Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - RELEASE NOTES 2010-11-09, JUNOSE 11.3 Release Note

JunosE™ Software for E Series™ Broadband Services Routers

Release Notes

Releas e

11.3.0

Published: 2010-11-09

Juniper Networks, Junos, Steel-Belted Radius, NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. The Juniper Networks Logo, the Junos logo, and JunosE are trademarks of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.

Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.

Products made or sold by Juniper Networks (including the ERX310, ERX705, ERX710, ERX1410, ERX1440, M5, M7i, M10, M10i, M20, M40, M40e, M160, M320, and T320 routers, T640 routing node, and the Junos, JunosE, and SDX-300 software) or components thereof might be covered by one or more of the following patents that are owned by or licensed to Juniper Networks: U.S. Patent Nos. 5,473,599, 5,905,725, 5,909,440, 6,192,051, 6,333,650, 6,359,479, 6,406,312, 6,429,706, 6,459,579, 6,493,347, 6,538,518, 6,538,899, 6,552,918, 6,567,902, 6,578,186, and 6,590,785.

JunosE™ Software for E Series™ Broadband Services Routers Release Notes, Writing: Subash Babu Asokan, Krupa Chandrashekar, Pallavi Madhusudhan, Namrata Mehta, Diane Florio, Brian Wesley Simmons, Fran Singer, Sairam V Editing: Ben Mann, Alana Calapai Cover Design: Edmonds Design

Revision H istory October 2010—FRS JunosE 11.3.0

The information in this document is current as of the date listed in the revision history.

Software License

The terms and conditions for using this software are described in the software license contained in the acknowledgment to your purchase order or, to the extent applicable, to any reseller agreement or end-user purchase agreement executed between you and Juniper Networks. By using this software, you indicate that you understand and agree to be bound by those terms and conditions.

Generally speaking, the software license restricts the manner in which you are permitted to use the software and may contain prohibitions against certain uses. The software license may state conditions under which the license is automatically terminated. You should consult the license for further details.

For complete product documentation, please see the Juniper Networks Web site at www.juniper.net/techpubs.

END USER LICENSE AGREEMENT

READ THIS END USER LICENSE AGREEMENT (“AGREEMENT”) BEFORE DOWNLOADING, INSTALLING, OR USING THE SOFTWARE. BY DOWNLOADING, INSTALLING, OR USING THE SOFTWARE OR OTHERWISE EXPRESSING YOUR AGREEMENT TO THE TERMS CONTAINED HEREIN, YOU (AS CUSTOMER OR IF YOU ARE NOT THE CUSTOMER, AS A REPRESENTATIVE/AGENT AUTHORIZED TO BIND THE CUSTOMER) CONSENT TO BE BOUND BY THIS AGREEMENT. IF YOU DO NOT OR CANNOT AGREE TO THE TERMS CONTAINED HEREIN, THEN (A) DO NOT DOWNLOAD, INSTALL, OR USE THE SOFTWARE, AND (B) YOU MAY CONTACT JUNIPER NETWORKS REGARDING LICENSE TERMS.

1. The Parties. The parties to this Agreement are (i) Juniper Networks, Inc. (if the Customer’s principal office is located in the Americas) or Juniper

Networks (Cayman) Limited (if the Customer’s principal office is located outside the Americas) (such applicable entity being referred to herein as “Juniper”), and (ii) the person or organization that originally purchased from Juniper or an authorized Juniper reseller the applicable license(s) for use of the Software (“Customer”) (collectively, the “Parties”).

2. The Software. In this Agreement, “Software” means the program modules and features of the Juniper or Juniper-supplied software, for which

Customer has paid the applicable license or support fees to Juniper or an authorized Juniper reseller, or which was embedded by Juniper in equipment which Customer purchased from Juniper or an authorized Juniper reseller. “Software” also includes updates, upgrades and new releases of such software. “Embedded Software” means Software which Juniper has embedded in or loaded onto the Juniper equipment and any updates, upgrades, additions or replacements which are subsequently embedded in or loaded onto the equipment.

3. License Grant. Subject to payment of the applicable fees and the limitations and restrictions set forth herein, Juniper grants to Customer a

non-exclusive and non-transferable license, without right to sublicense, to use the Software, in executable form only, subject to the following use restrictions:

a. Customer shall use Embedded Software solely as embedded in, and for execution on, Juniper equipment originally purchased by Customer

from Juniper or an authorized Juniper reseller.

b. Customer shall use the Software on a single hardware chassis having a single processing unit, or as many chassis or processing units for which

Customer has paid the applicable license fees; provided, however, with respect to the Steel-Belted Radius or Odyssey Access Client software only, Customer shall use such Software on a single computer containing a single physical random access memory space and containing any number of processors. Use of the Steel-Belted Radius or IMS AAA software on multiple computers or virtual machines (e.g., Solaris zones) requires multiple licenses, regardless of whether such computers or virtualizations are physically contained on a single chassis.

c. Product purchase documents, paper or electronic user documentation, and/or the particular licenses purchased by Customer may specify limits

to Customer’s use of the Software. Such limits may restrict use to a maximum number of seats, registered endpoints, concurrent users, sessions, calls, connections, subscribers, clusters, nodes, realms, devices, links, ports or transactions, or require the purchase of separate

licenses to use particular features, functionalities, services, applications, operations, or capabilities, or provide throughput, performance, configuration, bandwidth, interface, processing, temporal, or geographical limits. In addition, such limits may restrict the use of the Software to managing certain kinds of networks or require the Software to be used only in conjunction with other specific Software. Customer’s use of the Software shall be subject to all such limitations and purchase of all applicable licenses.

d. For any trial copy of the Software, Customer’s right to use the Software expires 30 days after download, installation or use of the Software.

Customer may operate the Software after the 30-day trial period only if Customer pays for a license to do so. Customer may not extend or create an additional trial period by re-installing the Software after the 30-day trial period.

e. The Global Enterprise Edition of the Steel-Belted Radius software may be used by Customer only to manage access to Customer’s enterprise

network. Specifically, service provider customers are expressly prohibited from using the Global Enterprise Edition of the Steel-Belted Radius software to support any commercial network access services.

The foregoing license is not transferable or assignable by Customer. No license is granted herein to any user who did not originally purchase the applicable license(s) for the Software from Juniper or an authorized Juniper reseller.

4. Use Prohibitions. Notwithstanding the foregoing, the license provided herein does not permit the Customer to, and Customer agrees not to and shall

not: (a) modify, unbundle, reverse engineer, or create derivative works based on the Software; (b) make unauthorized copies of the Software (except as necessary for backup purposes); (c) rent, sell, transfer, or grant any rights in and to any copy of the Software, in any form, to any third party; (d) remove any proprietary notices, labels, or marks on or in any copy of the Software or any product in which the Software is embedded; (e) distribute any copy of the Software to any third party, including as may be embedded in Juniper equipment sold in the secondhand market; (f) use any ‘locked’ or key-restricted feature, function, service, application, operation, or capability without first purchasing the applicable license(s) and obtaining a valid key from Juniper, even if such feature, function, service, application, operation, or capability is enabled without a key; (g) distribute any key for the Software provided by Juniper to any third party; (h) use the Software in any manner that extends or is broader than the uses purchased by Customer from Juniper or an authorized Juniper reseller; (i) use Embedded Software on non-Juniper equipment; (j) use Embedded Software (or make it available for use) on Juniper equipment that the Customer did not originally purchase from Juniper or an authorized Juniper reseller; (k) disclose the results of testing or benchmarking of the Software to any third party without the prior written consent of Juniper; or (l) use the Software in any manner other than as expressly provided herein.

5. Audit. Customer shall maintain accurate records as necessary to verify compliance with this Agreement. Upon request by Juniper, Customer shall

furnish such records to Juniper and certify its compliance with this Agreement.

