Junos OS Release 17.2R2 User Manual
Release Notes: Junos®OS Release 17.2R2 for
the ACX Series, EX Series, MX Series, NFX
Series, PTX Series, QFX Series, and Junos
Fusion
1
3 September 2020
Contents
Introduction | 10
Junos OS Release Notes for ACX Series | 10
New and Changed Features | 11
Release 17.2R2 New and Changed Features | 12
Release 17.2R1 New and Changed Features | 12
Changes in Behavior and Syntax | 14
General Routing | 15
Interfaces and Chassis | 15
Management | 15
Known Behavior | 16
High Availability (HA) and Resiliency | 16
Known Issues | 17
Layer 2 Features | 17
Resolved Issues | 18
Resolved Issues: 17.2R2 | 18
Resolved Issues: 17.2R1 | 18
Documentation Updates | 18
Migration, Upgrade, and Downgrade Instructions | 19
Upgrade and Downgrade Support Policy for Junos OS Releases | 19
Product Compatibility | 20
Hardware Compatibility | 20
Junos OS Release Notes for EX Series Switches | 21
New and Changed Features | 22
Release 17.2R2 New and Changed Features | 23
Release 17.2R1 New and Changed Features | 23
Changes in Behavior and Syntax | 26
General Routing | 27
IP Tunneling | 27
Management | 27
Known Behavior | 28
High Availability (HA) and Resiliency | 28
Known Issues | 29
General Routing | 29
2
High Availability (HA) and Resiliency | 29
Interfaces and Chassis | 30
Junos Fusion Enterprise | 30
Layer 2 Features | 30
Platform and Infrastructure | 30
User Interface and Configuration | 31
Virtual Chassis | 31
Resolved Issues | 31
Resolved Issues: 17.2R2 | 32
Resolved Issues: 17.2R1 | 34
Documentation Updates | 35
Migration, Upgrade, and Downgrade Instructions | 35
Upgrade and Downgrade Support Policy for Junos OS Releases | 36
Product Compatibility | 36
Hardware Compatibility | 37
Junos OS Release Notes for Junos Fusion Data Center | 37
New and Changed Features | 38
Release 17.2R2 New and Changed Features | 38
Release 17.2R1 New and Changes Features | 38
Changes in Behavior and Syntax | 53
Junos Fusion | 53
Known Behavior | 53
Junos Fusion Data Center | 54
Known Issues | 55
Junos Fusion | 55
Resolved Issues | 55
Resolved Issues: 17.2R2 | 56
Resolved Issues: 17.2R1 | 56
Documentation Updates | 56
3
Migration, Upgrade, and Downgrade Instructions | 57
Basic Procedure for Upgrading an Aggregation Device | 57
Preparing the Switch for Satellite Device Conversion | 59
Autoconverting a Switch into a Satellite Device | 62
Manually Converting a Switch into a Satellite Device | 65
Configuring a Switch into a Satellite Device Before Connecting It to a Junos Fusion
Topology | 68
Configuring Satellite Device Upgrade Groups | 69
Converting a Satellite Device to a Standalone Device | 70
Upgrade and Downgrade Support Policy for Junos OS Releases | 73
Downgrading from Release 17.2 | 73
Product Compatibility | 74
Hardware Compatibility | 74
Junos OS Release Notes for Junos Fusion Enterprise | 75
New and Changed Features | 76
Release 17.2R2 New and Changed Features | 76
Release 17.2R1 New and Changed Features | 76
Changes in Behavior and Syntax | 78
Known Behavior | 78
Junos Fusion Enterprise | 78
Known Issues | 79
Resolved Issues | 79
Resolved Issues: 17.2R2 | 80
Resolved Issues: 17.2R1 | 80
Documentation Updates | 81
Migration, Upgrade, and Downgrade Instructions | 81
Basic Procedure for Upgrading Junos OS on an Aggregation Device | 81
Upgrading an Aggregation Device with Redundant Routing Engines | 83
Preparing the Switch for Satellite Device Conversion | 84
Converting a Satellite Device to a Standalone Switch | 85
Upgrade and Downgrade Support Policy for Junos OS Releases | 87
Downgrading from Release 17.2 | 88
Product Compatibility | 89
Hardware and Software Compatibility | 89
4
Hardware Compatibility Tool | 89
Junos OS Release Notes for Junos Fusion Provider Edge | 90
New and Changed Features | 90
Release 17.2R2 New and Changed Features | 91
Release 17.2R1 New and Changed Features | 91
Changes in Behavior and Syntax | 92
Known Behavior | 92
Known Issues | 93
Resolved Issues | 93
Resolved Issues: 17.2R2 | 94
Resolved Issues: 17.2R1 | 94
Documentation Updates | 94
Migration, Upgrade, and Downgrade Instructions | 95
Basic Procedure for Upgrading an Aggregation Device | 95
Upgrading an Aggregation Device with Redundant Routing Engines | 98
Preparing the Switch for Satellite Device Conversion | 98
Converting a Satellite Device to a Standalone Device | 100
Upgrading an Aggregation Device | 102
Upgrade and Downgrade Support Policy for Junos OS Releases | 102
