Junos OS Release 19.2R3 User Manual

Release Notes: Junos®OS Release 19.2R3 for
the ACX Series, EX Series, MX Series, NFX
Series, PTX Series, QFX Series, SRX Series, and
Junos Fusion
1
22 April 2021

Contents

Junos OS Release Notes for ACX Series | 10
What's New | 11
What's New in Release 19.2R3 | 11
What's New in Release 19.2R2 | 11
What's New in Release 19.2R1-S1 | 12
What's New in Release 19.2R1 | 12
What's Changed | 16
What’s Changed in 19.2R3-S1 | 17
What’s Changed in 19.2R3 | 17
What’s Changed in 19.2R2 | 17
What’s Changed in 19.2R1 | 18
Known Limitations | 19
General Routing | 19
Open Issues | 22
General Routing | 22
MPLS | 25
Resolved Issues | 25
Resolved Issues: 19.2R3 | 26
Resolved Issues: 19.2R2 | 26
Resolved Issues: 19.2R1-S1 | 29
Resolved Issues: 19.2R1 | 30
Documentation Updates | 31
Installation and Upgrade Guide | 31
Migration, Upgrade, and Downgrade Instructions | 32
Upgrade and Downgrade Support Policy for Junos OS Releases | 32
Junos OS Release Notes for EX Series Switches | 34
What’s New | 34
What’s New in Release 19.2R3 | 35
What’s New in Release 19.2R2 | 35
What’s New in Release 19.2R1-S1 | 36
2
What’s New in Release 19.2R1 | 36
What’s Changed | 41
What’s Changed in Release 19.2R3 | 41
What’s Changed in Release 19.2R2 | 41
What’s Changed in Release 19.2R1 | 43
Known Limitations | 44
EVPN | 45
Platform and Infrastructure | 45
Open Issues | 45
Authentication and Access Control | 46
Infrastructure | 46
Interfaces and Chassis | 47
Junos Fusion for Enterprise | 47
Layer 2 Features | 47
Network Management and Monitoring | 47
Platform and Infrastructure | 47
Routing Protocols | 48
Resolved Issues | 49
Resolved Issues: 19.2R3 | 49
Resolved Issues: 19.2R2 | 51
Resolved Issues: 19.2R1 | 59
Documentation Updates | 63
Installation and Upgrade | 63
Migration, Upgrade, and Downgrade Instructions | 63
Upgrade and Downgrade Support Policy for Junos OS Releases | 64
Junos OS Release Notes for Junos Fusion Enterprise | 65
What’s New | 65
What's New in Release 19.2R3 | 66
What's New in Release 19.2R2 | 66
What's New in Release 19.2R1 | 66
What’s Changed | 67
What’s Changed in 19.2R3 | 67
What’s Changed in 19.2R2 | 67
What’s Changed in 19.2R1 | 67
3
Known Limitations | 68
Open Issues | 68
Junos fusion for enterprise | 68
Resolved Issues | 69
Resolved Issues: 19.2R3 | 70
Resolved Issues: 19.2R2 | 70
Resolved Issues: 19.2R1 | 70
Documentation Updates | 71
Migration, Upgrade, and Downgrade Instructions | 71
Basic Procedure for Upgrading Junos OS on an Aggregation Device | 71
Upgrading an Aggregation Device with Redundant Routing Engines | 73
Preparing the Switch for Satellite Device Conversion | 74
Converting a Satellite Device to a Standalone Switch | 75
Upgrade and Downgrade Support Policy for Junos OS Releases | 75
Downgrading from Junos OS | 76
Junos OS Release Notes for Junos Fusion Provider Edge | 77
What's New | 77
What’s New in Release 19.2R3 | 78
What’s New in Release 19.2R2 | 78
What’s New in Release 19.2R1 | 78
What’s Changed | 78
Known Limitations | 79
Open Issues | 79
Junos Fusion Provider Edge | 80
Resolved Issues | 80
Resolved Issues: 19.2R3 | 81
Resolved Issues: 19.2R2 | 81
Resolved Issues: 19.2R1 | 81
Documentation Updates | 82
Migration, Upgrade, and Downgrade Instructions | 82
Basic Procedure for Upgrading an Aggregation Device | 83
Upgrading an Aggregation Device with Redundant Routing Engines | 85
Preparing the Switch for Satellite Device Conversion | 86
4
Converting a Satellite Device to a Standalone Device | 87
Upgrading an Aggregation Device | 90
Upgrade and Downgrade Support Policy for Junos OS Releases | 90
Downgrading from Junos OS Release 19.2 | 90
Junos OS Release Notes for MX Series 5G Universal Routing Platform | 91
What’s New | 92
What’s New in 19.2R3 | 92
What’s New in 19.2R2 | 93
What’s New in 19.2R1-S4 | 93
What’s New in 19.2R1-S1 | 94
What’s New in 19.2R1 | 95
What's Changed | 113
What’s Changed in Release 19.2R3-S1 | 114
What’s Changed in Release 19.2R3 | 114
What’s Changed in Release 19.2R2 | 115
What’s Changed in Release 19.2R1 | 120
Known Limitations | 123
General Routing | 124
Interfaces and Chassis | 126
Platform and Infrastructure | 127
Routing Protocols | 127
Open Issues | 127
EVPN | 128
Forwarding and Sampling | 128
General Routing | 129
Infrastructure | 134
Interfaces and Chassis | 134
Junos Fusion for Provider Edge | 135
Layer 2 Features | 135
Layer 2 Ethernet Services | 135
MPLS | 135
Network Management and Monitoring | 136
Platform and Infrastructure | 136
Routing Protocols | 137
5
User Interface and Configuration | 138
VPNs | 138
Resolved Issues | 139
Resolved Issues: 19.2R3 | 139
Resolved Issues: 19.2R2 | 146
Resolved Issues: 19.2R1 | 175
Documentation Updates | 191
Installation and Upgrade Guide | 191
Subscriber Management Provisioning Guide | 191
Migration, Upgrade, and Downgrade Instructions | 192
Basic Procedure for Upgrading to Release 19.2 | 193
Procedure to Upgrade to FreeBSD 11.x based Junos OS | 193
Procedure to Upgrade to FreeBSD 6.x based Junos OS | 195
Upgrade and Downgrade Support Policy for Junos OS Releases | 197
Upgrading a Router with Redundant Routing Engines | 198
Downgrading from Release 19.2 | 198
Junos OS Release Notes for NFX Series | 199
What’s New | 199
What’s New in Release 19.2R3 | 200
What’s New in Release 19.2R2 | 200
What’s New in Release 19.2R1 | 200
What’s Changed | 201
What’s Changed in Release 19.2R3 | 202
What’s Changed in Release 19.2R2 | 202
What’s Changed in Release 19.2R1 | 202
Known Limitations | 202
Interfaces | 203
Platform and Infrastructure | 203
Virtual Network Functions (VNFs) | 204
Open Issues | 204
Interfaces | 205
Platform and Infrastructure | 205
Routing Protocols | 205
Virtual Network Functions (VNFs) | 206
6
Resolved Issues | 206
Resolved Issues: 19.2R3 | 207
Resolved Issues: 19.2R2 | 207
Resolved Issues: 19.2R1 | 209
Documentation Updates | 210
Migration, Upgrade, and Downgrade Instructions | 210
Upgrade and Downgrade Support Policy for Junos OS Releases | 211
Basic Procedure for Upgrading to Release 19.2 | 211
Junos OS Release Notes for PTX Series Packet Transport Routers | 212
What's New | 213
What’s New in 19.2R3 | 213
What’s New in 19.2R2 | 214
New and Changed Features: 19.2R1-S4 | 214
New and Changed Features: 19.2R1-S1 | 215
New and Changed Features: 19.2R1 | 215
What’s Changed | 221
What’s Changed in Release 19.2R3 | 222
What’s Changed in Release 19.2R2 | 222
What’s Changed in Release 19.2R1-S5 | 224
What’s Changed in Release 19.2R1 | 224
Known Limitations | 227
General Routing | 227
Interfaces and Chassis | 228
Open Issues | 228
General Routing | 229
Interfaces and Chassis | 230
Layer 2 Ethernet Services | 230
Routing Protocols | 230
Resolved Issues | 230
Resolved Issues: 19.2R3 | 231
Resolved Issues: 19.2R2 | 231
Resolved Issues: 19.2R1 | 235
Documentation Updates | 238
Installation and Upgrade Guide | 238
7
Migration, Upgrade, and Downgrade Instructions | 238
Basic Procedure for Upgrading to Release 19.2 | 239
Upgrade and Downgrade Support Policy for Junos OS Releases | 241
Upgrading a Router with Redundant Routing Engines | 242
Junos OS Release Notes for the QFX Series | 243
What's New | 243
What’s New in Release 19.2R3 | 244
What’s New in Release 19.2R2 | 244
What's New in Release 19.2R1-S1 | 244
What's New in Release 19.2R1 | 245
What's Changed | 253
What’s Changed in Release 19.2R3 | 254
What’s Changed in Release 19.2R2 | 254
What’s Changed in Release 19.2R1 | 257
Known Limitations | 259
EVPN | 259
Layer 2 Features | 259
Platform and Infrastructure | 259
Routing Protocols | 260
Open Issues | 261
EVPN | 261
Infrastructure | 262
Interfaces and Chassis | 262
Layer 2 Features | 262
Platform and Infrastructure | 262
Routing Protocols | 264
Virtual Chassis | 264
Resolved Issues | 265
Resolved Issues: 19.2R3 | 265
Resolved Issues: 19.2R2 | 267
Resolved Issues: 19.2R1 | 281
Documentation Updates | 287
Installation and Upgrade guide | 287
8
Migration, Upgrade, and Downgrade Instructions | 288
Upgrading Software on QFX Series Switches | 288
Installing the Software on QFX10002-60C Switches | 291
Installing the Software on QFX10002 Switches | 291
Upgrading Software from Junos OS Release 15.1X53-D3X to Junos OS Release
15.1X53-D60, 15.1X53-D61.7, 15.1X53-D62, and 15.1X53-D63 on QFX10008 and QFX10016 Switches | 292
Installing the Software on QFX10008 and QFX10016 Switches | 294
Performing a Unified ISSU | 298
Preparing the Switch for Software Installation | 299
Upgrading the Software Using Unified ISSU | 299
Upgrade and Downgrade Support Policy for Junos OS Releases | 301
Junos OS Release Notes for SRX Series | 302
What’s New | 303
New and Changed Features: 19.2R3 | 303
New and Changed Features: 19.2R2 | 303
New and Changed Features: 19.2R1-S1 | 304
New and Changed Features: 19.2R1 | 304
What's Changed | 313
Release 19.2R3 Changes in Behavior and Syntax | 314
Release 19.2R2 Changes in Behavior and Syntax | 314
Release 19.2R1 Changes in Behavior and Syntax | 316
Known Limitations | 317
J-Web | 318
VPNs | 318
Open Issues | 319
Chassis Clustering | 319
Flow-Based and Packet-Based Processing | 319
Intrusion Detection and Prevention (IDP) | 320
J-Web | 320
Platform and Infrastructure | 320
Routing Policy and Firewall Filters | 320
VPNs | 320
Resolved Issues | 321
Resolved Issues: 19.2R3 | 321
9
Resolved Issues: 19.2R2 | 323
Resolved Issues: 19.2R1 | 333
Documentation Updates | 340
Migration, Upgrade, and Downgrade Instructions | 341
Upgrade and Downgrade Support Policy for Junos OS Releases and Extended End-Of-Life
Releases | 341
Upgrading Using ISSU | 342
Licensing | 342
Compliance Advisor | 342
Finding More Information | 343
Documentation Feedback | 343
Requesting Technical Support | 344
Self-Help Online Tools and Resources | 344
Opening a Case with JTAC | 345
Revision History | 345

Introduction

Junos OS runs on the following Juniper Networks®hardware: ACX Series, EX Series, M Series, MX Series,
NFX Series, PTX Series, QFabric systems, QFX Series, SRX Series, T Series, and Junos Fusion.
These release notes accompany Junos OS Release 19.2R3 for the ACX Series, EX Series, MX Series, NFX Series, PTX Series, QFX Series, SRX Series, and Junos Fusion. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

Junos OS Release Notes for ACX Series

IN THIS SECTION
10
What's New | 11
What's Changed | 16
Known Limitations | 19
Open Issues | 22
Resolved Issues | 25
Documentation Updates | 31
Migration, Upgrade, and Downgrade Instructions | 32
These release notes accompany Junos OS Release 19.2R3 for the ACX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

What's New

IN THIS SECTION
What's New in Release 19.2R3 | 11
What's New in Release 19.2R2 | 11
What's New in Release 19.2R1-S1 | 12
What's New in Release 19.2R1 | 12
Learn about new features introduced in the Junos OS main and maintenance releases for ACX Series routers.
11

What's New in Release 19.2R3

There are no new features or enhancements to existing features for ACX Series routers in Junos OS Release
19.2R3.

What's New in Release 19.2R2

There are no new features on ACX Series in Release 19.2R2.

What's New in Release 19.2R1-S1

Routing Protocols
Decouple RSVP for IGP-TE (MX Series, PTX Series, ACX Series, QFX Series, SRX Series, and EX
Series)—Starting in Junos OS Release 19.2R1-S1, device can advertise selective traffic-engineering attributes such as admin-color and maximum-bandwidth, without enabling RSVP, for segment routing and interior gateway protocol (IGP) deployments.

What's New in Release 19.2R1

Class of Service (CoS)
Support for class of service (CoS)(ACX6360 routers)—Starting in Junos OS Release 19.2R1, ACX6360
routers support class of service (CoS) functionality.
CoS is the assignment of traffic flows to different service levels. Service providers can use router-based CoS features to define service levels that provide different delay, jitter (delay variation), and packet loss characteristics to particular applications served by specific traffic flows.
12
[See CoS on ACX Series Universal Metro Routers Features Overview.]
EVPN
EVPN support of VLAN ID ranges and lists in service provider style interface configurations (EX9200
switches, ACX5448 and MX Series routers, and vMX virtual routers)—Starting in Junos OS Release
19.2R1, EX9200 switches, ACX5448 and MX Series routers, and vMX virtual routers support the use of VLAN ID ranges and lists in a service provider style interface configuration, which must be referenced in an EVPN routing instance. This configuration is supported with the following EVPN environments, services, and features:
Environments:
EVPN with VXLAN encapsulation
EVPN with MPLS encapsulation
VLAN bundle service:
E-LAN
E-Tree
E-Line
Feature:
EVPN multihoming:
All-active
Single-active
Singlehoming
[See VLAN ID Ranges and Lists in an EVPN Environment.]
Interfaces and Chassis
Support for 100-Mbps and 1-Gbps speeds on Tri-Rate Copper SFP (ACX5448 routers)—Starting in
Junos OS Release 19.2R1, ACX5448 routers support 100-Mbps and 1-Gbps speeds on Tri-Rate Copper SFP optics (part number 740-013111).
NOTE: 100-Mbps speed is supported only on ports xe-0/0/24 through xe-0/0/47.
10-Mbps speed is not supported on Tri-Rate Copper SFP due to hardware limitations.
To set the speed for the optics, issue the set interfaces interface-name speed auto command. [See
Speed for more details.]
To enable autonegotiation, issue the set interfaces interface-name gigether-options auto-negotiation
command. [See auto-negotiation.]
13
Junos Telemetry Interface
Support for LSP statistics on JTI (ACX6360)—Starting with Junos OS Release 19.2R1, you can provision
the LSP statistics sensor using the resource path /junos/services/label-switched-path/usage/ to monitor per-MPLS LSP statistics on the ACX6360 router and export telemetry data through Junos telemetry interface (JTI) to external collectors. You can stream data at configurable intervals through gRPC without involving polling.
JTI support is only for RSVP LSPs.
Statistics that are streamed are similar to the output displayed by the operational mode command show mpls lsp bypass statistics.
To provision a sensor to export data through gRPC, use the telemetrySubscribe RPC to specify telemetry parameters. Streaming telemetry data through gRPC also requires the OpenConfig for Junos OS module. Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled into the Junos OS image by default. Both packages support JTI.
To enable statistics for export from the Junos OS, include the sensor-based-stats statement at the [edit protocols mpls] hierarchy level.
[See Guidelines for gRPC Sensors (Junos Telemetry Interface) and Understanding OpenConfig and gRPC
on Junos Telemetry Interface.]
Specify Routing Instance for JTI (ACX Series, MX Series, PTX Series, and QFX Series)—Starting in Junos OS Release 19.2R1, you can specify the routing instance to use for remote procedure call (gRPC) services. Include the routing-instance instance-name at the [edit system services extension-service request-response grpc] hierarchy level. The routing instance name specified should match the name of
the existing routing instance, such as a name configured under the [routing-instances] hierarchy level or mgmt_junos if system management-instance is configured (the dedicated management routing instance).
Configuring the routing instance lets you choose the VRF for gRPC services. When the routing instance is not configured, the default behavior is that all gRPC-related services are available through the management fxp0/em0) interface.
Layer 3 Features
Support for Layer 3 unicast features (ACX 6360)—Starting in Junos OS Release 19.2R1, ACX routers
support the following Layer 3 forwarding features for unicast IPv4 and IPv6 traffic:
Basic IPv6 forwarding
Virtual router (VRF-lite) for both IPv4 and IPv6
Layer 3 subinterfaces support for both IPv4 and IPv6
VRF-lite, subinterfaces, and IPv6 forwarding support on link aggregation groups (LAGs)
Statistics support for Layer 3 subinterfaces
14
32-way equal-cost multipath (ECMP)
Centralized Bidirectional Forwarding Detection (BFD)
IPv4 Layer 3 protocols:
OSPF
IS-IS
BGP
IPv6 Layer 3 protocols:
OSPFv3
RIPng
Network Management and Monitoring
Support for displaying valid user input in the CLI for command options and configuration statements
in custom YANG data models (ACX Series)—Starting in Junos OS Release 19.2R1, the CLI displays the set of possible values for a given command option or configuration statement in a custom YANG data model when you include the action-expand extension statement in the option or statement definition and reference a script that handles the logic. The action-expand statement must include the script child statement, which defines the Python action script that is invoked when a user requests context-sensitive help in the CLI for the value of that option or statement.
[See Displaying Valid Command Option and Configuration Statement Values in the CLI for Custom YANG
Modules.]
Software Installation and Upgrade
Zero Touch Provisioning (ACX5448)—Starting in Junos OS Release 19.2R1, Zero Touch Provisioning
(ZTP) automates the provisioning of the device configuration and software image with minimal manual intervention on management interface em0.
15
When you physically connect a router to the network and boot it with a factory configuration, the router upgrades the Junos OS software image automatically and automatically installs a configuration file from the network through the management interface.
[See Zero Touch Provisioning.]
System Management
Support for transferring accounting statistics files and router configuration archives using HTTP URL
(ACX Series)—Starting in Junos OS Release 19.2R1, you can transfer accounting statistics files and router configuration archives to remote servers by using an HTTP URL. In addition to SCP and FTP, the following HTTP URL will be supported under the archive-sites statement:
http://username@host:url-path password password
To transfer accounting statistics files, configure archive-sites under [edit accounting-options file
<filename>] hierarchy.
To transfer router configuration archival, configure archive-sites under edit system archival
configuration hierarchy.
To view the statistics of transfer attempted, succeeded, and failed, use the show accounting server
statistics archival-transfer command.
To clear the statistics of transfer attempted, succeeded, and failed, use the clear accounting server
statistics archival-transfer command.
[See archive-sites, Backing Up Configurations to an Archive Site, show accounting server statistics
archival-transfer, and clear accounting server statistics archival-transfer].
Precision Time Protocol (PTP) Transparent Clock with IPv6 Transport (PTX10001-20C and ACX6360-OR
devices)—Starting with Junos OS Release 19.2R1, PTP uses IPv6 transport to synchronize clocks throughout a packet-switched network. With a transparent clock, the PTP packets are updated with theresidence time as the packets pass through the switch. There is no master/slaved designation. End-to-end transparent clocks are supported. With an end-to-end transparent clock, only the residence time is included. The residence time can be sent in a one-step process, which means that the timestamps are sent in one packet.
You can configure the transparent clock at the [edit protocols ptp] Junos OS CLI hierarchy.
[See Understanding Transparent Clocks in Precision Time Protocol.]
SEE ALSO
What's Changed | 16
Known Limitations | 19
16
Open Issues | 22
Resolved Issues | 25
Documentation Updates | 31
Migration, Upgrade, and Downgrade Instructions | 32

What's Changed

IN THIS SECTION
What’s Changed in 19.2R3-S1 | 17
What’s Changed in 19.2R3 | 17
What’s Changed in 19.2R2 | 17
What’s Changed in 19.2R1 | 18
Learn about what changed in the Junos OS main and maintenance releases for ACX Series routers.

