Junos OS Release 17.2R1 User Manual

Download

Release Notes: Junos®OS Release 17.2R1 for

the ACX Series, EX Series, MX Series, NFX

Series, PTX Series, QFX Series, and Junos

Fusion Junos OS 17.2R1 Release Notes

3 September 2020

Introduction | 12

Junos OS Release Notes for ACX Series | 12

New and Changed Features | 13

Hardware | 14

Interfaces and Chassis | 14

Management | 14

Network Management and Monitoring | 14

Operation, Administration, and Maintenance (OAM) | 15

Routing Protocols | 15

Software Installation and Upgrade | 15

Timing and Synchronization | 15

Changes in Behavior and Syntax | 16

Interfaces and Chassis | 17

Management | 17

Known Behavior | 18

High Availability (HA) and Resiliency | 18

Known Issues | 19

Layer 2 Features | 19

Resolved Issues | 19

Documentation Updates | 20

Migration, Upgrade, and Downgrade Instructions | 20

Upgrade and Downgrade Support Policy for Junos OS Releases | 21

Product Compatibility | 22

Hardware Compatibility | 22

Junos OS Release Notes for EX Series Switches | 23

New and Changed Features | 23

Authentication, Authorization and Accounting (AAA) (RADIUS) | 24

EVPNs | 25

Layer 3 Features | 25

Management | 27

Multicast | 27

Network Management and Monitoring | 27

System Management | 27

Changes in Behavior and Syntax | 28

IP Tunneling | 28

Management | 28

Known Behavior | 29

High Availability (HA) and Resiliency | 30

Known Issues | 30

General Routing | 31

High Availability (HA) and Resiliency | 31

Infrastructure | 31

Junos Fusion Enterprise | 31

Platform and Infrastructure | 31

Virtual Chassis | 32

Resolved Issues | 32

Resolved Issues:17.2R1 | 33

Documentation Updates | 34

Migration, Upgrade, and Downgrade Instructions | 34

Upgrade and Downgrade Support Policy for Junos OS Releases | 35

Product Compatibility | 35

Hardware Compatibility | 36

Junos OS Release Notes for Junos Fusion Enterprise | 36

New and Changed Features | 37

Interfaces and Chassis | 38

Layer 2 Features | 38

Changes in Behavior and Syntax | 39

Known Behavior | 40

Known Issues | 40

Resolved Issues | 41

Documentation Updates | 41

Migration, Upgrade, and Downgrade Instructions | 42

Basic Procedure for Upgrading Junos OS on an Aggregation Device | 42

Upgrading an Aggregation Device with Redundant Routing Engines | 44

Preparing the Switch for Satellite Device Conversion | 44

Converting a Satellite Device to a Standalone Switch | 46

Upgrade and Downgrade Support Policy for Junos OS Releases | 48

Downgrading from Release 17.2 | 48

Product Compatibility | 50

Hardware and Software Compatibility | 50

Hardware Compatibility Tool | 50

Junos OS Release Notes for Junos Fusion Data Center | 51

New and Changed Features | 51

Junos Fusion Data Center | 52

Hardware | 53

Class of Service (CoS) | 53

High Availability (HA) and Resiliency | 53

Interfaces | 53

Layer 2 Protocols | 58

Layer 3 Protocols | 59

Multicast Protocols | 60

Network Management and Monitoring | 62

Routing Policy and Firewall Filters | 63

Storage | 63

Software Installation and Upgrade | 64

Software Licensing | 65

Changes in Behavior and Syntax | 66

Junos Fusion | 66

Known Behavior | 67

Junos Fusion Data Center | 67

Known Issues | 68

Junos Fusion | 68

Resolved Issues | 69

Resolved Issues: 17.2R1 | 69

Documentation Updates | 69

Migration, Upgrade, and Downgrade Instructions | 70

Basic Procedure for Upgrading an Aggregation Device | 71

Preparing the Switch for Satellite Device Conversion | 72

Autoconverting a Switch into a Satellite Device | 75

Manually Converting a Switch into a Satellite Device | 78

Configuring a Switch into a Satellite Device Before Connecting It to a Junos Fusion

Topology | 80

Configuring Satellite Device Upgrade Groups | 81

Converting a Satellite Device to a Standalone Device | 82

Upgrade and Downgrade Support Policy for Junos OS Releases | 85

Downgrading from Release 17.2R1 | 85

Product Compatibility | 86

Hardware Compatibility | 86

Junos OS Release Notes for Junos Fusion Provider Edge | 87

New and Changed Features | 88

Class of Service (CoS) | 88

Junos Fusion | 88

Changes in Behavior and Syntax | 89

Known Behavior | 90

Known Issues | 90

Resolved Issues | 91

Documentation Updates | 91

Migration, Upgrade, and Downgrade Instructions | 92

Basic Procedure for Upgrading an Aggregation Device | 92

Upgrading an Aggregation Device with Redundant Routing Engines | 94

Preparing the Switch for Satellite Device Conversion | 95

Converting a Satellite Device to a Standalone Device | 96

Upgrading an Aggregation Device | 98

Upgrade and Downgrade Support Policy for Junos OS Releases | 99

Downgrading from Release 17.2 | 99

Product Compatibility | 100

Hardware Compatibility | 100

Junos OS Release Notes for MX Series 5G Universal Routing Platforms | 101

New and Changed Features | 101

Hardware | 102

Class of Service (CoS) | 103

EVPNs | 104

Forwarding and Sampling | 106

General Routing | 107

High Availability (HA) and Resiliency | 108

Interfaces and Chassis | 109

Layer 2 VPN | 112

Management | 112

MPLS | 114

Multicast | 115

Network Management and Monitoring | 116

Operation, Administration, and Maintenance (OAM) | 118

Routing Policy and Firewall Filters | 119

Routing Protocols | 119

Services Applications | 121

Software Defined Networking (SDN) | 123

Subscriber Management and Services | 124

Virtual Chassis | 131

Changes in Behavior and Syntax | 132

EVPNs | 132

Forwarding and Sampling | 133

High Availability (HA) and Resiliency | 135

Interfaces and Chassis | 135

IP Tunneling | 138

Management | 138

MPLS | 139

Network Management and Monitoring | 139

Routing Protocols | 140

Services Applications | 141

Subscriber Management and Services | 141

User Interface and Configuration | 142

Known Behavior | 143

General Routing | 145

High Availability (HA) and Resiliency | 145

Network Management and Monitoring | 145

Interfaces and Chassis | 145

User Interface and Configuration | 145

Software Defined Networking (SDN) | 146

Subscriber Management and Services | 146

Known Issues | 147

Class of Service (CoS) | 148

EVPNs | 148

Forwarding and Sampling | 148

General Routing | 148

Infrastructure | 151

Interfaces and Chassis | 151

Layer 2 Features | 151

Layer 2 Ethernet Services | 151

MPLS | 152

Multicast | 152

Network Management and Monitoring | 152

Platform and Infrastructure | 152

Routing Protocols | 153

Services Applications | 154

Subscriber Access Management | 154

VPNs | 154

Resolved Issues | 154

Resolved Issues: 17.2R1 | 155

Documentation Updates | 164

Subscriber Management Access Network Guide | 165

Subscriber Management Provisioning Guide | 165

Migration, Upgrade, and Downgrade Instructions | 166

Basic Procedure for Upgrading to Release 17.2 | 166

Upgrading from Junos OS (FreeBSD 6.1) to Junos OS (FreeBSD 10.x) | 167

Upgrading from Junos OS (FreeBSD 6.1) to Junos OS (FreeBSD 6.1) | 169

Upgrade and Downgrade Support Policy for Junos OS Releases | 171

Upgrading a Router with Redundant Routing Engines | 171

Downgrading from Release 17.2 | 172

Product Compatibility | 173

Hardware Compatibility | 173

Junos OS Release Notes for NFX Series | 174

New and Changed Features | 174

Hardware | 175

Juniper Device Manager | 176

Junos Control Plane | 177

vSRX | 179

Changes in Behavior and Syntax | 179

Known Behavior | 180

Juniper Device Manager | 180

Known Issues | 181

Infrastructure | 181

IPsec | 181

Juniper Device Manager | 181

Junos Control Plane | 183

vSRX | 184

Resolved Issues | 185

Juniper Device Manager | 185

Junos Control Plane | 185

Documentation Updates | 186

Release Notes | 186

Migration, Upgrade, and Downgrade Instructions | 187

Upgrade and Downgrade Support Policy for Junos OS Releases | 187

Upgrading Using Unified ISSU | 187

Upgrading a Router with Redundant Routing Engines | 188

Basic Procedure for Upgrading to Release 17.2 | 188

Product Compatibility | 191

Hardware Compatibility | 192

Junos OS Release Notes for PTX Series Packet Transport Routers | 192

New and Changed Features | 193

Hardware | 194

Class of Service (CoS) | 195

Forwarding and Sampling | 196

General Routing | 196

High Availability (HA) and Resiliency | 196

Interfaces and Chassis | 197

IPv6 | 201

Layer 2 Features | 201

Layer 3 Features | 201

Management | 202

MPLS | 205

Multicast | 207

Network Management and Monitoring | 207

Routing Policy and Firewall Filters | 208

Routing Protocols | 209

Security | 211

Services Applications | 211

Software Installation and Upgrade | 211

User Interface and Configuration | 211

VPNs | 212

Changes in Behavior and Syntax | 213

Interfaces and Chassis | 213

Management | 214

Known Behavior | 215

Hardware | 216

High Availability (HA) and Resiliency | 216

Known Issues | 217

General Routing | 217

Platform and Infrastructure | 218

Resolved Issues | 218

Resolved Issues: 17.2R1 | 219

Documentation Updates | 220

Migration, Upgrade, and Downgrade Instructions | 220

Basic Procedure for Upgrading to Release 17.2 | 220

Upgrade and Downgrade Support Policy for Junos OS Releases | 223

Upgrading Using Unified ISSU | 224

Upgrading a Router with Redundant Routing Engines | 224

Product Compatibility | 225

Hardware Compatibility | 225

Junos OS Release Notes for the QFX Series | 226

New and Changed Features | 226

Hardware | 227

Authentication, Authorization, and Accounting (AAA) (RADIUS) | 228

Class of Service (CoS) | 228

Dynamic Host Configuration Protocol (DHCP) | 229

EVPNs | 229

Infrastructure | 231

Interfaces and Chassis | 231

IPv4 | 233

IPv6 | 233

Layer 2 Features | 233

Layer 3 Features | 234

Management | 234

MPLS | 237

Multicast | 238

Network Management and Monitoring | 239

Port Security | 240

Routing Protocols | 241

Security | 243

Services Applications | 244

Software Defined Networking (SDN) | 244

Software Installation and Upgrade | 245

Software Licensing | 245

System Management | 245

VLAN Infrastructure | 246

Changes in Behavior and Syntax | 247

Class of Service (CoS) | 248

Management | 248

Known Behavior | 249

High Availability (HA) and Resiliency | 250

Virtual Chassis | 250

Known Issues | 250

General Routing | 251

High Availability (HA) and Resiliency | 252

Infrastructure | 252

Interfaces and Chassis | 252

IPsec | 252

Layer 2 Features | 252

MPLS | 252

Open vSwitch Database Management Protocol (OVSDB) | 253

OpenFlow | 253

Platform and Infrastructure | 253

Routing Protocols | 254

Resolved Issues | 254

General Routing | 255

Layer 2 Features | 255

Routing Protocols | 256

Documentation Updates | 256

Migration, Upgrade, and Downgrade Instructions | 257

Upgrading Software on QFX Series Switches | 257

Installing the Software on QFX10002 Switches | 259

Performing an In-Service Software Upgrade (ISSU) | 259

Preparing the Switch for Software Installation | 260

Upgrading the Software Using ISSU | 260

Product Compatibility | 263

Hardware Compatibility | 263

Third-Party Components | 264

Upgrading Using Unified ISSU | 264

Compliance Advisor | 264

Finding More Information | 264

Requesting Technical Support | 265

Self-Help Online Tools and Resources | 265

Opening a Case with JTAC | 266

Revision History | 266

Introduction

Junos OS runs on the following Juniper Networks®hardware: ACX Series, EX Series, MX Series, PTX Series, QFabric systems, QFX Series, SRX Series, and Junos Fusion.

These release notes accompany Junos OS Release 17.2R1 for the ACX Series, EX Series, Junos Fusion Enterprise, Junos Fusion Data Center, Junos Fusion Provider Edge, MX Series, PTX Series, and QFX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

Junos OS Release Notes for ACX Series

IN THIS SECTION

New and Changed Features | 13

Changes in Behavior and Syntax | 16

Known Behavior | 18

Known Issues | 19

Resolved Issues | 19

Documentation Updates | 20

Migration, Upgrade, and Downgrade Instructions | 20

Product Compatibility | 22

These release notes accompany Junos OS Release 17.2R1 for the ACX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release noteson the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/software/junos/.

New and Changed Features

IN THIS SECTION

Hardware | 14

Interfaces and Chassis | 14

Management | 14

Network Management and Monitoring | 14

Operation, Administration, and Maintenance (OAM) | 15

Routing Protocols | 15

Software Installation and Upgrade | 15

Timing and Synchronization | 15

This section describes the new features or enhancements to existing features in Junos OS Release 17.2R1 for ACX Series Universal Metro Routers.

Hardware

Support for fixed and tunable DWDM Optics, 1GE and 10GE BIDI Optics (ACX Series)—Starting in

•

Junos OS Release 17.2R1, ACX Series Universal Metro Routers support fixed and tunable 1-Gigabit Ethernet and 10-Gigabit Ethernet BIDI DWDM optics.

Interfaces and Chassis

Support for Ethernet ring protection switching (ACX Series, ACX500, ACX5000)—Starting in Junos OS

•

Release 17.2R1, ACX Universal Metro Routers support Ethernet ring protection switching (G.8032v2). With the G.8032v2 capability, the ACX Series routers support manual commands (force switch, manual switch, and clear commands) and interconnection of multiple Ethernet rings without virtual channels. ERPS on the ACX5000 line of routers supports Aggregated Ethernet (AE) interfaces.

[See Ethernet Ring Protection Switching Overview]

Management

Support for device family and release in Junos OS YANG modules (ACX Series)—Starting in Junos OS

•

Release 17.2, Junos OS YANG modules are specific to a device family, and each module’s namespace includes the module name, device family, and Junos OS release string. Furthermore, each juniper-command module uses its own unique module name as the module’s prefix. Device families include junos, junos-es, junos-ex, and junos-qfx.

[See Understanding Junos OS YANG Modules.]

Network Management and Monitoring

Support for sFlow agent (ACX5000)—Starting in Junos OS Release 17.2R1, ACX5000 line of routers

•

supports sFlow agent. sFlow is a statistical sampling based network monitoring protocol for high speed switched or routed networks. The sFlow monitoring system consists of an sFlow agent (embedded in a switch or router or in a stand alone probe) and a central data collector, or sFlow analyzer.

sFlow technology uses the following two sampling mechanisms:

Packet-based sampling—Samples one packet out of a specified number of packets from an interface

•

enabled for sFlow technology.

Time-based sampling—Samples interface statistics at a specified interval from an interface enabled

•

for sFlow technology.

Adaptive sampling—Monitors the overall incoming traffic rate on the device and provides feedback

•

to the interfaces to dynamically adapt their sampling rate to traffic conditions.

[See Overview of sFlow Technology and Configuring sFlow Technology.]

Operation, Administration, and Maintenance (OAM)

Support for ITU-T Y.1731 ETH-LM, ETH-SLM, and ETH-DM on aggregated Ethernet interfaces (ACX

•

Series, ACX5000)—Starting in Junos OS release 17.2R1, you can configure ITU-T Y.1731 standard-compliant Ethernet loss measurement (ETH-LM), Ethernet synthetic loss measurement (ETH-SLM), and Ethernet delay measurement (ETH-DM) capabilities on aggregated Ethernet (AE) interfaces. These performance monitoring functionalities are supported on ACX Series and ACX5000 line of routers.

