Release
Published
2021-04-22
Notes
Junos®OS 19.2R1 Release Notes
SUPPORTED ON
ACX Series, EX Series, Junos Fusion Enterprise, Junos Fusion Provider Edge, MX Series,
•
NFX Series, PTX Series, QFX Series, and SRX Series
HARDWARE HIGHLIGHTS
SRX5K-SPC3 support Avira scan engine on antivirus module (SRX5400, SRX5600, and
•
SRX5800)
SOFTWARE HIGHLIGHTS
Support for BFD, BGP, IS-IS, and OSPF on IRB interfaces in EVPN-MPLS networks (EX
•
Series)
Support for control word in EVPN-VPWS (EX9200 Series and MX Series)
•
Support for QSFP-100GE-DWDM2 transceiver (MX Series)
•
MX2008 routers support in-chassis Junos node slicing (MX Series)
•
Support for Synchronous Ethernet with ESMC on JNP10K-LC2101 (MX10008 and
•
MX10016)
PCE-initiated bypass LSPs (MX Series, PTX Series)
•
Support for unified ISSU on abstracted fabric interfaces (MX Series)
•
Support for fixed wireless access subscribers on BNGs (MX Series)
•
Support for transferring accounting statistics files and router configuration archives using
•
HTTP URL (MX Series)
Packet Forwarding Engine statistics export using gNMI and JTI (MX Series, PTX1000 and
•
PTX10000 routers, and QFX5100 and QFX5200 switches)
Dynamic creation of segment routing LSPs using BGP protocol next hops (MX Series, PTX
•
Series)
gNMI support for Routing Engine statistics for JTI (QFX Series switches)
•
Loopback firewall filter scale optimization (QFX5120)
•
EVPN-VXLAN support (QFX10002-60C switches)
•
Support for 512 ECMP next hops for BGP (QFX10000 switches)
•
Support to configure micro-applications in a unified policy (SRX Series and vSRX)
•
Application-level logging for AppQoE (SRX Series)
•
Anti-Replay Window (SRX Series)
•
Release Notes: Junos®OS Release 19.2R1 for
the ACX Series, EX Series, MX Series, NFX
Series, PTX Series, QFX Series, SRX Series, and
Junos Fusion
1
22 April 2021
Contents
Introduction | 11
Junos OS Release Notes for ACX Series | 11
New and Changed Features | 12
New and Changed Features: 19.2R1-S1 | 12
New and Changed Features: 19.2R1 | 12
Changes in Behavior and Syntax | 16
Interfaces and Chassis | 17
Junos OS XML, API, and Scripting | 17
Network Management and Monitoring | 17
VLAN Infrastructure | 18
Known Behavior | 18
General Routing | 19
Known Issues | 20
General Routing | 21
Interfaces and Chassis | 24
Resolved Issues | 24
Resolved Issues: 19.2R1-S1 | 25
Resolved Issues: 19.2R1 | 25
Documentation Updates | 26
Installation and Upgrade Guide | 27
Migration, Upgrade, and Downgrade Instructions | 27
Upgrade and Downgrade Support Policy for Junos OS Releases | 27
Product Compatibility | 28
Hardware Compatibility | 29
Junos OS Release Notes for EX Series Switches | 30
New and Changed Features | 30
New and Changed Features: 19.2R1-S1 | 31
New and Changed Features: 19.2R1 | 31
Changes in Behavior and Syntax | 36
Network Management and Monitoring | 36
VLAN Infrastructure | 37
Known Behavior | 37
2
EVPN | 38
General Routing | 38
Platform and Infrastructure | 38
Known Issues | 38
General Routing | 39
Infrastructure | 40
Junos Fusion Enterprise | 41
Layer 3 Features | 41
Platform and Infrastructure | 41
Spanning Tree Protocols | 41
Resolved Issues | 42
Authentication and Access Control | 43
EVPN | 43
General Routing | 43
Infrastructure | 44
Interfaces and Chassis | 44
Layer 2 Ethernet Services | 45
Junos Fusion Enterprise | 45
Network Management and Monitoring | 45
Platform and Infrastructure | 45
Routing Protocols | 46
Software Installation and Upgrade | 46
Subscriber Access Management | 46
Documentation Updates | 47
Installation and Upgrade | 47
Migration, Upgrade, and Downgrade Instructions | 48
Upgrade and Downgrade Support Policy for Junos OS Releases | 48
Product Compatibility | 49
Hardware Compatibility | 49
Junos OS Release Notes for Junos Fusion Enterprise | 50
New and Changed Features | 50
Changes in Behavior and Syntax | 51
Known Behavior | 52
Known Issues | 52
3
Junos Fusion Enterprise | 52
Resolved Issues | 53
Resolved Issues: 19.2R1 | 53
Documentation Updates | 54
Migration, Upgrade, and Downgrade Instructions | 55
Basic Procedure for Upgrading Junos OS on an Aggregation Device | 55
Upgrading an Aggregation Device with Redundant Routing Engines | 57
Preparing the Switch for Satellite Device Conversion | 57
Converting a Satellite Device to a Standalone Switch | 59
Upgrade and Downgrade Support Policy for Junos OS Releases | 59
Downgrading from Junos OS | 59
Product Compatibility | 60
Hardware and Software Compatibility | 60
Hardware Compatibility Tool | 60
Junos OS Release Notes for Junos Fusion Provider Edge | 61
New and Changed Features | 62
Spanning-Tree Protocols | 62
Changes in Behavior and Syntax | 62
Known Behavior | 63
Known Issues | 63
Junos Fusion Provider Edge | 64
Resolved Issues | 64
Junos Fusion Provider Edge | 65
Junos Fusion Satellite Software | 65
Documentation Updates | 65
Migration, Upgrade, and Downgrade Instructions | 66
Basic Procedure for Upgrading an Aggregation Device | 66
Upgrading an Aggregation Device with Redundant Routing Engines | 69
Preparing the Switch for Satellite Device Conversion | 69
Converting a Satellite Device to a Standalone Device | 71
Upgrading an Aggregation Device | 73
Upgrade and Downgrade Support Policy for Junos OS Releases | 73
Downgrading from Junos OS Release 19.2 | 74
4
Product Compatibility | 74
Hardware Compatibility | 74
Junos OS Release Notes for MX Series 5G Universal Routing Platform | 75
New and Changed Features | 76
New and Changed Features: 19.2R1-S4 | 77
New and Changed Features: 19.2R1-S1 | 77
New and Changed Features: 19.2R1 | 78
Changes in Behavior and Syntax | 96
Interfaces and Chassis | 96
MPLS | 97
Network Management and Monitoring | 97
Routing Policy and Firewall Filters | 98
Services Applications | 98
Software Defined Networking | 98
Subscriber Management and Services | 98
VLAN Infrastructure | 99
Known Behavior | 100
General Routing | 100
Interfaces and Chassis | 101
Routing Protocols | 102
Known Issues | 102
EVPN | 103
Forwarding and Sampling | 103
General Routing | 104
Interfaces and Chassis | 108
Layer 2 Ethernet Services | 109
MPLS | 109
Platform and Infrastructure | 109
Routing Protocols | 110
Resolved Issues | 111
Application Layer Gateways (ALGs) | 112
Authentication and Access Control | 112
Class of Service (CoS) | 113
EVPN | 113
5
Flow-based and Packet-based Processing | 114
Forwarding and Sampling | 114
General Routing | 114
Infrastructure | 121
Interfaces and Chassis | 121
Layer 2 Features | 123
Layer 2 Ethernet Services | 123
MPLS | 123
Network Management and Monitoring | 124
Platform and Infrastructure | 125
Routing Policy and Firewall Filters | 125
Routing Protocols | 126
Services Applications | 127
Software Installation and Upgrade | 128
Subscriber Access Management | 128
User Interface and Configuration | 128
VPNs | 128
Documentation Updates | 129
Migration, Upgrade, and Downgrade Instructions | 130
Basic Procedure for Upgrading to Release 19.2 | 131
Procedure to Upgrade to FreeBSD 11.x based Junos OS | 131
Procedure to Upgrade to FreeBSD 6.x based Junos OS | 133
Upgrade and Downgrade Support Policy for Junos OS Releases | 135
Upgrading a Router with Redundant Routing Engines | 136
Downgrading from Release 19.2 | 136
Product Compatibility | 137
Hardware Compatibility | 137
Junos OS Release Notes for NFX Series | 138
New and Changed Features | 138
Architecture | 139
Application Security | 139
Virtual Network Functions | 139
6
Changes in Behavior and Syntax | 140
Factory-default Configuration | 141
Known Behavior | 141
Interfaces | 141
Platform and Infrastructure | 142
Known Issues | 143
High Availability | 143
Interfaces | 143
Platform and Infrastructure | 144
Routing Protocols | 145
Virtual Network Functions (VNFs) | 145
Resolved Issues | 146
Interfaces | 146
Platform and Infrastructure | 146
Documentation Updates | 147
Migration, Upgrade, and Downgrade Instructions | 147
Upgrade and Downgrade Support Policy for Junos OS Releases | 148
Basic Procedure for Upgrading to Release 19.2 | 148
Product Compatibility | 150
Hardware Compatibility | 150
Junos OS Release Notes for PTX Series Packet Transport Routers | 152
New and Changed Features | 153
New and Changed Features: 19.2R1-S4 | 154
New and Changed Features: 19.2R1-S1 | 154
New and Changed Features: 19.2R1 | 154
Changes in Behavior and Syntax | 160
What’s Changed in Release 19.2R1-S5 | 161
What’s Changed in Release 19.2R1 | 161
Known Behavior | 163
General Routing | 163
Interfaces and Chassis | 164
Known Issues | 164
General Routing | 165
Infrastructure | 166
7
Interfaces and Chassis | 166
Layer 2 Ethernet Services | 166
MPLS | 166
Routing Protocols | 166
Resolved Issues | 167
General Routing | 167
Infrastructure | 169
Interfaces and Chassis | 169
MPLS | 169
Platform and Infrastructure | 169
Routing Protocols | 169
Documentation Updates | 170
Installation and Upgrade Guide | 170
Migration, Upgrade, and Downgrade Instructions | 171
Basic Procedure for Upgrading to Release 19.2 | 171
Upgrade and Downgrade Support Policy for Junos OS Releases | 174
Upgrading a Router with Redundant Routing Engines | 174
Product Compatibility | 175
Hardware Compatibility | 175
Junos OS Release Notes for the QFX Series | 176
New and Changed Features | 177
New and Changed Features: 19.2R1-S1 | 177
New and Changed Features: 19.2R1 | 178
Changes in Behavior and Syntax | 186
Interfaces and Chassis | 186
Network Management and Monitoring | 187
Security | 187
Known Behavior | 188
EVPN | 188
General Routing | 188
Layer 2 Features | 189
Routing Protocols | 189
Known Issues | 190
8
EVPN | 190
General Routing | 191
Layer 2 Ethernet Services | 194
Layer 2 Features | 194
MPLS | 196
Platform and Infrastructure | 196
Routing Protocols | 196
Resolved Issues | 197
Resolved Issues: 19.2R1 | 197
Documentation Updates | 204
Installation and Upgrade guide | 204
Migration, Upgrade, and Downgrade Instructions | 205
Upgrading Software on QFX Series Switches | 205
Installing the Software on QFX10002-60C Switches | 208
Installing the Software on QFX10002 Switches | 208
Upgrading Software from Junos OS Release 15.1X53-D3X to Junos OS Release
15.1X53-D60, 15.1X53-D61.7, 15.1X53-D62, and 15.1X53-D63 on QFX10008 and
QFX10016 Switches | 209
Installing the Software on QFX10008 and QFX10016 Switches | 211
Performing a Unified ISSU | 215
Preparing the Switch for Software Installation | 216
Upgrading the Software Using Unified ISSU | 216
Upgrade and Downgrade Support Policy for Junos OS Releases | 218
Product Compatibility | 219
Hardware Compatibility | 219
Junos OS Release Notes for SRX Series | 220
New and Changed Features | 221
New and Changed Features: 19.2R1-S1 | 222
New and Changed Features: 19.2R1 | 222
Changes in Behavior and Syntax | 231
Application Security | 232
Ethernet Switching and Bridging | 232
Flow-Based and Packet-Based Processing | 232
Network Management and Monitoring | 232
VPNs | 233
9
Known Behavior | 233
Flow-Based and Packet-Based Processing | 234
J-Web | 234
VPNs | 234
Known Issues | 235
Chassis Clustering | 235
Flow-Based and Packet-Based Processing | 235
J-Web | 236
Platform and Infrastructure | 236
User Firewall | 236
VPNs | 236
Resolved Issues | 237
Application Firewall | 237
Application Identification | 237
Application Layer Gateways (ALGs) | 237
Chassis Clustering | 238
Flow-Based and Packet-Based Processing | 238
Infrastructure | 240
Interfaces and Routing | 240
Intrusion Detection and Prevention (IDP) | 241
Installation and Upgrade | 241
J-Web | 241
Logical Systems and Tenant Systems | 242
Multiprotocol Label Switching (MPLS) | 242
Network Address Translation (NAT) | 242
Network Management and Monitoring | 242
Platform and Infrastructure | 242
Routing Policy and Firewall Filters | 243
Unified Threat Management (UTM) | 243
User Interface and Configuration | 244
VPNs | 244
Documentation Updates | 245
Migration, Upgrade, and Downgrade Instructions | 246
Upgrade and Downgrade Support Policyfor Junos OS Releases and Extended End-Of-Life
Releases | 246
10
Product Compatibility | 247
Hardware Compatibility | 247
Upgrading Using ISSU | 248
Licensing | 248
Compliance Advisor | 248
Finding More Information | 249
Documentation Feedback | 249
Requesting Technical Support | 250
Self-Help Online Tools and Resources | 250
Opening a Case with JTAC | 251
Revision History | 251
Introduction
Junos OS runs on the following Juniper Networks®hardware: ACX Series, EX Series, M Series, MX Series,
NFX Series, PTX Series, QFabric systems, QFX Series, SRX Series, T Series, and Junos Fusion.
These release notes accompany Junos OS Release 19.2R1 for the ACX Series, EX Series, MX Series, NFX
Series, PTX Series, QFX Series, SRX Series, and Junos Fusion. They describe new and changed features,
limitations, and known and resolved problems in the hardware and software.
Junos OS Release Notes for ACX Series
IN THIS SECTION
11
New and Changed Features | 12
Changes in Behavior and Syntax | 16
Known Behavior | 18
Known Issues | 20
Resolved Issues | 24
Documentation Updates | 26
Migration, Upgrade, and Downgrade Instructions | 27
Product Compatibility | 28
These release notes accompany Junos OS Release 19.2R1 for the ACX Series. They describe new and
changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/product/en_US/junos-os.
New and Changed Features
IN THIS SECTION
New and Changed Features: 19.2R1-S1 | 12
New and Changed Features: 19.2R1 | 12
This section describes the new features and enhancements to existing features in Junos OS Release 19.2R1
for ACX Series Universal Metro Routers.
New and Changed Features: 19.2R1-S1
Routing Protocols
12
Decouple RSVP for IGP-TE (MX Series, PTX Series, ACX Series, QFX Series, SRX Series, and EX
•
Series)—Starting in Junos OS Release 19.2R1-S1, device can advertise selective traffic-engineering
attributes such as admin-color and maximum-bandwidth, without enabling RSVP, for segment routing
and interior gateway protocol (IGP) deployments.
New and Changed Features: 19.2R1
Class of Service (CoS)
Support for class of service (CoS)(ACX6360 routers)—Starting in Junos OS Release 19.2R1, ACX6360
•
routers support class of service (CoS) functionality.
CoS is the assignment of traffic flows to different service levels. Service providers can use router-based
CoS features to define service levels that provide different delay, jitter (delay variation), and packet loss
characteristics to particular applications served by specific traffic flows.
[See CoS on ACX Series Universal Metro Routers Features Overview.]
EVPN
EVPN support of VLAN ID ranges and lists in service provider style interface configurations (EX9200
•
switches, ACX5448 and MX Series routers, and vMX virtual routers)—Starting in Junos OS Release
19.2R1, EX9200 switches, ACX5448 and MX Series routers, and vMX virtual routers support the use
of VLAN ID ranges and lists in a service provider style interface configuration, which must be referenced
in an EVPN routing instance. This configuration is supported with the following EVPN environments,
services, and features:
Environments:
•
EVPN with VXLAN encapsulation
•
EVPN with MPLS encapsulation
•
VLAN bundle service:
•
E-LAN
•
E-Tree
•
E-Line
•
Feature:
•
EVPN multihoming:
•
All-active
•
Single-active
•
Singlehoming
•
[See VLAN ID Ranges and Lists in an EVPN Environment.]
13
Interfaces and Chassis
Support for 100-Mbps and 1-Gbps speeds on Tri-Rate Copper SFP (ACX5448 routers)—Starting in
•
Junos OS Release 19.2R1, ACX5448 routers support 100-Mbps and 1-Gbps speeds on Tri-Rate Copper
SFP optics (part number 740-013111).
NOTE: 100-Mbps speed is supported only on ports xe-0/0/24 through xe-0/0/47.
10-Mbps speed is not supported on Tri-Rate Copper SFP due to hardware limitations.
To set the speed for the optics, issue the set interfaces interface-name speed auto command. [See
•
Speed for more details.]
To enable autonegotiation, issue the set interfaces interface-name gigether-options auto-negotiation
•
command. [See auto-negotiation.]
Junos Telemetry Interface
Support for LSP statistics on JTI (ACX6360)—Starting with Junos OS Release 19.2R1, you can provision
•
the LSP statistics sensor using the resource path /junos/services/label-switched-path/usage/ to monitor
per-MPLS LSP statistics on the ACX6360 router and export telemetry data through Junos telemetry
interface (JTI) to external collectors. You can stream data at configurable intervals through gRPC without
involving polling.
JTI support is only for RSVP LSPs.
Statistics that are streamed are similar to the output displayed by the operational mode command show
mpls lsp bypass statistics.
To provision a sensor to export data through gRPC, use the telemetrySubscribe RPC to specify telemetry
parameters. Streaming telemetry data through gRPC also requires the OpenConfig for Junos OS module.
Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled into the
Junos OS image by default. Both packages support JTI.
To enable statistics for export from the Junos OS, include the sensor-based-stats statement at the [edit
protocols mpls] hierarchy level.
[See Guidelines for gRPC Sensors (Junos Telemetry Interface) and Understanding OpenConfig and gRPC
on Junos Telemetry Interface.]
•
Specify Routing Instance for JTI (ACX Series, MX Series, PTX Series, and QFX Series)—Starting in Junos
OS Release 19.2R1, you can specify the routing instance to use for remote procedure call (gRPC) services.
Include the routing-instance instance-name at the [edit system services extension-service
request-response grpc] hierarchy level. The routing instance name specified should match the name of
the existing routing instance, such as a name configured under the [routing-instances] hierarchy level
or mgmt_junos if system management-instance is configured (the dedicated management routing
instance).
14
Configuring the routing instance lets you choose the VRF for gRPC services. When the routing instance
is not configured, the default behavior is that all gRPC-related services are available through the
management fxp0/em0) interface.
