-junos-operating-
system-12a-highlevel-lab-guide-28383368
Highpriority Asset Juno Rushdan
https://ebookbell.com/product/highpriority-asset-juno-rushdan-44769874
Unusual Waterassisted No Adsorption Over Pdfer Calcined At High
Temperatures The Effect Of Cation Migration Inhak Song
https://ebookbell.com/product/unusual-waterassisted-no-adsorption-
over-pdfer-calcined-at-high-temperatures-the-effect-of-cation-
migration-inhak-song-59174992
Junos Enterprise Routing A Practical Guide To Junos Software And
Enterprise Certification 1st Ed Doug Marschke
https://ebookbell.com/product/junos-enterprise-routing-a-practical-
guide-to-junos-software-and-enterprise-certification-1st-ed-doug-
marschke-2098458

Junos Security Rob Cameron Brad Woodberg Timothy Eberhard And Patricio
Giecco
https://ebookbell.com/product/junos-security-rob-cameron-brad-
woodberg-timothy-eberhard-and-patricio-giecco-2310182
Junos Os For Dummies 2nd Edition Cathy Gadecki Walter J Goralski
https://ebookbell.com/product/junos-os-for-dummies-2nd-edition-cathy-
gadecki-walter-j-goralski-2335334
Junos Enterprise Routing A Practical Guide To Junos Routing And
Certification 2nd Edition 2nd Edition Peter Southwick
https://ebookbell.com/product/junos-enterprise-routing-a-practical-
guide-to-junos-routing-and-certification-2nd-edition-2nd-edition-
peter-southwick-2375442
Junos For Dummies For Dummies Computer Tech Michael Bushong
https://ebookbell.com/product/junos-for-dummies-for-dummies-computer-
tech-michael-bushong-2538394
Junos Cookbook 1st Edition Aviva Garrett
https://ebookbell.com/product/junos-cookbook-1st-edition-aviva-
garrett-4683038

Praise for JUNOS High Availability
“JUNOS High Availability contains all the technical building blocks necessary to plan and
maintain a medical grade network.”
—Jonathan Yantis, Network Engineer, Medical University of South
Carolina
“At Townsend Analytics, our trading clients, using our RealTick trading suite, demand that
our global network maintain an extremely high level of availability. Downtime translates
directly into lost money. JUNOS High Availability has great tips and guides to help
support this environment. It includes everything from conceptual details on software and
hardware, very detailed routing protocol examples, security and auditing, and everything
in between. This book is a must for anyone who is in any way involved in maintaining a
high level of service on their network!”
—Chris Rizzo, Senior Network Engineer, Townsend Analytics
“High availability is such a buzz phrase these days. It’s refreshing to see an approach that
breaks down all of the various conversations and shows what is required for an overall
continuous system. Getting the building blocks right is crucial to having a network that is
truly highly available, and JUNOS High Availability will help you get it right and keep it
right.”
—Scott Stevens, Vice President, Technology, Juniper Networks
“With disaster recovery and business continuity the current buzzwords in our state govern-
ment network as well as in most corporate networks around the world, this book has
come along at the perfect time to spur conversations on high availability, not only for
networks built on Juniper Networks equipment, but on other vendor equipment as well.
The topics covered in JUNOS High Availability are broad enough for engineers looking to
design an overarching high availability posture in their network, but also detailed enough
to allow engineers to implement their designs through protocol tweaks and JUNOS tools.
The transition between authors keeps topics interesting and provides amusing quips along
the way.”
—Aaron Robel, Systems Engineer, Washington State Department of
Information Services

“A fault-tolerant network is a must in our health care environment. JUNOS High Avail-
ability will serve as a great tool to help us maintain the high availability our clients have
come to expect.”
—James Hardy, Network Engineer, Carilion Clinic
“I like that JUNOS High Availability is reality-based. It boils buzzwords like redundancy
and high availability into models that have design and cost. And the book is not marketing
fodder—it does a good job of identifying the Juniper Networks hardware and JUNOS
software features that influence HA together with a lot of good information on Juniper
architecture in general. The configuration examples are useful, and the sections on the
JUNOS XML API and JUNOScript API stir up all sorts of creative ideas in the mind of
someone with even a little bit of scripting experience.”
—Dan Schmiedt, Chief Network Engineer, Clemson University
“JUNOS High Availability has exactly what my customers need to know in order to build
and maintain continuously available network systems. It is the book to read for those
responsible for any mission-critical network.”
—Robert F. Jaeger, Juniper Networks, Systems Engineer Manager
“JUNOS High Availability provides the reader with the knowledge to design and configure
his network away from default settings toward a better design that provides rapid
convergence, increased scaling, and a resilient architecture. Both network architects and
operators will find value in the lessons taught within this book.”
—Tom Scholl, Principal IP Network Engineer, IP/MPLS Backbone
Design & Development, AT&T Labs

JUNOS High Availability
James Sonderegger, Orin Blomberg, Kieran Milne, and
Senad Palislamovic
Beijing • Cambridge • Farnham • Köln • Sebastopol • Taipei • Tokyo

JUNOS High Availability
by James Sonderegger, Orin Blomberg, Kieran Milne, and Senad Palislamovic
Copyright © 2009 James Sonderegger, Orin Blomberg, Kieran Milne, and Senad Palislamovic. All rights
reserved.
Printed in the United States of America.
Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472.
O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions
are also available for most titles (http://my.safaribooksonline.com). For more information, contact our
corporate/institutional sales department: 800-998-9938 or corporate@oreilly.com.
Editor: Mike Loukides
Production Editor: Sarah Schneider
Copyeditor: Audrey Doyle
Proofreader: Kiel Van Horn
Indexer: Lucie Haskins
Cover Designer: Karen Montgomery
Interior Designer: David Futato
Illustrator: Robert Romano
Printing History:
August 2009: First Edition.
O’Reilly and the O’Reilly logo are registered trademarks of O’Reilly Media, Inc. JUNOS High Availa-
bility, the image of Bohemian waxwings, and related trade dress are trademarks of O’Reilly Media, Inc.
Many of the designations used by manufacturers and sellers to distinguish their products are claimed as
trademarks. Where those designations appear in this book, and O’Reilly Media, Inc. was aware of a
trademark claim, the designations have been printed in caps or initial caps.
While every precaution has been taken in the preparation of this book, the publisher and authors assume
no responsibility for errors or omissions, or for damages resulting from the use of the information con-
tained herein.
ISBN: 978-0-596-52304-6
[M]
1250189494

Table of Contents
Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii
Part I. JUNOS HA Concepts
1. High Availability Network Design Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Why Mention Cost in a Technical Book? 4
A Simple Enterprise Network 4
Redundancy and the Layered Model 6
Redundant Site Architectures 6
Redundant Component Architectures 8
Combined Component and Site-Redundant Architectures 10
Redundant System Architectures 12
Combined System- and Site-Redundant Architectures 15
Combined System- and Component-Redundant Architectures 17
Combined System-, Component-, and Site-Redundant Architectures 20
What Does It All Mean? 22
2. Hardware High Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Divide and Conquer 25
The Brains: The Routing Engine 27
The Brawn: The Packet Forwarding Engine 32
Packet Flows 36
M Series 37
MX Series 39
T Series 40
EX Series 41
SRX Series 41
J Series 41
Redundancy and Resiliency 42
M Series 42
MX Series 43
vii

T Series 43
J Series 44
SRX Series 44
EX Series 45
3. Software High Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Software Architecture 47
Stable Foundations 47
Modular Design 48
One OS to Rule Them 50
Single OS 51
One Release Architecture 52
Automation of Operations 52
Configuration Management 53
Application Programming Interfaces 53
Scripting 53
4. Control Plane High Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Under the Hood of the Routing Engine 57
Routing Update Process 60
Graceful Routing Engine Switchover 66
Implementation and Configuration 67
Graceful Restart 75
Graceful Restart in OSPF 77
Graceful Restart in IS-IS 79
Graceful Restart in BGP 81
MPLS Support for Graceful Restart 84
Graceful Restart in RSVP 84
Graceful Restart in LDP 86
Graceful Restart in MPLS-Based VPNs 88
Graceful Restart in Multicast Protocols, PIM, and MSDP 91
Non-Stop Active Routing 93
Implementation Details and Configs 95
Non-Stop Bridging 98
Implementation Details and Configurations 98
Choosing Your High Availability Control Plane Solution 99
5. Virtualization for High Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Virtual Chassis in the Switching Control Plane 102
VC Roles 104
IDs for VCs 105
Priorities and the Election Process 105
Basic VC Setup and Configuration 106
viii | Table of Contents

Eliminating Loops Within the VC 110
Highly Available Designs for VCs 112
Control System Chassis 117
Requirements and Implementation 118
Consolidation Example and Configuration 120
Taking Consolidation to the Next Level: Scalable Route Reflection 124
Part II. JUNOS HA Techniques
6. JUNOS Pre-Upgrade Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
JUNOS Package Overview 129
Software Package Naming Conventions 129
When to Upgrade JUNOS in a High Availability Environment 131
The Right Target Release for a High Availability Environment 131
High Availability Upgrade Strategy 132
Pre-Upgrade Verifications 134
Filesystems and Logs 134
Checklist 136
Moving Services Away from a Router 136
Interface Configuration 136
Switching Ownership of a VRRP Virtual IP 137
IGP Traffic Control Tweaks 140
Label-Switched Paths 151
7. Painless Software Upgrades . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159
Snapshots 159
Software Upgrades with Unified ISSU 161
How It Works 161
Implementation Details 162
Software Upgrades Without Unified ISSU 164
Loading a JUNOS Image 164
Snapshots Redux 165
Image Upgrade Tweaks and Options 166
J Series Considerations 167
Cleanup 167
Backup Images 167
Rescue Configuration 169
8. JUNOS Post-Upgrade Verifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171
Post-Upgrade Verification 172
Device State 173
Network State (Routes, Peering Relationships, and Databases) 179
Table of Contents | ix

State of Existing Services 188
Filesystems and Logs 189
Removal of Configuration Workarounds 191
Fallback Procedures 192
Applicability 192
9. Monitoring for High Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
I Love Logs 193
Syslog Overview 193
Syslog Planning 197
Implementing Syslog 199
Simple Network Management Protocol 201
SNMP Overview 202
SNMP Planning 205
Implementing SNMP 205
Traffic Monitoring 210
Traffic Monitoring Overview 210
Traffic Monitoring Planning 211
Implementing Traffic Monitoring 212
Route Monitoring 215
10. Management Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217
A GUI for Junior Techs 217
Using J-Web 218
J-Web for High Availability 218
Mid-Level Techs and the CLI 219
Event Policy Planning 220
Event Policies for High Availability 224
Deep Magic for Advanced Techs 224
JUNOS APIs 224
Automation Scripts 228
Working with Scripts 230
11. Management Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
JUNOScope 233
Overview 233
JUNOScope and High Availability 236
Using JUNOScope 238
Juniper AIS 239
Overview 239
AIS for High Availability 241
Partner Tools 243
Open IP Service Development Platform (OSDP) 243
x | Table of Contents