[See Understanding Ethernet OAM Link Fault Management for ACX Series Routers]

Routing Protocols

Support for IS-IS flooding groups (ACX5000)—Starting with Junos OS Release 17.2R1, you can configure

•

flooding groups with IS-IS on the ACX5000 line of routers. This feature limits link-state PDU flooding over IS-IS interfaces. An LSP that is not self-originated is flooded only through the interface belonging to the flood group that has the configured area ID in the LSP. This helps minimize the routes and topology information, thus ensuring optimal convergence. You can segregate both level 1 and level 2 networks into flood groups by using area IDs as tags to identify a flood group. Configure interfaces with specific area IDs to modify the flooding behavior as per your requirements.

To enable IS-IS flooding groups, include the flood-group flood-group-area-ID statement at the [edit protocols isis interface] hierarchy level.

[See Understanding IS-IS Flood Group]

Software Installation and Upgrade

Support for In-Service Software Upgrade (ACX5000)—Starting with Junos OS Release 17.2R1, Junos

•

OS for ACX5000 Universal Metro Routers supports ISSU, the ability to do software upgrades between two different software releases with minimal disruption to network traffic and no disruptions in the control plane. As a prerequisite, you need to have the graceful Routing Engine switchover (GRES), nonstop active routing (NSR), and nonstop bridging (NSB) enabled in the routing engine to support ISSU on ACX5000 line of routers.

[See Understanding In-Service Software Upgrade (ISSU) in ACX5000 Series Routers]

Timing and Synchronization

Support for PHY timestamping in boundary clock mode (ACX Series)—Starting in Junos OS Release

•

17.2R1, ACX Series Universal Metro Routers supports timestamping at the physical layer, also known

as PHY timestamping, in boundary clock mode. To enable PHY timestamping on ACX Series routers, configure clock-mode as boundary clock at the [edit protocols ptp] hierarchy level.

[See Configuring Precision Time Protocol Clocking]

Support for defect and event management and SNMP get and walk management for timing (ACX

•

Series)—Starting in Junos OS Release 17.2R1, the ACX Universal Metro Routers supports defect and event management capabilities for timing features. Defects and events are notified in the form of SNMP traps.

The ACX Universal Metro Routers also supports SNMP get, get-next, and walk management capabilities for the timing features. These capabilities are enabled through the PTP MIB and SyncE MIB objects.

[See Understanding Timing Defects and Event Management on ACX Series and Understanding SNMP

MIB for Timing on ACX Series ]

SEE ALSO

Changes in Behavior and Syntax | 16

Known Behavior | 18

Known Issues | 19

Resolved Issues | 19

Documentation Updates | 20

Migration, Upgrade, and Downgrade Instructions | 20

Product Compatibility | 22

Changes in Behavior and Syntax

IN THIS SECTION

Interfaces and Chassis | 17

Management | 17

This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands from Junos OS Release 17.2R1 for the ACX Series Universal Metro Routers.

Interfaces and Chassis

Support for logical interfaces—ACX5048 and ACX5096 routers do not support configuring more than

•

1000 logical interfaces.

Management

Junos OS YANG module namespace and prefix changes (ACX Series)—Starting in Junos OS Release

•

17.2, Junos OS YANG modules are specific to a device family, and each module’s namespace includes the module name, device family, and Junos OS release string. Furthermore, each juniper-command module uses its own unique module name as the module’s prefix. In earlier releases, Junos OS YANG modules used only a unique identifier to differentiate the namespace for each module, and the prefix for all juniper-command modules was jrpc.

Device families include junos, junos-es, junos-ex, and junos-qfx. The Junos OS YANG extension modules, junos-extension and junos-extension-odl, use the junos device family identifier in the namespace, but the modules are common to all device families.

[See Understanding Junos OS YANG Modules.]

Changes to the rfc-compliant configuration statement (ACX Series)—Starting in Junos OS Release 17.2,

•

Junos OS YANG modules are specific to a device family, and each module’s namespace includes the module name, device family, and Junos OS release string. If you configure the rfc-compliant statement at the [edit system services netconf] hierarchy level and request configuration data in a NETCONF session on a device running Junos OS Release 17.2 or later, the NETCONF server sets the default namespace for the <configuration> element in the RPC reply to the same namespace as in the corresponding YANG model.

[See Configuring RFC-Compliant NETCONF Sessions and rfc-compliant.]

SEE ALSO

New and Changed Features | 13

Known Behavior | 18

Known Issues | 19

Resolved Issues | 19

Documentation Updates | 20

Migration, Upgrade, and Downgrade Instructions | 20

Product Compatibility | 22

Known Behavior

IN THIS SECTION

High Availability (HA) and Resiliency | 18

This section lists known behavior, system maximums, and limitations in hardware and software in Junos OS Release 17.2R1 for the ACX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

High Availability (HA) and Resiliency

Residual and baseline statistics loss from ISSU—Using ISSU to upgrade to Junos OS Release 17.2R1 or

•

later will result in a loss of residual and baseline statistics for interfaces, interface set specific statistics, and BBE subscriber service statistics because of an update to the statistics database.

[See Unified ISSU System Requirements.]

SEE ALSO

New and Changed Features | 13

Changes in Behavior and Syntax | 16

Known Issues | 19

Resolved Issues | 19

Documentation Updates | 20

Migration, Upgrade, and Downgrade Instructions | 20

Product Compatibility | 22

Known Issues

IN THIS SECTION

Layer 2 Features | 19

This section lists the known issues in hardware and software in Junos OS Release 17.2R1 for the ACX Series Universal Metro Routers.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Layer 2 Features

Under certain scenarios, if VPLS instances and Layer 3 NNI interfaces are deleted in the same commit,

•

then a traffic duplication is observed for the VPLS traffic. To avoid such instances, it is recommended to delete or deactivate the Layer 3 NNI interfaces and VPLS instances in separate commits. PR1260156

SEE ALSO

New and Changed Features | 13

Changes in Behavior and Syntax | 16

Known Behavior | 18

Resolved Issues | 19

Documentation Updates | 20

Migration, Upgrade, and Downgrade Instructions | 20

Product Compatibility | 22

Resolved Issues

There are no fixed issues in Junos OS 17.2R1 for ACX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

SEE ALSO

New and Changed Features | 13

Changes in Behavior and Syntax | 16

Known Behavior | 18

Known Issues | 19

Documentation Updates | 20

Migration, Upgrade, and Downgrade Instructions | 20

Product Compatibility | 22

Documentation Updates

There are no errata or changes in Junos OS Release 17.2R1 for the ACX Series documentation.

SEE ALSO

New and Changed Features | 13

Changes in Behavior and Syntax | 16

Known Behavior | 18

Known Issues | 19

Resolved Issues | 19

Migration, Upgrade, and Downgrade Instructions | 20

Product Compatibility | 22

Migration, Upgrade, and Downgrade Instructions

IN THIS SECTION

Upgrade and Downgrade Support Policy for Junos OS Releases | 21

This section contains the upgrade and downgrade support policy for Junos OS for the ACX Series Universal Metro Routers. Upgrading or downgrading Junos OS might take several minutes, depending on the size and configuration of the network.

For information about software installation and upgrade, see the Installation and Upgrade Guide.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.

You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 14.1,

14.2, 15.1 and 16.1 are EEOL releases. You can upgrade from Junos OS Release 14.1 to Release 15.1 or even from Junos OS Release 14.1 to Release 16.1. However, you cannot upgrade directly from a non-EEOL release that is more than three releases ahead or behind. For example, you cannot directly upgrade from Junos OS Release 12.1 (a non-EEOL release) to Junos OS Release 13.2 or directly downgrade from Junos OS Release 13.2 to Junos OS Release 12.1.

To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.

For more information about EEOL releases and to review a list of EEOL releases, see

https://www.juniper.net/support/eol/junos.html.

For information about software installation and upgrade, see the Installation and Upgrade Guide.

SEE ALSO

New and Changed Features | 13

Changes in Behavior and Syntax | 16

Known Behavior | 18

Known Issues | 19

Resolved Issues | 19

Documentation Updates | 20

Product Compatibility | 22

Product Compatibility

IN THIS SECTION

Hardware Compatibility | 22

Hardware Compatibility

To obtain information about the components that are supported on the devices, and the special compatibility guidelines with the release, see the Hardware Guide for the product.

To determine the features supported on ACX Series routers in this release, use the Juniper Networks Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature information to find the right software release and hardware platform for your network. Find Feature Explorer at https://pathfinder.juniper.net/feature-explorer/.

Hardware Compatibility Tool

For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms, see the Hardware Compatibility tool.

SEE ALSO

New and Changed Features | 13

Changes in Behavior and Syntax | 16

Known Behavior | 18

Known Issues | 19

Resolved Issues | 19

Documentation Updates | 20

Migration, Upgrade, and Downgrade Instructions | 20

Junos OS Release Notes for EX Series Switches

IN THIS SECTION

New and Changed Features | 23

Changes in Behavior and Syntax | 28

Known Behavior | 29

Known Issues | 30

Resolved Issues | 32

Documentation Updates | 34

Migration, Upgrade, and Downgrade Instructions | 34

Product Compatibility | 35

These release notes accompany Junos OS Release 17.2R1 for the EX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/software/junos/.

New and Changed Features

IN THIS SECTION

Authentication, Authorization and Accounting (AAA) (RADIUS) | 24

EVPNs | 25

Layer 3 Features | 25

Management | 27

Multicast | 27

Network Management and Monitoring | 27

System Management | 27

This section describes the new features and enhancements to existing features in Junos OS Release 17.2R1 for the EX Series.

NOTE: The following EX Series switches are supported in Release 17.2R1: EX4300, EX4600,

and EX9200.

NOTE: In Junos OS Release 17.2R1, J-Web is supported on the EX4300 and EX4600 switches

in both standalone and Virtual Chassis setup.

The J-Web distribution model being used provides two packages:

Platform package—Installed as part of Junos OS; provides basic functionalities of J-Web.

•

Application package—Optionally installable package; provides complete functionalities of

•

J-Web.

For details about the J-Web distribution model, see Release Notes: J-Web Application Package

Release 17.2A1 for EX4300 and EX4600 Switches.

Authentication, Authorization and Accounting (AAA) (RADIUS)

Authentication order with priority (EX4300 switches)—Starting in Junos OS Release 17.2R1, you can

•

configure EX4300 switches not to trigger re-authentication for a client that has been authenticated using MAC RADIUS authentication or captive portal authentication. If the switch receives an EAP-Start message from an authenticated client, the switch typically responds with an EAP-Request message, which triggers re-authentication using 802.1X authentication. You can use the eapol-block statement to configure the switch to ignore EAP-Start messages sent by a client that has been authenticated using MAC RADIUS authentication or captive portal authentication, and maintain the existing authentication session for the client.

[See Understanding Authentication on Switches.]

Protected Extensible Authentication Protocol (PEAP) for MAC RADIUS authentication (EX4300

•

switches)—Starting in Junos OS Release 17.2R1, you can configure the Protected Extensible Authentication Protocol (PEAP) as the authentication method for MAC RADIUS authentication. PEAP is a protocol that encapsulates EAP packets within an encrypted and authenticated Transport Layer Security (TLS) tunnel. The inner authentication protocol, used to authenticate the client's MAC address inside the tunnel, is the Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAPv2). The encrypted exchange of information inside the tunnel ensures that user credentials are safe from eavesdropping.

[See Understanding Authentication on Switches.]

EVPNs

EVPN Proxy ARP and ARP Suppression (EX9200 switches)—Starting with Junos OS Release 17.2R1,

•

EX9200 switches that function as provider edge (PE) devices in an Ethernet VPN-MPLS (EVPN-MPLS) or Ethernet VPN-Virtual Extensible LAN (EVPN-VXLAN) environment support proxy Address Resolution Protocol (ARP) and ARP suppression. The proxy ARP and ARP suppression capabilities are enabled by default. For both features to work properly, the configuration of an integrated and routing (IRB) interface on the PE device is required.

IRB interfaces configured on a PE device deliver ARP requests from both local and remote customer edge (CE) devices. When a PE device receives an ARP request from a CE device, the PE device searches its media access control (MAC)-IP address bindings database for the requested IP address. If the PE device finds the MAC-IP address binding in its database, it responds to the request. If the device does not find the MAC-IP address binding, it swaps the source MAC address in the request with the MAC address of the IRB interface on which the request was received and sends the request to all interfaces.

Even when a PE device responds to an ARP request, ARP packets might still be flooded across the WAN. ARP suppression prevents this flooding from occurring.

[See EVPN Proxy ARP and ARP Suppression.]

Layer 3 Features

Port-based LAN broadcast traffic forwarding (port helpers) for multiple destination servers (EX4300

•

switches and EX4300 Virtual Chassis)—Starting in Junos OS Release 17.2R1, you can configure port helpers on EX4300 switches and EX4300 Virtual Chassis on a per-port basis for multiple destination

servers. Port helpers are port-based filters that listen on configured UDP ports for incoming LAN broadcast traffic, and forward those packets to configured destination servers as unicast traffic. Configure port helper filters using the forwarding-options helpers port port-number configuration statement with any of the following scopes:

Global—Match incoming broadcast traffic on any interface for a configured port, and forward the

•

traffic to the configured server:

set forwarding-options helpers port port-number server server-ip-address

VLAN-specific—Match incoming broadcast traffic on an IRB interface for a configured port, and forward

•

the traffic to the configured server:

set forwarding-options helpers port port-number interface irb-interface-name server server-ip-address

Interface-specific—Match incoming broadcast traffic on a Layer 3 interface for a configured port, and

•

forward the traffic to the configured server:

set forwarding-options helpers port port-number interface interface-name server server-ip-address

[See Configuring Port-based LAN Broadcast Packet Forwarding.]

Management

Support for device family and release in Junos OS YANG modules (EX Series)—Starting in Junos OS

•

[See Understanding Junos OS YANG Modules.]

Multicast

•

Support for static multicast route leaking for VRF and virtual-router instances (QFX5100 and EX4300 switches)—Starting in Junos OS Release 17.2R1, you can configure your switch to share IPv4 multicast

routes among different virtual routing and forwarding (VRF) instances or different virtual-router instances. On EX4300 switches, multicast route leaking is supported only when the switch functions as a line card in a Virtual Chassis, not as a standalone switch. Only multicast static routes with a destination-prefix length of /32 are supported for multicast route leaking. Only Internet Group Management Protocol version 3 is supported. To configure multicast route leaking for VRF or virtual-router instances , include the next-table routing-instance-name.inet.0 statement at the [edit routing-instances

routing-instance-name routing-options static route destination-prefix/32] hierarchy level. For routing–instance-name, include the name of a VRF or virtual-router instance. This feature was previously

introduced in Junos OS Release 14.X53-D40.

[See Understanding Multicast Route Leaking for VRF and Virtual-Router Instances.]

Network Management and Monitoring

SNMP support for monitoring tunnel statistics (EX Series)—Starting in Junos OS Release 17.2R1, SNMP

•

MIB jnxTunnelStat supports monitoring of tunnel statistics for IPV4 over IPV6 tunnels. This is a new enterprise-specific MIB, Tunnel Stats MIB, that currently displays three counters: tunnel count in rpd, tunnel count in Kernel, and tunnel count in the Packet Forwarding Engine. This MIB can be extended to support other tunnel statistics. The MIB is defined in jnx-tunnel-stats.txt. This MIB is attached to jnxMibs.

System Management

Dynamic Power Management in EX9200 Switches—Starting with Junos OS Release 17.2R1, EX9200

•

switches support dynamic power management. See System Services on EX9200 Switches.

SEE ALSO

Changes in Behavior and Syntax | 28

Known Behavior | 29

Known Issues | 30

Resolved Issues | 32

Documentation Updates | 34

Migration, Upgrade, and Downgrade Instructions | 34

Product Compatibility | 35

Changes in Behavior and Syntax

IN THIS SECTION

IP Tunneling | 28

Management | 28

This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands from Junos OS Release 17.2R1 for the EX Series.

