Release Notes: Junos®OS Release 19.3R3 for
the ACX Series, EX Series, MX Series, NFX
Series, PTX Series, QFX Series, SRX Series, and
Junos Fusion
1
22 April 2021
Contents
Introduction | 10
Junos OS Release Notes for ACX Series | 10
What's New | 11
What's New in Release 19.3R3 | 11
What's New in Release 19.3R2 | 11
What’s New in Release 19.3R1-S1 | 11
What's New in Release 19.3R1 | 12
What's Changed | 19
What’s Changed in Release 19.3R3-S1 | 20
What's Changed in Release 19.3R3 | 20
What's Changed in Release 19.3R2-S6 | 20
What's Changed in Release 19.3R2 | 21
What's Changed in Release 19.3R1 | 21
Known Limitations | 23
General Routing | 23
Open Issues | 25
General Routing | 25
Platform and Infrastructure | 27
Virtual Chassis | 27
Resolved Issues | 27
Resolved Issues: 19.3R3 | 28
Resolved Issues: 19.3R2 | 30
Resolved Issues: 19.3R1 | 31
Documentation Updates | 34
Migration, Upgrade, and Downgrade Instructions | 35
Upgrade and Downgrade Support Policy for Junos OS Releases | 35
Junos OS Release Notes for EX Series Switches | 37
What's New | 37
What's New in 19.3R3 | 38
What's New in 19.3R2 | 38
What's New in 19.3R1 | 39
What's Changed | 47
What's Changed in 19.3R3 | 48
2
What's Changed in Release 19.3R2-S6 | 49
What's Changed in 19.3R2 | 50
What's Changed in 19.3R1 | 50
Known Limitations | 52
EVPN | 52
Infrastructure | 52
Platform and Infrastructure | 52
Open Issues | 53
Authentication and Access Control | 54
Infrastructure | 54
Interfaces and Chassis | 54
Layer 2 Features | 54
Network Management and Monitoring | 54
Platform and Infrastructure | 54
Virtual Chassis | 56
Resolved Issues | 56
Resolved Issues: 19.3R3 | 57
Resolved Issues: 19.3R2 | 62
Resolved Issues: 19.3R1 | 64
Layer 2 Ethernet Services | 64
Network Management and Monitoring | 65
Platform and Infrastructure | 65
Routing Protocols | 68
Subscriber Access Management | 69
User Interface and Configuration | 69
Virtual Chassis | 69
VPNs | 69
Documentation Updates | 69
Migration, Upgrade, and Downgrade Instructions | 70
Upgrade and Downgrade Support Policy for Junos OS Releases | 70
Junos OS Release Notes for Junos Fusion Enterprise | 71
What’s New | 72
What's New in Release 19.3R3 | 72
What's New in Release 19.3R2 | 72
3
What's New in Release 19.3R1 | 72
What’s Changed | 73
Known Limitations | 73
Open Issues | 74
Junos Fusion for Enterprise | 74
Resolved Issues | 75
Resolved Issues: 19.3R3 | 75
Resolved Issues: 19.3R2 | 75
Resolved Issues: 19.3R1 | 75
Documentation Updates | 76
Migration, Upgrade, and Downgrade Instructions | 76
Basic Procedure for Upgrading Junos OS on an Aggregation Device | 77
Upgrading an Aggregation Device with Redundant Routing Engines | 78
Preparing the Switch for Satellite Device Conversion | 79
Converting a Satellite Device to a Standalone Switch | 80
Upgrade and Downgrade Support Policy for Junos OS Releases | 80
Downgrading from Junos OS | 81
Junos OS Release Notes for Junos Fusion Provider Edge | 82
What's New | 82
What's New in Release 19.3R3 | 83
What's New in Release 19.3R2 | 83
What's New in Release 19.3R1 | 83
What's Changed | 83
Known Limitations | 84
Junos Fusion Provider Edge | 84
Open Issues | 85
Junos Fusion Provider Edge | 85
Resolved Issues | 86
Resolved Issues: 19.3R3 | 86
Resolved Issues: 19.3R2 | 86
Resolved Issues: 19.3R1 | 86
4
Documentation Updates | 87
Migration, Upgrade, and Downgrade Instructions | 87
Basic Procedure for Upgrading an Aggregation Device | 88
Upgrading an Aggregation Device with Redundant Routing Engines | 90
Preparing the Switch for Satellite Device Conversion | 91
Converting a Satellite Device to a Standalone Device | 92
Upgrading an Aggregation Device | 95
Upgrade and Downgrade Support Policy for Junos OS Releases | 95
Downgrading from Junos OS Release 19.3 | 95
Junos OS Release Notes for MX Series 5G Universal Routing Platform | 96
What's New | 97
What’s New in Release 19.3R3 | 97
What’s New in Release 19.3R2 | 97
What’s New in Release 19.3R1 | 116
What's Changed | 135
What’s Changed in Release 19.3R3-S1 | 136
What’s Changed in Release 19.3R3 | 136
What's Changed in Release 19.3R2-S6 | 139
What’s Changed in Release 19.3R2-S5 | 140
What’s Changed in Release 19.3R2 | 140
What’s Changed in Release 19.3R1 | 142
Known Limitations | 146
General Routing | 146
Infrastructure | 149
Interfaces and Chassis | 149
MPLS | 150
Platform and Infrastructure | 150
Routing Protocols | 151
Open Issues | 151
EVPN | 152
Forwarding and Sampling | 153
General Routing | 153
Infrastructure | 161
Interfaces and Chassis | 161
5
Layer 2 Ethernet Services | 162
MPLS | 162
Platform and Infrastructure | 163
Routing Protocols | 164
Services Applications | 166
Subscriber Access Management | 166
User Interface and Configuration | 166
VPNs | 166
Resolved Issues | 167
Resolved Issues: 19.3R3 | 167
Resolved Issues: 19.3R2 | 186
Resolved Issues: 19.3R1 | 195
Documentation Updates | 214
Migration, Upgrade, and Downgrade Instructions | 215
Basic Procedure for Upgrading to Release 19.3 | 216
Procedure to Upgrade to FreeBSD 11.x based Junos OS | 216
Procedure to Upgrade to FreeBSD 6.x based Junos OS | 219
Upgrade and Downgrade Support Policy for Junos OS Releases | 220
Upgrading a Router with Redundant Routing Engines | 221
Downgrading from Release 19.3 | 221
Junos OS Release Notes for NFX Series | 222
What’s New | 222
Release 19.3R3 New and Changed Features | 223
Release 19.3R2 New and Changed Features | 223
Release 19.3R1 New and Changed Features | 223
What's Changed | 224
What's Changed in Release 19.3R2-S6 | 224
Known Limitations | 225
Interfaces | 225
Platform and Infrastructure | 225
Virtual Network Functions (VNFs) | 226
Open Issues | 226
Interfaces | 226
High Availability (HA) | 227
6
Platform and Infrastructure | 227
Virtual Network Functions (VNFs) | 227
Resolved Issues | 228
Resolved Issues: 19.3R3 | 228
Resolved Issues: 19.3R2 | 229
Resolved Issues: 19.3R1 | 230
Documentation Updates | 232
Migration, Upgrade, and Downgrade Instructions | 232
Upgrade and Downgrade Support Policy for Junos OS Releases | 232
Basic Procedure for Upgrading to Release 19.3 | 233
Junos OS Release Notes for PTX Series Packet Transport Routers | 234
What's New | 235
What's New in Release 19.3R3 | 235
What's New in Release 19.3R2 | 235
What's New in Release 19.3R1 | 236
What's Changed | 243
What’s Changed in Release 19.3R3-S1 | 244
What's Changed in Release 19.3R3 | 244
Juniper Extension Toolkit (JET) | 245
What's Changed in Release 19.3R2-S6 | 245
What's Changed in Release 19.3R2 | 246
What's Changed in Release 19.3R1 | 246
Known Limitations | 248
General Routing | 248
Interfaces and Chassis | 249
Open Issues | 249
General Routing | 249
Routing Protocols | 250
Resolved Issues | 251
Resolved Issues: Release 19.3R3 | 251
Resolved Issues: Release 19.3R2 | 254
Resolved Issues: Release 19.3R1 | 255
Documentation Updates | 257
Migration, Upgrade, and Downgrade Instructions | 258
7
Basic Procedure for Upgrading to Release 19.3 | 258
Upgrade and Downgrade Support Policy for Junos OS Releases | 261
Upgrading a Router with Redundant Routing Engines | 262
Junos OS Release Notes for the QFX Series | 263
What's New | 263
What’s New in Release 19.3R3 | 264
What’s New in Release 19.3R2 | 264
What’s New in Release 19.3R1 | 264
What's Changed | 272
What’s Changed in Release 19.3R3-S1 | 273
What's Changed in Release 19.3R3 | 273
What's Changed in Release 19.3R2-S6 | 275
What's Changed in Release 19.3R2 | 276
What's Changed in Release 19.3R1 | 276
Known Limitations | 278
Class of Service (CoS) | 279
EVPN | 279
Platform and Infrastructure | 279
Infrastructure | 280
Layer 2 Features | 280
Routing Protocols | 281
Open Issues | 281
EVPN | 282
High Availability (HA) and Resiliency | 282
Infrastructure | 282
Interfaces and Chassis | 282
Junos Fusion Provider Edge | 283
Layer 2 Features | 283
Platform and Infrastructure | 283
Routing Protocols | 285
Virtual Chassis | 286
Resolved Issues | 286
Resolved Issues: Release 19.3R3 | 287
Resolved Issues: Release 19.3R2 | 295
8
Resolved Issues: Release 19.3R1 | 299
Documentation Updates | 306
Migration, Upgrade, and Downgrade Instructions | 307
Upgrading Software on QFX Series Switches | 307
Installing the Software on QFX10002-60C Switches | 310
Installing the Software on QFX10002 Switches | 310
Upgrading Software from Junos OS Release 15.1X53-D3X to Junos OS Release
15.1X53-D60, 15.1X53-D61.7, 15.1X53-D62, and 15.1X53-D63 on QFX10008 and
QFX10016 Switches | 311
Installing the Software on QFX10008 and QFX10016 Switches | 313
Performing a Unified ISSU | 317
Preparing the Switch for Software Installation | 318
Upgrading the Software Using Unified ISSU | 318
Upgrade and Downgrade Support Policy for Junos OS Releases | 320
Junos OS Release Notes for SRX Series | 321
What’s New | 322
What’s New in Release 19.3R3 | 322
What’s New in Release 19.3R2 | 322
What’s New in Release 19.3R1 | 322
What's Changed | 330
What's Changed in Release 19.3R3 | 331
What's Changed in Release 19.3R2-S6 | 332
What's Changed in Release 19.3R2 | 333
What's Changed in Release 19.3R1 | 333
Known Limitations | 335
Authentication and Access Control | 336
J-Web | 336
Logical Systems and Tenant Systems | 337
Platform and Infrastructure | 337
VPNs | 337
Open Issues | 338
Flow-Based and Packet-Based Processing | 338
9
Intrusion Detection and Prevention (IDP) | 338
J-Web | 339
Routing Policy and Firewall Filters | 339
VPNs | 339
Resolved Issues | 340
Resolved Issues: Release 19.3R3 | 340
Resolved Issues: Release 19.3R2 | 346
Resolved Issues: Release 19.3R1 | 349
Documentation Updates | 357
Migration, Upgrade, and Downgrade Instructions | 357
Upgrade and DowngradeSupport Policy for Junos OS Releases and Extended End-Of-Life
Releases | 358
Upgrading Using ISSU | 359
Licensing | 359
Finding More Information | 360
Documentation Feedback | 360
Requesting Technical Support | 361
Self-Help Online Tools and Resources | 361
Opening a Case with JTAC | 362
Revision History | 362
Introduction
Junos OS runs on the following Juniper Networks®hardware: ACX Series, EX Series, M Series, MX Series,
NFX Series, PTX Series, QFabric systems, QFX Series, SRX Series, T Series, and Junos Fusion.
These release notes accompany Junos OS Release 19.3R3 for the ACX Series, EX Series, MX Series, NFX
Series, PTX Series, QFX Series, SRX Series, and Junos Fusion. They describe new and changed features,
limitations, and known and resolved problems in the hardware and software.
Junos OS Release Notes for ACX Series
IN THIS SECTION
10
What's New | 11
What's Changed | 19
Known Limitations | 23
Open Issues | 25
Resolved Issues | 27
Documentation Updates | 34
Migration, Upgrade, and Downgrade Instructions | 35
These release notes accompany Junos OS Release 19.3R3 for the ACX Series. They describe new and
changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/product/en_US/junos-os.
What's New
IN THIS SECTION
What's New in Release 19.3R3 | 11
What's New in Release 19.3R2 | 11
What’s New in Release 19.3R1-S1 | 11
What's New in Release 19.3R1 | 12
Learn about new features introduced in the Junos OS main and maintenance releases for ACX Series
routers.
11
What's New in Release 19.3R3
There are no new features or enhancements to existing features for ACX Series Universal Metro Routers
in Junos OS Release 19.3R3.
What's New in Release 19.3R2
There are no new features or enhancements to existing features for ACX Series Universal Metro Routers
in Junos OS Release 19.3R2.