6. Confidentiality. The Parties agree that aspects of the Software and associated documentation are the confidential property of Juniper. As such,

Customer shall exercise all reasonable commercial efforts to maintain the Software and associated documentation in confidence, which at a minimum includes restricting access to the Software to Customer employees and contractors having a need to use the Software for Customer’s internal business purposes.

7. Ownership. Juniper and Juniper’s licensors, respectively, retain ownership of all right, title, and interest (including copyright) in an

associated documentation, and all copies of the Software. Nothing in this Agreement constitutes a transfer or conveyance of any right, title, or interest in the Software or associated documentation, or a sale of the Software, associated documentation, or copies of the Software.

8. Warranty, Limitation of Liability, Disclaimer of Warranty. The warranty applicable to the Software shall be as set forth in the warranty statement

that accompanies the Software (the “Warranty Statement”). Nothing in this Agreement shall give rise to any obligation to support the Software. Support services may be purchased separately. Any such support shall be governed by a separate, written support services agreement. TO THE MAXIMUM EXTENT PERMITTED BY LAW, JUNIPER SHALL NOT BE LIABLE FOR ANY LOST PROFITS, LOSS OF DATA, OR COSTS OR PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, OR FOR ANY SPECIAL, INDIRECT, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THIS AGREEMENT, THE SOFTWARE, OR ANY JUNIPER OR JUNIPER-SUPPLIED SOFTWARE. IN NO EVENT SHALL JUNIPER BE LIABLE FOR DAMAGES ARISING FROM UNAUTHORIZED OR IMPROPER USE OF ANY JUNIPER OR JUNIPER-SUPPLIED SOFTWARE. EXCEPT AS EXPRESSLY PROVIDED IN THE WARRANTY STATEMENT TO THE EXTENT PERMITTED BY LAW, JUNIPER DISCLAIMS ANY AND ALL WARRANTIES IN AND TO THE SOFTWARE (WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE), INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT. IN NO EVENT DOES JUNIPER WARRANT THAT THE SOFTWARE, OR ANY EQUIPMENT OR NETWORK RUNNING THE SOFTWARE, WILL OPERATE WITHOUT ERROR OR INTERRUPTION, OR WILL BE FREE OF VULNERABILITY TO INTRUSION OR ATTACK. In no event shall Juniper’s or its suppliers’ or licensors’ liability to Customer, whether in contract, tort (including negligence), breach of warranty, or otherwise, exceed the price paid by Customer for the Software that gave rise to the claim, or if the Software is embedded in another Juniper product, the price paid by Customer for such other product. Customer acknowledges and agrees that Juniper has set its prices and entered into this Agreement in reliance upon the disclaimers of warranty and the limitations of liability set forth herein, that the same reflect an allocation of risk between the Parties (including the risk that a contract remedy may fail of its essential purpose and cause consequential loss), and that the same form an essential basis of the bargain between the Parties.

9. Termin ation. Any breach of this Agreement or failure by Customer to pay any applicable fees due shall result in automatic termination of the license

granted herein. Upon such termination, Customer shall destroy or return to Juniper all copies of the Software and related documentation in Customer’s possession or control.

10. Taxes. All license fees payable under this agreement are exclusive of tax. Customer shall be responsible for paying Taxes arising from the purchase

of the license, or importation or use of the Software. If applicable, valid exemption documentation for each taxing jurisdiction shall be provided to Juniper prior to invoicing, and Customer shall promptly notify Juniper if their exemption is revoked or modified. All payments made by Customer shall be net of any applicable withholding tax. Customer will provide reasonable assistance to Juniper in connection with such withholding taxes by promptly: providing Juniper with valid tax receipts and other required documentation showing Customer’s payment of any withholding taxes; completing appropriate applications that would reduce the amount of withholding tax to be paid; and notifying and assisting Juniper in any audit or tax proceeding related to transactions hereunder. Customer shall comply with all applicable tax laws and regulations, and Customer will promptly pay or reimburse Juniper for all costs and damages related to any liability incurred by Juniper as a result of Customer’s non-compliance or delay with its responsibilities herein. Customer’s obligations under this Section shall survive termination or expiration of this Agreement.

11 . Export. Customer agrees to comply with all applicable export laws and restrictions and regulations of any United States and any applicable foreign

agency or authority, and not to export or re-export the Software or any direct product thereof in violation of any such restrictions, laws or regulations, or without all necessary approvals. Customer shall be liable for any such violations. The version of the Software supplied to Customer may contain encryption or other capabilities restricting Customer’s ability to export the Software without an export license.

12. Commercial Computer Software. The Software is “commercial computer software” and is provided with restricted rights. Use, duplication, or

disclosure by the United States government is subject to restrictions set forth in this Agreement and as provided in DFARS 227.7201 through

227.7202-4, FAR 12.212, FAR 27.405(b)(2), FAR 52.227-19, or FAR 52.227-14(ALT III) as applicable.

d to the Software,

13. Interface Information. To the extent required by applicable law, and at Customer's written request, Juniper shall provide Customer with the interface

information needed to achieve interoperability between the Software and another independently created program, on payment of applicable fee, if any. Customer shall observe strict obligations of confidentiality with respect to such information and shall use such information in compliance with any applicable terms and conditions upon which Juniper makes such information available.

14. Third Party Software. Any licensor of Juniper whose software is embedded in the Software and any supplier of Juniper whose products or technology

are embedded in (or services are accessed by) the Software shall be a third party beneficiary with respect to this Agreement, and such licensor or vendor shall have the right to enforce this Agreement in its own name as if it were Juniper. In addition, certain third party software may be provided

with the Software and is subject to the accompanying license(s), if any, of its respective owner(s). To the extent portions of the Software are distributed under and subject to open source licenses obligating Juniper to make the source code for such portions publicly available (such as the GNU General Public License (“GPL”) or the GNU Library General Public License (“LGPL”)), Juniper will make such source code portions (including Juniper modifications, as appropriate) available upon request for a period of up to three years from the date of distribution. Such request can be made in writing to Juniper Networks, Inc., 1194 N. Mathilda Ave., Sunnyvale, CA 94089, ATTN: General Counsel. You may obtain a copy of the GPL at

http://www.gnu.org/licenses/gpl.html, and a copy of the LGPL at http://www.gnu.org/licenses/lgpl.html.

15. Miscellaneous. This Agreement shall be governed by the laws of the State of California without reference to its conflicts of laws principles. The

provisions of the U.N. Convention for the International Sale of Goods shall not apply to this Agreement. For any disputes arising under this Agreement, the Parties hereby consent to the personal and exclusive jurisdiction of, and venue in, the state and federal courts within Santa Clara County, California. This Agreement constitutes the entire and sole agreement between Juniper and the Customer with respect to the Software, and supersedes all prior and contemporaneous agreements relating to the Software, whether oral or written (including any inconsistent terms contained in a purchase order), except that the terms of a separate written agreement executed by an authorized Juniper representative and Customer shall govern to the extent such terms are inconsistent or conflict with terms contained herein. No modification to this Agreement nor any waiver of any rights hereunder shall be effective unless expressly assented to in writing by the party to be charged. If any portion of this Agreement is held invalid, the Parties agree that such invalidity shall not affect the validity of the remainder of this Agreement. This Agreement and associated documentation has been written in the English language, and the Parties agree that the English version will govern. (For Canada: Les parties aux présentés confirment leur volonté que cette convention de même que tous les documents y compris tout avis qui s'y rattaché, soient redigés en langue anglaise. (Translation: The parties confirm that this Agreement and all related documentation is and will be in the English language)).

