Junos OS 18.2R1 User Manual

Release
Published
2021-02-05
Notes
Junos®OS 18.2R1 Release Notes

SUPPORTED ON

ACX Series, EX Series, Junos Fusion Enterprise, Junos Fusion Provider Edge, MX Series,
NFX Series, PTX Series, QFX Series, and SRX Series
HARDWARE HIGHLIGHTS
Support for xDSL SFP module (NFX Series)
Support for QFX10000-30C-M line card channelization (QFX10008, QFX10016)
SOFTWARE HIGHLIGHTS
Support for VPWS with EVPN signaling mechanisms and flexible cross connect (ACX5448)
Support for virtualization (ACX5448)
Support for 48x1/10GE and 4x100GE interface ports (ACX5448)
Support for Layer 2 features (ACX5448)
Support for Layer 3 features (ACX5448)
Support for NSR and ISSU for point-to-multipoint LSP for EVPN provider tunnel (EX9200)
Support for excluding the overhead bytes from queue statistics (MX Series)
Support for OSPF, IS-IS, BGP, and static routing on IRB interfaces in EVPN-VXLAN networks
(MX Series, vMX)
Support for unified ISSU (MX10003)
Support for PTP over Ethernet and hybrid mode over link aggregation group (MX Series)
Support for ON_CHANGE expansion for Junos Telemetry Interface (JTI) (MX Series)
Support for local authentication and authorization for subscribers (MX Series)
Support for DHCP short-cycle protection to reduce excess loading (MX Series)
Support for global range setting for initial router advertisement intervals (MX Series)
Support for security features (NFX Series)
Support for vMX VNF (NFX250-S1, NFX250-S2)
Support for J-Insight device monitor (MX Series, vMX, and “PTX Series”)
Support for client link-layer address option 79 for DHCPv6 (QFX Series)
Support for zero touch provisioning (QFX10008, QFX10016)
Support for advanced policy-based routing (APBR) policy (SRX Series, vSRX)
Support for advanced features for logical systems (SRX Series, vSRX)
Support for TWAMP ALG traffic (SRX Series)
Support for unified policies (SRX Series, vSRX)
Release Notes: Junos®OS Release 18.2R1 for
the ACX Series, EX Series, MX Series, NFX
Series, PTX Series, QFX Series, SRX Series, and
Junos Fusion
1
05 February 2021

Contents

Introduction | 13
Junos OS Release Notes for ACX Series | 13
New and Changed Features | 14
Hardware | 15
Authentication Access Control | 15
Class of Service | 16
Dynamic Host Configuration Protocol | 16
EVPN | 16
General Routing | 17
Routing Policy and Firewall Filters | 19
Interfaces and Chassis | 19
Layer 2 Features | 19
Layer 3 Features | 21
Management | 21
MPLS | 21
Multicast | 22
Routing Protocols | 23
Security | 23
Software Installation and Upgrade | 23
Timing and Synchronization | 24
Changes in Behavior and Syntax | 25
High Availability (HA) and Resiliency | 25
Junos XML API and Scripting | 25
Layer 3 Features | 25
Known Behavior | 26
Known Issues | 26
Class of Service | 27
DHCP | 27
IGMP Snooping | 28
Timing and Synchronization | 28
Resolved Issues | 28
Documentation Updates | 29
Migration, Upgrade, and Downgrade Instructions | 29
2
Upgrade and Downgrade Support Policy for Junos OS Releases | 30
Product Compatibility | 30
Hardware Compatibility | 31
Junos OS Release Notes for EX Series Switches | 32
New and Changed Features | 32
Hardware | 33
Authentication, Access Control | 34
Authentication, Authorization, and Accounting (AAA) | 35
Class of Service (CoS) | 35
Dynamic Host Configuration Protocol (DHCP) | 35
EVPN | 35
Interfaces and Chassis | 38
Layer 2 Features | 39
Operation, Administration, and Maintenance (OAM) | 40
Port Security | 40
Restoration Procedures Failure | 43
Software Installation and Upgrade | 43
Software Licensing | 43
System Management | 44
User Interface and Configuration | 44
Virtual Chassis | 44
Changes in Behavior and Syntax | 45
EVPN | 47
High Availability (HA) and Resiliency | 47
Interfaces and Chassis | 47
Junos OS XML, API, and Scripting | 47
Junos Telemetry Interface | 47
Layer 2 Features | 48
Multicast | 48
Network Management and Monitoring | 48
Software Installation and Upgrade | 48
User Interface and Configuration | 49
Known Behavior | 50
General Routing | 50
3
Known Issues | 51
Authentication and Access Control | 51
General Routing | 51
High Availability (HA) and Resiliency | 52
Infrastructure | 52
Platform and Infrastructure | 52
Resolved Issues | 53
Forwarding and Sampling | 53
General Routing | 53
Interfaces and Chassis | 54
Layer 2 Features | 54
Layer 2 Ethernet Services | 54
MPLS | 54
Platform and Infrastructure | 54
Documentation Updates | 55
Migration, Upgrade, and Downgrade Instructions | 55
Upgrade and Downgrade Support Policy for Junos OS Releases | 56
Product Compatibility | 57
Hardware Compatibility | 57
Junos OS Release Notes for Junos Fusion Enterprise | 58
New and Changed Features | 58
Junos Fusion Enterprise | 59
Changes in Behavior and Syntax | 60
High Availability (HA) and Resiliency | 60
Known Behavior | 60
Junos Fusion Enterprise | 61
Known Issues | 61
Junos Fusion Enterprise | 62
Resolved Issues | 62
Resolved Issues: 18.2R1 | 62
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63
Basic Procedure for Upgrading Junos OS on an Aggregation Device | 64
4
Upgrading an Aggregation Device with Redundant Routing Engines | 66
Preparing the Switch for Satellite Device Conversion | 66
Converting a Satellite Device to a Standalone Switch | 68
Upgrade and Downgrade Support Policy for Junos OS Releases | 68
Downgrading from Junos OS Release 18.2 | 68
Product Compatibility | 69
Hardware and Software Compatibility | 69
Hardware Compatibility Tool | 69
Junos OS Release Notes for Junos Fusion Provider Edge | 70
New and Changed Features | 70
Changes in Behavior and Syntax | 71
High Availability (HA) and Resiliency | 71
Known Behavior | 72
Junos Fusion | 72
Known Issues | 73
Junos Fusion | 73
Resolved Issues | 74
Class of Service (CoS) | 74
Junos Fusion | 74
Documentation Updates | 75
Migration, Upgrade, and Downgrade Instructions | 75
Basic Procedure for Upgrading an Aggregation Device | 76
Upgrading an Aggregation Device with Redundant Routing Engines | 78
Preparing the Switch for Satellite Device Conversion | 79
Converting a Satellite Device to a Standalone Device | 80
Upgrading an Aggregation Device | 83
Upgrade and Downgrade Support Policy for Junos OS Releases | 83
Downgrading from Release 18.2 | 83
Product Compatibility | 84
Hardware Compatibility | 84
Junos OS Release Notes for MX Series 5G Universal Routing Platforms | 85
New and Changed Features | 86
Release 18.2R1-S4 New and Changed Features | 86
Release 18.2R1-S2 New and Changed Features | 86
5
Release 18.2R1 New and Changed Features | 87
Changes in Behavior and Syntax | 107
EVPN | 107
General Routing | 108
High Availability (HA) and Resiliency | 109
Interfaces and Chassis | 109
Junos OS XML API and Scripting | 109
Junos Telemetry Interface | 109
MPLS | 109
Network Management and Monitoring | 110
Software Installation and Upgrade | 110
Subscriber Management and Services | 111
User Interface and Configuration | 111
Known Behavior | 112
General Routing | 113
EVPN | 114
Forwarding and Sampling | 114
Interfaces and Chassis | 114
Routing Protocols | 115
Services Applications | 115
Known Issues | 116
EVPN | 116
Forwarding and Sampling | 117
General Routing | 118
Infrastructure | 121
Interfaces and Chassis | 122
Layer 2 Features | 122
MPLS | 122
Network Management and Monitoring | 123
Platform and Infrastructure | 123
Routing Protocols | 124
Resolved Issues | 125
Application Layer Gateways (ALGs) | 126
Class of Service (CoS) | 126
6
EVPN | 126
Forwarding and Sampling | 127
General Routing | 127
High Availability (HA) and Resiliency | 135
Infrastructure | 136
Interfaces and Chassis | 136
Layer 2 Ethernet Services | 137
Layer 2 Features | 137
MPLS | 137
Network Management and Monitoring | 138
Platform and Infrastructure | 138
Routing Policy and Firewall Filters | 140
Routing Protocols | 140
Services Applications | 142
Software Installation and Upgrade | 143
Subscriber Access Management | 143
User Interface and Configuration | 143
VPNs | 143
Documentation Updates | 144
Migration, Upgrade, and Downgrade Instructions | 144
Basic Procedure for Upgrading to Release 18.2 | 145
Procedure to Upgrade to FreeBSD 11.x based Junos OS | 146
Procedure to Upgrade to FreeBSD 6.x based Junos OS | 148
Upgrade and Downgrade Support Policy for Junos OS Releases | 150
Upgrading a Router with Redundant Routing Engines | 150
Downgrading from Release 18.2 | 151
Product Compatibility | 151
Hardware Compatibility | 151
Junos OS Release Notes for NFX Series | 152
New and Changed Features | 153
Hardware | 154
Advanced Policy-Based Routing (APBR) | 154
Security | 154
7
Virtual Network Functions | 154
Changes in Behavior and Syntax | 155
High Availability (HA) and Resiliency | 155
Known Behavior | 156
Allocation of hugepages | 156
Known Issues | 156
BIOS Upgrade | 157
Resolved Issues | 157
Resolved Issues: 18.2R1 | 158
Documentation Updates | 158
Migration, Upgrade, and Downgrade Instructions | 159
Upgrade and Downgrade Support Policy for Junos OS Releases | 159
Basic Procedure for Upgrading to Release 18.2 | 159
Product Compatibility | 161
Hardware Compatibility | 161
Software Version Compatibility | 161
Junos OS Release Notes for PTX Series Packet Transport Routers | 164
New and Changed Features | 164
Hardware | 165
Class of Service (CoS) | 166
High Availability (HA) and Resiliency | 166
Interfaces and Chassis | 166
Junos Telemetry Interface | 167
Layer 3 Features | 168
MPLS | 169
Multicast | 170
Network Management and Monitoring | 171
Operation, Administration, and Maintenance (OAM) | 172
Routing Policy and Firewall Filters | 172
Services Applications | 172
Software Installation and Upgrade | 173
System Management | 173
Changes in Behavior and Syntax | 175
High Availability (HA) and Resiliency | 175
8
Interfaces and Chassis | 175
Junos OS XML API and Scripting | 177
Junos Telemetry Interface | 177
Network Management and Monitoring | 177
Software Installation and Upgrade | 177
Known Behavior | 178
General Routing | 179
Infrastructure | 180
Interfaces and Chassis | 180
Known Issues | 181
General Routing | 181
Infrastructure | 182
Interfaces and Chassis | 183
MPLS | 183
Platform and Infrastructure | 183
Resolved Issues | 184
General Routing | 184
Infrastructure | 186
Interfaces and Chassis | 186
MPLS | 186
Platform and Infrastructure | 186
Routing Protocols | 187
Documentation Updates | 187
Migration, Upgrade, and Downgrade Instructions | 188
Upgrade and Downgrade Support Policy for Junos OS Releases | 188
Upgrading a Router with Redundant Routing Engines | 188
Basic Procedure for Upgrading to Release 18.2 | 189
Installing the Software on PTX10002-60C Routers | 193
Product Compatibility | 194
Hardware Compatibility | 194
Junos OS Release Notes for the QFX Series | 195
New and Changed Features | 195
Hardware | 196
Authentication Access Control | 196
9
EVPN | 197
Junos Telemetry Interface | 199
Port Security | 200
Restoration Procedures Failure | 201
Routing Protocols | 201
Security | 201
Software Installation and Upgrade | 201
System Management | 202
VLAN Infrastructure | 203
Changes in Behavior and Syntax | 203
High Availability (HA) and Resiliency | 205
Interfaces and Chassis | 205
Junos OS XML, API, and Scripting | 205
Junos Telemetry Interface | 205
Network Management and Monitoring | 205
Routing Policy and Firewall Filters | 206
Software Installation and Upgrade | 206
Known Behavior | 207
General Routing | 207
EVPN | 209
Interfaces and Chassis | 209
Layer 2 Features | 209
Routing Protocols | 209
Virtual Chassis | 210
Known Issues | 210
EVPN | 211
General Routing | 212
Interfaces and Chassis | 214
Layer 2 Features | 214
MPLS | 214
Platform and Infrastructure | 214
Routing Protocols | 215
Resolved Issues | 216
EVPN | 216
10
General Routing | 217
Interfaces and Chassis | 220
Junos Fusion Satellite Software | 220
Layer 2 Features | 220
MPLS | 221
Multicast | 221
Platform and Infrastructure | 221
Routing Protocols | 221
Documentation Updates | 222
Migration, Upgrade, and Downgrade Instructions | 223
Upgrading Software on QFX Series Switches | 223
Installing the Software on QFX10002-60C Switches | 226
Installing the Software on QFX10002 Switches | 226
Upgrading Software from Junos OS Release 15.1X53-D3X to Junos OS Release
15.1X53-D60, 15.1X53-D61.7, 15.1X53-D62, and 15.1X53-D63 on QFX10008 and QFX10016 Switches | 227
Installing the Software on QFX10008 and QFX10016 Switches | 229
Performing a Unified ISSU | 233
Preparing the Switch for Software Installation | 234
Upgrading the Software Using Unified ISSU | 234
Upgrade and Downgrade Support Policy for Junos OS Releases | 236
Product Compatibility | 237
Hardware Compatibility | 237
Junos OS Release Notes for SRX Series | 238
New and Changed Features | 239
Release 18.2R1-S3 New and Changed Features | 240
Release 18.2R1-S1 New and Changed Features | 240
Release 18.2R1 New and Changed Features | 242
Changes in Behavior and Syntax | 249
API and Scripting | 250
Application Security | 250
Attack Detection and Prevention (ADP) | 252
Authentication and Access | 252
Chassis Cluster | 252
Ethernet Switching | 253
11
High Availability (HA) and Resiliency | 253
Interfaces and Chassis | 253
IDP | 253
Routing Protocols | 253
Security | 253
User Interface and Configuration | 254
UTM | 255
Known Behavior | 256
Chassis Cluster | 256
Interfaces and Chassis | 256
J-Web | 257
Network Management and Monitoring | 257
User Interface and Configuration | 257
Known Issues | 258
Application Layer Gateways (ALGs) | 258
Flow-Based and Packet-Based Processing | 258
Platform and Infrastructure | 258
Routing Policy and Firewall Filters | 259
Routing Protocols | 259
VPN | 259
Resolved Issues | 260
Application Layer Gateways (ALGs) | 260
Authentication and Access Control | 261
Chassis Clustering | 261
Class of Service (CoS) | 261
Flow-Based and Packet-Based Processing | 261
Intrusion Detection and Prevention (IDP) | 262
J-Web | 262
Layer 2 Ethernet Services | 262
Network Address Translation (NAT) | 262
Platform and Infrastructure | 262
Routing Policy and Firewall Filters | 263
Routing Protocols | 263
Unified Threat Management (UTM) | 264
12
VLAN Infrastructure | 264
VPN | 264
Documentation Updates | 264
Migration, Upgrade, and Downgrade Instructions | 265
Upgrade and Downgrade SupportPolicy for Junos OS Releases and Extended End-Of-Life
Releases | 265
Product Compatibility | 266
Hardware Compatibility | 266
Upgrading Using ISSU | 267
Compliance Advisor | 267
Finding More Information | 267
Documentation Feedback | 268
Requesting Technical Support | 269
Self-Help Online Tools and Resources | 269
Opening a Case with JTAC | 269
Revision History | 270

Introduction

Junos OS runs on the following Juniper Networks®hardware: ACX Series, EX Series, M Series, MX Series,
NFX Series, PTX Series, QFabric systems, QFX Series, SRX Series, T Series, and Junos Fusion.
These release notes accompany Junos OS Release 18.2R1 for the ACX Series, EX Series, MX Series, NFX Series, PTX Series, QFX Series, SRX Series, and Junos Fusion. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.
NOTE: The recommended release for Junos Fusion Data Center is 18.1R2-S2. The subsequent
18.xRx mainline releases (18.2, 18.3, and 18.4) do not support Junos Fusion Data Center.
13

Junos OS Release Notes for ACX Series

IN THIS SECTION
New and Changed Features | 14
Changes in Behavior and Syntax | 25
Known Behavior | 26
Known Issues | 26
Resolved Issues | 28
Documentation Updates | 29
Migration, Upgrade, and Downgrade Instructions | 29
Product Compatibility | 30
These release notes accompany Junos OS Release 18.2R1 for the ACX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

New and Changed Features

IN THIS SECTION
Hardware | 15
Authentication Access Control | 15
Class of Service | 16
Dynamic Host Configuration Protocol | 16
EVPN | 16
General Routing | 17
Routing Policy and Firewall Filters | 19
Interfaces and Chassis | 19
Layer 2 Features | 19
Layer 3 Features | 21
14
Management | 21
MPLS | 21
Multicast | 22
Routing Protocols | 23
Security | 23
Software Installation and Upgrade | 23
Timing and Synchronization | 24
This section describes the features and enhancements in Junos OS Release 18.2R1 for ACX Series Universal Metro Routers.