What’s New in Release 19.3R1-S1
Hardware
New ACX5448-M Universal Metro Routers—In Junos OS Release 19.3R1-S1, we introduce the
•
ACX5448-M, a top-of-rack router with support for advanced security capabilities such as Media Access
Control Security (MACsec). A compact 1 U model, the ACX5448-M provides a system throughput of up
to 800 Gbps through the following port configuration:
Forty-four 10-Gigabit Ethernet SFP+ or 1-Gigabit Ethernet SFP ports (0 through 43). The ACX5448-M
•
supports MACsec only on these ports.
Six 100-Gigabit Ethernet QSFP28 or 40-Gigabit Ethernet QSFP+ ports (44 through 49). You can
•
channelize each QSFP28 port into four 25-Gbps interfaces and each QSFP+ port into 10-Gbps interfaces
using breakout cables (and the channelization configuration).
The ACX5448-M routers have redundant fan modules and redundant AC or DC power supply modules.
New ACX5448-D Universal Metro Routers—In Junos OS Release 19.3R1-S1, we introduce the
•
ACX5448-D, a top-of-rack router for aggregation environments. Designed for packet-optical convergence,
this compact 1 U router provides wire-speed packet performance, very low latency, and a rich set of
Layer 2 and Layer 3 features.
The ACX5448-D provides a system throughput of up to 800 Gbps through the following port
configuration:
Thirty-six 10-Gigabit Ethernet SFP+ or 1-Gigabit Ethernet SFP ports (0 through 35).
•
Two 100-Gigabit Ethernet QSFP28 or 40-Gigabit Ethernet QSFP+ ports (36 and 37). You can channelize
•
each QSFP28 port into four 25-Gbps interfaces and each QSFP+ port into four 10-Gbps interfaces
using breakout cables (and the channelization configuration).
Two 200-Gigabit Ethernet CFP2-DCO ports (38 and 39).
•
The ACX5448-D routers have redundant fan modules and redundant AC or DC power supply modules.
What's New in Release 19.3R1
12
Class of Service
Class of Service (CoS) parity support for ACX5000 routers—Starting in Junos OS 19.3R1, the
•
Class-of-Service feature set is supported on ACX5000 devices to enable users to configure classification,
rewrite, shaping, queueing, and scheduling parameters for traffic flow.
For more information regarding CoS, see Understanding Class of Service.
Support for Class-of-Service (CoS) for ACX5448 devices—Starting in Junos OS 19.3R1, support is
•
provided for Class-of-Service (COS) on ACX5448 devices to include firewall filter families (ANY, VPLS,
ethernet-switching, CCC, IPv6, IPv4, Lo0-IPv6, Lo0-IPv4, and MPLS), and CoS (classification, policing,
forwarding policy, forwarding class to queue map, WRED and Tail drop profiles, fabric queue and
scheduling configuration, scheduler, deep buffers, and remarking).
For more information regarding CoS, see Understanding Class of Service.
High Availability (HA) and Resiliency
VRRP support (ACX5448)—Starting in Junos OS Release 19.3R1, the ACX5448 router supports the
•
Virtual Router Redundancy Protocol (VRRP) over aggregated Ethernet and integrated routing and bridging
(IRB) interfaces. The VRRP queue size is limited, so it doesn’t disturb other protocols such as Bidirectional
Forwarding Detection (BFD) and connectivity fault management (CFM). The ACX5448 supports 16
VRRP groups.
[See Understanding VRRP. ]
•
Software Support (ACX5448-D and ACX5448-M)—Starting in Junos OS Release 19.3R1, ACX5448-D
and ACX5448-M routers support:
Chassis management software—Manages the onboard FRUs
•
Upgradable common BIOS software—Initializes all the devices on the hardware
•
FPC and PIC management
•
Interfaces and Chassis
Hardware resiliency support (ACX5448-D and ACX5448-M)—Starting in Junos OS Release 19.3R1,
•
ACX5448-D and ACX5448-M routers support the resiliency feature, which includes handling of hardware
failure and faults. Resiliency on an ACX5448-D enhances its debugging capability in the case of hardware
failure of its components such as Routing Engine, solid-state drive (SSD), and PCI Express. For example,
the resiliency feature enables the router to recover from inter-integrated circuit (I2C) failure, and improves
its voltage monitoring, temperature monitoring, and PCI Express error handling and reporting. The
resiliency feature also provides DRAM single-bit and multibit error checking and correction (ECC)
capabilities.
[See show chassis fpc errors.]
Interface speed, channelization, and MACsec support (ACX5448-M)—In Junos OS Release 19.3R1, we
•
introduce the ACX5448-M Universal Metro Router with support for advanced security capabilities such
as Media Access Control Security (MACsec). The ACX5448-M has the following port types:
13
Forty-four 10-Gigabit Ethernet or 1-Gigabit Ethernet SFP+ ports (0 through 43). Based on the optics
•
plugged in, the ports come up either as 1-Gbps or 10-Gbps.
Six 100-Gigabit Ethernet QSFP28 ports (44 through 49). These ports support 100-Gbps (the default)
•
and 40-Gbps speeds. You can channelize these ports into four 25-Gbps or four 10-Gbps interfaces.
The 44 SFP+ ports on the ACX5448-M support MACsec; however, the six QSFP28 ports do not support
MACsec.
[See Channelize Interfaces on ACX5448-D and ACX5448-M Routers.]
Layer 2 Features
Support for Layer 2 Features (ACX5448-D and ACX5448-M)—Starting in Junos OS Release 19.3R1,
•
Junos OS supports Layer 2 bridging, Q-in-Q tunneling, no-local switching, Layer 2 protocol tunneling,
Spanning Tree Protocols (RSTP,MSTP), Bridge Protocol Data Unit (guard, root and loop protect), Ethernet
OAM, VPLS, BGP, LDP, pseudowire ping, and Bidirectional Forwarding Detection (BFD) support for
virtual circuit connectivity verification (VCCV) on ACX5448-D and ACX5448-M routers.
Support for Layer 2 switching cross-connects (ACX5440)—Starting in Junos OS Release 19.3R1, you
•
can leverage the hardware support available for cross-connects on the ACX5448 device with the Layer
2 local switching functionality using certain models. With this support, you can provide the EVP and
Ethernet Virtual Private Line (EVPL) services.
[See Configuring Layer 2 Switching Cross-Connects Using CCC.]
Layer 3 Features
Support for Layer 3 features (ACX5448-D and ACX5448-M)—Starting in Junos OS Release 19.3R1,
•
Junos OS supports Layer 3 protocols, multicast, and MPLS as the transport mechanism on ACX5448-D
and ACX5448-M routers.
Management
OpenConfig AAA data model support (ACX1100, ACX2100, ACX5448, ACX6360, EX4300, MX240,
•
MX480, MX960, MX10003, PTX10008, PTX10016, QFX5110, and QFX10002)—Junos OS Release
19.3R1 supports the configuration leaves specified in the OpenConfig AAA data model. Mapping the
OpenConfig AAA configuration to the Junos AAA configuration using the following YANG files in the
data model makes this support possible:
openconfig-aaa.yang
•
openconfig-aaa-types.yang
•
openconfig-aaa-tacacs.yang
•
openconfig-aaa-radius.yang
•
14
The configuration model supporting the OpenConfig data model includes:
A translation script (.py / .slax) that maps each configuration leaf in the OpenConfig schema to one
•
or more configuration leafs in the JUNOS OS schema.
A deviation file (.yang) that specifies how much the implementation deviates from the vendor-neutral
•
model.
[See Mapping OpenConfig AAA Commands to Junos Configuration.]
Network Management and Monitoring
Support for adding custom YANG data models to the Junos OS schema (ACX5448-D and
•
ACX5448-M)—Starting in Junos OS Release 19.3R1, ACX5448-D and ACX5448-M routers support
loading custom YANG data models on the device, which enables you to add RPCs or configuration
hierarchies that are customized for your operations. The ability to add data models to a device is beneficial
when you want to create device-agnostic RPCs and configuration models that can be used on different
devices from one or more vendors.
[See Understanding the Management of Non-Native YANG Modules on Devices Running Junos OS.]
Port Security
Media Access Control Security (MACsec) support (ACX5448)—Starting with Junos OS Release 19.3R1,
•
ACX5448 routers support MACsec on 1-Gigabit Ethernet SFP and 10-Gigabit Ethernet SFP+ ports.
MACsec is an industry-standard security technology that provides secure communication for all traffic
on point-to-point Ethernet links. MACsec is standardized in IEEE 802.1AE.
15
[See Understanding Media Access Control Security (MACsec).]
Routing Policy and Firewall Filters
Match condition support for IPv6 firewall filters (ACX6360)—Starting in Junos OS Release 19.3R1, the
•
ACX6360 router supports the following firewall filter match conditions for IPv6 traffic: address,
destination-address, destination-port, destination-port-except, destination-prefix-list, port, port-except,
icmp-code, icmp-code-except, icmp-type, icmp-type-except, next-header, next-header-except, prefix-list,
source-address, source-port, source-port-except, and source-prefix-list.
[See Firewall Filter Match Conditions for IPv6 Traffic on ACX Series Routers and ACX6360
Documentation. ]
Routing Protocols
Clocking and Synchronous Ethernet support (ACX5448)—Starting in Junos OS Release 19.3R1, ACX5448
•
routers support frequency synchronization using the Synchronous Ethernet and Ethernet Synchronization
Message Channel (ESMC) protocols. The routers also support phase and time synchronization through
Precision Time Protocol (PTP).
[See Synchronous Ethernet Overview.]
Transparent clock over IPv6 support (ACX5448)—Starting with Junos OS Release 19.3R1, ACX5448
•
routers support transparent clock functionality for PTP over IPv6. To configure the transparent clock
functionality, you must include the e2e-transparent statement at the [edit protocol ptp] hierarchy level.
Use the show ptp global-information command to check the status of the transparent clock functionality
configured on the router.
[See Understanding Transparent Clocks in Precision Time Protocol.]
Support for RIPv2 (ACX5448)—Starting in Junos OS Release 19.3R1, Junos OS supports RIP version 2
•
(RIPv2) for both IPv4 and IPv6 packets.
Services Applications
•
Support for Two-Way Active Measurement Protocol or TWAMP (ACX5448-D and ACX5448-M)—Starting
in Junos OS Release 19.3R1, you can configure TWAMP on your ACX5448-D and ACX5448-M routers.
TWAMP enables you measure the IP performance between two devices in a network. The ACX5448-D
and ACX5448-M routers support only the reflector side of TWAMP.
[See Two-Way Active Measurement Protocol on ACX Series.]
•
Support for virtualization (ACX5448-D and ACX5448-M)—Starting in Junos OS Release 19.3R1, the
Routing Engines on the ACX5448-D routers and ACX5448-M routers support virtualization.
On Routing Engines of ACX5448-D routers and ACX5448-M routers, one instance of Junos OS, which
runs as a guest operating system, is launched by default. The user needs to log in to this instance for
operations and management.
With virtualization of the Routing Engine, Junos OS supports new request and show commands associated
with host and hypervisor processes. The commands are related to:
16
Reboot, halt, and power management for the host
•
Software upgrade for the host
•
Disk snapshot for the host
•
[See What Are VM Hosts?.]
Port mirroring support for the IPv6 address family (ACX6360)—Starting in Release 19.3R1, you can
•
configure port mirroring on the ACX6360 router for the inet6 family. Port mirroring copies packets
entering or exiting a port and sends the copies to a local interface for local monitoring. You can use port
mirroring to send traffic to applications that analyze traffic for purposes such as monitoring compliance,
enforcing policies, detecting intrusions, monitoring and predicting traffic patterns, and correlating events.
[See Configuring Port Mirroring.]
Software Installation and Upgrade
Migration of Linux kernel version—Starting in Junos OS Release 19.3R1, the following devices support
•
the Wind River Linux 9 (WRL9) kernel version:
Routing Engine SupportedPlatforms
RE-ACX-5448ACX5448-D
RE-S-X6-64GMX240, MX480, and MX960
REMX2K-X8-64GMX2020 and MX2010
17
Routing Engine SupportedPlatforms
RE-S-1600x8MX204
RE-S-1600x8MX10003
RE-MX2008-X8-64GMX2008
RE X10MX10016
RE X10MX10008
RE-PTX-X8-64GPTX5000
RCBPTXPTX3000
RE-PTX-2X00x4/RE X10PTX10016
RE-PTX-2X00x4/RE X10PTX10008
RE-PTX1000PTX1000
RE-PTX10002-60CPTX10002-XX
RE-S-EX9200-2X00x6EX9208
EX9251-REEX9251
EX9253-REEX9253
RE-S-EX9200-2X00x6EX9204
RE-S-EX9200-2X00x6EX9214
RE-QFX10002-60CQFX10002
RE-QFX10008QFX10008
RE-QFX10016QFX10016
Starting in Junos OS Release 19.3R1, in order to install a VM host image based on Wind River Linux 9,
you must upgrade the i40e NVM firmware on the following routers:
MX Series—MX240, MX480, MX960, MX2010, MX2020, MX2008, MX10016, and MX10008
•
PTX Series—PTX3000, PTX5000, PTX10016, PTX10008, and PTX10002-XX
•
If you perform a software upgrade on a router with i40e NVM version earlier than 6.01, the upgrade
fails and the following error message is displayed:
ERROR: i40e NVM firmware is not compatible ,please upgrade i40e NVM before installing this package
ERROR: Aborting the installation
ERROR: Upgrade failed
[See https://kb.juniper.net/TSB17603.]