Partner Solution Development Platform (PSDP) 243
12. Managing Intradomain Routing Table Growth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245
Address Allocation 246
Interface Addressing 247
Infrastructure Routes 251
Customer Routes 252
Network Virtualization and Service Overlays 254
Address Aggregation 265
What Is Aggregation? 266
Use of the Private Address Space 270
Use of Public Address Space 271
Static Routes 272
Using Protocol Tweaks to Control Routing Table Size 275
13. Managing an Interdomain Routing Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283
Enterprise Size and Effective Management 283
Small to Medium-Size Enterprise Perspective 284
Large Enterprises and Service Providers 286
AS Number 286
Border Gateway Protocol (BGP) 287
EBGP Loop Prevention 287
IBGP Loop Prevention 288
Route Reflection 290
Confederation 299
Common High Availability Routing Policies 304
BGP Tweak: Prefix Limit 311
Part III. Network Availability
14. Fast High Availability Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 315
Protocols for Optical Networks 315
Ethernet Operations, Administration, and Maintenance (OAM) 315
SONET/SDH Automatic Protection Switching 318
Rapid Spanning Tree Protocol 321
Interior Gateway Protocols 323
Bidirectional Forwarding Detection 324
Setting the Interval for BFD Control Packets 326
Virtual Router Redundancy Protocol 327
MPLS Path Protection 332
Fast Reroute 333
Node and Link Protection 334
Table of Contents | xi

15. Transitioning Routing and Switching to a Multivendor Environment . . . . . . . . . . 337
Industry Standards 337
Multivendor Architecture for High Availability 338
Two Sensible Approaches 338
Multivendor As a Transition State 342
Routing Protocol Interoperability 344
Interface Connectivity 344
OSPF Adjacencies Between Cisco and Juniper Equipment 348
IBGP Peering 352
EBGP Peering 353
16. Transitioning MPLS to a Multivendor Environment . . . . . . . . . . . . . . . . . . . . . . . . . 361
Multivendor Reality Check 362
Cost Concerns 362
MPLS Signaling for High Availability 363
A Simple Multivendor Topology 364
RSVP Signaling 364
LDP Signaling 372
MPLS Transition Case Studies 374
Case Study 1: Transitioning Provider Devices 375
Case Study 2: Transitioning Provider Edge Devices 379
17. Monitoring Multivendor Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 385
Are You In or Out? 385
In-Band Management 386
Out-of-Band Management 386
SNMP Configuration 388
JUNOS SNMP Configuration 388
IOS SNMP Configuration 390
SNMP and MRTG 391
Syslog Configuration 391
Syslog in JUNOS 391
Syslog in IOS 393
Syslog and Kiwi 393
Configuration Management 394
Configuration for AAA 395
TACACS+ 396
JUNOS GUI Support 399
What IS Normal? 400
18. Network Scalability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 401
Hardware Capacity 401
Device Resources to Monitor 402
xii | Table of Contents

Network Scalability by Design 405
Scaling BGP for High Availability 405
MPLS for Network Scalability and High Availability 409
Traffic Engineering Case Study 423
19. Choosing, Migrating, and Merging Interior Gateway Protocols . . . . . . . . . . . . . . . 425
Choosing Between IS-IS and OSPF 425
OSPF 426
IS-IS 432
Which Protocol Is “Better”? 441
Migrating from One IGP to Another 442
Migrating from OSPF to IS-IS 442
Migrating from IS-IS to OSPF 449
Merging Networks Using a Common IGP 457
Considerations 457
Other Options for Merging IGPs 463
20. Merging BGP Autonomous Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 465
Planning the Merge 465
Architecture 466
Outcomes 470
BGP Migration Features in JUNOS 470
Merging Our ASs Off 479
Merge with Full Mesh 480
Merge with Route Reflectors 484
Merge with Confederations 487
Monitoring the Merge 489
Neighbor Peering 490
21. Making Configuration Audits Painless . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 493
Why Audit Configurations? 493
Knowledge Is Power 493
JUNOS: Configuration Auditing Made Easy 494
Configuration Auditing 101 495
Organizing the Audit 495
Auditing Configurations 499
Baseline Configurations 499
Manually Auditing Configurations 503
Automating Configuration Audits 507
Performing and Updating Audits 509
Auditing Intervals 509
Analyzing Updates 510
Auditing Changes 510
Table of Contents | xiii

22. Securing Your Network Equipment Against Security Breaches . . . . . . . . . . . . . . . . 511
Authentication Methods 511
Local Password Authentication 511
RADIUS and TACACS+ Authentication 512
Authentication Order 512
Hardening the Device 513
Use a Strong Password, and Encrypt It 513
Disable Unused Access Methods 514
Control Physical Access to the Device 515
Control Network Access to the Device 515
Control and Authenticate Protocol Traffic 516
Define Access Policies 517
Firewall Filters 518
Firewall Filter Syntax 518
Applying Firewall Filters 522
Using Firewall Filters to Protect the Network 522
Using Firewall Filters to Protect the Routing Engine 525
Stateful Firewalls 528
23. Monitoring and Containing DoS Attacks in Your Network . . . . . . . . . . . . . . . . . . . . 529
Attack Detection 529
Using Filtering to Detect Ping Attacks 529
Using Filtering to Detect TCP SYN Attacks 530
Taking Action When a DoS Attack Occurs 532
Using Filtering to Block DoS Attacks 532
Request Help from Your Upstream Provider 534
Attack Prevention 534
Eliminate Unused Services 534
Enable Reverse Path Forwarding 535
Use Firewall Filters 535
Use Rate Limiting 536
Deploy Products Specifically to Address DoS Attacks 537
Gathering Evidence 538
Firewall Logs and Counters 538
Port Mirroring 538
Sampling 539
cflowd 541
24. Goals of Configuration Automation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 543
CLI Configuration Automation 543
Hierarchical Configuration 544
Protections for Manual Configuration 545
Transaction-Based Provisioning 547
xiv | Table of Contents

Archives and Rollback 552
Automating Remote Configuration 553
25. Automated Configuration Strategies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 555
Configuration Change Types 555
Deployment 555
Infrastructure 558
Ad Hoc Changes 560
Automation Strategies 560
Global Strategies 561
Deployment 561
Infrastructure 568
Ad Hoc Changes 571
Part IV. Appendixes
A. System Test Plan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 575
B. Configuration Audit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 589
C. High Availability Configuration Statements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 595
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 629
Table of Contents | xv

Preface
At a recent meeting of network admins, the talk turned to uptime, and some bragged
about the high availability of services in their network; they had 100% uptime. Wow,
this normally is unthinkable. After more discussion, the truth came out. This figure is
based on the fact that the service provider did not take into account outages in the
networkthatmadetheirserviceunavailable,becausetheirservicewasstill“up,”though
totally unreachable. The same admins also admitted that they really didn’t keep records
of actual outages. In their opinion, they had no reliability issues, but their customers
would disagree with that.
This book is not about reliability theory. Theory addresses the full range of possibilities.
This book is for those of us who have to keep the network working. It is a guide for
students of the art of creating self-sustaining continuous systems.
As such, we fought to keep the book grounded not necessarily in what you can do, but
more importantly, in what you should do as an administrator to protect availability and
to keep the customers, internal or external, connected and happy. Most of the chapters
include case studies that show you how things work and provide pointers on where
you might investigate if your results differ. The topologies included are realistic and in
many cases reflective of actual networks that we, the authoring team, have worked with
at some point in our careers.
There are four authors on this book, and while we tried to homogenize the writing, you
will see different styles and different approaches. Ultimately, we think that’s a good
thing. It’s like working with your peers who are also maintaining the same network and
who have different methods of working. The team shares a common goal and the var-
iation in approaches brings strength through diversity.
Ultimately, this book is about Juniper Networks JUNOS Software and Juniper Net-
works boxes. You need to design a continuous system, and you need the right mix of
equipment placed ideally on your topology, but eventually you come back to the net-
work OS. And our chapters all come back to roost with JUNOS.
xvii

What Is High Availability?
How often in your life have you picked up a phone and not heard a dial tone? Not very
often, right? Every time you did it was certainly a cause for concern. This is a classic
example of the definition of availability. People do not expect the network to be in use
constantly, 365 days a year, but they do expect the network to be available for use every
time they try to use it. With a high number of users expecting availability as needed,
we begin to approach the point of constant availability. But is that realistic? Statistically
speaking, no; over a long enough timeline every system eventually fails. So, what is a
realistic solution for systems whose purpose means they can’t be allowed to fail?
A classic concern with high availability was the difficulty in measurement. The notion
was that any measurement tool had to be more available than the system being meas-
ured. Otherwise, the tool would potentially fail before the system being measured.
These days the most highly available systems are processing constant and ever-
increasing volumes of user traffic, such as credit card transactions, calls connected, and
web page hits. Any disruption in service would immediately be noticed and felt by end
users.Theusersthemselveshavebecomethemosteffectiveavailabilitymonitoringtool.
Five 9s is easily dismissed as a marketing term, but the math behind the term is sound
and wholly nonmarketing. The 9s concept is a measure of availability over a span of a
year. It is a percentage of time during the year that the system is guaranteed to be
functional. The following table is often drawn to describe the concept:
Availability Downtime in one year
90% 876 hours
99% 87.6 hours
99.9% 8.76 hours
99.99% 52.6 minutes
99.999% 5.26 minutes
99.9999% 31.5 seconds
In this book we cite five 9s as a concept rather than as the recommended
target. In financial enterprises, five 9s could be unacceptable and the
target may instead be seven 9s, or eight 9s. Whenever you see “9s” in
this book, whether your target is five, seven, or even nine 9s, please read
it as a measurement of a continuous system rather than as a figurative
number we recommend for all networks.
The table about 9s gets the message across, but it doesn’t really tell the story of
where availability should be measured. Chapter 1 of this book talks about dependencies
withinredundancyschemes:redundantcomponentsprotectchassis,redundantchassis
protect systems, redundant systems protect services, and redundant services protect
xviii | Preface

