Release Notes: Junos®OS Release 17.2R2 for
the ACX Series, EX Series, MX Series, NFX
Series, PTX Series, QFX Series, and Junos
Fusion
1
3 September 2020
Contents
Introduction | 10
Junos OS Release Notes for ACX Series | 10
New and Changed Features | 11
Release 17.2R2 New and Changed Features | 12
Release 17.2R1 New and Changed Features | 12
Changes in Behavior and Syntax | 14
General Routing | 15
Interfaces and Chassis | 15
Management | 15
Known Behavior | 16
High Availability (HA) and Resiliency | 16
Known Issues | 17
Layer 2 Features | 17
Resolved Issues | 18
Resolved Issues: 17.2R2 | 18
Resolved Issues: 17.2R1 | 18
Documentation Updates | 18
Migration, Upgrade, and Downgrade Instructions | 19
Upgrade and Downgrade Support Policy for Junos OS Releases | 19
Product Compatibility | 20
Hardware Compatibility | 20
Junos OS Release Notes for EX Series Switches | 21
New and Changed Features | 22
Release 17.2R2 New and Changed Features | 23
Release 17.2R1 New and Changed Features | 23
Changes in Behavior and Syntax | 26
General Routing | 27
IP Tunneling | 27
Management | 27
Known Behavior | 28
High Availability (HA) and Resiliency | 28
Known Issues | 29
General Routing | 29
2
High Availability (HA) and Resiliency | 29
Interfaces and Chassis | 30
Junos Fusion Enterprise | 30
Layer 2 Features | 30
Platform and Infrastructure | 30
User Interface and Configuration | 31
Virtual Chassis | 31
Resolved Issues | 31
Resolved Issues: 17.2R2 | 32
Resolved Issues: 17.2R1 | 34
Documentation Updates | 35
Migration, Upgrade, and Downgrade Instructions | 35
Upgrade and Downgrade Support Policy for Junos OS Releases | 36
Product Compatibility | 36
Hardware Compatibility | 37
Junos OS Release Notes for Junos Fusion Data Center | 37
New and Changed Features | 38
Release 17.2R2 New and Changed Features | 38
Release 17.2R1 New and Changes Features | 38
Changes in Behavior and Syntax | 53
Junos Fusion | 53
Known Behavior | 53
Junos Fusion Data Center | 54
Known Issues | 55
Junos Fusion | 55
Resolved Issues | 55
Resolved Issues: 17.2R2 | 56
Resolved Issues: 17.2R1 | 56
Documentation Updates | 56
3
Migration, Upgrade, and Downgrade Instructions | 57
Basic Procedure for Upgrading an Aggregation Device | 57
Preparing the Switch for Satellite Device Conversion | 59
Autoconverting a Switch into a Satellite Device | 62
Manually Converting a Switch into a Satellite Device | 65
Configuring a Switch into a Satellite Device Before Connecting It to a Junos Fusion
Topology | 68
Configuring Satellite Device Upgrade Groups | 69
Converting a Satellite Device to a Standalone Device | 70
Upgrade and Downgrade Support Policy for Junos OS Releases | 73
Downgrading from Release 17.2 | 73
Product Compatibility | 74
Hardware Compatibility | 74
Junos OS Release Notes for Junos Fusion Enterprise | 75
New and Changed Features | 76
Release 17.2R2 New and Changed Features | 76
Release 17.2R1 New and Changed Features | 76
Changes in Behavior and Syntax | 78
Known Behavior | 78
Junos Fusion Enterprise | 78
Known Issues | 79
Resolved Issues | 79
Resolved Issues: 17.2R2 | 80
Resolved Issues: 17.2R1 | 80
Documentation Updates | 81
Migration, Upgrade, and Downgrade Instructions | 81
Basic Procedure for Upgrading Junos OS on an Aggregation Device | 81
Upgrading an Aggregation Device with Redundant Routing Engines | 83
Preparing the Switch for Satellite Device Conversion | 84
Converting a Satellite Device to a Standalone Switch | 85
Upgrade and Downgrade Support Policy for Junos OS Releases | 87
Downgrading from Release 17.2 | 88
Product Compatibility | 89
Hardware and Software Compatibility | 89
4
Hardware Compatibility Tool | 89
Junos OS Release Notes for Junos Fusion Provider Edge | 90
New and Changed Features | 90
Release 17.2R2 New and Changed Features | 91
Release 17.2R1 New and Changed Features | 91
Changes in Behavior and Syntax | 92
Known Behavior | 92
Known Issues | 93
Resolved Issues | 93
Resolved Issues: 17.2R2 | 94
Resolved Issues: 17.2R1 | 94
Documentation Updates | 94
Migration, Upgrade, and Downgrade Instructions | 95
Basic Procedure for Upgrading an Aggregation Device | 95
Upgrading an Aggregation Device with Redundant Routing Engines | 98
Preparing the Switch for Satellite Device Conversion | 98
Converting a Satellite Device to a Standalone Device | 100
Upgrading an Aggregation Device | 102
Upgrade and Downgrade Support Policy for Junos OS Releases | 102
Downgrading from Release 17.2 | 102
Product Compatibility | 103
Hardware Compatibility | 103
Junos OS Release Notes for MX Series 5G Universal Routing Platforms | 104
New and Changed Features | 105
Release 17.2R2 New and Changed Features | 105
Release 17.2R1 New and Changed Features | 106
Changes in Behavior and Syntax | 135
Class of Service (CoS) | 136
EVPNs | 136
Forwarding and Sampling | 136
General Routing | 138
High Availability (HA) and Resiliency | 138
Interfaces and Chassis | 138
IP Tunneling | 141
5
Management | 141
MPLS | 142
Network Management and Monitoring | 142
Routing Protocols | 144
Services Applications | 145
Subscriber Management and Services | 145
User Interface and Configuration | 147
VPNs | 148
Known Behavior | 148
Flow-Based Packet Based Processing | 149
General Routing | 149
High Availability (HA) and Resiliency | 149
Network Management and Monitoring | 150
Interfaces and Chassis | 150
Software Defined Networking (SDN) | 150
Subscriber Management and Services | 150
User Interface and Configuration | 151
Known Issues | 152
Class of Service (CoS) | 152
Forwarding and Sampling | 153
General Routing | 153
High Availability (HA) and Resiliency | 155
Infrastructure | 155
Interfaces and Chassis | 155
Layer 2 Ethernet Services | 156
Layer 2 Features | 156
MPLS | 156
Network Management and Monitoring | 157
Platform and Infrastructure | 157
Routing Protocols | 158
Services Applications | 159
Subscriber Access Management | 159
Resolved Issues | 159
Resolved Issues: 17.2R2 | 160
6
Resolved Issues: 17.2R1 | 170
Documentation Updates | 176
Subscriber Management Access Network Guide | 177
Subscriber Management Provisioning Guide | 177
Migration, Upgrade, and Downgrade Instructions | 178
Basic Procedure for Upgrading to Release 17.2 | 179
Procedure to Upgrade to FreeBSD 10.x based Junos OS | 179
Procedure to Upgrade to FreeBSD 6.x based Junos OS | 181
Upgrade and Downgrade Support Policy for Junos OS Releases | 183
Upgrading a Router with Redundant Routing Engines | 184
Downgrading from Release 17.2 | 184
Product Compatibility | 185
Hardware Compatibility | 185
Junos OS Release Notes for NFX Series | 186
New and Changed Features | 186
Release 17.2R2 New and Changed Features | 187
Release 17.2R1 New and Changed Features | 187
Changes in Behavior and Syntax | 191
Known Behavior | 192
Juniper Device Manager | 192
Known Issues | 193
Infrastructure | 193
IPSec | 193
Juniper Device Manager | 193
Junos Control Plane | 195
vSRX | 196
Resolved Issues | 197
Resolved Issues: 17.2R2 | 197
Resolved Issues: 17.2R1 | 197
Documentation Updates | 198
Migration, Upgrade, and Downgrade Instructions | 198
Upgrade and Downgrade Support Policy for Junos OS Releases | 199
Basic Procedure for Upgrading to Release 17.2 | 199
Product Compatibility | 202
7
Hardware Compatibility | 203
Junos OS Release Notes for PTX Series Packet Transport Routers | 203
New and Changed Features | 204
Release 17.2R2 New and Changed Features | 205
Release 17.2R1 New and Changed Features | 205
Changes in Behavior and Syntax | 222
Forwarding and Sampling | 223
General Routing | 223
Interfaces and Chassis | 223
Management | 224
Network Management and Monitoring | 225
Routing Protocols | 226
Known Behavior | 226
Hardware | 227
High Availability (HA) and Resiliency | 227
Known Issues | 228
General Routing | 228
Platform and Infrastructure | 229
Routing Protocols | 229
Resolved Issues | 230
Resolved Issues: 17.2R2 | 230
Resolved Issues: 17.2R1 | 231
Documentation Updates | 232
Migration, Upgrade, and Downgrade Instructions | 232
Basic Procedure for Upgrading to Release 17.2 | 232
Upgrade and Downgrade Support Policy for Junos OS Releases | 235
Upgrading Using Unified ISSU | 236
Upgrading a Router with Redundant Routing Engines | 236
Product Compatibility | 237
Hardware Compatibility | 237
Junos OS Release Notes for the QFX Series | 238
New and Changed Features | 238
Release 17.2R2 New and Changed Features | 239
8
Release 17.2R1 New and Changed Features | 239
Changes in Behavior and Syntax | 258
Class of Service (CoS) | 259
General Routing | 259
Interfaces and Chassis | 259
Management | 260
Routing Protocols | 262
Virtual Chassis | 262
Known Behavior | 263
EVPNs | 264
High Availability (HA) and Resiliency | 264
Interfaces and Chassis | 264
Virtual Chassis | 264
Known Issues | 265
High Availability (HA) and Resiliency | 265
Interfaces and Chassis | 265
Layer 2 Features | 266
Network Management and Monitoring | 266
Platform and Infrastructure | 267
Routing Protocols | 267
Virtual Chassis | 267
Resolved Issues | 268
Resolved Issues: 17.2R2 | 268
Resolved Issues: 17.2R1 | 271
Documentation Updates | 272
Migration, Upgrade, and Downgrade Instructions | 273
Upgrading Software on QFX Series Switches | 273
Installing the Software on QFX10002 Switches | 275
Upgrading Software from Junos OS Release 15.1X53-D3X to Junos OS Release
15.1X53-D60, 15.1X53-D61.7, 15.1X53-D62, and 15.1X53-D63 on QFX10008 and
QFX10016 Switches | 275
Installing the Software on QFX10008 and QFX10016 Switches | 277
Performing a Unified ISSU | 281
Preparing the Switch for Software Installation | 282
9
Upgrading the Software Using Unified ISSU | 282
Product Compatibility | 285
Hardware Compatibility | 285
Third-Party Components | 286
Upgrading Using ISSU | 286
Compliance Advisor | 286
Finding More Information | 286
Requesting Technical Support | 287
Self-Help Online Tools and Resources | 287
Opening a Case with JTAC | 288
Revision History | 288
Introduction
Junos OS runs on the following Juniper Networks®hardware: ACX Series, EX Series, MX Series, NFX
Series, PTX Series, QFabric systems, QFX Series, SRX Series, and Junos Fusion.
These release notes accompany Junos OS Release 17.2R2 for the ACX Series, EX Series, Junos Fusion
Enterprise, Junos Fusion Data Center, Junos Fusion Provider Edge, MX Series, NFX Series, PTX Series,
and QFX Series. They describe new and changed features, limitations, and known and resolved problems
in the hardware and software.
Junos OS Release Notes for ACX Series
10
IN THIS SECTION
New and Changed Features | 11
Changes in Behavior and Syntax | 14
Known Behavior | 16
Known Issues | 17
Resolved Issues | 18
Documentation Updates | 18
Migration, Upgrade, and Downgrade Instructions | 19
Product Compatibility | 20
These release notes accompany Junos OS Release 17.2R2 for the ACX Series. They describe new and
changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release noteson the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/software/junos/.
New and Changed Features
IN THIS SECTION
Release 17.2R2 New and Changed Features | 12
Release 17.2R1 New and Changed Features | 12
This section describes the new features and enhancements to existing features in the Junos OS main
release and the maintenance releases for ACX Series.
11
Release 17.2R2 New and Changed Features
There are no new features or enhancements to existing features for ACX Series in Junos OS Release
17.2R2.
Release 17.2R1 New and Changed Features
Hardware
Support for fixed and tunable DWDM Optics, 1GE and 10GE BIDI Optics (ACX Series)—Starting in
•
Junos OS Release 17.2R1, ACX Series Universal Access Routers support fixed and tunable 1-Gigabit
Ethernet and 10-Gigabit Ethernet BIDI DWDM optics.
Interfaces and Chassis
Support for Ethernet ring protection switching (ACX Series, ACX500, ACX5000)—Starting in Junos OS
•
Release 17.2R1, ACX Universal Access Routers support Ethernet ring protection switching (G.8032v2).
With the G.8032v2 capability, the ACX Series routers support manual commands (force switch, manual
switch, and clear commands) and interconnection of multiple Ethernet rings without virtual channels.
ERPS on the ACX5000 line of routers supports Aggregated Ethernet (AE) interfaces.
12
[See Ethernet Ring Protection Switching Overview]
Management
Support for device family and release in Junos OS YANG modules (ACX Series)—Starting in Junos OS
•
Release 17.2, Junos OS YANG modules are specific to a device family, and each module’s namespace
includes the module name, device family, and Junos OS release string. Furthermore, each juniper-command
module uses its own unique module name as the module’s prefix. Device families include junos, junos-es,
junos-ex, and junos-qfx.
[See Understanding Junos OS YANG Modules.]
Network Management and Monitoring
Support for sFlow agent (ACX5000)—Starting in Junos OS Release 17.2R1, ACX5000 line of routers
•
supports sFlow agent. sFlow is a statistical sampling based network monitoring protocol for high speed
switched or routed networks. The sFlow monitoring system consists of an sFlow agent (embedded in a
switch or router or in a stand alone probe) and a central data collector, or sFlow analyzer.
sFlow technology uses the following two sampling mechanisms:
Packet-based sampling—Samples one packet out of a specified number of packets from an interface
•
enabled for sFlow technology.
Time-based sampling—Samples interface statistics at a specified interval from an interface enabled
•
for sFlow technology.
Adaptive sampling—Monitors the overall incoming traffic rate on the device and provides feedback
•
to the interfaces to dynamically adapt their sampling rate to traffic conditions.
[See Overview of sFlow Technology and Configuring sFlow Technology.]
Operation, Administration, and Maintenance (OAM)
Support for ITU-T Y.1731 ETH-LM, ETH-SLM, and ETH-DM on aggregated Ethernet interfaces (ACX
•
Series, ACX5000)—Starting in Junos OS release 17.2R1, you can configure ITU-T Y.1731
standard-compliant Ethernet loss measurement (ETH-LM), Ethernet synthetic loss measurement
(ETH-SLM), and Ethernet delay measurement (ETH-DM) capabilities on aggregated Ethernet (AE)
interfaces. These performance monitoring functionalities are supported on ACX Series and ACX5000
line of routers.
[See Understanding Ethernet OAM Link Fault Management for ACX Series Routers]
Routing Protocols
Support for IS-IS flooding groups (ACX5000)—Starting with Junos OS Release 17.2R1, you can configure
•
flooding groups with IS-IS on the ACX5000 line of routers. This feature limits link-state PDU flooding
over IS-IS interfaces. An LSP that is not self-originated is flooded only through the interface belonging
to the flood group that has the configured area ID in the LSP. This helps minimize the routes and topology
information, thus ensuring optimal convergence. You can segregate both level 1 and level 2 networks
into flood groups by using area IDs as tags to identify a flood group. Configure interfaces with specific
area IDs to modify the flooding behavior as per your requirements.
13
To enable IS-IS flooding groups, include the flood-group flood-group-area-ID statement at the [edit
protocols isis interface] hierarchy level.
[See Understanding IS-IS Flood Group]
Software Installation and Upgrade
Support for In-Service Software Upgrade (ACX5000)—Starting with Junos OS Release 17.2R1, Junos
•
OS for ACX5000 Universal Access Routers supports ISSU, the ability to do software upgrades between
two different software releases with minimal disruption to network traffic and no disruptions in the
control plane. As a prerequisite, you need to have the graceful Routing Engine switchover (GRES), nonstop
active routing (NSR), and nonstop bridging (NSB) enabled in the routing engine to support ISSU on
ACX5000 line of routers.
