Junos OS 19.2R1 User manual

Release
Published
2021-04-22
Notes
Junos®OS 19.2R1 Release Notes

SUPPORTED ON

ACX Series, EX Series, Junos Fusion Enterprise, Junos Fusion Provider Edge, MX Series,
NFX Series, PTX Series, QFX Series, and SRX Series
HARDWARE HIGHLIGHTS
SRX5800)
SOFTWARE HIGHLIGHTS
Support for BFD, BGP, IS-IS, and OSPF on IRB interfaces in EVPN-MPLS networks (EX
Series)
Support for control word in EVPN-VPWS (EX9200 Series and MX Series)
Support for QSFP-100GE-DWDM2 transceiver (MX Series)
MX2008 routers support in-chassis Junos node slicing (MX Series)
Support for Synchronous Ethernet with ESMC on JNP10K-LC2101 (MX10008 and
MX10016)
PCE-initiated bypass LSPs (MX Series, PTX Series)
Support for unified ISSU on abstracted fabric interfaces (MX Series)
Support for fixed wireless access subscribers on BNGs (MX Series)
Support for transferring accounting statistics files and router configuration archives using
HTTP URL (MX Series)
Packet Forwarding Engine statistics export using gNMI and JTI (MX Series, PTX1000 and
PTX10000 routers, and QFX5100 and QFX5200 switches)
Dynamic creation of segment routing LSPs using BGP protocol next hops (MX Series, PTX
Series)
gNMI support for Routing Engine statistics for JTI (QFX Series switches)
Loopback firewall filter scale optimization (QFX5120)
EVPN-VXLAN support (QFX10002-60C switches)
Support for 512 ECMP next hops for BGP (QFX10000 switches)
Support to configure micro-applications in a unified policy (SRX Series and vSRX)
Application-level logging for AppQoE (SRX Series)
Anti-Replay Window (SRX Series)
Release Notes: Junos®OS Release 19.2R1 for
the ACX Series, EX Series, MX Series, NFX
Series, PTX Series, QFX Series, SRX Series, and
Junos Fusion
1
22 April 2021

Contents

Introduction | 11
Junos OS Release Notes for ACX Series | 11
New and Changed Features | 12
New and Changed Features: 19.2R1-S1 | 12
New and Changed Features: 19.2R1 | 12
Changes in Behavior and Syntax | 16
Interfaces and Chassis | 17
Junos OS XML, API, and Scripting | 17
Network Management and Monitoring | 17
VLAN Infrastructure | 18
Known Behavior | 18
General Routing | 19
Known Issues | 20
General Routing | 21
Interfaces and Chassis | 24
Resolved Issues | 24
Resolved Issues: 19.2R1-S1 | 25
Resolved Issues: 19.2R1 | 25
Documentation Updates | 26
Installation and Upgrade Guide | 27
Migration, Upgrade, and Downgrade Instructions | 27
Upgrade and Downgrade Support Policy for Junos OS Releases | 27
Product Compatibility | 28
Hardware Compatibility | 29
Junos OS Release Notes for EX Series Switches | 30
New and Changed Features | 30
New and Changed Features: 19.2R1-S1 | 31
New and Changed Features: 19.2R1 | 31
Changes in Behavior and Syntax | 36
Network Management and Monitoring | 36
VLAN Infrastructure | 37
Known Behavior | 37
2
EVPN | 38
General Routing | 38
Platform and Infrastructure | 38
Known Issues | 38
General Routing | 39
Infrastructure | 40
Junos Fusion Enterprise | 41
Layer 3 Features | 41
Platform and Infrastructure | 41
Spanning Tree Protocols | 41
Resolved Issues | 42
Authentication and Access Control | 43
EVPN | 43
General Routing | 43
Infrastructure | 44
Interfaces and Chassis | 44
Layer 2 Ethernet Services | 45
Junos Fusion Enterprise | 45
Network Management and Monitoring | 45
Platform and Infrastructure | 45
Routing Protocols | 46
Software Installation and Upgrade | 46
Subscriber Access Management | 46
Documentation Updates | 47
Installation and Upgrade | 47
Migration, Upgrade, and Downgrade Instructions | 48
Upgrade and Downgrade Support Policy for Junos OS Releases | 48
Product Compatibility | 49
Hardware Compatibility | 49
Junos OS Release Notes for Junos Fusion Enterprise | 50
New and Changed Features | 50
Changes in Behavior and Syntax | 51
Known Behavior | 52
Known Issues | 52
3
Junos Fusion Enterprise | 52
Resolved Issues | 53
Resolved Issues: 19.2R1 | 53
Documentation Updates | 54
Migration, Upgrade, and Downgrade Instructions | 55
Basic Procedure for Upgrading Junos OS on an Aggregation Device | 55
Upgrading an Aggregation Device with Redundant Routing Engines | 57
Preparing the Switch for Satellite Device Conversion | 57
Converting a Satellite Device to a Standalone Switch | 59
Upgrade and Downgrade Support Policy for Junos OS Releases | 59
Downgrading from Junos OS | 59
Product Compatibility | 60
Hardware and Software Compatibility | 60
Hardware Compatibility Tool | 60
Junos OS Release Notes for Junos Fusion Provider Edge | 61
New and Changed Features | 62
Spanning-Tree Protocols | 62
Changes in Behavior and Syntax | 62
Known Behavior | 63
Known Issues | 63
Junos Fusion Provider Edge | 64
Resolved Issues | 64
Junos Fusion Provider Edge | 65
Junos Fusion Satellite Software | 65
Documentation Updates | 65
Migration, Upgrade, and Downgrade Instructions | 66
Basic Procedure for Upgrading an Aggregation Device | 66
Upgrading an Aggregation Device with Redundant Routing Engines | 69
Preparing the Switch for Satellite Device Conversion | 69
Converting a Satellite Device to a Standalone Device | 71
Upgrading an Aggregation Device | 73
Upgrade and Downgrade Support Policy for Junos OS Releases | 73
Downgrading from Junos OS Release 19.2 | 74
4
Product Compatibility | 74
Hardware Compatibility | 74
Junos OS Release Notes for MX Series 5G Universal Routing Platform | 75
New and Changed Features | 76
New and Changed Features: 19.2R1-S4 | 77
New and Changed Features: 19.2R1-S1 | 77
New and Changed Features: 19.2R1 | 78
Changes in Behavior and Syntax | 96
Interfaces and Chassis | 96
MPLS | 97
Network Management and Monitoring | 97
Routing Policy and Firewall Filters | 98
Services Applications | 98
Software Defined Networking | 98
Subscriber Management and Services | 98
VLAN Infrastructure | 99
Known Behavior | 100
General Routing | 100
Interfaces and Chassis | 101
Routing Protocols | 102
Known Issues | 102
EVPN | 103
Forwarding and Sampling | 103
General Routing | 104
Interfaces and Chassis | 108
Layer 2 Ethernet Services | 109
MPLS | 109
Platform and Infrastructure | 109
Routing Protocols | 110
Resolved Issues | 111
Application Layer Gateways (ALGs) | 112
Authentication and Access Control | 112
Class of Service (CoS) | 113
EVPN | 113
5
Flow-based and Packet-based Processing | 114
Forwarding and Sampling | 114
General Routing | 114
Infrastructure | 121
Interfaces and Chassis | 121
Layer 2 Features | 123
Layer 2 Ethernet Services | 123
MPLS | 123
Network Management and Monitoring | 124
Platform and Infrastructure | 125
Routing Policy and Firewall Filters | 125
Routing Protocols | 126
Services Applications | 127
Software Installation and Upgrade | 128
Subscriber Access Management | 128
User Interface and Configuration | 128
VPNs | 128
Documentation Updates | 129
Migration, Upgrade, and Downgrade Instructions | 130
Basic Procedure for Upgrading to Release 19.2 | 131
Procedure to Upgrade to FreeBSD 11.x based Junos OS | 131
Procedure to Upgrade to FreeBSD 6.x based Junos OS | 133
Upgrade and Downgrade Support Policy for Junos OS Releases | 135
Upgrading a Router with Redundant Routing Engines | 136
Downgrading from Release 19.2 | 136
Product Compatibility | 137
Hardware Compatibility | 137
Junos OS Release Notes for NFX Series | 138
New and Changed Features | 138
Architecture | 139
Application Security | 139
Virtual Network Functions | 139
6
Changes in Behavior and Syntax | 140
Factory-default Configuration | 141
Known Behavior | 141
Interfaces | 141
Platform and Infrastructure | 142
Known Issues | 143
High Availability | 143
Interfaces | 143
Platform and Infrastructure | 144
Routing Protocols | 145
Virtual Network Functions (VNFs) | 145
Resolved Issues | 146
Interfaces | 146
Platform and Infrastructure | 146
Documentation Updates | 147
Migration, Upgrade, and Downgrade Instructions | 147
Upgrade and Downgrade Support Policy for Junos OS Releases | 148
Basic Procedure for Upgrading to Release 19.2 | 148
Product Compatibility | 150
Hardware Compatibility | 150
Junos OS Release Notes for PTX Series Packet Transport Routers | 152
New and Changed Features | 153
New and Changed Features: 19.2R1-S4 | 154
New and Changed Features: 19.2R1-S1 | 154
New and Changed Features: 19.2R1 | 154
Changes in Behavior and Syntax | 160
What’s Changed in Release 19.2R1-S5 | 161
What’s Changed in Release 19.2R1 | 161
Known Behavior | 163
General Routing | 163
Interfaces and Chassis | 164
Known Issues | 164
General Routing | 165
Infrastructure | 166
7
Interfaces and Chassis | 166
Layer 2 Ethernet Services | 166
MPLS | 166
Routing Protocols | 166
Resolved Issues | 167
General Routing | 167
Infrastructure | 169
Interfaces and Chassis | 169
MPLS | 169
Platform and Infrastructure | 169
Routing Protocols | 169
Documentation Updates | 170
Installation and Upgrade Guide | 170
Migration, Upgrade, and Downgrade Instructions | 171
Basic Procedure for Upgrading to Release 19.2 | 171
Upgrade and Downgrade Support Policy for Junos OS Releases | 174
Upgrading a Router with Redundant Routing Engines | 174
Product Compatibility | 175
Hardware Compatibility | 175
Junos OS Release Notes for the QFX Series | 176
New and Changed Features | 177
New and Changed Features: 19.2R1-S1 | 177
New and Changed Features: 19.2R1 | 178
Changes in Behavior and Syntax | 186
Interfaces and Chassis | 186
Network Management and Monitoring | 187
Security | 187
Known Behavior | 188
EVPN | 188
General Routing | 188
Layer 2 Features | 189
Routing Protocols | 189
Known Issues | 190
8
EVPN | 190
General Routing | 191
Layer 2 Ethernet Services | 194
Layer 2 Features | 194
MPLS | 196
Platform and Infrastructure | 196
Routing Protocols | 196
Resolved Issues | 197
Resolved Issues: 19.2R1 | 197
Documentation Updates | 204
Installation and Upgrade guide | 204
Migration, Upgrade, and Downgrade Instructions | 205
Upgrading Software on QFX Series Switches | 205
Installing the Software on QFX10002-60C Switches | 208
Installing the Software on QFX10002 Switches | 208
Upgrading Software from Junos OS Release 15.1X53-D3X to Junos OS Release
15.1X53-D60, 15.1X53-D61.7, 15.1X53-D62, and 15.1X53-D63 on QFX10008 and QFX10016 Switches | 209
Installing the Software on QFX10008 and QFX10016 Switches | 211
Performing a Unified ISSU | 215
Preparing the Switch for Software Installation | 216
Upgrading the Software Using Unified ISSU | 216
Upgrade and Downgrade Support Policy for Junos OS Releases | 218
Product Compatibility | 219
Hardware Compatibility | 219
Junos OS Release Notes for SRX Series | 220
New and Changed Features | 221
New and Changed Features: 19.2R1-S1 | 222
New and Changed Features: 19.2R1 | 222
Changes in Behavior and Syntax | 231
Application Security | 232
Ethernet Switching and Bridging | 232
Flow-Based and Packet-Based Processing | 232
Network Management and Monitoring | 232
VPNs | 233
9
Known Behavior | 233
Flow-Based and Packet-Based Processing | 234
J-Web | 234
VPNs | 234
Known Issues | 235
Chassis Clustering | 235
Flow-Based and Packet-Based Processing | 235
J-Web | 236
Platform and Infrastructure | 236
User Firewall | 236
VPNs | 236
Resolved Issues | 237
Application Firewall | 237
Application Identification | 237
Application Layer Gateways (ALGs) | 237
Chassis Clustering | 238
Flow-Based and Packet-Based Processing | 238
Infrastructure | 240
Interfaces and Routing | 240
Intrusion Detection and Prevention (IDP) | 241
Installation and Upgrade | 241
J-Web | 241
Logical Systems and Tenant Systems | 242
Multiprotocol Label Switching (MPLS) | 242
Network Address Translation (NAT) | 242
Network Management and Monitoring | 242
Platform and Infrastructure | 242
Routing Policy and Firewall Filters | 243
Unified Threat Management (UTM) | 243
User Interface and Configuration | 244
VPNs | 244
Documentation Updates | 245
Migration, Upgrade, and Downgrade Instructions | 246
Upgrade and Downgrade Support Policyfor Junos OS Releases and Extended End-Of-Life
Releases | 246
10
Product Compatibility | 247
Hardware Compatibility | 247
Upgrading Using ISSU | 248
Licensing | 248
Compliance Advisor | 248
Finding More Information | 249
Documentation Feedback | 249
Requesting Technical Support | 250
Self-Help Online Tools and Resources | 250
Opening a Case with JTAC | 251
Revision History | 251

Introduction

Junos OS runs on the following Juniper Networks®hardware: ACX Series, EX Series, M Series, MX Series,
NFX Series, PTX Series, QFabric systems, QFX Series, SRX Series, T Series, and Junos Fusion.
These release notes accompany Junos OS Release 19.2R1 for the ACX Series, EX Series, MX Series, NFX Series, PTX Series, QFX Series, SRX Series, and Junos Fusion. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

Junos OS Release Notes for ACX Series

IN THIS SECTION
11
New and Changed Features | 12
Changes in Behavior and Syntax | 16
Known Behavior | 18
Known Issues | 20
Resolved Issues | 24
Documentation Updates | 26
Migration, Upgrade, and Downgrade Instructions | 27
Product Compatibility | 28
These release notes accompany Junos OS Release 19.2R1 for the ACX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

New and Changed Features

IN THIS SECTION
New and Changed Features: 19.2R1-S1 | 12
New and Changed Features: 19.2R1 | 12
This section describes the new features and enhancements to existing features in Junos OS Release 19.2R1 for ACX Series Universal Metro Routers.

New and Changed Features: 19.2R1-S1

Routing Protocols
12
Decouple RSVP for IGP-TE (MX Series, PTX Series, ACX Series, QFX Series, SRX Series, and EX
Series)—Starting in Junos OS Release 19.2R1-S1, device can advertise selective traffic-engineering attributes such as admin-color and maximum-bandwidth, without enabling RSVP, for segment routing and interior gateway protocol (IGP) deployments.

