Release Notes: Junos®OS Release 19.2R3 for
the ACX Series, EX Series, MX Series, NFX
Series, PTX Series, QFX Series, SRX Series, and
Junos Fusion
1
22 April 2021
Contents
Introduction | 10
Junos OS Release Notes for ACX Series | 10
What's New | 11
What's New in Release 19.2R3 | 11
What's New in Release 19.2R2 | 11
What's New in Release 19.2R1-S1 | 12
What's New in Release 19.2R1 | 12
What's Changed | 16
What’s Changed in 19.2R3-S1 | 17
What’s Changed in 19.2R3 | 17
What’s Changed in 19.2R2 | 17
What’s Changed in 19.2R1 | 18
Known Limitations | 19
General Routing | 19
Open Issues | 22
General Routing | 22
MPLS | 25
Resolved Issues | 25
Resolved Issues: 19.2R3 | 26
Resolved Issues: 19.2R2 | 26
Resolved Issues: 19.2R1-S1 | 29
Resolved Issues: 19.2R1 | 30
Documentation Updates | 31
Installation and Upgrade Guide | 31
Migration, Upgrade, and Downgrade Instructions | 32
Upgrade and Downgrade Support Policy for Junos OS Releases | 32
Junos OS Release Notes for EX Series Switches | 34
What’s New | 34
What’s New in Release 19.2R3 | 35
What’s New in Release 19.2R2 | 35
What’s New in Release 19.2R1-S1 | 36
2
What’s New in Release 19.2R1 | 36
What’s Changed | 41
What’s Changed in Release 19.2R3 | 41
What’s Changed in Release 19.2R2 | 41
What’s Changed in Release 19.2R1 | 43
Known Limitations | 44
EVPN | 45
Platform and Infrastructure | 45
Open Issues | 45
Authentication and Access Control | 46
Infrastructure | 46
Interfaces and Chassis | 47
Junos Fusion for Enterprise | 47
Layer 2 Features | 47
Network Management and Monitoring | 47
Platform and Infrastructure | 47
Routing Protocols | 48
Resolved Issues | 49
Resolved Issues: 19.2R3 | 49
Resolved Issues: 19.2R2 | 51
Resolved Issues: 19.2R1 | 59
Documentation Updates | 63
Installation and Upgrade | 63
Migration, Upgrade, and Downgrade Instructions | 63
Upgrade and Downgrade Support Policy for Junos OS Releases | 64
Junos OS Release Notes for Junos Fusion Enterprise | 65
What’s New | 65
What's New in Release 19.2R3 | 66
What's New in Release 19.2R2 | 66
What's New in Release 19.2R1 | 66
What’s Changed | 67
What’s Changed in 19.2R3 | 67
What’s Changed in 19.2R2 | 67
What’s Changed in 19.2R1 | 67
3
Known Limitations | 68
Open Issues | 68
Junos fusion for enterprise | 68
Resolved Issues | 69
Resolved Issues: 19.2R3 | 70
Resolved Issues: 19.2R2 | 70
Resolved Issues: 19.2R1 | 70
Documentation Updates | 71
Migration, Upgrade, and Downgrade Instructions | 71
Basic Procedure for Upgrading Junos OS on an Aggregation Device | 71
Upgrading an Aggregation Device with Redundant Routing Engines | 73
Preparing the Switch for Satellite Device Conversion | 74
Converting a Satellite Device to a Standalone Switch | 75
Upgrade and Downgrade Support Policy for Junos OS Releases | 75
Downgrading from Junos OS | 76
Junos OS Release Notes for Junos Fusion Provider Edge | 77
What's New | 77
What’s New in Release 19.2R3 | 78
What’s New in Release 19.2R2 | 78
What’s New in Release 19.2R1 | 78
What’s Changed | 78
Known Limitations | 79
Open Issues | 79
Junos Fusion Provider Edge | 80
Resolved Issues | 80
Resolved Issues: 19.2R3 | 81
Resolved Issues: 19.2R2 | 81
Resolved Issues: 19.2R1 | 81
Documentation Updates | 82
Migration, Upgrade, and Downgrade Instructions | 82
Basic Procedure for Upgrading an Aggregation Device | 83
Upgrading an Aggregation Device with Redundant Routing Engines | 85
Preparing the Switch for Satellite Device Conversion | 86
4
Converting a Satellite Device to a Standalone Device | 87
Upgrading an Aggregation Device | 90
Upgrade and Downgrade Support Policy for Junos OS Releases | 90
Downgrading from Junos OS Release 19.2 | 90
Junos OS Release Notes for MX Series 5G Universal Routing Platform | 91
What’s New | 92
What’s New in 19.2R3 | 92
What’s New in 19.2R2 | 93
What’s New in 19.2R1-S4 | 93
What’s New in 19.2R1-S1 | 94
What’s New in 19.2R1 | 95
What's Changed | 113
What’s Changed in Release 19.2R3-S1 | 114
What’s Changed in Release 19.2R3 | 114
What’s Changed in Release 19.2R2 | 115
What’s Changed in Release 19.2R1 | 120
Known Limitations | 123
General Routing | 124
Interfaces and Chassis | 126
Platform and Infrastructure | 127
Routing Protocols | 127
Open Issues | 127
EVPN | 128
Forwarding and Sampling | 128
General Routing | 129
Infrastructure | 134
Interfaces and Chassis | 134
Junos Fusion for Provider Edge | 135
Layer 2 Features | 135
Layer 2 Ethernet Services | 135
MPLS | 135
Network Management and Monitoring | 136
Platform and Infrastructure | 136
Routing Protocols | 137
5
User Interface and Configuration | 138
VPNs | 138
Resolved Issues | 139
Resolved Issues: 19.2R3 | 139
Resolved Issues: 19.2R2 | 146
Resolved Issues: 19.2R1 | 175
Documentation Updates | 191
Installation and Upgrade Guide | 191
Subscriber Management Provisioning Guide | 191
Migration, Upgrade, and Downgrade Instructions | 192
Basic Procedure for Upgrading to Release 19.2 | 193
Procedure to Upgrade to FreeBSD 11.x based Junos OS | 193
Procedure to Upgrade to FreeBSD 6.x based Junos OS | 195
Upgrade and Downgrade Support Policy for Junos OS Releases | 197
Upgrading a Router with Redundant Routing Engines | 198
Downgrading from Release 19.2 | 198
Junos OS Release Notes for NFX Series | 199
What’s New | 199
What’s New in Release 19.2R3 | 200
What’s New in Release 19.2R2 | 200
What’s New in Release 19.2R1 | 200
What’s Changed | 201
What’s Changed in Release 19.2R3 | 202
What’s Changed in Release 19.2R2 | 202
What’s Changed in Release 19.2R1 | 202
Known Limitations | 202
Interfaces | 203
Platform and Infrastructure | 203
Virtual Network Functions (VNFs) | 204
Open Issues | 204
Interfaces | 205
Platform and Infrastructure | 205
Routing Protocols | 205
Virtual Network Functions (VNFs) | 206
6
Resolved Issues | 206
Resolved Issues: 19.2R3 | 207
Resolved Issues: 19.2R2 | 207
Resolved Issues: 19.2R1 | 209
Documentation Updates | 210
Migration, Upgrade, and Downgrade Instructions | 210
Upgrade and Downgrade Support Policy for Junos OS Releases | 211
Basic Procedure for Upgrading to Release 19.2 | 211
Junos OS Release Notes for PTX Series Packet Transport Routers | 212
What's New | 213
What’s New in 19.2R3 | 213
What’s New in 19.2R2 | 214
New and Changed Features: 19.2R1-S4 | 214
New and Changed Features: 19.2R1-S1 | 215
New and Changed Features: 19.2R1 | 215
What’s Changed | 221
What’s Changed in Release 19.2R3 | 222
What’s Changed in Release 19.2R2 | 222
What’s Changed in Release 19.2R1-S5 | 224
What’s Changed in Release 19.2R1 | 224
Known Limitations | 227
General Routing | 227
Interfaces and Chassis | 228
Open Issues | 228
General Routing | 229
Interfaces and Chassis | 230
Layer 2 Ethernet Services | 230
Routing Protocols | 230
Resolved Issues | 230
Resolved Issues: 19.2R3 | 231
Resolved Issues: 19.2R2 | 231
Resolved Issues: 19.2R1 | 235
Documentation Updates | 238
Installation and Upgrade Guide | 238
7
Migration, Upgrade, and Downgrade Instructions | 238
Basic Procedure for Upgrading to Release 19.2 | 239
Upgrade and Downgrade Support Policy for Junos OS Releases | 241
Upgrading a Router with Redundant Routing Engines | 242
Junos OS Release Notes for the QFX Series | 243
What's New | 243
What’s New in Release 19.2R3 | 244
What’s New in Release 19.2R2 | 244
What's New in Release 19.2R1-S1 | 244
What's New in Release 19.2R1 | 245
What's Changed | 253
What’s Changed in Release 19.2R3 | 254
What’s Changed in Release 19.2R2 | 254
What’s Changed in Release 19.2R1 | 257
Known Limitations | 259
EVPN | 259
Layer 2 Features | 259
Platform and Infrastructure | 259
Routing Protocols | 260
Open Issues | 261
EVPN | 261
Infrastructure | 262
Interfaces and Chassis | 262
Layer 2 Features | 262
Platform and Infrastructure | 262
Routing Protocols | 264
Virtual Chassis | 264
Resolved Issues | 265
Resolved Issues: 19.2R3 | 265
Resolved Issues: 19.2R2 | 267
Resolved Issues: 19.2R1 | 281
Documentation Updates | 287
Installation and Upgrade guide | 287
8
Migration, Upgrade, and Downgrade Instructions | 288
Upgrading Software on QFX Series Switches | 288
Installing the Software on QFX10002-60C Switches | 291
Installing the Software on QFX10002 Switches | 291
Upgrading Software from Junos OS Release 15.1X53-D3X to Junos OS Release
15.1X53-D60, 15.1X53-D61.7, 15.1X53-D62, and 15.1X53-D63 on QFX10008 and
QFX10016 Switches | 292
Installing the Software on QFX10008 and QFX10016 Switches | 294
Performing a Unified ISSU | 298
Preparing the Switch for Software Installation | 299
Upgrading the Software Using Unified ISSU | 299
Upgrade and Downgrade Support Policy for Junos OS Releases | 301
Junos OS Release Notes for SRX Series | 302
What’s New | 303
New and Changed Features: 19.2R3 | 303
New and Changed Features: 19.2R2 | 303
New and Changed Features: 19.2R1-S1 | 304
New and Changed Features: 19.2R1 | 304
What's Changed | 313
Release 19.2R3 Changes in Behavior and Syntax | 314
Release 19.2R2 Changes in Behavior and Syntax | 314
Release 19.2R1 Changes in Behavior and Syntax | 316
Known Limitations | 317
J-Web | 318
VPNs | 318
Open Issues | 319
Chassis Clustering | 319
Flow-Based and Packet-Based Processing | 319
Intrusion Detection and Prevention (IDP) | 320
J-Web | 320
Platform and Infrastructure | 320
Routing Policy and Firewall Filters | 320
VPNs | 320
Resolved Issues | 321
Resolved Issues: 19.2R3 | 321
9
Resolved Issues: 19.2R2 | 323
Resolved Issues: 19.2R1 | 333
Documentation Updates | 340
Migration, Upgrade, and Downgrade Instructions | 341
Upgrade and Downgrade Support Policy for Junos OS Releases and Extended End-Of-Life
Releases | 341
Upgrading Using ISSU | 342
Licensing | 342
Compliance Advisor | 342
Finding More Information | 343
Documentation Feedback | 343
Requesting Technical Support | 344
Self-Help Online Tools and Resources | 344
Opening a Case with JTAC | 345
Revision History | 345
Introduction
Junos OS runs on the following Juniper Networks®hardware: ACX Series, EX Series, M Series, MX Series,
NFX Series, PTX Series, QFabric systems, QFX Series, SRX Series, T Series, and Junos Fusion.
These release notes accompany Junos OS Release 19.2R3 for the ACX Series, EX Series, MX Series, NFX
Series, PTX Series, QFX Series, SRX Series, and Junos Fusion. They describe new and changed features,
limitations, and known and resolved problems in the hardware and software.
Junos OS Release Notes for ACX Series
IN THIS SECTION
10
What's New | 11
What's Changed | 16
Known Limitations | 19
Open Issues | 22
Resolved Issues | 25
Documentation Updates | 31
Migration, Upgrade, and Downgrade Instructions | 32
These release notes accompany Junos OS Release 19.2R3 for the ACX Series. They describe new and
changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/product/en_US/junos-os.
What's New
IN THIS SECTION
What's New in Release 19.2R3 | 11
What's New in Release 19.2R2 | 11
What's New in Release 19.2R1-S1 | 12
What's New in Release 19.2R1 | 12
Learn about new features introduced in the Junos OS main and maintenance releases for ACX Series
routers.
11
What's New in Release 19.2R3
There are no new features or enhancements to existing features for ACX Series routers in Junos OS Release
19.2R3.
What's New in Release 19.2R2
There are no new features on ACX Series in Release 19.2R2.
What's New in Release 19.2R1-S1
Routing Protocols
Decouple RSVP for IGP-TE (MX Series, PTX Series, ACX Series, QFX Series, SRX Series, and EX
•
Series)—Starting in Junos OS Release 19.2R1-S1, device can advertise selective traffic-engineering
attributes such as admin-color and maximum-bandwidth, without enabling RSVP, for segment routing
and interior gateway protocol (IGP) deployments.
What's New in Release 19.2R1
Class of Service (CoS)
Support for class of service (CoS)(ACX6360 routers)—Starting in Junos OS Release 19.2R1, ACX6360
•
routers support class of service (CoS) functionality.
CoS is the assignment of traffic flows to different service levels. Service providers can use router-based
CoS features to define service levels that provide different delay, jitter (delay variation), and packet loss
characteristics to particular applications served by specific traffic flows.
12
[See CoS on ACX Series Universal Metro Routers Features Overview.]
EVPN
EVPN support of VLAN ID ranges and lists in service provider style interface configurations (EX9200
•
switches, ACX5448 and MX Series routers, and vMX virtual routers)—Starting in Junos OS Release
19.2R1, EX9200 switches, ACX5448 and MX Series routers, and vMX virtual routers support the use
of VLAN ID ranges and lists in a service provider style interface configuration, which must be referenced
in an EVPN routing instance. This configuration is supported with the following EVPN environments,
services, and features:
Environments:
•
EVPN with VXLAN encapsulation
•
EVPN with MPLS encapsulation
•
VLAN bundle service:
•
E-LAN
•
E-Tree
•
E-Line
•
Feature:
•
EVPN multihoming:
•
All-active
•
Single-active
•
Singlehoming
•
[See VLAN ID Ranges and Lists in an EVPN Environment.]
Interfaces and Chassis
Support for 100-Mbps and 1-Gbps speeds on Tri-Rate Copper SFP (ACX5448 routers)—Starting in
•
Junos OS Release 19.2R1, ACX5448 routers support 100-Mbps and 1-Gbps speeds on Tri-Rate Copper
SFP optics (part number 740-013111).
NOTE: 100-Mbps speed is supported only on ports xe-0/0/24 through xe-0/0/47.
10-Mbps speed is not supported on Tri-Rate Copper SFP due to hardware limitations.
To set the speed for the optics, issue the set interfaces interface-name speed auto command. [See
•
Speed for more details.]
To enable autonegotiation, issue the set interfaces interface-name gigether-options auto-negotiation
•
command. [See auto-negotiation.]
13
Junos Telemetry Interface
Support for LSP statistics on JTI (ACX6360)—Starting with Junos OS Release 19.2R1, you can provision
•
the LSP statistics sensor using the resource path /junos/services/label-switched-path/usage/ to monitor
per-MPLS LSP statistics on the ACX6360 router and export telemetry data through Junos telemetry
interface (JTI) to external collectors. You can stream data at configurable intervals through gRPC without
involving polling.
JTI support is only for RSVP LSPs.
Statistics that are streamed are similar to the output displayed by the operational mode command show
mpls lsp bypass statistics.
To provision a sensor to export data through gRPC, use the telemetrySubscribe RPC to specify telemetry
parameters. Streaming telemetry data through gRPC also requires the OpenConfig for Junos OS module.
Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled into the
Junos OS image by default. Both packages support JTI.
To enable statistics for export from the Junos OS, include the sensor-based-stats statement at the [edit
protocols mpls] hierarchy level.
[See Guidelines for gRPC Sensors (Junos Telemetry Interface) and Understanding OpenConfig and gRPC
on Junos Telemetry Interface.]
•
Specify Routing Instance for JTI (ACX Series, MX Series, PTX Series, and QFX Series)—Starting in Junos
OS Release 19.2R1, you can specify the routing instance to use for remote procedure call (gRPC) services.
Include the routing-instance instance-name at the [edit system services extension-service
request-response grpc] hierarchy level. The routing instance name specified should match the name of
the existing routing instance, such as a name configured under the [routing-instances] hierarchy level
or mgmt_junos if system management-instance is configured (the dedicated management routing
instance).
Configuring the routing instance lets you choose the VRF for gRPC services. When the routing instance
is not configured, the default behavior is that all gRPC-related services are available through the
management fxp0/em0) interface.
Layer 3 Features
Support for Layer 3 unicast features (ACX 6360)—Starting in Junos OS Release 19.2R1, ACX routers
•
support the following Layer 3 forwarding features for unicast IPv4 and IPv6 traffic:
Basic IPv6 forwarding
•
Virtual router (VRF-lite) for both IPv4 and IPv6
•
Layer 3 subinterfaces support for both IPv4 and IPv6
•
VRF-lite, subinterfaces, and IPv6 forwarding support on link aggregation groups (LAGs)
•
Statistics support for Layer 3 subinterfaces
•
14
32-way equal-cost multipath (ECMP)
•
Centralized Bidirectional Forwarding Detection (BFD)
•
IPv4 Layer 3 protocols:
•
OSPF
•
IS-IS
•
BGP
•
IPv6 Layer 3 protocols:
•
OSPFv3
•
RIPng
•
Network Management and Monitoring
Support for displaying valid user input in the CLI for command options and configuration statements
•
in custom YANG data models (ACX Series)—Starting in Junos OS Release 19.2R1, the CLI displays the
set of possible values for a given command option or configuration statement in a custom YANG data
model when you include the action-expand extension statement in the option or statement definition
and reference a script that handles the logic. The action-expand statement must include the script child
statement, which defines the Python action script that is invoked when a user requests context-sensitive
help in the CLI for the value of that option or statement.
[See Displaying Valid Command Option and Configuration Statement Values in the CLI for Custom YANG
Modules.]
Software Installation and Upgrade
Zero Touch Provisioning (ACX5448)—Starting in Junos OS Release 19.2R1, Zero Touch Provisioning
•
(ZTP) automates the provisioning of the device configuration and software image with minimal manual
intervention on management interface em0.
15
When you physically connect a router to the network and boot it with a factory configuration, the router
upgrades the Junos OS software image automatically and automatically installs a configuration file from
the network through the management interface.
[See Zero Touch Provisioning.]
System Management
Support for transferring accounting statistics files and router configuration archives using HTTP URL
•
(ACX Series)—Starting in Junos OS Release 19.2R1, you can transfer accounting statistics files and router
configuration archives to remote servers by using an HTTP URL. In addition to SCP and FTP, the following
HTTP URL will be supported under the archive-sites statement:
http://username@host:url-path password password
To transfer accounting statistics files, configure archive-sites under [edit accounting-options file
•
<filename>] hierarchy.