[See Understanding In-Service Software Upgrade (ISSU) in ACX5000 Series Routers]
Timing and Synchronization
Support for PHY timestamping in boundary clock mode (ACX Series)—Starting in Junos OS Release
•
17.2R1, ACX Series Universal Access Routers supports timestamping at the physical layer, also known
as PHY timestamping, in boundary clock mode. To enable PHY timestamping on ACX Series routers,
configure clock-mode as boundary clock at the [edit protocols ptp] hierarchy level.
[See Configuring Precision Time Protocol Clocking]
Support for defect and event management and SNMP get and walk management for timing (ACX
•
Series)—Starting in Junos OS Release 17.2R1, the ACX Universal Access Routers supports defect and
event management capabilities for timing features. Defects and events are notified in the form of SNMP
traps.
The ACX Universal Access Routers also supports SNMP get, get-next, and walk management capabilities
for the timing features. These capabilities are enabled through the PTP MIB and SyncE MIB objects.
[See Understanding Timing Defects and Event Management on ACX Series and Understanding SNMP
MIB for Timing on ACX Series]
SEE ALSO
Changes in Behavior and Syntax | 14
Known Behavior | 16
Known Issues | 17
Resolved Issues | 18
Documentation Updates | 18
14
Migration, Upgrade, and Downgrade Instructions | 19
Product Compatibility | 20
Changes in Behavior and Syntax
IN THIS SECTION
General Routing | 15
Interfaces and Chassis | 15
Management | 15
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS
statements and commands from Junos OS Release 17.2R2 for the ACX Series Universal Access Routers.
General Routing
Support for deletion of static routes when the BFD session goes down (ACX Series)—Starting with
•
Junos OS 17.2R2, the default behavior of the static route at the [edit routing-options static static-route
bfd-admin-down] hierarchy level is active. So, the static routes are deleted when the BFD receives a
session down message.
Interfaces and Chassis
Support for logical interfaces—ACX5048 and ACX5096 routers do not support configuring more than
•
1000 logical interfaces.
Management
Junos OS YANG module namespace and prefix changes (ACX Series)—Starting in Junos OS Release
•
17.2, Junos OS YANG modules are specific to a device family, and each module’s namespace includes
the module name, device family, and Junos OS release string. Furthermore, each juniper-command
module uses its own unique module name as the module’s prefix. In earlier releases, Junos OS YANG
modules used only a unique identifier to differentiate the namespace for each module, and the prefix
for all juniper-command modules was jrpc.
15
Device families include junos, junos-es, junos-ex, and junos-qfx. The Junos OS YANG extension modules,
junos-extension and junos-extension-odl, use the junos device family identifier in the namespace, but
the modules are common to all device families.
[See Understanding Junos OS YANG Modules.]
Changes to the rfc-compliant configuration statement (ACX Series)—Starting in Junos OS Release 17.2,
•
Junos OS YANG modules are specific to a device family, and each module’s namespace includes the
module name, device family, and Junos OS release string. If you configure the rfc-compliant statement
at the [edit system services netconf] hierarchy level and request configuration data in a NETCONF
session on a device running Junos OS Release 17.2 or later, the NETCONF server sets the default
namespace for the <configuration> element in the RPC reply to the same namespace as in the
corresponding YANG model.
[See Configuring RFC-Compliant NETCONF Sessions and rfc-compliant.]
SEE ALSO
New and Changed Features | 11
Known Behavior | 16
Known Issues | 17
Resolved Issues | 18
Documentation Updates | 18
Migration, Upgrade, and Downgrade Instructions | 19
Product Compatibility | 20
Known Behavior
IN THIS SECTION
High Availability (HA) and Resiliency | 16
16
This section lists known behavior, system maximums, and limitations in hardware and software in Junos
OS Release 17.2R2 for the ACX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
High Availability (HA) and Resiliency
Residual and baseline statistics loss from ISSU—Using ISSU to upgrade to Junos OS Release 17.2R1 or
•
later will result in a loss of residual and baseline statistics for interfaces, interface set specific statistics,
and BBE subscriber service statistics because of an update to the statistics database.
[See Unified ISSU System Requirements.]
SEE ALSO
New and Changed Features | 11
Changes in Behavior and Syntax | 14
Known Issues | 17
Resolved Issues | 18
Documentation Updates | 18
Migration, Upgrade, and Downgrade Instructions | 19
Product Compatibility | 20
Known Issues
IN THIS SECTION
Layer 2 Features | 17
This section lists the known issues in hardware and software in Junos OS Release 17.2R2 for the ACX
Series Universal Access Routers.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Layer 2 Features
17
Under certain scenarios, if VPLS instances and Layer 3 NNI interfaces are deleted in the same commit,
•
then a traffic duplication is observed for the VPLS traffic. To avoid such instances, it is recommended
to delete or deactivate the Layer 3 NNI interfaces and VPLS instances in separate commits. PR1260156
SEE ALSO
New and Changed Features | 11
Changes in Behavior and Syntax | 14
Known Behavior | 16
Resolved Issues | 18
Documentation Updates | 18
Migration, Upgrade, and Downgrade Instructions | 19
Product Compatibility | 20
Resolved Issues
IN THIS SECTION
Resolved Issues: 17.2R2 | 18
Resolved Issues: 17.2R1 | 18
This section lists the issues fixed in the Junos OS main release and the maintenance releases.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Resolved Issues: 17.2R2
18
There are no fixed issues in the Junos OS Release 17.2R2 for ACX Series.
Resolved Issues: 17.2R1
There are no fixed issues in the Junos OS Release 17.2R1 for ACX Series.
SEE ALSO
New and Changed Features | 11
Changes in Behavior and Syntax | 14
Known Behavior | 16
Known Issues | 17
Documentation Updates | 18
Migration, Upgrade, and Downgrade Instructions | 19
Product Compatibility | 20
Documentation Updates
There are no errata or changes in Junos OS Release 17.2R2 for the ACX Series documentation.
SEE ALSO
New and Changed Features | 11
Changes in Behavior and Syntax | 14
Known Behavior | 16
Known Issues | 17
Resolved Issues | 18
Migration, Upgrade, and Downgrade Instructions | 19
Product Compatibility | 20
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
19
Upgrade and Downgrade Support Policy for Junos OS Releases | 19
This section contains the upgrade and downgrade support policy for Junos OS for the ACX Series Universal
Access Routers. Upgrading or downgrading Junos OS might take several minutes, depending on the size
and configuration of the network.
For information about software installation and upgrade, see the Installation and Upgrade Guide.
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not
provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the
next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently
installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 16.1,
16.2 and 17.1 are EEOL releases. You can upgrade from Junos OS Release 16.1 to Release 16.2 or even
from Junos OS Release 16.1 to Release 17.1. However, you cannot upgrade directly from a non-EEOL
release that is more than three releases ahead or behind.
To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after,
first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your
target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html.
For information about software installation and upgrade, see the Installation and Upgrade Guide.
SEE ALSO
New and Changed Features | 11
Changes in Behavior and Syntax | 14
Known Behavior | 16
Known Issues | 17
Resolved Issues | 18
20
Documentation Updates | 18
Product Compatibility | 20
Product Compatibility
IN THIS SECTION
Hardware Compatibility | 20
Hardware Compatibility
To obtain information about the components that are supported on the devices, and the special compatibility
guidelines with the release, see the Hardware Guide for the product.
To determine the features supported on ACX Series routers in this release, use the Juniper Networks
Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature
information to find the right software release and hardware platform for your network. Find Feature
Explorer at https://pathfinder.juniper.net/feature-explorer/.
Hardware Compatibility Tool
For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms,
see the Hardware Compatibility tool.
SEE ALSO
New and Changed Features | 11
Changes in Behavior and Syntax | 14
Known Behavior | 16
Known Issues | 17
Resolved Issues | 18
Documentation Updates | 18
Migration, Upgrade, and Downgrade Instructions | 19
21
Junos OS Release Notes for EX Series Switches
IN THIS SECTION
New and Changed Features | 22
Changes in Behavior and Syntax | 26
Known Behavior | 28
Known Issues | 29
Resolved Issues | 31
Documentation Updates | 35
Migration, Upgrade, and Downgrade Instructions | 35
Product Compatibility | 36
These release notes accompany Junos OS Release 17.2R2 for the EX Series. They describe new and
changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/software/junos/.
New and Changed Features
IN THIS SECTION
Release 17.2R2 New and Changed Features | 23
Release 17.2R1 New and Changed Features | 23
This section describes the new features and enhancements to existing features in the Junos OS main
release and the maintenance releases for EX Series.
NOTE: The following EX Series switches are supported in Release 17.2R2: EX4300, EX4600,
and EX9200.
22
NOTE: In Junos OS Release 17.2R2, J-Web is supported on the EX4300 and EX4600 switches
in both standalone and Virtual Chassis setup.
The J-Web distribution model being used provides two packages:
Platform package—Installed as part of Junos OS; provides basic functionalities of J-Web.
•
Application package—Optionally installable package; provides complete functionalities of
•
J-Web.
For details about the J-Web distribution model, see Release Notes: J-Web Application Package
Release 17.2A1 for EX4300 and EX4600 Switches.
Release 17.2R2 New and Changed Features
There are no new features or enhancements to existing features for EX Series in Junos OS Release
•
17.2R2.
Release 17.2R1 New and Changed Features
Authentication, Authorization, and Accounting (AAA) (RADIUS)
Authentication order with priority (EX4300 switches)—Starting in Junos OS Release 17.2R1, you can
•
configure EX4300 switches not to trigger re-authentication for a client that has been authenticated
using MAC RADIUS authentication or captive portal authentication. If the switch receives an EAP-Start
message from an authenticated client, the switch typically responds with an EAP-Request message,
which triggers re-authentication using 802.1X authentication. You can use the eapol-block statement
to configure the switch to ignore EAP-Start messages sent by a client that has been authenticated using
MAC RADIUS authentication or captive portal authentication, and maintain the existing authentication
session for the client.
23
[See Understanding Authentication on Switches.]
Protected Extensible Authentication Protocol (PEAP) for MAC RADIUS authentication (EX4300
•
switches)—Starting in Junos OS Release 17.2R1, you can configure the Protected Extensible
Authentication Protocol (PEAP) as the authentication method for MAC RADIUS authentication. PEAP
is a protocol that encapsulates EAP packets within an encrypted and authenticated Transport Layer
Security (TLS) tunnel. The inner authentication protocol, used to authenticate the client's MAC address
inside the tunnel, is the Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAPv2).
The encrypted exchange of information inside the tunnel ensures that user credentials are safe from
eavesdropping.
[See Understanding Authentication on Switches.]
EVPNs
EVPN proxy ARP and ARP suppression (EX9200 switches)—Starting with Junos OS Release 17.2R1,
•
EX9200 switches that function as provider edge (PE) devices in an Ethernet VPN-MPLS (EVPN-MPLS)
or Ethernet VPN-Virtual Extensible LAN (EVPN-VXLAN) environment support proxy Address Resolution
Protocol (ARP) and ARP suppression. The proxy ARP and ARP suppression capabilities are enabled by
default. For both features to work properly, the configuration of an integrated and routing (IRB) interface
on the PE device is required.
IRB interfaces configured on a PE device deliver ARP requests from both local and remote customer
edge (CE) devices. When a PE device receives an ARP request from a CE device, the PE device searches
its media access control (MAC)-IP address bindings database for the requested IP address. If the PE
device finds the MAC-IP address binding in its database, it responds to the request. If the device does
not find the MAC-IP address binding, it swaps the source MAC address in the request with the MAC
address of the IRB interface on which the request was received and sends the request to all interfaces.
Even when a PE device responds to an ARP request, ARP packets might still be flooded across the WAN.
ARP suppression prevents this flooding from occurring.
[See EVPN Proxy ARP and ARP Suppression.]
24
Layer 3 Features
Port-based LAN broadcast traffic forwarding (port helpers) for multiple destination servers (EX4300
•
switches and Virtual Chassis)—Starting in Junos OS Release 17.2R1, you can configure port helpers on
EX4300 switches and EX4300 Virtual Chassis on a per-port basis for multiple destination servers. Port
helpers are port-based filters that listen on configured UDP ports for incoming LAN broadcast traffic,
and forward those packets to configured destination servers as unicast traffic. Configure port helper
filters using the forwarding-options helpers port port-number configuration statement with any of the
following scopes:
Global—Match incoming broadcast traffic on any interface for a configured port, and forward the
•
traffic to the configured server:
set forwarding-options helpers port port-number server server-ip-address
VLAN-specific—Match incoming broadcast traffic on an IRB interface for a configured port, and forward
•
the traffic to the configured server:
set forwarding-options helpers port port-number interface irb-interface-name
server server-ip-address
Interface-specific—Match incoming broadcast traffic on a Layer 3 interface for a configured port, and
•
forward the traffic to the configured server:
set forwarding-options helpers port port-number interface interface-name
server server-ip-address
[See Configuring Port-based LAN Broadcast Packet Forwarding.]
Management
Support for device family and release in Junos OS YANG modules (EX Series)—Starting in Junos OS
•
Release 17.2, Junos OS YANG modules are specific to a device family, and each module’s namespace
includes the module name, device family, and Junos OS release string. Furthermore, each juniper-command
module uses its own unique module name as the module’s prefix. Device families include junos, junos-es,
junos-ex, and junos-qfx.
[See Understanding Junos OS YANG Modules.]
Multicast
•
Support for static multicast route leaking for VRF and virtual-router instances (QFX5100 and EX4300
switches)—Starting in Junos OS Release 17.2R1, you can configure your switch to share IPv4 multicast
routes among different virtual routing and forwarding (VRF) instances or different virtual-router instances.
On EX4300 switches, multicast route leaking is supported only when the switch functions as a line card
in a Virtual Chassis, not as a standalone switch. Only multicast static routes with a destination-prefix
length of /32 are supported for multicast route leaking. Only Internet Group Management Protocol
version 3 is supported. To configure multicast route leaking for VRF or virtual-router instances , include
the next-table routing-instance-name.inet.0 statement at the [edit routing-instances
routing-instance-name routing-options static route destination-prefix/32] hierarchy level. For
routing–instance-name, include the name of a VRF or virtual-router instance. This feature was previously
introduced in Junos OS Release 14.X53-D40.
25
[See Understanding Multicast Route Leaking for VRF and Virtual-Router Instances.]
Network Management and Monitoring
SNMP support for monitoring tunnel statistics (EX Series)—Starting in Junos OS Release 17.2R1, SNMP
•
MIB jnxTunnelStat supports monitoring of tunnel statistics for IPV4 over IPV6 tunnels. This is a new
enterprise-specific MIB, Tunnel Stats MIB, that currently displays three counters: tunnel count in rpd,
tunnel count in Kernel, and tunnel count in the Packet Forwarding Engine. This MIB can be extended
to support other tunnel statistics. The MIB is defined in jnx-tunnel-stats.txt. This MIB is attached to
jnxMibs.
System Management
Dynamic power management (EX9200 switches)—Starting with Junos OS Release 17.2R1, EX9200
•
switches support dynamic power management.
[See System Services on EX9200 Switches].
SEE ALSO
Changes in Behavior and Syntax | 26
Known Behavior | 28
Known Issues | 29
Resolved Issues | 31
Documentation Updates | 35
Migration, Upgrade, and Downgrade Instructions | 35
Product Compatibility | 36
Changes in Behavior and Syntax
IN THIS SECTION
General Routing | 27
IP Tunneling | 27
26
Management | 27
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS
statements and commands from Junos OS Release 17.2R2 for the EX Series.
General Routing
Support for deletion of static routes when the BFD session goes down (EX Series)—Starting with Junos
•
OS 17.2R2, the default behavior of the static route at the [edit routing-options static static-route
bfd-admin-down] hierarchy level is active. So, the static routes are deleted when the BFD receives a
session down message.
IP Tunneling
Deprecated no-path-mtu-discovery configuration option for ipip6 tunnels—Starting in Junos OS Release
•
17.2R1, the no-path-mtu-discovery configuration statement in the [edit interfaces ip-fpc/pic/port unit
logical-unit-number tunnel] and [edit interfaces gr-fpc/pic/port unit logical-unit-number tunnel]
hierarchies is no longer available for ipip6 tunnels.
Management
27
Changes to the rfc-compliant configuration statement (EX Series)—Starting in Junos OS Release 17.2R1,
•
Junos OS YANG modules are specific to a device family, and each module’s namespace includes the
module name, device family, and Junos OS release string. If you configure the rfc-compliant statement
at the [edit system services netconf] hierarchy level and request configuration data in a NETCONF
session on a device running Junos OS Release 17.2R1 or later, the NETCONF server sets the default
namespace for the <configuration> element in the RPC reply to the same namespace as in the
corresponding YANG model.
[See Configuring RFC-Compliant NETCONF Sessions and rfc-compliant.]