What’s Changed in 19.2R3-S1

General Routing
Support for gigether-options statement (ACX5048, ACX5096)—Junos OS supports the gigether-options
statement at the edit interfaces interface-name hierarchy on the ACX5048 and ACX5096 routers. Previously, support for the gigether-statement was deprecated.
[See gigether-options.]

What’s Changed in 19.2R3

Juniper Extension Toolkit (JET)
Set the trace log to only show error messages (ACX Series, EX Series, MX Series, PTX Series, QFX
Series, SRX Series)— You can set the verbosity of the trace log to only show error messages using the error option at the edit system services extension-service traceoptions level hierarchy.
See traceoptions (Services).
17

What’s Changed in 19.2R2

Interfaces and Chassis
Support for creating Layer 2 logical interfaces independently (ACX Series, EX Series, MX Series, PTX
Series, and QFX Series)—In Junos OS Release 19.2R2 and later, ACX Series routers support creating Layer 2 logical interfaces independent of the Layer 2 routing-instance type. That is, you can configure and commit the Layer 2 logical interfaces separately and add the interfaces to the bridge domain or Ethernet VPN (EVPN) routing instance separately. Note that the Layer 2 logical interfaces work fine only when they are added to the bridge domain or EVPN routing instance.
In earlier Junos OS releases, when you use a Layer 2 logical interface configuration (units with encapsulation vlan-bridge configuration), then you must add the logical interface as part of a bridge domain or EVPN routing instance for the commit to succeed.
Support for disabling RS-FEC (ACX6360-OX)—By default, Junos OS software enables or disables forward
error correction based on plugged-in optics. Starting with Junos OS Release 19.2R2, on ACX6360-OX routers functioning as transponders, you can now disable Ethernet FEC, also known as RS-FEC or FEC91. Previously, RS-FEC was enabled by default and could not be disabled.
[See fec.]
Operation, Administration, and Maintenance (OAM)
Performance monitoring history data is lost when a change in number of supported history records is
detected (ACX Series and MX Series)—In Junos OS Release 19.2R2, when Ethernet connectivity fault management starts, it detects the number of history records supported by the existing Performance Monitoring history database and if there is any change from the number of history records supported (that is, 12) in Release 19.2R2, then the existing performance monitoring history database is cleared and all performance monitoring sessions are restarted with mi-index 1.
Routing Protocols
XML RPC equivalent included for the show bgp output-scheduler | display xml rpc CLI command (ACX
Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release
19.2R2, we have included an XML RPC equivalent for the show bgp output-scheduler | display xml rpc CLI command. In Junos OS releases before Release 19.2R2, the show bgp output-scheduler | display xml rpc CLI command does not have an XML RPC equivalent.
[See show bgp output-scheduler.]
18

What’s Changed in 19.2R1

Interfaces and Chassis
Monitoring information available only in trace log (ACX Series)—In Junos OS Release 19.2R1 and later,
the Ethernet link fault management daemon (lfmd) in the peer router stops monitoring the locally occurred errors until ISSU completes. You can view the monitoring-related details only through the trace log file.
Network Management and Monitoring
The show system schema command and <get-yang-schema> RPC require specifying an output directory
(ACX Series)—Starting in Junos OS Release 19.2R1, when you issue the show system schema operational mode command in the CLI or execute the <get-yang-schema> RPC in a remote session to retrieve schema files, you must specify the directory in which to generate the output files by including the output-directory command option in the CLI or the <output-directory> element in the RPC. In earlier releases, you can omit the output-directory argument when requesting a single module to display the module in standard output.
Custom YANG RPC support for input parameters of type empty (ACX Series)—Starting in Junos OS
Release 19.2R1, custom YANG RPCs support input parameters of type empty when executing the RPC’s command in the Junos OS CLI, and the value passed to the action script is the parameter name. In earlier releases, input parameters of type empty are only supported when executing the RPC in a NETCONF or Junos XML protocol session, and the value passed to the action script is the string 'none'.
[See Creating Action Scripts for YANG RPCs on Devices Running Junos OS.]
VLAN Infrastructure
Specifying a descending VLAN ID range ( ACX5448 routers)—In Junos OS releases prior to Junos OS
Release 19.2R1, the system accepts a descending range—for example, 102-100, with the vlan-id-range configuration statement in the [edit interfaces interface-name unit logical-unit-number] hierarchy.
Starting with Junos OS Release 19.2R1, the system considers a descending range specified with vlan-id-range to be invalid and raises an error if you try to commit this configuration.
SEE ALSO
What's New | 11
Known Limitations | 19
Open Issues | 22
Resolved Issues | 25
Documentation Updates | 31
19
Migration, Upgrade, and Downgrade Instructions | 32

Known Limitations

IN THIS SECTION
General Routing | 19
Learn about known limitations in this release for ACX Series routers.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

General Routing

All PTP packets go to the best-effort queue instead of the network control queue. This is because of
the limitation on ACX5448 where DSCP values are not preserved. PR1361315
ACX6360 Junos telemetry interface or telemetry infrastructure does not support the interface-filtering
capability. Therefore, after you enable a particular sensor for telemetry, it is turned on for all the interfaces.
PR1371996
For an Ethernet (et) interface, only the PRE_FEC_SD defect is raised and no OTN alarm is raised.
PR1371997
The CLI static-cak command encryption does not work between two ACX-OX transponder nodes.
PR1389802
The ACX6360 TIC has only 8 CFP2-DCO ports, so chassis beacon show/requests to port numbers larger
than 7 do not work (as the ports don't exist) but also do not report an error. user@router> request chassis beacon fpc 0 pic-slot 1 port 15 on FPC 0 PIC 1 PORT 15 ON user@router> show chassis beacon fpc 0 pic-slot 1 port-range lower-limit 0 upper-limit 15 FPC 0 PIC 1 PORT 0 ON FPC 0 PIC 1 PORT 1 ON FPC 0 PIC 1 PORT 2 ON FPC 0 PIC 1 PORT 3 ON FPC 0 PIC 1 PORT 4 ON FPC 0 PIC 1 PORT 5 ON FPC 0 PIC 1 PORT 6 ON FPC 0 PIC 1 PORT 7 ON FPC 0 PIC 1 PORT 8 ON FPC 0 PIC 1 PORT 9 ON FPC 0 PIC 1 PORT 10 OFF FPC 0 PIC 1 PORT 11 OFF FPC 0 PIC 1 PORT 12 OFF FPC 0 PIC 1 PORT 13 OFF FPC 0 PIC 1 PORT 14 OFF FPC 0 PIC 1 PORT 15 ON. PR1399335
When a timing configuration and the corresponding interface configuration are flapped for multiple
times in iteration, PTP is stuck in "INITIALIZE" state where the ARP for the neighbor is not resolved. In issue state, BCM hardware block gets into inconsistency state, where the lookup is failing. PR1410746
The input packet count given under the traffic statistics includes all packets that are coming in. The
statistics are not segregated as IPv4, IPv6, MPLS, and so on. This is the same behavior across all the ACX Series platforms. PR1419143
20
Hardware-based fragmentation or reassembly is not supported. Software-based fragmentation rates
are going to be extremely slow depending on CPU load. PR1419371
In the output of show SNMP mib walk jnxBoxAnatomy, the chassis CLEI code and contents model is
reading data from the I2C bus and EEPROM. Because the fan is not present on the I2C bus and does not have EEPROM, fan data can’t be displayed for chassis CLEI code and contents model. PR1420639
There is no support on separate counters for egress-dropped packets. Counters are reflected as part of
RED-dropped packets. PR1427148
Problem description: When end device (fan tray CPLD) I2C line is grounded or pulled low, other device
write/reads are failing. From our testing, we have concluded the following: We have verified isolation functionality when the device is in the problem state, it's working fine (verified through software simulation). But in this case where we grounded one of the fan tray CPLD i2c lines to verify the failed test case, then entire circuit will get stalled and it leads to write fail for other devices also such as the PEM, and temperature. This is a hardware limitation. PR1427222
These error messages can be seen sometimes if the optics module is being unplugged in between the
EEPROM read. This is expected and does not impact any functionality. PR1429016
Packet rates are not seen for aggregated Ethernet logical interface. PR1429590
Multicast packets are flooded in a BD if snooping is not enabled. If interfaces x and y belong to a BD,
then all multicast packets will be flooded to both x and y interface. If packets are received from interface x, packets will be flooded to x and y in ingress but discarded in the egress path for interface x because packet is received from the same interface. But these packets are also counted in the VOQ and hence
we are seeing more queue statistics. It is a known hardware limitation. monitor interface xe-0/0/30Input
packets: 177958 (64 pps) [0]Output packets: 357306 (128 pps) [0] monitor interface xe-0/0/12Input packets: 361161 (128 pps) [642]Output packets: 179878 (63 pps) [320] root@rioxd-p2a-a> show interfaces queue xe-0/0/30 Queue: 0, Forwarding classes: best-effortQueued:Packets : 544032 192 pps . => Sum of 64 + 128pps root@rioxd-p2a-a> show interfaces queue xe-0/0/12 Queue: 0, Forwarding classes: best-effortQueued:Packets : 550929 192 pps . => Sum of 64 + 128pps. PR1429628
Any packet greater than the MTU size are accounted for oversized packets. Packets exceeding MTU
sizes are not considered for Jabber check. PR1429923
The statistics are accessed through Broadcom API, which is the same for both tagged and untagged
packets. This cannot be changed in accordance with MX Series, because it is direct access from Broadcom without any statistics changes specific to tagging from ACX5448 side. It will impact other statistics if changes are made. PR1430108
The port LEDs glowing during system/vmhost halt state is the expected behavior across all ACX Series
platforms. Even the system LED glows during halt state. PR1430129
These are initial transient messages seen and do not have any functional impact. PR1430355
21
1-Gigabit Ethernet interfaces are shown as “xe”. Therefore, the cosmetic issue is observed with respect
to autonegotiation parameters although there is no impact on functionality. PR1430835
If Layer 2 VPN sessions have OAM control-channel option set to router-alert-label, the no-control-word
option in L2VPN shouldn't be used for BFD sessions to come up. PR1432854
BCM SDK currently does support statistics, and we see routes are getting reinstalled on a periodic basis.
SDK does not support statistics unless we move to Flex mode in KBP. This is a product limitation today.
PR1435579
New rate of 1.8 MB/s and which takes 16-17 min to copy the ACX5448 image (1.9G image size) -
ACX5448 rates are less than Misha because the rate limiter is in bps and does not support pps-based (hardware limitation from DNX)*Avg size is 512. Hence rate is approximately one third of Misha rate. In file copy cases, normal pkt size seen are 1500 pkt sizes. PR1439960
The hold timer expiry is common across all platforms. It is not specific to ACX5448-D. PR1439980
Remote loopback is not supported on ACX5448-D. PR1443517
The PEM entries for jnxFruName SNMP index are shown twice. PR1446215
ACX Series routers support only 900 joins of IGMPv3 users per second. PR1448146
The 2000 EVPN IRB scale is not hitting due to hardware limitation of filter entries that can be installed
for EVPN instances. We can support only 1000 scale for Junos OS release 19.2. This is Broadcom limitation and cannot be changed. PR1461309
Counters for filtering based on DA MAC and SA MAC are not supported, because QMX doesn't have
any separate counter to count matched or dropped packets with interface MAC address. PR1463981
SEE ALSO
What's New | 11
What's Changed | 16
Open Issues | 22
Resolved Issues | 25
Documentation Updates | 31
Migration, Upgrade, and Downgrade Instructions | 32

Open Issues

IN THIS SECTION
22
General Routing | 22
MPLS | 25
Learn about open issues in this release for ACX Series routers.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

General Routing

Forwarding when using nonexisting SSM map source address in IGMPv3 instead of pruning. This is a
day-1 design issue and needs a design solution. PR1126699
When Layer 3 packets are classified, DiffServ code points are not preserved but are getting lost at the
egress interface because of a chipset limitation. PR1322142
ACX5448: When a 1-Gigabit SFP transceiver is plugged into the router, autonegotiation is enabled by
default. There is no functional impact. Only the output of the show interfaces <intf-name> extensive CLI command shows the autonegotiation field as disabled. PR1343679
If the set interfaces ae<>xaggregated-ether-options link-speed <x> configuration is used in the router,
after reboot AE interface remains down. Error seen in logs: /kernel: kernel did not add link ae1, link speeds differ 1000000000 10000000000 /kernel: bundle ae1.0: link xe-0/3/0 not added due to speed mismatch. PR1357012
Loopback status is not shown for OT interfaces on CLI (available from vty only). PR1358017
The SD (Signal Degrade) threshold is normally lower than the SF threshold (that is, so that as errors
increase, SD condition is encountered first). For the ACX6360 optical links there is no guard code to prevent the user from setting the SD threshold, above the SF threshold which would cause increasing errors to trigger the SF alarm before the SD alarm. This will not cause any issues on systems with correctly provisioned SD/SF thresholds. PR1376869
ACX6360-OR: Enhancement is needed for FRR BER threshold SNMP support. PR1383303
On ACX6360/PTX10001 router, Tx power cannot be configured using + sign. PR1383980
More that expected traffic loss is observed during link failure (FRR convergence) and link restoration
test on L3VPN traffic over LDP-OSPF MPLS LSP.
Steps to re-create:
1. Layer 3 VPN traffic was flowing end to end on the active path in steady state.
2. Link down state is induced on primary path and traffic is shifted to backup path. Observation: More than expected traffic loss is observed (around 1.5 seconds).
3. Link is restored and the traffic is moved to the active path. Observation: More than expected traffic loss is observed (around 21 seconds).
23
The traffic loss percentage is not consistent and varies across each run, and this is the worst-case traffic loss percentage observed. PR1387834
The switchover time observed was more than 50 minutes under certain soak test conditions with an
increased scale with a multiprotocol multirouter topology. PR1387858
IGMP packets over L2 Circuit with Control-Word are dropped in ACX5048. PR1394301
The ccc logs are not compressed after rotation. PR1398511
A jnxIfOtnOperState trap notification is sent for all ot interfaces. PR1406758
Layer 2 rewrite is happening on regular bridge domain and VLAN interfaces, although there are some
service dependencies (VPLS in this case) due to which, the egress interface map table is not updated properly with the Layer 2 rewrite map ID. As a result, the rewrite does not work. PR1414414
Clock class value is incorrect in default data (show ptp clock) when the slave interface is down in the
PTP-OC device. PR1416421
On ACX5448 devices, the zero-touch provisioning (ZTP) process will proceed with image upgrade even
in situations when there is a mismatch between the platform name of the software image stored on FTP or ZTP servers and the actual platform where the ZTP process is being run. PR1418313
The issue is not fixed in Junos OS Release 19.1 where inner VLAN tag classification will not work. It is
not fixed in 18.3R2 release. Also not fixed in 19.2R1 Release. There was a behavior change introduced as part of PR1307666, where the inner VLAN tag is popped out on the ingress side when an IP packet with double-tagged VLAN is received, and this change is needed for IP packets to work on proper transmit on the egress interface. PR1422515
Under scale conditions, if multiple bridge-domains are deleted together, then sometimes Broadcom SDK
returns error Entry not found. This indicates that the resource is already freed up. PR1423308
On an ACX5448, the request system reboot command triggers a reboot on the host (Linux) instead of
just being limited to Junos OS. PR1426486
Traffic loss is seen if the configuration has /128 prefix routes and its limited to /128 only. This is due to
a known issue tracked in PR1445231. PR1429833
Any packets greater than the MTU size are accounted for as oversized packets. Packets exceeding MTU
sizes are not considered for Jabber check. PR1429923
The port LEDs glowing during system/vmhost halt state is the expected behavior across all ACX Series
platforms. Even the system LED glows during halt state. PR1430129
Packets dropped due to MTU checks in the output interface are not accounted for MTU errors. All
packets above MTU size are accounted for Oversized-packets in the input interface. PR1430446
Protocols get forwarded when using a nonexisting SSM map source address in IGMPv3 instead of pruning.
This is a day 1 design issue, and needs a design solution. PR1435648
24
On ACX5448 box, after issuing deactivate/activate "class-of-service", traffic drop might be seen.
PR1436494
In certain test conditions, it was observed that L2VPN at a scale of 16,000 had issues when all VPNs
were brought down and up. PR1439471
Recovery of Junos volume is not possible from the OAM menu. PR1446512
Drop profile maximum threshold might not be reached when the packet size is other than 1000 bytes.
This is due to the current design limitation. PR1448418
When an xe interface working in 1-Gigabit mode in ACX5448-D is added to a member link of an
aggregated Ethernet interface, the speed of the aggregated Ethernet interface is incorrectly shown as 10 Gbps. There is no functional impact. This is a display issue. PR1449887
It is not possible to form 125,000 IGMP groups with the ACX5448 router receiving 125,000 IGMP v2
reports per second. This is a product limitation from BCM and CPU host path queuing model. PR1454465
The issue is seen during unified ISSU to Junos OS Releases 20.1, 20.2, and 19.4. The upgrade is successful
but the forwarding plane (PFE) does not function. As a result, forwarding is affected. PR1483959
On ACX Series platforms with shaping configured, after deactivating and activating CoS the shaping
might not work and traffic drop would appear. PR1488935
In PTP environment some vendor devices acting as slave expecting announce messages at an interval
of -3 (8pps) from upstream master device. As of today announce message are configurable in range of 0 to 3. To support the above requirement engineering provided a hidden cli knob "set protocol ptp master announce-interval -3". In the networks/design where we have this requirement. we can configure the hidden cli otherwise regular cli which is in the range (0 to 3) can be configurable. Both the cli knobs are mutually exclusive, commit error is expected if both are configured. This new change is applicable to ACX platforms only excluding ACX5000. PR1507782