Hardware

New ACX5448 Universal Metro Routers—Starting with Junos OS Release 18.2R1, the ACX5448 Universal
Metro Routers are available as Juniper Networks’ top-of-rack router solutions for data centers and campus distribution or aggregation environments. The ACX5448 router portfolio consists of high-performance fixed-configuration routers that add higher port densities, additional scalability, and improved latency to the ACX Series. The ACX5448 routers offers a compact 1U model that provides wire-speed packet performance, very low latency, and a rich set of Layer 2 and Layer 3 features. The router has a high-throughput Packet Forwarding Engine, and the performance of the control-plane running on ACX5448 router is enhanced by the 1.9 Ghz six-core Intel CPU with 32 GB of memory and two 100 GB of solid-state drive (SSD) storage.
The ACX5448 is a 10-Gigabit Ethernet enhanced small form-factor pluggable (SFP+) top-of-rack router with 48 SFP+ ports, and four 100-Gigabit Ethernet QSFP28 ports. Each SFP+ port can operate as a native 10-Gigabit Ethernet port, or as a 1-Gigabit Ethernet port when 1-Gigabit optics are inserted.
The ACX5448 is shipped with redundant fans and redundant power supplies. The router can be ordered with front-to-back airflow (air out or AFO), or back-to-front airflow (air in or AFI), and with AC or DC power supplies.
15

Authentication Access Control

Enhancement to NTP authentication method (ACX500, ACX1100)— Starting in Junos OS Release
18.2R1, Junos OS supports NTP authentication for both SHA-1 and SHA2-256, in addition to the existing NTP authentication method, MD5. You can now choose from among MD5, SHA-1, and SHA2-256 for synchronizing the clocks of Juniper Network routers, switches, and other security devices on the Internet. Using SHA-1 instead of MD5 improves the security of devices with very little impact to timing, while using SHA2-256 provides an increase in security over SHA-1.
NOTE: By default, network time synchronization is unauthenticated.
To implement authentication, use set authentication-key <key_number> type at the [edit system ntp] hierarchy level.
To enable SHA-1 authentication, use set authentication key <key_number> type sha1 value <password>
at the [edit system ntp] hierarchy level.
To enable SHA2-256 authentication, use set authentication key <key_number> type sha256 value
<password> at the [edit system ntp] hierarchy level.
See authentication-key and Configuring NTP Authentication Keys

Class of Service

Support for logical interface-based classification and rewrites (ACX5448)—Starting with Junos OS
Release 18.2R1, ACX5448 router supports configuring logical interface-based classification and rewrite rules. ACX5448 router supports fixed, behavior aggregate (IP precedence, DSCP, DSCP IPv6, MPLS EXP, IEEE-802.1p, IEEE-802.1ad (DEI bit)), and multifield classifiers.
See Classifiers and Rewrite Rules at the Global, Physical and Logical Interface Levels Overview
Support for port-based queueing, scheduling, and shaping (ACX5448)—Starting with Junos OS Release
18.2R1, ACX5448 router supports port-based queueing, scheduling, and shaping. You can configure up to eight queues (virtual output queues) per physical interface (port). Scheduling properties can be applied at both physical as well as logical interface levels. The egress scheduler supports two priority levels (strict-high and low). Multiple strict-high priority queues and multiple low (default) priority queues can be configured.
16
Schedulers and their associated shapers control the traffic bandwidth, jitter (delay variation), and packet loss priority at the egress of the device. By default a port on ACX5448 router gets a dedicated buffer of 100ms and shared buffer from DRAM. Delay buffer controls the latency of the queue during congestion and maximum number of packets that can be held in a queue. Default buffer size per port is 100ms.
See Understanding Schedulers Overview, Configuring Shared and Dedicated Buffer Memory Pools, and
Hierarchical Class of Service in ACX5000.

Dynamic Host Configuration Protocol

Support for DHCPv4 and DHCPv6 (ACX5448)—Starting with Junos OS Release 18.2R1, ACX5448 router
supports DHCP server, DHCP client, and DHCP relay configuration for IPv4 and IPv6 services. You can enable ACX5448 router to function as DHCP server and configure the DHCP server options on the router. The DHCP server provides an IP address and other configuration information in response to a client request. DHCP relay agent forwards DHCP request and reply packets between a DHCP client and a DHCP server.
See Extended DHCP Local Server Overview and See Extended DHCP Relay Agent Overview

EVPN

Support for VPWS with EVPN signaling mechanisms and flexible cross connect (ACX5448)—Starting
with Junos OS Release 18.2R1, the ACX5448 router supports VPWS with EVPN signaling mechanisms and flexible cross connect. The EVPN VPWS provides a framework for delivering the VPWS with EVPN signaling mechanisms. The VPWS with EVPN signaling mechanisms supports single-active or all-active multihoming capabilities and inter-autonomous system (AS) options associated with BGP-signaled VPNs.
The EVPN VPWS flexible cross connect addresses the label resource issue. The flexible cross-connect (FXC) service enables interoperability of access router that uses EVPN FXC VLAN-aware and VLAN-unaware FXC services. ACX5448 router do not support pseudowire services in EVPN VPWS flexible cross connect.
The following limitations apply:
Control word is not supported for EVPN VPWS services.
When VLAN maps are applied on the ccc-interfaces (UNI) for EVPN VPWS, only the following VLAN
map operations are applicable:
IFD Encap/ IFL-TYPE Input-MAP Output-Map
------------------------------------------------------------­ethernet-ccc unit 0; TC2 push-push pop-pop
vlan-ccc ST: vlan-id X swap-push .. DT: vlan-tags outer X inner Y TC1 pop-pop push-push TC4 swap-swap swap-swap
17
VLAN map with non-default TPIDs in the VLAN map operation is not supported.
Aggregated Ethernet interfaces with LAG interface for EVPN VPWS and EVPN VPWS FXC services
are not supported. However, for CE multihoming, the CE can have static-AE, and CE can multihome to the ACX5448 PE router (PE in non-AE/LAG).
See Overview of VPWS with EVPN Signaling Mechanisms

General Routing

Support for virtualization (ACX5448)—Starting with Junos OS Release 18.2R1, ACX5448 routers support
virtualization. Virtualization enables multiple instances of operating systems, called guests, to run concurrently on the host and share virtualized hardware resources. A guest is a virtual machine (VM) that runs on a hypervisor-based host and shares its resources. A host is a virtualized software whose hypervisor allows multiple guest VMs to run on it concurrently and share its resources. A VM can be an instance of Junos OS or any compatible third-party VM. Each VM runs its own operating system image and applications that can be different from that of another VM running on the same host. ACX5448 router supports only one Junos VM. You can use the following chassis management commands to manage the onboard FRUs:
show chassis hardware
show chassis temperature-thresholds
show chassis environment
show chassis alarms
ACX5448 router emulates one FPC with two PICs. One PIC represents the 48x1/10GE ports and other represents the 4x100GE ports. The show chassis hardware CLI command shows the FPC and PICs as built-in as shown in the following sample output:
user@host> show chassis hardware
Hardware inventory: Item Version Part number Serial number Description Chassis DA805 ACX5448 Midplane REV 13 750-065110 ACNP4346 ACX5448 Routing Engine BUILTIN BUILTIN Routing Engine RFEB FPC 0 BUILTIN BUILTIN FPC BUILTIN MIC 0 48x1GE/48x10GE PIC 0 BUILTIN BUILTIN 48x1GE/48x10GE MIC 1 24x10/25GE 6x40/100GE PIC 1 BUILTIN BUILTIN 24x10/25GE 6x40/100GE
18
NOTE: ACX5448 routers do not support request system software upgrade and request system
software rollback commands, instead you must use request vmhost CLI commands.
ACX5448 routers do not support:
Multiple guest VMs
Redundant Junos VMs
ISSU
10/100 Mbps copper SFPs
See Routing Engines with VM Host Support and Architecture of Routing Engines with VM Host Support

Routing Policy and Firewall Filters

Support for firewall filters and policers (ACX5448)—Starting with Junos OS Release 18.2R1, ACX5448
router supports configuring firewall filters on packets (families such as bridge domain, IPv4, IPv6, CCC, MPLS) based on packet match conditions. Along with the match conditions, actions such as count, discard, log, syslog, policer are performed on the packets that match the filter. You can configure policers and attach them to a firewall term.
See Standard Firewall Filter Match Conditions and Actions on ACX Series Routers Overview

Interfaces and Chassis

Support for 48x1/10GE and 4x100GE Interface Ports (ACX5448)—ACX5448 router has 48x1/10GE
interface ports and 4x100GE interface ports. The 48 ports on ACX5448 router can be configured as 1GE or 10GE modes and these ports are represented by xe interface type. The PIC 1 of FPC 0 has 4x100GE ports, where each port can be channelized as 1x100GE, or 1x40GE, or 4x25GE modes and these ports are represented by et interface type. By default, the port speed in PIC 1 is 100GE.
19
See Understanding Interfaces on ACX Series Universal Metro Routers

Layer 2 Features

Support for Layer 2 features (ACX5448)—Starting with Junos OS Release 18.2R1, ACX5448 router
supports the Layer 2 bridging, Q-in-Q tunneling, no-local switching, and Layer 2 protocol tunnel. A bridge domain is a set of logical interfaces that share the same flooding or broadcast characteristics. Layer 2 logical interfaces are created by defining one or more logical units on a physical interface with encapsulation as vlan-bridge and as ethernet-bridge. All the member ports of the bridge domain participate in Layer 2 learning and forwarding. These bridging features are used to configure E-LINE, E-LAN and E-TREE services. On ACX5448 router, you can configure bridge domains by using the following methods:
Bridge domain without a vlan-id number statement
Bridge domain with the vlan-id value set to none
Bridge domain with a single vlan-id
The Layer 2 Next Generation mode, also called Enhanced Layer 2 Software (ELS), is supported on ACX5448 router for configuring the Layer 2 features.
If no-local-switching is configured in a bridge domain, then traffic cannot flow between CE to CE interfaces. This includes known unicast/multicast, unknown unicast/multicast, and broadcast traffic. However, traffic can flow between CE to PE interfaces and between PE to PE interfaces.
Q-in-Q tunneling allows you to create a Layer 2 Ethernet connection between two customer sites. Providers can segregate different customers’ VLAN traffic on a link (for example, if the customers use overlapping VLAN IDs) or bundle different customer VLANs into a single service VLAN. Service providers
can use Q-in-Q tunneling to isolate customer traffic within a single site or to enable customer traffic flows across geographic locations.
Layer 2 protocol tunnel can be configured on the customer edge port using mac rewrite configuration. MAC rewrite is supported for the STP, CDP, VTP, LLDP, ELMI, 802.1x, 802.3ah, LACP, MMRP, MVRP protocol packets.
See Layer 2 Bridge Domains on ACX Series Overview, See Q-in-Q Tunneling on ACX Series Overview, and See Understanding Layer 2 Next Generation Mode on ACX Series Routers
Support for Layer 2 services (ACX5448)—Starting with Junos OS Release 18.2R1, ACX5448 router
supports configuring Layer 2 services such as RSTP, MSTP for loop resolutions, and storm control to monitor traffic levels and to drop broadcast, unknown unicast, and multicast (BUM) packets if they exceed the configured limit.
Storm control is applied on the following traffic types:
Layer 2 multicast packets
Layer 2 unregistered multicast packets
20
Layer 2 registered multicast packets
On ACX5448 router, storm control is only applicable at the physical interface level. No event will be logged when a traffic storm hits an ACX5448 router. Also interfaces will not be bound to any default profile. The default action is to drop the packets exceeding the configured bandwidth.
See Storm Control on ACX Series Routers Overview
Support for Layer 2 protection (ACX5448)—Starting with Junos OS Release 18.2R1, ACX5448 router
supports configuring bridge protocol data unit (BPDU) protect, loop protect, and root protect on spanning-tree instance interface. You can configure BPDU protection on individual interfaces or on all the edge ports of the bridge.
See Understanding BPDU Protection for Spanning-Tree Instance Interfaces, Understanding Loop
Protection for Spanning-Tree Instance Interfaces, and Understanding Root Protection for Spanning-Tree Instance Interfaces in a Layer 2 Switched Network

Layer 3 Features

Support for Layer 3 features (ACX5448)—Starting with Junos OS Release 18.2R1, the ACX5448 router
uses MPLS as a transport mechanism and they include support for label-switching router (LSR), label edge routers (LERs), and pseudowire services. The protocols such as ECMP, OSPF, ISIS, and BGP are also supported on ACX5448 router.
See MPLS Overview

Management

Support for NETCONF over SSH and custom YANG models (ACX5448)—Starting with Junos OS Release
18.2R1, ACX5448 router supports NETCONF OVER SSH and custom YANG modules.
Client applications can access the NETCONF server using the SSH protocol and use the standard SSH authentication mechanism. After authentication, the NETCONF server uses the configured Junos OS login usernames and classes to determine whether a client application is authorized to make each request.
21
You can load custom YANG modules on the router to add data models that are not natively supported by Junos OS but can be supported by translation. Doing this enables you to extend the configuration hierarchies and operational commands with data models that are customized for your operations. You can load custom YANG modules by using the request system yang add operational command.
See Establishing an SSH Connection for a NETCONF Session and YANG Modules Overview

MPLS

Support for MPLS ping and Bidirectional Forwarding Detection over virtual circuit connection verification
(ACX5448)—Starting with Junos OS Release 18.2R1, ACX5448 router supports MPLS ping and Bidirectional Forwarding Detection over Virtual Circuit Connection Verification. MPLS ping functionality diagnoses the state of label-switched paths (LSPs), where the router sends probe packets into the LSP. Based on how the LSP at the remote endpoint of the connection replies to the probes, you can determine the connectivity of the LSP. Each probe is an echo request sent to the LSP as an MPLS packet with a UDP payload. If the outbound node receives the echo request, it checks the contents of the probe and returns a value in the UDP payload of the response packet. If the Junos OS receives the response packet, it reports a successful ping response.
Bidirectional Forwarding Detection (BFD) support for virtual circuit connection verification (VCCV) allows you to configure a control channel for a pseudowire, in addition to the corresponding operations and management functions to be used over that control channel. BFD provides a low resource mechanism for the continuous monitoring of the pseudowire data path and for detecting data plane failures, as described in RFC 5885.
You can use the following commands for debugging:
show bfd session extensive
show ldp database extensive
See Pinging LSPs and Configuring BFD for VCCV for Layer 2 Circuits
Support for MPLS ping and traceroute (ACX5448)—Starting with Junos OS Release 18.2R1, the ACX5448
router supports MPLS ping and traceroute. MPLS ping and traceroute [RFC-4379] are common tools used to debug connectivity between two PEs for a LSP. The ping portion works by injecting an echo request packet in a LSP and expecting the remote PE endpoint to receive and reply to the packet. The traceroute function works the same as it does for IP where it sends multiple packets with an increasing TTL to let the packet get progressively farther in the LSP path before sending message indication that the TTL has expired.
See Pinging LSPs

Multicast

Support for multicast features (ACX5448)—Starting with Junos OS Release 18.2R1, ACX5448 router
supports the following multicast protocol (IGMP and PIM) features for forwarding IPv4 and IPv6 traffic:
22
Anycast rendezvous point
Auto rendezvous point
Bidirectional Forwarding Detection (BFD) for PIM
IGMP version 1, version 2, and version 3
IGMP filter
IGMP proxy (relay)
IGMP querier
IGMP version 1, version 2, and version 3 snooping
Multicast Source Discovery Protocol (MSDP)
PIM static rendezvous point
PIM source-specific multicast (SSM)
PIM sparse mode
See Multicast Overview

Routing Protocols

Support for Two-Way Active Measurement Protocol (ACX5448)—Starting with Junos OS Release
18.2R1, ACX5448 router supports Two-Way Active Measurement Protocol (TWAMP). The TWAMP defines a standard for measuring IP performance between two devices in a network. ACX5448 router supports only the reflector side of TWAMP.
See Understanding Two-Way Active Measurement Protocol on Routers

Security

Support for secure boot and BIOS (ACX5448)—Starting with Junos OS Release 18.2R1, a significant
system security enhancement, secureboot, has been introduced in ACX5448 router. The secureboot implementation is based on the UEFI 2.4 standard. BIOS in ACX5448 router has been hardened and is responsible for initializing all the components of the router hardware. The following are some of the key functionalities supported by the BIOS in ACX5448 router:
23
Initialization of hardware components
Watchdog support
Booting the operating system
Diagnostics support
Secure boot support
See Feature Explorer and enter Secure Boot.

Software Installation and Upgrade

Firmware upgrade (ACX6360 Router)—Starting in Junos OS Release 18.2R1, you can install or upgrade
the system firmware on ACX6360 router.
Install the firmware package by using:
request system firmware add path/package-name
Upgrade an existing firmware, by using any of the following command:
request system firmware upgrade pic
request system firmware upgrade cb
request system firmware upgrade re
request system firmware upgrade fpc
On the ACX6360 line card, you upgrade the following firmware components:
Uboot—Responsible for loading the operating system on the line card
FPGA—Controls all functions of the line card
You can also upgrade the following firmware components:
RE- FPGA—The RE-FPGA is located on the control board and manages board initialization, reboot,
and other functions.
TIC-FPGA—The TIC-FPGA is located on the 8x CFP2 optical port card and manages access to the
optical functions.
FTC FPGA—The FTC FPGA is located on the fan controllers and controls the fan controllers.
FPD FPGA—The FPD FPGA is located on the LED board and is responsible for the LED board.
SIB FPGA—The SIB FPGA is located on the SIB and handles the SIBs

Timing and Synchronization

24
Support for PTP transparent clock (ACX5448)—Starting with Junos OS Release 18.2R1, ACX5448 router
supports the PTP transparent clock functionality for PTP over IP, as well as PTP over Ethernet. A certain amount of delay is always experienced by the PTP packets due to queuing and buffering within the router, which could be due to network load or based on the architecture of the router. The PTP transparent clock measures the residence time (the time that the packet spends passing through the router), and adds the residence time into the correction field of the PTP packet. ACX5448 routers support end-to-end transparent clocks. With an end-to-end transparent clock, only the residence time is included in the correction field of the PTP packets. ACX5448 supports end-to-end (e2e) transparent clocks as defined in IEEE1588.
See Understanding Transparent Clocks in Precision Time Protocol
SEE ALSO
Changes in Behavior and Syntax | 25
Known Behavior | 26
Known Issues | 26
Resolved Issues | 28
Documentation Updates | 29
Migration, Upgrade, and Downgrade Instructions | 29
Product Compatibility | 30

Changes in Behavior and Syntax

IN THIS SECTION
High Availability (HA) and Resiliency | 25
Junos XML API and Scripting | 25
Layer 3 Features | 25
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands from Junos OS Release 18.2R1 for the ACX Series routers.