Layer 3 Features
Support for Layer 3 unicast features (ACX 6360)—Starting in Junos OS Release 19.2R1, ACX routers
•
support the following Layer 3 forwarding features for unicast IPv4 and IPv6 traffic:
Basic IPv6 forwarding
•
Virtual router (VRF-lite) for both IPv4 and IPv6
•
Layer 3 subinterfaces support for both IPv4 and IPv6
•
VRF-lite, subinterfaces, and IPv6 forwarding support on link aggregation groups (LAGs)
•
Statistics support for Layer 3 subinterfaces
•
32-way equal-cost multipath (ECMP)
•
Centralized Bidirectional Forwarding Detection (BFD)
•
IPv4 Layer 3 protocols:
•
OSPF
•
IS-IS
•
BGP
•
IPv6 Layer 3 protocols:
•
OSPFv3
•
RIPng
•
Network Management and Monitoring
Support for displaying valid user input in the CLI for command options and configuration statements
•
in custom YANG data models (ACX Series)—Starting in Junos OS Release 19.2R1, the CLI displays the
set of possible values for a given command option or configuration statement in a custom YANG data
model when you include the action-expand extension statement in the option or statement definition
and reference a script that handles the logic. The action-expand statement must include the script child
statement, which defines the Python action script that is invoked when a user requests context-sensitive
help in the CLI for the value of that option or statement.
[See Displaying Valid Command Option and Configuration Statement Values in the CLI for Custom YANG
Modules.]
Software Installation and Upgrade
Zero Touch Provisioning (ACX5448)—Starting in Junos OS Release 19.2R1, Zero Touch Provisioning
•
(ZTP) automates the provisioning of the device configuration and software image with minimal manual
intervention on management interface em0.
15
When you physically connect a router to the network and boot it with a factory configuration, the router
upgrades the Junos OS software image automatically and automatically installs a configuration file from
the network through the management interface.
[See Zero Touch Provisioning.]
System Management
Support for transferring accounting statistics files and router configuration archives using HTTP URL
•
(ACX Series)—Starting in Junos OS Release 19.2R1, you can transfer accounting statistics files and router
configuration archives to remote servers by using an HTTP URL. In addition to SCP and FTP, the following
HTTP URL will be supported under the archive-sites statement:
http://username@host:url-path password password
To transfer accounting statistics files, configure archive-sites under [edit accounting-options file
•
<filename>] hierarchy.
To transfer router configuration archival, configure archive-sites under edit system archival
•
configuration hierarchy.
To view the statistics of transfer attempted, succeeded, and failed, use the show accounting server
•
statistics archival-transfer command.
To clear the statistics of transfer attempted, succeeded, and failed, use the clear accounting server
•
statistics archival-transfer command.
[See archive-sites, Backing Up Configurations to an Archive Site, show accounting server statistics
archival-transfer, and clear accounting server statistics archival-transfer].
Precision Time Protocol (PTP) Transparent Clock with IPv6 Transport (PTX10001-20C and ACX6360-OR
•
devices)—Starting with Junos OS Release 19.2R1, PTP uses IPv6 transport to synchronize clocks
throughout a packet-switched network. With a transparent clock, the PTP packets are updated with
theresidence time as the packets pass through the switch. There is no master/slaved designation.
End-to-end transparent clocks are supported. With an end-to-end transparent clock, only the residence
time is included. The residence time can be sent in a one-step process, which means that the timestamps
are sent in one packet.
You can configure the transparent clock at the [edit protocols ptp] Junos OS CLI hierarchy.
[See Understanding Transparent Clocks in Precision Time Protocol.]
SEE ALSO
16
What's Changed | 16
Known Limitations | 18
Open Issues | 20
Resolved Issues | 24
Documentation Updates | 26
Migration, Upgrade, and Downgrade Instructions | 27
Product Compatibility | 28
Changes in Behavior and Syntax
IN THIS SECTION
Interfaces and Chassis | 17
Junos OS XML, API, and Scripting | 17
Network Management and Monitoring | 17
VLAN Infrastructure | 18
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS
statements and commands in Junos OS Release 19.2R1 for the ACX Series routers.
Interfaces and Chassis
Monitoring information available only in trace log (ACX Series)—In Junos OS Release 19.2R1 and later,
•
the Ethernet link fault management daemon (lfmd) in the peer router stops monitoring the locally occurred
errors until ISSU completes. You can view the monitoring-related details only through the trace log file.
Junos OS XML, API, and Scripting
Mandatory configurations and omission of <database-status-information> tag in platforms supporting
•
Open ROADM standard (ACX6160-T)—Starting in Junos OS Release 19.2R1, it is mandatory to apply
rfc-compliant option at the [edit system services netconf] hierarchy level and unhide option at the [edit
system services netconf unified] hierarchy level. Also, <database-status-information> tag is omitted for
<get> RPC query.
17
[See <get> and netconf.]
Network Management and Monitoring
The show system schema command and <get-yang-schema> RPC require specifying an output directory
•
(ACX Series)—Starting in Junos OS Release 19.2R1, when you issue the show system schema operational
mode command in the CLI or execute the <get-yang-schema> RPC in a remote session to retrieve
schema files, you must specify the directory in which to generate the output files by including the
output-directory command option in the CLI or the <output-directory> element in the RPC. In earlier
releases, you can omit the output-directory argument when requesting a single module to display the
module in standard output.
Custom YANG RPC support for input parameters of type empty (ACX Series)—Starting in Junos OS
•
Release 19.2R1, custom YANG RPCs support input parameters of type empty when executing the RPC’s
command in the Junos OS CLI, and the value passed to the action script is the parameter name. In earlier
releases, input parameters of type empty are only supported when executing the RPC in a NETCONF
or Junos XML protocol session, and the value passed to the action script is the string 'none'.
[See Creating Action Scripts for YANG RPCs on Devices Running Junos OS.]
VLAN Infrastructure
Specifying a descending VLAN ID range ( ACX5448 routers)—In Junos OS releases prior to Junos OS
•
Release 19.2R1, the system accepts a descending range—for example, 102-100, with the vlan-id-range
configuration statement in the [edit interfaces interface-name unit logical-unit-number] hierarchy.
Starting with Junos OS Release 19.2R1, the system considers a descending range specified with
vlan-id-range to be invalid and raises an error if you try to commit this configuration.
SEE ALSO
What's New | 12
Known Limitations | 18
Open Issues | 20
Resolved Issues | 24
18
Documentation Updates | 26
Migration, Upgrade, and Downgrade Instructions | 27
Product Compatibility | 28
Known Behavior
IN THIS SECTION
General Routing | 19
This section lists known behavior, system maximums, and limitations in hardware and software in Junos
OS Release 19.2R1 for the ACX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
General Routing
ACX6360-OR Telemetry infrastructure does not support the interface-filtering capability. Therefore,
•
after you enable a particular sensor for telemetry, it is turned on for all the interfaces. PR1371996
For the et interface, only PRE_FEC_SD defect is raised no OTN alarm is raised. PR1371997
•
static-cak encryption does not work between two ACX-OX transponder nodes. PR1389802
•
For ACX6360 TIC, the beacon port-range needs to be updated to 0-7 instead of 0-15.PR1399335
•
When timing configuration and corresponding interface configuration is flapped for multiple times in
•
iteration, PTP is stuck in "INITIALIZE" state where the ARP for the neighbor is not resolved. In issue
state, BCM hardware block get into inconsistency state, where the lookup is failing. PR1410746
Snake traffic fails because of the static MAC address assigned for interface. Static MAC address on
•
interface is not supported in ACX Series routers. PR1427132
When an end device (fan tray CPLD) i2c line is grounded or pulled low, the other device fails to write
•
or read. As a workaround, verify the isolation functionality through software simulation when the device
is in the problem state. But in this case where we grounded one of the fan tray CPLD i2c line to verify
the failed test case, then entire circuit will get stalled and it leads to write fail for other devices also such
as the PEM, temp sensors. PR1427222
19
Multicast packets are flooded in a BD if snooping is not enabled. If interfaces x and y belong to a BD,
•
then all multicast packets will be flooded to both x and y interface. If packets are received from interface
x, packets will be flooded to x & y in ingress but discarded in the egress path for interface x because the
packet is received from the same interface. But these packets are also counted in the VOQ and hence
more queue statistics are seen. This is a known hardware limitation. monitor interface xe-0/0/30Input
packets: 177958 (64 pps) [0]Output packets: 357306 (128 pps) [0] monitor interface xe-0/0/12Input
packets: 361161 (128 pps) [642]Output packets: 179878 (63 pps) [320] root@rioxd-p2a-a> show
interfaces queue xe-0/0/30 Queue: 0, Forwarding classes: best-effortQueued:Packets : 544032 192
pps . => Sum of 64 + 128pps root@rioxd-p2a-a> show interfaces queue xe-0/0/12 Queue: 0, Forwarding
classes: best-effortQueued:Packets : 550929 192 pps . => Sum of 64 + 128pps PR1429628
Any packet greater than MTU size will be accounted as oversized packets. Packets exceeding MTU sizes
•
are not considered for Jabber check. PR1429923
Even the system LED glows during halt state. PR1430129
•
Packets dropped because MTU checks in the output interface are not accounted for MTU errors. All
•
packets above MTU size are accounted for oversized packets in the input interface. PR1430446
1G interfaces are shown as 'xe'. Therefore, the cosmetic issue is observed with respect to auto-negotiation
•
parameters though there is no impact on functionality. PR1430835
BCM SDK do not support statistics. The routes get re-installed on a periodic basis and SDK does not
•
support statistics unless Flex mode is moved in KBP. PR1435579
The logical interface statistics in ACX5448 displays the full packet size similar to the behaviour in
•
ACX5000 Series. PR1439124
The time taken to copy DNX file through a WAN interface is more compared to ACX5000. PR1439960
•
The hold timer expiry is common across all platforms. It is not specific to RIO platforms. PR1439980
•
Remote loopback is not supported on RIO-X. PR1443517
•
SEE ALSO
What's New | 12
What's Changed | 16
Open Issues | 20
Resolved Issues | 24
Documentation Updates | 26
Migration, Upgrade, and Downgrade Instructions | 27
Product Compatibility | 28
20
Known Issues
IN THIS SECTION
General Routing | 21
Interfaces and Chassis | 24
This section lists the known issues in hardware and software in Junos OS Release 19.2R1 for the ACX
Series Universal Metro Routers.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
General Routing
Forwarding when using non-existing SSM map source address in IGMPv3 instead of pruning. This is a
•
day 1 design issue which needs to be redesigned. The impact is more, But definitely this needs some
soaking time in DCB before it gets ported in previous versions. PR1126699
When ACX 2100 and 2200 routers are used as ingress PE routers for L2circuit connections, and the
•
PE-CE interface (UNI) is an aggregated Ethernet interface, then upon MPLS path switchover, the traffic
might be silently dropped or discarded. PR1194551
The maximum number of logical interfaces (IFLs) on the ACX5000 line of routers has been increased
•
from 1000 to 4000. PR1229492
When Layer 3 packets are classified, DiffServ code points are not preserved but are getting lost at the
•
egress interface because of a chipset limitation. PR1322142
On ACX5000 platforms with Junos OS 16.2 onwards, the fxpc process might use high CPU. This issue
•
can occur after an upgrade in some cases. PR1360452
On ACX1x00/ACX2x00/ACX4x00 running in 15-releases previous to Junos OS Release 15.1R8, when
•
configuring mac-table-size under bridge-domain, an incorrect commit error appears, not allowing the
commit to succeed. PR1364811
21
The switchover time observed is more than 50ms under certain soak test conditions with an increased
•
scale with a multi-protocol multi-router topology. PR1387858
On ACX5000 running Junos OS Release 17.3 and later releases, the Packet Forwarding Engine syslog
•
frequently shows the following error messages: acx_cos_tcp_bind_queues:736 parent acx_cos_tcp_ifd
for ifd:ae0 doesn't exist for ifl:549. In Junos OS Release 17.3R3-S1, the error logs appear only from time
to time, and this can be related with an interface flap. In Junos OS Release 18.1R3, the logs appear
constantly, without any interface flap. This message is related to HCOS checking (even without HCOS
configured). In the software fix, check if the aggregate interface has HCOS configured or not. If not,
return gracefully from this function without throwing this error. This is a harmless message. PR1392088
IGMP packets over Layer 2 Circuit with control word are dropped in ACX5048. PR1394301
•
On ACX1000, ACX2000, ACX4000, ACX5048, and ACX5096 platforms, after a new child logical interface
•
with VLAN and filter is added on an aggregated Ethernet IFD or changing the VLAN ID of a child IFL
with filter, traffic over the aggregated Ethernet physical interface might get filtered with that filter on
the child IFL. For example: ae-0/0/0 is an physical interface and ae-0/0/0.100 is an Ilogical interface.
PR1407855
Clock Class value is wrong in Default Data (show ptp clock) when the slave interface is down in PTP-OC
•
device. PR1416421
On ACX5448 devices, the ZTP process will proceed with the image upgrade even in situations when
•
there is a mismatch in the platform name of the software image stored on FTP/ZTP servers and the
actual platform on which the ZTP process is being run. PR1418313
Hardware-based fragmentation or reassembly is not supported. Software-based fragmentation rates
•
are going to be extremely slow depending CPU load. PR1419371
On ACX5000 platforms, thigh CPU usage on the fxpc process might be seen under rare condition if
•
parity errors are detected in devices. It has no direct service or traffic impact. However, since CPU
utilization is high during this issue, there are some side effects. For example, it could impact time-sensitive
features such as BFD. PR1419761
Packets transmitted in a queue are not as expected when testing IEEE-802.1ad inner classifier at the
•
ingress and IEEE-802.1ad rewrite at the egress with various events. PR1422515
The input packets account for all the frames that are coming in, including the oversized frames. Whereas
•
oversized frame counter only accounts for oversized frames. PR1425748
Because of the BCM sdk design, EEDB hardware entry is not freed for unicast next-hop creation. This
•
leads to resource leakage and is not allowing to higher scale. PR1426734
Error messages can be seen sometimes if the optics is being unplugged in between the eeprom read.
•
This is expected and will not impact any functionality. PR1429016
Multiple hardware i2c failure observed because of intermittent Iayer 2 circuit access failure on main
•
board switches. PR1429047
22
Packet rates are not seen for aggregated Ethernet logical interface. PR1429590
•
Traffic loss is seen if the configuration has /128 prefix routes and it is limited to /128 only. Its due to
•
the known issue tracked in PR 1445231. PR1429833
Any packet greater than the MTU size will be accounted as oversized packets. Packets exceeding the
•
MTU sizes are not considered for jabber check. PR1429923
This is the expected behavior across all ACX platforms. Even the system LED glows during halt state.
•
PR1430129
These are initial transient messages seen and does not have any functional impact. PR1430355
•
Packets dropped due to MTU checks in the output interface are not accounted for MTU errors. All
•
packets above MTU size are accounted for Oversized-packets in the input interface. PR1430446
If L2VPN sessions have OAM control-channel option set to router-alert-label, the no-control-word
•
option in L2VPN should not be used for BFD sessions to come up. PR1432854
Timing on 1G, performance is not in par compared with 10G, compensation is done to bring the mean
•
value under class-A but the peak to peak variations are high and can go beyond 100ns. It has a latency
variation with peak to peak variations of around 125ns-250ns (that is, 5-10 percent of the mean latency
introduced by the each phy which is of around 2.5us) without any traffic. PR1437175
These errors can be seen if CFP2 optics are not plugged in. PR1438039
•
1PPS performance metrics (class A) of G.8273.2 are not met for 1G interfaces because of the variable
•
latency added by the Vittesse PHY. PR1439231
In a certain test condition, it is observed that L2VPN at a scale of 16000 had issues when all were brought
•
down and up. PR1439471
With an asymmetric network connection (for example, 10G MACsec port connected to 10G channelized
•
port), high and asymmetric T1 and T4 time errors are seen which introduces a high 2 way time error.
This introduces different CF updates in forward and reverse paths. PR1440140
By default mgmt interface speed always shows as 1000Mbps in Junos OS. PR1440675
•
With MACsec feature enabled and introduction of traffic, the peak to peak value varies with the
•
percentage of traffic introduced. PR1441388
Recovery of Junos OS volume is not possible from OAM menu. PR1446512
•
SyncE Jitter tolerance test fails for MACsec ports. For SyncE with MACsec there seems to be additional
•
framing header and footer that would get added by the MACsec protocol. The impact of this on the
jitter test is not obvious and look undefined in the standards and not qualifiable with a single DUT and
Calnex. PR1447296
Drop profile maximum threshold might not be reached to its limit when the packet size is other than
•
1000 bytes. This is due to current design limitation. Making design changes are high risk at this point of
time, Hence, The Junos OS Releases 19.2R1-S1, 19.2R(x), and 19.3(x) will not have fix for this issue.
PR1448418
23
If the client et- interface is up and transportd state is in init state, restart transportd process to get the
•
state updated to normal. This scenario is not seen in normal operation but seen when interfaces are
deleted and re-created and configurations are applied. PR1449937
Red drops seen on the 25G channelized aggregated Ethernet interfaces after some events (deactivate,
•
activate etc) on the PEER box. PR1450674
For the et ports, some output power might be seen even after disabling the interface. This will not have
•
any functional impact as the bcmport is getting disabled on the interface and the link goes down fine.
