Release
Published
2021-02-05
Notes
Junos®OS 18.2R1 Release Notes
SUPPORTED ON
ACX Series, EX Series, Junos Fusion Enterprise, Junos Fusion Provider Edge, MX Series,
•
NFX Series, PTX Series, QFX Series, and SRX Series
HARDWARE HIGHLIGHTS
Support for new universal metro routers (ACX5448)
•
Support for xDSL SFP module (NFX Series)
•
Support for QFX10000-30C-M line card channelization (QFX10008, QFX10016)
•
SOFTWARE HIGHLIGHTS
Support for VPWS with EVPN signaling mechanisms and flexible cross connect (ACX5448)
•
Support for virtualization (ACX5448)
•
Support for 48x1/10GE and 4x100GE interface ports (ACX5448)
•
Support for Layer 2 features (ACX5448)
•
Support for Layer 3 features (ACX5448)
•
Support for NSR and ISSU for point-to-multipoint LSP for EVPN provider tunnel (EX9200)
•
Support for excluding the overhead bytes from queue statistics (MX Series)
•
Support for OSPF, IS-IS, BGP, and static routing on IRB interfaces in EVPN-VXLAN networks
•
(MX Series, vMX)
Support for unified ISSU (MX10003)
•
Support for PTP over Ethernet and hybrid mode over link aggregation group (MX Series)
•
Support for ON_CHANGE expansion for Junos Telemetry Interface (JTI) (MX Series)
•
Support for local authentication and authorization for subscribers (MX Series)
•
Support for DHCP short-cycle protection to reduce excess loading (MX Series)
•
Support for global range setting for initial router advertisement intervals (MX Series)
•
Support for security features (NFX Series)
•
Support for vMX VNF (NFX250-S1, NFX250-S2)
•
Support for J-Insight device monitor (MX Series, vMX, and “PTX Series”)
•
Support for client link-layer address option 79 for DHCPv6 (QFX Series)
•
Support for zero touch provisioning (QFX10008, QFX10016)
•
Support for advanced policy-based routing (APBR) policy (SRX Series, vSRX)
•
Support for advanced features for logical systems (SRX Series, vSRX)
•
Support for TWAMP ALG traffic (SRX Series)
•
Support for unified policies (SRX Series, vSRX)
•
Release Notes: Junos®OS Release 18.2R1 for
the ACX Series, EX Series, MX Series, NFX
Series, PTX Series, QFX Series, SRX Series, and
Junos Fusion
1
05 February 2021
Contents
Introduction | 13
Junos OS Release Notes for ACX Series | 13
New and Changed Features | 14
Hardware | 15
Authentication Access Control | 15
Class of Service | 16
Dynamic Host Configuration Protocol | 16
EVPN | 16
General Routing | 17
Routing Policy and Firewall Filters | 19
Interfaces and Chassis | 19
Layer 2 Features | 19
Layer 3 Features | 21
Management | 21
MPLS | 21
Multicast | 22
Routing Protocols | 23
Security | 23
Software Installation and Upgrade | 23
Timing and Synchronization | 24
Changes in Behavior and Syntax | 25
High Availability (HA) and Resiliency | 25
Junos XML API and Scripting | 25
Layer 3 Features | 25
Known Behavior | 26
Known Issues | 26
Class of Service | 27
DHCP | 27
IGMP Snooping | 28
Timing and Synchronization | 28
Resolved Issues | 28
Documentation Updates | 29
Migration, Upgrade, and Downgrade Instructions | 29
2
Upgrade and Downgrade Support Policy for Junos OS Releases | 30
Product Compatibility | 30
Hardware Compatibility | 31
Junos OS Release Notes for EX Series Switches | 32
New and Changed Features | 32
Hardware | 33
Authentication, Access Control | 34
Authentication, Authorization, and Accounting (AAA) | 35
Class of Service (CoS) | 35
Dynamic Host Configuration Protocol (DHCP) | 35
EVPN | 35
Interfaces and Chassis | 38
Layer 2 Features | 39
Operation, Administration, and Maintenance (OAM) | 40
Port Security | 40
Restoration Procedures Failure | 43
Software Installation and Upgrade | 43
Software Licensing | 43
System Management | 44
User Interface and Configuration | 44
Virtual Chassis | 44
Changes in Behavior and Syntax | 45
EVPN | 47
High Availability (HA) and Resiliency | 47
Interfaces and Chassis | 47
Junos OS XML, API, and Scripting | 47
Junos Telemetry Interface | 47
Layer 2 Features | 48
Multicast | 48
Network Management and Monitoring | 48
Software Installation and Upgrade | 48
User Interface and Configuration | 49
Known Behavior | 50
General Routing | 50
3
Known Issues | 51
Authentication and Access Control | 51
General Routing | 51
High Availability (HA) and Resiliency | 52
Infrastructure | 52
Platform and Infrastructure | 52
Resolved Issues | 53
Forwarding and Sampling | 53
General Routing | 53
Interfaces and Chassis | 54
Layer 2 Features | 54
Layer 2 Ethernet Services | 54
MPLS | 54
Platform and Infrastructure | 54
Documentation Updates | 55
Migration, Upgrade, and Downgrade Instructions | 55
Upgrade and Downgrade Support Policy for Junos OS Releases | 56
Product Compatibility | 57
Hardware Compatibility | 57
Junos OS Release Notes for Junos Fusion Enterprise | 58
New and Changed Features | 58
Junos Fusion Enterprise | 59
Changes in Behavior and Syntax | 60
High Availability (HA) and Resiliency | 60
Known Behavior | 60
Junos Fusion Enterprise | 61
Known Issues | 61
Junos Fusion Enterprise | 62
Resolved Issues | 62
Resolved Issues: 18.2R1 | 62
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63
Basic Procedure for Upgrading Junos OS on an Aggregation Device | 64
4
Upgrading an Aggregation Device with Redundant Routing Engines | 66
Preparing the Switch for Satellite Device Conversion | 66
Converting a Satellite Device to a Standalone Switch | 68
Upgrade and Downgrade Support Policy for Junos OS Releases | 68
Downgrading from Junos OS Release 18.2 | 68
Product Compatibility | 69
Hardware and Software Compatibility | 69
Hardware Compatibility Tool | 69
Junos OS Release Notes for Junos Fusion Provider Edge | 70
New and Changed Features | 70
Changes in Behavior and Syntax | 71
High Availability (HA) and Resiliency | 71
Known Behavior | 72
Junos Fusion | 72
Known Issues | 73
Junos Fusion | 73
Resolved Issues | 74
Class of Service (CoS) | 74
Junos Fusion | 74
Documentation Updates | 75
Migration, Upgrade, and Downgrade Instructions | 75
Basic Procedure for Upgrading an Aggregation Device | 76
Upgrading an Aggregation Device with Redundant Routing Engines | 78
Preparing the Switch for Satellite Device Conversion | 79
Converting a Satellite Device to a Standalone Device | 80
Upgrading an Aggregation Device | 83
Upgrade and Downgrade Support Policy for Junos OS Releases | 83
Downgrading from Release 18.2 | 83
Product Compatibility | 84
Hardware Compatibility | 84
Junos OS Release Notes for MX Series 5G Universal Routing Platforms | 85
New and Changed Features | 86
Release 18.2R1-S4 New and Changed Features | 86
Release 18.2R1-S2 New and Changed Features | 86
5
Release 18.2R1 New and Changed Features | 87
Changes in Behavior and Syntax | 107
EVPN | 107
General Routing | 108
High Availability (HA) and Resiliency | 109
Interfaces and Chassis | 109
Junos OS XML API and Scripting | 109
Junos Telemetry Interface | 109
MPLS | 109
Network Management and Monitoring | 110
Software Installation and Upgrade | 110
Subscriber Management and Services | 111
User Interface and Configuration | 111
Known Behavior | 112
General Routing | 113
EVPN | 114
Forwarding and Sampling | 114
Interfaces and Chassis | 114
Routing Protocols | 115
Services Applications | 115
Known Issues | 116
EVPN | 116
Forwarding and Sampling | 117
General Routing | 118
Infrastructure | 121
Interfaces and Chassis | 122
Layer 2 Features | 122
MPLS | 122
Network Management and Monitoring | 123
Platform and Infrastructure | 123
Routing Protocols | 124
Resolved Issues | 125
Application Layer Gateways (ALGs) | 126
Class of Service (CoS) | 126
6
EVPN | 126
Forwarding and Sampling | 127
General Routing | 127
High Availability (HA) and Resiliency | 135
Infrastructure | 136
Interfaces and Chassis | 136
Layer 2 Ethernet Services | 137
Layer 2 Features | 137
MPLS | 137
Network Management and Monitoring | 138
Platform and Infrastructure | 138
Routing Policy and Firewall Filters | 140
Routing Protocols | 140
Services Applications | 142
Software Installation and Upgrade | 143
Subscriber Access Management | 143
User Interface and Configuration | 143
VPNs | 143
Documentation Updates | 144
Migration, Upgrade, and Downgrade Instructions | 144
Basic Procedure for Upgrading to Release 18.2 | 145
Procedure to Upgrade to FreeBSD 11.x based Junos OS | 146
Procedure to Upgrade to FreeBSD 6.x based Junos OS | 148
Upgrade and Downgrade Support Policy for Junos OS Releases | 150
Upgrading a Router with Redundant Routing Engines | 150
Downgrading from Release 18.2 | 151
Product Compatibility | 151
Hardware Compatibility | 151
Junos OS Release Notes for NFX Series | 152
New and Changed Features | 153
Hardware | 154
Advanced Policy-Based Routing (APBR) | 154
Security | 154
7
Virtual Network Functions | 154
Changes in Behavior and Syntax | 155
High Availability (HA) and Resiliency | 155
Known Behavior | 156
Allocation of hugepages | 156
Known Issues | 156
BIOS Upgrade | 157
Resolved Issues | 157
Resolved Issues: 18.2R1 | 158
Documentation Updates | 158
Migration, Upgrade, and Downgrade Instructions | 159
Upgrade and Downgrade Support Policy for Junos OS Releases | 159
Basic Procedure for Upgrading to Release 18.2 | 159
Product Compatibility | 161
Hardware Compatibility | 161
Software Version Compatibility | 161
Junos OS Release Notes for PTX Series Packet Transport Routers | 164
New and Changed Features | 164
Hardware | 165
Class of Service (CoS) | 166
High Availability (HA) and Resiliency | 166
Interfaces and Chassis | 166
Junos Telemetry Interface | 167
Layer 3 Features | 168
MPLS | 169
Multicast | 170
Network Management and Monitoring | 171
Operation, Administration, and Maintenance (OAM) | 172
Routing Policy and Firewall Filters | 172
Services Applications | 172
Software Installation and Upgrade | 173
System Management | 173
Changes in Behavior and Syntax | 175
High Availability (HA) and Resiliency | 175
8
Interfaces and Chassis | 175
Junos OS XML API and Scripting | 177
Junos Telemetry Interface | 177
Network Management and Monitoring | 177
Software Installation and Upgrade | 177
Known Behavior | 178
General Routing | 179
Infrastructure | 180
Interfaces and Chassis | 180
Known Issues | 181
General Routing | 181
Infrastructure | 182
Interfaces and Chassis | 183
MPLS | 183
Platform and Infrastructure | 183
Resolved Issues | 184
General Routing | 184
Infrastructure | 186
Interfaces and Chassis | 186
MPLS | 186
Platform and Infrastructure | 186
Routing Protocols | 187
Documentation Updates | 187
Migration, Upgrade, and Downgrade Instructions | 188
Upgrade and Downgrade Support Policy for Junos OS Releases | 188
Upgrading a Router with Redundant Routing Engines | 188
Basic Procedure for Upgrading to Release 18.2 | 189
Installing the Software on PTX10002-60C Routers | 193
Product Compatibility | 194
Hardware Compatibility | 194
Junos OS Release Notes for the QFX Series | 195
New and Changed Features | 195
Hardware | 196
Authentication Access Control | 196
9
EVPN | 197
Junos Telemetry Interface | 199
Port Security | 200
Restoration Procedures Failure | 201
Routing Protocols | 201
Security | 201
Software Installation and Upgrade | 201
System Management | 202
VLAN Infrastructure | 203
Changes in Behavior and Syntax | 203
High Availability (HA) and Resiliency | 205
Interfaces and Chassis | 205
Junos OS XML, API, and Scripting | 205
Junos Telemetry Interface | 205
Network Management and Monitoring | 205
Routing Policy and Firewall Filters | 206
Software Installation and Upgrade | 206
Known Behavior | 207
General Routing | 207
EVPN | 209
Interfaces and Chassis | 209
Layer 2 Features | 209
Routing Protocols | 209
Virtual Chassis | 210
Known Issues | 210
EVPN | 211
General Routing | 212
Interfaces and Chassis | 214
Layer 2 Features | 214
MPLS | 214
Platform and Infrastructure | 214
Routing Protocols | 215
Resolved Issues | 216
EVPN | 216
10
General Routing | 217
Interfaces and Chassis | 220
Junos Fusion Satellite Software | 220
Layer 2 Features | 220
MPLS | 221
Multicast | 221
Platform and Infrastructure | 221
Routing Protocols | 221
Documentation Updates | 222
Migration, Upgrade, and Downgrade Instructions | 223
Upgrading Software on QFX Series Switches | 223
Installing the Software on QFX10002-60C Switches | 226
Installing the Software on QFX10002 Switches | 226
Upgrading Software from Junos OS Release 15.1X53-D3X to Junos OS Release
15.1X53-D60, 15.1X53-D61.7, 15.1X53-D62, and 15.1X53-D63 on QFX10008 and
QFX10016 Switches | 227
Installing the Software on QFX10008 and QFX10016 Switches | 229
Performing a Unified ISSU | 233
Preparing the Switch for Software Installation | 234
Upgrading the Software Using Unified ISSU | 234
Upgrade and Downgrade Support Policy for Junos OS Releases | 236
Product Compatibility | 237
Hardware Compatibility | 237
Junos OS Release Notes for SRX Series | 238
New and Changed Features | 239
Release 18.2R1-S3 New and Changed Features | 240
Release 18.2R1-S1 New and Changed Features | 240
Release 18.2R1 New and Changed Features | 242
Changes in Behavior and Syntax | 249
API and Scripting | 250
Application Security | 250
Attack Detection and Prevention (ADP) | 252
Authentication and Access | 252
Chassis Cluster | 252
Ethernet Switching | 253
11
High Availability (HA) and Resiliency | 253
Interfaces and Chassis | 253
IDP | 253
Routing Protocols | 253
Security | 253
User Interface and Configuration | 254
UTM | 255
Known Behavior | 256
Chassis Cluster | 256
Interfaces and Chassis | 256
J-Web | 257
Network Management and Monitoring | 257
User Interface and Configuration | 257
Known Issues | 258
Application Layer Gateways (ALGs) | 258
Flow-Based and Packet-Based Processing | 258
Platform and Infrastructure | 258
Routing Policy and Firewall Filters | 259
Routing Protocols | 259
VPN | 259
Resolved Issues | 260
Application Layer Gateways (ALGs) | 260
Authentication and Access Control | 261
Chassis Clustering | 261
Class of Service (CoS) | 261
Flow-Based and Packet-Based Processing | 261
Intrusion Detection and Prevention (IDP) | 262
J-Web | 262
Layer 2 Ethernet Services | 262
Network Address Translation (NAT) | 262
Platform and Infrastructure | 262
Routing Policy and Firewall Filters | 263
Routing Protocols | 263
Unified Threat Management (UTM) | 264
12
VLAN Infrastructure | 264
VPN | 264
Documentation Updates | 264
Migration, Upgrade, and Downgrade Instructions | 265
Upgrade and Downgrade SupportPolicy for Junos OS Releases and Extended End-Of-Life
Releases | 265
Product Compatibility | 266
Hardware Compatibility | 266
Upgrading Using ISSU | 267
Compliance Advisor | 267
Finding More Information | 267
Documentation Feedback | 268
Requesting Technical Support | 269
Self-Help Online Tools and Resources | 269
Opening a Case with JTAC | 269
Revision History | 270
Introduction
Junos OS runs on the following Juniper Networks®hardware: ACX Series, EX Series, M Series, MX Series,
NFX Series, PTX Series, QFabric systems, QFX Series, SRX Series, T Series, and Junos Fusion.
These release notes accompany Junos OS Release 18.2R1 for the ACX Series, EX Series, MX Series, NFX
Series, PTX Series, QFX Series, SRX Series, and Junos Fusion. They describe new and changed features,
limitations, and known and resolved problems in the hardware and software.
NOTE: The recommended release for Junos Fusion Data Center is 18.1R2-S2. The subsequent
18.xRx mainline releases (18.2, 18.3, and 18.4) do not support Junos Fusion Data Center.
13
Junos OS Release Notes for ACX Series
IN THIS SECTION
New and Changed Features | 14
Changes in Behavior and Syntax | 25
Known Behavior | 26
Known Issues | 26
Resolved Issues | 28
Documentation Updates | 29
Migration, Upgrade, and Downgrade Instructions | 29
Product Compatibility | 30
These release notes accompany Junos OS Release 18.2R1 for the ACX Series. They describe new and
changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/product/en_US/junos-os.
New and Changed Features
IN THIS SECTION
Hardware | 15
Authentication Access Control | 15
Class of Service | 16
Dynamic Host Configuration Protocol | 16
EVPN | 16
General Routing | 17
Routing Policy and Firewall Filters | 19
Interfaces and Chassis | 19
Layer 2 Features | 19
Layer 3 Features | 21
14
Management | 21
MPLS | 21
Multicast | 22
Routing Protocols | 23
Security | 23
Software Installation and Upgrade | 23
Timing and Synchronization | 24
This section describes the features and enhancements in Junos OS Release 18.2R1 for ACX Series Universal
Metro Routers.
Hardware
New ACX5448 Universal Metro Routers—Starting with Junos OS Release 18.2R1, the ACX5448 Universal
•
Metro Routers are available as Juniper Networks’ top-of-rack router solutions for data centers and
campus distribution or aggregation environments. The ACX5448 router portfolio consists of
high-performance fixed-configuration routers that add higher port densities, additional scalability, and
improved latency to the ACX Series. The ACX5448 routers offers a compact 1U model that provides
wire-speed packet performance, very low latency, and a rich set of Layer 2 and Layer 3 features. The
router has a high-throughput Packet Forwarding Engine, and the performance of the control-plane
running on ACX5448 router is enhanced by the 1.9 Ghz six-core Intel CPU with 32 GB of memory and
two 100 GB of solid-state drive (SSD) storage.