To transfer router configuration archival, configure archive-sites under edit system archival
•
configuration hierarchy.
To view the statistics of transfer attempted, succeeded, and failed, use the show accounting server
•
statistics archival-transfer command.
To clear the statistics of transfer attempted, succeeded, and failed, use the clear accounting server
•
statistics archival-transfer command.
[See archive-sites, Backing Up Configurations to an Archive Site, show accounting server statistics
archival-transfer, and clear accounting server statistics archival-transfer].
Precision Time Protocol (PTP) Transparent Clock with IPv6 Transport (PTX10001-20C and ACX6360-OR
•
devices)—Starting with Junos OS Release 19.2R1, PTP uses IPv6 transport to synchronize clocks
throughout a packet-switched network. With a transparent clock, the PTP packets are updated with
theresidence time as the packets pass through the switch. There is no master/slaved designation.
End-to-end transparent clocks are supported. With an end-to-end transparent clock, only the residence
time is included. The residence time can be sent in a one-step process, which means that the timestamps
are sent in one packet.
You can configure the transparent clock at the [edit protocols ptp] Junos OS CLI hierarchy.
[See Understanding Transparent Clocks in Precision Time Protocol.]
SEE ALSO
What's Changed | 16
Known Limitations | 19
16
Open Issues | 22
Resolved Issues | 25
Documentation Updates | 31
Migration, Upgrade, and Downgrade Instructions | 32
What's Changed
IN THIS SECTION
What’s Changed in 19.2R3-S1 | 17
What’s Changed in 19.2R3 | 17
What’s Changed in 19.2R2 | 17
What’s Changed in 19.2R1 | 18
Learn about what changed in the Junos OS main and maintenance releases for ACX Series routers.
What’s Changed in 19.2R3-S1
General Routing
Support for gigether-options statement (ACX5048, ACX5096)—Junos OS supports the gigether-options
•
statement at the edit interfaces interface-name hierarchy on the ACX5048 and ACX5096 routers.
Previously, support for the gigether-statement was deprecated.
[See gigether-options.]
What’s Changed in 19.2R3
Juniper Extension Toolkit (JET)
Set the trace log to only show error messages (ACX Series, EX Series, MX Series, PTX Series, QFX
•
Series, SRX Series)— You can set the verbosity of the trace log to only show error messages using the
error option at the edit system services extension-service traceoptions level hierarchy.
See traceoptions (Services).
17
What’s Changed in 19.2R2
Interfaces and Chassis
Support for creating Layer 2 logical interfaces independently (ACX Series, EX Series, MX Series, PTX
•
Series, and QFX Series)—In Junos OS Release 19.2R2 and later, ACX Series routers support creating
Layer 2 logical interfaces independent of the Layer 2 routing-instance type. That is, you can configure
and commit the Layer 2 logical interfaces separately and add the interfaces to the bridge domain or
Ethernet VPN (EVPN) routing instance separately. Note that the Layer 2 logical interfaces work fine only
when they are added to the bridge domain or EVPN routing instance.
In earlier Junos OS releases, when you use a Layer 2 logical interface configuration (units with
encapsulation vlan-bridge configuration), then you must add the logical interface as part of a bridge
domain or EVPN routing instance for the commit to succeed.
Support for disabling RS-FEC (ACX6360-OX)—By default, Junos OS software enables or disables forward
•
error correction based on plugged-in optics. Starting with Junos OS Release 19.2R2, on ACX6360-OX
routers functioning as transponders, you can now disable Ethernet FEC, also known as RS-FEC or FEC91.
Previously, RS-FEC was enabled by default and could not be disabled.
[See fec.]
Operation, Administration, and Maintenance (OAM)
Performance monitoring history data is lost when a change in number of supported history records is
•
detected (ACX Series and MX Series)—In Junos OS Release 19.2R2, when Ethernet connectivity fault
management starts, it detects the number of history records supported by the existing Performance
Monitoring history database and if there is any change from the number of history records supported
(that is, 12) in Release 19.2R2, then the existing performance monitoring history database is cleared and
all performance monitoring sessions are restarted with mi-index 1.
Routing Protocols
XML RPC equivalent included for the show bgp output-scheduler | display xml rpc CLI command (ACX
•
Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release
19.2R2, we have included an XML RPC equivalent for the show bgp output-scheduler | display xml rpc
CLI command. In Junos OS releases before Release 19.2R2, the show bgp output-scheduler | display
xml rpc CLI command does not have an XML RPC equivalent.
[See show bgp output-scheduler.]
18
What’s Changed in 19.2R1
Interfaces and Chassis
Monitoring information available only in trace log (ACX Series)—In Junos OS Release 19.2R1 and later,
•
the Ethernet link fault management daemon (lfmd) in the peer router stops monitoring the locally occurred
errors until ISSU completes. You can view the monitoring-related details only through the trace log file.
Network Management and Monitoring
The show system schema command and <get-yang-schema> RPC require specifying an output directory
•
(ACX Series)—Starting in Junos OS Release 19.2R1, when you issue the show system schema operational
mode command in the CLI or execute the <get-yang-schema> RPC in a remote session to retrieve
schema files, you must specify the directory in which to generate the output files by including the
output-directory command option in the CLI or the <output-directory> element in the RPC. In earlier
releases, you can omit the output-directory argument when requesting a single module to display the
module in standard output.
Custom YANG RPC support for input parameters of type empty (ACX Series)—Starting in Junos OS
•
Release 19.2R1, custom YANG RPCs support input parameters of type empty when executing the RPC’s
command in the Junos OS CLI, and the value passed to the action script is the parameter name. In earlier
releases, input parameters of type empty are only supported when executing the RPC in a NETCONF
or Junos XML protocol session, and the value passed to the action script is the string 'none'.
[See Creating Action Scripts for YANG RPCs on Devices Running Junos OS.]
VLAN Infrastructure
Specifying a descending VLAN ID range ( ACX5448 routers)—In Junos OS releases prior to Junos OS
•
Release 19.2R1, the system accepts a descending range—for example, 102-100, with the vlan-id-range
configuration statement in the [edit interfaces interface-name unit logical-unit-number] hierarchy.
Starting with Junos OS Release 19.2R1, the system considers a descending range specified with
vlan-id-range to be invalid and raises an error if you try to commit this configuration.
SEE ALSO
What's New | 11
Known Limitations | 19
Open Issues | 22
Resolved Issues | 25
Documentation Updates | 31
19
Migration, Upgrade, and Downgrade Instructions | 32
Known Limitations
IN THIS SECTION
General Routing | 19
Learn about known limitations in this release for ACX Series routers.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
General Routing
All PTP packets go to the best-effort queue instead of the network control queue. This is because of
•
the limitation on ACX5448 where DSCP values are not preserved. PR1361315
ACX6360 Junos telemetry interface or telemetry infrastructure does not support the interface-filtering
•
capability. Therefore, after you enable a particular sensor for telemetry, it is turned on for all the interfaces.
PR1371996
For an Ethernet (et) interface, only the PRE_FEC_SD defect is raised and no OTN alarm is raised.
•
PR1371997
The CLI static-cak command encryption does not work between two ACX-OX transponder nodes.
•
PR1389802
The ACX6360 TIC has only 8 CFP2-DCO ports, so chassis beacon show/requests to port numbers larger
•
than 7 do not work (as the ports don't exist) but also do not report an error. user@router> request
chassis beacon fpc 0 pic-slot 1 port 15 on FPC 0 PIC 1 PORT 15 ON user@router> show chassis beacon
fpc 0 pic-slot 1 port-range lower-limit 0 upper-limit 15 FPC 0 PIC 1 PORT 0 ON FPC 0 PIC 1 PORT 1
ON FPC 0 PIC 1 PORT 2 ON FPC 0 PIC 1 PORT 3 ON FPC 0 PIC 1 PORT 4 ON FPC 0 PIC 1 PORT 5
ON FPC 0 PIC 1 PORT 6 ON FPC 0 PIC 1 PORT 7 ON FPC 0 PIC 1 PORT 8 ON FPC 0 PIC 1 PORT 9
ON FPC 0 PIC 1 PORT 10 OFF FPC 0 PIC 1 PORT 11 OFF FPC 0 PIC 1 PORT 12 OFF FPC 0 PIC 1
PORT 13 OFF FPC 0 PIC 1 PORT 14 OFF FPC 0 PIC 1 PORT 15 ON. PR1399335
When a timing configuration and the corresponding interface configuration are flapped for multiple
•
times in iteration, PTP is stuck in "INITIALIZE" state where the ARP for the neighbor is not resolved. In
issue state, BCM hardware block gets into inconsistency state, where the lookup is failing. PR1410746
The input packet count given under the traffic statistics includes all packets that are coming in. The
•
statistics are not segregated as IPv4, IPv6, MPLS, and so on. This is the same behavior across all the ACX
Series platforms. PR1419143
20
Hardware-based fragmentation or reassembly is not supported. Software-based fragmentation rates
•
are going to be extremely slow depending on CPU load. PR1419371
In the output of show SNMP mib walk jnxBoxAnatomy, the chassis CLEI code and contents model is
•
reading data from the I2C bus and EEPROM. Because the fan is not present on the I2C bus and does
not have EEPROM, fan data can’t be displayed for chassis CLEI code and contents model. PR1420639
There is no support on separate counters for egress-dropped packets. Counters are reflected as part of
•
RED-dropped packets. PR1427148
Problem description: When end device (fan tray CPLD) I2C line is grounded or pulled low, other device
•
write/reads are failing. From our testing, we have concluded the following: We have verified isolation
functionality when the device is in the problem state, it's working fine (verified through software
simulation). But in this case where we grounded one of the fan tray CPLD i2c lines to verify the failed
test case, then entire circuit will get stalled and it leads to write fail for other devices also such as the
PEM, and temperature. This is a hardware limitation. PR1427222
These error messages can be seen sometimes if the optics module is being unplugged in between the
•
EEPROM read. This is expected and does not impact any functionality. PR1429016
Packet rates are not seen for aggregated Ethernet logical interface. PR1429590
•
Multicast packets are flooded in a BD if snooping is not enabled. If interfaces x and y belong to a BD,
•
then all multicast packets will be flooded to both x and y interface. If packets are received from interface
x, packets will be flooded to x and y in ingress but discarded in the egress path for interface x because
packet is received from the same interface. But these packets are also counted in the VOQ and hence
we are seeing more queue statistics. It is a known hardware limitation. monitor interface xe-0/0/30Input
packets: 177958 (64 pps) [0]Output packets: 357306 (128 pps) [0] monitor interface xe-0/0/12Input
packets: 361161 (128 pps) [642]Output packets: 179878 (63 pps) [320] root@rioxd-p2a-a> show
interfaces queue xe-0/0/30 Queue: 0, Forwarding classes: best-effortQueued:Packets : 544032 192
pps . => Sum of 64 + 128pps root@rioxd-p2a-a> show interfaces queue xe-0/0/12 Queue: 0, Forwarding
classes: best-effortQueued:Packets : 550929 192 pps . => Sum of 64 + 128pps. PR1429628
Any packet greater than the MTU size are accounted for oversized packets. Packets exceeding MTU
•
sizes are not considered for Jabber check. PR1429923
The statistics are accessed through Broadcom API, which is the same for both tagged and untagged
•
packets. This cannot be changed in accordance with MX Series, because it is direct access from Broadcom
without any statistics changes specific to tagging from ACX5448 side. It will impact other statistics if
changes are made. PR1430108
The port LEDs glowing during system/vmhost halt state is the expected behavior across all ACX Series
•
platforms. Even the system LED glows during halt state. PR1430129
These are initial transient messages seen and do not have any functional impact. PR1430355
•
21
1-Gigabit Ethernet interfaces are shown as “xe”. Therefore, the cosmetic issue is observed with respect
•
to autonegotiation parameters although there is no impact on functionality. PR1430835
If Layer 2 VPN sessions have OAM control-channel option set to router-alert-label, the no-control-word
•
option in L2VPN shouldn't be used for BFD sessions to come up. PR1432854
BCM SDK currently does support statistics, and we see routes are getting reinstalled on a periodic basis.
•
SDK does not support statistics unless we move to Flex mode in KBP. This is a product limitation today.
PR1435579
New rate of 1.8 MB/s and which takes 16-17 min to copy the ACX5448 image (1.9G image size) -
•
ACX5448 rates are less than Misha because the rate limiter is in bps and does not support pps-based
(hardware limitation from DNX)*Avg size is 512. Hence rate is approximately one third of Misha rate.
In file copy cases, normal pkt size seen are 1500 pkt sizes. PR1439960
The hold timer expiry is common across all platforms. It is not specific to ACX5448-D. PR1439980
•
Remote loopback is not supported on ACX5448-D. PR1443517
•
The PEM entries for jnxFruName SNMP index are shown twice. PR1446215
•
ACX Series routers support only 900 joins of IGMPv3 users per second. PR1448146
•
The 2000 EVPN IRB scale is not hitting due to hardware limitation of filter entries that can be installed
•
for EVPN instances. We can support only 1000 scale for Junos OS release 19.2. This is Broadcom
limitation and cannot be changed. PR1461309
Counters for filtering based on DA MAC and SA MAC are not supported, because QMX doesn't have
•
any separate counter to count matched or dropped packets with interface MAC address. PR1463981
SEE ALSO
What's New | 11
What's Changed | 16
Open Issues | 22
Resolved Issues | 25
Documentation Updates | 31
Migration, Upgrade, and Downgrade Instructions | 32
Open Issues
IN THIS SECTION
22
General Routing | 22
MPLS | 25
Learn about open issues in this release for ACX Series routers.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
General Routing
Forwarding when using nonexisting SSM map source address in IGMPv3 instead of pruning. This is a
•
day-1 design issue and needs a design solution. PR1126699
When Layer 3 packets are classified, DiffServ code points are not preserved but are getting lost at the
•
egress interface because of a chipset limitation. PR1322142
ACX5448: When a 1-Gigabit SFP transceiver is plugged into the router, autonegotiation is enabled by
•
default. There is no functional impact. Only the output of the show interfaces <intf-name> extensive
CLI command shows the autonegotiation field as disabled. PR1343679
If the set interfaces ae<>xaggregated-ether-options link-speed <x> configuration is used in the router,
•
after reboot AE interface remains down. Error seen in logs: /kernel: kernel did not add link ae1, link
speeds differ 1000000000 10000000000 /kernel: bundle ae1.0: link xe-0/3/0 not added due to speed
mismatch. PR1357012
Loopback status is not shown for OT interfaces on CLI (available from vty only). PR1358017
•
The SD (Signal Degrade) threshold is normally lower than the SF threshold (that is, so that as errors
•
increase, SD condition is encountered first). For the ACX6360 optical links there is no guard code to
prevent the user from setting the SD threshold, above the SF threshold which would cause increasing
errors to trigger the SF alarm before the SD alarm. This will not cause any issues on systems with correctly
provisioned SD/SF thresholds. PR1376869
ACX6360-OR: Enhancement is needed for FRR BER threshold SNMP support. PR1383303
•
On ACX6360/PTX10001 router, Tx power cannot be configured using + sign. PR1383980
•
More that expected traffic loss is observed during link failure (FRR convergence) and link restoration
•
test on L3VPN traffic over LDP-OSPF MPLS LSP.
Steps to re-create:
1. Layer 3 VPN traffic was flowing end to end on the active path in steady state.
2. Link down state is induced on primary path and traffic is shifted to backup path. Observation: More
than expected traffic loss is observed (around 1.5 seconds).
3. Link is restored and the traffic is moved to the active path. Observation: More than expected traffic
loss is observed (around 21 seconds).
23
The traffic loss percentage is not consistent and varies across each run, and this is the worst-case traffic
loss percentage observed. PR1387834
The switchover time observed was more than 50 minutes under certain soak test conditions with an
•
increased scale with a multiprotocol multirouter topology. PR1387858
IGMP packets over L2 Circuit with Control-Word are dropped in ACX5048. PR1394301
•
The ccc logs are not compressed after rotation. PR1398511
•
A jnxIfOtnOperState trap notification is sent for all ot interfaces. PR1406758
•
Layer 2 rewrite is happening on regular bridge domain and VLAN interfaces, although there are some
•
service dependencies (VPLS in this case) due to which, the egress interface map table is not updated
properly with the Layer 2 rewrite map ID. As a result, the rewrite does not work. PR1414414
Clock class value is incorrect in default data (show ptp clock) when the slave interface is down in the
•
PTP-OC device. PR1416421
On ACX5448 devices, the zero-touch provisioning (ZTP) process will proceed with image upgrade even
•
in situations when there is a mismatch between the platform name of the software image stored on FTP
or ZTP servers and the actual platform where the ZTP process is being run. PR1418313
The issue is not fixed in Junos OS Release 19.1 where inner VLAN tag classification will not work. It is
•
not fixed in 18.3R2 release. Also not fixed in 19.2R1 Release. There was a behavior change introduced
as part of PR1307666, where the inner VLAN tag is popped out on the ingress side when an IP packet
with double-tagged VLAN is received, and this change is needed for IP packets to work on proper transmit
on the egress interface. PR1422515
Under scale conditions, if multiple bridge-domains are deleted together, then sometimes Broadcom SDK
•
returns error Entry not found. This indicates that the resource is already freed up. PR1423308
On an ACX5448, the request system reboot command triggers a reboot on the host (Linux) instead of
•
just being limited to Junos OS. PR1426486
Traffic loss is seen if the configuration has /128 prefix routes and its limited to /128 only. This is due to
•
a known issue tracked in PR1445231. PR1429833
Any packets greater than the MTU size are accounted for as oversized packets. Packets exceeding MTU
•
sizes are not considered for Jabber check. PR1429923
The port LEDs glowing during system/vmhost halt state is the expected behavior across all ACX Series
•
platforms. Even the system LED glows during halt state. PR1430129
Packets dropped due to MTU checks in the output interface are not accounted for MTU errors. All
•
packets above MTU size are accounted for Oversized-packets in the input interface. PR1430446
Protocols get forwarded when using a nonexisting SSM map source address in IGMPv3 instead of pruning.
•
This is a day 1 design issue, and needs a design solution. PR1435648
24
On ACX5448 box, after issuing deactivate/activate "class-of-service", traffic drop might be seen.
•
PR1436494
In certain test conditions, it was observed that L2VPN at a scale of 16,000 had issues when all VPNs
•
were brought down and up. PR1439471
Recovery of Junos volume is not possible from the OAM menu. PR1446512
•
Drop profile maximum threshold might not be reached when the packet size is other than 1000 bytes.