PR1452323
Incorrect operating state is displayed in SNMP trap message when a FAN tray is removed. PR1455577
•
FAN numbering is not the same in the outputs of the following configuration statements show chassis
•
fan and show snmp mib walk jnxContentsDescr. PR1456589
Interfaces and Chassis
When an unnumbered interface is binding to an interface that has more than one IP address and one of
•
the IP addresses is deleted, the family inet of the unnumbered interface might be deleted. The issue
results in traffic loss for all the services that rely on the family inet of the unnumbered interface. Configure
preferred-source-address on the unnumbered interface to prevent deletion of the IP address, thereby
avoiding the deletion of the family inet of the unnumbered interface. PR1412534
SEE ALSO
What's New | 12
What's Changed | 16
Known Limitations | 18
Resolved Issues | 24
Documentation Updates | 26
24
Migration, Upgrade, and Downgrade Instructions | 27
Product Compatibility | 28
Resolved Issues
IN THIS SECTION
Resolved Issues: 19.2R1-S1 | 25
Resolved Issues: 19.2R1 | 25
This section lists the issues fixed in Junos OS Release 19.2R1 for the ACX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Resolved Issues: 19.2R1-S1
General Routing
Link Fault Signaling (LFS) do not work on ACX5448, ACX5410, ACX5440, and 100-Gigabit Ethernet
•
interfaces. PR1401718
In an ACX5448 platforms, when the Packet Forwarding Engine failed to allocate packet buffer, portion
•
of packet memories might not be free. PR1442901
Resolved Issues: 19.2R1
Class of Service (CoS)
The error message STUCK_BUFF : port_sp not empty for port 35 sp 1 pkts:1 is seen when a lag bundle
•
is configured with 64 lag links.. PR1346452
General Routing
The 1G copper module interface shows "Link-mode: Half-duplex". PR1286709
•
25
On an ACX ring topology, after link between ACX and MX flaps, VPLS RI on PE (MX) has no MAC of CE
•
over l2circuit. PR1360967
ACX5000: fpc0 (acx_rt_ip_uc_lpm_install:LPM route add failed error) Reason : Invalid parameter after
•
configuring lpm-profile. PR1365034
ACX5448: LIBCOS_COS_TVP_FC_INFO_NOT_FOUND: Forwarding-class information not specified"
•
prints while committing on configuration prompt. PR1376665
On ACX5448, channelized ET interface of 25-Gigabit interface will not come up after chassis-control
•
restart. PR1379288
ACX 5448:100 Gigabit link FEC enabled by default on 100G LR4. PR1389518
•
On ACX Series platforms, the forwarding-option dhcp-relay forward-only command stops working and
•
the DHCP packets are dropped. PR1392261
On ACX5048, RPM RFC 2544 benchmarking test failed to start. PR1395730
•
CFM adjacency is not going down with distinct intervals. PR1397883
•
Dynamic tunnels are not supported on ACX Series routers. PR1398729
•
VLAN tagged traffic arriving on VPLS interface might get dropped. PR1402626
•
ot/et interface is not created when invalid speed is configured. PR1403546
•
ACX 5448: TrTCM Policer configuration parameters are as per RFC4115. PR1405798
•
The show services inline stateful-firewall flow or show services inline stateful-firewall flow extensive
•
command might cause a memory leak. PR1408982
ACX Series routers drop DNS responses that contain an underscore. PR1410062
•
VPLS traffic might stop across ACX5000 with the aggregated Ethernet interface. PR1412042
•
Junos PCC might reject PCUpdate/PCCreate message if there is metric type other than type 2. PR1412659
•
Number of inet-arp policers implemented on ACX5000 has been increased from 16 to 64. PR1413807
•
Swap memory is not initialized on boot on ACX5048. PR1415898
•
Commit error while configuring firewall with term having log/syslog and accept actions. PR1417377
•
CoS table error can sometimes cause traffic outages and SNMP timeouts if the optic is plugged out and
•
inserted back. PR1418696
Slow copy image speed to ACX5448. PR1422544
•
SEE ALSO
What's New | 12
What's Changed | 16
26
Known Limitations | 18
Open Issues | 20
Documentation Updates | 26
Migration, Upgrade, and Downgrade Instructions | 27
Product Compatibility | 28
Documentation Updates
IN THIS SECTION
Installation and Upgrade Guide | 27
This section lists the errata and changes in Junos OS Release 19.2R1 for the ACX Series documentation.
Installation and Upgrade Guide
Veriexec explained (ACX Series)—Verified Exec (also known as veriexec) is a file-signing and verification
•
scheme that protects the Junos operating system (OS) against unauthorized software and activity that
might compromise the integrity of your device. Originally developed for the NetBSD OS, veriexec was
adapted for Junos OS and enabled by default from Junos OS Release 7.5 onwards.
[See Veriexec Overview.]
SEE ALSO
What's New | 12
What's Changed | 16
Known Limitations | 18
Open Issues | 20
27
Resolved Issues | 24
Migration, Upgrade, and Downgrade Instructions | 27
Product Compatibility | 28
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
Upgrade and Downgrade Support Policy for Junos OS Releases | 27
This section contains the upgrade and downgrade support policy for Junos OS for the ACX Series Router.
Upgrading or downgrading Junos OS might take several minutes, depending on the size and configuration
of the network.
For information about software installation and upgrade, see the Installation and Upgrade Guide.
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not
provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the
next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently
installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from
Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead
or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before
or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release
to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html.
For information about software installation and upgrade, see the Installation and Upgrade Guide.
28
SEE ALSO
What's New | 12
What's Changed | 16
Known Limitations | 18
Open Issues | 20
Resolved Issues | 24
Documentation Updates | 26
Product Compatibility | 28
Product Compatibility
IN THIS SECTION
Hardware Compatibility | 29
Hardware Compatibility
To obtain information about the components that are supported on the devices, and the special compatibility
guidelines with the release, see the Hardware Guide for the product.
To determine the features supported on ACX Series routers in this release, use the Juniper Networks
Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature
information to find the right software release and hardware platform for your network. Find Feature
Explorer at https://apps.juniper.net/feature-explorer/.
Hardware Compatibility Tool
For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms,
see the Hardware Compatibility tool.
SEE ALSO
What's New | 12
29
What's Changed | 16
Known Limitations | 18
Open Issues | 20
Resolved Issues | 24
Documentation Updates | 26
Migration, Upgrade, and Downgrade Instructions | 27
Junos OS Release Notes for EX Series Switches
IN THIS SECTION
New and Changed Features | 30
Changes in Behavior and Syntax | 36
Known Behavior | 37
Known Issues | 38
Resolved Issues | 42
Documentation Updates | 47
Migration, Upgrade, and Downgrade Instructions | 48
Product Compatibility | 49
30
These release notes accompany Junos OS Release 19.2R1 for the EX Series. They describe new and
changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/product/en_US/junos-os.
New and Changed Features
IN THIS SECTION
New and Changed Features: 19.2R1-S1 | 31
New and Changed Features: 19.2R1 | 31
This section describes the new features and enhancements to existing features in Junos OS Release 19.2R1
for the EX Series.
NOTE: The following EX Series switches are supported in Release 19.2R1: EX2300, EX2300-C,
EX3400, EX4300, EX4600-40F, EX4650, EX9200, EX9204, EX9208, EX9214, EX9251, and
EX9253.
New and Changed Features: 19.2R1-S1
Routing Protocols
Decouple RSVP for IGP-TE (MX Series, PTX Series, ACX Series, QFX Series, SRX Series, and EX
•
Series)—Starting in Junos OS Release 19.2R1-S1, device can advertise selective traffic-engineering
attributes such as admin-color and maximum-bandwidth, without enabling RSVP, for segment routing
and interior gateway protocol (IGP) deployments.
New and Changed Features: 19.2R1
31
Authentication, Authorization, and Accounting (AAA)
802.1X authentication (EX4650 switches)—Starting with Junos OS Release 19.2R1, EX4650 switches
•
support port-based network access control using 802.1X authentication as defined in the IEEE 802.1X
standard.
[See 802.1X for Switches Overview.]
Dynamic Host Configuration Protocol
Support for DHCP snooping and other access port security features on private VLANs (EX4300-MP
•
switches and Virtual Chassis)—Starting in Junos OS Release 19.2R1, you can enable DHCP snooping
for security purposes on access ports that are in a private VLAN (PVLAN). You can also protect those
ports with DHCP options, dynamic ARP inspection (DAI), IP source guard, and neighbor discovery
inspection.
[See Putting Access Port Security on Private VLANs.]
EVPN
Support for BFD, BGP, IS-IS, and OSPF on IRB interfaces in EVPN-MPLS networks (EX series)—Starting
•
with Junos OS Release 19.2R1, you can configure Bidirectional Forwarding Detection (BFD), BGP, IS-IS,
and OSPF routing protocols on the IRB interface in an EVPN-MPLS network to route and forward EVPN
traffic. This feature supports single-homed, single-active, and all-active multihomed networks.
[See EVPN with IRB Solution Overview.]
EVPN support of VLAN ID ranges and lists in service provider style interface configurations (EX9200
•
switches)—Starting in Junos OS Release 19.2R1, EX9200 switches, ACX5448 and MX Series routers,
and vMX virtual routers support the use of VLAN ID ranges and lists in a service provider style interface
configuration, which must be referenced in an EVPN routing instance. This configuration is supported
with the following EVPN environments, services, and features:
Environments:
•
EVPN with VXLAN encapsulation
•
EVPN with MPLS encapsulation
•
VLAN bundle service:
•
E-LAN
•
E-Tree
•
E-Line
•
Features:
•
EVPN multihoming:
•
All-active
•
32
Single-active
•
Singlehoming
•
[See VLAN ID Ranges and Lists in an EVPN Environment.]
Support for control word in EVPN-VPWS (EX9200 switches)—Starting with Junos OS Release 19.2R1,
•
Junos OS supports the insertion of a control word between the label stack and the MPLS payload in a
network with EVPN-VPWS service. This feature prevents a transit device from delivering out-of-order
packets as a result of the device’s load-balancing hashing algorithm. When you enable the control word
feature on a PE device, the PE device advertises support for a control word. If all the PE devices in an
EVI on the EVPN-VPWS serviced network support control word, then the PE device inserts a control
word between the label stack and the L2 header in the packet thus preventing the packet from being
misidentified by transit devices.
[See Control Word for EVPN-VPWS.]
JWeb
Support for EX4650 switches—Starting in Junos OS Release 19.2R1, you can use J-Web to configure,
•
monitor, and manage EX4650 switches.
To configure the EX4650 switch using the J-Web interface, you must connect the cable to the port
labeled CON on the rear panel of the switch.
NOTE: In J-Web, the chassis viewer displays only the standalone EX4650 switches view. It
does not display the Virtual Chassis configuration because the EX4650 switch does not support
the Virtual Chassis configuration.
[See Dashboard for EX Series Switches and Connecting and Configuring an EX Series Switch (J-Web
Procedure).]
Layer 2 Features
L2PT support (EX4300 multigigabit switches)—Starting with Junos OS Release 19.2R1, you can configure
•
Layer 2 protocol tunneling (L2PT) for the following protocols on EX4300 multigigabit switches
(EX4300-48MP models): CDP, E-LMI, GVRP, IEEE 802.1X, IEEE 802.3AH, LACP, LLDP, MMRP, MVRP,
STP (including RSTP and MSTP), UDLD, VSTP, and VTP.
33
[See Layer 2 Protocol Tunneling.]
Multicast
Support for multicast traffic counters (EX4300, EX4300-MP, EX4300 Virtual Chassis)—Starting with
•
Junos OS Release 19.2R1, you can use firewall filters to count packets and check the bandwidth of
multicast traffic received by a host from a particular source and group in a routing instance. To enable
this feature, include the multicast-statistics statement at the [edit system packet-forwarding-options]
hierarchy level. To check the packet count and bandwidth for each multicast route, use the show multicast
route extensive command.
[See multicast-statistics (system-packet forwarding).]
IGMP snooping with private VLANs (EX4300 multigigabit switches)—Starting in Junos OS Release
•
19.2R1, EX4300 multigigabit switches (EX4300-48MP models) support IGMP snooping with private
VLANs (PVLANs). A PVLAN consists of secondary isolated and community VLANs configured within a
primary VLAN. Without IGMP snooping support on the secondary VLANs, switches receive multicast
streams on a primary VLAN and flood them to the secondary VLANs. This feature extends IGMP snooping
on a primary VLAN to its secondary VLANs to further constrain multicast streams only to interested
receivers on PVLANs. When you enable IGMP snooping on a primary VLAN, you implicitly enable it on
all secondary VLANs, and the secondary VLANs learn the multicast group information on the primary
VLAN.
NOTE: Ports in a secondary VLAN cannot be used as IGMP multicast router interfaces.
Secondary VLANs can receive multicast data streams ingressing on promiscuous trunk ports
or inter-switch links acting as multicast router interfaces.
[See IGMP Snooping Overview.]
Network Management and Monitoring
Support for displaying valid user input in the CLI for command options and configuration statements
•
in custom YANG data models (EX Series)—Starting in Junos OS Release 19.2R1, the CLI displays the set
of possible values for a given command option or configuration statement in a custom YANG data model
when you include the action-expand extension statement in the option or statement definition and
reference a script that handles the logic. The action-expand statement must include the script child
statement, which defines the Python action script that is invoked when a user requests context-sensitive
help in the CLI for the value of that option or statement.
[See Displaying Valid Command Option and Configuration Statement Values in the CLI for Custom YANG
Modules.]
34
Port Security
Stateless address autoconfiguration (SLAAC) snooping (EX2300, EX3400, EX4300, and Virtual
•
Chassis)—Starting in Junos OS Release 19.2R1, Junos OS supports SLAAC snooping on EX2300, EX2300
VC, EX3400, EX3400 VC, EX4300, and EX4300 VC. IPv6 clients using SLAAC for dynamic address
assignment are validated against the SLAAC snooping binding table before being allowed access to the
network.
[See IPv6 Stateless Address Autoconfiguration (SLAAC) Snooping.]
Fallback PSK for Media Access Control Security (MACsec) (EX Series)—Starting in Junos OS Release
•
19.2R1, fallback PSK for MACsec is supported on EX Series routers that support MACsec. The fallback
PSK provides functionality to establish a secure session in the event that the primary PSKs on each end
of a MACsec-secured link do not match.
[See Configuring MACsec on EX, SRX and Fusion Devices.]
Support for 802.1X authentication on private VLANs (PVLANs) (EX4300-48MP switches and Virtual
•
Chassis)—Starting in Junos OS Release 19.2R1, you can enable 802.1X (dot1x) authentication for security
purposes on access ports that are in a PVLAN.
PVLANs provide Layer 2 isolation between ports within a VLAN, splitting a broadcast domain into multiple
discrete broadcast subdomains by creating secondary VLANs. PVLANs are useful for restricting the flow
of broadcast and unknown unicast traffic and for limiting the communication between known hosts.
Authentication prevents unauthenticated devices and users from gaining access to your LAN. For 802.1X
and MAC RADIUS authentication, end devices must be authenticated before they receive an IP address
from a DHCP server.
On a switch that is configured with both 802.1X authentication and PVLANs, when a new device is
attached to the PVLAN network, the device is authenticated and then is assigned to a secondary VLAN
based on the PVLAN configuration or RADIUS profile. The device then obtains an IP address and receives
access to the PVLAN network.
[See Using 802.1X Authentication and Private VLANs Together on the Same Interface.]
Media Access Control security with 256-bit cipher suite (EX4300)—Starting in Junos OS Release 19.2R1,
•
the GCM-AES-256 cipher suite for MACsec in static CAK mode is supported on the 2-port QSFP+/1-port
QSFP28 uplink module for EX4300-48MP switches. The GCM-AES-256 cipher suite has a maximum
key length of 256 bits and is also available with extended packet numbering (GCM-AES-XPN-256).
[See Understanding Media Access Control Security (MACsec).]
Support for MACsec PSK keychain (EX9253)—Starting in Junos OS Release 19.2R1, EX9253 switches
•
support MACsec PSK chains hitless rollover and Key Agreement Protocol Fail Open mode.
[See Configuring MACsec on EX, SRX and Fusion Devices.]
System Management
35
Support for transferring accounting statistics files and router configuration archives using HTTP URL
•
(EX Series)—Starting in Junos OS Release 19.2R1, you can transfer accounting statistics files and router
configuration archives to remote servers by using an HTTP URL. In addition to SCP and FTP, the following
HTTP URL will be supported under the archive-sites statement:
http://username@host:url-path password password
To transfer accounting statistics files, configure archive-sites under [edit accounting-options file
•
<filename>] hierarchy.
To transfer router configuration archival, configure archive-sites under edit system archival
•
configuration hierarchy.
To view the statistics of transfer attempted, succeeded, and failed, use the show accounting server
•
statistics archival-transfer command.
To clear the statistics of transfer attempted, succeeded, and failed, use the clear accounting server
•
statistics archival-transfer command.
[See archive-sites, Backing Up Configurations to an Archive Site, show accounting server statistics
archival-transfer, and clear accounting server statistics archival-transfer].
SEE ALSO
What’s Chnaged | 36
Known Behavior | 37
Open Issues | 38
Resolved Issues | 42
Documentation Updates | 47
Migration, Upgrade, and Downgrade Instructions | 48
Product Compatibility | 49
Changes in Behavior and Syntax
IN THIS SECTION
Network Management and Monitoring | 36
VLAN Infrastructure | 37
36
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS
statements and commands in Junos OS Release 19.2R1 for the EX Series.
Network Management and Monitoring
The show system schema command and <get-yang-schema> RPC require specifying an output directory
•
(EX Series)—Starting in Junos OS Release 19.2R1, when you issue the show system schema operational
mode command in the CLI or execute the <get-yang-schema> RPC in a remote session to retrieve
schema files, you must specify the directory in which to generate the output files by including the
output-directory command option in the CLI or the <output-directory> element in the RPC. In earlier
releases, you can omit the output-directory argument when requesting a single module to display the
module in standard output.
Custom YANG RPC support for input parameters of type empty (EX Series)—Starting in Junos OS
•
Release 19.2R1, custom YANG RPCs support input parameters of type empty when executing the RPC’s
command in the Junos OS CLI, and the value passed to the action script is the parameter name. In earlier
releases, input parameters of type empty are only supported when executing the RPC in a NETCONF
or Junos XML protocol session, and the value passed to the action script is the string 'none'.
[See Creating Action Scripts for YANG RPCs on Devices Running Junos OS.]
VLAN Infrastructure
Specifying a descending VLAN ID range (EX9200 switches)—In Junos OS releases prior to Junos OS
•
Release 19.2R1, the system accepts a descending range—for example, 102-100, with the vlan-id-range
configuration statement in the [edit interfaces interface-name unit logical-unit-number] hierarchy.
Starting with Junos OS Release 19.2R1, the system considers a descending range specified with
vlan-id-range to be invalid and raises an error if you try to commit this configuration.
SEE ALSO
What’s New | 30
Known Behavior | 37
Open Issues | 38
Resolved Issues | 42
37
Documentation Updates | 47
Migration, Upgrade, and Downgrade Instructions | 48
Product Compatibility | 49
Known Behavior
IN THIS SECTION
EVPN | 38
General Routing | 38
Platform and Infrastructure | 38
This section lists known behavior, system maximums, and limitations in hardware and software in Junos
OS Release 19.2R1 for the EX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
EVPN
When a VLAN uses an IRB interface as the routing interface, the VLAN-ID parameter must be set to
•
"none" to ensure proper traffic routing. This issue is platform independent. PR1287557
General Routing
When the box is loaded and unloaded with MACsec configuration multiple times with operations made
•
continuously, L3 connectivity is been lost and hence stops the system followed by a reboot to resume
operation. PR1416499
Platform and Infrastructure
Filters are installed only during route add if there is enough space. If the filter fails because of the
•
non-availability of TCAM space, those routes might not be processed for filter add later when space
becomes available. PR1419926
38
SEE ALSO
What’s New | 30
What’s Chnaged | 36
Open Issues | 38
Resolved Issues | 42
Documentation Updates | 47
Migration, Upgrade, and Downgrade Instructions | 48
Product Compatibility | 49
Known Issues
IN THIS SECTION
General Routing | 39
Infrastructure | 40
Junos Fusion Enterprise | 41
Layer 3 Features | 41
Platform and Infrastructure | 41
Spanning Tree Protocols | 41
This section lists the known issues in hardware and software in Junos OS Release 19.2R1 for the EX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
General Routing
When a VLAN is added as an action for changing the VLAN in both ingress and egress filters, the filter
•
will not be installed. PR1362609
An EX4300 configured with a firewall filter on lo0 and DHCP security on a VLAN simultaneously might
•
drop legitimate DHCP renew requests from clients on the corresponding VLANs. This occurs because
of the implementation design and chipset limitation. PR1376454
39
After the MACsec session is deleted, the corresponding interfaces might lose their MACsec function if
•
LACP is enabled on them and the statement exclude lacp is configured under the [edit security macsec]
hierarchy. PR1378710
When the show command takes a long time to display results, the STP might change its status as BPDUs
•
are no longer processed and cause lots of outages. PR1390330
DCPFE did not come up in some instances of abrupt power-off/power-on of EX4650. Power-cycle of
•
the device or host reboot will recover the device. PR1393554
If PTP transparent clock is configured on the EX4600, and if IGMP snooping is configured for the same
•
VLAN as PTP traffic, the PTP over Ethernet traffic might be dropped. PR1395186
On EX4300 and EX4600platforms with flexible-ethernet-services enabled, when family inet/inet6 and
•
vlan-bridge are configured on the same physical interface, and family inet/inet6 is configured first, MAC
address movement (MAC learning/deleting) might not happen on this interface resulting in traffic drop.