The ACX5448 is a 10-Gigabit Ethernet enhanced small form-factor pluggable (SFP+) top-of-rack router
with 48 SFP+ ports, and four 100-Gigabit Ethernet QSFP28 ports. Each SFP+ port can operate as a
native 10-Gigabit Ethernet port, or as a 1-Gigabit Ethernet port when 1-Gigabit optics are inserted.
The ACX5448 is shipped with redundant fans and redundant power supplies. The router can be ordered
with front-to-back airflow (air out or AFO), or back-to-front airflow (air in or AFI), and with AC or DC
power supplies.
15
Authentication Access Control
Enhancement to NTP authentication method (ACX500, ACX1100)— Starting in Junos OS Release
•
18.2R1, Junos OS supports NTP authentication for both SHA-1 and SHA2-256, in addition to the existing
NTP authentication method, MD5. You can now choose from among MD5, SHA-1, and SHA2-256 for
synchronizing the clocks of Juniper Network routers, switches, and other security devices on the Internet.
Using SHA-1 instead of MD5 improves the security of devices with very little impact to timing, while
using SHA2-256 provides an increase in security over SHA-1.
NOTE: By default, network time synchronization is unauthenticated.
To implement authentication, use set authentication-key <key_number> type at the [edit system ntp]
hierarchy level.
To enable SHA-1 authentication, use set authentication key <key_number> type sha1 value <password>
•
at the [edit system ntp] hierarchy level.
To enable SHA2-256 authentication, use set authentication key <key_number> type sha256 value
•
<password> at the [edit system ntp] hierarchy level.
See authentication-key and Configuring NTP Authentication Keys
Class of Service
Support for logical interface-based classification and rewrites (ACX5448)—Starting with Junos OS
•
Release 18.2R1, ACX5448 router supports configuring logical interface-based classification and rewrite
rules. ACX5448 router supports fixed, behavior aggregate (IP precedence, DSCP, DSCP IPv6, MPLS EXP,
IEEE-802.1p, IEEE-802.1ad (DEI bit)), and multifield classifiers.
See Classifiers and Rewrite Rules at the Global, Physical and Logical Interface Levels Overview
Support for port-based queueing, scheduling, and shaping (ACX5448)—Starting with Junos OS Release
•
18.2R1, ACX5448 router supports port-based queueing, scheduling, and shaping. You can configure up
to eight queues (virtual output queues) per physical interface (port). Scheduling properties can be applied
at both physical as well as logical interface levels. The egress scheduler supports two priority levels
(strict-high and low). Multiple strict-high priority queues and multiple low (default) priority queues can
be configured.
16
Schedulers and their associated shapers control the traffic bandwidth, jitter (delay variation), and packet
loss priority at the egress of the device. By default a port on ACX5448 router gets a dedicated buffer
of 100ms and shared buffer from DRAM. Delay buffer controls the latency of the queue during congestion
and maximum number of packets that can be held in a queue. Default buffer size per port is 100ms.
See Understanding Schedulers Overview, Configuring Shared and Dedicated Buffer Memory Pools, and
Hierarchical Class of Service in ACX5000.
Dynamic Host Configuration Protocol
Support for DHCPv4 and DHCPv6 (ACX5448)—Starting with Junos OS Release 18.2R1, ACX5448 router
•
supports DHCP server, DHCP client, and DHCP relay configuration for IPv4 and IPv6 services. You can
enable ACX5448 router to function as DHCP server and configure the DHCP server options on the
router. The DHCP server provides an IP address and other configuration information in response to a
client request. DHCP relay agent forwards DHCP request and reply packets between a DHCP client and
a DHCP server.
See Extended DHCP Local Server Overview and See Extended DHCP Relay Agent Overview
EVPN
Support for VPWS with EVPN signaling mechanisms and flexible cross connect (ACX5448)—Starting
•
with Junos OS Release 18.2R1, the ACX5448 router supports VPWS with EVPN signaling mechanisms
and flexible cross connect. The EVPN VPWS provides a framework for delivering the VPWS with EVPN
signaling mechanisms. The VPWS with EVPN signaling mechanisms supports single-active or all-active
multihoming capabilities and inter-autonomous system (AS) options associated with BGP-signaled VPNs.
The EVPN VPWS flexible cross connect addresses the label resource issue. The flexible cross-connect
(FXC) service enables interoperability of access router that uses EVPN FXC VLAN-aware and
VLAN-unaware FXC services. ACX5448 router do not support pseudowire services in EVPN VPWS
flexible cross connect.
The following limitations apply:
Control word is not supported for EVPN VPWS services.
•
When VLAN maps are applied on the ccc-interfaces (UNI) for EVPN VPWS, only the following VLAN
•
map operations are applicable:
IFD Encap/ IFL-TYPE Input-MAP Output-Map
------------------------------------------------------------ethernet-ccc unit 0;
TC2 push-push pop-pop
vlan-ccc
ST: vlan-id X
swap-push ..
DT: vlan-tags outer X inner Y
TC1 pop-pop push-push
TC4 swap-swap swap-swap
17
VLAN map with non-default TPIDs in the VLAN map operation is not supported.
•
Aggregated Ethernet interfaces with LAG interface for EVPN VPWS and EVPN VPWS FXC services
•
are not supported. However, for CE multihoming, the CE can have static-AE, and CE can multihome
to the ACX5448 PE router (PE in non-AE/LAG).
See Overview of VPWS with EVPN Signaling Mechanisms
General Routing
Support for virtualization (ACX5448)—Starting with Junos OS Release 18.2R1, ACX5448 routers support
•
virtualization. Virtualization enables multiple instances of operating systems, called guests, to run
concurrently on the host and share virtualized hardware resources. A guest is a virtual machine (VM)
that runs on a hypervisor-based host and shares its resources. A host is a virtualized software whose
hypervisor allows multiple guest VMs to run on it concurrently and share its resources. A VM can be an
instance of Junos OS or any compatible third-party VM. Each VM runs its own operating system image
and applications that can be different from that of another VM running on the same host. ACX5448
router supports only one Junos VM. You can use the following chassis management commands to manage
the onboard FRUs:
show chassis hardware
•
show chassis temperature-thresholds
•
show chassis environment
•
show chassis alarms
•
ACX5448 router emulates one FPC with two PICs. One PIC represents the 48x1/10GE ports and other
represents the 4x100GE ports. The show chassis hardware CLI command shows the FPC and PICs as
built-in as shown in the following sample output:
user@host> show chassis hardware
Hardware inventory:
Item Version Part number Serial number Description
Chassis DA805 ACX5448
Midplane REV 13 750-065110 ACNP4346 ACX5448
Routing Engine BUILTIN BUILTIN Routing Engine
RFEB
FPC 0 BUILTIN BUILTIN FPC BUILTIN
MIC 0 48x1GE/48x10GE
PIC 0 BUILTIN BUILTIN 48x1GE/48x10GE
MIC 1 24x10/25GE 6x40/100GE
PIC 1 BUILTIN BUILTIN 24x10/25GE 6x40/100GE
18
NOTE: ACX5448 routers do not support request system software upgrade and request system
software rollback commands, instead you must use request vmhost CLI commands.
ACX5448 routers do not support:
Multiple guest VMs
•
Redundant Junos VMs
•
ISSU
•
10/100 Mbps copper SFPs
•
See Routing Engines with VM Host Support and Architecture of Routing Engines with VM Host Support
Routing Policy and Firewall Filters
Support for firewall filters and policers (ACX5448)—Starting with Junos OS Release 18.2R1, ACX5448
•
router supports configuring firewall filters on packets (families such as bridge domain, IPv4, IPv6, CCC,
MPLS) based on packet match conditions. Along with the match conditions, actions such as count, discard,
log, syslog, policer are performed on the packets that match the filter. You can configure policers and
attach them to a firewall term.
See Standard Firewall Filter Match Conditions and Actions on ACX Series Routers Overview
Interfaces and Chassis
Support for 48x1/10GE and 4x100GE Interface Ports (ACX5448)—ACX5448 router has 48x1/10GE
•
interface ports and 4x100GE interface ports. The 48 ports on ACX5448 router can be configured as
1GE or 10GE modes and these ports are represented by xe interface type. The PIC 1 of FPC 0 has
4x100GE ports, where each port can be channelized as 1x100GE, or 1x40GE, or 4x25GE modes and
these ports are represented by et interface type. By default, the port speed in PIC 1 is 100GE.
19
See Understanding Interfaces on ACX Series Universal Metro Routers
Layer 2 Features
Support for Layer 2 features (ACX5448)—Starting with Junos OS Release 18.2R1, ACX5448 router
•
supports the Layer 2 bridging, Q-in-Q tunneling, no-local switching, and Layer 2 protocol tunnel. A bridge
domain is a set of logical interfaces that share the same flooding or broadcast characteristics. Layer 2
logical interfaces are created by defining one or more logical units on a physical interface with
encapsulation as vlan-bridge and as ethernet-bridge. All the member ports of the bridge domain participate
in Layer 2 learning and forwarding. These bridging features are used to configure E-LINE, E-LAN and
E-TREE services. On ACX5448 router, you can configure bridge domains by using the following methods:
Bridge domain without a vlan-id number statement
•
Bridge domain with the vlan-id value set to none
•
Bridge domain with a single vlan-id
•
The Layer 2 Next Generation mode, also called Enhanced Layer 2 Software (ELS), is supported on
ACX5448 router for configuring the Layer 2 features.
If no-local-switching is configured in a bridge domain, then traffic cannot flow between CE to CE
interfaces. This includes known unicast/multicast, unknown unicast/multicast, and broadcast traffic.
However, traffic can flow between CE to PE interfaces and between PE to PE interfaces.
Q-in-Q tunneling allows you to create a Layer 2 Ethernet connection between two customer sites.
Providers can segregate different customers’ VLAN traffic on a link (for example, if the customers use
overlapping VLAN IDs) or bundle different customer VLANs into a single service VLAN. Service providers
can use Q-in-Q tunneling to isolate customer traffic within a single site or to enable customer traffic
flows across geographic locations.
Layer 2 protocol tunnel can be configured on the customer edge port using mac rewrite configuration.
MAC rewrite is supported for the STP, CDP, VTP, LLDP, ELMI, 802.1x, 802.3ah, LACP, MMRP, MVRP
protocol packets.
See Layer 2 Bridge Domains on ACX Series Overview, See Q-in-Q Tunneling on ACX Series Overview,
and See Understanding Layer 2 Next Generation Mode on ACX Series Routers
Support for Layer 2 services (ACX5448)—Starting with Junos OS Release 18.2R1, ACX5448 router
•
supports configuring Layer 2 services such as RSTP, MSTP for loop resolutions, and storm control to
monitor traffic levels and to drop broadcast, unknown unicast, and multicast (BUM) packets if they
exceed the configured limit.
Storm control is applied on the following traffic types:
Layer 2 multicast packets
•
Layer 2 unregistered multicast packets
•
20
Layer 2 registered multicast packets
•
On ACX5448 router, storm control is only applicable at the physical interface level. No event will be
logged when a traffic storm hits an ACX5448 router. Also interfaces will not be bound to any default
profile. The default action is to drop the packets exceeding the configured bandwidth.
See Storm Control on ACX Series Routers Overview
Support for Layer 2 protection (ACX5448)—Starting with Junos OS Release 18.2R1, ACX5448 router
•
supports configuring bridge protocol data unit (BPDU) protect, loop protect, and root protect on
spanning-tree instance interface. You can configure BPDU protection on individual interfaces or on all
the edge ports of the bridge.
See Understanding BPDU Protection for Spanning-Tree Instance Interfaces, Understanding Loop
Protection for Spanning-Tree Instance Interfaces, and Understanding Root Protection for Spanning-Tree
Instance Interfaces in a Layer 2 Switched Network
Layer 3 Features
Support for Layer 3 features (ACX5448)—Starting with Junos OS Release 18.2R1, the ACX5448 router
•
uses MPLS as a transport mechanism and they include support for label-switching router (LSR), label
edge routers (LERs), and pseudowire services. The protocols such as ECMP, OSPF, ISIS, and BGP are
also supported on ACX5448 router.
See MPLS Overview
Management
Support for NETCONF over SSH and custom YANG models (ACX5448)—Starting with Junos OS Release
•
18.2R1, ACX5448 router supports NETCONF OVER SSH and custom YANG modules.
Client applications can access the NETCONF server using the SSH protocol and use the standard SSH
authentication mechanism. After authentication, the NETCONF server uses the configured Junos OS
login usernames and classes to determine whether a client application is authorized to make each request.
21
You can load custom YANG modules on the router to add data models that are not natively supported
by Junos OS but can be supported by translation. Doing this enables you to extend the configuration
hierarchies and operational commands with data models that are customized for your operations. You
can load custom YANG modules by using the request system yang add operational command.
See Establishing an SSH Connection for a NETCONF Session and YANG Modules Overview
MPLS
Support for MPLS ping and Bidirectional Forwarding Detection over virtual circuit connection verification
•
(ACX5448)—Starting with Junos OS Release 18.2R1, ACX5448 router supports MPLS ping and
Bidirectional Forwarding Detection over Virtual Circuit Connection Verification. MPLS ping functionality
diagnoses the state of label-switched paths (LSPs), where the router sends probe packets into the LSP.
Based on how the LSP at the remote endpoint of the connection replies to the probes, you can determine
the connectivity of the LSP. Each probe is an echo request sent to the LSP as an MPLS packet with a
UDP payload. If the outbound node receives the echo request, it checks the contents of the probe and
returns a value in the UDP payload of the response packet. If the Junos OS receives the response packet,
it reports a successful ping response.
Bidirectional Forwarding Detection (BFD) support for virtual circuit connection verification (VCCV)
allows you to configure a control channel for a pseudowire, in addition to the corresponding operations
and management functions to be used over that control channel. BFD provides a low resource mechanism
for the continuous monitoring of the pseudowire data path and for detecting data plane failures, as
described in RFC 5885.
You can use the following commands for debugging:
show bfd session extensive
•
show ldp database extensive
•
See Pinging LSPs and Configuring BFD for VCCV for Layer 2 Circuits
Support for MPLS ping and traceroute (ACX5448)—Starting with Junos OS Release 18.2R1, the ACX5448
•
router supports MPLS ping and traceroute. MPLS ping and traceroute [RFC-4379] are common tools
used to debug connectivity between two PEs for a LSP. The ping portion works by injecting an echo
request packet in a LSP and expecting the remote PE endpoint to receive and reply to the packet. The
traceroute function works the same as it does for IP where it sends multiple packets with an increasing
TTL to let the packet get progressively farther in the LSP path before sending message indication that
the TTL has expired.
See Pinging LSPs
Multicast
Support for multicast features (ACX5448)—Starting with Junos OS Release 18.2R1, ACX5448 router
•
supports the following multicast protocol (IGMP and PIM) features for forwarding IPv4 and IPv6 traffic:
22
Anycast rendezvous point
•
Auto rendezvous point
•
Bidirectional Forwarding Detection (BFD) for PIM
•
IGMP version 1, version 2, and version 3
•
IGMP filter
•
IGMP proxy (relay)
•
IGMP querier
•
IGMP version 1, version 2, and version 3 snooping
•
Multicast Source Discovery Protocol (MSDP)
•
PIM static rendezvous point
•
PIM source-specific multicast (SSM)
•
PIM sparse mode
•
See Multicast Overview
Routing Protocols
Support for Two-Way Active Measurement Protocol (ACX5448)—Starting with Junos OS Release
•
18.2R1, ACX5448 router supports Two-Way Active Measurement Protocol (TWAMP). The TWAMP
defines a standard for measuring IP performance between two devices in a network. ACX5448 router
supports only the reflector side of TWAMP.
See Understanding Two-Way Active Measurement Protocol on Routers
Security
Support for secure boot and BIOS (ACX5448)—Starting with Junos OS Release 18.2R1, a significant
•
system security enhancement, secureboot, has been introduced in ACX5448 router. The secureboot
implementation is based on the UEFI 2.4 standard. BIOS in ACX5448 router has been hardened and is
responsible for initializing all the components of the router hardware. The following are some of the key
functionalities supported by the BIOS in ACX5448 router:
23
Initialization of hardware components
•
Watchdog support
•
Booting the operating system
•
Diagnostics support
•
Secure boot support
•
See Feature Explorer and enter Secure Boot.
Software Installation and Upgrade
Firmware upgrade (ACX6360 Router)—Starting in Junos OS Release 18.2R1, you can install or upgrade
•
the system firmware on ACX6360 router.
Install the firmware package by using:
request system firmware add path/package-name
•
Upgrade an existing firmware, by using any of the following command:
request system firmware upgrade pic
•
request system firmware upgrade cb
•
request system firmware upgrade re
•
request system firmware upgrade fpc
•
On the ACX6360 line card, you upgrade the following firmware components:
Uboot—Responsible for loading the operating system on the line card
•
FPGA—Controls all functions of the line card
•
You can also upgrade the following firmware components:
RE- FPGA—The RE-FPGA is located on the control board and manages board initialization, reboot,
•
and other functions.
TIC-FPGA—The TIC-FPGA is located on the 8x CFP2 optical port card and manages access to the
•
optical functions.
FTC FPGA—The FTC FPGA is located on the fan controllers and controls the fan controllers.
•
FPD FPGA—The FPD FPGA is located on the LED board and is responsible for the LED board.
•
SIB FPGA—The SIB FPGA is located on the SIB and handles the SIBs
•
Timing and Synchronization
24
Support for PTP transparent clock (ACX5448)—Starting with Junos OS Release 18.2R1, ACX5448 router
•
supports the PTP transparent clock functionality for PTP over IP, as well as PTP over Ethernet. A certain
amount of delay is always experienced by the PTP packets due to queuing and buffering within the
router, which could be due to network load or based on the architecture of the router. The PTP transparent
clock measures the residence time (the time that the packet spends passing through the router), and
adds the residence time into the correction field of the PTP packet. ACX5448 routers support end-to-end
transparent clocks. With an end-to-end transparent clock, only the residence time is included in the
correction field of the PTP packets. ACX5448 supports end-to-end (e2e) transparent clocks as defined
in IEEE1588.
