Junos OS Release 17.1R2 User Manual
Release Notes: Junos®OS Release 17.1R2 for
the ACX Series, EX Series, MX Series and PTX
Series, QFX Series, and Junos Fusion
3 September 2020
1
Contents
Introduction | 9
Junos OS Release Notes for ACX Series | 9
New and Changed Features | 10
Release 17.1R2 New and Changed Features | 10
Release 17.1R1 New and Changed Features | 10
Changes in Behavior and Syntax | 16
Interfaces and Chassis | 17
General Routing | 17
MPLS | 17
Services Applications | 17
System Management | 17
User Interface and Configuration | 17
Known Behavior | 18
Known Issues | 19
Network Address Translation (NAT) and Stateful Firewall Services | 19
Generic Routing Encapsulation | 20
Firewall | 20
Layer 2 Features | 20
MPLS | 20
SNMP | 20
Timing and Synchronization | 21
Resolved Issues | 21
Resolved Issues: 17.1R2 | 22
Resolved Issues: 17.1R1 | 22
Documentation Updates | 22
Migration, Upgrade, and Downgrade Instructions | 23
Upgrade and Downgrade Support Policy for Junos OS Releases | 23
Product Compatibility | 24
Hardware Compatibility | 24
Junos OS Release Notes for EX Series Switches | 25
New and Changed Features | 25
Release 17.1R2 New and Changed Features | 26
Release 17.1R1 New and Changed Features | 26
Changes in Behavior and Syntax | 30
High Availability (HA) and Resiliency | 31
2
MPLS | 31
Services Applications | 31
System Management | 31
User Interface and Configuration | 31
Known Behavior | 32
Known Issues | 33
Authentication, Authorization, and Accounting (AAA) (RADIUS) | 33
High Availability (HA) and Resiliency | 33
Infrastructure | 34
Interfaces and Chassis | 34
Junos Fusion Enterprise | 34
Network Management and Monitoring | 35
Platform and Infrastructure | 35
Port Security | 35
Security | 36
Virtual Chassis | 36
Resolved Issues | 36
Resolved Issues: 17.1R2 | 37
Resolved Issues: 17.1R1 | 39
Documentation Updates | 41
Migration, Upgrade, and Downgrade Instructions | 42
Upgrade and Downgrade Support Policy for Junos OS Releases | 42
Product Compatibility | 43
Hardware Compatibility | 43
Junos OS Release Notes for Junos Fusion Enterprise | 44
New and Changed Features | 44
Release 17.1R2 New and Changed Features | 45
Release 17.1R1 New and Changed Features | 45
Changes in Behavior and Syntax | 49
System Management | 50
Known Behavior | 50
Junos Fusion Enterprise | 50
Known Issues | 53
Junos Fusion Enterprise | 53
3
Resolved Issues | 55
Resolved Issues: 17.1R2 | 55
Resolved Issues: 17.1R1 | 55
Documentation Updates | 56
Migration, Upgrade, and Downgrade Instructions | 56
Basic Procedure for Upgrading Junos OS on an Aggregation Device | 57
Upgrading from Junos OS Release 16.1 to 17.1 in a JUNOS OS Fusion Enterprise
System | 59
Upgrading an Aggregation Device with Redundant Routing Engines | 60
Preparing the Switch for Satellite Device Conversion | 60
Converting a Satellite Device to a Standalone Switch | 62
Upgrade and Downgrade Support Policy for Junos OS Releases | 64
Downgrading from Release 17.1 | 64
Product Compatibility | 65
Hardware and Software Compatibility | 65
Hardware Compatibility Tool | 66
Junos OS Release Notes for Junos Fusion Provider Edge | 66
New and Changed Features | 67
Release 17.1R2 New and Changed Features | 67
Release 17.1R1 New and Changed Features | 67
Changes in Behavior and Syntax | 68
System Management | 68
Known Behavior | 69
Known Issues | 69
Junos Fusion | 70
Resolved Issues | 70
Resolved Issues: 17.1R2 | 71
Resolved Issues: 17.1R1 | 71
Documentation Updates | 71
Migration, Upgrade, and Downgrade Instructions | 72
4
Basic Procedure for Upgrading an Aggregation Device | 72
Upgrading an Aggregation Device with Redundant Routing Engines | 75
Preparing the Switch for Satellite Device Conversion | 75
Converting a Satellite Device to a Standalone Device | 76
Upgrading an Aggregation Device | 79
Upgrade and Downgrade Support Policy for Junos OS Releases | 79
Downgrading from Release 17.1 | 79
Product Compatibility | 80
Hardware Compatibility | 80
Junos OS Release Notes for MX Series 5G Universal Routing Platforms | 81
New and Changed Features | 82
Release 17.1R2 New and Changed Features | 82
Release 17.1R1 New and Changed Features | 84
Changes in Behavior and Syntax | 106
Interfaces and Chassis | 107
Junos OS XML API and Scripting | 108
LDP | 109
Management | 109
MPLS | 109
Network Management and Monitoring | 110
Operation, Administration, and Maintenance (OAM) | 111
Routing Protocols | 111
Security | 113
Services Applications | 113
Subscriber Management and Services | 114
System Management | 116
User Interface and Configuration | 116
VPNs | 116
Known Behavior | 117
Class of Service (CoS) | 118
General Routing | 118
High Availability (HA) and Resiliency | 118
Interfaces and Chassis | 118
Software Installation and Upgrade | 118
5
Subscriber Management and Services | 119