PR1408230
There is a possibility of seeing multiple reconnect logs, JTASK_IO_CONNECT_FAILED message during
•
the device initialization. There is no functionality impact because of these messages. These messages
can be ignored. PR1408995
On EX9200 devices with MCLAG configuration and other features enabled, there is a loss of approximately
•
20 seconds during restart of the routing daemon. This traffic loss varies with the configuration that is
done. PR1409773
On EX4650 line of switches, uRPF check in strict mode might not work properly. PR1417546
•
The factory-default configuration for EX4300, EX2300, EX3400, and EX4300-48MP platforms now
•
include DHCP client configuration on IRB and VME to facilitate connectivity to phone-home server
(redirect.juniper.net) from the phone-home-client running on the device. Following are the factory-default
configurations:
DHCP enabled on VME and IRB
•
default VLAN with VLAN ID 1 and L3 interface as IRB.0 PR1423015
•
On EX2300, EX3400, EX4300, and EX4600, if igmp-snooping is enabled, multicast traffic might be
•
dropped silently. PR1423556
The issue is limited to DB related to MAC move scenario. When dhcp-security is configured, if multiple
•
IPv4 and IPv6 clients’ MAC move occurs, the jdhcpd might consume 100 percent CPU and jdhcpd might
crash. PR1425206
Multiple EX Series platforms might be unable to commit baseline configuration after zeroization.
•
{master:0}[edit] root# commit check Mar 26 05:50:48 mustd: UI_FILE_OPERATION_FAILED: File
/var/run/db/enable-process.data doesn't exist Mar 26 05:50:48 mgd[1938]:
UI_FILE_OPERATION_FAILED: Failed to open /var/run/db/enable-process.data+ file error: Failed to
open /var/run/db/enable-process.data+ file error: configuration check-out failed: daemon file
propagation failed. PR1426341
40
In certain scenarios, IGMP transit query packets might not be flooded on the VLAN, causing momentary
•
drop in Layer 2 multicast traffic. PR1427542
In case the port connecting the server from client is a trunk port and has multiple VLANs configured,
•
then for VLAN on which NDI is not configured, the client remains in the solicit state on starting dhcpv6
device. PR1428769
When the native VLAN is configured along with the flexible VLAN tagging on a L3 subinterface, untagged
•
packets might be dropped on that L3 subinterface. PR1434646
Added support for i40e NVM upgrade in EX9208. PR1436223
•
NDI cannot be used in VLAN with IRB on EX92XX. Neighborhood advertisements solicit packets destined
•
to host are getting dropped with NDI inspection (under DHCPv6 security) on a VLAN with IRB
configuration on EX92XX in Junos OS Release 18.4 and later.PR1439844
Infrastructure
On EX3400 and EX2300 line of switches during ZTP with configuration and image upgrade with FTP
•
as file transfer, image upgrade is successful but sometimes VM core file might be generated. PR1377721
On EX2300, EX2300-C, and EX2300-MP platforms, if Junos OS is with FreeBSD kernel version 11 with
•
the build date on or after 2019-02-12, the switch might stop forwarding traffic or responding to console.
A reboot is required to restore the service. PR1442376
Junos Fusion Enterprise
On EX4300, when 10-Gigabit fiber port is using 1-Gigabit Ethernet SFP optics and auto-negotiation is
•
enabled by default, the link state goes down and does not come up. PR1420343
In a Junos Fusion Enterprise environment with EX2300-48P or EX2300-48T acting as satellite devices,
•
loop-detect feature does not work for ports 0-23, because the loop detect filter is not properly applied.
PR1426757
Layer 3 Features
From the code analysis, the CPU rate limiting and corresponding queue points to 100 pps in Junos OS
•
Release 12.3 for ARP traffic. But in the case of Junos OS Release 11.4, the rate limiter value is 3 Kpps.
PR1165757
Platform and Infrastructure
41
There are multiple failures when an event such as node reboot, ICL flap or ICCP flap occurs; and even
•
with enhanced convergence configured there is no guarantee that subsecond convergence will be
achieved. PR1371493
ICMPv6 packets are hitting the dynamic ingress filter with higher priority, thus never reaching an MF
•
or static classifier. PR1388324
Adding the second IRB to an aggregated Ethernet and then removing it might cause the first IRB to stop
•
working. PR1423106
Spanning Tree Protocols
On committing interface-range configuration defined over wild-card range like ge-*/*/* is not supported.
•
As a result, exceeding valid range for stp-port-ids. The commit fails. Sample example configuration is
set interfaces interface-range RANGE1 member ge-*/*/* and set interfaces interface-range RANGE1
mtu 2000. PR1421446
After converging VSTP, if there is a VSTP configuration change and then BPDU might not be flooded
•
because of which port role might be in incorrect state in the adjacent switches. There is no loop created
in the network. PR1443489
SEE ALSO
What’s New | 30
What’s Chnaged | 36
Known Behavior | 37
Resolved Issues | 42
Documentation Updates | 47
Migration, Upgrade, and Downgrade Instructions | 48
Product Compatibility | 49
Resolved Issues
IN THIS SECTION
Authentication and Access Control | 43
EVPN | 43
General Routing | 43
42
Infrastructure | 44
Interfaces and Chassis | 44
Layer 2 Ethernet Services | 45
Junos Fusion Enterprise | 45
Network Management and Monitoring | 45
Platform and Infrastructure | 45
Routing Protocols | 46
Software Installation and Upgrade | 46
Subscriber Access Management | 46
This section lists the issues fixed in Junos OS Release 19.2R1 for the EX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Authentication and Access Control
Without configuring anything related to dot1x, the syslog dot1xd[2192]: task_connect: task
•
PNACAUTH./var/run/authd_control addr /var/run/authd_control: Connection refused is generated
repeatedly. PR1406965
EVPN
The device might proxy the ARP probe packets in an EVPN environment. PR1427109
•
ESI is configured on a single-homed 25G port might not work. PR1438227
•
General Routing
On EX4650 switches, convergence delay between PE1 and P router link is more than the expected delay
•
value. PR1364244
43
OAM Ethernet connectivity-fault-management configured on aggregated Ethernet interfaces is not
•
supported and no commit error is seen. PR1367588
IPv6 router advertisement (RA) messages potentially increase internal kernel memory usage. PR1369638
•
RIPv2 update packets might not be sent with IGMP snooping enabled. PR1375332
•
Input rate PPS does not increase on EX2300-MP uplink ports when the packet is a pure L2 packet like
•
non-etherII or non-EtherSnap. PR1389908
EX3400VC - When an interface in a Virtual Chassis member switch that is not master, is flapped, IGMP
•
query packets 224.0.0.1 are sent to all the ports of the members except the master FPC. PR1393405
PTP over Ethernet traffic might be dropped when IGMP and PTP TC are configured together. PR1395186
•
EX3400 might not learn 30,000 MAC addresses while sending MAC learning traffic. PR1399575
•
MAC-limit with persistent MAC is not working after reboot. PR1400507
•
After upgrading to Junos OS Release 18.1R3.3, adt7470_set_pwm output message is observed
•
continuously. PR1401709
The DHCP discover packets are forwarded out of an interface incorrectly when DHCP snooping is
•
configured on that interface. PR1403528
On EX4300-48MP devices, the packets drop when the traffic filter and the routing instance are configured.
•
PR1407424
The l2cpd might crash if the vstp traceoptions and vstp vlan all commands are configured. PR1407469
•
MAC address movement might not happen in flexible Ethernet services mode when family inet/inet6
•
and vlan-bridge are configured on the same physical interface. PR1408230
EX3400 PSU status is still taking "check" status even though PSU module has been removed. PR1408675
•
On EX2300-24P switches, error message dc-pfe: BRCM_NH-,brcm_nh_resolve_get_nexthop(),346:Failed
•
to find if family is seen. PR1410717
On EX Series devices, the PEM alarm for backup FPC remains on master FPC though the backup FPC
•
is detached from Virtual Chassis. PR1412429
On EX4300-48MP devices, the chassis status LED shows yellow instead of amber. PR1413194
•
The chassisd output power budget is received continually per 5 seconds without any alarm after an
•
upgrade to Junos OS Release 18.1R3. PR1414267
VXLAN encapsulation next hop (VENH) does not get installed during BGP flap or when routing is restarted.
•
PR1415450
On EX3400 switches, the show chassis environment repeats OK and Failed at short intervals. PR1417839
•
The EX3400 VC status might be unstable during the boot-up of the Virtual Chassis or after the Virtual
•
Chassis port flaps. PR1418490
Virtual Chassis might become unstable and FXPC crashes and generates a core file when there are a lot
•
of configured filter entries. PR1422132
44
On EX3400 auto-negotiation status shows incomplete on ge-0/2/0 using SFP-SX. PR1423469
•
On EX4600 line of switches, MACsec might not connect when the interface disconnects while traffic is
•
passing. PR1423597
I2C read errors are seen when an SFP-T is inserted into a disabled state port configured with set interface
•
<*> disable command. PR1423858
Incorrect model information while polling through SNMP from Virtual Chassis. PR1431135
•
Infrastructure
IfSpeed and IfHighSpeed erroneously reported as zero on EX2300. PR1326902
•
Packet Forwarding Engine is flooded with messages // pkt rx on physical interface NULL unit 0.
•
PR1381151
Interfaces and Chassis
Missing mandatory ICCP configuration statement redundancy-group-id-list produces misleading error
•
message. PR1402606
EVPN aggregated Ethernet interface flaps followed by a commit. PR1425339
•
Layer 2 Ethernet Services
The malfunction of core isolation feature in EVPN VXLAN scenarios might cause traffic to get silently
•
dropped and discarded. PR1417729
Junos Fusion Enterprise
PoE over LLDP negotiation is not supported on Junos Fusion Enterprise setup. PR1366106
•
New satellite device cannot be added to the Fusion scenario. PR1374982
•
Cascade port might go down after SD reboot in Junos Fusion Enterprise environment. PR1382091
•
Cannot log in to SD cluster though it is recognized by AD properly. PR1395570
•
The l2ald might crash when clear ethernet-switching table persistent-learning command is issued.
•
PR1409403
Extended ports in Junos Fusion Enterprise do not adjust MTU when VoIP is enabled. PR1411179
•
45
The traffic might silently drop and get discarded in Junos Fusion Enterprise scenario with dual-AD.
•
PR1417139
Network Management and Monitoring
Over temperature trap is not sent out even when there is a temperature-hot-alarm. PR1412161
•
Platform and Infrastructure
Ping does not go through the device after WTR timer expires in Ethernet ring protection switching (ERPS)
•
scenario. PR1132770
EX4300 upgrade fails during validation of SLAX script. PR1376750
•
Unicast DHCP request gets misforwarded to backup RTG link on EX4300 Virtual Chassis. PR1388211
•
EX4300 OAM LFM might not work on extended-vlan-bridge interface with native vlan configured.
•
PR1399864
Traffic drop is seen on EX4300 when 10-Gigabit fiber port is using 1-Gigabit Ethernet SFP optics with
•
auto-negotiation enabled. PR1405168
On EX4300, when power supply (PEM) is removed, alarm is not generated. PR1405262
•
The policer might not work when it is applied through the dynamic filter. PR1410973
•
The traffic to the NLB server might not be forwarded if the NLB cluster works on multicast mode.
•
PR1411549
EX4300 QinQ - untagged UNI traffic egress as single-tagged on NNI interface. PR1413700
•
Runt counter never incremented. PR1419724
•
EX4300 does not send fragmentation needed message when MTU is exceeded with DF bit set.
•
PR1419893
The pfex process might crash and core files might be generated when SFP is reinserted. PR1421257
•
Traffic might get silently dropped when one of logical interfaces on LAG is deactivated or deleted.
•
PR1422920
Auditd crashes when accounting RADIUS server is not reachable. PR1424030
•
The native VLAN ID of packets might fail when leaving out. PR1424174
•
Interface flapping scenario might lead to ECMP next-hop install failure on EX4300 switches. PR1426760
•
VIP might not forward the traffic if VRRP is configured on an aggregated Ethernet interface. PR1428124
•
EX4300 does not drop FCS frames on XE interfaces. PR1429865
•
The ERPS failover does not work as expected on EX4300 device. PR1432397
•
46
Routing Protocols
Host-destined packets with filter log action might reach the Routing Engine. PR1379718
•
The rpd crashes on static route configuration for multicast source. PR1408443
•
Host-generated ICMPv6 RA packets might be dropped on the backup member of Virtual Chassis if
•
igmp-snooping is configured. PR1413543
The EX Series switches might not install all IRB MAC addresses in the initialization. PR1416025
•
After restarting multicast-snooping process, igmp-snooping might not work. PR1420921
•
Software Installation and Upgrade
Configuration loss and traffic loss might be seen if backup Routing Engine is zeroized and is then switched
•
over to master within a short time. PR1389268
Subscriber Access Management
authd reuses address quickly before jdhcpd completely cleans up the old subscriber that gives the
•
following error log DH_SVC_DUPLICATE_IPADDR_ERR: Failed to add x.x.x.x as it is already used by
xxx. PR1402653
On EX4300 /var showing full /var/log/dfcd_enc file grows in size. PR1425000
•
SEE ALSO
What’s New | 30
What’s Chnaged | 36
Known Behavior | 37
Open Issues | 38
Documentation Updates | 47
Migration, Upgrade, and Downgrade Instructions | 48
Product Compatibility | 49
Documentation Updates
IN THIS SECTION
47
Installation and Upgrade | 47
This section lists the errata and changes in Junos OS Release 19.2R1 for the EX Series switches
documentation.
Installation and Upgrade
Veriexec explained (EX Series)—Verified Exec (also known as veriexec) is a file-signing and verification
•
scheme that protects the Junos operating system (OS) against unauthorized software and activity that
might compromise the integrity of your device. Originally developed for the NetBSD OS, veriexec was
adapted for Junos OS and enabled by default from Junos OS Release 7.5 onwards.
[See Veriexec Overview.]
SEE ALSO
What’s New | 30
What’s Chnaged | 36
Known Behavior | 37
Open Issues | 38
Resolved Issues | 42
Migration, Upgrade, and Downgrade Instructions | 48
Product Compatibility | 49
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
Upgrade and Downgrade Support Policy for Junos OS Releases | 48
This section contains the upgrade and downgrade support policy for Junos OS for the EX Series. Upgrading
or downgrading Junos OS can take several hours, depending on the size and configuration of the network.
For information about software installation and upgrade, see the Installation and Upgrade Guide.
48
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not
provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the
next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently
installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from
Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead
or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before
or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release
to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://support.juniper.net/support/eol/software/junos/.
SEE ALSO
What’s New | 30
What’s Chnaged | 36
Known Behavior | 37
Open Issues | 38
Resolved Issues | 42
Documentation Updates | 47
Product Compatibility | 49
Product Compatibility
IN THIS SECTION
Hardware Compatibility | 49
49
Hardware Compatibility
To obtain information about the components that are supported on the devices, and the special compatibility
guidelines with the release, see the Hardware Guide for the product.
To determine the features supported on EX Series switches in this release, use the Juniper Networks
Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature
information to find the right software release and hardware platform for your network. Find Feature
Explorer at https://apps.juniper.net/feature-explorer/.
Hardware Compatibility Tool
For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms,
see the Hardware Compatibility tool.
SEE ALSO
What’s New | 30
What’s Chnaged | 36
Known Behavior | 37
Open Issues | 38
Resolved Issues | 42
Documentation Updates | 47
Migration, Upgrade, and Downgrade Instructions | 48
Junos OS Release Notes for Junos Fusion Enterprise
IN THIS SECTION
New and Changed Features | 50
Changes in Behavior and Syntax | 51
Known Behavior | 52
Known Issues | 52
Resolved Issues | 53
50
Documentation Updates | 54
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 60
These release notes accompany Junos OS Release 19.2R1 for Junos Fusion Enterprise. Junos Fusion
Enterprise is a Junos Fusion that uses EX9200 switches in the aggregation device role. These release notes
describe new and changed features, limitations, and known problems in the hardware and software.
NOTE: For a complete list of all hardware and software requirements for a Junos Fusion
Enterprise, including which Juniper Networks devices can function as satellite devices, see
Understanding Junos Fusion Enterprise Software and Hardware Requirements .
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/product/en_US/junos-os.
New and Changed Features
There are no new features or enhancements to existing features in Junos OS Release 19.2R1 for Junos
Fusion Enterprise.
NOTE: For more information about the Junos Fusion Enterprise features, see the Junos Fusion
Enterprise User Guide.
SEE ALSO
Changes in Behavior and Syntax | 51
Known Behavior | 52
Known Issues | 52
Resolved Issues | 53
Documentation Updates | 54
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 60
51
Changes in Behavior and Syntax
There are no changes in behavior of Junos OS features and changes in the syntax of Junos OS statements
and commands in Junos OS Release 19.2R1 for Junos Fusion Enterprise.
SEE ALSO
New and Changed Features | 50
Known Behavior | 52
Known Issues | 52
Resolved Issues | 53
Documentation Updates | 54
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 60
Known Behavior
There are no known behaviors, system maximums, and limitations in hardware and software in Junos OS
Release 19.2R1 for Junos Fusion Enterprise.
For the most complete and latest information about known Junos OS problems, use the Juniper Networks
online Junos Problem Report Search application.
SEE ALSO
New and Changed Features | 50
Changes in Behavior and Syntax | 51
Known Issues | 52
Resolved Issues | 53
Documentation Updates | 54
52
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 60
Known Issues
IN THIS SECTION
Junos Fusion Enterprise | 52
This section lists the known issues in hardware and software in Junos OS Release 19.2R1 for Junos Fusion
Enterprise.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Junos Fusion Enterprise
On EX4300 when 10G fiber port is using 1G Ethernet SFP optics, auto-negotiation is enabled by default.
•
To bring up the satellite device, BCM recommends to disable the auto-negotiation for PHY84756 ports.
PR1420343
In Junos Fusion Enterprise environment with EX2300-48P or EX2300-48T acting as satellite devices,
•
loop-detect feature does not work for ports 0-23, since the loop detect filter is not properly applied.