See Understanding Transparent Clocks in Precision Time Protocol
SEE ALSO
Changes in Behavior and Syntax | 25
Known Behavior | 26
Known Issues | 26
Resolved Issues | 28
Documentation Updates | 29
Migration, Upgrade, and Downgrade Instructions | 29
Product Compatibility | 30
Changes in Behavior and Syntax
IN THIS SECTION
High Availability (HA) and Resiliency | 25
Junos XML API and Scripting | 25
Layer 3 Features | 25
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS
statements and commands from Junos OS Release 18.2R1 for the ACX Series routers.
High Availability (HA) and Resiliency
25
commit fast-synchronize option not supported for products with single Routing Engine (ACX
•
Series)—Starting in Junos OS Release 18.2R1, Junos OS does not support the configuration option
commit fast-synchronize at the [edit system] hierarchy level for all the products with single Routing
Engine for which chassis redundancy graceful-switchover is not supported. This option is disabled from
the CLI.
Junos XML API and Scripting
Junos XML protocol <open-configuration> operation no longer emits an uncommitted changes warning
•
(ACX Series)—Starting in Junos OS Release 18.2R1, the Junos XML protocol <open-configuration>
operation does not emit an "uncommitted changes will be discarded on exit" warning message when
opening a private copy of the candidate configuration. However, Junos OS still discards the uncommitted
changes upon closing the private copy.
Layer 3 Features
DMA recovery mechanism (ACX Series)—Starting in Junos OS Release 18.2R1, a potential recovery
•
mechanism has been introduced that is triggered in case the router enters an Idle state on any DMA
channels. The recovery mechanism resets the necessary registers to recover from failure conditions and
therefore a PFE reboot is not required. The following recovery success message is logged in the PFE
syslog message:
BCM DMA error recovery: Recovery complete Success
SEE ALSO
New and Changed Features | 14
Known Behavior | 26
Known Issues | 26
Resolved Issues | 28
Documentation Updates | 29
Migration, Upgrade, and Downgrade Instructions | 29
Product Compatibility | 30
Known Behavior
There are no known limitations in Junos OS Release 18.2R1 for the ACX Series.
26
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
SEE ALSO
New and Changed Features | 14
Changes in Behavior and Syntax | 25
Known Issues | 26
Resolved Issues | 28
Documentation Updates | 29
Migration, Upgrade, and Downgrade Instructions | 29
Product Compatibility | 30
Known Issues
IN THIS SECTION
Class of Service | 27
DHCP | 27
IGMP Snooping | 28
Timing and Synchronization | 28
This section lists the known issues in hardware and software in Junos OS Release 18.2R1 for the ACX
Series Universal Metro Routers.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Class of Service
On ACX5448 router, when loss priority is configured as either medium-low or medium-high, the rewrite
•
rule gets applied for loss priority low. PR1358721
27
On ACX5448 router, the clear interfaces statistics all CLI command takes long time to respond with
•
scaled interfaces configured. PR1366087
DHCP
On ACX5448 router, when an ingress interface is configured as a LAG interface and if DHCP request
•
packets arrive at that LAG Interface, the router might drop the packets erroneously. PR1353887
On ACX5448 router, when an ingress interface is configured as a XE Interface and if DHCP request
•
packets arrive at that XE interface, the router might drop the packets erroneously. PR1347906
IGMP Snooping
The IGMP snooping feature does not work on the ACX5448 router. PR1351422
•
Timing and Synchronization
When an ACX5448 router is configured as PTP-TC, incorrect UDP checksum errors are seen when
•
checksum 0x0 is sent from the transmitting node. This occurs when a packet type of 1588 enters the
ACX5448 router with UDP.checksum == 0x0 and the checksum field gets partially updated and the
packet egresses the router with an incorrect checksum. This incorrect checksum causes packet drops
in the next device. PR1327155
SEE ALSO
New and Changed Features | 14
28
Changes in Behavior and Syntax | 25
Known Behavior | 26
Resolved Issues | 28
Documentation Updates | 29
Migration, Upgrade, and Downgrade Instructions | 29
Product Compatibility | 30
Resolved Issues
There are no fixed issues in Junos OS 18.2R1 for ACX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
SEE ALSO
New and Changed Features | 14
Changes in Behavior and Syntax | 25
Known Behavior | 26
Known Issues | 26
Documentation Updates | 29
Migration, Upgrade, and Downgrade Instructions | 29
Product Compatibility | 30
Documentation Updates
There are no errata or changes in Junos OS Release 18.2R1 for the ACX Series documentation.
SEE ALSO
New and Changed Features | 14
Changes in Behavior and Syntax | 25
Known Behavior | 26
29
Known Issues | 26
Resolved Issues | 28
Migration, Upgrade, and Downgrade Instructions | 29
Product Compatibility | 30
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
Upgrade and Downgrade Support Policy for Junos OS Releases | 30
This section contains the upgrade and downgrade support policy for Junos OS for the ACX Series Router.
Upgrading or downgrading Junos OS might take several minutes, depending on the size and configuration
of the network.
For information about software installation and upgrade, see the Installation and Upgrade Guide.
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not
provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the
next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently
installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2 and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from
Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead
or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before
or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release
to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html.
30
For information about software installation and upgrade, see the Installation and Upgrade Guide.
SEE ALSO
New and Changed Features | 14
Changes in Behavior and Syntax | 25
Known Behavior | 26
Known Issues | 26
Resolved Issues | 28
Documentation Updates | 29
Product Compatibility | 30
Product Compatibility
IN THIS SECTION
Hardware Compatibility | 31
Hardware Compatibility
To obtain information about the components that are supported on the devices, and the special compatibility
guidelines with the release, see the Hardware Guide for the product.
To determine the features supported on ACX Series routers in this release, use the Juniper Networks
Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature
information to find the right software release and hardware platform for your network. Find Feature
Explorer at https://pathfinder.juniper.net/feature-explorer/.
Hardware Compatibility Tool
For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms,
see the Hardware Compatibility tool.
SEE ALSO
New and Changed Features | 14
31
Changes in Behavior and Syntax | 25
Known Behavior | 26
Known Issues | 26
Resolved Issues | 28
Documentation Updates | 29
Migration, Upgrade, and Downgrade Instructions
Junos OS Release Notes for EX Series Switches
IN THIS SECTION
New and Changed Features | 32
Changes in Behavior and Syntax | 45
Known Behavior | 50
Known Issues | 51
Resolved Issues | 53
Documentation Updates | 55
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 57
32
These release notes accompany Junos OS Release 18.2R1 for the EX Series. They describe new and
changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/product/en_US/junos-os.
New and Changed Features
IN THIS SECTION
Hardware | 33
Authentication, Access Control | 34
Authentication, Authorization, and Accounting (AAA) | 35
Class of Service (CoS) | 35
Dynamic Host Configuration Protocol (DHCP) | 35
EVPN | 35
Interfaces and Chassis | 38
Layer 2 Features | 39
Operation, Administration, and Maintenance (OAM) | 40
Port Security | 40
Restoration Procedures Failure | 43
Software Installation and Upgrade | 43
Software Licensing | 43
System Management | 44
User Interface and Configuration | 44
Virtual Chassis | 44
This section describes the new features and enhancements to existing features in Junos OS Release 18.2R1
for the EX Series.
NOTE: The following EX Series switches are supported in Release 18.2R1: EX2300, EX3400,
EX4300, EX4600, and EX9200.
33
Hardware
EX4300-48MP and EX4300-48MP-S switches—Starting with Junos OS Release 18.2R1, two new models
•
of EX4300 switches are available—EX4300-48MP and EX4300-48MP-S switches. These models provide
24 built-in 10/100/1000BASE-T Ethernet network ports, 24 built-in 100/1000/2500/5000/10000BASE-T
Ethernet network ports, and four built-in 40-Gigabit Ethernet quad small form-factor pluggable plus
(QSFP+) ports that can house 40-Gigabit QSFP+ transceivers. The 24 built-in 10/100/1000BASE-T
Ethernet network ports support 10 Mbps, 100 Mbps, and 1 Gbps speeds. The 24 built-in
100/1000/2500/5000/10000BASE-T Ethernet network ports support 100 Mbps, 1 Gbps, 2.5 Gbps, 5
Gbps, and 10 Gbps speeds. All network ports are equipped for PoE+ and provide up to 95 watts of
power. The QSFP+ ports are configured as Virtual Chassis Ports (VCPs) by default. You can use them
to connect the switches to other devices in a Virtual Chassis configuration.
[See EX4300 Switch Hardware Guide.]
EX9253 switches—Starting with Junos OS Release 18.2R1, EX9253 switches are available as a modular
•
switch. The switch has two dedicated slots for line cards and supports EX9253-6Q12C and
EX9253-6Q12C-M line cards. The switch is available in two variants—with AC power supply and with
DC power supply.
[See EX9253 Switch Hardware Guide.]
Authentication, Access Control
Enhancement to NTP authentication method (EX4300)— Starting in Junos OS Release 18.2R1, Junos
•
OS supports NTP authentication for both SHA-1 and SHA2-256, in addition to the existing NTP
authentication method, MD5. You can now choose from among MD5, SHA-1, and SHA2-256 for
synchronizing the clocks of Juniper Network routers, switches, and other security devices on the Internet.
Using SHA-1 instead of MD5 improves the security of devices with very little impact to timing, while
using SHA2-256 provides an increase in security over SHA-1.
NOTE: By default, network time synchronization is unauthenticated.
To implement authentication, use set authentication-key <key_number> type at the [edit system ntp]
hierarchy level.
To enable SHA-1 authentication, use set authentication key <key_number> type sha1 value <password>
•
at the [edit system ntp] hierarchy level.
34
To enable SHA2-256 authentication, use set authentication key <key_number> type sha256 value
•
<password> at the [edit system ntp] hierarchy level.
See authentication-key and Configuring NTP Authentication Keys
Authentication, Authorization, and Accounting (AAA)
RADIUS over IPv6 (EX Series)—Starting with Junos OS Release 18.2R1, EX2300, EX3400, EX4600 and
•
EX4300-48MP switches support IPv6 for user authentication, authorization, and accounting (AAA) using
RADIUS servers, in addition to the existing IPv4 support. You can specify which source address Junos
OS uses to contact an external RADIUS server. To configure an IPv6 source address for RADIUS
authentication, include the source-address statement at the [edit system radius-server server-address]
hierarchy level. To configure an IPv6 source address for RADIUS accounting, include the source-address
statement at the [edit system accounting destination radius server server-address] hierarchy level.
[See source-address.]
Class of Service (CoS)
Support for setting unique IEEE 802.1p code point for host-generated RPM packets (EX2300, EX3400,
•
EX4300)—You can already set the DSCP code point and IEEE 802.1p code point for all host-generated
packets by setting the dscp-code-point code-point-value option at the [class-of-service
host-outbound-traffic] hierarchy level, where the first three bits of the defined DSCP code point value
are set as the IEEE 802.1p code point value. Starting with Junos OS 18.2R1, you can override this IEEE
802.1p code point value for host-generated RPM packets and set a separate value for these packets by
setting the dscp-code-point code-point-value option at the [services rpm probe owner test test-name]
hierarchy level, where again the first three bits of the defined DSCP code point value are set as the IEEE
802.1p code point value.
35
[See dscp-code-point (Services).]
Dynamic Host Configuration Protocol (DHCP)
DHCP smart relay (EX4600)—Starting with Junos OS Release 18.2R1, you can configure alternative IP
•
addresses for the gateway interface so that if the server fails to reply to the requests sent from the
primary gateway address, the switch can resend the requests using alternative gateway addresses. To
use this feature, you must configure an IRB interface or Layer 3 subinterface with multiple IP addresses
and configure that interface as a relay agent.
[See Configuring DHCP and BOOTP Relay.]
EVPN
•
NOTE: NSR and unified ISSU support for point-to-multipoint LSP for EVPN provider tunnel
is documented but not supported in Junos OS Release 18.2R1.
NSR and unified ISSU support for point-to-multipoint LSP for EVPN provider tunnel (EX9200)—Starting
in Junos OS Release 18.2R1, Junos OS provides nonstop routing (NSR) and unified ISSU support for
point-to-multipoint (P2MP) inclusive provider tunnels. This ensures that broadcast, unknown unicast,
and multicast (BUM) packets continue after a Routing Engine switchover occurs when NSR is enabled.
[See Understanding P2MPs LSP for the EVPN Inclusive Provider Tunnel.]
IGMP snooping support for EVPN-MPLS (EX9200)—Starting with Junos OS Release 18.2R1, you can
•
configure IGMP snooping on EX9200 switches in an Ethernet VPN (EVPN) over an MPLS network.
Enabling IGMP snooping helps to constrain multicast traffic to interested receivers in a broadcast domain.
Multicast sources and receivers in the EVPN instance (EVI) can each be single-homed to one provider
edge (PE) device or multihomed (in all-active mode only) to multiple PE devices. When IGMP snooping
is configured with multihomed receivers, IGMP state information is synchronized among peer PE devices
by exchanging BGP EVPN Type 7 (Join Sync Route) and Type 8 (Leave Sync Route) network layer
reachability information (NLRI). When PE devices receive multicast traffic from the EVPN core on a
multihomed Ethernet segment (ES), only the designated forwarder (DF) PE device forwards the traffic,
and the DF forwards the traffic only to interested receivers (selective multicast forwarding) based on
IGMP snooping reports and BGP EVPN Type 7 routes. PE devices serving single-homed receivers also
use selective multicast forwarding based on IGMP snooping reports to forward the traffic only to
interested receivers, conserving network bandwidth.
36
All PE devices perform inclusive multicast forwarding using ingress replication to forward multicast traffic
into the EVPN core to reach all remote PE devices. Multicast traffic at Layer 3 is routed between bridge
domains or VLANs using IRB interfaces.
This feature is supported with multiple EVIs, multicast sources and receivers on the same or different
sites, and IGMP snooping in proxy mode only.
To enable IGMP snooping on PE devices in an EVPN instance, include the igmp-snooping proxy statement
at the [edit routing-instances routing-instance-name protocols] or the [edit routing-instances
routing-instance-name bridge-domain bridge-domain-name protocols] hierarchy level.
For inter-VLAN multicast forwarding, PIM distributed DR (PIM DDR) mode must be enabled on all
participating IRBs.
EVPN and IGMP snooping operational mode commands can be used to view information learned from
IGMP snooping messages or EVPN Type 7 and Type 8 messages.
[See Overview of Multicast Forwarding with IGMP Snooping in an EVPN-MPLS Environment.]
Support for OSPF, IS-IS, BGP, and static routing on IRB interfaces in EVPN-VXLAN networks (EX
•
Series)—Starting in Junos OS Release 18.2R1, you can configure OSPF, IS-IS, BGP, and static routing
with Bidirectional Forwarding Detection (BFD) on an IRB interface that is used as a routed interface in
EVPN. This allows protocol adjacencies to be established between an IRB on a Layer 3 gateway and a
CE device and between an IRB on a Layer 3 gateway and a CE device connected to a Layer 2 leaf device
in an EVPN-VXLAN network.
[See Supported Protocols on an IRB Interface in EVPN-VXLAN .]
•
NOTE: This feature is documented but not supported in Junos OS Release 18.2R1
EVPN P2MP bud node support (EX9200)—Starting in Junos OS Release 18.2R1, Junos OS supports
configuring a point-to-multipoint (P2MP) label-switched path (LSP) as a provider tunnel on a bud node.
The bud node functions both as an egress node and a transit node.
To enable a bud node to support P2MP LSP, include the evpn p2mp-bud-support statement at the [edit
routing-instances routing-instance-name protocols evpn] hierarchy level.
[See Configuring Bud Node Support.]
Layer 2 VXLAN gateway in EVPN-VXLAN overlay network (EX4600 switches)—By using a Layer 3
•
IP-based underlay network coupled with an Ethernet VPN-Virtual Extensible LAN (EVPN-VXLAN) overlay
network, you can deploy larger networks than those possible with traditional Layer 2 Ethernet-based
architectures. With overlay networks, endpoints (bare-metal servers [BMSs] or virtual machines [VMs])
can be placed anywhere in the network and remain connected to the same logical Layer 2 network,
enabling the virtual topology to be decoupled from the physical topology.
37
The physical underlay network over which EVPN-VXLAN is commonly deployed is a two-layer IP fabric,
which includes spine and leaf devices. The spine devices provide connectivity between the leaf devices,
and the leaf devices function as Layer 2 VXLAN gateways and provide connectivity to the attached
endpoints. Starting with Junos OS Release 18.2R1, you can deploy EX4600 switches as leaf nodes in
the EVPN-VXLAN overlay network.
[See Understanding EVPN with VXLAN Data Encapsulation.]
EVPN-VXLAN support of Virtual Chassis (EX4600, EX4600 Virtual Chassis)—Ethernet VPN (EVPN)
•
supports multihoming active-active mode, which enables a host to be connected to two leaf devices
through a Layer 2 LAG interface. Starting with Junos OS Release 18.2R1, the two leaf devices can be
EX4600 standalone switches or EX4600 switches configured as a Virtual Chassis.
On each leaf device, the LAG interface is configured with the same Ethernet segment identifier (ESI) for
the host. The two leaf devices on which the same ESI is configured are peers to each other.
[See EVPN-VXLAN Support of Virtual Chassis and Virtual Chassis Fabric.]
Tunneling Q-in-Q traffic through an EVPN-VXLAN overlay network (EX4600 switches)—Starting in
•
Junos OS Release 18.2R1, EX4600 switches that function as Layer 2 VXLAN tunnel endpoints (VTEPs)
can tunnel single-tagged and double-tagged Q-in-Q packets through an Ethernet VPN-Virtual Extensible
LAN (EVPN-VXLAN) overlay network. In addition to tunneling Q-in-Q packets, the ingress and egress
VTEPs can perform the following Q-in-Q actions:
Delete, or pop, an outer service VLAN (S-VLAN) tag from an incoming packet.
•
Add, or push, an outer S-VLAN tag onto an outgoing packet.