IP Tunneling

Deprecated no-path-mtu-discovery configuration option for ipip6 tunnels—Starting in Junos OS Release

•

17.2R1, the no-path-mtu-discovery configuration statement in the [edit interfaces ip-fpc/pic/port unit logical-unit-number tunnel] and [edit interfaces gr-fpc/pic/port unit logical-unit-number tunnel]

hierarchies is no longer available for ipip6 tunnels.

Management

Changes to the rfc-compliant configuration statement (EX Series)—Starting in Junos OS Release 17.2R1,

•

namespace for the <configuration> element in the RPC reply to the same namespace as in the corresponding YANG model.

[See Configuring RFC-Compliant NETCONF Sessions and rfc-compliant.]

Junos OS YANG module namespace and prefix changes (EX Series)—Starting in Junos OS Release

•

17.2R1, Junos OS YANG modules are specific to a device family, and each module’s namespace includes the module name, device family, and Junos OS release string. Furthermore, each juniper-command module uses its own unique module name as the module’s prefix. In earlier releases, Junos OS YANG modules used only a unique identifier to differentiate the namespace for each module, and the prefix for all juniper-command modules was jrpc.

[See Understanding Junos OS YANG Modules.]

SEE ALSO

New and Changed Features | 23

Known Behavior | 29

Known Issues | 30

Resolved Issues | 32

Documentation Updates | 34

Migration, Upgrade, and Downgrade Instructions | 34

Product Compatibility | 35

Known Behavior

IN THIS SECTION

High Availability (HA) and Resiliency | 30

This section lists known behavior, system maximums, and limitations in hardware and software in Junos OS Release 17.2R1 for the EX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

High Availability (HA) and Resiliency

Residual and baseline statistics loss from ISSU—Using unified ISSU to upgrade to Junos OS Release

•

17.2R1 or later will result in a loss of residual and baseline statistics for interfaces, interface set specific statistics, and BBE subscriber service statistics because of an update to the statistics database.

[See Unified ISSU System Requirements.]

SEE ALSO

New and Changed Features | 23

Changes in Behavior and Syntax | 28

Known Issues | 30

Resolved Issues | 32

Documentation Updates | 34

Migration, Upgrade, and Downgrade Instructions | 34

Product Compatibility | 35

Known Issues

IN THIS SECTION

General Routing | 31

High Availability (HA) and Resiliency | 31

Infrastructure | 31

Junos Fusion Enterprise | 31

Platform and Infrastructure | 31

Virtual Chassis | 32

This section lists the known issues in hardware and software in Junos OS Release 17.2R1 for the EX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

General Routing

On EX4300 switches, when 802.1X single-supplicant authentication is initiated, multiple "EAP Request

•

Id Frame Sent" packets might be sent. PR1163966

On an EX9200 switch with MC-LAG, when the enhanced-convergence statement is enabled, and when

•

the kernel sends a next-hop message to the Packet Forwarding Engine, the full Layer 2 header is not sent and a packet might be generated with an invalid source MAC address for some VLANs. PR1223662

On a dot1x-enabled interface, sometimes when you log in, log off, and then log in within a short interval

•

(within subseconds), the logical interface plus the bridge domain or VLAN remain in a pending state, and you will not be able to access the network. As a workaround, restart the l2-learning process to recover the port/interface from the problematic state. PR1230073

High Availability (HA) and Resiliency

During a nonstop software upgrade (NSSU) on an EX4300 Virtual Chassis, a traffic loop or loss might

•

occur if the Junos OS software version that you are upgrading and the Junos OS software version that you are upgrading to use different internal message formats. PR1123764

On an EX4300 or a QFX5100 Virtual Chassis, when you perform an NSSU, there might be more than

•

five seconds of traffic loss for multicast traffic. PR1125155

Infrastructure

On an EX4300 egress VLAN-based firewall filter on a Q-in-Q interface, after a switch reboot, firewall

•

counters might not increment as expected. PR1165450

Junos Fusion Enterprise

On a Junos Fusion Enterprise, Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED)

•

fast start does not work. PR1171899

Platform and Infrastructure

On EX4600 switches, the amount of time that it takes for Zero Touch Provisioning to complete might

•

be lengthy because TFTP might take a long time to fetch required data. PR980530

On EX4300, EX4600, and QFX5100 switches, if a remote analyzer has an output IP address that is

•

reachable through a route learned by BGP, the analyzer might be in a DOWN state. PR1007963

Virtual Chassis

When a linecard role FPC is removed and rejoined to a Virtual Chassis immediately, the LAG interface

•

on the master/backup is not reprogrammed in rejoined FPC. PR1255302

SEE ALSO

New and Changed Features | 23

Changes in Behavior and Syntax | 28

Known Behavior | 29

Resolved Issues | 32

Documentation Updates | 34

Migration, Upgrade, and Downgrade Instructions | 34

Product Compatibility | 35

Resolved Issues

IN THIS SECTION

Resolved Issues:17.2R1 | 33

This section lists the issues fixed in the Junos OS main release and the maintenance releases.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Resolved Issues:17.2R1

Interfaces and Chassis

ISSU will not work from 15.1R to later images (like 15.1F, 16.1R2, ...), when the router is equipped with

•

QSFP/CXP/CFP2 optics on MPC3E/MPC4E/MPC5E/MPC6E/MPC 3D 16x10GE cards. This is because a dark window issue is fixed for SFPP/QSFP/CXP/CFP2 optics in 16.1 and 15.1F, which makes the 15.1R image ISSU incompatible with later images. Doing ISSU on the incompatible image from 15.1R to later versions might result in the line card crash as a side effect. PR1216924

Network Management and Monitoring

On EX4600VC with default SNMPv3 engine ID configuration, it may happen that after the reboot of

•

the VC, SNMPv3 engine ID changes the value, even though the routing engine master switchover didn't happen, causing the authentication of the SNMP user to fail. Re-configuration of SNMP user details will solve this issue. With Junos version which contains the fix for this issue, SNMPv3 engine ID will not change after the reboot of the VC. However, the SNMPv3 engine ID will still change if the following sequence of the events occurs: * routing engine master switchover * reboot of the VC. To prevent this to happen it is recommended to configure SNMPv3 to use a predefined suffix by issuing the following line: set snmp engine-id local <engine-id-suffix> This will force the system to generate the same engine ID for all routing engines on all members. When doing a global switchover, the engine ID will not change and SNMPv3 authentication will work as before. PR1256166

Platform and Infrastructure

In a L2PT scenario using an EX4300 Series switch, the egress PE (provider edge) device(EX4300) sends

•

out frames towards the CE (customer edge) device with a duplicated frame of destination MAC address of 01:00:0c:cd:cd:d0 which is rewritten by the ingress PE device period.PR1251391

Port Security

On a EX4600 connected either back to back or in a Virtual Chassis that has MACsec configured, a

•

MACsec tunnel comes up, but after sometime or when removing optics (for failure testing) the MACsec tunnel will not come up again. PR1234447

Routing Protocols

On an EX9200 switch, when you perform an in-service software upgrade (ISSU) while protocol sessions

•

are active, the protocols might go down and come back up again, which can cause traffic loss for up to 40 seconds. PR1247937

SEE ALSO

New and Changed Features | 23

Changes in Behavior and Syntax | 28

Known Behavior | 29

Known Issues | 30

Documentation Updates | 34

Migration, Upgrade, and Downgrade Instructions | 34

Product Compatibility | 35

Documentation Updates

There are no errata or changes in Junos OS Release 17.2R1 for the EX Series switches documentation.

SEE ALSO

New and Changed Features | 23

Changes in Behavior and Syntax | 28

Known Behavior | 29

Known Issues | 30

Resolved Issues | 32

Migration, Upgrade, and Downgrade Instructions | 34

Product Compatibility | 35

Migration, Upgrade, and Downgrade Instructions

IN THIS SECTION

Upgrade and Downgrade Support Policy for Junos OS Releases | 35

This section contains the upgrade and downgrade support policy for Junos OS for the EX Series. Upgrading or downgrading Junos OS can take several hours, depending on the size and configuration of the network. For information about software installation and upgrade, see the Installation and Upgrade Guide.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release, even though EEOL releases generally occur in increments beyond three releases.

For more information on EEOL releases and to review a list of EEOL releases, see

https://www.juniper.net/support/eol/junos.html

SEE ALSO

New and Changed Features | 23

Changes in Behavior and Syntax | 28

Known Behavior | 29

Known Issues | 30

Resolved Issues | 32

Documentation Updates | 34

Product Compatibility | 35

Product Compatibility

IN THIS SECTION

Hardware Compatibility | 36

Hardware Compatibility

To obtain information about the components that are supported on the devices, and the special compatibility guidelines with the release, see the Hardware Guide for the product.

To determine the features supported on EX Series switches in this release, use the Juniper Networks Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature information to find the right software release and hardware platform for your network. Find Feature Explorer at https://pathfinder.juniper.net/feature-explorer/.

Hardware Compatibility Tool

For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms, see the Hardware Compatibility tool.

SEE ALSO

New and Changed Features | 23

Changes in Behavior and Syntax | 28

Known Behavior | 29

Known Issues | 30

Resolved Issues | 32

Documentation Updates | 34

Migration, Upgrade, and Downgrade Instructions | 34

Junos OS Release Notes for Junos Fusion Enterprise

IN THIS SECTION

New and Changed Features | 37

Changes in Behavior and Syntax | 39

Known Behavior | 40

Known Issues | 40

Resolved Issues | 41

Documentation Updates | 41

Migration, Upgrade, and Downgrade Instructions | 42

Product Compatibility | 50

These release notes accompany Junos OS Release 17.2R1 for Junos Fusion Enterprise. Junos Fusion Enterprise is a Junos Fusion that uses EX9200 switches in the aggregation device role. These release notes describe new and changed features, limitations, and known problems in the hardware and software.

NOTE: For a complete list of all hardware and software requirements for a Junos Fusion

Enterprise, including which Juniper Networks devices can function as satellite devices, see

Understanding Junos Fusion Enterprise Software and Hardware Requirements in the Junos Fusion Enterprise User Guide.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/software/junos/.

New and Changed Features

IN THIS SECTION

Interfaces and Chassis | 38

Layer 2 Features | 38

This section describes the new features and enhancements to existing features in Junos OS Release 17.2R1 for Junos Fusion Enterprise.

NOTE: For more information about the Junos Fusion Enterprise features, see the Junos Fusion

Enterprise User Guide.

Interfaces and Chassis

Half-duplex link support on satellite devices (Junos Fusion Enterprise)—Starting with Junos OS 17.2R1,

•

half-duplex communication is supported on all built-in network copper ports on EX2300, EX3400, and EX4300 satellite devices in a Junos Fusion Enterprise (JFE). Half-duplex is bidirectional communication, but signals can flow in only one direction at a time. Full-duplex communication means that both ends of the communication can send and receive signals at the same time. The built-in network copper ports are configured by default as full-duplex 1-gigabit links with autonegotiation. If the link partner is set to autonegotiate the link, then the link is autonegotiated to full duplex or half-duplex. If the link is not set to autonegotiation, then the satellite-device link defaults to half-duplex unless the interface is explicitly configured for full duplex.

To explicitly configure full duplex:

[edit] user@aggregation-device# set interfaces interface-name link-mode full-duplex

To verify a half-duplex setting:

user@aggregation-device> show interfaces interface-name extensive

[See Understanding Half-Duplex Links on Satellite Devices in a Junos Fusion Enterprise.]

Layer 2 Features

Private VLANs (Junos Fusion Enterprise)—Starting with Junos OS Release 17.2R1, Junos Fusion Enterprise

•

(JFE) supports private VLANs (PVLANs). PVLANs are useful for restricting the flow of broadcast and unknown unicast traffic and for limiting the known communication between known hosts. PVLANs can be used for purposes including: to help ensure the security of service providers sharing a server farm; to provide security to subscribers of various service providers sharing a common metropolitan area network; or to achieve isolation within the same subnet in a very large enterprise network. PVLAN is a standard introduced by RFC 5517 to achieve port or device isolation in a Layer 2 VLAN by partitioning a VLAN broadcast domain (also called a primary VLAN) into smaller subdomains (also called secondary VLANs).

In a JFE PVLAN topology:

Multiple satellite devices can be clustered into a group and cabled into the JFE as a group instead of

•

as individual satellite devices.

Aggregation device native ports or satellite device extended ports can act as promiscuous ports,

•

isolated ports, or community VLAN ports.

The promiscuous port can be attached to a core switch or router through physical interfaces or

•

aggregated links.

PVLANs are supported in dual aggregation device JFEs.

•

[See Understanding Private VLANs on a Junos Fusion Enterprise.]

SEE ALSO

Changes in Behavior and Syntax | 39

Known Behavior | 40

Known Issues | 40

Resolved Issues | 41

Documentation Updates | 41

Migration, Upgrade, and Downgrade Instructions | 42

Product Compatibility | 50

Changes in Behavior and Syntax

There are no changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands in Junos OS Release 17.2R1 for Junos Fusion Enterprise.

SEE ALSO

New and Changed Features | 37

Known Behavior | 40

Known Issues | 40

Resolved Issues | 41

Documentation Updates | 41

Migration, Upgrade, and Downgrade Instructions | 42

Product Compatibility | 50

Known Behavior

There are no known behaviors, system maximums, and limitations in hardware and software in Junos OS Release 17.2R1 for Junos Fusion Enterprise.

For the most complete and latest information about known Junos OS problems, use the Juniper Networks online Junos Problem Report Search application.

SEE ALSO

New and Changed Features | 37

Changes in Behavior and Syntax | 39

Known Issues | 40

Resolved Issues | 41

Documentation Updates | 41

Migration, Upgrade, and Downgrade Instructions | 42

Product Compatibility | 50

Known Issues

There are no known issues in hardware and software in Junos OS Release 17.2R1 for Junos Fusion Enterprise.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

SEE ALSO

New and Changed Features | 37

Changes in Behavior and Syntax | 39

Known Behavior | 40

Resolved Issues | 41

Documentation Updates | 41

Migration, Upgrade, and Downgrade Instructions | 42

Product Compatibility | 50

Resolved Issues

There are no fixed issues in Junos OS Release 17.2R1 for Junos Fusion Enterprise.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

SEE ALSO

New and Changed Features | 37

Changes in Behavior and Syntax | 39

Known Behavior | 40

Known Issues | 40

Documentation Updates | 41

Migration, Upgrade, and Downgrade Instructions | 42

Product Compatibility | 50

Documentation Updates

There are no errata or changes in Junos OS Release 17.2R1 for Junos Fusion Enterprise documentation.

SEE ALSO

New and Changed Features | 37

Changes in Behavior and Syntax | 39

Known Behavior | 40

Known Issues | 40

Resolved Issues | 41

Migration, Upgrade, and Downgrade Instructions | 42

Product Compatibility | 50

Migration, Upgrade, and Downgrade Instructions

IN THIS SECTION

Basic Procedure for Upgrading Junos OS on an Aggregation Device | 42

Upgrading an Aggregation Device with Redundant Routing Engines | 44

Preparing the Switch for Satellite Device Conversion | 44

Converting a Satellite Device to a Standalone Switch | 46

Upgrade and Downgrade Support Policy for Junos OS Releases | 48

Downgrading from Release 17.2 | 48

This section contains the procedure to upgrade or downgrade Junos OS and satellite software for a Junos Fusion Enterprise. Upgrading or downgrading Junos OS and satellite software might take several hours, depending on the size and configuration of the Junos Fusion Enterprise topology.

Basic Procedure for Upgrading Junos OS on an Aggregation Device

When upgrading or downgrading Junos OS for an aggregation device, always use the junos-install package. Use other packages (such as the jbundle package) only when so instructed by a Juniper Networks support representative. For information about the contents of the junos-install package and details of the installation process, see the Installation and Upgrade Guide.

NOTE: Before upgrading, back up the file system and the currently active Junos OS configuration

so that you can recover to a known, stable environment in case the upgrade is unsuccessful. Issue the following command:

user@host> request system snapshot

The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration information from the previous software installation is retained, but the contents of log files might be erased. Stored files on the routing platform, such as configuration templates and shell scripts (the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored files, copy them to another system before upgrading or downgrading the routing platform. See the Junos OS Administration Library.

