Junos OS 20.2R1 User Manual

Release

Published

2021-04-22

Notes

Junos®OS 20.2R1 Release Notes

SUPPORTED ON

ACX Series, EX Series, Junos Fusion Enterprise, Junos Fusion Provider Edge, JRR Series,

•

MX Series, NFX Series, PTX Series, QFX Series, and SRX Series

SOFTWARE HIGHLIGHTS

Retain the authentication session based on DHCP or SLAAC snooping entries (EX Series)

•

Rest API support for EX2300, EX2300-MP, EX3400, EX4300, EX4300-MP, EX4600,

•

EX4650, and EX9200

TI-LFA SRLG protection for IS-IS (MX Series and PTX Series)

•

MX Series Virtual Chassis support for the ephemeral database (MX Series)

•

Change the default re-merge behavior on the P2MP LSP (MX Series)

•

BGP-LU over SR-MPLS and IS-IS segment routing underlay

•

Support for Layer 2 circuit, Layer 2 VPN, and VPLS services with BGP labeled unicast (MX

•

Series and EX Series)

Packet capture of unknown application traffic (NFX Series, SRX Series, and vSRX)

•

Safe search enhancement for Web filtering (SRX Series and vSRX)

•

Encrypted traffic analysis

•

Support for Application Quality of Experience (AppQoE) (SRX4600)

•

IN FOCUS GUIDE

Use this new guide to quickly learn about the most important Junos OS features and how

•

you can deploy them in your network.

Day One+

Use this new setup tool to get your Junos OS up and running in three quick steps.