Junos OS YANG module namespace and prefix changes (EX Series)—Starting in Junos OS Release
•
17.2R1, Junos OS YANG modules are specific to a device family, and each module’s namespace includes
the module name, device family, and Junos OS release string. Furthermore, each juniper-command
module uses its own unique module name as the module’s prefix. In earlier releases, Junos OS YANG
modules used only a unique identifier to differentiate the namespace for each module, and the prefix
for all juniper-command modules was jrpc.
Device families include junos, junos-es, junos-ex, and junos-qfx. The Junos OS YANG extension modules,
junos-extension and junos-extension-odl, use the junos device family identifier in the namespace, but
the modules are common to all device families.
[See Understanding Junos OS YANG Modules.]
SEE ALSO
New and Changed Features | 22
Known Behavior | 28
Known Issues | 29
Resolved Issues | 31
Documentation Updates | 35
Migration, Upgrade, and Downgrade Instructions | 35
Product Compatibility | 36
Known Behavior
IN THIS SECTION
High Availability (HA) and Resiliency | 28
28
This section lists known behavior, system maximums, and limitations in hardware and software in Junos
OS Release 17.2R2 for the EX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
High Availability (HA) and Resiliency
Residual and baseline statistics loss from ISSU—Using unified ISSU to upgrade to Junos OS Release
•
17.2R1 or later will result in a loss of residual and baseline statistics for interfaces, interface set specific
statistics, and BBE subscriber service statistics because of an update to the statistics database.
[See Unified ISSU System Requirements.]
SEE ALSO
New and Changed Features | 22
Changes in Behavior and Syntax | 26
Known Issues | 29
Resolved Issues | 31
Documentation Updates | 35
Migration, Upgrade, and Downgrade Instructions | 35
Product Compatibility | 36
Known Issues
IN THIS SECTION
General Routing | 29
High Availability (HA) and Resiliency | 29
Interfaces and Chassis | 30
Junos Fusion Enterprise | 30
Layer 2 Features | 30
Platform and Infrastructure | 30
29
User Interface and Configuration | 31
Virtual Chassis | 31
This section lists the known issues in hardware and software in Junos OS Release 17.2R2 for the EX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
General Routing
On EX4300 switches, when 802.1X single-supplicant authentication is initiated, multiple "EAP Request
•
Id Frame Sent" packets might be sent. PR1163966
On an EX9200 switch with MC-LAG, when the enhanced-convergence statement is enabled, and when
•
the kernel sends a next-hop message to the Packet Forwarding Engine, the full Layer 2 header is not
sent and a packet might be generated with an invalid source MAC address for some VLANs. PR1223662
High Availability (HA) and Resiliency
During a nonstop software upgrade (NSSU) on an EX4300 Virtual Chassis, a traffic loop or loss might
•
occur if the Junos OS software version that you are upgrading and the Junos OS software version that
you are upgrading to use different internal message formats. PR1123764
On an EX4300 Virtual Chassis or a QFX5100 Virtual Chassis, when you perform an NSSU, there might
•
be more than 5 seconds of traffic loss for multicast traffic. PR1125155
In a rare scenario, GRES might not reach the ready state and might fail to start, because the Routing
•
Engine does not receive the state ACK message from the Packet Forwarding Engine after performing
GRES. This is a timing issue. It might also stop Routing Engine resource release, resulting in resource
exhaustion. As a workaround, reboot the system if this problem occurs. PR1236882
Interfaces and Chassis
On an EX9200-40XS line card, if you toggle the MACsec encryption option multiple times, encryption
•
and protected MACsec statistics might be updated incorrectly. As a workaround, restart the line card.
PR1185659
Junos Fusion Enterprise
On a Junos Fusion Enterprise, Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED)
•
fast start does not work. PR1171899
30
Issue is specific to Junos Fusion Enterprise setup. Dot1x authenticated clients under dynamic VLAN
•
might see traffic loss if l2ald gets restarted for some reason (crash/manually). PR1281824
In a Junos Fusion set up with dual access device on EX9200, the dot1x authentication might fail if
•
frequent MAC moves occur. PR1299532
Layer 2 Features
The eswd process might crash after doing Routing Engine switchover in an EX Series Virtual Chassis
•
scenario. The crash happens due to disordered processing of VLAN/vmember by eswd and L2PT modules.
Because the order of processing does not remain the same every time, the crash is random across
switchovers. PR1275468
Platform and Infrastructure
On EX4600 switches, the amount of time that it takes for Zero Touch Provisioning to complete might
•
be lengthy because TFTP might take a long time to fetch required data. PR980530
On EX4300, EX4600, and QFX5100 switches, if a remote analyzer has an output IP address that is
•
reachable through a route learned by BGP, the analyzer might be in a DOWN state. PR1007963
On EX4300 switches with power redundancy N+N mode, PoE interfaces flap when any side power
•
supply unit is removed, leaving only one power supply unit. PR1258107
Some features of IPv6 router advertisement guard, in particular the MAC prefix, do not work as expected
•
on the EX4300 switch. Also, traffic is seen egressing the chassis despite an RA block being enabled on
an incoming interface. PR1294260
User Interface and Configuration
On EX4300 switches, J-Web allows configuration and commit of the source-address-filter command.
•
This is not the expected behavior. PR1281290
Virtual Chassis
When a line-card role FPC is removed and rejoined to a Virtual Chassis immediately, the LAG interface
•
on the master or backup Routing Engine is not reprogrammed in the rejoined FPC. PR1255302
31
SEE ALSO
New and Changed Features | 22
Changes in Behavior and Syntax | 26
Known Behavior | 28
Resolved Issues | 31
Documentation Updates | 35
Migration, Upgrade, and Downgrade Instructions | 35
Product Compatibility | 36
Resolved Issues
IN THIS SECTION
Resolved Issues: 17.2R2 | 32
Resolved Issues: 17.2R1 | 34
This section lists the issues fixed in the Junos OS main release and the maintenance releases.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Resolved Issues: 17.2R2
Class of Service (CoS)
On QFX5100, EX4300, or EX4600, traffic might be dropped when there is more than one forwarding
•
class under the [forwarding-class-sets] hierarchy. PR1255077
General Routing
Clients not getting IP addresses or ports are programmed under an incorrect VLAN. PR1230073
•
The FPC might encounter errors and stop forwarding traffic. PR1249375
•
EX9200: EVPN active/active ARP is not resolving on hosts. PR1267769
•
After MACsec link flaps, traffic stops forwarding across the MACsec link. PR1269229
•
32
The l2ald memory might leak for every IPv6 ND message it receives from peer the MC-LAG, and it does
•
not free the memory allocated. PR1277203
An l2ald crash occurs with no apparent trigger. PR1302344
•
Infrastructure
On an EX4300 egress VLAN-based firewall filter on a Q-in-Q interface, after a switch reboot, firewall
•
counters might not increment as expected. PR1165450
The EX4300 aggregated interface goes down when the interface member VLAN is PVLAN and LACP is
•
enabled. PR1264268
Interfaces and Chassis
An interface explicitly disabled under RSTP is blocked under some conditions. PR1266035
•
Junos Fusion Enterprise
EX4300 running Junos OS Release 17.1R1 cannot be converted on satellite mode. PR1267767
•
With show ethernet-switching table a few entries are stuck in DLR state after l2-learning restart.
•
PR1268619
VRRP split brain in dual access device Junos Fusion. PR1293030
•
An access device without a cascade port cannot reach hosts over ICL link if they are authenticated by
•
dot1x in a different VLAN than the default (manually assigned) VLAN. PR1298880
Platform and Infrastructure
Layer 3 protocol packets are not being sent out from the switch. PR1226976
•
Preboot Execution Environment (PXE) unicast ACK packet isdropped on EX4300. PR1230096
•
Traffic is not forwarded through GRE tunnel on EX4300 in some cases. PR1254638
•
Unexpected Packet Forwarding Enginer manager (pfex) restart is seen on RE switchover. PR1258863
•
The mismatch of vlan-id between an interface IFL and VLAN config might result in traffic blackhole.
•
PR1259310
On the EX4300 Virtual Chassis, the FPC might crash and a pfex core file might be generated. PR1261852
•
IPv6 neighbor solicitation messages are dropped when MLD snooping is enabled on EX4300. PR1263535
•
The l2ald process might crash when many dot1x clients are being re-authenticated. PR1269945
•
On EX4300, CPU usage related to pfex_junos increases because of DHCP relay traffic. PR1276995
•
33
Routing Protocols
The BGP session might flap during ISSU, resulting in 40-50 seconds of dropped traffic. PR1247937
•
Virtual Chassis
When you add an EX4300 switch to the VCF, the following error message is seen: ?ch__map_alarm_id
•
alarm ignored: object 0x7e reason?. PR1234780
VLAN Infrastructure
VLAN association is not being updated in the Ethernet switching table when the device is configured in
•
single supplicant mode. PR1283880
Resolved Issues: 17.2R1
Interfaces and Chassis
MPC might crash during ISSU from Junos OS Release 15.1R1 to a later release when QSFP/CXP/CFP2
•
optics are present. PR1216924
34
Network Management and Monitoring
After the rebooting of the Virtual Chassis, authentication of SNMPv3 users fails due to the change of
•
the local engine ID. PR1256166
Platform and Infrastructure
The egress PE device (EX4300) sends out LLDP frames toward the CE device with the destination MAC
•
address of 01:00:0c:cd:cd:d0, which is a duplicated frame and rewritten by the ingress (PE) device.
PR1251391
Port Security
On EX4600 switches and Virtual Chassis, MACsec connections are deleted randomly after a switch
•
reboot, optics removal, deactivation or activation of a MACsec configuration, or fxpc process restart.
PR1234447
Routing Protocols
The BGP session might flap during ISSU, resulting in 40-50 seconds of dropped traffic. PR1247937
•
SEE ALSO
New and Changed Features | 22
Changes in Behavior and Syntax | 26
Known Behavior | 28
Known Issues | 29
Documentation Updates | 35
Migration, Upgrade, and Downgrade Instructions | 35
Product Compatibility | 36
Documentation Updates
There are no errata or changes in Junos OS Release 17.2R2 for the EX Series switches documentation.
SEE ALSO
New and Changed Features | 22
Changes in Behavior and Syntax | 26
35
Known Behavior | 28
Known Issues | 29
Resolved Issues | 31
Migration, Upgrade, and Downgrade Instructions | 35
Product Compatibility | 36
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
Upgrade and Downgrade Support Policy for Junos OS Releases | 36
This section contains the upgrade and downgrade support policy for Junos OS for the EX Series. Upgrading
or downgrading Junos OS can take several hours, depending on the size and configuration of the network.
For information about software installation and upgrade, see the Installation and Upgrade Guide.
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not
provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the
next EEOL release, even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently
installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 16.1,
16.2 and 17.1 are EEOL releases. You can upgrade from Junos OS Release 16.1 to Release 16.2 or even
from Junos OS Release 16.1 to Release 17.1. However, you cannot upgrade directly from a non-EEOL
release that is more than three releases ahead or behind.
To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after,
first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your
target release.
For more information on EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html
36
SEE ALSO
New and Changed Features | 22
Changes in Behavior and Syntax | 26
Known Behavior | 28
Known Issues | 29
Resolved Issues | 31
Documentation Updates | 35
Product Compatibility | 36
Product Compatibility
IN THIS SECTION
Hardware Compatibility | 37
Hardware Compatibility
To obtain information about the components that are supported on the devices, and the special compatibility
guidelines with the release, see the Hardware Guide for the product.
To determine the features supported on EX Series switches in this release, use the Juniper Networks
Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature
information to find the right software release and hardware platform for your network. Find Feature
Explorer at https://pathfinder.juniper.net/feature-explorer/.
Hardware Compatibility Tool
For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms,
see the Hardware Compatibility tool.
SEE ALSO
New and Changed Features | 22
37
Changes in Behavior and Syntax | 26
Known Behavior | 28
Known Issues | 29
Resolved Issues | 31
Documentation Updates | 35
Migration, Upgrade, and Downgrade Instructions | 35
Junos OS Release Notes for Junos Fusion Data Center
IN THIS SECTION
New and Changed Features | 38
Changes in Behavior and Syntax | 53
Known Behavior | 53
Known Issues | 55
Resolved Issues | 55
Documentation Updates | 56
Migration, Upgrade, and Downgrade Instructions | 57
Product Compatibility | 74
These release notes accompany Junos OS Release 17.2R2 for the Junos Fusion Data Center. They describe
new and changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/software/junos/.
New and Changed Features
38
IN THIS SECTION
Release 17.2R2 New and Changed Features | 38
Release 17.2R1 New and Changes Features | 38
This section describes the new features and enhancements to existing features in the Junos OS main
release and the maintenance releases for Junos Fusion Data Center.
Release 17.2R2 New and Changed Features
There are no new features or enhancements to existing features for Junos Fusion Data Center in Junos
OS Release 17.2R2.
Release 17.2R1 New and Changes Features
Junos Fusion Data Center
Junos Fusion Data Center support (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1,
•
Junos Fusion Data Center support is available and brings the Junos Fusion technology to data center
networks. Junos Fusion Data Center uses QFX10000 switches in the aggregation device role and allows
data center networks to combine numerous switches into a single, port-dense system. The system is
managed from a single point (the aggregation devices) and simplifies network topologies because Junos
Fusion Data Center is viewed as a single device by the larger network. Junos Fusion Data Center supports
the 802.1BR standard.
You can configure the following QFX10000 Series switches as an aggregation device in a Junos Fusion
Data Center:
QFX10002 switches
•
You can configure the following switches as satellite devices:
QFX5100 switches—QFX5100-24Q-2P, QFX5100-48S-6Q, QFX5100-48SH-6Q, QFX5100-48T-6Q,
•
QFX5100-48TH-6Q, and QFX5100-96S-8Q
EX4300 switches—EX4300-24T, EX4300-32F, EX4300-48T, and EX4300-48T-BF
•
[See Junos Fusion Data Center Overview.]
Dual aggregation devices (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, you can
•
have two aggregation devices in a Junos Fusion Data Center topology to support dual homing from
satellite devices.
To configure a dual aggregation device topology, specify a chassis, redundancy group name and ID, peer
chassis ID, and interchassis link interface in a redundancy group. All other ICCP parameters are
automatically configured as part of the automatic ICCP provisioning of an interchassis link feature, which
is enabled by default.
39
[See Configuring the Dual Aggregation Device Topology.]
Hardware
New satellite device models (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, the new
•
QFX5100-48SH and QFX5100-TH switch models ship from the factory with preinstalled satellite
software, allowing you to deploy them in a Junos Fusion Data Center in a plug-and-play manner.
[See QFX5100 Switch Hardware Guide.]
Class of Service (CoS)
Class of service support (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, Junos Fusion
•
Data Center supports the standard Junos class of service (CoS) features and operational commands in
either a single or dual aggregation device configuration. Each extended port on a satellite device is a
logical extension to the aggregation device. Therefore, the default CoS policy on the aggregation device
applies to each extended port. You can also create standard CoS policies for extended ports.
A cascade port is a physical port or interface on an aggregation device that provides a connection to a
satellite device. Port scheduling is supported on cascade ports. Junos Fusion technology reserves a
separate set of queues with minimum bandwidth guarantees for in-band management traffic to protect
against congestion caused by data traffic.
40
[See Understanding CoS in Junos Fusion Data Center.]
High Availability (HA) and Resiliency
Support for Virtual Routing Redundancy Protocol (Junos Fusion Data Center)—Starting in Junos OS
•
Release 17.2R1, Junos Fusion Data Center supports the Virtual Routing Redundancy Protocol (VRRP).
You can configure VRRP on dual aggregation devices to provide a common gateway for the hosts
connected to the satellite devices and to provide dynamic switchover from one aggregation device to
another in the event of failure. Both aggregation devices share the virtual IP address and route upstream
packets independently. For protocol control, one of the aggregation devices is elected as the master
and the other is placed in the backup role. To configure basic VRRP support, configure VRRP groups on
the aggregated interfaces by including the vrrp-group statement at the [edit interfaces interface-name
unit logical-unit-number family inet address ip-address] hierarchy level.
[See Understanding VRRP.]
Interfaces
•
LACP support (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, LACP is supported on
Junos Fusion Data Center. It provides the ability to bundle several physical interfaces to form one logical
aggregated Ethernet interface. The LACP mode can be active or passive. The transmitting link is known
as the actor, and the receiving link is known as the partner. If the actor and partner are both in passive
mode, they do not exchange LACP packets, and the aggregated Ethernet links do not come up. If either
the actor or partner is active, they do exchange LACP packets. By default, LACP is in passive mode on
aggregated Ethernet interfaces. To initiate transmission of LACP packets and response to LACP packets,
you must enable LACP active mode.