Table of Contents

Release 11.3.0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Release Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Upgrading to Release 5.3.0 or a Higher-Numbered Release . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Upgrading from Release 5.1.1 or Lower-Numbered Releases to

Release 6.x.x or Higher-Numbered Releases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Moving Line Modules Between Releases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

SRP Module Memory Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

Hardware and Software Compatibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Requesting Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3

Self-Help Online Tools and Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Opening a Case with JTAC. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4

Release Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Before You Start. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5

Release Highlights. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

DHCP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Documentation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8

RADIUS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9

System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9

Tunneling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10

Early Field Trial Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

DHCP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10

Stateful Line Module Switchover (High Availability) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Unsupported Features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

E120 Router and E320 Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Policy Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Stateful SRP Switchover (High Availability) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Release Software Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Core Routing Stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Network Management Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Routing Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Multiprotocol Label Switching (MPLS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Layer 2 Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Security Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

SRC Software and SDX Software Compatibility Matrix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Known Behavior . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15

AAA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

ATM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

BGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

BGP/MPLS VPNs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

JunosE 11.3.0 Release Notes

B-RAS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Bridged Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

DHCP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

DHCP External Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Dynamic Interfaces. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22

Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22

Flash . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23

Forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23

GRE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23

Hardware. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23

HDLC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

IP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

IPSec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

IS-IS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

L2TP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Line Module Redundancy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

MLPPP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

MPLS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

Packet Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Policy Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32

PPP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

PPPoE. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

QoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

RADIUS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

SRC Software and SDX Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37

SSH . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37

Stateful SRP Switchover (High Availability) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

Subscriber Interfaces. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

System Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

Tunneling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

Known Problems and Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

ANCP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

ATM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

BFD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41

CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41

DHCP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

DHCP External Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

DoS Protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

File System. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

Forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

GRE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

ICR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

IGMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

IP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

IPSec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

Table of Contents

IS-IS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

L2TP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47

MLD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47

MLPPP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47

Mobile IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47

MPLS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

Netflow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

Policy Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

PPPoE. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

QoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

RSVP-TE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

Service Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

SONET . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

SRC Software and SDX Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

Stateful SRP Switchover (High Availability) and IP Tunnels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

Subscriber Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53

TCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53

Unified ISSU. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53

Resolved Known Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

Forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

IGMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

Errata . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57

Appendix A System Maximums . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

ERX310, ERX7xx, and ERX14xx System Maximums . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60

General System Maximums . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60

Physical and Logical Density Maximums. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61

Link Layer Maximums . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64

Routing Protocol Maximums . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69

Policy and QoS Maximums . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .72

Tunneling Maximums . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .74

Subscriber Management Maximums . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76

E120 and E320 System Maximums . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78

General System Maximums . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78

Physical and Logical Density Maximums. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79

Link Layer Maximums . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

Routing Protocol Maximums . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

Policy and QoS Maximums . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90

Tunneling Maximums . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

Subscriber Management Maximums . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96

JunosE 11.3.0 Release Notes

Release 11.3.0

Release Installation

Complete procedures for installing the system software are available in JunosE System Basics Configuration Guide, Chapter 3, Installing JunosE Software.

New software releases are available for download from the Juniper Networks website at http://www.juniper.net/customers/support. You can use the downloaded image bundle to create your own software CDs.

Before upgrading to a new version of software, save your router’s running configuration to a .cnf file or .scr file. If you subsequently need to downgrade for any reason, you can restore the earlier software version.

Informational Note: When you upgrade the software on a router that has a large

number of interfaces configured, the router might appear to be unresponsive for several minutes. This condition is normal; allow the process to continue uninterrupted.

Upgrading to Release 5.3.0 or a Higher-Numbered Release

When you upgrade from a lower-numbered release to Release 5.3.0 or a higher-numbered release, the higher release might not load if you issue the boot system command from Boot mode while the lower-numbered software is running on the router or if you insert a flash card running a higher-numbered release into a system running a lower numbered release. However, if you issue the boot system command from Global Configuration mode, the new software loads properly.

Upgrading from Release 5.1.1 or Lower-Numbered Releases to Release 6.x.x or Higher-Numbered Releases

Release 5.1.1 or lower-numbered releases support application images only up to 172 MB. Your software upgrades or application images may be available remotely through Telnet or FTP, or may be delivered on a new NVS card. If you upgrade the JunosE Software using a new NVS card, we recommend you perform the upgrade in two stages: first to an intermediate release and then to the higher-numbered release you want to run. This restriction is not applicable if you upgrade your software remotely through Telnet or FTP.

To install larger application images for Release 6.0.0 and higher-numbered releases, you must first install Release 5.1.2 (or a higher-numbered 5.x.x release). This enables the system to support application images greater than 172 MB. For example, if you are upgrading the software using a new NVS card, you cannot go from Release 5.1.1 to Release 7.2.0 without first upgrading to Release 5.1.2.

JunosE 11.3.0 Release Notes

See the following table for compatibility of releases.

Maximum

JunosE Release

5.1.1 or lower-numbered release

5.1.2 or higher-numbered release

7.2.0 or higher-numbered release

Highest Release Able to Load

5.3.5p0-2 or the highest-numbered 5.x.x release

No limitation Not applicable 234 MB

No limitation Not applicable 256 MB

Cannot Load

6.x.x or higher-numbered release

Application Image

172 MB (approximate)

(approximate)

For more detailed information on installing software, and about NVS cards and SRP modules, see the following documents:

 JunosE System Basics Configuration Guide, Chapter 6, Managing Modules

 Upgrading NVS Cards on SRP Modules in ERX Hardware Guide, Chapter 8, Maintaining

ERX Routers

 Upgrading NVS Cards on SRP Modules in E120 and E320 Hardware Guide, Chapter 8,

Maintaining the Router

Moving Line Modules Between Releases

The Juniper Networks ERX1440 Broadband Services Router employs a 40-Gbps SRP module and a new midplane. Release 3.3.2 was the first software release to support the 40-Gbps SRP module and midplane. Before you can transfer a compatible line module from a Juniper Networks ERX705, ERX710, or ERX1410 Broadband Services Router to an ERX1440 router, you must first load Release 3.3.2 or a higher release onto the current router, and then reboot the router to load the release onto the line modules. If you then move any of those line modules to an ERX1440 router, that router is able to recognize the line module.

If you move a compatible line module from an ERX1440 router to an ERX705, ERX710, or ERX1410 router, the module loads properly in the new router regardless of the release.

SRP Module Memory Requirements

For Release 5.3.0 and higher-numbered software releases on ERX14xx models, ERX7xx models, and the Juniper Networks ERX310 Broadband Services Router, see ERX Module Guide, Table 1, ERX Module Combinations, for detailed information about memory requirements.

For Release 8.2.0 and higher-numbered software releases on Juniper Networks E120 and E320 Broadband Services Routers, see E120 and E320 Module Guide, Table 1, Modules and IOAs, for detailed information about memory requirements.

Hardware and Software Compatibility

For important information about hardware and software, see the document set as follows:

 Combinations of line modules to achieve line rate performance are in JunosE System

Basics Configuration Guide, Chapter 6, Managing Modules.

 Compatibility of ERX router modules with software releases is in ERX Module Guide,

Table 1, ERX Module Combinations.

 Layer 2 and layer 3 protocols and applications supported by ERX router modules are

in ERX Module Guide, Appendix A, Module Protocol Support.

 Compatibility of E120 router and E320 router modules with software releases is in

E120 and E320 Module Guide, Table 1, Modules and IOAs.

 Layer 2 and layer 3 protocols and applications supported by IOAs on the E120 router

and the E320 router are in E120 and E320 Module Guide, Appendix A, IOA Protocol Support.

Requesting Technical Support

Technical product support is available through the Juniper Networks Technical Assistance Center (JTAC). If you are a customer with an active J-Care or JNASC support contract, or are covered under warranty, and need post-sales technical support, you can access our tools and resources online or open a case with JTAC.