the enterprise. Some vendors would have you believe that availability should be meas-
ured at the chassis level. Others tout the availability of specific components in their
chassis.
User experience is reality. This reality means that neither component nor system levels
are appropriate points to measure availability. Relying on hardware availability as a
measure of system, service, and enterprise availability ignores the importance of net-
work architecture planning and site design, effective monitoring, and a highly trained
and proactive support staff. In the modern world of constant transactions, it is the
services and the enterprise that must be available 99.999999% of the time. This is the
approach we’ve taken in this book.
So, are we saying that the component and chassis availability are irrelevant? Hardly.
The strength and resilience of components are critical to the chassis. The availability
of chassis is critical to the availability of services. The point is that even with best-in-
class components and chassis it is possible to make poor design and configuration
decisions. The fact that you have chosen to buy Juniper means that you have already
secured best-in-class components and chassis. The purpose of this book is to help you
make the most of this investment and build truly continuous systems and services.
How to Use This Book
We are assuming a certain level of knowledge from the reader. This is important. If you
are not familiar with any of the assumptions in the following list, this book will occa-
sionally veer over your head. The JUNOS documentation site is a great place to start.
It’s thorough, well written, and free.
OSI model
The Open Systems Interconnection (OSI) model defines seven different layers of
technology: Physical, Data Link, Network, Transport, Session, Presentation, and
Application. This model allows network engineers and network vendors to easily
discuss and apply technology to a specific OSI level. This segmentation allows
engineers to divide the overall problem of getting one application to talk to another
into discrete parts and more manageable sections. Each level has certain attributes
that describe it, and each level interacts with its neighboring levels in a very well-
defined manner.
Switches
These devices operate at Layer 2 of the OSI model and use logical local addressing
to move frames across a network. Devices in this category include Ethernet, ATM,
and Frame Relay switches.
Routers
These devices operate at Layer 3 of the OSI model and connect IP subnets to each
other. Routers move packets across a network in a hop-by-hop fashion.
Preface | xix

Ethernet
These broadcast domains connect multiple hosts together on a common infra-
structure. Hosts communicate with each other using Layer 2 Media Access Control
(MAC) addresses.
Point-to-point links
These network segments are often thought of as wide area network (WAN) links
in that they do not contain any end users. Often these links are used to connect
routers together in disparate geographical areas. Possible encapsulations used on
these links include ATM, Frame Relay, Point to Point Protocol (PPP), and HDLC.
IP addressing and subnetting
HostsusingIPtocommunicatewitheachotheruse32-bitaddresses.Humansoften
use a dotted decimal format to represent this address. This address notation in-
cludes a network portion and a host portion that is normally displayed as
192.168.1.1/24.
TCP and UDP
These Layer 4 protocols define methods for communicating between hosts. TCP
provides for connection-oriented communications while UDP uses a connection-
less paradigm. Other benefits of using TCP include flow control, windowing/
buffering, and explicit acknowledgments.
ICMP
This protocol is used by network engineers to troubleshoot and operate a network,
as it is the core protocol used by the ping and traceroute (on some platforms)
programs. In addition, ICMP is used to signal error and other messages between
hosts in an IP-based network.
JUNOS CLI
This is the command-line interface used by Juniper Networks routers, and is the
primary method for configuring, managing, and troubleshooting the router.
JUNOS documentation covers the CLI in detail and is freely available on the Juni
per Networks website.
What’s in This Book?
The ultimate purpose of this book is to be the single, most complete source for working
knowledge related to providing high availability with Juniper Networks equipment.
Though you may not find detailed configurations for all protocols and interfaces, you
will find those tweaks and knobs that will provide high availability.
This book is divided into four parts, with a total of 25 chapters, and some general
reference items put into the appendixes. The chapters are written by four different
authors, although all of us tended to review each other’s work. You’ll be able to tell
different voices in the writing styles, and we hope that is generally refreshing rather
than a hindrance. Here is a detailed account of what’s in this book.
xx | Preface

Part I, JUNOSHAConcepts
Chapter 1, High Availability Network Design Considerations
This chapter provides real-world perspective on the relative cost associated with
makinganetworkhighlyavailableandistheonlynontechnicalchapterinthebook.
It opens by describing a very simple, small enterprise network and then adds layers
of redundancy, each designed to protect against a wider range of threats to con-
tinuity. The chapter concludes with a chart comparing the relative cost of the
cumulative layers.
Chapter 2, Hardware High Availability
This chapter focuses on the foundation of Juniper Networks high availability: the
hardware. It starts by discussing the divided architecture available on all systems
and expands to the specific hardware redundancy features of the Juniper product
lines.
Chapter 3, Software High Availability
This chapter builds on the hardware knowledge gained in Chapter 2 to highlight
the features of the Juniper software that ensure high availability. The chapter looks
at the stable operating system on which the system is built and the divided software
architecture that keeps the network running.
Chapter 4, Control Plane High Availability
This chapter provides in-depth understanding of control plane and forwarding
plane interactions. Then it covers details of the different high availability features:
Graceful Routing Engine Switchover (GRES), Graceful Restart (GR), Non-Stop
Active Routing (NSR), and Non-Stop Bridging (NSB). The chapter concludes with
a list of protocol and platform support for different high availability tools.
Chapter 5, Virtualization for High Availability
This chapter provides an overview of advanced applications of the control plane
in a data center environment. The chapter also discusses the latest developments
in control plane scalability and provides solutions to control plane scaling prob-
lems present at large service providers.
Part II, JUNOSHATechniques
Chapter 6, JUNOS Pre-Upgrade Procedures
This chapter provides an overview of the things a user needs to keep in mind when
preparing to upgrade JUNOS. Then it dives into configuration and use of unified
In-Service Software Upgrade (ISSU). The chapter concludes with a handy collec-
tion of protocol mechanisms that can be used to divert traffic around a non-ISSU
chassis that is being upgraded.
Chapter 7, Painless Software Upgrades
This chapter is the second of a three-chapter series on software upgrades. It covers
the syntax and options available for upgrading software on JUNOS platforms and
Preface | xxi

describes the importance of a fallback procedure and fallback authority. The chap-
ter concludes with special considerations for Juniper Networks J Series chassis,
including rescue configurations.
Chapter 8, JUNOS Post-Upgrade Verifications
This chapter provides an overview of JUNOS commands used to verify network
device state after an OS upgrade. The chapter then describes how to gracefully
undo the traffic diversion techniques described in Chapter 6, and is an important
companion to that chapter.
Chapter 9, Monitoring for High Availability
This chapter provides an overview of JUNOS features and industry standards that
can be used to monitor network equipment to ensure network uptime. Juniper-
specific features, such as JUNOScript, are introduced.
Chapter 10, Management Interfaces
This chapter details the different interfaces, including the command-line interface
(CLI), GUIs, and application programming interfaces (APIs), that are used to man-
age Juniper Networks equipment to ensure high availability.
Chapter 11, Management Tools
This chapter builds on the previous two chapters by discussing tools available for
managing network equipment. The chapter discusses both Juniper Network tools
as well as open source tools that can interact with the APIs in JUNOS Software.
Chapter 12, Managing Intradomain Routing Table Growth
This chapter opens with a discussion of intelligent IP address allocation for net-
works with a high availability focus. The chapter then looks at the configuration
options available for controlling the size of the intradomain routing table while at
the same time protecting the availability of the network.
Chapter 13, Managing an Interdomain Routing Table
A companion to Chapter 12, this chapter looks at configuration elements that an
administrator would use to control the locally received content of the interdomain
routing table. Border Gateway Protocol (BGP)-related policy and configuration
options are the focal point in this chapter, and it is one of several that discuss how
BGP scalability mechanisms can be used to manage the local network.
Part III, NetworkAvailability
Chapter 14, Fast High Availability Protocols
This chapter provides an overview of several protocols that support high availa-
bility by providing fast failure detection and recovery. It discusses protocols for
optical and Ethernet networks, and then dives into options for lowering Interior
Gateway Protocol (IGP) timers and using Bidirectional Forwarding Detection
(BFD). The chapter finishes by covering redundancy protocols, including Virtual
Router Redundancy Protocol (VRRP), and several options for Multiprotocol Label
Switching (MPLS) path protection.
xxii | Preface

Chapter 15, Transitioning Routing and Switching to a Multivendor Environment
This is the first in a series of chapters that look at how products from Juniper can
be added into a single-vendor network to improve the availability of the network.
The chapter uses a layered strategy that first compares interface characteristics,
then IGPs, and then BGP configuration syntax between JUNOS and IOS devices.
Chapter 16, Transitioning MPLS to a Multivendor Environment
This chapter builds on the successes of the previous chapter by adding Resource
Reservation Protocol (RSVP) and Label Distribution Protocol (LDP)-signaled
MPLS to the multivendor BGP topology. The chapter includes discussion of MPLS
interoperability “gotchas” between JUNOS and IOS, and concludes with two case
studies that show layered transition and site-based transition to a multivendor
state.
Chapter 17, Monitoring Multivendor Networks
In this chapter, the authors compare Simple Network Management Protocol
(SNMP) and syslog configuration syntax between JUNOS and IOS platforms, and
look at best practices for use of the tools to monitor multivendor networks. The
chapter concludes with a brief look at the J-Web GUI as a device monitoring tool.
Chapter 18, Network Scalability
This chapter opens with a comparison of throughput capabilities of the different
product families that run JUNOS. The chapter then looks at additional configu-
ration tweaks that allow the network to grow or shrink as needed to meet changing
demands from the user base. A key feature of this chapter is high availability zoning
for BGP route reflector schemes. The chapter closes with a look at how traffic
engineering can help a network scale while meeting customer availability and
bandwidth requirements.
Chapter 19, Choosing, Migrating, and Merging Interior Gateway Protocols
Thischapterdiscussesthetwomostcommonlyusedindustry-standardIGPs:Open
Shortest Path First (OSPF) and Intermediate System to Intermediate System
(IS-IS). The first section examines the advantages and disadvantages of each pro-
tocol, and looks at how each one supports high availability. The next section ex-
amines what is involved in migrating from one of these IGPs to the other. The
chapter finishes with considerations and recommendations for merging separate
networks that run the same IGP.
Chapter 20, Merging BGP Autonomous Systems
This chapter discusses features of JUNOS and best common practices that can be
used to merge Autonomous Systems (ASs) while preserving network uptime. Issues
that occur in large-scale BGP deployments are also raised.
Chapter 21, Making Configuration Audits Painless
This chapter provides information on using JUNOS Software features to audit
network configurations to ensure that human error or misconfiguration does not
cause network downtime.
Preface | xxiii