High Availability (HA) and Resiliency

25
commit fast-synchronize option not supported for products with single Routing Engine (ACX
Series)—Starting in Junos OS Release 18.2R1, Junos OS does not support the configuration option commit fast-synchronize at the [edit system] hierarchy level for all the products with single Routing Engine for which chassis redundancy graceful-switchover is not supported. This option is disabled from the CLI.

Junos XML API and Scripting

Junos XML protocol <open-configuration> operation no longer emits an uncommitted changes warning
(ACX Series)—Starting in Junos OS Release 18.2R1, the Junos XML protocol <open-configuration> operation does not emit an "uncommitted changes will be discarded on exit" warning message when opening a private copy of the candidate configuration. However, Junos OS still discards the uncommitted changes upon closing the private copy.

Layer 3 Features

DMA recovery mechanism (ACX Series)—Starting in Junos OS Release 18.2R1, a potential recovery
mechanism has been introduced that is triggered in case the router enters an Idle state on any DMA channels. The recovery mechanism resets the necessary registers to recover from failure conditions and therefore a PFE reboot is not required. The following recovery success message is logged in the PFE syslog message:
BCM DMA error recovery: Recovery complete Success
SEE ALSO
New and Changed Features | 14
Known Behavior | 26
Known Issues | 26
Resolved Issues | 28
Documentation Updates | 29
Migration, Upgrade, and Downgrade Instructions | 29
Product Compatibility | 30

Known Behavior

There are no known limitations in Junos OS Release 18.2R1 for the ACX Series.
26
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.
SEE ALSO
New and Changed Features | 14
Changes in Behavior and Syntax | 25
Known Issues | 26
Resolved Issues | 28
Documentation Updates | 29
Migration, Upgrade, and Downgrade Instructions | 29
Product Compatibility | 30

Known Issues

IN THIS SECTION
Class of Service | 27
DHCP | 27
IGMP Snooping | 28
Timing and Synchronization | 28
This section lists the known issues in hardware and software in Junos OS Release 18.2R1 for the ACX Series Universal Metro Routers.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Class of Service

On ACX5448 router, when loss priority is configured as either medium-low or medium-high, the rewrite
rule gets applied for loss priority low. PR1358721
27
On ACX5448 router, the clear interfaces statistics all CLI command takes long time to respond with
scaled interfaces configured. PR1366087

DHCP

On ACX5448 router, when an ingress interface is configured as a LAG interface and if DHCP request
packets arrive at that LAG Interface, the router might drop the packets erroneously. PR1353887
On ACX5448 router, when an ingress interface is configured as a XE Interface and if DHCP request
packets arrive at that XE interface, the router might drop the packets erroneously. PR1347906

IGMP Snooping

The IGMP snooping feature does not work on the ACX5448 router. PR1351422

Timing and Synchronization

When an ACX5448 router is configured as PTP-TC, incorrect UDP checksum errors are seen when
checksum 0x0 is sent from the transmitting node. This occurs when a packet type of 1588 enters the ACX5448 router with UDP.checksum == 0x0 and the checksum field gets partially updated and the packet egresses the router with an incorrect checksum. This incorrect checksum causes packet drops in the next device. PR1327155
SEE ALSO
New and Changed Features | 14
28
Changes in Behavior and Syntax | 25
Known Behavior | 26
Resolved Issues | 28
Documentation Updates | 29
Migration, Upgrade, and Downgrade Instructions | 29
Product Compatibility | 30

Resolved Issues

There are no fixed issues in Junos OS 18.2R1 for ACX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.
SEE ALSO
New and Changed Features | 14
Changes in Behavior and Syntax | 25
Known Behavior | 26
Known Issues | 26
Documentation Updates | 29
Migration, Upgrade, and Downgrade Instructions | 29
Product Compatibility | 30

Documentation Updates

There are no errata or changes in Junos OS Release 18.2R1 for the ACX Series documentation.
SEE ALSO
New and Changed Features | 14
Changes in Behavior and Syntax | 25
Known Behavior | 26
29
Known Issues | 26
Resolved Issues | 28
Migration, Upgrade, and Downgrade Instructions | 29
Product Compatibility | 30

Migration, Upgrade, and Downgrade Instructions

IN THIS SECTION
Upgrade and Downgrade Support Policy for Junos OS Releases | 30
This section contains the upgrade and downgrade support policy for Junos OS for the ACX Series Router. Upgrading or downgrading Junos OS might take several minutes, depending on the size and configuration of the network.
For information about software installation and upgrade, see the Installation and Upgrade Guide.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2 and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html.
30
For information about software installation and upgrade, see the Installation and Upgrade Guide.
SEE ALSO
New and Changed Features | 14
Changes in Behavior and Syntax | 25
Known Behavior | 26
Known Issues | 26
Resolved Issues | 28
Documentation Updates | 29
Product Compatibility | 30

Product Compatibility

IN THIS SECTION
Hardware Compatibility | 31

Hardware Compatibility

To obtain information about the components that are supported on the devices, and the special compatibility guidelines with the release, see the Hardware Guide for the product.
To determine the features supported on ACX Series routers in this release, use the Juniper Networks Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature information to find the right software release and hardware platform for your network. Find Feature Explorer at https://pathfinder.juniper.net/feature-explorer/.
Hardware Compatibility Tool
For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms, see the Hardware Compatibility tool.
SEE ALSO
New and Changed Features | 14
31
Changes in Behavior and Syntax | 25
Known Behavior | 26
Known Issues | 26
Resolved Issues | 28
Documentation Updates | 29
Migration, Upgrade, and Downgrade Instructions

Junos OS Release Notes for EX Series Switches

IN THIS SECTION
New and Changed Features | 32
Changes in Behavior and Syntax | 45
Known Behavior | 50
Known Issues | 51
Resolved Issues | 53
Documentation Updates | 55
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 57
32
These release notes accompany Junos OS Release 18.2R1 for the EX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

New and Changed Features

IN THIS SECTION
Hardware | 33
Authentication, Access Control | 34
Authentication, Authorization, and Accounting (AAA) | 35
Class of Service (CoS) | 35
Dynamic Host Configuration Protocol (DHCP) | 35
EVPN | 35
Interfaces and Chassis | 38
Layer 2 Features | 39
Operation, Administration, and Maintenance (OAM) | 40
Port Security | 40
Restoration Procedures Failure | 43
Software Installation and Upgrade | 43
Software Licensing | 43
System Management | 44
User Interface and Configuration | 44
Virtual Chassis | 44
This section describes the new features and enhancements to existing features in Junos OS Release 18.2R1 for the EX Series.
NOTE: The following EX Series switches are supported in Release 18.2R1: EX2300, EX3400,
EX4300, EX4600, and EX9200.
33

Hardware

EX4300-48MP and EX4300-48MP-S switches—Starting with Junos OS Release 18.2R1, two new models
of EX4300 switches are available—EX4300-48MP and EX4300-48MP-S switches. These models provide 24 built-in 10/100/1000BASE-T Ethernet network ports, 24 built-in 100/1000/2500/5000/10000BASE-T Ethernet network ports, and four built-in 40-Gigabit Ethernet quad small form-factor pluggable plus (QSFP+) ports that can house 40-Gigabit QSFP+ transceivers. The 24 built-in 10/100/1000BASE-T Ethernet network ports support 10 Mbps, 100 Mbps, and 1 Gbps speeds. The 24 built-in 100/1000/2500/5000/10000BASE-T Ethernet network ports support 100 Mbps, 1 Gbps, 2.5 Gbps, 5 Gbps, and 10 Gbps speeds. All network ports are equipped for PoE+ and provide up to 95 watts of power. The QSFP+ ports are configured as Virtual Chassis Ports (VCPs) by default. You can use them to connect the switches to other devices in a Virtual Chassis configuration.
[See EX4300 Switch Hardware Guide.]
EX9253 switches—Starting with Junos OS Release 18.2R1, EX9253 switches are available as a modular
switch. The switch has two dedicated slots for line cards and supports EX9253-6Q12C and EX9253-6Q12C-M line cards. The switch is available in two variants—with AC power supply and with DC power supply.
[See EX9253 Switch Hardware Guide.]

Authentication, Access Control

Enhancement to NTP authentication method (EX4300)— Starting in Junos OS Release 18.2R1, Junos
OS supports NTP authentication for both SHA-1 and SHA2-256, in addition to the existing NTP authentication method, MD5. You can now choose from among MD5, SHA-1, and SHA2-256 for synchronizing the clocks of Juniper Network routers, switches, and other security devices on the Internet. Using SHA-1 instead of MD5 improves the security of devices with very little impact to timing, while using SHA2-256 provides an increase in security over SHA-1.
NOTE: By default, network time synchronization is unauthenticated.
To implement authentication, use set authentication-key <key_number> type at the [edit system ntp] hierarchy level.
To enable SHA-1 authentication, use set authentication key <key_number> type sha1 value <password>
at the [edit system ntp] hierarchy level.
34
To enable SHA2-256 authentication, use set authentication key <key_number> type sha256 value
<password> at the [edit system ntp] hierarchy level.
See authentication-key and Configuring NTP Authentication Keys

Authentication, Authorization, and Accounting (AAA)

RADIUS over IPv6 (EX Series)—Starting with Junos OS Release 18.2R1, EX2300, EX3400, EX4600 and
EX4300-48MP switches support IPv6 for user authentication, authorization, and accounting (AAA) using RADIUS servers, in addition to the existing IPv4 support. You can specify which source address Junos OS uses to contact an external RADIUS server. To configure an IPv6 source address for RADIUS authentication, include the source-address statement at the [edit system radius-server server-address] hierarchy level. To configure an IPv6 source address for RADIUS accounting, include the source-address statement at the [edit system accounting destination radius server server-address] hierarchy level.
[See source-address.]

Class of Service (CoS)

Support for setting unique IEEE 802.1p code point for host-generated RPM packets (EX2300, EX3400,
EX4300)—You can already set the DSCP code point and IEEE 802.1p code point for all host-generated packets by setting the dscp-code-point code-point-value option at the [class-of-service host-outbound-traffic] hierarchy level, where the first three bits of the defined DSCP code point value are set as the IEEE 802.1p code point value. Starting with Junos OS 18.2R1, you can override this IEEE
802.1p code point value for host-generated RPM packets and set a separate value for these packets by setting the dscp-code-point code-point-value option at the [services rpm probe owner test test-name] hierarchy level, where again the first three bits of the defined DSCP code point value are set as the IEEE
802.1p code point value.
35
[See dscp-code-point (Services).]

Dynamic Host Configuration Protocol (DHCP)

DHCP smart relay (EX4600)—Starting with Junos OS Release 18.2R1, you can configure alternative IP
addresses for the gateway interface so that if the server fails to reply to the requests sent from the primary gateway address, the switch can resend the requests using alternative gateway addresses. To use this feature, you must configure an IRB interface or Layer 3 subinterface with multiple IP addresses and configure that interface as a relay agent.
[See Configuring DHCP and BOOTP Relay.]

EVPN

NOTE: NSR and unified ISSU support for point-to-multipoint LSP for EVPN provider tunnel
is documented but not supported in Junos OS Release 18.2R1.
NSR and unified ISSU support for point-to-multipoint LSP for EVPN provider tunnel (EX9200)—Starting in Junos OS Release 18.2R1, Junos OS provides nonstop routing (NSR) and unified ISSU support for point-to-multipoint (P2MP) inclusive provider tunnels. This ensures that broadcast, unknown unicast, and multicast (BUM) packets continue after a Routing Engine switchover occurs when NSR is enabled.
[See Understanding P2MPs LSP for the EVPN Inclusive Provider Tunnel.]
IGMP snooping support for EVPN-MPLS (EX9200)—Starting with Junos OS Release 18.2R1, you can
configure IGMP snooping on EX9200 switches in an Ethernet VPN (EVPN) over an MPLS network. Enabling IGMP snooping helps to constrain multicast traffic to interested receivers in a broadcast domain.
Multicast sources and receivers in the EVPN instance (EVI) can each be single-homed to one provider edge (PE) device or multihomed (in all-active mode only) to multiple PE devices. When IGMP snooping is configured with multihomed receivers, IGMP state information is synchronized among peer PE devices by exchanging BGP EVPN Type 7 (Join Sync Route) and Type 8 (Leave Sync Route) network layer reachability information (NLRI). When PE devices receive multicast traffic from the EVPN core on a multihomed Ethernet segment (ES), only the designated forwarder (DF) PE device forwards the traffic, and the DF forwards the traffic only to interested receivers (selective multicast forwarding) based on IGMP snooping reports and BGP EVPN Type 7 routes. PE devices serving single-homed receivers also use selective multicast forwarding based on IGMP snooping reports to forward the traffic only to interested receivers, conserving network bandwidth.
36
All PE devices perform inclusive multicast forwarding using ingress replication to forward multicast traffic into the EVPN core to reach all remote PE devices. Multicast traffic at Layer 3 is routed between bridge domains or VLANs using IRB interfaces.
This feature is supported with multiple EVIs, multicast sources and receivers on the same or different sites, and IGMP snooping in proxy mode only.
To enable IGMP snooping on PE devices in an EVPN instance, include the igmp-snooping proxy statement at the [edit routing-instances routing-instance-name protocols] or the [edit routing-instances routing-instance-name bridge-domain bridge-domain-name protocols] hierarchy level.
For inter-VLAN multicast forwarding, PIM distributed DR (PIM DDR) mode must be enabled on all participating IRBs.
EVPN and IGMP snooping operational mode commands can be used to view information learned from IGMP snooping messages or EVPN Type 7 and Type 8 messages.
[See Overview of Multicast Forwarding with IGMP Snooping in an EVPN-MPLS Environment.]
Support for OSPF, IS-IS, BGP, and static routing on IRB interfaces in EVPN-VXLAN networks (EX
Series)—Starting in Junos OS Release 18.2R1, you can configure OSPF, IS-IS, BGP, and static routing with Bidirectional Forwarding Detection (BFD) on an IRB interface that is used as a routed interface in
EVPN. This allows protocol adjacencies to be established between an IRB on a Layer 3 gateway and a CE device and between an IRB on a Layer 3 gateway and a CE device connected to a Layer 2 leaf device in an EVPN-VXLAN network.
[See Supported Protocols on an IRB Interface in EVPN-VXLAN .]
NOTE: This feature is documented but not supported in Junos OS Release 18.2R1
EVPN P2MP bud node support (EX9200)—Starting in Junos OS Release 18.2R1, Junos OS supports
configuring a point-to-multipoint (P2MP) label-switched path (LSP) as a provider tunnel on a bud node. The bud node functions both as an egress node and a transit node.
To enable a bud node to support P2MP LSP, include the evpn p2mp-bud-support statement at the [edit routing-instances routing-instance-name protocols evpn] hierarchy level.
[See Configuring Bud Node Support.]
Layer 2 VXLAN gateway in EVPN-VXLAN overlay network (EX4600 switches)—By using a Layer 3
IP-based underlay network coupled with an Ethernet VPN-Virtual Extensible LAN (EVPN-VXLAN) overlay network, you can deploy larger networks than those possible with traditional Layer 2 Ethernet-based architectures. With overlay networks, endpoints (bare-metal servers [BMSs] or virtual machines [VMs]) can be placed anywhere in the network and remain connected to the same logical Layer 2 network, enabling the virtual topology to be decoupled from the physical topology.
37
The physical underlay network over which EVPN-VXLAN is commonly deployed is a two-layer IP fabric, which includes spine and leaf devices. The spine devices provide connectivity between the leaf devices, and the leaf devices function as Layer 2 VXLAN gateways and provide connectivity to the attached endpoints. Starting with Junos OS Release 18.2R1, you can deploy EX4600 switches as leaf nodes in the EVPN-VXLAN overlay network.
[See Understanding EVPN with VXLAN Data Encapsulation.]
EVPN-VXLAN support of Virtual Chassis (EX4600, EX4600 Virtual Chassis)—Ethernet VPN (EVPN)
supports multihoming active-active mode, which enables a host to be connected to two leaf devices through a Layer 2 LAG interface. Starting with Junos OS Release 18.2R1, the two leaf devices can be EX4600 standalone switches or EX4600 switches configured as a Virtual Chassis.
On each leaf device, the LAG interface is configured with the same Ethernet segment identifier (ESI) for the host. The two leaf devices on which the same ESI is configured are peers to each other.
[See EVPN-VXLAN Support of Virtual Chassis and Virtual Chassis Fabric.]
Tunneling Q-in-Q traffic through an EVPN-VXLAN overlay network (EX4600 switches)—Starting in
Junos OS Release 18.2R1, EX4600 switches that function as Layer 2 VXLAN tunnel endpoints (VTEPs) can tunnel single-tagged and double-tagged Q-in-Q packets through an Ethernet VPN-Virtual Extensible LAN (EVPN-VXLAN) overlay network. In addition to tunneling Q-in-Q packets, the ingress and egress VTEPs can perform the following Q-in-Q actions:
Delete, or pop, an outer service VLAN (S-VLAN) tag from an incoming packet.
Add, or push, an outer S-VLAN tag onto an outgoing packet.
Map a configured range of customer VLAN (C-VLAN) IDs to an S-VLAN.
NOTE: EX4600 switches do not support the pop and push actions with a configured range
of VLANs.
The ingress and egress VTEPs support the tunneling of Q-in-Q packets and the Q-in-Q actions in the context of specific traffic patterns.
38
[See Examples: Tunneling Q-in-Q Traffic in an EVPN-VXLAN Overlay Network.]