To download and install Junos OS Release 17.2R1:

1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:

https://www.juniper.net/support/downloads/

2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.

3. Select By Technology > Junos Platform > Junos Fusion to find the software that you want to download.

4. Click on the Junos Fusion EX9200 (Enterprise) title to expand the list of supported releases.

5. Click on the release number (the software version that you want to download) from the list.

6. Select the aggregation device software package for the release.

7. Review and accept the End User License Agreement.

8. Download the software to a local host.

9. Copy the software to the routing platform or to your internal software distribution site.

10. Install the new junos-install package on the aggregation device.

NOTE: We recommend that you upgrade all software packages out of band using the console

because in-band connections are lost during the upgrade process.

Customers in the United States and Canada, use the following commands.

user@host> request system software add validate reboot

source/junos-install-ex92xx-x86-64-17.2R1.13.tgz

All other customers, use the following commands.

user@host> request system software add validate reboot

source/junos-install-ex92xx-x86-64-17.2R1.13-limited.tgz

Replace source with one of the following values:

/pathname—For a software package that is installed from a local directory on the router.

•

For software packages that are downloaded and installed from a remote location:

•

ftp://hostname/pathname

•

http://hostname/pathname

•

scp://hostname/pathname (available only for Canada and U.S. version)

•

The validate option validates the software package against the current configuration as a prerequisite to adding the software package to ensure that the router reboots successfully. This is the default behavior when the software package being added is a different release.

Adding the reboot command reboots the router after the upgrade is validated and installed. When the reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.

Rebooting occurs only if the upgrade is successful.

Upgrading an Aggregation Device with Redundant Routing Engines

If the aggregation device has two Routing Engines, perform a Junos OS installation on each Routing Engine separately to minimize disrupting network operations as follows:

1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the configuration change to both Routing Engines.

2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running software version on the master Routing Engine.

3. After making sure that the new software version is running correctly on the backup Routing Engine, switch over to the backup Routing Engine to activate the new software.

4. Install the new software on the original master Routing Engine that is now active as the backup Routing Engine.

For the detailed procedure, see the Installation and Upgrade Guide.

Preparing the Switch for Satellite Device Conversion

There are multiple methods to upgrade or downgrade satellite software in your Junos Fusion Enterprise. See Configuring or Expanding a Junos Fusion Enterprise.

For satellite device hardware and software requirements, see Understanding Junos Fusion Enterprise

Software and Hardware Requirements.

Use the following command to install Junos OS on a switch before converting it into a satellite device:

user@host> request system software add validate reboot source/package-name

NOTE: The following conditions must be met before a Junos switch that is running Junos OS

Release 17.2R1 can be converted to a satellite device when the action is initiated from the aggregation device:

The Junos switch can only be converted to SNOS 3.1 and higher.

•

The Junos switch must be either set to factory default configuration using the request system

•

zeroize command, or the following command must be included in the configuration: set chassis auto-satellite-conversion.

When the interim installation has completed and the switch is running a version of Junos OS that is compatible with satellite device conversion, perform the following steps:

1. Log in to the device using the console port.

2. Clear the device:

[edit] user@satellite-device# request system zeroize

NOTE: The device reboots to complete the procedure for resetting the device.

If you are not logged in to the device using the console port connection, your connection to the device is lost after you enter the request system zeroize command.

If you lose connection to the device, log in using the console port.

3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces from Virtual Chassis ports (VCPs) into network ports:

user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number

For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into network ports:

user@satellite-device>request virtual-chassis vc-port delete pic-slot 1 port 0 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 1 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 2 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 3

This step is required for the 40-Gbps QSFP+ interfaces that will be used as uplink interfaces in a Junos Fusion topology. Built-in 40-Gbps QSFP+ interfaces on EX4300 switches are configured into VCPs by default, and the default settings are restored after the device is reset.

After this initial preparation, you can use one of three methods to convert your switches into satellite devices—autoconversion, manual conversion, or preconfiguration. See Configuring or Expanding a Junos

Fusion Enterprise for detailed configuration steps for each method.

Converting a Satellite Device to a Standalone Switch

In the event that you need to convert a satellite device to a standalone device, you will need to install a new Junos OS software package on the satellite device and remove the satellite device from the Junos Fusion topology.

The following steps explain how to download software, remove the satellite device from the Junos Fusion, and install the Junos OS software image on the satellite device so that the device can operate as a standalone device.

1. Using a Web browser, navigate to the Junos OS software download URL on the Juniper Networks webpage:

https://www.juniper.net/support/downloads

2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.

3. Select By Technology > Junos Platform > Junos Fusion from the menu and select the switch platform series and model for your satellite device.

4. Select the software image for your platform. For satellite device software requirements, see

Understanding Junos Fusion Enterprise Software and Hardware Requirements.

5. Review and accept the End User License Agreement.

6. Download the software to a local host.

Copy the software to the routing platform or to your internal software distribution site.

7. Remove the satellite device from the automatic satellite conversion configuration.

[edit]

user@aggregation-device# delete chassis satellite-management auto-satellite-conversion

satellite member-number

For example, to remove member number 101 from the Junos Fusion:

[edit] user@aggregation-device# delete chassis satellite-management auto-satellite-conversion

satellite 101

You can check the automatic satellite conversion configuration by entering the show command at the [edit chassis satellite-management auto-satellite-conversion] hierarchy level.

8. Commit the configuration.

To commit the configuration to both Routing Engines:

[edit] user@aggregation-device# commit synchronize

To commit the configuration to a single Routing Engine:

[edit] user@aggregation-device# commit

9. Install Junos OS on the satellite device to convert the device to a standalone device.

[edit] user@aggregation-device> request chassis satellite install URL-to-software-package fpc-slot

member-number

For example, to install a software package stored in the /var/tmp directory on the aggregation device onto an EX4300 switch acting as the satellite device using FPC slot 102:

[edit] user@aggregation-device> request chassis satellite install

/var/tmp/jinstall-ex-4300-14.1X53-D35.3-domestic-signed.tgz fpc-slot 102

The satellite device stops participating in the Junos Fusion topology once the software installation starts. The software upgrade starts after this command is entered.

10. Wait for the reboot that accompanies the software installation to complete.

11. When you are prompted to log back in to your device, uncable the device from the Junos Fusion topology. See or Remove a Transceiver. Your device is removed from the Junos Fusion.

NOTE: The device uses a factory-default configuration after the Junos OS installation is

complete.

Upgrade and Downgrade Support Policy for Junos OS Releases

14.2, 15.1 and 16.1 are EEOL releases. You can upgrade from Junos OS Release 14.1 to Release 15.1 or

even from Junos OS Release 14.1 to Release 16.1. However, you cannot upgrade directly from a non-EEOL release that is more than three releases ahead or behind. For example, you cannot directly upgrade from Junos OS Release 12.1 (a non-EEOL release) to Junos OS Release 13.2 or directly downgrade from Junos OS Release 13.2 to Junos OS Release 12.1.

For more information on EEOL releases and to review a list of EEOL releases, see

https://www.juniper.net/support/eol/junos.html

Downgrading from Release 17.2

Junos Fusion Enterprise is first supported in Junos OS Release 16.1, although you can downgrade a standalone EX9200 switch to earlier Junos OS releases.

NOTE: It is not recommended to downgrade the aggregation device from 17.2R1 to 16.1 if there

are cluster satellite devices in the setup.

To downgrade a Junos Fusion Enterprise from Junos OS Release 17.2R1, you must first downgrade the satellite software version on the satellite devices.

1. Downgrade the satellite software on the satellite devices from 3.0R1 to 2.0R1:

user@aggregation-device> request system software add package-name no-validate upgrade-group

cluster1

For example, to downgrade the satellite software to 2.0R1:

user@aggregation-device> request system software add satellite-2.0R1-signed.tgz no-validate

upgrade-group cluster1

After the satellite devices are downgraded to satellite software, they will not show as being online until the aggregation device is downgraded to a compatible software version. To check software compatibility, see https://www.juniper.net/support/downloads/solutions/fusion/.

2. Downgrade the aggregation device. Follow the procedure for upgrading, but replace the 17.2 junos-install package with one that corresponds to the appropriate release.

NOTE: You cannot downgrade more than three releases.

For more information, see the Installation and Upgrade Guide.

SEE ALSO

New and Changed Features | 37

Changes in Behavior and Syntax | 39

Known Behavior | 40

Known Issues | 40

Resolved Issues | 41

Documentation Updates | 41

Product Compatibility | 50

Product Compatibility

IN THIS SECTION

Hardware and Software Compatibility | 50

Hardware Compatibility Tool | 50

Hardware and Software Compatibility

For a complete list of all hardware and software requirements for a Junos Fusion Enterprise, including which Juniper Networks devices function as satellite devices, see Understanding Junos Fusion Enterprise

Software and Hardware Requirements in the Junos Fusion Enterprise User Guide.

Hardware Compatibility Tool

For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms, see the Hardware Compatibility tool.

SEE ALSO

New and Changed Features | 37

Changes in Behavior and Syntax | 39

Known Behavior | 40

Known Issues | 40

Resolved Issues | 41

Documentation Updates | 41

Migration, Upgrade, and Downgrade Instructions | 42

Junos OS Release Notes for Junos Fusion Data Center

IN THIS SECTION

New and Changed Features | 51

Changes in Behavior and Syntax | 66

Known Behavior | 67

Known Issues | 68

Resolved Issues | 69

Documentation Updates | 69

Migration, Upgrade, and Downgrade Instructions | 70

Product Compatibility | 86

These release notes accompany Junos OS Release 17.2R1 for the Junos Fusion Data Center. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/software/junos/.

New and Changed Features

IN THIS SECTION

Junos Fusion Data Center | 52

Hardware | 53

Class of Service (CoS) | 53

High Availability (HA) and Resiliency | 53

Interfaces | 53

Layer 2 Protocols | 58

Layer 3 Protocols | 59

Multicast Protocols | 60

Network Management and Monitoring | 62

Routing Policy and Firewall Filters | 63

Storage | 63

Software Installation and Upgrade | 64

Software Licensing | 65

This section describes the new features and enhancements to existing features in Junos OS Release 17.2R1 for Junos Fusion Data Center.

Junos Fusion Data Center

Junos Fusion Data Center support (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1,

•

Junos Fusion Data Center support is available and brings the Junos Fusion technology to data center networks. Junos Fusion Data Center uses QFX10000 switches in the aggregation device role and allows data center networks to combine numerous switches into a single, port-dense system. The system is managed from a single point (the aggregation devices) and simplifies network topologies because Junos Fusion Data Center is viewed as a single device by the larger network. Junos Fusion Data Center supports the 802.1BR standard.

You can configure the following QFX10000 Series switches as an aggregation device in a Junos Fusion Data Center:

QFX10002 switches

•

You can configure the following switches as satellite devices:

QFX5100 switches—QFX5100-24Q-2P, QFX5100-48S-6Q, QFX5100-48SH-6Q, QFX5100-48T-6Q,

•

QFX5100-48TH-6Q, and QFX5100-96S-8Q

EX4300 switches—EX4300-24T, EX4300-32F, EX4300-48T, and EX4300-48T-BF

•

[See Junos Fusion Data Center Overview.]

Dual aggregation devices (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, you can

•

have two aggregation devices in a Junos Fusion Data Center topology to support dual homing from satellite devices.

To configure a dual aggregation device topology, specify a chassis, redundancy group name and ID, peer chassis ID, and interchassis link interface in a redundancy group. All other ICCP parameters are automatically configured as part of the Automatic ICCP Provisioning of an Interchassis Link feature, which is enabled by default.

[See Configuring the Dual Aggregation Device Topology .]

Hardware

New satellite device models (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, the new

•

QFX5100-48SH and QFX5100-TH switch models ship from the factory with preinstalled satellite software, allowing you to deploy them in a Junos Fusion Data Center in a plug-and-play manner.

[See QFX5100 Switch Hardware Guide.]

Class of Service (CoS)

Class of Service Support (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, Junos Fusion

•

Data Center supports the standard Junos class of service (CoS) features and operational commands in either a single or dual aggregation device configuration. Each extended port on a satellite device is a logical extension to the aggregation device. Therefore, the default CoS policy on the aggregation device applies to each extended port. You can also create standard CoS policies for extended ports.

A cascade port is a physical port or interface on an aggregation device that provides a connection to a satellite device. Port scheduling is supported on cascade ports. Junos Fusion technology reserves a separate set of queues with minimum bandwidth guarantees for in-band management traffic to protect against congestion caused by data traffic.

[See Understanding CoS in Junos Fusion Data Center.]

High Availability (HA) and Resiliency

Support for Virtual Routing Redundancy Protocol (Junos Fusion Data Center)—Starting in Junos OS

•

Release 17.2R1, Junos Fusion Data Center supports the Virtual Routing Redundancy Protocol (VRRP). You can configure VRRP on dual aggregation devices to provide a common gateway for the hosts connected to the satellite devices and to provide dynamic switchover from one aggregation device to another in the event of failure. Both aggregation devices share the virtual IP address and route upstream packets independently. For protocol control, one of the aggregation devices is elected as the master and the other is placed in the backup role. To configure basic VRRP support, configure VRRP groups on the aggregated interfaces by including the vrrp-group statement at the [edit interfaces interface-name unit logical-unit-number family inet address ip-address] hierarchy level.

[See Understanding VRRP.]

Interfaces

•

LACP support (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, LACP is supported on Junos Fusion Data Center. It provides the ability to bundle several physical interfaces to form one logical aggregated Ethernet interface. The LACP mode can be active or passive. The transmitting link is known as the actor, and the receiving link is known as the partner. If the actor and partner are both in passive mode, they do not exchange LACP packets, and the aggregated Ethernet links do not come up. If either the actor or partner is active, they do exchange LACP packets. By default, LACP is in passive mode on aggregated Ethernet interfaces. To initiate transmission of LACP packets and response to LACP packets, you must enable LACP active mode.

You can configure Ethernet links to actively transmit PDUs, or you can configure the links to passively transmit them, sending out LACP PDUs only when they receive them from another link

LACP is supported in single and dual aggregation device topologies.

[See Understanding Link Aggregation and Link Aggregation Control Protocol in a Junos Fusion.]

•

Increased number of aggregated Ethernet interfaces (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, you can configure up to 1,000 aggregated Ethernet interfaces for a Junos Fusion Data Center system. To configure, include the device-count statement with a value of 1000 at the [edit chassis aggregated-devices ethernet] hierarchy level and add member links in each bundle.

•

Automatic ICCP Provisioning of an Interchassis Link in a Junos Fusion (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, automatic ICCP provisioning of an interchassis link (ICL)

simplifies configuration of a Junos Fusion with dual aggregation devices by automatically provisioning the ICCP configuration within the Junos Fusion, instead of requiring the user to manually configure all ICCP parameters.

The configuration of the redundancy group in a Junos Fusion using dual aggregation devices still requires that you specify a chassis, redundancy group name and ID, peer chassis ID, and interchassis link interface as part of the configuration process. All other redundancy group parameters are now automatically set to default values that do not have to be user-configured for a dual aggregation device topology to operate.

Automatic ICCP Provisioning is enabled by default. If a user configures a redundancy group parameter that is set by default normally, the user configuration automatically overrides the default parameter. Automatic ICCP provisioning can be disabled by entering the no-auto-iccp-provisioning statement at the [edit chassis satellite-management redundancy-groups redundancy-group-name peer-chassis-id peer-chassis-id-number] hierarchy level.

[See Understanding Automatic ICCP Provisioning and Automatic VLAN Provisioning of an Interchassis

Link.]

Automatic VLAN Provisioning on an Interchassis Link in a Junos Fusion (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, automatic VLAN provisioning of an interchassis link (ICL)

simplifies configuration of a Junos Fusion with dual aggregation devices by allowing the ICL interconnecting the dual aggregation devices to automatically detect all VLAN traffic on the Junos Fusion and seamlessly forward VLAN information between the aggregation devices over the ICL.

When automatic VLAN Provisioning is disabled, you have to manually configure the supported VLANs on each ICL to ensure VLAN information is shared between aggregation devices.