•

Release Notes: Junos®OS Release 20.2R1 for

the ACX Series, EX Series, Junos Fusion, JRR

Series, MX Series, NFX Series, PTX Series, QFX

Series, and SRX Series

22 April 2021

Introduction | 12

Junos OS Release Notes for ACX Series | 12

What's New | 13

Hardware | 13

Authentication, Authorization, and Accounting | 18

Class of Service (CoS) | 18

EVPN | 18

Interfaces and Chassis | 19

Juniper Extension Toolkit (JET) | 20

Junos Telemetry Interface | 20

MPLS | 20

Multicast | 21

Network Management and Monitoring | 21

Routing Policy and Firewall Filters | 22

What's Changed | 23

Class of Service (CoS) | 23

General Routing | 23

Juniper Extension Toolkit (JET) | 24

Network Management and Monitoring | 24

Known Limitations | 25

General Routing | 25

Open Issues | 28

General Routing | 28

Platform and Infrastructure | 31

Resolved Issues | 31

General Routing | 32

Interfaces and Chassis | 33

Layer 2 Ethernet Services | 33

MPLS | 33

Routing Protocols | 33

VPNs | 33

Documentation Updates | 34

Migration, Upgrade, and Downgrade Instructions | 34

Upgrade and Downgrade Support Policy for Junos OS Releases | 35

Junos OS Release Notes for EX Series | 35

What's New | 36

What’s New in Release 20.2R1-S1 | 37

What’s New in Release 20.2R1 | 37

What's Changed | 44

Class of Service (CoS) | 45

General Routing | 45

Juniper Extension Toolkit (JET) | 45

Network Management and Monitoring | 46

Known Limitations | 46

EVPN | 47

Infrastructure | 47

Open Issues | 47

Authentication and Access Control | 48

EVPN | 48

Infrastructure | 48

Interfaces and Chassis | 48

Layer 2 Ethernet Services | 48

Layer 2 Features | 49

Platform and Infrastructure | 49

Routing Protocols | 51

Resolved Issues | 51

Authentication and Access Control | 52

EVPN | 52

High Availability (HA) and Resiliency | 52

Infrastructure | 52

Interfaces and Chassis | 52

Junos Fusion Enterprise | 53

Junos Fusion Satellite Software | 53

Layer 2 Ethernet Services | 53

Layer 2 Features | 53

MPLS | 53

Platform and Infrastructure | 53

Routing Protocols | 55

User Interface and Configuration | 55

Documentation Updates | 56

Migration, Upgrade, and Downgrade Instructions | 56

Upgrade and Downgrade Support Policy for Junos OS Releases | 57

Junos OS Release Notes for JRR Series | 57

What's New | 58

Layer 2 Features | 58

What's Changed | 59

Known Limitations | 59

Open Issues | 60

Resolved Issues | 60

General Routing | 60

Documentation Updates | 61

Migration, Upgrade, and Downgrade Instructions | 61

Upgrade and Downgrade Support Policy for Junos OS Releases | 62

Junos OS Release Notes for Junos Fusion for Enterprise | 62

What’s New | 63

What's Changed | 64

Known Limitations | 64

Open Issues | 65

Resolved Issues | 65

Resolved Issues: Release 20.2R1 | 65

Documentation Updates | 66

Migration, Upgrade, and Downgrade Instructions | 66

Basic Procedure for Upgrading Junos OS on an Aggregation Device | 67

Upgrading an Aggregation Device with Redundant Routing Engines | 69

Preparing the Switch for Satellite Device Conversion | 69

Converting a Satellite Device to a Standalone Switch | 71

Upgrade and Downgrade Support Policy for Junos OS Releases | 71

Downgrading Junos OS | 71

Junos OS Release Notes for Junos Fusion Provider Edge | 72

What's New | 73

Hardware | 74

Junos Fusion | 74

What's Changed | 75

Known Limitations | 75

Open Issues | 75

Resolved Issues | 76

Fusion for Provider Edge | 76

Documentation Updates | 77

Migration, Upgrade, and Downgrade Instructions | 77

Basic Procedure for Upgrading an Aggregation Device | 78

Upgrading an Aggregation Device with Redundant Routing Engines | 80

Preparing the Switch for Satellite Device Conversion | 81

Converting a Satellite Device to a Standalone Device | 82

Upgrading an Aggregation Device | 85

Upgrade and Downgrade Support Policy for Junos OS Releases | 85

Downgrading from Junos OS Release 20.1 | 85

Junos OS Release Notes for MX Series | 86

What's New | 87

What’s New in Release 20.2R1-S1 | 88

What’s New in Release 20.2R1 | 88

What's Changed | 113

Class of Service (CoS) | 113

General Routing | 113

Juniper Extension Toolkit (JET) | 114

Network Management and Monitoring | 114

Services Applications | 115

Software-Defined Networking (SDN) | 115

Known Limitations | 116

General Routing | 116

Infrastructure | 118

Interfaces and Chassis | 118

MPLS | 118

Platform and Infrastructure | 118

Open Issues | 119

Class of Service (CoS) | 119

EVPN | 120