 JTAC Policies—For a complete understanding of our JTAC procedures and policies,

review the JTAC User Guide located at http://www.juniper.net/customers/support/downloads/710059.pdf

 Product Warranties—For product warranty information, visit

http://www.juniper.net/support/warranty/

 JTAC Hours of Operation—The JTAC centers have resources available 24 hours a

day, 7 days a week, 365 days a year.

Release 11.3.0

Self-Help Online Tools and Resources

For quick and easy problem resolution, Juniper Networks has designed an online self-service portal called the Customer Support Center (CSC) that provides you with the following features:

 Find CSC offerings:

http://www.juniper.net/customers/support/

 Search for known bugs:

http://www2.juniper.net/kb/

 Find product documentation:

http://www.juniper.net/techpubs/

 Find solutions and answer questions using our Knowledge Base:

http://kb.juniper.net/

 Download the latest versions of software and review release notes:

http://www.juniper.net/customers/csc/software/

 Search technical bulletins for relevant hardware and software notifications:

https://www.juniper.net/alerts/

JunosE 11.3.0 Release Notes

 Join and participate in the Juniper Networks Community Forum:

http://www.juniper.net/company/communities/

 Open a case online in the CSC Case Manager:

http://www.juniper.net/cm/

To verify service entitlement by product serial number, use our Serial Number Entitlement (SNE) Tool located at https://tools.juniper.net/SerialNumberEntitlementSearch/

Opening a Case with JTAC

You can open a case with JTAC on the Web or by telephone.

 Use the Case Manager tool in the CSC at

http://www.juniper.net/cm/

 Call 1-888-314-JTAC

(1-888-314-5822 – toll free in the USA, Canada, and Mexico)

For international or direct-dial options in countries without toll-free numbers, visit http://www.juniper.net/support/requesting-support.html

Release Overview

Release 11.3.0

These Release Notes cover Release 11.3.0 of the system software for the Juniper Networks E Series Broadband Services Routers and contain the following sections:

 Release Highlights on page 7

 Early Field Trial Features on page 10

 Unsupported Features on page 12

 Release Software Protocols on page 13

 SRC Software and SDX Software Compatibility Matrix on page 14

 Known Behavior on page 15

 Known Problems and Limitations on page 40

 Resolved Known Problems on page 55

 Errata on page 57

 Appendix A, System Maximums, on page 59

If the information in these Release Notes differs from the information found in the published documentation set, follow these Release Notes.

Before You Start

These Release Notes include information about the changes between Releases 11.2.0 and 11.3.0. Before you use your new software, read these Release Notes in their entirety, especially the section Known Problems and Limitations. You need the following documentation to fully understand all the features available in Release 11.3.0:

 These 11.3.0 Release Notes, which describe changes between Release 11.2.0 and

Release 11.3.0

 The 11.2.0 Release Notes, which describe features available in Release 11.2.0

 The 11.3.x documentation set, which provides detailed information about features

available in Release 11.3.0

The 11.3.x documentation set consists of several manuals and is available only in electronic format. You can print your own documentation using the PDF and HTML formats available at the Juniper Networks Technical Documentation Web site at www.juniper.net/techpubs. Refer to the following table to help you decide which document to use:

Tas k Document

Install the router ERX Hardware Guide

E120 and E320 Hardware Guide

Learn about modules ERX Module Guide

E120 and E320 Module Guide E Series End-of-Life Module Guide

Get up and running quickly E Series Installation Quick Start poster

Guide E120 and E320 Quick Start Guide

Configure the router JunosE System Basics Configuration Guide

Configure physical layer interfaces JunosE Physical Layer Configuration Guide

Configure link layer interfaces JunosE Link Layer Configuration Guide

or ERX Quick Start

JunosE 11.3.0 Release Notes

Tas k Document

Configure line module redundancy, stateful SRP switchover, unified ISSU, VRRP, and interchassis redundancy (ICR)

Configure IP, IPv6 and Neighbor Discovery, and interior gateway protocols (RIP, OSPF, and IS-IS)

Configure IP routing services, including routing policies, NAT, J-Flow statistics, BFD, IPSec, digital certificates, and IP tunnels

Configure IP multicast routing and IPv6 multicast routing

Configure BGP, MPLS, Layer 2 service, and related applications

Configure policy management JunosE Policy Management Configuration Guide

Configure quality of service (QoS) JunosE Quality of Service Configuration Guide

Configure remote access JunosE Broadband Access Configuration Guide

Get specific information about commands

Monitor system events JunosE System Event Logging Reference Guide

Look up definitions of terms used in JunosE technical documentation

JunosE Service Availability Configuration Guide

JunosE IP, IPv6, and IGP Configuration Guide

JunosE IP Services Configuration Guide

JunosE Multicast Routing Configuration Guide

JunosE BGP and MPLS Configuration Guide

JunosE Command Reference Guide A to M JunosE Command Reference Guide N to Z

JunosE Glossary

Release Highlights

DHCP

Release 11.3.0

Release 11.3.0 includes the features described in this section.

Category Feature

DHCP

Documentation

RADIUS

System

Tunneling

 Support for RADIUS-Provisioned DHCP Options in DHCP Local Server Standalone

 Support for RADIUS-Provisioned DHCP Options in DHCP

Local Server Standalone Authentication Mode on page 7

 Enhanced ERX End-of-Life Module Guide on page 8

 Inclusion of RADIUS IETF Framed-Route Attribute [22] in

RADIUS Accounting Messages on page 9

 Support for Conventional Upgrade on ES2 10G LMs on

page 9

 Support for IP Reassembly for Dedicated Tunnel Server

Configured on an ES2 10G ADV LM on page 10

Authentication Mode

You can now configure DHCP Local Server to receive DHCP options returned by RADIUS server from AAA. DHCP Local Server now includes the DHCP options returned by RADIUS, along with other default or requested DHCP options, in DHCP OFFER and ACK responses. This feature is only supported in DHCP Standalone Authentication Mode.

By default, inclusion of DHCP options returned by RADIUS as part of DHCP OFFER and ACK responses is disabled. To enable DHCP Local Server to include the DHCP options returned by RADIUS, use the radius-dhcp-options keyword with the ip

dhcp-local auth include command. For example:

host1(config)# ip dhcp-local auth include radius-dhcp-options

DHCP Local Server can support up to 312 bytes of DHCP options data in DHCP packets. While DHCP Local Server gives precedence to DHCP options returned by RADIUS over locally configured DHCP options, inclusion of the DHCP options returned by RADIUS is based on the space available in the DHCP options buffer. As a result, some options may be dropped while the others are included in DHCP OFFER and ACK responses.

The following DHCP options configured from RADIUS are not supported:

 0 - Pad Option  77 - User class

 1 - Subnet Mask  80 - Rapid commit

 13 - Boot File Size Option  81 - client FQDN

 50 - Requested IP Address  82 - Relay Agent Information Option

 51 - IP Address Lease time  90 - Authentication

 52 - Option Overload  93 - client system

 53 - DHCP Message Type  94 - client NDI

 54 - Server Identifier  98 - User Auth

 55 - Parameter Request List  116 - Auto Config

 56 - Message  118 - Subnet Selection

 57 - Maximum DHCP Message Size  122 - Code CCC

 58 - Renewal Time Value  12 4 - Ve ndo r Ident ifying Vend or c lass

JunosE 11.3.0 Release Notes

Documentation

 59 - Rebinding Time Value  125 - Vendor Specific Information

 60 - Vendor class identifier  128 - TFTP Server IP Address

 61 - Client-identifier  129 - Call Server IP Address

 66 - TFTP server name  All options beyond 132

 67 - Bootfile n ame

The following commands have been enhanced to support the inclusion of RADIUS-returned DHCP options as part of OFFER and ACK responses.

 ip dhcp-local auth include  show ip dhcp-local auth config

Change in existing behavior: Existing feature extended as described here. In lower-numbered releases, DHCP Local Server did not include DHCP options returned from the RADIUS server as part of OFFER and ACK responses. This is no longer the case.