PR1426757
SEE ALSO
New and Changed Features | 50
Changes in Behavior and Syntax | 51
Known Behavior | 52
Resolved Issues | 53
Documentation Updates | 54
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 60
53
Resolved Issues
IN THIS SECTION
Resolved Issues: 19.2R1 | 53
This section lists the issues fixed in the Junos OS main release and the maintenance releases.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Resolved Issues: 19.2R1
PoE over LLDP negotiation is not supported on Junos Fusion Enterprise setup. PR1366106
•
New satellite device cannot be added to the Fusion scenario. PR1374982
•
Cascade port might go down after SD reboot in Junos Fusion Enterprise environment. PR1382091
•
Cannot login to SD cluster though it is recognized by AD properly. PR1395570
•
The l2ald might crash when clear ethernet-switching table persistent-learning command is issued.
•
PR1409403
Extended ports in JFE do not adjust MTU when VoIP is enabled. PR1411179
•
The traffic might silently drop and get discarded in Junos Fusion Enterprise scenario with dual-AD.
•
PR1417139
SEE ALSO
New and Changed Features | 50
Changes in Behavior and Syntax | 51
Known Behavior | 52
Known Issues | 52
Documentation Updates | 54
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 60
54
Documentation Updates
There are no errata or changes in Junos OS Release 19.2R1 for documentation for Junos Fusion Enterprise.
SEE ALSO
New and Changed Features | 50
Changes in Behavior and Syntax | 51
Known Behavior | 52
Known Issues | 52
Resolved Issues | 53
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 60
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
Basic Procedure for Upgrading Junos OS on an Aggregation Device | 55
Upgrading an Aggregation Device with Redundant Routing Engines | 57
Preparing the Switch for Satellite Device Conversion | 57
Converting a Satellite Device to a Standalone Switch | 59
Upgrade and Downgrade Support Policy for Junos OS Releases | 59
Downgrading from Junos OS | 59
This section contains the procedure to upgrade or downgrade Junos OS and satellite software for a Junos
Fusion Enterprise. Upgrading or downgrading Junos OS and satellite software might take several hours,
depending on the size and configuration of the Junos Fusion Enterprise topology.
55
Basic Procedure for Upgrading Junos OS on an Aggregation Device
When upgrading or downgrading Junos OS for an aggregation device, always use the junos-install package.
Use other packages (such as the jbundle package) only when so instructed by a Juniper Networks support
representative. For information about the contents of the junos-install package and details of the installation
process, see the Installation and Upgrade Guide.
NOTE: Before upgrading, back up the file system and the currently active Junos OS configuration
so that you can recover to a known, stable environment in case the upgrade is unsuccessful.
Issue the following command:
user@host> request system snapshot
The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration
information from the previous software installation is retained, but the contents of log files might
be erased. Stored files on the routing platform, such as configuration templates and shell scripts
(the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored
files, copy them to another system before upgrading or downgrading the routing platform. See
the Junos OS Administration Library.
To download and install Junos OS:
1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:
https://www.juniper.net/support/downloads/
2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address)
and password supplied by Juniper Networks representatives.
3. Select By Technology > Junos Platform > Junos Fusion to find the software that you want to download.
4. Select the release number (the number of the software version that you want to download) from the
Version drop-down list on the right of the page.
5. Select the Software tab.
6. Select the software package for the release.
56
7. Review and accept the End User License Agreement.
8. Download the software to a local host.
9. Copy the software to the routing platform or to your internal software distribution site.
10. Install the new junos-install package on the aggregation device.
NOTE: We recommend that you upgrade all software packages out of band using the console
because in-band connections are lost during the upgrade process.
Customers in the United States and Canada, use the following commands:
user@host> request system software add validate reboot source/package-name.tgz
All other customers, use the following commands, where n is the spin number.
user@host> request system software add validate reboot source/package-name-limited.tgz
Replace source with one of the following values:
/pathname—For a software package that is installed from a local directory on the router.
•
For software packages that are downloaded and installed from a remote location:
•
ftp://hostname/pathname
•
http://hostname/pathname
•
scp://hostname/pathname (available only for Canada and U.S. version)
•
The validate option validates the software package against the current configuration as a prerequisite
to adding the software package to ensure that the router reboots successfully. This is the default
behavior when the software package being added is a different release.
Adding the reboot command reboots the router after the upgrade is validated and installed. When the
reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.
Rebooting occurs only if the upgrade is successful.
Upgrading an Aggregation Device with Redundant Routing Engines
If the aggregation device has two Routing Engines, perform a Junos OS installation on each Routing Engine
separately to minimize disrupting network operations as follows:
57
1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the
configuration change to both Routing Engines.
2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running
software version on the master Routing Engine.
3. After making sure that the new software version is running correctly on the backup Routing Engine,
switch over to the backup Routing Engine to activate the new software.
4. Install the new software on the original master Routing Engine that is now active as the backup Routing
Engine.
For the detailed procedure, see the Installation and Upgrade Guide.
Preparing the Switch for Satellite Device Conversion
There are multiple methods to upgrade or downgrade satellite software in your Junos Fusion Enterprise.
See Configuring or Expanding a Junos Fusion Enterprise.
For satellite device hardware and software requirements, see Understanding Junos Fusion Enterprise
Software and Hardware Requirements.
Use the following command to install Junos OS on a switch before converting it into a satellite device:
user@host> request system software add validate reboot source/package-name
NOTE: The following conditions must be met before a Junos switch that is running Junos OS
Release 14.1X53-D43 can be converted to a satellite device when the action is initiated from
the aggregation device:
The switch running Junos OS can be converted only to SNOS 3.1 and later.
•
Either the switch must be set to factory-default configuration by using the request system
•
zeroize command, or the following command must be included in the configuration: set chassis
auto-satellite-conversion.
When the interim installation has completed and the switch is running a version of Junos OS that is
compatible with satellite device conversion, perform the following steps:
1. Log in to the device using the console port.
2. Clear the device:
58
[edit]
user@satellite-device# request system zeroize
NOTE: The device reboots to complete the procedure for resetting the device.
If you are not logged in to the device using the console port connection, your connection to the device
is lost after you enter the request system zeroize command.
If you lose connection to the device, log in using the console port.
3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces
from Virtual Chassis ports (VCPs) into network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number
For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into
network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 0
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 1
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 2
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 3
This step is required for the 40-Gbps QSFP+ interfaces that will be used as uplink interfaces in a Junos
Fusion topology. Built-in 40-Gbps QSFP+ interfaces on EX4300 switches are configured into VCPs by
default, and the default settings are restored after the device is reset.
After this initial preparation, you can use one of three methods to convert your switches into satellite
devices—autoconversion, manual conversion, or preconfiguration. See Configuring or Expanding a Junos
Fusion Enterprise for detailed configuration steps for each method.
Converting a Satellite Device to a Standalone Switch
If you need to convert a satellite device to a standalone device, you must install a new Junos OS software
package on the satellite device and remove it from the Junos Fusion topology. For more information, see
Converting a Satellite Device to a Standalone Device.
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not
provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the
next EEOL release even though EEOL releases generally occur in increments beyond three releases.
59
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently
installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from
Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead
or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before
or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release
to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html
Downgrading from Junos OS
Junos Fusion Enterprise is first supported in Junos OS Release 16.1, although you can downgrade a
standalone EX9200 switch to earlier Junos OS releases.
NOTE: You cannot downgrade more than three releases.
For more information, see the Installation and Upgrade Guide.
To downgrade a Junos Fusion Enterprise from Junos OS Release 19.2R1, follow the procedure for upgrading,
but replace the 19.2 junos-install package with one that corresponds to the appropriate release.
SEE ALSO
New and Changed Features | 50
Changes in Behavior and Syntax | 51
Known Behavior | 52
Known Issues | 52
Resolved Issues | 53
Documentation Updates | 54
Product Compatibility | 60
60
Product Compatibility
IN THIS SECTION
Hardware and Software Compatibility | 60
Hardware Compatibility Tool | 60
Hardware and Software Compatibility
For a complete list of all hardware and software requirements for a Junos Fusion Enterprise, including
which Juniper Networks devices function as satellite devices, see Understanding Junos Fusion Enterprise
Software and Hardware Requirements in the Junos Fusion Enterprise User Guide.
To determine the features supported in a Junos Fusion, use the Juniper Networks Feature Explorer, a
Web-based application that helps you to explore and compare Junos OS feature information to find the
right software release and hardware platform for your network. Find Feature Explorer at
https://apps.juniper.net/feature-explorer/.
Hardware Compatibility Tool
For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms,
see the Hardware Compatibility tool.
SEE ALSO
New and Changed Features | 50
Changes in Behavior and Syntax | 51
Known Behavior | 52
Known Issues | 52
Resolved Issues | 53
Documentation Updates | 54
Migration, Upgrade, and Downgrade Instructions | 55
Junos OS Release Notes for Junos Fusion Provider Edge
61
IN THIS SECTION
New and Changed Features | 62
Changes in Behavior and Syntax | 62
Known Behavior | 63
Known Issues | 63
Resolved Issues | 64
Documentation Updates | 65
Migration, Upgrade, and Downgrade Instructions | 66
Product Compatibility | 74
These release notes accompany Junos OS Release 19.2R1 for the Junos Fusion Provider Edge. They
describe new and changed features, limitations, and known and resolved problems in the hardware and
software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/product/en_US/junos-os.
New and Changed Features
IN THIS SECTION
Spanning-Tree Protocols | 62
This section describes the new features and enhancements to existing features in Junos OS Release 19.2R1
for Junos Fusion Provider Edge.
Spanning-Tree Protocols
Support for Multiple Spanning Tree Protocol (MSTP) (Junos Provider Edge)—Starting with Junos OS
•
Release 19.2R1, you can configure MSTP on MX480 devices. MSTP scales better than other types of
spanning-tree protocols and enables load balancing.
62
[See Configuring MSTP Protocol.]
SEE ALSO
What’s Changed | 62
Known Limitations | 63
Open Issues | 63
Resolved Issues | 64
Documentation Updates | 65
Migration, Upgrade, and Downgrade Instructions | 66
Product Compatibility | 74
Changes in Behavior and Syntax
There are no changes in the behavior of Junos OS features or in the syntax of Junos OS statements and
commands in Junos OS Release 19.2R1 for Junos Fusion Provider Edge.
SEE ALSO
What's New | 62
Known Limitations | 63
Open Issues | 63
Resolved Issues | 64
Documentation Updates | 65
Migration, Upgrade, and Downgrade Instructions | 66
Product Compatibility | 74
Known Behavior
There are no known behaviors, system maximums, or limitations in hardware and software in Junos OS
Release 19.2R1 for Junos Fusion Provider Edge.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
63
SEE ALSO
What's New | 62
What’s Changed | 62
Open Issues | 63
Resolved Issues | 64
Documentation Updates | 65
Migration, Upgrade, and Downgrade Instructions | 66
Product Compatibility | 74
Known Issues
IN THIS SECTION
Junos Fusion Provider Edge | 64
This section lists the known issues in hardware and software in Junos OS Release 19.2R1 for Junos Fusion
Provider Edge.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Junos Fusion Provider Edge
If a default shaper is applied to a cascade interface of an aggregation device (AD), the displayed value
•
of "Guaranteed rate" is greater than the value of "Shaping rate" in the output of the show class-of-service
scheduler-hierarchy interface command. PR1415502
SEE ALSO
What's New | 62
What’s Changed | 62
64
Known Limitations | 63
Resolved Issues | 64
Documentation Updates | 65
Migration, Upgrade, and Downgrade Instructions | 66
Product Compatibility | 74
Resolved Issues
IN THIS SECTION
Junos Fusion Provider Edge | 65
Junos Fusion Satellite Software | 65
This section lists the issues fixed in Junos OS Release 19.2R1 for Junos Fusion Provider Edge.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Junos Fusion Provider Edge
Auto-negotiation is not disabled in the hardware after the no-auto-negotiation option is set using the
•
CLI. PR1411852
Junos Fusion Satellite Software
Extended Port (EP) LAG might go down on the Satellite Devices (SDs) if the related Cascade Port (CP)
•
links to an Aggregation Device (AD) goes down. PR1397992
SEE ALSO
What's New | 62
What’s Changed | 62
Known Limitations | 63
65
Open Issues | 63
Documentation Updates | 65
Migration, Upgrade, and Downgrade Instructions | 66
Product Compatibility | 74
Documentation Updates
There are no errata or changes in Junos OS Release 19.2R1 documentation for Junos Fusion Provider
Edge.
SEE ALSO
What's New | 62
What’s Changed | 62
Known Limitations | 63
Open Issues | 63
Resolved Issues | 64
Migration, Upgrade, and Downgrade Instructions | 66
Product Compatibility | 74
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
Basic Procedure for Upgrading an Aggregation Device | 66
Upgrading an Aggregation Device with Redundant Routing Engines | 69
Preparing the Switch for Satellite Device Conversion | 69
Converting a Satellite Device to a Standalone Device | 71
Upgrading an Aggregation Device | 73
Upgrade and Downgrade Support Policy for Junos OS Releases | 73
Downgrading from Junos OS Release 19.2 | 74
66
This section contains the procedure to upgrade Junos OS, and the upgrade and downgrade policies for
Junos OS for Junos Fusion Provider Edge. Upgrading or downgrading Junos OS might take several hours,
depending on the size and configuration of the network.
Basic Procedure for Upgrading an Aggregation Device
When upgrading or downgrading Junos OS, always use the jinstall package. Use other packages (such as
the jbundle package) only when so instructed by a Juniper Networks support representative. For information
about the contents of the jinstall package and details of the installation process, see the Installation and
Upgrade Guide.
NOTE: Before upgrading, back up the file system and the currently active Junos OS configuration
so that you can recover to a known, stable environment in case the upgrade is unsuccessful.
Issue the following command:
user@host> request system snapshot
The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration
information from the previous software installation is retained, but the contents of log files might
be erased. Stored files on the routing platform, such as configuration templates and shell scripts
(the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored
files, copy them to another system before upgrading or downgrading the routing platform. See
the Installation and Upgrade Guide.
The download and installation process for Junos OS Release 19.2R1 is different from that for earlier Junos
OS releases.
1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:
https://www.juniper.net/support/downloads/
2. Log in to the Juniper Networks authentication system by using the username (generally your e-mail
address) and password supplied by Juniper Networks representatives.
3. Select By Technology > Junos Platform > Junos Fusion to find the software that you want to download.
4. Select the release number (the number of the software version that you want to download) from the
Version drop-down list to the right of the page.
5. Select the Software tab.
67
6. Select the software package for the release.
7. Review and accept the End User License Agreement.
8. Download the software to a local host.
9. Copy the software to the routing platform or to your internal software distribution site.
10. Install the new jinstall package on the aggregation device.
NOTE: We recommend that you upgrade all software packages out-of-band using the console,
because in-band connections are lost during the upgrade process.
Customers in the United States and Canada, use the following commands.
For 64-bit software:
•
NOTE: We recommend that you use 64-bit Junos OS software when implementing Junos
Fusion Provider Edge.
user@host> request system software add validate reboot
source/jinstall64-19.2R1.SPIN-domestic-signed.tgz
For 32-bit software:
•
user@host> request system software add validate reboot
source/jinstall-19.2R1.SPIN-domestic-signed.tgz
All other customers, use the following commands.
For 64-bit software:
•
NOTE: We recommend that you use 64-bit Junos OS software when implementing Junos
Fusion Provider Edge.
user@host> request system software add validate reboot
source/jinstall64-19.2R1.SPIN-export-signed.tgz
For 32-bit software:
•
68
user@host> request system software add validate reboot
source/jinstall-19.2R1.SPIN-export-signed.tgz
Replace source with one of the following values:
/pathname—For a software package that is installed from a local directory on the router.
•
For software packages that are downloaded and installed from a remote location:
•
ftp://hostname/pathname
•
http://hostname/pathname
•
scp://hostname/pathname (available only for the Canada and U.S. version)
•
The validate option validates the software package against the current configuration as a prerequisite
for adding the software package to ensure that the router reboots successfully. This is the default
behavior when the software package being added is for a different release.
Adding the reboot command reboots the router after the upgrade is validated and installed. When the
reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.
Rebooting occurs only if the upgrade is successful.
NOTE: After you install a Junos OS Release 19.2R1 jinstall package, you cannot return to the
previously installed software by issuing the request system software rollback command. Instead,
you must issue the request system software add validate command and specify the jinstall
package that corresponds to the previously installed software.
Upgrading an Aggregation Device with Redundant Routing Engines
If the aggregation device has two Routing Engines, perform a Junos OS installation on each Routing Engine
separately as follows to minimize disrupting network operations:
1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the
configuration change to both Routing Engines.
2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running
software version on the master Routing Engine.
69
3. After making sure that the new software version is running correctly on the backup Routing Engine,
switch over to the backup Routing Engine to activate the new software.
4. Install the new software on the original master Routing Engine that is now active as the backup Routing
Engine.
For the detailed procedure, see the Installation and Upgrade Guide.
Preparing the Switch for Satellite Device Conversion
Satellite devices in a Junos Fusion topology use a satellite software package that is different from the
standard Junos OS software package. Before you can install the satellite software package on a satellite
device, you first need to upgrade the target satellite device to an interim Junos OS software version that
can be converted to satellite software. For satellite device hardware and software requirements, see
Understanding Junos Fusion Software and Hardware Requirements
NOTE: The following conditions must be met before a standalone switch that is running Junos
OS Release 14.1X53-D43 can be converted to a satellite device when the action is initiated from
the aggregation device:
The switch can be converted to only SNOS 3.1 and later.
•
Either the switch must be set to factory-default configuration by using the request system
•
zeroize command, or the following command must be included in the configuration: set chassis
auto-satellite-conversion.
Customers with EX4300 switches, use the following command:
user@host> request system software add validate reboot
source/jinstall-ex-4300-14.1X53-D43.3-domestic-signed.tgz
Customers with QFX5100 switches, use the following command:
user@host> request system software add reboot
source/jinstall-qfx-5-14.1X53-D43.3-domestic-signed.tgz
When the interim installation has completed and the switch is running a version of Junos and OS on one
line that is compatible with satellite device conversion, perform the following steps:
1. Log in to the device by using the console port.
2. Clear the device:
70
[edit]
user@satellite-device# request system zeroize
NOTE: The device reboots to complete the procedure for resetting the device.
If you are not logged in to the device by using the console port connection, your connection to the
device is lost after you enter the request system zeroize command.
If you lose your connection to the device, log in using the console port.
3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces
from Virtual Chassis ports (VCPs) into network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number
For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into
network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 0
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 1
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 2
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 3
This step is required for the 40-Gbps QSFP+ interfaces that will be used as uplink interfaces in a Junos
Fusion topology. Built-in 40-Gbps QSFP+ interfaces on EX4300 switches are configured into VCPs by
default, and the default settings are restored after the device is reset.
After this initial preparation, you can use one of three methods to convert your switches into satellite
devices—autoconversion, manual conversion, and preconfiguration. See Configuring Junos Fusion Provider
Edge for detailed configuration steps for each method.
Converting a Satellite Device to a Standalone Device
If you need to convert a satellite device to a standalone device, you must install a new Junos OS software
package on the satellite device and remove the satellite device from the Junos Fusion topology.