Downgrading from Release 17.2 | 102
Product Compatibility | 103
Hardware Compatibility | 103
Junos OS Release Notes for MX Series 5G Universal Routing Platforms | 104
New and Changed Features | 105
Release 17.2R2 New and Changed Features | 105
Release 17.2R1 New and Changed Features | 106
Changes in Behavior and Syntax | 135
Class of Service (CoS) | 136
EVPNs | 136
Forwarding and Sampling | 136
General Routing | 138
High Availability (HA) and Resiliency | 138
Interfaces and Chassis | 138
IP Tunneling | 141
5
Management | 141
MPLS | 142
Network Management and Monitoring | 142
Routing Protocols | 144
Services Applications | 145
Subscriber Management and Services | 145
User Interface and Configuration | 147
VPNs | 148
Known Behavior | 148
Flow-Based Packet Based Processing | 149
General Routing | 149
High Availability (HA) and Resiliency | 149
Network Management and Monitoring | 150
Interfaces and Chassis | 150
Software Defined Networking (SDN) | 150
Subscriber Management and Services | 150
User Interface and Configuration | 151
Known Issues | 152
Class of Service (CoS) | 152
Forwarding and Sampling | 153
General Routing | 153
High Availability (HA) and Resiliency | 155
Infrastructure | 155
Interfaces and Chassis | 155
Layer 2 Ethernet Services | 156
Layer 2 Features | 156
MPLS | 156
Network Management and Monitoring | 157
Platform and Infrastructure | 157
Routing Protocols | 158
Services Applications | 159
Subscriber Access Management | 159
Resolved Issues | 159
Resolved Issues: 17.2R2 | 160
6
Resolved Issues: 17.2R1 | 170
Documentation Updates | 176
Subscriber Management Access Network Guide | 177
Subscriber Management Provisioning Guide | 177
Migration, Upgrade, and Downgrade Instructions | 178
Basic Procedure for Upgrading to Release 17.2 | 179
Procedure to Upgrade to FreeBSD 10.x based Junos OS | 179
Procedure to Upgrade to FreeBSD 6.x based Junos OS | 181
Upgrade and Downgrade Support Policy for Junos OS Releases | 183
Upgrading a Router with Redundant Routing Engines | 184
Downgrading from Release 17.2 | 184
Product Compatibility | 185
Hardware Compatibility | 185
Junos OS Release Notes for NFX Series | 186
New and Changed Features | 186
Release 17.2R2 New and Changed Features | 187
Release 17.2R1 New and Changed Features | 187
Changes in Behavior and Syntax | 191
Known Behavior | 192
Juniper Device Manager | 192
Known Issues | 193
Infrastructure | 193
IPSec | 193
Juniper Device Manager | 193
Junos Control Plane | 195
vSRX | 196
Resolved Issues | 197
Resolved Issues: 17.2R2 | 197
Resolved Issues: 17.2R1 | 197
Documentation Updates | 198
Migration, Upgrade, and Downgrade Instructions | 198
Upgrade and Downgrade Support Policy for Junos OS Releases | 199
Basic Procedure for Upgrading to Release 17.2 | 199
Product Compatibility | 202
7
Hardware Compatibility | 203
Junos OS Release Notes for PTX Series Packet Transport Routers | 203
New and Changed Features | 204
Release 17.2R2 New and Changed Features | 205
Release 17.2R1 New and Changed Features | 205
Changes in Behavior and Syntax | 222
Forwarding and Sampling | 223
General Routing | 223
Interfaces and Chassis | 223
Management | 224
Network Management and Monitoring | 225
Routing Protocols | 226
Known Behavior | 226
Hardware | 227
High Availability (HA) and Resiliency | 227
Known Issues | 228
General Routing | 228
Platform and Infrastructure | 229
Routing Protocols | 229
Resolved Issues | 230
Resolved Issues: 17.2R2 | 230
Resolved Issues: 17.2R1 | 231
Documentation Updates | 232
Migration, Upgrade, and Downgrade Instructions | 232
Basic Procedure for Upgrading to Release 17.2 | 232
Upgrade and Downgrade Support Policy for Junos OS Releases | 235
Upgrading Using Unified ISSU | 236
Upgrading a Router with Redundant Routing Engines | 236
Product Compatibility | 237
Hardware Compatibility | 237
Junos OS Release Notes for the QFX Series | 238
New and Changed Features | 238
Release 17.2R2 New and Changed Features | 239
8
Release 17.2R1 New and Changed Features | 239
Changes in Behavior and Syntax | 258
Class of Service (CoS) | 259
General Routing | 259
Interfaces and Chassis | 259
Management | 260
Routing Protocols | 262
Virtual Chassis | 262
Known Behavior | 263
EVPNs | 264
High Availability (HA) and Resiliency | 264
Interfaces and Chassis | 264
Virtual Chassis | 264
Known Issues | 265
High Availability (HA) and Resiliency | 265
Interfaces and Chassis | 265
Layer 2 Features | 266
Network Management and Monitoring | 266