New and Changed Features: 19.2R1

Class of Service (CoS)
Support for class of service (CoS)(ACX6360 routers)—Starting in Junos OS Release 19.2R1, ACX6360
routers support class of service (CoS) functionality.
CoS is the assignment of traffic flows to different service levels. Service providers can use router-based CoS features to define service levels that provide different delay, jitter (delay variation), and packet loss characteristics to particular applications served by specific traffic flows.
[See CoS on ACX Series Universal Metro Routers Features Overview.]
EVPN
EVPN support of VLAN ID ranges and lists in service provider style interface configurations (EX9200
switches, ACX5448 and MX Series routers, and vMX virtual routers)—Starting in Junos OS Release
19.2R1, EX9200 switches, ACX5448 and MX Series routers, and vMX virtual routers support the use of VLAN ID ranges and lists in a service provider style interface configuration, which must be referenced in an EVPN routing instance. This configuration is supported with the following EVPN environments, services, and features:
Environments:
EVPN with VXLAN encapsulation
EVPN with MPLS encapsulation
VLAN bundle service:
E-LAN
E-Tree
E-Line
Feature:
EVPN multihoming:
All-active
Single-active
Singlehoming
[See VLAN ID Ranges and Lists in an EVPN Environment.]
13
Interfaces and Chassis
Support for 100-Mbps and 1-Gbps speeds on Tri-Rate Copper SFP (ACX5448 routers)—Starting in
Junos OS Release 19.2R1, ACX5448 routers support 100-Mbps and 1-Gbps speeds on Tri-Rate Copper SFP optics (part number 740-013111).
NOTE: 100-Mbps speed is supported only on ports xe-0/0/24 through xe-0/0/47.
10-Mbps speed is not supported on Tri-Rate Copper SFP due to hardware limitations.
To set the speed for the optics, issue the set interfaces interface-name speed auto command. [See
Speed for more details.]
To enable autonegotiation, issue the set interfaces interface-name gigether-options auto-negotiation
command. [See auto-negotiation.]
Junos Telemetry Interface
Support for LSP statistics on JTI (ACX6360)—Starting with Junos OS Release 19.2R1, you can provision
the LSP statistics sensor using the resource path /junos/services/label-switched-path/usage/ to monitor per-MPLS LSP statistics on the ACX6360 router and export telemetry data through Junos telemetry interface (JTI) to external collectors. You can stream data at configurable intervals through gRPC without involving polling.
JTI support is only for RSVP LSPs.
Statistics that are streamed are similar to the output displayed by the operational mode command show mpls lsp bypass statistics.
To provision a sensor to export data through gRPC, use the telemetrySubscribe RPC to specify telemetry parameters. Streaming telemetry data through gRPC also requires the OpenConfig for Junos OS module. Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled into the Junos OS image by default. Both packages support JTI.
To enable statistics for export from the Junos OS, include the sensor-based-stats statement at the [edit protocols mpls] hierarchy level.
[See Guidelines for gRPC Sensors (Junos Telemetry Interface) and Understanding OpenConfig and gRPC
on Junos Telemetry Interface.]
Specify Routing Instance for JTI (ACX Series, MX Series, PTX Series, and QFX Series)—Starting in Junos OS Release 19.2R1, you can specify the routing instance to use for remote procedure call (gRPC) services. Include the routing-instance instance-name at the [edit system services extension-service request-response grpc] hierarchy level. The routing instance name specified should match the name of the existing routing instance, such as a name configured under the [routing-instances] hierarchy level or mgmt_junos if system management-instance is configured (the dedicated management routing instance).
14
Configuring the routing instance lets you choose the VRF for gRPC services. When the routing instance is not configured, the default behavior is that all gRPC-related services are available through the management fxp0/em0) interface.
Layer 3 Features
Support for Layer 3 unicast features (ACX 6360)—Starting in Junos OS Release 19.2R1, ACX routers
support the following Layer 3 forwarding features for unicast IPv4 and IPv6 traffic:
Basic IPv6 forwarding
Virtual router (VRF-lite) for both IPv4 and IPv6
Layer 3 subinterfaces support for both IPv4 and IPv6
VRF-lite, subinterfaces, and IPv6 forwarding support on link aggregation groups (LAGs)
Statistics support for Layer 3 subinterfaces
32-way equal-cost multipath (ECMP)
Centralized Bidirectional Forwarding Detection (BFD)
IPv4 Layer 3 protocols:
OSPF
IS-IS
BGP
IPv6 Layer 3 protocols:
OSPFv3
RIPng
Network Management and Monitoring
Support for displaying valid user input in the CLI for command options and configuration statements
in custom YANG data models (ACX Series)—Starting in Junos OS Release 19.2R1, the CLI displays the set of possible values for a given command option or configuration statement in a custom YANG data model when you include the action-expand extension statement in the option or statement definition and reference a script that handles the logic. The action-expand statement must include the script child statement, which defines the Python action script that is invoked when a user requests context-sensitive help in the CLI for the value of that option or statement.
[See Displaying Valid Command Option and Configuration Statement Values in the CLI for Custom YANG
Modules.]
Software Installation and Upgrade
Zero Touch Provisioning (ACX5448)—Starting in Junos OS Release 19.2R1, Zero Touch Provisioning
(ZTP) automates the provisioning of the device configuration and software image with minimal manual intervention on management interface em0.
15
When you physically connect a router to the network and boot it with a factory configuration, the router upgrades the Junos OS software image automatically and automatically installs a configuration file from the network through the management interface.
[See Zero Touch Provisioning.]
System Management
Support for transferring accounting statistics files and router configuration archives using HTTP URL
(ACX Series)—Starting in Junos OS Release 19.2R1, you can transfer accounting statistics files and router configuration archives to remote servers by using an HTTP URL. In addition to SCP and FTP, the following HTTP URL will be supported under the archive-sites statement:
http://username@host:url-path password password
To transfer accounting statistics files, configure archive-sites under [edit accounting-options file
<filename>] hierarchy.
To transfer router configuration archival, configure archive-sites under edit system archival
configuration hierarchy.
To view the statistics of transfer attempted, succeeded, and failed, use the show accounting server
statistics archival-transfer command.
To clear the statistics of transfer attempted, succeeded, and failed, use the clear accounting server
statistics archival-transfer command.
[See archive-sites, Backing Up Configurations to an Archive Site, show accounting server statistics
archival-transfer, and clear accounting server statistics archival-transfer].
Precision Time Protocol (PTP) Transparent Clock with IPv6 Transport (PTX10001-20C and ACX6360-OR
devices)—Starting with Junos OS Release 19.2R1, PTP uses IPv6 transport to synchronize clocks throughout a packet-switched network. With a transparent clock, the PTP packets are updated with theresidence time as the packets pass through the switch. There is no master/slaved designation. End-to-end transparent clocks are supported. With an end-to-end transparent clock, only the residence time is included. The residence time can be sent in a one-step process, which means that the timestamps are sent in one packet.
You can configure the transparent clock at the [edit protocols ptp] Junos OS CLI hierarchy.
[See Understanding Transparent Clocks in Precision Time Protocol.]
SEE ALSO
16
What's Changed | 16
Known Limitations | 18
Open Issues | 20
Resolved Issues | 24
Documentation Updates | 26
Migration, Upgrade, and Downgrade Instructions | 27
Product Compatibility | 28

Changes in Behavior and Syntax

IN THIS SECTION
Interfaces and Chassis | 17
Junos OS XML, API, and Scripting | 17
Network Management and Monitoring | 17
VLAN Infrastructure | 18
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands in Junos OS Release 19.2R1 for the ACX Series routers.

Interfaces and Chassis

Monitoring information available only in trace log (ACX Series)—In Junos OS Release 19.2R1 and later,
the Ethernet link fault management daemon (lfmd) in the peer router stops monitoring the locally occurred errors until ISSU completes. You can view the monitoring-related details only through the trace log file.

Junos OS XML, API, and Scripting

Mandatory configurations and omission of <database-status-information> tag in platforms supporting
Open ROADM standard (ACX6160-T)—Starting in Junos OS Release 19.2R1, it is mandatory to apply rfc-compliant option at the [edit system services netconf] hierarchy level and unhide option at the [edit system services netconf unified] hierarchy level. Also, <database-status-information> tag is omitted for <get> RPC query.
17
[See <get> and netconf.]

Network Management and Monitoring

The show system schema command and <get-yang-schema> RPC require specifying an output directory
(ACX Series)—Starting in Junos OS Release 19.2R1, when you issue the show system schema operational mode command in the CLI or execute the <get-yang-schema> RPC in a remote session to retrieve schema files, you must specify the directory in which to generate the output files by including the output-directory command option in the CLI or the <output-directory> element in the RPC. In earlier releases, you can omit the output-directory argument when requesting a single module to display the module in standard output.
Custom YANG RPC support for input parameters of type empty (ACX Series)—Starting in Junos OS
Release 19.2R1, custom YANG RPCs support input parameters of type empty when executing the RPC’s command in the Junos OS CLI, and the value passed to the action script is the parameter name. In earlier releases, input parameters of type empty are only supported when executing the RPC in a NETCONF or Junos XML protocol session, and the value passed to the action script is the string 'none'.
[See Creating Action Scripts for YANG RPCs on Devices Running Junos OS.]

VLAN Infrastructure

Specifying a descending VLAN ID range ( ACX5448 routers)—In Junos OS releases prior to Junos OS
Release 19.2R1, the system accepts a descending range—for example, 102-100, with the vlan-id-range configuration statement in the [edit interfaces interface-name unit logical-unit-number] hierarchy.
Starting with Junos OS Release 19.2R1, the system considers a descending range specified with vlan-id-range to be invalid and raises an error if you try to commit this configuration.
SEE ALSO
What's New | 12
Known Limitations | 18
Open Issues | 20
Resolved Issues | 24
18
Documentation Updates | 26
Migration, Upgrade, and Downgrade Instructions | 27
Product Compatibility | 28

Known Behavior

IN THIS SECTION
General Routing | 19
This section lists known behavior, system maximums, and limitations in hardware and software in Junos OS Release 19.2R1 for the ACX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

General Routing

ACX6360-OR Telemetry infrastructure does not support the interface-filtering capability. Therefore,
after you enable a particular sensor for telemetry, it is turned on for all the interfaces. PR1371996
For the et interface, only PRE_FEC_SD defect is raised no OTN alarm is raised. PR1371997
static-cak encryption does not work between two ACX-OX transponder nodes. PR1389802
For ACX6360 TIC, the beacon port-range needs to be updated to 0-7 instead of 0-15.PR1399335
When timing configuration and corresponding interface configuration is flapped for multiple times in
iteration, PTP is stuck in "INITIALIZE" state where the ARP for the neighbor is not resolved. In issue state, BCM hardware block get into inconsistency state, where the lookup is failing. PR1410746
Snake traffic fails because of the static MAC address assigned for interface. Static MAC address on
interface is not supported in ACX Series routers. PR1427132
When an end device (fan tray CPLD) i2c line is grounded or pulled low, the other device fails to write
or read. As a workaround, verify the isolation functionality through software simulation when the device is in the problem state. But in this case where we grounded one of the fan tray CPLD i2c line to verify the failed test case, then entire circuit will get stalled and it leads to write fail for other devices also such as the PEM, temp sensors. PR1427222
19
Multicast packets are flooded in a BD if snooping is not enabled. If interfaces x and y belong to a BD,
then all multicast packets will be flooded to both x and y interface. If packets are received from interface x, packets will be flooded to x & y in ingress but discarded in the egress path for interface x because the packet is received from the same interface. But these packets are also counted in the VOQ and hence more queue statistics are seen. This is a known hardware limitation. monitor interface xe-0/0/30Input
packets: 177958 (64 pps) [0]Output packets: 357306 (128 pps) [0] monitor interface xe-0/0/12Input packets: 361161 (128 pps) [642]Output packets: 179878 (63 pps) [320] root@rioxd-p2a-a> show interfaces queue xe-0/0/30 Queue: 0, Forwarding classes: best-effortQueued:Packets : 544032 192 pps . => Sum of 64 + 128pps root@rioxd-p2a-a> show interfaces queue xe-0/0/12 Queue: 0, Forwarding classes: best-effortQueued:Packets : 550929 192 pps . => Sum of 64 + 128pps PR1429628
Any packet greater than MTU size will be accounted as oversized packets. Packets exceeding MTU sizes
are not considered for Jabber check. PR1429923
Even the system LED glows during halt state. PR1430129
Packets dropped because MTU checks in the output interface are not accounted for MTU errors. All
packets above MTU size are accounted for oversized packets in the input interface. PR1430446
1G interfaces are shown as 'xe'. Therefore, the cosmetic issue is observed with respect to auto-negotiation
parameters though there is no impact on functionality. PR1430835
BCM SDK do not support statistics. The routes get re-installed on a periodic basis and SDK does not
support statistics unless Flex mode is moved in KBP. PR1435579
The logical interface statistics in ACX5448 displays the full packet size similar to the behaviour in
ACX5000 Series. PR1439124
The time taken to copy DNX file through a WAN interface is more compared to ACX5000. PR1439960
The hold timer expiry is common across all platforms. It is not specific to RIO platforms. PR1439980
Remote loopback is not supported on RIO-X. PR1443517
SEE ALSO
What's New | 12
What's Changed | 16
Open Issues | 20
Resolved Issues | 24
Documentation Updates | 26
Migration, Upgrade, and Downgrade Instructions | 27
Product Compatibility | 28
20

Known Issues

IN THIS SECTION
General Routing | 21
Interfaces and Chassis | 24
This section lists the known issues in hardware and software in Junos OS Release 19.2R1 for the ACX Series Universal Metro Routers.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

General Routing

Forwarding when using non-existing SSM map source address in IGMPv3 instead of pruning. This is a
day 1 design issue which needs to be redesigned. The impact is more, But definitely this needs some soaking time in DCB before it gets ported in previous versions. PR1126699
When ACX 2100 and 2200 routers are used as ingress PE routers for L2circuit connections, and the
PE-CE interface (UNI) is an aggregated Ethernet interface, then upon MPLS path switchover, the traffic might be silently dropped or discarded. PR1194551
The maximum number of logical interfaces (IFLs) on the ACX5000 line of routers has been increased
from 1000 to 4000. PR1229492
When Layer 3 packets are classified, DiffServ code points are not preserved but are getting lost at the
egress interface because of a chipset limitation. PR1322142
On ACX5000 platforms with Junos OS 16.2 onwards, the fxpc process might use high CPU. This issue
can occur after an upgrade in some cases. PR1360452
On ACX1x00/ACX2x00/ACX4x00 running in 15-releases previous to Junos OS Release 15.1R8, when
configuring mac-table-size under bridge-domain, an incorrect commit error appears, not allowing the commit to succeed. PR1364811
21
The switchover time observed is more than 50ms under certain soak test conditions with an increased
scale with a multi-protocol multi-router topology. PR1387858
On ACX5000 running Junos OS Release 17.3 and later releases, the Packet Forwarding Engine syslog
frequently shows the following error messages: acx_cos_tcp_bind_queues:736 parent acx_cos_tcp_ifd for ifd:ae0 doesn't exist for ifl:549. In Junos OS Release 17.3R3-S1, the error logs appear only from time
to time, and this can be related with an interface flap. In Junos OS Release 18.1R3, the logs appear constantly, without any interface flap. This message is related to HCOS checking (even without HCOS configured). In the software fix, check if the aggregate interface has HCOS configured or not. If not, return gracefully from this function without throwing this error. This is a harmless message. PR1392088
IGMP packets over Layer 2 Circuit with control word are dropped in ACX5048. PR1394301
On ACX1000, ACX2000, ACX4000, ACX5048, and ACX5096 platforms, after a new child logical interface
with VLAN and filter is added on an aggregated Ethernet IFD or changing the VLAN ID of a child IFL with filter, traffic over the aggregated Ethernet physical interface might get filtered with that filter on the child IFL. For example: ae-0/0/0 is an physical interface and ae-0/0/0.100 is an Ilogical interface.
PR1407855
Clock Class value is wrong in Default Data (show ptp clock) when the slave interface is down in PTP-OC
device. PR1416421
On ACX5448 devices, the ZTP process will proceed with the image upgrade even in situations when
there is a mismatch in the platform name of the software image stored on FTP/ZTP servers and the actual platform on which the ZTP process is being run. PR1418313
Hardware-based fragmentation or reassembly is not supported. Software-based fragmentation rates
are going to be extremely slow depending CPU load. PR1419371
On ACX5000 platforms, thigh CPU usage on the fxpc process might be seen under rare condition if
parity errors are detected in devices. It has no direct service or traffic impact. However, since CPU utilization is high during this issue, there are some side effects. For example, it could impact time-sensitive features such as BFD. PR1419761
Packets transmitted in a queue are not as expected when testing IEEE-802.1ad inner classifier at the
ingress and IEEE-802.1ad rewrite at the egress with various events. PR1422515
The input packets account for all the frames that are coming in, including the oversized frames. Whereas
oversized frame counter only accounts for oversized frames. PR1425748
Because of the BCM sdk design, EEDB hardware entry is not freed for unicast next-hop creation. This
leads to resource leakage and is not allowing to higher scale. PR1426734
Error messages can be seen sometimes if the optics is being unplugged in between the eeprom read.
This is expected and will not impact any functionality. PR1429016
Multiple hardware i2c failure observed because of intermittent Iayer 2 circuit access failure on main
board switches. PR1429047
22
Packet rates are not seen for aggregated Ethernet logical interface. PR1429590
Traffic loss is seen if the configuration has /128 prefix routes and it is limited to /128 only. Its due to
the known issue tracked in PR 1445231. PR1429833
Any packet greater than the MTU size will be accounted as oversized packets. Packets exceeding the
MTU sizes are not considered for jabber check. PR1429923
This is the expected behavior across all ACX platforms. Even the system LED glows during halt state.
PR1430129
These are initial transient messages seen and does not have any functional impact. PR1430355
Packets dropped due to MTU checks in the output interface are not accounted for MTU errors. All
packets above MTU size are accounted for Oversized-packets in the input interface. PR1430446
If L2VPN sessions have OAM control-channel option set to router-alert-label, the no-control-word
option in L2VPN should not be used for BFD sessions to come up. PR1432854
Timing on 1G, performance is not in par compared with 10G, compensation is done to bring the mean
value under class-A but the peak to peak variations are high and can go beyond 100ns. It has a latency variation with peak to peak variations of around 125ns-250ns (that is, 5-10 percent of the mean latency introduced by the each phy which is of around 2.5us) without any traffic. PR1437175
These errors can be seen if CFP2 optics are not plugged in. PR1438039
1PPS performance metrics (class A) of G.8273.2 are not met for 1G interfaces because of the variable
latency added by the Vittesse PHY. PR1439231
In a certain test condition, it is observed that L2VPN at a scale of 16000 had issues when all were brought
down and up. PR1439471
With an asymmetric network connection (for example, 10G MACsec port connected to 10G channelized
port), high and asymmetric T1 and T4 time errors are seen which introduces a high 2 way time error. This introduces different CF updates in forward and reverse paths. PR1440140
By default mgmt interface speed always shows as 1000Mbps in Junos OS. PR1440675
With MACsec feature enabled and introduction of traffic, the peak to peak value varies with the
percentage of traffic introduced. PR1441388
Recovery of Junos OS volume is not possible from OAM menu. PR1446512
SyncE Jitter tolerance test fails for MACsec ports. For SyncE with MACsec there seems to be additional
framing header and footer that would get added by the MACsec protocol. The impact of this on the jitter test is not obvious and look undefined in the standards and not qualifiable with a single DUT and Calnex. PR1447296
Drop profile maximum threshold might not be reached to its limit when the packet size is other than
1000 bytes. This is due to current design limitation. Making design changes are high risk at this point of time, Hence, The Junos OS Releases 19.2R1-S1, 19.2R(x), and 19.3(x) will not have fix for this issue.
PR1448418
23
If the client et- interface is up and transportd state is in init state, restart transportd process to get the
state updated to normal. This scenario is not seen in normal operation but seen when interfaces are deleted and re-created and configurations are applied. PR1449937
Red drops seen on the 25G channelized aggregated Ethernet interfaces after some events (deactivate,
activate etc) on the PEER box. PR1450674
For the et ports, some output power might be seen even after disabling the interface. This will not have
any functional impact as the bcmport is getting disabled on the interface and the link goes down fine.
PR1452323
Incorrect operating state is displayed in SNMP trap message when a FAN tray is removed. PR1455577
FAN numbering is not the same in the outputs of the following configuration statements show chassis
fan and show snmp mib walk jnxContentsDescr. PR1456589

Interfaces and Chassis

When an unnumbered interface is binding to an interface that has more than one IP address and one of
the IP addresses is deleted, the family inet of the unnumbered interface might be deleted. The issue results in traffic loss for all the services that rely on the family inet of the unnumbered interface. Configure preferred-source-address on the unnumbered interface to prevent deletion of the IP address, thereby avoiding the deletion of the family inet of the unnumbered interface. PR1412534
SEE ALSO
What's New | 12
What's Changed | 16
Known Limitations | 18
Resolved Issues | 24
Documentation Updates | 26
24
Migration, Upgrade, and Downgrade Instructions | 27
Product Compatibility | 28

Resolved Issues

IN THIS SECTION
Resolved Issues: 19.2R1-S1 | 25
Resolved Issues: 19.2R1 | 25
This section lists the issues fixed in Junos OS Release 19.2R1 for the ACX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Resolved Issues: 19.2R1-S1

General Routing
Link Fault Signaling (LFS) do not work on ACX5448, ACX5410, ACX5440, and 100-Gigabit Ethernet
interfaces. PR1401718
In an ACX5448 platforms, when the Packet Forwarding Engine failed to allocate packet buffer, portion
of packet memories might not be free. PR1442901

Resolved Issues: 19.2R1

Class of Service (CoS)
The error message STUCK_BUFF : port_sp not empty for port 35 sp 1 pkts:1 is seen when a lag bundle
is configured with 64 lag links.. PR1346452
General Routing
The 1G copper module interface shows "Link-mode: Half-duplex". PR1286709
25
On an ACX ring topology, after link between ACX and MX flaps, VPLS RI on PE (MX) has no MAC of CE
over l2circuit. PR1360967
ACX5000: fpc0 (acx_rt_ip_uc_lpm_install:LPM route add failed error) Reason : Invalid parameter after
configuring lpm-profile. PR1365034
ACX5448: LIBCOS_COS_TVP_FC_INFO_NOT_FOUND: Forwarding-class information not specified"
prints while committing on configuration prompt. PR1376665
On ACX5448, channelized ET interface of 25-Gigabit interface will not come up after chassis-control
restart. PR1379288
ACX 5448:100 Gigabit link FEC enabled by default on 100G LR4. PR1389518
On ACX Series platforms, the forwarding-option dhcp-relay forward-only command stops working and
the DHCP packets are dropped. PR1392261
On ACX5048, RPM RFC 2544 benchmarking test failed to start. PR1395730
CFM adjacency is not going down with distinct intervals. PR1397883
Dynamic tunnels are not supported on ACX Series routers. PR1398729
VLAN tagged traffic arriving on VPLS interface might get dropped. PR1402626
ot/et interface is not created when invalid speed is configured. PR1403546
ACX 5448: TrTCM Policer configuration parameters are as per RFC4115. PR1405798
The show services inline stateful-firewall flow or show services inline stateful-firewall flow extensive
command might cause a memory leak. PR1408982
ACX Series routers drop DNS responses that contain an underscore. PR1410062
VPLS traffic might stop across ACX5000 with the aggregated Ethernet interface. PR1412042
Junos PCC might reject PCUpdate/PCCreate message if there is metric type other than type 2. PR1412659
Number of inet-arp policers implemented on ACX5000 has been increased from 16 to 64. PR1413807
Swap memory is not initialized on boot on ACX5048. PR1415898
Commit error while configuring firewall with term having log/syslog and accept actions. PR1417377
CoS table error can sometimes cause traffic outages and SNMP timeouts if the optic is plugged out and
inserted back. PR1418696
Slow copy image speed to ACX5448. PR1422544
SEE ALSO
What's New | 12
What's Changed | 16
26
Known Limitations | 18
Open Issues | 20
Documentation Updates | 26
Migration, Upgrade, and Downgrade Instructions | 27
Product Compatibility | 28

Documentation Updates

IN THIS SECTION
Installation and Upgrade Guide | 27
This section lists the errata and changes in Junos OS Release 19.2R1 for the ACX Series documentation.