Forwarding and Sampling | 120

General Routing | 120

High Availability (HA) and Resiliency | 124

Interfaces and Chassis | 124

Layer 2 Ethernet Services | 125

MPLS | 125

Network Management and Monitoring | 126

Platform and Infrastructure | 126

Routing Protocols | 127

VPNs | 127

Resolved Issues | 128

Application Layer Gateways (ALGs) | 129

Class of Service (CoS) | 129

EVPN | 129

Forwarding and Sampling | 130

General Routing | 130

High Availability (HA) and Resiliency | 138

Infrastructure | 138

Interfaces and Chassis | 138

Intrusion Detection and Prevention (IDP) | 139

J-Web | 139

Junos Fusion for Enterprise | 139

Junos Fusion Satellite Software | 139

Layer 2 Ethernet Services | 139

Layer 2 Features | 140

MPLS | 140

Platform and Infrastructure | 141

Routing Policy and Firewall Filters | 142

Routing Protocols | 142

Services Applications | 144

Subscriber Access Management | 144

VPNs | 144

Documentation Updates | 145

Advanced Subscriber Management Provider | 145

Migration, Upgrade, and Downgrade Instructions | 146

Basic Procedure for Upgrading to Release 20.2R1 | 147

Procedure to Upgrade to FreeBSD 11.x-based Junos OS | 147

Procedure to Upgrade to FreeBSD 6.x-based Junos OS | 150

Upgrade and Downgrade Support Policy for Junos OS Releases | 151

Upgrading a Router with Redundant Routing Engines | 152

Downgrading from Release 20.2R1 | 152

Junos OS Release Notes for NFX Series | 153

What’s New | 153

Application Security | 154

High Availability | 155

Interfaces | 155

What's Changed | 155

What’s Changed in Release 20.2R1 | 156

Known Limitations | 156

High Availability | 157

Platform and Infrastructure | 157

Open Issues | 157

High Availability | 158

Interfaces | 158

Platform and Infrastructure | 158

Virtual Network Functions (VNFs) | 159

Resolved Issues | 159

Application Security | 160

High Availability | 160

Interfaces | 160

Mapping of Address and Port with Encapsulation (MAP-E) | 160

Platform and Infrastructure | 160

Virtualized Network Functions (VNFs) | 161

Documentation Updates | 161

Migration, Upgrade, and Downgrade Instructions | 162

Upgrade and Downgrade Support Policy for Junos OS Releases | 162

Basic Procedure for Upgrading to Release 20.2 | 162

Junos OS Release Notes for PTX Series | 164

What's New | 165

High Availability (HA) and Resiliency | 165

Interfaces and Chassis | 166

Juniper Extension Toolkit (JET) | 166

Junos Telemetry Interface | 167

MPLS | 170

Network Management and Monitoring | 170

Routing Policy and Firewall Filters | 172

Routing Protocols | 172

System Logging | 173

What's Changed | 173

General Routing | 174

Juniper Extension Toolkit (JET) | 174

Network Management and Monitoring | 174

Known Limitations | 175

General Routing | 175

Routing Protocols | 176

Open Issues | 176

General Routing | 176

Interfaces and Chassis | 177

MPLS | 177

Routing Protocols | 177

Resolved Issues | 178

General Routing | 178

Infrastructure | 180

Layer 2 Ethernet Services | 180

MPLS | 180

Routing Protocols | 180

Documentation Updates | 181

Migration, Upgrade, and Downgrade Instructions | 181

Basic Procedure for Upgrading to Release 20.2 | 181

Upgrade and Downgrade Support Policy for Junos OS Releases | 184

Upgrading a Router with Redundant Routing Engines | 185

Junos OS Release Notes for the QFX Series | 185

What's New | 186

What’s New in Release 20.2R1-S1 | 187

What’s New in Release 20.2R1 | 189

What's Changed | 211

Class of Service | 211

General Routing | 211

Interfaces and Chassis | 212

Junos Extension Toolkit | 212

Network Management and Monitoring | 212

Known Limitations | 213

Class of Service (CoS) | 213

General Routing | 213

Layer 2 Ethernet Services | 214

Open Issues | 214

Class of Service (CoS) | 215

EVPN | 215

General Routing | 215

High Availability (HA) and Resiliency | 218

Infrastructure | 218

Interfaces and Chassis | 218

Layer 2 Ethernet Services | 218

Layer 2 Features | 218

Platform and Infrastructure | 219

Routing Protocols | 219

Virtual Chassis | 219

Resolved Issues | 220

Resolved Issues: 20.2R1 | 220

Documentation Updates | 225

Migration, Upgrade, and Downgrade Instructions | 226

Upgrading Software on QFX Series Switches | 226

Installing the Software on QFX10002-60C Switches | 229

Installing the Software on QFX10002 Switches | 229

Upgrading Software from Junos OS Release 15.1X53-D3X to Junos OS Release

15.1X53-D60, 15.1X53-D61.7, 15.1X53-D62, and 15.1X53-D63 on QFX10008 and QFX10016 Switches | 230