Known Issues | 120
Forwarding and Sampling | 120
General Routing | 121
High Availability (HA) and Resiliency | 125
Infrastructure | 125
Interfaces and Chassis | 125
Layer 2 Ethernet Services | 126
Layer 2 Features | 126
MPLS | 126
Network Management and Monitoring | 127
Platform and Infrastructure | 127
Routing Protocols | 128
Services Applications | 129
Subscriber Access Management | 129
User Interface and Configuration | 130
VPNs | 130
Resolved Issues | 130
Resolved Issues: 17.1R2 | 131
Resolved Issues: 17.1R1 | 140
Documentation Updates | 147
Subscriber Management Access Network Guide | 147
Subscriber Management Provisioning Guide | 148
Migration, Upgrade, and Downgrade Instructions | 148
Basic Procedure for Upgrading to Release 17.1 | 150
UProcedure to Upgrade to FreeBSD 10.x based Junos OS | 150
Procedure to Upgrade to FreeBSD 6.x based Junos OS | 152
Upgrade and Downgrade Support Policy for Junos OS Releases | 154
Upgrading a Router with Redundant Routing Engines | 155
Downgrading from Release 17.1 | 155
Product Compatibility | 156
Hardware Compatibility | 156
Junos OS Release Notes for PTX Series Packet Transport Routers | 157
New and Changed Features | 157
6
Release 17.1R2 New and Changed Features | 158
Release 17.1R1 New and Changed Features | 158
Changes in Behavior and Syntax | 167
General Routing | 168
Interfaces and Chassis | 168
Management | 168
MPLS | 169
Network Management and Monitoring | 169
Routing Protocols | 170
Services Applications | 170
System Management | 170
User Interface and Configuration | 170
Known Behavior | 171
High Availiablity (HA) and Resiliency | 171
Known Issues | 172
General Routing | 172
Interfaces and Chassis | 173
Platform and Infrastructure | 173
User Interface and Configuration | 174
Resolved Issues | 174
Resolved Issues: 17.1R2 | 175
Resolved Issues: 17.1R1 | 176
Documentation Updates | 177
Migration, Upgrade, and Downgrade Instructions | 178
Basic Procedure for Upgrading to Release 17.1 | 178
Upgrade and Downgrade Support Policy for Junos OS Releases | 181
Upgrading a Router with Redundant Routing Engines | 181
Product Compatibility | 182
Hardware Compatibility | 182
Junos OS Release Notes for the QFX Series | 183
New and Changed Features | 183
Release 17.1R2 New and Changed Features | 184
Release 17.1R1 New and Changed Features | 184
7
Changes in Behavior and Syntax | 203
MPLS | 204
Network Management and Monitoring | 204
Services Applications | 204
Software Installation and Upgrade | 204
System Management | 204
User Interface and Configuration | 205
Known Behavior | 205
Known Issues | 206
Hardware | 207
Infrastructure | 207
Layer 2 Features | 207
Network Management and Monitoring | 207
Open vSwitch Database Management Protocol (OVSDB) | 207
OpenFlow | 207
Platform and Infrastructure | 207
Routing Protocols | 208
System Management | 209
Resolved Issues | 209
Resolved Issues: 17.1R2 | 210
Resolved Issues: 17.1R1 | 212
Documentation Updates | 214
Migration, Upgrade, and Downgrade Instructions | 215
Upgrading Software on QFX Series Switches | 215
Installing the Software on QFX10002 Switches | 218
Upgrading Software from Junos OS Release 15.1X53-D3X to Junos OS Release
15.1X53-D60, 15.1X53-D61.7, 15.1X53-D62, and 15.1X53-D63 on QFX10008 and
QFX10016 Switches | 218
Installing the Software on QFX10008 and QFX10016 Switches | 220
Performing a Unified ISSU | 224
Preparing the Switch for Software Installation | 225
Upgrading the Software Using Unified ISSU | 225
8
Product Compatibility | 228
Hardware Compatibility | 228
Upgrading Using ISSU | 229
Compliance Advisor | 229
Finding More Information | 229
Requesting Technical Support | 230
Self-Help Online Tools and Resources | 230
Opening a Case with JTAC | 231
Revision History | 231
Introduction
Junos OS runs on the following Juniper Networks®hardware: ACX Series, EX Series, MX Series, PTX Series,
QFabric systems, QFX Series, SRX Series, and Junos Fusion.
These release notes accompany Junos OS Release 17.1R2 for the ACX Series, EX Series, Junos Fusion
Enterprise, Junos Fusion Provider Edge, MX Series, PTX Series, and QFX Series. They describe new and
changed features, limitations, and known and resolved problems in the hardware and software.
Junos OS Release Notes for ACX Series
IN THIS SECTION
9
New and Changed Features | 10
Changes in Behavior and Syntax | 16
Known Behavior | 18
Known Issues | 19
Resolved Issues | 21
Documentation Updates | 22
Migration, Upgrade, and Downgrade Instructions | 23
Product Compatibility | 24
These release notes accompany Junos OS Release 17.1R2 for the ACX Series. They describe new and
changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release noteson the Juniper Networks Junos OS Documentation webpage, located
at http://www.juniper.net/techpubs/software/junos/.