NOTE: If the satellite device is a QFX5100 switch, you need to install a PXE version of Junos
OS. The PXE version of Junos OS is software that includes pxe in the Junos OS package name
when it is downloaded from the Software Center—for example, the PXE image for Junos OS
Release 14.1X53-D43 is named install-media-pxe-qfx-5-14.1X53-D43.3-signed.tgz . If the
satellite device is an EX4300 switch, you install a standard jinstall-ex-4300 version of Junos OS.
71
The following steps explain how to download software, remove the satellite device from Junos Fusion,
and install the Junos OS software image on the satellite device so that the device can operate as a standalone
device.
1. Using a Web browser, navigate to the Junos OS software download URL on the Juniper Networks
webpage:
https://www.juniper.net/support/downloads
2. Log in to the Juniper Networks authentication system by using the username (generally your e-mail
address) and password supplied by Juniper Networks representatives.
3. Select By Technology > Junos Platform > Junos Fusion from the drop-down list and select the switch
platform series and model for your satellite device.
4. Select the Junos OS Release 14.1X53-D30 software image for your platform.
5. Review and accept the End User License Agreement.
6. Download the software to a local host.
7. Copy the software to the routing platform or to your internal software distribution site.
8. Remove the satellite device from the automatic satellite conversion configuration.
If automatic satellite conversion is enabled for the satellite device’s member number, remove the
member number from the automatic satellite conversion configuration. The satellite device’s member
number is the same as the FPC slot ID.
[edit]
user@aggregation-device# delete chassis satellite-management auto-satellite-conversion
satellite member-number
For example, to remove member number 101 from Junos Fusion:
[edit]
user@aggregation-device# delete chassis satellite-management auto-satellite-conversion
satellite 101
You can check the automatic satellite conversion configuration by entering the show command at the
[edit chassis satellite-management auto-satellite-conversion] hierarchy level.
72
9. Commit the configuration.
To commit the configuration to both Routing Engines:
[edit]
user@aggregation-device# commit synchronize
Otherwise, commit the configuration to a single Routing Engine:
[edit]
user@aggregation-device# commit
10. Install the Junos OS software on the satellite device to convert the device to a standalone device.
[edit]
user@aggregation-device> request chassis satellite install URL-to-software-package fpc-slot
member-number
For example, to install a PXE software package stored in the /var/tmp directory on the aggregation
device onto a QFX5100 switch acting as the satellite device using FPC slot 101:
[edit]
user@aggregation-device> request chassis satellite install
/var/tmp/install-media-pxe-qfx-5-14.1X53-D43.3-signed.tgz fpc-slot 101
For example, to install a software package stored in the var/tmp directory on the aggregation device
onto an EX4300 switch acting as the satellite device using FPC slot 101:
[edit]
user@aggregation-device> request chassis satellite install
/var/tmp/jinstall-ex-4300-14.1X53-D30.3-domestic-signed.tgz fpc-slot 101
The satellite device stops participating in the Junos Fusion topology after the software installation
starts. The software upgrade starts after this command is entered.
11. Wait for the reboot that accompanies the software installation to complete.
12. When you are prompted to log back into your device, uncable the device from the Junos Fusion topology.
See Removing a Transceiver from a QFX Series Device or Remove a Transceiver, as needed. Your device
has been removed from Junos Fusion.
NOTE: The device uses a factory-default configuration after the Junos OS installation is
complete.
73
Upgrading an Aggregation Device
When you upgrade an aggregation device to Junos OS Release 19.2R1, you must also upgrade your satellite
device to Satellite Device Software version 3.1R1.
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not
provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the
next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently
installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from
Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead
or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before
or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release
to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html.
Downgrading from Junos OS Release 19.2
To downgrade from Release 19.2 to another supported release, follow the procedure for upgrading, but
replace the 19.2 jinstall package with one that corresponds to the appropriate release.
NOTE: You cannot downgrade more than three releases.
For more information, see the Installation and Upgrade Guide.
SEE ALSO
What's New | 62
What’s Changed | 62
Known Limitations | 63
74
Open Issues | 63
Resolved Issues | 64
Documentation Updates | 65
Product Compatibility | 74
Product Compatibility
IN THIS SECTION
Hardware Compatibility | 74
Hardware Compatibility
To obtain information about the components that are supported on the devices, and special compatibility
guidelines with the release, see the Hardware Guide and the Interface Module Reference for the product.
To determine the features supported on MX Series devices in this release, use the Juniper Networks
Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature
information to find the right software release and hardware platform for your network. See the Feature
Explorer.
Hardware Compatibility Tool
For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms,
see the Hardware Compatibility tool.
SEE ALSO
What's New | 62
What’s Changed | 62
Known Limitations | 63
Open Issues | 63
Resolved Issues | 64
Documentation Updates | 65
75
Migration, Upgrade, and Downgrade Instructions | 66
Junos OS Release Notes for MX Series 5G Universal Routing Platform
IN THIS SECTION
New and Changed Features | 76
Changes in Behavior and Syntax | 96
Known Behavior | 100
Known Issues | 102
Resolved Issues | 111
Documentation Updates | 129
Migration, Upgrade, and Downgrade Instructions | 130
Product Compatibility | 137
These release notes accompany Junos OS Release 19.2R1 for the MX Series. They describe new and
changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/product/en_US/junos-os.
New and Changed Features
IN THIS SECTION
New and Changed Features: 19.2R1-S4 | 77
New and Changed Features: 19.2R1-S1 | 77
New and Changed Features: 19.2R1 | 78
76
This section describes the new features and enhancements to existing features in Junos OS Release 19.2R1
for the MX Series routers.
New and Changed Features: 19.2R1-S4
Interfaces and Chassis
Support for 1-Gbps on QFX-60S line card on PTX10008 and PTX10016 Routers—QFX10000-60S-6Q
•
line card supports 1-Gbps speed on its ports (0 to 59). The QFX10000-60S-6Q line card contains 60
SFP+ ports that support 10-Gbps, two dual-speed QSFP28 ports that support either 40-Gbps or 100-Gbps,
and four QSFP+ ports that support 40-Gbps. You can individually configure ports 0 to 59 for 10-Gbps
or 1-Gbps port speed. Use the set chassis fpc fps-slot-number pic pic-number port port-number speed
1G command to change the mode of a port from 10-Gbps to 1-Gbps. The transceivers supported for
1-Gbps are QFX-SFP-1GE-LX, QFX-SFP-1GE-SX, and QFX-SFP-1GE-T.
[See QFX10000 Line Cards for details on the combination of modes supported on the ports.]
Services Applications
Support for Two-Way Active Measurement Protocol (TWAMP) and hardware timestamping of RPM
•
probe messages (MX10000 and PTX10000 routers)—Starting in Release 19.2R1-S4, Junos OS supports
TWAMP and hardware timestamping of RPM probe messages on the MX10008, MX10016, PTX10008
and PTX10016 routers. You can use TWAMP to measure IP performance between two devices in a
network. By enabling hardware timestamping of RPM you can account for the latency in the
communication of probe messages and also generate more accurate timers in the Packet Forwarding
Engine.
77
[See Understanding Two-Way Active Measurement Protocol on Routers and Understanding Using
Probes for Real-Time Performance Monitoring on M, T, PTX and MX Series Routers.]
New and Changed Features: 19.2R1-S1
MPLS
Distributed CSPF for segment routing LSPs (MX Series)—Starting in Junos OS Release 19.2R1-S1, you
•
can compute a segment routing LSP locally on the ingress device according to the constraints you have
configured. With this feature, the LSPs are optimized based on the configured constraints and metric
type. The LSPs are computed to utilize the available ECMP paths to the destination.
Prior to Junos OS Release 19.2R1-S1, for traffic engineering of segment routing paths, you could either
explicitly configure static paths, or use computed paths from an external controller.
[See Enabling Distributed CSPF for Segment Routing LSPs.]
Color-based mapping of VPN services over SRTE (MX Series)—Starting in Junos OS Release 19.2R1-S1,
•
you can specify a color attribute along with an IP protocol next hop to resolve transport tunnels over
static colored and BGP segment routing traffic-engineered (SRTE) label-switched paths (LSPs). This is
called the color-IP protocol next hop resolution, where you are required to configure a resolution-map
and apply it to the VPN services. Prior to this release, the VPN services were resolved over IP protocol
next hops only.
With this feature, you can enable color-based traffic steering of Layer 2 and Layer 3 VPN services.
[See Color-Based Mapping of VPN Services Overview.]
Routing Protocols
Decouple RSVP for IGP-TE (MX Series, PTX Series, ACX Series, QFX Series, SRX Series, and EX
•
Series)—Starting in Junos OS Release 19.2R1-S1, device can advertise selective traffic-engineering
attributes such as admin-color and maximum-bandwidth, without enabling RSVP, for segment routing
and interior gateway protocol (IGP) deployments.
New and Changed Features: 19.2R1
Hardware
New fixed-configuration Modular Port Concentrator (MX240, MX480, and MX960)—Starting in Junos
•
OS Release 19.2R1, the MPC10E-10C-MRATE is a new Modular Port Concentrator (MPC) that is
supported on the MX240, MX480, and MX960 routers.
The MPC10E-10C-MRATE features the following:
Line-rate throughput of up to 1.0 Tbps when installed with an enhanced midplane and 800 Gbps when
•
installed with a standard midplane.
78
Eight QSFP28 ports—Port numbers 0/0 through 0/3 and 1/0 through 1/3. The ports can be configured
•
as 10-Gbps, 40-Gbps, or 100-Gbps Ethernet ports.
Two QSFP56-DD ports—Port numbers 0/4 and 1/4. The ports can be configured as 10-Gps, 40-Gps,
•
100-Gbps Ethernet ports.
[See MX Series 5G Universal Routing Platform Interface Module Reference.]
MX10016 Universal Routing Platform—The MX10016 router provides 10-Gigabit Ethernet, 40-Gigabit
•
Ethernet, and 100-Gigabit Ethernet modular solutions that support up to 2.4 Tbps per slot. The MX10016
router provides redundancy and resiliency. All major hardware components including the power system,
the cooling system, the control board and the switch fabrics are fully redundant. MX10016 enables cloud
and data center operators to transition from 10-Gigabit Ethernet and 40-Gigabit Ethernet networks to
100-Gigabit Ethernet high-performance networks. The 21 rack unit (21 U) modular chassis can provide
38.4 Tbps of throughput. The MX10016 router has 16 slots for the line cards that can support a maximum
of 1536 10-Gigabit Ethernet ports, 384 40-Gigabit Ethernet ports, or 384 100-Gigabit Ethernet ports.
You can deploy the MX10016 router in an IP edge network using an MX10K-LC2101 line card (ordering
model number is JNP10K-LC2101).
[See MX10016 Hardware Guide.]
Advanced Cooling and Power Components (MX10008 Routers)—Starting in Junos OS Release 19.2R1,
•
MX10008 routers offer 5.5 KW power supplies, new high performance fan tray, and compatible fan tray
controller. The JNP10K-PWR-AC2 power supply supports AC, high-voltage alternating current (HVAC),
DC, or high-voltage direct current (HVDC). The JNP10K-PWR-DC2 provides a 5.5 KW upgrade for DC
users. The JNP10008-FAN2 offers increased air flow through the chassis. The JNP10008-FAN2 offers
1793 cubic feet per minute (CFM) per fan tray. The new fan tray controller, JNP10008-FTC2 supports
the new fan tray.
[See MX10008 Hardware Guide.]
Authentication, Authorization and Accounting (AAA) (RADIUS)
Option to enable and disable SCP per user level independent of SSH (MX Series)—Starting in Junos OS
•
19.2R1, you can enable and disable SCP for a certain login class user independent of SSH. By defualt,
SCP is not allowed for users added to the system defined classes read-only, operator and unauthorized
and is only allowed to the system defined class super-user. SCP is allowed for any login class user
belonging to a user defined class. You can deny SCP request for a user assigned to a user defined class
by using the no-scp-server configuration statement. Prior to 19.2R1, SCP was enabled and disabled
when SSH was enabled and disabled.
To disable SCP for a certain login class, use set no-scp-server at the [edit system login class <class_name>]
hierarchy level.
[See no-scp-server.]
Option to enable and disable SFTP per user level (MX Series)—Starting in Junos OS 19.2R1, you can
•
enable and disable SFTP for a certain login class user. By defualt, SFTP is not allowed for users added
to the system defined classes read-only, operator and unauthorized and is only allowed to the system
defined class super-user if SFTP is enabled globally. For a user assigned to a user defined class, by default
SFTP requests are allowed if set system services ssh sftp-server is configured. You can now deny SFTP
requests for a user assigned to a user defined class by using the no-sftp-server configuration statement.
79
To disable SFTP for a certain login class, use set no-sftp-server at the [edit system login class
<class_name>] hierarchy level.
[See no-sftp-server.]
EVPN
Support for BFD, BGP, IS-IS, and OSPF on IRB interfaces in EVPN-MPLS networks (MX Series and
•
vMX)—Starting with Junos OS Release 19.2R1, you can configure Bidirectional Forwarding Detection
(BFD), BGP, IS-IS, and OSPF routing protocols on the IRB interface in an EVPN-MPLS network to route
and forward EVPN traffic. This feature supports single-homed, single-active, and all-active multihomed
networks.
[See EVPN with IRB Solution Overview.]
EVPN support of VLAN ID ranges and lists in service provider style interface configurations (MX Series
•
routers, and vMX virtual routers)—Starting in Junos OS Release 19.2R1, EX9200 switches, ACX5448
and MX Series routers, and vMX virtual routers support the use of VLAN ID ranges and lists in a service
provider style interface configuration, which must be referenced in an EVPN routing instance. This
configuration is supported with the following EVPN environments, services, and features:
Environments:
•
EVPN with VXLAN encapsulation
•
EVPN with MPLS encapsulation
•
VLAN bundle service:
•
E-LAN
•
E-Tree
•
E-Line
•
Feature:
•
EVPN multihoming:
•
All-active
•
Single-active
•
Singlehoming
•
[See VLAN ID Ranges and Lists in an EVPN Environment.]
Connectivity fault management support in EVPN-VPWS (MX Series)—Starting with Junos OS Release
•
19.2R1, you can configure Up maintenance association end points (MEPs) and maintenance association
intermediate point (MIPs) on attachment circuits in support of connectivity fault management (CFM) in
EVPN-VPWS networks. With the MEPs, you can monitor connectivity between two points on the
EVPN-VPWS network. Junos OS supports the continuity check messages (CCM), loopback and link trace
messages (LTMs) as defined in IEEE 802.1AG CFM, and delay measurements (DM) and synthetic loss
measurements (SLMs) as defined in Y.1731 on a single-active homing network.
80
[See Connectivity Fault Management Support for EVPN and Layer 2 VPN Overview.]
Support for control word in EVPN-VPWS (MX Series and vMX) —Starting with Junos OS Release 19.2R1,
•
Junos OS supports the insertion of a control word between the label stack and the MPLS payload in a
network with EVPN-VPWS service. This feature prevents a transit device from delivering out-of-order
packets as a result of the device’s load-balancing hashing algorithm. When you enable the control word
feature on a PE device, the PE device advertises support for a control word. If all the PE devices in an
EVI on the EVPN-VPWS serviced network support control word, then the PE device inserts a control
word between the label stack and the L2 header in the packet thus preventing the packet from being
misidentified by transit devices.
[See Control Word for EVPN-VPWS.]
Forwarding and Sampling
Support for local preference when selecting forwarding next-hops for ECMP traffic (MX Series)—Starting
•
in Junos OS Release 19.2R1, you can have equal cost multi-path (ECMP) traffic flows prefer local
forwarding next-hops over remote ones. This feature supports BGP prefixes that are directly reachable
with IPv4 MPLS ECMP next-hops. Use ecmp-local-bias to direct ECMP traffic towards local links, for
example, to ensure that the overall load on the fabric is reduced. [See ecmp-local-bias for usage details.]
High Availability (HA) and Resiliency
ISSU suport for MX2008 (MX Series)—Starting in Junos OS Release 19.2R1, MX2008 routers support
•
ISSU.
[See Understanding In-Service Software Upgrade (ISSU)]
Interfaces and Chassis
Support for local preference when selecting forwarding next-hops for load balancing (MX Series)—Starting
•
in Junos OS Release 19.2R1, you can have traffic flows across aggregated Ethernet or logical-tunnel
interfaces prefer local forwarding next-hops over remote ones, for example to ensure that the overall
load on the fabric is reduced. [See local-bias for usage details.]
81
Support to collect and display PRBS statistics (MX10003 and MX204)—Starting in Junos OS Release
•
19.2R1, on MX10003 and MX204 routers, you can check the physical link connectivity by issuing the
test interfaces ifd-name prbs-test-start pattern-type type direction (0|1) flip (0|1) that starts collecting
the PRBS statistics.
The output of the show interfaces interface-name prbs-stats command displays the PRBS statistics while
the test is in progress. These statistics are cleared after the test is complete or if it is stopped. You can
stop collecting the statistics by issuing the test interfaces ifd-name prbs-test-stop direction (0|1) command.
NOTE: While running PRBS statistics, the link will be down.
[See prbs-test-start, prbs-test-stop, show interfaces prbs-stats, Collecting Pseudo Random Bit Sequence
(PRBS) Statistics.]
Domain Name System (DNS) is VRF aware (MX Series)—Starting in Junos OS Release 19.2R1, when the
•
management-instance statement is configured at the [edit system] hierarchy level, you can use the
non-default management routing instance mgmt_junos as the routing instance through which the DNS
name server is reachable. To specify the routing instance mgmt_junos, configure our new configuration
statement routing-instance mgmt_junos, at the [edit system name-server server-ip] hierarchy level.
[See Management Interface in a Nondefault Instance, Configuring a DNS Name Server for Resolving a
Hostname into Addresses, name-server, and show host.]
SCBE3-MX interoperates with MPC10E-10C (MX240, MX480, and MX960)—Starting in Junos OS
•
Release 19.2R1, the Enhanced Switch Control Board SCBE3-MX (model number: SCBE3-MX-S) supports
fabric management on the MPC10E-10C line card on the MX240, MX480, and MX960 routers. The
SCBE3-MX-S supports a pluggable Routing Engine and provides a control plane and data plane
interconnect to each line card slot. The MPC10E-10C supports a bandwidth of up to 1 Tbps (800 Gbps
with four planes and 1 Tbps with 5 or 6 planes). With MPC10E 15C line card, in a non-redundant
configuration the SCBE3-MX provides fabric bandwidth of up to 1 Tbps per slot with four fabric planes
and 1.5 Tbps per slot when all six fabric planes are used. Starting in this release, the MPC10E line cards
support the standard midplane, which supports a bandwidth up to 800 Gbps per slot. Support for the
enhanced midplane, which provides a bandwidth of 1.5 Tbps with MPC10E-15C and 1 Tbps with
MPC10E-10C, is already available.