You can configure Ethernet links to actively transmit PDUs, or you can configure the links to passively
transmit them, sending out LACP PDUs only when they receive them from another link
LACP is supported in single and dual aggregation device topologies.
[See Understanding Link Aggregation and Link Aggregation Control Protocol in a Junos Fusion.]
•
Increased number of aggregated Ethernet interfaces (Junos Fusion Data Center)—Starting in Junos OS
Release 17.2R1, you can configure up to 1000 aggregated Ethernet interfaces for a Junos Fusion Data
Center system. To configure, include the device-count statement with a value of 1000 at the [edit chassis
aggregated-devices ethernet] hierarchy level and add member links in each bundle.
41
•
Automatic ICCP provisioning of an interchassis link in a Junos Fusion (Junos Fusion Data Center)—Starting
in Junos OS Release 17.2R1, automatic ICCP provisioning of an interchassis link (ICL) simplifies
configuration of a Junos Fusion with dual aggregation devices by automatically provisioning the ICCP
configuration within the Junos Fusion, instead of requiring the user to manually configure all ICCP
parameters.
The configuration of the redundancy group in a Junos Fusion using dual aggregation devices still requires
that you specify a chassis, redundancy group name and ID, peer chassis ID, and interchassis link interface
as part of the configuration process. All other redundancy group parameters are now automatically set
to default values that do not have to be user-configured for a dual aggregation device topology to
operate.
Automatic ICCP provisioning is enabled by default. If a user configures a redundancy group parameter
that is set by default normally, the user configuration automatically overrides the default parameter.
Automatic ICCP provisioning can be disabled by entering the no-auto-iccp-provisioning statement at
the [edit chassis satellite-management redundancy-groups redundancy-group-name peer-chassis-id
peer-chassis-id-number] hierarchy level.
[See Understanding Automatic ICCP Provisioning and Automatic VLAN Provisioning of an Interchassis
Link.]
Automatic VLAN provisioning on an interchassis link in a Junos Fusion (Junos Fusion Data
Center)—Starting in Junos OS Release 17.2R1, automatic VLAN provisioning of an interchassis link (ICL)
simplifies configuration of a Junos Fusion with dual aggregation devices by allowing the ICL
interconnecting the dual aggregation devices to automatically detect all VLAN traffic on the Junos Fusion
and seamlessly forward VLAN information between the aggregation devices over the ICL.
When automatic VLAN provisioning is disabled, you have to manually configure the supported VLANs
on each ICL to ensure VLAN information is shared between aggregation devices.
Automatic VLAN Provisioning is enabled by default in a Junos Fusion Data Center, and can be disabled
using the set chassis satellite-management redundancy-groups redundancy-group-name peer-chassis-id
peer-chassis-id-number no-auto-vlan-provisioning statement.
Automatic VLAN Provisioning only works when the ICL is in trunk mode, and when the ICL interfaces
are configured into unit 0 family ethernet-switching.
[See Understanding Automatic ICCP Provisioning and Automatic VLAN Provisioning of an Interchassis
Link.]
Configuration synchronization for MC-LAG (Junos Fusion Data Center)—Starting in Junos OS Release
•
17.2R1, Junos Fusion supports the ability to easily propagate, synchronize, and commit configurations
from one MC-LAG peer to another MC-LAG peer. MC-LAG configuration synchronization enables you
log into any one of the MC-LAG peers to manage both MC-LAG peers, thus having a single point of
management. With MC-LAG configuration synchronization, you can use configuration groups to simplify
the configuration process. For example, you can create configuration groups for the local MC-LAG peers,
one for the remote MC-LAG peer, and one for the global configuration, which is essentially a configuration
that is common to both MC-LAG peers. You can create conditional groups to specify when a configuration
is synchronized with another MC-LAG peer. Additionally, you can include the peers-synchronize statement
at the [edit system commit] hierarchy level to synchronize the configurations and commits across the
MC-LAG peers by default. NETCONF over SSH provides a secure connection between the MC-LAG
peers, and Secure Copy Protocol (SCP) copies the configurations securely between the MC-LAG peers.
42
•
Uplink port pinning (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, uplink port pinning
allows traffic entering an extended port on a Junos Fusion Data Center to select which uplink port or
ports are used to carry the traffic from the satellite device to the aggregation device. Uplink port pinning
provides more deterministic traffic control by allowing you to select how traffic is forwarded from an
extended port to an aggregation device.
When uplink port pinning is not enabled, traffic is forwarded from the satellite device to the aggregation
device using all available uplink ports.
Uplink port pinning is configured in the following steps:
1. Create a forwarding policy in a satellite policy that includes an uplink port group by using the
port-group-extended and port-group-uplink statements.
2. Associate the uplink port group with an extended port by configuring a port group alias with the
port-group-alias statement.
3. Associate the forwarding policy with the Junos Fusion configuration using the forwarding-policy
statement at the [edit chassis satellite-management] hierarchy level.
[See Understanding Remapping Uplink Traffic Flows on a Junos Fusion Data Center.]
Uplink failure detection (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, Junos Fusion
•
enables satellite devices to detect link failures on the uplink interfaces used to connect to aggregation
devices. When a host device is multihomed to two satellite devices, and one of the uplink interfaces
goes down, the host device can redirect traffic through the other active satellite device. All of the
extended ports configured on the satellite device with the uplink interface failure are shut down.
By default, UFD is disabled. To enable UFD for all satellite devices, include the uplink-failure-detection
statement at the [edit chassis satellite-management] hierarchy level. To enable UFD for specific satellite
devices, include the uplink-failure-detection statement at the [edit chassis satellite-management fpc]
hierarchy level.
EX4300 and QFX5100 switches configured as satellite devices have a default set of uplink
interfaces.Table 1 on page 43 shows the default set of uplink interfaces that UFD selects for failure
detection:
Table 1: UFD Default Uplink Interfaces for Satellite Devices
Default Uplink InterfacesDevice Type
1/0 through 1/3 and 2/0 through 2/3EX4300-24T (4 ports each on PIC1 and PIC2)
43
EX4300-32F
PIC 0 ports 32-35
PIC 1 ports 0-1
PIC 2 ports 0-7
1/0 through 1/3 and 2/0 through 2/3EX4300-48T (4 ports each on PIC1 and PIC2)
1/0 through 1/3 and 2/0 through 2/3EX4300-48T-BF (4 ports each on PIC1 and PIC2)
PIC 0 ports 20-23QFX5100-24Q-2P
0/48 through 0/53QFX5100-48S-6Q or QFX5100-48SH-6Q (6 QSFP+ ports)
0/48 through 0/53QFX5100-48T-6Q or QFX5100-48TH-6Q (6 QSFP+ ports)
0/96 through 0/103QFX5100-96S-8Q (8 QSFP+ ports)
If you choose not to use the default set of uplinks for your satellite devices, you need to specify which
uplink interfaces you want to use for UFD. To apply UFD to an uplink interface, include the
ufd-default-policy statement at the [edit chassis satellite-management uplink-failure-detection] hierarchy
level. You also need to configure the UFD policy. For example:
[edit policy-options]
satellite-policy {
candidate-uplink-port-profile {
ufd-default-policy {
term qfx5100 {
product-model QFX5100*;
uplink-port-group uplink-ports;
}
}
}
port-group-alias {
uplink-ports {
pic 0 {
port [1, 2];
}
pic 1 {
port [3,4];
}
}
}
}
44
[See Overview of Uplink Failure Detection on a Junos Fusion.]
Supported port types (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, Junos Fusion
•
Data Center supports the following port types:
Cascade port—Provides a connection to a satellite device. Cascade ports on an aggregation device
•
connect to uplink ports on the satellite device.
Uplink port—Provides a connection to an aggregation device. Uplink ports on a satellite device connect
•
to cascade ports on the aggregation device.
Extended port—Provides a connection to servers or endpoints. Extended ports are the physical
•
interfaces of the satellite devices. The satellite devices appear as additional FPCs on the aggregation
device in a Junos Fusion topology, and extended ports appear as additional interfaces to be managed
by the aggregation device.
ICL port—Provides a connection between aggregation devices to support a dual-homed topology. ICL
•
interfaces must be configured.
[See Understanding Junos Fusion Ports.]
Enhanced interface commands (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, Junos
•
Fusion Data Center provides information for extended ports and uplink ports on satellite devices through
operational mode commands and output. Extended port names include the extended FPC slot number,
PIC slot, and port number. For example, a 10-Gigabit Ethernet extended port number might be
xe-125/1/8, where 125 is the FPC slot number, 1 is the physical interface card (PIC) slot, and 8 is the
extended port number.
The following commands have been enhanced to display the extended ports and uplink ports by using
either the slot or the alias. Additionally, you can now use the keyword satellite to view information about
the satellite device ports:
show interfaces satellite-device (all | alias)
•
show interfaces extensive satellite-device (all | alias)
•
show interfaces terse satellite-device (all | alias)
•
Layer 2 Protocols
Local switching on satellite devices (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1,
•
you can enable local Layer 2 switching at the satellite device level. In local switching mode, all bridging
traffic for which the source and destination port are local to a satellite device is forwarded by that satellite
device based on the destination MAC address. Each satellite device maintains only the local destination
MAC addresses that are directly connected to the device in the bridge forwarding table. Any unknown
MAC address on the satellite device is forwarded to the aggregation device for forwarding. To configure
a satellite device in a Junos Fusion Data Center into local switching mode, include the local-switching
statement at the [edit forwarding-options satellite fpc fpc-slot-number] hierarchy level on the aggregation
device, where fpc-slot-number is the FPC slot ID of the satellite device.
45
[See Configuring Local Switching on Junos Fusion Data Center.]
•
VLAN autosensing (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, VLAN autosensing
allows extended ports on satellite devices to provision VLANs dynamically, as needed, to preserve the
VLAN memory of the aggregation device with no or minimal impact to the forwarding of VLAN traffic
in the Junos Fusion.
You configure VLAN autosensing from the aggregation device on a per-extended port basis by including
the vlan-auto-sense statement at the [edit interfaces interface-name unit logical-unit-number family
ethernet-switching] hierarchy level, where interface-name is the name of the extended port interface.
For example, to enable VLAN autosensing on extended port xe-101/0/0:
[edit]
user@aggregation-device# set interfaces xe-101/0/0 unit 0 family ethernet-switching
vlan-auto-sense
Configuration notes for VLAN autosensing:
VLAN autosensing is supported on extended ports only.
•
Only single VLAN tagged packets are autosensed.
•
[See Understanding VLAN Autosensing.]
Loop detection on extended ports (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1,
•
you can configure a Junos Fusion Data Center system to detect and break loops of unicast traffic on
downstream extended ports without configuring spanning tree protocols. Typically, the loops are caused
by either miswiring or by misconfiguration. Loop detection transmits special protocol data units (PDUs)
periodically, and if a PDU is received on an extended port, the loop is detected and broken. Loop detection
blocks the ingress port and issues a loop detection PDU error. When a port is blocked, you need to
manually bring up the interface. Loop detection only responds to detect PDUs, not BPDUs.
[See Understanding Loop Detection and Prevention on a Junos Fusion.]
Link Layer Discovery Protocol (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, Link
•
Layer Discovery Protocol (LLDP) is supported in a Junos Fusion Data Center. Link Layer Discover Protocol
(LLDP) allows network devices to advertise their capabilities, identity, and other information onto a LAN.
In a Junos Fusion topology, the LLDP protocol running on the satellite port is used for satellite device
discovery and also works as a simple hello protocol between the satellite and aggregation devices to
establish a two-way adjacency and detect remote-end failures.
[See Understanding LLDP and LLDP-MED on Junos Fusion.]
MAC address synchronization (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1,
•
aggregation devices synchronize MAC addresses that are learned on the extended ports.
[See Understanding MAC Address Synchronization in a Junos Fusion.]
46
VSTP enhancements (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, VSTP is supported
•
on a QFX10000 switch acting as a single-homed aggregation device. The VSTP configuration can include
native ports or extended ports in a Junos Fusion Data Center.
Loop detection with BPDU guard on VSTP edge ports (Junos Fusion Data Center)—Starting in Junos
•
OS Release 17.2R1, Junos Fusion Data Center supports bridge protocol data unit (BPDU) protection for
VLAN Spanning Tree Protocol (VSTP) on extended ports in a dual aggregation device topology. You can
configure an extended port as a VSTP edge interface, and configure BPDU protection on the interface
using the bpdu-block-on-edge statement. The exchange of BPDUs generated by VSTP prevents loops
in network traffic by determining which interfaces block traffic and which interfaces forward traffic. If
a BPDU is received on an edge interface with BPDU guard, VSTP will detect a loop and shutdown the
interface. Other interfaces in the VLAN remain intact. To clear the interface for forwarding, issue the
clear error bpdu interface command.
[See bpdu-block-on-edge.]
Layer 3 Protocols
Support for Layer 3 protocols (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, the
•
following routing protocols supported on QFX10000 switches have been extended to the satellite
devices in a Junos Fusion Data Center topology.
You can configure the following Layer 3 routing protocols on satellite device extended ports using a
single aggregation device topology:
BGP
•
BGP for IPv6
•
IS-IS
•
IS-IS for IPv6
•
OSPF
•
OSPF version 3
•
Multicast Protocols
Local egress replication for VLAN flooding (Junos Fusion Data Center)—Starting in Junos OS Release
•
17.2R1, for a Junos Fusion topology with dual aggregation devices, you can enable egress replication
(local replication) using the local-replication statement at the [edit forwarding-options satellite] hierarchy
level. Local replication helps distribute packet replication load and reduce traffic on cascade ports for
multicast and flooded VLAN traffic. When local replication is enabled, packet replication behavior for
VLAN flooding is as follows:
The aggregation device sends one copy of the packet to each satellite device that has extended ports
•
in the VLAN.
The satellite device does replication for each local port in the VLAN.
•
Use the show ethernet-switching flood satellite and show ethernet-switching flood next-hops satellite
commands to view local replication information for flooded VLAN traffic.
47
[See Egress Multicast Replication on the Satellite Devices.]
Egress replication for Layer 2 multicast with IGMP Snooping (Junos Fusion Data Center)—Starting in
•
Junos OS Release 17.2R1, egress multicast replication, also called local replication, is supported for Junos
Fusion topologies featuring dual aggregation devices. You can optionally configure local replication for
all satellite devices by including the local-replication statement at the [edit forwarding-options satellite]
hierarchy level. For Layer 2 multicast traffic with IGMP snooping configured and local replication enabled,
the aggregation device sends only one copy of the packet to each satellite device that has an extended
port in the multicast group, and the satellite device does the replication for its local ports that are members
of the multicast group. When local replication is not enabled, Junos Fusion defaults to ingress replication,
where all replication is done on the aggregation devices and sent to corresponding satellite devices for
each extended port receiving the multicast traffic.
Use the following commands to display local replication information:
show ethernet-switching satellite device
•
show multicast ecid-mapping satellite
•
show multicast next-hops satellite
•
show multicast snooping next-hops satellite
•
show multicast snooping route satellite
•
show multicast statistics satellite
•
show multicast summary satellite
•
Local replication is not compatible with port mirroring, VLAN ID tagging policies, and VPN configurations,
and does not take effect (reverts to ingress replication behavior) for IPv6 traffic or Multicast Listener
Discovery (MLD) snooping.
[See Egress Multicast Replication on the Satellite Devices.]
Egress replication for Layer 3 multicast IRB interface traffic (Junos Fusion Data Center)—Starting in
•
Junos OS Release 17.2R1, for a Junos Fusion topology with dual aggregation devices, you can enable
egress multicast replication (also called local replication) using the local-replication statement at the
[edit forwarding-options satellite] hierarchy level. Local replication helps distribute multicast packet
replication load and reduce traffic on cascade ports, including for Layer 3 multicast traffic being routed
between VLANs on IRB interfaces. When local replication is enabled, Layer 3 multicast packet replication
behavior is as follows:
The aggregation device replicates the data for each IRB interface in the multicast group, and sends
•
copies to each satellite device with member ports—one copy for each VLAN where the satellite device
has destination extended ports in the VLAN.
Each receiving satellite device replicates the data for its local extended ports in the multicast group
•
for each VLAN.
48
Local replication is not compatible with interfaces that use VLAN ID tagging policies that add processing
overhead to forward egress traffic.
[See Egress Multicast Replication on the Satellite Devices.]