MPLS

The default behavior of local reversion has changed from Junos OS Release 16.1 and that impacts the
LSPs for which the ingress does not perform make-before-break. Junos OS does not perform make-before-break for no-cspf LSPs. PR1401800
SEE ALSO
What's New | 11
What's Changed | 16
Known Limitations | 19
Resolved Issues | 25
Documentation Updates | 31
Migration, Upgrade, and Downgrade Instructions | 32
25

Resolved Issues

IN THIS SECTION
Resolved Issues: 19.2R3 | 26
Resolved Issues: 19.2R2 | 26
Resolved Issues: 19.2R1-S1 | 29
Resolved Issues: 19.2R1 | 30
Learn which issues were resolved in the Junos OS main and maintenance releases for ACX Series routers.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Resolved Issues: 19.2R3

General Routing
Policer discarded count is also shown incorrectly to the enq count of the interface-queue but traffic
behavior is fine as expected. PR1414887
ACX5448-D interfaces support: The input bytes value in the show interfaces extensive command output
is not at par with older ACX Series or MX Series devices. PR1430108
CoS: Egress queue statistics are not applicable to ae interfaces on ACX5048. PR1472467
ERP might not come up properly when MSTP and ERP are enabled on the same interface. PR1473610
Link does not come up when 100-Gigabit Ethernet is channelized to 4x25-Gigabit Ethernet interfaces.
PR1479733
During speed mismatch, QSFP28/QSFp+ the optics/cables might or might not work. PR1494600
Outbound SSH connection flap or memory leak issue might be observed during pushing configuration
to ephemeral DB with high rate. PR1497575
26
SFW sessions are not getting updated on ms interfaces in ACX500-i. PR1505089
PIC slot may be shut down less than 240 seconds because the over-temperature start time is handled
incorrectly. PR1506938
L2ALD crash is seen during stability test with traffic on scaled setup. PR1517074
MPLS
BGP session might keep flapping between two directly connected BGP peers because of the incorrect
TCP MSS (maximum segment size) in use. PR1493431
Routing Protocols
The BGP route-target family might prevent RR from reflecting Layer 2 VPN and Layer 3 VPN routes.
PR1492743
VPNs
The Layer 2 circuit neighbor might be stuck in RD state at one end of MG-LAG peer. PR1498040

Resolved Issues: 19.2R2

Class of Service (CoS)
The dfwd crash can be seen with the forwarding-class configuration in policers. PR1436894
General Routing
ACX5000 MacDrainTimeOut and bcm_port_update failed: Internal error. PR1284590
bcmDPC task is high even though Interupt START_BY_START flag set to 0. PR1329656
On an ACX Series router, the LED on a Gigabit Ethernet interface goes down when the 10-Mbps speed
is added. PR1385855
Link fault signaling (LFS) is not working on ACX5448 10/40/100GbE interfaces. PR1401718
Kernel memory leak in virtual-memory due to interface flaps (CVE-2020-1625). PR1407000
High CPU consumption for fxpc processes with class-of-service changes on AE interfaces. PR1407098
The optic comes with Tx enabled by default. As the port is administratively disabled, the port is stopped
but as the port has not been started, it does not disable Tx. PR1411015
ACX5448: 40G FEC on ACX5448 is default FEC is enabled need to align with our platforms MX/QFX
where FEC is NONE. PR1414649
ACX5448: BFD Timer values are not as per the configured 900ms with multiplier 3. The values are
showing 6.000 with multiplier 3 instead for most of the sessions. PR1418680
[ARP] ACX5448-D: 96000 ARPs are getting populated but only 47,000 next-hop entries are present.
Therefore, around 50% packet drop is observed. PR1426734
Drift messages in ACX2200, which is a PTP hybrid (PTP + Synchronous Ethernet) device. PR1426910
27
The chassisd process might crash with unsupported HCoS configuration when MX104 is used as the
fusion aggregation device. PR1430076
On ACX5448, upon reboot of an MC_LAG peer, when the peer comes up (but before hardware comes
up), there is a 10-20 second traffic hit on node1. PR1430910
ACX5448-D interface support: After chassis control restart, load balancing on the child interfaces of an
ae interface stops. PR1431206
The l2cpd process might crash and generate a core file when interfaces are flapping. PR1431355
ACX5448 might malfunction in encapsulating small packets if egress link is 40G or 100G. PR1434900
In ACX Series platforms, no-vrf-propagate-ttl might not work after the CoS configuration is deactivated
and then activated. PR1435791
LACP state might get stuck in 'Attached' state after disabling peer active members. PR1439268
Packet drop might be seen on an ACX Series platform when chained composite next hop is enabled for
L3VPN. PR1439317
Interface on ACX1100 remains down when using SFP-1FE-FX (740-021487). PR1439384
On ACX5448, DHCP packets are not transparent over Layer 2 circuit. PR1439518
When the interface is flapped between channelized configurations (25GbE to 100GbE), the AE interface
configuration is not cleaned up properly. PR1441374
ACX5448: Packet buffer error from Packet Forwarding Engine leading to memory leak when IGMP is
sent from NNI AC in Layer 2 circuit and VPLS. PR1442901
RED drops might be seen after link flaps or CoS configuration changes. PR1443466
ACX5448: The encapsulation flexible-vlan-tagging is not supported with the MPLS family; need to
provide commit error. PR1445046
ACX5448/18.3R1-S4.1 not performing proper dot1p CoS rewrite on interfaces configured with
l2circuit/local-switching/family ccc. PR1445979
In ACX Series routers, auto-exported routes between VRFs might not reply for ICMP echo requests.
PR1446043
Fans on an ACX5448-M might not be running at the correct speed. PR1448884
Layer 2 circuit with a backup-neighbor (hot-standby) configured might stop forwarding traffic after
failovers. PR1449681
Oper-state for et interface does not transition from 'init' to 'Normal'. PR1449937
FPC core files might be seen after changing the configuration of PTP or Synchronous Ethernet. PR1451950
Platforms: ACX5448-D interfaces support: After the 100-Gbps and 40-Gbps interfaces are disabled,
the Laser output power in show interfaces diagnostics optics shows some values. PR1452323
ACX5448 FPC crashed due to segmentation fault. PR1453766
28
Incorrect operating state displayed in SNMP trap for fan removal. PR1455577
ACX5048 SNMP polling will be stalled after a link flap or an SFP transceiver replacement, and
ACX_COS_HALP(acx_cos_gport_sched_set_strict_priority:987): Failed to detach logs will be seen.
PR1455722
ACX6360-OX: Enable the gigether option to configure Ethernet FEC on client ports. PR1456293
ACX5448-D and ACX5448-M devices do not display airflow information and temperature sensors as
expected. PR1456593
ACX5448 L2VPN with encapsulation-type ethernet stops passing traffic after a random port is added
with VLAN configuration. PR1456624
The rpd crash might be seen if a BGP route is resolved over the same prefix protocol next hop in an
inet.3 table that has both RSVP and LDP routes. PR1458595
Route resolution is not happening when the packet size is 10,000. PR1458744
Traffic might be silently dropped during link recovery in an open Ethernet access ring with ERPS
configured. PR1459446
ACX5000: SNMP MIB walk for jnxOperatingTemp not returning anything for FPC in new versions.
PR1460391
ACX5448-D interfaces and optics support: Sometimes, when the AE interfaces are brought up, there
are ARP resolution issues. PR1461485
On ACX Series platforms, the LLDP neighbor not up on a LAG after software upgrade to Junos OS
Release 18.2R3-S1. PR1461831
Memory leak on l2cpd process might lead to l2cpd crash. PR1469635
RED drop on interface even without any congestion. PR1470619
Egress queue statistics are not applicable to ae interface on model ACX5048. PR1472467
ERP might not come up properly when MSTP and ERP are enabled on the same interface. PR1473610
dcpfe core files are seen when disabling/enabling MACsec using Toby scripts. PR1479710
ACX5448 Layer 2 VPN with interface ethernet-ccc input-vlan-map/output-vlan-map can cause traffic
to be dropped silently. PR1485444
Interfaces and Chassis
Upgrade from releases before Junos OS Release 17.4R1 results in cfmd core files. PR1425804
MC-AE interface might show as unknown status if you are adding the subinterface as part of the VLAN
on the peer MC-AE node. PR1479012
Layer 2 Ethernet Services
DHCP request might get dropped in a DHCP relay scenario. PR1435039
29
Platform and Infrastructure
The REST API process becomes nonresponsive when a number of requests come at a high rate.
PR1449987
Routing Protocols
Export of loopback address to other VRF instances might not work on ACX Series, EX Series and QFX
Series platforms. PR1449410
MPLS LDP might still use stale MAC addresses of the neighbor even if the LDP neighbor's MAC address
changes. PR1451217
The rpd might crash continuously due to memory corruption in IS-IS setup. PR1455432
The routing protocol process (rpd) crashes while processing a specific BGP update information.
PR1448425
Receipt of certain genuine BGP packets from any BGP speaker causes rpd to crash. PR1497721
VPN
The l2circuit neighbor might be stuck in RD state at one end of MG-LAG peer. PR1498040

Resolved Issues: 19.2R1-S1

General Routing
Link Fault Signaling (LFS) do not work on ACX5448, ACX5410, ACX5440, and 100-Gigabit Ethernet
interfaces. PR1401718
In an ACX5448 platforms, when the Packet Forwarding Engine failed to allocate packet buffer, portion
of packet memories might not be free. PR1442901

Resolved Issues: 19.2R1

Class of Service (CoS)
The error message STUCK_BUFF : port_sp not empty for port 35 sp 1 pkts:1 is seen when a lag bundle
is configured with 64 lag links.. PR1346452
General Routing
The 1G copper module interface shows "Link-mode: Half-duplex". PR1286709
On an ACX ring topology, after link between ACX and MX flaps, VPLS RI on PE (MX) has no MAC of CE
over l2circuit. PR1360967
ACX5000: fpc0 (acx_rt_ip_uc_lpm_install:LPM route add failed error) Reason : Invalid parameter after
configuring lpm-profile. PR1365034
30
ACX5448: LIBCOS_COS_TVP_FC_INFO_NOT_FOUND: Forwarding-class information not specified"
prints while committing on configuration prompt. PR1376665
On ACX5448, channelized ET interface of 25-Gigabit interface will not come up after chassis-control
restart. PR1379288
ACX 5448:100 Gigabit link FEC enabled by default on 100G LR4. PR1389518
On ACX Series platforms, the forwarding-option dhcp-relay forward-only command stops working and
the DHCP packets are dropped. PR1392261
On ACX5048, RPM RFC 2544 benchmarking test failed to start. PR1395730
CFM adjacency is not going down with distinct intervals. PR1397883
Dynamic tunnels are not supported on ACX Series routers. PR1398729
VLAN tagged traffic arriving on VPLS interface might get dropped. PR1402626
ot/et interface is not created when invalid speed is configured. PR1403546
ACX 5448: TrTCM Policer configuration parameters are as per RFC4115. PR1405798
The show services inline stateful-firewall flow or show services inline stateful-firewall flow extensive
command might cause a memory leak. PR1408982
ACX Series routers drop DNS responses that contain an underscore. PR1410062
VPLS traffic might stop across ACX5000 with the aggregated Ethernet interface. PR1412042
Junos PCC might reject PCUpdate/PCCreate message if there is metric type other than type 2. PR1412659
Number of inet-arp policers implemented on ACX5000 has been increased from 16 to 64. PR1413807
Swap memory is not initialized on boot on ACX5048. PR1415898
Commit error while configuring firewall with term having log/syslog and accept actions. PR1417377
CoS table error can sometimes cause traffic outages and SNMP timeouts if the optic is plugged out and
inserted back. PR1418696
Slow copy image speed to ACX5448. PR1422544
SEE ALSO
What's New | 11
What's Changed | 16
Known Limitations | 19
Open Issues | 22
Documentation Updates | 31
Migration, Upgrade, and Downgrade Instructions | 32
31

Documentation Updates

IN THIS SECTION
Installation and Upgrade Guide | 31
This section lists the errata and changes in Junos OS Release 19.2R3 for the ACX Series documentation.

Installation and Upgrade Guide

Veriexec explained (ACX Series)—Verified Exec (also known as veriexec) is a file-signing and verification
scheme that protects the Junos operating system (OS) against unauthorized software and activity that might compromise the integrity of your device. Originally developed for the NetBSD OS, veriexec was adapted for Junos OS and enabled by default from Junos OS Release 7.5 onwards.
[See Veriexec Overview.]
SEE ALSO
What's New | 11
What's Changed | 16
Known Limitations | 19
Open Issues | 22
Resolved Issues | 25
Migration, Upgrade, and Downgrade Instructions | 32

Migration, Upgrade, and Downgrade Instructions

IN THIS SECTION
Upgrade and Downgrade Support Policy for Junos OS Releases | 32
32
This section contains the upgrade and downgrade support policy for Junos OS for the ACX Series Router. Upgrading or downgrading Junos OS might take several minutes, depending on the size and configuration of the network.
For information about software installation and upgrade, see the Installation and Upgrade Guide.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html.
For information about software installation and upgrade, see the Installation and Upgrade Guide.
SEE ALSO
What's New | 11
What's Changed | 16
Known Limitations | 19
Open Issues | 22
Resolved Issues | 25
Documentation Updates | 31
33

Junos OS Release Notes for EX Series Switches

IN THIS SECTION
What’s New | 34
What’s Changed | 41
Known Limitations | 44
Open Issues | 45
Resolved Issues | 49
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63
34
These release notes accompany Junos OS Release 19.2R3 for the EX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

What’s New

IN THIS SECTION
What’s New in Release 19.2R3 | 35
What’s New in Release 19.2R2 | 35
What’s New in Release 19.2R1-S1 | 36
What’s New in Release 19.2R1 | 36
Learn about new features introduced in the Junos OS main and maintenance releases for EX Series switches.
NOTE: The following EX Series switches are supported in Release 19.2R2: EX2300, EX2300-C,
EX3400, EX4300, EX4600-40F, EX4650, EX9200, EX9204, EX9208, EX9214, EX9251, and EX9253.

What’s New in Release 19.2R3

There are no new features or enhancements to existing features for EX Series switches in Junos OS Release
19.2R3.

What’s New in Release 19.2R2

There are no new features or enhancements to existing features for EX Series switches in Junos OS Release
19.2R2.
35

What’s New in Release 19.2R1-S1

Routing Protocols
Decouple RSVP for IGP-TE (MX Series, PTX Series, ACX Series, QFX Series, SRX Series, and EX
Series)—Starting in Junos OS Release 19.2R1-S1, device can advertise selective traffic-engineering attributes such as admin-color and maximum-bandwidth, without enabling RSVP, for segment routing and interior gateway protocol (IGP) deployments.