[See SCBE3-MX Description and MPC10E-15C-MRATE]
Support for QSFP-100GE-DWDM2 transceiver (MX204, MX10003, MX10008, and MX10016)—Starting
•
in Junos OS Release 19.2R1, the MX204, MX10003, MX10008, and MX10016 routers support the
QSFP-100GE-DWDM2 transceiver. The 100-Gbps bidirectional transceiver has a dual transmitter/receiver
that enables it to transmit and receive data through a single optical fiber. You can perform the following
actions when this transceiver is installed:
View the diagnostics data, warnings, and alarms for interfaces. [See show interfaces diagnostics optics.]
•
Clear the bit error rate (BER) counters. [See clear interfaces statistics.]
•
82
Obtain the transport, performance monitoring, and threshold crossing alert (TCA) information for
•
interfaces. [See show interfaces transport pm.]
Clear the optics information from transport performance monitoring data. [See clear interfaces transport
•
pm.]
Enable or disable TCAs. [See tca.]
•
Enable or disable loopback mode. [See optics-options.]
•
MPC10 distributed LACP support in PPM AFT (MX Series)—Starting in Junos OS Release 19.2R1, the
•
MPC10E-15C-MRATE and MPC10E-10C-MRATE MPCs support distributed LACP in Periodic Packet
Manager (ppman) Advanced Forwarding Toolkit (AFT).
Support for Routing Engine hard disk smart check (MX240, MX480, MX204, MX960, MX10008,
•
MX2008, MX2020, MX10016, MX10000, MX2010, MX10002, and MX10003)—Starting in Junos OS
Release 19.2R1, you can configure the device to perform certain health checks on the Routing Engine
solid-state drive (SSD) and log a health event or raise an alarm in case a predefined health attribute
threshold is breached. You can use the set chassis routing-engine disk smart-check command to instruct
the system to raise an alarm when an SSD health attribute threshold is breached. You can view the alarm
by using the command show chassis alarms.
[See smart-check]
Junos OS XML API and Scripting
Automation script library additions and upgrades (MX Series)—Starting in Junos OS Release 19.2R1,
•
devices running Junos OS that support the Python extensions package include new and upgraded Python
modules. Python automation scripts can leverage new on-box Python modules, including the requests,
chardet, and urllib3 modules, as well as upgraded versions of the idna, ipaddress, and six modules. The
Requests library provides additional methods for supporting initial deployments as well as for performing
routine monitoring and configuration changes on devices running Junos OS.
[See Overview of Python Modules Available on Devices Running Junos OS and Using the Requests
Library for Python on Devices Running Junos OS.]
Junos Telemetry Interface
•
Inline active flow monitoring support using JTI (MPC10E-15C-MRATE line cards)—Starting in Junos
OS Release 19.2R1, Junos Telemetry Interface (JTI) supports streaming inline active flow monitoring
service-related statistics and errors counters for export to outside collectors at configurable intervals
using remote procedure call (gRPC) services.
Use the following resource path to export statistics:
83
/junos/system/linecard/services/inline-jflow/
To provision the sensor to export data through gRPC services, use the telemetrySubcribe RPC to specify
telemetry parameters. Streaming telemetry data through gRPC also requires the OpenConfig for Junos
OS module. Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled
into the Junos OS image by default. Both packages support JTI.
[See Configuring Flow Aggregation on MX, M, vMX and T Series Routers and NFX250 to Use Version
9 Flow Templates, Guidelines for gRPC Sensors (Junos Telemetry Interface) and Understanding
OpenCOnfig and gRPC on Junos Telemetry Interface.]
•
Packet Forwarding Engine support for JTI (MX2010 and MX2020 routers)—Starting in Junos OS Release
19.2R1, Junos telemetry interface (JTI) supports streaming of Packet Forwarding Engine statistics for
MX2010 and MX2020 routers using Remote Procedure Calls (gRPC). gRPC is a protocol for configuration
and retrieval of state information.
To provision the sensor to export data through gRPC, use the telemetrySubscribe RPC to specify
telemetry parameters. Streaming telemetry data through gRPC also requires the OpenConfig for Junos
OS module. Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled
into the Junos OS image by default. Both packages support the JTI.
[See Guidelines for gRPC Sensors (Junos Telemetry Interface).]
Sensor- level statistics support on JTI (MX960, MX2008, MX2010, MX2020, PTX5000, PTX1000, and
•
PTX10000 routers and QFX5100 and QFX5200 switches)—Starting with Junos OS Release 19.2R1,
you can issue the Junos operational mode command show network-agent statistics to provide more
information on a per-sensor level for statistics being streamed to an outside collector by means of remote
procedure calls (gRPC) and Junos telemetry interface (JTI). Only sensors exported with gRPC are
supported. The command does not support UDP-based sensors.
[See show network-agent statistics and Understanding OpenConfig and gRPC on Junos Telemetry
Interface.]
•
ONCE mode supported using gNMI services and JTI (MX Series)—Starting in Junos OS Release 19.2R1,
you can include the "ONCE" mode with the Subcribe RPC when subscribing to gRPC Network
Management Interface (gNMI) services to export statistics for telemetry monitoring and management
using Junos telemetry interface (JTI). ONCE mode ensures that the collector is only streamed telemetry
information one time.
The Subscribe RPC and subscription parameters are defined in the gnmi.proto file.
Streaming telemetry data through gNMI also requires the OpenConfig for Junos OS module. Starting in
Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled into the Junos OS
image by default. Both packages support JTI.
[See Understanding OpenConfig and gRPC on Junos Telemetry Interface.]
•
Packet Forwarding Engine statistics export using gNMI and JTI (MX960, MX2008, MX2010 and MX2020
routers)—Starting in Junos OS Release 19.2R1, you can stream Packet Forwarding Engine statistics to
an outside collector using gRPC Management Interface (gNMI) version 0.7.0 and Junos telemetry interface
(JTI). Prior to this, these statistics were exported using OpenConfig gRPC and UDP protocol buffer (gpb)
format. OpenConfig gRPC and gNMI are both protocols used to modify and retrieve configurations as
well as export telemetry streams from a device in order to manage and monitor it
84
To provision Packet Forwarding Engine sensors to export data through gNMI, use the Subscribe RPC
defined in the gnmi.proto to specify request parameters. This RPC already supports Routing Engine
statistics to be exported by means of gNMI. Now, Packet Forwarding Engine sensors will also stream
KV pairs in gNMI format for a majority of Packet Forwarding Engine sensors.
Streaming telemetry data through gNMI also requires the OpenConfig for Junos OS module. Starting in
Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled into the Junos OS
image by default. Both packages support JTI.
[See Guidelines for gRPC Sensors (Junos Telemetry Interface) and Understanding OpenCOnfig and gRPC
on Junos Telemetry Interface.]
•
Broadband edge statistics support through JTI (MX Series)—Starting in Junos OS Release 19.2R1,
subscriber-based telemetry streaming is enabled when an MX Series router is configured for Broadband
Network Gateway (BNG) and Junos Fusion where subscribers are connected through Junos Fusion
Satellite devices. You can use remote procedure calls (gRPC) to export broadband edge (BBE) telemetry
statistics to external collectors. gRPC is a protocol for configuration and retrieval of state information.
You can stream all BBE resource paths except for the following:
/junos/system/subscriber-management/access-network/ancp
•
/junos/system/subscriber-management/client-protocols/l2tp
•
/junos/system/subscriber-management/infra/network/l2tp/
•
To stream BBE statistics, include a resource path starting with /junos/system/subscriber-management/
in your gRPC subscription.
To provision the sensor to export data through gRPC, use the telemetrySubscribe RPC to specify
telemetry parameters. Streaming telemetry data through gRPC also requires the OpenConfig for Junos
OS module. Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled
into the Junos OS image by default. Both packages support JTI.
[See Guidelines for gRPC Sensors (Junos Telemetry Interface) and Understanding OpenCOnfig and gRPC
on Junos Telemetry Interface.]
•
gRPC-based streaming telemetry support for subscriber service accounting statistics for JTI (MX Series
5G Universal Routing Platform)—Starting in Junos OS Release 19.2R1, you can enable service filter
accounts statistics for subscribers using Junos telemetry interface (JTI) and remote procedure calls
(gRPC). Service accounting statistics include IP protocol IPv4 family, IPv6 family, or both, as well as
transmit and receive packets and bytes for subscriber service sessions.
To enable these statistics from an MX Series router, include the service-statistics statement at the [edit
dynamic-profiles my-service-profile telemetry] hierarchy level.
85
To stream these statistics, include the resource path
/junos/system/subscriber-mamagement/dynamic-interfaces/interfaces/services/ in your gRPC
subscription to export the statistics to an outside collector.
To provision the sensor to export data through gRPC, use the telemetrySubscribe RPC to specify
telemetry parameters. Streaming telemetry data through gRPC also requires the OpenConfig for Junos
OS module. Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled
into the Junos OS image by default. Both packages support JTI.
[See Guidelines for gRPC Sensors (Junos Telemetry Interface) service-statistics, and Enable Service Filter
Accounting Statistics for Subscribers.]
•
FPC and optics support for JTI (MX Series)—Starting in Junos OS Release 19.2R1, Junos telemetry
interface (JTI) supports streaming of Flexible PIC Concentrator (FPC) and optics statistics for the MX
Series router using remote procedure calls (gRPC). gRPC is a protocol for configuration and retrieval of
state information. This feature effort includes the addition of a new process (SensorD daemon) to export
telemetry data for integration with AFTTelementry and LibTelemetry libraries in the OpenConfig model
called AFT platform.
The following base resource paths are supported:
/junos/system/linecard/environment/
•
/junos/system/linecard/optics/
•
/junos/system/linecard/optics/optics-diag[if-name =])
•
/junos/system/linecard/optics/optics-diag/if-name
•
/junos/system/linecard/optics/optics-diag/snmp-if-index
•
/junos/system/linecard/optics/lane[lane_number=]/
•
To provision the sensor to export data through gRPC, use the telemetrySubcribe RPC to specify telemetry
parameters. Streaming telemetry data through gRPC also requires the OpenConfig for Junos OS module.
Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled into the
Junos OS image by default. Both packages support JTI.
[See Guidelines for gRPC Sensors (Junos Telemetry Interface).]
•
Specify Routing Instance for JTI (ACX Series, MX Series, PTX Series, and QFX Series)—Starting in Junos
OS Release 19.2R1, you can specify the routing instance to use for remote procedure call (gRPC) services.
Include the routing-instance instance-name at the [edit system services extension-service
request-response grpc] hierarchy level. The routing instance name specified should match the name of
the existing routing instance, such as a name configured under the [routing-instances] hierarchy level
or mgmt_junos if system management-instance is configured (the dedicated management routing
instance).
Configuring the routing instance lets you choose the VRF for gRPC services. When the routing instance
is not configured, the default behavior is that all gRPC-related services are available through the
management fxp0/em0) interface.
86
Layer 2 VPN
Support for group key acknowledgment messages (MX Series)—Starting with Junos OS Release 19.2R1,
•
Junos OS supports group members sending acknowledgment messages as defined in RFC 8263 in
response to group key push messages sent by group controllers and key servers. The group member
sends acknowledgment messages when it receives a group key push message with a standard
KEK_ACK_REQUESTED value of 9 in the SA KEK payload as defined in RFC 8263 or a
KEK_ACK_REQUESTED value of 129 that is used in older key servers. No additional configuration is
required.
[See Group VPNv2 Overview.]
Layer 2 Features
Support for basic Layer 2 features on MPC10E-15C-MRATE line card (MX Series)—Starting in Junos
•
OS Release 19.2R1, MPC10E-15C-MRATE line card supports the following basic Layer 2 features:
Layer 2 bridging with trunk and access modes
•
MAC learning and aging
•
Handling BUM (broadcast, unknown unicast and multicast) traffic, including split horizon
•
MAC move
•
Layer 2 forwarding and flooding statics
•
Mesh groups
•
Static MAC addresses
•
MAC learning and forwarding on AE interfaces
•
Bridging on untagged interfaces
•
Basic Q-n-Q tunneling (without VLAN-translation and VLAN map operations)
•
[See Understanding Layer 2 Bridge Domains, Understanding Layer 2 Learning and Forwarding.]
Layer 3 Features
MPC10E-10C and MPC10E-15C support layer 3 routing features (MX240, MX480, and MX960)—Starting
•
in Junos OS Release 19.2R1, MPC10E-10C and MPC10E-15C line cards support the following features
in hyper-mode:
Configuring ICMP redirects and generating ICMP redirect messages.
•
Padding VLAN packets to a minimum frame size of 68 bytes, by using the existing command set
•
interfaces interface-name gigether-options pad-to-minimum-frame-size.
Collecting interface family statistics for IPv4 and IPv6, by using the existing command show interfaces
•
statistics detail interface-name.
87
See Understanding the Hyper Mode Feature on Enhanced MPCs for MX Series Routers and EX9200
Switches
MPLS
Dynamic creation of segment routing LSPs using BGP protocol next hops (MX Series)—Starting in Junos
•
OS Release 19.2R1, you can configure tunnel templates on colored and non-colored segment routing
traffic-engineered (SR-TE) paths. These templates enable dynamic creation of segment routing tunnels
using protocol next hops with BGP prefixes to resolve destination segment identifiers (SIDs).
With this feature, you can benefit from reduced configuration, especially when the network deployment
requires connectivity from each provider edge (PE) device to every other PE device.
[See Static Segment Routing Label Switched Path.]
CSC support for MPLS-over-UDP tunnels (MX Series with MPC and MIC and VMX)—Starting in Junos
•
Release 19.2R1, carrier supporting carrier (CSC) architecture can be deployed with MPLS-over-UDP
tunnels carrying MPLS traffic over dynamic IPv4 UDP tunnels that are established between supporting
carrier's provider edge (PE) devices. With this enhancement, the scaling advantage that the
MPLS-over-UDP tunnels provided is further increased. This feature is not supported on IPv6 UDP
tunnels.
[See Example: Configuring Next-Hop-Based MPLS-Over-UDP Dynamic Tunnels.]
Network Management and Monitoring
Support for displaying valid user input in the CLI for command options and configuration statements
•
in custom YANG data models (MX Series)—Starting in Junos OS Release 19.2R1, the CLI displays the
set of possible values for a given command option or configuration statement in a custom YANG data
model when you include the action-expand extension statement in the option or statement definition
and reference a script that handles the logic. The action-expand statement must include the script child
statement, which defines the Python action script that is invoked when a user requests context-sensitive
help in the CLI for the value of that option or statement.
[See Displaying Valid Command Option and Configuration Statement Values in the CLI for Custom YANG
Modules.]
Support for Synchronous Ethernet with ESMC on JNP10K-LC2101 (MX10008 and MX10016)—Starting
•
in Junos OS Release 19.2R1, the JNP10K-LC2101 line card supports Synchronous Ethernet (SyncE) with
ESMC. Synchronous Ethernet is a physical layer technology that is used to transfer clock signals over
Ethernet interfaces. ESMC transmits Synchronization Status Message (SSM) information, which is the
quality level of the transmitting synchronous Ethernet equipment clock (EEC), by using ESMC protocol
data units (PDUs). This support allows you to configure BITS-0 (external-0) and BITS-1 (external-1) ports
as clock sources or outputs on master Routing and Control Board (JNP10K-RE1). You can also configure
a GPS (external-2) port as a clock source on master Routing and Control Board. This feature also supports
SyncE over aggregated Ethernet (AE).
88
NOTE: Only the GPS port and BITS ports that are configured on master RCB are active.
[Centralized Clocking Overview and Understanding ESMC Quality Level Mapping]
Support for optimizing the SNMP walk execution time for IPsec statistics (MX Series)—Starting in Junos
•
OS Release 19.2R1, you can optimize the SNMP walk execution time for IPsec statistics. To achieve this
optimization, increase the cache lifetime of the IPsec related information (for example statistics and SA
information) so that a single SNMP walk request is served for N number of IPsec Security Associations
(SAs) with N number of queries made to the service PIC. IPsec statistics are now fetched by the burst
mode, thereby reducing the load on the Routing Engine daemon, kmd. For different scale needs, we may
have to tweak the hidden SNMP knob parameters, for example, with Dead Peer detection (DPD) having
more number of tunnels without traffic and simultaneous SNMP walks.
Port Security
Fallback PSK for Media Access Control Security (MACsec) (MX Series)—Starting in Junos OS Release
•
19.2R1, fallback PSK for MACsec is supported on MX Series routers that support MACsec. The fallback
PSK provides functionality to establish a secure session in the event that the primary PSKs on each end
of a MACsec-secured link do not match.
[See Configuring Media Access Control Security (MACsec) on MX Series Routers.]
Routing Policy and Firewall Filters
Support for CCC and Layer 3 firewall forwarding on MPC10E-15C-MRATE line cards (MX
•
Series)—Starting with Junos OS Release 19.2R1, circuit cross-connect (CCC) traffic and Layer 3 firewall
forwarding features are supported on MPC10E-15C-MRATE line cards.
[See CCC Overview and Protocols and Applications Supported by the MPC10E-15C-MRATE.]
Routing Protocols
MPC10 Inline BFD support (MX Series)—Starting in Junos OS Release 19.2, MPC10 MPCs support inline
•
BFD features, excluding micro BFD and BFD sessions with authentication.
89
[See Understanding BFD for Static Routes.]
Support for IPv6 fragment reassembly for v4ov6 dynamic tunnels—Starting in Junos OS Release 19.1R1,
•
you can configure an additional attribute, dynamic-tunnel-reassembly-enable for reassembling IPv6
fragments before the termination of v4ov6 tunnels. The fragment reassembly feature is disabled by
default. IPv6 fragments are discarded when this feature is not enabled.
IPv6 reassembly for v4ov6 tunnels (MX Series)—Starting in Junos OS 19.2R1, you can enable the MX
•
chassis to perform IPV6 fragment reassembly for forwarding Ipv4 traffic. When the
dynamic-tunel-reassembly is configured, the tunnels using the attribute would be setup for reassembling
the IPv6 fragments before the termination of v4ov6 tunnels. By default, this attribute is turned off and
the tunnels are set up to discard the IPv6 fragments.
To enable IPv6 fragment reassembly for forwarding Ipv4 traffic, use set dynamic-tunnel-reassembly on
statement at the [edit routing-options dynamic-tunnels tunnel-attributes <dynamic-tunnel-name>]
hierarchy level.
[See dynamic-tunnel-reassembly.]
Map single IPv6 anycast address on multiple anchor Packet Forwarding Engines (MX240, MX480,
•
MX960, MX2020)—Starting in Junos OS Release 19.2R1, you can assign the same IPv6 anycast address
to multiple anchor Packet Forwarding Engines to manage high traffic from CPE to internet. By default,
this feature is disabled. Prior to Junos OS Release 19.2R1, you can assign an anycast address only to a
single Packet Forwarding Engine and the maximum v4ov6 tunnel scale per Packet Forwarding Engine
in MX Series is 150k. This restricts a single anycast address to be used for 150k tunnels.
To configure the same source address over multiple tunnel-attributes, use set v4ov6
ipv6-anycast-source-duplication statement at the [edit routing-options dynamic-tunnels] hierarchy
level.
If v4ov6 packets are fragmented, the fragmented packets get steered to one of the anchor Packet
Forwarding Engines for IPv6 reassembly processing. To steer the traffic to the correct anchor, Packet
Forwarding Engine needs information about the range of IPv4 prefixes that goes over a particular tunnel.