New and Changed Features
IN THIS SECTION
Release 17.1R2 New and Changed Features | 10
Release 17.1R1 New and Changed Features | 10
This section describes the new features and enhancements to existing features in the Junos OS main
release and the maintenance releases for ACX Series Universal Metro Routers.
Release 17.1R2 New and Changed Features
There are no new features or enhancements to existing features for ACX Series Universal Metro Routers
in Junos OS Release 17.1R2.
10
Release 17.1R1 New and Changed Features
This section describes the new features or enhancements to existing features for ACX Series Universal
Metro Routers in Junos OS Release 17.1R1.
Application Level Gateways (ALGs)
Support for Application Level Gateways (ALGs) for NAT processing (ACX500)—Starting with Junos OS
•
Release 17.1R1, ACX500 routers support basic TCP, basic UDP, DNS, FTP, ICMP, TFTP, and UNIX
Remote-Shell Services ALGs for NAT processing.
NOTE: The ALG for NAT is supported only on the ACX500 indoor routers.
[See ALGs Available by Default for Junos OS Address Aware NAT on ACX500 Router.]
Bridging
Support for DHCP option 82 over bridge domain (ACX5000)—Starting with Junos OS Release 17.1R1,
•
ACX Universal Metro Routers supports configuring DHCP option 82 over bridge domain. ACX routers
support option 82 type, length, and value (TLV) information for DHCP client messages over bridge
domain.
[See Using DHCP Relay Agent Option 82 Information.]
11
Firewall
Support for stateful firewall (ACX500)—Starting with Junos OS Release 17.1R1, ACX500 Universal
•
Metro Routers supports configuring stateful firewall rules. Contrasted with a stateless firewall that
inspects packets in isolation, a stateful firewall provides an extra layer of security by using state
information derived from past communications and other applications to make dynamic control decisions
for new communication attempts.
NOTE: The stateful firewall configuration is supported only on the ACX500 indoor routers.
[See Junos Network Secure Overview.]
Generic Routing
Support for generic routing encapsulation (GRE) (ACX Series)—Starting with Junos OS Release 17.1R1,
•
ACX Series Universal Metro Routers support configuring generic routing encapsulation (GRE). GRE
provides a private, secure path for transporting packets through an otherwise public network by
encapsulating (or tunneling) the packets inside a transport protocol known as an IP encapsulation protocol.
[See Understanding Generic Routing Encapsulation on ACX Series.]
Interfaces and Chassis
Aggregated Ethernet load-balancing support for circuit cross-connect (CCC), VPLS, bridge domain, and
•
Layer 3 VPN (ACX5000)—Starting with Junos OS Release 17.1R1, ACX5000 Universal Metro Routers
support aggregated Ethernet (AE) operation over Layer 2 circuit, Layer 3 VPN, bridge domain, CCC,
OAM, no-local-switching, and IGMP snooping. Also supported are AE class of service and firewall support
for families such as bridge domain, VPLS, CCC, MPLS, IPv4, and IPv6. The firewall support extends the
support for single-rate two-color policer and two-rate two-color policer.
[See Understanding Ethernet Link Aggregation on ACX Series Routers.]
Junos OS XML API and Scripting
Support for Python language for commit, event, op, and SNMP scripts (ACX500, ACX1000, ACX1100,
•
ACX2000, ACX2100, ACX2200, and ACX4000)—Starting in Junos OS Release 17.1R1, you can author
commit, event, op, and SNMP scripts in Python on devices that include the Python extensions package
in the software image. Creating automation scripts in Python enables you to take advantage of Python
features and libraries as well as leverage Junos PyEZ APIs to perform operational and configuration tasks
on devices running Junos OS. To enable execution of Python automation scripts, which must be owned
by either root or a user in the Junos OS super-user login class, configure the language python statement
at the [edit system scripts] hierarchy level, and configure the filename for the Python script under the
hierarchy level appropriate to that script type. Supported Python versions include Python 2.7.x.
12
[See Understanding Python Automation Scripts for Devices Running Junos OS.]
Layer 2 Features
Support for pseudowire cross-connect (ACX5000)—Starting with Junos OS Release 17.1R1, ACX5000
•
Universal Metro Routers supports pseudowire cross-connect. The pseudowire cross-connect feature
enables virtual circuit (VC) to terminate locally on a router and supports local switching of Layer 2 circuits.
Layer 2 circuits allows the creation of point-to-point Layer 2 connections over an IP and MPLS-based
network. Physical circuits with the same Layer 2 encapsulations can be connected together across such
a network.
[See Configuring Local Interface Switching in Layer 2 Circuits.]
Mirroring
Support for port mirroring (ACX5000)—Starting with Junos OS Release 17.1R1, ACX5000 Universal
•
Metro Routers supports port mirroring to mirror a copy of a packet to a configured destination, in addition
to the normal processing and forwarding of the packet. Port mirroring is supported on both ingress and
egress ports, using a protocol analyzer application that passes the input to mirror through a list of ports
configured through the logical interface.
[See Port, VLAN, and Flow Mirroring Overview.]
MPLS
Support for the Path Computation Element Protocol (ACX Series)—Starting with Junos OS Release
•
17.1R1, ACX Series Universal Metro Routers support the Path Computation Element Protocol (PCEP).