Chapter 22, Securing Your Network Equipment Against Security Breaches
This chapter provides an overview of options to provide strong security for your
device. It discusses authentication methods, and then lists a series of features you
can implement to harden the device. The chapter then dives into firewall filters,
discussing how they are configured and implemented. It ends with several exam-
ples using filters to protect the network as well as the device itself.
Chapter 23, Monitoring and Containing DoS Attacks in Your Network
Building on the previous chapter, this chapter discusses strategies for attack de-
tection, as well as steps you can take to lessen the impact of the attack while it is
in progress. It then covers strategies for proactively reducing the impact of denial-
of-service (DoS) attacks on your network. The chapter concludes by discussing
several methods you can use to gather evidence of the attack.
Chapter 24, Goals of Configuration Automation
This chapter discusses how configuration automation can be used to prevent hu-
man errors that cause network downtime.
Chapter 25, Automated Configuration Strategies
This chapter provides an overview of how to use the JUNOS tools to conduct
configuration automation for various network settings and architectures.
Part IV, Appendixes
We include a few items for your perusal: a sample checklist for getting new JUNOS
devices operational, a sample audit list, and a JUNOS configuration statement review
for high availability operations.
Conventions Used in This Book
The following typographical conventions are used in this book:
Italic
Indicates new terms, URLs, email addresses, filenames, file extensions, pathnames,
directories, and Unix utilities.
Constant width
Indicates commands, options, switches, variables, attributes, keys, functions,
types, classes, namespaces, methods, modules, properties, parameters, values, ob-
jects, events, event handlers, XML tags, HTML tags, macros, the contents of files,
and the output from commands.
Constant width bold
Shows commands or other text that should be typed literally by the user.
Constant width italic
Shows text that should be replaced with user-supplied values.
xxiv | Preface

This icon signifies a tip, suggestion, or general note.
This icon indicates a warning or caution.
Using Code Examples
This book is here to help you get your job done. In general, you may use the code in
this book in your own configurations and documentation. You do not need to contact
us for permission unless you’re reproducing a significant portion of the material. For
example, deploying a network based on actual configurations from this book does not
require permission. Selling or distributing a CD-ROM of examples from O’Reilly books
does require permission. Answering a question by citing this book and quoting example
code does not require permission. Incorporating a significant number of sample con-
figurations or operational output from this book into your product’s documentation
does require permission.
We appreciate, but do not require, attribution. An attribution usually includes the title,
author, publisher, and ISBN. For example: “JUNOS High Availability, by James
Sonderegger, Orin Blomberg, Kieran Milne, and Senad Palislamovic. Copyright 2009
James Sonderegger, Orin Blomberg, Kieran Milne, and Senad Palislamovic,
978-0-596-52304-6.”
If you feel your use of code examples falls outside fair use or the permission given here,
feel free to contact us at permissions@oreilly.com.
Safari® Books Online
Safari Books Online is an on-demand digital library that lets you easily
search over 7,500 technology and creative reference books and videos to
find the answers you need quickly.
Withasubscription,youcanreadanypageandwatchanyvideofromourlibraryonline.
Read books on your cell phone and mobile devices. Access new titles before they are
available for print, and get exclusive access to manuscripts in development and post
feedback for the authors. Copy and paste code samples, organize your favorites, down-
load chapters, bookmark key sections, create notes, print out pages, and benefit from
tons of other time-saving features.
Preface | xxv

O’Reilly Media has uploaded this book to the Safari Books Online service. To have full
digital access to this book and others on similar topics from O’Reilly and other pub-
lishers, sign up for free at http://my.safaribooksonline.com.
Comments and Questions
Please address comments and questions concerning this book to the publisher:
O’Reilly Media, Inc.
1005 Gravenstein Highway North
Sebastopol, CA 95472
800-998-9938 (in the United States or Canada)
707-829-0515 (international or local)
707-829-0104 (fax)
We have a web page for this book, where we list errata, examples, and any additional
information. You can access this page at:
http://www.oreilly.com/catalog/9780596523046
or:
http://cubednetworks.com
To comment or ask technical questions about this book, send email to:
bookquestions@oreilly.com
For more information about our books, conferences, Resource Centers, and the
O’Reilly Network, see our website at:
http://www.oreilly.com
Acknowledgments
The authors would like to gratefully and unabashedly acknowledge many of our peers,
editors, and advisers over the long course of writing this book. We began naively and
finished as book-writing experts mostly because of the leadership of many of our
associates.
First, we must thank Patrick Ames, Juniper Networks’ editor in chief for its technical
book program. Without him you would not be holding this volume in your hand or
viewing it on your monitor. Second, Aviva Garrett, author of JUNOS Cookbook (O’Re-
illy), performed a marvelous final edit of our work, putting in countless hours and
raining down incredible suggestions. Third, Colleen Toporek, our developmental ed-
itor, slogged through our first missives and gently guided us toward the O’Reilly
benchmarks of excellence. Finally, our copyeditor, Audrey Doyle, took it all in and
masterfully made it sync together. These four, along with Mike Loukides, Marlowe
xxvi | Preface

Shaeffer, Robert Romano, and countless others at O’Reilly, formed a team that helped
to create a book that is greater than the sum of its authors. Thank you all.
We would also like to thank Juniper Networks, the employer of three of the four au-
thors, for allowing us the resources and occasional bandwidth to work on this project,
and the many people who contributed to this book in a thousand little ways, from
hallway conversations to in-depth emails explaining one thing or another; Fred
Stringer, who helped us at the very beginning while we were still proposing the book;
Chris Hellberg for sparking the book idea—no more busting routers, mate; and Anton
Bernal and Gonzalo Gomez Herrero for contributing to the early discussions and pro-
viding many fresh ideas. We note that Abhilash Prabhakaran was the original writer
and Ben Mann and Joanne McClintock the editors of the material in Appendix C, which
we condensed and abbreviated for the reader’s benefit. And finally, we want to espe-
cially reserve our admiration for the team of additional technical reviewers from Juniper
Networks who worked on tight schedules and limited resources: Majid Ansari, Nathan
Day, Jasun Rutter, and Jared Gull.
James Sonderegger would personally like to thank his wife, Bonnie, and children,
Gabby, Riley, Cat, and William, for their patience and unwavering support through
the year it took to finish this project.
Orin Blomberg would personally like to thank his wife, Holly, for all her support during
the writing of the book.
Kieran Milne would like to first thank and acknowledge his daughter, Sarah. Then, he
would like to extend deep appreciation to Will Pincek, Stacy Smith, and Elna Wells for
making Juniper Networks an amazing place to work. He would also like to thank James
Sonderegger for inviting him to join this project and Patrick Ames for keeping the
project on track and moving forward.
Senad Palislamovic would like to thank his Guide for allowing him to complete this
project; and his parents and beautiful wife for their love and support during long sleep-
less weekends. Special thanks go to James Sonderegger, Orin Blomberg, and Kieran
Milneforalltheextracyclesdevotedtotheproject;AvivaGarrettforpullingall-nighters
rewriting his lines and still meeting the deadline; Fred Stringer for his High Availability
mentorship; and his old and new managers for letting him slack, Michael Kozich and
Michael Langdon. Final thanks go to all of those who gave him space throughout the
past year; Senad is still your friend.
Preface | xxvii

CHAPTER 1
High Availability Network
Design Considerations
Before diving into the details of how JUNOS-enabled networks can be managed to
promote high availability, we need to examine networks at the architectural level in
order to distinguish a high availability network from other networks.
Redundancy schemes are relative to a layered model and can be described with the
following line of simple premises:
Redundant components protect systems
High availability at the system layer is supported by redundant hardware compo-
nents such as power supplies, interface cards, and processor engines.
Redundant systems protect services
High availability at the service layer is supported by redundant systems such as
routers, switches, and servers.
Redundant services protect the enterprise
High availability at the enterprise layer is supported by redundant services such as
email, VoIP, the Web, and “shopping carts.”
Redundant enterprises protect free-market economies
Though relevant to the current state of world finances, this premise is beyond the
scope of this book.
Each layer in the model can be said to have an associated base cost that represents the
price of functionality at that layer. High availability is provided by protecting base
functionality with hardware, software, configuration options, staffing, or whatever else
is available. In almost every case, adding protection to a layer’s functionality increases
the cost of that layer.
3

Why Mention Cost in a Technical Book?
With the exception of some government projects, cost is always a concern when build-
ing or upgrading a network, even when high availability is the desired end state. Is it
practical to add $500,000 to the cost of creating and supporting services that yield a
$50,000 annual revenue stream? Probably not. Would it be more tenable to protect a
$50,000 revenue stream with $25,000 in high availability-focused enhancements? An
investment like that makes sense.
Most books on the market today that describe “network solutions” do so with little
consideration given to the price of equipment and support, and to additional opera-
tional expenses (OPEX) tied to space, power, and cooling. Why are these issues so
commonly overlooked? Perhaps because prices are subject to change; they can be af-
fected by discount models, and they change over time: some prices could be outdated
before this book’s shelf life expires. Also, vendors occasionally discourage the release
of price information in public forums.
This chapter does not attempt to capture the actual cost in real dollars of products from
Juniper or any other vendor. Instead, we assign a baseline cost to a simple, nonredun-
dant network, and then look at the relative changes that are associated with different
forms of redundancy as described in the layered model. Likewise, we do not attempt
to place specific makes and models of network products, such as routers, switches, and
firewalls, in the design. Doing so could distract you from the true purpose of this chap-
ter, which is to identify the relative cost of different layers of redundancy in a network.
A Simple Enterprise Network
A simple enterprise network design relies on routers, firewalls, and switches, as shown
in Figure 1-1. The design provides filtering and separation of traffic to support a pair
of employee local area networks (LANs), a pair of sensitive corporate LANs that sup-
port connectivity among corporate data stores, and a pair of demilitarized zone (DMZ)
LANs that support the company’s web presence.
While this design is quite common, you’ll notice immediately that it has multiple single
points of failure. All Internet connectivity is provided by a single router through a
single connection to the Internet. All Internet access to the DMZ LANs is provided by
a single firewall. The employee LANs reside behind another router, itself an additional
single point of failure. Finally, the sensitive corporate LANs are connected using an
additional firewall, which because of the linear design of the network, must push traffic
through no fewer than three other single points of failure in order to send data from
the corporate LANs to the regular Internet. The complete reliance on multiple single
points of failure in this design results in a total lack of fault tolerance on the network.
4 | Chapter 1: High Availability Network Design Considerations