Multicast convergence improvements using enhanced PIM dual designated router mode for dual
•
aggregation devices (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, enhanced PIM
dual designated router mode is supported to improve multicast convergence time on a Junos Fusion
with dual aggregation devices in the event of designated router (DR) failure and recovery. You can
optionally enable this feature by including the dual-dr enhanced statement at the [edit protocols pim
interface interface-name] hierarchy level. With enhanced PIM dual designated router mode enabled,
although only one aggregation device is the primary device actively forwarding multicast traffic, both
devices join the multicast tree and receive multicast data. As a result, if the primary aggregation device
fails, the other aggregation device quickly takes over multicast replication and forwarding. You can enable
this feature with egress multicast replication (local replication).
[See Understanding Multicast Convergence Enhancements for Dual Aggregation Devices in a Junos
Fusion.]
Support for multicast protocols (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, many
•
of the multicast protocols supported on QFX10000 switches have been extended to the satellite devices
in a Junos Fusion topology. You can configure the following multicast protocols on satellite device
extended ports:
•
•
IGMP
MLD
PIM source-specific multicast (SSM)
•
PIM sparse mode
•
Network Management and Monitoring
Local port mirroring (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, Junos Fusion
•
Data Center supports local port mirroring. Port mirroring copies packets entering or exiting a port or
entering a VLAN and sends the copies to a local interface for local monitoring. You can use local port
mirroring to troubleshoot and monitor applications. You can mirror packets per port, and you can configure
the source and mirror ports on the same satellite device.
[See Understanding Remapping Uplink Traffic Flows on a Junos Fusion Data Center.]
Analyzers on extended ports (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, you
•
can use port mirroring (analyzers) on extended ports on satellite devices in a Junos Fusion Data Center.
Extended-port port mirroring copies packets entering or exiting a port or entering a VLAN and sends
the copies to a VLAN for remote monitoring. Use port mirroring to send traffic to applications that
analyze traffic for purposes such as monitoring compliance, enforcing policies, detecting intrusions,
monitoring and predicting traffic patterns, correlating events, and so on. When a port is ingress-mirrored,
any packet received on that port is mirrored to the user-configured destination. When a port is
egress-mirrored, any packet transmitted from that port is mirrored to your configured port-mirroring
destination.
49
In Junos Fusion Data Center, you can use analyzers on extended ports for these purposes:
Mirror aggregation device ports to extended ports
•
Mirror extended ports to extended ports
•
Mirror extended ports to aggregation device ports
•
[See Understanding Port Mirroring on a Junos Fusion Data Center.]
Junos Space Service Now (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, Junos
•
Fusion Data Center uses Service Now for failure event reporting. Service Now is an application that runs
on the Junos Space Network Management Platform to automate fault management and accelerate issue
resolution.
[See Junos Space Service Now User Guide.]
Chassis MIB support (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1, satellite devices
•
in a Junos Fusion topology are represented in the chassis MIB. Satellite devices are represented as FPC
slots (100, 101,102,..) in the aggregation device. The support is enabled using a range of container
indexes, which enable the SNMP process to redirect SNMP requests to the chassis process or SPMD
based on the first index entry.
The following tables have been implemented for satellite devices:
jnxContainersTable
•
jnxContentsTable
•
jnxFilledTable
•
jnxOperatingTable
•
jnxFRUTable
•
alpha supply) is 102 for the power supply of the satellite device. Using these indexes, you can distinguish
the satellite device hardware from the aggregation device hardware.
Chassis MIB support is available in single and dual aggregation device topologies.
[See Chassis MIB Support (Junos Fusion).]
Routing Policy and Firewall Filters
Flow-based uplink selection (Junos Fusion Data Center)—Starting in Junos OS Release 17.2R1 on Junos
•
Fusion Data Center, you can configure flow-based uplink selection for satellite devices to achieve better
utilization of network resources. To remap specified elephant flows from satellite devices to aggregation
devices, you program remapping on all or specific satellite devices to override the default 5-tuple hashing
and then distribute those specified flows across uplinks toward aggregation devices. You define specific
flows by using flow-based firewall filters statements, and those flows are sent to the uplink port or ports
that you define.
50
[See Understanding Remapping Uplink Traffic Flows on a Junos Fusion Data Center.]
Storage
Support for DCBX (Junos Fusion Data Center)—Starting in Junos OS 17.2R1, Junos Fusion Data Center
•
supports Data Center Bridging Capability Exchange Protocol (DCBX), including both DCBX v1.01 and
IEEE DCBX. The Junos Fusion Data Center aggregation and satellite devices function as a single logical
DCBX capable switch. Configuration for DCBX on Junos Fusion Data Center is performed on the
aggregation device and is the same as on a standalone device.
The satellite device acts as a proxy for relaying DCBX messages from the aggregation device to the peer.
In a dual-aggregation device setup, the satellite device automatically coordinates DCBX messages from
both aggregation devices to relay to the peer, keeping the Junos Fusion Data Center appearing as a
single device.
[See Understanding DCBX.]
Support for PFC (Junos Fusion Data Center) — Starting in Junos OS 17.2R1, Junos Fusion Data Center
•
supports priority-based flow control (PFC) for Fibre Channel over Ethernet (FCoE) traffic. The Junos
Fusion Data Center aggregation and satellite devices function as a single logical device. Configuration
for PFC on Junos Fusion Data Center is performed on the aggregation device and is the same as on a
standalone device.
[See Example: Configuring CoS PFC for FCoE Traffic.]
Software Installation and Upgrade
Upgrading and managing the satellite software on satellite devices (Junos Fusion Data Center)—Starting
•
in Junos OS Release 17.2R1, Junos Fusion provides the ability to manage satellite software. To convert
a standalone switch to a satellite device, you can use one of the following methods:
Autoconversion—Automatically converts a standalone device into a satellite device when it is cabled
•
to a cascade port on the aggregation device.
Manual conversion—Installs the satellite software manually from the aggregation device when you
•
issue the request chassis satellite interface interface-name device-mode satellite command.
Preconversion—Installs satellite software onto a device before connecting it to a Junos Fusion topology.
•
After you convert the switch to a satellite device, you can install satellite software upgrades onto a
satellite device through the aggregation device.
NOTE: Before you can save satellite software images on a QFX10002 switch acting as an
aggregation device, you must issue a one-time command to expand the storage capacity. To
expand the storage area on the aggregation device, issue the request system storage user-disk
expand command.
51
Satellite software upgrade groups are often needed to install satellite software. A satellite software
upgrade group is a group of satellite devices that are designated to upgrade to the same satellite software
version using the same satellite software package. When you add a satellite to an upgrade group that is
not running the same satellite software, the satellite device is automatically updated to the version of
satellite software associated with the upgrade group.
You can use the following commands to add and associate a satellite software version with an upgrade
group:
request system software add upgrade-group—Add the satellite software and associate it with the
•
specified upgrade group.
request system software delete upgrade-group—Remove the satellite software association from the
•
specified upgrade group.
request system software rollback upgrade-group—Associate an upgrade group with a previous version
•
of satellite software.
You can issue the show chassis satellite software command to see which software images are stored
on the aggregation device and which upgrade groups are associated with the software images.
[See Understanding Software in a Junos Fusion Data Center.]
Software Licensing
•
Licensing model (Junos Fusion Data Center)—Starting with Junos OS Release 17.2R1, you need to install
a Junos Fusion license in addition to any other feature licenses that you install to track and activate the
following models that are shipped with satellite software. These models can only be used as satellite
devices:
QFX5100-48SH-AFO
•
QFX5100-48SH-AFI
•
QFX5100-48TH-AFO
•
QFX5100-48TH-AFI
•
NOTE: You do not need Junos Fusion licenses for satellite device models that were purchased
as Junos OS-based top-of-rack switches.
You install these licenses on the aggregation device. Because the configurations are synchronized
between aggregation devices, you only need to purchase one license and install it on one aggregation
device regardless of whether you deploy a single or dual aggregation device topology. You can purchase
a single-pack license to activate one satellite device, or you can purchase a multipack license to activate
multiple satellite devices.
52
The following Junos Fusion Data Center SKUs are available for purchase:
QFX10K-C1-JFS-1
•
QFX10K-C1-JFS-4
•
QFX10K-C1-JFS-8
•
QFX10K-C1-JFS-16
•
QFX10K-C1-JFS-32
•
QFX10K-C1-JFS-64
•
You can issue the request system add license, request system license delete, and request system license
save commands to manage your licenses. You can also issue the show system license command to
display license information.
[See Understanding Junos Fusion Licenses.]
SEE ALSO
Changes in Behavior and Syntax | 53
Known Behavior | 53
Known Issues | 55
Resolved Issues | 55
Documentation Updates | 56
Migration, Upgrade, and Downgrade Instructions | 57
Product Compatibility | 74
Changes in Behavior and Syntax
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS
statements and commands in Junos OS Release 17.2R2 or later for Junos Fusion Data Center.
Junos Fusion
Change in Junos Fusion operational mode syntax (Junos Fusion Data Center)—Starting in Junos OS
•
Release 17.2R1, the slot-id option has been replaced by fpc-slot in commands such as show chassis
satellite and show chassis environment satellite. The slot-id option, although hidden, remains a valid
option to provide backward compatibility for previous versions of Junos Fusion.
53
SEE ALSO
New and Changed Features | 38
Known Behavior | 53
Known Issues | 55
Resolved Issues | 55
Documentation Updates | 56
Migration, Upgrade, and Downgrade Instructions | 57
Product Compatibility | 74
Known Behavior
This section lists known behavior, system maximums, and limitations in hardware and software in Junos
OS Release 17.2R2 for Junos Fusion Data Center.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Junos Fusion Data Center
When a QFX10002 switch functions as an aggregation device in a Junos Fusion Data Center topology,
•
it only supports cascade port-based slot assignments for satellite devices. In addition, any change in the
configuration for a cascade port connected to a satellite device is treated as a catastrophic event and
results in the deletion of any related interface state (including the extended ports), which is rebuilt after
a period of time. The following additional restrictions also apply:
You cannot configure dual-homed satellite device extended ports as pure Layer 3 interfaces. As a
•
result, family inet and family inet6 are not supported on dual-homed extended ports.
If the ICL interface goes down, traffic loss will occur. As a workaround, we recommend you configure
•
the ICL interface over an aggregated Ethernet interface with multiple links in the bundle to prevent
single-point failures that would cause the ICL interface to shut down.
On a Junos Fusion Data Center, configuring the following options for CoS forwarding class sets (fc-sets)
•
incorrectly triggers a syslog message but does not result in any commit errors:
Priority of strict-high and normal (strict-high mixed with (low and high) queue) mixed in a single fc-set.
•
54
Total number of strict-high fc-sets configured is more than 1.
•
Transmit rate or guaranteed rate is configured on strict-high fc.
•
If the incorrect configuration is applied and the aggregation device is restarted, COSD does not start,
and the CoS configuration is not sent to the Packet Forwarding Engine. The system will be in an
inconsistent state.
SEE ALSO
New and Changed Features | 38
Changes in Behavior and Syntax | 53
Known Issues | 55
Resolved Issues | 55
Documentation Updates | 56
Migration, Upgrade, and Downgrade Instructions | 57
Product Compatibility | 74
Known Issues
This section lists the known issues in hardware and software in Junos OS Release 17.2R2 for Junos Fusion
Data Center.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Junos Fusion
There are no known issues in the Junos OS Release 17.2R2 for Junos Fusion Data Center.
SEE ALSO
New and Changed Features | 38
55
Changes in Behavior and Syntax | 53
Known Behavior | 53
Resolved Issues | 55
Documentation Updates | 56
Migration, Upgrade, and Downgrade Instructions | 57
Product Compatibility | 74
Resolved Issues
IN THIS SECTION
Resolved Issues: 17.2R2 | 56
Resolved Issues: 17.2R1 | 56
This section lists the issues fixed in the Junos OS main release and the maintenance releases.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Resolved Issues: 17.2R2
Native VLAN on an aggregated Ethernet interface terminated on multiple satellite devices. PR1305698
•
Resolved Issues: 17.2R1
There are no fixed issues in the Junos OS Release 17.2R1 for Junos Fusion Data Center.
SEE ALSO
New and Changed Features | 38
Changes in Behavior and Syntax | 53
Known Behavior | 53
Known Issues | 55
56
Documentation Updates | 56
Migration, Upgrade, and Downgrade Instructions | 57
Product Compatibility | 74
Documentation Updates
This section lists the errata or changes in Junos OS Release 17.2R2 for Junos Fusion Data Center
documentation.
There are no errata and changes in the current Junos Fusion Data Center documentation.
•
SEE ALSO
New and Changed Features | 38
Changes in Behavior and Syntax | 53
Known Behavior | 53
Known Issues | 55
Resolved Issues | 55
Migration, Upgrade, and Downgrade Instructions | 57
Product Compatibility | 74
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
Basic Procedure for Upgrading an Aggregation Device | 57
Preparing the Switch for Satellite Device Conversion | 59
Autoconverting a Switch into a Satellite Device | 62
Manually Converting a Switch into a Satellite Device | 65
Configuring a Switch into a Satellite Device Before Connecting It to a Junos Fusion Topology | 68
Configuring Satellite Device Upgrade Groups | 69
Converting a Satellite Device to a Standalone Device | 70
Upgrade and Downgrade Support Policy for Junos OS Releases | 73
Downgrading from Release 17.2 | 73
57
This section contains the procedure to upgrade Junos OS, and the upgrade and downgrade policies for
Junos OS for Junos Fusion Data Center. Upgrading or downgrading Junos OS can take several hours,
depending on the size and configuration of the network.
NOTE: For the latest information concerning which hardware and software to select for your
Junos Fusion system, see Junos Fusion Hardware and Software Compatibility.
Basic Procedure for Upgrading an Aggregation Device
When upgrading or downgrading Junos OS, always use the jinstall package. Use other packages (such as
the jbundle package) only when so instructed by a Juniper Networks support representative. For information
about the contents of the jinstall package and details of the installation process, see the Installation and
Upgrade Guide.
NOTE: Before upgrading, back up the file system and the currently active Junos OS configuration
so that you can recover to a known, stable environment in case the upgrade is unsuccessful.
Issue the following command:
user@host> request system snapshot
The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration
information from the previous software installation is retained, but the contents of log files might
be erased. Stored files on the routing platform, such as configuration templates and shell scripts
(the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored
files, copy them to another system before upgrading or downgrading the routing platform. See
the Junos OS Administration Library.
The download and installation process for Junos OS Release 17.2R2 is different from previous Junos OS
releases.
58
1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:
https://www.juniper.net/support/downloads/
2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address)
and password supplied by Juniper Networks representatives.
3. Select By Technology > Junos Platform > Junos Fusion to access the Junos Fusion Hardware and
Software Compatibility page.
4. Click the Junos Fusion Data Center (QFX10000) title to expand the list of supported releases.
5. Click the release number (the software version that you want to download) from the list.
6. Select the aggregation device software package for the release.
7. Review and accept the End User License Agreement.
8. Download the software to a local host.
9. Copy the software to the routing platform or to your internal software distribution site.
10. Install the new jinstall package on the aggregation device.
NOTE: We recommend that you upgrade all software packages out of band using the console
because in-band connections are lost during the upgrade process.
Customers in the United States, Canada, and worldwide, use the following command:
user@host> request system software add reboot
source/jinstall-host-qfx-10-f-x86-64-17.2R2.13-secure-signed.tgz
Replace source with one of the following values:
/pathname—For a software package that is installed from a local directory on the router.
•
For software packages that are downloaded and installed from a remote location:
•
ftp://hostname/pathname
•
http://hostname/pathname
•
59
scp://hostname/pathname (available only for Canada and U.S. version)
•
Adding the reboot command reboots the router after the upgrade is validated and installed. When the
reboot is complete, the router displays the login prompt. The loading process can take 5 to 10 minutes.
Rebooting occurs only if the upgrade is successful.
NOTE: After you install a Junos OS Release 17.2R2 jinstall package, you cannot issue the request
system software rollback command to return to the previously installed software. Instead you
must issue the request system software add validate command and specify the jinstall package
that corresponds to the previously installed software.
Preparing the Switch for Satellite Device Conversion
Satellite devices in a Junos Fusion topology use a satellite software package that is different from the
standard Junos OS software package. Before you can install the satellite software package on a satellite
device, you first need to upgrade the target switch to an interim Junos OS software version that can be
converted to satellite software. Table 2 on page 60 shows a support matrix that maps Junos OS software
used in aggregation devices to the compatible preconverted switch software and satellite device software.
