Junos OS Release 18.3R2 User Manual
Release Notes: Junos®OS Release 18.3R2 for
the ACX Series, EX Series, MX Series, NFX
Series, PTX Series, QFX Series, SRX Series, and
Junos Fusion
1
13 January 2021
Contents
Introduction | 11
Junos OS Release Notes for ACX Series | 11
New and Changed Features | 12
Release 18.3R2 New and Changed Features | 12
Release 18.3R1-S1 New and Changed Features | 12
Release 18.3R1 New and Changed Features | 13
Changes in Behavior and Syntax | 21
Junos OS XML, API, and Scripting | 22
Network Management and Monitoring | 22
Platform and Infrastructure | 22
Subscriber Management and Services | 23
Known Behavior | 24
General Routing | 24
Known Issues | 25
General Routing | 26
Interfaces and Chassis | 28
Layer 2 Features | 28
MPLS | 28
Resolved Issues | 29
Resolved Issues: 18.3R2 | 29
Resolved Issues: 18.3R1 | 31
Documentation Updates | 32
Migration, Upgrade, and Downgrade Instructions | 33
Upgrade and Downgrade Support Policy for Junos OS Releases | 33
Product Compatibility | 34
Hardware Compatibility | 34
Junos OS Release Notes for EX Series Switches | 35
New and Changed Features | 35
Release 18.3R2 New and Changed Features | 36
Release 18.3R1 New and Changed Features | 36
Changes in Behavior and Syntax | 49
Interfaces and Chassis | 50
2
Junos OS XML API and Scripting | 50
Layer 2 Features | 50
Network Management and Monitoring | 50
Security | 51
Subscriber Management and Services | 51
Virtual Chassis | 51
Known Behavior | 52
Class of Service (CoS) | 54
Ethernet Switching | 54
Infrastructure | 54
Layer 2 Features | 54
Interfaces and Chassis | 54
Platform and Infrastructure | 54
Routing Protocols | 55
Virtual Chassis | 56
Known Issues | 56
General Routing | 57
Infrastructure | 59
Junos Fusion Enterprise | 59
Layer 2 Features | 60
Multicast | 60
Platform and Infrastructure | 60
Routing Protocols | 60
Subscriber Access Management | 61
Resolved Issues | 61
Resolved Issues: 18.3R2 | 62
Resolved Issues: 18.3R1 | 65
Documentation Updates | 69
Migration, Upgrade, and Downgrade Instructions | 69
Upgrade and Downgrade Support Policy for Junos OS Releases | 70
Product Compatibility | 71
Hardware Compatibility | 71
Junos OS Release Notes for Junos Fusion Enterprise | 72
New and Changed Features | 72
3
Release 18.3R2 New and Changed Features | 73
Release 18.3R1 New and Changed Features | 73
Changes in Behavior and Syntax | 73
Known Behavior | 74
Junos Fusion | 74
Known Issues | 75
Junos Fusion Enterprise | 75
Resolved Issues | 75
Resolved issues: Release 18.3R2 | 76
Resolved issues: Release 18.3R1 | 76
Documentation Updates | 77
Migration, Upgrade, and Downgrade Instructions | 77
Basic Procedure for Upgrading Junos OS on an Aggregation Device | 77
Upgrading an Aggregation Device with Redundant Routing Engines | 79
Preparing the Switch for Satellite Device Conversion | 80
Converting a Satellite Device to a Standalone Switch | 81
Upgrade and Downgrade Support Policy for Junos OS Releases | 81
Downgrading Junos OS | 82
Product Compatibility | 82
Hardware and Software Compatibility | 83
Hardware Compatibility Tool | 83
Junos OS Release Notes for Junos Fusion Provider Edge | 83
New and Changed Features | 84
Release 18.3R2 New and Changed Features | 84
Release 18.3R1 New and Changed Features | 84
Changes in Behavior and Syntax | 85
Known Behavior | 85
Known Issues | 86
Resolved Issues | 86
Resolved Issues: 18.3R2 | 87
Resolved Issues: 18.3R1 | 87
Documentation Updates | 88
4
Migration, Upgrade, and Downgrade Instructions | 88
Basic Procedure for Upgrading an Aggregation Device | 89
Upgrading an Aggregation Device with Redundant Routing Engines | 91
Preparing the Switch for Satellite Device Conversion | 92
Converting a Satellite Device to a Standalone Device | 93
Upgrading an Aggregation Device | 95
Upgrade and Downgrade Support Policy for Junos OS Releases | 96
Downgrading from Junos OS Release 18.3 | 96
Product Compatibility | 97
Hardware Compatibility | 97
Junos OS Release Notes for MX Series 5G Universal Routing Platform | 98
New and Changed Features | 98
Release 18.3R2 New and Changed Features | 99
Release 18.3R1 New and Changed Features | 100
Changes in Behavior and Syntax | 116
Class of Service (CoS) | 117
EVPN | 117
General Routing | 117
Interfaces and Chassis | 118
Junos OS XML, API, and Scripting | 119
MPLS | 119
Network Management and Monitoring | 120
Routing Protocols | 121
Security | 121
Services Applications | 121
Software Installation and Upgrade | 122
Subscriber Management and Services | 122
VPNs | 123
Known Behavior | 124
Forwarding and Sampling | 125
High Availability and Resiliency | 125
General Routing | 126
Interfaces and Chassis | 127
Platform and Infrastructure | 129
5
Port Security | 129
Routing Protocols | 129
Services Applications | 129
Software Defined Networking | 130
Subscriber Management and Services | 131
Known Issues | 131
EVPN | 132
Forwarding and Sampling | 133
General Routing | 133
Infrastructure | 139
Interfaces and Chassis | 140
Layer 2 Features | 140
MPLS | 141
Network Management and Monitoring | 143
Platform and Infrastructure | 143
Routing Policy and Firewall Filters | 145
Routing Protocols | 145
Subscriber Access Management | 147
User Interface and Configuration | 147
VPNs | 147
Resolved Issues | 148
Resolved Issues: 18.3R2 | 148
Resolved Issues: 18.3R1 | 164
Documentation Updates | 181
Subscriber Management Access Network Guide | 181
Subscriber Management Provisioning Guide | 182
Subscriber Management VLANs Interfaces Guide | 182
Migration, Upgrade, and Downgrade Instructions | 182
Basic Procedure for Upgrading to Release 18.3 | 183
Procedure to Upgrade to FreeBSD 11.x based Junos OS | 183
Procedure to Upgrade to FreeBSD 6.x based Junos OS | 186