To get the range of IPv4 prefixes that goes over a particular tunnel, use set get-route-range statement
at the [edit policy-options policy-statement <policy-name> term <term-name> from route-filter
<route-filter-value> <range>] hierarchy level.
[See v4ov6 and get-route-range.]
Support for export of BGP Local RIB through BGP Monitoring Protocol (BMP) (MX Series)—Starting in
•
Junos OS Release 19.2R1, BMP is enhanced to support monitoring of local RIB (loc-rib) policy. The
loc-rib policy is added to RIB types under the bmp route-monitoring statement.
[See: Understanding the BGP Monitoring Protocol.]
Support for BGP routes with N-Multipath primary and 1-Protection backup gateway (MX Series)—Starting
•
in Junos OS 19.2R1, the following enhancements are made to the Junos OS:
Support N+1 formation for BGP labelled unicast protection (LU).
•
Support N+1 formation for BGP PIC (IPv4, IPv6, LU).
•
90
Support for hetero-nexthops (ListNH) in such N+1 formations.
•
Support for KRT to defer fib-update if BGP-multipath is in progress.
•
Removed restriction to use delay-route-advertisement statement for IPv4 labeled-unicast.
•
Four new options import, install-address <address>, no-install, and rib (inet.0 | inet6.0) are added
•
under the egress-te statement.
A new configuration statement allow-protection is introduced to allow protection for multipath legs.
•
To allow protection for multipath legs, use set allow-protection statement at the [edit protocols bgp
multipath] hierarchy level.
A new option always-wait-for-krt-drain is introduced under delay-route-advertisement statement to
•
make more-specific BGP-routes re-advertisement to wait for KRT-queue to drain. To configure this,
use set always-wait-for-krt-drain at the [edit protocols bgp family inet unicast
delay-route-advertisements] hierarchy level.
[See allow-protection (Multipath), delay-route-advertisements and egress-te.]
Security
Juniper Malware Removal Tool—Starting in Junos OS Release 19.2R1, the Juniper Malware Removal
•
Tool (JMRT) can be used to scan and remove malware running on Junos OS devices. To run JMRT, use
the operational commands under the request system malware-scan hierarchy. There are 2 types of
scans you can perform with JMRT:
Quick—Scan each running program file.
Veriexec check—Check if verified execution is enabled.
[See request system malware-scan.]
Services Applications
Support for IPv6 BGP next-hop address in IPv6 and MPLS-IPv6 inline flow record templates(MX
•
Series)—Starting in Junos OS Release 19.2R1, a new element, IPv6 BGP NextHop Address, is available
in the the IPv6 inline flow record template and the MPLS-IPv6 inline flow record template to add support
for IPv6 BGP NextHop information element. The new element is supported on both version 9 and version
10 (IPFIX) export formats. The element ID is 63 and the element size is 16 bytes.
91
[See Understanding Inline Active Flow Monitoring.]
IPv4 and IPv6 version 9 templates for inline active flow monitoring (MPC10E-15C-MRATE on MX
•
Series)—Starting in Junos OS Release 19.2R1, while configuring inline active flow monitoring, you can
apply version 9 flow templates to define a flow record template suitable for IPv4 or IPv6 traffic.
[See Configuring Flow Aggregation on MX, M, vMX and T Series Routers and NFX250 to Use Version
9 Flow Templates.]
Support for Two-Way Active Measurement Protocol (TWAMP) on MPC10E-15C-MRATE line
•
card—Starting in Junos OS Release 19.2R1, TWAMP is supported on MPC10E line card on the MX240,
MX480, and MX960 routers. TWAMP defines a standard for measuring IPv4 performance between two
devices in a network. You can use the TWAMP-Control protocol to set up performance measurement
sessions between a TWAMP client and a TWAMP server, and use the TWAMP-Test protocol to send
and receive performance measurement probes.
Configuring the TWAMP client instance to use si-x/y/z as the destination interface (which enables inline
services) is not supported if the router has an MPC10E-15C-MRATE installed in the chassis. You can
configure only the none authentication mode on the line card.
[See Understanding Two-Way Active Measurement Protocol on Routers]
DS-Lite support on MX Virtual Chassis and MX BNG—Starting in Junos OS Release 19.2R1, the MX
•
Series Virtual Chassis and MX Series broadband network gateway (BNG) support dual-stack lite (DS-Lite).
DS-Lite uses IPv4-over-IPv6 tunnels to traverse an IPv6 access network to reach a carrier-grade IPv4-IPv4
NAT. DS-Lite enables the phased introduction of IPv6 on the Internet by providing backward compatibility
with IPv4.
DS-Lite on the MX Series Virtual Chassis and MX Series BNG does not support the following:
Application Layer Gateways (ALGs)
•
Limits per subnet
•
Clearing NAT mappings and flows for a specific subscriber, for a basic bridging broadband device (B4),
•
or for a specific service set
Port Control Protocol
•
[See Tunneling Services for IPv4-to-IPv6 Transition Overview.]
Hardware timestamping of RPM probe messages—Starting in Junos OS Releases 19.2R1, you can enable
•
timestamps on RPM probes messages in the Packet Forwarding Engine host processor for the following
line cards:.
MPC10E-15C-MRATE line card on MX240, MX480, and MX960 routers
•
MPC11E line card on MX2008, MX2010, and MX2020 routers
•
You can use the following configuration statements at the [edit services rpm probe owner test test-name]
hierarchy level:
92
hardware-timestamp—Enables timestamping of RPM probe messages in the Packet Forwarding Engine
•
host Processor.
one-way-hardware-timestamp—Enables timestamping of RPM probe messages for one-way delay
•
and jitter measurements.
These configuration statements are supported only with icmp-ping, icmp-ping-timestamp, udp-ping, and
udp-ping-timestamp probe types.
See [hardware-timestamp]
[one-way-hardware-timestamp
Understanding Using Probes for Real-Time Performance Monitoring on M, T, PTX and MX Series Routers
Increased number of AMS members supported on single chassis (MX2020)—Starting in Junos OS Release
•
19.2R1, you can configure up to 60 MS-PICs as part of aggregated multiservices (AMS) bundles on a
single chassis. The configuration supports backup and load-balancing mode (N:1) and all active mode
(N:0) with both next-hop style services and interface style services of configurations.
See [Understanding Aggregated Multiservices Interfaces].
IPFIX flow-cache support (MX150) —Starting in Junos OS Release 19.2R1, the flow cache infrastructure
•
support is extended to IPFIX to provide improved throughput with IPFIX service enabled. In earlier
releases, without flow cache support for IPFIX, all data traffic would take the microcode path which is
much slower than flow cache. With this feature, the unsampled traffic gets forwarded using flow cache
which results in better throughput.
Software Defined Networking
PCE-initiated bypass LSPs (MX Series)—Starting in Junos OS Release 19.2R1, the Path Computation
•
Element Protocol (PCEP) functionality is extended to allow a stateful Path Computation Element (PCE)
to initiate, provision, and manage bypass label-switched paths (LSPs) for a protected interface. Multiple
bypass LSPs with bandwidth reservation can be initiated by the PCE to protect a resource.
With this feature, you can benefit from the LSP state synchronization of manual, dynamic, and
PCE-initiated bypass LSPs from a PCE, and leverage on the PCE’s global view of the network, resulting
in better control over traffic at the time of a failure, and deterministic path computation of protection
paths.
[See Support of the Path Computation Element Protocol for RSVP-TE Overview.]
Support for unified ISSU on abstracted fabric interfaces (MX480, MX960, MX2010, MX2020,
•
MX2008)—Starting in Junos OS Release 19.2R1, abstracted fabric (af) interfaces, configured for Junos
Node Slicing, support unified in-service software upgrade (ISSU). Unified ISSU enables an upgrade
between two Junos OS releases with no disruption on the control plane and with minimal disruption of
traffic.
93
NOTE: Since the af interface traffic is load balanced across all available Packet Forwarding
Engines, the traffic loss on an AF interface during ISSU might be higher, compared to the traffic
loss on a regular interface.
An af interface is a pseudo interface that represents a first class Ethernet interface behavior. An AF
interface facilitates routing control and management traffic between guest network functions (GNFs)
through the switch fabric.
[See Abstracted Fabric (AF) Interface.]
Centralized assignment of unique MAC addresses to GNFs (MX960, MX2008, MX2010, and
•
MX2020)—Starting in Junos OS Release 19.2R1, Junos node slicing supports the assignment of a globally
unique MAC address range (supplied by Juniper Networks) for GNFs. To receive the globally unique
MAC address range for the GNFs, contact your Juniper Networks representative and provide your GNF
license SSRN (Software Support Reference Number), which will have been shipped to you electronically
upon your purchase of the GNF license. For each GNF license, you will then be provided an ‘augmented
SSRN’, which includes the globally unique MAC address range assigned by Juniper Networks for that
GNF license. You must then configure this augmented SSRN at the JDM CLI as follows:
set system vnf-license-supplement vnf-id gnf-id license-supplement-string augmented-ssrn-string.
[See Assigning MAC Addresses to GNF]
Support for IPSec, stateful firewall, and CGNAT services on MS-MPCs over abstracted fabric interfaces
•
(MX480, MX960, MX2010, and MX2020)—Starting in Junos OS Release 19.2R1, guest network functions
(GNF) support Layer 3 services such as Carrier-Grade Network Address Translation (CGNAT), stateful
firewall, and IP Security (IPsec) on Multiservices MPCs (MS-MPCs) over abstracted fabric (af) interfaces.
[See Abstracted Fabric Interface]
MX2008 routers support in-chassis Junos node slicing (MX Series)—Starting in Junos OS Release 19.2R1,
•
MX2008 routers support the in-chassis model of Junos node slicing deployment. In the in-chassis model,
the base system (BSYS), Juniper Device Manager (JDM), and all guest network functions (GNFs) run
within the Routing Engine of the MX Series router. To support in-chassis Junos node slicing, the MX2008
must have the Routing Engine REMX2008-X8-128G installed.
[See Configuring MX Series Router to Operate in In-Chassis Mode]
Software Installation and Upgrade
The curl binary is packaged and made available on all Junos OS variants (MX Series)—The curl binary
•
is a command-line utility, used from the shell, that you can use to perform operations over several
transport protocols, including the following: dict, file, ftp, gopher, http, imap, pop3, rtsp, smtp, telnet,
tftp. The features enabled on Junos OS are curl version 7.59, libcurl version 7.59.
Subscriber Management and Services
Support for M:N subscriber redundancy on BNGs (MX Series)—Starting in Junos OS Release 19.2R1,
•
you can configure broadband network gateways (BNGs) to provide interface-level redundancy for DHCP
subscribers that are on the same static VLAN and use the same access interface. Failover from master
to backup BNG is transparent to the clients because the subscriber sessions remain up. You must configure
DHCP active leasequery with topology discovery on peer DHCP relay agents on the master and backup
BNGs to support the redundancy.
94
[See M:N Subscriber Redundancy.]
Support for Interface-Level Redundancy with DHCP Topology Discovery (MX Series)—Starting in Junos
•
OS Release 19.2R1, you can configure DHCP active leasequery with topology discovery to provide
interface-level subscriber redundancy between peer relay agents. Topology discovery enables master
and backup peer relay agents to determine the access interfaces on peers that correspond to their own
local access interfaces for servicing subscriber redundancy groups. During synchronization, DHCP
translates the subscriber binding information to use the local interface on the backup instead of the
interface on the master. You must use topology discovery when you configure M:N subscriber redundancy.
[See DHCP Active Leasequery.]
Support for fixed wireless access subscribers on BNGs (MX Series)—Starting in Junos OS Release 19.2R1,
•
you can configure the broadband network gateway (BNG) to support subscribers that use a fixed wireless
network. Providers use a wireless network for subscriber access over the air instead of than running
fiber to the home. The wireless infrastructure saves costs and reduces complexity compared to the fiber
network. The BNG acts as the Third-Generation Partnership Project (3GPP) System Architecture Evolution
Gateway (SAEGW). The SAEGW incorporates the functions of both the Serving Gateway (SGW) and
the Packet Data Network Gateway (PGW). The SGW function routes and forwards user data packets.
The PGW function provides connectivity to external packet data networks
[See Fixed Wireless Access Networks.]
System Management
Support for transferring accounting statistics files and router configuration archives using HTTP URL
•
(MX Series)—Starting in Junos OS Release 19.2R1, you can transfer accounting statistics files and router
configuration archives to remote servers by using an HTTP URL. In addition to SCP and FTP, the following
HTTP URL will be supported under the archive-sites statement:
http://username@host:url-path password password
To transfer accounting statistics files, configure archive-sites under [edit accounting-options file
•
<filename>] hierarchy.
To transfer router configuration archival, configure archive-sites under edit system archival
•
configuration hierarchy.
To view the statistics of transfer attempted, succeeded, and failed, use the show accounting server
•
statistics archival-transfer command.
To clear the statistics of transfer attempted, succeeded, and failed, use the clear accounting server
•
statistics archival-transfer command.
[See archive-sites, Backing Up Configurations to an Archive Site, show accounting server statistics
archival-transfer, and clear accounting server statistics archival-transfer].
95
Timing and Synchronization
Support for Synchronous Ethernet with ESMC on MPC10E-15C-MRATE (MX240, MX480,
•
MX960)—Starting in Junos OS Release 19.2R1, MPC10E-15C-MRATE supports Synchronous Ethernet
with ESMC. Synchronous Ethernet is a physical layer technology that is used to transfer clock signals
over Ethernet interfaces. It supports hop-by-hop frequency transfer, where all interfaces on the trail
must support Synchronous Ethernet.
ESMC is a logical communication channel. It transmits Synchronization Status Message (SSM) information,
which is the quality level of the transmitting synchronous Ethernet equipment clock (EEC), by using
ESMC protocol data units (PDUs).
[See Synchronous Ethernet Overview].
SEE ALSO
What's Changed | 96
Known Limitations | 100
Open Issues | 102
Resolved Issues | 111
Documentation Updates | 129
Migration, Upgrade, and Downgrade Instructions | 130
Product Compatibility | 137
Changes in Behavior and Syntax
IN THIS SECTION
Interfaces and Chassis | 96
MPLS | 97
Network Management and Monitoring | 97
Routing Policy and Firewall Filters | 98
Services Applications | 98
Software Defined Networking | 98
Subscriber Management and Services | 98
96
VLAN Infrastructure | 99
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS
statements and commands in Junos OS Release 19.2R1 for MX Series routers.
Interfaces and Chassis
Deprecation of the [edit fabric protocols bgp] hierarchy level (MX Series)—Starting in Junos OS Release
•
19.2R1 and later, the [edit fabric protocols bgp] hierarchy level is deprecated.
Support to get Optics Loopback Status for QSFP-100GE-DWDM2 transceivers (MX Series)—In Junos
•
OS Release 19.2R1, and later, on MX Series routers, you can get the optics loopback status of
QSFP-100GE-DWDM2 transceivers along with the regular ethernet loopback status by issuing the show
interfaces interface-name or show interfaces interface-name brief command. New Output field Optics
Loopback is added under Link-level type when show interfaces interface-name CLI command is executed.
Monitoring information available only in Trace log (MX Series)—In Junos OS Release 19.2R1 and later,
•
the Ethernet link fault management daemon (lfmd) in the peer router stops monitoring the locally occurred
errors until ISSU completes. You can view the monitoring-related details only through the trace log file.
Health check for power supplies (MX10008 and MX10016)—Starting in Junos OS Release 19.2R1, on
•
the MX10008 and MX10016 routers, the show chassis environment pem command displays the health
check information about the DC or AC Power supplies. For any power supply that does not support
health check, the status is shown as Unsupported. The system starts health check of a power supply
only if the power consumption exceeds 7 KW.
[See show chassis environment pem]
MPLS
New debug statistics counter (MX Series)—The show system statistics mpls command has a new output
•
field, called Packets dropped, over p2mp composite nexthop, to record the packet drops over composite
point-to-multipoint next hops.
Network Management and Monitoring
The show system schema command and <get-yang-schema> RPC require specifying an output directory
•
(MX Series)—Starting in Junos OS Release 19.2R1, when you issue the show system schema operational
mode command in the CLI or execute the <get-yang-schema> RPC in a remote session to retrieve
schema files, you must specify the directory in which to generate the output files by including the
output-directory command option in the CLI or the <output-directory> element in the RPC. In earlier
releases, you can omit the output-directory argument when requesting a single module to display the
module in standard output.
97
Custom YANG RPC support for input parameters of type empty (MX Series)—Starting in Junos OS
•
Release 19.2R1, custom YANG RPCs support input parameters of type empty when executing the RPC’s
command in the Junos OS CLI, and the value passed to the action script is the parameter name. In earlier
releases, input parameters of type empty are only supported when executing the RPC in a NETCONF
or Junos XML protocol session, and the value passed to the action script is the string 'none'.
[See Creating Action Scripts for YANG RPCs on Devices Running Junos OS.]
Change in power supply alarms (MX10003)—Starting in Junos OS Release 19.2R1, the MX10003 routers
•
do not raise an alarm if a Power Entry Module (PEM) slot is empty. However, when the number of
operational PEMs available is less than 2, the router raises a major alarm. This alarm is cleared when the
required number of PEMs are made available.
[See show chassis alarms]
Routing Policy and Firewall Filters
Fixed an issue with certain combination of match conditions—In Junos OS Release 19.2R1, fixed a
•
temporary issue wherein configuring a firewall filter with a match condition for port along with source-port
and/or destination-port in the same filter term would cause a commit error. Any valid combination of
the filter terms is now supported.
Services Applications
Support for host generated traffic on a GRE over GRE tunnel (MX Series)—In Junos OS Release 19.2R1,
•
you can send host generated traffic on a GRE over GRE tunnel. However, when path maximum
transmission unit (PMTU) is updated for the outer GRE tunnel, MTU for inner GRE tunnel is not corrected.
New syslog message displayed during NAT port allocation error (MX Series Routers with MS MPC)—With
•
address pooling paired (APP) enabled, an internal host is mapped to a particular NAT pool address. In
case, all the ports under a NAT pool address are exhausted, further port allocation requests from the
internal host results in a port allocation failure. The following new syslog message is displayed during
such conditions:
98
JSERVICES_NAT_OUTOF_PORTS_APP
This syslog message is generated only once per NAT pool address.
Software Defined Networking
Deprecated CLI commands and options for JDM (MX480, MX960, MX2010, MX2020, and
•
MX2008)—Starting in Junos OS Release 19.2R1, in Junos Node Slicing, Juniper Device Manager (JDM)
does not support the following CLI commands or options:
show system visibility
•
show system inventory
•
the jinventoryd option in the restart command
•
Subscriber Management and Services
Changing attributes of physical interface with active subscribers (MX Series)—Starting in Junos OS
•
Release 19.2R1, the commit check fails when you change any attribute of the physical interface, such
as the MTU, when subscribers are active. This affects only aggregated Ethernet physical interfaces with
targeted distribution configured. In earlier releases, the commit check does not fail and the attribute
change brings down the physical interface and all subscribers using that interface.
[See CoS for Aggregated Ethernet Subscriber Interfaces Overview.]
Loading...