•
This is due to the current design limitation. PR1448418
When an xe interface working in 1-Gigabit mode in ACX5448-D is added to a member link of an
•
aggregated Ethernet interface, the speed of the aggregated Ethernet interface is incorrectly shown as
10 Gbps. There is no functional impact. This is a display issue. PR1449887
It is not possible to form 125,000 IGMP groups with the ACX5448 router receiving 125,000 IGMP v2
•
reports per second. This is a product limitation from BCM and CPU host path queuing model. PR1454465
The issue is seen during unified ISSU to Junos OS Releases 20.1, 20.2, and 19.4. The upgrade is successful
•
but the forwarding plane (PFE) does not function. As a result, forwarding is affected. PR1483959
On ACX Series platforms with shaping configured, after deactivating and activating CoS the shaping
•
might not work and traffic drop would appear. PR1488935
In PTP environment some vendor devices acting as slave expecting announce messages at an interval
•
of -3 (8pps) from upstream master device. As of today announce message are configurable in range of
0 to 3. To support the above requirement engineering provided a hidden cli knob "set protocol ptp master
announce-interval -3". In the networks/design where we have this requirement. we can configure the
hidden cli otherwise regular cli which is in the range (0 to 3) can be configurable. Both the cli knobs are
mutually exclusive, commit error is expected if both are configured. This new change is applicable to
ACX platforms only excluding ACX5000. PR1507782
MPLS
The default behavior of local reversion has changed from Junos OS Release 16.1 and that impacts the
•
LSPs for which the ingress does not perform make-before-break. Junos OS does not perform
make-before-break for no-cspf LSPs. PR1401800
SEE ALSO
What's New | 11
What's Changed | 16
Known Limitations | 19
Resolved Issues | 25
Documentation Updates | 31
Migration, Upgrade, and Downgrade Instructions | 32
25
Resolved Issues
IN THIS SECTION
Resolved Issues: 19.2R3 | 26
Resolved Issues: 19.2R2 | 26
Resolved Issues: 19.2R1-S1 | 29
Resolved Issues: 19.2R1 | 30
Learn which issues were resolved in the Junos OS main and maintenance releases for ACX Series routers.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Resolved Issues: 19.2R3
General Routing
Policer discarded count is also shown incorrectly to the enq count of the interface-queue but traffic
•
behavior is fine as expected. PR1414887
ACX5448-D interfaces support: The input bytes value in the show interfaces extensive command output
•
is not at par with older ACX Series or MX Series devices. PR1430108
CoS: Egress queue statistics are not applicable to ae interfaces on ACX5048. PR1472467
•
ERP might not come up properly when MSTP and ERP are enabled on the same interface. PR1473610
•
Link does not come up when 100-Gigabit Ethernet is channelized to 4x25-Gigabit Ethernet interfaces.
•
PR1479733
During speed mismatch, QSFP28/QSFp+ the optics/cables might or might not work. PR1494600
•
Outbound SSH connection flap or memory leak issue might be observed during pushing configuration
•
to ephemeral DB with high rate. PR1497575
26
SFW sessions are not getting updated on ms interfaces in ACX500-i. PR1505089
•
PIC slot may be shut down less than 240 seconds because the over-temperature start time is handled
•
incorrectly. PR1506938
L2ALD crash is seen during stability test with traffic on scaled setup. PR1517074
•
MPLS
BGP session might keep flapping between two directly connected BGP peers because of the incorrect
•
TCP MSS (maximum segment size) in use. PR1493431
Routing Protocols
The BGP route-target family might prevent RR from reflecting Layer 2 VPN and Layer 3 VPN routes.
•
PR1492743
VPNs
The Layer 2 circuit neighbor might be stuck in RD state at one end of MG-LAG peer. PR1498040
•
Resolved Issues: 19.2R2
Class of Service (CoS)
The dfwd crash can be seen with the forwarding-class configuration in policers. PR1436894
•
General Routing
ACX5000 MacDrainTimeOut and bcm_port_update failed: Internal error. PR1284590
•
bcmDPC task is high even though Interupt START_BY_START flag set to 0. PR1329656
•
On an ACX Series router, the LED on a Gigabit Ethernet interface goes down when the 10-Mbps speed
•
is added. PR1385855
Link fault signaling (LFS) is not working on ACX5448 10/40/100GbE interfaces. PR1401718
•
Kernel memory leak in virtual-memory due to interface flaps (CVE-2020-1625). PR1407000
•
High CPU consumption for fxpc processes with class-of-service changes on AE interfaces. PR1407098
•
The optic comes with Tx enabled by default. As the port is administratively disabled, the port is stopped
•
but as the port has not been started, it does not disable Tx. PR1411015
ACX5448: 40G FEC on ACX5448 is default FEC is enabled need to align with our platforms MX/QFX
•
where FEC is NONE. PR1414649
ACX5448: BFD Timer values are not as per the configured 900ms with multiplier 3. The values are
•
showing 6.000 with multiplier 3 instead for most of the sessions. PR1418680
[ARP] ACX5448-D: 96000 ARPs are getting populated but only 47,000 next-hop entries are present.
•
Therefore, around 50% packet drop is observed. PR1426734
Drift messages in ACX2200, which is a PTP hybrid (PTP + Synchronous Ethernet) device. PR1426910
•
27
The chassisd process might crash with unsupported HCoS configuration when MX104 is used as the
•
fusion aggregation device. PR1430076
On ACX5448, upon reboot of an MC_LAG peer, when the peer comes up (but before hardware comes
•
up), there is a 10-20 second traffic hit on node1. PR1430910
ACX5448-D interface support: After chassis control restart, load balancing on the child interfaces of an
•
ae interface stops. PR1431206
The l2cpd process might crash and generate a core file when interfaces are flapping. PR1431355
•
ACX5448 might malfunction in encapsulating small packets if egress link is 40G or 100G. PR1434900
•
In ACX Series platforms, no-vrf-propagate-ttl might not work after the CoS configuration is deactivated
•
and then activated. PR1435791
LACP state might get stuck in 'Attached' state after disabling peer active members. PR1439268
•
Packet drop might be seen on an ACX Series platform when chained composite next hop is enabled for
•
L3VPN. PR1439317
Interface on ACX1100 remains down when using SFP-1FE-FX (740-021487). PR1439384
•
On ACX5448, DHCP packets are not transparent over Layer 2 circuit. PR1439518
•
When the interface is flapped between channelized configurations (25GbE to 100GbE), the AE interface
•
configuration is not cleaned up properly. PR1441374
ACX5448: Packet buffer error from Packet Forwarding Engine leading to memory leak when IGMP is
•
sent from NNI AC in Layer 2 circuit and VPLS. PR1442901
RED drops might be seen after link flaps or CoS configuration changes. PR1443466
•
ACX5448: The encapsulation flexible-vlan-tagging is not supported with the MPLS family; need to
•
provide commit error. PR1445046
ACX5448/18.3R1-S4.1 not performing proper dot1p CoS rewrite on interfaces configured with
•
l2circuit/local-switching/family ccc. PR1445979
In ACX Series routers, auto-exported routes between VRFs might not reply for ICMP echo requests.
•
PR1446043
Fans on an ACX5448-M might not be running at the correct speed. PR1448884
•
Layer 2 circuit with a backup-neighbor (hot-standby) configured might stop forwarding traffic after
•
failovers. PR1449681
Oper-state for et interface does not transition from 'init' to 'Normal'. PR1449937
•
FPC core files might be seen after changing the configuration of PTP or Synchronous Ethernet. PR1451950
•
Platforms: ACX5448-D interfaces support: After the 100-Gbps and 40-Gbps interfaces are disabled,
•
the Laser output power in show interfaces diagnostics optics shows some values. PR1452323
ACX5448 FPC crashed due to segmentation fault. PR1453766
•
28
Incorrect operating state displayed in SNMP trap for fan removal. PR1455577
•
ACX5048 SNMP polling will be stalled after a link flap or an SFP transceiver replacement, and
•
ACX_COS_HALP(acx_cos_gport_sched_set_strict_priority:987): Failed to detach logs will be seen.
PR1455722
ACX6360-OX: Enable the gigether option to configure Ethernet FEC on client ports. PR1456293
•
ACX5448-D and ACX5448-M devices do not display airflow information and temperature sensors as
•
expected. PR1456593
ACX5448 L2VPN with encapsulation-type ethernet stops passing traffic after a random port is added
•
with VLAN configuration. PR1456624
The rpd crash might be seen if a BGP route is resolved over the same prefix protocol next hop in an
•
inet.3 table that has both RSVP and LDP routes. PR1458595
Route resolution is not happening when the packet size is 10,000. PR1458744
•
Traffic might be silently dropped during link recovery in an open Ethernet access ring with ERPS
•
configured. PR1459446
ACX5000: SNMP MIB walk for jnxOperatingTemp not returning anything for FPC in new versions.
•
PR1460391
ACX5448-D interfaces and optics support: Sometimes, when the AE interfaces are brought up, there
•
are ARP resolution issues. PR1461485
On ACX Series platforms, the LLDP neighbor not up on a LAG after software upgrade to Junos OS
•
Release 18.2R3-S1. PR1461831
Memory leak on l2cpd process might lead to l2cpd crash. PR1469635
•
RED drop on interface even without any congestion. PR1470619
•
Egress queue statistics are not applicable to ae interface on model ACX5048. PR1472467
•
ERP might not come up properly when MSTP and ERP are enabled on the same interface. PR1473610
•
dcpfe core files are seen when disabling/enabling MACsec using Toby scripts. PR1479710
•
ACX5448 Layer 2 VPN with interface ethernet-ccc input-vlan-map/output-vlan-map can cause traffic
•
to be dropped silently. PR1485444
Interfaces and Chassis
Upgrade from releases before Junos OS Release 17.4R1 results in cfmd core files. PR1425804
•
MC-AE interface might show as unknown status if you are adding the subinterface as part of the VLAN
•
on the peer MC-AE node. PR1479012
Layer 2 Ethernet Services
DHCP request might get dropped in a DHCP relay scenario. PR1435039
•
29
Platform and Infrastructure
The REST API process becomes nonresponsive when a number of requests come at a high rate.
•
PR1449987
Routing Protocols
Export of loopback address to other VRF instances might not work on ACX Series, EX Series and QFX
•
Series platforms. PR1449410
MPLS LDP might still use stale MAC addresses of the neighbor even if the LDP neighbor's MAC address
•
changes. PR1451217
The rpd might crash continuously due to memory corruption in IS-IS setup. PR1455432
•
The routing protocol process (rpd) crashes while processing a specific BGP update information.
•
PR1448425
Receipt of certain genuine BGP packets from any BGP speaker causes rpd to crash. PR1497721
•
VPN
The l2circuit neighbor might be stuck in RD state at one end of MG-LAG peer. PR1498040
•
Resolved Issues: 19.2R1-S1
General Routing
Link Fault Signaling (LFS) do not work on ACX5448, ACX5410, ACX5440, and 100-Gigabit Ethernet
•
interfaces. PR1401718
In an ACX5448 platforms, when the Packet Forwarding Engine failed to allocate packet buffer, portion
•
of packet memories might not be free. PR1442901
Resolved Issues: 19.2R1
Class of Service (CoS)
The error message STUCK_BUFF : port_sp not empty for port 35 sp 1 pkts:1 is seen when a lag bundle
•
is configured with 64 lag links.. PR1346452
General Routing
The 1G copper module interface shows "Link-mode: Half-duplex". PR1286709
•
On an ACX ring topology, after link between ACX and MX flaps, VPLS RI on PE (MX) has no MAC of CE
•
over l2circuit. PR1360967
ACX5000: fpc0 (acx_rt_ip_uc_lpm_install:LPM route add failed error) Reason : Invalid parameter after
•
configuring lpm-profile. PR1365034
30
ACX5448: LIBCOS_COS_TVP_FC_INFO_NOT_FOUND: Forwarding-class information not specified"
•
prints while committing on configuration prompt. PR1376665
On ACX5448, channelized ET interface of 25-Gigabit interface will not come up after chassis-control
•
restart. PR1379288
ACX 5448:100 Gigabit link FEC enabled by default on 100G LR4. PR1389518
•
On ACX Series platforms, the forwarding-option dhcp-relay forward-only command stops working and
•
the DHCP packets are dropped. PR1392261
On ACX5048, RPM RFC 2544 benchmarking test failed to start. PR1395730
•
CFM adjacency is not going down with distinct intervals. PR1397883
•
Dynamic tunnels are not supported on ACX Series routers. PR1398729
•
VLAN tagged traffic arriving on VPLS interface might get dropped. PR1402626
•
ot/et interface is not created when invalid speed is configured. PR1403546
•
ACX 5448: TrTCM Policer configuration parameters are as per RFC4115. PR1405798
•
The show services inline stateful-firewall flow or show services inline stateful-firewall flow extensive
•
command might cause a memory leak. PR1408982
ACX Series routers drop DNS responses that contain an underscore. PR1410062
•
VPLS traffic might stop across ACX5000 with the aggregated Ethernet interface. PR1412042
•
Junos PCC might reject PCUpdate/PCCreate message if there is metric type other than type 2. PR1412659
•
Number of inet-arp policers implemented on ACX5000 has been increased from 16 to 64. PR1413807
•
Swap memory is not initialized on boot on ACX5048. PR1415898
•
Commit error while configuring firewall with term having log/syslog and accept actions. PR1417377
•
CoS table error can sometimes cause traffic outages and SNMP timeouts if the optic is plugged out and
•
inserted back. PR1418696
Slow copy image speed to ACX5448. PR1422544
•
SEE ALSO
What's New | 11
What's Changed | 16
Known Limitations | 19
Open Issues | 22
Documentation Updates | 31
Migration, Upgrade, and Downgrade Instructions | 32
31
Documentation Updates
IN THIS SECTION
Installation and Upgrade Guide | 31
This section lists the errata and changes in Junos OS Release 19.2R3 for the ACX Series documentation.
Installation and Upgrade Guide
Veriexec explained (ACX Series)—Verified Exec (also known as veriexec) is a file-signing and verification
•
scheme that protects the Junos operating system (OS) against unauthorized software and activity that
might compromise the integrity of your device. Originally developed for the NetBSD OS, veriexec was
adapted for Junos OS and enabled by default from Junos OS Release 7.5 onwards.
[See Veriexec Overview.]
SEE ALSO
What's New | 11
What's Changed | 16
Known Limitations | 19
Open Issues | 22
Resolved Issues | 25
Migration, Upgrade, and Downgrade Instructions | 32
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
Upgrade and Downgrade Support Policy for Junos OS Releases | 32
32
This section contains the upgrade and downgrade support policy for Junos OS for the ACX Series Router.
Upgrading or downgrading Junos OS might take several minutes, depending on the size and configuration
of the network.
For information about software installation and upgrade, see the Installation and Upgrade Guide.
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not
provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the
next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently
installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from
Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead
or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before
or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release
to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html.
For information about software installation and upgrade, see the Installation and Upgrade Guide.
SEE ALSO
What's New | 11
What's Changed | 16
Known Limitations | 19
Open Issues | 22
Resolved Issues | 25
Documentation Updates | 31
33
Junos OS Release Notes for EX Series Switches
IN THIS SECTION
What’s New | 34
What’s Changed | 41
Known Limitations | 44
Open Issues | 45
Resolved Issues | 49
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63
34
These release notes accompany Junos OS Release 19.2R3 for the EX Series. They describe new and
changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/product/en_US/junos-os.
What’s New
IN THIS SECTION
What’s New in Release 19.2R3 | 35
What’s New in Release 19.2R2 | 35
What’s New in Release 19.2R1-S1 | 36
What’s New in Release 19.2R1 | 36
Learn about new features introduced in the Junos OS main and maintenance releases for EX Series switches.
NOTE: The following EX Series switches are supported in Release 19.2R2: EX2300, EX2300-C,
EX3400, EX4300, EX4600-40F, EX4650, EX9200, EX9204, EX9208, EX9214, EX9251, and
EX9253.
What’s New in Release 19.2R3
There are no new features or enhancements to existing features for EX Series switches in Junos OS Release
19.2R3.
What’s New in Release 19.2R2
There are no new features or enhancements to existing features for EX Series switches in Junos OS Release
19.2R2.
35
What’s New in Release 19.2R1-S1
Routing Protocols
Decouple RSVP for IGP-TE (MX Series, PTX Series, ACX Series, QFX Series, SRX Series, and EX
•
Series)—Starting in Junos OS Release 19.2R1-S1, device can advertise selective traffic-engineering
attributes such as admin-color and maximum-bandwidth, without enabling RSVP, for segment routing
and interior gateway protocol (IGP) deployments.
What’s New in Release 19.2R1
Authentication, Authorization, and Accounting (AAA)
802.1X authentication (EX4650 switches)—Starting with Junos OS Release 19.2R1, EX4650 switches
•
support port-based network access control using 802.1X authentication as defined in the IEEE 802.1X
standard.
[See 802.1X for Switches Overview.]
36
Dynamic Host Configuration Protocol
Support for DHCP snooping and other access port security features on private VLANs (EX4300-MP
•
switches and Virtual Chassis)—Starting in Junos OS Release 19.2R1, you can enable DHCP snooping
for security purposes on access ports that are in a private VLAN (PVLAN). You can also protect those
ports with DHCP options, dynamic ARP inspection (DAI), IP source guard, and neighbor discovery
inspection.
[See Putting Access Port Security on Private VLANs.]
EVPN
Support for BFD, BGP, IS-IS, and OSPF on IRB interfaces in EVPN-MPLS networks (EX series)—Starting
•
with Junos OS Release 19.2R1, you can configure Bidirectional Forwarding Detection (BFD), BGP, IS-IS,
and OSPF routing protocols on the IRB interface in an EVPN-MPLS network to route and forward EVPN
traffic. This feature supports single-homed, single-active, and all-active multihomed networks.
[See EVPN with IRB Solution Overview.]
EVPN support of VLAN ID ranges and lists in service provider style interface configurations (EX9200
•
switches)—Starting in Junos OS Release 19.2R1, EX9200 switches, ACX5448 and MX Series routers,
and vMX virtual routers support the use of VLAN ID ranges and lists in a service provider style interface
configuration, which must be referenced in an EVPN routing instance. This configuration is supported
with the following EVPN environments, services, and features:
Environments:
•
EVPN with VXLAN encapsulation
•
EVPN with MPLS encapsulation
•
VLAN bundle service:
•
E-LAN
•
E-Tree
•
E-Line
•
Features:
•
EVPN multihoming:
•
All-active
•
Single-active
•
Singlehoming
•
[See VLAN ID Ranges and Lists in an EVPN Environment.]
Support for control word in EVPN-VPWS (EX9200 switches)—Starting with Junos OS Release 19.2R1,
•
Junos OS supports the insertion of a control word between the label stack and the MPLS payload in a
network with EVPN-VPWS service. This feature prevents a transit device from delivering out-of-order
packets as a result of the device’s load-balancing hashing algorithm. When you enable the control word
feature on a PE device, the PE device advertises support for a control word. If all the PE devices in an
EVI on the EVPN-VPWS serviced network support control word, then the PE device inserts a control
word between the label stack and the L2 header in the packet thus preventing the packet from being
misidentified by transit devices.
37
[See Control Word for EVPN-VPWS.]
JWeb
Support for EX4650 switches—Starting in Junos OS Release 19.2R1, you can use J-Web to configure,
•
monitor, and manage EX4650 switches.
To configure the EX4650 switch using the J-Web interface, you must connect the cable to the port
labeled CON on the rear panel of the switch.
NOTE: In J-Web, the chassis viewer displays only the standalone EX4650 switches view. It
does not display the Virtual Chassis configuration because the EX4650 switch does not support
the Virtual Chassis configuration.
[See Dashboard for EX Series Switches and Connecting and Configuring an EX Series Switch (J-Web
Procedure).]
Layer 2 Features
L2PT support (EX4300 multigigabit switches)—Starting with Junos OS Release 19.2R1, you can configure
•
Layer 2 protocol tunneling (L2PT) for the following protocols on EX4300 multigigabit switches
(EX4300-48MP models): CDP, E-LMI, GVRP, IEEE 802.1X, IEEE 802.3AH, LACP, LLDP, MMRP, MVRP,
STP (including RSTP and MSTP), UDLD, VSTP, and VTP.