Platform and Infrastructure | 267
Routing Protocols | 267
Virtual Chassis | 267
Resolved Issues | 268
Resolved Issues: 17.2R2 | 268
Resolved Issues: 17.2R1 | 271
Documentation Updates | 272
Migration, Upgrade, and Downgrade Instructions | 273
Upgrading Software on QFX Series Switches | 273
Installing the Software on QFX10002 Switches | 275
Upgrading Software from Junos OS Release 15.1X53-D3X to Junos OS Release
15.1X53-D60, 15.1X53-D61.7, 15.1X53-D62, and 15.1X53-D63 on QFX10008 and
QFX10016 Switches | 275
Installing the Software on QFX10008 and QFX10016 Switches | 277
Performing a Unified ISSU | 281
Preparing the Switch for Software Installation | 282
9
Upgrading the Software Using Unified ISSU | 282
Product Compatibility | 285
Hardware Compatibility | 285
Third-Party Components | 286
Upgrading Using ISSU | 286
Compliance Advisor | 286
Finding More Information | 286
Requesting Technical Support | 287
Self-Help Online Tools and Resources | 287
Opening a Case with JTAC | 288
Revision History | 288
Introduction
Junos OS runs on the following Juniper Networks®hardware: ACX Series, EX Series, MX Series, NFX
Series, PTX Series, QFabric systems, QFX Series, SRX Series, and Junos Fusion.
These release notes accompany Junos OS Release 17.2R2 for the ACX Series, EX Series, Junos Fusion
Enterprise, Junos Fusion Data Center, Junos Fusion Provider Edge, MX Series, NFX Series, PTX Series,
and QFX Series. They describe new and changed features, limitations, and known and resolved problems
in the hardware and software.
Junos OS Release Notes for ACX Series
10
IN THIS SECTION
New and Changed Features | 11
Changes in Behavior and Syntax | 14
Known Behavior | 16
Known Issues | 17
Resolved Issues | 18
Documentation Updates | 18
Migration, Upgrade, and Downgrade Instructions | 19
Product Compatibility | 20
These release notes accompany Junos OS Release 17.2R2 for the ACX Series. They describe new and
changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release noteson the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/software/junos/.
New and Changed Features
IN THIS SECTION
Release 17.2R2 New and Changed Features | 12
Release 17.2R1 New and Changed Features | 12
This section describes the new features and enhancements to existing features in the Junos OS main
release and the maintenance releases for ACX Series.
11
Release 17.2R2 New and Changed Features
There are no new features or enhancements to existing features for ACX Series in Junos OS Release
17.2R2.
Release 17.2R1 New and Changed Features
Hardware
Support for fixed and tunable DWDM Optics, 1GE and 10GE BIDI Optics (ACX Series)—Starting in
•
Junos OS Release 17.2R1, ACX Series Universal Access Routers support fixed and tunable 1-Gigabit
Ethernet and 10-Gigabit Ethernet BIDI DWDM optics.
Interfaces and Chassis
Support for Ethernet ring protection switching (ACX Series, ACX500, ACX5000)—Starting in Junos OS
•
Release 17.2R1, ACX Universal Access Routers support Ethernet ring protection switching (G.8032v2).
With the G.8032v2 capability, the ACX Series routers support manual commands (force switch, manual
switch, and clear commands) and interconnection of multiple Ethernet rings without virtual channels.
ERPS on the ACX5000 line of routers supports Aggregated Ethernet (AE) interfaces.
12
[See Ethernet Ring Protection Switching Overview]
Management
Support for device family and release in Junos OS YANG modules (ACX Series)—Starting in Junos OS
•
Release 17.2, Junos OS YANG modules are specific to a device family, and each module’s namespace
includes the module name, device family, and Junos OS release string. Furthermore, each juniper-command
module uses its own unique module name as the module’s prefix. Device families include junos, junos-es,
junos-ex, and junos-qfx.
[See Understanding Junos OS YANG Modules.]
Network Management and Monitoring
Support for sFlow agent (ACX5000)—Starting in Junos OS Release 17.2R1, ACX5000 line of routers
•
supports sFlow agent. sFlow is a statistical sampling based network monitoring protocol for high speed
switched or routed networks. The sFlow monitoring system consists of an sFlow agent (embedded in a
switch or router or in a stand alone probe) and a central data collector, or sFlow analyzer.
sFlow technology uses the following two sampling mechanisms:
Packet-based sampling—Samples one packet out of a specified number of packets from an interface
•
enabled for sFlow technology.