 Enhanced ERX End-of-Life Module Guide

Beginning with JunosE Release 11.3.0, the title of the ERX End-of-Life Module Guide has changed to the E Series End-of-Life Module Guide.

The E Series End-of-Life Module Guide has been updated to include end-of-life modules that are no longer orderable for ERX routers, E120 routers, and E320 routers.

The following table lists the EOL modules have been moved to the E Series

End-of-Life Module Guide from the ERX Module Guide and the E120 and E320 Module Guide:

Module Name Module Type

cOC3/STM1multimode ERX

cOC3/STM1 single-mode intermediate reach

cOC3/STM1 single-mode long reach ERX

cOC12/STM4multimode without APS/MSP redundancy

cOC12/STM4 single-mode intermediate reach without APS/MSP redundancy

cOC12/STM4 single-mode intermediate reach with APS/MSP redundancy

cOC12/STM4 single-mode long reach ERX

CT3/T3 12 (12 ports) ERX

E3 Frame (12 ports) ERX

IPSec Service Module ERX

SRP 5G+(2 GB) ERX

T3 Frame (12 ports) ERX

10GE IOA E120 and E320

ERX

Change in existing behavior: In lower-numbered releases, we included only ERX modules that are end-of-life. This is no longer the case.

RADIUS

Release 11.3.0

 Inclusion of RADIUS IETF Framed-Route Attribute [22] in RADIUS Accounting

Messages

You can now specify that RADIUS accounting messages include the RADIUS IETF Framed-Route attribute [22]. You can use the radius include command from Global Configuration mode to configure inclusion of this RADIUS attribute in Acct-Start, Acct-Stop, and Interim-Acct messages. When included in Acct-Stop messages, the attribute is also included in Interim-Acct messages. The attribute is excluded by default from the Acct-Start, Acct-Stop, and Interim-Acct messages.

As a part of this feature, the framed-route keyword has been added to the radius include command.

The following command has been modified to support this feature:

 radius include

The output of the following command has been modified to support this feature:

 show radius attribute-included

Change in existing behavior: New feature added as described here.

System

 Support for Conventional Upgrade on ES2 10G LMs

JunosE Software now supports field programmable gate array (FPGA) upgrades on REV-02 ES2 10G line modules. You must perform the upgrade using a conventional software upgrade process; you cannot use the unified ISSU process to perform the upgrade. In lower-numbered releases, you were not able to use a conventional software upgrade or a unified ISSU process on REV-02 ES2 10G LMs.

In this release, design enhancements enable you to perform a stateless upgrade (non-unified ISSU method, with router-wide outage for users) from JunosE releases numbered lower than Release 11.3.0 to JunosE Release 11.3.0. You cannot run a unified ISSU procedure from JunosE releases that do not contain the design changes for control and status register (CSR) FPGA functionality if the router chassis contains ES2 10G LMs or REV-02 ES2 10G LMs.

The following design improvements to FPGA have been made in this release:

 FPGA modifications for resolving fabric-related problems related to SFM

redundancy on ES2 4G LMs, ES2 10G LMs, ES2 10G ADV LMs, SRP-100, and SRP-320 modules

 CSR FPGA changes on ES2 10G LMs and REV-02 ES2 10G LMs to enable FPGA

upgrades

If your network contains routers installed with LMs other than ES2 10G LMs or REV-02 ES2 10G LMs, a preferred suggestion is to transfer subscribers configured on the ES2 10G LMs or REV-02 10G LMs to other LMs available in your environment when you perform unified ISSU. This transfer of subcribers to other LMs avoids disruption of user sessions owing to the limitation that exists with performing a unified ISSU operation on ES2 10 LMs and REV-02 10G LMs.

JunosE 11.3.0 Release Notes

Tunneling

Change in existing behavior: Existing feature extended as described here. You can

now perform a conventional upgrade from releases numbered lower than Release

11.3.0 to Release 11.3.0, if the router chassis contains ES2 10G LMs or REV-02 versions of the ES2 10G LM. In lower-numbered releases, you could only download the image from serial Programmable Read-Only Memory (PROM), which was a factory image. You still cannot perform a unified ISSU operation from releases numbered lower than Release 11.3.0 to Release 11.3.0, if the router chassis contains ES2 10G LMs.

 Support for IP Reassembly for Dedicated Tunnel Server Configured on an ES2 10G

ADV LM

An ES2 10G ADV LM and Service IOA combination provides a dedicated tunnel server. When packets larger than the MTU of the tunnel interface are sent through the tunnel, they may be fragmented. However, tunnel processing requires each packet to be a complete packet, the way it was before it got fragmented.

To support this, fragmented packets are now reassembled on an ES2 10G ADV LM before they are sent for tunnel processing.

Change in existing behavior: Existing feature extended as described here. In lower-numbered releases, the IP reassembly for dedicated tunnel-server was supported only when configured on the ES2 4G LM.

Early Field Trial Features

The features described in this section are present in the code but have not yet been fully qualified by Juniper Networks. These features are available only for field test purposes in this release. If you use any of these features before they have been fully qualified, it is your responsibility to ensure that the feature operates correctly in your targeted configuration.

DHCP

 Support for DHCP External Server, DHCP Local Server, DHCP Relay, and DHCP Relay

Proxy on POS Access Interfaces

The following packet over SONET (POS) module combinations on E Series routers now support configuration of the DHCP external server, DHCP local server, DHCP relay, and DHCP relay proxy applications, alone or in combination, when the POS module is the access interface:

 POS module combinations on the E120 router and the E320 router:

 POS module combinations on ERX14xx models, ERX7xx models, and the ERX310

In the current release, this feature is available for early field test purposes only.

 ES2 4G LM with ES2-S1 OC12-2 STM4 POS IOA

 ES2 4G LM with ES2-S1 OC48 STM16 POS IOA

router:

 OCx/STMx POS line module with OC3-4 I/O module

 OCx/STMx POS line modules with OC12/STM4 I/O module

 OC48 line module with OC48 FRAME APS I/O module

Release 11.3.0

You can configure DHCP external server, DHCP local server, DHCP relay, and DHCP relay proxy on these POS modules in either a virtual router (VR) or a VPN routing and forwarding instance (VRF).

As part of this feature, the pos keyword has been added to the existing ip dhcp-local limit command. To specify the maximum number of IP addresses that the DHCP local server application can supply to all POS access interfaces or to a specific POS access interface, in the range 0–96000, use the ip dhcp-local limit command with the new pos keyword. For example:

! Set the IP address limit for all POS access interfaces to 1000 host1(config)#ip dhcp-local limit pos 1000 ! Set the IP address limit for the specified POS access interface to 2000 host1(config)#ip dhcp-local limit interface pos 5/0/0 2000 ! Restore the IP address limit for all POS access interfaces to the default value, ! 48000 host1(config)#no ip dhcp-local limit pos

To display the maximum number of IP address leases available for POS access interfaces, use the existing show ip dhcp-local limits command. For example:

host1#show ip dhcp-local limits

*****************************************

DHCP Local Server Address Limits

ATM Limit - 48000

VLAN Limit - 48000

POS Limit - 1000

Ethernet Limit - 48000

Stateful Line Module Switchover (High Availability)

 Support for Stateful Line Module Switchover on ES2 4G LMs with ES2-ES1 Service

IOA on E120 and E320 Routers

JunosE Software now supports high availability for ES2 4G line modules configured with Service IOAs on E120 and E320 routers. These line modules function in a 1:1 redundancy mode with the active module as the primary line module and the spare or standby module as the secondary line module. This functionality of high availability for line modules is also referred to as stateful line module switchover.