Automatic VLAN Provisioning is enabled by default in a Junos Fusion Data Center, and can be disabled using the set chassis satellite-management redundancy-groups redundancy-group-name peer-chassis-id peer-chassis-id-number no-auto-vlan-provisioning statement.

Automatic VLAN Provisioning only works when the ICL is in trunk mode, and when the ICL interfaces are configured into unit 0 family ethernet-switching.

[See Understanding Automatic ICCP Provisioning and Automatic VLAN Provisioning of an Interchassis

Link.]

Configuration synchronization for MC-LAG (Junos Fusion Data Center)---Starting in Junos OS Release

•

17.2R1, Junos Fusion supports the ability to easily propagate, synchronize, and commit configurations from one MC-LAG peer to another MC-LAG peer. MC-LAG configuration synchronization enables you log into any one of the MC-LAG peers to manage both MC-LAG peers, thus having a single point of management. With MC-LAG configuration synchronization, you can use configuration groups to simplify the configuration process. For example, you can create configuration groups for the local MC-LAG peers, one for the remote MC-LAG peer, and one for the global configuration, which is essentially a configuration that is common to both MC-LAG peers. You can create conditional groups to specify when a configuration is synchronized with another MC-LAG peer. Additionally, you can include the peers-synchronize statement at the [edit system commit] hierarchy level to synchronize the configurations and commits across the MC-LAG peers by default. NETCONF over SSH provides a secure connection between the MC-LAG peers, and Secure Copy Protocol (SCP) copies the configurations securely between the MC-LAG peers.

•

Uplink port pinning (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, uplink port pinning allows traffic entering an extended port on a Junos Fusion Data Center to select which uplink port or ports are used to carry the traffic from the satellite device to the aggregation device. Uplink port pinning provides more deterministic traffic control by allowing you to select how traffic is forwarded from an extended port to an aggregation device.

When uplink port pinning is not enabled, traffic is forwarded from the satellite device to the aggregation device using all available uplink ports.

Uplink port pinning is configured in the following steps:

1. Create a forwarding policy in a satellite policy that includes an uplink port group by using the

port-group-extended and port-group-uplink statements.

2. Associate the uplink port group with an extended port by configuring a port group alias with the

port-group-alias statement.

3. Associate the forwarding policy with the Junos Fusion configuration using the forwarding-policy statement at the [edit chassis satellite-management] hierarchy level.

[See Understanding Remapping Uplink Traffic Flows on a Junos Fusion Data Center.]

Uplink failure detection (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, Junos Fusion

•

enables satellite devices to detect link failures on the uplink interfaces used to connect to aggregation

devices. When a host device is multihomed to two satellite devices, and one of the uplink interfaces goes down, the host device can redirect traffic through the other active satellite device. All of the extended ports configured on the satellite device with the uplink interface failure are shut down.

By default, UFD is disabled. To enable UFD for all satellite devices, include the uplink-failure-detection statement at the [edit chassis satellite-management] hierarchy level. To enable UFD for specific satellite devices, include the uplink-failure-detection statement at the [edit chassis satellite-management fpc] hierarchy level.

EX4300 and QFX5100 switches configured as satellite devices have a default set of uplink interfaces.Table 1 on page 56 shows the default set of uplink interfaces that UFD selects for failure detection:

Table 1: UFD Default Uplink Interfaces for Satellite Devices

Default Uplink InterfacesDevice Type

1/0 through 1/3 and 2/0 through 2/3EX4300-24T (4 ports each on PIC1 and PIC2)

EX4300-32F

PIC 0 ports 32-35

PIC 1 ports 0-1

PIC 2 ports 0-7

1/0 through 1/3 and 2/0 through 2/3EX4300-48T (4 ports each on PIC1 and PIC2)

1/0 through 1/3 and 2/0 through 2/3EX4300-48T-BF (4 ports each on PIC1 and PIC2)

PIC 0 ports 20-23QFX5100-24Q-2P

0/48 through 0/53QFX5100-48S-6Q or QFX5100-48SH-6Q (6 QSFP+ ports)

0/48 through 0/53QFX5100-48T-6Q or QFX5100-48TH-6Q (6 QSFP+ ports)

0/96 through 0/103QFX5100-96S-8Q (8 QSFP+ ports)

If you choose not to use the default set of uplinks for your satellite devices, you need to specify which uplink interfaces you want to use for UFD. To apply UFD to an uplink interface, include the ufd-default-policy statement at the [edit chassis satellite-management uplink-failure-detection] hierarchy level. You also need to configure the UFD policy. For example:

[edit policy-options] satellite-policy {

candidate-uplink-port-profile {

ufd-default-policy {

term qfx5100 {

product-model QFX5100*; uplink-port-group uplink-ports;

}

} } port-group-alias {

uplink-ports {

pic 0 {

port [1, 2]; } pic 1 {

port [3,4]; }

}

[See Overview of Uplink Failure Detection on a Junos Fusion.]

Supported port types (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, Junos Fusion

•

Data Center supports the following port types:

Cascade port—Provides a connection to a satellite device. Cascade ports on an aggregation device

•

connect to uplink ports on the satellite device.

Uplink port—Provides a connection to an aggregation device. Uplink ports on a satellite device connect

•

to cascade ports on the aggregation device.

Extended port—Provides a connection to servers or endpoints. Extended ports are the physical

•

interfaces of the satellite devices. The satellite devices appear as additional FPCs on the aggregation device in a Junos Fusion topology, and extended ports appear as additional interfaces to be managed by the aggregation device.

ICL port—Provides a connection between aggregation devices to support a dual-homed topology. ICL

•

interfaces must be configured.

[See Understanding Junos Fusion Ports.]

Enhanced interface commands (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, Junos

•

Fusion Data Center provides information for extended ports and uplink ports on satellite devices through operational mode commands and output. Extended port names include the extended FPC slot number, PIC slot, and port number. For example, a 10-Gigabit Ethernet extended port number might be xe-125/1/8, where 125 is the FPC slot number, 1 is the physical interface card (PIC) slot, and 8 is the extended port number.

The following commands have been enhanced to display the extended ports and uplink ports by using either the slot or the alias. Additionally, you can now use the keyword satellite to view information about the satellite device ports:

show interfaces satellite-device (all | alias)

•

show interfaces extensive satellite-device (all | alias)

•

show interfaces terse satellite-device (all | alias)

•

Layer 2 Protocols

Local switching on satellite devices (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1,

•

you can enable local Layer 2 switching at the satellite device level. In local switching mode, all bridging traffic for which the source and destination port are local to a satellite device is forwarded by that satellite device based on the destination MAC address. Each satellite device maintains only the local destination MAC addresses that are directly connected to the device in the bridge forwarding table. Any unknown MAC address on the satellite device is forwarded to the aggregation device for forwarding. To configure a satellite device in a Junos Fusion Data Center into local switching mode, include the local-switching statement at the [edit forwarding-options satellite fpc fpc-slot-number] hierarchy level on the aggregation device, where fpc-slot-number is the FPC slot ID of the satellite device.

[See Configuring Local Switching on Junos Fusion Data Center.]

•

VLAN autosensing (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, VLAN autosensing allows extended ports on satellite devices to provision VLANs dynamically, as needed, to preserve the VLAN memory of the aggregation device with no or minimal impact to the forwarding of VLAN traffic in the Junos Fusion.

You configure VLAN autosensing from the aggregation device on a per-extended port basis by including the vlan-auto-sense statement at the [edit interfaces interface-name unit logical-unit-number family ethernet-switching] hierarchy level, where interface-name is the name of the extended port interface.

For example, to enable VLAN autosensing on extended port xe-101/0/0:

[edit] user@aggregation-device# set interfaces xe-101/0/0 unit 0 family ethernet-switching

vlan-auto-sense

Configuration notes for VLAN Auto Sensing:

VLAN auto sensing is supported on extended ports only.

•

Only single VLAN tagged packets are auto sensed.

•

[See Understanding VLAN Autosensing.]

Loop detection on extended ports (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1,

•

you can configure a Junos Fusion Data Center system to detect and break loops of unicast traffic on downstream extended ports without configuring spanning tree protocols. Typically, the loops are caused by either miswiring or by misconfiguration. Loop detection transmits special protocol data units (PDUs) periodically, and if a PDU is received on an extended port, the loop is detected and broken. Loop detection blocks the ingress port and issues a loop detection PDU error. When a port is blocked, you need to manually bring up the interface. Loop detection only responds to detect PDUs, not BPDUs.

[See Understanding Loop Detection and Prevention on a Junos Fusion.]

Link Layer Discovery Protocol (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, Link

•

Layer Discovery Protocol (LLDP) is supported in a Junos Fusion Data Center. Link Layer Discover Protocol (LLDP) allows network devices to advertise their capabilities, identity, and other information onto a LAN. In a Junos Fusion topology, the LLDP protocol running on the satellite port is used for satellite device discovery and also works as a simple hello protocol between the satellite and aggregation devices to establish a two-way adjacency and detect remote-end failures.

[See Understanding LLDP and LLDP-MED on Junos Fusion.]

MAC address synchronization (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1,

•

aggregation devices synchronize MAC addresses that are learned on the extended ports.

[See Understanding MAC Address Synchronization in a Junos Fusion.]

VSTP Enhancements (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, VSTP is supported

•

on a QFX10000 switch acting as a single-homed aggregation device. The VSTP configuration can include native ports or extended ports in a Junos Fusion Data Center.

Loop detection with BPDU guard on VSTP edge ports (Junos Fusion Data Center)—Starting in Junos

•

OS Release 17.2R1, Junos Fusion Data Center supports bridge protocol data unit (BPDU) protection for VLAN Spanning Tree Protocol (VSTP) on extended ports in a dual aggregation device topology. You can configure an extended port as a VSTP edge interface, and configure BPDU protection on the interface using the bpdu-block-on-edge statement. The exchange of BPDUs generated by VSTP prevents loops in network traffic by determining which interfaces block traffic and which interfaces forward traffic. If a BPDU is received on an edge interface with BPDU guard, VSTP will detect a loop and shutdown the interface. Other interfaces in the VLAN remain intact. To clear the interface for forwarding, issue the clear error bpdu interface command.

[See bpdu-block-on-edge.]

Layer 3 Protocols

Support for Layer 3 protocols (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, the

•

following routing protocols supported on QFX10000 switches have been extended to the satellite devices in a Junos Fusion Data Center topology.

You can configure the following Layer 3 routing protocols on satellite device extended ports using a single aggregation device topology:

BGP

•

BGP for IPv6

•

IS-IS

•

IS-IS for IPv6

•

OSPF

•

OSPF version 3

•

Multicast Protocols

Local egress replication for VLAN flooding (Junos Fusion Data Center)—Starting in Junos OS Release

•

17.2R1, for a Junos Fusion topology with dual aggregation devices, you can enable egress replication (local replication) using the local-replication statement at the [edit forwarding-options satellite] hierarchy level. Local replication helps distribute packet replication load and reduce traffic on cascade ports for multicast and flooded VLAN traffic. When local replication is enabled, packet replication behavior for VLAN flooding is as follows:

The aggregation device sends one copy of the packet to each satellite device that has extended ports

•

in the VLAN.

The satellite device does replication for each local port in the VLAN.

•

Use the show ethernet-switching flood satellite and show ethernet-switching flood next-hops satellite commands to view local replication information for flooded VLAN traffic.

[See Egress Multicast Replication on the Satellite Devices.]

Egress replication for Layer 2 multicast with IGMP Snooping (Junos Fusion Data Center)—Starting in

•

Junos OS Release 17.2R1, egress multicast replication, also called local replication, is supported for Junos Fusion topologies featuring dual aggregation devices. You can optionally configure local replication for all satellite devices by including the local-replication statement at the [edit forwarding-options satellite] hierarchy level. For Layer 2 multicast traffic with IGMP snooping configured and local replication enabled, the aggregation device sends only one copy of the packet to each satellite device that has an extended port in the multicast group, and the satellite device does the replication for its local ports that are members of the multicast group. When local replication is not enabled, Junos Fusion defaults to ingress replication, where all replication is done on the aggregation devices and sent to corresponding satellite devices for each extended port receiving the multicast traffic.

Use the following commands to display local replication information:

show ethernet-switching satellite device

•

show multicast ecid-mapping satellite

•

show multicast next-hops satellite

•

show multicast snooping next-hops satellite

•

show multicast snooping route satellite

•

show multicast statistics satellite

•

show multicast summary satellite

•

Local replication is not compatible with port mirroring, VLAN ID tagging policies, and VPN configurations, and does not take effect (reverts to ingress replication behavior) for IPv6 traffic or Multicast Listener Discovery (MLD) snooping.

[See Egress Multicast Replication on the Satellite Devices.]

Egress replication for Layer 3 multicast IRB interface traffic (Junos Fusion Data Center)—Starting in

•

Junos OS Release 17.2R1, for a Junos Fusion topology with dual aggregation devices, you can enable egress multicast replication (also called local replication) using the local-replication statement at the [edit forwarding-options satellite] hierarchy level. Local replication helps distribute multicast packet replication load and reduce traffic on cascade ports, including for Layer 3 multicast traffic being routed between VLANs on IRB interfaces. When local replication is enabled, Layer 3 multicast packet replication behavior is as follows:

The aggregation device replicates the data for each IRB interface in the multicast group, and sends

•

copies to each satellite device with member ports—one copy for each VLAN where the satellite device has destination extended ports in the VLAN.

Each receiving satellite device replicates the data for its local extended ports in the multicast group

•

for each VLAN.

Local replication is not compatible with interfaces that use VLAN ID tagging policies that add processing overhead to forward egress traffic.

[See Egress Multicast Replication on the Satellite Devices.]

Multicast convergence improvements using enhanced PIM dual designated router mode for dual

•

aggregation devices (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, enhanced PIM dual designated router mode is supported to improve multicast convergence time on a Junos Fusion with dual aggregation devices in the event of designated router (DR) failure and recovery. You can optionally enable this feature by including the dual-dr enhanced statement at the [edit protocols pim interface interface-name] hierarchy level. With enhanced PIM dual designated router mode enabled, although only one aggregation device is the primary device actively forwarding multicast traffic, both devices join the multicast tree and receive multicast data. As a result, if the primary aggregation device fails, the other aggregation device quickly takes over multicast replication and forwarding. You can enable this feature with egress multicast replication (local replication).

[See Understanding Multicast Convergence Enhancements for Dual Aggregation Devices in a Junos

Fusion.]

Support for multicast protocols (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, many

•

of the multicast protocols supported on QFX10000 switches have been extended to the satellite devices in a Junos Fusion topology. You can configure the following multicast protocols on satellite device extended ports:

IGMP

•

MLD

•

PIM source-specific multicast (SSM)

•

PIM sparse mode

•

Network Management and Monitoring

Local port mirroring (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, Junos Fusion

•

Data Center supports local port mirroring. Port mirroring copies packets entering or exiting a port or entering a VLAN and sends the copies to a local interface for local monitoring. You can use local port mirroring to troubleshoot and monitor applications. You can mirror packets per port, and you can configure the source and mirror ports on the same satellite device.

[See Understanding Remapping Uplink Traffic Flows on a Junos Fusion Data Center.]

Analyzers on extended ports (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, you

•

can use port mirroring (analyzers) on extended ports on satellite devices in a Junos Fusion Data Center. Extended-port port mirroring copies packets entering or exiting a port or entering a VLAN and sends the copies to a VLAN for remote monitoring. Use port mirroring to send traffic to applications that analyze traffic for purposes such as monitoring compliance, enforcing policies, detecting intrusions, monitoring and predicting traffic patterns, correlating events, and so on. When a port is ingress-mirrored, any packet received on that port is mirrored to the user-configured destination. When a port is egress-mirrored, any packet transmitted from that port is mirrored to your configured port-mirroring destination.

In Junos Fusion Data Center, you can use analyzers on extended ports for these purposes:

Mirror aggregation device ports to extended ports

•

Mirror extended ports to extended ports

•

Mirror extended ports to aggregation device ports

•

[See Understanding Port Mirroring on a Junos Fusion Data Center.]