System Management
Transparent clock functionality support on (ACX5448)—Starting in Junos OS Release 19.3R1, transparent
•
clock functionality and a global configuration for enabling it are supported on the ACX5448 router.
Transparent clock functionality works for PTP over both IPv4 and Ethernet packets. To check the status
of transparent clock, use the show ptp global-information command.
[See Understanding Transparent Clocks in Precision Time Protocol. ]
18
Synchronous Ethernet and PTP support (ACX 5448)—Starting in Junos OS Release 19.3R1, the ACX5448
•
router supports the following features:
Frequency synchronization using Synchronous Ethernet
•
Ethernet Synchronization Message Channel (ESMC)
•
Phase and time synchronization using Precision Timing Protocol (PTP)
•
[See Synchronous Ethernet Overview. ]
SEE ALSO
What's Changed | 19
Known Limitations | 23
Open Issues | 25
Resolved Issues | 27
Documentation Updates | 34
Migration, Upgrade, and Downgrade Instructions | 35
What's Changed
IN THIS SECTION
What’s Changed in Release 19.3R3-S1 | 20
What's Changed in Release 19.3R3 | 20
What's Changed in Release 19.3R2-S6 | 20
What's Changed in Release 19.3R2 | 21
What's Changed in Release 19.3R1 | 21
See what changed in the Junos OS main and maintenance release for ACX Series routers.
19
What’s Changed in Release 19.3R3-S1
Routing Protocols
Advertising /32 secondary loopback addresses to traffic engineering database as prefixes (ACX Series,
•
EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—We've made changes to export multiple
loopback addresses to the lsdist.0 and lsdist.1 routing tables as prefixes. This eliminates the issue of
advertising secondary loopback addresses as router IDs instead of prefixes. In earlier releases, multiple
secondary loopback addresses in the traffic engineering database were added to the lsdist.0 and lsdist.1
routing tables as part of node characteristics and advertised them as the router ID.
What's Changed in Release 19.3R3
General Routing
Support for gigether-options statement (ACX5048, ACX5096)—Junos OS supports the gigether-options
•
statement at the edit interfaces interface-name hierarchy on the ACX5048 and ACX5096 routers.
Previously, support for the gigether-statement was deprecated.
20
[See gigether-options.]
Juniper Extension Toolkit (JET)
Set the trace log to only show error messages (ACX Series, EX Series, MX Series, PTX Series, QFX
•
Series, SRX Series)— You can set the verbosity of the trace log to only show error messages using the
error option at the edit system services extension-service traceoptions level hierarchy.
See traceoptions (Services).
What's Changed in Release 19.3R2-S6
Network Management and Monitoring
Support for disconnecting unresponsive NETCONF-over-SSH clients (ACX Series, EX Series, MX Series,
•
NFX Series, PTX Series, QFX Series, SRX Series, vMX, and vSRX)—You can enable devices to automatically
disconnect unresponsive NETCONF-over-SSH clients by configuring the client-alive-interval and
client-alive-count-max statements at the [edit system services netconf ssh] hierarchy level. The
client-alive-interval statement specifies the timeout interval in seconds, after which, if no data has been
received from the client, the device requests a response, and the client-alive-count-max statement
specifies the threshold of missed client-alive responses that triggers the device to disconnect the client,
thereby terminating the NETCONF session.
See ssh (NETCONF).
Changes to commit RPC responses in RFC-compliant NETCONF sessions (ACX Series, EX Series, MX
•
Series, PTX Series, QFX Series, and SRX Series)—When you configure the rfc-compliant statement at
the edit system services netconf hierarchy level, the NETCONF server's response for commit operations
includes the following changes:
If a successful commit operation returns a response with one or more warnings, the warnings are
•
redirected to the system log file, in addition to being omitted from the response.
The NETCONF server response emits the <source-daemon> element as a child of the <error-info>
•
element instead of the <rpc-error> element.
If you also configure the flatten-commit-results statement at the edit system services netconf hierarchy
•
level, the NETCONF server suppresses any <commit-results> XML subtree in the response and only
emits an <ok> or <rpc-error> element.
See Configuring RFC-Compliant NETCONF Sessions.
What's Changed in Release 19.3R2
There are no changes in behavior and syntax for ACX Series in Junos OS Release 19.3R2.
What's Changed in Release 19.3R1
21
Interfaces and Chassis
Support for creating Layer 2 logical interfaces independently (ACX Series, EX Series, MX Series, PTX
•
Series, and QFX Series)—In Junos OS Release 19.3R1 and later, ACX Series routers support creating
Layer 2 logical interfaces independent of the Layer 2 routing-instance type. That is, you can configure
and commit the Layer 2 logical interfaces separately and add the interfaces to the bridge domain or
Ethernet VPN (EVPN) routing instance separately. Note that the Layer 2 logical interfaces work fine only
when they are added to the bridge domain or EVPN routing instance.
In earlier Junos OS releases, when you use a Layer 2 logical interface configuration (units with
encapsulation vlan-bridge configuration), then you must add the logical interface as part of a bridge
domain or EVPN routing instance for the commit to succeed.
Monitoring information available only in trace log (ACX Series)—In Junos OS Release 19.3R1 and later,
•
the Ethernet link fault management daemon (lfmd process) in the peer router stops monitoring the locally
occurred errors until unified ISSU completes. You can view the monitoring-related details only through
the trace log file.
Junos OS XML API and Scripting
Range defined for confirm-timeout value in NETCONF and Junos XML protocol sessions (ACX Series,
•
EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release 19.3R1,
the value for the <confirm-timeout> element in the Junos XML protocol <commit-configuration>
operation must be in the range 1 through 65,535 minutes, and the value for the <confirm-timeout>
element in the NETCONF <commit> operation must be in the range 1 through 4,294,967,295 seconds.
In earlier releases, the range is determined by the minimum and maximum value of its unsigned integer
data type.
XML RPC equivalent included for the show bgp output-scheduler | display xml rpc CLI command (ACX
•
Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release
19.3R1, we have included an XML RPC equivalent for the show bgp output-scheduler | display xml rpc
CLI command. In Junos OS releases before Release 19.3R1, the show bgp output-scheduler | display
xml rpc CLI command does not have an XML RPC equivalent.
[See show bgp output-scheduler.]
System Logging
Preventing system instability during core file generation (ACX Series)—Starting with Release 19.3R1
•
onward, Junos OS checks for available storage space on the Routing Engine before generating core files
either on request or because of an assertion condition. This check ensures that your device does not
become unstable because of shortage of storage space on the Routing Engine. If the available space is
not sufficient, core files are not generated. Instead, Junos OS either displays the Insufficient Disk space
!!! Core generation skipped message as an output or issues the syslog message core generation is skipped
due to disk full.
Operation, Administration, and Maintenance (OAM)
22
Performance monitoring history data is lost when a change in number of supported history records is
•
detected (ACX Series and MX Series)—In Junos OS Release 19.3R1, when Ethernet connectivity fault
management starts, it detects the number of history records supported by the existing performance
monitoring history database and if there is any change from the number of history records supported
(that is, 12) in Release 19.3R1, then the existing performance monitoring history database is cleared and
all performance monitoring sessions are restarted with mi-index 1.
SEE ALSO
What's New | 11
Known Limitations | 23
Open Issues | 25
Resolved Issues | 27
Documentation Updates | 34
Migration, Upgrade, and Downgrade Instructions | 35
Known Limitations
IN THIS SECTION
General Routing | 23
Learn about known limitations in this release for ACX Series routers. For the most complete and latest
information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search
application.
General Routing
PTP IP packets queued to the best -effort queue instead of to the network control queue by default.
•
PR1361315
23
Filter for sensors (Optical and OTN) does not work. PR1371996
•
For the et interface, the FEC and FRR alarms are not raised. PR1371997
•
The clock class to QL level mapping must be changed through CLI on the ACX2100 router with network
•
option-1. PR1384968
The clock class must be changed to quality level mapping on the ACX2100 router with network option-2.
•
PR1386916
The PTP slave gets stuck in the Initialize state intermittently due to the ARP resolution issue when PTP
•
and interfaces flaps continuously. PR1410746
For the ACX6360-OR routers, use the PTX10001 router documentation and not the ACX Series router
•
documentation. PR1417258
Hardware-based fragmentation or reassembly is not supported. Software-based fragmentation rates
•
goes extremely slow depending on CPU load. PR1419371
Oversized frames are accounted twice (input packet and oversized frames) in the extensive command.
•
PR1425748
Error messages might be observed if the optics is unplugged during the EEPROM read. This is expected
•
and does not impact any functionality. PR1429016
On the ACX5448-D interfaces, the pps and bps for the aggregated Ethernet logical interfaces do not
•
get displayed during traffic flow. PR1429590
Incorrect queue statistics are observed for PTPOE multicast packets. PR1429628
•
On the ACX5448-D interfaces, the Jabber frames counter does not increment correctly. PR1429923
•
On the ACX5448-D interfaces, the input bytes value displayed in the show interfaces extensive command
•
output is not at par with that of the older ACX Series devices. PR1430108
On the ACX5448-D interfaces, the interface LEDs glow after the system halts. PR1430129
•
On the ACX5448-D interfaces, the following error message is observed:
•
rio_mic_cfp2_ifd_ot_eth_media_conf port command handler failed. PR1430355
On the ACX5448-D interfaces, the MTU error count in the output interface does not increment when
•
frames are dropped due to less MTU output. PR1430446
The 1-Gigabit interfaces are displayed as xe. This issue is observed with respect to auto-negotiation
•
parameters even though there is no functional impact. PR1430835
The l2cpd process generates the core file continuously after loading the 19.3 DCB image. PR1431866
•
On the ACX5448-D interface, when configured over Layer 2 VPN with control-channel set, BFD gets
•
to the Down state. PR1432854
Incase of Dot1P, CFI rewrite based on TC or DP classification is not possible on the ACX5448, ACX-710,
•
and ACX-R6675 Series routers. PR1435966
24
The new rate 1.8 MB/s that takes 16 to 17 minutes to copy an ACX5448 image size of 1.9-Gigabit, the
•
ACX5448 router takes lesser time. Since, the rate limiter is in bps and does not support pps based, which
is a hardware limitation from DNX, the average size is 512. PR1439960
The hold timer expiry is common across all platforms. It is not specific to the ACX5448 Series of routers.
•
PR1439980
With an asymmetric network connection (for example, a 10GbE MACsec port connected to a 10GbE
•
channelized port), high and asymmetric T1 and T4 time errors lead to a high two-way time error.
PR1440140
By default, the management interface speed is always displayed as 1000 Mbps in Junos OS command
•
output. PR1440675
TC performance with 1-Gigabit Ethernet enables MACsec. PR1441388
•
On the ACX5448-M interface, the Jitter tolerance test fails over MACsec ports. PR1447296
•
IGMPv3 rate of join supported in the ACX5448 routers or an ACX5448-D interface is around 900 joins
•
per second. PR1448146
The aggregated Ethernet interface speed is displayed incorrectly when 1-Gigabit Ethernet member links
•
are a part of the aggregated Ethernet interface. PR1449887
Input packet rejects counter when the MAC address is not supported. PR1463981
•
SEE ALSO
What's New | 11
What's Changed | 19
Open Issues | 25
Resolved Issues | 27
Documentation Updates | 34
Migration, Upgrade, and Downgrade Instructions | 35
Open Issues
IN THIS SECTION
General Routing | 25
Platform and Infrastructure | 27
Virtual Chassis | 27
25
Learn about open issues in this release for ACX Series routers. For the most complete and latest information
about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.
General Routing
Loopback status is not displayed for ot interfaces on CLI, which is available from vty only. PR1358017
•
The show class-of-service interface command does not show the classifier information. PR1522941
•
The Layer 2 VPN might flap and the CE device facing interface cannot restore the TX optical laser power
•
even if the Layer 2 VPN is in the Up status under the asynchronous-notification. PR1486181
The routes update might fail upon the HMC memory issue and traffic impact might be seen. PR1515092
•
The SD threshold is set above the SF threshold. PR1376869
•
On the ACX6360-OR router, enhancement is needed for the FRR BER threshold SNMP support.
•
PR1383303
Tx power cannot be configured using the + sign. PR1383980
•
Traffic gets lost for more than 50 minutes under certain conditions. PR1387858
•
The circuit cross-connect logs are not compressed after rotation. PR1398511
•
The jnxIfOtnOperState trap notification is sent for all ot interfaces. PR1406758
•
The Layer 2 rewrite does not occur on the UNI side for the packet arriving from the MPLS core.
•
PR1414414
Clock class value is incorrect in the default data when the slave interface is down in the PTP-OC device.
•
PR1416421
On the ACX5448 router, ZTP proceeds to load the image even when there is a platform string mismatch
•
with the platform and software image names on the ZTP server. PR1418313
On the ACX5448 router, the firewall filter works in a different way if it is untagged traffic. PR1423214
•
The fpc process might crash with em2 configuration during initialization. PR1429212
•
DHCP clients are not able to scale to 96000. PR1432849
•
Logical interfaces or protocols take time to come up. PR1433426
•
Forwarding occurs when using non-existing SSM map source address in IGMPv3 instead of pruning.
•
PR1435648
The time consumed on 1-Gigabit performance is not equal to as compared to 10-Gigabit. Compensation
•
is done to bring the mean value under class A but the peak to peak variations are high and can go beyond
100ns. It has a latency variation with peak to peak variations of around 125ns-250ns without any traffic.
