Junos OS 20.4R1 User Manual
Release
Published
2021-03-04
Notes
Junos®OS 20.4R1 Release Notes
SUPPORTED ON
ACX Series, cRPD, cSRX, EX Series, JRR Series, Juniper Secure Connect, Junos Fusion
•
Enterprise, Junos Fusion Provider Edge, MX Series, NFX Series, PTX Series, QFX Series,
SRX Series, vMX, vRR, and vSRX
SOFTWARE HIGHLIGHTS
Support for mobility on Junos Multi-Access User Plane (MX204, MX240, MX480, MX960,
•
MX10003)
Static VXLAN at VLAN or bridge domain level (MX5, MX10, MX40, MX80, MX150, MX240,
•
MX480, MX960, MX2008, MX2010, MX2020, MX10003, MX10008, MX10016 routers
and QFX5120-32C, QFX5120-48T, and QFX5120-48Y switches)
Support for cRPD in SONiC (PTX10008)
•
Phone-home client (EX4300-48MP Virtual Chassis)
•
RADIUS attributes for dynamic VLAN assignment on colorless ports (EX2300, EX2300-MP,
•
EX3400, EX4300, and EX4300-MP)
ZTP with DHCPv6 client support (EX3400, EX4300, PTX1000, PTX5000, PTX10002-60C,
•
PTX10008, QFX5100, QFX5200, QFX10002, and QFX10002-60C)
Support for express segments to establish end-to-end segment routing path (MX Series
•
and PTX Series)
MAC VRF with EVPN-VXLAN (MX Series and vMX routers; QFX5100, QFX5110, QFX5120,
•
QFX5200, QFX10002, QFX10008, and QFX10016 switches)
Support for tunneling applications in unified policies (NFX Series and SRX Series)
•
Support for unidirectional session refreshing (SRX Series)
•
Support for captive portal on Wi-Fi Mini-Physical Interface Module (SRX320, SRX340,
•
SRX345, SRX380, and SRX550HM)
Support for Annex J and G.Fast with specialized SFP (SRX380, SRX300, SRX320, SRX340,
•
and SRX345)
Security policy support for security inspection on VXLAN tunnels (SRX4100, SRX4200,
•
SRX4600, and vSRX)
AWS Key Management Service (KMS) Integration support (vSRX 3.0)
•
IN FOCUS GUIDE
Use this new guide to quickly learn about the most important Junos OS features and how
•
you can deploy them in your network.
Day One+
Use this new setup tool to get your Junos OS up and running in three quick steps.
•
Release Notes: Junos®OS Release 20.4R1 for
the ACX Series, cRPD, cSRX, EX Series, JRR
Series, Juniper Secure Connect, Junos Fusion,
MX Series, NFX Series, PTX Series, QFX Series,
SRX Series, vMX, vRR, and vSRX
1
4 March 2021
Contents
Introduction | 15
Junos OS Release Notes for ACX Series | 15
What's New | 16
Hardware | 17
High Availability (HA) and Resiliency | 20
Junos Telemetry Interface | 20
Routing Protocols | 21
Timing and Synchronization | 21
What's Changed | 22
General Routing | 22
MPLS | 23
Network Management and Monitoring | 23
Routing Protocols | 23
User Interface and Configuration | 23
Known Limitations | 24
General Routing | 24
Timing and Synchronization | 24
Open Issues | 26
Class of Service (CoS) | 26
General Routing | 26
Platform and Infrastructure | 27
VPNs | 27
Resolved Issues | 28
Forwarding and Sampling | 28
General Routing | 28
Interfaces and Chassis | 31
Layer 2 Features | 31
Routing Protocols | 31
Documentation Updates | 31
Migration, Upgrade, and Downgrade Instructions | 32
Upgrade and Downgrade Support Policy for Junos OS Releases | 32
2
Junos OS Release Notes for cRPD | 33
What’s New | 33
Platform and Infrastructure | 34
What's Changed | 34
Junos Telemetry Interface | 35
Known Limitations | 35
Open Issues | 35
Resolved Issues | 35
Routing Policy and Firewall Filters | 36
Junos OS Release Notes for cSRX | 36
What’s New | 36
What's Changed | 36
Platform and Infrastructure | 37
Known Limitations | 37
Open Issues | 38
Resolved Issues | 38
Junos OS Release Notes for EX Series | 38
What's New | 39
Authentication, Authrorization, and Accounting | 39
EVPN | 39
Interfaces and Chassis | 42
Junos OS XML, API, and Scripting | 42
Network Management and Monitoring | 43
Routing Protocols | 43
Software Installation and Upgrade | 44
Subscriber Management and Services | 45
What's Changed | 45
MPLS | 47
Network Management and Monitoring | 47
Platform and Infrastructure | 47
User Interface and Configuration | 47
Known Limitations | 48
EVPN | 48
Platform and Infrastructure | 48
3
Open Issues | 49
Infrastructure | 50
Juniper Extension Toolkit (JET) | 50
Platform and Infrastructure | 50
Routing Policy and Firewall Filters | 51
Routing Protocols | 51
User Interface and Configuration | 52
Resolved Issues | 52