Interfaces and Chassis

Support for hyper mode to increase packet processing rate on line cards with enhanced MPCs (EX9200
switches)—Starting in Junos OS Release 18.2R1, EX9200 line cards that include enhanced MPCs (such as MPC4E and MPC5E) support the hyper mode feature. Enabling the hyper mode feature increases the rate at which a data packet is processed, which results in the optimization of the lifetime of a data packet. Optimization of the data packet lifetime enables better performance and throughput.
NOTE: You can enable hyper mode only if the network-service mode on the switch is configured
as either enhanced-ip or enhanced-ethernet. Also, you cannot enable the hyper mode feature for a specific Packet Forwarding Engine on an MPC—that is, when you enable the feature, it is applicable for all Packet Forwarding Engines on the switch.
When you enable the hyper mode feature, the following actions and features are not supported:
Creating Virtual Chassis.
Padding Ethernet frames with VLANs.
Sending Internet Control Message Protocol (ICMP) redirect messages.
Terminating or tunneling subscriber-based services.
[See Understanding the Hyper Mode Feature on Enhanced MPCs for MX Series Routers and EX9200
Switches.]
Multi-rate and non-multi rate support (EX4300-MP Switches)—Starting in Junos OS Release 18.2R1, you configure an interface to now support multiple speeds on EX4300-MP switches. The interfaces now support 2.5G, 5G, and 10G speeds. The interfaces earlier supported only 100M and 1G speeds.
The naming convention for multi-rate interfaces (including 100M and 1G) is “mge-n/n/n”. The differentiation between multi-rate interfaces and 1G interfaces is based on the speed values. The front panel ports have different color coding to differentiate multi-rate and 1G interfaces.
4x10SFP+ Uplink Modules support (EX4300-MP Switches)—Starting in Junos OS Release 18.2R1, you can configure the operating mode on the module to match the type of transceiver you want to use. EX4300-MP switches contain four ports for 10-gigabit small form-factor pluggable (SFP+) transceivers when configured to operate in 10-gigabit mode.

Layer 2 Features

39
L2PT support for tunneling additional protocols (EX2300 and EX3400 switches)—Starting with Junos
OS Release 18.2R1, you can configure Layer 2 protocol tunneling (L2PT) for the following new protocols on EX2300 and EX3400 switches: E-LMI, IEEE 802.1X, MMRP, and UDLD.
NOTE: Support for tunneling these additional protocols does not apply to multigigabit models
of the EX2300 switch (EX2300-24MP or EX2300-48MP).
[See Understanding Layer 2 Protocol Tunneling on EX Series Switches.]
Ethernet ring protection switching (ERPS)(EX2300 and EX3400 switches and Virtual Chassis)—Starting
in Junos OS Release 18.2R1, you can use ERPS to reliably achieve carrier-class network requirements for Ethernet topologies forming a closed loop. ITU-TRecommendation G.8032 version 1 is supported.
ERPS version 1 comprises the following features:
Support for revertive mode of operation of the Ethernet ring
Support for multiple ring instances on the same interfaces
Support for multiple ring instances on different interfaces
Support for interworking with Spanning Tree Protocol, Multiple Spanning Tree Protocol, and redundant
trunk groups
[See Understanding Ethernet Ring Protection Switching Functionality.]

Operation, Administration, and Maintenance (OAM)

Ethernet Connectivity Fault Management (CFM) Support (EX2300 and EX3400 Switches)—Starting
with Junos OS Release 18.2R1, Connectivity Fault Management (CFM) is supported on EX2300 and EX3400 switches. The major features of CFM are:
Fault monitoring using the continuity check protocol. This is a neighbor discovery and health check
protocol that discovers and maintains adjacencies at the VLAN or link level.
Path discovery and fault verification using the linktrace protocol. Similar to IP traceroute, this protocol
maps the path taken to a destination MAC address through one or more bridged networks between the source and destination
Fault isolation using the loopback protocol. Similar to IP ping, this protocol works with the continuity
check protocol during troubleshooting.
You can configure the Ethernet CFM using the set protocols oam ethernet
connectivity-fault-management command, and verify the configuration using the show oam ethernet connectivity-fault-management command.
40
Ethernet link fault management (LFM) support (EX4600 switches)—Starting with Junos OS Release
18.2R1, link fault management (LFM) is supported on EX4600 switches. Ethernet OAM provides the tools that network management software and network managers can use to determine how a network of Ethernet links is functioning. The following OAM LFM features are supported:
Discovery and link monitoring
Remote fault detection

Port Security

Media Access Control security with 256-bit cipher suite (EX9200)—Starting in Junos OS Release 18.2R1,
the GCM-AES-256 cipher suite for MACsec in static CAK mode is supported on EX9200 switches with EX9200-40XS line cards installed. The GCM-AES-256 cipher suite has a maximum key length of 256 bits and is also available with extended packet numbering (GCM-AES-XPN-256).
[See Understanding Media Access Control Security (MACsec).]
IP source guard (EX2300 and EX3400 switches and Virtual Chassis)—Starting with Junos OS Release
18.2R1, you can configure the IP source guard access port security feature to mitigate the effects of source IP address spoofing and source MAC address spoofing. If IP source guard determines that a host connected to an access interface has sent a packet with an invalid source IP address or source MAC address in the packet header, it discards the packet.
[See Understanding IP Source Guard for Port Security on EX Series Switches.]
Support for 802.1X authentication on private VLANs (PVLANs) (EX2300, EX3400, and EX4300 switches
and Virtual Chassis)—Starting in Junos OS Release 18.2R1, you can enable 802.1X (dot1x) authentication for security purposes on access ports that are in a PVLAN.
PVLANs provide Layer 2 isolation between ports within a VLAN, splitting a broadcast domain into multiple discrete broadcast subdomains by creating secondary VLANs. PVLANs are useful for restricting the flow of broadcast and unknown unicast traffic and for limiting the communication between known hosts.
Authentication prevents unauthenticated devices and users from gaining access to your LAN. For 802.1X and MAC RADIUS authentication, end devices must be authenticated before they receive an IP address from a Dynamic Host Configuration Protocol (DHCP) server.
On a switch that is configured with both 802.1X authentication and PVLANs, when a new device is attached to the PVLAN network, the device is authenticated and then is assigned to a secondary VLAN based on the PVLAN configuration or RADIUS profile. The device then obtains an IP address and is given access to the PVLAN network.
[See Using 802.1X Authentication and Private VLANs Together on the Same Interface.]
Private VLANs (EX2300 switches)—Starting in Junos OS Release 18.2R1, you can enable private VLANs
(PVLANs) on EX2300 platforms.
41
PVLANs provide Layer 2 isolation between ports within a VLAN, splitting a broadcast domain into multiple discrete broadcast subdomains by creating secondary VLANs. PVLANs are useful for restricting the flow of broadcast and unknown unicast traffic and for limiting the communication between known hosts.
[See Understanding Private VLANs. ]
Support for DHCP snooping and other access port security features on private VLANs (EX4300 switches
and Virtual Chassis)—Starting in Junos OS Release 18.2R1, you can enable Dynamic Host Configuration Protocol (DHCP) snooping for security purposes on access ports that are in a PVLAN. You can also protect those ports with DHCP options, dynamic ARP inspection (DAI), IP source guard, and neighbor discovery inspection.
PVLANs provide Layer 2 isolation between ports within a VLAN, splitting a broadcast domain into multiple discrete broadcast subdomains by creating secondary VLANs. PVLANs are useful for restricting the flow of broadcast and unknown unicast traffic and for limiting the communication between known hosts.
Ethernet LANs are vulnerable to attacks such as address spoofing (forging) and Layer 2 denial of service (DoS) on network devices. The following port security features help protect access ports on your device against loss of information and productivity that such attacks can cause:
DHCP snooping—Filters and blocks ingress DHCP server messages on untrusted ports. DHCP snooping
builds and maintains a database of DHCP lease information, which is called the DHCP snooping database.
DHCPv6 snooping—DHCP snooping for IPv6.
DHCP option 82—Also known as the DHCP Relay Agent Information option. Helps protect the switch
against attacks such as spoofing of IP addresses and MAC addresses and DHCP IP address starvation.
DHCPv6 option 37—Remote ID option for DHCPv6. Used to insert information about the network
location of the remote host into DHCPv6 packets.
DHCPv6 option 18—Circuit ID option for DHCPv6. Used to insert information about the client port
into DHCPv6 packets.
DHCPv6 option 16—Vendor ID option for DHCPv6. Used to insert information about the vendor of
the client hardware into DHCPv6 packets.
DAI—Prevents Address Resolution Protocol (ARP) spoofing attacks. ARP requests and replies are
compared against entries in the DHCP snooping database, and filtering decisions are made on the basis of the results of those comparisons.
IP source guard—Mitigates the effects of IP address spoofing attacks on the Ethernet LAN. The source
IP address in the packet sent from an untrusted access interface is validated against the DHCP snooping database.
IPv6 source guard—IP source guard for IPv6.
IPv6 neighbor discovery inspection—Prevents IPv6 address spoofing attacks. Neighbor discovery
requests and replies are compared against entries in the DHCPv6 snooping database, and filtering decisions are made on the basis of the results of those comparisons.
42
[See Putting Access Port Security on Private VLANs.]

Restoration Procedures Failure

Device recovery mode introduced in Junos OS with upgraded FreeBSD (EX Series)—Starting in Junos
OS Release 18.2R1, for devices running Junos OS with upgraded FreeBSD, provided you have saved a rescue configuration on the device, there is an automatic device recovery mode that goes into action should the system go into amnesiac mode. The new process is for the system to automatically retry to boot with the saved rescue configuration. In this circumstance, the system displays the banner Device is in recovery mode in the CLI (in both the operational and configuration modes). Previously, there was no automatic process to recover from amnesiac mode. A user with load and commit permission had to log in using the console and fix the issue in the configuration before the system would reboot.
[See Saving a Rescue Configuration File.]

Software Installation and Upgrade

Phone-home client (EX2300 and EX3400 switches)—Starting with Junos OS Release 18.2R1, you can
use either the legacy DHCP-options-based ZTP or the phone-home client (PHC) to provision software for the switch. If the switch boots up and there are DHCP options received from the DHCP server for ZTP, ZTP resumes. If DHCP options are not present, PHC is attempted. PHC enables the switch to securely obtain bootstrapping data, such as a configuration or software image, with no user intervention other than having to physically connect the switch to the network. When the switch first boots, PHC connects to a redirect server, which will redirect to a phone home server to get the configuration or software image.
43
To initiate either DHCP-options-based ZTP or PCH, the switch must either be in a factory-default state, or you can issue the request system zeroize command.

Software Licensing

Advanced Feature License (AFL) (EX3400 switches)—Starting with Junos OS Release 18.2R1, the
following features are available as part of the AFL:
Border Gateway Protocol (BGP) and multiprotocol BGP (MBGP)
IPv6 routing protocols: IPv6 BGP and IPv6 for MBGP
IS-IS
Virtual routing and forwarding (VRF) BGP
[See Understanding Licenses for EX Series.]

System Management

New tool to detect high CPU utilization (EX Series)—Starting in Junos OS Release 18.2R1, a flight
recorder tool is introduced to gather historical data on when the CPU utilization on a device was high and what processes caused the high utilization. The tool collects snapshots of data enabling detection of high CPU usage and faster resolution of issues.
Because some of the high CPU utilization cases are intentional or expected, you can enable and disable the flight recorder tool to avoid false alarms.
[See request flight-recorder set high-cpu and show flight-recorder status.]
Recovering the Primary Partition (EX4300-48MP switches)—Starting in Junos OS Release 18.2R1, the
EX4300-48MP switch contains a single 50-Gigabyte SSD, which contains both the primary and backup partitions. The backup partition has a copy of the primary partition, and the backup disk partition is used to recover the primary disk partition in the event that the primary partition gets corrupted. If the primary partition gets corrupted, a notification will be logged in syslog. issues.
44
If the switch is booted from the backup partition, you can recover the primary disk partition by issuing the set system software add on-primary force-host command.
[See Recovering the Primary Partition on EX4300-48MP Switches .]

User Interface and Configuration

Support for displaying ephemeral configuration data with filtering (EX Series)—Starting in Junos OS
Release 18.2R1, the show ephemeral-configuration command enables you to specify the scope of the configuration data to display. To filter the displayed configuration data, append the statement path of the requested hierarchy to the command.
[See Displaying Ephemeral Configuration Data in the Junos OS CLI.]

Virtual Chassis

Virtual Chassis support (EX4300-48MP)—Starting in Junos OS Release 18.2R1, EX4300-48MP switches
can be interconnected into a Virtual Chassis as one logical device managed as a single chassis. An EX4300-MP Virtual Chassis can contain up to 10 members in either of the following combinations:
A non-mixed Virtual Chassis if the members are all EX4300-48MP switches.
A mixed Virtual Chassis if the members are a combination of EX4300-48MP switches with other
EX4300 switches. The mixed-mode setting is required on all switches. The members in the Routing Engine role must be EX4300-48MP switches, and other EX4300 switches can only be configured in
the linecard role. The EX4300-48MP cannot form a mixed Virtual Chassis with any other type of switches.
The 40-Gbps ports on the rear panel of EX4300-48MP switches are dedicated Virtual Chassis ports (VCPs). You must use those ports to interconnect EX4300-48MP Virtual Chassis members into a non-mixed or mixed Virtual Chassis. The dedicated VCPs cannot be converted into and used as network ports, and no other ports on the EX4300-48MP switch can be used as VCPs. In addition, EX4300 members in a mixed Virtual Chassis with EX4300-48MP members must have a special port mode enabled on VCPs to interconnect with VCPs on EX4300-48MP members. To enable this mode for all VCPs on an EX4300 switch, include the ieee-clause-82 option when setting mixed mode on the switch, as follows:
user@switch> request virtual-chassis mode ieee-clause-82 mixed
Otherwise, configuring and administering a non-mixed or mixed mode EX4300-48MP Virtual Chassis is the same as for other EX4300 Virtual Chassis or QFX Series Virtual Chassis.
[See Understanding EX4300 Virtual Chassis.]
45
SEE ALSO
Changes in Behavior and Syntax | 45
Known Behavior | 50
Known Issues | 51
Resolved Issues | 53
Documentation Updates | 55
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 57

Changes in Behavior and Syntax

IN THIS SECTION
EVPN | 47
High Availability (HA) and Resiliency | 47
Interfaces and Chassis | 47
Junos OS XML, API, and Scripting | 47
Junos Telemetry Interface | 47
Layer 2 Features | 48
Multicast | 48
Network Management and Monitoring | 48
Software Installation and Upgrade | 48
User Interface and Configuration | 49
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands from Junos OS Release 18.2R1 for the EX Series.
46

EVPN

On EX9200 switches, you can configure EVPN to extend a Junos Fusion Enterprise or multichassis link
aggregation group (MC-LAG) network over an MPLS network to a data center or campus network. For both Junos Fusion Enterprise and MC-LAG use cases, you must include the bgp-peer configuration statement in the [edit routing-instances name protocols evpn mclag] hierarchy level. This configuration enables the interworking of EVPN-MPLS with Junos Fusion Enterprise or MC-LAG. If you do not include the bgp-peer configuration statement in your configuration, unexpected behavior and a core dump could result. To enforce this configuration, we now check for this configuration during the commit. If the configuration is not present, an error occurs.
See [Understanding EVPN-MPLS Interworking with Junos Fusion Enterprise and MC-LAG .]

High Availability (HA) and Resiliency

commit fast-synchronize option not supported for products with single Routing Engine (EX
Series)—Starting in Junos OS Release 18.2R1, Junos OS does not support the configuration option commit fast-synchronize at the [edit system] hierarchy level for all the products with single Routing Engine for which chassis redundancy graceful-switchover is not supported. This option is disabled from the CLI.
47

Interfaces and Chassis

EEE not supported on mge interfaces operating at 100-Mbps speed (EX2300-24MP and
EX2300-48MP)—In Junos OS Releases 18.1R2, 18.2R1, and later, if both Energy Efficient Ethernet (EEE) and 100-Mbps speed are configured on a rate-selectable (or multirate) Gigabit Ethernet (mge) port on EX2300-24MP and EX2300-48MP switches, the port operates only at 100-Mbps speed but EEE is not enabled on that port. EEE is supported only on mge interfaces that operate at 1-Gbps and 2.5-Gbps speeds.

Junos OS XML, API, and Scripting

Junos XML protocol <open-configuration> operation no longer emits an uncommitted changes warning
(EX Series)—Starting in Junos OS Release 18.2R1, the Junos XML protocol <open-configuration> operation does not emit an "uncommitted changes will be discarded on exit" warning message when opening a private copy of the candidate configuration. However, Junos OS still discards the uncommitted changes upon closing the private copy.

Junos Telemetry Interface

Change to the configuration location for gRPC-based sensor subscriptions from an external collector
(EX Series)—Starting in Junos OS Release 18.2R1, when an external streaming server, or collector, provisions sensors to export data through gRPC on devices running Junos OS, the sensor configuration is committed to the junos-analytics instance of the ephemeral configuration database, and the configuration can be viewed by using the show ephemeral-configuration instance junos-analytics operational command. In earlier releases, the sensor configuration is committed to the default instance of the ephemeral configuration database.