38
[See Layer 2 Protocol Tunneling.]
Multicast
Support for multicast traffic counters (EX4300, EX4300-MP, EX4300 Virtual Chassis)—Starting with
•
Junos OS Release 19.2R1, you can use firewall filters to count packets and check the bandwidth of
multicast traffic received by a host from a particular source and group in a routing instance. To enable
this feature, include the multicast-statistics statement at the [edit system packet-forwarding-options]
hierarchy level. To check the packet count and bandwidth for each multicast route, use the show multicast
route extensive command.
[See multicast-statistics (system-packet forwarding).]
IGMP snooping with private VLANs (EX4300 multigigabit switches)—Starting in Junos OS Release
•
19.2R1, EX4300 multigigabit switches (EX4300-48MP models) support IGMP snooping with private
VLANs (PVLANs). A PVLAN consists of secondary isolated and community VLANs configured within a
primary VLAN. Without IGMP snooping support on the secondary VLANs, switches receive multicast
streams on a primary VLAN and flood them to the secondary VLANs. This feature extends IGMP snooping
on a primary VLAN to its secondary VLANs to further constrain multicast streams only to interested
receivers on PVLANs. When you enable IGMP snooping on a primary VLAN, you implicitly enable it on
all secondary VLANs, and the secondary VLANs learn the multicast group information on the primary
VLAN.
NOTE: Ports in a secondary VLAN cannot be used as IGMP multicast router interfaces.
Secondary VLANs can receive multicast data streams ingressing on promiscuous trunk ports
or inter-switch links acting as multicast router interfaces.
[See IGMP Snooping Overview.]
Network Management and Monitoring
Support for displaying valid user input in the CLI for command options and configuration statements
•
in custom YANG data models (EX Series)—Starting in Junos OS Release 19.2R1, the CLI displays the set
of possible values for a given command option or configuration statement in a custom YANG data model
when you include the action-expand extension statement in the option or statement definition and
reference a script that handles the logic. The action-expand statement must include the script child
statement, which defines the Python action script that is invoked when a user requests context-sensitive
help in the CLI for the value of that option or statement.
[See Displaying Valid Command Option and Configuration Statement Values in the CLI for Custom YANG
Modules.]
39
Port Security
Stateless address autoconfiguration (SLAAC) snooping (EX2300, EX3400, EX4300, and Virtual
•
Chassis)—Starting in Junos OS Release 19.2R1, Junos OS supports SLAAC snooping on EX2300, EX2300
VC, EX3400, EX3400 VC, EX4300, and EX4300 VC. IPv6 clients using SLAAC for dynamic address
assignment are validated against the SLAAC snooping binding table before being allowed access to the
network.
[See IPv6 Stateless Address Autoconfiguration (SLAAC) Snooping.]
Fallback PSK for Media Access Control Security (MACsec) (EX Series)—Starting in Junos OS Release
•
19.2R1, fallback PSK for MACsec is supported on EX Series routers that support MACsec. The fallback
PSK provides functionality to establish a secure session in the event that the primary PSKs on each end
of a MACsec-secured link do not match.
[See Configuring MACsec on EX, SRX and Fusion Devices.]
Support for 802.1X authentication on private VLANs (PVLANs) (EX4300-48MP switches and Virtual
•
Chassis)—Starting in Junos OS Release 19.2R1, you can enable 802.1X (dot1x) authentication for security
purposes on access ports that are in a PVLAN.
PVLANs provide Layer 2 isolation between ports within a VLAN, splitting a broadcast domain into multiple
discrete broadcast subdomains by creating secondary VLANs. PVLANs are useful for restricting the flow
of broadcast and unknown unicast traffic and for limiting the communication between known hosts.
Authentication prevents unauthenticated devices and users from gaining access to your LAN. For 802.1X
and MAC RADIUS authentication, end devices must be authenticated before they receive an IP address
from a DHCP server.
On a switch that is configured with both 802.1X authentication and PVLANs, when a new device is
attached to the PVLAN network, the device is authenticated and then is assigned to a secondary VLAN
based on the PVLAN configuration or RADIUS profile. The device then obtains an IP address and receives
access to the PVLAN network.
[See Using 802.1X Authentication and Private VLANs Together on the Same Interface.]
Media Access Control security with 256-bit cipher suite (EX4300)—Starting in Junos OS Release 19.2R1,
•
the GCM-AES-256 cipher suite for MACsec in static CAK mode is supported on the 2-port QSFP+/1-port
QSFP28 uplink module for EX4300-48MP switches. The GCM-AES-256 cipher suite has a maximum
key length of 256 bits and is also available with extended packet numbering (GCM-AES-XPN-256).
[See Understanding Media Access Control Security (MACsec).]
Support for MACsec PSK keychain (EX9253)—Starting in Junos OS Release 19.2R1, EX9253 switches
•
support MACsec PSK chains hitless rollover and Key Agreement Protocol Fail Open mode.
[See Configuring MACsec on EX, SRX and Fusion Devices.]
System Management
40
Support for transferring accounting statistics files and router configuration archives using HTTP URL
•
(EX Series)—Starting in Junos OS Release 19.2R1, you can transfer accounting statistics files and router
configuration archives to remote servers by using an HTTP URL. In addition to SCP and FTP, the following
HTTP URL will be supported under the archive-sites statement:
http://username@host:url-path password password
To transfer accounting statistics files, configure archive-sites under [edit accounting-options file
•
<filename>] hierarchy.
To transfer router configuration archival, configure archive-sites under edit system archival
•
configuration hierarchy.
To view the statistics of transfer attempted, succeeded, and failed, use the show accounting server
•
statistics archival-transfer command.
To clear the statistics of transfer attempted, succeeded, and failed, use the clear accounting server
•
statistics archival-transfer command.
[See archive-sites, Backing Up Configurations to an Archive Site, show accounting server statistics
archival-transfer, and clear accounting server statistics archival-transfer].
SEE ALSO
What’s Chnaged | 41
Known Behavior | 44
Open Issues | 45
Resolved Issues | 49
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63
What’s Changed
IN THIS SECTION
What’s Changed in Release 19.2R3 | 41
What’s Changed in Release 19.2R2 | 41
What’s Changed in Release 19.2R1 | 43
41
Learn about what changed in Junos OS main and maintenance releases for EX Series.
What’s Changed in Release 19.2R3
Juniper Extension Toolkit (JET)
Set the trace log to only show error messages (ACX Series, EX Series, MX Series, PTX Series, QFX
•
Series, SRX Series)— You can set the verbosity of the trace log to only show error messages using the
error option at the edit system services extension-service traceoptions level hierarchy.
See traceoptions (Services).
What’s Changed in Release 19.2R2
Interfaces and Chassis
Support for creating Layer 2 logical interfaces independently (ACX Series, EX Series, MX Series, PTX
•
Series, and QFX Series)—In Junos OS Releases 18.4R1, 18.4R2, 19.1R1, 19.1R2, 19.2R2, and later, EX
Series switches support creating Layer 2 logical interfaces independent of the Layer 2 routing-instance
type. That is, you can configure and commit the Layer 2 logical interfaces separately and add the interfaces
to the bridge domain or Ethernet VPN (EVPN) routing instance separately. Note that the Layer 2 logical
interfaces work fine only when they are added to the bridge domain or EVPN routing instance.
In earlier Junos OS releases, when you use a Layer 2 logical interface configuration (units with
encapsulation vlan-bridge configuration), then you must add the logical interface as part of a bridge
domain or EVPN routing instance for the commit to succeed.
Logical Interface is created along with physical Interface by default (EX Series, MX Series, and QFX
•
Series)—In Junos OS Release 19.2R2 and later, logical interface is created on ge, et, xe interfaces along
with the physical interface, by default. In earlier Junos OS Releases, by default, only physical interfaces
are created.
For example, for ge interfaces, earlier when you view the show interfaces command, by default, only
the physical interface (ge-0/0/0), is displayed. Now, the logical interface (ge-0/0/0.16386) is also
displayed.
42
Layer 2 Feature
input-native-vlan-push (EX2300, EX3400, EX4600, EX4650, and the QFX5000 line of switches)—In
•
Junos OS Release 19.2R2, we have introduced the configuration statement input-native-vlan-push at
the [edit interfaces interface-name] hierarchy level. You can use this statement in a Q-in-Q tunneling
configuration to enable or disable whether the switch inserts a native VLAN identifier in untagged frames
received on the C-VLAN interface, when the configuration statement input-vlan-map with a push
operation is configured.
[See input-native-vlan-push.]
Multicast
Multicast Layer 2 transit traffic statistics by multicast source and group (EX4600, EX4650, and the
•
QFX5000 line of switches)—Starting in Junos OS Release 19.2R2, EX4600, EX4650, and the QFX5000
line of switches provide statistics on the packet count for each multicast group and source when passing
multicast transit traffic at Layer 2 with IGMP snooping. Run the show multicast snooping route extensive
CLI command to see this count in the Statistics: … n packets output field. The other statistics in that
output field, kBps and pps, are not available (values displayed there are not valid statistics for multicast
traffic at Layer 2). In earlier Junos OS releases, all three values in the Statistics output field for kBps,
pps, and packets do not provide valid statistics for multicast traffic at Layer 2.
43
[See show multicast snooping route.]
Routing Protocols
XML RPC equivalent included for the show bgp output-scheduler | display xml rpc CLI command (ACX
•
Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release
19.2R2, we have included an XML RPC equivalent for the show bgp output-scheduler | display xml rpc
CLI command. In Junos OS releases before Release 19.2R2, the show bgp output-scheduler | display
xml rpc CLI command does not have an XML RPC equivalent.
[See show bgp output-scheduler.]
What’s Changed in Release 19.2R1
Interfaces and Chassis
Deprecation of the [edit fabric protocols bgp] hierarchy level (EX Series)—Starting in Junos OS Release
•
19.2R1, the [edit fabric protocols bgp] hierarchy level is deprecated.
Network Management and Monitoring
The show system schema command and <get-yang-schema> RPC require specifying an output directory
•
(EX Series)—Starting in Junos OS Release 19.2R1, when you issue the show system schema operational
mode command in the CLI or execute the <get-yang-schema> RPC in a remote session to retrieve
schema files, you must specify the directory in which to generate the output files by including the
output-directory command option in the CLI or the <output-directory> element in the RPC. In earlier
releases, you can omit the output-directory argument when requesting a single module to display the
module in standard output.
Custom YANG RPC support for input parameters of type empty (EX Series)—Starting in Junos OS
•
Release 19.2R1, custom YANG RPCs support input parameters of type empty when executing the RPC’s
command in the Junos OS CLI, and the value passed to the action script is the parameter name. In earlier
releases, input parameters of type empty are only supported when executing the RPC in a NETCONF
or Junos XML protocol session, and the value passed to the action script is the string 'none'.
[See Creating Action Scripts for YANG RPCs on Devices Running Junos OS.]
VLAN Infrastructure
Specifying a descending VLAN ID range (EX9200 switches)—In Junos OS releases prior to Junos OS
•
Release 19.2R1, the system accepts a descending range—for example, 102-100, with the vlan-id-range
configuration statement in the [edit interfaces interface-name unit logical-unit-number] hierarchy.
Starting with Junos OS Release 19.2R1, the system considers a descending range specified with
vlan-id-range to be invalid and raises an error if you try to commit this configuration.
44
SEE ALSO
What’s New | 34
Known Behavior | 44
Open Issues | 45
Resolved Issues | 49
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63
Known Limitations
IN THIS SECTION
EVPN | 45
Platform and Infrastructure | 45
Learn about known limitations in this release for EX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
EVPN
Commit blocks for VLAN-ID none with EVPN routing-instance and without routing-instance. PR1287557
•
Platform and Infrastructure
On the EX4300 device, multicast traffic statistics do not get tracked for active s,g route streams even
•
after all the 512 routes get timed out and programmed filter entries are cleared. PR1419926
With 288000 MAC scale, the Routing Engine command output shows the learned scale entries after a
•
delay of around 60 seconds. PR1367538
Unable to ping peer IP over MACsec with AES-256 cipher suite. PR1416499
•
Memory spike or leakage is seen after the image upgrades to Junos OS Release 19.2R1.8 in a mixed
•
mode Virtual Chassis. PR1464062
45
The following error message might appear: Failed to complete DFE tuning. This error message has no
•
functional impact and can be ignored. PR1473280
SEE ALSO
What’s New | 34
What’s Chnaged | 41
Open Issues | 45
Resolved Issues | 49
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63
Open Issues
IN THIS SECTION
Authentication and Access Control | 46
Infrastructure | 46
Interfaces and Chassis | 47
Junos Fusion for Enterprise | 47
Layer 2 Features | 47
Network Management and Monitoring | 47
Platform and Infrastructure | 47
Routing Protocols | 48
Learn about the open issues in hardware and software in Junos OS Release 19.2R3 for EX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Authentication and Access Control
46
The lldpd process might crash when the LLDP neighbor expires. PR1408707
•
After reboot, the SSL certificates are not present. PR1431086
•
Infrastructure
Some PIM groups are not able to send out native multicast traffic. PR1209585
•
On the EX3400 and EX2300 devices during ZTP with configuration and image upgrade with FTP as file
•
transfer, image upgrade is successful but sometimes VM generates core files. PR1377721
Switch encapsulate protocol PDUs even if it is not configured for the Layer 2 PT tunneling. PR1395638
•
The dot1x authentication might fail to be authenticated. PR1408717
•
Error messages are seen at (pkt tx) ifd get failed 700 ,(brcm_port_learning_config:1375) Setting L2
•
learning unit:0, port_num:68, learn_flg 5, Disabling DHCP trapping on xe-0/0/40 dev:0, port:68 &
routing_chip_output_packet:8001 (pkt tx) ifd get failed 700. PR1422402
The FPC crashes with pfem generating core file might be seen if large-scale number of firewall filters
•
are configured. PR1434927
The following error message is observed: IFDE: Null uint32 set vector, ifd and IFFPC: 'IFD Ether uint32
•
set' (opcode 151) failed continuously in AD with base configurations. PR1485038
Interfaces and Chassis
The GRES and VSTP ports cost on the aggregated Ethernet interfaces might get changed, leading to
•
topology change. PR1174213
Traffic convergence is greater than 12 seconds for events like node reboot, ICCP and ICL flaps.
•
PR1371493
Junos Fusion for Enterprise
On the Junos fusion environment system, intermediate traffic drop is seen between AD and SD when
•
sFlow is enabled on the ingress interface. PR1450373
Layer 2 Features
GARPs are being sent from the switch once in every 10 minutes. PR1192520
•
47
Network Management and Monitoring
The Packet Forwarding Engine process might crash in scenarios where there are large log messages.
•
PR1233050
Platform and Infrastructure
On the EX2300 and EX3400 devices, the upgrade might fail because of the shortage of space. PR1464808
•
When 3000 ARPs are pushed to the EX Series switch with DAI enabled, the ARP inspection fails for
•
valid hosts. PR1165757
On the EX2300 device, the last reboot reason might display wrong values. PR1331264
•
On the EX4650 device, the filter action to change VLAN does not work. PR1362609
•
The EX4300 device might not update the dhcp-security binding upon renewal when the loopback filter
•
and DHCP-security configuration are used together. PR1376454
In the EX9208 device, a few xe interfaces go down with the following error message:
•
f_msg_ifd_cmd_tlv_decode ifd xe-0/0/0 #190 down with ASIC Error. PR1377840
MACsec session might fail to reestablish after the interface flaps. PR1378710
•
DCPFE does not come up in some instances of abrupt power-off or power-on. PR1393554
•
The following error message is observed after multiple triggers: JTASK_IO_CONNECT_FAILED.
•
PR1408995
Traffic loss of approximately 26-32 seconds is observed after restarting the routing daemon on the
•
EX9200 device with the MC-LAG configurations. PR1409773
uRPF in strict mode does not work. PR1417546
•
Committing the configurations that involve the interface-range defined over wild-card range such as
•
ge-*/*/* are not supported. PR1421446
IGMP transit query packets might not be flooded on VLAN. PR1427542
•
On the EX9214 device, the following error message are observed after reboot and MACsec-enabled
•
link flaps: errorlib_set_error_log(): err_id(-1718026239). PR1448368
In some cases, if we have an OSPF session on the IRB over LAG interface with 40-Gigabit Ethernet port
•
as member, the session gets stuck in restart. PR1498903
On the EX4600 device with VXLAN enabled, the ARP request might get dropped if the storm control is
•
configured. PR1515254
Routing Protocols
48
Packet loss is observed for the stream bLock:irb_lacp_tr_ospf while verifying traffic from access to core
•
network for IPv4. PR1520059
SEE ALSO
What’s New | 34
What’s Chnaged | 41
Known Behavior | 44
Resolved Issues | 49
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63
Resolved Issues
IN THIS SECTION
Resolved Issues: 19.2R3 | 49
Resolved Issues: 19.2R2 | 51
Resolved Issues: 19.2R1 | 59
This section lists the issues fixed in the Junos OS main release and the maintenance releases.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
49
Resolved Issues: 19.2R3
Authentication and Access Control
On the EX4600 and EX4300 switches, MAC entry is not present in the Ethernet-Switching table for the
•
MAC-RADIUS client in a server fail scenario when tagged traffic is sent for two clients. PR1462479
On the EX2300-48MP switch, client does not receive the captive-portal success page by downloading
•
the ACL parameter, because the authentication failed. PR1504818
The DOT1XD_AUTH_SESSION_DELETED event is not triggered with a single supplicant mode.
•
PR1512724
EVPN
The ESI of IRB interfaces does not update after autonomous-system number change if the interface is
•
down. PR1482790
The l2ald memory leakage might be observed in any EVPN scenario. PR1498023
•
The VXLAN function might be broken due to a timing issue. PR1502357
•
Infrastructure
On the EX2300 and EX3400 switches, kernel might generate core file when deactivating daemon.
•
PR1483644
Junos Fusion Satellite Software
On the EX4300 in Junos fusion scenario, temperature sensor alarm is observed. PR1466324
•
Layer 2 Ethernet Services
Issues with DHCPv6 Relay processing confirm and reply packets are observed. PR1496220
•
MPLS
BGP session might keep flapping between two directly connected BGP peers because of the use of
•
wrong TCP MSS (maximum segment size). PR1493431
Platform and Infrastructure
MAC learning under bridge-domain stops after MC-LAG interface flaps. PR1488251
•
Packets get dropped when next hop is IRB over lt interface. PR1494594
•
50
On the EX4300 switches, the NSSU upgrade might fail due to storage issue on the /var/tmp directory.
•
PR1494963
IPv6 neighbor solicitation packets might be dropped in a transit device. PR1493212
•
On the EX4300 device, traffic loss might be seen with framing errors or runts if MACsec is configured.
•
PR1502726
On the EX9200 device, IRB over VTEP unicast traffic might get dropped. PR1436924
•
On the EX4300, EX3400, and EX2300 Virtual Chassis with NSB and xSTP enabled, continuous traffic
•
loss might be observed while performing GRES. PR1500783
On the EX4600 device, traffic loss might be seen with framing errors or runts if MACsec is configured.