Time-based sampling—Samples interface statistics at a specified interval from an interface enabled
•
for sFlow technology.
Adaptive sampling—Monitors the overall incoming traffic rate on the device and provides feedback
•
to the interfaces to dynamically adapt their sampling rate to traffic conditions.
[See Overview of sFlow Technology and Configuring sFlow Technology.]
Operation, Administration, and Maintenance (OAM)
Support for ITU-T Y.1731 ETH-LM, ETH-SLM, and ETH-DM on aggregated Ethernet interfaces (ACX
•
Series, ACX5000)—Starting in Junos OS release 17.2R1, you can configure ITU-T Y.1731
standard-compliant Ethernet loss measurement (ETH-LM), Ethernet synthetic loss measurement
(ETH-SLM), and Ethernet delay measurement (ETH-DM) capabilities on aggregated Ethernet (AE)
interfaces. These performance monitoring functionalities are supported on ACX Series and ACX5000
line of routers.
[See Understanding Ethernet OAM Link Fault Management for ACX Series Routers]
Routing Protocols
Support for IS-IS flooding groups (ACX5000)—Starting with Junos OS Release 17.2R1, you can configure
•
flooding groups with IS-IS on the ACX5000 line of routers. This feature limits link-state PDU flooding
over IS-IS interfaces. An LSP that is not self-originated is flooded only through the interface belonging
to the flood group that has the configured area ID in the LSP. This helps minimize the routes and topology
information, thus ensuring optimal convergence. You can segregate both level 1 and level 2 networks
into flood groups by using area IDs as tags to identify a flood group. Configure interfaces with specific
area IDs to modify the flooding behavior as per your requirements.
13
To enable IS-IS flooding groups, include the flood-group flood-group-area-ID statement at the [edit
protocols isis interface] hierarchy level.
[See Understanding IS-IS Flood Group]
Software Installation and Upgrade
Support for In-Service Software Upgrade (ACX5000)—Starting with Junos OS Release 17.2R1, Junos
•
OS for ACX5000 Universal Access Routers supports ISSU, the ability to do software upgrades between
two different software releases with minimal disruption to network traffic and no disruptions in the
control plane. As a prerequisite, you need to have the graceful Routing Engine switchover (GRES), nonstop
active routing (NSR), and nonstop bridging (NSB) enabled in the routing engine to support ISSU on
ACX5000 line of routers.
[See Understanding In-Service Software Upgrade (ISSU) in ACX5000 Series Routers]
Timing and Synchronization
Support for PHY timestamping in boundary clock mode (ACX Series)—Starting in Junos OS Release
•
17.2R1, ACX Series Universal Access Routers supports timestamping at the physical layer, also known
as PHY timestamping, in boundary clock mode. To enable PHY timestamping on ACX Series routers,
configure clock-mode as boundary clock at the [edit protocols ptp] hierarchy level.
[See Configuring Precision Time Protocol Clocking]
Support for defect and event management and SNMP get and walk management for timing (ACX
•
Series)—Starting in Junos OS Release 17.2R1, the ACX Universal Access Routers supports defect and
event management capabilities for timing features. Defects and events are notified in the form of SNMP
traps.
The ACX Universal Access Routers also supports SNMP get, get-next, and walk management capabilities
for the timing features. These capabilities are enabled through the PTP MIB and SyncE MIB objects.
[See Understanding Timing Defects and Event Management on ACX Series and Understanding SNMP
MIB for Timing on ACX Series]
SEE ALSO
Changes in Behavior and Syntax | 14
Known Behavior | 16
Known Issues | 17
Resolved Issues | 18
Documentation Updates | 18
14
Migration, Upgrade, and Downgrade Instructions | 19
Product Compatibility | 20
Changes in Behavior and Syntax
IN THIS SECTION
General Routing | 15
Interfaces and Chassis | 15
Management | 15
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS
statements and commands from Junos OS Release 17.2R2 for the ACX Series Universal Access Routers.
General Routing
Support for deletion of static routes when the BFD session goes down (ACX Series)—Starting with
•
Junos OS 17.2R2, the default behavior of the static route at the [edit routing-options static static-route
bfd-admin-down] hierarchy level is active. So, the static routes are deleted when the BFD receives a
session down message.
Interfaces and Chassis
Support for logical interfaces—ACX5048 and ACX5096 routers do not support configuring more than
•
1000 logical interfaces.
Management
Junos OS YANG module namespace and prefix changes (ACX Series)—Starting in Junos OS Release
•
17.2, Junos OS YANG modules are specific to a device family, and each module’s namespace includes
the module name, device family, and Junos OS release string. Furthermore, each juniper-command
module uses its own unique module name as the module’s prefix. In earlier releases, Junos OS YANG
modules used only a unique identifier to differentiate the namespace for each module, and the prefix
for all juniper-command modules was jrpc.