Table 2: Aggregation Device Junos OS Software Compatibility with Satellite Software
Satellite Device Software VersionSwitch Version (preconversion)Aggregation Device Version
60
Junos OS Release 17.2R1
later
3.1R1Junos OS Release 14.1X53-D43 or
Customers with EX4300 switches, use the following command:
user@host> request system software add reboot
source/jinstall-ex-4300-14.1X53-D43.7-domestic-signed.tgz
Customers with QFX5100 switches, use the following command:
user@host> request system software add reboot
source/jinstall-qfx-5-14.1X53-D43.7-domestic-signed.tgz
When the interim installation has completed and the switch is running a version of Junos OS that is
compatible with satellite device conversion, perform the following steps:
1. Log in to the device using the console port.
2. Clear the device and set it to a factory-default state:
[edit]
user@satellite-device# request system zeroize
NOTE: The device reboots to complete the procedure for resetting the device.
If you are not logged in to the device using the console port connection, your connection to the device
is lost after entering the request system zeroize command.
If you lose your connection to the device, log in using the console port.
As an alternative, you can include the auto-satellite-conversion statement at the [edit chassis] hierarchy
level on the target satellite device.
3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces
from Virtual Chassis ports (VCPs) into network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number
For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into
network ports:
user@satellite-device>request virtual-chassis vc-port delete pic-slot 1 port 0
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 1
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 2
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 3
This step is required for the 40-Gbps QSFP+ interfaces that will be used as uplink interfaces in a Junos
Fusion topology. Built-in 40-Gbps QSFP+ interfaces on EX4300 switches are configured into VCPs by
default, and the default settings are restored after the device is reset.
After this initial preparation, you can use one of three methods to convert your switches into satellite
devices—autoconversion, manual conversion, and preconfiguration.
61
Autoconverting a Switch into a Satellite Device
Use this procedure to automatically configure a switch into a satellite device when it is cabled into the
aggregation device.
You can use the autoconversion procedure to add one or more satellite devices to your Junos Fusion
topology. The autoconversion procedure is especially useful when you are adding multiple satellite devices
to Junos Fusion, because it allows you to easily configure the entire topology before or after cabling the
satellite devices to the aggregation devices.
Before you begin:
Ensure that your aggregation device is running Junos OS Release 17.2R1 or later, and that the satellite
•
devices are running Junos OS Release 14.1X53-D43 or later.
To autoconvert a switch into a satellite device:
1. Cable a link between the aggregation device and the satellite device, if desired.
62
NOTE: You can cable the aggregation device to the satellite device at any point in this
procedure.
When the aggregation device is cabled to the satellite device during this procedure, the
process for converting a switch into a satellite device to finalize this process occurs
immediately.
If the aggregation device is not cabled to the satellite device, the process for converting a
switch into a satellite device to finalize this process starts when the satellite device is cabled
to the aggregation device.
2. Log in to the aggregation device.
3. Configure the cascade ports.
For example, to configure interface xe-0/0/1 on the aggregation device into a cascade port:
[edit]
user@aggregation-device# set interfaces xe-0/0/1 cascade-port
4. Associate an FPC slot ID with each satellite device.
Examples:
To configure the FPC slot ID of the satellite device that is connected to xe-0/0/1 to 101:
•
[edit]
user@aggregation-device# set chassis satellite-management fpc 101 cascade-ports xe-0/0/1
To map FPC slot ID 101 to the satellite device using the serial number ABCDEFGHIJKL:
•
[edit]
user@aggregation-device# set chassis satellite-management fpc 101 serial-number
ABCDEFGHIJKL
To map FPC slot ID to the satellite device using MAC address 12:34:56:AB:CD:EF:
•
[edit]
user@aggregation-device# set chassis satellite-management fpc 110 system-id
12:34:56:AB:CD:EF
5. (Recommended) Configure an alias name for the satellite device:
[edit]
user@aggregation-device# set chassis satellite-management fpc slot-id alias alias-name
63
where slot-id is the FPC slot ID of the satellite device defined in the previous step, and alias-name is
the alias.
For example, to configure the satellite device numbered 101 as qfx5100-48s-1:
[edit]
user@aggregation-device# set chassis satellite-management fpc 101 alias qfx5100-48s-1
6. Configure an FPC slot ID into a software upgrade group.
For example, to add a satellite device with FPC number 101 to an existing software group named
group1, or create a software upgrade group named group1 and add a satellite device with FPC slot
101 to the group:
[edit]
user@aggregation-device# set chassis satellite-management upgrade-group group1 satellite
101
If you are creating a new software upgrade group in this step, you also need to associate the group
with a satellite software image. You can skip this final step if the software upgrade group has been
created and an association already exists.
Before associating a satellite software image with a satellite software group, the configuration with
the satellite software upgrade group must be committed:
[edit]
user@satellite-device# commit
After committing the configuration, associate a satellite software image named
satellite-3.1R1.3-signed.tgz to the upgrade group named group1:
user@aggregation-device> request system software add /var/tmp/satellite-3.1R1.3-signed.tgz
upgrade-group group1
NOTE: Before you can save satellite software images on a QFX10002 switch acting as an
aggregation device, you must issue a one-time command to expand the storage capacity. To
expand the storage area on the aggregation device, issue the request system storage user-disk
expand command.
7. Enable automatic satellite conversion:
[edit]
user@aggregation-device# set chassis satellite-management auto-satellite-conversion satellite
64
slot-id
For example, to automatically convert FPC 101 into a satellite device:
[edit]
user@aggregation-device# set chassis satellite-management auto-satellite-conversion satellite
101
8. Commit the configuration:
[edit]
user@aggregation-device# commit
The satellite software upgrade on the satellite device begins after this final step is completed, or after
you cable the satellite device to a cascade port using automatic satellite conversion if you have not
already cabled the satellite device to the aggregation device.
After the satellite software update, the switch operates as a satellite device in the Junos Fusion topology
Manually Converting a Switch into a Satellite Device
Use this procedure to manually convert a switch into a satellite device after cabling it into the Junos Fusion
topology.
This procedure should be used to convert a switch that is not currently acting as a satellite device into a
satellite device. A switch might not be recognized as a satellite device for several reasons, including that
the device was not previously autoconverted into a satellite device or that the switch had previously been
reverted from a satellite device to a standalone switch.
Before you begin:
Ensure that your aggregation device is running Junos OS Release 17.2R1 or later, and that the switches
•
that will become satellite devices are running Junos OS Release 14.1X53-D43 or later.
To manually convert a switch into a satellite device:
1. Cable a link between the aggregation device and the satellite device.
65
2. Log in to the aggregation device.
3. Configure the link on the aggregation device into a cascade port, if you have not done so already.
For example, to configure interface xe-0/0/1 on the aggregation device into a cascade port:
[edit]
user@aggregation-device# set interfaces xe-0/0/1 cascade-port
4. Associate an FPC slot ID with the satellite device.
Examples:
To configure the FPC slot ID of the satellite device that is connected to xe-0/0/1 to 101:
•
[edit]
user@aggregation-device# set chassis satellite-management fpc 101 cascade-ports xe-0/0/1
To map FPC slot ID 101 to the satellite device using the serial number ABCDEFGHIJKL:
•
[edit]
user@aggregation-device# set chassis satellite-management fpc 101 serial-number
ABCDEFGHIJKL
To map FPC slot ID to the satellite device using MAC address 12:34:56:AB:CD:EF:
•
[edit]
user@aggregation-device# set chassis satellite-management fpc 110 system-id
12:34:56:AB:CD:EF
5. Configure the interface on the aggregation device into a software upgrade group.
For example, to add a satellite device with FPC number 101 to an existing software group named
group1, or create a software upgrade group named group1 and add a satellite device configured with
FPC number 101 to the group:
[edit]
user@aggregation-device# set chassis satellite-management upgrade-group group1 satellite
101
If you are creating a new software upgrade group in this step, you also need to associate the group
with a satellite software image. You can skip this final step if the software upgrade group has been
created and an association already exists.
Before associating a satellite software image with a satellite software group, the configuration with
the satellite software upgrade group must be committed:
66
[edit]
user@satellite-device# commit
After committing the configuration, associate a satellite software image named
satellite-3.1R1.3-signed.tgz to the upgrade group named group1:
user@aggregation-device> request system software add /var/tmp/satellite-3.1R1.3-signed.tgz
upgrade-group group1
NOTE: Before you can save satellite software images on a QFX10002 switch acting as an
aggregation device, you must issue a one-time command to expand the storage capacity. To
expand the storage area on the aggregation device, issue the request system storage user-disk
expand command.
6. Manually configure the switch into a satellite device:
user@aggregation-device> request chassis satellite interface interface-name device-mode
satellite
For example, to manually configure the switch that is connecting the satellite device to interface
xe-0/0/1 on the aggregation device into a satellite device:
user@aggregation-device> request chassis satellite interface xe-0/0/1 device-mode satellite
The satellite software upgrade on the satellite device begins after this final step is completed.
After the satellite software update, the switch operates as a satellite device in the Junos Fusion topology.
67
Configuring a Switch into a Satellite Device Before Connecting It to a Junos Fusion Topology
Use this procedure to install the satellite software onto a switch before interconnecting it into a Junos
Fusion topology as a satellite device. Installing the satellite software on a switch before interconnecting
it to a Junos Fusion topology allows you to more immediately deploy the switch as a satellite device by
avoiding the downtime associated with the satellite software installation procedure for Junos Fusion.
Before you begin:
Ensure that your switch that will become a satellite device is running Junos OS Release 14.1X53-D43
•
or later.
Ensure that you have copied the satellite software onto the device that will become a satellite device.
•
NOTE: Ensure there is sufficient space available in the /var/tmp directory to be able to copy
the software to the switch (especially for EX4300 switches). If there is not enough memory
available, issue the request system storage cleanup command on the device before attempting
to perform the conversion.
68
In satellite software release 3.1R1, a satellite-ppc-3.1R1.3-signed.tgz package is included
specifically for converting Junos OS to satellite on EX4300 to address a EX4300 switch space
issue. The satellite-ppc package is to be used only for configuring a switch into a satellite device
before connecting it to a Junos Fusion topology.
You can manually install the satellite software onto a switch by entering the following command:
•
user@satellite-device> request chassis device-mode satellite URL-to-satellite-software
For instance, to install the satellite software package satellite-3.1R1.3-signed.tgz stored in the /var/tmp/
directory on the switch:
user@satellite-device> request chassis device-mode satellite
/var/tmp/satellite-3.1R1.3-signed.tgz
To install satellite software onto a QFX5100 switch, use the satellite-3.1R1.3-signed.tgz satellite
•
software package.
To install satellite software onto a EX4300 switch, use the satellite-ppc-3.1R1.3-signed.tgz satellite
•
software package.
The device will reboot to complete the satellite software installation.
After the satellite software is installed, follow this procedure to connect the switch into a Junos Fusion
topology:
1. Log in to the aggregation device.
2. Configure the link on the aggregation device into a cascade port, if you have not done so already.
For example, to configure interface xe-0/0/1 on the aggregation device into a cascade port:
[edit]
user@aggregation-device# set interfaces xe-0/0/1 cascade-port
3. Configure the satellite switch into a satellite software upgrade group that is using the same version of
satellite software that was manually installed onto the switch.
This step is advisable, but not always required. Completing this step ensures that the satellite software
on your device is upgraded to the version of satellite software associated with the satellite software
upgrade group when the satellite device connects to the aggregation device.
4. Commit the configuration.
[edit]
user@aggregation-device# commit
69
5. Cable a link between the aggregation device and the satellite device.
Configuring Satellite Device Upgrade Groups
To simplify the upgrade process for multiple satellite devices, you can create a software upgrade group at
the aggregation device, assign satellite devices to the group, and install the satellite software on a groupwide
basis.
To create a software upgrade group and assign satellite devices to the group, include the satellite statement
at the [edit chassis satellite-management upgrade-groups upgrade-group-name] hierarchy level.
To configure a software upgrade group and assign satellite devices to the group:
1. Log in to the aggregation device.
2. Create the software upgrade group, and add the satellite devices to the group.
[edit]
user@aggregation-device# set chassis satellite-management upgrade-groups
upgrade-group-name satellite satellite-member-number-or-range
upgrade-group-name is the name of the upgrade group, and the satellite-member-number-or-range is the
member numbers of the satellite devices that are being added to the upgrade group. If you enter an existing
upgrade group name as the upgrade-group-name, you add new satellite devices to the existing software
upgrade group.
For example, to create a software upgrade group named group1 that includes all satellite devices numbered
101 through 120, configure the following:
[edit]
user@aggregation-device# set chassis satellite-management upgrade-groups group1 satellite
101-120
To install, remove, or roll back a satellite software version on an upgrade group, issue the following
operational mode commands:
request system software add upgrade-group group-name—Install the satellite software on all members
•
of the specified upgrade group.
request system software delete upgrade-group group-name—Remove the satellite software association
•
from the specified upgrade group.
request system software rollback upgrade-group group-name—Associate an upgrade group with a
•
previous version of satellite software.
70
Customers installing satellite software on EX4300 and QFX5100 switches referenced in a software upgrade
group, use the following command:
user@aggregation-device> request system software add upgrade-group group-name
source/satellite-3.1R1.3-signed.tgz
A copy of the satellite software is saved on the aggregation device. When you add a satellite device to an
upgrade group that is not running the same satellite software version, the new satellite device is
automatically updated to the version of satellite software that is associated with the upgrade group.
You can issue the show chassis satellite software command to see which software images are stored on
the aggregation device and which upgrade groups are associated with the software images.
Converting a Satellite Device to a Standalone Device
In the event that you need to convert a satellite device to a standalone device, you will need to install a
new Junos OS software package on the satellite device and remove it from the Junos Fusion topology.
NOTE:
If the satellite device is an EX4300 switch, you install a standard, signed jinstall-ex-4300 version
•
of Junos OS.
The QFX5100-48SH and QFX5100-48TH models are shipped from the factory with satellite
•
device software. You cannot convert these models to become a standalone device.
If the satellite device is a QFX5100 switch that can be converted to a standalone device, you
•
need to install a signed PXE version of Junos OS. The PXE version of Junos OS is the software
that includes pxe in the Junos OS package name when you download it from the Software
Center. For example, the PXE software package for Junos OS Release 14.1X53-D43 is named
install-media-pxe-qfx-5-14.1X53D43.7-signed.tgz.
Before you install a signed PXE software package on a QFX5100 switch acting as a satellite
•
device, you must first prepare the switch in one of two ways:
Issue the request system zeroize command to revert the device to a factory-default state.
•
Configure the device by including the auto-satellite-conversion statement at the [edit chassis]
•
hierarchy level.
71
The following steps explain how to download software, remove the satellite device from Junos Fusion,
and install the Junos OS software image on the satellite device so that the device can operate as a standalone
device.
1. Using a Web browser, navigate to the Junos OS software download URL on the Juniper Networks
webpage:
https://www.juniper.net/support/downloads
2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address)
and password supplied by Juniper Networks representatives.
3. Select By Technology > Junos Platform > Junos Fusion to access the Junos Fusion Hardware and
Software Compatibility page.
4. Click the Junos Fusion Data Center (QFX10000) title to expand the list of supported releases.
5. Click the Junos OS release number associated with the aggregation device from the list.
6. Select the PXE device software package for your satellite device platform.
7. Review and accept the End User License Agreement.
8. Download the software to a local host.
9. Copy the software to the device or to your internal software distribution site.
10. Remove the satellite device from the automatic satellite conversion configuration.
If automatic satellite conversion is enabled for the satellite device’s member number, remove the
member number from the automatic satellite conversion configuration. The satellite device’s member
number is the same as the FPC slot ID. You can check the automatic satellite conversion configuration
by entering the show command at the [edit chassis satellite-management auto-satellite-conversion]
hierarchy level.
[edit]
user@aggregation-device# delete chassis satellite-management auto-satellite-conversion
satellite member-number
For example, to remove member number 101 from Junos Fusion:
72
[edit]
user@aggregation-device# delete chassis satellite-management auto-satellite-conversion
satellite 101
11. Commit the configuration.
[edit]
user@aggregation-device# commit
12. Install the Junos OS software on the satellite device to convert the device to a standalone device.
[edit]
user@aggregation-device> request chassis satellite install URL-to-software-package fpc-slot
member-number
For example, to install a PXE software package stored in the /var/tmp directory on the aggregation
device onto a QFX5100 switch acting as the satellite device using FPC slot 101:
[edit]
user@aggregation-device> request chassis satellite install
/var/tmp/install-media-pxe-qfx-5-14.1X53D43.7-domestic-signed.tgz fpc-slot 101
For example, to install a software package stored in the var/tmp directory on the aggregation device
onto an EX4300 switch acting as the satellite device using FPC slot 101:
[edit]
user@aggregation-device> request chassis satellite install
/var/tmp/jinstall-ex-4300-14.1X53D43.7-domestic-signed.tgz fpc-slot 101
The satellite device stops participating in the Junos Fusion topology once the software installation
starts. The software upgrade starts after this command is entered.