What’s New in Release 19.2R1

Authentication, Authorization, and Accounting (AAA)
802.1X authentication (EX4650 switches)—Starting with Junos OS Release 19.2R1, EX4650 switches
support port-based network access control using 802.1X authentication as defined in the IEEE 802.1X standard.
[See 802.1X for Switches Overview.]
36
Dynamic Host Configuration Protocol
Support for DHCP snooping and other access port security features on private VLANs (EX4300-MP
switches and Virtual Chassis)—Starting in Junos OS Release 19.2R1, you can enable DHCP snooping for security purposes on access ports that are in a private VLAN (PVLAN). You can also protect those ports with DHCP options, dynamic ARP inspection (DAI), IP source guard, and neighbor discovery inspection.
[See Putting Access Port Security on Private VLANs.]
EVPN
Support for BFD, BGP, IS-IS, and OSPF on IRB interfaces in EVPN-MPLS networks (EX series)—Starting
with Junos OS Release 19.2R1, you can configure Bidirectional Forwarding Detection (BFD), BGP, IS-IS, and OSPF routing protocols on the IRB interface in an EVPN-MPLS network to route and forward EVPN traffic. This feature supports single-homed, single-active, and all-active multihomed networks.
[See EVPN with IRB Solution Overview.]
EVPN support of VLAN ID ranges and lists in service provider style interface configurations (EX9200
switches)—Starting in Junos OS Release 19.2R1, EX9200 switches, ACX5448 and MX Series routers, and vMX virtual routers support the use of VLAN ID ranges and lists in a service provider style interface configuration, which must be referenced in an EVPN routing instance. This configuration is supported with the following EVPN environments, services, and features:
Environments:
EVPN with VXLAN encapsulation
EVPN with MPLS encapsulation
VLAN bundle service:
E-LAN
E-Tree
E-Line
Features:
EVPN multihoming:
All-active
Single-active
Singlehoming
[See VLAN ID Ranges and Lists in an EVPN Environment.]
Support for control word in EVPN-VPWS (EX9200 switches)—Starting with Junos OS Release 19.2R1,
Junos OS supports the insertion of a control word between the label stack and the MPLS payload in a network with EVPN-VPWS service. This feature prevents a transit device from delivering out-of-order packets as a result of the device’s load-balancing hashing algorithm. When you enable the control word feature on a PE device, the PE device advertises support for a control word. If all the PE devices in an EVI on the EVPN-VPWS serviced network support control word, then the PE device inserts a control word between the label stack and the L2 header in the packet thus preventing the packet from being misidentified by transit devices.
37
[See Control Word for EVPN-VPWS.]
JWeb
Support for EX4650 switches—Starting in Junos OS Release 19.2R1, you can use J-Web to configure,
monitor, and manage EX4650 switches.
To configure the EX4650 switch using the J-Web interface, you must connect the cable to the port labeled CON on the rear panel of the switch.
NOTE: In J-Web, the chassis viewer displays only the standalone EX4650 switches view. It
does not display the Virtual Chassis configuration because the EX4650 switch does not support the Virtual Chassis configuration.
[See Dashboard for EX Series Switches and Connecting and Configuring an EX Series Switch (J-Web
Procedure).]
Layer 2 Features
L2PT support (EX4300 multigigabit switches)—Starting with Junos OS Release 19.2R1, you can configure
Layer 2 protocol tunneling (L2PT) for the following protocols on EX4300 multigigabit switches (EX4300-48MP models): CDP, E-LMI, GVRP, IEEE 802.1X, IEEE 802.3AH, LACP, LLDP, MMRP, MVRP, STP (including RSTP and MSTP), UDLD, VSTP, and VTP.
38
[See Layer 2 Protocol Tunneling.]
Multicast
Support for multicast traffic counters (EX4300, EX4300-MP, EX4300 Virtual Chassis)—Starting with
Junos OS Release 19.2R1, you can use firewall filters to count packets and check the bandwidth of multicast traffic received by a host from a particular source and group in a routing instance. To enable this feature, include the multicast-statistics statement at the [edit system packet-forwarding-options] hierarchy level. To check the packet count and bandwidth for each multicast route, use the show multicast route extensive command.
[See multicast-statistics (system-packet forwarding).]
IGMP snooping with private VLANs (EX4300 multigigabit switches)—Starting in Junos OS Release
19.2R1, EX4300 multigigabit switches (EX4300-48MP models) support IGMP snooping with private VLANs (PVLANs). A PVLAN consists of secondary isolated and community VLANs configured within a primary VLAN. Without IGMP snooping support on the secondary VLANs, switches receive multicast streams on a primary VLAN and flood them to the secondary VLANs. This feature extends IGMP snooping on a primary VLAN to its secondary VLANs to further constrain multicast streams only to interested receivers on PVLANs. When you enable IGMP snooping on a primary VLAN, you implicitly enable it on all secondary VLANs, and the secondary VLANs learn the multicast group information on the primary VLAN.
NOTE: Ports in a secondary VLAN cannot be used as IGMP multicast router interfaces.
Secondary VLANs can receive multicast data streams ingressing on promiscuous trunk ports or inter-switch links acting as multicast router interfaces.
[See IGMP Snooping Overview.]
Network Management and Monitoring
Support for displaying valid user input in the CLI for command options and configuration statements
in custom YANG data models (EX Series)—Starting in Junos OS Release 19.2R1, the CLI displays the set of possible values for a given command option or configuration statement in a custom YANG data model when you include the action-expand extension statement in the option or statement definition and reference a script that handles the logic. The action-expand statement must include the script child statement, which defines the Python action script that is invoked when a user requests context-sensitive help in the CLI for the value of that option or statement.
[See Displaying Valid Command Option and Configuration Statement Values in the CLI for Custom YANG
Modules.]
39
Port Security
Stateless address autoconfiguration (SLAAC) snooping (EX2300, EX3400, EX4300, and Virtual
Chassis)—Starting in Junos OS Release 19.2R1, Junos OS supports SLAAC snooping on EX2300, EX2300 VC, EX3400, EX3400 VC, EX4300, and EX4300 VC. IPv6 clients using SLAAC for dynamic address assignment are validated against the SLAAC snooping binding table before being allowed access to the network.
[See IPv6 Stateless Address Autoconfiguration (SLAAC) Snooping.]
Fallback PSK for Media Access Control Security (MACsec) (EX Series)—Starting in Junos OS Release
19.2R1, fallback PSK for MACsec is supported on EX Series routers that support MACsec. The fallback PSK provides functionality to establish a secure session in the event that the primary PSKs on each end of a MACsec-secured link do not match.
[See Configuring MACsec on EX, SRX and Fusion Devices.]
Support for 802.1X authentication on private VLANs (PVLANs) (EX4300-48MP switches and Virtual
Chassis)—Starting in Junos OS Release 19.2R1, you can enable 802.1X (dot1x) authentication for security purposes on access ports that are in a PVLAN.
PVLANs provide Layer 2 isolation between ports within a VLAN, splitting a broadcast domain into multiple discrete broadcast subdomains by creating secondary VLANs. PVLANs are useful for restricting the flow of broadcast and unknown unicast traffic and for limiting the communication between known hosts.
Authentication prevents unauthenticated devices and users from gaining access to your LAN. For 802.1X and MAC RADIUS authentication, end devices must be authenticated before they receive an IP address from a DHCP server.
On a switch that is configured with both 802.1X authentication and PVLANs, when a new device is attached to the PVLAN network, the device is authenticated and then is assigned to a secondary VLAN based on the PVLAN configuration or RADIUS profile. The device then obtains an IP address and receives access to the PVLAN network.
[See Using 802.1X Authentication and Private VLANs Together on the Same Interface.]
Media Access Control security with 256-bit cipher suite (EX4300)—Starting in Junos OS Release 19.2R1,
the GCM-AES-256 cipher suite for MACsec in static CAK mode is supported on the 2-port QSFP+/1-port QSFP28 uplink module for EX4300-48MP switches. The GCM-AES-256 cipher suite has a maximum key length of 256 bits and is also available with extended packet numbering (GCM-AES-XPN-256).
[See Understanding Media Access Control Security (MACsec).]
Support for MACsec PSK keychain (EX9253)—Starting in Junos OS Release 19.2R1, EX9253 switches
support MACsec PSK chains hitless rollover and Key Agreement Protocol Fail Open mode.
[See Configuring MACsec on EX, SRX and Fusion Devices.]
System Management
40
Support for transferring accounting statistics files and router configuration archives using HTTP URL
(EX Series)—Starting in Junos OS Release 19.2R1, you can transfer accounting statistics files and router configuration archives to remote servers by using an HTTP URL. In addition to SCP and FTP, the following HTTP URL will be supported under the archive-sites statement:
http://username@host:url-path password password
To transfer accounting statistics files, configure archive-sites under [edit accounting-options file
<filename>] hierarchy.
To transfer router configuration archival, configure archive-sites under edit system archival
configuration hierarchy.
To view the statistics of transfer attempted, succeeded, and failed, use the show accounting server
statistics archival-transfer command.
To clear the statistics of transfer attempted, succeeded, and failed, use the clear accounting server
statistics archival-transfer command.
[See archive-sites, Backing Up Configurations to an Archive Site, show accounting server statistics
archival-transfer, and clear accounting server statistics archival-transfer].
SEE ALSO
What’s Chnaged | 41
Known Behavior | 44
Open Issues | 45
Resolved Issues | 49
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63

What’s Changed

IN THIS SECTION
What’s Changed in Release 19.2R3 | 41
What’s Changed in Release 19.2R2 | 41
What’s Changed in Release 19.2R1 | 43
41
Learn about what changed in Junos OS main and maintenance releases for EX Series.

What’s Changed in Release 19.2R3

Juniper Extension Toolkit (JET)
Set the trace log to only show error messages (ACX Series, EX Series, MX Series, PTX Series, QFX
Series, SRX Series)— You can set the verbosity of the trace log to only show error messages using the error option at the edit system services extension-service traceoptions level hierarchy.
See traceoptions (Services).

What’s Changed in Release 19.2R2

Interfaces and Chassis
Support for creating Layer 2 logical interfaces independently (ACX Series, EX Series, MX Series, PTX
Series, and QFX Series)—In Junos OS Releases 18.4R1, 18.4R2, 19.1R1, 19.1R2, 19.2R2, and later, EX Series switches support creating Layer 2 logical interfaces independent of the Layer 2 routing-instance type. That is, you can configure and commit the Layer 2 logical interfaces separately and add the interfaces to the bridge domain or Ethernet VPN (EVPN) routing instance separately. Note that the Layer 2 logical interfaces work fine only when they are added to the bridge domain or EVPN routing instance.
In earlier Junos OS releases, when you use a Layer 2 logical interface configuration (units with encapsulation vlan-bridge configuration), then you must add the logical interface as part of a bridge domain or EVPN routing instance for the commit to succeed.
Logical Interface is created along with physical Interface by default (EX Series, MX Series, and QFX
Series)—In Junos OS Release 19.2R2 and later, logical interface is created on ge, et, xe interfaces along with the physical interface, by default. In earlier Junos OS Releases, by default, only physical interfaces are created.
For example, for ge interfaces, earlier when you view the show interfaces command, by default, only the physical interface (ge-0/0/0), is displayed. Now, the logical interface (ge-0/0/0.16386) is also displayed.
42
Layer 2 Feature
input-native-vlan-push (EX2300, EX3400, EX4600, EX4650, and the QFX5000 line of switches)—In
Junos OS Release 19.2R2, we have introduced the configuration statement input-native-vlan-push at the [edit interfaces interface-name] hierarchy level. You can use this statement in a Q-in-Q tunneling configuration to enable or disable whether the switch inserts a native VLAN identifier in untagged frames received on the C-VLAN interface, when the configuration statement input-vlan-map with a push operation is configured.
[See input-native-vlan-push.]
Multicast
Multicast Layer 2 transit traffic statistics by multicast source and group (EX4600, EX4650, and the
QFX5000 line of switches)—Starting in Junos OS Release 19.2R2, EX4600, EX4650, and the QFX5000 line of switches provide statistics on the packet count for each multicast group and source when passing multicast transit traffic at Layer 2 with IGMP snooping. Run the show multicast snooping route extensive CLI command to see this count in the Statistics: … n packets output field. The other statistics in that output field, kBps and pps, are not available (values displayed there are not valid statistics for multicast traffic at Layer 2). In earlier Junos OS releases, all three values in the Statistics output field for kBps, pps, and packets do not provide valid statistics for multicast traffic at Layer 2.
43
[See show multicast snooping route.]
Routing Protocols
XML RPC equivalent included for the show bgp output-scheduler | display xml rpc CLI command (ACX
Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release
19.2R2, we have included an XML RPC equivalent for the show bgp output-scheduler | display xml rpc CLI command. In Junos OS releases before Release 19.2R2, the show bgp output-scheduler | display xml rpc CLI command does not have an XML RPC equivalent.
[See show bgp output-scheduler.]

What’s Changed in Release 19.2R1

Interfaces and Chassis
Deprecation of the [edit fabric protocols bgp] hierarchy level (EX Series)—Starting in Junos OS Release
19.2R1, the [edit fabric protocols bgp] hierarchy level is deprecated.
Network Management and Monitoring
The show system schema command and <get-yang-schema> RPC require specifying an output directory
(EX Series)—Starting in Junos OS Release 19.2R1, when you issue the show system schema operational mode command in the CLI or execute the <get-yang-schema> RPC in a remote session to retrieve schema files, you must specify the directory in which to generate the output files by including the output-directory command option in the CLI or the <output-directory> element in the RPC. In earlier
releases, you can omit the output-directory argument when requesting a single module to display the module in standard output.
Custom YANG RPC support for input parameters of type empty (EX Series)—Starting in Junos OS
Release 19.2R1, custom YANG RPCs support input parameters of type empty when executing the RPC’s command in the Junos OS CLI, and the value passed to the action script is the parameter name. In earlier releases, input parameters of type empty are only supported when executing the RPC in a NETCONF or Junos XML protocol session, and the value passed to the action script is the string 'none'.
[See Creating Action Scripts for YANG RPCs on Devices Running Junos OS.]
VLAN Infrastructure
Specifying a descending VLAN ID range (EX9200 switches)—In Junos OS releases prior to Junos OS
Release 19.2R1, the system accepts a descending range—for example, 102-100, with the vlan-id-range configuration statement in the [edit interfaces interface-name unit logical-unit-number] hierarchy.
Starting with Junos OS Release 19.2R1, the system considers a descending range specified with vlan-id-range to be invalid and raises an error if you try to commit this configuration.
44
SEE ALSO
What’s New | 34
Known Behavior | 44
Open Issues | 45
Resolved Issues | 49
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63

Known Limitations

IN THIS SECTION
EVPN | 45
Platform and Infrastructure | 45
Learn about known limitations in this release for EX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

EVPN

Commit blocks for VLAN-ID none with EVPN routing-instance and without routing-instance. PR1287557

Platform and Infrastructure

On the EX4300 device, multicast traffic statistics do not get tracked for active s,g route streams even
after all the 512 routes get timed out and programmed filter entries are cleared. PR1419926
With 288000 MAC scale, the Routing Engine command output shows the learned scale entries after a
delay of around 60 seconds. PR1367538
Unable to ping peer IP over MACsec with AES-256 cipher suite. PR1416499
Memory spike or leakage is seen after the image upgrades to Junos OS Release 19.2R1.8 in a mixed
mode Virtual Chassis. PR1464062
45
The following error message might appear: Failed to complete DFE tuning. This error message has no
functional impact and can be ignored. PR1473280
SEE ALSO
What’s New | 34
What’s Chnaged | 41
Open Issues | 45
Resolved Issues | 49
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63

Open Issues

IN THIS SECTION
Authentication and Access Control | 46
Infrastructure | 46
Interfaces and Chassis | 47
Junos Fusion for Enterprise | 47
Layer 2 Features | 47
Network Management and Monitoring | 47
Platform and Infrastructure | 47
Routing Protocols | 48
Learn about the open issues in hardware and software in Junos OS Release 19.2R3 for EX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Authentication and Access Control

46
The lldpd process might crash when the LLDP neighbor expires. PR1408707
After reboot, the SSL certificates are not present. PR1431086

Infrastructure

Some PIM groups are not able to send out native multicast traffic. PR1209585
On the EX3400 and EX2300 devices during ZTP with configuration and image upgrade with FTP as file
transfer, image upgrade is successful but sometimes VM generates core files. PR1377721
Switch encapsulate protocol PDUs even if it is not configured for the Layer 2 PT tunneling. PR1395638
The dot1x authentication might fail to be authenticated. PR1408717
Error messages are seen at (pkt tx) ifd get failed 700 ,(brcm_port_learning_config:1375) Setting L2
learning unit:0, port_num:68, learn_flg 5, Disabling DHCP trapping on xe-0/0/40 dev:0, port:68 & routing_chip_output_packet:8001 (pkt tx) ifd get failed 700. PR1422402
The FPC crashes with pfem generating core file might be seen if large-scale number of firewall filters
are configured. PR1434927
The following error message is observed: IFDE: Null uint32 set vector, ifd and IFFPC: 'IFD Ether uint32
set' (opcode 151) failed continuously in AD with base configurations. PR1485038

Interfaces and Chassis

The GRES and VSTP ports cost on the aggregated Ethernet interfaces might get changed, leading to
topology change. PR1174213
Traffic convergence is greater than 12 seconds for events like node reboot, ICCP and ICL flaps.
PR1371493

Junos Fusion for Enterprise

On the Junos fusion environment system, intermediate traffic drop is seen between AD and SD when
sFlow is enabled on the ingress interface. PR1450373

Layer 2 Features

GARPs are being sent from the switch once in every 10 minutes. PR1192520
47

Network Management and Monitoring

The Packet Forwarding Engine process might crash in scenarios where there are large log messages.
PR1233050

Platform and Infrastructure

On the EX2300 and EX3400 devices, the upgrade might fail because of the shortage of space. PR1464808
When 3000 ARPs are pushed to the EX Series switch with DAI enabled, the ARP inspection fails for
valid hosts. PR1165757
On the EX2300 device, the last reboot reason might display wrong values. PR1331264
On the EX4650 device, the filter action to change VLAN does not work. PR1362609
The EX4300 device might not update the dhcp-security binding upon renewal when the loopback filter
and DHCP-security configuration are used together. PR1376454
In the EX9208 device, a few xe interfaces go down with the following error message:
f_msg_ifd_cmd_tlv_decode ifd xe-0/0/0 #190 down with ASIC Error. PR1377840
MACsec session might fail to reestablish after the interface flaps. PR1378710
DCPFE does not come up in some instances of abrupt power-off or power-on. PR1393554
The following error message is observed after multiple triggers: JTASK_IO_CONNECT_FAILED.
PR1408995
Traffic loss of approximately 26-32 seconds is observed after restarting the routing daemon on the
EX9200 device with the MC-LAG configurations. PR1409773
uRPF in strict mode does not work. PR1417546
Committing the configurations that involve the interface-range defined over wild-card range such as
ge-*/*/* are not supported. PR1421446
IGMP transit query packets might not be flooded on VLAN. PR1427542
On the EX9214 device, the following error message are observed after reboot and MACsec-enabled
link flaps: errorlib_set_error_log(): err_id(-1718026239). PR1448368
In some cases, if we have an OSPF session on the IRB over LAG interface with 40-Gigabit Ethernet port
as member, the session gets stuck in restart. PR1498903
On the EX4600 device with VXLAN enabled, the ARP request might get dropped if the storm control is
configured. PR1515254

Routing Protocols

48
Packet loss is observed for the stream bLock:irb_lacp_tr_ospf while verifying traffic from access to core
network for IPv4. PR1520059
SEE ALSO
What’s New | 34
What’s Chnaged | 41
Known Behavior | 44
Resolved Issues | 49
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63

Resolved Issues

IN THIS SECTION
Resolved Issues: 19.2R3 | 49
Resolved Issues: 19.2R2 | 51
Resolved Issues: 19.2R1 | 59
This section lists the issues fixed in the Junos OS main release and the maintenance releases.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.
49

Resolved Issues: 19.2R3

Authentication and Access Control
On the EX4600 and EX4300 switches, MAC entry is not present in the Ethernet-Switching table for the
MAC-RADIUS client in a server fail scenario when tagged traffic is sent for two clients. PR1462479
On the EX2300-48MP switch, client does not receive the captive-portal success page by downloading
the ACL parameter, because the authentication failed. PR1504818
The DOT1XD_AUTH_SESSION_DELETED event is not triggered with a single supplicant mode.
PR1512724
EVPN
The ESI of IRB interfaces does not update after autonomous-system number change if the interface is
down. PR1482790
The l2ald memory leakage might be observed in any EVPN scenario. PR1498023
The VXLAN function might be broken due to a timing issue. PR1502357
Infrastructure
On the EX2300 and EX3400 switches, kernel might generate core file when deactivating daemon.
PR1483644
Junos Fusion Satellite Software
On the EX4300 in Junos fusion scenario, temperature sensor alarm is observed. PR1466324
Layer 2 Ethernet Services
Issues with DHCPv6 Relay processing confirm and reply packets are observed. PR1496220
MPLS
BGP session might keep flapping between two directly connected BGP peers because of the use of
wrong TCP MSS (maximum segment size). PR1493431
Platform and Infrastructure
MAC learning under bridge-domain stops after MC-LAG interface flaps. PR1488251
Packets get dropped when next hop is IRB over lt interface. PR1494594
50
On the EX4300 switches, the NSSU upgrade might fail due to storage issue on the /var/tmp directory.
PR1494963
IPv6 neighbor solicitation packets might be dropped in a transit device. PR1493212
On the EX4300 device, traffic loss might be seen with framing errors or runts if MACsec is configured.
PR1502726
On the EX9200 device, IRB over VTEP unicast traffic might get dropped. PR1436924
On the EX4300, EX3400, and EX2300 Virtual Chassis with NSB and xSTP enabled, continuous traffic
loss might be observed while performing GRES. PR1500783
On the EX4600 device, traffic loss might be seen with framing errors or runts if MACsec is configured.
PR1469663
On the EX4600 device, DSCP marking might not work as expected if the fixed classifiers are applied to
interfaces. PR1472771
ERP might not come up properly when MSTP and ERP are enabled on the same interface. PR1473610
MPCs might stop when there is bulk route update failure in a corner case. PR1478392
DHCP binding might fail when the PVLAN is configured with a firewall to block or allow certain IPv4
packets. PR1490689
On the EX4650 switch, traffic loss might be seen under MC-LAG scenario. PR1494507
Outbound SSH connection flaps or leaks memory during push configuration to ephemeral database with
high rate. PR1497575
Traffic might get dropped if the aggregated Ethernet member interface is deleted or added, or a SFP of
the aggregated Ethernet member interface is unplugged or plugged. PR1497993
LLDP is not acquired when native-vlan-id and tagged VLAN-ID are the same on a port. PR1504354
Routing Protocols
The BGP route-target family might prevent RR from reflecting Layer 2 VPN and Layer 3 VPN routes.
PR1492743