•
Map a configured range of customer VLAN (C-VLAN) IDs to an S-VLAN.
•
NOTE: EX4600 switches do not support the pop and push actions with a configured range
of VLANs.
The ingress and egress VTEPs support the tunneling of Q-in-Q packets and the Q-in-Q actions in the
context of specific traffic patterns.
38
[See Examples: Tunneling Q-in-Q Traffic in an EVPN-VXLAN Overlay Network.]
Interfaces and Chassis
Support for hyper mode to increase packet processing rate on line cards with enhanced MPCs (EX9200
•
switches)—Starting in Junos OS Release 18.2R1, EX9200 line cards that include enhanced MPCs (such
as MPC4E and MPC5E) support the hyper mode feature. Enabling the hyper mode feature increases the
rate at which a data packet is processed, which results in the optimization of the lifetime of a data packet.
Optimization of the data packet lifetime enables better performance and throughput.
NOTE: You can enable hyper mode only if the network-service mode on the switch is configured
as either enhanced-ip or enhanced-ethernet. Also, you cannot enable the hyper mode feature
for a specific Packet Forwarding Engine on an MPC—that is, when you enable the feature, it
is applicable for all Packet Forwarding Engines on the switch.
When you enable the hyper mode feature, the following actions and features are not supported:
Creating Virtual Chassis.
•
Padding Ethernet frames with VLANs.
•
Sending Internet Control Message Protocol (ICMP) redirect messages.
•
Terminating or tunneling subscriber-based services.
•
[See Understanding the Hyper Mode Feature on Enhanced MPCs for MX Series Routers and EX9200
Switches.]
•
Multi-rate and non-multi rate support (EX4300-MP Switches)—Starting in Junos OS Release 18.2R1,
you configure an interface to now support multiple speeds on EX4300-MP switches. The interfaces now
support 2.5G, 5G, and 10G speeds. The interfaces earlier supported only 100M and 1G speeds.
The naming convention for multi-rate interfaces (including 100M and 1G) is “mge-n/n/n”. The
differentiation between multi-rate interfaces and 1G interfaces is based on the speed values. The front
panel ports have different color coding to differentiate multi-rate and 1G interfaces.
•
4x10SFP+ Uplink Modules support (EX4300-MP Switches)—Starting in Junos OS Release 18.2R1, you
can configure the operating mode on the module to match the type of transceiver you want to use.
EX4300-MP switches contain four ports for 10-gigabit small form-factor pluggable (SFP+) transceivers
when configured to operate in 10-gigabit mode.
Layer 2 Features
39
L2PT support for tunneling additional protocols (EX2300 and EX3400 switches)—Starting with Junos
•
OS Release 18.2R1, you can configure Layer 2 protocol tunneling (L2PT) for the following new protocols
on EX2300 and EX3400 switches: E-LMI, IEEE 802.1X, MMRP, and UDLD.
NOTE: Support for tunneling these additional protocols does not apply to multigigabit models
of the EX2300 switch (EX2300-24MP or EX2300-48MP).
[See Understanding Layer 2 Protocol Tunneling on EX Series Switches.]
Ethernet ring protection switching (ERPS)(EX2300 and EX3400 switches and Virtual Chassis)—Starting
•
in Junos OS Release 18.2R1, you can use ERPS to reliably achieve carrier-class network requirements
for Ethernet topologies forming a closed loop. ITU-TRecommendation G.8032 version 1 is supported.
ERPS version 1 comprises the following features:
Support for revertive mode of operation of the Ethernet ring
•
Support for multiple ring instances on the same interfaces
•
Support for multiple ring instances on different interfaces
•
Support for interworking with Spanning Tree Protocol, Multiple Spanning Tree Protocol, and redundant
•
trunk groups
[See Understanding Ethernet Ring Protection Switching Functionality.]
Operation, Administration, and Maintenance (OAM)
Ethernet Connectivity Fault Management (CFM) Support (EX2300 and EX3400 Switches)—Starting
•
with Junos OS Release 18.2R1, Connectivity Fault Management (CFM) is supported on EX2300 and
EX3400 switches. The major features of CFM are:
Fault monitoring using the continuity check protocol. This is a neighbor discovery and health check
•
protocol that discovers and maintains adjacencies at the VLAN or link level.
Path discovery and fault verification using the linktrace protocol. Similar to IP traceroute, this protocol
•
maps the path taken to a destination MAC address through one or more bridged networks between
the source and destination
Fault isolation using the loopback protocol. Similar to IP ping, this protocol works with the continuity
•
check protocol during troubleshooting.
You can configure the Ethernet CFM using the set protocols oam ethernet
connectivity-fault-management command, and verify the configuration using the show oam ethernet
connectivity-fault-management command.
40
Ethernet link fault management (LFM) support (EX4600 switches)—Starting with Junos OS Release
•
18.2R1, link fault management (LFM) is supported on EX4600 switches. Ethernet OAM provides the
tools that network management software and network managers can use to determine how a network
of Ethernet links is functioning. The following OAM LFM features are supported:
Discovery and link monitoring
•
Remote fault detection
•
Port Security
Media Access Control security with 256-bit cipher suite (EX9200)—Starting in Junos OS Release 18.2R1,
•
the GCM-AES-256 cipher suite for MACsec in static CAK mode is supported on EX9200 switches with
EX9200-40XS line cards installed. The GCM-AES-256 cipher suite has a maximum key length of 256
bits and is also available with extended packet numbering (GCM-AES-XPN-256).
[See Understanding Media Access Control Security (MACsec).]
IP source guard (EX2300 and EX3400 switches and Virtual Chassis)—Starting with Junos OS Release
•
18.2R1, you can configure the IP source guard access port security feature to mitigate the effects of
source IP address spoofing and source MAC address spoofing. If IP source guard determines that a host
connected to an access interface has sent a packet with an invalid source IP address or source MAC
address in the packet header, it discards the packet.
[See Understanding IP Source Guard for Port Security on EX Series Switches.]
Support for 802.1X authentication on private VLANs (PVLANs) (EX2300, EX3400, and EX4300 switches
•
and Virtual Chassis)—Starting in Junos OS Release 18.2R1, you can enable 802.1X (dot1x) authentication
for security purposes on access ports that are in a PVLAN.
PVLANs provide Layer 2 isolation between ports within a VLAN, splitting a broadcast domain into multiple
discrete broadcast subdomains by creating secondary VLANs. PVLANs are useful for restricting the flow
of broadcast and unknown unicast traffic and for limiting the communication between known hosts.
Authentication prevents unauthenticated devices and users from gaining access to your LAN. For 802.1X
and MAC RADIUS authentication, end devices must be authenticated before they receive an IP address
from a Dynamic Host Configuration Protocol (DHCP) server.
On a switch that is configured with both 802.1X authentication and PVLANs, when a new device is
attached to the PVLAN network, the device is authenticated and then is assigned to a secondary VLAN
based on the PVLAN configuration or RADIUS profile. The device then obtains an IP address and is given
access to the PVLAN network.
[See Using 802.1X Authentication and Private VLANs Together on the Same Interface.]
Private VLANs (EX2300 switches)—Starting in Junos OS Release 18.2R1, you can enable private VLANs
•
(PVLANs) on EX2300 platforms.
41
PVLANs provide Layer 2 isolation between ports within a VLAN, splitting a broadcast domain into multiple
discrete broadcast subdomains by creating secondary VLANs. PVLANs are useful for restricting the flow
of broadcast and unknown unicast traffic and for limiting the communication between known hosts.
[See Understanding Private VLANs. ]
Support for DHCP snooping and other access port security features on private VLANs (EX4300 switches
•
and Virtual Chassis)—Starting in Junos OS Release 18.2R1, you can enable Dynamic Host Configuration
Protocol (DHCP) snooping for security purposes on access ports that are in a PVLAN. You can also
protect those ports with DHCP options, dynamic ARP inspection (DAI), IP source guard, and neighbor
discovery inspection.
PVLANs provide Layer 2 isolation between ports within a VLAN, splitting a broadcast domain into multiple
discrete broadcast subdomains by creating secondary VLANs. PVLANs are useful for restricting the flow
of broadcast and unknown unicast traffic and for limiting the communication between known hosts.
Ethernet LANs are vulnerable to attacks such as address spoofing (forging) and Layer 2 denial of service
(DoS) on network devices. The following port security features help protect access ports on your device
against loss of information and productivity that such attacks can cause:
DHCP snooping—Filters and blocks ingress DHCP server messages on untrusted ports. DHCP snooping
•
builds and maintains a database of DHCP lease information, which is called the DHCP snooping
database.
DHCPv6 snooping—DHCP snooping for IPv6.
•
DHCP option 82—Also known as the DHCP Relay Agent Information option. Helps protect the switch
•
against attacks such as spoofing of IP addresses and MAC addresses and DHCP IP address starvation.
DHCPv6 option 37—Remote ID option for DHCPv6. Used to insert information about the network
•
location of the remote host into DHCPv6 packets.
DHCPv6 option 18—Circuit ID option for DHCPv6. Used to insert information about the client port
•
into DHCPv6 packets.
DHCPv6 option 16—Vendor ID option for DHCPv6. Used to insert information about the vendor of
•
the client hardware into DHCPv6 packets.
DAI—Prevents Address Resolution Protocol (ARP) spoofing attacks. ARP requests and replies are
•
compared against entries in the DHCP snooping database, and filtering decisions are made on the
basis of the results of those comparisons.
IP source guard—Mitigates the effects of IP address spoofing attacks on the Ethernet LAN. The source
•
IP address in the packet sent from an untrusted access interface is validated against the DHCP snooping
database.
IPv6 source guard—IP source guard for IPv6.
•
IPv6 neighbor discovery inspection—Prevents IPv6 address spoofing attacks. Neighbor discovery
•
requests and replies are compared against entries in the DHCPv6 snooping database, and filtering
decisions are made on the basis of the results of those comparisons.
42
[See Putting Access Port Security on Private VLANs.]
Restoration Procedures Failure
Device recovery mode introduced in Junos OS with upgraded FreeBSD (EX Series)—Starting in Junos
•
OS Release 18.2R1, for devices running Junos OS with upgraded FreeBSD, provided you have saved a
rescue configuration on the device, there is an automatic device recovery mode that goes into action
should the system go into amnesiac mode. The new process is for the system to automatically retry to
boot with the saved rescue configuration. In this circumstance, the system displays the banner Device
is in recovery mode in the CLI (in both the operational and configuration modes). Previously, there was
no automatic process to recover from amnesiac mode. A user with load and commit permission had to
log in using the console and fix the issue in the configuration before the system would reboot.
[See Saving a Rescue Configuration File.]
Software Installation and Upgrade
Phone-home client (EX2300 and EX3400 switches)—Starting with Junos OS Release 18.2R1, you can
•
use either the legacy DHCP-options-based ZTP or the phone-home client (PHC) to provision software
for the switch. If the switch boots up and there are DHCP options received from the DHCP server for
ZTP, ZTP resumes. If DHCP options are not present, PHC is attempted. PHC enables the switch to
securely obtain bootstrapping data, such as a configuration or software image, with no user intervention
other than having to physically connect the switch to the network. When the switch first boots, PHC
connects to a redirect server, which will redirect to a phone home server to get the configuration or
software image.
43
To initiate either DHCP-options-based ZTP or PCH, the switch must either be in a factory-default state,
or you can issue the request system zeroize command.
Software Licensing
Advanced Feature License (AFL) (EX3400 switches)—Starting with Junos OS Release 18.2R1, the
•
following features are available as part of the AFL:
Border Gateway Protocol (BGP) and multiprotocol BGP (MBGP)
•
IPv6 routing protocols: IPv6 BGP and IPv6 for MBGP
•
IS-IS
•
Virtual routing and forwarding (VRF) BGP
•
[See Understanding Licenses for EX Series.]
System Management
New tool to detect high CPU utilization (EX Series)—Starting in Junos OS Release 18.2R1, a flight
•
recorder tool is introduced to gather historical data on when the CPU utilization on a device was high
and what processes caused the high utilization. The tool collects snapshots of data enabling detection
of high CPU usage and faster resolution of issues.
Because some of the high CPU utilization cases are intentional or expected, you can enable and disable
the flight recorder tool to avoid false alarms.
[See request flight-recorder set high-cpu and show flight-recorder status.]
Recovering the Primary Partition (EX4300-48MP switches)—Starting in Junos OS Release 18.2R1, the
•
EX4300-48MP switch contains a single 50-Gigabyte SSD, which contains both the primary and backup
partitions. The backup partition has a copy of the primary partition, and the backup disk partition is used
to recover the primary disk partition in the event that the primary partition gets corrupted. If the primary
partition gets corrupted, a notification will be logged in syslog. issues.
44
If the switch is booted from the backup partition, you can recover the primary disk partition by issuing
the set system software add on-primary force-host command.
[See Recovering the Primary Partition on EX4300-48MP Switches .]
User Interface and Configuration
Support for displaying ephemeral configuration data with filtering (EX Series)—Starting in Junos OS
•
Release 18.2R1, the show ephemeral-configuration command enables you to specify the scope of the
configuration data to display. To filter the displayed configuration data, append the statement path of
the requested hierarchy to the command.
[See Displaying Ephemeral Configuration Data in the Junos OS CLI.]
Virtual Chassis
Virtual Chassis support (EX4300-48MP)—Starting in Junos OS Release 18.2R1, EX4300-48MP switches
•
can be interconnected into a Virtual Chassis as one logical device managed as a single chassis. An
EX4300-MP Virtual Chassis can contain up to 10 members in either of the following combinations:
A non-mixed Virtual Chassis if the members are all EX4300-48MP switches.
•
A mixed Virtual Chassis if the members are a combination of EX4300-48MP switches with other
•
EX4300 switches. The mixed-mode setting is required on all switches. The members in the Routing
Engine role must be EX4300-48MP switches, and other EX4300 switches can only be configured in
the linecard role. The EX4300-48MP cannot form a mixed Virtual Chassis with any other type of
switches.
The 40-Gbps ports on the rear panel of EX4300-48MP switches are dedicated Virtual Chassis ports
(VCPs). You must use those ports to interconnect EX4300-48MP Virtual Chassis members into a
non-mixed or mixed Virtual Chassis. The dedicated VCPs cannot be converted into and used as network
ports, and no other ports on the EX4300-48MP switch can be used as VCPs. In addition, EX4300 members
in a mixed Virtual Chassis with EX4300-48MP members must have a special port mode enabled on VCPs
to interconnect with VCPs on EX4300-48MP members. To enable this mode for all VCPs on an EX4300
switch, include the ieee-clause-82 option when setting mixed mode on the switch, as follows:
user@switch> request virtual-chassis mode ieee-clause-82 mixed
Otherwise, configuring and administering a non-mixed or mixed mode EX4300-48MP Virtual Chassis is
the same as for other EX4300 Virtual Chassis or QFX Series Virtual Chassis.
[See Understanding EX4300 Virtual Chassis.]
45
SEE ALSO
Changes in Behavior and Syntax | 45
Known Behavior | 50
Known Issues | 51
Resolved Issues | 53
Documentation Updates | 55
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 57
Changes in Behavior and Syntax
IN THIS SECTION
EVPN | 47
High Availability (HA) and Resiliency | 47
Interfaces and Chassis | 47
Junos OS XML, API, and Scripting | 47
Junos Telemetry Interface | 47
Layer 2 Features | 48
Multicast | 48
Network Management and Monitoring | 48
Software Installation and Upgrade | 48
User Interface and Configuration | 49
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS
statements and commands from Junos OS Release 18.2R1 for the EX Series.
46
EVPN
On EX9200 switches, you can configure EVPN to extend a Junos Fusion Enterprise or multichassis link
•
aggregation group (MC-LAG) network over an MPLS network to a data center or campus network. For
both Junos Fusion Enterprise and MC-LAG use cases, you must include the bgp-peer configuration
statement in the [edit routing-instances name protocols evpn mclag] hierarchy level. This configuration
enables the interworking of EVPN-MPLS with Junos Fusion Enterprise or MC-LAG. If you do not include
the bgp-peer configuration statement in your configuration, unexpected behavior and a core dump could
result. To enforce this configuration, we now check for this configuration during the commit. If the
configuration is not present, an error occurs.
See [Understanding EVPN-MPLS Interworking with Junos Fusion Enterprise and MC-LAG .]
High Availability (HA) and Resiliency
commit fast-synchronize option not supported for products with single Routing Engine (EX
•
Series)—Starting in Junos OS Release 18.2R1, Junos OS does not support the configuration option
commit fast-synchronize at the [edit system] hierarchy level for all the products with single Routing
Engine for which chassis redundancy graceful-switchover is not supported. This option is disabled from
the CLI.
47
Interfaces and Chassis
EEE not supported on mge interfaces operating at 100-Mbps speed (EX2300-24MP and
•
EX2300-48MP)—In Junos OS Releases 18.1R2, 18.2R1, and later, if both Energy Efficient Ethernet (EEE)
and 100-Mbps speed are configured on a rate-selectable (or multirate) Gigabit Ethernet (mge) port on
EX2300-24MP and EX2300-48MP switches, the port operates only at 100-Mbps speed but EEE is not
enabled on that port. EEE is supported only on mge interfaces that operate at 1-Gbps and 2.5-Gbps
speeds.
Junos OS XML, API, and Scripting
Junos XML protocol <open-configuration> operation no longer emits an uncommitted changes warning
•
(EX Series)—Starting in Junos OS Release 18.2R1, the Junos XML protocol <open-configuration>
operation does not emit an "uncommitted changes will be discarded on exit" warning message when
opening a private copy of the candidate configuration. However, Junos OS still discards the uncommitted
changes upon closing the private copy.
Junos Telemetry Interface
Change to the configuration location for gRPC-based sensor subscriptions from an external collector
•
(EX Series)—Starting in Junos OS Release 18.2R1, when an external streaming server, or collector,
provisions sensors to export data through gRPC on devices running Junos OS, the sensor configuration
is committed to the junos-analytics instance of the ephemeral configuration database, and the
configuration can be viewed by using the show ephemeral-configuration instance junos-analytics
operational command. In earlier releases, the sensor configuration is committed to the default instance
of the ephemeral configuration database.