A Path Computation Element (PCE) is an entity (component, application, or network node) that is capable
of computing a network path or route based on a network graph and applying computational constraints.
A Path Computation Client (PCC) is any client application requesting a path computation to be performed
by a PCE. PCEP enables communications between a PCC and a PCE, or between two PCEs (defined in
RFC 5440). PCEP is a TCP-based protocol defined by the IETF PCE Working Group, and defines a set
of messages and objects used to manage PCEP sessions and to request and send paths for multidomain
traffic engineered LSPs (TE LSPs). It provides a mechanism for a PCE to perform path computation for
a PCC’s external LSPs. The PCEP interactions include LSP status reports sent by the PCC to the PCE,
and PCE updates for the external LSPs.
[See PCEP Overview.]
Network Management and Monitoring
Support for hrProcessorTable object (ACX Series)—Starting in Junos OS Release 17.1R1, support is
•
provided for the hrProcessorTable object (object id: 1.3.6.1.2.1.25.3.3) described in the RFC2790, Host
Resources MIB. The hrProcessorTable object provides the load statistics information per CPU for multi-core
devices.
13
[See SNMP MIB Explorer.]
Support for RFC 2544 reflector (ACX5000)—Starting with Junos OS Release 17.1R1, ACX5000 Universal
•
Metro Routers support the Layer 1 reflector functionality for performing RFC 2544 benchmarking tests.
The device that is configured as a reflector reflects or sends back the packets as they are received on
the pseudowire. This feature does not support any packet modification functionality. To enable your
ACX5000 router to reflect the packets back to the initiator, you can configure any unused physical port
on the router as the reflector port. Use the reflector-port statement at the [edit services rpm
rfc2544-benchmarking tests test-name] hierarchy level to configure the reflector port.
[See RFC 2544-Based Benchmarking Tests Overview.]
Operations, Administration, and Management (OAM)
SNMP support for Service OAM (SOAM) performance monitoring functions (ACX Series)—Starting with
•
Junos OS Release 17.1R1, ACX Series Universal Metro Routers SNMP support Service OAM (SOAM)
performance monitoring functions that are defined in Technical Specification MEF 17, the Service OAM
performance monitoring requirements specified in SOAM-PM, and the Service OAM management objects
specified in Technical Specification MEF 7.1.
A new enterprise-specific MIB, SOAM PM MIB, that defines the management objects for Ethernet
services operations, administration, and maintenance for performance monitoring, has been added and
SNMP support is available for the MIB objects defined in Technical Specification MEF 36.
[See Interpreting the Enterprise-Specific Service OAM MIB.]
Spanning Tree Protocols
Support for bridge protocol data unit, loop protect, and root protect (ACX Series)—Starting with Junos
•
OS Release 17.1R1, ACX Series Universal Metro Routers support configuring bridge protocol data unit
(BPDU), loop protect, and root protect on spanning-tree instance interface. You can configure BPDU
protection on individual interfaces or on all the edge ports of the bridge.
14
[See Understanding BPDU Protection for Spanning-Tree Instance Interfaces, Understanding Loop
Protection for Spanning-Tree Instance Interfaces, Understanding Root Protection for Spanning-Tree
Instance Interfaces in a Layer 2 Switched Network.]
Timing and Synchronization
Support for precision time protocol over integrated routing and bridging (ACX Series)—Starting with
•
Junos OS Release 17.1R1, ACX Series Universal Metro Routers support configuring precision time
protocol (PTP) over integrated routing and bridging (IRB). You can configure a boundary clock node with
PTP (IPv4) over IRB in a master-only mode across single or multiple IRB logical interfaces.
[See Configuring Precision Time Protocol Over Integrated Routing and Bridging.]
Support for Timing and Synchronization (ACX Series)—Starting with Junos OS Release 17.1R1, ACX
•
Universal Metro Routers support external clock synchronization and automatic clock selection for
Synchronous Ethernet, T1 or E1 line timing sources, and external inputs. The IEEE 1588v2 standard
defines the Precision Time Protocol (PTP), which is used to synchronize clocks throughout a network.
ACX Series routers support PTP ordinary clock and boundary clock features. ACX Series routers also
support PTP over Ethernet.
[See External Clock Synchronization Overview for ACX Series Routers, Automatic Clock Selection
Overview.]
Support for transparent clock (ACX5000)—Starting with Junos OS Release 17.1R1, ACX5000 Universal
•
Metro Routers support the transparent clock functionality. Transparent clocks measure packet residence
time for Precision Time Protocol (PTP) events. The packet delay variation experienced by PTP packets
can be attributed to queuing and buffering delays inside the router. ACX5000 routers support only
end-to-end transparent clock functionality as defined in the IEEE 1588 standard. The transparent clock
functionality works for both PTP over IP (PTPoIP), and PTP over Ethernet (PTPoE).
To configure the transparent clock functionality, you must include the e2e-transparent statement at the
[edit protocol ptp] hierarchy level.
Use the show ptp global-information command to check the status of the transparent clock functionality
configured on the router.
[See Understanding Transparent Clocks in Precision Time Protocol.]