Installation and Upgrade Guide

Veriexec explained (ACX Series)—Verified Exec (also known as veriexec) is a file-signing and verification
scheme that protects the Junos operating system (OS) against unauthorized software and activity that might compromise the integrity of your device. Originally developed for the NetBSD OS, veriexec was adapted for Junos OS and enabled by default from Junos OS Release 7.5 onwards.
[See Veriexec Overview.]
SEE ALSO
What's New | 12
What's Changed | 16
Known Limitations | 18
Open Issues | 20
27
Resolved Issues | 24
Migration, Upgrade, and Downgrade Instructions | 27
Product Compatibility | 28

Migration, Upgrade, and Downgrade Instructions

IN THIS SECTION
Upgrade and Downgrade Support Policy for Junos OS Releases | 27
This section contains the upgrade and downgrade support policy for Junos OS for the ACX Series Router. Upgrading or downgrading Junos OS might take several minutes, depending on the size and configuration of the network.
For information about software installation and upgrade, see the Installation and Upgrade Guide.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html.
For information about software installation and upgrade, see the Installation and Upgrade Guide.
28
SEE ALSO
What's New | 12
What's Changed | 16
Known Limitations | 18
Open Issues | 20
Resolved Issues | 24
Documentation Updates | 26
Product Compatibility | 28

Product Compatibility

IN THIS SECTION
Hardware Compatibility | 29

Hardware Compatibility

To obtain information about the components that are supported on the devices, and the special compatibility guidelines with the release, see the Hardware Guide for the product.
To determine the features supported on ACX Series routers in this release, use the Juniper Networks Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature information to find the right software release and hardware platform for your network. Find Feature Explorer at https://apps.juniper.net/feature-explorer/.
Hardware Compatibility Tool
For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms, see the Hardware Compatibility tool.
SEE ALSO
What's New | 12
29
What's Changed | 16
Known Limitations | 18
Open Issues | 20
Resolved Issues | 24
Documentation Updates | 26
Migration, Upgrade, and Downgrade Instructions | 27

Junos OS Release Notes for EX Series Switches

IN THIS SECTION
New and Changed Features | 30
Changes in Behavior and Syntax | 36
Known Behavior | 37
Known Issues | 38
Resolved Issues | 42
Documentation Updates | 47
Migration, Upgrade, and Downgrade Instructions | 48
Product Compatibility | 49
30
These release notes accompany Junos OS Release 19.2R1 for the EX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

New and Changed Features

IN THIS SECTION
New and Changed Features: 19.2R1-S1 | 31
New and Changed Features: 19.2R1 | 31
This section describes the new features and enhancements to existing features in Junos OS Release 19.2R1 for the EX Series.
NOTE: The following EX Series switches are supported in Release 19.2R1: EX2300, EX2300-C,
EX3400, EX4300, EX4600-40F, EX4650, EX9200, EX9204, EX9208, EX9214, EX9251, and EX9253.

New and Changed Features: 19.2R1-S1

Routing Protocols
Decouple RSVP for IGP-TE (MX Series, PTX Series, ACX Series, QFX Series, SRX Series, and EX
Series)—Starting in Junos OS Release 19.2R1-S1, device can advertise selective traffic-engineering attributes such as admin-color and maximum-bandwidth, without enabling RSVP, for segment routing and interior gateway protocol (IGP) deployments.

New and Changed Features: 19.2R1

31
Authentication, Authorization, and Accounting (AAA)
802.1X authentication (EX4650 switches)—Starting with Junos OS Release 19.2R1, EX4650 switches
support port-based network access control using 802.1X authentication as defined in the IEEE 802.1X standard.
[See 802.1X for Switches Overview.]
Dynamic Host Configuration Protocol
Support for DHCP snooping and other access port security features on private VLANs (EX4300-MP
switches and Virtual Chassis)—Starting in Junos OS Release 19.2R1, you can enable DHCP snooping for security purposes on access ports that are in a private VLAN (PVLAN). You can also protect those ports with DHCP options, dynamic ARP inspection (DAI), IP source guard, and neighbor discovery inspection.
[See Putting Access Port Security on Private VLANs.]
EVPN
Support for BFD, BGP, IS-IS, and OSPF on IRB interfaces in EVPN-MPLS networks (EX series)—Starting
with Junos OS Release 19.2R1, you can configure Bidirectional Forwarding Detection (BFD), BGP, IS-IS, and OSPF routing protocols on the IRB interface in an EVPN-MPLS network to route and forward EVPN traffic. This feature supports single-homed, single-active, and all-active multihomed networks.
[See EVPN with IRB Solution Overview.]
EVPN support of VLAN ID ranges and lists in service provider style interface configurations (EX9200
switches)—Starting in Junos OS Release 19.2R1, EX9200 switches, ACX5448 and MX Series routers, and vMX virtual routers support the use of VLAN ID ranges and lists in a service provider style interface
configuration, which must be referenced in an EVPN routing instance. This configuration is supported with the following EVPN environments, services, and features:
Environments:
EVPN with VXLAN encapsulation
EVPN with MPLS encapsulation
VLAN bundle service:
E-LAN
E-Tree
E-Line
Features:
EVPN multihoming:
All-active
32
Single-active
Singlehoming
[See VLAN ID Ranges and Lists in an EVPN Environment.]
Support for control word in EVPN-VPWS (EX9200 switches)—Starting with Junos OS Release 19.2R1,
Junos OS supports the insertion of a control word between the label stack and the MPLS payload in a network with EVPN-VPWS service. This feature prevents a transit device from delivering out-of-order packets as a result of the device’s load-balancing hashing algorithm. When you enable the control word feature on a PE device, the PE device advertises support for a control word. If all the PE devices in an EVI on the EVPN-VPWS serviced network support control word, then the PE device inserts a control word between the label stack and the L2 header in the packet thus preventing the packet from being misidentified by transit devices.
[See Control Word for EVPN-VPWS.]
JWeb
Support for EX4650 switches—Starting in Junos OS Release 19.2R1, you can use J-Web to configure,
monitor, and manage EX4650 switches.
To configure the EX4650 switch using the J-Web interface, you must connect the cable to the port labeled CON on the rear panel of the switch.
NOTE: In J-Web, the chassis viewer displays only the standalone EX4650 switches view. It
does not display the Virtual Chassis configuration because the EX4650 switch does not support the Virtual Chassis configuration.
[See Dashboard for EX Series Switches and Connecting and Configuring an EX Series Switch (J-Web
Procedure).]
Layer 2 Features
L2PT support (EX4300 multigigabit switches)—Starting with Junos OS Release 19.2R1, you can configure
Layer 2 protocol tunneling (L2PT) for the following protocols on EX4300 multigigabit switches (EX4300-48MP models): CDP, E-LMI, GVRP, IEEE 802.1X, IEEE 802.3AH, LACP, LLDP, MMRP, MVRP, STP (including RSTP and MSTP), UDLD, VSTP, and VTP.
33
[See Layer 2 Protocol Tunneling.]
Multicast
Support for multicast traffic counters (EX4300, EX4300-MP, EX4300 Virtual Chassis)—Starting with
Junos OS Release 19.2R1, you can use firewall filters to count packets and check the bandwidth of multicast traffic received by a host from a particular source and group in a routing instance. To enable this feature, include the multicast-statistics statement at the [edit system packet-forwarding-options] hierarchy level. To check the packet count and bandwidth for each multicast route, use the show multicast route extensive command.
[See multicast-statistics (system-packet forwarding).]
IGMP snooping with private VLANs (EX4300 multigigabit switches)—Starting in Junos OS Release
19.2R1, EX4300 multigigabit switches (EX4300-48MP models) support IGMP snooping with private VLANs (PVLANs). A PVLAN consists of secondary isolated and community VLANs configured within a primary VLAN. Without IGMP snooping support on the secondary VLANs, switches receive multicast streams on a primary VLAN and flood them to the secondary VLANs. This feature extends IGMP snooping on a primary VLAN to its secondary VLANs to further constrain multicast streams only to interested receivers on PVLANs. When you enable IGMP snooping on a primary VLAN, you implicitly enable it on all secondary VLANs, and the secondary VLANs learn the multicast group information on the primary VLAN.
NOTE: Ports in a secondary VLAN cannot be used as IGMP multicast router interfaces.
Secondary VLANs can receive multicast data streams ingressing on promiscuous trunk ports or inter-switch links acting as multicast router interfaces.
[See IGMP Snooping Overview.]
Network Management and Monitoring
Support for displaying valid user input in the CLI for command options and configuration statements
in custom YANG data models (EX Series)—Starting in Junos OS Release 19.2R1, the CLI displays the set of possible values for a given command option or configuration statement in a custom YANG data model when you include the action-expand extension statement in the option or statement definition and reference a script that handles the logic. The action-expand statement must include the script child statement, which defines the Python action script that is invoked when a user requests context-sensitive help in the CLI for the value of that option or statement.
[See Displaying Valid Command Option and Configuration Statement Values in the CLI for Custom YANG
Modules.]
34
Port Security
Stateless address autoconfiguration (SLAAC) snooping (EX2300, EX3400, EX4300, and Virtual
Chassis)—Starting in Junos OS Release 19.2R1, Junos OS supports SLAAC snooping on EX2300, EX2300 VC, EX3400, EX3400 VC, EX4300, and EX4300 VC. IPv6 clients using SLAAC for dynamic address assignment are validated against the SLAAC snooping binding table before being allowed access to the network.
[See IPv6 Stateless Address Autoconfiguration (SLAAC) Snooping.]
Fallback PSK for Media Access Control Security (MACsec) (EX Series)—Starting in Junos OS Release
19.2R1, fallback PSK for MACsec is supported on EX Series routers that support MACsec. The fallback PSK provides functionality to establish a secure session in the event that the primary PSKs on each end of a MACsec-secured link do not match.
[See Configuring MACsec on EX, SRX and Fusion Devices.]
Support for 802.1X authentication on private VLANs (PVLANs) (EX4300-48MP switches and Virtual
Chassis)—Starting in Junos OS Release 19.2R1, you can enable 802.1X (dot1x) authentication for security purposes on access ports that are in a PVLAN.
PVLANs provide Layer 2 isolation between ports within a VLAN, splitting a broadcast domain into multiple discrete broadcast subdomains by creating secondary VLANs. PVLANs are useful for restricting the flow of broadcast and unknown unicast traffic and for limiting the communication between known hosts.
Authentication prevents unauthenticated devices and users from gaining access to your LAN. For 802.1X and MAC RADIUS authentication, end devices must be authenticated before they receive an IP address from a DHCP server.
On a switch that is configured with both 802.1X authentication and PVLANs, when a new device is attached to the PVLAN network, the device is authenticated and then is assigned to a secondary VLAN based on the PVLAN configuration or RADIUS profile. The device then obtains an IP address and receives access to the PVLAN network.
[See Using 802.1X Authentication and Private VLANs Together on the Same Interface.]
Media Access Control security with 256-bit cipher suite (EX4300)—Starting in Junos OS Release 19.2R1,
the GCM-AES-256 cipher suite for MACsec in static CAK mode is supported on the 2-port QSFP+/1-port QSFP28 uplink module for EX4300-48MP switches. The GCM-AES-256 cipher suite has a maximum key length of 256 bits and is also available with extended packet numbering (GCM-AES-XPN-256).
[See Understanding Media Access Control Security (MACsec).]
Support for MACsec PSK keychain (EX9253)—Starting in Junos OS Release 19.2R1, EX9253 switches
support MACsec PSK chains hitless rollover and Key Agreement Protocol Fail Open mode.
[See Configuring MACsec on EX, SRX and Fusion Devices.]
System Management
35
Support for transferring accounting statistics files and router configuration archives using HTTP URL
(EX Series)—Starting in Junos OS Release 19.2R1, you can transfer accounting statistics files and router configuration archives to remote servers by using an HTTP URL. In addition to SCP and FTP, the following HTTP URL will be supported under the archive-sites statement:
http://username@host:url-path password password
To transfer accounting statistics files, configure archive-sites under [edit accounting-options file
<filename>] hierarchy.
To transfer router configuration archival, configure archive-sites under edit system archival
configuration hierarchy.
To view the statistics of transfer attempted, succeeded, and failed, use the show accounting server
statistics archival-transfer command.
To clear the statistics of transfer attempted, succeeded, and failed, use the clear accounting server
statistics archival-transfer command.
[See archive-sites, Backing Up Configurations to an Archive Site, show accounting server statistics
archival-transfer, and clear accounting server statistics archival-transfer].
SEE ALSO
What’s Chnaged | 36
Known Behavior | 37
Open Issues | 38
Resolved Issues | 42
Documentation Updates | 47
Migration, Upgrade, and Downgrade Instructions | 48
Product Compatibility | 49

Changes in Behavior and Syntax

IN THIS SECTION
Network Management and Monitoring | 36
VLAN Infrastructure | 37
36
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands in Junos OS Release 19.2R1 for the EX Series.

Network Management and Monitoring

The show system schema command and <get-yang-schema> RPC require specifying an output directory
(EX Series)—Starting in Junos OS Release 19.2R1, when you issue the show system schema operational mode command in the CLI or execute the <get-yang-schema> RPC in a remote session to retrieve schema files, you must specify the directory in which to generate the output files by including the output-directory command option in the CLI or the <output-directory> element in the RPC. In earlier releases, you can omit the output-directory argument when requesting a single module to display the module in standard output.
Custom YANG RPC support for input parameters of type empty (EX Series)—Starting in Junos OS
Release 19.2R1, custom YANG RPCs support input parameters of type empty when executing the RPC’s command in the Junos OS CLI, and the value passed to the action script is the parameter name. In earlier releases, input parameters of type empty are only supported when executing the RPC in a NETCONF or Junos XML protocol session, and the value passed to the action script is the string 'none'.
[See Creating Action Scripts for YANG RPCs on Devices Running Junos OS.]