Layer 2 Features

Configuration option for LLDP VLAN name type, length, and value (TLV) (EX3400, EX4300)—Starting
in Junos OS Release 18.2R1, you can configure the vlan-name-tlv-option (name | vlan-id) statement at the [edit protocols lldp] hierarchy level to select whether to transmit the VLAN name or simply the VLAN ID for the Link Layer Discovery Protocol (LLDP) VLAN name TLV when exchanging LLDP messages. By default, EX Series switches running Enhanced Layer 2 Software (ELS) transmit the VLAN ID for the LLDP VLAN name TLV, and the show lldp detail command displays the default string vlan-vlan-id for an interface’s VLAN name in the Vlan-name output field. Switches that support the vlan-name-tlv-option statement behave the same as the default if you configure the vlan-id option with this statement. If you configure the name option, the switch transmits the VLAN name instead, and the show lldp detail command displays the VLAN name in the Vlan-name output field.
48

Multicast

Support for per-source multicast traffic forwarding with IGMPv3 (EX4300)—Starting in Junos OS Release
18.2R1, EX4300 switches forward multicast traffic on a per-source basis according to received IGMPv3 INCLUDE and EXCLUDE reports. In releases prior to this release, EX4300 switches process IGMPv3 reports, but instead of source-specific multicast (SSM) forwarding, they consolidate IGMPv3 INCLUDE and EXCLUDE mode reports for a group into one route for all sources sending to the group. As a result, with the prior behavior, receivers might get traffic from sources they didn’t specify.
[See IGMP Snooping Overview.]

Network Management and Monitoring

New context-oid option for trap-options configuration statement to distinguish the traps which come
from a non-default routing instance and non-default logical system (EX Series)—In Junos OS Release
18.2R1, a new option, context-oid, for the trap-options statement allows you to handle prefixes such as <routing-instance name>@<trap-group> or <logical-system name>/<routing-instance name>@<trap-group> as an additional varbind.
[See trap-options.]
Software Installation and Upgrade
New DHCP option introduced for ZTP retry (EX Series)—Starting in Junos OS Release 18.2R1, a new
DHCP option is introduced to set the timeout value for the file downloads over FTP. If the transfer-mode is set as FTP, the default value for the time out is automatically set as 120 minutes. That is, if the FTP session gets interrupted due to loss of connectivity in the middle of a file transfer, it will timeout after 120 minutes and ZTP will attempt to retry the file-fetching process. This value can be overridden using the DHCP option as follows:
option NEW_OP.ftp-timeout code 7 = text; option NEW_OP.ftp-timeout val;
where “val” is the user configurable timeout value in seconds and must be provided (for example, “val”).

User Interface and Configuration

49
Changes to the show ephemeral-configuration command (EX Series)—Starting in Junos OS Release
18.2R1, the show ephemeral-configuration operational mode command has the following changes:
To display the configuration data in the default instance of the ephemeral configuration database,
issue the show ephemeral-configuration instance default command. In earlier releases, ephemeral configuration data for the default instance is displayed using the show ephemeral-configuration command.
To display the configuration data in a user-defined instance of the ephemeral configuration database,
issue the show ephemeral-configuration instance instance-name command. In earlier releases, ephemeral configuration data for a user-defined instance is displayed using the show ephemeral-configuration instance-name command.
To view the complete post-inheritance configuration merged with the configuration data in all instances
of the ephemeral database, issue the show ephemeral-configuration merge command. In earlier releases, the merged view is displayed using the show ephemeral-configuration | display merge command.
Change to the maximum number of user-defined instances supported by the ephemeral configuration
database (EX Series)—Starting in Junos OS Release 18.2R1, devices running Junos OS that support configuring the ephemeral configuration database enable configuring a maximum of seven user-defined instances of the ephemeral database. In earlier releases, you can configure up to eight user-defined instances. User-defined instances are configured using the instance instance-name statement at the [edit system configuration-database ephemeral] hierarchy level.
SEE ALSO
New and Changed Features | 32
Known Behavior | 50
Known Issues | 51
Resolved Issues | 53
Documentation Updates | 55
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 57

Known Behavior

IN THIS SECTION
General Routing | 50
50
This section lists known behavior, system maximums, and limitations in hardware and software in Junos OS Release 18.2R1 for the EX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

General Routing

For EX2300-24MP and EX2300-48MP, it might take 40 seconds to 50 seconds to display the correct
poe oper-status when the show poe interface command is issued. PR1329362
QSFP+-40G-CU3M is not supported on EX9253 switch. PR1341969
On MGE interfaces, IEEE 802.3 clause 78 EEE is not supported with 100M speed. PR1346302
SEE ALSO
New and Changed Features | 32
Changes in Behavior and Syntax | 45
Known Issues | 51
Resolved Issues | 53
Documentation Updates | 55
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 57

Known Issues

IN THIS SECTION
Authentication and Access Control | 51
General Routing | 51
High Availability (HA) and Resiliency | 52
Infrastructure | 52
Platform and Infrastructure | 52
51
This section lists the known issues in hardware and software in Junos OS Release 18.2R1 for the EX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Authentication and Access Control

DHCPv6 client is not support in this release for EX4300-48MP. PR1373691

General Routing

The dcpfe process might crash and generate a core file if an unsupported SFP-T is put in the switch.
PR1290318
On EX4300-48-MP switch, when <cli>irb bind</cli> is committed to a VLAN without the defining IRB
logical interface, the command <cli >irb bind</cli> is not committed. The IRB logical interface has to be defined before binding to VLAN. PR1342443
Complete L2, L3 unicast traffic loss is seen on rebooting master FPC. PR1364227
On EX4300-48MP, multiple syslog errors are seen on performing a switchover. DELETE ERROR, Tree
has a node which is neither src nor dest, flags:20if_pfe_ge_ea_incr_proc: MAC filter to be processed: 00:00:00:00:00:00 PR1365188
A traffic drop might be seen with swap out of a VC of QFX5100 to the EX9253 for testing some heavy
multicast even when IRB comes up. PR1369099
On EX4300-48MP, the dcpfe core file is generated during NSSU upgrade from one Juniper-internal
build to another Juniper-internal build. PR1369978

High Availability (HA) and Resiliency

When bpdu-block-on-edge is configured, a dynamic filter update is sent to the Packet Forwarding Engine
to reinstall the port bitmap. During make-before-brake (MBB) operation, a new filter entry is created first and then the old entry is deleted. With this, a noncontiguous free entry in the Packet Forwarding Engine TCAM hardware is seen. Now, when IGMP snooping is enabled, which install another set of filter update which were required to be contiguous in nature and due to previous noncontiguous free entry, the IGMP snooping filter updates are NOT programmed in orderly and contiguous fashion. Because of this, all CPU-originated IP protocol multicast traffic (OSPF, VRRP, and so on) could not be flooded out of the network ports. PR1301773
52

Infrastructure

Junos OS might hang trying to acquire the SMP IPI lock while rebooting when it is running as a VM on
Linux and QEMU hypervisor. PR1359339

Platform and Infrastructure

MPC5 - inline-ka PPP echo requests are not transmitted when anchor-point is lt-x/2/x or lt-x/3/x in
pseudowire deployment. PR1345727
There is no support of interface range for channelized interfaces on EX9253, User has to configure
interfaces individually. PR1350635
1G is not supported on uplink module in EX4300-48-MP. Inserting 1G causes MAC errors and port is
removed from software linkscan, the very next insertion of any xcvr (10G in this case) fails to add the port to software linkscan resulting in the problem. Subsequent insertion of 10G xcr successfully completes the initialization. PR1374390
SEE ALSO
New and Changed Features | 32
Changes in Behavior and Syntax | 45
Known Behavior | 50
Resolved Issues | 53
Documentation Updates | 55
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 57

Resolved Issues

IN THIS SECTION
Forwarding and Sampling | 53
General Routing | 53
Interfaces and Chassis | 54
Layer 2 Features | 54
Layer 2 Ethernet Services | 54
53
MPLS | 54
Platform and Infrastructure | 54
This section lists the issues fixed in the Junos OS Release 18.2R1 for EX Series switches.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Forwarding and Sampling

DHCP service crashes after EX9251 switch is set to factory default by zeroize. PR1329682

General Routing

Traffic loss is observed while performing NSSU. PR1311977
The major alarm Fan and PSU Airflow direction mismatch might be seen when removing the management
cable. PR1327561
A new configuration statement operational status detail statement is added in show poe interface.
PR1330183
The rpd process generates a core file on new backup Routing Engine at
task_quit,task_terminate_timer_callback,task_timer_dispatch,task_scheduler after disabling NSR+GRES.
PR1330750
Cannot install backup Linux first when both SSD partitions are corrupted. PR1342168
On EX2300-24MP chassis, the FAN count is incorrect in jnxFruName, jnxFilledDescr and
jnxContainersCount.4. PR1361025
On EX4300-48MP, while running regression scripts, syslog error Error in
bcm_port_sample_rate_set(ifl_cmd) : Reason Invalid port is seen. 1376504
IP transit traffic hits the lo0 filter. PR1379328
In EX4300-48MP on rare occasion, when arp-inspection and ip-source-guard are configured for around
150 VLANs together, then some port might show incorrect large value for DAI statistics. PR1379443
On rare occasions in EX4300-48MP, when dynamic-arp-inspectionand ip-source-guard are removed
and added back for around 150 VLANs in one go, then arp-inspection statistics for one of the port shows garbage value. PR1379447
54

Interfaces and Chassis

On EX2300 and EX3400, IPv6 neighborship is not created on the IRB interface. PR1198482
The interface might not work properly after FPC restarts. PR1329896

Layer 2 Features

The DCPFE/FXPC process might crash and generate a core file. PR1362332

Layer 2 Ethernet Services

EX Series platforms might display a false positive CB alarm PMBus Device Fail. PR1298612

MPLS

A unified ISSU is not supported with MPLS configuration. PR1264786

Platform and Infrastructure

Autonegotiation is not working as expected between EX4300 and SRX5800. PR1311458
The FPC might crash because of the memory leak caused by the VTEP traffic. PR1356279
SEE ALSO
New and Changed Features | 32
Changes in Behavior and Syntax | 45
Known Behavior | 50
Known Issues | 51
Documentation Updates | 55
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 57

Documentation Updates

There are no errata or changes in Junos OS Release 18.2R1 documentation for the EX Series switches.
55
SEE ALSO
New and Changed Features | 32
Changes in Behavior and Syntax | 45
Known Behavior | 50
Known Issues | 51
Resolved Issues | 53
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 57

Migration, Upgrade, and Downgrade Instructions

IN THIS SECTION
Upgrade and Downgrade Support Policy for Junos OS Releases | 56
This section contains the upgrade and downgrade support policy for Junos OS for the EX Series. Upgrading or downgrading Junos OS can take several hours, depending on the size and configuration of the network. For information about software installation and upgrade, see the Installation and Upgrade Guide.
NOTE: NSSU is not supported on EX2300-VC/EX3400-VC from Junos OS Release 15.1X53 to
Junos OS Release 18.1R1 or later releases. For example, NSSU is not supported from Junos OS Release 15.1X53-D58 to Junos OS Release 18.1R1 or Junos OS Release 15.1X53-D57 to Junos OS Release 18.2R1

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.
56
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2 and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html.
SEE ALSO
New and Changed Features | 32
Changes in Behavior and Syntax | 45
Known Behavior | 50
Known Issues | 51
Resolved Issues | 53
Documentation Updates | 55
Product Compatibility | 57

Product Compatibility

IN THIS SECTION
Hardware Compatibility | 57

Hardware Compatibility

To obtain information about the components that are supported on the devices, and the special compatibility guidelines with the release, see the Hardware Guide for the product.
To determine the features supported on EX Series switches in this release, use the Juniper Networks Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature information to find the right software release and hardware platform for your network. Find Feature Explorer at https://pathfinder.juniper.net/feature-explorer/.
57
Hardware Compatibility Tool
For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms, see the Hardware Compatibility tool.
SEE ALSO
New and Changed Features | 32
Changes in Behavior and Syntax | 45
Known Behavior | 50
Known Issues | 51
Resolved Issues | 53
Documentation Updates | 55
Migration, Upgrade, and Downgrade Instructions | 55

Junos OS Release Notes for Junos Fusion Enterprise

IN THIS SECTION
New and Changed Features | 58
Changes in Behavior and Syntax | 60
Known Behavior | 60
Known Issues | 61
Resolved Issues | 62
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63
Product Compatibility | 69
58
These release notes accompany Junos OS Release 18.2R1 for Junos Fusion Enterprise. Junos Fusion Enterprise is a Junos Fusion that uses EX9200 switches in the aggregation device role. These release notes describe new and changed features, limitations, and known problems in the hardware and software.
NOTE: For a complete list of all hardware and software requirements for a Junos Fusion
Enterprise, including which Juniper Networks devices can function as satellite devices, see
Understanding Junos Fusion Enterprise Software and Hardware Requirements .
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

New and Changed Features

IN THIS SECTION
Junos Fusion Enterprise | 59
This section describes the new features and enhancements to existing features in Junos OS Release 18.2R1 for Junos Fusion Enterprise.
NOTE: For more information about the Junos Fusion Enterprise features, see the Junos Fusion
Enterprise User Guide.

Junos Fusion Enterprise

Aggregation device support on EX9253 (Junos Fusion Enterprise)—Starting with Junos OS Release
18.2R1, EX9253 switches are supported as aggregation devices in a Junos Fusion Enterprise. The aggregation device acts as the single point of management for all devices in the Junos Fusion Enterprise. Junos Fusion Enterprise supports the 802.1BR standard.
[See Junos Fusion Enterprise Overview.]
Junos Fusion Enterprise support for EX4600 switches (Junos Fusion Enterprise)—Starting with Junos
OS Release 18.2R1, you can configure EX4600 switches as satellite devices in a Junos Fusion Enterprise topology. The satellite device in a Junos Fusion topology is managed and configured by the aggregation device. Junos Fusion Enterprise uses EX9200 switches in the aggregation device role.
59
[See Junos Fusion Enterprise Overview.]
SEE ALSO
Changes in Behavior and Syntax | 60
Known Behavior | 60
Known Issues | 61
Resolved Issues | 62
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63
Product Compatibility | 69

Changes in Behavior and Syntax

IN THIS SECTION
High Availability (HA) and Resiliency | 60
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands in Junos OS Release 18.2R1 for Junos Fusion Enterprise.

High Availability (HA) and Resiliency

commit fast-synchronize option not supported for products with single Routing Engine (Junos Fusion
Enterprise)—Starting in Junos OS Release 18.2R1, Junos OS does not support the configuration option commit fast-synchronize at the [edit system] hierarchy level for all the products with single Routing Engine for which chassis redundancy graceful-switchover is not supported. This option is disabled from the CLI.
60
SEE ALSO
New and Changed Features | 58
Known Behavior | 60
Known Issues | 61
Resolved Issues | 62
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63
Product Compatibility | 69

Known Behavior

IN THIS SECTION
Junos Fusion Enterprise | 61
This section lists known behavior, system maximums, and limitations in hardware and software in Junos OS Release 18.2R1 for Junos Fusion Enterprise.
For the most complete and latest information about known Junos OS problems, use the Juniper Networks online Junos Problem Report Search application.

Junos Fusion Enterprise

In a Junos Fusion Enterprise, it can take 6 to 30 seconds for the traffic to converge when the aggregation
device is powered off or powered on. PR1257057
SEE ALSO
New and Changed Features | 58
Changes in Behavior and Syntax | 60
61
Known Issues | 61
Resolved Issues | 62
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63
Product Compatibility | 69

Known Issues

IN THIS SECTION
Junos Fusion Enterprise | 62
This section lists the known issues in hardware and software in Junos OS Release 18.2R1 for Junos Fusion Enterprise.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Junos Fusion Enterprise

In a Junos Fusion Enterprise, it can take 6 to 30 seconds for the traffic to converge when the aggregation
device is powered off or powered on. PR1257057
SEE ALSO
New and Changed Features | 58
Changes in Behavior and Syntax | 60
Known Behavior | 60
Resolved Issues | 62
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63
Product Compatibility | 69
62

Resolved Issues

IN THIS SECTION
Resolved Issues: 18.2R1 | 62
This section lists the issues fixed in the Junos OS main release and the maintenance releases.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Resolved Issues: 18.2R1

Mirrored packets are dropped if analyzer output extended port is reachable via the ICL link. PR1211123
In a Junos Fusion Enterprise, an SCPD core might be seen on an aggregation device when DACL on
dot1x enabled port is installed on a single homed satellite device. PR1328247
DHCP security binding entries are not synced after the FPC comes offline or online. PR1332828
In a Junos Fusion Enterprise, there is an issue with 802.1X re-authentication. PR1345365
SEE ALSO
New and Changed Features | 58
Changes in Behavior and Syntax | 60
Known Behavior | 60
Known Issues | 61
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63
Product Compatibility | 69

Documentation Updates

There are no errata or changes in Junos OS Release 18.2R1 for Junos Fusion Enterprise documentation.
63
SEE ALSO
New and Changed Features | 58
Changes in Behavior and Syntax | 60
Known Behavior | 60
Known Issues | 61
Resolved Issues | 62
Migration, Upgrade, and Downgrade Instructions | 63
Product Compatibility | 69

Migration, Upgrade, and Downgrade Instructions

IN THIS SECTION
Basic Procedure for Upgrading Junos OS on an Aggregation Device | 64
Upgrading an Aggregation Device with Redundant Routing Engines | 66
Preparing the Switch for Satellite Device Conversion | 66
Converting a Satellite Device to a Standalone Switch | 68
Upgrade and Downgrade Support Policy for Junos OS Releases | 68
Downgrading from Junos OS Release 18.2 | 68
This section contains the procedure to upgrade or downgrade Junos OS and satellite software for a Junos Fusion Enterprise. Upgrading or downgrading Junos OS and satellite software might take several hours, depending on the size and configuration of the Junos Fusion Enterprise topology.