Stateful line module switchover reduces the impact on subscriber traffic during a stateful switchover from the active line module to the standby line module by ensuring that existing subscriber sessions remain active with a brief disconnection in traffic. Stateful line module switchover maintains user sessions and reduces data forwarding outage to a brief duration through the router during the switchover, thereby improving the overall availability of the router.

The following commands have been added or modified to support configuration and monitoring of stateful line module switchover:

 line-card switch  show redundancy history line-card

 mode high-availability slot  show redundancy line-card

JunosE 11.3.0 Release Notes

Unsupported Features

The JunosE Release 11.3.x documentation set describes some features that are present in the code but that have not yet been fully qualified by Juniper Networks. If you use any of these features before they have been fully qualified, it is your responsibility to ensure that the feature operates correctly in your targeted configuration.

The following features are present but unsupported in this release.

As part of this feature, the following SNMP MIB objects have been added to the Juniper Networks Redundancy MIB to support the stateful line module switchover functionality:

 juniLcRedundancyActiveSlot

 juniLcCardRedundancyStandbySlot

 juniLcRedundancyLastResetReason

 juniLcRedundancyActivationType

 juniLcRedundancyHaActiveTime

 juniLcRedundancySwitchoverTime

In addition, the ha event log category has been modified to record information when the system transitions from one high availability state to another, when a stateful line module switchover is performed.

E120 Router and E320 Router

 The ES2 10G LM and ES2 10G Uplink LM do not support layer 2 statistics for VLANs.

 Subscriber Interfaces on the ES2 10G Uplink LM

You can configure dynamic subscriber interfaces and static subscriber interfaces on the ES2 10G Uplink LM using the CLI. However, configuring subscriber interfaces on the ES2 10G Uplink LM provides no benefit because access features such as per-subscriber QoS are unavailable on the module.

Policy Management

 External Parent Groups Unsupported on ES2 10G, ES2 10G Uplink, and ES2 10G ADV

LMs

External parent groups are not supported on the ES2 10G, ES2 10G Uplink, and ES2 10G ADV LMs. If you create a policy that references an external parent group on these LMs, the system prevents you from attaching it to the LM interface and you receive an error message.

Stateful SRP Switchover (High Availability)

 Stateful SRP Switchover for Certain Applications

The stateful SRP switchover feature has not been qualified for the following applications:

Remote Access

 DHCP proxy client

 L2TP dialout

Release Software Protocols

The following list identifies the major software protocols supported in this release. For detailed information about any protocol, see the configuration guides.

Core Routing Stack

 Internet Protocol (IP) version 4 and version 6

 Transmission Control Protocol (TCP) for IPv4

 User Datagram Protocol (UDP) for IPv4 and IPv6

Network Management Protocols

 Simple Network Management Protocol (SNMP) versions 1, 2c, and 3

Routing Protocols

 Border Gateway Protocol (BGP-4)

 Distance Vector Multicast Routing Protocol (DVMRP)

 Internet Group Membership Protocol (IGMP)

 Intermediate System–to–Intermediate System (IS-IS)

 Layer 2 Virtual Private Networks (L2VPNs)

 Mobile IP

 Open Shortest Path First (OSPF) version 2 and version 3

 Protocol Independent Multicast Protocol (PIM), including PIM dense mode, PIM

sparse mode, PIM dense-sparse mode, and PIM source-specific multicast

 Routing Information Protocol (RIP) version 2

 Virtual Private LAN Service (VPLS)

 Virtual Router Redundancy Protocol (VRRP)

Release 11.3.0

Multiprotocol Label Switching (MPLS)

 Border Gateway Protocol (BGP-4)

 Label Distribution Protocol (LDP)

 Resource ReSerVation Protocol – Traffic Engineering Extensions (RSVP-TE)

Layer 2 Protocols

 Asynchronous Transfer Mode (ATM)

 Bridged Ethernet

 Bridged IP

 Cisco High-Level Data Link Control (Cisco HDLC)

 Ethernet

 Extensible Authentication Protocol (EAP)

 Frame Relay

 Layer 2 Tunneling Protocol (L2TP)

 Multilink Frame Relay (MLFR)

 Multilink Point-to-Point Protocol (MLPPP)

JunosE 11.3.0 Release Notes

 Packet over SONET (POS)

 Point-to-Point Protocol (PPP)

 PPP over Ethernet (PPPoE)

 Transparent bridging

Security Protocols

 Internet Key Exchange (IKE)

 Internet Security Association and Key Management Protocol (ISAKMP)

 IP Authentication Header (AH)

 IP Encapsulating Security Payload (ESP)

 Network Address Translation (NAT)

SRC Software and SDX Software Compatibility Matrix

The SRC software offers the features of the SDX software on the C Series Controllers, a range of hardware platforms that use the Linux operating system. In contrast, the SDX software runs on Solaris workstations. The SRC software contains the features found in the associated SDX release plus additional features described in the SRC Release Notes.

The following table shows which versions of the SRC software and SDX software are compatible with specified versions of the JunosE Software.

SRC Software Release SDX Software Release Tested with JunosE Release

2.0.0 7.1.0 8.1.2, 8.2.2

2.1.0 Not applicable 9.1.0p0-1

3.0.0 Not applicable 9.0.0, 9.0.1, 9.1.1

3.1.0 Not applicable 9.2.0, 9.3.0, 10.0.0

3.2.0 Not applicable 10.1.0, 10.2.0, 10.3.0

4.0.0 Not applicable 10.3, 11.0, 11.1

For more detailed information about SRC software and SDX software compatibility with JunosE releases, see the SRC Release Notes.

Known Behavior

AAA

AT M

Release 11.3.0

This section briefly describes E Series router behavior and related issues. In some cases the behavior differs from non–E Series implementations; in others the behavior is included to emphasize how the router works.

 Although you can use the max-sessions command to configure a maximum of

32,000 outstanding authentication/authorization requests to a RADIUS server, AAA internal limits prevent the actual number of outstanding authentication/authorization requests from exceeding 9600. These internal AAA limits apply only to authentication/authorization requests and not to accounting requests.

 The JunosE Software does not support accounting for ATM 1483 subscribers. The

atm1483 keyword for the aaa accounting default command is present in the CLI, but it is not supported.

 You cannot configure connection admission control (CAC) on an ATM interface on

which you have created a bulk-configured virtual circuit (VC) range for use by a dynamic ATM 1483 subinterface. Conversely, you cannot create a bulk-configured VC range on an ATM interface on which you have configured CAC. The router rejects these configurations, which causes them to fail.

Configuring CAC and bulk-configured VCs on the same ATM interface was supported in previous JunosE Software releases. As a result, If you are upgrading to the current JunosE release from a lower-numbered release, configurations that use CAC and bulk configuration on the same ATM interface continue to work. However, we recommend that you disable CAC on these ATM interfaces to ensure continued compatibility with future JunosE releases.

 The ATM peak cell rate (PCR) does not appear in the L2TP Calling Number AVP for

the first PPP session when the ATM shaping parameters were configured by RADIUS return attributes.

 When you reload an ATM line module that is configured with NBMA circuits as

passive OSPF interfaces and that has established OSPF adjacencies and IBGP peers (configured on Gigabit Ethernet interfaces), the transmission of OSPF hello packets might be affected until all the NBMA interfaces have initialized.

Wor k-a ro und : Either remove the passive OSPF interface statements on the NBMA interfaces, or statically configure the OSPF cost on the NBMA interfaces.