Authentication and Access Control | 53
EVPN | 53
Infrastructure | 53
Layer 2 Features | 53
Network Management and Monitoring | 53
Platform and Infrastructure | 53
Routing Protocols | 54
User Interface and Configuration | 55
Virtual Chassis | 55
Documentation Updates | 55
Migration, Upgrade, and Downgrade Instructions | 56
Upgrade and Downgrade Support Policy for Junos OS Releases | 56
Junos OS Release Notes for JRR Series | 57
What's New | 57
Routing Protocols | 58
What's Changed | 58
Known Limitations | 59
Routing Protocols | 59
Open Issues | 60
Resolved Issues | 60
Resolved Issues: 20.4R1 Release | 60
Documentation Updates | 61
Migration, Upgrade, and Downgrade Instructions | 61
Upgrade and Downgrade Support Policy for Junos OS Releases | 62
Junos OS Release Notes for Juniper Secure Connect | 63
What’s New | 63
4
What's Changed | 63
Known Limitations | 63
Open Issues | 64
Juniper Secure Connect Client | 64
Resolved Issues | 64
Junos OS Release Notes for Junos Fusion for Enterprise | 64
What’s New | 65
What's Changed | 65
Known Limitations | 66
Open Issues | 66
Resolved Issues | 67
Resolved Issues: Release 20.4R1 | 67
Documentation Updates | 68
Migration, Upgrade, and Downgrade Instructions | 68
Basic Procedure for Upgrading Junos OS on an Aggregation Device | 68
Upgrading an Aggregation Device with Redundant Routing Engines | 70
Preparing the Switch for Satellite Device Conversion | 71
Converting a Satellite Device to a Standalone Switch | 72
Upgrade and Downgrade Support Policy for Junos OS Releases | 72
Downgrading Junos OS | 73
Junos OS Release Notes for Junos Fusion for Provider Edge | 74
What's New | 74
Hardware | 75
What's Changed | 75
Known Limitations | 76
Open Issues | 76
Resolved Issues | 77
Documentation Updates | 77
Migration, Upgrade, and Downgrade Instructions | 78
Basic Procedure for Upgrading an Aggregation Device | 78
Upgrading an Aggregation Device with Redundant Routing Engines | 81
Preparing the Switch for Satellite Device Conversion | 81
Converting a Satellite Device to a Standalone Device | 83
Upgrading an Aggregation Device | 85
5
Upgrade and Downgrade Support Policy for Junos OS Releases | 85
Downgrading from Junos OS Release 20.1 | 86
Junos OS Release Notes for MX Series | 86
What's New | 87
Hardware | 88
EVPN | 90
High Availability (HA) and Resiliency | 91
Interfaces and Chassis | 92
Juniper Extension Toolkit (JET) | 92
Junos OS, XML, API, and Scripting | 93
Junos Telemetry Interface | 93
MPLS | 95
Network Management and Monitoring | 96
Routing Policy and Firewall Filters | 97
Routing Protocols | 97
Services Applications | 99
Software Defined Networking | 99
Software Installation and Upgrade | 101
Software Licensing | 101
Subscriber Management and Services | 101
System Management | 102
System Logging | 103
What's Changed | 103
Class of Service (CoS) | 105
EVPN | 105
General Routing | 105
Interfaces and Chassis | 106
Infrastructure | 107
J-Web | 107
MPLS | 108
Network Management and Monitoring | 108
User Interface and Configuration | 108
Known Limitations | 109
General Routing | 109
6
Interfaces and Chassis | 109
MPLS | 110
Network Management and Monitoring | 110
Open Issues | 110
Class of Service (CoS) | 111
EVPN | 111
Forwarding and Sampling | 111
General Routing | 111
Infrastructure | 114
Interfaces and Chassis | 114
Juniper Extension Toolkit (JET) | 114
Layer 2 Ethernet Services | 114
MPLS | 114
Platform and Infrastructure | 115
Routing Policy and Firewall Filters | 115
Routing Protocols | 115
User Interface and Configuration | 116
VPNs | 116
Resolved Issues | 117
EVPN | 118
Forwarding and Sampling | 118
General Routing | 119
Infrastructure | 125
Interfaces and Chassis | 125
Intrusion Detection and Prevention (IDP) | 126
Juniper Extension Toolkit (JET) | 126
J-Web | 126
Layer 2 Ethernet Services | 126
Layer 2 Features | 127
MPLS | 127
Network Address Translation (NAT) | 128
Network Management and Monitoring | 128
7
Platform and Infrastructure | 128
Routing Policy and Firewall Filters | 129
Routing Protocols | 129
Services Applications | 131
Subscriber Access Management | 131
User Interface and Configuration | 131
VPNs | 131
Documentation Updates | 132
Migration, Upgrade, and Downgrade Instructions | 132