VLAN Infrastructure

Specifying a descending VLAN ID range (EX9200 switches)—In Junos OS releases prior to Junos OS
Release 19.2R1, the system accepts a descending range—for example, 102-100, with the vlan-id-range configuration statement in the [edit interfaces interface-name unit logical-unit-number] hierarchy.
Starting with Junos OS Release 19.2R1, the system considers a descending range specified with vlan-id-range to be invalid and raises an error if you try to commit this configuration.
SEE ALSO
What’s New | 30
Known Behavior | 37
Open Issues | 38
Resolved Issues | 42
37
Documentation Updates | 47
Migration, Upgrade, and Downgrade Instructions | 48
Product Compatibility | 49

Known Behavior

IN THIS SECTION
EVPN | 38
General Routing | 38
Platform and Infrastructure | 38
This section lists known behavior, system maximums, and limitations in hardware and software in Junos OS Release 19.2R1 for the EX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

EVPN

When a VLAN uses an IRB interface as the routing interface, the VLAN-ID parameter must be set to
"none" to ensure proper traffic routing. This issue is platform independent. PR1287557

General Routing

When the box is loaded and unloaded with MACsec configuration multiple times with operations made
continuously, L3 connectivity is been lost and hence stops the system followed by a reboot to resume operation. PR1416499

Platform and Infrastructure

Filters are installed only during route add if there is enough space. If the filter fails because of the
non-availability of TCAM space, those routes might not be processed for filter add later when space becomes available. PR1419926
38
SEE ALSO
What’s New | 30
What’s Chnaged | 36
Open Issues | 38
Resolved Issues | 42
Documentation Updates | 47
Migration, Upgrade, and Downgrade Instructions | 48
Product Compatibility | 49

Known Issues

IN THIS SECTION
General Routing | 39
Infrastructure | 40
Junos Fusion Enterprise | 41
Layer 3 Features | 41
Platform and Infrastructure | 41
Spanning Tree Protocols | 41
This section lists the known issues in hardware and software in Junos OS Release 19.2R1 for the EX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

General Routing

When a VLAN is added as an action for changing the VLAN in both ingress and egress filters, the filter
will not be installed. PR1362609
An EX4300 configured with a firewall filter on lo0 and DHCP security on a VLAN simultaneously might
drop legitimate DHCP renew requests from clients on the corresponding VLANs. This occurs because of the implementation design and chipset limitation. PR1376454
39
After the MACsec session is deleted, the corresponding interfaces might lose their MACsec function if
LACP is enabled on them and the statement exclude lacp is configured under the [edit security macsec] hierarchy. PR1378710
When the show command takes a long time to display results, the STP might change its status as BPDUs
are no longer processed and cause lots of outages. PR1390330
DCPFE did not come up in some instances of abrupt power-off/power-on of EX4650. Power-cycle of
the device or host reboot will recover the device. PR1393554
If PTP transparent clock is configured on the EX4600, and if IGMP snooping is configured for the same
VLAN as PTP traffic, the PTP over Ethernet traffic might be dropped. PR1395186
On EX4300 and EX4600platforms with flexible-ethernet-services enabled, when family inet/inet6 and
vlan-bridge are configured on the same physical interface, and family inet/inet6 is configured first, MAC address movement (MAC learning/deleting) might not happen on this interface resulting in traffic drop.
PR1408230
There is a possibility of seeing multiple reconnect logs, JTASK_IO_CONNECT_FAILED message during
the device initialization. There is no functionality impact because of these messages. These messages can be ignored. PR1408995
On EX9200 devices with MCLAG configuration and other features enabled, there is a loss of approximately
20 seconds during restart of the routing daemon. This traffic loss varies with the configuration that is done. PR1409773
On EX4650 line of switches, uRPF check in strict mode might not work properly. PR1417546
The factory-default configuration for EX4300, EX2300, EX3400, and EX4300-48MP platforms now
include DHCP client configuration on IRB and VME to facilitate connectivity to phone-home server (redirect.juniper.net) from the phone-home-client running on the device. Following are the factory-default configurations:
DHCP enabled on VME and IRB
default VLAN with VLAN ID 1 and L3 interface as IRB.0 PR1423015
On EX2300, EX3400, EX4300, and EX4600, if igmp-snooping is enabled, multicast traffic might be
dropped silently. PR1423556
The issue is limited to DB related to MAC move scenario. When dhcp-security is configured, if multiple
IPv4 and IPv6 clients’ MAC move occurs, the jdhcpd might consume 100 percent CPU and jdhcpd might crash. PR1425206
Multiple EX Series platforms might be unable to commit baseline configuration after zeroization.
{master:0}[edit] root# commit check Mar 26 05:50:48 mustd: UI_FILE_OPERATION_FAILED: File /var/run/db/enable-process.data doesn't exist Mar 26 05:50:48 mgd[1938]: UI_FILE_OPERATION_FAILED: Failed to open /var/run/db/enable-process.data+ file error: Failed to open /var/run/db/enable-process.data+ file error: configuration check-out failed: daemon file propagation failed. PR1426341
40
In certain scenarios, IGMP transit query packets might not be flooded on the VLAN, causing momentary
drop in Layer 2 multicast traffic. PR1427542
In case the port connecting the server from client is a trunk port and has multiple VLANs configured,
then for VLAN on which NDI is not configured, the client remains in the solicit state on starting dhcpv6 device. PR1428769
When the native VLAN is configured along with the flexible VLAN tagging on a L3 subinterface, untagged
packets might be dropped on that L3 subinterface. PR1434646
Added support for i40e NVM upgrade in EX9208. PR1436223
NDI cannot be used in VLAN with IRB on EX92XX. Neighborhood advertisements solicit packets destined
to host are getting dropped with NDI inspection (under DHCPv6 security) on a VLAN with IRB configuration on EX92XX in Junos OS Release 18.4 and later.PR1439844

Infrastructure

On EX3400 and EX2300 line of switches during ZTP with configuration and image upgrade with FTP
as file transfer, image upgrade is successful but sometimes VM core file might be generated. PR1377721
On EX2300, EX2300-C, and EX2300-MP platforms, if Junos OS is with FreeBSD kernel version 11 with
the build date on or after 2019-02-12, the switch might stop forwarding traffic or responding to console. A reboot is required to restore the service. PR1442376

Junos Fusion Enterprise

On EX4300, when 10-Gigabit fiber port is using 1-Gigabit Ethernet SFP optics and auto-negotiation is
enabled by default, the link state goes down and does not come up. PR1420343
In a Junos Fusion Enterprise environment with EX2300-48P or EX2300-48T acting as satellite devices,
loop-detect feature does not work for ports 0-23, because the loop detect filter is not properly applied.
PR1426757

Layer 3 Features

From the code analysis, the CPU rate limiting and corresponding queue points to 100 pps in Junos OS
Release 12.3 for ARP traffic. But in the case of Junos OS Release 11.4, the rate limiter value is 3 Kpps.
PR1165757

Platform and Infrastructure

41
There are multiple failures when an event such as node reboot, ICL flap or ICCP flap occurs; and even
with enhanced convergence configured there is no guarantee that subsecond convergence will be achieved. PR1371493
ICMPv6 packets are hitting the dynamic ingress filter with higher priority, thus never reaching an MF
or static classifier. PR1388324
Adding the second IRB to an aggregated Ethernet and then removing it might cause the first IRB to stop
working. PR1423106

Spanning Tree Protocols

On committing interface-range configuration defined over wild-card range like ge-*/*/* is not supported.
As a result, exceeding valid range for stp-port-ids. The commit fails. Sample example configuration is
set interfaces interface-range RANGE1 member ge-*/*/* and set interfaces interface-range RANGE1 mtu 2000. PR1421446
After converging VSTP, if there is a VSTP configuration change and then BPDU might not be flooded
because of which port role might be in incorrect state in the adjacent switches. There is no loop created in the network. PR1443489
SEE ALSO
What’s New | 30
What’s Chnaged | 36
Known Behavior | 37
Resolved Issues | 42
Documentation Updates | 47
Migration, Upgrade, and Downgrade Instructions | 48
Product Compatibility | 49

Resolved Issues

IN THIS SECTION
Authentication and Access Control | 43
EVPN | 43
General Routing | 43
42
Infrastructure | 44
Interfaces and Chassis | 44
Layer 2 Ethernet Services | 45
Junos Fusion Enterprise | 45
Network Management and Monitoring | 45
Platform and Infrastructure | 45
Routing Protocols | 46
Software Installation and Upgrade | 46
Subscriber Access Management | 46
This section lists the issues fixed in Junos OS Release 19.2R1 for the EX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Authentication and Access Control

Without configuring anything related to dot1x, the syslog dot1xd[2192]: task_connect: task
PNACAUTH./var/run/authd_control addr /var/run/authd_control: Connection refused is generated repeatedly. PR1406965

EVPN

The device might proxy the ARP probe packets in an EVPN environment. PR1427109
ESI is configured on a single-homed 25G port might not work. PR1438227

General Routing

On EX4650 switches, convergence delay between PE1 and P router link is more than the expected delay
value. PR1364244
43
OAM Ethernet connectivity-fault-management configured on aggregated Ethernet interfaces is not
supported and no commit error is seen. PR1367588
IPv6 router advertisement (RA) messages potentially increase internal kernel memory usage. PR1369638
RIPv2 update packets might not be sent with IGMP snooping enabled. PR1375332
Input rate PPS does not increase on EX2300-MP uplink ports when the packet is a pure L2 packet like
non-etherII or non-EtherSnap. PR1389908
EX3400VC - When an interface in a Virtual Chassis member switch that is not master, is flapped, IGMP
query packets 224.0.0.1 are sent to all the ports of the members except the master FPC. PR1393405
PTP over Ethernet traffic might be dropped when IGMP and PTP TC are configured together. PR1395186
EX3400 might not learn 30,000 MAC addresses while sending MAC learning traffic. PR1399575
MAC-limit with persistent MAC is not working after reboot. PR1400507
After upgrading to Junos OS Release 18.1R3.3, adt7470_set_pwm output message is observed
continuously. PR1401709
The DHCP discover packets are forwarded out of an interface incorrectly when DHCP snooping is
configured on that interface. PR1403528
On EX4300-48MP devices, the packets drop when the traffic filter and the routing instance are configured.
PR1407424
The l2cpd might crash if the vstp traceoptions and vstp vlan all commands are configured. PR1407469
MAC address movement might not happen in flexible Ethernet services mode when family inet/inet6
and vlan-bridge are configured on the same physical interface. PR1408230
EX3400 PSU status is still taking "check" status even though PSU module has been removed. PR1408675
On EX2300-24P switches, error message dc-pfe: BRCM_NH-,brcm_nh_resolve_get_nexthop(),346:Failed
to find if family is seen. PR1410717
On EX Series devices, the PEM alarm for backup FPC remains on master FPC though the backup FPC
is detached from Virtual Chassis. PR1412429
On EX4300-48MP devices, the chassis status LED shows yellow instead of amber. PR1413194
The chassisd output power budget is received continually per 5 seconds without any alarm after an
upgrade to Junos OS Release 18.1R3. PR1414267
VXLAN encapsulation next hop (VENH) does not get installed during BGP flap or when routing is restarted.
PR1415450
On EX3400 switches, the show chassis environment repeats OK and Failed at short intervals. PR1417839
The EX3400 VC status might be unstable during the boot-up of the Virtual Chassis or after the Virtual
Chassis port flaps. PR1418490
Virtual Chassis might become unstable and FXPC crashes and generates a core file when there are a lot
of configured filter entries. PR1422132
44
On EX3400 auto-negotiation status shows incomplete on ge-0/2/0 using SFP-SX. PR1423469
On EX4600 line of switches, MACsec might not connect when the interface disconnects while traffic is
passing. PR1423597
I2C read errors are seen when an SFP-T is inserted into a disabled state port configured with set interface
<*> disable command. PR1423858
Incorrect model information while polling through SNMP from Virtual Chassis. PR1431135

Infrastructure

IfSpeed and IfHighSpeed erroneously reported as zero on EX2300. PR1326902
Packet Forwarding Engine is flooded with messages // pkt rx on physical interface NULL unit 0.
PR1381151

Interfaces and Chassis

Missing mandatory ICCP configuration statement redundancy-group-id-list produces misleading error
message. PR1402606
EVPN aggregated Ethernet interface flaps followed by a commit. PR1425339

Layer 2 Ethernet Services

The malfunction of core isolation feature in EVPN VXLAN scenarios might cause traffic to get silently
dropped and discarded. PR1417729

Junos Fusion Enterprise

PoE over LLDP negotiation is not supported on Junos Fusion Enterprise setup. PR1366106
New satellite device cannot be added to the Fusion scenario. PR1374982
Cascade port might go down after SD reboot in Junos Fusion Enterprise environment. PR1382091
Cannot log in to SD cluster though it is recognized by AD properly. PR1395570
The l2ald might crash when clear ethernet-switching table persistent-learning command is issued.
PR1409403
Extended ports in Junos Fusion Enterprise do not adjust MTU when VoIP is enabled. PR1411179
45
The traffic might silently drop and get discarded in Junos Fusion Enterprise scenario with dual-AD.
PR1417139

Network Management and Monitoring

Over temperature trap is not sent out even when there is a temperature-hot-alarm. PR1412161

Platform and Infrastructure

Ping does not go through the device after WTR timer expires in Ethernet ring protection switching (ERPS)
scenario. PR1132770
EX4300 upgrade fails during validation of SLAX script. PR1376750
Unicast DHCP request gets misforwarded to backup RTG link on EX4300 Virtual Chassis. PR1388211
EX4300 OAM LFM might not work on extended-vlan-bridge interface with native vlan configured.
PR1399864
Traffic drop is seen on EX4300 when 10-Gigabit fiber port is using 1-Gigabit Ethernet SFP optics with
auto-negotiation enabled. PR1405168
On EX4300, when power supply (PEM) is removed, alarm is not generated. PR1405262
The policer might not work when it is applied through the dynamic filter. PR1410973
The traffic to the NLB server might not be forwarded if the NLB cluster works on multicast mode.
PR1411549
EX4300 QinQ - untagged UNI traffic egress as single-tagged on NNI interface. PR1413700
Runt counter never incremented. PR1419724
EX4300 does not send fragmentation needed message when MTU is exceeded with DF bit set.
PR1419893
The pfex process might crash and core files might be generated when SFP is reinserted. PR1421257
Traffic might get silently dropped when one of logical interfaces on LAG is deactivated or deleted.
PR1422920
Auditd crashes when accounting RADIUS server is not reachable. PR1424030
The native VLAN ID of packets might fail when leaving out. PR1424174
Interface flapping scenario might lead to ECMP next-hop install failure on EX4300 switches. PR1426760
VIP might not forward the traffic if VRRP is configured on an aggregated Ethernet interface. PR1428124
EX4300 does not drop FCS frames on XE interfaces. PR1429865
The ERPS failover does not work as expected on EX4300 device. PR1432397
46

Routing Protocols

Host-destined packets with filter log action might reach the Routing Engine. PR1379718
The rpd crashes on static route configuration for multicast source. PR1408443
Host-generated ICMPv6 RA packets might be dropped on the backup member of Virtual Chassis if
igmp-snooping is configured. PR1413543
The EX Series switches might not install all IRB MAC addresses in the initialization. PR1416025
After restarting multicast-snooping process, igmp-snooping might not work. PR1420921

Software Installation and Upgrade

Configuration loss and traffic loss might be seen if backup Routing Engine is zeroized and is then switched
over to master within a short time. PR1389268

Subscriber Access Management

authd reuses address quickly before jdhcpd completely cleans up the old subscriber that gives the
following error log DH_SVC_DUPLICATE_IPADDR_ERR: Failed to add x.x.x.x as it is already used by xxx. PR1402653
On EX4300 /var showing full /var/log/dfcd_enc file grows in size. PR1425000
SEE ALSO
What’s New | 30
What’s Chnaged | 36
Known Behavior | 37
Open Issues | 38
Documentation Updates | 47
Migration, Upgrade, and Downgrade Instructions | 48
Product Compatibility | 49

Documentation Updates

IN THIS SECTION
47
Installation and Upgrade | 47
This section lists the errata and changes in Junos OS Release 19.2R1 for the EX Series switches documentation.

Installation and Upgrade

Veriexec explained (EX Series)—Verified Exec (also known as veriexec) is a file-signing and verification
scheme that protects the Junos operating system (OS) against unauthorized software and activity that might compromise the integrity of your device. Originally developed for the NetBSD OS, veriexec was adapted for Junos OS and enabled by default from Junos OS Release 7.5 onwards.
[See Veriexec Overview.]
SEE ALSO
What’s New | 30
What’s Chnaged | 36
Known Behavior | 37
Open Issues | 38
Resolved Issues | 42
Migration, Upgrade, and Downgrade Instructions | 48
Product Compatibility | 49

Migration, Upgrade, and Downgrade Instructions

IN THIS SECTION
Upgrade and Downgrade Support Policy for Junos OS Releases | 48
This section contains the upgrade and downgrade support policy for Junos OS for the EX Series. Upgrading or downgrading Junos OS can take several hours, depending on the size and configuration of the network. For information about software installation and upgrade, see the Installation and Upgrade Guide.
48

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://support.juniper.net/support/eol/software/junos/.
SEE ALSO
What’s New | 30
What’s Chnaged | 36
Known Behavior | 37
Open Issues | 38
Resolved Issues | 42
Documentation Updates | 47
Product Compatibility | 49

Product Compatibility

IN THIS SECTION
Hardware Compatibility | 49
49

Hardware Compatibility

To obtain information about the components that are supported on the devices, and the special compatibility guidelines with the release, see the Hardware Guide for the product.
To determine the features supported on EX Series switches in this release, use the Juniper Networks Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature information to find the right software release and hardware platform for your network. Find Feature Explorer at https://apps.juniper.net/feature-explorer/.
Hardware Compatibility Tool
For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms, see the Hardware Compatibility tool.
SEE ALSO
What’s New | 30
What’s Chnaged | 36
Known Behavior | 37
Open Issues | 38
Resolved Issues | 42
Documentation Updates | 47
Migration, Upgrade, and Downgrade Instructions | 48

Junos OS Release Notes for Junos Fusion Enterprise

IN THIS SECTION
New and Changed Features | 50
Changes in Behavior and Syntax | 51
Known Behavior | 52
Known Issues | 52
Resolved Issues | 53
50
Documentation Updates | 54
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 60
These release notes accompany Junos OS Release 19.2R1 for Junos Fusion Enterprise. Junos Fusion Enterprise is a Junos Fusion that uses EX9200 switches in the aggregation device role. These release notes describe new and changed features, limitations, and known problems in the hardware and software.
NOTE: For a complete list of all hardware and software requirements for a Junos Fusion
Enterprise, including which Juniper Networks devices can function as satellite devices, see
Understanding Junos Fusion Enterprise Software and Hardware Requirements .
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

New and Changed Features

There are no new features or enhancements to existing features in Junos OS Release 19.2R1 for Junos Fusion Enterprise.
NOTE: For more information about the Junos Fusion Enterprise features, see the Junos Fusion
Enterprise User Guide.
SEE ALSO
Changes in Behavior and Syntax | 51
Known Behavior | 52
Known Issues | 52
Resolved Issues | 53
Documentation Updates | 54
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 60
51

Changes in Behavior and Syntax

There are no changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands in Junos OS Release 19.2R1 for Junos Fusion Enterprise.
SEE ALSO
New and Changed Features | 50
Known Behavior | 52
Known Issues | 52
Resolved Issues | 53
Documentation Updates | 54
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 60

Known Behavior

There are no known behaviors, system maximums, and limitations in hardware and software in Junos OS Release 19.2R1 for Junos Fusion Enterprise.
For the most complete and latest information about known Junos OS problems, use the Juniper Networks online Junos Problem Report Search application.
SEE ALSO
New and Changed Features | 50
Changes in Behavior and Syntax | 51
Known Issues | 52
Resolved Issues | 53
Documentation Updates | 54
52
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 60

Known Issues

IN THIS SECTION
Junos Fusion Enterprise | 52
This section lists the known issues in hardware and software in Junos OS Release 19.2R1 for Junos Fusion Enterprise.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Junos Fusion Enterprise

On EX4300 when 10G fiber port is using 1G Ethernet SFP optics, auto-negotiation is enabled by default.
To bring up the satellite device, BCM recommends to disable the auto-negotiation for PHY84756 ports.
PR1420343
In Junos Fusion Enterprise environment with EX2300-48P or EX2300-48T acting as satellite devices,
loop-detect feature does not work for ports 0-23, since the loop detect filter is not properly applied.
PR1426757
SEE ALSO
New and Changed Features | 50
Changes in Behavior and Syntax | 51
Known Behavior | 52
Resolved Issues | 53
Documentation Updates | 54
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 60
53