Tunneling
Support for remote loop-free alternate (LFA) over LDP tunnels in IS-IS and OSPF networks
•
(ACX5000)—Starting with Junos OS Release 17.1R1, ACX5000 Universal Metro Routers support remote
LFA over LDP tunnels in an IS-IS and OSPF network. Remote LFA increases the backup coverage for
IS-IS and OSPF routes and provides protection especially for Layer 1 metro-rings. The IS-IS protocol
creates a dynamic LDP tunnel to reach the remote LFA node from the point of local repair (PLR). The
PLR uses this remote LFA backup path when the primary link fails.
[See Configuring Remote LFA Backup over LDP Tunnels in an OSPF Network, Configuring Remote LFA
Backup over LDP Tunnels in an IS-IS Network.]
Support for automatic bandwidth allocation for label-switched paths (ACX5000)—Starting with Junos
•
OS Release 17.1R1, ACX5000 Universal Metro Routers support automatic bandwidth allocation for
label-switched paths (LSPs). Automatic bandwidth allocation allows an MPLS tunnel to automatically
adjust its bandwidth allocation based on the volume of traffic flowing through the tunnel. You can
configure an LSP with minimal bandwidth, and this feature can dynamically adjust the LSP’s bandwidth
allocation based on current traffic patterns. The bandwidth adjustments do not interrupt traffic flow
through the tunnel.
15
[See Automatic Bandwidth Allocation for LSPs.]
VPLS
Mesh group support for VPLS routing (ACX5000)—Starting with Junos OS Release 17.1R1, ACX5000
•
Universal Metro Routers support mesh group configuration for VPLS routing instances. A mesh group
within the routing instance is a group of PE interface members with common forwarding attributes. The
following are the default member attributes in a mesh group:
no-local-switching—Traffic will not switch between members of the same mesh group (known-unicast,
•
multicast, broadcast, unknown-unicast).
flood-to-all-other-mesh-group—Traffic can flow from a member of one mesh group to any set of
•
members of other mesh groups.
[See Configuring Interoperability Between BGP Signaling and LDP Signaling in VPLS.]
SEE ALSO
Changes in Behavior and Syntax | 16
Known Behavior | 18
Known Issues | 19
Resolved Issues | 21
Documentation Updates | 22
Migration, Upgrade, and Downgrade Instructions | 23
Product Compatibility | 24
Changes in Behavior and Syntax
IN THIS SECTION
Interfaces and Chassis | 17
General Routing | 17
16
MPLS | 17
Services Applications | 17
System Management | 17
User Interface and Configuration | 17
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS
statements and commands from Junos OS Release 17.1R2 for the ACX Series.
Interfaces and Chassis
Support for logical interfaces (ACX5048 and ACX5096)—ACX5048 and ACX5096 routers do not support
•
configuring more than 1000 logical interfaces.
General Routing
For the routing command, starting in Junos 15.1F3, 15.1R2, 15.1R3, and 15.2R1, 64-bit mode is enabled
•
by default on systems that support it and that have at least 16 GB of RAM.
MPLS
•
Representation for OSPF DR node—Up until version -10 of the BGP-LS draft, the OSPF DR node
representation was ambiguous. One could represent DR node as 'AdvertisingRouterId-InterfaceIpAddress'
or 'InterfaceIpAddress-1'. Junos OS used to follow 'InterfaceIpAddress-1' format. Starting with version
'-11' of the BGP-LS draft, the representation for OSPF DR node must be
'AdvertisingRouterId-InterfaceIpaddress'. Junos OS now follows the latest format.
17
Services Applications
Device discovery with device-initiated connection (ACX Series)—In Junos OS Release 17.1R1 and later
•
releases, when you configure statements and options under the [system services ssh] hierarchy and
commit the configuration, make sure that the system reaches a stable state before you commit any
outbound-ssh configurations.
You use the device discovery feature in the Devices workspace to add devices to Junos Space Network
Management Platform. By default, Junos Space manages devices by initiating and maintaining a connection
to the device.
[See Device Discovery Overview.]
System Management
Peers option not supported in batch configuration mode— Starting in Junos OS Release 17.1R1, the
•
peers option at the [edit system commit] hierarchy level is not supported in batch configuration mode.
User Interface and Configuration
Integers in configuration data in JSON format are displayed without quotation marks (ACX
•
Series)—Starting in Junos OS Release 17.1R1, integers in Junos OS configuration data emitted in JavaScript
Object Notation (JSON) format are not enclosed in quotation marks. Prior to Junos OS Release 17.1,
integers in JSON configuration data were treated as strings and enclosed in quotation marks.
Changes to the show system schema module juniper-command output directory (ACX Series)—Starting
•
in Junos OS Release 17.1R1, when you issue the show system schema module juniper-command
operational command in the Junos OS CLI, the device places the generated output files in the current
working directory, which defaults to the user’s home directory. Prior to Junos OS Release 17.1R1, the
generated output files are placed in the /var/tmp directory.