Basic Procedure for Upgrading Junos OS on an Aggregation Device

When upgrading or downgrading Junos OS for an aggregation device, always use the junos-install package. Use other packages (such as the jbundle package) only when so instructed by a Juniper Networks support representative. For information about the contents of the junos-install package and details of the installation process, see the Installation and Upgrade Guide.
64
NOTE: Before upgrading, back up the file system and the currently active Junos OS configuration
so that you can recover to a known, stable environment in case the upgrade is unsuccessful. Issue the following command:
user@host> request system snapshot
The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration information from the previous software installation is retained, but the contents of log files might be erased. Stored files on the routing platform, such as configuration templates and shell scripts (the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored files, copy them to another system before upgrading or downgrading the routing platform. See the Junos OS Administration Library.
To download and install Junos OS:
1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:
https://www.juniper.net/support/downloads/
2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.
3. Select By Technology > Junos Platform > Junos Fusion to find the software that you want to download.
4. Select the release number (the number of the software version that you want to download) from the Version drop-down list on the right of the page.
5. Select the Software tab.
6. Select the software package for the release.
7. Review and accept the End User License Agreement.
8. Download the software to a local host.
9. Copy the software to the routing platform or to your internal software distribution site.
10. Install the new junos-install package on the aggregation device.
NOTE: We recommend that you upgrade all software packages out of band using the console
because in-band connections are lost during the upgrade process.
65
Customers in the United States and Canada, use the following commands, where n is the spin number.
user@host> request system software add validate reboot
source/junos-install-ex92xx-x86-64-18.2R1.n.tgz
All other customers, use the following commands, where n is the spin number.
user@host> request system software add validate reboot
source/junos-install-ex92xx-x86-64-18.2R1.n-limited.tgz
Replace source with one of the following values:
/pathname—For a software package that is installed from a local directory on the router.
For software packages that are downloaded and installed from a remote location:
ftp://hostname/pathname
http://hostname/pathname
scp://hostname/pathname (available only for Canada and U.S. version)
The validate option validates the software package against the current configuration as a prerequisite to adding the software package to ensure that the router reboots successfully. This is the default behavior when the software package being added is a different release.
Adding the reboot command reboots the router after the upgrade is validated and installed. When the reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.
Rebooting occurs only if the upgrade is successful.

Upgrading an Aggregation Device with Redundant Routing Engines

If the aggregation device has two Routing Engines, perform a Junos OS installation on each Routing Engine separately to minimize disrupting network operations as follows:
1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the configuration change to both Routing Engines.
2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running software version on the master Routing Engine.
3. After making sure that the new software version is running correctly on the backup Routing Engine, switch over to the backup Routing Engine to activate the new software.
66
4. Install the new software on the original master Routing Engine that is now active as the backup Routing Engine.
For the detailed procedure, see the Installation and Upgrade Guide.

Preparing the Switch for Satellite Device Conversion

There are multiple methods to upgrade or downgrade satellite software in your Junos Fusion Enterprise. See Configuring or Expanding a Junos Fusion Enterprise.
For satellite device hardware and software requirements, see Understanding Junos Fusion Enterprise
Software and Hardware Requirements.
Use the following command to install Junos OS on a switch before converting it into a satellite device:
user@host> request system software add validate reboot source/package-name
NOTE: The following conditions must be met before a Junos switch that is running Junos OS
Release 14.1X53-D43 can be converted to a satellite device when the action is initiated from the aggregation device:
The Junos switch can only be converted to SNOS 3.1 and higher.
The Junos switch must be either set to factory default configuration to factory default
configuration using the request system zeroize command, or the following command must be included in the configuration: set chassis auto-satellite-conversion.
When the interim installation has completed and the switch is running a version of Junos OS that is compatible with satellite device conversion, perform the following steps:
1. Log in to the device using the console port.
2. Clear the device:
[edit] user@satellite-device# request system zeroize
NOTE: The device reboots to complete the procedure for resetting the device.
If you are not logged in to the device using the console port connection, your connection to the device is lost after you enter the request system zeroize command.
If you lose connection to the device, log in using the console port.
67
3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces from Virtual Chassis ports (VCPs) into network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number
For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into network ports:
user@satellite-device>request virtual-chassis vc-port delete pic-slot 1 port 0 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 1 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 2 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 3
This step is required for the 40-Gbps QSFP+ interfaces that will be used as uplink interfaces in a Junos Fusion topology. Built-in 40-Gbps QSFP+ interfaces on EX4300 switches are configured into VCPs by default, and the default settings are restored after the device is reset.
After this initial preparation, you can use one of three methods to convert your switches into satellite devices—autoconversion, manual conversion, or preconfiguration. See Configuring or Expanding a Junos
Fusion Enterprise for detailed configuration steps for each method.

Converting a Satellite Device to a Standalone Switch

In the event that you need to convert a satellite device to a standalone device, you will need to install a new Junos OS software package on the satellite device and remove it from the Junos Fusion topology. For more information, see Converting a Satellite Device to a Standalone Device.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2 and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from
Junos OS Release 17.1 to Release 17.3.
68
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.
For more information on EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html

Downgrading from Junos OS Release 18.2

Junos Fusion Enterprise is first supported in Junos OS Release 16.1, although you can downgrade a standalone EX9200 switch to earlier Junos OS releases.
NOTE: You cannot downgrade more than three releases.
For more information, see the Installation and Upgrade Guide.
To downgrade a Junos Fusion Enterprise from Junos OS Release 18.2R1, follow the procedure for upgrading, but replace the 18.1 junos-install package with one that corresponds to the appropriate release.
SEE ALSO
New and Changed Features | 58
Changes in Behavior and Syntax | 60
Known Behavior | 60
Known Issues | 61
Resolved Issues | 62
Documentation Updates | 63
Product Compatibility | 69

Product Compatibility

IN THIS SECTION
Hardware and Software Compatibility | 69
Hardware Compatibility Tool | 69
69

Hardware and Software Compatibility

For a complete list of all hardware and software requirements for a Junos Fusion Enterprise, including which Juniper Networks devices function as satellite devices, see Understanding Junos Fusion Enterprise
Software and Hardware Requirements in the Junos Fusion Enterprise User Guide.
To determine the features supported in a Junos Fusion, use the Juniper Networks Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature information to find the right software release and hardware platform for your network. Find Feature Explorer at:
https://pathfinder.juniper.net/feature-explorer/

Hardware Compatibility Tool

For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms, see the Hardware Compatibility tool.
SEE ALSO
New and Changed Features | 58
Changes in Behavior and Syntax | 60
Known Behavior | 60
Known Issues | 61
Resolved Issues | 62
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63

Junos OS Release Notes for Junos Fusion Provider Edge

IN THIS SECTION
70
New and Changed Features | 70
Changes in Behavior and Syntax | 71
Known Behavior | 72
Known Issues | 73
Resolved Issues | 74
Documentation Updates | 75
Migration, Upgrade, and Downgrade Instructions | 75
Product Compatibility | 84
These release notes accompany Junos OS Release 18.2R1 for the Junos Fusion Provider Edge. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

New and Changed Features

There are no new features or enhancements to existing features for Junos Fusion Provider Edge in Junos OS Release 18.2R1.
SEE ALSO
Changes in Behavior and Syntax | 71
Known Behavior | 72
Known Issues | 73
Resolved Issues | 74
Documentation Updates | 75
Migration, Upgrade, and Downgrade Instructions | 75
Product Compatibility | 84

Changes in Behavior and Syntax

IN THIS SECTION
71
High Availability (HA) and Resiliency | 71
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands in Junos OS Release 18.2R1 or later for Junos Fusion Provider Edge.

High Availability (HA) and Resiliency

commit fast-synchronize option not supported for products with single Routing Engine (Junos Fusion
Provider Edge)—Starting in Junos OS Release 18.2R1, Junos OS does not support the configuration option commit fast-synchronize at the [edit system] hierarchy level for all the products with single Routing Engine for which chassis redundancy graceful-switchover is not supported. This option is disabled from the CLI.
SEE ALSO
New and Changed Features | 70
Known Behavior | 72
Known Issues | 73
Resolved Issues | 74
Documentation Updates | 75
Migration, Upgrade, and Downgrade Instructions | 75
Product Compatibility | 84

Known Behavior

IN THIS SECTION
Junos Fusion | 72
This section lists known behavior, system maximums, and limitations in hardware and software in Junos OS Release 18.2R1 for Junos Fusion Provider Edge.
72
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Junos Fusion

In Junos Fusion with EVPN solution when an Aggregation Device looses EVPN connectivity with rest
of the Aggregation Devices then LACP over extended ports on this core isolated Aggregation Device will be brought down until EVPN connectivity is restored. PR1327784
SEE ALSO
New and Changed Features | 70
Changes in Behavior and Syntax | 71
Known Issues | 73
Resolved Issues | 74
Documentation Updates | 75
Migration, Upgrade, and Downgrade Instructions | 75
Product Compatibility | 84

Known Issues

IN THIS SECTION
Junos Fusion | 73
This section lists the known issues in hardware and software in Junos OS Release 18.2R1 for Junos Fusion Provider Edge.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Junos Fusion

73
In Junos Fusion, once the interface is marked Loop Detect PDU Error: Detected in the show interface
<intf_name> command, then clear error loop-detect interface <intf_name or all> has to be executed on all aggregration devices to bring the interface to the up state. PR1327366
SEE ALSO
New and Changed Features | 70
Changes in Behavior and Syntax | 71
Known Behavior | 72
Resolved Issues | 74
Documentation Updates | 75
Migration, Upgrade, and Downgrade Instructions | 75
Product Compatibility | 84

Resolved Issues

IN THIS SECTION
Class of Service (CoS) | 74
Junos Fusion | 74
This section lists the issues fixed in the Junos OS Release 18.2R1 for Junos Fusion Provider Edge.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Class of Service (CoS)

74
Aggregated Ethernet link-protection feature is not supported. PR1355498

Junos Fusion

Duplicated packets might be received on the multicast downstream devices and multicast receivers.
PR1316499
In Junos fusion, the show interfaces diagnostics optics satellite command does not display any outputs.
PR1327876
High IGMP leave latency occurs with IGMP snooping in EVPN. PR1327980
In Junos Fusion, an aggregate device might show a plus sign (+) sign on the ICL link for a satellite device.
PR1335373
SEE ALSO
New and Changed Features | 70
Changes in Behavior and Syntax | 71
Known Behavior | 72
Known Issues | 73
Documentation Updates | 75
Migration, Upgrade, and Downgrade Instructions | 75
Product Compatibility | 84

Documentation Updates

There are no errata or changes in Junos OS Release 18.2R1 documentation for Junos Fusion Provider Edge.
SEE ALSO
New and Changed Features | 70
Changes in Behavior and Syntax | 71
Known Behavior | 72
Known Issues | 73
75
Resolved Issues | 74
Migration, Upgrade, and Downgrade Instructions | 75
Product Compatibility | 84

Migration, Upgrade, and Downgrade Instructions

IN THIS SECTION
Basic Procedure for Upgrading an Aggregation Device | 76
Upgrading an Aggregation Device with Redundant Routing Engines | 78
Preparing the Switch for Satellite Device Conversion | 79
Converting a Satellite Device to a Standalone Device | 80
Upgrading an Aggregation Device | 83
Upgrade and Downgrade Support Policy for Junos OS Releases | 83
Downgrading from Release 18.2 | 83
This section contains the procedure to upgrade Junos OS, and the upgrade and downgrade policies for Junos OS for Junos Fusion Provider Edge. Upgrading or downgrading Junos OS might take several hours, depending on the size and configuration of the network.

Basic Procedure for Upgrading an Aggregation Device

When upgrading or downgrading Junos OS, always use the jinstall package. Use other packages (such as the jbundle package) only when so instructed by a Juniper Networks support representative. For information about the contents of the jinstall package and details of the installation process, see the Installation and
Upgrade Guide.
NOTE: Before upgrading, back up the file system and the currently active Junos OS configuration
so that you can recover to a known, stable environment in case the upgrade is unsuccessful. Issue the following command:
user@host> request system snapshot
76
The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration information from the previous software installation is retained, but the contents of log files might be erased. Stored files on the routing platform, such as configuration templates and shell scripts (the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored files, copy them to another system before upgrading or downgrading the routing platform. See the Junos OS Administration Library.
The download and installation process for Junos OS Release 18.2R1 is different that for earlier Junos OS releases.
1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:
https://www.juniper.net/support/downloads/
2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.
3. Select By Technology > Junos Platform > Junos Fusion to find the software that you want to download.
4. Select the release number (the number of the software version that you want to download) from the Version drop-down list to the right of the page.
5. Select the Software tab.
6. Select the software package for the release.
7. Review and accept the End User License Agreement.
8. Download the software to a local host.
9. Copy the software to the routing platform or to your internal software distribution site.
10. Install the new jinstall package on the aggregation device.
NOTE: We recommend that you upgrade all software packages out-of-band using the console,
because in-band connections are lost during the upgrade process.
Customers in the United States and Canada, use the following commands.
For 64-bit software:
77
NOTE: We highly recommend that you see 64-bit Junos OS software when implementing
Junos Fusion Provider Edge.
user@host> request system software add validate reboot
source/jinstall64-18.2R1.SPIN-domestic-signed.tgz
For 32-bit software:
user@host> request system software add validate reboot
source/jinstall-18.2R1.SPIN-domestic-signed.tgz
All other customers, use the following commands.
For 64-bit software:
NOTE: We highly recommend that you see 64-bit Junos OS software when implementing
Junos Fusion Provider Edge.
user@host> request system software add validate reboot
source/jinstall64-18.2R1.SPIN-export-signed.tgz
For 32-bit software:
user@host> request system software add validate reboot
source/jinstall-18.2R1.SPIN-export-signed.tgz
Replace source with one of the following values:
/pathname—For a software package that is installed from a local directory on the router.
For software packages that are downloaded and installed from a remote location:
ftp://hostname/pathname
http://hostname/pathname
scp://hostname/pathname (available only for the Canada and U.S. version)
The validate option validates the software package against the current configuration as a prerequisite for adding the software package to ensure that the router reboots successfully. This is the default behavior when the software package being added is for a different release.
78
Adding the reboot command reboots the router after the upgrade is validated and installed. When the reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.
Rebooting occurs only if the upgrade is successful.
NOTE: After you install a Junos OS Release 18.2R1 jinstall package, you cannot return to the
previously installed software by issuing the request system software rollback command. Instead, you must issue the request system software add validate command and specify the jinstall package that corresponds to the previously installed software.

Upgrading an Aggregation Device with Redundant Routing Engines

If the aggregation device has two Routing Engines, perform a Junos OS installation on each Routing Engine separately as follows to minimize disrupting network operations:
1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the configuration change to both Routing Engines.
2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running software version on the master Routing Engine.
3. After making sure that the new software version is running correctly on the backup Routing Engine, switch over to the backup Routing Engine to activate the new software.
4. Install the new software on the original master Routing Engine that is now active as the backup Routing Engine.
For the detailed procedure, see the Installation and Upgrade Guide.

Preparing the Switch for Satellite Device Conversion

Satellite devices in a Junos Fusion topology use a satellite software package that is different from the standard Junos OS software package. Before you can install the satellite software package on a satellite device, you first need to upgrade the target satellite device to an interim Junos OS software version that can be converted to satellite software. For satellite device hardware and software requirements, see
Understanding Junos Fusion Software and Hardware Requirements
NOTE: The following conditions must be met before a standalone switch that is running Junos
OS Release 14.1X53-D43 can be converted to a satellite device when the action is initiated from the aggregation device:
79
The switch can only be converted to SNOS 3.1 and higher.
The switch must be either set to factory-default configuration using the request system zeroize
command, or the following command must be included in the configuration: set chassis auto-satellite-conversion.
Customers with EX4300 switches, use the following command:
user@host> request system software add validate reboot
source/jinstall-ex-4300-14.1X53-D43.3-domestic-signed.tgz
Customers with QFX5100 switches, use the following command:
user@host> request system software add reboot
source/jinstall-qfx-5-14.1X53-D43.3-domestic-signed.tgz
When the interim installation has completed and the switch is running a version of Junos OS that is compatible with satellite device conversion, perform the following steps:
1. Log in to the device using the console port.
2. Clear the device:
[edit] user@satellite-device# request system zeroize
NOTE: The device reboots to complete the procedure for resetting the device.
If you are not logged in to the device using the console port connection, your connection to the device is lost after you enter the request system zeroize command.
If you lose your connection to the device, log in using the console port.
3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces from Virtual Chassis ports (VCPs) into network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number
For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into network ports:
80
user@satellite-device>request virtual-chassis vc-port delete pic-slot 1 port 0 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 1 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 2 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 3
This step is required for the 40-Gbps QSFP+ interfaces that will be used as uplink interfaces in a Junos Fusion topology. Built-in 40-Gbps QSFP+ interfaces on EX4300 switches are configured into VCPs by default, and the default settings are restored after the device is reset.
After this initial preparation, you can use one of three methods to convert your switches into satellite devices—autoconversion, manual conversion, and preconfiguration. See Configuring Junos Fusion Provider
Edge for detailed configuration steps for each method.