(For example, 5-10 percent of the mean latency introduced by the each phy which is of around 2.5us).
PR1437175
26
On the ACX5448-D interfaces, the following error message is observed when an interface is brought
•
up: fpc0 otnpic_otn_frr_set pic='et-0/2/0' link=0 IFD=et-0/2/0 error=7. PR1438039
Memory leakage is observed while running the longevity check. PR1438358
•
On the ACX5448-D interfaces, the logical interface statistics are not displayed correctly. PR1439124
•
Using an unnumbered interface for ECMP results in a few next hop being nonresponsive in the KRT
•
queue. PR1442622
Recovery of Junos OS volume from OAM becomes nonresponsive indefinitely. PR1446512
•
On the ACX5448-X or ACX5448-M interfaces, the drop profile maximum threshold might not reach to
•
its limit when the packet size is other than 1000 bytes. PR1448418
oper-state for the et interface does not transition from the Init state to the Normal state. PR1449937
•
While checking the BFD functionality over a Layer 2 VPN client, the BFD session does not come up.
•
PR1483014
On the ACX5048 routers, traffic loss is observed during the unified ISSU upgrade. PR1483959
•
The CLI command configures announce-interval to -3 so that the announce messages rate is set to 8
•
pps. PR1507782
On the ACX5048 or ACX5096 line of routers, the LACP control packets might get dropped due to high
•
CPU utilization. PR1493518
Platform and Infrastructure
On the ACX5448-M interface, the CFM remote MEP does not come up after configuration. PR1460555
•
Virtual Chassis
On the ACX5000 router, the following false positive parity error message is observed:
•
_soc_mem_array_sbusdma_read. PR1276970
SEE ALSO
What's New | 11
What's Changed | 19
Known Limitations | 23
27
Resolved Issues | 27
Documentation Updates | 34
Migration, Upgrade, and Downgrade Instructions | 35
Resolved Issues
IN THIS SECTION
Resolved Issues: 19.3R3 | 28
Resolved Issues: 19.3R2 | 30
Resolved Issues: 19.3R1 | 31
Learn which issues were resolved in this release for ACX Series routers. For the most complete and latest
information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search
application.
Resolved Issues: 19.3R3
General Routing
On the ACX5000 router, the following error message is observed: MacDrainTimeOut and
•
bcm_port_update failed: Internal error. PR1284590
The gigether-options command are enabled again under the interface hierarchy. PR1430009
•
On the ACX5448-D interface, while performing repeated power-off or power-on of the device, SMBUS
•
transaction timeout is observed. PR1463745
High CPU utilization of the fxpc process might be observed with the class-of-service changes on
•
interfaces. PR1407098
Policer discarded count is displayed incorrectly to the enq count of the interface queue. But the traffic
•
behavior is as expected. PR1414887
On the ACX2200 routers, the drift messages, which is a PTP hybrid (PTP + Synchronous Ethernet), are
•
observed. PR1426910
The input bytes value displayed in the show interfaces extensive command output is not at par with
•
that of the older ACX Series routers. PR1430108
28
The l2cpd process might crash and generate a core file when interfaces flap. PR1431355
•
On the ACX5448 routers, the encapsulation flexible-vlan-tagging is not supported with the MPLS family.
•
PR1445046
On the ACX5448-M routers, fans might not run at the correct speed. PR1448884
•
On the ACX5048 routers, the SNMP polling is stalled after the link is flapped or the SFP transceiver is
•
replaced. The following error message is observed:
ACX_COS_HALP(acx_cos_gport_sched_set_strict_priority:987): Failed to detach logs. PR1455722
The rpd process might crash if a BGP route is resolved over the same prefix protocol next hop in an
•
inet.3 table that has both RSVP and LDP routes. PR1458595
On enabling the local loopback, the 10-Gigabit Ethernet interface goes down. PR1460715
•
The ARP resolution issue might be observed while bringing up the aggregated Ethernet interface after
•
reboot. PR1461485
Memory leakage on the l2cpd process might lead to l2cpd crash. PR1469635
•
RED drop might be seen on an interface even when there is no congestion. PR1470619
•
On the ACX5048 routers, the egress queue statistics are not applicable to the aggregated Ethernet
•
interfaces. PR1472467
FPC might continuously crash after deactivating or activating the loopback filter or rebooting the system
•
after configuring the loopback filter. PR1477740
The dcpfe process might crash when disabling or enabling MACsec. PR1479710
•
Links might not come up when the 100-Gigabit Ethernet interface is channelized into 4x25-Gigabit
•
Ethernet interfaces. PR1479733
RPD memory chunk size is optimized for the ACX Series routers to reduce the memory foot print.
•
PR1481151
On the ACX5448 routers, the following logs are reported: dnx_nh_mpls_tunnel_install. PR1482529
•
On the ACX5448 router, the fpc process might crash. PR1485315
•
On the ACX5448 routers, the Layer 2 VPN with the ethernet-ccc input-vlan-map/output-vlan-map
•
interface silently discard the traffic. PR1485444
The queue statistics are not as expected after configuring the IFD and logical interface shaping with the
•
transmit rate and scheduler-map. PR1488935
During speed mismatch, the QSFP28 or QSFP+ optics or cables might not work. PR1494600
•
Outbound SSH connection flap or memory leakage issue might be observed while pushing the
•
configuration to the ephemeral database with a high rate. PR1497575
On the ACX500 router, the SFW sessions might not get updated on the MS interfaces. PR1505089
•
29
The PIC slot might get shut down in less than 240 seconds due to the over-temperature start time being
•
handled incorrectly. PR1506938
BFD flaps with the following error message after a random time interval: ACX_OAM_CFG_FAILED: ACX
•
Error (oam):dnx_bfd_l3_egress_create : Unable to create egress object. PR1513644
The l2ald process crashes during the stability test with traffic on a scaled setup. PR1517074
•
On the ACX5448 Chassis, the MAC-address and label MAC-address might not match. PR1489034
•
Interfaces and Chassis
The MC-AE interface displays status as Unknown if the subinterface is added as part of the VLAN on
•
the peer MC-AE node. PR1479012
Layer 2 Ethernet Services
Member links states might be asynchronized on a connection between the PE and CE devices in the
•
EVPN active/active scenario. PR1463791
MPLS
The BGP session might flap between two directly connected BGP peers because of the wrong TCP MSS
•
(maximum segment size) in use. PR1493431
Routing Protocols
The BGP route target family might prevent the route reflector from reflecting the Layer 2 VPN and Layer
•
3 VPN routes. PR1492743
VPNs
30
The Layer 2 circuit neighbor might get stuck in the RD state at one end of the MG-LAG peer. PR1498040
•
Resolved Issues: 19.3R2
General Routing
The AE interface with LACP stays down after the router reboots if the link-speed is configured.
•
PR1357012
The optic comes with Tx enabled by default. Because the port is administratively disabled, the port is
•
stopped however, because the port has not been started, it does not disable Tx. PR1411015
The ACX5448:40G FEC on ACX5448, which is FEC enabled by default, must be aligned with the MX
•
and QFX platforms, where FEC is NONE. PR1414649
On the ACX5448-X:SKU and ACX5448-D, 96000 ARPs gets populated however, only 47000 NH entries
•
are present. Around 50 percentage of packet drop is observed. PR1426734
The deviation in traffic rate in the queue is around 8 to 10 percentage in some cases. PR1436297
•
The interface on ACX1100 remains down while using SFP-1FE-FX (740-021487). PR1439384
•
In an ACX Series, the auto exported route between VRFs might not respond for icmp echo requests.
•
PR1446043
The ACX5048 l2circuit with backup neighbor configuration stops passing traffic after the link flaps and
•
move back from backup neighbor to primary. PR1449681
On the ACX5448-X NPI platforms, after disabling 100-Gigabit and 40-Gigabit interface laser output
•
power, the ACX5448-D interface diagnostics optics display some values. PR1452323
The ACX5448 FPC crashes due to segmentation fault. PR1453766
•
Wrong operating state is displayed in the snmp trap for removing the fan. PR1455577
•
On PTX10001-20C and ACX6360, you must enable gigether option to configure the Ethernet FEC on
•
the client ports. PR1456293
The ACX5448-D and ACX5448-M devices does not display airflow information and temperature sensors
•
as expected. PR1456593
The ACX5448 L2VPN with encapsulation type Ethernet stops passing traffic after adding a random port
•
with vlan configuration. PR1456624
Route resolve resolution does not occur when the packet size is 10000. PR1458744
•
The traffic might be blockhead during link recovery in an open Ethernet access ring with ERPS configured.
•
PR1459446
On the ACX5000, SNMP mib walk for jnxOperatingTemp does not return any value for FPC in the new
•
versions. PR1460391
On the ACX platform, the LLDP neighbor does not recover from a lag after the software is upgraded to
•
18.2R3-S. PR1461831
31
Platform and Infrastructure
The REST API process becomes non-responsive when a number of requests come with a high rate.
•
PR1449987
Routing Protocols
The rpd might crash continuously due to memory corruption in the ISIS setup. PR1455432
•
Resolved Issues: 19.3R1
Class of Service
When the forwarding-class is configured under firewall policer, the dfwd might crash. PR1436894
•
General Routing
On QFX1000 Series platforms (QFX10002, QFX10008, and QFX10016), the 1-Gigabit copper module
•
interface on 10G line card (QFX10000-60S-6Q) incorrectly displays with 'Link-mode: Half-duplex'.
PR1286709
Upon classifying the Layer3 packets, DSCP will not be preserved or lost at the egress due to the limitations
•
of a chipset. PR1322142
START_BY_START_ERR interrupt handler was not available with the previous version of bcm sdk code.
•
This lead to the status checking of this flag by bcmDPC process leading to high CPU utilization. This has
been fixed in this release by adding a handler for this interrupt. PR1329656
On ACX5000 platforms with Junos 16.2 onwards, if the ECC Errors occur, the FPC/fxpc process might
•
use high CPU. This issue can be hit after the upgrade in some cases. PR1360452
As part of the pic_periodic, before setting the port to master/slave mode, AN bit is checked if AN is
•
complete and this would return if AN is still in progress. Since An was disabled, this port wasn't set to
either mode and this was going on in a loop causing the CPU to go high. PR1360844
On ACX1x00/ACX2x00/ACX4x00 running in 15-releases previous to 15.1R8, when configuring
•
"mac-table-size" under bridge-domain, a wrong commit error appear not allowing the commit to pass.
PR1364811
ACX led on GE interface goes down when speed 10M is added. PR1385855
•
Link Fault Signaling (LFS) feature is not supported on ACX5448 10/40/100GbE interfaces. PR1401718
•
If user configures invalid speed config on TIC ports (PIC slot 1) on ACX6360-OR/OX, TIC interfaces are
•
not created. user@host# show chassis fpc 0 { pic 1 { port 0 { speed 40g; } } }. PR1403546
On ACX 1000/2000/4000/5048/5096 platforms, after a new child IFL with VLAN and filter is added
•
on an AE IFD or changing the VLAN ID of a child IFL with filter, traffic over the AE IFD might get filtered
with that filter on the child IFL. Example: ae-0/0/0 is an IFD and ae-0/0/0.100 is an IFL. PR1407855
32
The show services inline stateful-firewall flow or show services inline stateful-firewall flow extensive
•
command may cause the memory leak, which may cause the inline Nat issue. PR1408982
When using PCEP (Path Computation Element Protocol), if a PCE (Path Computation Element) generates
•
a PCUpdate or PCCreate message which contains a metric type other than type 2, the Junos device
acting as PCC (Path Computation Client) may fail to process the message and reject the PCUpdate or
PCCreate message from the PCE. When the issue occurs the LSPs' (Label-Switched Path) characteristics
cannot be updated hence it may cause traffic impact. PR1412659
On the ACX-5448, the BFD timer value are not as per the configured 900ms with multiplier 3, its showing
•
6.000 with multiplier 3 instead for most of the sessions. PR1418680
On ACX5K platform, the fxpc process high CPU usage might be seen under rare condition if parity errors
•
are detected in devices. It has no direct service/traffic impact. However since CPU utilization is high
during this issue, there are some side-effects. For example, it could impact time-sensitive features such
as BFD. PR1419761
Copying images from WAN interface to RE of ACX5448 takes long time. PR1422544
•
On ACX5448 box, traffic with VLAN tag which doesn't match any of the configured interfaces will be
•
dropped. While after changing interface encapsulation from ethernet-bridge to vlan-bridge, the unmatched
traffic can enter an erroneous bridge-domain which the bridge index (VSI) is the same as the vlan-id of
the unmatched traffic. PR1423610
On ACX5448 platforms, the JUNIPER_SOURCE LR4T2 optics may not work properly due to the fact
•
that an internal defect causes it to not output power, as a result, the interface may not become up.
PR1424814
Due to BCM sdk design, EEDB hardware entry is not freed for unicast next-hop creation. This leads to
•
resource leakage and is not allowing to higher scale. PR1426734
In a rare condition, due to a timing issue, the FPC or fxpc might crash if the AE interface flaps. or example,
•
deactivating or activating of the AE interface. PR1427362
Multiple HW i2c failure observed because of intermittent I2C access failure on main board switches.