Layer 2 Features
Configuration option for LLDP VLAN name type, length, and value (TLV) (EX3400, EX4300)—Starting
•
in Junos OS Release 18.2R1, you can configure the vlan-name-tlv-option (name | vlan-id) statement at
the [edit protocols lldp] hierarchy level to select whether to transmit the VLAN name or simply the VLAN
ID for the Link Layer Discovery Protocol (LLDP) VLAN name TLV when exchanging LLDP messages. By
default, EX Series switches running Enhanced Layer 2 Software (ELS) transmit the VLAN ID for the LLDP
VLAN name TLV, and the show lldp detail command displays the default string vlan-vlan-id for an
interface’s VLAN name in the Vlan-name output field. Switches that support the vlan-name-tlv-option
statement behave the same as the default if you configure the vlan-id option with this statement. If you
configure the name option, the switch transmits the VLAN name instead, and the show lldp detail
command displays the VLAN name in the Vlan-name output field.
48
Multicast
Support for per-source multicast traffic forwarding with IGMPv3 (EX4300)—Starting in Junos OS Release
•
18.2R1, EX4300 switches forward multicast traffic on a per-source basis according to received IGMPv3
INCLUDE and EXCLUDE reports. In releases prior to this release, EX4300 switches process IGMPv3
reports, but instead of source-specific multicast (SSM) forwarding, they consolidate IGMPv3 INCLUDE
and EXCLUDE mode reports for a group into one route for all sources sending to the group. As a result,
with the prior behavior, receivers might get traffic from sources they didn’t specify.
[See IGMP Snooping Overview.]
Network Management and Monitoring
New context-oid option for trap-options configuration statement to distinguish the traps which come
•
from a non-default routing instance and non-default logical system (EX Series)—In Junos OS Release
18.2R1, a new option, context-oid, for the trap-options statement allows you to handle prefixes such
as <routing-instance name>@<trap-group> or <logical-system name>/<routing-instance
name>@<trap-group> as an additional varbind.
[See trap-options.]
Software Installation and Upgrade
New DHCP option introduced for ZTP retry (EX Series)—Starting in Junos OS Release 18.2R1, a new
•
DHCP option is introduced to set the timeout value for the file downloads over FTP. If the transfer-mode
is set as FTP, the default value for the time out is automatically set as 120 minutes. That is, if the FTP
session gets interrupted due to loss of connectivity in the middle of a file transfer, it will timeout after
120 minutes and ZTP will attempt to retry the file-fetching process. This value can be overridden using
the DHCP option as follows:
option NEW_OP.ftp-timeout code 7 = text;
option NEW_OP.ftp-timeout “val”;
where “val” is the user configurable timeout value in seconds and must be provided (for example, “val”).
User Interface and Configuration
49
Changes to the show ephemeral-configuration command (EX Series)—Starting in Junos OS Release
•
18.2R1, the show ephemeral-configuration operational mode command has the following changes:
To display the configuration data in the default instance of the ephemeral configuration database,
•
issue the show ephemeral-configuration instance default command. In earlier releases, ephemeral
configuration data for the default instance is displayed using the show ephemeral-configuration
command.
To display the configuration data in a user-defined instance of the ephemeral configuration database,
•
issue the show ephemeral-configuration instance instance-name command. In earlier releases, ephemeral
configuration data for a user-defined instance is displayed using the show ephemeral-configuration
instance-name command.
To view the complete post-inheritance configuration merged with the configuration data in all instances
•
of the ephemeral database, issue the show ephemeral-configuration merge command. In earlier
releases, the merged view is displayed using the show ephemeral-configuration | display merge
command.
Change to the maximum number of user-defined instances supported by the ephemeral configuration
•
database (EX Series)—Starting in Junos OS Release 18.2R1, devices running Junos OS that support
configuring the ephemeral configuration database enable configuring a maximum of seven user-defined
instances of the ephemeral database. In earlier releases, you can configure up to eight user-defined
instances. User-defined instances are configured using the instance instance-name statement at the [edit
system configuration-database ephemeral] hierarchy level.
SEE ALSO
New and Changed Features | 32
Known Behavior | 50
Known Issues | 51
Resolved Issues | 53
Documentation Updates | 55
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 57
Known Behavior
IN THIS SECTION
General Routing | 50
50
This section lists known behavior, system maximums, and limitations in hardware and software in Junos
OS Release 18.2R1 for the EX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
General Routing
For EX2300-24MP and EX2300-48MP, it might take 40 seconds to 50 seconds to display the correct
•
poe oper-status when the show poe interface command is issued. PR1329362
QSFP+-40G-CU3M is not supported on EX9253 switch. PR1341969
•
On MGE interfaces, IEEE 802.3 clause 78 EEE is not supported with 100M speed. PR1346302
•
SEE ALSO
New and Changed Features | 32
Changes in Behavior and Syntax | 45
Known Issues | 51
Resolved Issues | 53
Documentation Updates | 55
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 57
Known Issues
IN THIS SECTION
Authentication and Access Control | 51
General Routing | 51
High Availability (HA) and Resiliency | 52
Infrastructure | 52
Platform and Infrastructure | 52
51
This section lists the known issues in hardware and software in Junos OS Release 18.2R1 for the EX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Authentication and Access Control
DHCPv6 client is not support in this release for EX4300-48MP. PR1373691
•
General Routing
The dcpfe process might crash and generate a core file if an unsupported SFP-T is put in the switch.
•
PR1290318
On EX4300-48-MP switch, when <cli>irb bind</cli> is committed to a VLAN without the defining IRB
•
logical interface, the command <cli >irb bind</cli> is not committed. The IRB logical interface has to be
defined before binding to VLAN. PR1342443
Complete L2, L3 unicast traffic loss is seen on rebooting master FPC. PR1364227
•
On EX4300-48MP, multiple syslog errors are seen on performing a switchover. DELETE ERROR, Tree
•
has a node which is neither src nor dest, flags:20if_pfe_ge_ea_incr_proc: MAC filter to be processed:
00:00:00:00:00:00 PR1365188
A traffic drop might be seen with swap out of a VC of QFX5100 to the EX9253 for testing some heavy
•
multicast even when IRB comes up. PR1369099
On EX4300-48MP, the dcpfe core file is generated during NSSU upgrade from one Juniper-internal
•
build to another Juniper-internal build. PR1369978
High Availability (HA) and Resiliency
When bpdu-block-on-edge is configured, a dynamic filter update is sent to the Packet Forwarding Engine
•
to reinstall the port bitmap. During make-before-brake (MBB) operation, a new filter entry is created
first and then the old entry is deleted. With this, a noncontiguous free entry in the Packet Forwarding
Engine TCAM hardware is seen. Now, when IGMP snooping is enabled, which install another set of filter
update which were required to be contiguous in nature and due to previous noncontiguous free entry,
the IGMP snooping filter updates are NOT programmed in orderly and contiguous fashion. Because of
this, all CPU-originated IP protocol multicast traffic (OSPF, VRRP, and so on) could not be flooded out
of the network ports. PR1301773
52
Infrastructure
Junos OS might hang trying to acquire the SMP IPI lock while rebooting when it is running as a VM on
•
Linux and QEMU hypervisor. PR1359339
Platform and Infrastructure
MPC5 - inline-ka PPP echo requests are not transmitted when anchor-point is lt-x/2/x or lt-x/3/x in
•
pseudowire deployment. PR1345727
There is no support of interface range for channelized interfaces on EX9253, User has to configure
•
interfaces individually. PR1350635
1G is not supported on uplink module in EX4300-48-MP. Inserting 1G causes MAC errors and port is
•
removed from software linkscan, the very next insertion of any xcvr (10G in this case) fails to add the
port to software linkscan resulting in the problem. Subsequent insertion of 10G xcr successfully completes
the initialization. PR1374390
SEE ALSO
New and Changed Features | 32
Changes in Behavior and Syntax | 45
Known Behavior | 50
Resolved Issues | 53
Documentation Updates | 55
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 57
Resolved Issues
IN THIS SECTION
Forwarding and Sampling | 53
General Routing | 53
Interfaces and Chassis | 54
Layer 2 Features | 54
Layer 2 Ethernet Services | 54
53
MPLS | 54
Platform and Infrastructure | 54
This section lists the issues fixed in the Junos OS Release 18.2R1 for EX Series switches.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Forwarding and Sampling
DHCP service crashes after EX9251 switch is set to factory default by zeroize. PR1329682
•
General Routing
Traffic loss is observed while performing NSSU. PR1311977
•
The major alarm Fan and PSU Airflow direction mismatch might be seen when removing the management
•
cable. PR1327561
A new configuration statement operational status detail statement is added in show poe interface.
•
PR1330183
The rpd process generates a core file on new backup Routing Engine at
•
task_quit,task_terminate_timer_callback,task_timer_dispatch,task_scheduler after disabling NSR+GRES.
PR1330750
Cannot install backup Linux first when both SSD partitions are corrupted. PR1342168
•
On EX2300-24MP chassis, the FAN count is incorrect in jnxFruName, jnxFilledDescr and
•
jnxContainersCount.4. PR1361025
On EX4300-48MP, while running regression scripts, syslog error Error in
•
bcm_port_sample_rate_set(ifl_cmd) : Reason Invalid port is seen. 1376504
IP transit traffic hits the lo0 filter. PR1379328
•
In EX4300-48MP on rare occasion, when arp-inspection and ip-source-guard are configured for around
•
150 VLANs together, then some port might show incorrect large value for DAI statistics. PR1379443
On rare occasions in EX4300-48MP, when dynamic-arp-inspectionand ip-source-guard are removed
•
and added back for around 150 VLANs in one go, then arp-inspection statistics for one of the port shows
garbage value. PR1379447
54
Interfaces and Chassis
On EX2300 and EX3400, IPv6 neighborship is not created on the IRB interface. PR1198482
•
The interface might not work properly after FPC restarts. PR1329896
•
Layer 2 Features
The DCPFE/FXPC process might crash and generate a core file. PR1362332
•
Layer 2 Ethernet Services
EX Series platforms might display a false positive CB alarm PMBus Device Fail. PR1298612
•
MPLS
A unified ISSU is not supported with MPLS configuration. PR1264786
•
Platform and Infrastructure
Autonegotiation is not working as expected between EX4300 and SRX5800. PR1311458
•
The FPC might crash because of the memory leak caused by the VTEP traffic. PR1356279
•
SEE ALSO
New and Changed Features | 32
Changes in Behavior and Syntax | 45
Known Behavior | 50
Known Issues | 51
Documentation Updates | 55
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 57
Documentation Updates
There are no errata or changes in Junos OS Release 18.2R1 documentation for the EX Series switches.
55
SEE ALSO
New and Changed Features | 32
Changes in Behavior and Syntax | 45
Known Behavior | 50
Known Issues | 51
Resolved Issues | 53
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 57
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
Upgrade and Downgrade Support Policy for Junos OS Releases | 56
This section contains the upgrade and downgrade support policy for Junos OS for the EX Series. Upgrading
or downgrading Junos OS can take several hours, depending on the size and configuration of the network.
For information about software installation and upgrade, see the Installation and Upgrade Guide.
NOTE: NSSU is not supported on EX2300-VC/EX3400-VC from Junos OS Release 15.1X53 to
Junos OS Release 18.1R1 or later releases. For example, NSSU is not supported from Junos OS
Release 15.1X53-D58 to Junos OS Release 18.1R1 or Junos OS Release 15.1X53-D57 to Junos
OS Release 18.2R1
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not
provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the
next EEOL release even though EEOL releases generally occur in increments beyond three releases.
56
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently
installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2 and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from
Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead
or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before
or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release
to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html.
SEE ALSO
New and Changed Features | 32
Changes in Behavior and Syntax | 45
Known Behavior | 50
Known Issues | 51
Resolved Issues | 53
Documentation Updates | 55
Product Compatibility | 57
Product Compatibility
IN THIS SECTION
Hardware Compatibility | 57
Hardware Compatibility
To obtain information about the components that are supported on the devices, and the special compatibility
guidelines with the release, see the Hardware Guide for the product.
To determine the features supported on EX Series switches in this release, use the Juniper Networks
Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature
information to find the right software release and hardware platform for your network. Find Feature
Explorer at https://pathfinder.juniper.net/feature-explorer/.
57
Hardware Compatibility Tool
For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms,
see the Hardware Compatibility tool.
SEE ALSO
New and Changed Features | 32
Changes in Behavior and Syntax | 45
Known Behavior | 50
Known Issues | 51
Resolved Issues | 53
Documentation Updates | 55
Migration, Upgrade, and Downgrade Instructions | 55
Junos OS Release Notes for Junos Fusion Enterprise
IN THIS SECTION
New and Changed Features | 58
Changes in Behavior and Syntax | 60
Known Behavior | 60
Known Issues | 61
Resolved Issues | 62
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63
Product Compatibility | 69
58
These release notes accompany Junos OS Release 18.2R1 for Junos Fusion Enterprise. Junos Fusion
Enterprise is a Junos Fusion that uses EX9200 switches in the aggregation device role. These release notes
describe new and changed features, limitations, and known problems in the hardware and software.
NOTE: For a complete list of all hardware and software requirements for a Junos Fusion
Enterprise, including which Juniper Networks devices can function as satellite devices, see
Understanding Junos Fusion Enterprise Software and Hardware Requirements .
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/product/en_US/junos-os.
New and Changed Features
IN THIS SECTION
Junos Fusion Enterprise | 59
This section describes the new features and enhancements to existing features in Junos OS Release 18.2R1
for Junos Fusion Enterprise.
NOTE: For more information about the Junos Fusion Enterprise features, see the Junos Fusion
Enterprise User Guide.
Junos Fusion Enterprise
Aggregation device support on EX9253 (Junos Fusion Enterprise)—Starting with Junos OS Release
•
18.2R1, EX9253 switches are supported as aggregation devices in a Junos Fusion Enterprise. The
aggregation device acts as the single point of management for all devices in the Junos Fusion Enterprise.
Junos Fusion Enterprise supports the 802.1BR standard.
[See Junos Fusion Enterprise Overview.]
Junos Fusion Enterprise support for EX4600 switches (Junos Fusion Enterprise)—Starting with Junos
•
OS Release 18.2R1, you can configure EX4600 switches as satellite devices in a Junos Fusion Enterprise
topology. The satellite device in a Junos Fusion topology is managed and configured by the aggregation
device. Junos Fusion Enterprise uses EX9200 switches in the aggregation device role.
59
[See Junos Fusion Enterprise Overview.]
SEE ALSO
Changes in Behavior and Syntax | 60
Known Behavior | 60
Known Issues | 61
Resolved Issues | 62
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63
Product Compatibility | 69
Changes in Behavior and Syntax
IN THIS SECTION
High Availability (HA) and Resiliency | 60
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS
statements and commands in Junos OS Release 18.2R1 for Junos Fusion Enterprise.
High Availability (HA) and Resiliency
commit fast-synchronize option not supported for products with single Routing Engine (Junos Fusion
•
Enterprise)—Starting in Junos OS Release 18.2R1, Junos OS does not support the configuration option
commit fast-synchronize at the [edit system] hierarchy level for all the products with single Routing
Engine for which chassis redundancy graceful-switchover is not supported. This option is disabled from
the CLI.
60
SEE ALSO
New and Changed Features | 58
Known Behavior | 60
Known Issues | 61
Resolved Issues | 62
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63
Product Compatibility | 69
Known Behavior
IN THIS SECTION
Junos Fusion Enterprise | 61
This section lists known behavior, system maximums, and limitations in hardware and software in Junos
OS Release 18.2R1 for Junos Fusion Enterprise.
For the most complete and latest information about known Junos OS problems, use the Juniper Networks
online Junos Problem Report Search application.
Junos Fusion Enterprise
In a Junos Fusion Enterprise, it can take 6 to 30 seconds for the traffic to converge when the aggregation
•
device is powered off or powered on. PR1257057
SEE ALSO
New and Changed Features | 58
Changes in Behavior and Syntax | 60
61
Known Issues | 61
Resolved Issues | 62
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63
Product Compatibility | 69
Known Issues
IN THIS SECTION
Junos Fusion Enterprise | 62
This section lists the known issues in hardware and software in Junos OS Release 18.2R1 for Junos Fusion
Enterprise.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Junos Fusion Enterprise
In a Junos Fusion Enterprise, it can take 6 to 30 seconds for the traffic to converge when the aggregation
•
device is powered off or powered on. PR1257057
SEE ALSO
New and Changed Features | 58
Changes in Behavior and Syntax | 60
Known Behavior | 60
Resolved Issues | 62
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63
Product Compatibility | 69
62
Resolved Issues
IN THIS SECTION
Resolved Issues: 18.2R1 | 62
This section lists the issues fixed in the Junos OS main release and the maintenance releases.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Resolved Issues: 18.2R1
Mirrored packets are dropped if analyzer output extended port is reachable via the ICL link. PR1211123
•
In a Junos Fusion Enterprise, an SCPD core might be seen on an aggregation device when DACL on
•
dot1x enabled port is installed on a single homed satellite device. PR1328247
DHCP security binding entries are not synced after the FPC comes offline or online. PR1332828
•
In a Junos Fusion Enterprise, there is an issue with 802.1X re-authentication. PR1345365
•
SEE ALSO
New and Changed Features | 58
Changes in Behavior and Syntax | 60
Known Behavior | 60
Known Issues | 61
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63
Product Compatibility | 69
Documentation Updates
There are no errata or changes in Junos OS Release 18.2R1 for Junos Fusion Enterprise documentation.
63
SEE ALSO
New and Changed Features | 58
Changes in Behavior and Syntax | 60
Known Behavior | 60
Known Issues | 61
Resolved Issues | 62
Migration, Upgrade, and Downgrade Instructions | 63
Product Compatibility | 69
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
Basic Procedure for Upgrading Junos OS on an Aggregation Device | 64
Upgrading an Aggregation Device with Redundant Routing Engines | 66
Preparing the Switch for Satellite Device Conversion | 66
Converting a Satellite Device to a Standalone Switch | 68
Upgrade and Downgrade Support Policy for Junos OS Releases | 68
Downgrading from Junos OS Release 18.2 | 68
This section contains the procedure to upgrade or downgrade Junos OS and satellite software for a Junos
Fusion Enterprise. Upgrading or downgrading Junos OS and satellite software might take several hours,
depending on the size and configuration of the Junos Fusion Enterprise topology.