Upgrade and Downgrade Support Policy for Junos OS Releases | 188
Upgrading a Router with Redundant Routing Engines | 188
Downgrading from Release 18.3 | 188
6
Product Compatibility | 189
Hardware Compatibility | 189
Junos OS Release Notes for NFX Series | 190
New and Changed Features | 191
Release 18.3R2 New and Changed Features | 191
Release 18.3R1 New and Changed Features | 191
Changes in Behavior and Syntax | 192
Release 18.3R2 Changes in Behavior and Syntax | 192
Release 18.3R1 Changes in Behavior and Syntax | 192
Known Behavior | 193
NFX150 Series Devices | 193
Known Issues | 194
Known Issues: 18.3R2 | 194
Resolved Issues | 195
Resolved Issues: 18.3R2 | 195
Resolved Issues: 18.3R1 | 196
Documentation Updates | 196
Migration, Upgrade, and Downgrade Instructions | 197
Upgrade and Downgrade Support Policy for Junos OS Releases | 197
Basic Procedure for Upgrading to Junos OS Release 18.3 | 197
Product Compatibility | 199
Hardware Compatibility | 199
Software Version Compatibility | 199
Junos OS Release Notes for PTX Series Packet Transport Routers | 201
New and Changed Features | 202
Release 18.3R2 New and Changed Features | 203
Release 18.3R1 New and Changed Features | 203
Changes in Behavior and Syntax | 211
Interfaces and Chassis | 211
Junos OS XML API and Scripting | 212
Network Management and Monitoring | 212
Openconfig | 213
Routing Policy and Firewall Filters | 213
Software Installation and Upgrade | 213
7
Subscriber Management and Services | 213
Known Behavior | 214
General Routing | 215
Interfaces and Chassis | 215
Routing Policy and Firewall Filters | 216
User Interface and Configuration | 216
Known Issues | 217
Interfaces and Chassis | 217
General Routing | 217
Routing Protocols | 220
Resolved Issues | 220
Resolved Issues: 18.3R2 | 221
Resolved Issues: 18.3R1 | 223
Documentation Updates | 225
Migration, Upgrade, and Downgrade Instructions | 225
Basic Procedure for Upgrading to Release 18.3 | 226
Upgrade and Downgrade Support Policy for Junos OS Releases | 228
Upgrading a Router with Redundant Routing Engines | 229
Product Compatibility | 230
Hardware Compatibility | 230
Junos OS Release Notes for the QFX Series | 231
New and Changed Features | 231
Release 18.3R2 New and Changed Features | 232
Release 18.3R1-S3 New and Changed Features | 232
Release 18.3R1-S2 New and Changed Features | 233
Release 18.3R1 New and Changed Features | 233
Changes in Behavior and Syntax | 245
Interfaces and Chassis | 246
Junos OS XML API and Scripting | 247
Network Management and Monitoring | 247
Routing Policy and Firewall Filters | 248
Security | 248
Virtual Chassis | 248
Known Behavior | 249
8
Class of Service (CoS) | 250
EVPN | 250
Layer 2 Features | 250
Platform and Infrastructure | 250
Routing Protocols | 251
User Interface and Configuration | 252
Virtual Chassis | 252
Known Issues | 253
EVPN | 253
General Routing | 254
Infrastructure | 257
Layer 2 Features | 257
MPLS | 258
Platform and Infrastructure | 258
Routing Protocols | 258
Resolved Issues | 259
Resolved Issues: 18.3R2 | 260
Resolved Issues: 18.3R1 | 265
Documentation Updates | 270
Migration, Upgrade, and Downgrade Instructions | 271
Upgrading Software on QFX Series Switches | 271
Installing the Software on QFX10002-60C Switches | 274
Installing the Software on QFX10002 Switches | 274
Upgrading Software from Junos OS Release 15.1X53-D3X to Junos OS Release
15.1X53-D60, 15.1X53-D61.7, 15.1X53-D62, and 15.1X53-D63 on QFX10008 and
QFX10016 Switches | 275
Installing the Software on QFX10008 and QFX10016 Switches | 277
Performing a Unified ISSU | 281
Preparing the Switch for Software Installation | 282
Upgrading the Software Using Unified ISSU | 282
Upgrade and Downgrade Support Policy for Junos OS Releases | 284
Product Compatibility | 285
Hardware Compatibility | 285
9
Junos OS Release Notes for SRX Series | 286
New and Changed Features | 287
Release 18.3R2 New and Changed Features | 287
Release 18.3R1 New and Changed Features | 287
Changes in Behavior and Syntax | 295
Authentication and Access Control | 295
Chassis Clustering | 296
Network Management and Monitoring | 296
Platform and Infrastructure | 296
VPN | 296
Known Behavior | 297
Application Firewall | 298
Chassis Clustering | 298
Flow-based and Packet-based Processing | 298
Interfaces and Chassis | 299
J-Web | 299
Unified Threat Management (UTM) | 299
User Firewall | 300
User Interface and Configuration | 300
Known Issues | 300
Authentication and Access Control | 301
Chassis Clustering | 301
Flow-Based and Packet-Based Processing | 301
Forwarding and Sampling | 303
General Routing | 303
J-Web | 303
Network Address Translation (NAT) | 304
Network Management and Monitoring | 304
Platform and Infrastructure | 304
Routing Policy and Firewall Filters | 305
System Logs | 305
Unified Threat Management (UTM) | 305
Upgrade and Downgrade | 305
10
User Interface and Configuration | 305
VPNs | 305
Resolved Issues | 306
Resolved Issues: 18.3R2 | 306
Resolved Issues: 18.3R1 | 312
Documentation Updates | 316
Migration, Upgrade, and Downgrade Instructions | 316
Upgrade and Downgrade Support Policy for Junos OS Releases and Extended End-Of-Life
Releases | 316
Product Compatibility | 317
Hardware Compatibility | 317
Upgrading Using ISSU | 319
Compliance Advisor | 319
Finding More Information | 319
Documentation Feedback | 320
Requesting Technical Support | 321
Self-Help Online Tools and Resources | 321
Opening a Case with JTAC | 322
Revision History | 322
Introduction
Junos OS runs on the following Juniper Networks®hardware: ACX Series, EX Series, M Series, MX Series,
NFX Series, PTX Series, QFabric systems, QFX Series, SRX Series, T Series, and Junos Fusion.