Converting a Satellite Device to a Standalone Device

In the event that you need to convert a satellite device to a standalone device, you will need to install a new Junos OS software package on the satellite device and remove the satellite device from the Junos Fusion topology.
NOTE: If the satellite device is a QFX5100 switch, you need to install a PXE version of Junos
OS. The PXE version of Junos OS is software that includes pxe in the Junos OS package name when it is downloaded from the Software Center—for example, the PXE image for Junos OS Release 14.1X53-D43 is named install-media-pxe-qfx-5-14.1X53-D43.3-signed.tgz . If the satellite device is an EX4300 switch, you install a standard jinstall-ex-4300 version of Junos OS.
The following steps explain how to download software, remove the satellite device from Junos Fusion, and install the Junos OS software image on the satellite device so that the device can operate as a standalone device.
1. Using a Web browser, navigate to the Junos OS software download URL on the Juniper Networks webpage:
https://www.juniper.net/support/downloads
2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.
81
3. Select By Technology > Junos Platform > Junos Fusion from the drop-down list and select the switch platform series and model for your satellite device.
4. Select the Junos OS Release 14.1X53-D30 software image for your platform.
5. Review and accept the End User License Agreement.
6. Download the software to a local host.
7. Copy the software to the routing platform or to your internal software distribution site.
8. Remove the satellite device from the automatic satellite conversion configuration.
If automatic satellite conversion is enabled for the satellite device’s member number, remove the member number from the automatic satellite conversion configuration. The satellite device’s member number is the same as the FPC slot ID.
[edit] user@aggregation-device# delete chassis satellite-management auto-satellite-conversion
satellite member-number
For example, to remove member number 101 from Junos Fusion:
[edit]
user@aggregation-device# delete chassis satellite-management auto-satellite-conversion
satellite 101
You can check the automatic satellite conversion configuration by entering the show command at the [edit chassis satellite-management auto-satellite-conversion] hierarchy level.
9. Commit the configuration.
To commit the configuration to both Routing Engines:
[edit] user@aggregation-device# commit synchronize
Otherwise, commit the configuration to a single Routing Engine:
[edit] user@aggregation-device# commit
82
10. Install the Junos OS software on the satellite device to convert the device to a standalone device.
[edit] user@aggregation-device> request chassis satellite install URL-to-software-package fpc-slot
member-number
For example, to install a PXE software package stored in the /var/tmp directory on the aggregation device onto a QFX5100 switch acting as the satellite device using FPC slot 101:
[edit] user@aggregation-device> request chassis satellite install
/var/tmp/install-media-pxe-qfx-5-14.1X53-D43.3-signed.tgz fpc-slot 101
For example, to install a software package stored in the var/tmp directory on the aggregation device onto an EX4300 switch acting as the satellite device using FPC slot 101:
[edit] user@aggregation-device> request chassis satellite install
/var/tmp/jinstall-ex-4300-14.1X53-D30.3-domestic-signed.tgz fpc-slot 101
The satellite device stops participating in the Junos Fusion topology once the software installation starts. The software upgrade starts after this command is entered.
11. Wait for the reboot that accompanies the software installation to complete.
12. When you are prompted to log back into your device, uncable the device from the Junos Fusion topology. See Removing a Transceiver from a QFX Series Device or Remove a Transceiver, as needed. Your device has been removed from Junos Fusion.
NOTE: The device uses a factory-default configuration after the Junos OS installation is
complete.

Upgrading an Aggregation Device

When you upgrade an aggregation device to Junos OS Release 18.2R1, you must also upgrade your satellite device to Satellite Device Software version 3.1R1.
83

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from
Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html.

Downgrading from Release 18.2

To downgrade from Release 18.2 to another supported release, follow the procedure for upgrading, but replace the 18.2 jinstall package with one that corresponds to the appropriate release.
NOTE: You cannot downgrade more than three releases.
For more information, see the Installation and Upgrade Guide.
SEE ALSO
New and Changed Features | 70
Changes in Behavior and Syntax | 71
Known Behavior | 72
Known Issues | 73
Resolved Issues | 74
Documentation Updates | 75
84
Product Compatibility | 84

Product Compatibility

IN THIS SECTION
Hardware Compatibility | 84

Hardware Compatibility

Hardware Compatibility
To obtain information about the components that are supported on the devices, and special compatibility guidelines with the release, see the Hardware Guide and the Interface Module Reference for the product.
To determine the features supported on MX Series devices in this release, use the Juniper Networks Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature information to find the right software release and hardware platform for your network. See the Feature
Explorer.
Hardware Compatibility Tool
For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms, see the Hardware Compatibility tool.
SEE ALSO
New and Changed Features | 70
Changes in Behavior and Syntax | 71
Known Behavior | 72
Known Issues | 73
Resolved Issues | 74
Documentation Updates | 75
Migration, Upgrade, and Downgrade Instructions | 75
85

Junos OS Release Notes for MX Series 5G Universal Routing Platforms

IN THIS SECTION
New and Changed Features | 86
Changes in Behavior and Syntax | 107
Known Behavior | 112
Known Issues | 116
Resolved Issues | 125
Documentation Updates | 144
Migration, Upgrade, and Downgrade Instructions | 144
Product Compatibility | 151
These release notes accompany Junos OS Release 18.2R1 for the MX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

New and Changed Features

IN THIS SECTION
Release 18.2R1-S4 New and Changed Features | 86
Release 18.2R1-S2 New and Changed Features | 86
Release 18.2R1 New and Changed Features | 87
86
This section describes the new features and enhancements to existing features in Junos OS Release 18.2R1 for the MX Series routers.

Release 18.2R1-S4 New and Changed Features

Services Applications
Inline JFlow support for EVPN traffic (MX10008)—Starting in Junos OS Release 18.2R1-S4, inline Jflow
supports sampling under the bridge family. Inline Jflow monitors traffic hitting the bridge family and reports the necessary fields in either version 9 or IPFIX format.
A new family bridge is introduced under the [edit forwarding-options sampling instance] hierarchy that monitors all traffic hitting the VPLS or bridge family.
[See Understanding Inline Active Flow Monitoring.]

Release 18.2R1-S2 New and Changed Features

Routing Protocols
Support for IPv4 VPN unicast and IPv6 VPN unicast address families in BGP (MX Series)—Starting with
Junos OS Release 18.2R1-S2, the following address families are supported to enable advertisement and/or reception of multiple paths to a destination to/from the same BGP peer, instead of advertising/receiving only the active path to/from the same BGP peer, under [edit protocols bgp group group-name] hierarchy.
IPv4 VPN unicast (family inet-vpn)
IPv6 VPN unicast (family inet6-vpn)