Basic Procedure for Upgrading Junos OS on an Aggregation Device
When upgrading or downgrading Junos OS for an aggregation device, always use the junos-install package.
Use other packages (such as the jbundle package) only when so instructed by a Juniper Networks support
representative. For information about the contents of the junos-install package and details of the installation
process, see the Installation and Upgrade Guide.
64
NOTE: Before upgrading, back up the file system and the currently active Junos OS configuration
so that you can recover to a known, stable environment in case the upgrade is unsuccessful.
Issue the following command:
user@host> request system snapshot
The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration
information from the previous software installation is retained, but the contents of log files might
be erased. Stored files on the routing platform, such as configuration templates and shell scripts
(the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored
files, copy them to another system before upgrading or downgrading the routing platform. See
the Junos OS Administration Library.
To download and install Junos OS:
1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:
https://www.juniper.net/support/downloads/
2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address)
and password supplied by Juniper Networks representatives.
3. Select By Technology > Junos Platform > Junos Fusion to find the software that you want to download.
4. Select the release number (the number of the software version that you want to download) from the
Version drop-down list on the right of the page.
5. Select the Software tab.
6. Select the software package for the release.
7. Review and accept the End User License Agreement.
8. Download the software to a local host.
9. Copy the software to the routing platform or to your internal software distribution site.
10. Install the new junos-install package on the aggregation device.
NOTE: We recommend that you upgrade all software packages out of band using the console
because in-band connections are lost during the upgrade process.
65
Customers in the United States and Canada, use the following commands, where n is the spin number.
user@host> request system software add validate reboot
source/junos-install-ex92xx-x86-64-18.2R1.n.tgz
All other customers, use the following commands, where n is the spin number.
user@host> request system software add validate reboot
source/junos-install-ex92xx-x86-64-18.2R1.n-limited.tgz
Replace source with one of the following values:
/pathname—For a software package that is installed from a local directory on the router.
•
For software packages that are downloaded and installed from a remote location:
•
ftp://hostname/pathname
•
http://hostname/pathname
•
scp://hostname/pathname (available only for Canada and U.S. version)
•
The validate option validates the software package against the current configuration as a prerequisite
to adding the software package to ensure that the router reboots successfully. This is the default
behavior when the software package being added is a different release.
Adding the reboot command reboots the router after the upgrade is validated and installed. When the
reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.
Rebooting occurs only if the upgrade is successful.
Upgrading an Aggregation Device with Redundant Routing Engines
If the aggregation device has two Routing Engines, perform a Junos OS installation on each Routing Engine
separately to minimize disrupting network operations as follows:
1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the
configuration change to both Routing Engines.
2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running
software version on the master Routing Engine.
3. After making sure that the new software version is running correctly on the backup Routing Engine,
switch over to the backup Routing Engine to activate the new software.
66
4. Install the new software on the original master Routing Engine that is now active as the backup Routing
Engine.
For the detailed procedure, see the Installation and Upgrade Guide.
Preparing the Switch for Satellite Device Conversion
There are multiple methods to upgrade or downgrade satellite software in your Junos Fusion Enterprise.
See Configuring or Expanding a Junos Fusion Enterprise.
For satellite device hardware and software requirements, see Understanding Junos Fusion Enterprise
Software and Hardware Requirements.
Use the following command to install Junos OS on a switch before converting it into a satellite device:
user@host> request system software add validate reboot source/package-name
NOTE: The following conditions must be met before a Junos switch that is running Junos OS
Release 14.1X53-D43 can be converted to a satellite device when the action is initiated from
the aggregation device:
The Junos switch can only be converted to SNOS 3.1 and higher.
•
The Junos switch must be either set to factory default configuration to factory default
•
configuration using the request system zeroize command, or the following command must be
included in the configuration: set chassis auto-satellite-conversion.
When the interim installation has completed and the switch is running a version of Junos OS that is
compatible with satellite device conversion, perform the following steps:
1. Log in to the device using the console port.
2. Clear the device:
[edit]
user@satellite-device# request system zeroize
NOTE: The device reboots to complete the procedure for resetting the device.
If you are not logged in to the device using the console port connection, your connection to the device
is lost after you enter the request system zeroize command.
If you lose connection to the device, log in using the console port.
67
3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces
from Virtual Chassis ports (VCPs) into network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number
For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into
network ports:
user@satellite-device>request virtual-chassis vc-port delete pic-slot 1 port 0
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 1
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 2
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 3
This step is required for the 40-Gbps QSFP+ interfaces that will be used as uplink interfaces in a Junos
Fusion topology. Built-in 40-Gbps QSFP+ interfaces on EX4300 switches are configured into VCPs by
default, and the default settings are restored after the device is reset.
After this initial preparation, you can use one of three methods to convert your switches into satellite
devices—autoconversion, manual conversion, or preconfiguration. See Configuring or Expanding a Junos
Fusion Enterprise for detailed configuration steps for each method.
Converting a Satellite Device to a Standalone Switch
In the event that you need to convert a satellite device to a standalone device, you will need to install a
new Junos OS software package on the satellite device and remove it from the Junos Fusion topology.
For more information, see Converting a Satellite Device to a Standalone Device.
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not
provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the
next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently
installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2 and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from
Junos OS Release 17.1 to Release 17.3.
68
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead
or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before
or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release
to your target release.
For more information on EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html
Downgrading from Junos OS Release 18.2
Junos Fusion Enterprise is first supported in Junos OS Release 16.1, although you can downgrade a
standalone EX9200 switch to earlier Junos OS releases.
NOTE: You cannot downgrade more than three releases.
For more information, see the Installation and Upgrade Guide.
To downgrade a Junos Fusion Enterprise from Junos OS Release 18.2R1, follow the procedure for upgrading,
but replace the 18.1 junos-install package with one that corresponds to the appropriate release.
SEE ALSO
New and Changed Features | 58
Changes in Behavior and Syntax | 60
Known Behavior | 60
Known Issues | 61
Resolved Issues | 62
Documentation Updates | 63
Product Compatibility | 69
Product Compatibility
IN THIS SECTION
Hardware and Software Compatibility | 69
Hardware Compatibility Tool | 69
69
Hardware and Software Compatibility
For a complete list of all hardware and software requirements for a Junos Fusion Enterprise, including
which Juniper Networks devices function as satellite devices, see Understanding Junos Fusion Enterprise
Software and Hardware Requirements in the Junos Fusion Enterprise User Guide.
To determine the features supported in a Junos Fusion, use the Juniper Networks Feature Explorer, a
Web-based application that helps you to explore and compare Junos OS feature information to find the
right software release and hardware platform for your network. Find Feature Explorer at:
https://pathfinder.juniper.net/feature-explorer/
Hardware Compatibility Tool
For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms,
see the Hardware Compatibility tool.
SEE ALSO
New and Changed Features | 58
Changes in Behavior and Syntax | 60
Known Behavior | 60
Known Issues | 61
Resolved Issues | 62
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63
Junos OS Release Notes for Junos Fusion Provider Edge
IN THIS SECTION
70
New and Changed Features | 70
Changes in Behavior and Syntax | 71
Known Behavior | 72
Known Issues | 73
Resolved Issues | 74
Documentation Updates | 75
Migration, Upgrade, and Downgrade Instructions | 75
Product Compatibility | 84
These release notes accompany Junos OS Release 18.2R1 for the Junos Fusion Provider Edge. They
describe new and changed features, limitations, and known and resolved problems in the hardware and
software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/product/en_US/junos-os.
New and Changed Features
There are no new features or enhancements to existing features for Junos Fusion Provider Edge in Junos
OS Release 18.2R1.
SEE ALSO
Changes in Behavior and Syntax | 71
Known Behavior | 72
Known Issues | 73
Resolved Issues | 74
Documentation Updates | 75
Migration, Upgrade, and Downgrade Instructions | 75
Product Compatibility | 84
Changes in Behavior and Syntax
IN THIS SECTION
71
High Availability (HA) and Resiliency | 71
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS
statements and commands in Junos OS Release 18.2R1 or later for Junos Fusion Provider Edge.
High Availability (HA) and Resiliency
commit fast-synchronize option not supported for products with single Routing Engine (Junos Fusion
•
Provider Edge)—Starting in Junos OS Release 18.2R1, Junos OS does not support the configuration
option commit fast-synchronize at the [edit system] hierarchy level for all the products with single
Routing Engine for which chassis redundancy graceful-switchover is not supported. This option is
disabled from the CLI.
SEE ALSO
New and Changed Features | 70
Known Behavior | 72
Known Issues | 73
Resolved Issues | 74
Documentation Updates | 75
Migration, Upgrade, and Downgrade Instructions | 75
Product Compatibility | 84
Known Behavior
IN THIS SECTION
Junos Fusion | 72
This section lists known behavior, system maximums, and limitations in hardware and software in Junos
OS Release 18.2R1 for Junos Fusion Provider Edge.
72
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Junos Fusion
In Junos Fusion with EVPN solution when an Aggregation Device looses EVPN connectivity with rest
•
of the Aggregation Devices then LACP over extended ports on this core isolated Aggregation Device
will be brought down until EVPN connectivity is restored. PR1327784
SEE ALSO
New and Changed Features | 70
Changes in Behavior and Syntax | 71
Known Issues | 73
Resolved Issues | 74
Documentation Updates | 75
Migration, Upgrade, and Downgrade Instructions | 75
Product Compatibility | 84
Known Issues
IN THIS SECTION
Junos Fusion | 73
This section lists the known issues in hardware and software in Junos OS Release 18.2R1 for Junos Fusion
Provider Edge.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Junos Fusion
73
In Junos Fusion, once the interface is marked Loop Detect PDU Error: Detected in the show interface
•
<intf_name> command, then clear error loop-detect interface <intf_name or all> has to be executed
on all aggregration devices to bring the interface to the up state. PR1327366
SEE ALSO
New and Changed Features | 70
Changes in Behavior and Syntax | 71
Known Behavior | 72
Resolved Issues | 74
Documentation Updates | 75
Migration, Upgrade, and Downgrade Instructions | 75
Product Compatibility | 84
Resolved Issues
IN THIS SECTION
Class of Service (CoS) | 74
Junos Fusion | 74
This section lists the issues fixed in the Junos OS Release 18.2R1 for Junos Fusion Provider Edge.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Class of Service (CoS)
74
Aggregated Ethernet link-protection feature is not supported. PR1355498
•
Junos Fusion
Duplicated packets might be received on the multicast downstream devices and multicast receivers.
•
PR1316499
In Junos fusion, the show interfaces diagnostics optics satellite command does not display any outputs.
•
PR1327876
High IGMP leave latency occurs with IGMP snooping in EVPN. PR1327980
•
In Junos Fusion, an aggregate device might show a plus sign (+) sign on the ICL link for a satellite device.
•
PR1335373
SEE ALSO
New and Changed Features | 70
Changes in Behavior and Syntax | 71
Known Behavior | 72
Known Issues | 73
Documentation Updates | 75
Migration, Upgrade, and Downgrade Instructions | 75
Product Compatibility | 84
Documentation Updates
There are no errata or changes in Junos OS Release 18.2R1 documentation for Junos Fusion Provider
Edge.
SEE ALSO
New and Changed Features | 70
Changes in Behavior and Syntax | 71
Known Behavior | 72
Known Issues | 73
75
Resolved Issues | 74
Migration, Upgrade, and Downgrade Instructions | 75
Product Compatibility | 84
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
Basic Procedure for Upgrading an Aggregation Device | 76
Upgrading an Aggregation Device with Redundant Routing Engines | 78
Preparing the Switch for Satellite Device Conversion | 79
Converting a Satellite Device to a Standalone Device | 80
Upgrading an Aggregation Device | 83
Upgrade and Downgrade Support Policy for Junos OS Releases | 83
Downgrading from Release 18.2 | 83
This section contains the procedure to upgrade Junos OS, and the upgrade and downgrade policies for
Junos OS for Junos Fusion Provider Edge. Upgrading or downgrading Junos OS might take several hours,
depending on the size and configuration of the network.
Basic Procedure for Upgrading an Aggregation Device
When upgrading or downgrading Junos OS, always use the jinstall package. Use other packages (such as
the jbundle package) only when so instructed by a Juniper Networks support representative. For information
about the contents of the jinstall package and details of the installation process, see the Installation and
Upgrade Guide.
NOTE: Before upgrading, back up the file system and the currently active Junos OS configuration
so that you can recover to a known, stable environment in case the upgrade is unsuccessful.
Issue the following command:
user@host> request system snapshot
76
The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration
information from the previous software installation is retained, but the contents of log files might
be erased. Stored files on the routing platform, such as configuration templates and shell scripts
(the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored
files, copy them to another system before upgrading or downgrading the routing platform. See
the Junos OS Administration Library.
The download and installation process for Junos OS Release 18.2R1 is different that for earlier Junos OS
releases.
1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:
https://www.juniper.net/support/downloads/
2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address)
and password supplied by Juniper Networks representatives.
3. Select By Technology > Junos Platform > Junos Fusion to find the software that you want to download.
4. Select the release number (the number of the software version that you want to download) from the
Version drop-down list to the right of the page.
5. Select the Software tab.
6. Select the software package for the release.
7. Review and accept the End User License Agreement.
8. Download the software to a local host.
9. Copy the software to the routing platform or to your internal software distribution site.
10. Install the new jinstall package on the aggregation device.
NOTE: We recommend that you upgrade all software packages out-of-band using the console,
because in-band connections are lost during the upgrade process.
Customers in the United States and Canada, use the following commands.
For 64-bit software:
•
77
NOTE: We highly recommend that you see 64-bit Junos OS software when implementing
Junos Fusion Provider Edge.
user@host> request system software add validate reboot
source/jinstall64-18.2R1.SPIN-domestic-signed.tgz
For 32-bit software:
•
user@host> request system software add validate reboot
source/jinstall-18.2R1.SPIN-domestic-signed.tgz
All other customers, use the following commands.
For 64-bit software:
•
NOTE: We highly recommend that you see 64-bit Junos OS software when implementing
Junos Fusion Provider Edge.
user@host> request system software add validate reboot
source/jinstall64-18.2R1.SPIN-export-signed.tgz
For 32-bit software:
•
user@host> request system software add validate reboot
source/jinstall-18.2R1.SPIN-export-signed.tgz
Replace source with one of the following values:
/pathname—For a software package that is installed from a local directory on the router.
•
For software packages that are downloaded and installed from a remote location:
•
ftp://hostname/pathname
•
http://hostname/pathname
•
scp://hostname/pathname (available only for the Canada and U.S. version)
•
The validate option validates the software package against the current configuration as a prerequisite
for adding the software package to ensure that the router reboots successfully. This is the default
behavior when the software package being added is for a different release.
78
Adding the reboot command reboots the router after the upgrade is validated and installed. When the
reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.
Rebooting occurs only if the upgrade is successful.
NOTE: After you install a Junos OS Release 18.2R1 jinstall package, you cannot return to the
previously installed software by issuing the request system software rollback command. Instead,
you must issue the request system software add validate command and specify the jinstall
package that corresponds to the previously installed software.
Upgrading an Aggregation Device with Redundant Routing Engines
If the aggregation device has two Routing Engines, perform a Junos OS installation on each Routing Engine
separately as follows to minimize disrupting network operations:
1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the
configuration change to both Routing Engines.
2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running
software version on the master Routing Engine.
3. After making sure that the new software version is running correctly on the backup Routing Engine,
switch over to the backup Routing Engine to activate the new software.
4. Install the new software on the original master Routing Engine that is now active as the backup Routing
Engine.
For the detailed procedure, see the Installation and Upgrade Guide.
Preparing the Switch for Satellite Device Conversion
Satellite devices in a Junos Fusion topology use a satellite software package that is different from the
standard Junos OS software package. Before you can install the satellite software package on a satellite
device, you first need to upgrade the target satellite device to an interim Junos OS software version that
can be converted to satellite software. For satellite device hardware and software requirements, see
Understanding Junos Fusion Software and Hardware Requirements
NOTE: The following conditions must be met before a standalone switch that is running Junos
OS Release 14.1X53-D43 can be converted to a satellite device when the action is initiated from
the aggregation device:
79
The switch can only be converted to SNOS 3.1 and higher.
•
The switch must be either set to factory-default configuration using the request system zeroize
•
command, or the following command must be included in the configuration: set chassis
auto-satellite-conversion.
Customers with EX4300 switches, use the following command:
user@host> request system software add validate reboot
source/jinstall-ex-4300-14.1X53-D43.3-domestic-signed.tgz
Customers with QFX5100 switches, use the following command:
user@host> request system software add reboot
source/jinstall-qfx-5-14.1X53-D43.3-domestic-signed.tgz
When the interim installation has completed and the switch is running a version of Junos OS that is
compatible with satellite device conversion, perform the following steps:
1. Log in to the device using the console port.
2. Clear the device:
[edit]
user@satellite-device# request system zeroize
NOTE: The device reboots to complete the procedure for resetting the device.
If you are not logged in to the device using the console port connection, your connection to the device
is lost after you enter the request system zeroize command.
If you lose your connection to the device, log in using the console port.
3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces
from Virtual Chassis ports (VCPs) into network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number
For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into
network ports:
80
user@satellite-device>request virtual-chassis vc-port delete pic-slot 1 port 0
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 1
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 2
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 3
This step is required for the 40-Gbps QSFP+ interfaces that will be used as uplink interfaces in a Junos
Fusion topology. Built-in 40-Gbps QSFP+ interfaces on EX4300 switches are configured into VCPs by
default, and the default settings are restored after the device is reset.
After this initial preparation, you can use one of three methods to convert your switches into satellite
devices—autoconversion, manual conversion, and preconfiguration. See Configuring Junos Fusion Provider
Edge for detailed configuration steps for each method.
Converting a Satellite Device to a Standalone Device
In the event that you need to convert a satellite device to a standalone device, you will need to install a
new Junos OS software package on the satellite device and remove the satellite device from the Junos
Fusion topology.