Basic Procedure for Upgrading to Release 20.4R1 | 133
Procedure to Upgrade to FreeBSD 11.x-Based Junos OS | 133
Procedure to Upgrade to FreeBSD 6.x-Based Junos OS | 136
Upgrade and Downgrade Support Policy for Junos OS Releases | 138
Upgrading a Router with Redundant Routing Engines | 138
Downgrading from Release 20.4R1 | 139
Junos OS Release Notes for NFX Series | 139
What’s New | 140
Application Security | 140
High Availability | 142
Flow-Based and Packet-Based Processing | 142
Logical Systems and Tenant Systems | 142
Routing Protocols | 142
Security | 143
What's Changed | 143
Junos OS XML API and Scripting | 144
Known Limitations | 144
Interfaces | 145
Open Issues | 145
Interfaces | 146
Platform and Infrastructure | 146
Virtual Network Functions (VNFs) | 146
Resolved Issues | 146
High Availability | 147
Interfaces | 147
8
Platform and Infrastructure | 147
Documentation Updates | 147
Migration, Upgrade, and Downgrade Instructions | 148
Upgrade and Downgrade Support Policy for Junos OS Releases | 148
Basic Procedure for Upgrading to Release 20.4 | 149
Junos OS Release Notes for PTX Series | 150
What's New | 151
Junos OS XML, API, and Scripting | 151
Junos Telemetry Interface | 152
MPLS | 154
Network Management and Monitoring | 155
Routing Policy and Firewall Filters | 155
Routing Protocols | 156
Software Installation and Upgrade | 158
System Logging | 158
What's Changed | 159
Class of Service (CoS) | 159
General Routing | 159
MPLS | 160
Network Management and Monitoring | 160
User Interface and Configuration | 160
Known Limitations | 161
General Routing | 161
Routing Protocols | 161
Open Issues | 162
General Routing | 162
Layer 2 Ethernet Services | 164
MPLS | 164
Platform and Infrastructure | 164
Routing Protocols | 164
Resolved Issues | 165
General Routing | 165
Infrastructure | 166
Interfaces and Chassis | 166
9
MPLS | 166
Network Management and Monitoring | 166
Routing Protocols | 167
Documentation Updates | 167
Migration, Upgrade, and Downgrade Instructions | 168
Basic Procedure for Upgrading to Release 20.4 | 168
Upgrade and Downgrade Support Policy for Junos OS Releases | 171
Upgrading a Router with Redundant Routing Engines | 171
Junos OS Release Notes for the QFX Series | 172
What's New | 172
Hardware | 173
Class of Service (CoS) | 187
EVPN | 188
Flow-Based and Packet-Based Processing | 191
High Availability (HA) and Resiliency | 194
Interfaces and Chassis | 194
IP Tunneling | 194
Juniper Extension Toolkit | 194
Junos OS XML, API, and Scripting | 195
Junos Telemetry Interface | 195
Network Management and Monitoring | 195
Platform and Infrastructure | 197
Routing Policy and Firewall Filters | 197
Routing Protocols | 198
Software Defined Networking (SDN) | 199
Software Installation and Upgrade | 200
System Management | 201
System Logging | 201
What's Changed | 202
Class of Service (CoS) | 202
General Routing | 202
MPLS | 203
Network Management and Monitoring | 203
User Interface and Configuration | 203
10
Known Limitations | 204
General Routing | 204
Layer 2 Features | 206
Routing Protocols | 206
Open Issues | 207
EVPN | 208
General Routing | 208
High Availability (HA) and Resiliency | 210
Layer 2 Ethernet Services | 210
Layer 2 Features | 210
Platform and Infrastructure | 210
Routing Policy and Firewall Filters | 211
Routing Protocols | 211
Virtual Chassis | 211
Resolved Issues | 212
Resolved Issues: 20.4R1 Release | 212
Documentation Updates | 216
Migration, Upgrade, and Downgrade Instructions | 217
Upgrading Software on QFX Series Switches | 217
Installing the Software on QFX10002-60C Switches | 220
Installing the Software on QFX10002 Switches | 220
Upgrading Software from Junos OS Release 15.1X53-D3X to Junos OS Release
15.1X53-D60, 15.1X53-D61.7, 15.1X53-D62, and 15.1X53-D63 on QFX10008 and
QFX10016 Switches | 221
Installing the Software on QFX10008 and QFX10016 Switches | 223
Performing a Unified ISSU | 227
Preparing the Switch for Software Installation | 228
Upgrading the Software Using Unified ISSU | 228
Upgrade and Downgrade Support Policy for Junos OS Releases | 230
Junos OS Release Notes for SRX Series | 231
What’s New | 232
Application Layer Gateways (ALGs) | 233
Application Security | 233
ATP Cloud | 234
11
Authentication and Access Control | 235
Chassis Clustering | 235