•
PR1429047
Chassisd can crash with unsupported hcos configuration when mx104 is used as fusion aggregation
•
device. PR1430076
The tx laser was enabled by default in CPLD. Therefore, the link is shown up on the peer as soon as the
•
pfe starts. PR1430910
L4 Hashing will work for both IPv4 & IPv6 packets, if any one of the two CLIs is enabled. To disable L4
•
hashing for any one of IPV4 or IPV6, both CLIs needs to be in disabled state. CLIs for reference, set
forwarding-options hash-key family inet layer-4 set forwarding-options hash-key family inet6 layer-4.
PR1431206
On ACX5448, if egress link is 40G/100G, small size packets are encapsulated improperly and causing
•
remote interface drops the packets as runts. PR1434900
33
No-vrf-propagate-ttl may not work after activate or deactivate of COS configuration in acx. PR1435791
•
Maximum theoretical that can go for shaping rates on a queue will be upto 10%. PR1436297
•
1PPS performance metrics (class A) of G.8273.2 are not met for 1G interfaces because of the variable
•
latency added by the Vittesse PHY. PR1439231
Transit DHCP packets are not punted to CPU and are transparently passthrough. PR1439518
•
In an ACX5448 platforms, when the PFE failed to allocate packet buffer, portion of packet memories
•
may not be freed. PR1442901
On an ACX5448 box, link flaps or CoS configuration changes (specific to temporal value changes) might
•
result in traffic drop on all interfaces and recorded as RED drops. PR1443466
ACX5448/18.3R1-S4.1 not performing proper dot1p CoS rewrite on interfaces configured with
•
l2circuit/local-switching/family ccc. PR1445979
ACX5448 FPC crashed due to segmentation fault, due to timing issue. There is very low chance of this
•
core occurring. PR1453766
Interfaces and Chassis
On ACX series, in CFM ethernet OAM scenario, after the upgrade from 17.4 onwards, the cfmd coredump
•
might be seen after committing configuration on CFM (connectivity-fault-management). PR1425804
Layer 2 Ethernet Services
In DHCP relay scenario, if the device (DHCP relay) receives a request packet with option 50 where the
•
requested IP address matches the IP address of an existing subscriber session, such request packet would
be dropped. In such a case the subscriber may need more time to get IP address assigned. The subscriber
may remain in this state until it's lease expires if it had previously bound with the address in the option
50. PR1435039
MPLS
Dynamically configured RSVP LSPs for LDP link protection may not come up after disabling/enabling
•
protocol mpls. PR1432138
Routing Protocols
On ACX platforms, the loopback address exported into other VRF instance might not work. PR1449410
•
34
On ACX platforms, when there is MAC change for LDP neighbor and IP remains the same, ARP update
•
is proper but MPLS LDP may still use the stale MAC of the neighbor. If there is any application/service
such as MP-BGP using LDP as next-hop, all transit traffic pointing to the stale MAC will be dropped.
PR1451217
SEE ALSO
What's New | 11
What's Changed | 19
Known Limitations | 23
Open Issues | 25
Documentation Updates | 34
Migration, Upgrade, and Downgrade Instructions | 35
Documentation Updates
There are no errata or changes in Junos OS Release 19.3R3 documentation for the ACX Series.
SEE ALSO
What's New | 11
What's Changed | 19
Known Limitations | 23
Open Issues | 25
Resolved Issues | 27
Migration, Upgrade, and Downgrade Instructions | 35
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
Upgrade and Downgrade Support Policy for Junos OS Releases | 35
35
This section contains the upgrade and downgrade support policy for Junos OS for the ACX Series Router.
Upgrading or downgrading Junos OS might take several minutes, depending on the size and configuration
of the network.
For information about software installation and upgrade, see the Installation and Upgrade Guide.
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not
provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the
next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently
installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from
Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead
or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before
or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release
to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html.
For information about software installation and upgrade, see the Installation and Upgrade Guide.
SEE ALSO
What's New | 11
What's Changed | 19
Known Limitations | 23
Open Issues | 25
Resolved Issues | 27
Documentation Updates | 34
36
Junos OS Release Notes for EX Series Switches
IN THIS SECTION
What's New | 37
What's Changed | 47
Known Limitations | 52
Open Issues | 53
Resolved Issues | 56
Documentation Updates | 69
Migration, Upgrade, and Downgrade Instructions | 70
37
These release notes accompany Junos OS Release 19.3R3 for the EX Series. They describe new and
changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/product/en_US/junos-os.
What's New
IN THIS SECTION
What's New in 19.3R3 | 38
What's New in 19.3R2 | 38
What's New in 19.3R1 | 39
Learn about new features introduced in the Junos OS main and maintenance releases for EX Series switches.
NOTE: The following EX Series switches are supported in Release 19.3R3: EX2300, EX2300-C,
EX3400, EX4300, EX4600-40F, EX4650, EX9200, EX9204, EX9208, EX9214, EX9251, and
EX9253.
What's New in 19.3R3
There are no new features or enhancements to existing features for EX Series switches in Junos OS Release
19.3R3.
What's New in 19.3R2
There are no new features or enhancements to existing features for EX Series switches in Junos OS Release
19.3R2.
38
What's New in 19.3R1
Hardware
Support for two 100-Gigabit Ethernet QSFP28 transceivers on the 2-port QSFP+/QSFP28 uplink
•
module (EX4300-48MP and EX4300-48MP-S switches)—Starting in Junos OS Release 19.3R1, you can
install two 100-Gigabit Ethernet QSFP28 transceivers in the 2-port QSFP+/QSFP28 uplink module
(model number: EX-UM-2QSFP-MR) for EX4300-48MP and EX4300-48MP-S switches. You can install
two QSFP+ transceivers, two QSFP28 transceivers, or a combination of one QSFP+ transceiver and one
QSFP28 transceiver in the uplink module.
If you configure both the ports on the uplink module to operate at 100-Gbps speed, the four QSFP+
ports on the switch are disabled.
[See EX4300 Switch Hardware Guide.]
Authentication, Authorization and Accounting (AAA) (RADIUS)
802.1X trunk port and multidomain authentication (EX4300-48MP switches)—Starting with Junos OS
•
Release 19.3R1, 802.1X trunk port and multidomain authentication is supported on EX4300-MP switches.
Authentication on the trunk port supports only single supplicant and single-secure supplicant modes.
39
Multidomain authentication is an extension of 802.1X authentication for multiple supplicants, which
authenticates multiple clients individually on one authenticator port. Multidomain authentication allows
one VoIP client and multiple data clients to authenticate to different VLANs while on the same port.
The VoIP client is authenticated to the voice VLAN while the data clients are authenticated to the data
VLAN.
[See Understanding 802.1X and VoIP on EX Series Switches.]
EVPN
Support for DHCP relay in an EVPN-MPLS network (EX9200 switches, MX Series, and vMX)—Starting
•
in Junos OS Release 19.3R1, EX9200 switches, MX Series routers, and vMX virtual routers support
DHCPv4 and DHCPv6 relay in an EVPN-MPLS network. We support this feature in a data center
architecture that includes a layer of spine devices that perform EVPN Layer 2 and Layer 3 functions.
These devices are connected to a layer of leaf devices that perform EVPN Layer 2 functions. In this
architecture, DHCP clients are connected to leaf devices, and DHCP servers are connected to spine
devices. The DHCP relay functions are centralized at the spine layer. As a result, this architecture is
known as the centrally routed bridging architecture.
[See DHCP Relay Agent in EVPN-MPLS Network.]
IGMP snooping support for EVPN-VXLAN (EX9200 switches, MX Series, vMX)—Starting in Junos OS
•
Release 19.3R1, you can configure IGMP snooping on EX9200 switches, MX Series routers, and vMX
virtual routers in an EVPN-VXLAN network. Enabling IGMP snooping helps to constrain multicast traffic
to interested receivers in a broadcast domain.
The listed devices support these IGMP snooping use cases in a centrally routed bridging overlay (an
EVPN-VXLAN network with a two-layer IP fabric):
Forwarding multicast traffic within a VLAN (intra-VLAN)
•
Routing multicast traffic between VLANs (inter-VLAN) using one of the following methods:
•
IRB interfaces configured with Physical Interface Module (PIM) on an elected designated router (DR)
•
device
A PIM gateway with Layer 2 or Layer 3 connectivity
•
An external multicast router
•
The listed devices support these IGMP versions and membership report modes:
IGMPv2 with Any-Source Multicast (ASM) (*,G) mode only.
•
IGMPv3 in either of the following modes:
•
ASM (*,G)—the default behavior.
•
40
Single-Source Multicast (SSM) (S,G)—you must explicitly configure by including the
•
evpn-ssm-reports-only configuration statement at the [edit protocols igmp-snooping] hierarchy
level.
[See Overview of IGMP Snooping in an EVPN-VXLAN Environment.]
Forwarding and Sampling
Customizing hashing parameters and shared-buffer alpha values for better load balancing (EX4650 and
•
QFX5120 switches)—These switches achieve load balancing through use of a hashing algorithm, which
determines how to forward traffic over LAG bundles or to next-hop devices when ECMP is enabled.
The hashing algorithm makes hashing decisions based on values in various packet fields. Starting with
Junos OS Release 19.3R1, you can explicitly configure some hashing parameters to make hashing more
efficient. The shared-buffer pool is a global memory space that all ports on the switch share dynamically
as they need buffers. The switch uses the shared-buffer pool to absorb traffic bursts after the
dedicated-buffer pool is exhausted. The shared-buffer pool threshold is dynamically calculated based
on a factor called alpha. Also starting with Junos OS Release 19.3R1, you can specify the alpha, or
dynamic threshold, value to determine the change threshold of shared buffer pools for both ingress and
egress buffer partitions.
To specify hashing parameters:
user@switch# set forwarding-options enhanced-hash-key hash-parameters (ecmp | lag)
To specify a threshold value for a particular queue:
user@switch# set class-of-service shared-buffer (ingress|egress) buffer-partition buffer
dynamic-threshold value
[See hash-parameters and buffer-partition.]
Interfaces and Chassis
Power over Ethernet IEEE 802.3bt (EX4300-48MP switches)—The IEEE 802.3bt standard for Power
•
over Ethernet (PoE) is supported on EX4300-48MP switches. The IEEE 802.3bt standard enables delivery
of up to 90 W over all four pairs of wire in a standard RJ-45 Ethernet cable.
[See Understanding PoE on EX Series Switches.]
Junos Telemetry Interface
JTI support extended for Junos kernel GRES and RTSOCK (EX9200, EX9251, EX9253, MX240, MX480,
•
MX960, MX2010, MX2020, vMX, PTX1000, PTX10008, PTX10016, PTX3000 with RE-PTX-X8-64G,
and PTX5000 with RE-PTX-X8-64G)—Starting in Junos OS Release 19.3R1, Junos telemetry interface
(JTI) extends support for streaming Junos kernel graceful Routing Engine switchover (GRES) and routing
socket (RTSOCK) information using remote procedure call (gRPC) services. Junos kernel sensors can be
used by device monitoring and network analytics applications to provide insight into the health status
of the Junos kernel.
41
You can use the following base resource paths for exporting kernel GRES and routing socket information:
/junos/chassis/gres/
•
/junos/kernel/rtsock/
•
[See Understanding OpenConfig and gRPC on Junos Telemetry Interface and Guidelines for gRPC Sensors
(Junos Telemetry Interface).]
JTI support extended for Junos kernel LAG, NSR, and TCP (EX9200, EX9251, EX9253, MX240, MX480,
•
MX960, MX2010, MX2020, vMX, PTX1000, PTX10008, PTX10016, PTX3000 with RE-PTX-X8-64G,
PTX5000 with RE-PTX-X8-64G)—Starting in Junos OS Release 19.3R1, Junos Telemetry Interface (JTI)
extends support for streaming Junos kernel Link Aggregation Group (LAG), nonstop Routing (NSR) Junos
socket replication (JSR), and Transport Control Protocol (TCP) information using remote procedure call
(gRPC) services. Device monitoring and network analytics applications can use Junos kernel sensors to
provide insight into the health status of the Junos kernel.
You can use the following base resource paths for exporting kernel LAG, NSR, and TCP information:
/junos/chassis/aggregated-devices/
•
/junos/routing-options/nonstop-routing/
•
/junos/kernel/tcpip/tcp/
•
[See Understanding OpenConfig and gRPC on Junos Telemetry Interface and Guidelines for gRPC Sensors
(Junos Telemetry Interface).]
JTI support extended for Junos kernel IPv4 and IPv6 (EX9200, EX9251, EX9253, MX240, MX480,
•
MX960, MX2010, MX2020, vMX, PTX1000, PTX10008, PTX10016, PTX3000 with RE-PTX-X8-64G,
and PTX5000 with RE-PTX-X8-64G)—Starting in Junos OS Release 19.3R1, Junos telemetry interface
(JTI) extends support for streaming Junos kernel IPv4 and IPv6 information using remote procedure call
(gRPC) services. Device monitoring and network analytics applications can use Junos kernel sensors to
provide insight into the health status of the Junos kernel.
You can use the following base resource paths for exporting kernel IPv4 and IPv6 information:
/junos/kernel/tcpip/arp/ — Address Resolution Protocol cache
•
/junos/kernel/tcpip/ndp/ — Neighbor Discovery Protocol cache
•
/junos/kernel/tcpip/netisr/ — NETISR network queues
•
/junos/kernel/tcpip/nhdix/ — Next-hop index space exhaustion
•
/junos/kernel/tcpip/rtb/ — Route tables
•
[See Understanding OpenConfig and gRPC on Junos Telemetry Interface and Guidelines for gRPC Sensors
(Junos Telemetry Interface).]