Resolved Issues

IN THIS SECTION
Resolved Issues: 19.2R1 | 53
This section lists the issues fixed in the Junos OS main release and the maintenance releases.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Resolved Issues: 19.2R1

PoE over LLDP negotiation is not supported on Junos Fusion Enterprise setup. PR1366106
New satellite device cannot be added to the Fusion scenario. PR1374982
Cascade port might go down after SD reboot in Junos Fusion Enterprise environment. PR1382091
Cannot login to SD cluster though it is recognized by AD properly. PR1395570
The l2ald might crash when clear ethernet-switching table persistent-learning command is issued.
PR1409403
Extended ports in JFE do not adjust MTU when VoIP is enabled. PR1411179
The traffic might silently drop and get discarded in Junos Fusion Enterprise scenario with dual-AD.
PR1417139
SEE ALSO
New and Changed Features | 50
Changes in Behavior and Syntax | 51
Known Behavior | 52
Known Issues | 52
Documentation Updates | 54
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 60
54

Documentation Updates

There are no errata or changes in Junos OS Release 19.2R1 for documentation for Junos Fusion Enterprise.
SEE ALSO
New and Changed Features | 50
Changes in Behavior and Syntax | 51
Known Behavior | 52
Known Issues | 52
Resolved Issues | 53
Migration, Upgrade, and Downgrade Instructions | 55
Product Compatibility | 60

Migration, Upgrade, and Downgrade Instructions

IN THIS SECTION
Basic Procedure for Upgrading Junos OS on an Aggregation Device | 55
Upgrading an Aggregation Device with Redundant Routing Engines | 57
Preparing the Switch for Satellite Device Conversion | 57
Converting a Satellite Device to a Standalone Switch | 59
Upgrade and Downgrade Support Policy for Junos OS Releases | 59
Downgrading from Junos OS | 59
This section contains the procedure to upgrade or downgrade Junos OS and satellite software for a Junos Fusion Enterprise. Upgrading or downgrading Junos OS and satellite software might take several hours, depending on the size and configuration of the Junos Fusion Enterprise topology.
55

Basic Procedure for Upgrading Junos OS on an Aggregation Device

When upgrading or downgrading Junos OS for an aggregation device, always use the junos-install package. Use other packages (such as the jbundle package) only when so instructed by a Juniper Networks support representative. For information about the contents of the junos-install package and details of the installation process, see the Installation and Upgrade Guide.
NOTE: Before upgrading, back up the file system and the currently active Junos OS configuration
so that you can recover to a known, stable environment in case the upgrade is unsuccessful. Issue the following command:
user@host> request system snapshot
The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration information from the previous software installation is retained, but the contents of log files might be erased. Stored files on the routing platform, such as configuration templates and shell scripts (the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored files, copy them to another system before upgrading or downgrading the routing platform. See the Junos OS Administration Library.
To download and install Junos OS:
1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:
https://www.juniper.net/support/downloads/
2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.
3. Select By Technology > Junos Platform > Junos Fusion to find the software that you want to download.
4. Select the release number (the number of the software version that you want to download) from the Version drop-down list on the right of the page.
5. Select the Software tab.
6. Select the software package for the release.
56
7. Review and accept the End User License Agreement.
8. Download the software to a local host.
9. Copy the software to the routing platform or to your internal software distribution site.
10. Install the new junos-install package on the aggregation device.
NOTE: We recommend that you upgrade all software packages out of band using the console
because in-band connections are lost during the upgrade process.
Customers in the United States and Canada, use the following commands:
user@host> request system software add validate reboot source/package-name.tgz
All other customers, use the following commands, where n is the spin number.
user@host> request system software add validate reboot source/package-name-limited.tgz
Replace source with one of the following values:
/pathname—For a software package that is installed from a local directory on the router.
For software packages that are downloaded and installed from a remote location:
ftp://hostname/pathname
http://hostname/pathname
scp://hostname/pathname (available only for Canada and U.S. version)
The validate option validates the software package against the current configuration as a prerequisite to adding the software package to ensure that the router reboots successfully. This is the default behavior when the software package being added is a different release.
Adding the reboot command reboots the router after the upgrade is validated and installed. When the reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.
Rebooting occurs only if the upgrade is successful.

Upgrading an Aggregation Device with Redundant Routing Engines

If the aggregation device has two Routing Engines, perform a Junos OS installation on each Routing Engine separately to minimize disrupting network operations as follows:
57
1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the configuration change to both Routing Engines.
2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running software version on the master Routing Engine.
3. After making sure that the new software version is running correctly on the backup Routing Engine, switch over to the backup Routing Engine to activate the new software.
4. Install the new software on the original master Routing Engine that is now active as the backup Routing Engine.
For the detailed procedure, see the Installation and Upgrade Guide.

Preparing the Switch for Satellite Device Conversion

There are multiple methods to upgrade or downgrade satellite software in your Junos Fusion Enterprise. See Configuring or Expanding a Junos Fusion Enterprise.
For satellite device hardware and software requirements, see Understanding Junos Fusion Enterprise
Software and Hardware Requirements.
Use the following command to install Junos OS on a switch before converting it into a satellite device:
user@host> request system software add validate reboot source/package-name
NOTE: The following conditions must be met before a Junos switch that is running Junos OS
Release 14.1X53-D43 can be converted to a satellite device when the action is initiated from the aggregation device:
The switch running Junos OS can be converted only to SNOS 3.1 and later.
Either the switch must be set to factory-default configuration by using the request system
zeroize command, or the following command must be included in the configuration: set chassis auto-satellite-conversion.
When the interim installation has completed and the switch is running a version of Junos OS that is compatible with satellite device conversion, perform the following steps:
1. Log in to the device using the console port.
2. Clear the device:
58
[edit] user@satellite-device# request system zeroize
NOTE: The device reboots to complete the procedure for resetting the device.
If you are not logged in to the device using the console port connection, your connection to the device is lost after you enter the request system zeroize command.
If you lose connection to the device, log in using the console port.
3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces from Virtual Chassis ports (VCPs) into network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number
For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 0 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 1 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 2 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 3
This step is required for the 40-Gbps QSFP+ interfaces that will be used as uplink interfaces in a Junos Fusion topology. Built-in 40-Gbps QSFP+ interfaces on EX4300 switches are configured into VCPs by default, and the default settings are restored after the device is reset.
After this initial preparation, you can use one of three methods to convert your switches into satellite devices—autoconversion, manual conversion, or preconfiguration. See Configuring or Expanding a Junos
Fusion Enterprise for detailed configuration steps for each method.

Converting a Satellite Device to a Standalone Switch

If you need to convert a satellite device to a standalone device, you must install a new Junos OS software package on the satellite device and remove it from the Junos Fusion topology. For more information, see
Converting a Satellite Device to a Standalone Device.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.
59
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from
Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html

Downgrading from Junos OS

Junos Fusion Enterprise is first supported in Junos OS Release 16.1, although you can downgrade a standalone EX9200 switch to earlier Junos OS releases.
NOTE: You cannot downgrade more than three releases.
For more information, see the Installation and Upgrade Guide.
To downgrade a Junos Fusion Enterprise from Junos OS Release 19.2R1, follow the procedure for upgrading, but replace the 19.2 junos-install package with one that corresponds to the appropriate release.
SEE ALSO
New and Changed Features | 50
Changes in Behavior and Syntax | 51
Known Behavior | 52
Known Issues | 52
Resolved Issues | 53
Documentation Updates | 54
Product Compatibility | 60
60

Product Compatibility

IN THIS SECTION
Hardware and Software Compatibility | 60
Hardware Compatibility Tool | 60

Hardware and Software Compatibility

For a complete list of all hardware and software requirements for a Junos Fusion Enterprise, including which Juniper Networks devices function as satellite devices, see Understanding Junos Fusion Enterprise
Software and Hardware Requirements in the Junos Fusion Enterprise User Guide.
To determine the features supported in a Junos Fusion, use the Juniper Networks Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature information to find the right software release and hardware platform for your network. Find Feature Explorer at
https://apps.juniper.net/feature-explorer/.

Hardware Compatibility Tool

For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms, see the Hardware Compatibility tool.
SEE ALSO
New and Changed Features | 50
Changes in Behavior and Syntax | 51
Known Behavior | 52
Known Issues | 52
Resolved Issues | 53
Documentation Updates | 54
Migration, Upgrade, and Downgrade Instructions | 55

Junos OS Release Notes for Junos Fusion Provider Edge

61
IN THIS SECTION
New and Changed Features | 62
Changes in Behavior and Syntax | 62
Known Behavior | 63
Known Issues | 63
Resolved Issues | 64
Documentation Updates | 65
Migration, Upgrade, and Downgrade Instructions | 66
Product Compatibility | 74
These release notes accompany Junos OS Release 19.2R1 for the Junos Fusion Provider Edge. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

New and Changed Features

IN THIS SECTION
Spanning-Tree Protocols | 62
This section describes the new features and enhancements to existing features in Junos OS Release 19.2R1 for Junos Fusion Provider Edge.

Spanning-Tree Protocols

Support for Multiple Spanning Tree Protocol (MSTP) (Junos Provider Edge)—Starting with Junos OS
Release 19.2R1, you can configure MSTP on MX480 devices. MSTP scales better than other types of spanning-tree protocols and enables load balancing.
62
[See Configuring MSTP Protocol.]
SEE ALSO
What’s Changed | 62
Known Limitations | 63
Open Issues | 63
Resolved Issues | 64
Documentation Updates | 65
Migration, Upgrade, and Downgrade Instructions | 66
Product Compatibility | 74

Changes in Behavior and Syntax

There are no changes in the behavior of Junos OS features or in the syntax of Junos OS statements and commands in Junos OS Release 19.2R1 for Junos Fusion Provider Edge.
SEE ALSO
What's New | 62
Known Limitations | 63
Open Issues | 63
Resolved Issues | 64
Documentation Updates | 65
Migration, Upgrade, and Downgrade Instructions | 66
Product Compatibility | 74

Known Behavior

There are no known behaviors, system maximums, or limitations in hardware and software in Junos OS Release 19.2R1 for Junos Fusion Provider Edge.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.
63
SEE ALSO
What's New | 62
What’s Changed | 62
Open Issues | 63
Resolved Issues | 64
Documentation Updates | 65
Migration, Upgrade, and Downgrade Instructions | 66
Product Compatibility | 74

Known Issues

IN THIS SECTION
Junos Fusion Provider Edge | 64
This section lists the known issues in hardware and software in Junos OS Release 19.2R1 for Junos Fusion Provider Edge.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Junos Fusion Provider Edge

If a default shaper is applied to a cascade interface of an aggregation device (AD), the displayed value
of "Guaranteed rate" is greater than the value of "Shaping rate" in the output of the show class-of-service scheduler-hierarchy interface command. PR1415502
SEE ALSO
What's New | 62
What’s Changed | 62
64
Known Limitations | 63
Resolved Issues | 64
Documentation Updates | 65
Migration, Upgrade, and Downgrade Instructions | 66
Product Compatibility | 74

Resolved Issues

IN THIS SECTION
Junos Fusion Provider Edge | 65
Junos Fusion Satellite Software | 65
This section lists the issues fixed in Junos OS Release 19.2R1 for Junos Fusion Provider Edge.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Junos Fusion Provider Edge

Auto-negotiation is not disabled in the hardware after the no-auto-negotiation option is set using the
CLI. PR1411852

Junos Fusion Satellite Software

Extended Port (EP) LAG might go down on the Satellite Devices (SDs) if the related Cascade Port (CP)
links to an Aggregation Device (AD) goes down. PR1397992
SEE ALSO
What's New | 62
What’s Changed | 62
Known Limitations | 63
65
Open Issues | 63
Documentation Updates | 65
Migration, Upgrade, and Downgrade Instructions | 66
Product Compatibility | 74

Documentation Updates

There are no errata or changes in Junos OS Release 19.2R1 documentation for Junos Fusion Provider Edge.
SEE ALSO
What's New | 62
What’s Changed | 62
Known Limitations | 63
Open Issues | 63
Resolved Issues | 64
Migration, Upgrade, and Downgrade Instructions | 66
Product Compatibility | 74

Migration, Upgrade, and Downgrade Instructions

IN THIS SECTION
Basic Procedure for Upgrading an Aggregation Device | 66
Upgrading an Aggregation Device with Redundant Routing Engines | 69
Preparing the Switch for Satellite Device Conversion | 69
Converting a Satellite Device to a Standalone Device | 71
Upgrading an Aggregation Device | 73
Upgrade and Downgrade Support Policy for Junos OS Releases | 73
Downgrading from Junos OS Release 19.2 | 74
66
This section contains the procedure to upgrade Junos OS, and the upgrade and downgrade policies for Junos OS for Junos Fusion Provider Edge. Upgrading or downgrading Junos OS might take several hours, depending on the size and configuration of the network.

Basic Procedure for Upgrading an Aggregation Device

When upgrading or downgrading Junos OS, always use the jinstall package. Use other packages (such as the jbundle package) only when so instructed by a Juniper Networks support representative. For information about the contents of the jinstall package and details of the installation process, see the Installation and
Upgrade Guide.
NOTE: Before upgrading, back up the file system and the currently active Junos OS configuration
so that you can recover to a known, stable environment in case the upgrade is unsuccessful. Issue the following command:
user@host> request system snapshot
The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration information from the previous software installation is retained, but the contents of log files might be erased. Stored files on the routing platform, such as configuration templates and shell scripts (the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored files, copy them to another system before upgrading or downgrading the routing platform. See the Installation and Upgrade Guide.
The download and installation process for Junos OS Release 19.2R1 is different from that for earlier Junos OS releases.
1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:
https://www.juniper.net/support/downloads/
2. Log in to the Juniper Networks authentication system by using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.
3. Select By Technology > Junos Platform > Junos Fusion to find the software that you want to download.
4. Select the release number (the number of the software version that you want to download) from the Version drop-down list to the right of the page.
5. Select the Software tab.
67
6. Select the software package for the release.
7. Review and accept the End User License Agreement.
8. Download the software to a local host.
9. Copy the software to the routing platform or to your internal software distribution site.
10. Install the new jinstall package on the aggregation device.
NOTE: We recommend that you upgrade all software packages out-of-band using the console,
because in-band connections are lost during the upgrade process.
Customers in the United States and Canada, use the following commands.
For 64-bit software:
NOTE: We recommend that you use 64-bit Junos OS software when implementing Junos
Fusion Provider Edge.
user@host> request system software add validate reboot
source/jinstall64-19.2R1.SPIN-domestic-signed.tgz
For 32-bit software:
user@host> request system software add validate reboot
source/jinstall-19.2R1.SPIN-domestic-signed.tgz
All other customers, use the following commands.
For 64-bit software:
NOTE: We recommend that you use 64-bit Junos OS software when implementing Junos
Fusion Provider Edge.
user@host> request system software add validate reboot
source/jinstall64-19.2R1.SPIN-export-signed.tgz
For 32-bit software:
68
user@host> request system software add validate reboot
source/jinstall-19.2R1.SPIN-export-signed.tgz
Replace source with one of the following values:
/pathname—For a software package that is installed from a local directory on the router.
For software packages that are downloaded and installed from a remote location:
ftp://hostname/pathname
http://hostname/pathname
scp://hostname/pathname (available only for the Canada and U.S. version)
The validate option validates the software package against the current configuration as a prerequisite for adding the software package to ensure that the router reboots successfully. This is the default behavior when the software package being added is for a different release.
Adding the reboot command reboots the router after the upgrade is validated and installed. When the reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.
Rebooting occurs only if the upgrade is successful.
NOTE: After you install a Junos OS Release 19.2R1 jinstall package, you cannot return to the
previously installed software by issuing the request system software rollback command. Instead, you must issue the request system software add validate command and specify the jinstall package that corresponds to the previously installed software.

Upgrading an Aggregation Device with Redundant Routing Engines

If the aggregation device has two Routing Engines, perform a Junos OS installation on each Routing Engine separately as follows to minimize disrupting network operations:
1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the configuration change to both Routing Engines.
2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running software version on the master Routing Engine.
69
3. After making sure that the new software version is running correctly on the backup Routing Engine, switch over to the backup Routing Engine to activate the new software.
4. Install the new software on the original master Routing Engine that is now active as the backup Routing Engine.
For the detailed procedure, see the Installation and Upgrade Guide.

Preparing the Switch for Satellite Device Conversion

Satellite devices in a Junos Fusion topology use a satellite software package that is different from the standard Junos OS software package. Before you can install the satellite software package on a satellite device, you first need to upgrade the target satellite device to an interim Junos OS software version that can be converted to satellite software. For satellite device hardware and software requirements, see
Understanding Junos Fusion Software and Hardware Requirements
NOTE: The following conditions must be met before a standalone switch that is running Junos
OS Release 14.1X53-D43 can be converted to a satellite device when the action is initiated from the aggregation device:
The switch can be converted to only SNOS 3.1 and later.
Either the switch must be set to factory-default configuration by using the request system
zeroize command, or the following command must be included in the configuration: set chassis auto-satellite-conversion.
Customers with EX4300 switches, use the following command:
user@host> request system software add validate reboot
source/jinstall-ex-4300-14.1X53-D43.3-domestic-signed.tgz
Customers with QFX5100 switches, use the following command:
user@host> request system software add reboot
source/jinstall-qfx-5-14.1X53-D43.3-domestic-signed.tgz
When the interim installation has completed and the switch is running a version of Junos and OS on one line that is compatible with satellite device conversion, perform the following steps:
1. Log in to the device by using the console port.
2. Clear the device:
70
[edit] user@satellite-device# request system zeroize
NOTE: The device reboots to complete the procedure for resetting the device.
If you are not logged in to the device by using the console port connection, your connection to the device is lost after you enter the request system zeroize command.
If you lose your connection to the device, log in using the console port.
3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces from Virtual Chassis ports (VCPs) into network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number
For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 0 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 1 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 2 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 3
This step is required for the 40-Gbps QSFP+ interfaces that will be used as uplink interfaces in a Junos Fusion topology. Built-in 40-Gbps QSFP+ interfaces on EX4300 switches are configured into VCPs by default, and the default settings are restored after the device is reset.
After this initial preparation, you can use one of three methods to convert your switches into satellite devices—autoconversion, manual conversion, and preconfiguration. See Configuring Junos Fusion Provider
Edge for detailed configuration steps for each method.