Installing the Software on QFX10008 and QFX10016 Switches | 232

Performing a Unified ISSU | 236

Preparing the Switch for Software Installation | 237

Upgrading the Software Using Unified ISSU | 237

Upgrade and Downgrade Support Policy for Junos OS Releases | 239

Junos OS Release Notes for SRX Series | 240

What’s New | 241

Application Security | 242

Authentication and Access Control | 243

Flow-Based and Packet-Based Processing | 243

General Packet Radio Switching (GPRS) | 243

Intrusion Detection and Prevention (IDP) | 243

Junos Telemetry Interface | 244

Juniper Extension Toolkit (JET) | 245

J-Web | 245

Juniper Sky ATP | 246

Logical Systems and Tenant Systems | 246

Multicast | 247

Network Address Translation (NAT) | 247

Network Management and Monitoring | 248

Platform and Infrastructure | 249

Port Security | 249

Security | 249

Software Installation and Upgrade | 250

Unified Threat Management (UTM) | 250

What's Changed | 251

Application Security | 252

Flow-Based and Packet-Based Processing | 254

Juniper Extension Toolkit (JET) | 254

Juniper Sky ATP | 255

Network Management and Monitoring | 255

VPNs | 255

Known Limitations | 257

Authentication and Access Control | 258

Flow-Based and Packet-Based Processing | 258

J-Web | 258

Routing Policy and Firewall Filters | 258

VPNs | 258

Open Issues | 259

Flow-Based and Packet-Based Processing | 259

J-Web | 259

Routing Policy and Firewall Filters | 260

VPNs | 260

Resolved Issues | 261

Application Layer Gateways (ALGs) | 261

Authentication and Access Control | 261

Flow-Based and Packet-Based Processing | 261

Intrusion Detection and Prevention (IDP) | 263

J-Web | 263

Layer 2 Ethernet Services | 263

Multiprotocol Label Switching (MPLS) | 263

Network Address Translation (NAT) | 263

Network Management and Monitoring | 263

Platform and Infrastructure | 264

Routing Policy and Firewall Filters | 264

Routing Protocols | 264

Unified Threat Management (UTM) | 264

VPNs | 264

Documentation Updates | 265

Migration, Upgrade, and Downgrade Instructions | 266

Upgrade and Downgrade Support Policy for Junos OS Releases and Extended End-Of-Life

Releases | 266

Upgrading Using ISSU | 267

Licensing | 267

Compliance Advisor | 268

Finding More Information | 268

Documentation Feedback | 268

Requesting Technical Support | 270

Self-Help Online Tools and Resources | 270

Creating a Service Request with JTAC | 271

Revision History | 271

Introduction

Junos OS runs on the following Juniper Networks®hardware: ACX Series, EX Series, Junos Fusion, JRR

Series, M Series, MX Series, NFX Series, PTX Series, QFabric systems, QFX Series, and SRX Series, T Series.

These release notes accompany Junos OS Release 20.2R1 for the ACX Series, EX Series, Junos Fusion, JRR Series, MX Series, NFX Series, PTX Series, QFX Series, and SRX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

In Focus guide—We have a document called In Focus that provides details on the most important features

•

for the release in one place. We hope this document will quickly get you to the latest information about Junos OS features. Let us know if you find this information useful by sending an e-mail to techpubs-comments@juniper.net.

Important Information:

•

Upgrading Using ISSU on page 267

•

Licensing on page 267

•

Compliance Advisor on page 268

•

Finding More Information on page 268

•

Documentation Feedback on page 268

•

Requesting Technical Support on page 270

•

Junos OS Release Notes for ACX Series

IN THIS SECTION

What's New | 13

What's Changed | 23

Known Limitations | 25

Open Issues | 28

Resolved Issues | 31

Documentation Updates | 34

Migration, Upgrade, and Downgrade Instructions | 34

These release notes accompany Junos OS Release 20.2R1 for the ACX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

What's New

IN THIS SECTION

Hardware | 13

Authentication, Authorization, and Accounting | 18

Class of Service (CoS) | 18

EVPN | 18

Interfaces and Chassis | 19

Juniper Extension Toolkit (JET) | 20

Junos Telemetry Interface | 20

MPLS | 20

Multicast | 21

Network Management and Monitoring | 21

Routing Policy and Firewall Filters | 22

Learn about new features introduced in the Junos OS main and maintenance releases for ACX Series routers.

Hardware

New ACX710 Universal Metro Routers (ACX Series)—In Junos OS Release 20.2R1, we introduce the

•

ACX710 router. The ACX710 is a compact 1-U router that provides system throughput of up to 320 Gbps through the following port configurations:

Twenty-four 10GbE or 1GbE ports (ports 0 through 23) that operate at 10-Gbps speed when you use

•

small form-factor pluggable plus (SFP+) transceivers or at 1-Gbps speed when you use small form-factor pluggable (SFP) optics. Ports 0 through 15 also support 1000 Mbps speeds when you use tri-rate SFP optics. Ports 16 through 23 support 100 Mbps and 1000 Mbps speeds when you use tri-rate SFP optics.

Four 100GbE ports (ports 0 through 3) that support quad small form-factor pluggable 28 (QSFP28)

•

transceivers. You can channelize these ports into four 25-Gbps interfaces using breakout cables and channelization configuration. These ports also support 40-Gbps speed when you use quad small form-factor pluggable plus (QSFP+) optics. You can channelize these 40-Gbps ports into four 10-Gbps interfaces using breakout cables and channelization configuration. [See Channelize Interfaces on

ACX710 Routers.]

The ACX710 router is a DC-powered device that is cooled using a fan tray with five high-performance fans to cool the chassis.

To install the ACX710 router hardware and perform initial software configuration, routine maintenance, and troubleshooting, see the ACX710 Universal Metro Router Hardware Guide.