15
Device families include junos, junos-es, junos-ex, and junos-qfx. The Junos OS YANG extension modules,
junos-extension and junos-extension-odl, use the junos device family identifier in the namespace, but
the modules are common to all device families.
[See Understanding Junos OS YANG Modules.]
Changes to the rfc-compliant configuration statement (ACX Series)—Starting in Junos OS Release 17.2,
•
Junos OS YANG modules are specific to a device family, and each module’s namespace includes the
module name, device family, and Junos OS release string. If you configure the rfc-compliant statement
at the [edit system services netconf] hierarchy level and request configuration data in a NETCONF
session on a device running Junos OS Release 17.2 or later, the NETCONF server sets the default
namespace for the <configuration> element in the RPC reply to the same namespace as in the
corresponding YANG model.
[See Configuring RFC-Compliant NETCONF Sessions and rfc-compliant.]
SEE ALSO
New and Changed Features | 11
Known Behavior | 16
Known Issues | 17
Resolved Issues | 18
Documentation Updates | 18
Migration, Upgrade, and Downgrade Instructions | 19
Product Compatibility | 20
Known Behavior
IN THIS SECTION
High Availability (HA) and Resiliency | 16
16
This section lists known behavior, system maximums, and limitations in hardware and software in Junos
OS Release 17.2R2 for the ACX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
High Availability (HA) and Resiliency
Residual and baseline statistics loss from ISSU—Using ISSU to upgrade to Junos OS Release 17.2R1 or
•
later will result in a loss of residual and baseline statistics for interfaces, interface set specific statistics,
and BBE subscriber service statistics because of an update to the statistics database.
[See Unified ISSU System Requirements.]
SEE ALSO
New and Changed Features | 11
Changes in Behavior and Syntax | 14
Known Issues | 17
Resolved Issues | 18
Documentation Updates | 18
Migration, Upgrade, and Downgrade Instructions | 19
Product Compatibility | 20
Known Issues
IN THIS SECTION
Layer 2 Features | 17
This section lists the known issues in hardware and software in Junos OS Release 17.2R2 for the ACX
Series Universal Access Routers.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Layer 2 Features
17
Under certain scenarios, if VPLS instances and Layer 3 NNI interfaces are deleted in the same commit,
•
then a traffic duplication is observed for the VPLS traffic. To avoid such instances, it is recommended
to delete or deactivate the Layer 3 NNI interfaces and VPLS instances in separate commits. PR1260156
SEE ALSO
New and Changed Features | 11
Changes in Behavior and Syntax | 14
Known Behavior | 16
Resolved Issues | 18
Documentation Updates | 18
Migration, Upgrade, and Downgrade Instructions | 19
Product Compatibility | 20
Resolved Issues
IN THIS SECTION
Resolved Issues: 17.2R2 | 18
Resolved Issues: 17.2R1 | 18
This section lists the issues fixed in the Junos OS main release and the maintenance releases.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Resolved Issues: 17.2R2
18
There are no fixed issues in the Junos OS Release 17.2R2 for ACX Series.
Resolved Issues: 17.2R1
There are no fixed issues in the Junos OS Release 17.2R1 for ACX Series.
SEE ALSO
New and Changed Features | 11
Changes in Behavior and Syntax | 14
Known Behavior | 16
Known Issues | 17
Documentation Updates | 18
Migration, Upgrade, and Downgrade Instructions | 19
Product Compatibility | 20
Documentation Updates
There are no errata or changes in Junos OS Release 17.2R2 for the ACX Series documentation.
SEE ALSO
New and Changed Features | 11
Changes in Behavior and Syntax | 14
Known Behavior | 16
Known Issues | 17
Resolved Issues | 18
Migration, Upgrade, and Downgrade Instructions | 19
Product Compatibility | 20
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
19
Upgrade and Downgrade Support Policy for Junos OS Releases | 19
This section contains the upgrade and downgrade support policy for Junos OS for the ACX Series Universal
Access Routers. Upgrading or downgrading Junos OS might take several minutes, depending on the size
and configuration of the network.
For information about software installation and upgrade, see the Installation and Upgrade Guide.
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not
provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the
next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently
installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 16.1,
16.2 and 17.1 are EEOL releases. You can upgrade from Junos OS Release 16.1 to Release 16.2 or even
from Junos OS Release 16.1 to Release 17.1. However, you cannot upgrade directly from a non-EEOL
release that is more than three releases ahead or behind.
To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after,
first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your
target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html.
For information about software installation and upgrade, see the Installation and Upgrade Guide.
SEE ALSO
New and Changed Features | 11
Changes in Behavior and Syntax | 14
Known Behavior | 16
Known Issues | 17
Resolved Issues | 18
20
Documentation Updates | 18
Product Compatibility | 20
Product Compatibility
IN THIS SECTION
Hardware Compatibility | 20
Hardware Compatibility
To obtain information about the components that are supported on the devices, and the special compatibility
guidelines with the release, see the Hardware Guide for the product.