NOTE: If the satellite device is a QFX5100 switch, you need to install a PXE version of Junos
OS. The PXE version of Junos OS is software that includes pxe in the Junos OS package name
when it is downloaded from the Software Center—for example, the PXE image for Junos OS
Release 14.1X53-D43 is named install-media-pxe-qfx-5-14.1X53-D43.3-signed.tgz . If the
satellite device is an EX4300 switch, you install a standard jinstall-ex-4300 version of Junos OS.
The following steps explain how to download software, remove the satellite device from Junos Fusion,
and install the Junos OS software image on the satellite device so that the device can operate as a standalone
device.
1. Using a Web browser, navigate to the Junos OS software download URL on the Juniper Networks
webpage:
https://www.juniper.net/support/downloads
2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address)
and password supplied by Juniper Networks representatives.
81
3. Select By Technology > Junos Platform > Junos Fusion from the drop-down list and select the switch
platform series and model for your satellite device.
4. Select the Junos OS Release 14.1X53-D30 software image for your platform.
5. Review and accept the End User License Agreement.
6. Download the software to a local host.
7. Copy the software to the routing platform or to your internal software distribution site.
8. Remove the satellite device from the automatic satellite conversion configuration.
If automatic satellite conversion is enabled for the satellite device’s member number, remove the
member number from the automatic satellite conversion configuration. The satellite device’s member
number is the same as the FPC slot ID.
[edit]
user@aggregation-device# delete chassis satellite-management auto-satellite-conversion
satellite member-number
For example, to remove member number 101 from Junos Fusion:
[edit]
user@aggregation-device# delete chassis satellite-management auto-satellite-conversion
satellite 101
You can check the automatic satellite conversion configuration by entering the show command at the
[edit chassis satellite-management auto-satellite-conversion] hierarchy level.
9. Commit the configuration.
To commit the configuration to both Routing Engines:
[edit]
user@aggregation-device# commit synchronize
Otherwise, commit the configuration to a single Routing Engine:
[edit]
user@aggregation-device# commit
82
10. Install the Junos OS software on the satellite device to convert the device to a standalone device.
[edit]
user@aggregation-device> request chassis satellite install URL-to-software-package fpc-slot
member-number
For example, to install a PXE software package stored in the /var/tmp directory on the aggregation
device onto a QFX5100 switch acting as the satellite device using FPC slot 101:
[edit]
user@aggregation-device> request chassis satellite install
/var/tmp/install-media-pxe-qfx-5-14.1X53-D43.3-signed.tgz fpc-slot 101
For example, to install a software package stored in the var/tmp directory on the aggregation device
onto an EX4300 switch acting as the satellite device using FPC slot 101:
[edit]
user@aggregation-device> request chassis satellite install
/var/tmp/jinstall-ex-4300-14.1X53-D30.3-domestic-signed.tgz fpc-slot 101
The satellite device stops participating in the Junos Fusion topology once the software installation
starts. The software upgrade starts after this command is entered.
11. Wait for the reboot that accompanies the software installation to complete.
12. When you are prompted to log back into your device, uncable the device from the Junos Fusion topology.
See Removing a Transceiver from a QFX Series Device or Remove a Transceiver, as needed. Your device
has been removed from Junos Fusion.
NOTE: The device uses a factory-default configuration after the Junos OS installation is
complete.
Upgrading an Aggregation Device
When you upgrade an aggregation device to Junos OS Release 18.2R1, you must also upgrade your satellite
device to Satellite Device Software version 3.1R1.
83
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not
provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the
next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently
installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from
Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead
or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before
or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release
to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html.
Downgrading from Release 18.2
To downgrade from Release 18.2 to another supported release, follow the procedure for upgrading, but
replace the 18.2 jinstall package with one that corresponds to the appropriate release.
NOTE: You cannot downgrade more than three releases.
For more information, see the Installation and Upgrade Guide.
SEE ALSO
New and Changed Features | 70
Changes in Behavior and Syntax | 71
Known Behavior | 72
Known Issues | 73
Resolved Issues | 74
Documentation Updates | 75
84
Product Compatibility | 84
Product Compatibility
IN THIS SECTION
Hardware Compatibility | 84
Hardware Compatibility
Hardware Compatibility
To obtain information about the components that are supported on the devices, and special compatibility
guidelines with the release, see the Hardware Guide and the Interface Module Reference for the product.
To determine the features supported on MX Series devices in this release, use the Juniper Networks
Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature
information to find the right software release and hardware platform for your network. See the Feature
Explorer.
Hardware Compatibility Tool
For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms,
see the Hardware Compatibility tool.
SEE ALSO
New and Changed Features | 70
Changes in Behavior and Syntax | 71
Known Behavior | 72
Known Issues | 73
Resolved Issues | 74
Documentation Updates | 75
Migration, Upgrade, and Downgrade Instructions | 75
85
Junos OS Release Notes for MX Series 5G Universal Routing Platforms
IN THIS SECTION
New and Changed Features | 86
Changes in Behavior and Syntax | 107
Known Behavior | 112
Known Issues | 116
Resolved Issues | 125
Documentation Updates | 144
Migration, Upgrade, and Downgrade Instructions | 144
Product Compatibility | 151
These release notes accompany Junos OS Release 18.2R1 for the MX Series. They describe new and
changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/product/en_US/junos-os.
New and Changed Features
IN THIS SECTION
Release 18.2R1-S4 New and Changed Features | 86
Release 18.2R1-S2 New and Changed Features | 86
Release 18.2R1 New and Changed Features | 87
86
This section describes the new features and enhancements to existing features in Junos OS Release 18.2R1
for the MX Series routers.
Release 18.2R1-S4 New and Changed Features
Services Applications
Inline JFlow support for EVPN traffic (MX10008)—Starting in Junos OS Release 18.2R1-S4, inline Jflow
•
supports sampling under the bridge family. Inline Jflow monitors traffic hitting the bridge family and
reports the necessary fields in either version 9 or IPFIX format.
A new family bridge is introduced under the [edit forwarding-options sampling instance] hierarchy that
monitors all traffic hitting the VPLS or bridge family.
[See Understanding Inline Active Flow Monitoring.]
Release 18.2R1-S2 New and Changed Features
Routing Protocols
Support for IPv4 VPN unicast and IPv6 VPN unicast address families in BGP (MX Series)—Starting with
•
Junos OS Release 18.2R1-S2, the following address families are supported to enable advertisement
and/or reception of multiple paths to a destination to/from the same BGP peer, instead of
advertising/receiving only the active path to/from the same BGP peer, under [edit protocols bgp group
group-name] hierarchy.
IPv4 VPN unicast (family inet-vpn)
•
IPv6 VPN unicast (family inet6-vpn)
•
Release 18.2R1 New and Changed Features
Hardware
Support for JNP10K-LC2101 MPC (MX10008)—Starting in Junos OS Release 18.2R1, Junos OS supports
•
a new fixed-configuration MPC, JNP10K-LC2101. A fixed-configuration MPC does not contain separate
slots for Modular Interface Cards (MICs). MX10008 routers support eight JNP10K-LC2101 MPCs. The
JNP10K-LC2101 MPC provides a maximum bandwidth of 2.4Tbps and has six Packet Forwarding Engines,
each providing a maximum bandwidth of up to 400 Gbps, which cannot be oversubscribed. You can
configure the bandwidth of the MPC to provide a decreased bandwidth of 1.44Tbps as well, if required.
Use the set chassis fpc fpc-slot-number pfe-bandwidth 240g to modify the forwarding capacity of each
PFE to 240 Gbps.
JNP10K-LC2101 supports:
Multi-rate ports. The ports on the JNP10K-LC2101 MPC support multiple port speeds such as 10
•
Gbps, 40 Gbps, and 100 Gbps. Hence, they are known as multi-rate ports. All ports support all port
speeds. To view the port speed information for each port, use the show chassis pic fpc-slot
fpc-slot-number pic-slot pic-slot-number command.
87
PIC-based tunnel configuration.
•
Maximum transmission unit (MTU) size of 16,000 bytes for transit traffic.
•
Dynamic Power Management for effective utilization of available power.
•
Flexible queuing supports 128,000 queues per line card, including queues on both ingress and egress
•
interfaces. You can use an additional license to support up to 256,000 queues or 1,500,000 queues
per slot.
See JNP10K-LC2101 MPC on MX10008 Routers Overview
JNP10K-LC2101 MPC (MX10008)—Starting with Junos OS Release 18.2R1, JNP10K-LC2101 MPC is
•
supported on the MX10008 router. The JNP10K-LC2101 MPC has fixed MPC ports with 2.4 Tbps and
supports 24 100-Gigabit Ethernet QSFP28 ports, and 24 40-Gigabit Ethernet QSFP ports, and 96
10-Gigabit Ethernet ports using a breakout cable (4x10 Gigabit Ethernet). The MPC also supports
combinations of 100-Gigabit Ethernet, 40-Gigabit Ethernet, and 10-Gigabit Ethernet ports.
New Routing and Control Board REMX2008-X8-128G (MX2008)—Starting in Junos OS Release 18.2R1,
•
the Routing and Control Board (RCB), REMX2008-X8-128G is supported on MX2008 routers. The RCB
has increased memory and storage to support node virtualization . The RCB is equipped with an 8-Core
2.3 GHz processor, 128 GB memory, and two 200 GB SSDs and also supports Secure Boot for enhanced
boot security.
[See MX2008 Routing and Control Board (MX2008 RCB) Description.]
Authentication and Access Control
Enhancement to NTP authentication method (MX240, MX480, MX960, MX2020, and MX2010)—
•
Starting in Junos OS Release 18.2R1, Junos OS supports NTP authentication for both SHA-1 and
SHA2-256, in addition to the existing NTP authentication method, MD5. You can now choose from
among MD5, SHA-1, and SHA2-256 for synchronizing the clocks of Juniper Network routers, switches,
and other security devices on the Internet. Using SHA-1 instead of MD5 improves the security of devices
with very little impact to timing, while using SHA2-256 provides an increase in security over SHA-1.
NOTE: By default, network time synchronization is unauthenticated.
To implement authentication, use set authentication-key <key_number> type at the [edit system ntp]
hierarchy level.
To enable SHA-1 authentication, use set authentication key <key_number> type sha1 value <password>
•
at the [edit system ntp] hierarchy level.
To enable SHA2-256 authentication, use set authentication key <key_number> type sha256 value
•
<password> at the [edit system ntp] hierarchy level.
88
[See authentication-key and Configuring NTP Authentication Keys]
Authentication, Authorization, and Accounting (AAA) (RADIUS)
Existing TACACS+ behavior is made VRF aware (MX Series)—Starting in Junos OS Release 18.2R1, the
•
routing-instance statement at the [edit system tacplus-server server-address] hierarchy level and [edit
system accounting destination tacplus server server-address] hierarchy level can now be used to
configure any routing instance present under the [edit routing-instances] hierarchy level. TACACS+
traffic uses the configured routing instance, whatever the name. Before, the routing-instance statement
at the [edit system tacplus-server server-address] hierarchy level and [edit system accounting destination
tacplus server server-address] hierarchy level could be used only to configure the mgmt_junos routing
instance.
[See Configuring TACACS+ Authentication and Configuring TACACS+ System Accounting.]
Class of Service (CoS)
Support for collecting aggregate queue statistics for underlying logical interfaces (MX Series)—By
•
default to preserve memory resources, aggregate queue statistics are not collected for underlying logical
interfaces (Level 2 interfaces). Queue statistics are only collected for the upper-level logical interfaces
(Level 3 and above) and the physical interface (Level 1). By default the command show interfaces queue
interface-name shows all zeroes for underlying logical interfaces. Starting with Junos OS Release 18.2R1,
you can enable the collection of aggregate queue statistics for all underlying logical interfaces on a
particular physical or aggregate (for example, ae0) interface by enabling
logical-interface-aggregate-statistics at the [edit class-of-service interfaces interface-name] hierarchy
level. You can show the aggregate queue statistics by running the show interfaces queue interface-name
command.
[See logical-interface-aggregate-statistics.]
Support for excluding the overhead bytes from queue statistics (MX Series)—By default, the Layer 2
•
header bytes applied to upper-level logical interfaces are included in CoS per-queue statistics at the
physical interface, which can provide inaccurate results. Starting with Junos OS Release 18.2R1, you
can exclude the counting of overhead bytes from aggregate queue statistics by enabling
exclude-queue-overhead-bytes option at the [edit class-of-service interfaces interface-name] hierarchy
level. To also exclude the counting of overhead bytes from aggregate queue statistics of all child interfaces,
including logical interfaces and interface sets, add the include-hierarchy option at the [edit class-of-service
interfaces interface-name exclude-queue-overhead-bytes] hierarchy level.
[See exclude-queue-overhead-bytes.]
Support for bypass-queuing-chip option (vMX)—Starting with Junos OS Release 18.2R1, the
•
bypass-queuing-chip option at the [edit class-of-service interfaces interface-name] hierarchy level is
supported on vMX routers. Enable this option on vMX routers to save a vCPU when scheduling is not
needed on an interface. With this option, be careful not to oversubscribe the interface bandwidth.
89
[See bypass-queuing-chip.]
EVPN
•
NOTE: This feature is documented but not supported in Junos OS Release 18.2R1
NSR and unified ISSU support for point-to-multipoint LSP for EVPN provider tunnel (MX Series and
vMX)—Starting in Junos OS Release 18.2R1, Junos OS provides nonstop routing (NSR) and unified ISSU
support for point-to-multipoint (P2MP) inclusive provider tunnels. This ensures that broadcast, unknown
unicast, and multicast (BUM) packets continue after a Routing Engine switchover occurs when NSR is
enabled.
NOTE: Unified ISSU is not supported on the vMX routers.
[See Understanding P2MPs LSP for the EVPN Inclusive Provider Tunnel.]
Support for EVPN-VPWS flexible cross-connect (MX Series)—Starting with Junos OS Release 18.2R1,
•
Ethernet VPN (EVPN) virtual private wire service (VPWS) flexible cross-connect is introduced to address
a label resource issue that could occur on some low end access routers. This is possible when there are
a group of attachment circuits (ACs) under the same EVPN instance (EVI) and share the same label.
NOTE: The label resource issue is applicable to a service edge router that is interoperable with
the access router that uses FXC scheme to conserve its label usage. It is assumed that the label
resource issue does not apply to Juniper Networks service edge router, the vMX (or MX), that
uses the pseudowire subscriber interface. Thus there is no change for the label assign scheme
on the service edge router with regular EVPN-VPWS pseudowire subscriber head-end
termination.
[See Overview of Flexible Cross-Connect Support on VPWS with EVPN.]
Support for head-end termination for EVPN VPWS for business services (MX Series)—Starting with
•
Junos OS Release 18.2R1, Ethernet VPN (EVPN) virtual private wire service (VPWS) is supported on
pseudowire subscriber logical interface.
Prior to Junos OS 18.2 Release, pseudowire subscriber logical interface is used with either Layer 2 circuit
or Layer 2 VPN for psuedowire headend termination service.
An Ethernet VPN (EVPN) enables you to connect dispersed customer sites using a Layer 2 virtual bridge.
Virtual private wire service (VPWS) Layer 2 VPNs employ Layer 2 services over MPLS to build a topology
of point-to-point connections that connect end customer sites in a VPN. EVPN-VPWS as a next generation
of pseudowire subscriber interface technology brings the benefit of EVPN to point-to-point service by
providing fast convergence upon node failure and link failure through its multihoming feature. As a result,
you can use EVPN-VPWS on pseudowire subscriber interface for head-end termination into different
services.
90
You can configure the pseudowire subscriber logical interface for EVPN-VPWS so that the pseudowire
established by EVPN-VPWS can be headend terminated into either Layer 3 VPN or BGP-VPLS. The
head-end termination covers single (single-homed) pseudowire termination and redundant (multihomed)
pseudowire termination into Layer 3 VPN and BGP-VPLS.
[See Overview of Pseudowire Subscriber Logical Interface Support on VPWS with EVPN.]
EVPN pure type-5 route support (MX Series)—Starting with Junos OS Release 18.2R1, you can configure
•
pure type-5 routing in an Ethernet VPN (EVPN) Virtual Extensible LAN (VXLAN) environment. Pure
type-5 routing is used when the Layer 2 domain does not exist at the remote data centers. A pure type-5
route advertises the summary IP prefix and includes a BGP extended community called a router MAC,
which is used to carry the MAC address of the sending switch and to provide next-hop reachability for
the prefix. To configure pure type-5 routing, include the ip-prefix-routes advertise direct-nexthop
statement at the [edit routing-instances routing-instance-name protocols evpn] hierarchy level. To enable
two-level equal-cost multipath (ECMP) next hops in an EVPN-VXLAN overlay network, you must also
include the overlay-ecmp statement at the [edit forwarding-options vxlan-routing] hierarchy level.
[See Understanding EVPN Pure Route Type-5.]
IGMP snooping support for EVPN-MPLS (MX Series, vMX)—Starting with Junos OS Release 18.2R1,
•
you can configure IGMP snooping on MX Series routers with MPCs and vMX routers in an Ethernet
VPN (EVPN) over an MPLS network. Enabling IGMP snooping helps to constrain multicast traffic to
interested receivers in a broadcast domain.
Multicast sources and receivers in the EVPN instance (EVI) can each be single-homed to one provider
edge (PE) device or multihomed (in all-active mode only) to multiple PE devices. When IGMP snooping
is configured with multihomed receivers, IGMP state information is synchronized among peer PE devices
by exchanging BGP EVPN Type 7 (Join Sync Route) and Type 8 (Leave Sync Route) network layer
reachability information (NLRI). When PE devices receive multicast traffic from the EVPN core on a
multihomed Ethernet segment (ES), only the designated forwarder (DF) PE device forwards the traffic,
and the DF forwards the traffic only to interested receivers (selective multicast forwarding) based on
IGMP snooping reports and BGP EVPN Type 7 routes. PE devices serving single-homed receivers also
use selective multicast forwarding based on IGMP snooping reports to forward the traffic only to
interested receivers, conserving network bandwidth.
All PE devices perform inclusive multicast forwarding using ingress replication to forward multicast traffic
into the EVPN core to reach all remote PE devices. Multicast traffic at Layer 3 is routed between bridge
domains or VLANs using IRB interfaces.
This feature is supported with multiple EVIs, multicast sources and receivers on the same or different
sites, and IGMP snooping in proxy mode only.