Resolved Issues: 19.2R2

Class of Service (CoS)
Shaping does not work after the reboot if shaping-rate is configured. PR1432078
The traffic is placed in network-control queue on an extended port even if it comes in with a different
DSCP marking. PR1433252
EVPN
51
EVPN or MPLS IRB logical interfaces might not come up when local Layer 2 interfaces are down.
PR1436207
Configuring ESI on a single-homed 25-Gigabit Ethernet port might not work. PR1438227
An ARP request or a Neighbor Solicitation message might be sent back to the local segment by the
designated forwarder (DF) router. PR1459830
The rpd might crash after the EVPN-related configuration is changed. PR1467309
Forwarding and Sampling
Enable interface with input/output vlan-maps to be added to a routing instance configured with a VLAN
ID or VLAN tags (instance type virtual-switch/vpls). PR1433542
The l2ald process might experience memory leak on devices running Junos OS. PR1455034
Type 1 ESI/AD route might not be generated locally on EVPN PE devices in all-active mode. PR1464778
General Routing
Transit OSPF traffic over Q-in-Q tunneling might be dropped if a firewall filter is applied to loopback
interface. PR1355111
The l2ald process might crash and generate a core file on EX Virtual Chassis when converting a trunk
port to dot1x access port with tagged traffic flowing. PR1362587
The interface on a failed member FPC of EX2300 and EX3400 Virtual Chassis might stay up for 120
seconds. PR1422507
IPv6 multicast traffic received on one Virtual Chassis member might be dropped when exiting through
another Virtual Chassis member if MLD snooping is enabled. PR1423310
The MAC address pool might overlap between different switches. PR1425123
Virtual Chassis split is seen after the network topology is changed. PR1427075
The fxpc or the Packet Forwarding Engine process might crash on EX2300 and EX3400 switches.
PR1427391
Rebooting or halting a Virtual Chassis member might cause traffic on the RTG link to be down for about
30 seconds. PR1427500
The l2ald process crashes after the dot1x configuration is deleted when dot1x and private VLAN (PVLAN)
are enabled simultaneously on EX Series and QFX Series switches. PR1428469
A client might fail to get an IP address from the DHCPv6 server. PR1428769
The delay in transmission of BPDUs after GRES might result in loss of traffic on EX2300 and EX3400
Virtual Chassis. PR1428935
The EX4300-48MP switch cannot learn MAC addresses through some access ports that are directly
connected to a host when auto negotiation is used. PR1430109
Disabling DAC QSFP ports might not work on MX204, MX10003, or EX9251. PR1430921
52
Erroneous log messages and chassis environment output related to fan tray in EX4300MP-EX4300-48P
Virtual Chassis. PR1431263
The l2cpd process might crash and generate a core file when interfaces are flapping. PR1431355
Packet drop might be seen if native VLAN is configured along with flexible VLAN tagging. PR1434646
Micro BFD-session might flap upon inserting a QSFP transceiver into another port. PR1435221
Traffic drop might be seen after MACsec session key rollover between primary and fallback for more
than ten times. PR1435277
The multichassis aggregated Ethernet (mc-ae) interface might get stuck in the Waiting state in a dual
mc-ae scenario. PR1435874
i40e NVM upgrade support for EX9200 platform. PR1436223
The Gigabit Ethernet or multigigabit Ethernet SFP-T interface might not come up on EX2300, EX3400,
and EX4300 switches. PR1438078
Commit check error for VSTP on EX9200 switches: xSTP:Trying to configure too many interfaces for
given protocol.PR1438195
LED turns on even after the Virtual Chassis members are powered off. PR1438252
The DHCP Snooping table might be cleared for VLAN ID 1 after adding a new VLAN ID to it. PR1438351
The rpd might crash during the booting process in certain conditions. PR1438597
The dot1x configuration might not work when captive port is also configured on the interface on a
backup or non-master FPC. PR1439200
LACP state might get stuck in Attached state after disabling peer active members. PR1439268
On EX9200 DHCPv6 relay scenario, when DHCPv6 snooping and Neighbor Discovery Inspection (NDI)
are enabled simultaneously on an IRB interface, the DHCPv6 relay binding does not come up. PR1439844
The EX4600 and QFX5100 Virtual Chassis might not come up after you replace the Virtual Chassis port
fiber connection with a DAC cable. PR1440062
CPU might hang or an interface might be stuck down on a particular 1-Gigabit Ethernet port on MX
Series, EX Series, and PTX Series devices. PR1440526
MAC addresses learned on an RTG might not be aged out after a Virtual Chassis member is rebooted.
PR1440574
Clients in isolated VLANs might not get IP addresses after completing authentication when both
dhcp-security and dot1x are configured. PR1442078
EX3400 fan alarm (Fan X not spinning) appears and disappears repeatedly after the fantray (Absent) is
removed. PR1442134
The rpd might crash when BGP sends a notification message. PR1442786
DHCPv6 client might fail to get an IP address. PR1442867
53
The port role might be incorrect in STP after the STP configuration is changed. PR1443489
The /var/host/motd does not exist message is flooded every 5 seconds in chassisd logs. PR1444903
On EX4300-MP, the following log message is generated continuously: rpd[6550]: task_connect: task
AGENTD I/O.128.0.0.1+9500 addr 128.0.0.1+9500: Connection refused. PR1445618
Major alarm log messages are seen for temperature conditions at 56 degrees Celsius. PR1446363
The traffic might be dropped when a firewall filter rule uses then vlan as the action in a Virtual Chassis
scenario. PR1446844
Phone home on EX Series devices because sysctl cannot read the device serial number. PR1447291
EX3400 Virtual Chassis might go into hang state when a disk error occurs on EX3400. PR1447853
Unicast ARP requests are not replied to with the no-arp-trap option. PR1448071
On EX3400, IPv6 routes received through BGP do not show the correct age time. PR1449305
Except one aggregated Ethernet member link, the other links do not send out sFlow sample packets for
ingress traffic. PR1449568
Tunneling encapsulated packets are dropped on the Layer 3 VPN MPLS PE-CE interface. PR1451032
DHCP snooping static binding does not take effect after deleting and re-adding the entries. PR1451688
The MAC pause frames will be incrementing in the Receive direction if half-duplex mode on 10-Mbps
or 100-Mbpa speed is configured. PR1452209
The l2ald and eventd processes are hogging 100 percent CPU after the clear ethernet-switching table
command is issued. PR1452738
Configuration change in VLAN all option might affect the per-VLAN configuration. PR1453505
Version compare in PHC might fail, making the PHC to download the same image. PR1453535
You might not be able to apply a firewall filter in a particular VC/VCF member as TCAM space runs out.
PR1455177
Packet drop might be seen after removing and reinserting the SFP transceiver of the 40-Gigabit uplink
module ports. PR1456039
Link-up delay and traffic drop might be seen on mixed SP Layer 2 or Layer 3 and EP Layer 2 type
configurations. PR1456336
The syslog message timeout connecting to peer database-replication is generated when the show
version detail command is issued. PR1457284
Overtemperature SNMP trap messages are displayed after the software upgrade and update even though
the temperatures are within the system thresholds. PR1457456
The correct VoIP VLAN information in LLDP-MED packets might not be sent after commit if dynamic
VoIP VLAN assignment is used. PR1458559
The fxpc process might crash due to several BGP IPv6 session flaps. PR1459759
54
Storage space limitation leads to image installation failure when phone home is used on EX2300 and
EX3400 platforms. PR1460087
MAC addresses learned on an RTG might not be aged out after aging time. PR1461293
RTG link faces nearly 20 seconds downtime when the backup node is rebooting. PR1461554
Configuring any combination of VLANs and interfaces under VSTP/MSTP might cause VSTP/MSTP-related
configurations that cannot be committed. PR1463251
The Virtual Chassis function might be broken after upgrading on EX2300 and EX3400 switches.
PR1463635
On EX Series switches with ELS and on QFX Series switches, some command lines to disable MAC
learning are not working. PR1464797
The jdhcpd might consume high CPU and no further subscribers can be brought up if more than 4000
DHCP-relay clients in the MAC-MOVE scenario. PR1465277
The fxpc might crash after mastership election on EX2300 and EX3400 switches. PR1465526
The broadcast and multicast traffic might be dropped over IRB or LAG interfaces in QFX Series and EX
Series Virtual Chassis scenario. PR1466423
The MAC move message might have an incorrect from interface when rapid MAC moves occurs.
PR1467459
In EX3400 FPCs get disconnected from Virtual Chassis briefly after the image upgrades or reboots.
PR1467707
Optics measurements might not be streamed for interfaces of a PIC over JTI. PR1468435
FPC might be down when configuring vxlan-routing. PR1468736
On the EX3400, traffic loss is observed between SFP-T connected interfaces because of auto negotiation
failure. PR1469750
EX3400 is advertising only 100 Mbps when configured with 100-Mbps speed with auto negotiation
enabled. PR1471931
The shaping of CoS does not work after reboot. PR1472223
The RIPv2 packets forwarded across a Layer 2 circuit connection might be dropped. PR1473685
The dhcpd process might crash in a Junos fusion environment. PR1478375
TFTP installation from loader prompt might not succeed on the EX Series switches. PR1480348
ARP request packets for unknown hosts might get dropped in the remote PE device in an EVPN-VXLAN
scenario. PR1480776
On the EX2300 Series, the SNMP traps are not generated when MAC addresses when the limit is reached.
PR1482709
Infrastructure
55
The operations on the console might not work if the system ports console log-out-on-disconnect
configuration statement is configured. PR1433224
On the EX4300 Series, the CLI configuration on-disk-failure is not supported. PR1450093
Certain EX Series switches might panic and generate VM core files, leading to reboot. PR1456668
Error messages related to soft reset of ports due to queue buffers being stuck could be seen on EX4600
and EX4300 Virtual Chassis. PR1462106
Traffic drop is seen on an EX4300-48MP device that acts as a leaf node in a Layer 2 IP fabric
EVPN-VXLAN environment. PR1463318
Continuous dcpfe error messages and eventd process hog might be seen in an EX2300 Virtual Chassis
scenario. PR1474808
Interfaces and Chassis
On EX9200 devices, an unexpected duplicate VLAN-ID commit error might be seen. PR1430966
The VRRP IPv6 state might flap between init and idle states after VLAN tagging is configured. PR1445370
Traffic might be forwarded to wrong interfaces in an MC-LAG scenario. PR1465077
Executing commit might hang because of a stuck dcd process. PR1470622
J-Web
Some error messages might be seen when using J-Web. PR1446081
Junos Fusion for Enterprise
Reachability of the host connected to the satellite device might be affected in a Junos fusion for enterprise
environment with EX9200 Series switches as aggregation devices. PR1447873
Loop detection might not work on extended ports in a Junos fusion scenario. PR1460209
Layer 2 Features
Ethernet ring protection switching (ERPS) nodes might not converge to the Idle state after failure recovery
or reboot. PR1431262
Physical layer and MAC/ARP learning might not work for copper base SFP-T transceivers on QFX5100,
QFX5110, and EX4600. PR1437577
The traffic leaving QFX5000 and EX4600 switches might not be properly load balanced over aggregated
Ethernet interfaces. PR1448488
The LLDP function might fail when a Juniper Networks device connects to a non-Juniper device.
PR1462171
An fxpc core file might be seen when committing the configuration all together. For example, after a
reboot PR1467763
Traffic might be affected if composite next hop is enabled. PR1474142
56
Layer 2 Ethernet Services
The DHCP decline packets are not forwarded to the DHCP server when forward-only is set within DHCP
reply. PR1429456
The jdhcpd_era log files constantly consume 121 MB of space out of 170 MB, resulting into a full file
system traffic impact. PR1431201
DHCP request might get dropped in a DHCP relay scenario. PR1435039
In EX9200 switches, DHCP relay is stripping the GIADDR field in messages toward the DHCP clients.
PR1443516
Platform and Infrastructure
LACP DDoS policer is incorrectly triggered by other protocol- traffic on all EX9200, T4000, and MX
Series platforms. PR1409626
On the EX4300-48MP running Junos OS Release 18.3R1.9, overtemperature SNMP trap is generated
wrongly for line card (EX4300-48P) based on master Routing Engine (EX4300-48MP) temperature threshold value. PR1419300
On the EX4300, the runt counter never increments. PR1419724
SNMP (ifHighSpeed) value does not appear properly only for VCP interfaces; , it appears as zero.
PR1425167
Packet drops, replication failure, or ksyncd crashes might be seen on the logical system of a device
running Junos OS after Routing Engine switchover. PR1427842
IPv6 traffic might be dropped when static /64 IPv6 routes are configured. PR1427866
EX4300 does not drop FCS frames with CRC error on xe- interfaces. PR1429865
Unicast ARP requests are not replied with the no-arp-trap option. PR1429964
EX4300 without soft error recovery (parity check, correction and memscan) enabled. PR1430079
The device might not be accessible after the upgrade. PR1435173
An FPC/pfex crash might be observed due to DMA buffer leaking. PR1436642
The /var/db/scripts directory might be deleted after the request system zeroize command is executed.
PR1436773
The laser TX might be enabled while the interface is disabled PR1445626
The PoE might not work after the PoE firmware on EX4300 switches is upgraded. PR1446915
The firewall filters might not be created due to TCAM issues. PR1447012
NSSU causes a traffic loss after the backup-to-master transitions. PR1448607
The Errors on certain MPCs are classified as major, which should be minor or non-fatal. PR1449427
The REST API process becomes nonresponsive when a number of requests come at a high rate.
PR1449987
57
The IRB traffic might drop after a mastership switchover. PR1453025
The traffic for some VLANs might not be forwarded when vlan-id-list is configured. PR1456879
The OSPF neighbor might go down when mDNS or PTP traffic is received at a rate higher than 1400
pps. PR1459210
ERP might not revert to the Idle state after reload or reboot of multiple switches. PR1461434
Traffic loss might be observed longer than 20 seconds when performing NSSU on EX4300 Virtual Chassis.
PR1461983
IGMP reports are dropped with mixed enterprise/SP configuration styles on EX4300 switches. PR1466075
The switch might not be able to learn MAC addresses with dot1x and interface-mac-limit configured.
PR1470424
On an EX4300, the input firewall filter attached to isolated or community VLANs is not matching dot1p
bits on the VLAN header. PR1478240
The Virtual Chassis VRRP peer drops packets to VRRP VIP after IRB is disabled. PR1491348
Routing Protocols
Host-destined packets with the filter log action might not reach the Routing Engine if log/syslog is
enabled. PR1379718
BGP IPv4 or IPv6 convergence and RIB might delete and then install the time degraded in Junos OS
Releases 19.1R1, 19.2R1, 19.3R1, and 19.4R1. PR1414121
The traffic with destination UDP port 520 (RIP) or 521 (RIPng) gets dropped on the QFX5000 and
EX4600 switches. PR1429543
The fxpc core file might be seen during the reboot of QFX5100 and EX4600 devices. PR1432023
The RPD_DYN_CFG_GET_PROF_NAME_FAILED: Get profile name for session XXX failed: -7 error
message might be seen in syslog after restarting the routing process. PR1439514
The bandwidth value of DDoS protection might cause packet loss after a device reboot. PR1440847
Traffic might be dropped after the Q-in-Q-enabled interface is flapped or a change is made to the
vlan-id-list configuration. PR1441402
IPv6 connectivity between MC-LAG peers might fail when multiple IRB interfaces are present. PR1443507
Junos OS BFD sessions with authentication flap after a certain time. PR1448649
Loopback address exported into other VRF instances might not work on ACX Series, EX Series, and QFX
Series. PR1449410
MPLS LDP might still use the stale MAC address of the neighbor even the LDP neighbor's MAC address
changes. PR1451217
The other querier present interval timer cannot be changed in the IGMP/MLD snooping scenario.
PR1461590
58
The MUX state in an LACP interface does not go to collecting and distributing and remains attached
after enabling the aggregated Ethernet interface. PR1484523
The routing protocol process (rpd) crashes while processing a specific BGP update information.
PR1448425
Receipt of certain genuine BGP packets from any BGP speaker causes rpd to crash. PR1497721
User Interface and Configuration
The switch might be unable to commit baseline configuration after zeroization. PR1426341
Problem with access to J-Web after update from Junos OS Release 18.2R2 to Junos OS Relesae 18.2R3.
PR1454150
The umount: unmount of /.mount/var/val/chroot/packages/mnt/jweb-ex32-d2cf6f6b failed: Device
busy message is seen when Junos OS is upgraded with the validate option. PR1478291
Virtual Chassis
The current MAC address might change when one of the multiple Layer 3 interfaces is being deleted.
PR1449206
VPNs
MVPN using PIM dense mode does not prune the OIF when PIM prune is received. PR1425876