•
PR1469663
On the EX4600 device, DSCP marking might not work as expected if the fixed classifiers are applied to
•
interfaces. PR1472771
ERP might not come up properly when MSTP and ERP are enabled on the same interface. PR1473610
•
MPCs might stop when there is bulk route update failure in a corner case. PR1478392
•
DHCP binding might fail when the PVLAN is configured with a firewall to block or allow certain IPv4
•
packets. PR1490689
On the EX4650 switch, traffic loss might be seen under MC-LAG scenario. PR1494507
•
Outbound SSH connection flaps or leaks memory during push configuration to ephemeral database with
•
high rate. PR1497575
Traffic might get dropped if the aggregated Ethernet member interface is deleted or added, or a SFP of
•
the aggregated Ethernet member interface is unplugged or plugged. PR1497993
LLDP is not acquired when native-vlan-id and tagged VLAN-ID are the same on a port. PR1504354
•
Routing Protocols
The BGP route-target family might prevent RR from reflecting Layer 2 VPN and Layer 3 VPN routes.
•
PR1492743
Resolved Issues: 19.2R2
Class of Service (CoS)
Shaping does not work after the reboot if shaping-rate is configured. PR1432078
•
The traffic is placed in network-control queue on an extended port even if it comes in with a different
•
DSCP marking. PR1433252
EVPN
51
EVPN or MPLS IRB logical interfaces might not come up when local Layer 2 interfaces are down.
•
PR1436207
Configuring ESI on a single-homed 25-Gigabit Ethernet port might not work. PR1438227
•
An ARP request or a Neighbor Solicitation message might be sent back to the local segment by the
•
designated forwarder (DF) router. PR1459830
The rpd might crash after the EVPN-related configuration is changed. PR1467309
•
Forwarding and Sampling
Enable interface with input/output vlan-maps to be added to a routing instance configured with a VLAN
•
ID or VLAN tags (instance type virtual-switch/vpls). PR1433542
The l2ald process might experience memory leak on devices running Junos OS. PR1455034
•
Type 1 ESI/AD route might not be generated locally on EVPN PE devices in all-active mode. PR1464778
•
General Routing
Transit OSPF traffic over Q-in-Q tunneling might be dropped if a firewall filter is applied to loopback
•
interface. PR1355111
The l2ald process might crash and generate a core file on EX Virtual Chassis when converting a trunk
•
port to dot1x access port with tagged traffic flowing. PR1362587
The interface on a failed member FPC of EX2300 and EX3400 Virtual Chassis might stay up for 120
•
seconds. PR1422507
IPv6 multicast traffic received on one Virtual Chassis member might be dropped when exiting through
•
another Virtual Chassis member if MLD snooping is enabled. PR1423310
The MAC address pool might overlap between different switches. PR1425123
•
Virtual Chassis split is seen after the network topology is changed. PR1427075
•
The fxpc or the Packet Forwarding Engine process might crash on EX2300 and EX3400 switches.
•
PR1427391
Rebooting or halting a Virtual Chassis member might cause traffic on the RTG link to be down for about
•
30 seconds. PR1427500
The l2ald process crashes after the dot1x configuration is deleted when dot1x and private VLAN (PVLAN)
•
are enabled simultaneously on EX Series and QFX Series switches. PR1428469
A client might fail to get an IP address from the DHCPv6 server. PR1428769
•
The delay in transmission of BPDUs after GRES might result in loss of traffic on EX2300 and EX3400
•
Virtual Chassis. PR1428935
The EX4300-48MP switch cannot learn MAC addresses through some access ports that are directly
•
connected to a host when auto negotiation is used. PR1430109
Disabling DAC QSFP ports might not work on MX204, MX10003, or EX9251. PR1430921
•
52
Erroneous log messages and chassis environment output related to fan tray in EX4300MP-EX4300-48P
•
Virtual Chassis. PR1431263
The l2cpd process might crash and generate a core file when interfaces are flapping. PR1431355
•
Packet drop might be seen if native VLAN is configured along with flexible VLAN tagging. PR1434646
•
Micro BFD-session might flap upon inserting a QSFP transceiver into another port. PR1435221
•
Traffic drop might be seen after MACsec session key rollover between primary and fallback for more
•
than ten times. PR1435277
The multichassis aggregated Ethernet (mc-ae) interface might get stuck in the Waiting state in a dual
•
mc-ae scenario. PR1435874
i40e NVM upgrade support for EX9200 platform. PR1436223
•
The Gigabit Ethernet or multigigabit Ethernet SFP-T interface might not come up on EX2300, EX3400,
•
and EX4300 switches. PR1438078
Commit check error for VSTP on EX9200 switches: xSTP:Trying to configure too many interfaces for
•
given protocol.PR1438195
LED turns on even after the Virtual Chassis members are powered off. PR1438252
•
The DHCP Snooping table might be cleared for VLAN ID 1 after adding a new VLAN ID to it. PR1438351
•
The rpd might crash during the booting process in certain conditions. PR1438597
•
The dot1x configuration might not work when captive port is also configured on the interface on a
•
backup or non-master FPC. PR1439200
LACP state might get stuck in Attached state after disabling peer active members. PR1439268
•
On EX9200 DHCPv6 relay scenario, when DHCPv6 snooping and Neighbor Discovery Inspection (NDI)
•
are enabled simultaneously on an IRB interface, the DHCPv6 relay binding does not come up. PR1439844
The EX4600 and QFX5100 Virtual Chassis might not come up after you replace the Virtual Chassis port
•
fiber connection with a DAC cable. PR1440062
CPU might hang or an interface might be stuck down on a particular 1-Gigabit Ethernet port on MX
•
Series, EX Series, and PTX Series devices. PR1440526
MAC addresses learned on an RTG might not be aged out after a Virtual Chassis member is rebooted.
•
PR1440574
Clients in isolated VLANs might not get IP addresses after completing authentication when both
•
dhcp-security and dot1x are configured. PR1442078
EX3400 fan alarm (Fan X not spinning) appears and disappears repeatedly after the fantray (Absent) is
•
removed. PR1442134
The rpd might crash when BGP sends a notification message. PR1442786
•
DHCPv6 client might fail to get an IP address. PR1442867
•
53
The port role might be incorrect in STP after the STP configuration is changed. PR1443489
•
The /var/host/motd does not exist message is flooded every 5 seconds in chassisd logs. PR1444903
•
On EX4300-MP, the following log message is generated continuously: rpd[6550]: task_connect: task
•
AGENTD I/O.128.0.0.1+9500 addr 128.0.0.1+9500: Connection refused. PR1445618
Major alarm log messages are seen for temperature conditions at 56 degrees Celsius. PR1446363
•
The traffic might be dropped when a firewall filter rule uses then vlan as the action in a Virtual Chassis
•
scenario. PR1446844
Phone home on EX Series devices because sysctl cannot read the device serial number. PR1447291
•
EX3400 Virtual Chassis might go into hang state when a disk error occurs on EX3400. PR1447853
•
Unicast ARP requests are not replied to with the no-arp-trap option. PR1448071
•
On EX3400, IPv6 routes received through BGP do not show the correct age time. PR1449305
•
Except one aggregated Ethernet member link, the other links do not send out sFlow sample packets for
•
ingress traffic. PR1449568
Tunneling encapsulated packets are dropped on the Layer 3 VPN MPLS PE-CE interface. PR1451032
•
DHCP snooping static binding does not take effect after deleting and re-adding the entries. PR1451688
•
The MAC pause frames will be incrementing in the Receive direction if half-duplex mode on 10-Mbps
•
or 100-Mbpa speed is configured. PR1452209
The l2ald and eventd processes are hogging 100 percent CPU after the clear ethernet-switching table
•
command is issued. PR1452738
Configuration change in VLAN all option might affect the per-VLAN configuration. PR1453505
•
Version compare in PHC might fail, making the PHC to download the same image. PR1453535
•
You might not be able to apply a firewall filter in a particular VC/VCF member as TCAM space runs out.
•
PR1455177
Packet drop might be seen after removing and reinserting the SFP transceiver of the 40-Gigabit uplink
•
module ports. PR1456039
Link-up delay and traffic drop might be seen on mixed SP Layer 2 or Layer 3 and EP Layer 2 type
•
configurations. PR1456336
The syslog message timeout connecting to peer database-replication is generated when the show
•
version detail command is issued. PR1457284
Overtemperature SNMP trap messages are displayed after the software upgrade and update even though
•
the temperatures are within the system thresholds. PR1457456
The correct VoIP VLAN information in LLDP-MED packets might not be sent after commit if dynamic
•
VoIP VLAN assignment is used. PR1458559
The fxpc process might crash due to several BGP IPv6 session flaps. PR1459759
•
54
Storage space limitation leads to image installation failure when phone home is used on EX2300 and
•
EX3400 platforms. PR1460087
MAC addresses learned on an RTG might not be aged out after aging time. PR1461293
•
RTG link faces nearly 20 seconds downtime when the backup node is rebooting. PR1461554
•
Configuring any combination of VLANs and interfaces under VSTP/MSTP might cause VSTP/MSTP-related
•
configurations that cannot be committed. PR1463251
The Virtual Chassis function might be broken after upgrading on EX2300 and EX3400 switches.
•
PR1463635
On EX Series switches with ELS and on QFX Series switches, some command lines to disable MAC
•
learning are not working. PR1464797
The jdhcpd might consume high CPU and no further subscribers can be brought up if more than 4000
•
DHCP-relay clients in the MAC-MOVE scenario. PR1465277
The fxpc might crash after mastership election on EX2300 and EX3400 switches. PR1465526
•
The broadcast and multicast traffic might be dropped over IRB or LAG interfaces in QFX Series and EX
•
Series Virtual Chassis scenario. PR1466423
The MAC move message might have an incorrect from interface when rapid MAC moves occurs.
•
PR1467459
In EX3400 FPCs get disconnected from Virtual Chassis briefly after the image upgrades or reboots.
•
PR1467707
Optics measurements might not be streamed for interfaces of a PIC over JTI. PR1468435
•
FPC might be down when configuring vxlan-routing. PR1468736
•
On the EX3400, traffic loss is observed between SFP-T connected interfaces because of auto negotiation
•
failure. PR1469750
EX3400 is advertising only 100 Mbps when configured with 100-Mbps speed with auto negotiation
•
enabled. PR1471931
The shaping of CoS does not work after reboot. PR1472223
•
The RIPv2 packets forwarded across a Layer 2 circuit connection might be dropped. PR1473685
•
The dhcpd process might crash in a Junos fusion environment. PR1478375
•
TFTP installation from loader prompt might not succeed on the EX Series switches. PR1480348
•
ARP request packets for unknown hosts might get dropped in the remote PE device in an EVPN-VXLAN
•
scenario. PR1480776
On the EX2300 Series, the SNMP traps are not generated when MAC addresses when the limit is reached.
•
PR1482709
Infrastructure
55
The operations on the console might not work if the system ports console log-out-on-disconnect
•
configuration statement is configured. PR1433224
On the EX4300 Series, the CLI configuration on-disk-failure is not supported. PR1450093
•
Certain EX Series switches might panic and generate VM core files, leading to reboot. PR1456668
•
Error messages related to soft reset of ports due to queue buffers being stuck could be seen on EX4600
•
and EX4300 Virtual Chassis. PR1462106
Traffic drop is seen on an EX4300-48MP device that acts as a leaf node in a Layer 2 IP fabric
•
EVPN-VXLAN environment. PR1463318
Continuous dcpfe error messages and eventd process hog might be seen in an EX2300 Virtual Chassis
•
scenario. PR1474808
Interfaces and Chassis
On EX9200 devices, an unexpected duplicate VLAN-ID commit error might be seen. PR1430966
•
The VRRP IPv6 state might flap between init and idle states after VLAN tagging is configured. PR1445370
•
Traffic might be forwarded to wrong interfaces in an MC-LAG scenario. PR1465077
•
Executing commit might hang because of a stuck dcd process. PR1470622
•
J-Web
Some error messages might be seen when using J-Web. PR1446081
•
Junos Fusion for Enterprise
Reachability of the host connected to the satellite device might be affected in a Junos fusion for enterprise
•
environment with EX9200 Series switches as aggregation devices. PR1447873
Loop detection might not work on extended ports in a Junos fusion scenario. PR1460209
•
Layer 2 Features
Ethernet ring protection switching (ERPS) nodes might not converge to the Idle state after failure recovery
•
or reboot. PR1431262
Physical layer and MAC/ARP learning might not work for copper base SFP-T transceivers on QFX5100,
•
QFX5110, and EX4600. PR1437577
The traffic leaving QFX5000 and EX4600 switches might not be properly load balanced over aggregated
•
Ethernet interfaces. PR1448488
The LLDP function might fail when a Juniper Networks device connects to a non-Juniper device.
•
PR1462171
An fxpc core file might be seen when committing the configuration all together. For example, after a
•
reboot PR1467763
Traffic might be affected if composite next hop is enabled. PR1474142
•
56
Layer 2 Ethernet Services
The DHCP decline packets are not forwarded to the DHCP server when forward-only is set within DHCP
•
reply. PR1429456
The jdhcpd_era log files constantly consume 121 MB of space out of 170 MB, resulting into a full file
•
system traffic impact. PR1431201
DHCP request might get dropped in a DHCP relay scenario. PR1435039
•
In EX9200 switches, DHCP relay is stripping the GIADDR field in messages toward the DHCP clients.
•
PR1443516
Platform and Infrastructure
LACP DDoS policer is incorrectly triggered by other protocol- traffic on all EX9200, T4000, and MX
•
Series platforms. PR1409626
On the EX4300-48MP running Junos OS Release 18.3R1.9, overtemperature SNMP trap is generated
•
wrongly for line card (EX4300-48P) based on master Routing Engine (EX4300-48MP) temperature
threshold value. PR1419300
On the EX4300, the runt counter never increments. PR1419724
•
SNMP (ifHighSpeed) value does not appear properly only for VCP interfaces; , it appears as zero.
•
PR1425167
Packet drops, replication failure, or ksyncd crashes might be seen on the logical system of a device
•
running Junos OS after Routing Engine switchover. PR1427842
IPv6 traffic might be dropped when static /64 IPv6 routes are configured. PR1427866
•
EX4300 does not drop FCS frames with CRC error on xe- interfaces. PR1429865
•
Unicast ARP requests are not replied with the no-arp-trap option. PR1429964
•
EX4300 without soft error recovery (parity check, correction and memscan) enabled. PR1430079
•
The device might not be accessible after the upgrade. PR1435173
•
An FPC/pfex crash might be observed due to DMA buffer leaking. PR1436642
•
The /var/db/scripts directory might be deleted after the request system zeroize command is executed.
•
PR1436773
The laser TX might be enabled while the interface is disabled PR1445626
•
The PoE might not work after the PoE firmware on EX4300 switches is upgraded. PR1446915
•
The firewall filters might not be created due to TCAM issues. PR1447012
•
NSSU causes a traffic loss after the backup-to-master transitions. PR1448607
•
The Errors on certain MPCs are classified as major, which should be minor or non-fatal. PR1449427
•
The REST API process becomes nonresponsive when a number of requests come at a high rate.
•
PR1449987
57
The IRB traffic might drop after a mastership switchover. PR1453025
•
The traffic for some VLANs might not be forwarded when vlan-id-list is configured. PR1456879
•
The OSPF neighbor might go down when mDNS or PTP traffic is received at a rate higher than 1400
•
pps. PR1459210
ERP might not revert to the Idle state after reload or reboot of multiple switches. PR1461434
•
Traffic loss might be observed longer than 20 seconds when performing NSSU on EX4300 Virtual Chassis.
•
PR1461983
IGMP reports are dropped with mixed enterprise/SP configuration styles on EX4300 switches. PR1466075
•
The switch might not be able to learn MAC addresses with dot1x and interface-mac-limit configured.
•
PR1470424
On an EX4300, the input firewall filter attached to isolated or community VLANs is not matching dot1p
•
bits on the VLAN header. PR1478240
The Virtual Chassis VRRP peer drops packets to VRRP VIP after IRB is disabled. PR1491348
•
Routing Protocols
Host-destined packets with the filter log action might not reach the Routing Engine if log/syslog is
•
enabled. PR1379718
BGP IPv4 or IPv6 convergence and RIB might delete and then install the time degraded in Junos OS
•
Releases 19.1R1, 19.2R1, 19.3R1, and 19.4R1. PR1414121
The traffic with destination UDP port 520 (RIP) or 521 (RIPng) gets dropped on the QFX5000 and
•
EX4600 switches. PR1429543
The fxpc core file might be seen during the reboot of QFX5100 and EX4600 devices. PR1432023
•
The RPD_DYN_CFG_GET_PROF_NAME_FAILED: Get profile name for session XXX failed: -7 error
•
message might be seen in syslog after restarting the routing process. PR1439514
The bandwidth value of DDoS protection might cause packet loss after a device reboot. PR1440847
•
Traffic might be dropped after the Q-in-Q-enabled interface is flapped or a change is made to the
•
vlan-id-list configuration. PR1441402
IPv6 connectivity between MC-LAG peers might fail when multiple IRB interfaces are present. PR1443507
•
Junos OS BFD sessions with authentication flap after a certain time. PR1448649
•
Loopback address exported into other VRF instances might not work on ACX Series, EX Series, and QFX
•
Series. PR1449410
MPLS LDP might still use the stale MAC address of the neighbor even the LDP neighbor's MAC address
•
changes. PR1451217
The other querier present interval timer cannot be changed in the IGMP/MLD snooping scenario.
•
PR1461590
58
The MUX state in an LACP interface does not go to collecting and distributing and remains attached
•
after enabling the aggregated Ethernet interface. PR1484523
The routing protocol process (rpd) crashes while processing a specific BGP update information.
•
PR1448425
Receipt of certain genuine BGP packets from any BGP speaker causes rpd to crash. PR1497721
•
User Interface and Configuration
The switch might be unable to commit baseline configuration after zeroization. PR1426341
•
Problem with access to J-Web after update from Junos OS Release 18.2R2 to Junos OS Relesae 18.2R3.
•
PR1454150
The umount: unmount of /.mount/var/val/chroot/packages/mnt/jweb-ex32-d2cf6f6b failed: Device
•
busy message is seen when Junos OS is upgraded with the validate option. PR1478291
Virtual Chassis
The current MAC address might change when one of the multiple Layer 3 interfaces is being deleted.
•
PR1449206
VPNs
MVPN using PIM dense mode does not prune the OIF when PIM prune is received. PR1425876
•
Resolved Issues: 19.2R1
Authentication and Access Control
Without configuring anything related to dot1x, the syslog dot1xd[2192]: task_connect: task
•
PNACAUTH./var/run/authd_control addr /var/run/authd_control: Connection refused is generated
repeatedly. PR1406965
EVPN
The device might proxy the ARP probe packets in an EVPN environment. PR1427109
•
59
ESI is configured on a single-homed 25G port might not work. PR1438227
•
General Routing
On EX4650 switches, convergence delay between PE1 and P router link is more than the expected delay
•
value. PR1364244
OAM Ethernet connectivity-fault-management configured on aggregated Ethernet interfaces is not
•
supported and no commit error is seen. PR1367588
IPv6 router advertisement (RA) messages potentially increase internal kernel memory usage. PR1369638
•
RIPv2 update packets might not be sent with IGMP snooping enabled. PR1375332
•
Input rate PPS does not increase on EX2300-MP uplink ports when the packet is a pure L2 packet like
•
non-etherII or non-EtherSnap. PR1389908
EX3400VC - When an interface in a Virtual Chassis member switch that is not master, is flapped, IGMP
•
query packets 224.0.0.1 are sent to all the ports of the members except the master FPC. PR1393405
PTP over Ethernet traffic might be dropped when IGMP and PTP TC are configured together. PR1395186
•
EX3400 might not learn 30,000 MAC addresses while sending MAC learning traffic. PR1399575
•
MAC-limit with persistent MAC is not working after reboot. PR1400507
•
After upgrading to Junos OS Release 18.1R3.3, adt7470_set_pwm output message is observed
•
continuously. PR1401709
The DHCP discover packets are forwarded out of an interface incorrectly when DHCP snooping is
•
configured on that interface. PR1403528
On EX4300-48MP devices, the packets drop when the traffic filter and the routing instance are configured.