13. Wait for the reboot that accompanies the software installation to complete.
14. When you are prompted to log back into your device, uncable the device from the Junos Fusion topology.
See Removing a Transceiver from a QFX Series Device or Remove a Transceiver, as needed. Your device
has been removed from Junos Fusion.
NOTE: The device uses a factory-default configuration after the Junos OS installation is
complete.
73
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not
provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the
next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently
installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 16.1,
16.2 and 17.1 are EEOL releases. You can upgrade from Junos OS Release 16.1 to Release 16.2 or even
from Junos OS Release 16.1 to Release 17.1. However, you cannot upgrade directly from a non-EEOL
release that is more than three releases ahead or behind.
To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after,
first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your
target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html.
Downgrading from Release 17.2
To downgrade from Release 17.2 to another supported release, follow the procedure for upgrading, but
replace the 17.2 jinstall package with one that corresponds to the appropriate downgrade release.
NOTE: You cannot downgrade more than three releases.
For more information, see the Installation and Upgrade Guide.
SEE ALSO
New and Changed Features | 38
Changes in Behavior and Syntax | 53
Known Behavior | 53
Known Issues | 55
Resolved Issues | 55
Documentation Updates | 56
74
Product Compatibility | 74
Product Compatibility
IN THIS SECTION
Hardware Compatibility | 74
Hardware Compatibility
To obtain information about the components that are supported on the devices, and special compatibility
guidelines with the release, see the Hardware Guides for the devices used in your Junos Fusion Data
Center topology.
To determine the features supported on Junos Fusion devices, use the Juniper Networks Feature Explorer,
a Web-based application that helps you to explore and compare Junos OS feature information to find the
right software release and hardware platform for your network. Find Feature Explorer at:
https://pathfinder.juniper.net/feature-explorer/
SEE ALSO
New and Changed Features | 38
Changes in Behavior and Syntax | 53
Known Behavior | 53
Known Issues | 55
Resolved Issues | 55
Documentation Updates | 56
Migration, Upgrade, and Downgrade Instructions | 57
Junos OS Release Notes for Junos Fusion Enterprise
75
IN THIS SECTION
New and Changed Features | 76
Changes in Behavior and Syntax | 78
Known Behavior | 78
Known Issues | 79
Resolved Issues | 79
Documentation Updates | 81
Migration, Upgrade, and Downgrade Instructions | 81
Product Compatibility | 89
These release notes accompany Junos OS Release 17.2R2 for Junos Fusion Enterprise. Junos Fusion
Enterprise is a Junos Fusion that uses EX9200 switches in the aggregation device role. These release notes
describe new and changed features, limitations, and known problems in the hardware and software.
NOTE: For a complete list of all hardware and software requirements for a Junos Fusion
Enterprise, including which Juniper Networks devices can function as satellite devices, see
Understanding Junos Fusion Enterprise Software and Hardware Requirements in the Junos
Fusion Enterprise User Guide.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/software/junos/.
New and Changed Features
IN THIS SECTION
Release 17.2R2 New and Changed Features | 76
Release 17.2R1 New and Changed Features | 76
This section describes the new features and enhancements to existing features in the Junos OS main
release and the maintenance releases for Junos Fusion Enterprise.
76
NOTE: For more information about the Junos Fusion Enterprise features, see the Junos Fusion
Enterprise User Guide.
Release 17.2R2 New and Changed Features
There are no new features or enhancements to existing features for Junos Fusion Enterprise in Junos OS
Release 17.2R2.
Release 17.2R1 New and Changed Features
Interfaces and Chassis
Half-duplex link support on satellite devices (Junos Fusion Enterprise)—Starting with Junos OS 17.2R1,
•
half-duplex communication is supported on all built-in network copper ports on EX2300, EX3400, and
EX4300 satellite devices in a Junos Fusion Enterprise (JFE). Half-duplex is bidirectional communication,
but signals can flow in only one direction at a time. Full-duplex communication means that both ends of
the communication can send and receive signals at the same time. The built-in network copper ports
are configured by default as full-duplex 1-gigabit links with autonegotiation. If the link partner is set to
autonegotiate the link, then the link is autonegotiated to full duplex or half-duplex. If the link is not set
to autonegotiation, then the satellite-device link defaults to half-duplex unless the interface is explicitly
configured for full duplex.
To explicitly configure full duplex:
[edit]
user@aggregation-device# set interfaces interface-name link-mode full-duplex
To verify a half-duplex setting:
user@aggregation-device> show interfaces interface-name extensive
[See Understanding Half-Duplex Links on Satellite Devices in a Junos Fusion Enterprise.]
Layer 2 Features
Private VLANs (Junos Fusion Enterprise)—Starting with Junos OS Release 17.2R1, Junos Fusion Enterprise
•
(JFE) supports private VLANs (PVLANs). PVLANs are useful for restricting the flow of broadcast and
unknown unicast traffic and for limiting the known communication between known hosts. PVLANs can
be used for purposes including: to help ensure the security of service providers sharing a server farm;
to provide security to subscribers of various service providers sharing a common metropolitan area
network; or to achieve isolation within the same subnet in a very large enterprise network. PVLAN is a
standard introduced by RFC 5517 to achieve port or device isolation in a Layer 2 VLAN by partitioning
a VLAN broadcast domain (also called a primary VLAN) into smaller subdomains (also called secondary
VLANs).
77
In a JFE PVLAN topology:
Multiple satellite devices can be clustered into a group and cabled into the JFE as a group instead of
•
as individual satellite devices.
Aggregation device native ports or satellite device extended ports can act as promiscuous ports,
•
isolated ports, or community VLAN ports.
The promiscuous port can be attached to a core switch or router through physical interfaces or
•
aggregated links.
PVLANs are supported in dual aggregation device JFEs.
•
[See Understanding Private VLANs on a Junos Fusion Enterprise.]
SEE ALSO
Changes in Behavior and Syntax | 78
Known Behavior | 78
Known Issues | 79
Resolved Issues | 79
Documentation Updates | 81
Migration, Upgrade, and Downgrade Instructions | 81
Product Compatibility | 89
Changes in Behavior and Syntax
There are no changes in behavior of Junos OS features and changes in the syntax of Junos OS statements
and commands in Junos OS Release 17.2R2 for Junos Fusion Enterprise.
SEE ALSO
New and Changed Features | 76
Known Behavior | 78
Known Issues | 79
Resolved Issues | 79
Documentation Updates | 81
Migration, Upgrade, and Downgrade Instructions | 81
Product Compatibility | 89
78
Known Behavior
IN THIS SECTION
Junos Fusion Enterprise | 78
This section lists known behavior, system maximums, and limitations in hardware and software in Junos
OS Release 17.2R2 for Junos Fusion Enterprise.
For the most complete and latest information about known Junos OS problems, use the Juniper Networks
online Junos Problem Report Search application.
Junos Fusion Enterprise
In a Junos Fusion Enterprise topology with dual aggregation devices, firewall statistics are not synchronized
•
across the aggregation devices. PR1105612
On a Junos Fusion Enterprise, Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED)
•
fast start does not work. PR1171899
SEE ALSO
New and Changed Features | 76
Changes in Behavior and Syntax | 78
Known Issues | 79
Resolved Issues | 79
Documentation Updates | 81
Migration, Upgrade, and Downgrade Instructions | 81
Product Compatibility | 89
Known Issues
There are no known issues in hardware and software in Junos OS Release 17.2R2 for Junos Fusion
Enterprise.
79
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
SEE ALSO
New and Changed Features | 76
Changes in Behavior and Syntax | 78
Known Behavior | 78
Resolved Issues | 79
Documentation Updates | 81
Migration, Upgrade, and Downgrade Instructions | 81
Product Compatibility | 89
Resolved Issues
IN THIS SECTION
Resolved Issues: 17.2R2 | 80
Resolved Issues: 17.2R1 | 80
This section lists the issues fixed in the Junos OS main release and the maintenance releases.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Resolved Issues: 17.2R2
Junos Fusion Enterprise
In dual aggregation device case, when you disable a cascade port, the extended port physical interfaces
•
are marked as being down. PR1232924
EX4300 with Junos OS Release 17.1R1 cannot be converted to satellite mode. PR1267767
•
In a Junos Fusion Enterprise, for show ethernet-switching table, a few entries are stuck in DLR state
•
after l2-learning restart. PR1268619
In a Junos Fusion Enterprise, the DHCP snooping entry is deleted after l2ald restart. PR1281824
•
VRRP split-brain state in dual aggregation device Junos Fusion. PR1293030
•
80
Aggregation devices without a cascade port cannot reach hosts over an ICL link if they are authenticated
•
by 802.1X authentication in a different VLAN than the default (manually assigned) VLAN. PR1298880
The 802.1X authentication might fail in a Junos Fusion setup. PR1299532
•
Dot1x might crash in Junos Fusion setup with dual AD. PR1303909
•
Resolved Issues: 17.2R1
There are no resolved issues for Junos Fusion Enterprise in Junos OS Release 17.2R1.
SEE ALSO
New and Changed Features | 76
Changes in Behavior and Syntax | 78
Known Behavior | 78
Known Issues | 79
Documentation Updates | 81
Migration, Upgrade, and Downgrade Instructions | 81
Product Compatibility | 89
Documentation Updates
There are no errata or changes in Junos OS Release 17.2R2 for Junos Fusion Enterprise documentation.
SEE ALSO
New and Changed Features | 76
Changes in Behavior and Syntax | 78
Known Behavior | 78
Known Issues | 79
Resolved Issues | 79
Migration, Upgrade, and Downgrade Instructions | 81
Product Compatibility | 89
81
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
Basic Procedure for Upgrading Junos OS on an Aggregation Device | 81
Upgrading an Aggregation Device with Redundant Routing Engines | 83
Preparing the Switch for Satellite Device Conversion | 84
Converting a Satellite Device to a Standalone Switch | 85
Upgrade and Downgrade Support Policy for Junos OS Releases | 87
Downgrading from Release 17.2 | 88
This section contains the procedure to upgrade or downgrade Junos OS and satellite software for a Junos
Fusion Enterprise. Upgrading or downgrading Junos OS and satellite software might take several hours,
depending on the size and configuration of the Junos Fusion Enterprise topology.
Basic Procedure for Upgrading Junos OS on an Aggregation Device
When upgrading or downgrading Junos OS for an aggregation device, always use the junos-install package.
Use other packages (such as the jbundle package) only when so instructed by a Juniper Networks support
representative. For information about the contents of the junos-install package and details of the installation
process, see the Installation and Upgrade Guide.
NOTE: Before upgrading, back up the file system and the currently active Junos OS configuration
so that you can recover to a known, stable environment in case the upgrade is unsuccessful.
Issue the following command:
user@host> request system snapshot
The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration
information from the previous software installation is retained, but the contents of log files might
be erased. Stored files on the routing platform, such as configuration templates and shell scripts
(the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored
files, copy them to another system before upgrading or downgrading the routing platform. See
the Junos OS Administration Library.
82
To download and install Junos OS Release 17.2R2:
1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:
https://www.juniper.net/support/downloads/
2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address)
and password supplied by Juniper Networks representatives.
3. Select By Technology > Junos Platform > Junos Fusion to find the software that you want to download.
4. Click the Junos Fusion EX9200 (Enterprise) title to expand the list of supported releases.
5. Click the release number (the software version that you want to download) from the list.
6. Select the aggregation device software package for the release.
7. Review and accept the End User License Agreement.
8. Download the software to a local host.
9. Copy the software to the routing platform or to your internal software distribution site.
10. Install the new junos-install package on the aggregation device.
NOTE: We recommend that you upgrade all software packages out of band using the console
because in-band connections are lost during the upgrade process.
Customers in the United States and Canada, use the following command:
user@host> request system software add validate reboot
source/junos-install-ex92xx-x86-64-17.2R2.13.tgz
All other customers, use the following command:
user@host> request system software add validate reboot
source/junos-install-ex92xx-x86-64-17.2R2.13-limited.tgz
Replace source with one of the following values:
/pathname—For a software package that is installed from a local directory on the router.
•
83
For software packages that are downloaded and installed from a remote location:
•
ftp://hostname/pathname
•
http://hostname/pathname
•
scp://hostname/pathname (available only for Canada and U.S. version)
•
The validate option validates the software package against the current configuration as a prerequisite
to adding the software package to ensure that the router reboots successfully. This is the default
behavior when the software package being added is a different release.
Adding the reboot command reboots the router after the upgrade is validated and installed. When the
reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.
Rebooting occurs only if the upgrade is successful.
Upgrading an Aggregation Device with Redundant Routing Engines
If the aggregation device has two Routing Engines, perform a Junos OS installation on each Routing Engine
separately to minimize disrupting network operations as follows:
1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the
configuration change to both Routing Engines.
2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running
software version on the master Routing Engine.
3. After making sure that the new software version is running correctly on the backup Routing Engine,
switch over to the backup Routing Engine to activate the new software.
4. Install the new software on the original master Routing Engine that is now active as the backup Routing
Engine.
For the detailed procedure, see the Installation and Upgrade Guide.
Preparing the Switch for Satellite Device Conversion
There are multiple methods to upgrade or downgrade satellite software in your Junos Fusion Enterprise.
See Configuring or Expanding a Junos Fusion Enterprise.
For satellite device hardware and software requirements, see Understanding Junos Fusion Enterprise
Software and Hardware Requirements.
Use the following command to install Junos OS on a switch before converting it into a satellite device:
user@host> request system software add validate reboot source/package-name
84
NOTE: The following conditions must be met before a Junos switch that is running Junos OS
Release 17.2R1 can be converted to a satellite device when the action is initiated from the
aggregation device:
The Junos switch can only be converted to SNOS 3.1 and higher.
•
The Junos switch must be either set to factory-default configuration using the request system
•
zeroize command, or the following command must be included in the configuration: set chassis
auto-satellite-conversion.
When the interim installation has completed and the switch is running a version of Junos OS that is
compatible with satellite device conversion, perform the following steps:
1. Log in to the device using the console port.
2. Clear the device:
[edit]
user@satellite-device# request system zeroize
NOTE: The device reboots to complete the procedure for resetting the device.
If you are not logged in to the device using the console port connection, your connection to the device
is lost after you enter the request system zeroize command.
If you lose connection to the device, log in using the console port.
3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces
from Virtual Chassis ports (VCPs) into network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number
For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into
network ports:
user@satellite-device>request virtual-chassis vc-port delete pic-slot 1 port 0
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 1
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 2
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 3
85
This step is required for the 40-Gbps QSFP+ interfaces that will be used as uplink interfaces in a Junos
Fusion topology. Built-in 40-Gbps QSFP+ interfaces on EX4300 switches are configured into VCPs by
default, and the default settings are restored after the device is reset.
After this initial preparation, you can use one of three methods to convert your switches into satellite
devices—autoconversion, manual conversion, or preconfiguration. See Configuring or Expanding a Junos
Fusion Enterprise for detailed configuration steps for each method.
Converting a Satellite Device to a Standalone Switch
In the event that you need to convert a satellite device to a standalone device, you will need to install a
new Junos OS software package on the satellite device and remove the satellite device from the Junos
Fusion topology.
The following steps explain how to download software, remove the satellite device from the Junos Fusion,
and install the Junos OS software image on the satellite device so that the device can operate as a standalone
device.
1. Using a Web browser, navigate to the Junos OS software download URL on the Juniper Networks
webpage:
https://www.juniper.net/support/downloads
2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address)
and password supplied by Juniper Networks representatives.
3. Select By Technology > Junos Platform > Junos Fusion from the menu and select the switch platform
series and model for your satellite device.
4. Select the software image for your platform. For satellite device software requirements, see
Understanding Junos Fusion Enterprise Software and Hardware Requirements.
5. Review and accept the End User License Agreement.
6. Download the software to a local host.
Copy the software to the routing platform or to your internal software distribution site.
7. Remove the satellite device from the automatic satellite conversion configuration.
If automatic satellite conversion is enabled for the satellite device’s member number, remove the
member number from the automatic satellite conversion configuration. The satellite device’s member
number is the same as the FPC slot ID.
86
[edit]
user@aggregation-device# delete chassis satellite-management auto-satellite-conversion
satellite member-number
For example, to remove member number 101 from the Junos Fusion:
[edit]
user@aggregation-device# delete chassis satellite-management auto-satellite-conversion
satellite 101
You can check the automatic satellite conversion configuration by entering the show command at the
[edit chassis satellite-management auto-satellite-conversion] hierarchy level.