Figure 1-1. A simple enterprise network design
Table 1-1 lists the chassis that provide the base functionality and is used to calculate a
representative“cost”forthissimplenetwork.Thecostcalculationincludesallswitches,
routers, and firewall products shown in the data transport path. This calculation also
includes a representative cost of labor and materials for fiber optic connections within
the office in which the network is located.
Table 1-1. Representative cost of a simple network
Line item Description Qty
1 Router 1 with interface cards and one year of vendor support 1
2 Firewall 1 with interface cards and one year of vendor support 1
5 Switch 1 and one year of vendor support 6
6 Multimode fiber trunk (materials and installation) 10
A Simple Enterprise Network | 5

7 Facility power and cooling for one year 1
Total representative cost = $100,000
Redundancy and the Layered Model
Because most corporations have come to rely on data communications as a means of
generating profit, we can safely assume that the simple design shown in Figure 1-1,
with its complete lack of fault tolerance, is inadequate for the majority of corporate
needs. Redundancy is necessary, so we must redesign the simple transport network.
Redundant network architectures fall into one of four basic categories:
Redundant site architectures
Relyonidenticalsystemsandservices,placedingeographicallydisparatelocations,
to support enterprise-level redundancy.
Redundant system architectures
Rely on paired groupings of systems (routers, switches, servers) to provide service
resiliency when chassis or components fail.
Redundant component architectures
Rely on additional interface cards, processor boards, power supplies, and other
major components within individual chassis to provide chassis resiliency when
components fail.
Hybrid redundancy schemes
Use a combination of system, component, and site redundancy elements to provide
resilient services. This is by far the most common category.
Redundant Site Architectures
Figure 1-2 shows the simple network design from Figure 1-1 replicated at a site that is
geographically distant from the primary site. The advantage of having the same archi-
tecture at two different sites is that it provides resilient routing of traffic during system
or component failure, as well as during catastrophic disasters at the primary site. Also,
this scheme allows the backup site to serve corporate goals because it is an online,
staffed, working office while the primary site is also online.
The disadvantages of this redundancy scheme are based on usage and availability. First,
note that all backup systems are physically distant from primary systems, resulting in
the added difficulty of the primary site staff using the backup systems. Furthermore,
this scheme by itself would require a full site failover to recover from something as
simple as an interface failure on a router. Site-based redundancy schemes require con-
stant attention, particularly when the backup site is in active use.

Figure 1-2. Site redundancy for a simple network
Redundancy and the Layered Model | 7

Resource availability on the backup system must be kept above the levels required to
fully support the processing needs of the primary site. Otherwise, the backup site can-
not accurately be called a backup site. For this reason and those previously listed, a
site-based redundancy scheme is seldom used without some form of component or
system redundancy at both the primary and backup sites.
Table 1-2 details the relative cost of a site-based redundancy scheme. Note the added
cost of facilities startup as well as the annual cost of staffing, security, Internet con-
nectivity, and utilities. You should keep in mind that any annual costs described in the
table recur on a yearly basis.
Table 1-2. Relative cost of site redundancy
7 Additional physical facilities startup costs 1
8 Facility power and cooling for one year 2
Total relative cost = $540,000
Redundant Component Architectures
Use of redundant components within a network requires significant planning by the
network architects. Equipment should be chosen that supports the component redun-
dancy scheme required at both the physical and logical levels. To provide link redun-
dancy, chassis should be selected that support at least twice as many physical interfaces
as are needed for nonredundant connectivity. Future growth plans should also be taken
into consideration.
Physical component redundancy is supported by original equipment manufacturers
(OEMs) when they design a chassis to hold multiple power supplies and multiple pro-
cessor boards. Logical redundancy is supported by the protocols implemented in a
network. Virtual Router Redundancy Protocol (VRRP), for example, allows multiple
routers or multiple interfaces on a single router to serve as virtual redundant gateways
off a LAN. The Internet Engineering Task Force (IETF) standard 802.3ad, which sup-
ports bundling of multiple physical Ethernet interfaces to a single logical address, is
another way to take advantage of redundant component architectures.

A disadvantage to redundant component architectures is the lack of protection in the
event of complete system failure. For example, regardless of the number of redundant
components within a router, a single bucket of mop water can still destroy the system.
Furthermore, redundant component architectures provide no resilience against re-
gional disasters.
Figure 1-3 shows the addition of redundant components including power supplies,
processor boards, and physical connections to the simple transport network described
in Figure 1-1.
Figure 1-3. Component redundancy in a transport network

Table 1-3 details the cost of the network after complete component redundancy is
added. Again, costs listed are an estimate at the time of this book’s writing and may
not reflect actual vendor pricing.
Note that no additional cost is associated with the implementation of logical redun-
dancy protocols such as VRRP and 802.3ad. These protocols are relatively simple to
implement and require little ongoing adjustment by network administrators. Further-
more, neither requires modification to the IP address scheme used for nonredundant
connectivity.
Table 1-3. Relative cost of component redundancy
1 Router1withadditionalinterfacecardsandredundantpowerandprocessorandoneyearofvendorsupport 1
2 Firewall 1 with additional interface cards and redundant power and processor and one year of vendor
support
1
support
1
Combined Component and Site-Redundant Architectures
A combination of component and site redundancy provides better network resilience
than either component or site schemes do by themselves. Under the tenets of this
scheme, failure of multiple components does not automatically trigger a failover to the
backup site. This scheme is therefore much friendlier to both staff members and ap-
plication systems. As with a simple site-based scheme, this hybrid still requires admin-
istrative attention to make sure the backup system can support resource use levels if
the primary system fails.
Figure 1-4 illustrates the architectural principles of the hybrid component and site re-
dundancy scheme applied to the simple transport network, and Table 1-4 details the
relative cost associated with this scheme.

Figure 1-4. Component and site redundancy for a transport network

Table 1-4. Relative cost of component and site redundancy
support
2
support
2
8 Additionalphysicalfacilitiesoperationalcostsforoneyear(electricity,Internetconnectivity,staffing,and
support)
1
Redundant System Architectures
Use of redundant systems within the network architecture provides protection from
both component failure and complete system failure. However, this scheme provides
no protection from regional disaster. You should also take into account that on top of
the cost of additional systems, the power and cooling requirements of this scheme are
twice those of a simple, nonredundant architecture.
The redundant system architecture requires careful planning before deployment and
requires ongoing administrative scrutiny for the life of the network because, assuming
traffic load is balanced across paired systems, no single physical system or single phys-
ical link is permitted to exceed 50% utilization. If any system or link does exceed 50%
utilization, failure of the paired device could result in loss of data. Loss of data is not
synonymous with high availability. For example, let’s say we have a traffic load evenly
balanced between a pair of switches. If throughput across each of the individual
switches is at 60% of individual switch capacity, then the two cannot accurately be
described as a “redundant pair.” If one of the switches in the pair were to fail, then a
load equivalent to 120% of single-device capacity would be placed on the remaining
switch (60% + 60% = 120%). Clearly many packets would spill out on the floor, making
a terrible mess!
Figures 1-5 and 1-6 show two system redundancy principles applied to infrastructure
links and user LANs. These diagrams also include physical cross connection among
components.

Figure 1-5. System redundancy for transport networks

Figure 1-6. Impact of system redundancy on enterprise LANs

Table 1-5 shows the relative costs associated with use of redundant systems. Note the
added cost of space cooling and electricity shown in the table.
Table 1-5. Relative cost of system redundancy
7 Additional space, cooling, and electrical use for second system 1
Combined System- and Site-Redundant Architectures
In modern network designs, redundant systems and redundant sites are commonly
used to provide effective transport network resilience. This scheme is among the more
expensive; however, it does protect users from component and system failure on a local
basis, as well as from regional disasters. Furthermore, this scheme allows the enterprise
to take advantage of system capabilities at both the primary and backup sites. As with
other architectures featuring redundant systems, care must be taken to make sure that
failure of a system or a component does not result in an excessive burden on the paired
device.
Figure 1-7 illustrates these system and site redundancy principles applied to our simple
transport network, with Table 1-6 giving details of the relative cost of the scheme.

Figure 1-7. System and site redundancy for transport networks

Table 1-6. Relative cost of system and site redundancy
1 Router 1 base bundle with interface cards and one year of vendor support 4
8 Additionalphysicalfacilitiesoperationalcostsforoneyear(electricity,Internetconnectivity,staffing,and
support)
1
Combined System- and Component-Redundant Architectures
Figures 1-8 and 1-9 show the combination of redundant systems and redundant com-
ponents applied to the simple transport network model from Figure 1-1. This type of
architecture is generally used only in situations in which an extremely strong resiliency
scheme is required but site redundancy is not an option. And as itemized in Ta-
ble 1-7, this scheme carries the added expense of double the amount of space, power,
and cooling that would be required from a network that did not include redundant
systems.

Figure 1-8. System and component redundancy for transport networks

Figure 1-9. Impact of system and component redundancy on enterprise LANs

Table 1-7. Relative cost of system and component redundancy
support
2
support
2
7 Additional space, cooling, and electricity for second system 1
Combined System-, Component-, and Site-Redundant Architectures
The model shown in Figure 1-10 provides the greatest protection possible from equip-
ment failure and regional disaster, though at significant cost (you’ll have to decide the
price of failure for your network), as listed in Table 1-8. In comparison with the dollar
amounts in Table 1-1, we can see that this scheme is almost 10 times the relative cost
of a simple transport network.