These release notes accompany Junos OS Release 18.3R2 for the ACX Series, EX Series, MX Series, NFX
Series, PTX Series, QFX Series, SRX Series, and Junos Fusion. They describe new and changed features,
limitations, and known and resolved problems in the hardware and software.
Junos OS Release Notes for ACX Series
IN THIS SECTION
11
New and Changed Features | 12
Changes in Behavior and Syntax | 21
Known Behavior | 24
Known Issues | 25
Resolved Issues | 29
Documentation Updates | 32
Migration, Upgrade, and Downgrade Instructions | 33
Product Compatibility | 34
These release notes accompany Junos OS Release 18.3R2 for the ACX Series. They describe new and
changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/product/en_US/junos-os.
New and Changed Features
IN THIS SECTION
Release 18.3R2 New and Changed Features | 12
Release 18.3R1-S1 New and Changed Features | 12
Release 18.3R1 New and Changed Features | 13
This section describes the new features and enhancements to existing features in the Junos OS main
release and the maintenance releases for ACX Series Universal Metro Routers.
Release 18.3R2 New and Changed Features
12
There are no new features or enhancements to existing features for ACX Series Universal Metro Routers
•
in Junos OS Release 18.3R2.
Release 18.3R1-S1 New and Changed Features
IN THIS SECTION
Class of Service (CoS) | 13
Timing and Synchronization | 13
Class of Service (CoS)
Support for deep buffer and drop profiles (ACX5448)—Starting with Junos OS Release 18.3R1-S1,
•
ACX5448 router supports the use of external DRAM memory, along with its on-chip memory, for
scheduling and queuing different virtual output queues (VOQs). ACX5448 router also supports different
WRED profiles for configuring drop profiles for queues.
NOTE: ACX5448 router does not support buffering for IRB multicast traffic and therefore
CLIs for configuring multicast is not supported.
[See Configuring Shared and Dedicated Buffer Memory Pools.]
Timing and Synchronization
Support for PTP boundary clocks for phase and time synchronization (ACX5448)—Starting with Junos
•
OS Release 18.3R1-S1, ACX5448 router supports PTP boundary clocks for phase and time synchronization
using IEEE-1588 Precision Timing Protocol (PTP). This feature also supports:
13
PTP over IPv4 (IEEE-1588v2)
•
PTP ordinary and boundary clocks
•
One step clock mode operation for PTP Master
•
10Mhz and 1PPS output for measurement purpose
•
NOTE: All PTP packets uses the best-effort queue instead of network control queue.
The ACX5448 router does not support the following:
Hybrid mode
•
Boundary clock performance complying to G.8273.2
•
Dual tagged PTP over IPv4
•
[See IEEE 1588v2 PTP Boundary Clock Overview.]
Release 18.3R1 New and Changed Features
IN THIS SECTION
Hardware | 14
Authentication, Authorization and Accounting | 14
Interfaces and Chassis | 15
Junos OS XML API and Scripting | 15
Junos Telemetry Interface | 15
Layer 2 Features | 17
MPLS | 18
Multicast | 18
OAM | 18
Routing Policy and Firewall Filters | 19
Routing Protocols | 19
Timing and Synchronization | 20
User Interface and Configuration | 20
VPN | 20
VLAN Infrastructure | 20
14
Hardware
New fixed-configuration universal metro router (ACX Series)—Starting in Junos OS Release 18.3R1,
•
the ACX6360 is a new fixed-configuration router that provides full IP/MPLS stack and secure packet
optical transport convergence. It features a compact, 1U form factor that can perform as either a
transponder or a router. It can supply either muxponder-like pass-through connection of client interface
traffic to line optical interfaces or IP/MPLS routing services. The ACX6360 has 20 QSFP28 ports and 8
CFP2 ports. When the ACX6360 is configured as a router, the 20 QSFP28 ports can be configured as
10 Gbps, 40 Gbps, or 100 Gbps. When the ACX6360 is configured as a transponder, the 20 QSFP28
ports can be configured as 100 Gbps. The 8 CFP2 ports can be configured as 100 Gbps or 200 Gbps.
[See ACX6360 Documentation.]
Authentication, Authorization and Accounting
Support for password change policy enhancement (ACX Series)—Starting in Junos OS Release 18.3R1,
•
the Junos password change policy for local user accounts is enhanced to comply with certain additional
password policies. As part of the policy improvement, you can configure the following:
minimum-character-changes—The number of characters by which the new password should be
•
different from the existing password.
minimum-reuse—The number of older passwords, which should not match the new password.
•
[See password.]
Interfaces and Chassis
Support for pre-FEC BER monitoring (ACX6360)—Starting in Junos OS Release 18.3R1, you can monitor
•
the condition of an OTN link on an ACX6360 router by using the pre-forward error correction (pre-FEC)
bit error rate (BER). The ACX6360 router uses FEC to correct bit errors in the received data. As long as
the pre-FEC BER is below the FEC limit, all bit errors are successfully identified and corrected and,
therefore, no packet loss occurs. The router monitors the pre-FEC BER on each port, which provides an
early indication of possible link degradation. By configuring an appropriate pre-FEC BER threshold and
interval, you enable the ACX6360 router to take preemptive action before the FEC limit is reached.
[See Understanding Pre-FEC BER Monitoring and BER Thresholds.]