Converting a Satellite Device to a Standalone Device

If you need to convert a satellite device to a standalone device, you must install a new Junos OS software package on the satellite device and remove the satellite device from the Junos Fusion topology.
NOTE: If the satellite device is a QFX5100 switch, you need to install a PXE version of Junos
OS. The PXE version of Junos OS is software that includes pxe in the Junos OS package name when it is downloaded from the Software Center—for example, the PXE image for Junos OS Release 14.1X53-D43 is named install-media-pxe-qfx-5-14.1X53-D43.3-signed.tgz . If the satellite device is an EX4300 switch, you install a standard jinstall-ex-4300 version of Junos OS.
71
The following steps explain how to download software, remove the satellite device from Junos Fusion, and install the Junos OS software image on the satellite device so that the device can operate as a standalone device.
1. Using a Web browser, navigate to the Junos OS software download URL on the Juniper Networks webpage:
https://www.juniper.net/support/downloads
2. Log in to the Juniper Networks authentication system by using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.
3. Select By Technology > Junos Platform > Junos Fusion from the drop-down list and select the switch platform series and model for your satellite device.
4. Select the Junos OS Release 14.1X53-D30 software image for your platform.
5. Review and accept the End User License Agreement.
6. Download the software to a local host.
7. Copy the software to the routing platform or to your internal software distribution site.
8. Remove the satellite device from the automatic satellite conversion configuration.
If automatic satellite conversion is enabled for the satellite device’s member number, remove the member number from the automatic satellite conversion configuration. The satellite device’s member number is the same as the FPC slot ID.
[edit] user@aggregation-device# delete chassis satellite-management auto-satellite-conversion
satellite member-number
For example, to remove member number 101 from Junos Fusion:
[edit] user@aggregation-device# delete chassis satellite-management auto-satellite-conversion
satellite 101
You can check the automatic satellite conversion configuration by entering the show command at the [edit chassis satellite-management auto-satellite-conversion] hierarchy level.
72
9. Commit the configuration.
To commit the configuration to both Routing Engines:
[edit] user@aggregation-device# commit synchronize
Otherwise, commit the configuration to a single Routing Engine:
[edit] user@aggregation-device# commit
10. Install the Junos OS software on the satellite device to convert the device to a standalone device.
[edit] user@aggregation-device> request chassis satellite install URL-to-software-package fpc-slot
member-number
For example, to install a PXE software package stored in the /var/tmp directory on the aggregation device onto a QFX5100 switch acting as the satellite device using FPC slot 101:
[edit] user@aggregation-device> request chassis satellite install
/var/tmp/install-media-pxe-qfx-5-14.1X53-D43.3-signed.tgz fpc-slot 101
For example, to install a software package stored in the var/tmp directory on the aggregation device onto an EX4300 switch acting as the satellite device using FPC slot 101:
[edit] user@aggregation-device> request chassis satellite install
/var/tmp/jinstall-ex-4300-14.1X53-D30.3-domestic-signed.tgz fpc-slot 101
The satellite device stops participating in the Junos Fusion topology after the software installation starts. The software upgrade starts after this command is entered.
11. Wait for the reboot that accompanies the software installation to complete.
12. When you are prompted to log back into your device, uncable the device from the Junos Fusion topology. See Removing a Transceiver from a QFX Series Device or Remove a Transceiver, as needed. Your device has been removed from Junos Fusion.
NOTE: The device uses a factory-default configuration after the Junos OS installation is
complete.
73

Upgrading an Aggregation Device

When you upgrade an aggregation device to Junos OS Release 19.2R1, you must also upgrade your satellite device to Satellite Device Software version 3.1R1.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from
Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html.

Downgrading from Junos OS Release 19.2

To downgrade from Release 19.2 to another supported release, follow the procedure for upgrading, but replace the 19.2 jinstall package with one that corresponds to the appropriate release.
NOTE: You cannot downgrade more than three releases.
For more information, see the Installation and Upgrade Guide.
SEE ALSO
What's New | 62
What’s Changed | 62
Known Limitations | 63
74
Open Issues | 63
Resolved Issues | 64
Documentation Updates | 65
Product Compatibility | 74

Product Compatibility

IN THIS SECTION
Hardware Compatibility | 74

Hardware Compatibility

To obtain information about the components that are supported on the devices, and special compatibility guidelines with the release, see the Hardware Guide and the Interface Module Reference for the product.
To determine the features supported on MX Series devices in this release, use the Juniper Networks Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature
information to find the right software release and hardware platform for your network. See the Feature
Explorer.
Hardware Compatibility Tool
For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms, see the Hardware Compatibility tool.
SEE ALSO
What's New | 62
What’s Changed | 62
Known Limitations | 63
Open Issues | 63
Resolved Issues | 64
Documentation Updates | 65
75
Migration, Upgrade, and Downgrade Instructions | 66

Junos OS Release Notes for MX Series 5G Universal Routing Platform

IN THIS SECTION
New and Changed Features | 76
Changes in Behavior and Syntax | 96
Known Behavior | 100
Known Issues | 102
Resolved Issues | 111
Documentation Updates | 129
Migration, Upgrade, and Downgrade Instructions | 130
Product Compatibility | 137
These release notes accompany Junos OS Release 19.2R1 for the MX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

New and Changed Features

IN THIS SECTION
New and Changed Features: 19.2R1-S4 | 77
New and Changed Features: 19.2R1-S1 | 77
New and Changed Features: 19.2R1 | 78
76
This section describes the new features and enhancements to existing features in Junos OS Release 19.2R1 for the MX Series routers.

New and Changed Features: 19.2R1-S4

Interfaces and Chassis
Support for 1-Gbps on QFX-60S line card on PTX10008 and PTX10016 Routers—QFX10000-60S-6Q
line card supports 1-Gbps speed on its ports (0 to 59). The QFX10000-60S-6Q line card contains 60 SFP+ ports that support 10-Gbps, two dual-speed QSFP28 ports that support either 40-Gbps or 100-Gbps, and four QSFP+ ports that support 40-Gbps. You can individually configure ports 0 to 59 for 10-Gbps or 1-Gbps port speed. Use the set chassis fpc fps-slot-number pic pic-number port port-number speed 1G command to change the mode of a port from 10-Gbps to 1-Gbps. The transceivers supported for 1-Gbps are QFX-SFP-1GE-LX, QFX-SFP-1GE-SX, and QFX-SFP-1GE-T.
[See QFX10000 Line Cards for details on the combination of modes supported on the ports.]
Services Applications
Support for Two-Way Active Measurement Protocol (TWAMP) and hardware timestamping of RPM
probe messages (MX10000 and PTX10000 routers)—Starting in Release 19.2R1-S4, Junos OS supports TWAMP and hardware timestamping of RPM probe messages on the MX10008, MX10016, PTX10008 and PTX10016 routers. You can use TWAMP to measure IP performance between two devices in a network. By enabling hardware timestamping of RPM you can account for the latency in the communication of probe messages and also generate more accurate timers in the Packet Forwarding Engine.
77
[See Understanding Two-Way Active Measurement Protocol on Routers and Understanding Using
Probes for Real-Time Performance Monitoring on M, T, PTX and MX Series Routers.]

New and Changed Features: 19.2R1-S1

MPLS
Distributed CSPF for segment routing LSPs (MX Series)—Starting in Junos OS Release 19.2R1-S1, you
can compute a segment routing LSP locally on the ingress device according to the constraints you have configured. With this feature, the LSPs are optimized based on the configured constraints and metric type. The LSPs are computed to utilize the available ECMP paths to the destination.
Prior to Junos OS Release 19.2R1-S1, for traffic engineering of segment routing paths, you could either explicitly configure static paths, or use computed paths from an external controller.
[See Enabling Distributed CSPF for Segment Routing LSPs.]
Color-based mapping of VPN services over SRTE (MX Series)—Starting in Junos OS Release 19.2R1-S1,
you can specify a color attribute along with an IP protocol next hop to resolve transport tunnels over static colored and BGP segment routing traffic-engineered (SRTE) label-switched paths (LSPs). This is called the color-IP protocol next hop resolution, where you are required to configure a resolution-map and apply it to the VPN services. Prior to this release, the VPN services were resolved over IP protocol next hops only.
With this feature, you can enable color-based traffic steering of Layer 2 and Layer 3 VPN services.
[See Color-Based Mapping of VPN Services Overview.]
Routing Protocols
Decouple RSVP for IGP-TE (MX Series, PTX Series, ACX Series, QFX Series, SRX Series, and EX
Series)—Starting in Junos OS Release 19.2R1-S1, device can advertise selective traffic-engineering attributes such as admin-color and maximum-bandwidth, without enabling RSVP, for segment routing and interior gateway protocol (IGP) deployments.