Another Random Document on
Scribd Without Any Related Topics

D
THE SIEGE AND FALL OF PETERSBURG
It is not improbable that Grant might have made
more headway by leaving a sufficient part of his army
in the trenches in front of Petersburg and by moving
with a heavy force far to the west upon Lee’s
communications; or, if it were determined to capture
the place à main forte, by making a massed attack
upon some point in the center after suitable mining
operations had weakened Lee’s defenses and
prepared for such an operation. But the end was to
come with opening spring. To the far-sighted, this
was no longer doubtful. The South must succumb to
the greater material resources of the North, despite
its courage and its sacrifices.—Colonel T. A. Dodge, U.
S. A., in “A Bird’s-Eye View of Our Civil War.”
URING the winter of 1864-65, General Lee, fighting Grant without, was fighting
famine within. The shivering, half-clad soldiers of the South crouched over feeble fires
in their entrenchments. The men were exposed to the rain, snow, and sleet; sickness and
disease soon added their horrors to the desolation. The finances of the Government were
almost gone. The life of the Confederacy was ebbing fast.
Behind Union breastworks, early in 1865, General Grant was making preparations for the
opening of a determined campaign with the coming of spring. Mile after mile had been
added to his entrenchments, and they now extended to Hatcher’s Run on the left. The
Confederate lines had been stretched until they were so thin that there was constant
danger of breaking. A. P. Hill was posted on the right; Gordon and Anderson held the
center, and Longstreet was on the left. Union troops were mobilizing in front of
Petersburg. By February 1st, Sherman was fairly off from Savannah on his northward
march to join Grant. He was weak in cavalry and Grant determined to bring Sheridan from
the Shenandoah, whence the bulk of Early’s forces had been withdrawn, and send him to
assist Sherman. Sheridan left Winchester February 27th, wreaking much destruction as he
advanced, but circumstances compelled him to seek a new base at White House. On
March 27th he formed a junction with the armies of the Potomac and the James. Such
were the happenings that prompted Lee to prepare for the evacuation of Petersburg. And
he might be able, in his rapid marches, to outdistance Grant, join his forces with those of
Johnston, fall on Sherman, destroy one wing of the Union army and arouse the hopes of
his soldiers, and prolong the life of his Government.
General Grant knew the condition of Lee’s army and, with the unerring instinct of a
military leader, surmised what the plan of the Southern general must be. He decided to

move on the left, destroy both the Danville and South Side railroads, and put his army in
better condition to pursue. The move was ordered for March 29th.
General Lee, in order to get Grant to look another way for a while, decided to attack
Grant’s line on the right, and gain some of the works. This would compel Grant to draw
some of his force from his left and secure a way of escape to the west. This bold plan was
left for execution to the gallant Georgian, General John B. Gordon, who had successfully
led the reverse attack at Cedar Creek, in the Shenandoah, in October, 1864. Near the
crater stood Fort Stedman. Between it and the Confederate front, a distance of about one
hundred and fifty yards, was a strip of firm earth, in full view of both picket lines. Across
this space some deserters had passed to the Union entrenchments. General Gordon took
advantage of this fact and accordingly selected his men, who, at the sound of the signal
gun, should disarm the Federal pickets, while fifty more men were to cross the open
space quickly with axes and cut away the abatis, and three hundred others were to rush
through the opening, and capture the fort and guns.
At four o’clock on the morning of March 25, 1865, Gordon had everything in readiness.
His chosen band wore white strips of cloth across the breast, that they might distinguish
each other in the hand-to-hand fight that would doubtless ensue. Behind these men half
of Lee’s army was massed to support the attack. In the silence of the early morning, a
gunshot rang out from the Confederate works. Not a Federal picket-shot was heard. The
axemen rushed across the open and soon the thuds of their axes told of the cutting away
of the abatis. The three hundred surged through the entrance, overpowered the gunners,
captured batteries to the right and to the left, and were in control of the situation.
Gordon’s corps of about five thousand was on hand to sustain the attack but the
remaining reserves, through failure of the guides, did not come, and the general found
himself cut off with a rapidly increasing army surrounding him.
Fort Haskell, on the left, began to throw its shells. Under its cover, heavy columns of
Federals sent by General Parke, now commanding the Ninth Corps, pressed forward. The
Confederates resisted the charge, and from the captured Fort Stedman and the adjoining
batteries poured volley after volley on Willcox’s advancing lines of blue. The Northerners
fell back, only to re-form and renew the attack. This time they secured a footing, and for
twenty minutes the fighting was terrific. Again they were repulsed. Then across the brow
of the hill swept the command of Hartranft. The blue masses literally poured onto the
field. The furious musketry, and artillery directed by General Tidball, shrivelled up the
ranks of Gordon until they fled from the fort and its neighboring batteries in the midst of
withering fire, and those who did not were captured. This was the last aggressive effort of
the expiring Confederacy in front of Petersburg, and it cost three thousand men. The
Federal loss was not half that number.
The affair at Fort Stedman did not turn Grant from his plans against the Confederate
right. With the railroads here destroyed, Richmond would be completely cut off. On the
morning of the 29th, as previously arranged, the movement began. Sheridan swept to the
south with his cavalry, as if he were to fall upon the railroads. General Warren, with
fifteen thousand men, was working his way through the tangled woods and low swamps
in the direction of Lee’s right. At the same time, Lee stripped his entrenchments at
Petersburg as much as he dared and hurried General Anderson, with infantry, and

Fitzhugh Lee, with cavalry, forward to hold the roads over which he hoped to escape. On
Friday morning, March 31st, the opposing forces, the Confederates much reënforced,
found themselves at Dinwiddie Court House. The woods and swamps prevented the
formation of a regular line of battle. Lee made his accustomed flank movement, with
heavy loss to the Federals as they tried to move in the swampy forests. The Northerners
finally were ready to advance when it was found that Lee had fallen back. During the day
and night, reënforcements were coming in from all sides. The Confederates had taken
their position at Five Forks.
Early the next afternoon, the 1st of April, Sheridan, reënforced by Warren, was arranging
his troops for battle. The day was nearly spent when all was in readiness. The sun was
not more than two hours high when the Northern army moved toward that of the South,
defended by a breastwork behind a dense undergrowth of pines. Through this mass of
timber the Federals crept with bayonets fixed. They charged upon the Confederates, but,
at the same time, a galling fire poured into them from the left, spreading dismay and
destruction in their midst. The intrepid Sheridan urged his black battle-charger, the
famous Rienzi, now known as Winchester, up and down the lines, cheering his men on in
the fight. He seemed to be everywhere at once. The Confederate left was streaming
down the White Oak Road. But General Crawford had reached a cross-road, by taking a
circuitous route, and the Southern army was thus shut off from retreat. The Federal
cavalry had dismounted and was doing its full share of work. The Confederates soon
found themselves trapped, and the part of their army in action that day was nearly
annihilated. About five thousand prisoners were taken.
With night came the news of the crushing blow to Lee. General Grant was seated by his
camp-fire surrounded by his staff, when a courier dashed into his presence with the
message of victory. Soon from every great gun along the Union line belched forth the
sheets of flame. The earth shook with the awful cannonade. Mortar shells made huge
parabolas through the air. The Union batteries crept closer and closer to the Confederate
lines and the balls crashed into the streets of the doomed city. The bombardment of
Petersburg was on.
At dawn of the 2nd of April the grand assault began. The Federal troops sprang forward
with a rush. Despite the storms of grape and canister, the Sixth Corps plunged through
the battery smoke, and across the walls, pushing the brave defenders to the inner works.
The whole corps penetrated the lines and swept everything before it toward Hatcher’s
Run. Some of the troops even reached the South Side Railroad, where the brave General
A. P. Hill fell mortally wounded.
Everywhere, the blue masses poured into the works. General Ord, on the right of the
Sixth Corps, helped to shut the Confederate right into the city. General Parke, with the
Ninth Corps, carried the main line. The thin gray line could no longer stem the tide that
was engulfing it. The Confederate troops south of Hatcher’s Run fled to the west, and
fought General Miles until General Sheridan and a division from Meade appeared on the
scene. By noon the Federals held the line of the outer works from Fort Gregg to the
Appomattox. The last stronghold carried was Fort Gregg, at which the men of Gibbon’s
corps had one of the most desperate struggles of the war. The Confederates now fell back
to the inner fortifications and the siege of Petersburg came to an end.

COPYRIGHT, 1911, PATRIOT PUB. CO.
A BATTERED RELIC OF COLONIAL DAYS IN PETERSBURG
This beautiful old mansion on Bolingbroke Street could look back to the days of buckles
and small clothes; it wears an aggrieved and surprised look, as if wondering why it should
have received such buffetings as its pierced walls, its shattered windows and doorway
show. Yet it was more fortunate than some of its near-by neighbors, which were never
again after the visitation of the falling shells fit habitations for mankind. Many of these
handsome residences were utterly destroyed, their fixtures shattered beyond repair; their
wainscoting, built when the Commonwealth of Virginia was ruled over by the
representative of King George, was torn from the walls and, bursting into flames, made a
funeral pyre of past comforts and magnificence. The havoc wrought upon the dwellings of
the town was heavy; certain localities suffered more than others, and those residents who
seemed to dwell in the safest zones had been ever ready to open their houses to the sick
and wounded of Lee’s army. As Grant’s troops marched in, many pale faces gazed out at
them from the windows, and at the doorsteps stood men whose wounds exempted them
from ever bearing arms again.

THE SHATTERED DOORWAY
APPROACHING THE POST OF DANGER—PETERSBURG, 1865

A FEW STEPS NEARER THE PICKET LINE
IN BEHIND THE SHELTER
For nine months of ’64-’65 the musket-balls sang past these Federal picket posts, in
advance of Federal Fort Sedgwick, called by the Confederates “Fort Hell.” Directly opposite
was the Confederate Fort Mahone, which the Federals, returning the compliment, had
dubbed “Fort Damnation.” Between the two lines, separated by only fifty yards, sallies and
counter-sallies were continual occurrences after dark. In stealthy sorties one side or the
other frequently captured the opposing pickets before alarm could be given. No night was
without its special hazard. During the day the pastime here was sharp-shooting with
muskets and rifled cannon.

SECURITY FROM SURPRISE
THE MOLE-HILL RAMPARTS, NEAR THE CRATER
These well-made protections of sharpened spikes, as formidable as the pointed spears of
a Roman legion, are chevaux-de-frise of the Confederates before their main works at
Petersburg. They were built after European models, the same as employed in the
Napoleonic wars, and were used by both besiegers and besieged along the lines south of
the Appomattox. Those shown in this picture were in front of the entrenchments near
Elliott’s salient and show how effectually it was protected from any attempt to storm the
works by rushing tactics on the part of the Federal infantry. Not far from here lies the
excavation of the Crater.