Table 1 on page 14 summarizes the ACX710 features supported in Junos OS Release 20.2R1.

Table 1: Features Supported by the ACX710 Routers

DescriptionFeature

Class of service (CoS)

DHCP

EVPN

Firewalls and policers

Standard CoS feature support, including configuring classification,

•

rewrite, shaping, buffering, and scheduling parameters for traffic

management. [See CoS on ACX Series Routers Features Overview.]

DHCP server, DHCP client, and DHCP relay configuration for IPv4

•

and IPv6 services. [See Understanding DHCP Client Operation on ACX

Series.]

EVPN-VPWS. [See Overview of VPWS with EVPN Signaling

•

Mechanisms EVPN-VPWS with flexible cross-connect (FXC).]

EVPN-VPWS with flexible cross-connect (FXC). [See Overview of

•

Flexible Cross-Connect Support on VPWS with EVPN.]

EVPN with ELAN services over MPLS. [See EVPN Overview.]

•

Configure firewall filters on packets (families such as bridge domain,

•

IPv4, IPv6, CCC, and MPLS) based on packet match conditions. Along

with the match conditions, actions such as count, discard, log, syslog,

policer are performed on the packets that match the filter. You can

configure policers and attach them to a firewall term. [See Standard

Firewall Filter Match Conditions and Actions on ACX Series Routers

Overview.]

Table 1: Features Supported by the ACX710 Routers (continued)

DescriptionFeature

High availability (HA) and resiliency

Layer 2 features

VRRP protocol support with Broadcom’s DNX chipset. [See

•

Understanding VRRP Overview.]

Configure alarm input and output, manage FRUs, and monitor

•

environment. The router also supports field-replaceable unit (FRU)

management and environmental monitoring. [See alarm-port.]

Platform resiliency to handle failures and faults of the components

•

such as fan trays, temperature sensors, and power supplies. The router

also supports firmware upgrade for FPGA and U-boot. [See show

chassis alarms and show system firmware.]

Layer 2 support: bridging, bridge domain with no vlan-id, with vlan-id

•

none, or with single vlan-id, single learning domain support,.Q-in-Q

service for bridging, MAC limit feature support, no local switching

support for bridge domain, and E-LINE from a bridge with no MAC

learning. [See Layer 2 Bridge Domains on ACX Series Overview.]

Layer 2 support for bridge interfaces for vlan-map push operation,

•

swap operation, pop operation, and swap-swap operation. [See Layer

2 Bridging Interfaces Overview.]

Layer 2 support for control protocols (L2CP): RSTP, MSTP, LLDP,

•

BPDU guard/protection, loop protection, root protection, Layer 2

protocol tunneling, storm control, IRB interface, LAG support with

corresponding hashing algorithm, E-LINE, E-LAN, E-ACCESS, and

E-Transit service over L2/Bridge with the following AC interface types:

Port, VLAN, Q-in-Q, VLAN range and VLAN list. [See Layer 2 Control

Protocols on ACX Series Routers.]

Layer 2 circuit cross-connect (L2CCC) support for Layer 2 switching

•

cross-connects. You can leverage the hardware support available for

cross-connects on the ACX710 device with the Layer 2 local switching

functionality using certain models. With this support, you can provide

the EVP and EVPL services. [See Configuring MPLS for Switching

Cross-Connects.]

Reflector function support in RFC 2544. [See RFC 2544-Based

•

Benchmarking Tests Overview.]

Table 1: Features Supported by the ACX710 Routers (continued)

DescriptionFeature

Layer 3 features

Layer 3 VPN and Layer 3 IPv6 VPN Provider Edge router (6VPE)

•

support over MPLS. The router uses MPLS as a transport mechanism

with support for label-switching router (LSR), label edge routers (LERs),

and pseudowire services. These protocols are also supported: ECMP,

OSPF, IS-IS, and BGP. [See Understanding Layer 3 VPNs.]

Basic Layer 3 services over segment routing infrastructure. The

•

segment routing features supported are: segment routing with OSPF

through MPLS, segment routing with IS-IS through MPLS, segment

routing traffic engineering (SR-TE), segment routing global block (SRGB)

range label used by source packet routing in networking (SPRING),

anycast segment identifiers (SIDs) and prefix SIDs in SPRING, and

segment routing with topology independent (TI)-loop-free alternate

(LFA) provides fast reroute (FRR) backup paths corresponding to the

post-convergence path for a given failure. [See Segment Routing LSP

Configuration.]