ACX6360 routers support router mode and transponder mode—Starting in Junos OS Release 18.3R1,
•
ACX6360 routers support two modes - optical router mode (chassis model: ACX6360-OR) and optical
transponder mode (chassis model: ACX6360-OX). While the ACX6360 in optical router mode supports
routing centric features, in optical transponder mode, the device functions as an optical transponder,
which does not support the routing features. In optical transponder mode, up to 16 cross-connects are
created between QSFP28 client ports and CFP2-DCO ports by default. To enable optical transponder
mode, install the ACX-OX version of the Junos OS VM host image (ACX-OX) in the chassis. To enable
optical router mode, install the ACX-OR version of the Junos OS VM host image (ACX-OR). You can use
the Junos OS CLI command request vmhost software add to install the Junos VM host images.
15
[See Understanding Router Mode and Transponder Mode on ACX6360.]
Junos OS XML API and Scripting
Support for Python language for commit, event, op, and SNMP scripts (ACX5048 and ACX5096)—Starting
•
in Junos OS Release 18.3R1, you can author commit, event, op, and SNMP scripts in Python on devices
that include the Python extensions package in the software image. Creating automation scripts in Python
enables you to take advantage of Python features and libraries as well as leverage Junos PyEZ APIs to
perform operational and configuration tasks on devices running Junos OS. To enable execution of Python
automation scripts, which must be owned by either root or a user in the Junos OS super-user login class,
configure the language python statement at the [edit system scripts] hierarchy level, and configure the
filename for the Python script under the hierarchy level appropriate to that script type. Supported Python
versions include Python 2.7.
[See Understanding Python Automation Scripts for Devices Running Junos OS.]
Junos Telemetry Interface
•
Support for the Junos Telemetry Interface (ACX6360, MX Series, and PTX Series)—Starting with Junos
OS Release 18.3R1, Junos Telemetry Interface support is available for the ACX6360 Universal Metro
Router and MX Series and PTX Series routers with a CFP2-DCO optics module that provides a
high-density, long-haul optical transport network (OTN) transport solution with MAC capability.
You can provision sensors to export telemetry data to an outside collector.
The following native (UDP) and gRPC sensors can be provisioned for ET (100-Gigabit Ethernet) interfaces
and OT interfaces:
/junos/system/linecard/optical
•
/junos/system/linecard/otn
•
To provision the sensor to export data through gRPC, use the telemetrySubcribe RPC to specify telemetry
parameters. For streaming through UDP, all parameters are configured at the [edit services analytics]
hierarchy level. Streaming telemetry data through gRPC also requires you to download the OpenConfig
for Junos OS module.
[See sensor (Junos Telemetry Interface), Configuring a Junos Telemetry Interface Sensor (CLI Procedure),
and Guidelines for gRPC Sensors (Junos Telemetry Interface).]
•
Expanded physical interface queue and traffic statistics sensors for Junos Telemetry Interface (JTI)
(ACX Series)—Starting with Junos OS Release 18.3R1, additional resource paths are added to stream
physical (IFD) statistics.
Prior to Junos OS Release 18.3R1, both traffic and queue statistics for physical interfaces (IFD) are sent
out together using the resource path /interfaces for gRPC streaming (which is internally used to create
/junos/system/linecard/interface/) or /junos/system/linecard/interface/ for UDP (native) sensors.
16
Now, traffic and queue statistics can be delivered separately. Doing so can reduce the reap time for
non-queue data for platforms supporting Virtual Output Queues (VOQ).
The following UDP resource paths can be configured:
/junos/system/linecard/interface/ is the existing resource path (no change). Traffic and queue statistics
•
are sent together.
/junos/system/linecard/interface/traffic/ exports all fields except queue statistics.
•
/junos/system/linecard/interface/queue/ exports queue statistics.
•
The gRPC resource path /interfaces now has the following behavior:
In releases prior to Junos OS 18.3R1, it delivers all IFD traffic and queue statistics. In Junos OS 18.3R1
•
and higher, it delivers statistics in two sensors:
/junos/system/linecard/interface/traffic/ exports all fields except queue statistics.
•
/junos/system/linecard/interface/queue/ exports queue statistics.
•
To provision the sensor to export data through gRPC, use the telemetrySubcribe RPC to specify telemetry
parameters. For streaming through UDP, all parameters are configured at the [edit services analytics]
hierarchy level. Streaming telemetry data through gRPC also requires the OpenConfig for Junos OS
module. Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled
into the Junos OS image by default. Both packages support the Junos Telemetry Interface (JTI).
[See sensor (Junos Telemetry Interface), Configuring a Junos Telemetry Interface Sensor (CLI Procedure),
and Guidelines for gRPC Sensors (Junos Telemetry Interface).]
For exporting statistics using UDP native sensors, configure parameters at the [edit services analytics]
hierarchy level.
Layer 2 Features
Support for Layer 2 RFC2544 reflection (ACX5448)—Starting with Junos OS Release 18.3R1, ACX5448
•
router supports the Layer 2 RFC2544 reflector functionality to reflect the test packets back to the
network. This feature is useful for verifying the connectivity and fault isolation. It can be used for
performance measurement where the RFC2544 feature functionality can loopback the packets to a
measuring device. The RFC2544 feature functionality supports:
RFC2544 egress Layer 2 reflection functionality for family bridge.
•
Multiple RFC2544 reflection sessions.
•
Reflection on 1G/10G/40G/Ch10G/Ch25G/100G ports.
•
Ethernet Layer 2 frames to carry IP/UDP packets for RFC2544 reflection.
•
ACX5448 router do not support the following RFC2544 features:
Any interface in the bridge domain matching the bridge VLAN identifier is not supported.
•
17
Multiple simultaneous sessions with multiple VLAN bridges are not supported.
•
Multiple test sessions cannot exceed 100G bandwidth.
•
IPv6 reflection.
•
IPV6 filter support to identify the loopback stream.
•
RFC 2544 reflection functionality for family ccc (PWE reflection) and family inet (Layer 3 IPv4 reflection).
•
Reflection without MAC swap and MAC overwrite is not supported.
•
Reflection on ELINE/ELAN services.
•
[See RFC 2544-Based Benchmarking Tests Overview.]
MPLS
Support for MPLS fast reroute and unicast reverse path forwarding (ACX5448)—Starting with Junos
•
OS Release 18.3R1, ACX5448 router supports MPLS fast reroute (FRR) and unicast reverse-path
forwarding (uRPF). Fast reroute provides redundancy for an LSP path. When you enable fast reroute,
detours are precomputed and preestablished along the LSP. In case of a network failure on the current
LSP path, traffic is quickly routed to one of the detours. Fast reroute protects traffic against any single
point of failure between the ingress and egress routers (or switches).