New and Changed Features: 19.2R1

Hardware
New fixed-configuration Modular Port Concentrator (MX240, MX480, and MX960)—Starting in Junos
OS Release 19.2R1, the MPC10E-10C-MRATE is a new Modular Port Concentrator (MPC) that is supported on the MX240, MX480, and MX960 routers.
The MPC10E-10C-MRATE features the following:
Line-rate throughput of up to 1.0 Tbps when installed with an enhanced midplane and 800 Gbps when
installed with a standard midplane.
78
Eight QSFP28 ports—Port numbers 0/0 through 0/3 and 1/0 through 1/3. The ports can be configured
as 10-Gbps, 40-Gbps, or 100-Gbps Ethernet ports.
Two QSFP56-DD ports—Port numbers 0/4 and 1/4. The ports can be configured as 10-Gps, 40-Gps,
100-Gbps Ethernet ports.
[See MX Series 5G Universal Routing Platform Interface Module Reference.]
MX10016 Universal Routing Platform—The MX10016 router provides 10-Gigabit Ethernet, 40-Gigabit
Ethernet, and 100-Gigabit Ethernet modular solutions that support up to 2.4 Tbps per slot. The MX10016 router provides redundancy and resiliency. All major hardware components including the power system, the cooling system, the control board and the switch fabrics are fully redundant. MX10016 enables cloud and data center operators to transition from 10-Gigabit Ethernet and 40-Gigabit Ethernet networks to 100-Gigabit Ethernet high-performance networks. The 21 rack unit (21 U) modular chassis can provide
38.4 Tbps of throughput. The MX10016 router has 16 slots for the line cards that can support a maximum of 1536 10-Gigabit Ethernet ports, 384 40-Gigabit Ethernet ports, or 384 100-Gigabit Ethernet ports.
You can deploy the MX10016 router in an IP edge network using an MX10K-LC2101 line card (ordering model number is JNP10K-LC2101).
[See MX10016 Hardware Guide.]
Advanced Cooling and Power Components (MX10008 Routers)—Starting in Junos OS Release 19.2R1,
MX10008 routers offer 5.5 KW power supplies, new high performance fan tray, and compatible fan tray controller. The JNP10K-PWR-AC2 power supply supports AC, high-voltage alternating current (HVAC), DC, or high-voltage direct current (HVDC). The JNP10K-PWR-DC2 provides a 5.5 KW upgrade for DC users. The JNP10008-FAN2 offers increased air flow through the chassis. The JNP10008-FAN2 offers
1793 cubic feet per minute (CFM) per fan tray. The new fan tray controller, JNP10008-FTC2 supports the new fan tray.
[See MX10008 Hardware Guide.]
Authentication, Authorization and Accounting (AAA) (RADIUS)
Option to enable and disable SCP per user level independent of SSH (MX Series)—Starting in Junos OS
19.2R1, you can enable and disable SCP for a certain login class user independent of SSH. By defualt, SCP is not allowed for users added to the system defined classes read-only, operator and unauthorized and is only allowed to the system defined class super-user. SCP is allowed for any login class user belonging to a user defined class. You can deny SCP request for a user assigned to a user defined class by using the no-scp-server configuration statement. Prior to 19.2R1, SCP was enabled and disabled when SSH was enabled and disabled.
To disable SCP for a certain login class, use set no-scp-server at the [edit system login class <class_name>] hierarchy level.
[See no-scp-server.]
Option to enable and disable SFTP per user level (MX Series)—Starting in Junos OS 19.2R1, you can
enable and disable SFTP for a certain login class user. By defualt, SFTP is not allowed for users added to the system defined classes read-only, operator and unauthorized and is only allowed to the system defined class super-user if SFTP is enabled globally. For a user assigned to a user defined class, by default SFTP requests are allowed if set system services ssh sftp-server is configured. You can now deny SFTP requests for a user assigned to a user defined class by using the no-sftp-server configuration statement.
79
To disable SFTP for a certain login class, use set no-sftp-server at the [edit system login class <class_name>] hierarchy level.
[See no-sftp-server.]
EVPN
Support for BFD, BGP, IS-IS, and OSPF on IRB interfaces in EVPN-MPLS networks (MX Series and
vMX)—Starting with Junos OS Release 19.2R1, you can configure Bidirectional Forwarding Detection (BFD), BGP, IS-IS, and OSPF routing protocols on the IRB interface in an EVPN-MPLS network to route and forward EVPN traffic. This feature supports single-homed, single-active, and all-active multihomed networks.
[See EVPN with IRB Solution Overview.]
EVPN support of VLAN ID ranges and lists in service provider style interface configurations (MX Series
routers, and vMX virtual routers)—Starting in Junos OS Release 19.2R1, EX9200 switches, ACX5448 and MX Series routers, and vMX virtual routers support the use of VLAN ID ranges and lists in a service provider style interface configuration, which must be referenced in an EVPN routing instance. This configuration is supported with the following EVPN environments, services, and features:
Environments:
EVPN with VXLAN encapsulation
EVPN with MPLS encapsulation
VLAN bundle service:
E-LAN
E-Tree
E-Line
Feature:
EVPN multihoming:
All-active
Single-active
Singlehoming
[See VLAN ID Ranges and Lists in an EVPN Environment.]
Connectivity fault management support in EVPN-VPWS (MX Series)—Starting with Junos OS Release
19.2R1, you can configure Up maintenance association end points (MEPs) and maintenance association intermediate point (MIPs) on attachment circuits in support of connectivity fault management (CFM) in EVPN-VPWS networks. With the MEPs, you can monitor connectivity between two points on the EVPN-VPWS network. Junos OS supports the continuity check messages (CCM), loopback and link trace messages (LTMs) as defined in IEEE 802.1AG CFM, and delay measurements (DM) and synthetic loss measurements (SLMs) as defined in Y.1731 on a single-active homing network.
80
[See Connectivity Fault Management Support for EVPN and Layer 2 VPN Overview.]
Support for control word in EVPN-VPWS (MX Series and vMX) —Starting with Junos OS Release 19.2R1,
Junos OS supports the insertion of a control word between the label stack and the MPLS payload in a network with EVPN-VPWS service. This feature prevents a transit device from delivering out-of-order packets as a result of the device’s load-balancing hashing algorithm. When you enable the control word feature on a PE device, the PE device advertises support for a control word. If all the PE devices in an EVI on the EVPN-VPWS serviced network support control word, then the PE device inserts a control word between the label stack and the L2 header in the packet thus preventing the packet from being misidentified by transit devices.
[See Control Word for EVPN-VPWS.]
Forwarding and Sampling
Support for local preference when selecting forwarding next-hops for ECMP traffic (MX Series)—Starting
in Junos OS Release 19.2R1, you can have equal cost multi-path (ECMP) traffic flows prefer local forwarding next-hops over remote ones. This feature supports BGP prefixes that are directly reachable with IPv4 MPLS ECMP next-hops. Use ecmp-local-bias to direct ECMP traffic towards local links, for example, to ensure that the overall load on the fabric is reduced. [See ecmp-local-bias for usage details.]
High Availability (HA) and Resiliency
ISSU suport for MX2008 (MX Series)—Starting in Junos OS Release 19.2R1, MX2008 routers support
ISSU.
[See Understanding In-Service Software Upgrade (ISSU)]
Interfaces and Chassis
Support for local preference when selecting forwarding next-hops for load balancing (MX Series)—Starting
in Junos OS Release 19.2R1, you can have traffic flows across aggregated Ethernet or logical-tunnel interfaces prefer local forwarding next-hops over remote ones, for example to ensure that the overall load on the fabric is reduced. [See local-bias for usage details.]
81
Support to collect and display PRBS statistics (MX10003 and MX204)—Starting in Junos OS Release
19.2R1, on MX10003 and MX204 routers, you can check the physical link connectivity by issuing the test interfaces ifd-name prbs-test-start pattern-type type direction (0|1) flip (0|1) that starts collecting the PRBS statistics.
The output of the show interfaces interface-name prbs-stats command displays the PRBS statistics while the test is in progress. These statistics are cleared after the test is complete or if it is stopped. You can stop collecting the statistics by issuing the test interfaces ifd-name prbs-test-stop direction (0|1) command.
NOTE: While running PRBS statistics, the link will be down.
[See prbs-test-start, prbs-test-stop, show interfaces prbs-stats, Collecting Pseudo Random Bit Sequence
(PRBS) Statistics.]
Domain Name System (DNS) is VRF aware (MX Series)—Starting in Junos OS Release 19.2R1, when the
management-instance statement is configured at the [edit system] hierarchy level, you can use the non-default management routing instance mgmt_junos as the routing instance through which the DNS name server is reachable. To specify the routing instance mgmt_junos, configure our new configuration statement routing-instance mgmt_junos, at the [edit system name-server server-ip] hierarchy level.
[See Management Interface in a Nondefault Instance, Configuring a DNS Name Server for Resolving a
Hostname into Addresses, name-server, and show host.]
SCBE3-MX interoperates with MPC10E-10C (MX240, MX480, and MX960)—Starting in Junos OS
Release 19.2R1, the Enhanced Switch Control Board SCBE3-MX (model number: SCBE3-MX-S) supports fabric management on the MPC10E-10C line card on the MX240, MX480, and MX960 routers. The
SCBE3-MX-S supports a pluggable Routing Engine and provides a control plane and data plane interconnect to each line card slot. The MPC10E-10C supports a bandwidth of up to 1 Tbps (800 Gbps with four planes and 1 Tbps with 5 or 6 planes). With MPC10E 15C line card, in a non-redundant configuration the SCBE3-MX provides fabric bandwidth of up to 1 Tbps per slot with four fabric planes and 1.5 Tbps per slot when all six fabric planes are used. Starting in this release, the MPC10E line cards support the standard midplane, which supports a bandwidth up to 800 Gbps per slot. Support for the enhanced midplane, which provides a bandwidth of 1.5 Tbps with MPC10E-15C and 1 Tbps with MPC10E-10C, is already available.
[See SCBE3-MX Description and MPC10E-15C-MRATE]
Support for QSFP-100GE-DWDM2 transceiver (MX204, MX10003, MX10008, and MX10016)—Starting
in Junos OS Release 19.2R1, the MX204, MX10003, MX10008, and MX10016 routers support the QSFP-100GE-DWDM2 transceiver. The 100-Gbps bidirectional transceiver has a dual transmitter/receiver that enables it to transmit and receive data through a single optical fiber. You can perform the following actions when this transceiver is installed:
View the diagnostics data, warnings, and alarms for interfaces. [See show interfaces diagnostics optics.]
Clear the bit error rate (BER) counters. [See clear interfaces statistics.]
82
Obtain the transport, performance monitoring, and threshold crossing alert (TCA) information for
interfaces. [See show interfaces transport pm.]
Clear the optics information from transport performance monitoring data. [See clear interfaces transport
pm.]
Enable or disable TCAs. [See tca.]
Enable or disable loopback mode. [See optics-options.]
MPC10 distributed LACP support in PPM AFT (MX Series)—Starting in Junos OS Release 19.2R1, the
MPC10E-15C-MRATE and MPC10E-10C-MRATE MPCs support distributed LACP in Periodic Packet Manager (ppman) Advanced Forwarding Toolkit (AFT).
Support for Routing Engine hard disk smart check (MX240, MX480, MX204, MX960, MX10008,
MX2008, MX2020, MX10016, MX10000, MX2010, MX10002, and MX10003)—Starting in Junos OS Release 19.2R1, you can configure the device to perform certain health checks on the Routing Engine solid-state drive (SSD) and log a health event or raise an alarm in case a predefined health attribute threshold is breached. You can use the set chassis routing-engine disk smart-check command to instruct the system to raise an alarm when an SSD health attribute threshold is breached. You can view the alarm by using the command show chassis alarms.
[See smart-check]
Junos OS XML API and Scripting
Automation script library additions and upgrades (MX Series)—Starting in Junos OS Release 19.2R1,
devices running Junos OS that support the Python extensions package include new and upgraded Python modules. Python automation scripts can leverage new on-box Python modules, including the requests, chardet, and urllib3 modules, as well as upgraded versions of the idna, ipaddress, and six modules. The Requests library provides additional methods for supporting initial deployments as well as for performing routine monitoring and configuration changes on devices running Junos OS.
[See Overview of Python Modules Available on Devices Running Junos OS and Using the Requests
Library for Python on Devices Running Junos OS.]
Junos Telemetry Interface
Inline active flow monitoring support using JTI (MPC10E-15C-MRATE line cards)—Starting in Junos OS Release 19.2R1, Junos Telemetry Interface (JTI) supports streaming inline active flow monitoring service-related statistics and errors counters for export to outside collectors at configurable intervals using remote procedure call (gRPC) services.
Use the following resource path to export statistics:
83
/junos/system/linecard/services/inline-jflow/
To provision the sensor to export data through gRPC services, use the telemetrySubcribe RPC to specify telemetry parameters. Streaming telemetry data through gRPC also requires the OpenConfig for Junos OS module. Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled into the Junos OS image by default. Both packages support JTI.
[See Configuring Flow Aggregation on MX, M, vMX and T Series Routers and NFX250 to Use Version
9 Flow Templates, Guidelines for gRPC Sensors (Junos Telemetry Interface) and Understanding OpenCOnfig and gRPC on Junos Telemetry Interface.]
Packet Forwarding Engine support for JTI (MX2010 and MX2020 routers)—Starting in Junos OS Release
19.2R1, Junos telemetry interface (JTI) supports streaming of Packet Forwarding Engine statistics for MX2010 and MX2020 routers using Remote Procedure Calls (gRPC). gRPC is a protocol for configuration and retrieval of state information.
To provision the sensor to export data through gRPC, use the telemetrySubscribe RPC to specify telemetry parameters. Streaming telemetry data through gRPC also requires the OpenConfig for Junos OS module. Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled into the Junos OS image by default. Both packages support the JTI.
[See Guidelines for gRPC Sensors (Junos Telemetry Interface).]
Sensor- level statistics support on JTI (MX960, MX2008, MX2010, MX2020, PTX5000, PTX1000, and
PTX10000 routers and QFX5100 and QFX5200 switches)—Starting with Junos OS Release 19.2R1, you can issue the Junos operational mode command show network-agent statistics to provide more information on a per-sensor level for statistics being streamed to an outside collector by means of remote procedure calls (gRPC) and Junos telemetry interface (JTI). Only sensors exported with gRPC are supported. The command does not support UDP-based sensors.
[See show network-agent statistics and Understanding OpenConfig and gRPC on Junos Telemetry
Interface.]
ONCE mode supported using gNMI services and JTI (MX Series)—Starting in Junos OS Release 19.2R1, you can include the "ONCE" mode with the Subcribe RPC when subscribing to gRPC Network Management Interface (gNMI) services to export statistics for telemetry monitoring and management using Junos telemetry interface (JTI). ONCE mode ensures that the collector is only streamed telemetry information one time.
The Subscribe RPC and subscription parameters are defined in the gnmi.proto file.
Streaming telemetry data through gNMI also requires the OpenConfig for Junos OS module. Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled into the Junos OS image by default. Both packages support JTI.
[See Understanding OpenConfig and gRPC on Junos Telemetry Interface.]
Packet Forwarding Engine statistics export using gNMI and JTI (MX960, MX2008, MX2010 and MX2020 routers)—Starting in Junos OS Release 19.2R1, you can stream Packet Forwarding Engine statistics to
an outside collector using gRPC Management Interface (gNMI) version 0.7.0 and Junos telemetry interface (JTI). Prior to this, these statistics were exported using OpenConfig gRPC and UDP protocol buffer (gpb) format. OpenConfig gRPC and gNMI are both protocols used to modify and retrieve configurations as well as export telemetry streams from a device in order to manage and monitor it
84
To provision Packet Forwarding Engine sensors to export data through gNMI, use the Subscribe RPC defined in the gnmi.proto to specify request parameters. This RPC already supports Routing Engine statistics to be exported by means of gNMI. Now, Packet Forwarding Engine sensors will also stream KV pairs in gNMI format for a majority of Packet Forwarding Engine sensors.
Streaming telemetry data through gNMI also requires the OpenConfig for Junos OS module. Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled into the Junos OS image by default. Both packages support JTI.
[See Guidelines for gRPC Sensors (Junos Telemetry Interface) and Understanding OpenCOnfig and gRPC
on Junos Telemetry Interface.]
Broadband edge statistics support through JTI (MX Series)—Starting in Junos OS Release 19.2R1, subscriber-based telemetry streaming is enabled when an MX Series router is configured for Broadband Network Gateway (BNG) and Junos Fusion where subscribers are connected through Junos Fusion Satellite devices. You can use remote procedure calls (gRPC) to export broadband edge (BBE) telemetry statistics to external collectors. gRPC is a protocol for configuration and retrieval of state information.
You can stream all BBE resource paths except for the following:
/junos/system/subscriber-management/access-network/ancp
/junos/system/subscriber-management/client-protocols/l2tp
/junos/system/subscriber-management/infra/network/l2tp/
To stream BBE statistics, include a resource path starting with /junos/system/subscriber-management/ in your gRPC subscription.
To provision the sensor to export data through gRPC, use the telemetrySubscribe RPC to specify telemetry parameters. Streaming telemetry data through gRPC also requires the OpenConfig for Junos OS module. Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled into the Junos OS image by default. Both packages support JTI.
[See Guidelines for gRPC Sensors (Junos Telemetry Interface) and Understanding OpenCOnfig and gRPC
on Junos Telemetry Interface.]
gRPC-based streaming telemetry support for subscriber service accounting statistics for JTI (MX Series 5G Universal Routing Platform)—Starting in Junos OS Release 19.2R1, you can enable service filter
accounts statistics for subscribers using Junos telemetry interface (JTI) and remote procedure calls (gRPC). Service accounting statistics include IP protocol IPv4 family, IPv6 family, or both, as well as transmit and receive packets and bytes for subscriber service sessions.
To enable these statistics from an MX Series router, include the service-statistics statement at the [edit dynamic-profiles my-service-profile telemetry] hierarchy level.
85
To stream these statistics, include the resource path /junos/system/subscriber-mamagement/dynamic-interfaces/interfaces/services/ in your gRPC subscription to export the statistics to an outside collector.
To provision the sensor to export data through gRPC, use the telemetrySubscribe RPC to specify telemetry parameters. Streaming telemetry data through gRPC also requires the OpenConfig for Junos OS module. Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled into the Junos OS image by default. Both packages support JTI.
[See Guidelines for gRPC Sensors (Junos Telemetry Interface) service-statistics, and Enable Service Filter Accounting Statistics for Subscribers.]
FPC and optics support for JTI (MX Series)—Starting in Junos OS Release 19.2R1, Junos telemetry interface (JTI) supports streaming of Flexible PIC Concentrator (FPC) and optics statistics for the MX Series router using remote procedure calls (gRPC). gRPC is a protocol for configuration and retrieval of state information. This feature effort includes the addition of a new process (SensorD daemon) to export telemetry data for integration with AFTTelementry and LibTelemetry libraries in the OpenConfig model called AFT platform.
The following base resource paths are supported:
/junos/system/linecard/environment/
/junos/system/linecard/optics/
/junos/system/linecard/optics/optics-diag[if-name =])
/junos/system/linecard/optics/optics-diag/if-name
/junos/system/linecard/optics/optics-diag/snmp-if-index
/junos/system/linecard/optics/lane[lane_number=]/
To provision the sensor to export data through gRPC, use the telemetrySubcribe RPC to specify telemetry parameters. Streaming telemetry data through gRPC also requires the OpenConfig for Junos OS module. Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled into the Junos OS image by default. Both packages support JTI.
[See Guidelines for gRPC Sensors (Junos Telemetry Interface).]
Specify Routing Instance for JTI (ACX Series, MX Series, PTX Series, and QFX Series)—Starting in Junos OS Release 19.2R1, you can specify the routing instance to use for remote procedure call (gRPC) services. Include the routing-instance instance-name at the [edit system services extension-service request-response grpc] hierarchy level. The routing instance name specified should match the name of the existing routing instance, such as a name configured under the [routing-instances] hierarchy level or mgmt_junos if system management-instance is configured (the dedicated management routing instance).
Configuring the routing instance lets you choose the VRF for gRPC services. When the routing instance is not configured, the default behavior is that all gRPC-related services are available through the management fxp0/em0) interface.
86
Layer 2 VPN
Support for group key acknowledgment messages (MX Series)—Starting with Junos OS Release 19.2R1,
Junos OS supports group members sending acknowledgment messages as defined in RFC 8263 in response to group key push messages sent by group controllers and key servers. The group member sends acknowledgment messages when it receives a group key push message with a standard KEK_ACK_REQUESTED value of 9 in the SA KEK payload as defined in RFC 8263 or a KEK_ACK_REQUESTED value of 129 that is used in older key servers. No additional configuration is required.
[See Group VPNv2 Overview.]
Layer 2 Features
Support for basic Layer 2 features on MPC10E-15C-MRATE line card (MX Series)—Starting in Junos
OS Release 19.2R1, MPC10E-15C-MRATE line card supports the following basic Layer 2 features:
Layer 2 bridging with trunk and access modes
MAC learning and aging
Handling BUM (broadcast, unknown unicast and multicast) traffic, including split horizon
MAC move
Layer 2 forwarding and flooding statics
Mesh groups
Static MAC addresses
MAC learning and forwarding on AE interfaces
Bridging on untagged interfaces
Basic Q-n-Q tunneling (without VLAN-translation and VLAN map operations)
[See Understanding Layer 2 Bridge Domains, Understanding Layer 2 Learning and Forwarding.]
Layer 3 Features
MPC10E-10C and MPC10E-15C support layer 3 routing features (MX240, MX480, and MX960)—Starting
in Junos OS Release 19.2R1, MPC10E-10C and MPC10E-15C line cards support the following features in hyper-mode:
Configuring ICMP redirects and generating ICMP redirect messages.
Padding VLAN packets to a minimum frame size of 68 bytes, by using the existing command set
interfaces interface-name gigether-options pad-to-minimum-frame-size.
Collecting interface family statistics for IPv4 and IPv6, by using the existing command show interfaces
statistics detail interface-name.
87
See Understanding the Hyper Mode Feature on Enhanced MPCs for MX Series Routers and EX9200
Switches
MPLS
Dynamic creation of segment routing LSPs using BGP protocol next hops (MX Series)—Starting in Junos
OS Release 19.2R1, you can configure tunnel templates on colored and non-colored segment routing traffic-engineered (SR-TE) paths. These templates enable dynamic creation of segment routing tunnels using protocol next hops with BGP prefixes to resolve destination segment identifiers (SIDs).
With this feature, you can benefit from reduced configuration, especially when the network deployment requires connectivity from each provider edge (PE) device to every other PE device.
[See Static Segment Routing Label Switched Path.]
CSC support for MPLS-over-UDP tunnels (MX Series with MPC and MIC and VMX)—Starting in Junos
Release 19.2R1, carrier supporting carrier (CSC) architecture can be deployed with MPLS-over-UDP tunnels carrying MPLS traffic over dynamic IPv4 UDP tunnels that are established between supporting carrier's provider edge (PE) devices. With this enhancement, the scaling advantage that the MPLS-over-UDP tunnels provided is further increased. This feature is not supported on IPv6 UDP tunnels.
[See Example: Configuring Next-Hop-Based MPLS-Over-UDP Dynamic Tunnels.]
Network Management and Monitoring
Support for displaying valid user input in the CLI for command options and configuration statements
in custom YANG data models (MX Series)—Starting in Junos OS Release 19.2R1, the CLI displays the set of possible values for a given command option or configuration statement in a custom YANG data
model when you include the action-expand extension statement in the option or statement definition and reference a script that handles the logic. The action-expand statement must include the script child statement, which defines the Python action script that is invoked when a user requests context-sensitive help in the CLI for the value of that option or statement.
[See Displaying Valid Command Option and Configuration Statement Values in the CLI for Custom YANG
Modules.]
Support for Synchronous Ethernet with ESMC on JNP10K-LC2101 (MX10008 and MX10016)—Starting
in Junos OS Release 19.2R1, the JNP10K-LC2101 line card supports Synchronous Ethernet (SyncE) with ESMC. Synchronous Ethernet is a physical layer technology that is used to transfer clock signals over Ethernet interfaces. ESMC transmits Synchronization Status Message (SSM) information, which is the quality level of the transmitting synchronous Ethernet equipment clock (EEC), by using ESMC protocol data units (PDUs). This support allows you to configure BITS-0 (external-0) and BITS-1 (external-1) ports as clock sources or outputs on master Routing and Control Board (JNP10K-RE1). You can also configure a GPS (external-2) port as a clock source on master Routing and Control Board. This feature also supports SyncE over aggregated Ethernet (AE).
88
NOTE: Only the GPS port and BITS ports that are configured on master RCB are active.
[Centralized Clocking Overview and Understanding ESMC Quality Level Mapping]
Support for optimizing the SNMP walk execution time for IPsec statistics (MX Series)—Starting in Junos
OS Release 19.2R1, you can optimize the SNMP walk execution time for IPsec statistics. To achieve this optimization, increase the cache lifetime of the IPsec related information (for example statistics and SA information) so that a single SNMP walk request is served for N number of IPsec Security Associations (SAs) with N number of queries made to the service PIC. IPsec statistics are now fetched by the burst mode, thereby reducing the load on the Routing Engine daemon, kmd. For different scale needs, we may have to tweak the hidden SNMP knob parameters, for example, with Dead Peer detection (DPD) having more number of tunnels without traffic and simultaneous SNMP walks.
Port Security
Fallback PSK for Media Access Control Security (MACsec) (MX Series)—Starting in Junos OS Release
19.2R1, fallback PSK for MACsec is supported on MX Series routers that support MACsec. The fallback PSK provides functionality to establish a secure session in the event that the primary PSKs on each end of a MACsec-secured link do not match.
[See Configuring Media Access Control Security (MACsec) on MX Series Routers.]
Routing Policy and Firewall Filters
Support for CCC and Layer 3 firewall forwarding on MPC10E-15C-MRATE line cards (MX
Series)—Starting with Junos OS Release 19.2R1, circuit cross-connect (CCC) traffic and Layer 3 firewall forwarding features are supported on MPC10E-15C-MRATE line cards.
[See CCC Overview and Protocols and Applications Supported by the MPC10E-15C-MRATE.]
Routing Protocols
MPC10 Inline BFD support (MX Series)—Starting in Junos OS Release 19.2, MPC10 MPCs support inline
BFD features, excluding micro BFD and BFD sessions with authentication.
89
[See Understanding BFD for Static Routes.]
Support for IPv6 fragment reassembly for v4ov6 dynamic tunnels—Starting in Junos OS Release 19.1R1,
you can configure an additional attribute, dynamic-tunnel-reassembly-enable for reassembling IPv6 fragments before the termination of v4ov6 tunnels. The fragment reassembly feature is disabled by default. IPv6 fragments are discarded when this feature is not enabled.
IPv6 reassembly for v4ov6 tunnels (MX Series)—Starting in Junos OS 19.2R1, you can enable the MX
chassis to perform IPV6 fragment reassembly for forwarding Ipv4 traffic. When the dynamic-tunel-reassembly is configured, the tunnels using the attribute would be setup for reassembling the IPv6 fragments before the termination of v4ov6 tunnels. By default, this attribute is turned off and the tunnels are set up to discard the IPv6 fragments.
To enable IPv6 fragment reassembly for forwarding Ipv4 traffic, use set dynamic-tunnel-reassembly on statement at the [edit routing-options dynamic-tunnels tunnel-attributes <dynamic-tunnel-name>] hierarchy level.
[See dynamic-tunnel-reassembly.]
Map single IPv6 anycast address on multiple anchor Packet Forwarding Engines (MX240, MX480,
MX960, MX2020)—Starting in Junos OS Release 19.2R1, you can assign the same IPv6 anycast address to multiple anchor Packet Forwarding Engines to manage high traffic from CPE to internet. By default, this feature is disabled. Prior to Junos OS Release 19.2R1, you can assign an anycast address only to a single Packet Forwarding Engine and the maximum v4ov6 tunnel scale per Packet Forwarding Engine in MX Series is 150k. This restricts a single anycast address to be used for 150k tunnels.
To configure the same source address over multiple tunnel-attributes, use set v4ov6 ipv6-anycast-source-duplication statement at the [edit routing-options dynamic-tunnels] hierarchy level.
If v4ov6 packets are fragmented, the fragmented packets get steered to one of the anchor Packet Forwarding Engines for IPv6 reassembly processing. To steer the traffic to the correct anchor, Packet Forwarding Engine needs information about the range of IPv4 prefixes that goes over a particular tunnel. To get the range of IPv4 prefixes that goes over a particular tunnel, use set get-route-range statement at the [edit policy-options policy-statement <policy-name> term <term-name> from route-filter <route-filter-value> <range>] hierarchy level.
[See v4ov6 and get-route-range.]
Support for export of BGP Local RIB through BGP Monitoring Protocol (BMP) (MX Series)—Starting in
Junos OS Release 19.2R1, BMP is enhanced to support monitoring of local RIB (loc-rib) policy. The loc-rib policy is added to RIB types under the bmp route-monitoring statement.
[See: Understanding the BGP Monitoring Protocol.]
Support for BGP routes with N-Multipath primary and 1-Protection backup gateway (MX Series)—Starting
in Junos OS 19.2R1, the following enhancements are made to the Junos OS:
Support N+1 formation for BGP labelled unicast protection (LU).
Support N+1 formation for BGP PIC (IPv4, IPv6, LU).
90
Support for hetero-nexthops (ListNH) in such N+1 formations.
Support for KRT to defer fib-update if BGP-multipath is in progress.
Removed restriction to use delay-route-advertisement statement for IPv4 labeled-unicast.
Four new options import, install-address <address>, no-install, and rib (inet.0 | inet6.0) are added
under the egress-te statement.
A new configuration statement allow-protection is introduced to allow protection for multipath legs.
To allow protection for multipath legs, use set allow-protection statement at the [edit protocols bgp multipath] hierarchy level.
A new option always-wait-for-krt-drain is introduced under delay-route-advertisement statement to
make more-specific BGP-routes re-advertisement to wait for KRT-queue to drain. To configure this, use set always-wait-for-krt-drain at the [edit protocols bgp family inet unicast delay-route-advertisements] hierarchy level.
[See allow-protection (Multipath), delay-route-advertisements and egress-te.]
Security
Juniper Malware Removal Tool—Starting in Junos OS Release 19.2R1, the Juniper Malware Removal
Tool (JMRT) can be used to scan and remove malware running on Junos OS devices. To run JMRT, use the operational commands under the request system malware-scan hierarchy. There are 2 types of scans you can perform with JMRT:
Quick—Scan each running program file.
Veriexec check—Check if verified execution is enabled.
[See request system malware-scan.]
Services Applications
Support for IPv6 BGP next-hop address in IPv6 and MPLS-IPv6 inline flow record templates(MX
Series)—Starting in Junos OS Release 19.2R1, a new element, IPv6 BGP NextHop Address, is available in the the IPv6 inline flow record template and the MPLS-IPv6 inline flow record template to add support for IPv6 BGP NextHop information element. The new element is supported on both version 9 and version 10 (IPFIX) export formats. The element ID is 63 and the element size is 16 bytes.
91
[See Understanding Inline Active Flow Monitoring.]
IPv4 and IPv6 version 9 templates for inline active flow monitoring (MPC10E-15C-MRATE on MX
Series)—Starting in Junos OS Release 19.2R1, while configuring inline active flow monitoring, you can apply version 9 flow templates to define a flow record template suitable for IPv4 or IPv6 traffic.
[See Configuring Flow Aggregation on MX, M, vMX and T Series Routers and NFX250 to Use Version
9 Flow Templates.]
Support for Two-Way Active Measurement Protocol (TWAMP) on MPC10E-15C-MRATE line
card—Starting in Junos OS Release 19.2R1, TWAMP is supported on MPC10E line card on the MX240, MX480, and MX960 routers. TWAMP defines a standard for measuring IPv4 performance between two devices in a network. You can use the TWAMP-Control protocol to set up performance measurement sessions between a TWAMP client and a TWAMP server, and use the TWAMP-Test protocol to send and receive performance measurement probes.
Configuring the TWAMP client instance to use si-x/y/z as the destination interface (which enables inline services) is not supported if the router has an MPC10E-15C-MRATE installed in the chassis. You can configure only the none authentication mode on the line card.
[See Understanding Two-Way Active Measurement Protocol on Routers]
DS-Lite support on MX Virtual Chassis and MX BNG—Starting in Junos OS Release 19.2R1, the MX
Series Virtual Chassis and MX Series broadband network gateway (BNG) support dual-stack lite (DS-Lite). DS-Lite uses IPv4-over-IPv6 tunnels to traverse an IPv6 access network to reach a carrier-grade IPv4-IPv4 NAT. DS-Lite enables the phased introduction of IPv6 on the Internet by providing backward compatibility with IPv4.
DS-Lite on the MX Series Virtual Chassis and MX Series BNG does not support the following:
Application Layer Gateways (ALGs)
Limits per subnet
Clearing NAT mappings and flows for a specific subscriber, for a basic bridging broadband device (B4),
or for a specific service set
Port Control Protocol
[See Tunneling Services for IPv4-to-IPv6 Transition Overview.]
Hardware timestamping of RPM probe messages—Starting in Junos OS Releases 19.2R1, you can enable
timestamps on RPM probes messages in the Packet Forwarding Engine host processor for the following line cards:.
MPC10E-15C-MRATE line card on MX240, MX480, and MX960 routers
MPC11E line card on MX2008, MX2010, and MX2020 routers
You can use the following configuration statements at the [edit services rpm probe owner test test-name] hierarchy level:
92
hardware-timestamp—Enables timestamping of RPM probe messages in the Packet Forwarding Engine
host Processor.
one-way-hardware-timestamp—Enables timestamping of RPM probe messages for one-way delay
and jitter measurements.
These configuration statements are supported only with icmp-ping, icmp-ping-timestamp, udp-ping, and udp-ping-timestamp probe types.
See [hardware-timestamp]
[one-way-hardware-timestamp
Understanding Using Probes for Real-Time Performance Monitoring on M, T, PTX and MX Series Routers
Increased number of AMS members supported on single chassis (MX2020)—Starting in Junos OS Release
19.2R1, you can configure up to 60 MS-PICs as part of aggregated multiservices (AMS) bundles on a single chassis. The configuration supports backup and load-balancing mode (N:1) and all active mode (N:0) with both next-hop style services and interface style services of configurations.
See [Understanding Aggregated Multiservices Interfaces].
IPFIX flow-cache support (MX150) —Starting in Junos OS Release 19.2R1, the flow cache infrastructure
support is extended to IPFIX to provide improved throughput with IPFIX service enabled. In earlier releases, without flow cache support for IPFIX, all data traffic would take the microcode path which is much slower than flow cache. With this feature, the unsampled traffic gets forwarded using flow cache which results in better throughput.
Software Defined Networking
PCE-initiated bypass LSPs (MX Series)—Starting in Junos OS Release 19.2R1, the Path Computation
Element Protocol (PCEP) functionality is extended to allow a stateful Path Computation Element (PCE) to initiate, provision, and manage bypass label-switched paths (LSPs) for a protected interface. Multiple bypass LSPs with bandwidth reservation can be initiated by the PCE to protect a resource.
With this feature, you can benefit from the LSP state synchronization of manual, dynamic, and PCE-initiated bypass LSPs from a PCE, and leverage on the PCE’s global view of the network, resulting in better control over traffic at the time of a failure, and deterministic path computation of protection paths.
[See Support of the Path Computation Element Protocol for RSVP-TE Overview.]
Support for unified ISSU on abstracted fabric interfaces (MX480, MX960, MX2010, MX2020,
MX2008)—Starting in Junos OS Release 19.2R1, abstracted fabric (af) interfaces, configured for Junos Node Slicing, support unified in-service software upgrade (ISSU). Unified ISSU enables an upgrade between two Junos OS releases with no disruption on the control plane and with minimal disruption of traffic.
93
NOTE: Since the af interface traffic is load balanced across all available Packet Forwarding
Engines, the traffic loss on an AF interface during ISSU might be higher, compared to the traffic loss on a regular interface.
An af interface is a pseudo interface that represents a first class Ethernet interface behavior. An AF interface facilitates routing control and management traffic between guest network functions (GNFs) through the switch fabric.
[See Abstracted Fabric (AF) Interface.]
Centralized assignment of unique MAC addresses to GNFs (MX960, MX2008, MX2010, and
MX2020)—Starting in Junos OS Release 19.2R1, Junos node slicing supports the assignment of a globally unique MAC address range (supplied by Juniper Networks) for GNFs. To receive the globally unique MAC address range for the GNFs, contact your Juniper Networks representative and provide your GNF license SSRN (Software Support Reference Number), which will have been shipped to you electronically upon your purchase of the GNF license. For each GNF license, you will then be provided an ‘augmented SSRN’, which includes the globally unique MAC address range assigned by Juniper Networks for that GNF license. You must then configure this augmented SSRN at the JDM CLI as follows:
set system vnf-license-supplement vnf-id gnf-id license-supplement-string augmented-ssrn-string.
[See Assigning MAC Addresses to GNF]
Support for IPSec, stateful firewall, and CGNAT services on MS-MPCs over abstracted fabric interfaces
(MX480, MX960, MX2010, and MX2020)—Starting in Junos OS Release 19.2R1, guest network functions (GNF) support Layer 3 services such as Carrier-Grade Network Address Translation (CGNAT), stateful firewall, and IP Security (IPsec) on Multiservices MPCs (MS-MPCs) over abstracted fabric (af) interfaces.
[See Abstracted Fabric Interface]
MX2008 routers support in-chassis Junos node slicing (MX Series)—Starting in Junos OS Release 19.2R1,
MX2008 routers support the in-chassis model of Junos node slicing deployment. In the in-chassis model, the base system (BSYS), Juniper Device Manager (JDM), and all guest network functions (GNFs) run within the Routing Engine of the MX Series router. To support in-chassis Junos node slicing, the MX2008 must have the Routing Engine REMX2008-X8-128G installed.
[See Configuring MX Series Router to Operate in In-Chassis Mode]
Software Installation and Upgrade
The curl binary is packaged and made available on all Junos OS variants (MX Series)—The curl binary
is a command-line utility, used from the shell, that you can use to perform operations over several transport protocols, including the following: dict, file, ftp, gopher, http, imap, pop3, rtsp, smtp, telnet, tftp. The features enabled on Junos OS are curl version 7.59, libcurl version 7.59.
Subscriber Management and Services
Support for M:N subscriber redundancy on BNGs (MX Series)—Starting in Junos OS Release 19.2R1,
you can configure broadband network gateways (BNGs) to provide interface-level redundancy for DHCP subscribers that are on the same static VLAN and use the same access interface. Failover from master to backup BNG is transparent to the clients because the subscriber sessions remain up. You must configure DHCP active leasequery with topology discovery on peer DHCP relay agents on the master and backup BNGs to support the redundancy.
94
[See M:N Subscriber Redundancy.]
Support for Interface-Level Redundancy with DHCP Topology Discovery (MX Series)—Starting in Junos
OS Release 19.2R1, you can configure DHCP active leasequery with topology discovery to provide interface-level subscriber redundancy between peer relay agents. Topology discovery enables master and backup peer relay agents to determine the access interfaces on peers that correspond to their own local access interfaces for servicing subscriber redundancy groups. During synchronization, DHCP translates the subscriber binding information to use the local interface on the backup instead of the interface on the master. You must use topology discovery when you configure M:N subscriber redundancy.
[See DHCP Active Leasequery.]
Support for fixed wireless access subscribers on BNGs (MX Series)—Starting in Junos OS Release 19.2R1,
you can configure the broadband network gateway (BNG) to support subscribers that use a fixed wireless network. Providers use a wireless network for subscriber access over the air instead of than running fiber to the home. The wireless infrastructure saves costs and reduces complexity compared to the fiber network. The BNG acts as the Third-Generation Partnership Project (3GPP) System Architecture Evolution Gateway (SAEGW). The SAEGW incorporates the functions of both the Serving Gateway (SGW) and the Packet Data Network Gateway (PGW). The SGW function routes and forwards user data packets. The PGW function provides connectivity to external packet data networks
[See Fixed Wireless Access Networks.]
System Management
Support for transferring accounting statistics files and router configuration archives using HTTP URL
(MX Series)—Starting in Junos OS Release 19.2R1, you can transfer accounting statistics files and router configuration archives to remote servers by using an HTTP URL. In addition to SCP and FTP, the following HTTP URL will be supported under the archive-sites statement:
http://username@host:url-path password password
To transfer accounting statistics files, configure archive-sites under [edit accounting-options file
<filename>] hierarchy.
To transfer router configuration archival, configure archive-sites under edit system archival
configuration hierarchy.
To view the statistics of transfer attempted, succeeded, and failed, use the show accounting server
statistics archival-transfer command.
To clear the statistics of transfer attempted, succeeded, and failed, use the clear accounting server
statistics archival-transfer command.
[See archive-sites, Backing Up Configurations to an Archive Site, show accounting server statistics
archival-transfer, and clear accounting server statistics archival-transfer].
95
Timing and Synchronization
Support for Synchronous Ethernet with ESMC on MPC10E-15C-MRATE (MX240, MX480,
MX960)—Starting in Junos OS Release 19.2R1, MPC10E-15C-MRATE supports Synchronous Ethernet with ESMC. Synchronous Ethernet is a physical layer technology that is used to transfer clock signals over Ethernet interfaces. It supports hop-by-hop frequency transfer, where all interfaces on the trail must support Synchronous Ethernet.
ESMC is a logical communication channel. It transmits Synchronization Status Message (SSM) information, which is the quality level of the transmitting synchronous Ethernet equipment clock (EEC), by using ESMC protocol data units (PDUs).
[See Synchronous Ethernet Overview].
SEE ALSO
What's Changed | 96
Known Limitations | 100
Open Issues | 102
Resolved Issues | 111
Documentation Updates | 129
Migration, Upgrade, and Downgrade Instructions | 130
Product Compatibility | 137