Junos Space Service Now (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, Junos

•

Fusion Data Center uses Service Now for failure event reporting. Service Now is an application that runs on the Junos Space Network Management Platform to automate fault management and accelerate issue resolution.

[See Junos Space Service Now User Guide.]

Chassis MIB support (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, satellite devices

•

in a Junos Fusion topology are represented in the chassis MIB. Satellite devices are represented as FPC slots (100, 101,102,..) in the aggregation device. The support is enabled using a range of container

indexes, which enable the SNMP process to redirect SNMP requests to the chassis process or SPMD based on the first index entry.

The following tables have been implemented for satellite devices:

jnxContainersTable

•

jnxContentsTable

•

jnxFilledTable

•

jnxOperatingTable

•

jnxFRUTable

•

These tables have an index consisting of four entries–CIDX, L1, L2, and L3–where CIDX is the container index, L1 is the level-1 index (slot), L2 is the level-2 index (component within the L1 slot), and L3 is the level-3 index (subcomponent of the L2 slot). For example, an entry of 104.101.2.0 would indicate CIDX 104 is the index for fans and refers to the second fan of satellite device 100 (all indexes are 1-based). The CIDX indexes for Junos Fusion are offset by 100 from regular indexes; for example, a regular CIDX 2 (power supply) is 102 for the power supply of the satellite device. Using these indexes, you can distinguish the satellite device hardware from the aggregation device hardware.

Chassis MIB support is available in single and dual aggregation device topologies.

[See Chassis MIB Support (Junos Fusion).]

Routing Policy and Firewall Filters

Flow-based uplink selection (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1 on Junos

•

Fusion Data Center, you can configure flow-based uplink selection for satellite devices to achieve better utilization of network resources. To remap specified elephant flows from satellite devices to aggregation devices, you program remapping on all or specific satellite devices to override the default 5-tuple hashing and then distribute those specified flows across uplinks toward aggregation devices. You define specific flows by using flow-based firewall filters statements, and those flows are sent to the uplink port or ports that you define.

[See Understanding Remapping Uplink Traffic Flows on a Junos Fusion Data Center.]

Storage

Support for DCBX (Junos Fusion Data Center) — Starting in Junos OS 17.2R1, Junos Fusion Data Center

•

supports Data Center Bridging Capability Exchange Protocol (DCBX), including both DCBX v1.01 and IEEE DCBX. The Junos Fusion Data Center aggregation and satellite devices function as a single logical DCBX capable switch. Configuration for DCBX on Junos Fusion Data Center is performed on the aggregation device and is the same as on a standalone device.

The satellite device acts as a proxy for relaying DCBX messages from the aggregation device to the peer. In a dual-aggregation device setup, the satellite device automatically coordinates DCBX messages from both aggregation devices to relay to the peer, keeping the Junos Fusion Data Center appearing as a single device.

[See Understanding DCBX.]

Support for PFC (Junos Fusion Data Center) — Starting in Junos OS 17.2R1, Junos Fusion Data Center

•

supports priority-based flow control (PFC) for Fibre Channel over Ethernet (FCoE) traffic. The Junos Fusion Data Center aggregation and satellite devices function as a single logical device. Configuration for PFC on Junos Fusion Data Center is performed on the aggregation device and is the same as on a standalone device.

[See Example: Configuring CoS PFC for FCoE Traffic.]

Software Installation and Upgrade

Upgrading and managing the satellite software on satellite devices (Junos Fusion Data Center)—Starting

•

in Junos OS Release 17.2R1, Junos Fusion provides the ability to manage satellite software. To convert a standalone switch to a satellite device, you can use one of the following methods:

Autoconversion—Automatically converts a standalone device into a satellite device when it is cabled

•

to a cascade port on the aggregation device.

Manual conversion—Installs the satellite software manually from the aggregation device when you

•

issue the request chassis satellite interface interface-name device-mode satellite command.

Preconversion—Installs satellite software onto a device before connecting it to a Junos Fusion topology.

•

After you convert the switch to a satellite device, you can install satellite software upgrades onto a satellite device through the aggregation device.

NOTE: Before you can save satellite software images on a QFX10002 switch acting as an

aggregation device, you must issue a one-time command to expand the storage capacity. To expand the storage area on the aggregation device, issue the request system storage user-disk

expand command.

Satellite software upgrade groups are often needed to install satellite software. A satellite software upgrade group is a group of satellite devices that are designated to upgrade to the same satellite software version using the same satellite software package. When you add a satellite to an upgrade group that is not running the same satellite software, the satellite device is automatically updated to the version of satellite software associated with the upgrade group.

You can use the following commands to add and associate a satellite software version with an upgrade group:

request system software add upgrade-group—Add the satellite software and associate it with the

•

specified upgrade group.

request system software delete upgrade-group—Remove the satellite software association from the

•

specified upgrade group.

request system software rollback upgrade-group—Associate an upgrade group with a previous version

•

of satellite software.

You can issue the show chassis satellite software command to see which software images are stored on the aggregation device and which upgrade groups are associated with the software images.

[See Understanding Software in a Junos Fusion Data Center.]

Software Licensing

•

Licensing model (Junos Fusion Data Center)—Starting with Junos OS Release 17.2R1, you need to install a Junos Fusion license in addition to any other feature licenses that you install to track and activate the following models that are shipped with satellite software. These models can only be used as satellite devices:

QFX5100-48SH-AFO

•

QFX5100-48SH-AFI

•

QFX5100-48TH-AFO

•

QFX5100-48TH-AFI

•

NOTE: You do not need Junos Fusion licenses for satellite device models that were purchased

as Junos OS-based top-of-rack switches.

You install these licenses on the aggregation device. Because the configurations are synchronized between aggregation devices, you only need to purchase one license and install it on one aggregation device regardless of whether you deploy a single or dual aggregation device topology. You can purchase a single-pack license to activate one satellite device, or you can purchase a multipack license to activate multiple satellite devices.

The following Junos Fusion Data Center SKUs are available for purchase:

QFX10K-C1-JFS-1

•

QFX10K-C1-JFS-4

•

QFX10K-C1-JFS-8

•

QFX10K-C1-JFS-16

•

QFX10K-C1-JFS-32

•

QFX10K-C1-JFS-64

•

You can issue the request system add license, request system license delete, and request system license save commands to manage your licenses. You can also issue the show system license command to

display license information.

[See Understanding Junos Fusion Licenses.]

SEE ALSO

Changes in Behavior and Syntax | 66

Known Behavior | 67

Known Issues | 68

Resolved Issues | 69

Documentation Updates | 69

Migration, Upgrade, and Downgrade Instructions | 70

Product Compatibility | 86

Changes in Behavior and Syntax

This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands in Junos OS Release 17.2R1 or later for Junos Fusion Data Center.

Junos Fusion

Change in Junos Fusion operational mode syntax (Junos Fusion Data Center)—Starting in Junos OS

•

Release 17.2R1, the slot-id option has been replaced by fpc-slot in commands such as show chassis satellite and show chassis environment satellite. The slot-id option, although hidden, remains a valid

option to provide backward compatibility for previous versions of Junos Fusion.

SEE ALSO

New and Changed Features | 51

Known Behavior | 67

Known Issues | 68

Resolved Issues | 69

Documentation Updates | 69

Migration, Upgrade, and Downgrade Instructions | 70

Product Compatibility | 86

Known Behavior

This section lists known behavior, system maximums, and limitations in hardware and software in Junos OS Release 17.2R1 for Junos Fusion Data Center.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Junos Fusion Data Center

When a QFX10002 switch functions as an aggregation device in a Junos Fusion Data Center topology,

•

it only supports cascade port-based slot assignments for satellite devices. In addition, any change in the configuration for a cascade port connected to a satellite device is treated as a catastrophic event and results in the deletion of any related interface state (including the extended ports), which is rebuilt after a period of time. The following additional restrictions also apply:

You cannot configure dual-homed satellite device extended ports as pure Layer 3 interfaces. As a

•

result, family inet and family inet6 are not supported on dual-homed extended ports.

If the ICL interface goes down, traffic loss will occur. As a workaround, we recommend you configure

•

the ICL interface over an aggregated Ethernet interface with multiple links in the bundle to prevent single-point failures that would cause the ICL interface to shut down.

On a Junos Fusion Data Center, configuring the following options for CoS forwarding class sets (fc-sets)

•

incorrectly triggers a syslog message but does not result in any commit errors:

Priority of strict-high and normal (strict-high mixed with (low and high) queue) mixed in a single fc-set.

•

Total number of strict-high fc-sets configured is more than 1.

•

Transmit rate or guaranteed rate is configured on strict-high fc.

•

If the incorrect configuration is applied and the aggregation device is restarted, COSD does not start, and the CoS configuration is not sent to PFE. The system will be in an inconsistent state.

SEE ALSO

New and Changed Features | 51

Changes in Behavior and Syntax | 66

Known Issues | 68

Resolved Issues | 69

Documentation Updates | 69

Migration, Upgrade, and Downgrade Instructions | 70

Product Compatibility | 86

Known Issues

This section lists the known issues in hardware and software in Junos OS Release 17.2R1 for Junos Fusion Data Center.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Junos Fusion

There are no known issues in this release.

SEE ALSO

New and Changed Features | 51

Changes in Behavior and Syntax | 66

Known Behavior | 67

Resolved Issues | 69

Documentation Updates | 69

Migration, Upgrade, and Downgrade Instructions | 70

Product Compatibility | 86

Resolved Issues

IN THIS SECTION

Resolved Issues: 17.2R1 | 69

This section lists the issues fixed in the Junos OS Release 17.2R1 for Junos Fusion Data Center.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Resolved Issues: 17.2R1

There are no issues resolved in this release.

SEE ALSO

New and Changed Features | 51

Changes in Behavior and Syntax | 66

Known Behavior | 67

Known Issues | 68

Documentation Updates | 69

Migration, Upgrade, and Downgrade Instructions | 70

Product Compatibility | 86

Documentation Updates

This section lists the errata or changes in Junos OS Release 17.2R1 for Junos Fusion Data Center documentation.

There are no errata and changes in the current Junos Fusion Data Center documentation.

•

SEE ALSO

New and Changed Features | 51

Changes in Behavior and Syntax | 66

Known Behavior | 67

Known Issues | 68

Resolved Issues | 69

Migration, Upgrade, and Downgrade Instructions | 70

Product Compatibility | 86

Migration, Upgrade, and Downgrade Instructions

IN THIS SECTION

Basic Procedure for Upgrading an Aggregation Device | 71

Preparing the Switch for Satellite Device Conversion | 72

Autoconverting a Switch into a Satellite Device | 75

Manually Converting a Switch into a Satellite Device | 78

Configuring a Switch into a Satellite Device Before Connecting It to a Junos Fusion Topology | 80

Configuring Satellite Device Upgrade Groups | 81

Converting a Satellite Device to a Standalone Device | 82

Upgrade and Downgrade Support Policy for Junos OS Releases | 85

Downgrading from Release 17.2R1 | 85

This section contains the procedure to upgrade Junos OS, and the upgrade and downgrade policies for Junos OS for Junos Fusion Data Center. Upgrading or downgrading Junos OS can take several hours, depending on the size and configuration of the network.

NOTE: For the latest information concerning which hardware and software to select for your

Junos Fusion system, see Junos Fusion Hardware and Software Compatibility.

Basic Procedure for Upgrading an Aggregation Device

When upgrading or downgrading Junos OS, always use the jinstall package. Use other packages (such as the jbundle package) only when so instructed by a Juniper Networks support representative. For information about the contents of the jinstall package and details of the installation process, see the Installation and

Upgrade Guide.

NOTE: Before upgrading, back up the file system and the currently active Junos OS configuration

so that you can recover to a known, stable environment in case the upgrade is unsuccessful. Issue the following command:

user@host> request system snapshot

The download and installation process for Junos OS Release 17.2R1 is different from previous Junos OS releases.

1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:

https://www.juniper.net/support/downloads/

2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.

3. Select By Technology > Junos Platform > Junos Fusion to access the Junos Fusion Hardware and Software Compatibility page.

4. Click on the Junos Fusion Data Center (QFX10000) title to expand the list of supported releases.

5. Click on the release number (the software version that you want to download) from the list.

6. Select the aggregation device software package for the release.

7. Review and accept the End User License Agreement.

8. Download the software to a local host.

9. Copy the software to the routing platform or to your internal software distribution site.

10. Install the new jinstall package on the aggregation device.

NOTE: We recommend that you upgrade all software packages out of band using the console

because in-band connections are lost during the upgrade process.

For customers in the United States, Canada, and worldwide, use the following command.

user@host> request system software add reboot

source/jinstall-host-qfx-10-f-x86-64-17.2R1.13-secure-signed.tgz

Replace source with one of the following values:

/pathname—For a software package that is installed from a local directory on the router.

•

For software packages that are downloaded and installed from a remote location:

•

ftp://hostname/pathname

•

http://hostname/pathname

•

scp://hostname/pathname (available only for Canada and U.S. version)

•

Rebooting occurs only if the upgrade is successful.

NOTE: After you install a Junos OS Release 17.2R1 jinstall package, you cannot issue the request

system software rollback command to return to the previously installed software. Instead you

must issue the request system software add validate command and specify the jinstall package that corresponds to the previously installed software.

Preparing the Switch for Satellite Device Conversion

Satellite devices in a Junos Fusion topology use a satellite software package that is different from the standard Junos OS software package. Before you can install the satellite software package on a satellite device, you first need to upgrade the target switch to an interim Junos OS software version that can be

converted to satellite software. Table 2 on page 73 shows a support matrix that maps Junos OS software used in aggregation devices to the compatible preconverted switch software and satellite device software.

Table 2: Aggregation Device Junos OS Software Compatibility with Satellite Software

Satellite Device Software VersionSwitch Version (preconversion)Aggregation Device Version

Junos OS Release 17.2R1

later

3.1R1Junos OS Release 14.1X53-D43 or

Customers with EX4300 switches, use the following command:

user@host> request system software add reboot

source/jinstall-ex-4300-14.1X53-D43.7-domestic-signed.tgz

Customers with QFX5100 switches, use the following command:

user@host> request system software add reboot

source/jinstall-qfx-5-14.1X53-D43.7-domestic-signed.tgz

When the interim installation has completed and the switch is running a version of Junos OS that is compatible with satellite device conversion, perform the following steps:

1. Log in to the device using the console port.

2. Clear the device and set it to a factory-default state:

[edit] user@satellite-device# request system zeroize

NOTE: The device reboots to complete the procedure for resetting the device.

If you are not logged in to the device using the console port connection, your connection to the device is lost after entering the request system zeroize command.

If you lose your connection to the device, log in using the console port.

As an alternative, you can include the auto-satellite-conversion statement at the [edit chassis] hierarchy level on the target satellite device.

3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces from Virtual Chassis ports (VCPs) into network ports:

user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number

For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into network ports:

After this initial preparation, you can use one of three methods to convert your switches into satellite devices—autoconversion, manual conversion, and preconfiguration.

Autoconverting a Switch into a Satellite Device

Use this procedure to automatically configure a switch into a satellite device when it is cabled into the aggregation device.

You can use the autoconversion procedure to add one or more satellite devices to your Junos Fusion topology. The autoconversion procedure is especially useful when you are adding multiple satellite devices to Junos Fusion, because it allows you to easily configure the entire topology before or after cabling the satellite devices to the aggregation devices.

Before you begin:

Ensure that your aggregation device is running Junos OS Release 17.2R1 or later, and that the satellite

•

devices are running Junos OS Release 14.1X53-D43 or later.

To autoconvert a switch into a satellite device:

1. Cable a link between the aggregation device and the satellite device, if desired.

NOTE: You can cable the aggregation device to the satellite device at any point in this

procedure.

When the aggregation device is cabled to the satellite device during this procedure, the process for converting a switch into a satellite device to finalize this process occurs immediately.

If the aggregation device is not cabled to the satellite device, the process for converting a switch into a satellite device to finalize this process starts when the satellite device is cabled to the aggregation device.