A unicast reverse-path-forwarding (RPF) check is a tool to reduce forwarding of IP packets that might
be spoofing an address. A unicast RPF check performs a route table lookup on an IP packet’s source
address, and checks the incoming interface. The router determines whether the packet is arriving from
a path that the sender would use to reach the destination. If the packet is from a valid path, the router
forwards the packet to the destination address. If it is not from a valid path, the router discards the
packet. Unicast RPF is supported for the IPv4 and IPv6 protocol families, as well as for the virtual private
network (VPN) address family.
18
[See Fast Reroute Overview and Guidelines for Configuring Unicast RPF on ACX Series Routers.]
Multicast
Support for IPv6 multicast using Multicast Listener Discovery protocol (ACX5448)—Starting with Junos
•
OS Release 18.3R1, ACX5448 router supports IPv6 multicast using Multicast Listener Discovery (MLD)
protocol. To support multicast data delivery, ACX5448 router supports MLD (version 1 and version 2)
for forming group membership in IPv6 networks and Protocol Independent Multicast (PIM) version 6 to
form IPv6 multicast delivery tree.
[See Understanding MLD, IPv6 Multicast Flow, and Enabling MLD.]
OAM
Support for Operations, Administration, and Management (ACX5448)—Starting with Junos OS Release
•
18.3R1, ACX5448 router supports the following Operations, Administration, and Management (OAM)
feature standards:
IEEE Standard 802.1ag, also known as connectivity fault management (CFM).
•
ITU-T Recommendation Y.1731, which uses different terminology than IEEE 802.1ag and defines
•
Ethernet service OAM features for fault monitoring, diagnostics, and performance monitoring.
IEEE Standard 802.3ah for OAM link fault management (LFM).
•
The OAM feature in ACX5448 router includes support for maintenance endpoints (MEPs). MEPs can
be up MEPs or down MEPs. A MEP can be configured to support continuity check message (CCM),
loopback message, delay measurement, and synthetic loss message (SLM) message types. ACX5448
router also supports OAM for VPLS.
NOTE: ACX5448 router do not support maintenance association intermediate point (MIP).
[See Ethernet OAM Connectivity Fault Management and Understanding Ethernet OAM Link Fault
Management for ACX Series Routers.]
Routing Policy and Firewall Filters
Support for firewall filters and policers (ACX5448)—Starting with Junos OS Release 18.3R1, you can
•
configure firewall filters on packets (families such as bridge domain, IPv4, IPv6, CCC, MPLS, VPLS) based
on packet match conditions with the support of external TCAM in ACX5448 router. Along with the
match conditions, actions such as count, discard, log, syslog, policer are performed on the packets that
match the filter. You can configure policers and attach them to a firewall term. This feature also supports
configuring ARP policer, forwarding table filters, and policy-based routing.
This feature enables scaling the family filters of the firewall functionality in the ingress direction.
The following ingress family filters can be scaled based on the availability of external-tcam:
19
family ethernet-switching
•
family ccc
•
family inet
•
family inet6
•
family mpls
•
family vpls
•
The loopback (Lo0) filters, family any, and other module applications continue to use internal-tcam and
can reach maximum of the internal-tcam.
[See Firewall Filter Match Conditions and Actions on ACX Series Routers Overview.]
Routing Protocols
Support for Virtual Router Redundancy Protocol (ACX5448)—Starting with Junos OS Release 18.3R1,
•
ACX5448 router supports Virtual Router Redundancy Protocol (VRRP) as per RFC 3798 VRRP version
2 and RFC 5798 VRRP version 3. ACX5448 router also supports configuring VRRP over aggregated
Ethernet and integrated routing and bridging (IRB) interfaces.
The following limitations apply while configuring VRRP on ACX5448 router:
Configure a maximum of 16 VRRP groups.
•
Interworking of VRRP version 2 and VRRP version 3 is not supported.
•
VRRP delegate processing is not supported.
•
VRRP version 2 authentication is not supported.
•
[See Understanding VRRP.]
Timing and Synchronization
Support for frequency synchronization using synchronous Ethernet protocol (ACX5448)—Starting with
•
Junos OS Release 18.3R1, ACX5448 router supports frequency synchronization using synchronous
Ethernet (SyncE) protocol, with ESMC support as per the ITU-T standard G.8262/G.8264. This feature
also supports 10Mhz and PPS output for measurement purpose.
[See Clock Sources for ACX Series.]
User Interface and Configuration
Support for configuring the ephemeral database using the NETCONF and Junos XML protocols (ACX
•
Series)—Starting in Junos OS Release 18.3R1, NETCONF and Junos XML protocol client applications
can configure the ephemeral configuration database. The ephemeral database provides a fast
programmatic interface that enables multiple clients to simultaneously load and commit configuration
changes on a device running Junos OS and with significantly greater throughput than when committing
data to the candidate configuration database. The device’s active configuration is a merged view of the
committed configuration database and the configuration data in all instances of the ephemeral
configuration database. Ephemeral configuration data is volatile and is deleted upon rebooting the device.
20
[See Understanding the Ephemeral Configuration Database.]
VPN
Support for Layer 3 VPN and IPv6 VPN Provider Edge Router (6VPE) over MPLS (ACX5448)—Starting
•
with Junos OS Release 18.3R1, ACX5448 router supports Layer 3 VPN and IPv6 VPN provider edge
router (6VPE) support over MPLS. Layer 3 VPNs are based on RFC 4364 that defines a mechanism by
which service providers can use their IP backbones to provide VPN services to their customers. ACX5448
router, acting as a VPN provider edge router, provides IPv6 forwarding over MPLS. 6VPE adds IPv6
support to the current IPv4 MPLS by transporting IPv6 across MPLS core.
[See Understanding Layer 3 VPNs.]
VLAN Infrastructure
Support for VPLS features (ACX5448)—Starting with Junos OS Release 18.3R1, ACX5448 router supports
•
full-mesh VPLS domain deployment. ACX5448 router supports interworking of both BGP as well as
LDP-based VPLS. BGP can be used only for auto-discovery of the VPLS PEs, while LDP signaling for
VPLS connectivity.