•
PR1407424
The l2cpd might crash if the vstp traceoptions and vstp vlan all commands are configured. PR1407469
•
MAC address movement might not happen in flexible Ethernet services mode when family inet/inet6
•
and vlan-bridge are configured on the same physical interface. PR1408230
EX3400 PSU status is still taking "check" status even though PSU module has been removed. PR1408675
•
On EX2300-24P switches, error message dc-pfe: BRCM_NH-,brcm_nh_resolve_get_nexthop(),346:Failed
•
to find if family is seen. PR1410717
On EX Series devices, the PEM alarm for backup FPC remains on master FPC though the backup FPC
•
is detached from Virtual Chassis. PR1412429
On EX4300-48MP devices, the chassis status LED shows yellow instead of amber. PR1413194
•
The chassisd output power budget is received continually per 5 seconds without any alarm after an
•
upgrade to Junos OS Release 18.1R3. PR1414267
VXLAN encapsulation next hop (VENH) does not get installed during BGP flap or when routing is restarted.
•
PR1415450
60
On EX3400 switches, the show chassis environment repeats OK and Failed at short intervals. PR1417839
•
The EX3400 VC status might be unstable during the boot-up of the Virtual Chassis or after the Virtual
•
Chassis port flaps. PR1418490
Virtual Chassis might become unstable and FXPC crashes and generates a core file when there are a lot
•
of configured filter entries. PR1422132
On EX3400 auto-negotiation status shows incomplete on ge-0/2/0 using SFP-SX. PR1423469
•
On EX4600 line of switches, MACsec might not connect when the interface disconnects while traffic is
•
passing. PR1423597
I2C read errors are seen when an SFP-T is inserted into a disabled state port configured with set interface
•
<*> disable command. PR1423858
Incorrect model information while polling through SNMP from Virtual Chassis. PR1431135
•
Infrastructure
IfSpeed and IfHighSpeed erroneously reported as zero on EX2300. PR1326902
•
Packet Forwarding Engine is flooded with messages // pkt rx on physical interface NULL unit 0.
•
PR1381151
Interfaces and Chassis
Missing mandatory ICCP configuration statement redundancy-group-id-list produces misleading error
•
message. PR1402606
EVPN aggregated Ethernet interface flaps followed by a commit. PR1425339
•
Junos Fusion for Enterprise
PoE over LLDP negotiation is not supported on Junos fusion for enterprise setup. PR1366106
•
New satellite device cannot be added to the Fusion scenario. PR1374982
•
Cascade port might go down after SD reboot in Junos fusion for enterprise environment. PR1382091
•
Cannot log in to SD cluster though it is recognized by AD properly. PR1395570
•
The l2ald might crash when clear ethernet-switching table persistent-learning command is issued.
•
PR1409403
Extended ports in Junos fusion for enterprise do not adjust MTU when VoIP is enabled. PR1411179
•
The traffic might silently drop and get discarded in Junos fusion for enterprise scenario with dual-AD.
•
PR1417139
Layer 2 Ethernet Services
The malfunction of core isolation feature in EVPN VXLAN scenarios might cause traffic to get silently
•
dropped and discarded. PR1417729
61
Network Management and Monitoring
Over temperature trap is not sent out even when there is a temperature-hot-alarm. PR1412161
•
Platform and Infrastructure
Ping does not go through the device after WTR timer expires in Ethernet ring protection switching (ERPS)
•
scenario. PR1132770
EX4300 upgrade fails during validation of SLAX script. PR1376750
•
Unicast DHCP request gets misforwarded to backup RTG link on EX4300 Virtual Chassis. PR1388211
•
EX4300 OAM LFM might not work on extended-vlan-bridge interface with native vlan configured.
•
PR1399864
Traffic drop is seen on EX4300 when 10-Gigabit fiber port is using 1-Gigabit Ethernet SFP optics with
•
auto-negotiation enabled. PR1405168
On EX4300, when power supply (PEM) is removed, alarm is not generated. PR1405262
•
The policer might not work when it is applied through the dynamic filter. PR1410973
•
The traffic to the NLB server might not be forwarded if the NLB cluster works on multicast mode.
•
PR1411549
EX4300 QinQ - untagged UNI traffic egress as single-tagged on NNI interface. PR1413700
•
Runt counter never incremented. PR1419724
•
EX4300 does not send fragmentation needed message when MTU is exceeded with DF bit set.
•
PR1419893
The pfex process might crash and core files might be generated when SFP is reinserted. PR1421257
•
Traffic might get silently dropped when one of logical interfaces on LAG is deactivated or deleted.
•
PR1422920
Auditd crashes when accounting RADIUS server is not reachable. PR1424030
•
The native VLAN ID of packets might fail when leaving out. PR1424174
•
Interface flapping scenario might lead to ECMP next-hop install failure on EX4300 switches. PR1426760
•
VIP might not forward the traffic if VRRP is configured on an aggregated Ethernet interface. PR1428124
•
EX4300 does not drop FCS frames on XE interfaces. PR1429865
•
The ERPS failover does not work as expected on EX4300 device. PR1432397
•
Routing Protocols
Host-destined packets with filter log action might reach the Routing Engine. PR1379718
•
The rpd crashes on static route configuration for multicast source. PR1408443
•
Host-generated ICMPv6 RA packets might be dropped on the backup member of Virtual Chassis if
•
igmp-snooping is configured. PR1413543
62
The EX Series switches might not install all IRB MAC addresses in the initialization. PR1416025
•
After restarting multicast-snooping process, igmp-snooping might not work. PR1420921
•
Software Installation and Upgrade
Configuration loss and traffic loss might be seen if backup Routing Engine is zeroized and is then switched
•
over to master within a short time. PR1389268
Subscriber Access Management
authd reuses address quickly before jdhcpd completely cleans up the old subscriber that gives the
•
following error log DH_SVC_DUPLICATE_IPADDR_ERR: Failed to add x.x.x.x as it is already used by
xxx. PR1402653
On EX4300 /var showing full /var/log/dfcd_enc file grows in size. PR1425000
•
SEE ALSO
What’s New | 34
What’s Chnaged | 41
Known Behavior | 44
Open Issues | 45
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63
Documentation Updates
IN THIS SECTION
Installation and Upgrade | 63
This section lists the errata and changes in Junos OS Release 19.2R3 for the EX Series switches
documentation.
Installation and Upgrade
Veriexec explained (EX Series)—Verified Exec (also known as veriexec) is a file-signing and verification
•
scheme that protects the Junos operating system (OS) against unauthorized software and activity that
might compromise the integrity of your device. Originally developed for the NetBSD OS, veriexec was
adapted for Junos OS and enabled by default from Junos OS Release 7.5 onward.
63
[See Veriexec Overview.]
SEE ALSO
What’s New | 34
What’s Chnaged | 41
Known Behavior | 44
Open Issues | 45
Resolved Issues | 49
Migration, Upgrade, and Downgrade Instructions | 63
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
Upgrade and Downgrade Support Policy for Junos OS Releases | 64
This section contains the upgrade and downgrade support policy for Junos OS for the EX Series. Upgrading
or downgrading Junos OS can take several hours, depending on the size and configuration of the network.
For information about software installation and upgrade, see the Installation and Upgrade Guide.
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not
provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the
next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently
installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from
Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead
or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before
or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release
to your target release.
64
For more information about EEOL releases and to review a list of EEOL releases, see
https://support.juniper.net/support/eol/software/junos/.
SEE ALSO
What’s New | 34
What’s Chnaged | 41
Known Behavior | 44
Open Issues | 45
Resolved Issues | 49
Documentation Updates | 63
Junos OS Release Notes for Junos Fusion Enterprise
IN THIS SECTION
What’s New | 65
What’s Changed | 67
Known Limitations | 68
Open Issues | 68
Resolved Issues | 69
Documentation Updates | 71
Migration, Upgrade, and Downgrade Instructions | 71
65
These release notes accompany Junos OS Release 19.2R3 for Junos Fusion Enterprise. Junos Fusion
Enterprise is a Junos Fusion that uses EX9200 switches in the aggregation device role. These release notes
describe new and changed features, limitations, and known problems in the hardware and software.
NOTE: For a complete list of all hardware and software requirements for a Junos Fusion
Enterprise, including which Juniper Networks devices can function as satellite devices, see
Understanding Junos Fusion Enterprise Software and Hardware Requirements.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/product/en_US/junos-os.
What’s New
IN THIS SECTION
What's New in Release 19.2R3 | 66
What's New in Release 19.2R2 | 66
What's New in Release 19.2R1 | 66
Learn about new features introduced in the Junos OS main and maintenance releases for Junos fusion for
enterprise.
NOTE: For more information about the Junos fusion for enterprise features, see the Junos Fusion
Enterprise User Guide.
What's New in Release 19.2R3
There are no new features or enhancements to existing features for Junos fusion for enterprise in Junos
OS Release 19.2R3.
What's New in Release 19.2R2
There are no new features or enhancements to existing features for Junos fusion for enterprise in Junos
OS Release 19.2R2.
66
What's New in Release 19.2R1
There are no new features or enhancements to existing features for Junos fusion for enterprise in Junos
OS Release 19.2R1.
SEE ALSO
What’s Changed | 67
Known Limitations | 68
Open Issues | 68
Resolved Issues | 69
Documentation Updates | 71
Migration, Upgrade, and Downgrade Instructions | 71
What’s Changed
IN THIS SECTION
What’s Changed in 19.2R3 | 67
What’s Changed in 19.2R2 | 67
What’s Changed in 19.2R1 | 67
Learn about what changed in the Junos OS main and maintenance releases for Junos fusion for enterprise.
What’s Changed in 19.2R3
There are no changes in behavior of Junos OS features and changes in the syntax of Junos OS statements
and commands in Junos OS Release 19.2R3 for Junos fusion for enterprise.
67
What’s Changed in 19.2R2
There are no changes in behavior of Junos OS features and changes in the syntax of Junos OS statements
and commands in Junos OS Release 19.2R2 for Junos fusion for enterprise.
What’s Changed in 19.2R1
There are no changes in behavior of Junos OS features and changes in the syntax of Junos OS statements
and commands in Junos OS Release 19.2R1 for Junos fusion for enterprise.
SEE ALSO
What’s New | 65
Known Limitations | 68
Open Issues | 68
Resolved Issues | 69
Documentation Updates | 71
Migration, Upgrade, and Downgrade Instructions | 71
Known Limitations
There are no known behaviors, system maximums, and limitations in hardware and software in Junos OS
Release 19.2R3 for Junos fusion for enterprise.
For the most complete and latest information about known Junos OS problems, use the Juniper Networks
online Junos Problem Report Search application.
SEE ALSO
What’s New | 65
What’s Changed | 67
Open Issues | 68
Resolved Issues | 69
Documentation Updates | 71
68
Migration, Upgrade, and Downgrade Instructions | 71
Open Issues
IN THIS SECTION
Junos fusion for enterprise | 68
This section lists the known issues in hardware and software in Junos OS Release 19.2R3 for Junos fusion
for enterprise.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Junos fusion for enterprise
On EX4300 when 10G fiber port is using 1G Ethernet SFP optics, auto-negotiation is enabled by default.
•
To bring up the satellite device, BCM recommends to disable the auto-negotiation for PHY84756 ports.
PR1420343
In Junos fusion for enterprise environment with EX2300-48P or EX2300-48T acting as satellite devices,
•
loop-detect feature does not work for ports 0-23, since the loop detect filter is not properly applied.
PR1426757
In a Junos fusion system, intermediate traffic drop might be seen between the aggregation and satellite
•
device when Sflow is enabled on the ingress interface. When Sflow is enabled, the original packet is
corrupted for those packets which hit the Sflow filter. This is because the packets egressing the
aggregation device are short 4 bytes of FCS and 2 bytes of data. Normal data packets are 128 bytes (4
bytes for FCS, 14 bytes for Ethernet header, 20 bytes for IP header and 90 bytes for data). The corrupted
packets are 122 bytes (14 bytes for Ethernet header, 20 bytes for IP header, and 88 bytes for data).
PR1450373
SEE ALSO
What’s New | 65
What’s Changed | 67
69
Known Limitations | 68
Resolved Issues | 69
Documentation Updates | 71
Migration, Upgrade, and Downgrade Instructions | 71
Resolved Issues
IN THIS SECTION
Resolved Issues: 19.2R3 | 70
Resolved Issues: 19.2R2 | 70
Resolved Issues: 19.2R1 | 70
This section lists the issues fixed in the Junos OS main release and the maintenance releases.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Resolved Issues: 19.2R3
There are no resolved issues in Junos OS Release 19.2R3 for Junos fusion for enterprise.
Resolved Issues: 19.2R2
Reachability issue of the host connected to the satellite device might be affected in a Junos Fusion
•
Enterprise environment with EX9200 series devices as aggregation devices. PR1447873
Loop detection might not work on extended ports in Junos fusion scenarios. PR1460209
•
The dpd process might be generate a core file on satellite devices in a Junos fusion for enterprise setup.
•
PR1460607
In a Junos fusion service provider setup the EX4300 acting as a satellite device is triggering the
•
temperature sensor alarm on multiple satellite device modules connected to same aggregation device.
PR1466324
70
Resolved Issues: 19.2R1
PoE over LLDP negotiation is not supported on Junos Fusion Enterprise setup. PR1366106
•
New satellite device cannot be added to the Fusion scenario. PR1374982
•
Cascade port might go down after SD reboot in Junos Fusion Enterprise environment. PR1382091
•
Cannot login to SD cluster though it is recognized by AD properly. PR1395570
•
The l2ald might crash when clear ethernet-switching table persistent-learning command is issued.
•
PR1409403
Extended ports in JFE do not adjust MTU when VoIP is enabled. PR1411179
•
The traffic might silently drop and get discarded in Junos Fusion Enterprise scenario with dual-AD.
•
PR1417139
SEE ALSO
What’s New | 65
What’s Changed | 67
Known Limitations | 68
Open Issues | 68
Documentation Updates | 71
Migration, Upgrade, and Downgrade Instructions | 71
Documentation Updates
There are no errata or changes in Junos OS Release 19.2R3 for documentation for Junos fusion for
enterprise.
SEE ALSO
What’s New | 65
What’s Changed | 67
Known Limitations | 68
Open Issues | 68
Resolved Issues | 69
Migration, Upgrade, and Downgrade Instructions | 71
71
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
Basic Procedure for Upgrading Junos OS on an Aggregation Device | 71
Upgrading an Aggregation Device with Redundant Routing Engines | 73
Preparing the Switch for Satellite Device Conversion | 74
Converting a Satellite Device to a Standalone Switch | 75
Upgrade and Downgrade Support Policy for Junos OS Releases | 75
Downgrading from Junos OS | 76
This section contains the procedure to upgrade or downgrade Junos OS and satellite software for a Junos
fusion for enterprise. Upgrading or downgrading Junos OS and satellite software might take several hours,
depending on the size and configuration of the Junos fusion for enterprise topology.
Basic Procedure for Upgrading Junos OS on an Aggregation Device
When upgrading or downgrading Junos OS for an aggregation device, always use the junos-install package.
Use other packages (such as the jbundle package) only when so instructed by a Juniper Networks support
representative. For information about the contents of the junos-install package and details of the installation
process, see the Installation and Upgrade Guide.
NOTE: Before upgrading, back up the file system and the currently active Junos OS configuration
so that you can recover to a known, stable environment in case the upgrade is unsuccessful.
Issue the following command:
user@host> request system snapshot
The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration
information from the previous software installation is retained, but the contents of log files might
be erased. Stored files on the routing platform, such as configuration templates and shell scripts
(the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored
files, copy them to another system before upgrading or downgrading the routing platform. See
the Junos OS Administration Library.
72
To download and install Junos OS:
1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:
https://www.juniper.net/support/downloads/
2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address)
and password supplied by Juniper Networks representatives.
3. Select By Technology > Junos Platform > Junos Fusion to find the software that you want to download.
4. Select the release number (the number of the software version that you want to download) from the
Version drop-down list on the right of the page.
5. Select the Software tab.
6. Select the software package for the release.
7. Review and accept the End User License Agreement.
8. Download the software to a local host.
9. Copy the software to the routing platform or to your internal software distribution site.
10. Install the new junos-install package on the aggregation device.
NOTE: We recommend that you upgrade all software packages out of band using the console
because in-band connections are lost during the upgrade process.
Customers in the United States and Canada, use the following commands:
user@host> request system software add validate reboot source/package-name.tgz
All other customers, use the following commands, where n is the spin number.
user@host> request system software add validate reboot source/package-name-limited.tgz
Replace source with one of the following values:
/pathname—For a software package that is installed from a local directory on the router.
•
For software packages that are downloaded and installed from a remote location:
•
73
ftp://hostname/pathname
•
http://hostname/pathname
•
scp://hostname/pathname (available only for Canada and U.S. version)
•
The validate option validates the software package against the current configuration as a prerequisite
to adding the software package to ensure that the router reboots successfully. This is the default
behavior when the software package being added is a different release.
Adding the reboot command reboots the router after the upgrade is validated and installed. When the
reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.
Rebooting occurs only if the upgrade is successful.
Upgrading an Aggregation Device with Redundant Routing Engines
If the aggregation device has two Routing Engines, perform a Junos OS installation on each Routing Engine
separately to minimize disrupting network operations as follows:
1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the
configuration change to both Routing Engines.
2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running
software version on the master Routing Engine.
3. After making sure that the new software version is running correctly on the backup Routing Engine,
switch over to the backup Routing Engine to activate the new software.
4. Install the new software on the original master Routing Engine that is now active as the backup Routing
Engine.
For the detailed procedure, see the Installation and Upgrade Guide.
Preparing the Switch for Satellite Device Conversion
There are multiple methods to upgrade or downgrade satellite software in your Junos fusion for enterprise.
See Configuring or Expanding a Junos Fusion Enterprise.
For satellite device hardware and software requirements, see Understanding Junos Fusion Enterprise
Software and Hardware Requirements.
Use the following command to install Junos OS on a switch before converting it into a satellite device:
user@host> request system software add validate reboot source/package-name
74
NOTE: The following conditions must be met before a Junos switch that is running Junos OS
Release 14.1X53-D43 can be converted to a satellite device when the action is initiated from
the aggregation device:
The switch running Junos OS can be converted only to SNOS 3.1 and later.
•
Either the switch must be set to factory-default configuration by using the request system
•
zeroize command, or the following command must be included in the configuration: set chassis
auto-satellite-conversion.
When the interim installation has completed and the switch is running a version of Junos OS that is
compatible with satellite device conversion, perform the following steps:
1. Log in to the device using the console port.
2. Clear the device:
[edit]
user@satellite-device# request system zeroize
NOTE: The device reboots to complete the procedure for resetting the device.
If you are not logged in to the device using the console port connection, your connection to the device
is lost after you enter the request system zeroize command.
If you lose connection to the device, log in using the console port.