GENERAL JOHN B. GORDON, C. S. A.
To this gallant young Georgia officer, just turned thirty-three at the time, Lee entrusted
the last desperate effort to break through the tightening Federal lines, March 25, 1865.
Lee was confronted by the dilemma of either being starved out of Petersburg and
Richmond, or of getting out himself and uniting his army to that of Johnston in North
Carolina to crush Sherman before Grant could reach him. Gordon was to begin this latter,
almost impossible, task by an attack on Fort Stedman, which the Confederates believed to
be the weakest point in the Federal fortifications. The position had been captured from
them in the beginning, and they knew that the nature of the ground and its nearness to
their own lines had made it difficult to strengthen it very much. It was planned to surprise
the fort before daylight. Below are seen the rabbit-like burrows of Gracie’s Salient, past
which Gordon led his famished men. When the order came to go forward, they did not
flinch, but hurled themselves bravely against fortifications far stronger than their own.
Three columns of a hundred picked men each moved down the slope shown on the left
and advanced in the darkness against Stedman. They were to be followed by a division.
Through the gap which the storming parties were expected to open in the Federal lines,
Gordon’s columns would rush in both directions and a cavalry force was to sweep on and
destroy the pontoon bridges across the Appomattox and to raid City Point, breaking up
the Federal base. It was no light task, for although Fort Stedman itself was weak, it was
flanked by Battery No. 10 on the right and by Battery No. 11 on the left. An attacking
party on the right would be exposed to an enfilading fire in crossing the plain; while on

the left the approach was difficult be cause of ravines, one of which the Confederate
engineers had turned into a pond by damming a creek. All night long General Gordon’s
wife, with the brave women of Petersburg, sat up tearing strips of white cloth, to be tied
on the arms of the men in the storming parties so that they could tell friend from foe in
the darkness and confusion of the assault. Before the sleep-dazed Federals could offer
effective resistance, Gordon’s men had possession of the fort and the batteries. Only after
one of the severest engagements of the siege were the Confederates driven back.

GRACIE’S SALIENT—AFTER GORDON’S FORLORN HOPE HAD CHARGED
APRIL SECOND—“THIS IS A SAD BUSINESS”
As his general watched, this boy fought to stem the Federal rush—but fell, his breast
pierced by a bayonet, in the trenches of Fort Mahone. It is heart-rending to look at a
picture such as this; it is sad to think of it and to write about it. Here is a boy of only
fourteen years, his face innocent of a razor, his feet unshod and stockingless in the bitter
April weather. It is to be hoped that the man who slew him has forgotten it, for this face
would haunt him surely. Many who fought in the blue ranks were young, but in the South
there were whole companies made up of such boys as this. At the battle of Newmarket
the scholars of the Virgina Military Institute, the eldest seventeen and the youngest
twelve, marched from the classrooms under arms, joined the forces of General
Breckinridge, and aided by their historic charge to gain a brilliant victory over the Federal
General Sigel. The never-give-in spirit was implanted in the youth of the Confederacy, as
well as in the hearts of the grizzled veterans. Lee had inspired them, but in addition to
this inspiration, as General Gordon writes, “every man of them was supported by their
extraordinary consecration, resulting from the conviction that he was fighting in the
defense of home and the rights of his State. Hence their unfaltering faith in the justice of
the cause, their fortitude in the extremest privations, their readiness to stand shoeless
and shivering in the trenches at night and to face any danger at their leader’s call.”

W
APPOMATTOX
I now come to what I have always regarded—shall
ever regard—as the most creditable episode in all
American history—an episode without a blemish,
imposing, dignified, simple, heroic. I refer to
Appomattox. Two men met that day, representative of
American civilization, the whole world looking on. The
two were Grant and Lee—types each. Both rose, and
rose unconsciously, to the full height of the occasion
—and than that occasion there has been none
greater. About it, and them, there was no theatrical
display, no self-consciousness, no effort at effect. A
great crisis was to be met; and they met that crisis as
great countrymen should. Consider the possibilities;
think for a moment of what that day might have
been; you will then see cause to thank God for much.
—General Charles Francis Adams, U. S. V., in Phi Beta
Kappa Address delivered at the University of Chicago,
June 17, 1902.
E are now to witness the closing scene of one of the greatest tragedies ever enacted
on the world’s stage. Many and varied had been the scenes during the war; the
actors and their parts had been real. The wounds of the South were bleeding; the North
was awaiting the decisive blow. Thousands of homes were ruined. Fortunes, great and
small, had melted away by the hundreds of millions. In Richmond, the citadel of the
waning Confederacy, the people were starving. The Southern army, half clad and without
food, was but a shadow of its once proud self. Bravely and long the men in gray had
followed their adored leader. Now the limit of endurance had been reached.
It was the second day of April, 1865. Lee realized that after Petersburg his beloved
Richmond must fall. The order was given for the movement to begin at eight o’clock that
night. The darkness of the early morning of the 3d was suddenly transformed into a lurid
light overcasting the heavens for miles around the famous city whose name had became
a household word over the civilized world. Richmond was in flames! The capital of the
Confederacy, the pride of the South, toward which the Army of the Potomac had fought
its way, leaving a trail of blood for four weary years, had at last succumbed to the
overwhelming power of Grant’s indomitable armies.
President Davis had received a despatch while attending services at St. Paul’s church,
Sunday morning, the 2d, advising him that the city must be evacuated that night, and,
leaving the church at once, he hastened the preparations for flight with his personal

papers and the archives of the Confederate Government. During that Sabbath day and
night Richmond was in a state of riot. There had been an unwarranted feeling of security
in the city, and the unwelcome news, spreading like an electric flash, was paralyzing and
disastrous in its effect. Prisoners were released from their toils, a lawless mob overran the
thoroughfares, and civic government was nullified. One explosion after another, on the
morning of the 3d, rent the air with deafening roar, as the magazines took fire. The scene
was one of terror and grandeur.
The flames spread to the city from the ships, bridges, and arsenal, which had been set on
fire, and hundreds of buildings, including the best residential section of the capital of the
Confederacy, were destroyed.
When the Union army entered the city in the morning, thousands of the inhabitants, men,
women, and children, were gathered at street corners and in the parks, in wildest
confusion. The commissary depot had been broken open by the starving mob, and rifled
of its contents, until the place was reached by the spreading flames. The Federal soldiers
stacked arms, and heroically battled with the fire, drafting into the work all able-bodied
men found in the city. The invaders extinguished the flames, and soon restored the city to
a state of order and safety. The invalid wife of General Lee, who was exposed to danger,
was furnished with an ambulance and corporal’s guard until the danger was past.
President Lincoln, who had visited Grant at Petersburg, entered Richmond on the 4th of
April. He visited President Davis’ house, and Libby Prison, then deserted, and held a
conference with prominent citizens and army officers of the Confederacy. The President
seemed deeply concerned and weighted down with the realization of the great
responsibilities that would fall upon him after the war. Only ten days later the nation was
shaken from ocean to ocean by the tragic news of his assassination.
General Lee had started on his last march by eight o’clock on the night of the 2d. By
midnight the evacuation of both Petersburg and Richmond was completed. For nine
months the invincible forces of Lee had kept a foe of more than twice their numerical
strength from invading their stronghold, and only after a long and harassing siege were
they forced to retreat. They saw the burning city as their line of march was illuminated by
the conflagration, and emotions too deep for words overcame them. The woods and
fields, in their fresh, bright colors of spring, were in sharp contrast to the travel-worn,
weather-beaten, ragged veterans passing over the verdant plain. Lee hastened the march
of his troops to Amelia Court House, where he had ordered supplies, but by mistake the
train of supplies had been sent on to Richmond. This was a crushing blow to the hungry
men, who had been stimulated on their tiresome march by the anticipation of much-
needed food. The fatality of war was now hovering over them like a huge black specter.
General Grant did not proceed to Richmond, but leaving General Weitzel to invest the city,
he hastened in pursuit of Lee to intercept the retreating army. This pursuit was started
early on the 3d. On the evening of that date there was some firing between the pursuing
army and Lee’s rear guard. It was Lee’s design to concentrate his force at Amelia Court
House, but this was not to be accomplished by the night of the 4th. Not until the 5th was
the whole army up, and then it was discovered that no adequate supplies were within less
than fifty miles. Subsistence could be obtained only by foraging parties. No word of

complaint from the suffering men reached their commander, and on the evening of that
disappointing day they patiently and silently began the sad march anew. Their course was
through unfavorable territory and necessarily slow. The Federals were gaining upon their
retreating columns. Sheridan’s cavalry had reached their flank, and on the 6th there was
heavy skirmishing. In the afternoon the Federals had arrived in force sufficient to bring on
an engagement with Ewell’s corps in the rear, at Sailor’s Creek, a tributary of the
Appomattox River. Ewell was surrounded by the Federals and the entire corps captured.
General Anderson, commanding the divisions of Pickett and Johnson, was attacked and
fought bravely, losing many men. In all about six thousand Confederate soldiers were left
in the hands of the pursuing army.
On the night of the 6th, the remainder of the Confederate army continued the retreat and
arrived at Farmville, where the men received two days’ rations, the first food except raw
or parched corn that had been given them for two days. Again the tedious journey was
resumed, in the hope of breaking through the rapidly-enmeshing net and forming a
junction with Johnston at Danville, or of gaining the protected region of the mountains
near Lynchburg. But the progress of the weak and weary marchers was slow and the
Federal cavalry had swept around to Lee’s front, and a halt was necessary to check the
pursuing Federals. On the evening of the 8th, Lee reached Appomattox Court House. Here
ended the last march of the Army of Northern Virginia.
General Lee and his officers held a council of war on the night of the 8th and it was
decided to make an effort to cut their way through the Union lines on the morning of the
next day. On the 7th, while at Farmville, on the south side of the Appomattox River, Grant
sent to Lee a courteous request for the surrender of the Army of Northern Virginia, based
on the hopelessness of further resistance on the part of that army. In reply, Lee
expressed sympathy with Grant’s desire to avoid useless effusion of blood and asked the
terms of surrender.
The next morning General Grant replied to Lee, urging that a meeting be designated by
Lee, and specifying the terms of surrender, to which Lee replied promptly, rejecting those
terms, which were, that the Confederates lay down their arms, and the men and officers
be disqualified for taking up arms against the Government of the United States until
properly exchanged. When Grant read Lee’s letter he shook his head in disappointment
and said, “It looks as if Lee still means to fight; I will reply in the morning.”
On the 9th Grant addressed another communication to Lee, repeating the terms of
surrender, and closed by saying, “The terms upon which peace can be had are well
understood. By the South laying down their arms they will hasten that most desirable
event, save thousands of human lives, and hundreds of millions of property not yet
destroyed. Sincerely hoping that all our difficulties may be settled without the loss of
another life, I subscribe myself, etc.”
There remained for Lee the bare possibility, by desperate fighting, of breaking through
the Federal lines in his rear. To Gordon’s corps was assigned the task of advancing on
Sheridan’s strongly supported front. Since Pickett’s charge at Gettysburg there had been
no more hopeless movement in the annals of the war. It was not merely that Gordon was
overwhelmingly outnumbered by the opposing forces, but his hunger-enfeebled soldiers,