The following VPLS configurations are supported:
VPLS domains
•
VLAN identifier and VLAN maps
•
MAC learning
•
Logical interface support
•
Control protocol support
•
Interworking of LDP and BGP VPLS
•
VCCV BFD support
•
Firewalls and filter support
•
[See Introduction to VPLS.]
SEE ALSO
Changes in Behavior and Syntax | 21
Known Behavior | 24
Known Issues | 25
Resolved Issues | 29
Documentation Updates | 32
21
Migration, Upgrade, and Downgrade Instructions | 33
Product Compatibility | 34
Changes in Behavior and Syntax
IN THIS SECTION
Junos OS XML, API, and Scripting | 22
Network Management and Monitoring | 22
Platform and Infrastructure | 22
Subscriber Management and Services | 23
This section lists the changes in behavior of Junos OS features and changes in the syntax of Junos OS
statements and commands from Junos OS Release 18.3R2 for the ACX Series routers.
Junos OS XML, API, and Scripting
MD5 and SHA-1 hashing algorithms are no longer supported for script checksums (ACX Series)—Starting
•
in Junos OS Release 18.3R1, Junos OS does not support configuring an MD5 or SHA-1 checksum hash
to verify the integrity of local commit, event, op, SNMP, or Juniper Extension Toolkit (JET) scripts or
support using an MD5 or SHA-1 checksum hash with the op url url key option to verify the integrity of
remote op scripts.
Network Management and Monitoring
Junos OS does not support management of YANG packages in configuration mode (ACX Series)—Starting
•
in Junos OS Release 18.3R1, adding, deleting, or updating YANG packages using the run command in
configuration mode is not supported.
The NETCONF server omits warnings in RPC replies when the rfc-compliant statement is configured
•
and the operation returns <ok/> (ACX Series)—Starting in Junos OS Release 18.3R2, when you configure
the rfc-compliant statement at the [edit system services netconf] hierarchy level to enforce certain
behaviors by the NETCONF server, if the server reply after a successful operation includes both an
<ok/> element and one or more <rpc-error> elements with a severity level of warning, the warnings are
omitted. In earlier releases, or when the rfc-compliant statement is not configured, the NETCONF server
might issue an RPC reply that includes both an <rpc-error> element with a severity level of warning and
an <ok/> element.
22
Platform and Infrastructure
DMA recovery mechanism (ACX Series)—A recovery mechanism has been introduced that is triggered
•
in case the router enters an Idle state on any DMA channels. The recovery mechanism reboots the PFE
to recover from Idle state.
The following recovery message is logged in the RE syslog message:
CHASSISD_FPC_ASIC_ERROR: <FPC 0> ASIC Error detected errorno 0x0000ffff FPC
restart initiated
The following recovery message is logged in the PFE syslog message:
BCM DMA channel error detected
Resetting the PFE
Subscriber Management and Services
DHCPv6 lease renewal for separate IA renew requests (ACX Series)—Starting in Junos OS Release
•
18.3R1, the jdhcpd process handles the second renew request differently in the situation where the
DHCPv6 client CPE device does both of the following:
Initiates negotiation for both the IA_NA and IA_PD address types in a single solicit message.
•
Sends separate lease renew requests for the IA_NA and the IA_PD and the renew requests are received
•
back-to-back.
The new behavior is as follows:
1. When the reply is received for the first renew request, if a renew request is pending for the second
address type, the client stays in the renewing state, the lease is extended for the first IA, and the
client entry is updated.
2. When the reply is received for the second renew request, the lease is extended for the second IA
and the client entry is updated again.
23
In earlier releases:
1. The client transitions to the bound state instead of staying in the renewing state. The lease is extended
for the first IA and the client entry is updated.
2. When the reply is received for the second renew request, the lease is not renewed for the second
address type and the reply is forwarded to the client. Consequently, when that lease ages out, the
binding for that address type is cleared, the access route is removed, and subsequent traffic is dropped
for that address or address prefix.
[See Using DHCPv6 IA_NA with DHCPv6 Prefix Delegation Overview.]
SEE ALSO
New and Changed Features | 12
Known Behavior | 24
Known Issues | 25
Resolved Issues | 29
Documentation Updates | 32
Migration, Upgrade, and Downgrade Instructions | 33
Product Compatibility | 34
Known Behavior
IN THIS SECTION
General Routing | 24
This section lists known behavior, system maximums, and limitations in hardware and software in Junos
OS Release 18.3R2 for the ACX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
General Routing
24
Upon classifying the Layer 3 packets, DSCP might not be preserved or lost at the egress due to the
•
limitations of the forwarding asic. PR1322142
The typical transponder propagates the pause frame received from client port to line port. For this Packet
•
Forwarding Engine transponder, this functionality is not supported. PR1371603
No new commit errors will be thrown when buffer-size temporal is configured along with shared-buffer
•
maximum. PR1371828
Telemetery infrastructure does not support interface filtering capability. Therefore, once you enable a
•
particular sensor for telemetry, it is turned-on for all the interfaces. PR1371996
For -et interfaces, only PRE_FEC_SD defect will be raised no OTN alarm will be raised. PR1371997
•
If you configure an invalid sandbox configuration, CCC functionality will break after reboot or upgrade.
•
Sandbox configuration is always done initially by default and you must not modify this configuration.