Enhanced timing and synchronization support using Synchronous

•

Ethernet with ESMC and BITS-Out. [See Synchronous Ethernet

Overview and synchronization (ACX Series).]

Supports full-mesh VPLS domain deployment. The router supports

•

interworking of both BGP as well as LDP-based VPLS. BGP can be

used only for auto-discovery of the VPLS PEs, while LDP signaling for

VPLS connectivity. [See Introduction to VPLS.]

MPLS

Multicast

Supports the Path Computation Element Protocol (PCEP). You can

•

configure the PCEP implementation for both RSVP-TE and segment

routing label-switched paths (LSPs). [See PCEP Configuration.]

Support for MPLS fast reroute (FRR) and unicast reverse-path

•

forwarding (uRPF). [See fast-reroute (Protocols MPLS) and Guidelines

for Configuring Unicast RPF on ACX Series Routers.]

Provides MPLS ping and traceroute support. [See MPLS Connectivity

•

Verification and Troubleshooting Methods.]

Multicast support for IPv4 and IPv6 PIM-SM, SSM, IGMP snooping

•

and proxy support, IGMP, IGMPv1/v2/v3 snooping, IGMP snooping

support for LAG, global multicast support, MLD, and multicast support

on IRB. [See Multicast Overview.]

Table 1: Features Supported by the ACX710 Routers (continued)

DescriptionFeature

Network management and monitoring

OAM

System management

TWAMP support. [See Two-Way Active Measurement Protocol on

•

ACX Series.]

NETCONF sessions over TLS. [See NETCONF Sessions over Transport

•

Layer Security (TLS).]

Support for adding custom YANG data models to the Junos OS schema

•

[See Understanding the Management of Non-Native YANG Modules

on Devices Running Junos OS.]

Secure boot support in U-boot phase to authenticate and verify the

•

loaded software image while also preventing software-based attack.

[See Software Installation and Upgrade Guide.]

IEEE 802.3ah standard for operation, administration, and management

•

(OAM) connectivity fault management (CFM), BFD, and the ITU-T

Y.1731 standard for Ethernet service OAM. [See IEEE 802.1ag OAM

Connectivity Fault Management Overview.]

Zero-touch provisioning (ZTP) can automate the provisioning of the

•

device configuration and software image. [See Software Installation

and Upgrade Guide.]

Table 1: Features Supported by the ACX710 Routers (continued)

DescriptionFeature

To view the hardware compatibility matrix for optical interfaces, transceivers, and DACs supported across all platforms,

see the Hardware Compatibility Tool.

Authentication, Authorization, and Accounting

Support for LDAP authentication and authorization over TLS (ACX710)— Starting in Junos OS Release

•

20.2R1, we support LDAP authentication and authorization for Junos OS user login. Through the use of LDAP over TLS (LDAPS), we’ve implemented the LDAP authentication and authorization support for Junos OS user login user by providing TLS security between the device running Junos OS (which is the LDAPS client) and the LDAPS server.

To enable LDAPS support, you can configure the ldaps-server option at the [edit system authentication-order] hierarchy level. LDAPS ensures the secure transmission of data between a client and a server with better privacy, confidentiality, data integrity and higher scalability.

[See Understanding LDAP Authentication over TLS.]

Class of Service (CoS)

Support for hierarchical class of service (HCoS) (ACX5448)—Starting with Junos OS Release 20.2R1,

•

ACX5448 devices support up to four levels of hierarchical scheduling (physical interfaces, logical interface sets, logical interfaces, and queues). By default, all interfaces on the ACX5448 use port-based scheduling (eight queues per physical port). To enable hierarchical scheduling, set hierarchical-scheduler at the [edit interfaces interface-name] hierarchy level.

[See Hierarchical Class of Service in ACX Series Routers.]

EVPN

Noncolored SR-TE LSPs with EVPN-MPLS (ACX5448, EX9200, MX Series, and vMX)—Starting in Junos

•

OS Release 20.2R1, ACX5448, EX9200, MX Series, and vMX routers support noncolored static segment routing-traffic engineered (SR-TE) label-switched paths (LSPs) with an EVPN-MPLS core network and the following Layer 2 services running at the edges of the network:

E-LAN

•

EVPN-ETREE

•

EVPN-VPWS with E-Line

•

Without color, all LSPs resolve using a BGP next hop only.