JTI support extended for Junos kernel IP multicast, tunnels, TNP, and VPLS (EX9200, EX9251, EX9253,
•
MX240, MX480, MX960, MX2010, MX2020, vMX, PTX1000, PTX10008, PTX10016, PTX3000 with
RE-PTX-X8-64G, PTX5000 with RE-PTX-X8-64G)—Starting in Junos OS Release 19.3R1, Junos telemetry
interface (JTI) extends support for streaming Junos kernel IP multicast, tunnels, Trivial Network Protocol
(TNP), and virtual private LAN service (VPLS) information using remote procedure call (gRPC) services.
Device monitoring and network analytics applications can use Junos kernel sensors to provide insight
into the health status of the Junos kernel.
42
You can use the following base resource paths for exporting kernel IP multicast, tunnels, TNP, and VPLS
information:
/junos/kernel/multicast/
•
/junos/kernel/tunnel/
•
/junos/kernel/tnp/
•
/junos/kernel/vpls/
•
[See Understanding OpenConfig and gRPC on Junos Telemetry Interface and Guidelines for gRPC Sensors
(Junos Telemetry Interface).]
Layer 2 Features
Configuring Q-in-Q tagging behavior for the native VLAN (EX4300 and EX4300-MP switches and
•
Virtual Chassis)—Starting in Junos OS Release 19.3R1, when Q-in-Q tunneling is configured and an
untagged packet is received on a C-VLAN interface, you can configure these switches to add either one
or two tags before sending the packet out of the S-VLAN interface. To send two tags, set the configuration
statement input-native-vlan-push to “enable” and ensure that the input-vlan-map configuration is set to
“push”.
[See Configuring Q-in-Q Tunneling and VLAN Q-in-Q Tunneling and VLAN Translations.]
Management
OpenConfig AAA data model support (ACX1100, ACX2100, ACX5448, ACX6360, EX4300, MX240,
•
MX480, MX960, MX10003, PTX10008, PTX10016, QFX5110, and QFX10002)—Junos OS Release
19.3R1 supports the configuration leafs specified in the OpenConfig AAA data model. Mapping the
OpenConfig AAA configuration to the Junos AAA configuration using the following YANG files in the
data model makes this support possible:
openconfig-aaa.yang
•
43
openconfig-aaa-types.yang
•
openconfig-aaa-tacacs.yang
•
openconfig-aaa-radius.yang
•
The configuration model supporting the OpenConfig data model includes:
A translation script (.py / .slax) that maps each config leaf in the OpenConfig Schema to one or more
•
config leafs in the JUNOS Schema.
A deviation file (.yang) that specifies how much the implementation deviates from the vendor-neutral
•
model.
[See Mapping OpenConfig AAA Commands to Junos Configuration.]
Multicast
MLDv1, MLDv2, and MLD snooping (EX4650 and QFX5120-48Y switches and Virtual Chassis)—Starting
•
in Junos OS Release 19.3R1, you can configure Multicast Listener Discovery (MLD) version 1 (MLDv1),
MLD version 2 (MLDv2), and MLD snooping on EX4650 and QFX5120-48Y switches and Virtual Chassis.
With MLD snooping enabled, these switches or Virtual Chassis replicate and forward IPv6 traffic for a
multicast group only to the interfaces in a VLAN with listeners who joined the group, rather than flooding
to all interfaces in the VLAN.
[See Examples: Configuring MLD and Understanding MLD Snooping.]
Routing Policy and Firewall Filters
Support for IPv6 filter-based forwarding (EX4650 and QFX5120 switches)—Starting with Junos OS
•
Release 19.3R1, you can use stateless firewall filters in conjunction with filters and routing instances to
control how IPv6 traffic travels in a network on EX4650 and QFX5120 switches. This is called IPv6
filter-based forwarding. To set up this feature, you define a filtering term that matches incoming packets
based on the source or destination address and then specify the routing instance to send packets to.
You can use filter-based forwarding to route specific types of traffic through a firewall or security device
before the traffic continues on its path. You can also use it to give certain types of traffic preferential
treatment or to improve load balancing of switch traffic.
44
[See Firewall Filter Match Conditions for IPv6 Traffic and Filter-Based Forwarding Overview.]
Routing Protocols
RIPng routing protocol supported (EX4650 and QFX5120 switches)—Starting with Junos OS Release
•
19.3R1, EX4650 and QFX5120 switches support the RIPng routing protocol.
[See Basic RIPng Configuration.]
Services Applications
Support for real-time performance monitoring or RPM (EX4650) —Starting in Junos OS Release 19.3R1,
•
you can configure active probes to track and monitor traffic across the network and to investigate
network problems on EX4650 switches.
You can use RPM in the following ways:
Monitor time delays between devices.
•
Monitor time delays at the protocol level.
•
Set thresholds to trigger SNMP traps when values are exceeded.
•
You can configure thresholds for round-trip time, ingress or egress delay, standard deviation, jitter,
successive lost probes, and total lost probes per test.
Determine automatically whether a path exists between a host router or switch and its configured
•
BGP neighbors. You can view the results of the discovery using an SNMP client.
Use the history of the most recent 50 probes to analyze trends in your network and predict future
•
needs.
[See Understanding Real-Time Performance Monitoring on Switches.]
Software Installation and Upgrade
Migration of Linux kernel version—Starting in Junos OS Release 19.3R1, the following devices support
•
the Wind River Linux 9 (WRL9) kernel version:
Routing Engine SupportedPlatforms
RE-ACX-5448ACX5448-D
RE-S-X6-64GMX240, MX480, and MX960
REMX2K-X8-64GMX2020 and MX2010
45
RE-S-1600x8MX204
RE-S-1600x8MX10003
RE-MX2008-X8-64GMX2008
RE X10MX10016
RE X10MX10008
RE-PTX-X8-64GPTX5000
RCBPTXPTX3000
RE-PTX-2X00x4/RE X10PTX10016
RE-PTX-2X00x4/RE X10PTX10008
RE-PTX1000PTX1000
RE-PTX10002-60CPTX10002-XX
RE-S-EX9200-2X00x6EX9208
EX9251-REEX9251
Routing Engine SupportedPlatforms
EX9253-REEX9253
RE-S-EX9200-2X00x6EX9204
RE-S-EX9200-2X00x6EX9214
RE-QFX10002-60CQFX10002
RE-QFX10008QFX10008
RE-QFX10016QFX10016
Starting in Junos OS Release 19.3R1, in order to install a VM host image based on Wind River Linux 9,
you must upgrade the i40e NVM firmware on the following routers:
MX Series—MX240, MX480, MX960, MX2010, MX2020, MX2008, MX10016, and MX10008
•
46
PTX Series—PTX3000, PTX5000, PTX10016, PTX10008, and PTX10002-XX
•
If you perform a software upgrade on a router with i40e NVM version earlier than 6.01, the upgrade
fails and the following error message is displayed:
ERROR: i40e NVM firmware is not compatible ,please upgrade i40e NVM before installing this package
ERROR: Aborting the installation
ERROR: Upgrade failed
See [https://kb.juniper.net/TSB17603.]
Virtual Chassis
Virtual Chassis support (EX4650 and QFX5120-48Y switches)—Starting in Junos OS Release 19.3R1,
•
you can interconnect two EX4650 or two QFX5120-48Y switches into a Virtual Chassis, which operates
as one logical device managed as a single chassis.
Member switches must be two EX4650 or two QFX5120 switches (no mixed mode).
•
Both member switches take the Routing Engine role with one as master and one as backup.
•
You can use any of the 100-Gbps QSFP28 or 40-Gbps QSFP+ ports on the front panel (ports 48
•
through 55) as Virtual Chassis ports (VCPs) to connect the member switches.
You can run nonstop software upgrade (NSSU) to update the Junos OS release on both member
•
switches with minimal traffic disruption during the upgrade.
EX4650 and QFX5120 Virtual Chassis support the same protocols and features as the standalone
•
switches in Junos OS Release 19.3R1 except for the following:
IEEE 802.1X authentication
•
EVPN-VXLAN (QFX5120)
•
Layer 2 port security features, DHCP, and DHCP snooping
•
Junos telemetry interface (JTI)
•
MPLS
•
Multichassis link aggregation (MC-LAG)
•
Redundant trunk groups (RTG)
•
Priority-based flow control (PFC)
•
Configuration parameters and operation are the same as for other non-mixed EX Series and QFX Series
Virtual Chassis.
[See Virtual Chassis Overview for Switches.]
47
SEE ALSO
What's Changed | 47
Known Limitations | 52
Open Issues | 53
Resolved Issues | 56
Documentation Updates | 69
Migration, Upgrade, and Downgrade Instructions | 70
What's Changed
IN THIS SECTION
What's Changed in 19.3R3 | 48
What's Changed in Release 19.3R2-S6 | 49
What's Changed in 19.3R2 | 50
What's Changed in 19.3R1 | 50
Learn about what changed in Junos OS main and maintenance releases for EX Series.
What's Changed in 19.3R3
General Routing
Logical Interface is created along with physical Interface by default (EX Series switches, QFX Series
•
switches, MX Series routers)—The logical interface is created on ge, et, xe interfaces along with the
physical interface, by default. In earlier Junos OS Releases, by default, only physical interfaces were
created. For example, for ge interfaces, earlier when you view the show interfaces command, by default,
only the physical interface (ge-0/0/0), was displayed. Now, the logical interface (ge-0/0/0.16386) is also
displayed.
Command to view summary information for resource monitor (MX Series routers and EX9200 line of
•
switches)—You can use the show system resource-monitor command to view statistics about the use
of memory resources for all line cards or for a specific line card in the device. The command also displays
information about the status of load throttling, which manages how much memory is used before the
device acts to reduce consumption.
48
See [show system resource-monitor and ].
New commit check for MC-LAG (MX Series)— We've introduced a new commit check to check the
•
values assigned to the redundancy group identification number on the MC-AE interface (
redundancy-group-id ) and ICCP peer (redundancy-group-id-list ) when you configure multichassis
aggregation groups (MC-LAGs). If the values are different, the system reports a commit check error. In
previous releases, if the configured values were different, the l2ald process would crash.
[See iccp and mc-ae.]
Juniper Extension Toolkit (JET)
Set the trace log to only show error messages (ACX Series, EX Series, MX Series, PTX Series, QFX
•
Series, SRX Series)— You can set the verbosity of the trace log to only show error messages using the
error option at the edit system services extension-service traceoptions level hierarchy.
See traceoptions (Services).
Multicast
Multicast Layer 2 transit traffic statistics by multicast source and group (EX4600, EX4650, and the
•
QFX5000 line of switches)—Starting in Junos OS Release 19.3R3, we provide statistics on the packet
count for each multicast group and source when passing multicast transit traffic at Layer 2 with IGMP
snooping. Run the show multicast snooping route extensive CLI command to see this count in the
Statistics: … n packets output field. The other statistics in that output field, kBps and pps, are not available
(values displayed there are not valid statistics for multicast traffic at Layer 2). Before Junos OS Release
19.3R3, all three values in the Statistics output field for kBps, pps, and packets do not provide valid
statistics for multicast traffic at Layer 2.
[See show multicast snooping route.]
49
Routing Protocols
Advertising /32 secondary loopback addresses to traffic engineering database as prefixes (ACX Series,
•
EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—We've made changes to export multiple
loopback addresses to the lsdist.0 and lsdist.1 routing tables as prefixes. This eliminates the issue of
advertising secondary loopback addresses as router IDs instead of prefixes. In earlier releases, multiple
secondary loopback addresses in the traffic engineering database were added to the lsdist.0 and lsdist.1
routing tables as part of node characteristics and advertised them as the router ID.
What's Changed in Release 19.3R2-S6
Network Management and Monitoring
Support for disconnecting unresponsive NETCONF-over-SSH clients (ACX Series, EX Series, MX Series,
•
NFX Series, PTX Series, QFX Series, SRX Series, vMX, and vSRX)—You can enable devices to automatically
disconnect unresponsive NETCONF-over-SSH clients by configuring the client-alive-interval and
client-alive-count-max statements at the [edit system services netconf ssh] hierarchy level. The
client-alive-interval statement specifies the timeout interval in seconds, after which, if no data has been
received from the client, the device requests a response, and the client-alive-count-max statement
specifies the threshold of missed client-alive responses that triggers the device to disconnect the client,
thereby terminating the NETCONF session.
See ssh (NETCONF).
Changes to commit RPC responses in RFC-compliant NETCONF sessions (ACX Series, EX Series, MX
•
Series, PTX Series, QFX Series, and SRX Series)—When you configure the rfc-compliant statement at
the edit system services netconf hierarchy level, the NETCONF server's response for commit operations
includes the following changes:
If a successful commit operation returns a response with one or more warnings, the warnings are
•
redirected to the system log file, in addition to being omitted from the response.
The NETCONF server response emits the <source-daemon> element as a child of the <error-info>
•
element instead of the <rpc-error> element.
If you also configure the flatten-commit-results statement at the edit system services netconf hierarchy
•
level, the NETCONF server suppresses any <commit-results> XML subtree in the response and only
emits an <ok> or <rpc-error> element.
See Configuring RFC-Compliant NETCONF Sessions.
What's Changed in 19.3R2
There are no changes in behavior and syntax for EX Series in Junos OS Release 19.3R2.