PR1373375
L2 rewrite on outgoing MPLS packets is not supported. PR1376001
•
When the system is commissioned first time after upgrade, root authentication configuration needs to
•
be entered. All the default cross-connect configurations done by the script is not saved in configuration
till system root authentication configuration is entered. This is a Junos OS product feature. So, if user
displays the cross-connect configuration before configuring root authentication then cross-connect
configuration would not be visible. Current product limitations are: 1. System root authentication
configuration is needed after system is commissioned prior to the init script run otherwise the cross
connect installation might fail. 2. If the existing CCC configurations (user defined cross connects) are
different than the defaults, the configurations might be lost and will be replaced by default cross-connects
after the software upgrade. 3. Software upgrade needs no-validate option during installation. PR1376780
The static-cak encryption does not work between two ACX-OX transponder nodes. PR1389802
•
For the ACX6360 TIC we only have 8 CFP2-DCO ports so chassis beacon show/requests to ports larger
•
than 7 will not work (as the ports do not exist) but will also not report an error. user@host> request
chassis beacon fpc 0 pic-slot 1 port 15 on FPC 0 PIC 1 PORT 15 ON user@host> show chassis beacon
fpc 0 pic-slot 1 port-range lower-limit 0 upper-limit 15 FPC 0 PIC 1 PORT 0 ON FPC 0 PIC 1 PORT 1
ON FPC 0 PIC 1 PORT 2 ON FPC 0 PIC 1 PORT 3 ON FPC 0 PIC 1 PORT 4 ON FPC 0 PIC 1 PORT 5
ON FPC 0 PIC 1 PORT 6 ON FPC 0 PIC 1 PORT 7 ON FPC 0 PIC 1 PORT 8 ON FPC 0 PIC 1 PORT 9
ON FPC 0 PIC 1 PORT 10 OFF FPC 0 PIC 1 PORT 11 OFF FPC 0 PIC 1 PORT 12 OFF FPC 0 PIC 1
PORT 13 OFF FPC 0 PIC 1 PORT 14 OFF FPC 0 PIC 1 PORT 15 ON. PR1399335
The policers applied in IRB will work appropriately when the member links of an aggregated Ethernet
•
interface is in the same core file applied in the aggregated Ethernet interface. The physical interface
might generate a core file mapping: xe-0/0/0 -to- xe-0/0/23 -> CORE 0 xe-0/0/24 -to- xe-0/0/47 ->
CORE 1 et-0/1/0 -> CORE 1 et-0/1/1 -> CORE 1 et-0/1/2 -> CORE 0 et-0/1/3 -> CORE 0. The policers
applied in IRB will work appropriately when the member links of a bridge domain (BD) is in the same
core file. PR1403315
If user configures an invalid speed configuration on TIC ports (PIC slot 1) on ACX6360-OR or
•
ACX6360-OX, the TIC interfaces are not created. PR1403546
25
SEE ALSO
New and Changed Features | 12
Changes in Behavior and Syntax | 21
Known Issues | 25
Resolved Issues | 29
Documentation Updates | 32
Migration, Upgrade, and Downgrade Instructions | 33
Product Compatibility | 34
Known Issues
IN THIS SECTION
General Routing | 26
Interfaces and Chassis | 28
Layer 2 Features | 28
MPLS | 28
This section lists the known issues in hardware and software in Junos OS Release 18.3R2 for the ACX
Series Universal Metro Routers.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
General Routing
When the ACX2100 and ACX2200 are used as ingress PE routers for L2 circuit connections, and the
•
PE-CE interface (UNI) is an aggregated Ethernet interface, then upon MPLS path switchover, the traffic
might be silently dropped or discarded. PR1194551
26
Enhancement of logical interface scale beyond 1000 on ACX5000 platform is not available in mainline
•
release starting from Junos OS Release 17.1 and later. PR1229492
On ACX5448 routers, when 1-Gigabit SFP is plugged in the router, autonegotiation is enabled by default.
•
There is no functional impact. Only the CLI show interfaces <intf-name> extensive command output
shows the autonegotiation field as disabled. PR1343679
There is a conflict when an LACP packet come in an untagged/prio-tagged VPLS logical interface. In the
•
earlier stage of the pipeline, filter entry to snoop an LACP packet takes higher precedence over filter
entry to assign SVP/SrcG port for the untagged/prio-tagged VPLS logical interface. Since the
"interface-specific/input-list" firewall matches SVP/SrcGport in the later stage of the pipeline, the LACP
packets are not hitting the firewall. PR1346380
The logical interface classifier information should not be shown in the output of the show class-of-service
•
interface <ifd> on the ACX5000 line. PR1353828
On an ACX5448 chassis with loss priority configured as medium-low or medium-high, the rewrite rule
•
gets applied for loss priority low. PR1358721
Remote fault signalling is not supported for 1-Gigabit fiber SFP during autonegotiation. The following
•
cosmetic log errors are seen for show interfaces extensive command. Link partner: Link mode: Full-duplex,
Flow control: None, Remote fault: Down, Reason: Link partner offline. RFI ignored since AN is in default
mode. PR1362490
Dedicated minimum buffers are reserved for some queues according to the Junos OS working model.
•
These buffers are always available to those queues irrespective of the traffic pattern throughout the
system. When the clearing stat statement is used, these values are visible. This cosmetic or minor issue
has no functional impact. PR1367978
Because of a race condition, in which the class-of-service configuration request for an interface is
•
received before the e1-interface is created, a circuit with specified class-of-service parameters is created.
Because of this, the interface creation fails, resulting in traffic not flowing on the e1-interface and then
(if e1-interfaces are further disabled or enabled) a core file is generated. PR1378747
The dedicated buffer for bytes/packets sometimes exceeds the maximum threshold value under the
•
show class-of-service packet-buffer usage command output. As per DNX architecture, reserved buffer
is not limited to the OCB buffer limit (16 MB), so whenever the buffer goes beyond 16 MB, DNX punts
the packet to the DRAM instead of dropping it. This is as per design or behavior. PR1379713
Host bound traffic might be affected and lt interface might go down in ACX Series routers. PR1382166
•
When packets are sent from Layer 2 to Layer 2 and when you apply MF classifier, all packets are put
•
into the correct queue on the egress interface but they are dropped. As a workaround, avoid the
loss-priority high action in the firewall filters (MF classifiers). PR1388731
On the ACX5000 line, in Junos OS Release 17.3 and later releases, the Packet Forwarding Engine syslog
•
frequently shows the following error message: acx_cos_tcp_bind_queues:736 parent acx_cos_tcp_ifd
for ifd:ae0 doesn't exist for ifl:549. In Junos OS Release 17.3R3-S1, the error logs appear only from time
to time, and this can be related with to an interface flap. In Junos OS Release 18.1R3, the logs appear
constantly, without any interface flap. PR1392088
27
Explicit swap-push map operations are now introduced on VPLS logical interfaces in ACX5000. This is
•
already supported as part of implicit map operations or routing instance-level configurations. PR1398118
A jnxIfOtnOperState trap notification is sent for all ot-interfaces. This is a day-1 issue. PR1406758
•
Policer discarded packets are marked in black color (black is color-internal to hardware pipeline). Black
•
color is used to discard the packets in the pipeline. These packets are not really enqueued into the queues
(VoQs) in hardware. The hardware queue statistics shows the packets as discarded. However, both
actual-enqueued and the discarded counts are shown as queue statistics in software. This is a software
queue statistics show issue. PR1414887
Packets transmitted in a queue are not as expected when testing IEEE-802.1ad inner classifier at the
•
ingress and IEEE-802.1ad rewrite at the egress with various events. PR1422515
Copying images from WAN interface to Routing Engine of ACX5448 router takes long time. PR1422544
•
Interfaces and Chassis
When an unnumbered interface is binding to an interface that has more than one IP address and one of
•
the IP addresses is deleted, the family inet of the unnumbered interface might be deleted. The issue
results in traffic loss for all the services that rely on the family inet of the unnumbered interface.