3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces
from Virtual Chassis ports (VCPs) into network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number
For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into
network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 0
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 1
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 2
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 3
75
This step is required for the 40-Gbps QSFP+ interfaces that will be used as uplink interfaces in a Junos
Fusion topology. Built-in 40-Gbps QSFP+ interfaces on EX4300 switches are configured into VCPs by
default, and the default settings are restored after the device is reset.
After this initial preparation, you can use one of three methods to convert your switches into satellite
devices—autoconversion, manual conversion, or preconfiguration. See Configuring or Expanding a Junos
Fusion Enterprise for detailed configuration steps for each method.
Converting a Satellite Device to a Standalone Switch
If you need to convert a satellite device to a standalone device, you must install a new Junos OS software
package on the satellite device and remove it from the Junos Fusion topology. For more information, see
Converting a Satellite Device to a Standalone Device.
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not
provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the
next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently
installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from
Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead
or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before
or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release
to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html
Downgrading from Junos OS
Junos fusion for enterprise is first supported in Junos OS Release 16.1, although you can downgrade a
standalone EX9200 switch to earlier Junos OS releases.
NOTE: You cannot downgrade more than three releases.
For more information, see the Installation and Upgrade Guide.
76
To downgrade a Junos fusion for enterprise from Junos OS Release 19.2R3, follow the procedure for
upgrading, but replace the 19.2 junos-install package with one that corresponds to the appropriate release.
SEE ALSO
What’s New | 65
What’s Changed | 67
Known Limitations | 68
Open Issues | 68
Resolved Issues | 69
Documentation Updates | 71
Junos OS Release Notes for Junos Fusion Provider Edge
IN THIS SECTION
What's New | 77
What’s Changed | 78
Known Limitations | 79
Open Issues | 79
Resolved Issues | 80
Documentation Updates | 82
Migration, Upgrade, and Downgrade Instructions | 82
77
These release notes accompany Junos OS Release 19.2R3 for the Junos Fusion Provider Edge. They
describe new and changed features, limitations, and known and resolved problems in the hardware and
software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/product/en_US/junos-os.
What's New
IN THIS SECTION
What’s New in Release 19.2R3 | 78
What’s New in Release 19.2R2 | 78
What’s New in Release 19.2R1 | 78
Learn about new features introduced in the main and maintenance releases for Junos Fusion Provider
Edge.
What’s New in Release 19.2R3
There are no new features or enhancements to existing features for Junos Fusion Provider Edge in Junos
•
OS Release 19.2R3.
What’s New in Release 19.2R2
There are no new features or enhancements to existing features for Junos Fusion Provider Edge in Junos
•
OS Release 19.2R2.
What’s New in Release 19.2R1
Spanning-Tree Protocols
Support for Multiple Spanning Tree Protocol (MSTP) (Junos Provider Edge)—Starting with Junos OS
•
Release 19.2R1, you can configure MSTP on MX480 devices. MSTP scales better than other types of
spanning-tree protocols and enables load balancing.
78
[See Configuring MSTP Protocol.]
SEE ALSO
What’s Changed | 78
Known Limitations | 79
Open Issues | 79
Resolved Issues | 80
Documentation Updates | 82
Migration, Upgrade, and Downgrade Instructions | 82
What’s Changed
There are no changes in the behavior of Junos OS features or in the syntax of Junos OS statements and
commands in Junos OS Release 19.2R3 for Junos Fusion Provider Edge.
SEE ALSO
What's New | 77
Known Limitations | 79
Open Issues | 79
Resolved Issues | 80
Documentation Updates | 82
Migration, Upgrade, and Downgrade Instructions | 82
Known Limitations
There are no known behaviors, system maximums, or limitations in hardware and software in Junos OS
Release 19.2R3 for Junos Fusion Provider Edge.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
79
SEE ALSO
What's New | 77
What’s Changed | 78
Open Issues | 79
Resolved Issues | 80
Documentation Updates | 82
Migration, Upgrade, and Downgrade Instructions | 82
Open Issues
IN THIS SECTION
Junos Fusion Provider Edge | 80
Learn about open issues in this release for Junos Fusion Provider Edge.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Junos Fusion Provider Edge
In a Junos fusion system, intermediate traffic drop might be seen between the aggregation and satellite
•
device when Sflow is enabled on the ingress interface. When Sflow is enabled, the original packet is
corrupted for those packets which hit the Sflow filter. This is because the packets egressing the
aggregation device are short 4 bytes of FCS and 2 bytes of data. Normal data packets are 128 bytes (4
bytes for FCS, 14 bytes for Ethernet header, 20 bytes for IP header and 90 bytes for data). The corrupted
packets are 122 bytes (14 bytes for Ethernet header, 20 bytes for IP header, and 88 bytes for data).
PR1450373
SEE ALSO
What's New | 77
What’s Changed | 78
Known Limitations | 79
80
Resolved Issues | 80
Documentation Updates | 82
Migration, Upgrade, and Downgrade Instructions | 82
Resolved Issues
IN THIS SECTION
Resolved Issues: 19.2R3 | 81
Resolved Issues: 19.2R2 | 81
Resolved Issues: 19.2R1 | 81
Learn which issues were resolved in Junos OS main and maintenance releases for Junos Fusion Enterprise.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Resolved Issues: 19.2R3
Junos Fusion Provider Edge
The extended ports on cluster MX480 always show half duplex from the aggregate device. PR1490101
•
Junos Fusion Satellite Software
In Junos Fusion scenario with EX4300 acting as SD, the temperature sensor alarms and logs might be
•
seen as a result of the incorrect temperature reading of about 2-3 degrees lower than the expected.
There is no CLI command to clear the alarm and logs. PR1466324
Resolved Issues: 19.2R2
Junos Fusion Satellite Software
The dpd crash might be observed on satellite devices in Junos Fusion Enterprise. PR1460607
•
Temperature sensor alarm is seen on EX4300 in Junos Fusion scenario. PR1466324
•
81
Resolved Issues: 19.2R1
Junos Fusion Provider Edge
The sdpd process might continuously crash if there are more than 12 cascade-ports configured to a
•
satellite device. PR1437387
The aggregated Ethernet interface might flap whenever a new logical interface is added to it. PR1441869
•
If a default shaper is applied to a cascade interface of an aggregation device (AD), the displayed value
•
of "Guaranteed rate" is greater than the value of "Shaping rate" in the output of the show class-of-service
scheduler-hierarchy interface command. PR1415502
Auto-negotiation is not disabled in the hardware after the no-auto-negotiation option is set using the
•
CLI. PR1411852
Junos Fusion Satellite Software
Extended Port (EP) LAG might go down on the Satellite Devices (SDs) if the related Cascade Port (CP)
•
links to an Aggregation Device (AD) goes down. PR1397992
SEE ALSO
What's New | 77
What’s Changed | 78
Known Limitations | 79
Open Issues | 79
Documentation Updates | 82
Migration, Upgrade, and Downgrade Instructions | 82
Documentation Updates
There are no errata or changes in Junos OS Release 19.2R3 documentation for Junos Fusion Provider
Edge.
SEE ALSO
What's New | 77
What’s Changed | 78
82
Known Limitations | 79
Open Issues | 79
Resolved Issues | 80
Migration, Upgrade, and Downgrade Instructions | 82
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
Basic Procedure for Upgrading an Aggregation Device | 83
Upgrading an Aggregation Device with Redundant Routing Engines | 85
Preparing the Switch for Satellite Device Conversion | 86
Converting a Satellite Device to a Standalone Device | 87
Upgrading an Aggregation Device | 90
Upgrade and Downgrade Support Policy for Junos OS Releases | 90
Downgrading from Junos OS Release 19.2 | 90
This section contains the procedure to upgrade Junos OS, and the upgrade and downgrade policies for
Junos OS for Junos Fusion Provider Edge. Upgrading or downgrading Junos OS might take several hours,
depending on the size and configuration of the network.
Basic Procedure for Upgrading an Aggregation Device
When upgrading or downgrading Junos OS, always use the jinstall package. Use other packages (such as
the jbundle package) only when so instructed by a Juniper Networks support representative. For information
about the contents of the jinstall package and details of the installation process, see the Installation and
Upgrade Guide.
NOTE: Before upgrading, back up the file system and the currently active Junos OS configuration
so that you can recover to a known, stable environment in case the upgrade is unsuccessful.
Issue the following command:
user@host> request system snapshot
83
The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration
information from the previous software installation is retained, but the contents of log files might
be erased. Stored files on the routing platform, such as configuration templates and shell scripts
(the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored
files, copy them to another system before upgrading or downgrading the routing platform. See
the Installation and Upgrade Guide.
The download and installation process for Junos OS Release 19.2R3 is different from that for earlier Junos
OS releases.
1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:
https://www.juniper.net/support/downloads/
2. Log in to the Juniper Networks authentication system by using the username (generally your e-mail
address) and password supplied by Juniper Networks representatives.
3. Select By Technology > Junos Platform > Junos Fusion to find the software that you want to download.
4. Select the release number (the number of the software version that you want to download) from the
Version drop-down list to the right of the page.
5. Select the Software tab.
6. Select the software package for the release.
7. Review and accept the End User License Agreement.
8. Download the software to a local host.
9. Copy the software to the routing platform or to your internal software distribution site.
10. Install the new jinstall package on the aggregation device.
NOTE: We recommend that you upgrade all software packages out-of-band using the console,
because in-band connections are lost during the upgrade process.
Customers in the United States and Canada, use the following commands.
For 64-bit software:
•
84
NOTE: We recommend that you use 64-bit Junos OS software when implementing Junos
Fusion Provider Edge.
user@host> request system software add validate reboot
source/jinstall64-19.2R3.SPIN-domestic-signed.tgz
For 32-bit software:
•
user@host> request system software add validate reboot
source/jinstall-19.2R3.SPIN-domestic-signed.tgz
All other customers, use the following commands.
For 64-bit software:
•
NOTE: We recommend that you use 64-bit Junos OS software when implementing Junos
Fusion Provider Edge.
user@host> request system software add validate reboot
source/jinstall64-19.2R3.SPIN-export-signed.tgz
For 32-bit software:
•
user@host> request system software add validate reboot
source/jinstall-19.2R3.SPIN-export-signed.tgz
Replace source with one of the following values:
/pathname—For a software package that is installed from a local directory on the router.
•
For software packages that are downloaded and installed from a remote location:
•
ftp://hostname/pathname
•
http://hostname/pathname
•
scp://hostname/pathname (available only for the Canada and U.S. version)
•
The validate option validates the software package against the current configuration as a prerequisite
for adding the software package to ensure that the router reboots successfully. This is the default
behavior when the software package being added is for a different release.
85
Adding the reboot command reboots the router after the upgrade is validated and installed. When the
reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.
Rebooting occurs only if the upgrade is successful.
NOTE: After you install a Junos OS Release 19.2R3 jinstall package, you cannot return to the
previously installed software by issuing the request system software rollback command. Instead,
you must issue the request system software add validate command and specify the jinstall
package that corresponds to the previously installed software.
Upgrading an Aggregation Device with Redundant Routing Engines
If the aggregation device has two Routing Engines, perform a Junos OS installation on each Routing Engine
separately as follows to minimize disrupting network operations:
1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the
configuration change to both Routing Engines.
2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running
software version on the master Routing Engine.
3. After making sure that the new software version is running correctly on the backup Routing Engine,
switch over to the backup Routing Engine to activate the new software.
4. Install the new software on the original master Routing Engine that is now active as the backup Routing
Engine.
For the detailed procedure, see the Installation and Upgrade Guide.
Preparing the Switch for Satellite Device Conversion
Satellite devices in a Junos Fusion topology use a satellite software package that is different from the
standard Junos OS software package. Before you can install the satellite software package on a satellite
device, you first need to upgrade the target satellite device to an interim Junos OS software version that
can be converted to satellite software. For satellite device hardware and software requirements, see
Understanding Junos Fusion Software and Hardware Requirements
NOTE: The following conditions must be met before a standalone switch that is running Junos
OS Release 14.1X53-D43 can be converted to a satellite device when the action is initiated from
the aggregation device:
86
The switch can be converted to only SNOS 3.1 and later.
•
Either the switch must be set to factory-default configuration by using the request system
•
zeroize command, or the following command must be included in the configuration: set chassis
auto-satellite-conversion.
Customers with EX4300 switches, use the following command:
user@host> request system software add validate reboot
source/jinstall-ex-4300-14.1X53-D43.3-domestic-signed.tgz
Customers with QFX5100 switches, use the following command:
user@host> request system software add reboot
source/jinstall-qfx-5-14.1X53-D43.3-domestic-signed.tgz
When the interim installation has completed and the switch is running a version of Junos and OS on one
line that is compatible with satellite device conversion, perform the following steps:
1. Log in to the device by using the console port.
2. Clear the device:
[edit]
user@satellite-device# request system zeroize
NOTE: The device reboots to complete the procedure for resetting the device.
If you are not logged in to the device by using the console port connection, your connection to the
device is lost after you enter the request system zeroize command.
If you lose your connection to the device, log in using the console port.
3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces
from Virtual Chassis ports (VCPs) into network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number
For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into
network ports:
87
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 0
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 1
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 2
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 3
This step is required for the 40-Gbps QSFP+ interfaces that will be used as uplink interfaces in a Junos
Fusion topology. Built-in 40-Gbps QSFP+ interfaces on EX4300 switches are configured into VCPs by
default, and the default settings are restored after the device is reset.
After this initial preparation, you can use one of three methods to convert your switches into satellite
devices—autoconversion, manual conversion, and preconfiguration. See Configuring Junos Fusion Provider
Edge for detailed configuration steps for each method.
Converting a Satellite Device to a Standalone Device
If you need to convert a satellite device to a standalone device, you must install a new Junos OS software
package on the satellite device and remove the satellite device from the Junos Fusion topology.
NOTE: If the satellite device is a QFX5100 switch, you need to install a PXE version of Junos
OS. The PXE version of Junos OS is software that includes pxe in the Junos OS package name
when it is downloaded from the Software Center—for example, the PXE image for Junos OS
Release 14.1X53-D43 is named install-media-pxe-qfx-5-14.1X53-D43.3-signed.tgz . If the
satellite device is an EX4300 switch, you install a standard jinstall-ex-4300 version of Junos OS.
The following steps explain how to download software, remove the satellite device from Junos Fusion,
and install the Junos OS software image on the satellite device so that the device can operate as a standalone
device.
1. Using a Web browser, navigate to the Junos OS software download URL on the Juniper Networks
webpage:
https://www.juniper.net/support/downloads
2. Log in to the Juniper Networks authentication system by using the username (generally your e-mail
address) and password supplied by Juniper Networks representatives.
88
3. Select By Technology > Junos Platform > Junos Fusion from the drop-down list and select the switch
platform series and model for your satellite device.
4. Select the Junos OS Release 14.1X53-D30 software image for your platform.
5. Review and accept the End User License Agreement.
6. Download the software to a local host.
7. Copy the software to the routing platform or to your internal software distribution site.
8. Remove the satellite device from the automatic satellite conversion configuration.
If automatic satellite conversion is enabled for the satellite device’s member number, remove the
member number from the automatic satellite conversion configuration. The satellite device’s member
number is the same as the FPC slot ID.
[edit]
user@aggregation-device# delete chassis satellite-management auto-satellite-conversion
satellite member-number
For example, to remove member number 101 from Junos Fusion:
[edit]
user@aggregation-device# delete chassis satellite-management auto-satellite-conversion
satellite 101
You can check the automatic satellite conversion configuration by entering the show command at the
[edit chassis satellite-management auto-satellite-conversion] hierarchy level.
9. Commit the configuration.
To commit the configuration to both Routing Engines:
[edit]
user@aggregation-device# commit synchronize
Otherwise, commit the configuration to a single Routing Engine:
[edit]
user@aggregation-device# commit
89
10. Install the Junos OS software on the satellite device to convert the device to a standalone device.
[edit]
user@aggregation-device> request chassis satellite install URL-to-software-package fpc-slot
member-number
For example, to install a PXE software package stored in the /var/tmp directory on the aggregation
device onto a QFX5100 switch acting as the satellite device using FPC slot 101:
[edit]
user@aggregation-device> request chassis satellite install
/var/tmp/install-media-pxe-qfx-5-14.1X53-D43.3-signed.tgz fpc-slot 101
For example, to install a software package stored in the var/tmp directory on the aggregation device
onto an EX4300 switch acting as the satellite device using FPC slot 101:
[edit]
user@aggregation-device> request chassis satellite install
/var/tmp/jinstall-ex-4300-14.1X53-D30.3-domestic-signed.tgz fpc-slot 101
The satellite device stops participating in the Junos Fusion topology after the software installation
starts. The software upgrade starts after this command is entered.
11. Wait for the reboot that accompanies the software installation to complete.
12. When you are prompted to log back into your device, uncable the device from the Junos Fusion topology.
See Removing a Transceiver from a QFX Series Device or Remove a Transceiver, as needed. Your device
has been removed from Junos Fusion.
NOTE: The device uses a factory-default configuration after the Junos OS installation is
complete.
Upgrading an Aggregation Device
When you upgrade an aggregation device to Junos OS Release 19.2R1, you must also upgrade your satellite
device to Satellite Device Software version 3.1R1.
90
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not
provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the
next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently
installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from
Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead
or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before
or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release
to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html.
Downgrading from Junos OS Release 19.2
To downgrade from Release 19.2 to another supported release, follow the procedure for upgrading, but
replace the 19.2 jinstall package with one that corresponds to the appropriate release.
NOTE: You cannot downgrade more than three releases.
For more information, see the Installation and Upgrade Guide.
SEE ALSO
What's New | 77
What’s Changed | 78
Known Limitations | 79
Open Issues | 79
Resolved Issues | 80
Documentation Updates | 82
91
Junos OS Release Notes for MX Series 5G Universal Routing Platform
IN THIS SECTION
What’s New | 92
What's Changed | 113
Known Limitations | 123
Open Issues | 127
Resolved Issues | 139
Documentation Updates | 191
Migration, Upgrade, and Downgrade Instructions | 192
These release notes accompany Junos OS Release 19.2R3 for the MX Series. They describe new and
changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/product/en_US/junos-os.
What’s New
IN THIS SECTION
What’s New in 19.2R3 | 92
What’s New in 19.2R2 | 93
What’s New in 19.2R1-S4 | 93
What’s New in 19.2R1-S1 | 94
What’s New in 19.2R1 | 95
92
Learn about new features introduced in the Junos OS main and maintenance releases for MX Series.
What’s New in 19.2R3
There are no new features or enhancements to existing features for MX Series routers in Junos OS Release
19.2R3.
What’s New in 19.2R2
Junos OS XML, API, and Scripting
Support for 64-bit architecture added for use of management interface in a nondefault routing instance
•
in op scripts and JET applications (MX Series)—Junos OS Release 19.2R2 supports 64-bit architecture
Junos OS operating scripts (op scripts) and on-box JET applications can now use the function
set_routing_instance() to program the protocol software (TCP/UDP) to use a nondefault routing instance
instead of the default management routing interface.
[See set_routing_instance() Function (Python).]
Network Management and Monitoring
Implement new MIBs using telemetry-based model (MX Series)—Starting in Junos OS Release 19.2R2,
•
new MIBs mplsMldpInterfaceStatsEntry and mplsMldpFecUpstreamSessTable are introduced. The
Routing Engine uses a telemetry-based approach to collect statistics to provide MIB data for these MIBs.