Flow-Based and Packet-Based Processing | 237
Interfaces and Chassis | 238
Intrusion Detection and Prevention | 239
Juniper Extension Toolkit (JET) | 240
Junos OS XML and API Scripting | 241
J-Web | 241
Layer 2 Features | 243
Logical Systems and Tenant Systems | 243
Multinode High Availability | 243
Network Management and Monitoring | 244
Securing GTP and SCTP Traffic | 245
Security | 246
Unified Threat Management (UTM) | 247
VPNs | 247
What's Changed | 248
Class of Service (CoS) | 249
Flow-Based and Packet-Based Processing | 249
Intrusion Detection and Prevention (IDP) | 250
Interfaces and Chassis | 250
J-Web | 250
Network Address Translation (NAT) | 251
Network Management and Monitoring | 251
Platform and Infrastructure | 251
Securing GTP and SCTP Traffic | 251
User Interface and Configuration | 252
VPNs | 252
Known Limitations | 253
Class of Service (CoS) | 254
Flow-Based and Packet-Based Processing | 254
J-Web | 254
VPNs | 255
Open Issues | 255
Flow-Based Packet-Based Processing | 256
12
Interfaces and Chassis | 256
J-Web | 256
Protocols | 256
Routing Policy and Firewall Filters | 256
VPNs | 257
Resolved Issues | 257
Application Layer Gateways (ALGs) | 258
Flow-Based and Packet-Based Processing | 258
Interfaces and Chassis | 259
Intrusion Detection and Prevention (IDP) | 259
J-Web | 259
Layer 2 Ethernet Services | 260
Network Address Translation (NAT) | 260
Platform and Infrastructure | 260
Routing Policy and Firewall Filters | 260
Routing Protocols | 261
Subscriber Access Management | 261
Unified Threat Management (UTM) | 261
VPNs | 261
Documentation Updates | 261
Migration, Upgrade, and Downgrade Instructions | 262
Upgrade and Downgrade Support Policy for Junos OS Releases and Extended End-Of-Life
Releases | 262
Junos OS Release Notes for vMX | 263
What’s New | 264
EVPN | 264
Juniper Extension Toolkit (JET) | 264
Junos OS XML ,API, and Scripting | 265
Network Management and Monitoring | 265
Routing Protocols | 266
What's Changed | 266
Licensing | 267
Known Limitations | 267
Open Issues | 267
13
Resolved Issues | 267
Interfaces and Chassis | 267
Network Management and Monitoring | 268
Licensing | 268
Upgrade Instructions | 268
Junos OS Release Notes for vRR | 269
What’s New | 269
Routing Protocols | 270
What's Changed | 270
Known Limitations | 270
Open Issues | 270
Resolved Issues | 271
Junos OS Release Notes for vSRX | 271
What’s New | 271
ATP Cloud | 272
Flow-Based Packet-Based Processing | 272
High Availability | 273
Juniper Extension Toolkit (JET) | 273
Junos OS XML ,API, and Scripting | 274
Network Management and Monitoring | 274
Platform and Infrastructure | 275
Routing Protocols | 275
VPNs | 275
What's Changed | 275
Platform and Infrastructure | 276
Known Limitations | 276
Open Issues | 276
J-Web | 277
Platform and Infrastructure | 277
Resolved Issues | 277
Application Security | 277
Chassis Clustering | 278
CLI | 278
Flow-Based and Packet-Based Processing | 278
14
Install and Upgrade | 278
Interfaces and Chassis | 278
Intrusion Detection and Prevention (IDP) | 278
Platform and Infrastructure | 279
Routing Policy and Firewall Filters | 279
User Access and Authentication | 279
VPNs | 279
Migration, Upgrade, and Downgrade Instructions | 279
Upgrading Software Packages | 281
Validating the OVA Image | 286
Upgrading Using ISSU | 286
Licensing | 287
Compliance Advisor | 287
Finding More Information | 287
Documentation Feedback | 288
Requesting Technical Support | 288
Self-Help Online Tools and Resources | 289
Creating a Service Request with JTAC | 289
Revision History | 290
Introduction
Junos OS runs on the following Juniper Networks®products: ACX Series, cRPD, cSRX, EX Series, JRR
Series, Juniper Secure Connect, Junos Fusion Enterprise, Junos Fusion Provider Edge, MX Series, NFX
Series, PTX Series, QFX Series, SRX Series, vMX, vRR, and vSRX.
These release notes accompany Junos OS Release 20.4R1 for the ACX Series, Containerized Routing
Protocol Process (cRPD), cSRX Container Firewall (cSRX), EX Series, JRR Series, Juniper Secure Connect,
Junos Fusion Enterprise, Junos Fusion Provider Edge, MX Series, NFX Series, PTX Series, QFX Series, SRX
Series, virtual MX Series router (vMX), Virtual Route Reflector (vRR), and vSRX Virtual Firewall (vSRX).