Resolved Issues: 19.2R1

Authentication and Access Control
Without configuring anything related to dot1x, the syslog dot1xd[2192]: task_connect: task
PNACAUTH./var/run/authd_control addr /var/run/authd_control: Connection refused is generated repeatedly. PR1406965
EVPN
The device might proxy the ARP probe packets in an EVPN environment. PR1427109
59
ESI is configured on a single-homed 25G port might not work. PR1438227
General Routing
On EX4650 switches, convergence delay between PE1 and P router link is more than the expected delay
value. PR1364244
OAM Ethernet connectivity-fault-management configured on aggregated Ethernet interfaces is not
supported and no commit error is seen. PR1367588
IPv6 router advertisement (RA) messages potentially increase internal kernel memory usage. PR1369638
RIPv2 update packets might not be sent with IGMP snooping enabled. PR1375332
Input rate PPS does not increase on EX2300-MP uplink ports when the packet is a pure L2 packet like
non-etherII or non-EtherSnap. PR1389908
EX3400VC - When an interface in a Virtual Chassis member switch that is not master, is flapped, IGMP
query packets 224.0.0.1 are sent to all the ports of the members except the master FPC. PR1393405
PTP over Ethernet traffic might be dropped when IGMP and PTP TC are configured together. PR1395186
EX3400 might not learn 30,000 MAC addresses while sending MAC learning traffic. PR1399575
MAC-limit with persistent MAC is not working after reboot. PR1400507
After upgrading to Junos OS Release 18.1R3.3, adt7470_set_pwm output message is observed
continuously. PR1401709
The DHCP discover packets are forwarded out of an interface incorrectly when DHCP snooping is
configured on that interface. PR1403528
On EX4300-48MP devices, the packets drop when the traffic filter and the routing instance are configured.
PR1407424
The l2cpd might crash if the vstp traceoptions and vstp vlan all commands are configured. PR1407469
MAC address movement might not happen in flexible Ethernet services mode when family inet/inet6
and vlan-bridge are configured on the same physical interface. PR1408230
EX3400 PSU status is still taking "check" status even though PSU module has been removed. PR1408675
On EX2300-24P switches, error message dc-pfe: BRCM_NH-,brcm_nh_resolve_get_nexthop(),346:Failed
to find if family is seen. PR1410717
On EX Series devices, the PEM alarm for backup FPC remains on master FPC though the backup FPC
is detached from Virtual Chassis. PR1412429
On EX4300-48MP devices, the chassis status LED shows yellow instead of amber. PR1413194
The chassisd output power budget is received continually per 5 seconds without any alarm after an
upgrade to Junos OS Release 18.1R3. PR1414267
VXLAN encapsulation next hop (VENH) does not get installed during BGP flap or when routing is restarted.
PR1415450
60
On EX3400 switches, the show chassis environment repeats OK and Failed at short intervals. PR1417839
The EX3400 VC status might be unstable during the boot-up of the Virtual Chassis or after the Virtual
Chassis port flaps. PR1418490
Virtual Chassis might become unstable and FXPC crashes and generates a core file when there are a lot
of configured filter entries. PR1422132
On EX3400 auto-negotiation status shows incomplete on ge-0/2/0 using SFP-SX. PR1423469
On EX4600 line of switches, MACsec might not connect when the interface disconnects while traffic is
passing. PR1423597
I2C read errors are seen when an SFP-T is inserted into a disabled state port configured with set interface
<*> disable command. PR1423858
Incorrect model information while polling through SNMP from Virtual Chassis. PR1431135
Infrastructure
IfSpeed and IfHighSpeed erroneously reported as zero on EX2300. PR1326902
Packet Forwarding Engine is flooded with messages // pkt rx on physical interface NULL unit 0.
PR1381151
Interfaces and Chassis
Missing mandatory ICCP configuration statement redundancy-group-id-list produces misleading error
message. PR1402606
EVPN aggregated Ethernet interface flaps followed by a commit. PR1425339
Junos Fusion for Enterprise
PoE over LLDP negotiation is not supported on Junos fusion for enterprise setup. PR1366106
New satellite device cannot be added to the Fusion scenario. PR1374982
Cascade port might go down after SD reboot in Junos fusion for enterprise environment. PR1382091
Cannot log in to SD cluster though it is recognized by AD properly. PR1395570
The l2ald might crash when clear ethernet-switching table persistent-learning command is issued.
PR1409403
Extended ports in Junos fusion for enterprise do not adjust MTU when VoIP is enabled. PR1411179
The traffic might silently drop and get discarded in Junos fusion for enterprise scenario with dual-AD.
PR1417139
Layer 2 Ethernet Services
The malfunction of core isolation feature in EVPN VXLAN scenarios might cause traffic to get silently
dropped and discarded. PR1417729
61
Network Management and Monitoring
Over temperature trap is not sent out even when there is a temperature-hot-alarm. PR1412161
Platform and Infrastructure
Ping does not go through the device after WTR timer expires in Ethernet ring protection switching (ERPS)
scenario. PR1132770
EX4300 upgrade fails during validation of SLAX script. PR1376750
Unicast DHCP request gets misforwarded to backup RTG link on EX4300 Virtual Chassis. PR1388211
EX4300 OAM LFM might not work on extended-vlan-bridge interface with native vlan configured.
PR1399864
Traffic drop is seen on EX4300 when 10-Gigabit fiber port is using 1-Gigabit Ethernet SFP optics with
auto-negotiation enabled. PR1405168
On EX4300, when power supply (PEM) is removed, alarm is not generated. PR1405262
The policer might not work when it is applied through the dynamic filter. PR1410973
The traffic to the NLB server might not be forwarded if the NLB cluster works on multicast mode.
PR1411549
EX4300 QinQ - untagged UNI traffic egress as single-tagged on NNI interface. PR1413700
Runt counter never incremented. PR1419724
EX4300 does not send fragmentation needed message when MTU is exceeded with DF bit set.
PR1419893
The pfex process might crash and core files might be generated when SFP is reinserted. PR1421257
Traffic might get silently dropped when one of logical interfaces on LAG is deactivated or deleted.
PR1422920
Auditd crashes when accounting RADIUS server is not reachable. PR1424030
The native VLAN ID of packets might fail when leaving out. PR1424174
Interface flapping scenario might lead to ECMP next-hop install failure on EX4300 switches. PR1426760
VIP might not forward the traffic if VRRP is configured on an aggregated Ethernet interface. PR1428124
EX4300 does not drop FCS frames on XE interfaces. PR1429865
The ERPS failover does not work as expected on EX4300 device. PR1432397
Routing Protocols
Host-destined packets with filter log action might reach the Routing Engine. PR1379718
The rpd crashes on static route configuration for multicast source. PR1408443
Host-generated ICMPv6 RA packets might be dropped on the backup member of Virtual Chassis if
igmp-snooping is configured. PR1413543
62
The EX Series switches might not install all IRB MAC addresses in the initialization. PR1416025
After restarting multicast-snooping process, igmp-snooping might not work. PR1420921
Software Installation and Upgrade
Configuration loss and traffic loss might be seen if backup Routing Engine is zeroized and is then switched
over to master within a short time. PR1389268
Subscriber Access Management
authd reuses address quickly before jdhcpd completely cleans up the old subscriber that gives the
following error log DH_SVC_DUPLICATE_IPADDR_ERR: Failed to add x.x.x.x as it is already used by xxx. PR1402653
On EX4300 /var showing full /var/log/dfcd_enc file grows in size. PR1425000
SEE ALSO
What’s New | 34
What’s Chnaged | 41
Known Behavior | 44
Open Issues | 45
Documentation Updates | 63
Migration, Upgrade, and Downgrade Instructions | 63

Documentation Updates

IN THIS SECTION
Installation and Upgrade | 63
This section lists the errata and changes in Junos OS Release 19.2R3 for the EX Series switches documentation.

Installation and Upgrade

Veriexec explained (EX Series)—Verified Exec (also known as veriexec) is a file-signing and verification
scheme that protects the Junos operating system (OS) against unauthorized software and activity that might compromise the integrity of your device. Originally developed for the NetBSD OS, veriexec was adapted for Junos OS and enabled by default from Junos OS Release 7.5 onward.
63
[See Veriexec Overview.]
SEE ALSO
What’s New | 34
What’s Chnaged | 41
Known Behavior | 44
Open Issues | 45
Resolved Issues | 49
Migration, Upgrade, and Downgrade Instructions | 63

Migration, Upgrade, and Downgrade Instructions

IN THIS SECTION
Upgrade and Downgrade Support Policy for Junos OS Releases | 64
This section contains the upgrade and downgrade support policy for Junos OS for the EX Series. Upgrading or downgrading Junos OS can take several hours, depending on the size and configuration of the network. For information about software installation and upgrade, see the Installation and Upgrade Guide.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.
64
For more information about EEOL releases and to review a list of EEOL releases, see
https://support.juniper.net/support/eol/software/junos/.
SEE ALSO
What’s New | 34
What’s Chnaged | 41
Known Behavior | 44
Open Issues | 45
Resolved Issues | 49
Documentation Updates | 63

Junos OS Release Notes for Junos Fusion Enterprise

IN THIS SECTION
What’s New | 65
What’s Changed | 67
Known Limitations | 68
Open Issues | 68
Resolved Issues | 69
Documentation Updates | 71
Migration, Upgrade, and Downgrade Instructions | 71
65
These release notes accompany Junos OS Release 19.2R3 for Junos Fusion Enterprise. Junos Fusion Enterprise is a Junos Fusion that uses EX9200 switches in the aggregation device role. These release notes describe new and changed features, limitations, and known problems in the hardware and software.
NOTE: For a complete list of all hardware and software requirements for a Junos Fusion
Enterprise, including which Juniper Networks devices can function as satellite devices, see
Understanding Junos Fusion Enterprise Software and Hardware Requirements.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

What’s New

IN THIS SECTION
What's New in Release 19.2R3 | 66
What's New in Release 19.2R2 | 66
What's New in Release 19.2R1 | 66
Learn about new features introduced in the Junos OS main and maintenance releases for Junos fusion for enterprise.
NOTE: For more information about the Junos fusion for enterprise features, see the Junos Fusion
Enterprise User Guide.

What's New in Release 19.2R3

There are no new features or enhancements to existing features for Junos fusion for enterprise in Junos OS Release 19.2R3.

What's New in Release 19.2R2

There are no new features or enhancements to existing features for Junos fusion for enterprise in Junos OS Release 19.2R2.
66

What's New in Release 19.2R1

There are no new features or enhancements to existing features for Junos fusion for enterprise in Junos OS Release 19.2R1.
SEE ALSO
What’s Changed | 67
Known Limitations | 68
Open Issues | 68
Resolved Issues | 69
Documentation Updates | 71
Migration, Upgrade, and Downgrade Instructions | 71

What’s Changed

IN THIS SECTION
What’s Changed in 19.2R3 | 67
What’s Changed in 19.2R2 | 67
What’s Changed in 19.2R1 | 67
Learn about what changed in the Junos OS main and maintenance releases for Junos fusion for enterprise.

What’s Changed in 19.2R3

There are no changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands in Junos OS Release 19.2R3 for Junos fusion for enterprise.
67

What’s Changed in 19.2R2

There are no changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands in Junos OS Release 19.2R2 for Junos fusion for enterprise.

What’s Changed in 19.2R1

There are no changes in behavior of Junos OS features and changes in the syntax of Junos OS statements and commands in Junos OS Release 19.2R1 for Junos fusion for enterprise.
SEE ALSO
What’s New | 65
Known Limitations | 68
Open Issues | 68
Resolved Issues | 69
Documentation Updates | 71
Migration, Upgrade, and Downgrade Instructions | 71

Known Limitations

There are no known behaviors, system maximums, and limitations in hardware and software in Junos OS Release 19.2R3 for Junos fusion for enterprise.
For the most complete and latest information about known Junos OS problems, use the Juniper Networks online Junos Problem Report Search application.
SEE ALSO
What’s New | 65
What’s Changed | 67
Open Issues | 68
Resolved Issues | 69
Documentation Updates | 71
68
Migration, Upgrade, and Downgrade Instructions | 71

Open Issues

IN THIS SECTION
Junos fusion for enterprise | 68
This section lists the known issues in hardware and software in Junos OS Release 19.2R3 for Junos fusion for enterprise.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Junos fusion for enterprise

On EX4300 when 10G fiber port is using 1G Ethernet SFP optics, auto-negotiation is enabled by default.
To bring up the satellite device, BCM recommends to disable the auto-negotiation for PHY84756 ports.
PR1420343
In Junos fusion for enterprise environment with EX2300-48P or EX2300-48T acting as satellite devices,
loop-detect feature does not work for ports 0-23, since the loop detect filter is not properly applied.
PR1426757
In a Junos fusion system, intermediate traffic drop might be seen between the aggregation and satellite
device when Sflow is enabled on the ingress interface. When Sflow is enabled, the original packet is corrupted for those packets which hit the Sflow filter. This is because the packets egressing the aggregation device are short 4 bytes of FCS and 2 bytes of data. Normal data packets are 128 bytes (4 bytes for FCS, 14 bytes for Ethernet header, 20 bytes for IP header and 90 bytes for data). The corrupted packets are 122 bytes (14 bytes for Ethernet header, 20 bytes for IP header, and 88 bytes for data).
PR1450373
SEE ALSO
What’s New | 65
What’s Changed | 67
69
Known Limitations | 68
Resolved Issues | 69
Documentation Updates | 71
Migration, Upgrade, and Downgrade Instructions | 71

Resolved Issues

IN THIS SECTION
Resolved Issues: 19.2R3 | 70
Resolved Issues: 19.2R2 | 70
Resolved Issues: 19.2R1 | 70
This section lists the issues fixed in the Junos OS main release and the maintenance releases.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Resolved Issues: 19.2R3

There are no resolved issues in Junos OS Release 19.2R3 for Junos fusion for enterprise.

Resolved Issues: 19.2R2

Reachability issue of the host connected to the satellite device might be affected in a Junos Fusion
Enterprise environment with EX9200 series devices as aggregation devices. PR1447873
Loop detection might not work on extended ports in Junos fusion scenarios. PR1460209
The dpd process might be generate a core file on satellite devices in a Junos fusion for enterprise setup.
PR1460607
In a Junos fusion service provider setup the EX4300 acting as a satellite device is triggering the
temperature sensor alarm on multiple satellite device modules connected to same aggregation device.
PR1466324
70

Resolved Issues: 19.2R1

PoE over LLDP negotiation is not supported on Junos Fusion Enterprise setup. PR1366106
New satellite device cannot be added to the Fusion scenario. PR1374982
Cascade port might go down after SD reboot in Junos Fusion Enterprise environment. PR1382091
Cannot login to SD cluster though it is recognized by AD properly. PR1395570
The l2ald might crash when clear ethernet-switching table persistent-learning command is issued.
PR1409403
Extended ports in JFE do not adjust MTU when VoIP is enabled. PR1411179
The traffic might silently drop and get discarded in Junos Fusion Enterprise scenario with dual-AD.
PR1417139
SEE ALSO
What’s New | 65
What’s Changed | 67
Known Limitations | 68
Open Issues | 68
Documentation Updates | 71
Migration, Upgrade, and Downgrade Instructions | 71

Documentation Updates

There are no errata or changes in Junos OS Release 19.2R3 for documentation for Junos fusion for enterprise.
SEE ALSO
What’s New | 65
What’s Changed | 67
Known Limitations | 68
Open Issues | 68
Resolved Issues | 69
Migration, Upgrade, and Downgrade Instructions | 71
71

Migration, Upgrade, and Downgrade Instructions

IN THIS SECTION
Basic Procedure for Upgrading Junos OS on an Aggregation Device | 71
Upgrading an Aggregation Device with Redundant Routing Engines | 73
Preparing the Switch for Satellite Device Conversion | 74
Converting a Satellite Device to a Standalone Switch | 75
Upgrade and Downgrade Support Policy for Junos OS Releases | 75
Downgrading from Junos OS | 76
This section contains the procedure to upgrade or downgrade Junos OS and satellite software for a Junos fusion for enterprise. Upgrading or downgrading Junos OS and satellite software might take several hours, depending on the size and configuration of the Junos fusion for enterprise topology.

Basic Procedure for Upgrading Junos OS on an Aggregation Device

When upgrading or downgrading Junos OS for an aggregation device, always use the junos-install package. Use other packages (such as the jbundle package) only when so instructed by a Juniper Networks support
representative. For information about the contents of the junos-install package and details of the installation process, see the Installation and Upgrade Guide.
NOTE: Before upgrading, back up the file system and the currently active Junos OS configuration
so that you can recover to a known, stable environment in case the upgrade is unsuccessful. Issue the following command:
user@host> request system snapshot
The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration information from the previous software installation is retained, but the contents of log files might be erased. Stored files on the routing platform, such as configuration templates and shell scripts (the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored files, copy them to another system before upgrading or downgrading the routing platform. See the Junos OS Administration Library.
72
To download and install Junos OS:
1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:
https://www.juniper.net/support/downloads/
2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.
3. Select By Technology > Junos Platform > Junos Fusion to find the software that you want to download.
4. Select the release number (the number of the software version that you want to download) from the Version drop-down list on the right of the page.
5. Select the Software tab.
6. Select the software package for the release.
7. Review and accept the End User License Agreement.
8. Download the software to a local host.
9. Copy the software to the routing platform or to your internal software distribution site.
10. Install the new junos-install package on the aggregation device.
NOTE: We recommend that you upgrade all software packages out of band using the console
because in-band connections are lost during the upgrade process.
Customers in the United States and Canada, use the following commands:
user@host> request system software add validate reboot source/package-name.tgz
All other customers, use the following commands, where n is the spin number.
user@host> request system software add validate reboot source/package-name-limited.tgz
Replace source with one of the following values:
/pathname—For a software package that is installed from a local directory on the router.
For software packages that are downloaded and installed from a remote location:
73
ftp://hostname/pathname
http://hostname/pathname
scp://hostname/pathname (available only for Canada and U.S. version)
The validate option validates the software package against the current configuration as a prerequisite to adding the software package to ensure that the router reboots successfully. This is the default behavior when the software package being added is a different release.
Adding the reboot command reboots the router after the upgrade is validated and installed. When the reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.
Rebooting occurs only if the upgrade is successful.

Upgrading an Aggregation Device with Redundant Routing Engines

If the aggregation device has two Routing Engines, perform a Junos OS installation on each Routing Engine separately to minimize disrupting network operations as follows:
1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the configuration change to both Routing Engines.
2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running software version on the master Routing Engine.
3. After making sure that the new software version is running correctly on the backup Routing Engine, switch over to the backup Routing Engine to activate the new software.
4. Install the new software on the original master Routing Engine that is now active as the backup Routing Engine.
For the detailed procedure, see the Installation and Upgrade Guide.

Preparing the Switch for Satellite Device Conversion

There are multiple methods to upgrade or downgrade satellite software in your Junos fusion for enterprise. See Configuring or Expanding a Junos Fusion Enterprise.
For satellite device hardware and software requirements, see Understanding Junos Fusion Enterprise
Software and Hardware Requirements.
Use the following command to install Junos OS on a switch before converting it into a satellite device:
user@host> request system software add validate reboot source/package-name
74
NOTE: The following conditions must be met before a Junos switch that is running Junos OS
Release 14.1X53-D43 can be converted to a satellite device when the action is initiated from the aggregation device:
The switch running Junos OS can be converted only to SNOS 3.1 and later.
Either the switch must be set to factory-default configuration by using the request system
zeroize command, or the following command must be included in the configuration: set chassis auto-satellite-conversion.
When the interim installation has completed and the switch is running a version of Junos OS that is compatible with satellite device conversion, perform the following steps:
1. Log in to the device using the console port.
2. Clear the device:
[edit] user@satellite-device# request system zeroize
NOTE: The device reboots to complete the procedure for resetting the device.
If you are not logged in to the device using the console port connection, your connection to the device is lost after you enter the request system zeroize command.
If you lose connection to the device, log in using the console port.
3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces from Virtual Chassis ports (VCPs) into network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number
For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 0 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 1 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 2 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 3
75
This step is required for the 40-Gbps QSFP+ interfaces that will be used as uplink interfaces in a Junos Fusion topology. Built-in 40-Gbps QSFP+ interfaces on EX4300 switches are configured into VCPs by default, and the default settings are restored after the device is reset.
After this initial preparation, you can use one of three methods to convert your switches into satellite devices—autoconversion, manual conversion, or preconfiguration. See Configuring or Expanding a Junos
Fusion Enterprise for detailed configuration steps for each method.