even if successful in the first onslaught, could count on no effective support, for
Longstreet’s corps was in even worse condition than his own. Nevertheless, on the
morning of Sunday, the 9th, the attempt was made. Gordon was fighting his corps, as he
said, “to a frazzle,” when Lee came at last to a realizing sense of the futility of it all and
ordered a truce. A meeting with Grant was soon arranged on the basis of the letters
already exchanged. The conference of the two world-famous commanders took place at
Appomattox, a small settlement with only one street, but to be made historic by this
meeting. Lee was awaiting Grant’s arrival at the house of Wilmer McLean. It was here,
surrounded by staff-officers, that the terms were written by Grant for the final surrender
of the Army of Northern Virginia. The terms, and their acceptance, were embodied in the
following letters, written and signed in the famous “brick house” on that memorable
Sunday:
Appomattox Court House, Virginia,
April 9, 1865.
General: In accordance with the substance of my letter to you of the 8th instant, I
propose to receive the surrender of the Army of Northern Virginia on the following terms,
to wit: Rolls of all the officers and men to be made in duplicate, one copy to be given to
an officer to be designated by me, the other to be retained by such officer or officers as
you may designate. The officers to give their individual paroles not to take up arms
against the Government of the United States until properly exchanged; and each
company or regimental commander to sign a like parole for the men of their commands.
The arms, artillery, and public property to be parked and stacked, and turned over to the
officers appointed by me to receive them. This will not embrace the side-arms of the
officers, nor their private horses or baggage. This done, each officer and man will be
allowed to return to his home, not to be disturbed by the United States authority so long
as they observe their paroles and the laws in force where they may reside.
U. S. Grant, Lieutenant-General.
General R. E. Lee.
Headquarters Army of Northern Virginia,
April 9, 1865.
General: I have received your letter of this date containing the terms of the surrender of
the Army of Northern Virginia as proposed by you. As they are substantially the same as
those expressed in your letter of the 8th instant, they are accepted. I will proceed to
designate the proper officers to carry the stipulation into effect.
R. E. Lee, General.
Lieutenant-General U. S. Grant.
When Federal officers were seen galloping toward the Union lines from Appomattox Court
House it was quickly surmised that Lee had surrendered. Cheer after cheer was sent up
by the long lines throughout their entire length; caps and tattered colors were waved in

the air. Officers and men alike joined in the enthusiastic outburst. It was glad tidings,
indeed, to these men, who had fought and hoped and suffered through the long bloody
years.
When Grant returned to his headquarters and heard salutes being fired he ordered it
stopped at once, saying, “The war is over; the rebels are our countrymen again; and the
best sign of rejoicing after the victory will be to abstain from all demonstration in the
field.”
Details of the surrender were arranged on the next day by staff-officers of the respective
armies. The parole officers were instructed by General Grant to permit the Confederate
soldiers to retain their own horses—a concession that was most welcome to many of the
men, who had with them animals brought from the home farm early in the war.
There were only twenty-eight thousand men to be paroled, and of these fewer than one-
third were actually bearing arms on the day of the surrender. The Confederate losses of
the last ten days of fighting probably exceeded ten thousand.
The Confederate supplies had been captured by Sheridan, and Lee’s army was almost at
the point of starvation. An order from Grant caused the rations of the Federal soldiers to
be shared with the “Johnnies,” and the victorious “Yanks” were only too glad to tender
such hospitality as was within their power. These acts of kindness were slight in
themselves, but they helped immeasurably to restore good feeling and to associate for all
time with Appomattox the memory of reunion rather than of strife. The things that were
done there can never be the cause of shame to any American. The noble and dignified
bearing of the commanders was an example to their armies and to the world that quickly
had its effect in the genuine reconciliation that followed.
The scene between Lee and his devoted army was profoundly touching. General Long in
his “Memoirs of Lee” says: “It is impossible to describe the anguish of the troops when it
was known that the surrender of the army was inevitable. Of all their trials, this was the
greatest and hardest to endure.” As Lee rode along the lines of the tried and faithful men
who had been with him at the Wilderness, at Spotsylvania, and at Cold Harbor, it was not
strange that those ragged, weather-beaten heroes were moved by deep emotion and that
tears streamed down their bronzed and scarred faces. Their general in broken accents
admonished them to go to their homes and be as brave citizens as they had been
soldiers.
Thus ended the greatest civil war in history, for soon after the fall of the Confederate
capital and the surrender of Lee’s army, there followed in quick succession the surrender
of all the remaining Southern forces.
While these stirring events were taking place in Virginia, Sherman, who had swept up
through the Carolinas with the same dramatic brilliancy that marked his march to the sea,
accomplishing most effective work against Johnston, was at Goldsboro. When Johnston
learned of the fall of Richmond and Lee’s surrender he knew the end had come and he
soon arranged for the surrender of his army on the terms agreed upon at Appomattox. In
the first week of May General “Dick” Taylor surrendered his command near Mobile, and on
the 10th of the same month, President Jefferson Davis, who had been for nearly six

weeks a fugitive, was overtaken and made a prisoner near Irwinsville, Georgia. The
Southern Confederacy was a thing of the past.
1. Colonel
Horace
Porter
3. Colonel
T. S.
Bowers
5. General
John G.
Barnard
7. General
U. S.
Grant
9. General
Seth
Williams
11. Colonel
Adam
Badeau
COPYRIGHT, 1911, REVIEW OF REVIEWS CO.
2. Colonel
William
Duff
4. Colonel
J. D.
Webster
6. General
John A.
Rawlins
8. General
M. R.
Patrick
10. General
Rufus
Ingalls
12. Colonel
E. S.
Parker
MEN ABOUT TO WITNESS APPOMATTOX
No photographer was present at Appomattox, that supreme moment in our national
history, when Americans met for the last time as foes on the field. Nothing but fanciful
sketches exist of the scene inside the McLean home. But here is a photograph that shows
most of the Union officers present at the conference. Nine of the twelve men standing
above stood also at the signing of Lee’s surrender, a few days later. The scene is City
Point, in March, 1865. Grant is surrounded by a group of the officers who had served him
so faithfully. At the surrender, it was Colonel T. S. Bowers (third from left) upon whom
Grant called to make a copy of the terms of surrender in ink. Colonel E. S. Parker, the full-
blooded Indian on Grant’s staff, an excellent penman, wrote out the final copy. Nineteen
years later, General Horace Porter recorded with pride that he loaned General Lee a pencil
to make a correction in the terms. Colonels William Duff and J. D. Webster, and General
M. R. Patrick, are the three men who were not present at the interview. All of the
remaining officers were formally presented to Lee. General Seth Williams had been Lee’s
adjutant when the latter was superintendent at West Point some years before the war. In
the lower photograph General Grant stands between General Rawlins and Colonel Bowers.

The veins standing out on the back of his hand are plainly visible. No one but he could
have told how calmly the blood coursed through them during the four tremendous years.
GRANT BETWEEN RAWLINS AND BOWERS

IN PETERSBURG—AFTER NINE MONTHS OF BATTERING
This fine mansion on Bolingbroke Street, the residential section of Petersburg, has now,
on the 3d of April, fallen into the hands of straggling Union soldiers. Its windows have
long since been shattered by shells from distant Federal mortars; one has even burst
through the wall. But it was not till the night of April 2d, when the retreat of the
Confederate forces started, that the citizens began to leave their homes. At 9 o’clock in
the morning General Grant, surrounded by his staff, rode quietly into the city. The streets
were deserted. At length they arrived at a comfortable home standing back in a yard.
There he dismounted and sat for a while on the piazza. Soon a group of curious citizens
gathered on the sidewalk to gaze at the commander of the Yankee armies. But the Union
troops did not remain long in the deserted homes. Sheridan was already in pursuit south
of the Appomattox, and Grant, after a short conference with Lincoln, rode to the west in
the rear of the hastily marching troops. Bolingbroke Street and Petersburg soon returned
to the ordinary occupations of peace in an effort to repair the ravages of the historic nine
months’ siege.

APPOMATTOX STATION—LEE’S LAST ATTEMPT TO PROVISION HIS RETREATING ARMY
At this railroad point, three miles from the Court House, a Confederate provision train
arrived on the morning of April 8th. The supplies were being loaded into wagons and
ambulances by a detail of about four thousand men, many of them unarmed, when
suddenly a body of Federal cavalry charged upon them, having reached the spot by a by-
road leading from the Red House. After a few shots the Confederates fled in confusion.
The cavalry drove them on in the direction of Appomattox Court House, capturing many
prisoners, twenty-five pieces of artillery, a hospital train, and a large pack of wagons. This
was Lee’s last effort to obtain food for his army.
FEDERAL SOLDIERS WHO PERFORMED ONE OF THE LAST DUTIES AT APPOMATTOX
A detail of the Twenty-sixth Michigan handed out paroles to the surrendered
Confederates.

EMPTY VAULTS—THE EXCHANGE BANK, RICHMOND, 1865
The sad significance of these photographs is all too apparent. Not only the bank buildings
were in ruins, but the financial system of the entire South. All available capital had been
consumed by the demands of the war, and a system of paper currency had destroyed
credit completely. Worse still was the demoralization of all industry. Through large areas
of the South all mills and factories were reduced to ashes, and everywhere the industrial
system was turned topsy-turvy. Truly the problem that confronted the South was
stupendous.

WRECK OF THE GALLEGO FLOUR MILLS
SIGNS OF PEACE—CONFEDERATE ARTILLERY CAPTURED AT RICHMOND AND WAITING
SHIPMENT

Welcome to our website – the perfect destination for book lovers and
knowledge seekers. We believe that every book holds a new world,
offering opportunities for learning, discovery, and personal growth.
That’s why we are dedicated to bringing you a diverse collection of
books, ranging from classic literature and specialized publications to
self-development guides and children's books.
More than just a book-buying platform, we strive to be a bridge
connecting you with timeless cultural and intellectual values. With an
elegant, user-friendly interface and a smart search system, you can
quickly find the books that best suit your interests. Additionally,
our special promotions and home delivery services help you save time
and fully enjoy the joy of reading.
Join us on a journey of knowledge exploration, passion nurturing, and
personal growth every day!
ebookbell.com

Junos High Availability Best Practices For High Network Uptime 1st Edition James Sonderegger

More Related Content

Similar to Junos High Availability Best Practices For High Network Uptime 1st Edition James Sonderegger (20)

Recently uploaded (20)

Junos High Availability Best Practices For High Network Uptime 1st Edition James Sonderegger