The Juniper Networks routers support noncolored SR-TE LSPs in an EVPN-MPLS core network with the following configurations:

EVPN running in a virtual switch routing instance

•

Multihoming in active/active and active/standby modes

•

The Juniper Networks routers also support noncolored SR-TE LSPs when functioning as a Data Center Interconnect (DCI) device that handles EVPN Type 5 routes.

[See Static Segment Routing Label Switched Path.]

Interfaces and Chassis

Port speeds and channelization (ACX710 routers)—Starting in Junos OS Release 20.2R1, you can

•

configure multiple speeds and interface channelization on our new ACX710 router. The router has 28 ports, which support the following speeds:

Ports 0 through 23 on PIC 0 support 1-Gbps speed (with SFP transceivers) and 10-Gbps speed (with

•

SFP+ transceivers).

Ports 0 through 3 on PIC 1 support the default 100-Gbps speed (with QSFP28 transceivers) or the

•

configured 40-Gbps speed (with QSFP+ transceivers). You can use the set chassis fpc slot-number pic pic-number port port-number speed speed CLI command and breakout cables to channelize each:

100-Gbps port into four 25-Gbps interfaces

•

40-Gbps port into four 10-Gbps interfaces

•

[See Channelize Interfaces on ACX710 Routers.]

Ethernet OAM and BFD support (ACX710)—Starting in Junos OS Release 20.2R1, the ACX710 routers

•

support IEEE 802.3ah standard for Operation, Administration, and Maintenance (OAM) connectivity fault management (CFM), BFD, and the ITU-T Y.1731 standard for Ethernet service OAM.

[See Introduction to OAM Connectivity Fault Management (CFM).]

Alarm port configuration, FRU management, and environmental monitoring (ACX710)—Starting in Junos

•

OS Release 20.2R1, you can configure the alarm port on the ACX710 router. You can use the alarm input to connect the router to external alarm sources such as security sensors so that the router receives alarms from these sources and displays those alarms. You can use the alarm output to connect the router to an external alarm device that gives audible or visual alarm signals based on the configuration. You can configure three alarm inputs and one alarm output by using the alarm-port statement at the [edit chassis] hierarchy level. You can view the alarm port details by using the show chassis craft-interface command.

The ACX710 also supports FRU management and environmental monitoring.

[See alarm-port.]

Multichassis link aggregation groups, configuration synchronization, and configuration consistency

•

check (ACX5448 routers)—Starting in Junos OS Release 20.2R1, multichassis link aggregation (MC-LAG) includes support of Layer 2 circuit functionality with ether-ccc and vlan-ccc encapsulations.

MC-LAG enables a client device to form a logical LAG interface using two switches. MC-LAG provides redundancy and load balancing between the two switches, multihoming support, and a loop-free Layer 2 network without running spanning-tree protocols (STPs).

[See Multichassis Link Aggregation Features, Terms, and Best Practices.]

Juniper Extension Toolkit (JET)

JET Clang toolchain supports cross-compiling JET applications for use on ARM platforms

•

(ACX710)—Starting in Junos OS Release 20.2R1, you can use the Clang toolchain to compile JET applications written in C, Python, or Ruby to run on the ARM architecture as well as Junos OS with FreeBSD and upgraded FreeBSD. The Clang toolchain for ARM is included in the JET software bundle. After you have downloaded the JET software bundle, you can access the Clang toolchain at /usr/local/junos-jet/toolchain/llvm/. Use the mk-arm,bsdx command to use the Clang toolchain to compile your application.

[See Develop On-Device JET Applications.]

Python 3 support for JET (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX

•

Series)—Starting in Junos OS Release 20.2R1, Junos OS can use Python 3 to execute JET scripts. To enable unsigned JET Python applications that support Python 3 to run on devices running Junos OS, use the set system scripts language python3 command.

[See language (Scripts), Develop Off-Device JET Applications, and Develop On-Device JET Applications.]

Junos Telemetry Interface

•

Network instance (policy) statistics and OpenConfig configuration enhancements on JTI (ACX1100, ACX2100, ACX5448, ACX6360, EX4300, MX240, MX480, MX960, MX10003, PTX10008, PTX10016, QFX5110, and QFX10002)—Junos OS Release 20.2R1 provides enhancements to support the OpenConfig

data models openconfig-local-routing.yang and openconfig-network-instance.yang.