They describe new and changed features, limitations, and known and resolved problems in the hardware
and software.
In Focus guide—We have a document called In Focus that provides details on the most important features
•
for the release in one place. We hope this document will quickly get you to the latest information about
Junos OS features. Let us know if you find this information useful by sending an e-mail to
techpubs-comments@juniper.net.
15
Important Information:
•
Upgrading Using ISSU on page 286
•
Licensing on page 287
•
Compliance Advisor on page 287
•
Finding More Information on page 287
•
Documentation Feedback on page 288
•
Requesting Technical Support on page 288
•
Junos OS Release Notes for ACX Series
IN THIS SECTION
What's New | 16
What's Changed | 22
Known Limitations | 24
Open Issues | 26
Resolved Issues | 28
Documentation Updates | 31
Migration, Upgrade, and Downgrade Instructions | 32
These release notes accompany Junos OS Release 20.4R1 for the ACX Series. They describe new and
changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/product/en_US/junos-os.
What's New
16
IN THIS SECTION
Hardware | 17
High Availability (HA) and Resiliency | 20
Junos Telemetry Interface | 20
Routing Protocols | 21
Timing and Synchronization | 21
This section describes the new features or enhancements to existing features in Junos OS Release 20.4R1
for the ACX Series.
Hardware
17
We've added the following features to the ACX5448 in Junos OS Release 20.4R1.
•
Table 1: Features Supported by the ACX5448 Routers
DescriptionFeature
18
Authentication, Authorization and
Accounting
Automation
Class of service (CoS)
Ethernet OAM
Support for 802.1X authentication on Layer 3 interfaces. 802.1X is an
•
IEEE standard for port-based network access control that authenticates
users connected to a LAN port. [See 802.1X Authentication.]
Support for either WAN interfaces or management interfaces to
•
automatically download and install the appropriate software and the
configuration file on your device during the ZTP bootstrap process.
[See Zero Touch Provisioning.]
Support for up to three levels of hierarchical scheduling (physical
•
interfaces, logical interfaces, and queues). Configurable buffer support
is also added. By default, all interfaces on the ACX5448 use port-based
scheduling (eight queues per physical port). To enable hierarchical
scheduling, set the hierarchical-scheduler statement at the [edit
interfaces interface-name] hierarchy level. [See Hierarchical Class of
Service in ACX Series Routers.]
Support for Ethernet OAM CFM. You can now synchronize
•
local-interface status between two connected devices with remote
interface up/down trigger with OAM CFM. CFM provides end-to-end
signals even if the two devices are not directly connected. [See
Introduction to OAM Connectivity Fault Management (CFM).]
EVPN
Layer 2 features
Layer 3 features
Support for EVPNs and Interfaces. In EVPN-MPLS and MC-LAG
•
environments, the configuration of anycast gateways on ACX5448
routers that are multihomed in all-active mode is supported. [See
Anycast Gateways.]
Support for pseudowire redundancy in MC-LAG. ACX5448 routers
•
support pseudowire redundant Layer 2 circuits in MC-LAG routers.
VPLS is not supported. [See Understanding Pseudowire Redundancy
Mobile Backhaul Scenarios.]
Support for Layer 3 VPN in MC-LAG chassis. ACX5448 routers support
•
Layer 3 VPN in VRRP over IRB interfaces in MC-LAG routers. Layer
3 routing and Layer 3 VPN are not directly supported on the MC-LAG
interfaces. [See Understanding VRRP and Understanding Layer 3
VPNs.]
Table 1: Features Supported by the ACX5448 Routers (continued)
DescriptionFeature
19
Network Security
Software installation and upgrade
Timing and synchronization
Support for control plane DDoS protection, which is enabled by default
•
on ACX5448 routers for many Layer 2 and Layer 3 protocols. Control
Plane DDoS protection uses firewall filters and policers to discard or
rate-limit control plane traffic at the Routing Engine level, which
prevents malicious traffic from interfering with device operations. You
can disable this feature or change the default policer parameters for
supported protocol groups. [See Control Plane Distributed
Denial-of-Service (DDoS) Protection Overview]
Support for the ACX5448-M-LT, a top-of-rack router that supports
•
only Junos Limited image. The Junos Limited image does not have
data-plane encryption and is intended only for countries in the Eurasian
Customs Union because these countries have import restrictions on
software containing data-plane encryption. Unlike the JunosWorldwide
image, the Junos Limited image supports control plane encryption
through Secure Shell (SSH) and Secure Sockets Layer (SSL), thus
allowing secure management of the system. [See ACX5448 System
Overview.]
Support for Precision Time Protocol (PTP) G.8275.2 enhanced profile
•
with PTP over IPv4 and IPv6 unicast traffic. [See Understanding the
PTP G.8275.2 Enhanced Profile (Telecom Profile).]