 When you use the no-authenticate keyword with the subscriber command to prevent

subscriber authentication so that the subscriber information can be used for DHCP option 82, suboption 2, the SRP module can reset. This issue does not occur when you use the no-authenticate keyword with the subscriber command as a way to perform a RADIUS configuration.

 When you perform an snmpWalk on the juniAtmSubIfVccTable, a response is

received for only a few of the total configured ATM subinterfaces when both of the following are true: the router has a line module that has some ATM-related configuration and the line module is in the disabled state.

JunosE 11.3.0 Release Notes

BGP

 When you configure an ATM PVC where PCR = SCR and maximum burst size is zero,

the CLI returns an error indicating the burst size is invalid and it does not create the VC.

Wor k-a ro und : Configure a CBR or a UBR plus PCR to create the circuit with the same parameters, depending on the desired priority for the traffic. CBR has a high priority and UBR plus PCR has a medium priority.

 The E Series router does not include the link-local IPv6 address in the next-hop field

of an MP-BGP update message carrying IPv6 routing information over IPv4 transport. This behavior is compliant with RFC 2545 but might have interoperability issues with other implementations that depend on a link-local IPv6 address in the next-hop field on a directly connected external BGP peering.

Wor k-a ro und : Enable EBGP multihop configuration on the remote (non–Juniper Networks) peer.

 The following message might be displayed under certain conditions:

bgpConnections (default,0.0.0.0): TCP error code xx (...) occurred while accepting inbound TCP connection

The message is generated when an unconfigured peer attempts to establish a TCP session with an E Series router and a valid route to the source address of the peer is absent from the router’s routing table.

If a valid route exists in the routing table, the following message is displayed when an unconfigured peer attempts to establish a TCP session with an E Series router; X.X.X.X is the source address of the unconfigured peer:

NOTICE 08/29/2001 16:50:11 bgpConnections (default,X.X.X.X): Inbound connection refused

- no peer X.X.X.X configured in core

BGP/MPLS VPNs

 In a scaled environment, we recommend that you increase the hold timers for the

following protocols to appropriate values, based on the level of complexity of the network and scaling settings, so as to enable graceful restart to be completed successfully. [Defect ID 184974]

 BGP

 IS-IS

 LDP

 OSPF

 RSVP

For a sample configuration scenario that illustrates how to configure hold timers for successful graceful restart in a scaled environment, see JunosE BGP and MPLS Configuration Guide, Chapter 1, Configuring BGP Routing.

 NAT does not function properly with secondary routing table lookup (fallback

global) or global export mapping on the VRF.

B-RAS

Bridged Ethernet

CLI

Release 11.3.0

 Pool groups are not supported; although the ip local pool group command appears

in the CLI, it is not supported.

 If the router is under a heavy load, the show profile command might take longer than

usual to execute.

Wor k-a ro und : You can either delay examination of profiles until the router is less busy, or save a copy of the profile to a text file off the router.

 The CLI erroneously permits you to configure bridge1483 encapsulation over

AAL5MUX IP even though that configuration is not supported.

 In Interface Configuration mode for a major interface, the CLI displays options for

protocols that are not supported by that interface type.

 When you issue the reload command on an ERX310 router, the command might

display a warning message that erroneously indicates that a synchronizing operation will be performed. Any references to synchronization that appear in command output or system messages do not apply to the ERX310 router, which does not support SRP module redundancy.

 The following commands have been deprecated in the JunosE Software and might

be removed completely in a future release. If a command has been deprecated for only a particular command mode, the table specifies any modes for which it is still available.

Deprecated Command Command Mode Preferred Command

aaa accounting interval Global Configuration aaa service accounting

interval and aaa user accounting interval

cablelength short Controller Configuration

clock rate Interface Configuration

channel-group description Controller Configuration

channel-group shutdown Controller Configuration

channel-group snmp trap link-status Controller Configuration

channel-group timeslots Controller Configuration

classifier-list Global Configuration ip classifier-list

color Policy List Configuration color in Classifier Group

Configuration mode

controller e1 Global Configuration

controller t1 Global Configuration

description Interface Configuration

Still available in Controller Configuration and VRF Configuration modes

fdl Controller Configuration

fdl carrier Controller Configuration

fdl string Controller Configuration

fdl transmit Controller Configuration

ip description

JunosE 11.3.0 Release Notes

Deprecated Command Command Mode Preferred Command

filter Policy List Configuration filter in Classifier Group

Configuration mode

forward next-hop Policy List Configuration forward next-hop in Classifier

Group Configuration mode

forward next-interface Policy List Configuration forward interface in Classifier

Group Configuration mode

hostname Domain Map Tunnel

Configuration

Still available in Global Configuration mode

hssi description Interface Configuration

hssi force dte acknowledge Interface Configuration

hssi internal-clock Interface Configuration

ignore dcd Interface Configuration

ignore link-state-signals Interface Configuration

[ no ] ike crl Global Configuration [ no ] ipsec crl

interface hssi Global Configuration

invert tx clock Global Configuration

ip dhcp-local cable-modem Global Configuration set dhcp-relay with the strings

ip mirror Global Configuration ip policy secure-input and

ip policy local-input Interface Configuration, Profile

Configuration

[ no ] ipsec isakmp-policy rule Global Configuration [ no ] ipsec ike-policy-rule

ipv6 policy local-input Interface Configuration, Profile

Configuration

j1 Controller Configuration

license l2tp-session Global Configuration None

lineCoding Controller Configuration

log Policy List Configuration log in Classifier Group

log severity debug dhcpLocalProtocolDecode

loopback Domain Map Configuration

loopback remote { remote line fdl ansi | remote line fdl bellcore | remote line inband remote payload [ fdl ] [ ansi ] }

Global Configuration log severity debug

Still available in Controller Configuration and Interface Configuration modes

Controller Configuration

client-name

docsis and pktc in the server-string mapping specification

ip policy secure-output; for E120 and E320 routers, you must use these commands because the ip mirror command has been removed from the CLI for those routers.

None

Configuration mode

dhcpCapture

local-interface

Release 11.3.0

Deprecated Command Command Mode Preferred Command

mark Policy List Configuration mark in Classifier Group

Configuration mode

mark-de Policy List Configuration mark-de in Classifier Group

Configuration mode

mark-exp Policy List Configuration mark-exp in Classifier Group

Configuration mode

mark-user-priority Policy List Configuration mark-user-priority in Classifier

Group Configuration mode

mpls ldp discovery transport-address Interface Configuration This command has no effect in

Interface Configuration mode. Now available in Global Configuration mode.

mpls topology-driven-lsp ip-interfaces Global Configuration ldp ip-forwarding

[ no ] next-hop Policy List Configuration forward next-hop in Classifier

Group Configuration mode

[ no ] next-interface Policy List Configuration forward interface in Classifier

Group Configuration mode

nrzi-encoding Interface Configuration

no ospf enable Router Configuration ospf shutdown

policy-list Global Configuration ip policy-list

radius disconnect client Global Configuration

The RADIUS Disconnect Configuration mode has been removed from the CLI.

rate-limit-profile Policy List Configuration rate-limit-profile in Classifier

remote-loopback Controller Configuration

router-name Domain Map Configuration

Still available in Tunnel Group Tunnel Configuration mode

show controllers t1/e1 User Exec, Privileged Exec

show controllers t1 remote User Exec, Privileged Exec

show ike certificates User Exec, Privileged Exec show ipsec certificates

show ike configuration User Exec, Privileged Exec show ipsec ike-configuration

show ike identity User Exec, Privileged Exec show ipsec identity

show ike policy-rule User Exec, Privileged Exec show ipsec ike-policy-rule

show ike sa User Exec, Privileged Exec show ipsec ike-sa

show ip dhcp-external binding Privileged Exec show dhcp binding

show ip dhcp-external binding-id Privileged Exec show dhcp binding

show ip dhcp-local binding Privileged Exec show dhcp binding

show ip dynamic-interface-prefix Privileged Exec, User Exec None

show ip mirror interface Privileged Exec show secure policy-list

show license l2tp-session User Exec, Privileged Exec None

t1 lineCoding Controller Configuration None. This command never

traffic-class Policy List Configuration traffic-class in Classifier Group

subscriber disconnect

Group Configuration mode

auth-router-name and ip-router-name in Domain Map Configuration mode

had any effect.