8. Commit the configuration.
To commit the configuration to both Routing Engines:
[edit]
user@aggregation-device# commit synchronize
To commit the configuration to a single Routing Engine:
[edit]
user@aggregation-device# commit
9. Install Junos OS on the satellite device to convert the device to a standalone device.
[edit]
user@aggregation-device> request chassis satellite install URL-to-software-package fpc-slot
member-number
For example, to install a software package stored in the /var/tmp directory on the aggregation device
onto an EX4300 switch acting as the satellite device using FPC slot 102:
[edit]
user@aggregation-device> request chassis satellite install
/var/tmp/jinstall-ex-4300-14.1X53-D35.3-domestic-signed.tgz fpc-slot 102
The satellite device stops participating in the Junos Fusion topology once the software installation
starts. The software upgrade starts after this command is entered.
10. Wait for the reboot that accompanies the software installation to complete.
11. When you are prompted to log back into your device, uncable the device from the Junos Fusion topology.
See Removing a Transceiver from a QFX Series Device or Remove a Transceiver, as needed. Your device
has been removed from Junos Fusion.
87
NOTE: The device uses a factory-default configuration after the Junos OS installation is
complete.
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not
provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the
next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently
installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 16.1,
16.2 and 17.1 are EEOL releases. You can upgrade from Junos OS Release 16.1 to Release 16.2 or even
from Junos OS Release 16.1 to Release 17.1. However, you cannot upgrade directly from a non-EEOL
release that is more than three releases ahead or behind.
To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after,
first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your
target release.
For more information on EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html
Downgrading from Release 17.2
Junos Fusion Enterprise is first supported in Junos OS Release 16.1, although you can downgrade a
standalone EX9200 switch to earlier Junos OS releases.
NOTE: It is not recommended to downgrade the aggregation device from 17.2R1 to 16.1 if there
are cluster satellite devices in the setup.
To downgrade a Junos Fusion Enterprise from Junos OS Release 17.2, you must first downgrade the
satellite software version on the satellite devices.
1. Downgrade the satellite software on the satellite devices from 3.0R1 to 2.0R1:
88
user@aggregation-device> request system software add package-name no-validate upgrade-group
cluster1
For example, to downgrade the satellite software to 2.0R1:
user@aggregation-device> request system software add satellite-2.0R1-signed.tgz no-validate
upgrade-group cluster1
After the satellite devices are downgraded to satellite software, they will not show as being online until
the aggregation device is downgraded to a compatible software version. To check software compatibility,
see https://www.juniper.net/support/downloads/solutions/fusion/.
2. Downgrade the aggregation device. Follow the procedure for upgrading, but replace the 17.2 junos-install
package with one that corresponds to the appropriate release.
NOTE: You cannot downgrade more than three releases.
For more information, see the Installation and Upgrade Guide.
SEE ALSO
New and Changed Features | 76
Changes in Behavior and Syntax | 78
Known Behavior | 78
Known Issues | 79
Resolved Issues | 79
Documentation Updates | 81
Product Compatibility | 89
Product Compatibility
IN THIS SECTION
Hardware and Software Compatibility | 89
Hardware Compatibility Tool | 89
89
Hardware and Software Compatibility
For a complete list of all hardware and software requirements for a Junos Fusion Enterprise, including
which Juniper Networks devices function as satellite devices, see Understanding Junos Fusion Enterprise
Software and Hardware Requirements in the Junos Fusion Enterprise User Guide.
Hardware Compatibility Tool
For a hardware compatibility matrix for optical interfaces and transceivers supported across all platforms,
see the Hardware Compatibility tool.
SEE ALSO
New and Changed Features | 76
Changes in Behavior and Syntax | 78
Known Behavior | 78
Known Issues | 79
Resolved Issues | 79
Documentation Updates | 81
Migration, Upgrade, and Downgrade Instructions | 81
Junos OS Release Notes for Junos Fusion Provider Edge
IN THIS SECTION
New and Changed Features | 90
Changes in Behavior and Syntax | 92
Known Behavior | 92
Known Issues | 93
Resolved Issues | 93
90
Documentation Updates | 94
Migration, Upgrade, and Downgrade Instructions | 95
Product Compatibility | 103
These release notes accompany Junos OS Release 17.2R2 for the Junos Fusion Provider Edge. They
describe new and changed features, limitations, and known and resolved problems in the hardware and
software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/software/junos/.
New and Changed Features
IN THIS SECTION
Release 17.2R2 New and Changed Features | 91
Release 17.2R1 New and Changed Features | 91
This section describes the new features and enhancements to existing features in the Junos OS main
release and the maintenance releases for Junos Fusion Provider Edge.
Release 17.2R2 New and Changed Features
There are no new features or enhancements to existing features for Junos Fusion Provider Edge in Junos
OS Release 17.2R2.
Release 17.2R1 New and Changed Features
Class of Service (CoS)
Per-unit scheduler support on extended ports (Junos Fusion Provider Edge)—Beginning with Junos OS
•
17.2R1, Junos Fusion Provider Edge supports per-unit schedulers on extended ports. To support per-unit
scheduling on an extended port, all cascade ports on the aggregation device for that extended port must
have a queueing chip. aggregated Ethernet ports support per-unit schedulers, but all aggregated Ethernet
member ports must be on the same satellite device. To enable per-unit scheduling on an extended port,
enable the per-unit-scheduler option at the [edit interfaces interface-name] hierarchy level for the
extended port.
91
[See Understanding CoS on an MX Series Aggregation Device in Junos Fusion.]
Hierarchical CoS support on extended ports (Junos Fusion Provider Edge)—Beginning with Junos OS
•
17.2R1, Junos Fusion Provider Edge supports hierarchical CoS (interface set-level scheduling) on extended
ports. To support hierarchical CoS on an extended port, all cascade ports on the aggregation device for
that extended port must have a queueing chip. aggregated Ethernet ports support hierarchical schedulers,
but all aggregated Ethernet member ports must be on the same satellite device. To enable hierarchical
CoS on an extended port, enable the hierarchical-scheduler option at the [edit interfaces interface-name]
hierarchy level for the extended port.
[See Understanding CoS on an MX Series Aggregation Device in Junos Fusion.]
Junos Fusion
Support for selective VLAN local switching—Starting in Junos OS Release 17.2R1, Junos Fusion Provider
•
Edge supports local switching on a service level. When you configure selective VLAN local switching on
satellite devices, the other VLANs will continue to follow the default forwarding behavior. Use the
selective-vlan-switching option for the routing instance at the [edit forwarding-options satellite fpc
slot] hierarchy level to enable selective VLAN local switching for a particular satellite device.
Support for an ingress policer—Starting in Junos OS Release 17.2R1, Junos Fusion Provider Edge supports
•
the use of an ingress policer to filter incoming traffic at the extended port level. This feature supports
a two-color policer that allows you to limit the traffic that is received on an interface. You can configure
the Layer 2 ingress policer by using the input-policer statement at the [edit interfaces interface-name
layer2-policer] hierarchy level.
SEE ALSO
Changes in Behavior and Syntax | 92
Known Behavior | 92
Known Issues | 93
Resolved Issues | 93
Documentation Updates | 94
Migration, Upgrade, and Downgrade Instructions | 95
Product Compatibility | 103
Changes in Behavior and Syntax
There are no changes in default behavior and syntax for Junos Fusion Provider Edge in Junos OS Release
17.2R2.
92
SEE ALSO
New and Changed Features | 90
Known Behavior | 92
Known Issues | 93
Resolved Issues | 93
Documentation Updates | 94
Migration, Upgrade, and Downgrade Instructions | 95
Product Compatibility | 103
Known Behavior
There are no known behaviors, system maximums, and limitations in hardware and software in Junos OS
Release 17.2R2 for Junos Fusion Provider Edge.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
SEE ALSO
New and Changed Features | 90
Changes in Behavior and Syntax | 92
Known Issues | 93
Resolved Issues | 93
Documentation Updates | 94
Migration, Upgrade, and Downgrade Instructions | 95
Product Compatibility | 103
Known Issues
There are no known issues in the Junos OS Release 17.2R2 for Junos Fusion Provider Edge.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
93
SEE ALSO
New and Changed Features | 90
Changes in Behavior and Syntax | 92
Known Behavior | 92
Resolved Issues | 93
Documentation Updates | 94
Migration, Upgrade, and Downgrade Instructions | 95
Product Compatibility | 103
Resolved Issues
IN THIS SECTION
Resolved Issues: 17.2R2 | 94
Resolved Issues: 17.2R1 | 94
This section lists the issues fixed in the Junos OS main release and the maintenance releases.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Resolved Issues: 17.2R2
Junos Fusion
In a Junos Fusion setup, the transit unicast traffic might be discarded on a satellite device when they
•
pass through different IFLs of the same extended port. PR1264900
Resolved Issues: 17.2R1
There are no fixed issues in the Junos OS Release 17.2R1 for Junos Fusion Provider Edge.
94
SEE ALSO
New and Changed Features | 90
Changes in Behavior and Syntax | 92
Known Behavior | 92
Known Issues | 93
Documentation Updates | 94
Migration, Upgrade, and Downgrade Instructions | 95
Product Compatibility | 103
Documentation Updates
There are no errata or changes in Junos OS Release 17.2R2 for Junos Fusion Provider Edge documentation.
SEE ALSO
New and Changed Features | 90
Changes in Behavior and Syntax | 92
Known Behavior | 92
Known Issues | 93
Resolved Issues | 93
Migration, Upgrade, and Downgrade Instructions | 95
Product Compatibility | 103
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
Basic Procedure for Upgrading an Aggregation Device | 95
Upgrading an Aggregation Device with Redundant Routing Engines | 98
Preparing the Switch for Satellite Device Conversion | 98
Converting a Satellite Device to a Standalone Device | 100
Upgrading an Aggregation Device | 102
95
Upgrade and Downgrade Support Policy for Junos OS Releases | 102
Downgrading from Release 17.2 | 102
This section contains the procedure to upgrade Junos OS, and the upgrade and downgrade policies for
Junos OS for Junos Fusion Provider Edge. Upgrading or downgrading Junos OS might take several hours,
depending on the size and configuration of the network.
Basic Procedure for Upgrading an Aggregation Device
When upgrading or downgrading Junos OS, always use the jinstall package. Use other packages (such as
the jbundle package) only when so instructed by a Juniper Networks support representative. For information
about the contents of the jinstall package and details of the installation process, see the Installation and
Upgrade Guide.
NOTE: Before upgrading, back up the file system and the currently active Junos OS configuration
so that you can recover to a known, stable environment in case the upgrade is unsuccessful.
Issue the following command:
user@host> request system snapshot
The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration
information from the previous software installation is retained, but the contents of log files might
be erased. Stored files on the routing platform, such as configuration templates and shell scripts
(the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored
files, copy them to another system before upgrading or downgrading the routing platform. See
the Junos OS Administration Library.
The download and installation process for Junos OS Release 16.1R1 and later is different that for earlier
Junos OS releases.
96
1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:
https://www.juniper.net/support/downloads/
2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address)
and password supplied by Juniper Networks representatives.
3. Select By Technology > Junos Platform > Junos Fusion to access the Junos Fusion Hardware and
Software Compatibility page.
4. Click the Junos Fusion MX Series (Provider Edge) title to expand the list of supported releases.
5. Click the release number (the software version that you want to download) from the list.
6. Select the aggregation device software package for the release.
7. Review and accept the End User License Agreement.
8. Download the software to a local host.
9. Copy the software to the routing platform or to your internal software distribution site.
10. Install the new jinstall package on the aggregation device.
NOTE: We recommend that you upgrade all software packages out-of-band using the console,
because in-band connections are lost during the upgrade process.
For 64-bit software:
•
NOTE: We highly recommend that you see 64-bit Junos OS software when implementing
Junos Fusion Provider Edge.
user@host> request system software add validate reboot source/<package-name>
For example:
user@host> request system software add validate reboot
97
source/junos-install-mx-x86-64-17.2R2.9-signed.tgz
For 32-bit software:
•
user@host> request system software add validate reboot source/<package-name>
For example:
user@host> request system software add validate reboot
source/junos-install-mx-x86-32-17.2R2.9-signed.tgz
Replace source with one of the following values:
/pathname—For a software package that is installed from a local directory on the router.
•
For software packages that are downloaded and installed from a remote location:
•
ftp://hostname/pathname
•
http://hostname/pathname
•
scp://hostname/pathname (available only for the Canada and U.S. version)
•
The validate option validates the software package against the current configuration as a prerequisite
for adding the software package to ensure that the router reboots successfully. This is the default
behavior when the software package being added is for a different release.
Adding the reboot command reboots the router after the upgrade is validated and installed. When the
reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.
Rebooting occurs only if the upgrade is successful.
NOTE: After you install a Junos OS Release 17.2R2 jinstall package, you cannot return to the
previously installed software by issuing the request system software rollback command. Instead,
you must issue the request system software add validate command and specify the jinstall
package that corresponds to the previously installed software.
Upgrading an Aggregation Device with Redundant Routing Engines
If the aggregation device has two Routing Engines, perform a Junos OS installation on each Routing Engine
separately as follows to minimize disrupting network operations:
1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the
configuration change to both Routing Engines.
2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running
software version on the master Routing Engine.
98
3. After making sure that the new software version is running correctly on the backup Routing Engine,
switch over to the backup Routing Engine to activate the new software.
4. Install the new software on the original master Routing Engine that is now active as the backup Routing
Engine.
For the detailed procedure, see the Installation and Upgrade Guide.
Preparing the Switch for Satellite Device Conversion
Satellite devices in a Junos Fusion topology use a satellite software package that is different from the
standard Junos OS software package. Before you can install the satellite software package on a satellite
device, you first need to upgrade the target satellite device to an interim Junos OS software version that
can be converted to satellite software. For satellite device hardware and software requirements, see
Understanding Junos Fusion Software and Hardware Requirements
Customers with EX4300 switches, use the following command:
user@host> request system software add validate reboot
source/jinstall-ex-4300-14.1X53-D43.7-domestic-signed.tgz
Customers with QFX5100 switches, use the following command:
user@host> request system software add validate reboot
source/jinstall-qfx-5-14.1X53-D43.7-domestic-signed.tgz
When the interim installation has completed and the switch is running a version of Junos OS that is
compatible with satellite device conversion, perform the following steps:
1. Log in to the device using the console port.
2. Clear the device:
[edit]
user@satellite-device# request system zeroize
NOTE: The device reboots to complete the procedure for resetting the device.
If you are not logged in to the device using the console port connection, your connection to the device
is lost after you enter the request system zeroize command.
If you lose your connection to the device, log in using the console port.
99
3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces
from Virtual Chassis ports (VCPs) into network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number
For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into
network ports:
user@satellite-device>request virtual-chassis vc-port delete pic-slot 1 port 0
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 1
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 2
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 3
This step is required for the 40-Gbps QSFP+ interfaces that will be used as uplink interfaces in a Junos
Fusion topology. Built-in 40-Gbps QSFP+ interfaces on EX4300 switches are configured into VCPs by
default, and the default settings are restored after the device is reset.
After this initial preparation, you can use one of three methods to convert your switches into satellite
devices—autoconversion, manual conversion, and preconfiguration. See Configuring Junos Fusion Provider
Edge for detailed configuration steps for each method.
Converting a Satellite Device to a Standalone Device
In the event that you need to convert a satellite device to a standalone device, you will need to install a
new Junos OS software package on the satellite device and remove the satellite device from the Junos
Fusion topology.
NOTE: If the satellite device is a QFX5100 switch, you need to install a PXE version of Junos
OS. The PXE version of Junos OS is software that includes pxe in the Junos OS package name
when it is downloaded from the Software Center—for example, the PXE image for Junos OS
Release 14.1X53-D30 is named install-media-pxe-qfx-5-14.1X53-D43.3-signed.tgz . If the
satellite device is an EX4300 switch, you install a standard jinstall-ex-4300 version of Junos OS.
The following steps explain how to download software, remove the satellite device from Junos Fusion,
and install the Junos OS software image on the satellite device so that the device can operate as a standalone
device.
100
1. Using a Web browser, navigate to the Junos OS software download URL on the Juniper Networks
webpage:
https://www.juniper.net/support/downloads
2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address)
and password supplied by Juniper Networks representatives.
3. Select By Technology > Junos Platform > Junos Fusion from the drop-down list and select the switch
platform series and model for your satellite device.
4. Select the Junos OS Release 14.1X53-D30 software image for your platform.
5. Review and accept the End User License Agreement.
6. Download the software to a local host.
7. Copy the software to the routing platform or to your internal software distribution site.
8. Remove the satellite device from the automatic satellite conversion configuration.
If automatic satellite conversion is enabled for the satellite device’s member number, remove the
member number from the automatic satellite conversion configuration. The satellite device’s member
number is the same as the FPC slot ID.
[edit]
Loading...