To determine the features supported on ACX Series routers in this release, use the Juniper Networks
Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature
information to find the right software release and hardware platform for your network. Find Feature
Explorer at https://pathfinder.juniper.net/feature-explorer/.
Hardware Compatibility Tool
For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms,
see the Hardware Compatibility tool.
SEE ALSO
New and Changed Features | 11
Changes in Behavior and Syntax | 14
Known Behavior | 16
Known Issues | 17
Resolved Issues | 18
Documentation Updates | 18
Migration, Upgrade, and Downgrade Instructions | 19
21
Junos OS Release Notes for EX Series Switches
IN THIS SECTION
New and Changed Features | 22
Changes in Behavior and Syntax | 26
Known Behavior | 28
Known Issues | 29
Resolved Issues | 31
Documentation Updates | 35
Migration, Upgrade, and Downgrade Instructions | 35
Product Compatibility | 36
These release notes accompany Junos OS Release 17.2R2 for the EX Series. They describe new and
changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/software/junos/.
New and Changed Features
IN THIS SECTION
Release 17.2R2 New and Changed Features | 23
Release 17.2R1 New and Changed Features | 23
This section describes the new features and enhancements to existing features in the Junos OS main
release and the maintenance releases for EX Series.
NOTE: The following EX Series switches are supported in Release 17.2R2: EX4300, EX4600,
and EX9200.
22
NOTE: In Junos OS Release 17.2R2, J-Web is supported on the EX4300 and EX4600 switches
in both standalone and Virtual Chassis setup.
The J-Web distribution model being used provides two packages:
Platform package—Installed as part of Junos OS; provides basic functionalities of J-Web.
•
Application package—Optionally installable package; provides complete functionalities of
•
J-Web.
For details about the J-Web distribution model, see Release Notes: J-Web Application Package
Release 17.2A1 for EX4300 and EX4600 Switches.
Release 17.2R2 New and Changed Features
There are no new features or enhancements to existing features for EX Series in Junos OS Release
•
17.2R2.
Release 17.2R1 New and Changed Features
Authentication, Authorization, and Accounting (AAA) (RADIUS)
Authentication order with priority (EX4300 switches)—Starting in Junos OS Release 17.2R1, you can
•
configure EX4300 switches not to trigger re-authentication for a client that has been authenticated
using MAC RADIUS authentication or captive portal authentication. If the switch receives an EAP-Start
message from an authenticated client, the switch typically responds with an EAP-Request message,
which triggers re-authentication using 802.1X authentication. You can use the eapol-block statement
to configure the switch to ignore EAP-Start messages sent by a client that has been authenticated using
MAC RADIUS authentication or captive portal authentication, and maintain the existing authentication
session for the client.
23
[See Understanding Authentication on Switches.]
Protected Extensible Authentication Protocol (PEAP) for MAC RADIUS authentication (EX4300
•
switches)—Starting in Junos OS Release 17.2R1, you can configure the Protected Extensible
Authentication Protocol (PEAP) as the authentication method for MAC RADIUS authentication. PEAP
is a protocol that encapsulates EAP packets within an encrypted and authenticated Transport Layer
Security (TLS) tunnel. The inner authentication protocol, used to authenticate the client's MAC address
inside the tunnel, is the Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAPv2).
The encrypted exchange of information inside the tunnel ensures that user credentials are safe from
eavesdropping.
[See Understanding Authentication on Switches.]
EVPNs
EVPN proxy ARP and ARP suppression (EX9200 switches)—Starting with Junos OS Release 17.2R1,
•
EX9200 switches that function as provider edge (PE) devices in an Ethernet VPN-MPLS (EVPN-MPLS)
or Ethernet VPN-Virtual Extensible LAN (EVPN-VXLAN) environment support proxy Address Resolution
Protocol (ARP) and ARP suppression. The proxy ARP and ARP suppression capabilities are enabled by
default. For both features to work properly, the configuration of an integrated and routing (IRB) interface
on the PE device is required.
IRB interfaces configured on a PE device deliver ARP requests from both local and remote customer
edge (CE) devices. When a PE device receives an ARP request from a CE device, the PE device searches
its media access control (MAC)-IP address bindings database for the requested IP address. If the PE
device finds the MAC-IP address binding in its database, it responds to the request. If the device does
not find the MAC-IP address binding, it swaps the source MAC address in the request with the MAC
address of the IRB interface on which the request was received and sends the request to all interfaces.
Even when a PE device responds to an ARP request, ARP packets might still be flooded across the WAN.
ARP suppression prevents this flooding from occurring.
[See EVPN Proxy ARP and ARP Suppression.]