Configuration mode

JunosE 11.3.0 Release Notes

Deprecated Command Command Mode Preferred Command

tunnel mpls label-dist Interface Configuration,

Tunnel Profile Configuration

tunnel mpls autoroute announce bgp Interface Configuration,

Tunnel Profile Configuration

unframed Controller Configuration

user-packet-class Policy List Configuration user-packet-class in Classifier

virtual-router Domain Map Configuration

Still available in Privileged Exec and Global Configuration modes

yellow Controller Configuration

None

Group Configuration mode

auth-router-name and ip-router-name in Domain Map Configuration mode

The router displays a notice when you issue the command manually. If the command is in a script, the router automatically maps the deprecated command to the preferred command. If the deprecated command no longer has a function, then that command has no effect when you run a script containing the command.

 The show configuration command normally takes a long time to finish for extremely

large configurations. If you specify a search string (with the begin, exclude, or include options) with the command for a string that is not present in the configuration, then the CLI session appears to be busy for a prolonged period. The CLI filtering feature for

show commands does not speed up execution of the command.

DHCP

DHCP External Server

 Configuring authentication on the DHCP local server requires that you first disable

the DHCP local server for standalone mode. Doing so removes your entire DHCP local server configuration. Therefore, if you want to configure authentication, do so before you have otherwise configured the DHCP local server.

 When you upgrade from a release numbered lower than Release 7.1.0, all DHCP host

routes previously stored in NVS are deleted. After the upgrade, DHCP clients must reacquire their IP addresses, which results in the new host routes being correctly stored in NVS.

 If you are using DHCP external server and a burst of client releases occurs during a

unified ISSU, some of the client releases might not be processed. [Defect ID 180178]

 When the DHCP relay agent application and the DHCP external server application

are configured in the same virtual router, using the ip dhcp-external server-sync command on an unnumbered IP interface does not function as expected. When you issue the ip dhcp-external server-sync command in this configuration to create subscriber state information based on lease renewals when the external DHCP server and the router are unsynchronized, the router does not forward the ACK request from the DHCP server to the client because there is no route. [Defect ID 88562]

Release 11.3.0

 When a bound DHCP client on a dynamic subscriber interface extends its IP address

lease by restarting the DHCP discovery process on its primary IP interface instead of by initiating the DHCP renewal process on its dynamic subscriber interface, the default behavior of the DHCP external server application to preserve the client’s dynamic subscriber interface was changed in the following JunosE releases to delete and re-create the client’s dynamic subscriber interface:

 Release 7.2.4p0-4 and all higher-numbered 7.2.x releases and patch releases

 Release 7.3.4 and all higher-numbered 7.3.x releases and patch releases

 Release 8.0.4 and all higher-numbered 8.0.x releases and patch releases

 Release 8.1.2 and all higher-numbered 8.1.x releases and patch releases

 Release 8.2.3 and all 8.2.3 patch releases

 Release 9.0.0 and all 9.0.0 patch releases

 Release 9.0.1 and all 9.0.1 patch releases

 Release 9.1 .0 and all 9.1.0 patch releases

If you are upgrading the JunosE Software on the router from any of these releases, you must explicitly issue the ip dhcp-external recreate-subscriber-interface command to configure the router to continue to delete and re-create the DHCP client’s dynamic subscriber interface.

Informational Note: The DHCP external server application is unsupported in JunosE

Release 8.2.1 and JunosE Release 8.2.2.

 DHCP NAK packets are sent from a different VLAN than the one on which the renew

request is received on a router that is configured with dynamic VLANs, DHCP local server, and automatically created dynamic subscriber interfaces. This behavior occurs only after a link flap has taken place.

 DHCP external server may not be able to bind all DHCP clients when all of the

following conditions exist:

 DHCP external server and either DHCP relay or relay proxy are configured in

separate virtual routers on an E320 router.

 The client-facing and server-facing interfaces for DHCP external server and

either DHCP relay or relay proxy are configured on the same ES2 4G LM.

 DHCP external server is configured to create dynamic subscriber interfaces.

When these three conditions exist simultaneously, the ES2 4G LM may not be able to successfully process all DHCP packets. Although all clients may get bounded in DHCP relay or relay proxy, some clients may not get bounded in DHCP external server. (In a production environment it is highly unlikely for conditions 1 and 2 to exist because stand-alone DHCP external server is normally configured for a DHCP relay in a different chassis.)

JunosE 11.3.0 Release Notes

Dynamic Interfaces

Ethernet

Wor k-a ro und : You can eliminate this issue by modifying any one of these conditions.

For example, this issue does not exist with any of the following configuration modifications:

 Configure DHCP external server and either DHCP relay or relay proxy in the same

virtual router.

 Configure the client-facing and server-facing interfaces for DHCP external server

and either DHCP relay or relay proxy on the same ES2 10G LM instead of the same ES2 4G LM.

 Configure the client-facing and server-facing interfaces for DHCP external server

and either DHCP relay or relay proxy on separate ES2 4G LMs.

 Dynamic IPv6 interfaces over static PPP interfaces are not supported.

 The hashing algorithm that selects the LAG member link is associated with the IP

address of the subscriber client to support QoS. Consequently, a particular flow is always hashed to the same link. When a member link is removed from a LAG bundle, traffic rate is disrupted and traffic flow is reduced. When the link goes down and then comes back up, the traffic flow is automatically redistributed.

 When counting bits per second on a Fast Ethernet or Gigabit Ethernet interface, an E

Series router includes 12 bytes for interpacket gap, 7 bytes for preamble, and 1 byte for start frame delimiter, for a total of 20 bytes (160 bits) per packet more than some non–E Series routers. This value therefore shows the total bandwidth utilization on the interface, including both data and overhead.

 Support for the 0x9200 S-VLAN Ethertype has been removed. You can no longer

specify the 9200 option with the svlan ethertype command.

When you upgrade to Release 7.1.0 or higher-numbered release, the software automatically transfers existing configurations that use the 0x9200 Ethertype to the 0x88a8 Ethertype.

 The show interface gigabitEthernet command output does not display the following

line of output for Gigabit Ethernet modules that do not support SFPs, such as the GE Single Mode I/O module and GE I/O Multi Mode I/O modules:

Primary/Secondary link signal detected

Primary/Secondary link signal not detected

 To bridge unicast known-DA packets at line rate on both 2-Gbps ports of the GE-2

line module or the GE-HDE module when paired with the GE-2 SFP I/O module, the minimum packet size must be at least 144 bytes.

When installed in the ERX1440 router, the GE-2 module delivers full bandwidth of 4 GB per line module (2 GB at the ingress and 2 GB at the egress) only when installed in slot 2 or slot 4, and when the SRP-40G+ module is used in the router. When installed in any other ERX1440 slot, the GE-2 module delivers a maximum bandwidth of 2 GB per line module (1 GB maximum at the ingress and 1 GB maximum at the egress). Therefore, of the maximum 24 possible ports for the module in an ERX1440 chassis (that is, two ports in each of 12 slots), full bandwidth is delivered only on a maximum of four ports (those in slots 2 and 4).

+ 76 hidden pages

Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - RELEASE NOTES 2010-11-09, JUNOSE 11.3 Release Note

Specifications and Main Features

Frequently Asked Questions

User Manual