Support for SFP-1GE-LH-ET transceivers (ACX1100 and ACX2100)—Starting in Junos OS Release
•
20.4R1, the ACX1100 and ACX2100 Universal Metro Routers support the SFP-1GE-LH-ET transceivers.
[See the Hardware Compatibility Tool (HCT) for details.]
Support for SFP-GE80KT14R15 and SFP-GE80KT15R14 transceivers (ACX5448, ACX5448-D, and
•
ACX5448-M)—Starting in Junos OS Release 20.4R1, the ACX5448, ACX5448-D, and ACX5448-M
Universal Metro Routers support the SFP-GE80KT14R15 and SFP-GE80KT15R14 transceivers.
[See the Hardware Compatibility Tool (HCT) for details.]
Support for SFPP-10GE-DWDM-IT transceivers (ACX5448, ACX5448-D, and ACX5448-M)—Starting
•
in Junos OS Release 20.4R1, the ACX5448, ACX5448-D, and ACX5448-M Universal Metro Routers
support the SFPP-10GE-DWDM-IT transceivers.
[See the Hardware Compatibility Tool (HCT) for details.]
High Availability (HA) and Resiliency
NSR support for IS-IS with SR (ACX Series, MX Series)—Starting in Junos OS Release 20.4R1, ACX Series
•
devices support NSR for IS-IS with segment routing (SR). To use NSR, you must first enable GRES on
your device.
[See Nonstop Active Routing Concepts]
Junos Telemetry Interface
•
JTI support for persistent active gRPC sessions between collector and server during an SSL certificate
update (ACX Series, MX Series, and PTX Series)—Junos OS Release 20.4R1 supports persistent active
remote procedure call (gRPC) sessions between the collector (client) and server during an SSL certificate
update.
For secure channel authentication, the TLS protocol is used to maintain a secure channel between the
collector and the server. TLS uses the server certificate and the client certificate to authenticate each
other and send encrypted messages over the network. When an SSL certificate is updated, existing gRPC
sessions are abruptly terminated, forcing the collector to initiate a new gRPC connection and subscribe
to sensors again.
20
To avoid this problem, you can enable persistent active gRPC sessions by configuring hot-reloading at
the [edit system services extension-service request-response grpc ssl] hierarchy level. After you enable
this feature, gRPC sessions will remain active even when authentication certificates are updated.
After the certificate is updated, any new gRPC session will use the updated certificate.
[See gRPC Services for Junos Telemetry Interface and ssl.]
•
Juniper Resiliency Interface for exception reporting and null route detection (ACX Series, PTX Series,
and MX Series)—Starting in Junos OS Release 20.4R1, you can use Juniper Resiliency Interface to detect
and reduce Mean Time to Repair (MTTR) first-order network issues. Juniper Resiliency Interface uses a
push model for data reporting from the entities in the system which encounter packet drops. This
automates the workflow for detecting, reporting, and mitigating adverse exceptions.
To collect kernel routing table and routing protocol process exceptions, configure the set system resiliency
exceptions statement at the [edit] hierarchy level to specify exception reporting based on kernel
exceptions, and routing exceptions.
You can display exceptions from a remote collector by means of remote procedure call (gRPC) services
or gRPC network management interface (gNMI) services. Display on-box exceptions by accessing the
/var/log file or the database at /var/db/ResiliencyExceptions.db. No Junos operational mode commands
display these exceptions.
Routing Protocols
Support for multiple single-hop EBGP sessions on different links using the same IPv6 link-local address
•
(ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series, vMX, and vSRX)—Starting in
Junos OS Release 20.4R1, you are no longer required to have unique peer addresses for Juniper devices
for every EBGP session. You can now enable single-hop EBGP sessions on different links over multiple
directly connected peers that use the same IPv6 link-local address.
In earlier Junos OS Releases, BGP peers could be configured with link-local addresses, but multiple BGP
peers could not be configured to use the same link-local address on different interfaces.
[See Configure Multiple Single-Hop EBGP Sessions on Different Links Using the Same Link-Local Address
(IPv6).]
Timing and Synchronization
Support for PTP G.8275.2 profile (ACX710)—Starting in Junos OS Release 20.4R1, we support the
•
Precision Time Protocol (PTP) G.8275.2 profile with node type T-BC-P (BC).
21
You can use the [edit protocols ptp profile-type g.8275.2 ] hierarchy level to configure the G.8275.2
profile.
[See Understanding the Time Management Administration Guide and profile-type.]
SEE ALSO
What's Changed | 22
Known Limitations | 24
Open Issues | 26
Resolved Issues | 28
Documentation Updates | 31
Migration, Upgrade, and Downgrade Instructions | 32
What's Changed
IN THIS SECTION
General Routing | 22
MPLS | 23
Network Management and Monitoring | 23
Routing Protocols | 23
User Interface and Configuration | 23
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS
statements and commands in Junos OS Release 20.4R1 for the ACX Series routers.