24
Layer 3 Features
Port-based LAN broadcast traffic forwarding (port helpers) for multiple destination servers (EX4300
•
switches and Virtual Chassis)—Starting in Junos OS Release 17.2R1, you can configure port helpers on
EX4300 switches and EX4300 Virtual Chassis on a per-port basis for multiple destination servers. Port
helpers are port-based filters that listen on configured UDP ports for incoming LAN broadcast traffic,
and forward those packets to configured destination servers as unicast traffic. Configure port helper
filters using the forwarding-options helpers port port-number configuration statement with any of the
following scopes:
Global—Match incoming broadcast traffic on any interface for a configured port, and forward the
•
traffic to the configured server:
set forwarding-options helpers port port-number server server-ip-address
VLAN-specific—Match incoming broadcast traffic on an IRB interface for a configured port, and forward
•
the traffic to the configured server:
set forwarding-options helpers port port-number interface irb-interface-name
server server-ip-address
Interface-specific—Match incoming broadcast traffic on a Layer 3 interface for a configured port, and
•
forward the traffic to the configured server:
set forwarding-options helpers port port-number interface interface-name
server server-ip-address
[See Configuring Port-based LAN Broadcast Packet Forwarding.]
Management
Support for device family and release in Junos OS YANG modules (EX Series)—Starting in Junos OS
•
Release 17.2, Junos OS YANG modules are specific to a device family, and each module’s namespace
includes the module name, device family, and Junos OS release string. Furthermore, each juniper-command
module uses its own unique module name as the module’s prefix. Device families include junos, junos-es,
junos-ex, and junos-qfx.
[See Understanding Junos OS YANG Modules.]
Multicast
•
Support for static multicast route leaking for VRF and virtual-router instances (QFX5100 and EX4300
switches)—Starting in Junos OS Release 17.2R1, you can configure your switch to share IPv4 multicast
routes among different virtual routing and forwarding (VRF) instances or different virtual-router instances.
On EX4300 switches, multicast route leaking is supported only when the switch functions as a line card
in a Virtual Chassis, not as a standalone switch. Only multicast static routes with a destination-prefix
length of /32 are supported for multicast route leaking. Only Internet Group Management Protocol
version 3 is supported. To configure multicast route leaking for VRF or virtual-router instances , include
the next-table routing-instance-name.inet.0 statement at the [edit routing-instances
routing-instance-name routing-options static route destination-prefix/32] hierarchy level. For
routing–instance-name, include the name of a VRF or virtual-router instance. This feature was previously
introduced in Junos OS Release 14.X53-D40.
25
[See Understanding Multicast Route Leaking for VRF and Virtual-Router Instances.]
Network Management and Monitoring
SNMP support for monitoring tunnel statistics (EX Series)—Starting in Junos OS Release 17.2R1, SNMP
•
MIB jnxTunnelStat supports monitoring of tunnel statistics for IPV4 over IPV6 tunnels. This is a new
enterprise-specific MIB, Tunnel Stats MIB, that currently displays three counters: tunnel count in rpd,
tunnel count in Kernel, and tunnel count in the Packet Forwarding Engine. This MIB can be extended
to support other tunnel statistics. The MIB is defined in jnx-tunnel-stats.txt. This MIB is attached to
jnxMibs.
System Management
Dynamic power management (EX9200 switches)—Starting with Junos OS Release 17.2R1, EX9200
•
switches support dynamic power management.
[See System Services on EX9200 Switches].
SEE ALSO
Changes in Behavior and Syntax | 26
Known Behavior | 28
Known Issues | 29
Resolved Issues | 31
Documentation Updates | 35
Migration, Upgrade, and Downgrade Instructions | 35
Product Compatibility | 36
Changes in Behavior and Syntax
IN THIS SECTION
General Routing | 27
IP Tunneling | 27
26
Management | 27
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS
statements and commands from Junos OS Release 17.2R2 for the EX Series.
General Routing
Support for deletion of static routes when the BFD session goes down (EX Series)—Starting with Junos
•
OS 17.2R2, the default behavior of the static route at the [edit routing-options static static-route
bfd-admin-down] hierarchy level is active. So, the static routes are deleted when the BFD receives a
session down message.
IP Tunneling
Deprecated no-path-mtu-discovery configuration option for ipip6 tunnels—Starting in Junos OS Release
•
17.2R1, the no-path-mtu-discovery configuration statement in the [edit interfaces ip-fpc/pic/port unit
logical-unit-number tunnel] and [edit interfaces gr-fpc/pic/port unit logical-unit-number tunnel]
hierarchies is no longer available for ipip6 tunnels.
Management
27
Changes to the rfc-compliant configuration statement (EX Series)—Starting in Junos OS Release 17.2R1,
•
Junos OS YANG modules are specific to a device family, and each module’s namespace includes the
module name, device family, and Junos OS release string. If you configure the rfc-compliant statement
at the [edit system services netconf] hierarchy level and request configuration data in a NETCONF
session on a device running Junos OS Release 17.2R1 or later, the NETCONF server sets the default
namespace for the <configuration> element in the RPC reply to the same namespace as in the
corresponding YANG model.