Converting a Satellite Device to a Standalone Switch

If you need to convert a satellite device to a standalone device, you must install a new Junos OS software package on the satellite device and remove it from the Junos Fusion topology. For more information, see
Converting a Satellite Device to a Standalone Device.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from
Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html

Downgrading from Junos OS

Junos fusion for enterprise is first supported in Junos OS Release 16.1, although you can downgrade a standalone EX9200 switch to earlier Junos OS releases.
NOTE: You cannot downgrade more than three releases.
For more information, see the Installation and Upgrade Guide.
76
To downgrade a Junos fusion for enterprise from Junos OS Release 19.2R3, follow the procedure for upgrading, but replace the 19.2 junos-install package with one that corresponds to the appropriate release.
SEE ALSO
What’s New | 65
What’s Changed | 67
Known Limitations | 68
Open Issues | 68
Resolved Issues | 69
Documentation Updates | 71

Junos OS Release Notes for Junos Fusion Provider Edge

IN THIS SECTION
What's New | 77
What’s Changed | 78
Known Limitations | 79
Open Issues | 79
Resolved Issues | 80
Documentation Updates | 82
Migration, Upgrade, and Downgrade Instructions | 82
77
These release notes accompany Junos OS Release 19.2R3 for the Junos Fusion Provider Edge. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

What's New

IN THIS SECTION
What’s New in Release 19.2R3 | 78
What’s New in Release 19.2R2 | 78
What’s New in Release 19.2R1 | 78
Learn about new features introduced in the main and maintenance releases for Junos Fusion Provider Edge.

What’s New in Release 19.2R3

There are no new features or enhancements to existing features for Junos Fusion Provider Edge in Junos
OS Release 19.2R3.

What’s New in Release 19.2R2

There are no new features or enhancements to existing features for Junos Fusion Provider Edge in Junos
OS Release 19.2R2.

What’s New in Release 19.2R1

Spanning-Tree Protocols
Support for Multiple Spanning Tree Protocol (MSTP) (Junos Provider Edge)—Starting with Junos OS
Release 19.2R1, you can configure MSTP on MX480 devices. MSTP scales better than other types of spanning-tree protocols and enables load balancing.
78
[See Configuring MSTP Protocol.]
SEE ALSO
What’s Changed | 78
Known Limitations | 79
Open Issues | 79
Resolved Issues | 80
Documentation Updates | 82
Migration, Upgrade, and Downgrade Instructions | 82

What’s Changed

There are no changes in the behavior of Junos OS features or in the syntax of Junos OS statements and commands in Junos OS Release 19.2R3 for Junos Fusion Provider Edge.
SEE ALSO
What's New | 77
Known Limitations | 79
Open Issues | 79
Resolved Issues | 80
Documentation Updates | 82
Migration, Upgrade, and Downgrade Instructions | 82

Known Limitations

There are no known behaviors, system maximums, or limitations in hardware and software in Junos OS Release 19.2R3 for Junos Fusion Provider Edge.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.
79
SEE ALSO
What's New | 77
What’s Changed | 78
Open Issues | 79
Resolved Issues | 80
Documentation Updates | 82
Migration, Upgrade, and Downgrade Instructions | 82

Open Issues

IN THIS SECTION
Junos Fusion Provider Edge | 80
Learn about open issues in this release for Junos Fusion Provider Edge.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Junos Fusion Provider Edge

In a Junos fusion system, intermediate traffic drop might be seen between the aggregation and satellite
device when Sflow is enabled on the ingress interface. When Sflow is enabled, the original packet is corrupted for those packets which hit the Sflow filter. This is because the packets egressing the aggregation device are short 4 bytes of FCS and 2 bytes of data. Normal data packets are 128 bytes (4 bytes for FCS, 14 bytes for Ethernet header, 20 bytes for IP header and 90 bytes for data). The corrupted packets are 122 bytes (14 bytes for Ethernet header, 20 bytes for IP header, and 88 bytes for data).
PR1450373
SEE ALSO
What's New | 77
What’s Changed | 78
Known Limitations | 79
80
Resolved Issues | 80
Documentation Updates | 82
Migration, Upgrade, and Downgrade Instructions | 82

Resolved Issues

IN THIS SECTION
Resolved Issues: 19.2R3 | 81
Resolved Issues: 19.2R2 | 81
Resolved Issues: 19.2R1 | 81
Learn which issues were resolved in Junos OS main and maintenance releases for Junos Fusion Enterprise.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Resolved Issues: 19.2R3

Junos Fusion Provider Edge
The extended ports on cluster MX480 always show half duplex from the aggregate device. PR1490101
Junos Fusion Satellite Software
In Junos Fusion scenario with EX4300 acting as SD, the temperature sensor alarms and logs might be
seen as a result of the incorrect temperature reading of about 2-3 degrees lower than the expected. There is no CLI command to clear the alarm and logs. PR1466324

Resolved Issues: 19.2R2

Junos Fusion Satellite Software
The dpd crash might be observed on satellite devices in Junos Fusion Enterprise. PR1460607
Temperature sensor alarm is seen on EX4300 in Junos Fusion scenario. PR1466324
81

Resolved Issues: 19.2R1

Junos Fusion Provider Edge
The sdpd process might continuously crash if there are more than 12 cascade-ports configured to a
satellite device. PR1437387
The aggregated Ethernet interface might flap whenever a new logical interface is added to it. PR1441869
If a default shaper is applied to a cascade interface of an aggregation device (AD), the displayed value
of "Guaranteed rate" is greater than the value of "Shaping rate" in the output of the show class-of-service scheduler-hierarchy interface command. PR1415502
Auto-negotiation is not disabled in the hardware after the no-auto-negotiation option is set using the
CLI. PR1411852
Junos Fusion Satellite Software
Extended Port (EP) LAG might go down on the Satellite Devices (SDs) if the related Cascade Port (CP)
links to an Aggregation Device (AD) goes down. PR1397992
SEE ALSO
What's New | 77
What’s Changed | 78
Known Limitations | 79
Open Issues | 79
Documentation Updates | 82
Migration, Upgrade, and Downgrade Instructions | 82

Documentation Updates

There are no errata or changes in Junos OS Release 19.2R3 documentation for Junos Fusion Provider Edge.
SEE ALSO
What's New | 77
What’s Changed | 78
82
Known Limitations | 79
Open Issues | 79
Resolved Issues | 80
Migration, Upgrade, and Downgrade Instructions | 82

Migration, Upgrade, and Downgrade Instructions

IN THIS SECTION
Basic Procedure for Upgrading an Aggregation Device | 83
Upgrading an Aggregation Device with Redundant Routing Engines | 85
Preparing the Switch for Satellite Device Conversion | 86
Converting a Satellite Device to a Standalone Device | 87
Upgrading an Aggregation Device | 90
Upgrade and Downgrade Support Policy for Junos OS Releases | 90
Downgrading from Junos OS Release 19.2 | 90
This section contains the procedure to upgrade Junos OS, and the upgrade and downgrade policies for Junos OS for Junos Fusion Provider Edge. Upgrading or downgrading Junos OS might take several hours, depending on the size and configuration of the network.

Basic Procedure for Upgrading an Aggregation Device

When upgrading or downgrading Junos OS, always use the jinstall package. Use other packages (such as the jbundle package) only when so instructed by a Juniper Networks support representative. For information about the contents of the jinstall package and details of the installation process, see the Installation and
Upgrade Guide.
NOTE: Before upgrading, back up the file system and the currently active Junos OS configuration
so that you can recover to a known, stable environment in case the upgrade is unsuccessful. Issue the following command:
user@host> request system snapshot
83
The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration information from the previous software installation is retained, but the contents of log files might be erased. Stored files on the routing platform, such as configuration templates and shell scripts (the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored files, copy them to another system before upgrading or downgrading the routing platform. See the Installation and Upgrade Guide.
The download and installation process for Junos OS Release 19.2R3 is different from that for earlier Junos OS releases.
1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:
https://www.juniper.net/support/downloads/
2. Log in to the Juniper Networks authentication system by using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.
3. Select By Technology > Junos Platform > Junos Fusion to find the software that you want to download.
4. Select the release number (the number of the software version that you want to download) from the Version drop-down list to the right of the page.
5. Select the Software tab.
6. Select the software package for the release.
7. Review and accept the End User License Agreement.
8. Download the software to a local host.
9. Copy the software to the routing platform or to your internal software distribution site.
10. Install the new jinstall package on the aggregation device.
NOTE: We recommend that you upgrade all software packages out-of-band using the console,
because in-band connections are lost during the upgrade process.
Customers in the United States and Canada, use the following commands.
For 64-bit software:
84
NOTE: We recommend that you use 64-bit Junos OS software when implementing Junos
Fusion Provider Edge.
user@host> request system software add validate reboot
source/jinstall64-19.2R3.SPIN-domestic-signed.tgz
For 32-bit software:
user@host> request system software add validate reboot
source/jinstall-19.2R3.SPIN-domestic-signed.tgz
All other customers, use the following commands.
For 64-bit software:
NOTE: We recommend that you use 64-bit Junos OS software when implementing Junos
Fusion Provider Edge.
user@host> request system software add validate reboot
source/jinstall64-19.2R3.SPIN-export-signed.tgz
For 32-bit software:
user@host> request system software add validate reboot
source/jinstall-19.2R3.SPIN-export-signed.tgz
Replace source with one of the following values:
/pathname—For a software package that is installed from a local directory on the router.
For software packages that are downloaded and installed from a remote location:
ftp://hostname/pathname
http://hostname/pathname
scp://hostname/pathname (available only for the Canada and U.S. version)
The validate option validates the software package against the current configuration as a prerequisite for adding the software package to ensure that the router reboots successfully. This is the default behavior when the software package being added is for a different release.
85
Adding the reboot command reboots the router after the upgrade is validated and installed. When the reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.
Rebooting occurs only if the upgrade is successful.
NOTE: After you install a Junos OS Release 19.2R3 jinstall package, you cannot return to the
previously installed software by issuing the request system software rollback command. Instead, you must issue the request system software add validate command and specify the jinstall package that corresponds to the previously installed software.

Upgrading an Aggregation Device with Redundant Routing Engines

If the aggregation device has two Routing Engines, perform a Junos OS installation on each Routing Engine separately as follows to minimize disrupting network operations:
1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the configuration change to both Routing Engines.
2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running software version on the master Routing Engine.
3. After making sure that the new software version is running correctly on the backup Routing Engine, switch over to the backup Routing Engine to activate the new software.
4. Install the new software on the original master Routing Engine that is now active as the backup Routing Engine.
For the detailed procedure, see the Installation and Upgrade Guide.

Preparing the Switch for Satellite Device Conversion

Satellite devices in a Junos Fusion topology use a satellite software package that is different from the standard Junos OS software package. Before you can install the satellite software package on a satellite device, you first need to upgrade the target satellite device to an interim Junos OS software version that can be converted to satellite software. For satellite device hardware and software requirements, see
Understanding Junos Fusion Software and Hardware Requirements
NOTE: The following conditions must be met before a standalone switch that is running Junos
OS Release 14.1X53-D43 can be converted to a satellite device when the action is initiated from the aggregation device:
86
The switch can be converted to only SNOS 3.1 and later.
Either the switch must be set to factory-default configuration by using the request system
zeroize command, or the following command must be included in the configuration: set chassis auto-satellite-conversion.
Customers with EX4300 switches, use the following command:
user@host> request system software add validate reboot
source/jinstall-ex-4300-14.1X53-D43.3-domestic-signed.tgz
Customers with QFX5100 switches, use the following command:
user@host> request system software add reboot
source/jinstall-qfx-5-14.1X53-D43.3-domestic-signed.tgz
When the interim installation has completed and the switch is running a version of Junos and OS on one line that is compatible with satellite device conversion, perform the following steps:
1. Log in to the device by using the console port.
2. Clear the device:
[edit] user@satellite-device# request system zeroize
NOTE: The device reboots to complete the procedure for resetting the device.
If you are not logged in to the device by using the console port connection, your connection to the device is lost after you enter the request system zeroize command.
If you lose your connection to the device, log in using the console port.
3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces from Virtual Chassis ports (VCPs) into network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number
For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into network ports:
87
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 0 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 1 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 2 user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 3
This step is required for the 40-Gbps QSFP+ interfaces that will be used as uplink interfaces in a Junos Fusion topology. Built-in 40-Gbps QSFP+ interfaces on EX4300 switches are configured into VCPs by default, and the default settings are restored after the device is reset.
After this initial preparation, you can use one of three methods to convert your switches into satellite devices—autoconversion, manual conversion, and preconfiguration. See Configuring Junos Fusion Provider
Edge for detailed configuration steps for each method.

Converting a Satellite Device to a Standalone Device

If you need to convert a satellite device to a standalone device, you must install a new Junos OS software package on the satellite device and remove the satellite device from the Junos Fusion topology.
NOTE: If the satellite device is a QFX5100 switch, you need to install a PXE version of Junos
OS. The PXE version of Junos OS is software that includes pxe in the Junos OS package name when it is downloaded from the Software Center—for example, the PXE image for Junos OS Release 14.1X53-D43 is named install-media-pxe-qfx-5-14.1X53-D43.3-signed.tgz . If the satellite device is an EX4300 switch, you install a standard jinstall-ex-4300 version of Junos OS.
The following steps explain how to download software, remove the satellite device from Junos Fusion, and install the Junos OS software image on the satellite device so that the device can operate as a standalone device.
1. Using a Web browser, navigate to the Junos OS software download URL on the Juniper Networks webpage:
https://www.juniper.net/support/downloads
2. Log in to the Juniper Networks authentication system by using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.
88
3. Select By Technology > Junos Platform > Junos Fusion from the drop-down list and select the switch platform series and model for your satellite device.
4. Select the Junos OS Release 14.1X53-D30 software image for your platform.
5. Review and accept the End User License Agreement.
6. Download the software to a local host.
7. Copy the software to the routing platform or to your internal software distribution site.
8. Remove the satellite device from the automatic satellite conversion configuration.
If automatic satellite conversion is enabled for the satellite device’s member number, remove the member number from the automatic satellite conversion configuration. The satellite device’s member number is the same as the FPC slot ID.
[edit] user@aggregation-device# delete chassis satellite-management auto-satellite-conversion
satellite member-number
For example, to remove member number 101 from Junos Fusion:
[edit]
user@aggregation-device# delete chassis satellite-management auto-satellite-conversion
satellite 101
You can check the automatic satellite conversion configuration by entering the show command at the [edit chassis satellite-management auto-satellite-conversion] hierarchy level.
9. Commit the configuration.
To commit the configuration to both Routing Engines:
[edit] user@aggregation-device# commit synchronize
Otherwise, commit the configuration to a single Routing Engine:
[edit] user@aggregation-device# commit
89
10. Install the Junos OS software on the satellite device to convert the device to a standalone device.
[edit] user@aggregation-device> request chassis satellite install URL-to-software-package fpc-slot
member-number
For example, to install a PXE software package stored in the /var/tmp directory on the aggregation device onto a QFX5100 switch acting as the satellite device using FPC slot 101:
[edit] user@aggregation-device> request chassis satellite install
/var/tmp/install-media-pxe-qfx-5-14.1X53-D43.3-signed.tgz fpc-slot 101
For example, to install a software package stored in the var/tmp directory on the aggregation device onto an EX4300 switch acting as the satellite device using FPC slot 101:
[edit] user@aggregation-device> request chassis satellite install
/var/tmp/jinstall-ex-4300-14.1X53-D30.3-domestic-signed.tgz fpc-slot 101
The satellite device stops participating in the Junos Fusion topology after the software installation starts. The software upgrade starts after this command is entered.
11. Wait for the reboot that accompanies the software installation to complete.
12. When you are prompted to log back into your device, uncable the device from the Junos Fusion topology. See Removing a Transceiver from a QFX Series Device or Remove a Transceiver, as needed. Your device has been removed from Junos Fusion.
NOTE: The device uses a factory-default configuration after the Junos OS installation is
complete.

Upgrading an Aggregation Device

When you upgrade an aggregation device to Junos OS Release 19.2R1, you must also upgrade your satellite device to Satellite Device Software version 3.1R1.
90

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from
Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html.

Downgrading from Junos OS Release 19.2

To downgrade from Release 19.2 to another supported release, follow the procedure for upgrading, but replace the 19.2 jinstall package with one that corresponds to the appropriate release.
NOTE: You cannot downgrade more than three releases.
For more information, see the Installation and Upgrade Guide.
SEE ALSO
What's New | 77
What’s Changed | 78
Known Limitations | 79
Open Issues | 79
Resolved Issues | 80
Documentation Updates | 82
91

Junos OS Release Notes for MX Series 5G Universal Routing Platform

IN THIS SECTION
What’s New | 92
What's Changed | 113
Known Limitations | 123
Open Issues | 127
Resolved Issues | 139
Documentation Updates | 191
Migration, Upgrade, and Downgrade Instructions | 192
These release notes accompany Junos OS Release 19.2R3 for the MX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

What’s New

IN THIS SECTION
What’s New in 19.2R3 | 92
What’s New in 19.2R2 | 93
What’s New in 19.2R1-S4 | 93
What’s New in 19.2R1-S1 | 94
What’s New in 19.2R1 | 95
92
Learn about new features introduced in the Junos OS main and maintenance releases for MX Series.

What’s New in 19.2R3

There are no new features or enhancements to existing features for MX Series routers in Junos OS Release
19.2R3.