A new statement, sensor-based-stats at the [edit protocols ldp traffic-statistics] hierarchy level, enables
telemetry-based collection. You must configure this statement to enable MIB data collection for
mplsMldpInterfaceStatsEntry and mplsMldpFecUpstreamSessTable.
93
Routing Protocols
ECMP nexthop update rate throttling (MX Series, PTX Series, and QFX Series)—Starting in Junos OS
•
Release 19.2R2, you can choose to defer multipath computation for all families during a BGP peering
churn. In very large-scale network deployments during BGP peering churn there is a temporary spike in
multipath computation, which takes a toll on the Packet Forwarding Engine resources. This feature allows
you to pause the multipath computation and to resume after the peering churn settles down. Note that
if there is no BGP peering churn, then multipath computation is not paused.
To enable the pause option for BGP multipath computation during BGP peering churn, include the pause
computation statement at the [edit protocols BGP multipath] hierarchy level.
Subscriber Management and Services
CoA messages support Session-Timeout attribute (MX Series)—Starting in Junos OS Release 19.2R2,
•
you can apply a session timeout for subscriber sessions with a RADIUS CoA message that includes the
Session-Timeout attribute (27). This capability is useful, for example, when subscribers purchase Internet
access for a specific period of time and must log out when the session expires. In earlier releases, the
router does not recognize the attribute if it is included in a CoA message.
[See Understanding Session Options for Subscriber Access.]
What’s New in 19.2R1-S4
Interfaces and Chassis
Support for 1-Gbps speed on QFX-60S line card on PTX10008 and PTX10016 Routers—Starting in
•
Junos OS Release 19.2R1-S4, QFX10000-60S-6Q line card supports 1-Gbps speed on its ports (0 through
59). The QFX10000-60S-6Q line card contains 60 SFP+ ports that support 10-Gbps, two dual-speed
QSFP28 ports that support either 40-Gbps or 100-Gbps, and four QSFP+ ports that support 40-Gbps.
You can individually configure ports 0 to 59 for 10-Gbps or 1-Gbps port speed. Use the set chassis fpc
fps-slot-number pic pic-number port port-number speed 1G command to change the mode of a port
from 10-Gbps to 1-Gbps. The transceivers supported for 1-Gbps are QFX-SFP-1GE-LX, QFX-SFP-1GE-SX,
and QFX-SFP-1GE-T.
[See QFX10000 Line Cards for details on the combination of modes supported on the ports.]
Services Applications
Support for Two-Way Active Measurement Protocol (TWAMP) and hardware timestamping of RPM
•
probe messages (MX10000 and PTX10000 routers)—Starting in Release 19.2R1-S4, Junos OS supports
TWAMP and hardware timestamping of RPM probe messages on the MX10008, MX10016, PTX10008
and PTX10016 routers. You can use TWAMP to measure IP performance between two devices in a
network. By enabling hardware timestamping of RPM you can account for the latency in the
communication of probe messages and also generate more accurate timers in the Packet Forwarding
Engine.
94
[See Understanding Two-Way Active Measurement Protocol on Routers and Understanding Using
Probes for Real-Time Performance Monitoring on M, T, PTX and MX Series Routers.]
What’s New in 19.2R1-S1
MPLS
Distributed CSPF for segment routing LSPs (MX Series)—Starting in Junos OS Release 19.2R1-S1, you
•
can compute a segment routing LSP locally on the ingress device according to the constraints you have
configured. With this feature, the LSPs are optimized based on the configured constraints and metric
type. The LSPs are computed to utilize the available ECMP paths to the destination.
Prior to Junos OS Release 19.2R1-S1, for traffic engineering of segment routing paths, you could either
explicitly configure static paths, or use computed paths from an external controller.
[See Enabling Distributed CSPF for Segment Routing LSPs.]
Color-based mapping of VPN services over SRTE (MX Series)—Starting in Junos OS Release 19.2R1-S1,
•
you can specify a color attribute along with an IP protocol next hop to resolve transport tunnels over
static colored and BGP segment routing traffic-engineered (SRTE) label-switched paths (LSPs). This is
called the color-IP protocol next hop resolution, where you are required to configure a resolution-map
and apply it to the VPN services. Prior to this release, the VPN services were resolved over IP protocol
next hops only.
With this feature, you can enable color-based traffic steering of Layer 2 and Layer 3 VPN services.
[See Color-Based Mapping of VPN Services Overview.]
Routing Protocols
Decouple RSVP for IGP-TE (MX Series, PTX Series, ACX Series, QFX Series, SRX Series, and EX
•
Series)—Starting in Junos OS Release 19.2R1-S1, device can advertise selective traffic-engineering
attributes such as admin-color and maximum-bandwidth, without enabling RSVP, for segment routing
and interior gateway protocol (IGP) deployments.
What’s New in 19.2R1
Hardware
New fixed-configuration Modular Port Concentrator (MX240, MX480, and MX960)—Starting in Junos
•
OS Release 19.2R1, the MPC10E-10C-MRATE is a new Modular Port Concentrator (MPC) that is
supported on the MX240, MX480, and MX960 routers.
The MPC10E-10C-MRATE features the following:
Line-rate throughput of up to 1.0 Tbps when installed with an enhanced midplane and 800 Gbps when
•
installed with a standard midplane.
95
Eight QSFP28 ports—Port numbers 0/0 through 0/3 and 1/0 through 1/3. The ports can be configured
•
as 10-Gbps, 40-Gbps, or 100-Gbps Ethernet ports.
Two QSFP56-DD ports—Port numbers 0/4 and 1/4. The ports can be configured as 10-Gps, 40-Gps,
•
100-Gbps Ethernet ports.
[See MX Series 5G Universal Routing Platform Interface Module Reference.]
MX10016 Universal Routing Platform—The MX10016 router provides 10-Gigabit Ethernet, 40-Gigabit
•
Ethernet, and 100-Gigabit Ethernet modular solutions that support up to 2.4 Tbps per slot. The MX10016
router provides redundancy and resiliency. All major hardware components including the power system,
the cooling system, the control board and the switch fabrics are fully redundant. MX10016 enables cloud
and data center operators to transition from 10-Gigabit Ethernet and 40-Gigabit Ethernet networks to
100-Gigabit Ethernet high-performance networks. The 21 rack unit (21 U) modular chassis can provide
38.4 Tbps of throughput. The MX10016 router has 16 slots for the line cards that can support a maximum
of 1536 10-Gigabit Ethernet ports, 384 40-Gigabit Ethernet ports, or 384 100-Gigabit Ethernet ports.
You can deploy the MX10016 router in an IP edge network using an MX10K-LC2101 line card (ordering
model number is JNP10K-LC2101).
[See MX10016 Hardware Guide.]
Advanced Cooling and Power Components (MX10008 Routers)—Starting in Junos OS Release 19.2R1,
•
MX10008 routers offer 5.5 KW power supplies, new high performance fan tray, and compatible fan tray
controller. The JNP10K-PWR-AC2 power supply supports AC, high-voltage alternating current (HVAC),
DC, or high-voltage direct current (HVDC). The JNP10K-PWR-DC2 provides a 5.5 KW upgrade for DC
users. The JNP10008-FAN2 offers increased air flow through the chassis. The JNP10008-FAN2 offers
1793 cubic feet per minute (CFM) per fan tray. The new fan tray controller, JNP10008-FTC2 supports
the new fan tray.
[See MX10008 Hardware Guide.]
Authentication, Authorization and Accounting (AAA) (RADIUS)
Option to enable and disable SCP per user level independent of SSH (MX Series)—Starting in Junos OS
•
19.2R1, you can enable and disable SCP for a certain login class user independent of SSH. By defualt,
SCP is not allowed for users added to the system defined classes read-only, operator and unauthorized
and is only allowed to the system defined class super-user. SCP is allowed for any login class user
belonging to a user defined class. You can deny SCP request for a user assigned to a user defined class
by using the no-scp-server configuration statement. Prior to 19.2R1, SCP was enabled and disabled
when SSH was enabled and disabled.
To disable SCP for a certain login class, use set no-scp-server at the [edit system login class <class_name>]
hierarchy level.
[See no-scp-server.]
Option to enable and disable SFTP per user level (MX Series)—Starting in Junos OS 19.2R1, you can
•
enable and disable SFTP for a certain login class user. By defualt, SFTP is not allowed for users added
to the system defined classes read-only, operator and unauthorized and is only allowed to the system
defined class super-user if SFTP is enabled globally. For a user assigned to a user defined class, by default
SFTP requests are allowed if set system services ssh sftp-server is configured. You can now deny SFTP
requests for a user assigned to a user defined class by using the no-sftp-server configuration statement.
96
To disable SFTP for a certain login class, use set no-sftp-server at the [edit system login class
<class_name>] hierarchy level.
[See no-sftp-server.]
EVPN
Support for BFD, BGP, IS-IS, and OSPF on IRB interfaces in EVPN-MPLS networks (MX Series and
•
vMX)—Starting with Junos OS Release 19.2R1, you can configure Bidirectional Forwarding Detection
(BFD), BGP, IS-IS, and OSPF routing protocols on the IRB interface in an EVPN-MPLS network to route
and forward EVPN traffic. This feature supports single-homed, single-active, and all-active multihomed
networks.
[See EVPN with IRB Solution Overview.]
EVPN support of VLAN ID ranges and lists in service provider style interface configurations (MX Series
•
routers, and vMX virtual routers)—Starting in Junos OS Release 19.2R1, EX9200 switches, ACX5448
and MX Series routers, and vMX virtual routers support the use of VLAN ID ranges and lists in a service
provider style interface configuration, which must be referenced in an EVPN routing instance. This
configuration is supported with the following EVPN environments, services, and features:
Environments:
•
EVPN with VXLAN encapsulation
•
EVPN with MPLS encapsulation
•
VLAN bundle service:
•
E-LAN
•
E-Tree
•
E-Line
•
Feature:
•
EVPN multihoming:
•
All-active
•
Single-active
•
Singlehoming
•
[See VLAN ID Ranges and Lists in an EVPN Environment.]
Connectivity fault management support in EVPN-VPWS (MX Series)—Starting with Junos OS Release
•
19.2R1, you can configure Up maintenance association end points (MEPs) and maintenance association
intermediate point (MIPs) on attachment circuits in support of connectivity fault management (CFM) in
EVPN-VPWS networks. With the MEPs, you can monitor connectivity between two points on the
EVPN-VPWS network. Junos OS supports the continuity check messages (CCM), loopback and link trace
messages (LTMs) as defined in IEEE 802.1AG CFM, and delay measurements (DM) and synthetic loss
measurements (SLMs) as defined in Y.1731 on a single-active homing network.
97
[See Connectivity Fault Management Support for EVPN and Layer 2 VPN Overview.]
Support for control word in EVPN-VPWS (MX Series and vMX) —Starting with Junos OS Release 19.2R1,
•
Junos OS supports the insertion of a control word between the label stack and the MPLS payload in a
network with EVPN-VPWS service. This feature prevents a transit device from delivering out-of-order
packets as a result of the device’s load-balancing hashing algorithm. When you enable the control word
feature on a PE device, the PE device advertises support for a control word. If all the PE devices in an
EVI on the EVPN-VPWS serviced network support control word, then the PE device inserts a control
word between the label stack and the L2 header in the packet thus preventing the packet from being
misidentified by transit devices.
[See Control Word for EVPN-VPWS.]
Forwarding and Sampling
Support for local preference when selecting forwarding next-hops for ECMP traffic (MX Series)—Starting
•
in Junos OS Release 19.2R1, you can have equal cost multi-path (ECMP) traffic flows prefer local
forwarding next-hops over remote ones. This feature supports BGP prefixes that are directly reachable
with IPv4 MPLS ECMP next-hops. Use ecmp-local-bias to direct ECMP traffic towards local links, for
example, to ensure that the overall load on the fabric is reduced. [See ecmp-local-bias for usage details.]
High Availability (HA) and Resiliency
ISSU suport for MX2008 (MX Series)—Starting in Junos OS Release 19.2R1, MX2008 routers support
•
ISSU.
[See Understanding In-Service Software Upgrade (ISSU)]
Interfaces and Chassis
Support for local preference when selecting forwarding next-hops for load balancing (MX Series)—Starting
•
in Junos OS Release 19.2R1, you can have traffic flows across aggregated Ethernet or logical-tunnel
interfaces prefer local forwarding next-hops over remote ones, for example to ensure that the overall
load on the fabric is reduced. [See local-bias for usage details.]
98
Support to collect and display PRBS statistics (MX10003 and MX204)—Starting in Junos OS Release
•
19.2R1, on MX10003 and MX204 routers, you can check the physical link connectivity by issuing the
test interfaces ifd-name prbs-test-start pattern-type type direction (0|1) flip (0|1) that starts collecting
the PRBS statistics.
The output of the show interfaces interface-name prbs-stats command displays the PRBS statistics while
the test is in progress. These statistics are cleared after the test is complete or if it is stopped. You can
stop collecting the statistics by issuing the test interfaces ifd-name prbs-test-stop direction (0|1) command.
NOTE: While running PRBS statistics, the link will be down.
[See prbs-test-start, prbs-test-stop, show interfaces prbs-stats, Collecting Pseudo Random Bit Sequence
(PRBS) Statistics.]
Domain Name System (DNS) is VRF aware (MX Series)—Starting in Junos OS Release 19.2R1, when the
•
management-instance statement is configured at the [edit system] hierarchy level, you can use the
non-default management routing instance mgmt_junos as the routing instance through which the DNS
name server is reachable. To specify the routing instance mgmt_junos, configure our new configuration
statement routing-instance mgmt_junos, at the [edit system name-server server-ip] hierarchy level.
[See Management Interface in a Nondefault Instance, Configuring a DNS Name Server for Resolving a
Hostname into Addresses, name-server, and show host.]
SCBE3-MX interoperates with MPC10E-10C (MX240, MX480, and MX960)—Starting in Junos OS
•
Release 19.2R1, the Enhanced Switch Control Board SCBE3-MX (model number: SCBE3-MX-S) supports
fabric management on the MPC10E-10C line card on the MX240, MX480, and MX960 routers. The
SCBE3-MX-S supports a pluggable Routing Engine and provides a control plane and data plane
interconnect to each line card slot. The MPC10E-10C supports a bandwidth of up to 1 Tbps (800 Gbps
with four planes and 1 Tbps with 5 or 6 planes). With MPC10E 15C line card, in a non-redundant
configuration the SCBE3-MX provides fabric bandwidth of up to 1 Tbps per slot with four fabric planes
and 1.5 Tbps per slot when all six fabric planes are used. Starting in this release, the MPC10E line cards
support the standard midplane, which supports a bandwidth up to 800 Gbps per slot. Support for the
enhanced midplane, which provides a bandwidth of 1.5 Tbps with MPC10E-15C and 1 Tbps with
MPC10E-10C, is already available.
[See SCBE3-MX Description and MPC10E-15C-MRATE]
Support for QSFP-100GE-DWDM2 transceiver (MX204, MX10003, MX10008, and MX10016)—Starting
•
in Junos OS Release 19.2R1, the MX204, MX10003, MX10008, and MX10016 routers support the
QSFP-100GE-DWDM2 transceiver. The 100-Gbps bidirectional transceiver has a dual transmitter/receiver
that enables it to transmit and receive data through a single optical fiber. You can perform the following
actions when this transceiver is installed:
View the diagnostics data, warnings, and alarms for interfaces. [See show interfaces diagnostics optics.]
•
Clear the bit error rate (BER) counters. [See clear interfaces statistics.]
•
99
Obtain the transport, performance monitoring, and threshold crossing alert (TCA) information for
•
interfaces. [See show interfaces transport pm.]
Clear the optics information from transport performance monitoring data. [See clear interfaces transport
•
pm.]
Enable or disable TCAs. [See tca.]
•
Enable or disable loopback mode. [See optics-options.]
•
MPC10 distributed LACP support in PPM AFT (MX Series)—Starting in Junos OS Release 19.2R1, the
•
MPC10E-15C-MRATE and MPC10E-10C-MRATE MPCs support distributed LACP in Periodic Packet
Manager (ppman) Advanced Forwarding Toolkit (AFT).
Support for Routing Engine hard disk smart check (MX240, MX480, MX204, MX960, MX10008,
•
MX2008, MX2020, MX10016, MX10000, MX2010, MX10002, and MX10003)—Starting in Junos OS
Release 19.2R1, you can configure the device to perform certain health checks on the Routing Engine
solid-state drive (SSD) and log a health event or raise an alarm in case a predefined health attribute
threshold is breached. You can use the set chassis routing-engine disk smart-check command to instruct
the system to raise an alarm when an SSD health attribute threshold is breached. You can view the alarm
by using the command show chassis alarms.
[See smart-check]
Junos OS XML API and Scripting
Automation script library additions and upgrades (MX Series)—Starting in Junos OS Release 19.2R1,
•
devices running Junos OS that support the Python extensions package include new and upgraded Python
modules. Python automation scripts can leverage new on-box Python modules, including the requests,
chardet, and urllib3 modules, as well as upgraded versions of the idna, ipaddress, and six modules. The
Requests library provides additional methods for supporting initial deployments as well as for performing
routine monitoring and configuration changes on devices running Junos OS.
[See Overview of Python Modules Available on Devices Running Junos OS and Using the Requests
Library for Python on Devices Running Junos OS.]
Junos Telemetry Interface
•
Inline active flow monitoring support using JTI (MPC10E-15C-MRATE line cards)—Starting in Junos
OS Release 19.2R1, Junos Telemetry Interface (JTI) supports streaming inline active flow monitoring
service-related statistics and errors counters for export to outside collectors at configurable intervals
using remote procedure call (gRPC) services.
Use the following resource path to export statistics:
100
/junos/system/linecard/services/inline-jflow/
To provision the sensor to export data through gRPC services, use the telemetrySubcribe RPC to specify
telemetry parameters. Streaming telemetry data through gRPC also requires the OpenConfig for Junos
OS module. Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled
into the Junos OS image by default. Both packages support JTI.
[See Configuring Flow Aggregation on MX, M, vMX and T Series Routers and NFX250 to Use Version
9 Flow Templates, Guidelines for gRPC Sensors (Junos Telemetry Interface) and Understanding
OpenCOnfig and gRPC on Junos Telemetry Interface.]
•
Packet Forwarding Engine support for JTI (MX2010 and MX2020 routers)—Starting in Junos OS Release
19.2R1, Junos telemetry interface (JTI) supports streaming of Packet Forwarding Engine statistics for
MX2010 and MX2020 routers using Remote Procedure Calls (gRPC). gRPC is a protocol for configuration
and retrieval of state information.
To provision the sensor to export data through gRPC, use the telemetrySubscribe RPC to specify
telemetry parameters. Streaming telemetry data through gRPC also requires the OpenConfig for Junos
OS module. Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled
into the Junos OS image by default. Both packages support the JTI.
[See Guidelines for gRPC Sensors (Junos Telemetry Interface).]
Sensor- level statistics support on JTI (MX960, MX2008, MX2010, MX2020, PTX5000, PTX1000, and
•
PTX10000 routers and QFX5100 and QFX5200 switches)—Starting with Junos OS Release 19.2R1,
you can issue the Junos operational mode command show network-agent statistics to provide more
information on a per-sensor level for statistics being streamed to an outside collector by means of remote
procedure calls (gRPC) and Junos telemetry interface (JTI). Only sensors exported with gRPC are
supported. The command does not support UDP-based sensors.
Loading...