2. Log in to the aggregation device.

3. Configure the cascade ports.

For example, to configure interface xe-0/0/1 on the aggregation device into a cascade port:

[edit] user@aggregation-device# set interfaces xe-0/0/1 cascade-port

4. Associate an FPC slot ID with each satellite device.

Examples:

To configure the FPC slot ID of the satellite device that is connected to xe-0/0/1 to 101:

•

[edit]

user@aggregation-device# set chassis satellite-management fpc 101 cascade-ports xe-0/0/1

To map FPC slot ID 101 to the satellite device using the serial number ABCDEFGHIJKL:

•

[edit] user@aggregation-device# set chassis satellite-management fpc 101 serial-number

ABCDEFGHIJKL

To map FPC slot ID to the satellite device using MAC address 12:34:56:AB:CD:EF:

•

[edit] user@aggregation-device# set chassis satellite-management fpc 110 system-id

12:34:56:AB:CD:EF

5. (Recommended) Configure an alias name for the satellite device:

[edit] user@aggregation-device# set chassis satellite-management fpc slot-id alias alias-name

where slot-id is the FPC slot ID of the satellite device defined in the previous step, and alias-name is the alias.

For example, to configure the satellite device numbered 101 as qfx5100-48s-1:

[edit] user@aggregation-device# set chassis satellite-management fpc 101 alias qfx5100-48s-1

6. Configure an FPC slot ID into a software upgrade group.

For example, to add a satellite device with FPC number 101 to an existing software group named group1, or create a software upgrade group named group1 and add a satellite device with FPC slot 101 to the group:

[edit] user@aggregation-device# set chassis satellite-management upgrade-group group1 satellite

101

If you are creating a new software upgrade group in this step, you also need to associate the group with a satellite software image. You can skip this final step if the software upgrade group has been created and an association already exists.

Before associating a satellite software image with a satellite software group, the configuration with the satellite software upgrade group must be committed:

[edit] user@satellite-device# commit

After committing the configuration, associate a satellite software image named satellite-3.1R1.3-signed.tgz to the upgrade group named group1:

user@aggregation-device> request system software add /var/tmp/satellite-3.1R1.3-signed.tgz

upgrade-group group1

NOTE: Before you can save satellite software images on a QFX10002 switch acting as an

aggregation device, you must issue a one-time command to expand the storage capacity. To expand the storage area on the aggregation device, issue the request system storage user-disk

expand command.

7. Enable automatic satellite conversion:

[edit] user@aggregation-device# set chassis satellite-management auto-satellite-conversion satellite

slot-id

For example, to automatically convert FPC 101 into a satellite device:

[edit] user@aggregation-device# set chassis satellite-management auto-satellite-conversion satellite

101

8. Commit the configuration:

[edit] user@aggregation-device# commit

The satellite software upgrade on the satellite device begins after this final step is completed, or after you cable the satellite device to a cascade port using automatic satellite conversion if you have not already cabled the satellite device to the aggregation device.

After the satellite software update, the switch operates as a satellite device in the Junos Fusion topology

Manually Converting a Switch into a Satellite Device

Use this procedure to manually convert a switch into a satellite device after cabling it into the Junos Fusion topology.

This procedure should be used to convert a switch that is not currently acting as a satellite device into a satellite device. A switch might not be recognized as a satellite device for several reasons, including that the device was not previously autoconverted into a satellite device or that the switch had previously been reverted from a satellite device to a standalone switch.

Before you begin:

Ensure that your aggregation device is running Junos OS Release 17.2R1 or later, and that the switches

•

that will become satellite devices are running Junos OS Release 14.1X53-D43 or later.

To manually convert a switch into a satellite device:

1. Cable a link between the aggregation device and the satellite device.

2. Log in to the aggregation device.

3. Configure the link on the aggregation device into a cascade port, if you have not done so already.

For example, to configure interface xe-0/0/1 on the aggregation device into a cascade port:

[edit] user@aggregation-device# set interfaces xe-0/0/1 cascade-port

4. Associate an FPC slot ID with the satellite device.

Examples:

To configure the FPC slot ID of the satellite device that is connected to xe-0/0/1 to 101:

•

[edit] user@aggregation-device# set chassis satellite-management fpc 101 cascade-ports xe-0/0/1

To map FPC slot ID 101 to the satellite device using the serial number ABCDEFGHIJKL:

•

[edit] user@aggregation-device# set chassis satellite-management fpc 101 serial-number

ABCDEFGHIJKL

To map FPC slot ID to the satellite device using MAC address 12:34:56:AB:CD:EF:

•

[edit]

user@aggregation-device# set chassis satellite-management fpc 110 system-id

12:34:56:AB:CD:EF

5. Configure the interface on the aggregation device into a software upgrade group.

For example, to add a satellite device with FPC number 101 to an existing software group named group1, or create a software upgrade group named group1 and add a satellite device configured with FPC number 101 to the group:

[edit] user@aggregation-device# set chassis satellite-management upgrade-group group1 satellite

101

Before associating a satellite software image with a satellite software group, the configuration with the satellite software upgrade group must be committed:

[edit] user@satellite-device# commit

After committing the configuration, associate a satellite software image named satellite-3.1R1.3-signed.tgz to the upgrade group named group1:

user@aggregation-device> request system software add /var/tmp/satellite-3.1R1.3-signed.tgz

upgrade-group group1

NOTE: Before you can save satellite software images on a QFX10002 switch acting as an

aggregation device, you must issue a one-time command to expand the storage capacity. To expand the storage area on the aggregation device, issue the request system storage user-disk

expand command.

6. Manually configure the switch into a satellite device:

user@aggregation-device> request chassis satellite interface interface-name device-mode

satellite

For example, to manually configure the switch that is connecting the satellite device to interface xe-0/0/1 on the aggregation device into a satellite device:

user@aggregation-device> request chassis satellite interface xe-0/0/1 device-mode satellite

The satellite software upgrade on the satellite device begins after this final step is completed.

After the satellite software update, the switch operates as a satellite device in the Junos Fusion topology

Configuring a Switch into a Satellite Device Before Connecting It to a Junos Fusion Topology

Use this procedure to install the satellite software onto a switch before interconnecting it into a Junos Fusion topology as a satellite device. Installing the satellite software on a switch before interconnecting it to a Junos Fusion topology allows you to more immediately deploy the switch as a satellite device by avoiding the downtime associated with the satellite software installation procedure for Junos Fusion.

Before you begin:

Ensure that your switch that will become a satellite device is running Junos OS Release 14.1X53-D43

•

or later.

Ensure that you have copied the satellite software onto the device that will become a satellite device.

•

NOTE: Ensure there is sufficient space available in the /var/tmp directory to be able to copy

the software to the switch (especially for EX4300 switches). If there is not enough memory available, issue the request system storage cleanup command on the device before attempting to perform the conversion.

In satellite software release 3.1R1, a satellite-ppc-3.1R1.3-signed.tgz package is included specifically for converting Junos OS to satellite on EX4300 to address a EX4300 switch space issue. The satellite-ppc package is to be used only for configuring a switch into a satellite device before connecting it to a Junos Fusion topology.

1. You can manually install the satellite software onto a switch by entering the following command:

user@satellite-device> request chassis device-mode satellite URL-to-satellite-software

For instance, to install the satellite software package satellite-3.1R1.3-signed.tgz stored in the /var/tmp/ directory on the switch:

user@satellite-device> request chassis device-mode satellite

/var/tmp/satellite-3.1R1.3-signed.tgz

To install satellite software onto a QFX5100 switch, use the satellite-3.1R1.3-signed.tgz satellite

•

software package.

To install satellite software onto a EX4300 switch, use the satellite-ppc-3.1R1.3-signed.tgz satellite

•

software package.

2. The device will reboot to complete the satellite software installation.

After the satellite software is installed, follow this procedure to connect the switch into a Junos Fusion topology:

1. Log in to the aggregation device.

2. Configure the link on the aggregation device into a cascade port, if you have not done so already.

For example, to configure interface xe-0/0/1 on the aggregation device into a cascade port:

[edit] user@aggregation-device# set interfaces xe-0/0/1 cascade-port

3. Configure the satellite switch into a satellite software upgrade group that is using the same version of satellite software that was manually installed onto the switch.

This step is advisable, but not always required. Completing this step ensures that the satellite software on your device is upgraded to the version of satellite software associated with the satellite software upgrade group when the satellite device connects to the aggregation device.

4. Commit the configuration.

[edit] user@aggregation-device# commit

5. Cable a link between the aggregation device and the satellite device.

Configuring Satellite Device Upgrade Groups

To simplify the upgrade process for multiple satellite devices, you can create a software upgrade group at the aggregation device, assign satellite devices to the group, and install the satellite software on a groupwide basis.

To create a software upgrade group and assign satellite devices to the group, include the satellite statement at the [edit chassis satellite-management upgrade-groups upgrade-group-name] hierarchy level.

To configure a software upgrade group and assign satellite devices to the group:

1. Log in to the aggregation device.

2. Create the software upgrade group, and add the satellite devices to the group.

[edit]

user@aggregation-device# set chassis satellite-management upgrade-groups

upgrade-group-name satellite satellite-member-number-or-range

upgrade-group-name is the name of the upgrade group, and the satellite-member-number-or-range is the member numbers of the satellite devices that are being added to the upgrade group. If you enter an existing upgrade group name as the upgrade-group-name, you add new satellite devices to the existing software upgrade group.

For example, to create a software upgrade group named group1 that includes all satellite devices numbered 101 through 120, configure the following:

[edit]

user@aggregation-device# set chassis satellite-management upgrade-groups group1 satellite

101-120

To install, remove, or roll back a satellite software version on an upgrade group, issue the following operational mode commands:

request system software add upgrade-group group-name—Install the satellite software on all members

•

of the specified upgrade group.

request system software delete upgrade-group group-name—Remove the satellite software association

•

from the specified upgrade group.

request system software rollback upgrade-group group-name—Associate an upgrade group with a

•

previous version of satellite software.

Customers installing satellite software on EX4300 and QFX5100 switches referenced in a software upgrade group, use the following command:

user@aggregation-device> request system software add upgrade-group group-name

source/satellite-3.1R1.3-signed.tgz

A copy of the satellite software is saved on the aggregation device. When you add a satellite device to an upgrade group that is not running the same satellite software version, the new satellite device is automatically updated to the version of satellite software that is associated with the upgrade group.

You can issue the show chassis satellite software command to see which software images are stored on the aggregation device and which upgrade groups are associated with the software images.

Converting a Satellite Device to a Standalone Device

In the event that you need to convert a satellite device to a standalone device, you will need to install a new Junos OS software package on the satellite device and remove it from the Junos Fusion topology.

NOTE:

If the satellite device is an EX4300 switch, you install a standard, signed jinstall-ex-4300 version

•

of Junos OS.

The QFX5100-48SH and QFX5100-48TH models are shipped from the factory with satellite

•

device software. You cannot convert these models to become a standalone device.

If the satellite device is a QFX5100 switch that can be converted to a standalone device, you

•

need to install a signed PXE version of Junos OS. The PXE version of Junos OS is the software that includes pxe in the Junos OS package name when you download it from the Software Center. For example, the PXE software package for Junos OS Release 14.1X53-D43 is named install-media-pxe-qfx-5-14.1X53D43.7-signed.tgz.

Before you install a signed PXE software package on a QFX5100 switch acting as a satellite

•

device, you must first prepare the switch in one of two ways:

Issue the request system zeroize command to revert the device to a factory-default state.

•

Configure the device by including the auto-satellite-conversion statement at the [edit chassis]

•

hierarchy level.

The following steps explain how to download software, remove the satellite device from Junos Fusion, and install the Junos OS software image on the satellite device so that the device can operate as a standalone device.

1. Using a Web browser, navigate to the Junos OS software download URL on the Juniper Networks webpage:

https://www.juniper.net/support/downloads

2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.

3. Select By Technology > Junos Platform > Junos Fusion to access the Junos Fusion Hardware and Software Compatibility page.

4. Click on the Junos Fusion Data Center (QFX10000) title to expand the list of supported releases.

5. Click on the Junos OS release number associated with the aggregation device from the list.

6. Select the PXE device software package for your satellite device platform.

7. Review and accept the End User License Agreement.

8. Download the software to a local host.

9. Copy the software to the device or to your internal software distribution site.

10. Remove the satellite device from the automatic satellite conversion configuration.

If automatic satellite conversion is enabled for the satellite device’s member number, remove the member number from the automatic satellite conversion configuration. The satellite device’s member number is the same as the FPC slot ID. You can check the automatic satellite conversion configuration by entering the show command at the [edit chassis satellite-management auto-satellite-conversion] hierarchy level.

[edit] user@aggregation-device# delete chassis satellite-management auto-satellite-conversion

satellite member-number

For example, to remove member number 101 from Junos Fusion:

[edit] user@aggregation-device# delete chassis satellite-management auto-satellite-conversion

satellite 101

11. Commit the configuration.

[edit] user@aggregation-device# commit

12. Install the Junos OS software on the satellite device to convert the device to a standalone device.

[edit] user@aggregation-device> request chassis satellite install URL-to-software-package fpc-slot

member-number

For example, to install a PXE software package stored in the /var/tmp directory on the aggregation device onto a QFX5100 switch acting as the satellite device using FPC slot 101:

[edit] user@aggregation-device> request chassis satellite install

/var/tmp/install-media-pxe-qfx-5-14.1X53D43.7-domestic-signed.tgz fpc-slot 101

For example, to install a software package stored in the var/tmp directory on the aggregation device onto an EX4300 switch acting as the satellite device using FPC slot 101:

[edit]

user@aggregation-device> request chassis satellite install

/var/tmp/jinstall-ex-4300-14.1X53D43.7-domestic-signed.tgz fpc-slot 101

The satellite device stops participating in the Junos Fusion topology once the software installation starts. The software upgrade starts after this command is entered.

13. Wait for the reboot that accompanies the software installation to complete.

14. When you are prompted to log back into your device, uncable the device from the Junos Fusion topology. See Removing a Transceiver from a QFX Series Device or Remove a Transceiver, as needed. Your device has been removed from Junos Fusion.

NOTE: The device uses a factory default configuration after the Junos OS installation is

complete.

Upgrade and Downgrade Support Policy for Junos OS Releases

14.2, 15.1 and 16.1 are EEOL releases. You can upgrade from Junos OS Release 14.1 to Release 15.1 or

even from Junos OS Release 14.1 to Release 16.1. However, you cannot upgrade directly from a non-EEOL release that is more than three releases ahead or behind.

For more information about EEOL releases and to review a list of EEOL releases, see

https://www.juniper.net/support/eol/junos.html.

Downgrading from Release 17.2R1

To downgrade from Release 17.2 to another supported release, follow the procedure for upgrading, but replace the 17.2 jinstall package with one that corresponds to the appropriate downgrade release.

NOTE: You cannot downgrade more than three releases.

For more information, see the Installation and Upgrade Guide.

SEE ALSO

New and Changed Features | 51

Changes in Behavior and Syntax | 66

Known Behavior | 67

Known Issues | 68

Resolved Issues | 69

Documentation Updates | 69

Product Compatibility | 86

Product Compatibility

IN THIS SECTION

Hardware Compatibility | 86

Hardware Compatibility

To obtain information about the components that are supported on the devices, and special compatibility guidelines with the release, see the Hardware Guides for the devices used in your Junos Fusion Data Center topology.

To determine the features supported on Junos Fusion devices, use the Juniper Networks Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature information to find the right software release and hardware platform for your network. Find Feature Explorer at:

https://pathfinder.juniper.net/feature-explorer/

SEE ALSO

New and Changed Features | 51

Changes in Behavior and Syntax | 66

Known Behavior | 67

Known Issues | 68

Resolved Issues | 69

Documentation Updates | 69

Migration, Upgrade, and Downgrade Instructions | 70

Junos OS Release Notes for Junos Fusion Provider Edge

IN THIS SECTION

New and Changed Features | 88

Changes in Behavior and Syntax | 89

Known Behavior | 90

Known Issues | 90

Resolved Issues | 91

Documentation Updates | 91

Migration, Upgrade, and Downgrade Instructions | 92

Product Compatibility | 100

These release notes accompany Junos OS Release 17.2R1 for the Junos Fusion Provider Edge. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/software/junos/.