What’s New in 19.2R2

Junos OS XML, API, and Scripting
Support for 64-bit architecture added for use of management interface in a nondefault routing instance
in op scripts and JET applications (MX Series)—Junos OS Release 19.2R2 supports 64-bit architecture Junos OS operating scripts (op scripts) and on-box JET applications can now use the function set_routing_instance() to program the protocol software (TCP/UDP) to use a nondefault routing instance instead of the default management routing interface.
[See set_routing_instance() Function (Python).]
Network Management and Monitoring
Implement new MIBs using telemetry-based model (MX Series)—Starting in Junos OS Release 19.2R2,
new MIBs mplsMldpInterfaceStatsEntry and mplsMldpFecUpstreamSessTable are introduced. The Routing Engine uses a telemetry-based approach to collect statistics to provide MIB data for these MIBs. A new statement, sensor-based-stats at the [edit protocols ldp traffic-statistics] hierarchy level, enables telemetry-based collection. You must configure this statement to enable MIB data collection for mplsMldpInterfaceStatsEntry and mplsMldpFecUpstreamSessTable.
93
Routing Protocols
ECMP nexthop update rate throttling (MX Series, PTX Series, and QFX Series)—Starting in Junos OS
Release 19.2R2, you can choose to defer multipath computation for all families during a BGP peering churn. In very large-scale network deployments during BGP peering churn there is a temporary spike in multipath computation, which takes a toll on the Packet Forwarding Engine resources. This feature allows you to pause the multipath computation and to resume after the peering churn settles down. Note that if there is no BGP peering churn, then multipath computation is not paused.
To enable the pause option for BGP multipath computation during BGP peering churn, include the pause computation statement at the [edit protocols BGP multipath] hierarchy level.
Subscriber Management and Services
CoA messages support Session-Timeout attribute (MX Series)—Starting in Junos OS Release 19.2R2,
you can apply a session timeout for subscriber sessions with a RADIUS CoA message that includes the Session-Timeout attribute (27). This capability is useful, for example, when subscribers purchase Internet access for a specific period of time and must log out when the session expires. In earlier releases, the router does not recognize the attribute if it is included in a CoA message.
[See Understanding Session Options for Subscriber Access.]

What’s New in 19.2R1-S4

Interfaces and Chassis
Support for 1-Gbps speed on QFX-60S line card on PTX10008 and PTX10016 Routers—Starting in
Junos OS Release 19.2R1-S4, QFX10000-60S-6Q line card supports 1-Gbps speed on its ports (0 through
59). The QFX10000-60S-6Q line card contains 60 SFP+ ports that support 10-Gbps, two dual-speed QSFP28 ports that support either 40-Gbps or 100-Gbps, and four QSFP+ ports that support 40-Gbps. You can individually configure ports 0 to 59 for 10-Gbps or 1-Gbps port speed. Use the set chassis fpc fps-slot-number pic pic-number port port-number speed 1G command to change the mode of a port from 10-Gbps to 1-Gbps. The transceivers supported for 1-Gbps are QFX-SFP-1GE-LX, QFX-SFP-1GE-SX, and QFX-SFP-1GE-T.
[See QFX10000 Line Cards for details on the combination of modes supported on the ports.]
Services Applications
Support for Two-Way Active Measurement Protocol (TWAMP) and hardware timestamping of RPM
probe messages (MX10000 and PTX10000 routers)—Starting in Release 19.2R1-S4, Junos OS supports TWAMP and hardware timestamping of RPM probe messages on the MX10008, MX10016, PTX10008 and PTX10016 routers. You can use TWAMP to measure IP performance between two devices in a network. By enabling hardware timestamping of RPM you can account for the latency in the communication of probe messages and also generate more accurate timers in the Packet Forwarding Engine.
94
[See Understanding Two-Way Active Measurement Protocol on Routers and Understanding Using
Probes for Real-Time Performance Monitoring on M, T, PTX and MX Series Routers.]

What’s New in 19.2R1-S1

MPLS
Distributed CSPF for segment routing LSPs (MX Series)—Starting in Junos OS Release 19.2R1-S1, you
can compute a segment routing LSP locally on the ingress device according to the constraints you have configured. With this feature, the LSPs are optimized based on the configured constraints and metric type. The LSPs are computed to utilize the available ECMP paths to the destination.
Prior to Junos OS Release 19.2R1-S1, for traffic engineering of segment routing paths, you could either explicitly configure static paths, or use computed paths from an external controller.
[See Enabling Distributed CSPF for Segment Routing LSPs.]
Color-based mapping of VPN services over SRTE (MX Series)—Starting in Junos OS Release 19.2R1-S1,
you can specify a color attribute along with an IP protocol next hop to resolve transport tunnels over static colored and BGP segment routing traffic-engineered (SRTE) label-switched paths (LSPs). This is called the color-IP protocol next hop resolution, where you are required to configure a resolution-map and apply it to the VPN services. Prior to this release, the VPN services were resolved over IP protocol next hops only.
With this feature, you can enable color-based traffic steering of Layer 2 and Layer 3 VPN services.
[See Color-Based Mapping of VPN Services Overview.]
Routing Protocols
Decouple RSVP for IGP-TE (MX Series, PTX Series, ACX Series, QFX Series, SRX Series, and EX
Series)—Starting in Junos OS Release 19.2R1-S1, device can advertise selective traffic-engineering attributes such as admin-color and maximum-bandwidth, without enabling RSVP, for segment routing and interior gateway protocol (IGP) deployments.

What’s New in 19.2R1

Hardware
New fixed-configuration Modular Port Concentrator (MX240, MX480, and MX960)—Starting in Junos
OS Release 19.2R1, the MPC10E-10C-MRATE is a new Modular Port Concentrator (MPC) that is supported on the MX240, MX480, and MX960 routers.
The MPC10E-10C-MRATE features the following:
Line-rate throughput of up to 1.0 Tbps when installed with an enhanced midplane and 800 Gbps when
installed with a standard midplane.
95
Eight QSFP28 ports—Port numbers 0/0 through 0/3 and 1/0 through 1/3. The ports can be configured
as 10-Gbps, 40-Gbps, or 100-Gbps Ethernet ports.
Two QSFP56-DD ports—Port numbers 0/4 and 1/4. The ports can be configured as 10-Gps, 40-Gps,
100-Gbps Ethernet ports.
[See MX Series 5G Universal Routing Platform Interface Module Reference.]
MX10016 Universal Routing Platform—The MX10016 router provides 10-Gigabit Ethernet, 40-Gigabit
Ethernet, and 100-Gigabit Ethernet modular solutions that support up to 2.4 Tbps per slot. The MX10016 router provides redundancy and resiliency. All major hardware components including the power system, the cooling system, the control board and the switch fabrics are fully redundant. MX10016 enables cloud and data center operators to transition from 10-Gigabit Ethernet and 40-Gigabit Ethernet networks to 100-Gigabit Ethernet high-performance networks. The 21 rack unit (21 U) modular chassis can provide
38.4 Tbps of throughput. The MX10016 router has 16 slots for the line cards that can support a maximum of 1536 10-Gigabit Ethernet ports, 384 40-Gigabit Ethernet ports, or 384 100-Gigabit Ethernet ports.
You can deploy the MX10016 router in an IP edge network using an MX10K-LC2101 line card (ordering model number is JNP10K-LC2101).
[See MX10016 Hardware Guide.]
Advanced Cooling and Power Components (MX10008 Routers)—Starting in Junos OS Release 19.2R1,
MX10008 routers offer 5.5 KW power supplies, new high performance fan tray, and compatible fan tray controller. The JNP10K-PWR-AC2 power supply supports AC, high-voltage alternating current (HVAC), DC, or high-voltage direct current (HVDC). The JNP10K-PWR-DC2 provides a 5.5 KW upgrade for DC users. The JNP10008-FAN2 offers increased air flow through the chassis. The JNP10008-FAN2 offers 1793 cubic feet per minute (CFM) per fan tray. The new fan tray controller, JNP10008-FTC2 supports the new fan tray.
[See MX10008 Hardware Guide.]
Authentication, Authorization and Accounting (AAA) (RADIUS)
Option to enable and disable SCP per user level independent of SSH (MX Series)—Starting in Junos OS
19.2R1, you can enable and disable SCP for a certain login class user independent of SSH. By defualt, SCP is not allowed for users added to the system defined classes read-only, operator and unauthorized and is only allowed to the system defined class super-user. SCP is allowed for any login class user belonging to a user defined class. You can deny SCP request for a user assigned to a user defined class by using the no-scp-server configuration statement. Prior to 19.2R1, SCP was enabled and disabled when SSH was enabled and disabled.
To disable SCP for a certain login class, use set no-scp-server at the [edit system login class <class_name>] hierarchy level.
[See no-scp-server.]
Option to enable and disable SFTP per user level (MX Series)—Starting in Junos OS 19.2R1, you can
enable and disable SFTP for a certain login class user. By defualt, SFTP is not allowed for users added to the system defined classes read-only, operator and unauthorized and is only allowed to the system defined class super-user if SFTP is enabled globally. For a user assigned to a user defined class, by default SFTP requests are allowed if set system services ssh sftp-server is configured. You can now deny SFTP requests for a user assigned to a user defined class by using the no-sftp-server configuration statement.
96
To disable SFTP for a certain login class, use set no-sftp-server at the [edit system login class <class_name>] hierarchy level.
[See no-sftp-server.]
EVPN
Support for BFD, BGP, IS-IS, and OSPF on IRB interfaces in EVPN-MPLS networks (MX Series and
vMX)—Starting with Junos OS Release 19.2R1, you can configure Bidirectional Forwarding Detection (BFD), BGP, IS-IS, and OSPF routing protocols on the IRB interface in an EVPN-MPLS network to route and forward EVPN traffic. This feature supports single-homed, single-active, and all-active multihomed networks.
[See EVPN with IRB Solution Overview.]
EVPN support of VLAN ID ranges and lists in service provider style interface configurations (MX Series
routers, and vMX virtual routers)—Starting in Junos OS Release 19.2R1, EX9200 switches, ACX5448 and MX Series routers, and vMX virtual routers support the use of VLAN ID ranges and lists in a service provider style interface configuration, which must be referenced in an EVPN routing instance. This configuration is supported with the following EVPN environments, services, and features:
Environments:
EVPN with VXLAN encapsulation
EVPN with MPLS encapsulation
VLAN bundle service:
E-LAN
E-Tree
E-Line
Feature:
EVPN multihoming:
All-active
Single-active
Singlehoming
[See VLAN ID Ranges and Lists in an EVPN Environment.]
Connectivity fault management support in EVPN-VPWS (MX Series)—Starting with Junos OS Release
19.2R1, you can configure Up maintenance association end points (MEPs) and maintenance association intermediate point (MIPs) on attachment circuits in support of connectivity fault management (CFM) in EVPN-VPWS networks. With the MEPs, you can monitor connectivity between two points on the EVPN-VPWS network. Junos OS supports the continuity check messages (CCM), loopback and link trace messages (LTMs) as defined in IEEE 802.1AG CFM, and delay measurements (DM) and synthetic loss measurements (SLMs) as defined in Y.1731 on a single-active homing network.
97
[See Connectivity Fault Management Support for EVPN and Layer 2 VPN Overview.]
Support for control word in EVPN-VPWS (MX Series and vMX) —Starting with Junos OS Release 19.2R1,
Junos OS supports the insertion of a control word between the label stack and the MPLS payload in a network with EVPN-VPWS service. This feature prevents a transit device from delivering out-of-order packets as a result of the device’s load-balancing hashing algorithm. When you enable the control word feature on a PE device, the PE device advertises support for a control word. If all the PE devices in an EVI on the EVPN-VPWS serviced network support control word, then the PE device inserts a control word between the label stack and the L2 header in the packet thus preventing the packet from being misidentified by transit devices.
[See Control Word for EVPN-VPWS.]
Forwarding and Sampling
Support for local preference when selecting forwarding next-hops for ECMP traffic (MX Series)—Starting
in Junos OS Release 19.2R1, you can have equal cost multi-path (ECMP) traffic flows prefer local forwarding next-hops over remote ones. This feature supports BGP prefixes that are directly reachable with IPv4 MPLS ECMP next-hops. Use ecmp-local-bias to direct ECMP traffic towards local links, for example, to ensure that the overall load on the fabric is reduced. [See ecmp-local-bias for usage details.]
High Availability (HA) and Resiliency
ISSU suport for MX2008 (MX Series)—Starting in Junos OS Release 19.2R1, MX2008 routers support
ISSU.
[See Understanding In-Service Software Upgrade (ISSU)]
Interfaces and Chassis
Support for local preference when selecting forwarding next-hops for load balancing (MX Series)—Starting
in Junos OS Release 19.2R1, you can have traffic flows across aggregated Ethernet or logical-tunnel interfaces prefer local forwarding next-hops over remote ones, for example to ensure that the overall load on the fabric is reduced. [See local-bias for usage details.]
98
Support to collect and display PRBS statistics (MX10003 and MX204)—Starting in Junos OS Release
19.2R1, on MX10003 and MX204 routers, you can check the physical link connectivity by issuing the test interfaces ifd-name prbs-test-start pattern-type type direction (0|1) flip (0|1) that starts collecting the PRBS statistics.
The output of the show interfaces interface-name prbs-stats command displays the PRBS statistics while the test is in progress. These statistics are cleared after the test is complete or if it is stopped. You can stop collecting the statistics by issuing the test interfaces ifd-name prbs-test-stop direction (0|1) command.
NOTE: While running PRBS statistics, the link will be down.
[See prbs-test-start, prbs-test-stop, show interfaces prbs-stats, Collecting Pseudo Random Bit Sequence
(PRBS) Statistics.]
Domain Name System (DNS) is VRF aware (MX Series)—Starting in Junos OS Release 19.2R1, when the
management-instance statement is configured at the [edit system] hierarchy level, you can use the non-default management routing instance mgmt_junos as the routing instance through which the DNS name server is reachable. To specify the routing instance mgmt_junos, configure our new configuration statement routing-instance mgmt_junos, at the [edit system name-server server-ip] hierarchy level.
[See Management Interface in a Nondefault Instance, Configuring a DNS Name Server for Resolving a
Hostname into Addresses, name-server, and show host.]
SCBE3-MX interoperates with MPC10E-10C (MX240, MX480, and MX960)—Starting in Junos OS
Release 19.2R1, the Enhanced Switch Control Board SCBE3-MX (model number: SCBE3-MX-S) supports fabric management on the MPC10E-10C line card on the MX240, MX480, and MX960 routers. The
SCBE3-MX-S supports a pluggable Routing Engine and provides a control plane and data plane interconnect to each line card slot. The MPC10E-10C supports a bandwidth of up to 1 Tbps (800 Gbps with four planes and 1 Tbps with 5 or 6 planes). With MPC10E 15C line card, in a non-redundant configuration the SCBE3-MX provides fabric bandwidth of up to 1 Tbps per slot with four fabric planes and 1.5 Tbps per slot when all six fabric planes are used. Starting in this release, the MPC10E line cards support the standard midplane, which supports a bandwidth up to 800 Gbps per slot. Support for the enhanced midplane, which provides a bandwidth of 1.5 Tbps with MPC10E-15C and 1 Tbps with MPC10E-10C, is already available.
[See SCBE3-MX Description and MPC10E-15C-MRATE]
Support for QSFP-100GE-DWDM2 transceiver (MX204, MX10003, MX10008, and MX10016)—Starting
in Junos OS Release 19.2R1, the MX204, MX10003, MX10008, and MX10016 routers support the QSFP-100GE-DWDM2 transceiver. The 100-Gbps bidirectional transceiver has a dual transmitter/receiver that enables it to transmit and receive data through a single optical fiber. You can perform the following actions when this transceiver is installed:
View the diagnostics data, warnings, and alarms for interfaces. [See show interfaces diagnostics optics.]
Clear the bit error rate (BER) counters. [See clear interfaces statistics.]
99
Obtain the transport, performance monitoring, and threshold crossing alert (TCA) information for
interfaces. [See show interfaces transport pm.]
Clear the optics information from transport performance monitoring data. [See clear interfaces transport
pm.]
Enable or disable TCAs. [See tca.]
Enable or disable loopback mode. [See optics-options.]
MPC10 distributed LACP support in PPM AFT (MX Series)—Starting in Junos OS Release 19.2R1, the
MPC10E-15C-MRATE and MPC10E-10C-MRATE MPCs support distributed LACP in Periodic Packet Manager (ppman) Advanced Forwarding Toolkit (AFT).
Support for Routing Engine hard disk smart check (MX240, MX480, MX204, MX960, MX10008,
MX2008, MX2020, MX10016, MX10000, MX2010, MX10002, and MX10003)—Starting in Junos OS Release 19.2R1, you can configure the device to perform certain health checks on the Routing Engine solid-state drive (SSD) and log a health event or raise an alarm in case a predefined health attribute threshold is breached. You can use the set chassis routing-engine disk smart-check command to instruct the system to raise an alarm when an SSD health attribute threshold is breached. You can view the alarm by using the command show chassis alarms.
[See smart-check]
Junos OS XML API and Scripting
Automation script library additions and upgrades (MX Series)—Starting in Junos OS Release 19.2R1,
devices running Junos OS that support the Python extensions package include new and upgraded Python modules. Python automation scripts can leverage new on-box Python modules, including the requests, chardet, and urllib3 modules, as well as upgraded versions of the idna, ipaddress, and six modules. The Requests library provides additional methods for supporting initial deployments as well as for performing routine monitoring and configuration changes on devices running Junos OS.
[See Overview of Python Modules Available on Devices Running Junos OS and Using the Requests
Library for Python on Devices Running Junos OS.]
Junos Telemetry Interface
Inline active flow monitoring support using JTI (MPC10E-15C-MRATE line cards)—Starting in Junos OS Release 19.2R1, Junos Telemetry Interface (JTI) supports streaming inline active flow monitoring service-related statistics and errors counters for export to outside collectors at configurable intervals using remote procedure call (gRPC) services.
Use the following resource path to export statistics:
100
/junos/system/linecard/services/inline-jflow/
To provision the sensor to export data through gRPC services, use the telemetrySubcribe RPC to specify telemetry parameters. Streaming telemetry data through gRPC also requires the OpenConfig for Junos OS module. Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled into the Junos OS image by default. Both packages support JTI.
[See Configuring Flow Aggregation on MX, M, vMX and T Series Routers and NFX250 to Use Version
9 Flow Templates, Guidelines for gRPC Sensors (Junos Telemetry Interface) and Understanding OpenCOnfig and gRPC on Junos Telemetry Interface.]
Packet Forwarding Engine support for JTI (MX2010 and MX2020 routers)—Starting in Junos OS Release
19.2R1, Junos telemetry interface (JTI) supports streaming of Packet Forwarding Engine statistics for MX2010 and MX2020 routers using Remote Procedure Calls (gRPC). gRPC is a protocol for configuration and retrieval of state information.
To provision the sensor to export data through gRPC, use the telemetrySubscribe RPC to specify telemetry parameters. Streaming telemetry data through gRPC also requires the OpenConfig for Junos OS module. Starting in Junos OS Release 18.3R1, OpenConfig and Network Agent packages are bundled into the Junos OS image by default. Both packages support the JTI.
[See Guidelines for gRPC Sensors (Junos Telemetry Interface).]
Sensor- level statistics support on JTI (MX960, MX2008, MX2010, MX2020, PTX5000, PTX1000, and
PTX10000 routers and QFX5100 and QFX5200 switches)—Starting with Junos OS Release 19.2R1, you can issue the Junos operational mode command show network-agent statistics to provide more information on a per-sensor level for statistics being streamed to an outside collector by means of remote procedure calls (gRPC) and Junos telemetry interface (JTI). Only sensors exported with gRPC are supported. The command does not support UDP-based sensors.
Loading...