[See Configuring RFC-Compliant NETCONF Sessions and rfc-compliant.]
Junos OS YANG module namespace and prefix changes (EX Series)—Starting in Junos OS Release
•
17.2R1, Junos OS YANG modules are specific to a device family, and each module’s namespace includes
the module name, device family, and Junos OS release string. Furthermore, each juniper-command
module uses its own unique module name as the module’s prefix. In earlier releases, Junos OS YANG
modules used only a unique identifier to differentiate the namespace for each module, and the prefix
for all juniper-command modules was jrpc.
Device families include junos, junos-es, junos-ex, and junos-qfx. The Junos OS YANG extension modules,
junos-extension and junos-extension-odl, use the junos device family identifier in the namespace, but
the modules are common to all device families.
[See Understanding Junos OS YANG Modules.]
SEE ALSO
New and Changed Features | 22
Known Behavior | 28
Known Issues | 29
Resolved Issues | 31
Documentation Updates | 35
Migration, Upgrade, and Downgrade Instructions | 35
Product Compatibility | 36
Known Behavior
IN THIS SECTION
High Availability (HA) and Resiliency | 28
28
This section lists known behavior, system maximums, and limitations in hardware and software in Junos
OS Release 17.2R2 for the EX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
High Availability (HA) and Resiliency
Residual and baseline statistics loss from ISSU—Using unified ISSU to upgrade to Junos OS Release
•
17.2R1 or later will result in a loss of residual and baseline statistics for interfaces, interface set specific
statistics, and BBE subscriber service statistics because of an update to the statistics database.
[See Unified ISSU System Requirements.]
SEE ALSO
New and Changed Features | 22
Changes in Behavior and Syntax | 26
Known Issues | 29
Resolved Issues | 31
Documentation Updates | 35
Migration, Upgrade, and Downgrade Instructions | 35
Product Compatibility | 36
Known Issues
IN THIS SECTION
General Routing | 29
High Availability (HA) and Resiliency | 29
Interfaces and Chassis | 30
Junos Fusion Enterprise | 30
Layer 2 Features | 30
Platform and Infrastructure | 30
29
User Interface and Configuration | 31
Virtual Chassis | 31
This section lists the known issues in hardware and software in Junos OS Release 17.2R2 for the EX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
General Routing
On EX4300 switches, when 802.1X single-supplicant authentication is initiated, multiple "EAP Request
•
Id Frame Sent" packets might be sent. PR1163966
On an EX9200 switch with MC-LAG, when the enhanced-convergence statement is enabled, and when
•
the kernel sends a next-hop message to the Packet Forwarding Engine, the full Layer 2 header is not
sent and a packet might be generated with an invalid source MAC address for some VLANs. PR1223662
High Availability (HA) and Resiliency
During a nonstop software upgrade (NSSU) on an EX4300 Virtual Chassis, a traffic loop or loss might
•
occur if the Junos OS software version that you are upgrading and the Junos OS software version that
you are upgrading to use different internal message formats. PR1123764
On an EX4300 Virtual Chassis or a QFX5100 Virtual Chassis, when you perform an NSSU, there might
•
be more than 5 seconds of traffic loss for multicast traffic. PR1125155
In a rare scenario, GRES might not reach the ready state and might fail to start, because the Routing
•
Engine does not receive the state ACK message from the Packet Forwarding Engine after performing
GRES. This is a timing issue. It might also stop Routing Engine resource release, resulting in resource
exhaustion. As a workaround, reboot the system if this problem occurs. PR1236882
Interfaces and Chassis
On an EX9200-40XS line card, if you toggle the MACsec encryption option multiple times, encryption
•
and protected MACsec statistics might be updated incorrectly. As a workaround, restart the line card.
PR1185659
Junos Fusion Enterprise
On a Junos Fusion Enterprise, Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED)
•
fast start does not work. PR1171899
30
Issue is specific to Junos Fusion Enterprise setup. Dot1x authenticated clients under dynamic VLAN
•
might see traffic loss if l2ald gets restarted for some reason (crash/manually). PR1281824
In a Junos Fusion set up with dual access device on EX9200, the dot1x authentication might fail if
•
frequent MAC moves occur. PR1299532
Layer 2 Features
The eswd process might crash after doing Routing Engine switchover in an EX Series Virtual Chassis
•
scenario. The crash happens due to disordered processing of VLAN/vmember by eswd and L2PT modules.
Because the order of processing does not remain the same every time, the crash is random across
switchovers. PR1275468
Platform and Infrastructure
On EX4600 switches, the amount of time that it takes for Zero Touch Provisioning to complete might
•
be lengthy because TFTP might take a long time to fetch required data. PR980530
On EX4300, EX4600, and QFX5100 switches, if a remote analyzer has an output IP address that is
•
reachable through a route learned by BGP, the analyzer might be in a DOWN state. PR1007963
Loading...