22
General Routing
Support for unicast ARP request on table entry expiration—You can configure the device to send a
•
unicast ARP request instead of the default broadcast request when an ARP table entry is about to expire.
The retry requests are unicast at intervals of 5 seconds. Without this option, the retry requests are
broadcast at intervals of 800 milliseconds. This behavior reduces ARP overall broadcast traffic. It also
supports the use case where access nodes are configured not to forward broadcast ARP requests toward
customer CPEs for security reasons and instead translate ARP broadcasts to unicast requests. To confirm
whether this is configured, you can issue the following command: show configuration system arp | grep
unicast-mode-on-expire.
[See arp.]
Support for gigether-options statement (ACX5048, ACX5096)—Junos OS supports the gigether-options
•
statement at the edit interfaces interface-name hierarchy on the ACX5048 and ACX5096 routers.
Previously, support for the gigether-statement was deprecated. See gigether-options and
MPLS
The show mpls lsp extensivel and show mpls lsp detail commands display next-hop gateway LSPid —
•
When you use the show mpls lsp extensivel and show mpls lsp detail commands, you'll see next-hop
gateway LSPid in the output.
Network Management and Monitoring
Warning changed for configuration statements that correspond to "deviate not-supported" nodes in
•
YANG data models (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—If you
configure a statement corresponding to a YANG data model node that defines the deviate not-supported
statement, the Junos OS configuration annotates that statement with the comment Warning: statement
ignored: unsupported platform. In earlier releases, the warning is Warning: 'statement' is deprecated.
Routing Protocols
23
Inet6 is disabled in VT interface (ACX5448)—Starting in this release, the inet6 statement at the edit
•
interfaces vt-interface-number unit unit-number family hierarchy level is disabled.
User Interface and Configuration
Verbose format option to export JSON configuration data (ACX Series, EX Series, MX Series, PTX
•
Series, QFX Series, and SRX Series)—The Junos OS CLI exposes the verbose statement at the edit system
export-format json hierarchy level. The default format to export configuration data in JSON changed
from verbose format to ietf format starting in Junos OS Release 16.1R1. You can explicitly specify the
default export format for JSON configuration data by configuring the appropriate statement at the edit
system export-format json hierarchy level. Although the verbose statement is exposed in the Junos OS
CLI as of the current release, you can configure this statement starting in Junos OS Release 16.1R1.
[See export-format.]
SEE ALSO
What's New | 16
Known Limitations | 24
Open Issues | 26
Resolved Issues | 28
Documentation Updates | 31
Migration, Upgrade, and Downgrade Instructions | 32
Known Limitations
IN THIS SECTION
General Routing | 24
Timing and Synchronization | 24
Learn about known limitations in this release for the ACX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
General Routing
24
On the ACX710 router, Servo moves to the Holdover-in/Holdover-out/Acq state from the Phase-aligned
•
state with impairment. PR1550367
On the ACX710 router, PTP with Vlan-id-range does not work for specific VLANs. PR1550482
•
On the ACX710 router, the holdover error HOLDOVER OUT OF SPEC does not reset during the Servo
•
state change. PR1556798
Timing and Synchronization
On the ACX5448 router, the two-way time error and CTE for 1 PPS does not meet the class A metrics.
•
PR1535434
On the ACX5448-M router, the 1 PPS CTE does not meet the class A performance in 1-Gigabits interface.
•
PR1542744
On the ACX5448 router, due to BRCM KBP issue route lookup might fail. PR1533557
•
On the ACX5448 router, ping stops working even though the ARP entry is present during continuous
•
script executions. PR1533513
On the ACX710 router, T1 or T4 cTE should be tuned closer to two-way CTE. PR1527347
•
On the ACX710 router, huge offset is observed initially with ACQ and holdover inspec and outspec
•
conditions. PR1534470
On the ACX710 router, the incremental PTP FPGA upgrades do not bundle along with the regular image
•
upgrades. PR1540799
On the ACX710 router, changing the PTP profile type from g.8275.1 to g.8275.2 requires the Packet
•
Forwarding Engine to reboot and the clksyncd process to restart. As a workaround, you must reboot
the Packet Forwarding Engine and restart the clocking process before you change the profile. PR1546614
On the ACX710 router, the Servo transition is incorrect after chassis restart. PR1550270
•
On the ACX710 router, the delay-asymmetry compensation update does not work at CLI with the
•
G.8275.2 profile. PR1550441
On the ACX710 router, the PTP Servo status shows holdover during transition between virtual port and
•
PTP. PR1510880
On the ACX710 router, if the client clock candidate is configured with a virtual port, the clock class is
•
on T-BC. PR1520204
On the ACX710 router, the SyncE to 1PPS transient test results do not meet G.8273.2 SyncE to 1PPS
•
transient metric. PR1522796
On the ACX710 router, the clock parameters are incorrect in certain scenarios when the Servo is in the
•
FREERUN state. PR1548192
25
On the ACX710 router, the PTP Servo takes longer time to lock after the clksyncd process restarts.