New and Changed Features

IN THIS SECTION

Class of Service (CoS) | 88

Junos Fusion | 88

This section describes the new features and enhancements to existing features in Junos OS Release 17.2R1 for Junos Fusion Provider Edge.

Class of Service (CoS)

Per-unit scheduler support on extended ports (Junos Fusion Provider Edge) — Beginning with Junos

•

OS 17.2R1, Junos Fusion Provider Edge supports per-unit schedulers on extended ports. To support per-unit scheduling on an extended port, all cascade ports on the aggregation device for that extended port must have a queueing chip. Aggregated Ethernet (AE) ports support per-unit schedulers, but all AE member ports must be on the same satellite device. To enable per-unit scheduling on an extended port, enable the per-unit-scheduler option at the [edit interfaces interface-name] hierarchy level for the extended port.

[See Understanding CoS on an MX Series Aggregation Device in Junos Fusion.]

Hierarchical CoS support on extended ports (Junos Fusion Provider Edge) — Beginning with Junos OS

•

17.2R1, Junos Fusion Provider Edge supports hierarchical CoS (interface set-level scheduling) on extended ports. To support hierarchical CoS on an extended port, all cascade ports on the aggregation device for that extended port must have a queueing chip. Aggregated Ethernet (AE) ports support hierarchical schedulers, but all AE member ports must be on the same satellite device. To enable hierarchical CoS on an extended port, enable the hierarchical-scheduler option at the [edit interfaces interface-name] hierarchy level for the extended port.

[See Understanding CoS on an MX Series Aggregation Device in Junos Fusion.]

Junos Fusion

Support for selective VLAN local switching—Starting in Junos OS Release 17.2R1, Junos Fusion Provider

•

Edge supports local switching on a service level. When you configure selective VLAN local switching on satellite devices, the other VLANs will continue to follow the default forwarding behavior. Use the selective-vlan-switching option for the routing instance at the [edit forwarding-options satellite fpc

slot] hierarchy level to enable selective VLAN local switching for a particular satellite device.

Support for an ingress policer—Starting in Junos OS Release 17.2R1, Junos Fusion Provider Edge supports

•

the use of an ingress policer to filter incoming traffic at the extended port level. This feature supports a two-color policer that allows you to limit the traffic that is received on an interface. You can configure the Layer 2 ingress policer by using the input-policer statement at the [edit interfaces interface-name layer2-policer] hierarchy level.

SEE ALSO

Changes in Behavior and Syntax | 89

Known Behavior | 90

Known Issues | 90

Resolved Issues | 91

Documentation Updates | 91

Migration, Upgrade, and Downgrade Instructions | 92

Product Compatibility | 100

Changes in Behavior and Syntax

There are no changes in default behavior and syntax for Junos Fusion Provider Edge in Junos OS Release

17.2R1.

SEE ALSO

New and Changed Features | 88

Known Behavior | 90

Known Issues | 90

Resolved Issues | 91

Documentation Updates | 91

Migration, Upgrade, and Downgrade Instructions | 92

Product Compatibility | 100

Known Behavior

There are no known behaviors, system maximums, and limitations in hardware and software in Junos OS Release 17.2R1 for Junos Fusion Provider Edge.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

SEE ALSO

New and Changed Features | 88

Changes in Behavior and Syntax | 89

Known Issues | 90

Resolved Issues | 91

Documentation Updates | 91

Migration, Upgrade, and Downgrade Instructions | 92

Product Compatibility | 100

Known Issues

There are no known issues in the Junos OS Release 17.2R1 for Junos Fusion Provider Edge.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

SEE ALSO

New and Changed Features | 88

Changes in Behavior and Syntax | 89

Known Behavior | 90

Resolved Issues | 91

Documentation Updates | 91

Migration, Upgrade, and Downgrade Instructions | 92

Product Compatibility | 100

Resolved Issues

There are no fixed issues in the Junos OS Release 17.2R1 for Junos Fusion Provider Edge.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

SEE ALSO

New and Changed Features | 88

Changes in Behavior and Syntax | 89

Known Behavior | 90

Known Issues | 90

Documentation Updates | 91

Migration, Upgrade, and Downgrade Instructions | 92

Product Compatibility | 100

Documentation Updates

There are no errata or changes in Junos OS Release 17.2R1 for Junos Fusion Provider Edge documentation.

SEE ALSO

New and Changed Features | 88

Changes in Behavior and Syntax | 89

Known Behavior | 90

Known Issues | 90

Resolved Issues | 91

Migration, Upgrade, and Downgrade Instructions | 92

Product Compatibility | 100

Migration, Upgrade, and Downgrade Instructions

IN THIS SECTION

Basic Procedure for Upgrading an Aggregation Device | 92

Upgrading an Aggregation Device with Redundant Routing Engines | 94

Preparing the Switch for Satellite Device Conversion | 95

Converting a Satellite Device to a Standalone Device | 96

Upgrading an Aggregation Device | 98

Upgrade and Downgrade Support Policy for Junos OS Releases | 99

Downgrading from Release 17.2 | 99

This section contains the procedure to upgrade Junos OS, and the upgrade and downgrade policies for Junos OS for Junos Fusion Provider Edge. Upgrading or downgrading Junos OS might take several hours, depending on the size and configuration of the network.

Basic Procedure for Upgrading an Aggregation Device

Upgrade Guide.

NOTE: Before upgrading, back up the file system and the currently active Junos OS configuration

so that you can recover to a known, stable environment in case the upgrade is unsuccessful. Issue the following command:

user@host> request system snapshot

The download and installation process for Junos OS Release 16.1R1 and later is different that for earlier Junos OS releases.

1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:

https://www.juniper.net/support/downloads/

2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.

3. Select By Technology > Junos Platform > Junos Fusion to access the Junos Fusion Hardware and Software Compatibility page.

4. Click on the Junos Fusion MX Series (Provider Edge) title to expand the list of supported releases.

5. Click on the release number (the software version that you want to download) from the list.

6. Select the aggregation device software package for the release.

7. Review and accept the End User License Agreement.

8. Download the software to a local host.

9. Copy the software to the routing platform or to your internal software distribution site.

10. Install the new jinstall package on the aggregation device.

NOTE: We recommend that you upgrade all software packages out-of-band using the console,

because in-band connections are lost during the upgrade process.

For 64-bit software:

•

NOTE: We highly recommend that you see 64-bit Junos OS software when implementing

Junos Fusion Provider Edge.

user@host> request system software add validate reboot source/<package-name>

For example:

user@host> request system software add validate reboot

source/junos-install-mx-x86-64-17.2R1.9-signed.tgz

For 32-bit software:

•

user@host> request system software add validate reboot source/<package-name>

For example:

user@host> request system software add validate reboot

source/junos-install-mx-x86-32-17.2R1.9-signed.tgz

Replace source with one of the following values:

/pathname—For a software package that is installed from a local directory on the router.

•

For software packages that are downloaded and installed from a remote location:

•

ftp://hostname/pathname

•

http://hostname/pathname

•

scp://hostname/pathname (available only for the Canada and U.S. version)

•

The validate option validates the software package against the current configuration as a prerequisite for adding the software package to ensure that the router reboots successfully. This is the default behavior when the software package being added is for a different release.

Rebooting occurs only if the upgrade is successful.

NOTE: After you install a Junos OS Release 17.2R1 jinstall package, you cannot return to the

previously installed software by issuing the request system software rollback command. Instead, you must issue the request system software add validate command and specify the jinstall package that corresponds to the previously installed software.

Upgrading an Aggregation Device with Redundant Routing Engines

If the aggregation device has two Routing Engines, perform a Junos OS installation on each Routing Engine separately as follows to minimize disrupting network operations:

1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the configuration change to both Routing Engines.

2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running software version on the master Routing Engine.

3. After making sure that the new software version is running correctly on the backup Routing Engine, switch over to the backup Routing Engine to activate the new software.

4. Install the new software on the original master Routing Engine that is now active as the backup Routing Engine.

For the detailed procedure, see the Installation and Upgrade Guide.

Preparing the Switch for Satellite Device Conversion

Satellite devices in a Junos Fusion topology use a satellite software package that is different from the standard Junos OS software package. Before you can install the satellite software package on a satellite device, you first need to upgrade the target satellite device to an interim Junos OS software version that can be converted to satellite software. For satellite device hardware and software requirements, see

Understanding Junos Fusion Software and Hardware Requirements

Customers with EX4300 switches, use the following command:

user@host> request system software add validate reboot

source/jinstall-ex-4300-14.1X53-D43.7-domestic-signed.tgz

Customers with QFX5100 switches, use the following command:

user@host> request system software add validate reboot

source/jinstall-qfx-5-14.1X53-D43.7-domestic-signed.tgz

When the interim installation has completed and the switch is running a version of Junos OS that is compatible with satellite device conversion, perform the following steps:

1. Log in to the device using the console port.

2. Clear the device:

[edit] user@satellite-device# request system zeroize

NOTE: The device reboots to complete the procedure for resetting the device.

If you are not logged in to the device using the console port connection, your connection to the device is lost after you enter the request system zeroize command.

If you lose your connection to the device, log in using the console port.

3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces from Virtual Chassis ports (VCPs) into network ports:

user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number

For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into network ports:

After this initial preparation, you can use one of three methods to convert your switches into satellite devices—autoconversion, manual conversion, and preconfiguration. See Configuring Junos Fusion Provider

Edge for detailed configuration steps for each method.

Converting a Satellite Device to a Standalone Device

NOTE: If the satellite device is a QFX5100 switch, you need to install a PXE version of Junos

OS. The PXE version of Junos OS is software that includes pxe in the Junos OS package name when it is downloaded from the Software Center—for example, the PXE image for Junos OS Release 14.1X53-D30 is named install-media-pxe-qfx-5-14.1X53-D43.3-signed.tgz . If the satellite device is an EX4300 switch, you install a standard jinstall-ex-4300 version of Junos OS.

1. Using a Web browser, navigate to the Junos OS software download URL on the Juniper Networks webpage:

https://www.juniper.net/support/downloads

2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.

3. Select By Technology > Junos Platform > Junos Fusion from the drop-down list and select the switch platform series and model for your satellite device.

4. Select the Junos OS Release 14.1X53-D30 software image for your platform.

5. Review and accept the End User License Agreement.

6. Download the software to a local host.

7. Copy the software to the routing platform or to your internal software distribution site.

8. Remove the satellite device from the automatic satellite conversion configuration.

[edit] user@aggregation-device# delete chassis satellite-management auto-satellite-conversion

satellite member-number

For example, to remove member number 101 from Junos Fusion:

[edit] user@aggregation-device# delete chassis satellite-management auto-satellite-conversion

satellite 101

You can check the automatic satellite conversion configuration by entering the show command at the [edit chassis satellite-management auto-satellite-conversion] hierarchy level.

9. Commit the configuration.

To commit the configuration to both Routing Engines:

[edit] user@aggregation-device# commit synchronize

Otherwise, commit the configuration to a single Routing Engine:

[edit] user@aggregation-device# commit

10. Install the Junos OS software on the satellite device to convert the device to a standalone device.

[edit] user@aggregation-device> request chassis satellite install URL-to-software-package fpc-slot

member-number

For example, to install a PXE software package stored in the /var/tmp directory on the aggregation device onto a QFX5100 switch acting as the satellite device using FPC slot 101:

[edit] user@aggregation-device> request chassis satellite install

/var/tmp/install-media-pxe-qfx-5-14.1X53-D43.3-signed.tgz fpc-slot 101

For example, to install a software package stored in the var/tmp directory on the aggregation device onto an EX4300 switch acting as the satellite device using FPC slot 101:

[edit] user@aggregation-device> request chassis satellite install

/var/tmp/jinstall-ex-4300-14.1X53-D30.3-domestic-signed.tgz fpc-slot 101

The satellite device stops participating in the Junos Fusion topology once the software installation starts. The software upgrade starts after this command is entered.

11. Wait for the reboot that accompanies the software installation to complete.

12. When you are prompted to log back into your device, uncable the device from the Junos Fusion topology. See Removing a Transceiver from a QFX Series Device or Remove a Transceiver, as needed. Your device has been removed from Junos Fusion.

NOTE: The device uses a factory-default configuration after the Junos OS installation is

complete.

Upgrading an Aggregation Device

When you upgrade an aggregation device to Junos OS Release 17.2R1, you must also upgrade your satellite device to Satellite Device Software version 3.1R3.

Upgrade and Downgrade Support Policy for Junos OS Releases

14.2, 15.1 and 16.1 are EEOL releases. You can upgrade from Junos OS Release 14.1 to Release 15.1 or

For more information about EEOL releases and to review a list of EEOL releases, see

https://www.juniper.net/support/eol/junos.html.

Downgrading from Release 17.2

To downgrade from Release 17.2 to another supported release, follow the procedure for upgrading, but replace the 17.2 jinstall package with one that corresponds to the appropriate release.

NOTE: You cannot downgrade more than three releases.

For more information, see the Installation and Upgrade Guide.

SEE ALSO

New and Changed Features | 88

Changes in Behavior and Syntax | 89

Known Behavior | 90

Known Issues | 90

Resolved Issues | 91

Documentation Updates | 91

Product Compatibility | 100

Product Compatibility

IN THIS SECTION

Hardware Compatibility | 100

Hardware Compatibility

To obtain information about the components that are supported on the devices, and special compatibility guidelines with the release, see the Hardware Guide and the Interface Module Reference for the product.

100

To determine the features supported on MX Series devices in this release, use the Juniper Networks Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature information to find the right software release and hardware platform for your network. See the Feature

Explorer.

Hardware Compatibility Tool

For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms, see the Hardware Compatibility tool.

SEE ALSO

New and Changed Features | 88

Changes in Behavior and Syntax | 89

Known Behavior | 90

Known Issues | 90

Resolved Issues | 91

Documentation Updates | 91

Migration, Upgrade, and Downgrade Instructions | 92

Junos OS Release 17.2R1 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Contents

Introduction

Junos OS Release Notes for ACX Series

New and Changed Features

Hardware

Interfaces and Chassis

Management

Network Management and Monitoring

Operation, Administration, and Maintenance (OAM)

Routing Protocols

Software Installation and Upgrade

Timing and Synchronization

Changes in Behavior and Syntax

Interfaces and Chassis

Management

Known Behavior

High Availability (HA) and Resiliency

Known Issues

Layer 2 Features

Resolved Issues

Documentation Updates

Migration, Upgrade, and Downgrade Instructions

Upgrade and Downgrade Support Policy for Junos OS Releases

Product Compatibility

Hardware Compatibility

Hardware Compatibility Tool

Junos OS Release Notes for EX Series Switches

New and Changed Features

Authentication, Authorization and Accounting (AAA) (RADIUS)

EVPNs

Layer 3 Features

Management

Multicast

Network Management and Monitoring

System Management

Changes in Behavior and Syntax

IP Tunneling

Management

Known Behavior

High Availability (HA) and Resiliency

Known Issues

General Routing

High Availability (HA) and Resiliency

Infrastructure

Junos Fusion Enterprise

Platform and Infrastructure

Virtual Chassis

Resolved Issues

Resolved Issues:17.2R1

Interfaces and Chassis

Network Management and Monitoring

Platform and Infrastructure

Port Security

Routing Protocols

Documentation Updates

Migration, Upgrade, and Downgrade Instructions

Upgrade and Downgrade Support Policy for Junos OS Releases

Product Compatibility

Hardware Compatibility

Hardware Compatibility Tool

Junos OS Release Notes for Junos Fusion Enterprise

New and Changed Features

Interfaces and Chassis

Layer 2 Features

Changes in Behavior and Syntax

Known Behavior

Known Issues

Resolved Issues

Documentation Updates

Migration, Upgrade, and Downgrade Instructions

Basic Procedure for Upgrading Junos OS on an Aggregation Device

Upgrading an Aggregation Device with Redundant Routing Engines

Preparing the Switch for Satellite Device Conversion

Converting a Satellite Device to a Standalone Switch

Upgrade and Downgrade Support Policy for Junos OS Releases

Downgrading from Release 17.2