Release 18.2R1 New and Changed Features

Hardware
Support for JNP10K-LC2101 MPC (MX10008)—Starting in Junos OS Release 18.2R1, Junos OS supports
a new fixed-configuration MPC, JNP10K-LC2101. A fixed-configuration MPC does not contain separate slots for Modular Interface Cards (MICs). MX10008 routers support eight JNP10K-LC2101 MPCs. The JNP10K-LC2101 MPC provides a maximum bandwidth of 2.4Tbps and has six Packet Forwarding Engines, each providing a maximum bandwidth of up to 400 Gbps, which cannot be oversubscribed. You can configure the bandwidth of the MPC to provide a decreased bandwidth of 1.44Tbps as well, if required. Use the set chassis fpc fpc-slot-number pfe-bandwidth 240g to modify the forwarding capacity of each PFE to 240 Gbps.
JNP10K-LC2101 supports:
Multi-rate ports. The ports on the JNP10K-LC2101 MPC support multiple port speeds such as 10
Gbps, 40 Gbps, and 100 Gbps. Hence, they are known as multi-rate ports. All ports support all port speeds. To view the port speed information for each port, use the show chassis pic fpc-slot fpc-slot-number pic-slot pic-slot-number command.
87
PIC-based tunnel configuration.
Maximum transmission unit (MTU) size of 16,000 bytes for transit traffic.
Dynamic Power Management for effective utilization of available power.
Flexible queuing supports 128,000 queues per line card, including queues on both ingress and egress
interfaces. You can use an additional license to support up to 256,000 queues or 1,500,000 queues per slot.
See JNP10K-LC2101 MPC on MX10008 Routers Overview
JNP10K-LC2101 MPC (MX10008)—Starting with Junos OS Release 18.2R1, JNP10K-LC2101 MPC is
supported on the MX10008 router. The JNP10K-LC2101 MPC has fixed MPC ports with 2.4 Tbps and supports 24 100-Gigabit Ethernet QSFP28 ports, and 24 40-Gigabit Ethernet QSFP ports, and 96 10-Gigabit Ethernet ports using a breakout cable (4x10 Gigabit Ethernet). The MPC also supports combinations of 100-Gigabit Ethernet, 40-Gigabit Ethernet, and 10-Gigabit Ethernet ports.
New Routing and Control Board REMX2008-X8-128G (MX2008)—Starting in Junos OS Release 18.2R1,
the Routing and Control Board (RCB), REMX2008-X8-128G is supported on MX2008 routers. The RCB has increased memory and storage to support node virtualization . The RCB is equipped with an 8-Core
2.3 GHz processor, 128 GB memory, and two 200 GB SSDs and also supports Secure Boot for enhanced boot security.
[See MX2008 Routing and Control Board (MX2008 RCB) Description.]
Authentication and Access Control
Enhancement to NTP authentication method (MX240, MX480, MX960, MX2020, and MX2010)
Starting in Junos OS Release 18.2R1, Junos OS supports NTP authentication for both SHA-1 and SHA2-256, in addition to the existing NTP authentication method, MD5. You can now choose from among MD5, SHA-1, and SHA2-256 for synchronizing the clocks of Juniper Network routers, switches, and other security devices on the Internet. Using SHA-1 instead of MD5 improves the security of devices with very little impact to timing, while using SHA2-256 provides an increase in security over SHA-1.
NOTE: By default, network time synchronization is unauthenticated.
To implement authentication, use set authentication-key <key_number> type at the [edit system ntp] hierarchy level.
To enable SHA-1 authentication, use set authentication key <key_number> type sha1 value <password>
at the [edit system ntp] hierarchy level.
To enable SHA2-256 authentication, use set authentication key <key_number> type sha256 value
<password> at the [edit system ntp] hierarchy level.
88
[See authentication-key and Configuring NTP Authentication Keys]
Authentication, Authorization, and Accounting (AAA) (RADIUS)
Existing TACACS+ behavior is made VRF aware (MX Series)—Starting in Junos OS Release 18.2R1, the
routing-instance statement at the [edit system tacplus-server server-address] hierarchy level and [edit system accounting destination tacplus server server-address] hierarchy level can now be used to
configure any routing instance present under the [edit routing-instances] hierarchy level. TACACS+ traffic uses the configured routing instance, whatever the name. Before, the routing-instance statement at the [edit system tacplus-server server-address] hierarchy level and [edit system accounting destination tacplus server server-address] hierarchy level could be used only to configure the mgmt_junos routing instance.
[See Configuring TACACS+ Authentication and Configuring TACACS+ System Accounting.]
Class of Service (CoS)
Support for collecting aggregate queue statistics for underlying logical interfaces (MX Series)—By
default to preserve memory resources, aggregate queue statistics are not collected for underlying logical interfaces (Level 2 interfaces). Queue statistics are only collected for the upper-level logical interfaces (Level 3 and above) and the physical interface (Level 1). By default the command show interfaces queue interface-name shows all zeroes for underlying logical interfaces. Starting with Junos OS Release 18.2R1, you can enable the collection of aggregate queue statistics for all underlying logical interfaces on a particular physical or aggregate (for example, ae0) interface by enabling logical-interface-aggregate-statistics at the [edit class-of-service interfaces interface-name] hierarchy
level. You can show the aggregate queue statistics by running the show interfaces queue interface-name command.
[See logical-interface-aggregate-statistics.]
Support for excluding the overhead bytes from queue statistics (MX Series)—By default, the Layer 2
header bytes applied to upper-level logical interfaces are included in CoS per-queue statistics at the physical interface, which can provide inaccurate results. Starting with Junos OS Release 18.2R1, you can exclude the counting of overhead bytes from aggregate queue statistics by enabling exclude-queue-overhead-bytes option at the [edit class-of-service interfaces interface-name] hierarchy level. To also exclude the counting of overhead bytes from aggregate queue statistics of all child interfaces, including logical interfaces and interface sets, add the include-hierarchy option at the [edit class-of-service interfaces interface-name exclude-queue-overhead-bytes] hierarchy level.
[See exclude-queue-overhead-bytes.]
Support for bypass-queuing-chip option (vMX)—Starting with Junos OS Release 18.2R1, the
bypass-queuing-chip option at the [edit class-of-service interfaces interface-name] hierarchy level is supported on vMX routers. Enable this option on vMX routers to save a vCPU when scheduling is not needed on an interface. With this option, be careful not to oversubscribe the interface bandwidth.
89
[See bypass-queuing-chip.]
EVPN
NOTE: This feature is documented but not supported in Junos OS Release 18.2R1
NSR and unified ISSU support for point-to-multipoint LSP for EVPN provider tunnel (MX Series and vMX)—Starting in Junos OS Release 18.2R1, Junos OS provides nonstop routing (NSR) and unified ISSU
support for point-to-multipoint (P2MP) inclusive provider tunnels. This ensures that broadcast, unknown unicast, and multicast (BUM) packets continue after a Routing Engine switchover occurs when NSR is enabled.
NOTE: Unified ISSU is not supported on the vMX routers.
[See Understanding P2MPs LSP for the EVPN Inclusive Provider Tunnel.]
Support for EVPN-VPWS flexible cross-connect (MX Series)—Starting with Junos OS Release 18.2R1,
Ethernet VPN (EVPN) virtual private wire service (VPWS) flexible cross-connect is introduced to address a label resource issue that could occur on some low end access routers. This is possible when there are a group of attachment circuits (ACs) under the same EVPN instance (EVI) and share the same label.
NOTE: The label resource issue is applicable to a service edge router that is interoperable with
the access router that uses FXC scheme to conserve its label usage. It is assumed that the label resource issue does not apply to Juniper Networks service edge router, the vMX (or MX), that uses the pseudowire subscriber interface. Thus there is no change for the label assign scheme on the service edge router with regular EVPN-VPWS pseudowire subscriber head-end termination.
[See Overview of Flexible Cross-Connect Support on VPWS with EVPN.]
Support for head-end termination for EVPN VPWS for business services (MX Series)—Starting with
Junos OS Release 18.2R1, Ethernet VPN (EVPN) virtual private wire service (VPWS) is supported on pseudowire subscriber logical interface.
Prior to Junos OS 18.2 Release, pseudowire subscriber logical interface is used with either Layer 2 circuit or Layer 2 VPN for psuedowire headend termination service.
An Ethernet VPN (EVPN) enables you to connect dispersed customer sites using a Layer 2 virtual bridge. Virtual private wire service (VPWS) Layer 2 VPNs employ Layer 2 services over MPLS to build a topology of point-to-point connections that connect end customer sites in a VPN. EVPN-VPWS as a next generation of pseudowire subscriber interface technology brings the benefit of EVPN to point-to-point service by providing fast convergence upon node failure and link failure through its multihoming feature. As a result, you can use EVPN-VPWS on pseudowire subscriber interface for head-end termination into different services.
90
You can configure the pseudowire subscriber logical interface for EVPN-VPWS so that the pseudowire established by EVPN-VPWS can be headend terminated into either Layer 3 VPN or BGP-VPLS. The head-end termination covers single (single-homed) pseudowire termination and redundant (multihomed) pseudowire termination into Layer 3 VPN and BGP-VPLS.
[See Overview of Pseudowire Subscriber Logical Interface Support on VPWS with EVPN.]
EVPN pure type-5 route support (MX Series)—Starting with Junos OS Release 18.2R1, you can configure
pure type-5 routing in an Ethernet VPN (EVPN) Virtual Extensible LAN (VXLAN) environment. Pure type-5 routing is used when the Layer 2 domain does not exist at the remote data centers. A pure type-5 route advertises the summary IP prefix and includes a BGP extended community called a router MAC, which is used to carry the MAC address of the sending switch and to provide next-hop reachability for the prefix. To configure pure type-5 routing, include the ip-prefix-routes advertise direct-nexthop statement at the [edit routing-instances routing-instance-name protocols evpn] hierarchy level. To enable two-level equal-cost multipath (ECMP) next hops in an EVPN-VXLAN overlay network, you must also include the overlay-ecmp statement at the [edit forwarding-options vxlan-routing] hierarchy level.
[See Understanding EVPN Pure Route Type-5.]
IGMP snooping support for EVPN-MPLS (MX Series, vMX)—Starting with Junos OS Release 18.2R1,
you can configure IGMP snooping on MX Series routers with MPCs and vMX routers in an Ethernet
VPN (EVPN) over an MPLS network. Enabling IGMP snooping helps to constrain multicast traffic to interested receivers in a broadcast domain.
Multicast sources and receivers in the EVPN instance (EVI) can each be single-homed to one provider edge (PE) device or multihomed (in all-active mode only) to multiple PE devices. When IGMP snooping is configured with multihomed receivers, IGMP state information is synchronized among peer PE devices by exchanging BGP EVPN Type 7 (Join Sync Route) and Type 8 (Leave Sync Route) network layer reachability information (NLRI). When PE devices receive multicast traffic from the EVPN core on a multihomed Ethernet segment (ES), only the designated forwarder (DF) PE device forwards the traffic, and the DF forwards the traffic only to interested receivers (selective multicast forwarding) based on IGMP snooping reports and BGP EVPN Type 7 routes. PE devices serving single-homed receivers also use selective multicast forwarding based on IGMP snooping reports to forward the traffic only to interested receivers, conserving network bandwidth.
All PE devices perform inclusive multicast forwarding using ingress replication to forward multicast traffic into the EVPN core to reach all remote PE devices. Multicast traffic at Layer 3 is routed between bridge domains or VLANs using IRB interfaces.
This feature is supported with multiple EVIs, multicast sources and receivers on the same or different sites, and IGMP snooping in proxy mode only.
91
To enable IGMP snooping on PE devices in an EVPN instance, include the igmp-snooping proxy statement at the [edit routing-instances routing-instance-name protocols] or the [edit routing-instances routing-instance-name bridge-domain bridge-domain-name protocols] hierarchy level.
For inter-VLAN multicast forwarding, PIM distributed DR (PIM DDR) mode must be enabled on all participating IRBs.
EVPN and IGMP snooping operational mode commands can be used to view information learned from IGMP snooping messages or EVPN Type 7 and Type 8 messages.
[See Overview of Multicast Forwarding with IGMP Snooping in an EVPN-MPLS Environment.]
NOTE: This feature is documented but not supported in Junos OS Release 18.2R1
Support for mLDP P2MP tunnels with EVPN for BUM traffic (MX Series and vMX)—Although present
in the code, the ability to configure and signal a P2MP LSP for the EVPN inclusive provider tunnel for BUM traffic is not supported in Junos OS Release 18.2R1. P2MP LSPs manages efficient core bandwidth utilization because it uses multicast replication only at the required nodes instead of ingress replication at the ingress PE node.
Support for OSPF, IS-IS, BGP, and static routing on IRB interfaces in EVPN-VXLAN networks (MX
Series and vMX)—Starting in Junos OS Release 18.2R1, you can configure OSPF, IS-IS, BGP, and static routing with bidirectional forwarding detection (BFD) on an IRB interface that is used as a routed interface in EVPN. This allows protocol adjacencies to be established between an IRB on a Layer 3 gateway and
a CE device connected directly to a Layer 3 gateway or to a Layer 2 leaf device in an EVPN-VXLAN network.
[See Supported Protocols on an IRB Interface in EVPN-VXLAN .]
Support for groupVPN failover to backup router (MX Series and vMX)—Group VPN is a trusted group
to eliminate point-to-point tunnels and their associated overlay routing. All group members share a common security association (SA), known as a group SA (GSA). The GSA enables group members to decrypt traffic that was encrypted by any other group member. Starting in Junos OS Release 18.2R1, Junos OS confirms the Group VPN redundancy with service redundancy daemon running on MX Series routers. MX Series routers with redundancy between them act as Group VPN members.
Support for passing of traffic during a policy mismatch between key server and group member (MX
Series and vMX)—Currently, packets that do not match the traffic policy provided by the group key server are dropped by default. Starting in Junos OS Release 18.2R1, you have an option to change the default behavior to disable encryption and forward the packets instead of dropping them.
You can configure the forward-policy-mismatch within the group vpn object configuration to enable the support for forwarding policy-mismatched packets at the [edit security group-vpn member ipsec] hierarchy level.
92
NOTE: This feature is documented but not supported in Junos OS Release 18.2R1
EVPN P2MP bud router support (MX Series and vMX)—Starting in Junos OS Release 18.2R1, Junos OS
supports configuring a point-to-multipoint (P2MP) label switched path (LSP) as a provider tunnel on a bud router. The bud router functions both as an egress router and a transit router.
To enable a bud router to support P2MP LSP, include the evpn p2mp-bud-support statement at the [edit routing-instances routing-instance-name protocols evpn] hierarchy level.
[See Configuring Bud Node Support]
Flow-Based and Packet-Based Processing
Support for inline flow monitoring (MX10008)—Starting in Junos OS Release 18.2R1, Junos OS supports
inline active flow monitoring. Inline active flow monitoring supports version 9 and IPFIX flow collection templates. Version 9 template is supported for IPv4, IPv6, MPLS, and MPLS-IPv4. IPFIX template is supported for IPv4, IPv6, MPLS, MPLS-IPv4, and VPLS flows. Both IPFIX and version 9 templates use UDP as the transport protocol.
[See Inline Active Flow Monitoring.]
High Availability (HA) and Resiliency
Resiliency support for JNP10K-LC2101 MPC (MX10008)—Starting in Junos OS Release 18.2R1, resiliency
support is enabled for JNP10K-LC2101 MPC on MX10008 routers.
Interfaces and Chassis
Enhancement to increase the threshold of corrected single-bit errors (MPC7E, MPC8E, MPC9E on MX
Series)—In Junos OS Release 18.2R1, the threshold of corrected single-bit errors is increased from 32 to 1024, and the alarm severity is changed from Major to Minor for those error messages. There is no operational impact upon corrected single-bit errors. Also, a log message is added to display how many single-bit errors have been corrected between the reported events as follows:
93
EA[0:0]: HMCIF Rx: Link0: Corrected single bit errordetected in HMC 0 - Total count 25
EA[0:0]: HMCIF Rx: Link0: Corrected single bit errordetected in HMC 0 - Total count 26
[See Alarm Overview.]
Fabric management support (MX10008)—Starting in Junos OS Release 18.2R1, fabric management is
supported on MX10008 routers. The fabric architecture of MX10008 routers consists of six Switch Fabric Boards (SFBs). The MX10008 MPC has six Packet Forwarding Engines, each having 24 connections to the fabric (24 fabric planes, or 4 connections per SFB). The MX10008 will have 24 planes active when all the six SFBs are populated. However, in case of a failure of one SFB, line rate can still be achieved with 20 planes (that is, a minimum of five SFBs are required to achieve line rate). The fabric supports a link speed of 25 Gbps. Fabric management involves training the fabric links, monitoring the links, and collecting fabric statistics. The MX10008 also supports fabric hardening.
[See Fabric Plane Management on JNP10K-LC2101 Overview]
Support for FRU control, power management, and environmental monitoring (MX10008)—Starting
with Junos OS Release 18.2R1, Junos OS chassis management software for MX10008 routers with JNP10K-LC2101 MPC provides enhanced environmental monitoring and FRU control. MX10008 has a pair of Routing Engines, which support virtualization. Each Routing Engine board is a single FRU. All FRUs including Routing Engines, Packet Forwarding Engines, interfaces, power supplies, and fan trays are upgradable. The MX10008 chassis supports two kinds of power supply modules (PSM)—a DC PSM and an AC PSM. The AC PSM delivers 2700 W of power, while the DC PSM delivers 2500 W. The MX10008 cooling system contains two fan trays, with 11 fans in each fan tray. MX10008 supports temperature thresholds for each temperature sensor, which enables the router to precisely control the
cooling, raise alarms, and shut down a FRU. The router also supports preserving power-on sequence for the FPCs.
[See Understanding How Dynamic Power Management Enables Better Utilization of Power.]
Support for inline Two-Way Active Measurement Protocol (TWAMP) server and client on MX10008—
Starting in Junos OS Release 18.2R1, Mx10008 router with MPC7E cards support the inline Two-Way Active Measurement Protocol (TWAMP) control-client and server for transmission of TWAMP IPv4 UDP probes between the session-sender (control-client) and the session-reflector (server). The TWAMP control-client and server can also work with a third-party server and control-client implementation.
TWAMP is an open protocol for measuring network performance between any two devices that support TWAMP. To configure the TWAMP server, specify the logical interface on the service PIC that provides the TWAMP service by including the twamp-server statement at the: [edit interfaces si-fpc/pic/ port unit logical-unit-number rpm] hierarchy level.
To configure the TWAMP client, include the twamp-client statement at the: [edit interfaces si-fpc/pic/ port unit logical-unit-number rpm] hierarchy level.
[See Understanding Two-Way Active Measurement Protocol on Routers.]
94
Software support for MX10008—Starting in Junos OS Release 18.2R1, MX10008 routers support the
following software features:
Class of services (CoS)—Helps prioritize packets to avoid random loss of data when a network
experiences congestion and delay.
Tunneling and encryption—Encapsulates arbitrary packets inside a transport protocol; and thereby
provides a private, secure path through an otherwise public network.
Firewall filters—Provide rules that define whether to accept or discard packets that are transiting an
interface.
Port mirroring—Enables you to analyze traffic on routers and switches that, unlike hubs, do not broadcast
packets to every port on the destination device.
OpenConfig—Supports the use of vendor-neutral data models to configure and manage the network.
Detection of wedge condition—Detects several types of wedge conditions. A wedge condition is
caused by an error that blocks network traffic.
Junos Telemetry Interface (JTI)—Enables you to provision sensors to collect and export data for various
system resources, such as physical interfaces and firewall filters.
Limited encryption Junos OS image and boot restriction (MX2008 )—Starting with Junos OS Release
18.2R1, the MX2008 routers with the Routing Engines REMX2008-X8-64G-LT support only the Junos Limited image. The Junos Limited image does not have data-plane encryption and is intended only for countries in the Eurasian Customs Union because these countries have import restrictions on software containing data-plane encryption. Unlike the Junos Worldwide image, the Junos Limited image supports control-plane encryption through SSH and SSL, thus allowing secure management of the system. The Routing Engines are restricted to boot only the Junos Limited image.
[See Junos OS Editions.]
Support for secure boot and upgraded SSD size and RAM size (MX2008)—Starting in Junos OS Release
18.2R1, a significant system security enhancement, secure boot, has been introduced. The Secure Boot implementation is based on the UEFI 2.4 standard. The BIOS has been hardened and serves as a core root of trust. The BIOS updates, the boot loader, and the kernel are cryptographically protected. No action is required to implement secure boot.
The SSD size and the RAM size of the REMX2008-X8-128G-S Routing Engine is upgraded to 2x200-GB and 128-GB, respectively.
[See Feature Explorer and enter Secure Boot.]
Upgraded SSD size and RAM size on the REMX200-8-X8-128G-S Routing Engine (MX2008)— Starting
in Junos OS Release 18.2R1, the SSD size and the RAM size of the REMX2008-X8-128G-S Routing Engine are upgraded to 2x200-GB and 128-GB, respectively. The increased SSD size facilitates increased storage of core and log files.
[See Salient Features of the Routing Engines with VM Host Support.]
Support for 240-V high-voltage DC (HVDC) PSMs and PDMs (MX2008, MX2010, MX2020)—Starting
in Junos OS Release 18.2R1, Junos OS supports 240-V HVDC power supply modules (PSMs; model number: MX2K-PSM-DC-240V) and power distribution modules (PDMs; model number: MX2K-PDM-DC-240V) on the MX2000 line of routers. The PDM supplies 240-V HVDC power to each PSM. The 240-V HVDC power supplies are similar in functionality and physical specifications to the existing DC PSMs and PDMs supported on the MX2000 routers, except that the 240-V HVDC PSMs and PDMs support 240-V input voltage feed. The 240-V HVDC PSMs and PDMs are supported in HVDC environments that support an input voltage range of 190 VDC through 290 VDC.
95
Support for PTP over Ethernet and hybrid mode over link aggregation group (MX240, MX480, MX960,
MX2010, MX2020)—Starting in Junos OS Release 18.2R1, the MPC5E and MPC6E line cards support Precision Time Protocol (PTP) over Ethernet and hybrid mode over a link aggregation group (LAG).
Link aggregation is a mechanism of combining multiple physical links into a single virtual link to achieve linear increase in bandwidth and to provide redundancy in case a link fails. The virtual link is referred to as an aggregated Ethernet interface or a LAG.
[ See Precision Time Protocol Overview]
Junos Telemetry Interface
Streaming OpenConfig data from Routing Engine (RE) sensors over UDP in protobuf format (MX)–Starting
in Junos OS Release 18.2R1, you can stream OpenConfig-based sensor data from Routing Engine sensors using the Junos Telemetry Interface (JTI). This allows you to stream the OpenConfig sensor data in gRPC/protobuf format rather than in key/value pairs. This makes the messages smaller and is more efficient.
[See Overview of the Junos Telemetry Interface.]
Routing Engine state sensors for the Junos Telemetry Interface (MX Series)—Starting with Junos OS Release 18.2R1, you can export statistics for the Routing Engine state through the Junos Telemetry Interface using the following resource paths:
/junos/kernel-ifstate/stats/churn-rate
/junos/kernel-ifstate/stats/peer-consumption-rate
/junos/kernel-ifstate/stats/vetos-statistics
Only gRPC streaming is supported.
96
To provision the sensor to export data through gRPC, use the telemetrySubscribe RPC to specify telemetry parameters. Streaming telemetry data through gRPC also requires you to download the OpenConfig for Junos OS module.
Support for the Junos Telemetry Interface was introduced on QFX10000 and QFX5200 switches in Junos OS Release 17.2R1.
[See Guidelines for gRPC Sensors (Junos Telemetry Interface).]
Expanded ON_CHANGE support for Junos Telemetry Interface (JTI) (MX Series)—Starting with Junos
OS Release 18.2R1, OpenConfig support through remote procedure call (RPC) and JTI is extended to support additional ON_CHANGE sensors.
Periodical streaming of OpenConfig operational states and counters collects information at regular intervals. ON_CHANGE support streams operational states as events (only when there is a change), and is preferred over periodic streaming for time-sensitive missions.
These paths, previously supporting periodical streaming only, now also support ON_CHANGE streaming:
/interfaces/interface/state/admin-status
/interfaces/interface/state/description
/interfaces/interface/state/oper-status
/interfaces/interface/subinterfaces/subinterface/state/admin-status
/interfaces/interface/subinterfaces/subinterface/state/description
/interfaces/interface/subinterfaces/subinterface/state/oper-status
/interfaces/interface/subinterfaces/subinterface/state/ifIndex
/interfaces/interface/subinterfaces/subinterface/state/index
/interfaces/interface/subinterfaces/subinterface/state/name
These resource paths from the preceding list do not change with an event, but will be streamed on creation and deletion:
/interfaces/interface/subinterfaces/subinterface/state/ifIndex
/interfaces/interface/subinterfaces/subinterface/state/index
/interfaces/interface/subinterfaces/subinterface/state/name
To provision a sensor to export data through gRPC, use the telemetrySubscribe RPC to specify telemetry parameters. Streaming telemetry data through gRPC also requires you to download the OpenConfig for Junos OS module.
To enable ON_CHANGE support, configure the sample frequency in the subscription as zero. When you create a subscription using a top-level container as the resource path (for example, /interface), leaf devices under the resource path /interface with ON_CHANGE support are automatically streamed based on events. Other leaf devices will not be streamed.
97
Before events are streamed, there is an initial stream of states to the collector, followed by an END_OF_INITIAL_SYNC. This notice signals the start of event streaming.
[See Understanding OpenConfig and gRPC on Junos Telemetry Interface and Guidelines for gRPC Sensors
(Junos Telemetry Interface).]
J-Insight Device Monitor (MX240, MX480, MX960, MX2008, MX2010, MX2020, MX10003, MX10008,
and vMX)–J-Insight is a data-driven device monitoring solution that provides visibility and insight into the health of a running system. Starting with Junos OS Release 18.2R1, the J-Insight framework facilitates real-time monitoring of system resources for FPC FRUs. It also has been integrated with the existing connectivity error management infrastructure to normalize error detection, monitoring, and reporting. J-Insight is an on-premise system application that uses the Junos Telemetry Interface to continuously collect data that is reflective of the current state and health of the device component being monitored.
[See J-Insight Device Monitor Overview.]
Service set and sessions support for Junos Telemetry Interface (JTI) (MX Series with MS-MICs and
MS-MPCs)—Starting with Junos OS Release 18.2R1, you can export service set and sessions statistics. These sensors provide visibility for IPsec services on different service complexes and nodes.
Exported data is defined using an IP address and a UDP port. When an export interval expires, the most recent statistics collected by the sensors are gathered, placed in the payload of a UDP packet, and forwarded to a collector. A timestamp indicating when counters are read is included with the exported data to allow collectors to collate data. The timestamp also can determine if and when an event happened, such as a PIC hardware restart or if counters were cleared by means of the CLI.
The following paths are supported:
/junos/services/spu/servicesets/
/junos/services/spu/sessions/
For streaming statistics through UDP, all parameters are configured at the [edit services analytics] hierarchy level.
[See sensor and Configuring a Junos Telemetry Interface Sensor (CLI Procedure).]
Layer 2 Features
Support for Layer 2 and Layer 3 features (MX10008)—Starting in Junos OS Release 18.2R1, MX10008
routers support the following Layer 2 and Layer 3 features:
Layer 2 protocols including Layer 2 Ethernet OAM and virtual private LAN service (VPLS)
Integrated routing and bridging (IRB)
Multichassis link aggregation groups (MC-LAGs)
Layer 3 routing protocols and MPLS
Inline BFD
Multicast
98
[See Layer 2 and Layer 3 Features on MX Series Routers]
Layer 3 Features
Multipoint support for ATM MIC with SFP (MX Series routers with MPCs and ATM MIC with
SFP)—Starting in Junos OS Release 18.2R1, MX Series routers with an ATM MIC (model number MIC-3D-8OC3-2OC12-ATM) with SFP can communicate with multiple devices through ATM links. With this multipoint support feature, ATM MIC can communicate with multiple Layer 3 peers in the ATM network. In earlier Junos OS releases, the ATM MIC communicates only with one Layer 3 peer.
On an ATM MIC, the following configurations are required for multipoint support:
Configure the multipoint option at the [edit interfaces interface-name unit logical-unit-number] hierarchy
level to communicate with multiple Layer 3 peers on ATM interface.
Configure the multipoint-destination option with its corresponding vci at the [edit interfaces
interface-name unit logical-unit-number family family address address] hierarchy to enable multipoint support on ATM interface.
The Inverse-arp configuration option is an optional configuration to enable inverse ARP for
multipoint-destination at the [edit interfaces at-fpc/pic/port unit logical-unit-number family family address address multipoint-destination address] hierarchy level. Only responding to inverse ARP
request is supported. Generation of Inverse ARP is not supported.
[See Configuring a Point-to-Multipoint Connection on ATM MICs.]
MPLS
Interoperability of segment routing with LDP (MX Series)—In an LDP network with gradual deployment
of segment routing, some devices may not support segment routing, which can cause interoperability
Loading...