•
PR1549952
On the ACX710 router, the show ptp global-information command does not display correct Clock Class
•
or ESMC QL details when the Servo goes to the Holdover-in state. PR1553213
On the ACX710 router, the Servo transition is incorrect during the T-GM switchover scenario. PR1553439
•
SEE ALSO
What's New | 16
What's Changed | 22
Open Issues | 26
Resolved Issues | 28
Documentation Updates | 31
Migration, Upgrade, and Downgrade Instructions | 32
Open Issues
IN THIS SECTION
Class of Service (CoS) | 26
General Routing | 26
Platform and Infrastructure | 27
VPNs | 27
Learn about open issues in this release for the ACX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
26
Class of Service (CoS)
Unexpected behavior of Class of Service is observed with the wildcard classifier. PR1559516
•
General Routing
On the ACX5448 router, latency is observed for the host-generated ICMP traffic. PR1380145
•
Tx power cannot be configured using the + sign. PR1383980
•
On the ACX710 router, alarm is not raised when booting the system with recovery snapshot. PR1517221
•
On the ACX5448 router, the BGPV6LU traffic drop is observed when the node is deployed in ingress.
•
PR1538819
On the ACX500-I router, the show services session count does not work as expected. PR1520305
•
The ARP packets from the CE device are added with VLAN tag if the VLAN-ID is configured in the EVPN
•
routing instance. PR1555679
On the ACX710 router, the global configuration of IPv4-dscp naming convention must be corrected as
•
per the stream level dscp, which is more meaningful for both the the IPv6 and IPv4 services. PR1557262
On the ACX5448 router, the unicast packets from the CE devices might be forwarded by the PE devices
•
with additional VLAN tag if IRB is used. PR1559084
On the ACX5048 router, the fxpc process generates core file on the analyzer configuration. PR1559690
•
On the ACX5448 router, the following syslog message is reported every 30 seconds;
•
ACX_DFW_CFG_FAILED: ACX Error (dfw):dnx_dfw_dyn_entry_counter_get : Entry is invalid. PR1562323
On the ACX5448 router, the transit DHCPv4 and DHCPv6 packets drop in a Layer 2 domain. PR1517420
•
On the ACX5448 router, the ISSU upgrade fails due to the Packet Forwarding Engine restart issue.
•
PR1554915
On the ACX5048 router, all the OAM sessions are not established. PR1561751
•
Even though enhanced-ip is active, the following alarm is observed during ISSU: RE0 network-service
•
mode mismatch between configuration and kernel setting. PR1546002
The ACX5448 device as TWAMP server delays the start session acknowledgment by 10 seconds.
•
PR1556829
On the ACX2100 device, laser-output-power is seen after the interface is disabled and rebooted.
•
PR1560501
Inline BFD stays down with IS-IS or Static clients. PR1561590
•
27
Platform and Infrastructure
The CFM REMOTE MEP does not come up after configuration or if the MEP remains in the Start state.
•
PR1460555
VPNs
On the ACX5448 router, the MC-AE Layer 2 circuit states are not updated instantly and for some time
•
after disabling the core interface on the MC-LAG active node, double hit in traffic is observed. PR1543408
SEE ALSO
What's New | 16
What's Changed | 22
Known Limitations | 24
Resolved Issues | 28
Documentation Updates | 31
Migration, Upgrade, and Downgrade Instructions | 32
Resolved Issues
IN THIS SECTION
Forwarding and Sampling | 28
General Routing | 28
Interfaces and Chassis | 31
Layer 2 Features | 31
Routing Protocols | 31
This section lists the issues fixed in Junos OS Release 20.4R1 for the ACX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
28
Forwarding and Sampling
VLAN-ID based firewall match conditions might not work for the VPLS service. PR1542092
•
General Routing
The gigether-options command is enabled again under the interface hierarchy. PR1430009
•
Repeated powering-off or powering-on of the device, the SMBUS transactions timeout occurs. PR1463745
•
On the ACX5048 router, the egress queue statistics do not work for the aggregated Ethernet interfaces.
•
PR1472467
On the ACX5048 router, traffic loss is observed during the unified ISSU upgrade. PR1483959
•
The following syslog error message is observed: ACX_DFW_CFG_FAILED. PR1490940
•
On the ACX5048 and ACX5096 routers, the LACP control packets might be dropped due to high CPU
•
utilization. PR1493518
On the ACX710 router, high convergence is observed with the EVPN-ELAN service in a scaled scenario
•
during FRR switchover. PR1497251
On the ACX5448 router, the EXP rewrite for the Layer 3 VPN sends all traffic with incorrect EXP.
•
PR1500928
The following error message is observed during MPLS route add, change, and delete operation: mpls_extra
•
NULL. PR1502385
Loading...