Configuring preferred-source-address on the unnumbered interface will prevent deletion of the IP
address thereby avoiding the deletion of the family inet of the unnumbered interface. PR1412534
Layer 2 Features
On Junos OS ACX5000, on the interfaces where LLDP is disabled (commit) and there is a change on an
•
interface in the next commit, the l2cpd sends the message to disable LLDP on all the interfaces to the
kernel. The kernel then tries to remove the implicit filters, which return ENOENT, since the entries are
disabled during the first commit. PR1400606
MPLS
28
Packets transmitted in a queue are not as expected when testing IEEE-802.1ad inner classifier at the
•
ingress and IEEE-802.1ad rewrite at the egress with various events. PR1432138
SEE ALSO
New and Changed Features | 12
Changes in Behavior and Syntax | 21
Known Behavior | 24
Resolved Issues | 29
Documentation Updates | 32
Migration, Upgrade, and Downgrade Instructions | 33
Product Compatibility | 34
Resolved Issues
IN THIS SECTION
Resolved Issues: 18.3R2 | 29
Resolved Issues: 18.3R1 | 31
This section lists the issues fixed in the Junos OS main release and the maintenance releases for the ACX
Series routers.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
29
Resolved Issues: 18.3R2
Class of Service
Error message STUCK_BUFF : port_sp not empty for port 35 sp 1 pkts:1 is seen when a lag bundle is
•
configured with 64 lag links. PR1346452
General Routing
10G interface fault detection behavior changed. PR1223457
•
ACX Series routers supports dual-tagged and untagged packets Layer 3 traffic. PR1307666
•
Port XE-0/3/0 did not come up. PR1328207
•
ARP request is getting dropped and not forwarded to the NNI interface queue when the CoS configuration
•
has temporal buffer size. PR1363153
On ACX5000 routers, the log message fpc0 (acx_rt_ip_uc_lpm_install:LPM route add failed) Reason :
•
Invalid parameter is seen after configuring lpm-profile. PR1365034
VPLS with vlan-id-list does not work when the link between a PE device and a CE device is an aggregated
•
Ethernet interface with a single member link and child physical interface flap. PR1365894
LIBCOS_COS_TVP_FC_INFO_NOT_FOUND: Forwarding-class information not specified prints while
•
commit on configuration prompt. PR1376665
The fxpc might crash after an interface is changed on ACX5000 line of routers. PR1378155
•
On ACX5448 routers, channelized 25-Gbps et-interfaces might not come up after chassis-control restart.
•
PR1379288
The L2 circuit might stop forwarding traffic when one core interface flaps. PR1381487
•
On ACX6360 routers, the timestamp is incorrect for BER statistics after clearing. PR1386253
•
The request chassis beacon CLI command is not working for pic-slot 1 (that is, CFP2 ports). PR1386711
•
On ACX5448 routers, 100-Gbps link FEC is enabled by default on 100-Gbps LR4. PR1389518
•
On ACX Series platforms, the forwarding-option dhcp-relay forward-only statement stops working and
•
the DHCP packets are dropped. PR1392261
Certain builds of Junos OS do not allow you to upgrade or commit configuration changes when the SI
•
service interface is used. PR1393729
On ACX Series routers, the MTU is not properly applied and the output of ping mpls l2circuit sweep is
•
giving lower values than expected. PR1393947
ACX Series routers do not support the physical-interface-filter command in egress direction for any
•
filters. It supports the interface-specific command only. PR1395362
On ACX5048 routers, the RPM RFC2544-benchmarking test fails to start. PR1395730
•
Error message ACX_PFE_ERROR: dnx_cfm_bd_endpoint_create: Failed to destroy the remote endpoint,
•
Endpoint id 0x2001001, Entry not found is logged. PR1397878
30
CFM adjacency is not going down with distinct intervals. PR1397883
•
Error message ACX_ASIC_PROGRAMMING_ERROR: dnx_cfm_bd_endpoint_create: Failed to create
•
the local endpoint Invalid parameter has been logged on peer node. PR1397951
Output packet error Count is incrementing on 40-Gigabit Ethernet and 100-Gigabit Ethernet ports.
•
PR1398270
High jsd or na-grpcd CPU usage might be seen even if JET or JTI is not used. PR1398398
•
Dynamic tunnel is not supported on ACX Series routers. PR1398729
•
On ACX5448 routers, it is not possible to configure bridge domain (BD) more than 1024, using 100-Gigabit
•
and aggregated Ethernet interface in bridge domain (BD). PR1399214
FPC might crash after offline/online of MIC-3D-16CHE1-T1-CE-H. PR1402563
•
ACX5448 supports TrTCM policer configuration parameters as per RFC4115. PR1405798
•
ACX Series routers drop DNS responses that contain an underscore. PR1410062
•
The aggregated Ethernet interface TWAMP history statistics verification on client is not getting expected
•
Request Timed Out error. PR1411344
Number of inet-arp policers implemented on ACX5000 has been increased from 16 to 64. PR1413807
•
Swap memory is not initialized on boot on ACX5048. PR1415898
•
Loading...