Changes in Behavior and Syntax

IN THIS SECTION
Interfaces and Chassis | 96
MPLS | 97
Network Management and Monitoring | 97
Routing Policy and Firewall Filters | 98
Services Applications | 98
Software Defined Networking | 98
Subscriber Management and Services | 98
96
VLAN Infrastructure | 99
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands in Junos OS Release 19.2R1 for MX Series routers.

Interfaces and Chassis

Deprecation of the [edit fabric protocols bgp] hierarchy level (MX Series)—Starting in Junos OS Release
19.2R1 and later, the [edit fabric protocols bgp] hierarchy level is deprecated.
Support to get Optics Loopback Status for QSFP-100GE-DWDM2 transceivers (MX Series)—In Junos
OS Release 19.2R1, and later, on MX Series routers, you can get the optics loopback status of QSFP-100GE-DWDM2 transceivers along with the regular ethernet loopback status by issuing the show
interfaces interface-name or show interfaces interface-name brief command. New Output field Optics Loopback is added under Link-level type when show interfaces interface-name CLI command is executed.
Monitoring information available only in Trace log (MX Series)—In Junos OS Release 19.2R1 and later,
the Ethernet link fault management daemon (lfmd) in the peer router stops monitoring the locally occurred errors until ISSU completes. You can view the monitoring-related details only through the trace log file.
Health check for power supplies (MX10008 and MX10016)—Starting in Junos OS Release 19.2R1, on
the MX10008 and MX10016 routers, the show chassis environment pem command displays the health check information about the DC or AC Power supplies. For any power supply that does not support health check, the status is shown as Unsupported. The system starts health check of a power supply only if the power consumption exceeds 7 KW.
[See show chassis environment pem]

MPLS

New debug statistics counter (MX Series)—The show system statistics mpls command has a new output
field, called Packets dropped, over p2mp composite nexthop, to record the packet drops over composite point-to-multipoint next hops.

Network Management and Monitoring

The show system schema command and <get-yang-schema> RPC require specifying an output directory
(MX Series)—Starting in Junos OS Release 19.2R1, when you issue the show system schema operational mode command in the CLI or execute the <get-yang-schema> RPC in a remote session to retrieve schema files, you must specify the directory in which to generate the output files by including the output-directory command option in the CLI or the <output-directory> element in the RPC. In earlier releases, you can omit the output-directory argument when requesting a single module to display the module in standard output.
97
Custom YANG RPC support for input parameters of type empty (MX Series)—Starting in Junos OS
Release 19.2R1, custom YANG RPCs support input parameters of type empty when executing the RPC’s command in the Junos OS CLI, and the value passed to the action script is the parameter name. In earlier releases, input parameters of type empty are only supported when executing the RPC in a NETCONF or Junos XML protocol session, and the value passed to the action script is the string 'none'.
[See Creating Action Scripts for YANG RPCs on Devices Running Junos OS.]
Change in power supply alarms (MX10003)—Starting in Junos OS Release 19.2R1, the MX10003 routers
do not raise an alarm if a Power Entry Module (PEM) slot is empty. However, when the number of operational PEMs available is less than 2, the router raises a major alarm. This alarm is cleared when the required number of PEMs are made available.
[See show chassis alarms]

Routing Policy and Firewall Filters

Fixed an issue with certain combination of match conditions—In Junos OS Release 19.2R1, fixed a
temporary issue wherein configuring a firewall filter with a match condition for port along with source-port and/or destination-port in the same filter term would cause a commit error. Any valid combination of the filter terms is now supported.

Services Applications

Support for host generated traffic on a GRE over GRE tunnel (MX Series)—In Junos OS Release 19.2R1,
you can send host generated traffic on a GRE over GRE tunnel. However, when path maximum transmission unit (PMTU) is updated for the outer GRE tunnel, MTU for inner GRE tunnel is not corrected.
New syslog message displayed during NAT port allocation error (MX Series Routers with MS MPC)—With
address pooling paired (APP) enabled, an internal host is mapped to a particular NAT pool address. In case, all the ports under a NAT pool address are exhausted, further port allocation requests from the internal host results in a port allocation failure. The following new syslog message is displayed during such conditions:
98
JSERVICES_NAT_OUTOF_PORTS_APP
This syslog message is generated only once per NAT pool address.

Software Defined Networking

Deprecated CLI commands and options for JDM (MX480, MX960, MX2010, MX2020, and
MX2008)—Starting in Junos OS Release 19.2R1, in Junos Node Slicing, Juniper Device Manager (JDM) does not support the following CLI commands or options:
show system visibility
show system inventory
the jinventoryd option in the restart command

Subscriber Management and Services

Changing attributes of physical interface with active subscribers (MX Series)—Starting in Junos OS
Release 19.2R1, the commit check fails when you change any attribute of the physical interface, such as the MTU, when subscribers are active. This affects only aggregated Ethernet physical interfaces with targeted distribution configured. In earlier releases, the commit check does not fail and the attribute change brings down the physical interface and all subscribers using that interface.
[See CoS for Aggregated Ethernet Subscriber Interfaces Overview.]
Loading...