SEE ALSO
New and Changed Features | 10
Known Behavior | 18
Known Issues | 19
Resolved Issues | 21
18
Documentation Updates | 22
Migration, Upgrade, and Downgrade Instructions | 23
Product Compatibility | 24
Known Behavior
There are no known limitations in Junos OS Release 17.1R2 for the ACX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
SEE ALSO
New and Changed Features | 10
Changes in Behavior and Syntax | 16
Known Issues | 19
Resolved Issues | 21
Documentation Updates | 22
Migration, Upgrade, and Downgrade Instructions | 23
Product Compatibility | 24
Known Issues
IN THIS SECTION
Network Address Translation (NAT) and Stateful Firewall Services | 19
Generic Routing Encapsulation | 20
Firewall | 20
Layer 2 Features | 20
MPLS | 20
SNMP | 20
Timing and Synchronization | 21
19
This section lists the known issues in hardware and software in Junos OS Release 17.1R2 for the ACX
Series Universal Metro Routers.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Network Address Translation (NAT) and Stateful Firewall Services
On the ACX500 routers, when service application logging is enabled at [edit services service-set
•
service-set-name syslog host host-name class] hierarchy level and when packets containing errors are
received at higher rate toward the service engine, the resource scale requirements at the service engine
cannot be met and the service processor might reboot. As a workaround, you can disable the application
logging. PR1223500
On the ACX500 routers, when there is a fast ramp-up of scaled user applications, the resource
•
requirements of the service engine cannot be met. As a workaround, you can disable the application
logging. PR1226153
Generic Routing Encapsulation
Traffic loss is seen after restarting the chassis-control when 64 gr- logical interfaces are configured. This
•
occurs when you restart the Packet Forwarding Engine (PFE) and when there are multiple gr- logical
interfaces configured. The traffic automatically resumes once all the ARP entries for the traffic are
learned. PR1228216
Firewall
On the ACX5000 line of routers, if you apply firewall filter to an interface using input-list at the [edit
•
interfaces interface-name unit unit-name family ethernet-switching filter] hierarchy level, then commit
does not happen. PR1037604
Layer 2 Features
On the ACX5000 line of routers, when you issue the show ethernet-switching table summary vlan-name
•
CLI command, an l2ald.core.0.gz core is generated. PR1042995
20
When interface flaps or process restarts occurs, the interface configured for RSTP with root protection
•
may not transit to DESG state. There is no workaround available.PR1223137
MPLS
The link protection does not work properly when auto bandwidth is configured on the ACX5000 line of
•
routers. After the interface disable has been deleted, the backup will remain active for 90 seconds. The
auto-adjustment of bandwidth does not happen at the first instance when the auto-adjustment timer
expires and the bandwidth is adjusted only at the second instance when the timer expires. PR1233761
SNMP
ACX Series routers do not have control board and when you issue the show snmp mib walk
•
jnxOperatingState CLI command, the parameter always shows online.
The following is an example of the show snmp mib walk jnxOperatingState CLI command output:
user@host> show snmp mib walk jnxOperatingState
jnxOperatingState.1.1.0.0 = 2
jnxOperatingState.6.1.0.0 = 2
jnxOperatingState.7.1.0.0 = 2
jnxOperatingState.9.1.0.0 = 2
jnxOperatingState.12.0.0.0 = 2
PR1191995
Timing and Synchronization
When you run the restart clksyncd-service CLI command, incorrect correction field values are seen
•
when transparent clock is INACTIVE. This does not have any functional impact. PR1067583
When interface flaps or process restarts occurs, the interface configured for RSTP with root protection
•
may not transit to DESG state. There is no workaround available.PR1223137
SEE ALSO
New and Changed Features | 10
Changes in Behavior and Syntax | 16
Known Behavior | 18
21
Resolved Issues | 21
Documentation Updates | 22
Migration, Upgrade, and Downgrade Instructions | 23
Product Compatibility | 24
Resolved Issues
IN THIS SECTION
Resolved Issues: 17.1R2 | 22
Resolved Issues: 17.1R1 | 22
This section lists the issues fixed in the Junos OS main release and the maintenance releases.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Resolved Issues: 17.1R2
General Routing
The SNMP MIB walk for jnxOperatingState incorrectly shows the CB status as down. PR1191995
•
10-Gigabit Ethernet interface fault detection behavior changed. PR1223457
•
Resolved Issues: 17.1R1
There are no fixed issues in Junos OS 17.1R1 for ACX Series.
SEE ALSO
New and Changed Features | 10
Changes in Behavior and Syntax | 16
22
Known Behavior | 18
Known Issues | 19
Documentation Updates | 22
Migration, Upgrade, and Downgrade Instructions | 23
Product Compatibility | 24
Documentation Updates
There are no errata or changes in Junos OS Release 17.1R2 for the ACX Series documentation.
SEE ALSO
New and Changed Features | 10
Changes in Behavior and Syntax | 16
Known Behavior | 18
Known Issues | 19
Resolved Issues | 21
Migration, Upgrade, and Downgrade Instructions | 23
Product Compatibility | 24
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
Upgrade and Downgrade Support Policy for Junos OS Releases | 23
This section contains the upgrade and downgrade support policy for Junos OS for the ACX Series Universal
Metro Routers. Upgrading or downgrading Junos OS might take several hours, depending on the size and
configuration of the network.
For information about software installation and upgrade, see the Installation and Upgrade Guide.
Upgrade and Downgrade Support Policy for Junos OS Releases
23
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not
provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the
next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently
installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 15.1,
16.1 and 16.2 are EEOL releases. You can upgrade from Junos OS Release 15.1 to Release 16.1 or even
from Junos OS Release 15.1 to Release 16.2. However, you cannot upgrade directly from a non-EEOL
release that is more than three releases ahead or behind.