50
What's Changed in 19.3R1
Interfaces and Chassis
Support for creating Layer 2 logical interfaces independently (ACX Series, EX Series, MX Series, PTX
•
Series, and QFX Series)—In Junos OS Release 19.3R1 and later, EX Series switches support creating
Layer 2 logical interfaces independent of the Layer 2 routing-instance type. That is, you can configure
and commit the Layer 2 logical interfaces separately and add the interfaces to the bridge domain or
Ethernet VPN (EVPN) routing instance separately. Note that the Layer 2 logical interfaces work fine only
when they are added to the bridge domain or EVPN routing instance.
In earlier Junos OS releases, when you use a Layer 2 logical interface configuration (units with
encapsulation vlan-bridge configuration), then you must add the logical interface as part of a bridge
domain or EVPN routing instance for the commit to succeed.
Junos OS XML API and Scripting
Range defined for confirm-timeout value in NETCONF and Junos XML protocol sessions (ACX Series,
•
EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release 19.3R1,
the value for the <confirm-timeout> element in the Junos XML protocol <commit-configuration>
operation must be in the range 1 through 65,535 minutes, and the value for the <confirm-timeout>
element in the NETCONF <commit> operation must be in the range 1 through 4,294,967,295 seconds.
In earlier releases, the range is determined by the minimum and maximum value of its unsigned integer
data type.
XML RPC equivalent included for the show bgp output-scheduler | display xml rpc CLI command (ACX
•
Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release
19.3R1, we have included an XML RPC equivalent for the show bgp output-scheduler | display xml rpc
CLI command. In Junos OS releases before Release 19.3R1, the show bgp output-scheduler | display
xml rpc CLI command does not have an XML RPC equivalent.
[See show bgp output-scheduler.]
Layer 2 Features
input-native-vlan-push (EX2300, EX3400, EX4600, EX4650, and the QFX5000 line of switches)—From
•
Junos OS Release 19.3R1, the configuration statement input-native-vlan-push at the [edit interfaces
interface-name] hierarchy level is introduced. You can use this statement in a Q-in-Q tunneling
configuration to enable or disable whether the switch inserts a native VLAN identifier in untagged frames
received on the C-VLAN interface, when the configuration statement input-vlan-map with a push
operation is configured.
[See input-native-vlan-push.]
System Logging
Preventing system instability during core file generation (EX Series)—Starting with Release 19.3R1
•
onward, Junos OS checks for available storage space on the Routing Engine before generating core files
either on request or because of an assertion condition. This check ensures that your device does not
become unstable because of shortage of storage space on the Routing Engine. If the available space is
not sufficient, core files are not generated. Instead, Junos OS either displays the Insufficient Disk space
!!! Core generation skipped message as an output or issues the syslog message core generation is skipped
due to disk full.
51
SEE ALSO
What's New | 37
Known Limitations | 52
Open Issues | 53
Resolved Issues | 56
Documentation Updates | 69
Migration, Upgrade, and Downgrade Instructions | 70
Known Limitations
IN THIS SECTION
EVPN | 52
Infrastructure | 52
Platform and Infrastructure | 52
Learn about known limitations in this release for EX Series. For the most complete and latest information
about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.
EVPN
52
When a VLAN uses an IRB interface as the routing interface, the VLAN-ID parameter must be set to
•
none to ensure proper traffic routing. This issue is platform independent. PR1287557
Infrastructure
On an EX4300 switch, the CLI configuration set chassis routing-engine on-disk-failure disk-failure-action
•
(reboot | halt) is not supported. PR1450093
Platform and Infrastructure
With the 288,000 MAC scale, the Routing Engine command show ethernet-switching table summary
•
output displays the learned scale entries after a delay of around 60 seconds. PR1367538
During software upgrade to a more recent 19.3 images image, the system hangs after the request system
•
software add /var/tmp/<image.gz> command is issued. Device could be recovered by power cycling
the device. PR1405629
When the box is loaded and unloaded with the MACsec configuration multiple times with operations
•
made continuously, Layer 3 connectivity lost, the system stops, followed by a reboot to resume operation.
PR1416499
On deactivating and activating POE, the POE interface draws more power (as per the display) for quite
•
some time. PR1431647
Filters are installed only during route add if there is enough space. If the filter fails because of the
•
non-availability of TCAM space, those routes might not be processed for filter add later when space
becomes available. PR1419926
The set class-of-service shared-buffer ingress buffer-partition lossless-headroom percent 0 command
•
is not supported when in Virtual Chassis (VC), as the VCP ports should have some heardroom to support
PFC. Configuration will be rejected at the hardware layer with a log message. PR1448377
Even with the fix for PR1463015, the Failed to complete DFE tuning syslog might appear. This message
•
has no functional impact and can be ignored. PR1473280
SEE ALSO
What's New | 37
What's Changed | 47
Open Issues | 53
Resolved Issues | 56
Documentation Updates | 69
Migration, Upgrade, and Downgrade Instructions | 70
53
Open Issues
IN THIS SECTION
Authentication and Access Control | 54
Infrastructure | 54
Interfaces and Chassis | 54
Layer 2 Features | 54
Network Management and Monitoring | 54
Platform and Infrastructure | 54
Virtual Chassis | 56
Learn about open issues in this release for EX Series. For the most complete and latest information about
known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.
Authentication and Access Control
Before running the "load ssl-certificate path PATHNAME" command, configure the path using the "set
•
protocols dot1x ssl-certificate-path PATHNAME" command, if the default pathname is not "/var/tmp/".
PR1431086
Infrastructure
On EX Series switches, if you are configuring a large number of firewall filters on some interfaces, the
•
FPC might crash and generate core files. PR1434927
EX 9251: "IFDE: Null uint32 set vector, ifd and IFFPC: 'IFD Ether uint32 set' (opcode 151) error message
•
is observed continuously in AD with base configurations. PR1485038
Interfaces and Chassis
After GRES, the VSTP port cost on aggregated Ethernet interfaces might get changed, leading to a
•
topology change. PR1174213
54
Layer 2 Features
GARPs were being sent whenever there is a MAC (FDB) operation (add or delete). This is now updated
•
to send GARP when the interface is UP and the Layer3 interface is attached to the VLAN. PR1192520
Network Management and Monitoring
On EX Series switches except EX4300, EX4600, and EX9200, when RTG (Redundant Trunk Group)
•
switchovers are done, the /var/log/shadow.log or /var/log/shadow_debug.log is rotated. This might
cause the PFE process to crash. PR1233050
Platform and Infrastructure
ARP queue limit has been changed from 100 pps to 3000 pps. PR1165757
•
On an EX2300 switch, the output of the show chassis routing-engine command might display an incorrect
•
value of "Router rebooted after a normal shutdown" for the last reboot reason field. PR1331264
When VLAN is added as an action for changing the VLAN in both ingress and egress filters, the filter is
•
not installed. PR1362609
On an EX9208 switch, a few xe- interfaces go down with the error message "if_msg_ifd_cmd_tlv_decode
•
ifd xe-0/0/0 #190 down with ASIC Error". PR1377840
There is a possibility of seeing multiple reconnect logs, JTASK_IO_CONNECT_FAILED, during the device
•
initialization. There is no functionality impact because of these messages. These messages can be ignored.
PR1408995
On QFX5110 and QFX5120 platforms, unicast RPF check in strict mode might not work properly.
•
PR1417546
Minimal traffic loss of ~100 pps is seen on EX9208 when the packets are sent between FPCs. This is
•
due to random drops happening in the fabric. Amount of drop varies on the line rate and occurs less
frequently. router@host> show pfe statistics traffic |match dropSoftware input control plane drops :
0Software input high drops : 0Software input medium drops : 0Software input low drops : 0Software
output drops : 0Hardware input drops : 179892Info cell drops : 0Fabric drops : 71.PR1429714
BUM traffic rate limiting is done after removing Ethernet headers. L1 Tx rate on ingress interface: 1G
•
Tx rate with headers: 865 Mbps Rx rate on the egress interface:800M L1 Rx rate on egress interface:
925Mbps Storm control functionalities in MX-L card is achieved by poilcer and hence the below mentioned
policer inaccuracy is applicable for storm control feature as well. Since XM sprays packets to 4 different
LUs, each LU will be processing packets of varying sizes. XM does not do strict round-robin, so even if
all the incoming packets were to be of exact same sizes (which is not a practical scenario), each LU will
still be loaded differently, hence there will be some periods where some LUs policing limit may reach
sooner than the others (either due to processing more packets or due to processing larger packets).
Hence, it is possible that some LUs, which see the policing limit reached sooner may drop the packet or
color them differently that might result into eventual drop while the other LUs could queue the packets
for transmission, we could see this behavior within a single flow as well. Hence, the policer functionality
can be unpredictable at times. In an extreme case, a packet flow might be sent to a single LU and the
policer result is one-fourth of what is expected. Because the policer functionality, in general, may not
work correctly, we will see the impact on all the policing features - for example, input-policer,
three-color-policer (srTCM, trTCM), output-policer. PR1442842
55
On an EX9214 switch, if the MACsec-enabled link flaps after reboot, the error "errorlib_set_error_log():
•
err_id(-1718026239)" is observed. PR1448368
In overall commit time, the evaluation of mustd constraints is taking 2 seconds more than usual. This is
•
because the persist-group-inheritance feature has been made a default feature in the latest Junos OS
releases. Eventually, this feature helps improve the subsequent commit times for scaled configurations
significantly. The persist-group-inheritance feature is useful in customer scenarios where groups and
nested groups are used extensively. In those scenarios, the group inheritance paths are not built every
time; thus, subsequent commits are faster. PR1457939
The image size grows over a period of time and subsequently storage might be insufficient to install
•
images when upgrading EX2300 and EX3400 platforms. The upgrade might fail with the error message
not enough space to unpack. PR1464808
Virtual Chassis
EX4650: kldload: an error occurred while loading the module is displayed during booting. PR1527170
•
SEE ALSO
What's New | 37
What's Changed | 47
Known Limitations | 52
Resolved Issues | 56
Documentation Updates | 69
Migration, Upgrade, and Downgrade Instructions | 70
56
Resolved Issues
IN THIS SECTION
Resolved Issues: 19.3R3 | 57
Resolved Issues: 19.3R2 | 62
Resolved Issues: 19.3R1 | 64
Layer 2 Ethernet Services | 64
Network Management and Monitoring | 65
Platform and Infrastructure | 65
Routing Protocols | 68
Subscriber Access Management | 69
User Interface and Configuration | 69
Virtual Chassis | 69
VPNs | 69
Learn which issues were resolved in Junos OS main and maintenance releases for EX Series.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Resolved Issues: 19.3R3
Authentication and Access Control
EX4600 and EX4300—MAC entry missing in Ethernet Switching table for MAC-RADIUS client in server_fail
•
scenario when tagged is sent for the second client. PR1462479
Authentication failure might occur on the captive portal. PR1504818
•
The Junos OS event DOT1XD_AUTH_SESSION_DELETED might not be triggered when the 802.1X
•
(dot1x) authentication session is terminated. PR1512724
The dot1x client will not be moved to the hold state when the authenticated PVLAN is deleted.
•
PR1516341
Class of Service (CoS)
Shaping does not work after the reboot if shaping-rate is configured. PR1432078
•
The traffic is placed in the network control queue on the extended port even if it comes in with a different
•
DSCP marking. PR1433252
57
EVPN
rpd might crash after changing the EVPN-related configuration. PR1467309
•
The ESI of IRB interfaces does not update after autonomous-system number change if the interface is
•
down. PR1482790
The l2ald memory leak might be observed in any EVPN scenario. PR1498023
•
The VXLAN function might be broken due to a timing issue after the change in PR1495098. PR1502357
•
Unable to create a new VTEP interface. PR1520078
•
Forwarding and Sampling
Type 1 ESI/AD route might not be generated locally on EVPN PE in the all-active mode. PR1464778
•
Infrastructure
EX4300—CLI configuration on-disk-failure is not supported. PR1450093
•
l2ald and eventd are hogging 100% after the clear ethernet-switching table command is
•
issued.PR1452738
EX Series switches might not come up properly upon reboot. PR1454950
•
Error messages related to soft reset of port due to queue buffers being stuck could be seen on an
•
EX4600-EX4300 Virtual Chassis. PR1462106
Continuous dcpfe error messages and eventd process hogged might be seen in an EX2300 Virtual Chassis
•
scenario. PR1474808
Kernel core file might be observed while deactivating the daemon on the EX2300 and EX3400 platforms.
•
PR1483644
fxpc might crash when configuring scaled configuration with 4093 VLANs. PR1493121
•
Interfaces and Chassis
The syslog scchassisd[ ]: CHASSISD_IPC_WRITE_ERR_NULL_ARGS: FRU has no connection arguments
•
fru_send_msg Global FPC x is observed after an MX Series Virtual Chassis local or global switchover.
PR1428254
The MC-LAG configuration-consistency ICL-configuration might fail after committing some changes.
•
PR1459201
Executing commit might result in hangup due to the stuck dcd process. PR1470622
•
Junos Fusion Enterprise
Observed error jnh_dot1br_ktree_entry_create(1098): Entry Already Exists. Observing duplicate ECID
•
values for cluster/extended ports on member ports of same cluster. PR1408947
58
SDPD core file found @ vfpc_all_eports_deletion_complete vfpc_dampen_fpc_timer_expiry. PR1454335
•
Loop detection might not work on extended ports in Junos Fusion scenarios. PR1460209
•
Junos Fusion Satellite Software
Temperature sensor alarm is seen on an EX4300 switch in a Junos Fusion scenario. PR1466324
•
Layer 2 Features
The LLDP function might fail when a Juniper device connects to a non-Juniper one. PR1462171
•
fxpc.core might be seen when committing the configuration altogether, for example, after the reboot.