[See Mapping OpenConfig Routing Policy Commands to Junos Configuration and Mapping OpenConfig

Network Instance Commands to Junos Operation.]

MPLS

Support for MPLS ping and traceroute for segment routing (ACX Series, MX Series, and PTX

•

Series)—Starting in Junos OS Release 20.2R1, we extend the MPLS ping and traceroute support for all

types segment routing--traffic engineering (SR-TE) tunnels, including static segment routing tunnels, BGP-SR-TE tunnels, and PCEP tunnels.

We also support the following features:

FEC validation support, as defined in RFC 8287, for paths consisting of IGP segments. Target FEC

•

stack contains single or multiple segment ID sub-TLVs. This involves validating IPv4 IGP-Prefix Segment and IGP-Adjacency Segment ID FEC-stack TLVs.

ECMP traceroute support for all types of SR-TE paths.

•

We do not support the following:

Ping and traceroute for SR-TE tunnel for non-enhanced-ip mode.

•

OAM for IPv6 prefix.

•

BFD

•

[See traceroute mpls segment-routing spring-te and ping mpls segment routing spring-te.]

Multicast

Support for IPv6 multicast using MLD (ACX5448)—Starting with Junos OS Release 20.2R1, ACX5448

•

routers support Multicast Listener Discovery (MLD) snooping with MLDv1 and MLDv2 for both any source multicast and SSM. Support for MLD snooping in EVPN was introduced in Junos OS Release

19.4R2.

MLD snooping for IPv6 is used to optimize Layer 2 multicast forwarding. It works by checking the MLD messages sent between hosts and multicast routers to identify which hosts are interested in receiving IPv6 multicast traffic, and then forwarding the multicast streams to only those VLAN interfaces that are connected to the interested hosts (rather than flooding the traffic to all interfaces). You can enable or disable MLD snooping per VLAN at the [edit protocols mld-snooping vlan vlan-ID] hierarchy level. Note, however, that you cannot use ACX Series routers to connect to a multicast source.

[See Understanding MLD Snooping, Understanding MLD, and Overview of Multicast Forwarding with

IGMP or MLD Snooping in an EVPN-MPLS Environment.]

Network Management and Monitoring

NETCONF sessions over TLS (ACX710)—Starting in Junos OS Release 20.2R1, ACX710 routers support

•

establishing Network Configuration Protocol (NETCONF) sessions over Transport Layer Security (TLS) to manage devices running Junos OS. TLS uses mutual X.509 certificate-based authentication and provides encryption and data integrity to establish a secure and reliable connection. NETCONF sessions over TLS enable you to remotely manage devices using certificate-based authentication and to more easily manage networks on a larger scale than when using NETCONF over SSH.

[See NETCONF Sessions over Transport Layer Security (TLS).]

Python 3 support for YANG scripts (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX

•

Series)—Starting in Junos OS Release 20.2R1, Junos OS uses Python 3 to execute YANG action and translation scripts that are written in Python. Junos OS does not support using Python 2.7 to execute YANG Python scripts as of this release.

[See Understanding Python Automation Scripts for Devices Running Junos OS.]

Support for port mirroring (ACX5448)—Starting in Junos OS Release 20.2R1, you can use analyzers to

•

mirror copies of packets to a configured destination. Mirroring helps in debugging network problems and also in defending the network against attacks. You can mirror all ingress traffic to a configured port (or port list), using a protocol analyzer application that passes the input to mirror through a list of ports configured through the logical interface. You configure the analyzer at the [edit forwarding-options analyzer] hierarchy level.

Configuration guidelines and limitations:

Maximum of four default analyzer sessions

•

LAGs supported as mirror output; a maximum of eight child members

•

Not supported:

•

Egress mirroring

•

Mirroring on IRB, Virtual Chassis, or management interfaces

•

Nondefault analyzers

•

[See show forwarding-options analyzer.]

Routing Policy and Firewall Filters

Support for firewall filters and policers (ACX710)—Starting with Junos OS Release 20.2R1, the ACX710

•

router supports configuring firewall filters on packets (families such as bridge domain, IPv4, IPv6, CCC, and MPLS) based on packet match conditions. Along with the match conditions, actions such as count, discard, log, syslog, and policer are performed on the packets that match the filter. You can configure policers and attach them to a firewall term.

[See Standard Firewall Filter Match Conditions and Actions on ACX Series Routers Overview.]