To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after,
first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your
target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html.
SEE ALSO
New and Changed Features | 10
Changes in Behavior and Syntax | 16
Known Behavior | 18
Known Issues | 19
Resolved Issues | 21
Documentation Updates | 22
Product Compatibility | 24
Product Compatibility
IN THIS SECTION
Hardware Compatibility | 24
Hardware Compatibility
24
To obtain information about the components that are supported on the devices, and the special compatibility
guidelines with the release, see the Hardware Guide for the product.
To determine the features supported on ACX Series routers in this release, use the Juniper Networks
Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature
information to find the right software release and hardware platform for your network. Find Feature
Explorer at https://pathfinder.juniper.net/feature-explorer/.
Hardware Compatibility Tool
For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms,
see the Hardware Compatibility tool.
SEE ALSO
New and Changed Features | 10
Changes in Behavior and Syntax | 16
Known Behavior | 18
Known Issues | 19
Resolved Issues | 21
Documentation Updates | 22
Migration, Upgrade, and Downgrade Instructions | 23
Junos OS Release Notes for EX Series Switches
IN THIS SECTION
New and Changed Features | 25
Changes in Behavior and Syntax | 30
Known Behavior | 32
Known Issues | 33
Resolved Issues | 36
Documentation Updates | 41
Migration, Upgrade, and Downgrade Instructions | 42
Product Compatibility | 43
25
These release notes accompany Junos OS Release 17.1R2 for the EX Series. They describe new and
changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at http://www.juniper.net/techpubs/software/junos/.
New and Changed Features
IN THIS SECTION
Release 17.1R2 New and Changed Features | 26
Release 17.1R1 New and Changed Features | 26
This section describes the new features and enhancements to existing features in the Junos OS main
release and the maintenance releases for EX Series.
NOTE: The following EX Series switches are supported in Release 17.1R2: EX4300, EX4600,
and EX9200.
NOTE: In Junos OS Release 17.1R2, J-Web is supported on the EX4300 and EX4600 switches
in both standalone and Virtual Chassis setup.
The J-Web distribution model being used provides two packages:
Platform package—Installed as part of Junos OS; provides basic functionalities of J-Web.
•
Application package—Optionally installable package; provides complete functionalities of
•
J-Web.
For details about the J-Web distribution model, see Release Notes: J-Web Application Package
Release 17.1A1 for EX4300 and EX4600 Switches.
26
Release 17.1R2 New and Changed Features
There are no new features or enhancements to existing features for EX Series in Junos OS Release
•
17.1R2.
Release 17.1R1 New and Changed Features
Hardware
New Routing Engine for EX9200 Switches—Starting with Junos OS Release 17.1R1, EX9200 switches
•
support the new Routing Engine EX9200-RE2.
[See Routing Engine Module in an EX9200 Switch.]
New Configurations for EX9200 Switches—Starting with Junos OS Release 17.1R1, EX9200 switches
•
are available in the following configurations:
EX9204-AC-BND2
•
EX9204-RED3B-AC
•
EX9204-RED3B-DC
•
EX9204-BASE3B-AC
•
EX9208-BASE3B-AC
•
EX9208-RED3B-AC
•
EX9208-RED3B-DC
•
EX9214-BASE3B-AC
•
EX9214-RED3B-AC
•
EX9214-RED3B-DC
•
See
EX9204 Switch Configurations
•
EX9208 Switch Configurations
•
EX9214 Switch Configurations
•
Authentication, Authorization and Accounting (AAA) (RADIUS)
Access control and authentication (EX4300-EX4600 mixed VC)—Starting with Junos OS Release 17.1R1,
•
EX4600 switches operating in a mixed Virtual Chassis with EX4300 switches support controlling access
to your network using 802.1X authentication and MAC RADIUS authentication.
27
802.1X authentication provides port-based network access control (PNAC) as defined in the IEEE 802.1X
standard. Supported features include guest VLAN, private VLAN, server fail fallback, dynamic changes
to a user session, RADIUS accounting, and configuration of port-filtering attributes on the RADIUS server
using VSAs.
MAC RADIUS authentication is used to authenticate end devices independently of whether they are
enabled for 802.1X authentication. You can permit end devices that are not 802.1X-enabled to access
the LAN by configuring MAC RADIUS authentication on the switch interfaces to which the end devices
are connected.
Access control features in a mixed EX4300-EX4600 Virtual Chassis are supported only on EX4300 ports.
This feature was previously supported in an “X” release of Junos OS.
[See Access Control on a Mixed EX4300-EX4600 Virtual Chassis.]
Class of Service (CoS)
Support for classification of multidestination traffic (EX4300)—Multidestination traffic includes BUM
•
(broadcast, unknown unicast, and multicast) traffic and Layer 3 multicast traffic. By default on EX4300
Series switches, all multidestination traffic is classified to the Mcast-BE traffic class mapped to queue
8. Beginning with Junos OS Release 17.1R1, you can classify multidestination traffic to four different
queues, queues 8-11, based on either the IEEE 802.1p bits or the DSCP IPv4/v6 bits. You can classify
multidestination traffic by including the multi-destination statement at the [edit class-of-service] (to
apply globally) or to an individual interface at the [edit class-of-service interfaces interfaces-name]
hierarchy. Classification at an individual interface takes precedence over global classification.