91
To enable IGMP snooping on PE devices in an EVPN instance, include the igmp-snooping proxy statement
at the [edit routing-instances routing-instance-name protocols] or the [edit routing-instances
routing-instance-name bridge-domain bridge-domain-name protocols] hierarchy level.
For inter-VLAN multicast forwarding, PIM distributed DR (PIM DDR) mode must be enabled on all
participating IRBs.
EVPN and IGMP snooping operational mode commands can be used to view information learned from
IGMP snooping messages or EVPN Type 7 and Type 8 messages.
[See Overview of Multicast Forwarding with IGMP Snooping in an EVPN-MPLS Environment.]
•
NOTE: This feature is documented but not supported in Junos OS Release 18.2R1
Support for mLDP P2MP tunnels with EVPN for BUM traffic (MX Series and vMX)—Although present
in the code, the ability to configure and signal a P2MP LSP for the EVPN inclusive provider tunnel for
BUM traffic is not supported in Junos OS Release 18.2R1. P2MP LSPs manages efficient core bandwidth
utilization because it uses multicast replication only at the required nodes instead of ingress replication
at the ingress PE node.
Support for OSPF, IS-IS, BGP, and static routing on IRB interfaces in EVPN-VXLAN networks (MX
•
Series and vMX)—Starting in Junos OS Release 18.2R1, you can configure OSPF, IS-IS, BGP, and static
routing with bidirectional forwarding detection (BFD) on an IRB interface that is used as a routed interface
in EVPN. This allows protocol adjacencies to be established between an IRB on a Layer 3 gateway and
a CE device connected directly to a Layer 3 gateway or to a Layer 2 leaf device in an EVPN-VXLAN
network.
[See Supported Protocols on an IRB Interface in EVPN-VXLAN .]
Support for groupVPN failover to backup router (MX Series and vMX)—Group VPN is a trusted group
•
to eliminate point-to-point tunnels and their associated overlay routing. All group members share a
common security association (SA), known as a group SA (GSA). The GSA enables group members to
decrypt traffic that was encrypted by any other group member. Starting in Junos OS Release 18.2R1,
Junos OS confirms the Group VPN redundancy with service redundancy daemon running on MX Series
routers. MX Series routers with redundancy between them act as Group VPN members.
Support for passing of traffic during a policy mismatch between key server and group member (MX
•
Series and vMX)—Currently, packets that do not match the traffic policy provided by the group key
server are dropped by default. Starting in Junos OS Release 18.2R1, you have an option to change the
default behavior to disable encryption and forward the packets instead of dropping them.
You can configure the forward-policy-mismatch within the group vpn object configuration to enable
the support for forwarding policy-mismatched packets at the [edit security group-vpn member ipsec]
hierarchy level.
92
•
NOTE: This feature is documented but not supported in Junos OS Release 18.2R1
EVPN P2MP bud router support (MX Series and vMX)—Starting in Junos OS Release 18.2R1, Junos OS
supports configuring a point-to-multipoint (P2MP) label switched path (LSP) as a provider tunnel on a
bud router. The bud router functions both as an egress router and a transit router.
To enable a bud router to support P2MP LSP, include the evpn p2mp-bud-support statement at the
[edit routing-instances routing-instance-name protocols evpn] hierarchy level.
[See Configuring Bud Node Support]
Flow-Based and Packet-Based Processing
Support for inline flow monitoring (MX10008)—Starting in Junos OS Release 18.2R1, Junos OS supports
•
inline active flow monitoring. Inline active flow monitoring supports version 9 and IPFIX flow collection
templates. Version 9 template is supported for IPv4, IPv6, MPLS, and MPLS-IPv4. IPFIX template is
supported for IPv4, IPv6, MPLS, MPLS-IPv4, and VPLS flows. Both IPFIX and version 9 templates use
UDP as the transport protocol.
[See Inline Active Flow Monitoring.]
High Availability (HA) and Resiliency
Resiliency support for JNP10K-LC2101 MPC (MX10008)—Starting in Junos OS Release 18.2R1, resiliency
•
support is enabled for JNP10K-LC2101 MPC on MX10008 routers.
Interfaces and Chassis
Enhancement to increase the threshold of corrected single-bit errors (MPC7E, MPC8E, MPC9E on MX
•
Series)—In Junos OS Release 18.2R1, the threshold of corrected single-bit errors is increased from 32
to 1024, and the alarm severity is changed from Major to Minor for those error messages. There is no
operational impact upon corrected single-bit errors. Also, a log message is added to display how many
single-bit errors have been corrected between the reported events as follows:
93
EA[0:0]: HMCIF Rx: Link0: Corrected single bit errordetected in HMC 0 - Total count 25
EA[0:0]: HMCIF Rx: Link0: Corrected single bit errordetected in HMC 0 - Total count 26
[See Alarm Overview.]
Fabric management support (MX10008)—Starting in Junos OS Release 18.2R1, fabric management is
•
supported on MX10008 routers. The fabric architecture of MX10008 routers consists of six Switch
Fabric Boards (SFBs). The MX10008 MPC has six Packet Forwarding Engines, each having 24 connections
to the fabric (24 fabric planes, or 4 connections per SFB). The MX10008 will have 24 planes active when
all the six SFBs are populated. However, in case of a failure of one SFB, line rate can still be achieved
with 20 planes (that is, a minimum of five SFBs are required to achieve line rate). The fabric supports a
link speed of 25 Gbps. Fabric management involves training the fabric links, monitoring the links, and
collecting fabric statistics. The MX10008 also supports fabric hardening.
[See Fabric Plane Management on JNP10K-LC2101 Overview]
Support for FRU control, power management, and environmental monitoring (MX10008)—Starting
•
with Junos OS Release 18.2R1, Junos OS chassis management software for MX10008 routers with
JNP10K-LC2101 MPC provides enhanced environmental monitoring and FRU control. MX10008 has a
pair of Routing Engines, which support virtualization. Each Routing Engine board is a single FRU. All
FRUs including Routing Engines, Packet Forwarding Engines, interfaces, power supplies, and fan trays
are upgradable. The MX10008 chassis supports two kinds of power supply modules (PSM)—a DC PSM
and an AC PSM. The AC PSM delivers 2700 W of power, while the DC PSM delivers 2500 W. The
MX10008 cooling system contains two fan trays, with 11 fans in each fan tray. MX10008 supports
temperature thresholds for each temperature sensor, which enables the router to precisely control the
cooling, raise alarms, and shut down a FRU. The router also supports preserving power-on sequence for
the FPCs.
[See Understanding How Dynamic Power Management Enables Better Utilization of Power.]
Support for inline Two-Way Active Measurement Protocol (TWAMP) server and client on MX10008—
•
Starting in Junos OS Release 18.2R1, Mx10008 router with MPC7E cards support the inline Two-Way
Active Measurement Protocol (TWAMP) control-client and server for transmission of TWAMP IPv4
UDP probes between the session-sender (control-client) and the session-reflector (server). The TWAMP
control-client and server can also work with a third-party server and control-client implementation.
TWAMP is an open protocol for measuring network performance between any two devices that support
TWAMP. To configure the TWAMP server, specify the logical interface on the service PIC that provides
the TWAMP service by including the twamp-server statement at the: [edit interfaces si-fpc/pic/ port
unit logical-unit-number rpm] hierarchy level.
To configure the TWAMP client, include the twamp-client statement at the: [edit interfaces si-fpc/pic/
port unit logical-unit-number rpm] hierarchy level.
[See Understanding Two-Way Active Measurement Protocol on Routers.]
94
Software support for MX10008—Starting in Junos OS Release 18.2R1, MX10008 routers support the
•
following software features:
Class of services (CoS)—Helps prioritize packets to avoid random loss of data when a network
•
experiences congestion and delay.
Tunneling and encryption—Encapsulates arbitrary packets inside a transport protocol; and thereby
•
provides a private, secure path through an otherwise public network.
Firewall filters—Provide rules that define whether to accept or discard packets that are transiting an
•
interface.
Port mirroring—Enables you to analyze traffic on routers and switches that, unlike hubs, do not broadcast
•
packets to every port on the destination device.
OpenConfig—Supports the use of vendor-neutral data models to configure and manage the network.
•
Detection of wedge condition—Detects several types of wedge conditions. A wedge condition is
•
caused by an error that blocks network traffic.
Junos Telemetry Interface (JTI)—Enables you to provision sensors to collect and export data for various
•
system resources, such as physical interfaces and firewall filters.
Limited encryption Junos OS image and boot restriction (MX2008 )—Starting with Junos OS Release
•
18.2R1, the MX2008 routers with the Routing Engines REMX2008-X8-64G-LT support only the Junos
Limited image. The Junos Limited image does not have data-plane encryption and is intended only for
countries in the Eurasian Customs Union because these countries have import restrictions on software
containing data-plane encryption. Unlike the Junos Worldwide image, the Junos Limited image supports
control-plane encryption through SSH and SSL, thus allowing secure management of the system. The
Routing Engines are restricted to boot only the Junos Limited image.
[See Junos OS Editions.]
Support for secure boot and upgraded SSD size and RAM size (MX2008)—Starting in Junos OS Release
•
18.2R1, a significant system security enhancement, secure boot, has been introduced. The Secure Boot
implementation is based on the UEFI 2.4 standard. The BIOS has been hardened and serves as a core
root of trust. The BIOS updates, the boot loader, and the kernel are cryptographically protected. No
action is required to implement secure boot.
The SSD size and the RAM size of the REMX2008-X8-128G-S Routing Engine is upgraded to 2x200-GB
and 128-GB, respectively.
[See Feature Explorer and enter Secure Boot.]
Upgraded SSD size and RAM size on the REMX200-8-X8-128G-S Routing Engine (MX2008)— Starting
•
in Junos OS Release 18.2R1, the SSD size and the RAM size of the REMX2008-X8-128G-S Routing
Engine are upgraded to 2x200-GB and 128-GB, respectively. The increased SSD size facilitates increased
storage of core and log files.
[See Salient Features of the Routing Engines with VM Host Support.]
Support for 240-V high-voltage DC (HVDC) PSMs and PDMs (MX2008, MX2010, MX2020)—Starting
•
in Junos OS Release 18.2R1, Junos OS supports 240-V HVDC power supply modules (PSMs; model
number: MX2K-PSM-DC-240V) and power distribution modules (PDMs; model number:
MX2K-PDM-DC-240V) on the MX2000 line of routers. The PDM supplies 240-V HVDC power to each
PSM. The 240-V HVDC power supplies are similar in functionality and physical specifications to the
existing DC PSMs and PDMs supported on the MX2000 routers, except that the 240-V HVDC PSMs
and PDMs support 240-V input voltage feed. The 240-V HVDC PSMs and PDMs are supported in HVDC
environments that support an input voltage range of 190 VDC through 290 VDC.
95
Support for PTP over Ethernet and hybrid mode over link aggregation group (MX240, MX480, MX960,
•
MX2010, MX2020)—Starting in Junos OS Release 18.2R1, the MPC5E and MPC6E line cards support
Precision Time Protocol (PTP) over Ethernet and hybrid mode over a link aggregation group (LAG).
Link aggregation is a mechanism of combining multiple physical links into a single virtual link to achieve
linear increase in bandwidth and to provide redundancy in case a link fails. The virtual link is referred to
as an aggregated Ethernet interface or a LAG.
[ See Precision Time Protocol Overview]
Junos Telemetry Interface
Streaming OpenConfig data from Routing Engine (RE) sensors over UDP in protobuf format (MX)–Starting
•
in Junos OS Release 18.2R1, you can stream OpenConfig-based sensor data from Routing Engine sensors
using the Junos Telemetry Interface (JTI). This allows you to stream the OpenConfig sensor data in
gRPC/protobuf format rather than in key/value pairs. This makes the messages smaller and is more
efficient.
[See Overview of the Junos Telemetry Interface.]
•
Routing Engine state sensors for the Junos Telemetry Interface (MX Series)—Starting with Junos OS
Release 18.2R1, you can export statistics for the Routing Engine state through the Junos Telemetry
Interface using the following resource paths:
/junos/kernel-ifstate/stats/churn-rate
•
/junos/kernel-ifstate/stats/peer-consumption-rate
•
/junos/kernel-ifstate/stats/vetos-statistics
•
Only gRPC streaming is supported.
96
To provision the sensor to export data through gRPC, use the telemetrySubscribe RPC to specify
telemetry parameters. Streaming telemetry data through gRPC also requires you to download the
OpenConfig for Junos OS module.
Support for the Junos Telemetry Interface was introduced on QFX10000 and QFX5200 switches in
Junos OS Release 17.2R1.
[See Guidelines for gRPC Sensors (Junos Telemetry Interface).]
Expanded ON_CHANGE support for Junos Telemetry Interface (JTI) (MX Series)—Starting with Junos
•
OS Release 18.2R1, OpenConfig support through remote procedure call (RPC) and JTI is extended to
support additional ON_CHANGE sensors.
Periodical streaming of OpenConfig operational states and counters collects information at regular
intervals. ON_CHANGE support streams operational states as events (only when there is a change), and
is preferred over periodic streaming for time-sensitive missions.
These paths, previously supporting periodical streaming only, now also support ON_CHANGE streaming:
/interfaces/interface/state/admin-status
•
/interfaces/interface/state/description
•
/interfaces/interface/state/oper-status
•
/interfaces/interface/subinterfaces/subinterface/state/admin-status
•
/interfaces/interface/subinterfaces/subinterface/state/description
•
/interfaces/interface/subinterfaces/subinterface/state/oper-status
•
/interfaces/interface/subinterfaces/subinterface/state/ifIndex
•
/interfaces/interface/subinterfaces/subinterface/state/index
•
/interfaces/interface/subinterfaces/subinterface/state/name
•
These resource paths from the preceding list do not change with an event, but will be streamed on
creation and deletion:
/interfaces/interface/subinterfaces/subinterface/state/ifIndex
•
/interfaces/interface/subinterfaces/subinterface/state/index
•
/interfaces/interface/subinterfaces/subinterface/state/name
•
To provision a sensor to export data through gRPC, use the telemetrySubscribe RPC to specify telemetry
parameters. Streaming telemetry data through gRPC also requires you to download the OpenConfig for
Junos OS module.
To enable ON_CHANGE support, configure the sample frequency in the subscription as zero. When you
create a subscription using a top-level container as the resource path (for example, /interface), leaf
devices under the resource path /interface with ON_CHANGE support are automatically streamed based
on events. Other leaf devices will not be streamed.
97
Before events are streamed, there is an initial stream of states to the collector, followed by an
END_OF_INITIAL_SYNC. This notice signals the start of event streaming.
[See Understanding OpenConfig and gRPC on Junos Telemetry Interface and Guidelines for gRPC Sensors
(Junos Telemetry Interface).]
J-Insight Device Monitor (MX240, MX480, MX960, MX2008, MX2010, MX2020, MX10003, MX10008,
•
and vMX)–J-Insight is a data-driven device monitoring solution that provides visibility and insight into
the health of a running system. Starting with Junos OS Release 18.2R1, the J-Insight framework facilitates
real-time monitoring of system resources for FPC FRUs. It also has been integrated with the existing
connectivity error management infrastructure to normalize error detection, monitoring, and reporting.
J-Insight is an on-premise system application that uses the Junos Telemetry Interface to continuously
collect data that is reflective of the current state and health of the device component being monitored.
[See J-Insight Device Monitor Overview.]
Service set and sessions support for Junos Telemetry Interface (JTI) (MX Series with MS-MICs and
•
MS-MPCs)—Starting with Junos OS Release 18.2R1, you can export service set and sessions statistics.
These sensors provide visibility for IPsec services on different service complexes and nodes.
Exported data is defined using an IP address and a UDP port. When an export interval expires, the most
recent statistics collected by the sensors are gathered, placed in the payload of a UDP packet, and
forwarded to a collector. A timestamp indicating when counters are read is included with the exported
data to allow collectors to collate data. The timestamp also can determine if and when an event happened,
such as a PIC hardware restart or if counters were cleared by means of the CLI.
The following paths are supported:
/junos/services/spu/servicesets/
•
/junos/services/spu/sessions/
•
For streaming statistics through UDP, all parameters are configured at the [edit services analytics]
hierarchy level.
[See sensor and Configuring a Junos Telemetry Interface Sensor (CLI Procedure).]
Layer 2 Features
Support for Layer 2 and Layer 3 features (MX10008)—Starting in Junos OS Release 18.2R1, MX10008
•
routers support the following Layer 2 and Layer 3 features:
Layer 2 protocols including Layer 2 Ethernet OAM and virtual private LAN service (VPLS)
•
Integrated routing and bridging (IRB)
•
Multichassis link aggregation groups (MC-LAGs)
•
Layer 3 routing protocols and MPLS
•
Inline BFD
•
Multicast
•
98
[See Layer 2 and Layer 3 Features on MX Series Routers]
Layer 3 Features
Multipoint support for ATM MIC with SFP (MX Series routers with MPCs and ATM MIC with
•
SFP)—Starting in Junos OS Release 18.2R1, MX Series routers with an ATM MIC (model number
MIC-3D-8OC3-2OC12-ATM) with SFP can communicate with multiple devices through ATM links. With
this multipoint support feature, ATM MIC can communicate with multiple Layer 3 peers in the ATM
network. In earlier Junos OS releases, the ATM MIC communicates only with one Layer 3 peer.
On an ATM MIC, the following configurations are required for multipoint support:
Configure the multipoint option at the [edit interfaces interface-name unit logical-unit-number] hierarchy
•
level to communicate with multiple Layer 3 peers on ATM interface.
Configure the multipoint-destination option with its corresponding vci at the [edit interfaces
•
interface-name unit logical-unit-number family family address address] hierarchy to enable multipoint
support on ATM interface.
The Inverse-arp configuration option is an optional configuration to enable inverse ARP for
multipoint-destination at the [edit interfaces at-fpc/pic/port unit logical-unit-number family family
address address multipoint-destination address] hierarchy level. Only responding to inverse ARP
request is supported. Generation of Inverse ARP is not supported.
[See Configuring a Point-to-Multipoint Connection on ATM MICs.]
MPLS
Interoperability of segment routing with LDP (MX Series)—In an LDP network with gradual deployment
•
of segment routing, some devices may not support segment routing, which can cause interoperability
Loading...