[See Example: Configuring Multidestination (Multicast, Broadcast, DLF) Classifiers.]
Firewall filter with policer action as forwarding-class and loss priority (PLP) (EX4300 switches)—Starting
•
with Junos OS Release 14.1X53-D35 and Junos OS Release 17.1R1, on EX4300 switches you can
configure the firewall with policer action as forwarding-class and loss priority (PLP). When the traffic
hits the policer, PLP changes as per the action rule. The supported PLP designations are low, medium-low,
medium-high, and high. You configure policer actions at the [edit firewall] hierarchy level.
See then (Policer Action)
High Availability (HA) and Resiliency
New options for the show vrrp track command (EX Series)—Starting in 17.1R1, the show vrrp track
•
routes command gives you the option to view all tracked routes. Another new option for the show vrrp
track command, all, is equivalent to the already existing command show vrrp track.
[See show vrrp track.]
Interfaces and Chassis
LLDP-MED power negotiation (EX4300 Switches) —Starting with Junos OS Release 17.1R1, EX4300
•
switches support Link Layer Discovery Protocol Media Endpoint Discovery (LLDP-MED) power negotiation
with high power (802.3at) devices. LLDP-MED power negotiation enables the PoE controller to
dynamically allocate power to an interface based on the power required by the connected powered
device.
28
[See Power over Ethernet (PoE) User Guide for EX4300 Switches.]
Half-duplex link support (EX4300 switches)—Starting with Junos OS 17.1R1, half-duplex communication
•
is supported on all built-in network copper ports on EX4300 switches. Half-duplex is bidirectional
communication, but signals can flow in only one direction at a time. Full-duplex communication means
that both ends of the communication can send and receive signals at the same time. Half-duplex is
configured by default on EX4300 switches. This feature was previously supported in an “X” release of
Junos OS.
[See Configuring Gigabit Ethernet Interfaces (CLI Procedure).]
Junos OS XML API and Scripting
Support for Python language for commit, event, op, and SNMP scripts (EX Series)—Starting in Junos
•
OS Release 17.1R1, you can author commit, event, op, and SNMP scripts in Python on devices that
include the Python extensions package in the software image. Creating automation scripts in Python
enables you to take advantage of Python features and libraries as well as leverage Junos PyEZ APIs
supported in Junos PyEZ Release 1.3.1 and earlier releases to perform operational and configuration
tasks on devices running Junos OS. To enable execution of Python automation scripts, which must be
owned by either root or a user in the Junos OS super-user login class, configure the language python
statement at the [edit system scripts] hierarchy level, and configure the filename for the Python script
under the hierarchy level appropriate to that script type. Supported Python versions include Python
2.7.x.
[See Understanding Python Automation Scripts for Devices Running Junos OS.]
Management
Support for adding non-native YANG modules to the Junos OS schema (EX Series)—Starting in Junos
•
OS Release 17.1R1, you can load custom YANG models on devices running Junos OS to add data models
that are not natively supported by Junos OS but can be supported by translation. Doing this enables
you to extend the configuration hierarchies and operational commands with data models that are
customized for your operations. The ability to add data models to a device is also beneficial when you
want to create device-agnostic and vendor-neutral data models that enable the same configuration or
RPC to be used on different devices from one or more vendors. You can load custom YANG modules
by using the request system yang add operational command.
29
[See Understanding the Management of Non-Native YANG Modules on Devices Running Junos OS.]
OpenFlow
Support for OpenFlow v1.0 and v1.3.1 (EX4600 switches)—Starting with Junos OS Release 17.1R1,
•
EX4600 switches support OpenFlow v1.0 and v1.3.1. OpenFlow v1.0 enables you to control traffic in
a network by adding, deleting, and modifying flows in the switch. You can configure one OpenFlow
virtual switch and one active OpenFlow controller at the [edit protocols openflow] hierarchy level on
each EX4600 switch in the network.
Also, OpenFlow v1.3.1 allows the action specified in one or more flow entries to direct packets to a base
action called a group. The group action further processes these packets and assigns a more specific
forwarding action to them. You can view groups that were added, modified, or deleted from the group
table by using the show openflow groups command. You can view group statistics by using the show
openflow statistics groups command.
[See Understanding OpenFlow Operation and Forwarding Actions on Devices Running Junos OS.]
Software Installation and Upgrade
•
Support for unified in-service software upgrade (ISSU) (EX9200-6QS)—Starting with Junos OS Release
17.1R1,you can perform a unified ISSU on the EX9200-6QS line card. ISSU enables you to upgrade
between two different Junos OS releases with no disruption on the control plane and with minimal
disruption of traffic.
[See Unified ISSU System Requirements.]
SEE ALSO
Changes in Behavior and Syntax | 30
Known Behavior | 32
Known Issues | 33
Resolved Issues | 36
Documentation Updates | 41
Migration, Upgrade, and Downgrade Instructions | 42
30
Product Compatibility | 43
Changes in Behavior and Syntax
IN THIS SECTION
High Availability (HA) and Resiliency | 31
MPLS | 31
Services Applications | 31
System Management | 31
User Interface and Configuration | 31
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS
statements and commands from Junos OS Release 17.1R2 for the EX Series.
Loading...