•
PR1467763
Traffic might be affected if composite next hop is enabled. PR1474142
•
Layer 2 Ethernet Services
Member links state might be asynchronized on a connection between Provider Edge and Customer Edge
•
devices in an EVPN active/active scenario. PR1463791
Issues with DHCPv6 Relay processing Confirm and Reply packets. PR1496220
•
MPLS
BGP session might keep flapping between two directly connected BGP peers because of the incorrect
•
TCP MSS (maximum segment size) in use. PR1493431
Platform and Infrastructure
EX3400-VC—unable to upgrade /usr/libexec/ui/package: /var/tmp/mchassis-install.tgz: no such file.
•
PR1440122
The laser Tx might be enabled while the interface is disabled. PR1445626
•
NSSU causes a traffic loss again after the backup to master transitions. PR1448607
•
On certain MPC line cards, cm errors need to be reclassified. PR1449427
•
The IRB traffic might drop after mastership switchover. PR1453025
•
The OSPF neighbor might go down when the mDNS/PTP traffic is received at a rate greater than 1400
•
pps. PR1459210
Traffic loss may be observed for longer than 20 seconds when performing NSSU on an EX4300 VC.
•
PR1461983
59
IGMP reports are dropped with mixed enterprise and SP configuration styles on an EX4300 switch.
•
PR1466075
The switch might not be able to learn MAC address with dot1x and interface-mac-limit configured.
•
PR1470424
EX4300: Input firewall filter attached to isolated or community VLANs does not match the dot1p bits
•
on the VLAN header. PR1478240
MAC learning under bridge-domain stops after the MC-LAG interface flaps. PR1488251
•
The traffic destined to VRRP VIP might be dropped after the IRB interface is disabled on the initial VRRP
•
master PR1491348
IPv6 neighbor solicitation packets might be dropped in a transit device PR1493212
•
Packets get dropped when next hop is IRB over the LT- interface. PR1494594
•
The NSSU upgrade might fail on EX4300 switches due to a storage issue in the /var/tmp directory
•
PR1494963
Traffic loss might be seen with framing errors or runts if MACsec is configured on an EX4300 switch.
•
PR1502726
VC split after network topology change. PR1427075
•
The l2cpd process might crash and generate a core file when interfaces are flapping PR1431355
•
IRB over VTEP unicast traffic might get dropped on EX9200 and MX platforms PR1436924
•
The MAC Pause frames will be incrementing on Receive direction if the half duplex mode on 10Mbps
•
or 10 MBps speed is configured PR1452209
A firewall filter might not be able to be applied in a particular VC or VCF member as the TCAM space is
•
running out PR1455177
Link up delay and traffic drop might be seen on mixed SP Layer 2 and Layer 3 and EP Layer 2 type
•
configurations. PR1456336
MAC addresses learned on RTG may not be aged out after aging time PR1461293
•
RTG link faces nearly a 20-second down time during backup node rebooting PR1461554
•
The VC function may be broken after upgrading on EX2300/EX3400 platforms PR1463635
•
EX Series (ELS) / QFX Series—There are some commands to disable a MAC learning, and some of them
•
were not working. PR1464797
jdhcpd might consume high CPU and no further subscribers can be brought up if more than 4000
•
dhcp-relay clients in the MAC-MOVE scenario. PR1465277
fxpc might crash after mastership election on on the EX2300 and EX3400 platforms. PR1465526
•
The broadcast and multicast traffic might be dropped over IRB or LAG interface in in a QFX Series or
•
EX Series Virtual Chassis scenario. PR1466423
60
The MAC move message may have an incorrect "from" interface when the MAC moves rapidly.
•
PR1467459
FPCs might get disconnected from an EX3400 VC briefly after reboot/upgrade. PR1467707
•
Optics measurements might not be streamed for interfaces of a PIC over JTI PR1468435
•
FPC may be down when configuring VXLAN routing. PR1468736
•
Traffic loss might be seen with framing errors or runts if MACsec is configured on the EX4600 and
•
QFX5100 platforms. PR1469663
The SSH session closes while checking for the show configuration | display set command for both local
•
and non-local users. PR1470695
An EX3400 switch is advertising only 100m when configured the speed 100m with autonegotiation
•
enabled. PR1471931
The shaping of CoS does not work after reboot. PR1472223
•
CoS 802.1p bit rewrite might not happen in Q-in-Q mode. PR1472350
•
DSCP marking might not work as expected if the fixed classifiers are applied to interfaces on the QFX5000
•
and EX4600 platforms. PR1472771
The RIPv2 packets forwarded across a Layer 2 circuit connection might be dropped. PR1473685
•
The dhcpd process may crash in a Junos Fusion environment. PR1478375
•
MPCs might stop when there is bulk route update failure in a corner case. PR1478392
•
TFTP installation from loader prompt may not succeed on the EX Series devices PR1480348
•
ARP request packets for unknown host might get dropped in remote PE in an EVPN-VXLAN scenario.
•
PR1480776
On an EX2300 switch, SNMP traps are not generated when MAC address limit threshold is reached.
•
PR1482709
Incorrect “frame length” of 132 bytes might be captured in a packet header. PR1487876
•
DHCP binding might fail when the PVLAN is configured with a firewall to block or allow certain IPv4
•
packets. PR1490689
Traffic loss could be seen under the MC-LAG scenario on a QFX5120 or EX4650 switch. PR1494507
•
Outbound SSH connection flap or memory leak issue might be observed during pushing the configuration
•
to the ephemeral DB with high rate. PR1497575
Traffic might get dropped if an AE member interface is deleted or added or if a SFP of the AE member
•
interface is unplugged or plugged. PR1497993
The OSPF might be stuck in the "ExStart" state if it is configured across the master and the standby FPCs
•
of the EX4300-48MP VC PR1498903
61
Continuous traffic loss might happen during GRES. PR1500783
•
LLDP neighborship might be unable to set up on QFX5000 platforms PR1504354
•
LLDP might not work when PVLAN is configured on EX Series switches or QFX Series Virtual Chassis.
•
PR1511073
"dot1x" memory leak is observed. PR1515972
•
MPPE-Send/Recv-key attribute is not extracted correctly by dot1xd PR1522469
•
"Drops" and "Dropped packets" counters in the output by "show interface extensive" are double counting.
•
PR1525373
Routing Protocols
Host-destined packets with filter log action might not reach the RE if log/syslog is enabled PR1379718
•
QFX5100—BGP v4/v6 convergence & RIB install/delete time degraded in Junos OS Release 19.1R1,
•
19.2R1, 19.3R1, and 19.4R1. PR1414121
The "other querier present interval" timer cannot be changed in an IGMP/MLD snooping scenario
•
PR1461590
LACP interface might not go to "collecting and distributing" state if along with the knob of "force-up"
•
PR1484523
FPC may go to the "NotPrsnt" state after upgrading with non-tvp image in VC/VCF setup PR1485612
•
The BGP route-target family might prevent the RR from reflecting Layer 2 VPN and Layer 3 VPN routes.
•
PR1492743
The firewall filter could not work in certain conditions under a VC setup PR1497133
•
Packet loss is seen for stream bLock:irb_lacp_tr_ospf while verifying traffic from access to core network
•
for IPv4 PR1520059
User Interface and Configuration
The umount: unmount of /.mount/var/val/chroot/packages/mnt/jweb-ex32-d2cf6f6b failed: Device
•
busy message is seen when Junos OS is upgraded with the validate option. PR1478291
J-Web does not display the correct Flow-control status on EX Series devices. PR1520246
•
Virtual Chassis
Disabling one of the VCP ports might result in another VCP port flapping PR1469257
•
Resolved Issues: 19.3R2
EVPN
ARP request or neighbor solicitation message might be sent back to the local segment by the designated
•
forwarder (DF) router. PR1459830
62
Infrastructure
Certain EX Series platforms might generate VM core files by panic and reboot. PR1456668
•
Traffic is dropped on EX4300-48MP device acting as a leaf device in a Layer 2 IP fabric EVPN VXLAN
•
environment. PR1463318
Interfaces and Chassis
VRRP-V state is flapping with init and idle states after configuring vlan-tagging. PR1445370
•
J-Web
Some error messages might be seen when using J-Web. PR1446081
•
Layer 2 Features
ERPS nodes do not converge to idle state after failure recovery or reboot. PR1431262
•
MAC or ARP learning might not work for copper base SFP-T transceiver on EX4600. PR1437577
•
Platform and Infrastructure
LACP DDoS policer is incorrectly triggered by other protocols traffic on all EX92XX/T4000 and MX
•
platforms. PR1409626
The interface on a failed member FPC of EX2300 and EX3400 Virtual Chassis might stay up for 120
•
seconds. PR1422507
LED turns on even after the Virtual Chassis members are powered off. PR1438252
•
The rpd might generate core files during router bootup due to a file pointer issue as there are two code
•
paths that can close the file. We are attempting to close the file without validating the file pointer.
PR1438597
EX4600 Virtual Chassis does not come up after you replace the fiber connection on the Virtual Chassis
•
port with a DAC cable. PR1440062
MAC addresses learned on RTG might not be aged out after a Virtual Chassis member is rebooted.
•
PR1440574
On Ex4300-MP, the following log is generated continuously: rpd[6550]: task_connect: task AGENTD
•
I/O.: Connection refused PR1445618
Traffic might be dropped when a firewall filter rule uses then vlan as the action in a Virtual Chassis
•
scenario. PR1446844
Unicast ARP requests are not replied to with no-arp-trap option. PR1448071
•
Tunneling-encapsulated packets are dropped on the Layer 3 VPN MPLS PE-CE interface. PR1451032
•
DHCP snooping static binding does not take effect after deleting and re-adding the entries. PR1451688
•
63
Configuration change in VLAN all option might affect the per-VLAN configuration. PR1453505
•
Version compare in PHC might fail, making the PHC to download the same image. PR1453535
•
REST API process becomes nonresponsive when a number of requests come with a high rate. PR1449987
•
Packet drop might be seen after removing and reinserting the SFP transceiver of the 40G Uplink Module
•
ports. PR1456039
The syslog timeout connecting to peer database-replication is generated when the show version detail
•
command is issued. PR1457284
Overtemperature SNMP trap messages appear after an update even though the temperature is within
•
the system thresholds. PR1457456
The correct VoIP VLAN information in LLDP-MED packets might not be sent after commit if dynamic
•
VoIP VLAN assignment is used. PR1458559
Storage space limitation leads to image installation failure during Phone home on EX2300 and EX3400
•
platforms. PR1460087
ERP might not revert to idle state after reload or reboot of multiple switches. PR1461434
•
Routing Protocols
Junos BFD sessions with authentication flap after a certain time. PR1448649
•
User Interface and Configuration
EX4600 and QFX5100 are unable to commit baseline configuration after zeroization. PR1426341
•
Problem with access to J-Web after an update from Junos OS Release 18.2R2 to Release 18.2R3.
•
PR1454150
Virtual Chassis
Current MAC address might change when deleting one of the multiple Layer 3 interfaces. PR1449206
•
Resolved Issues: 19.3R1
EVPN
The device may proxy the ARP probe packets in an EVPN environment. PR1427109
•
Configuring ESI on a single-homed 25-Gbps port might not work. PR1438227
•
Forwarding and Sampling
Enable interface with input/output vlan-maps to be added to a routing-instance configured with a VLAN
•
ID or VLAN tags (instance type virtual-switch/vpls). PR1433542
Infrastructure
The traffic to the NLB server may not be forwarded if the NLB cluster works in multicast mode.
•
PR1411549
64
The operations on the console might not work if the system ports console log-out-on-disconnect
•
statement is configured. PR1433224
Interfaces and Chassis
Missing mandatory ICCP configuration statement redundancy-group-id-list produces misleading error
•
message. PR1402606
The IFLs in EVPN routing instances might flap after committing configurations. PR1425339
•
EX9214 unexpected duplicate VLAN-ID commit error. PR1430966
•
Layer 2 Ethernet Services
DHCP request may get dropped in DHCP relay scenario. PR1435039
•
On EX9200 switches, DHCP Relay is stripping the 'GIADDR' field in messages toward the DHCP clients.
•
PR1443516
Network Management and Monitoring
Overtemperature trap does not sent out even though there is the Temperature Hot alarm. PR1412161
•
Platform and Infrastructure
[SIRT]Certain QFX and EX Series devices are vulnerable to 'Etherleak' memory disclosure in Ethernet
•
padding data (CVE-2017-2304). PR1063645
Transit OSPF traffic over Q-in-Q tunneling might be dropped if a firewall filter is applied to Lo0 interface.
•
PR1355111
The l2ald process might crash and generate a core file on EX2300 Virtual Chassis when a trunk port is
•
converted to dot1x access port with tagged traffic flowing. PR1362587
QFX5120 and EX4650 : Convergence delay between PE1 and P router link is more than expected delay
•
value. PR1364244
IPv6 router advertisement (RA) messages might increase internal kernel memory usage. PR1369638
•
65
The DHCP discover packets are forwarded out of an interface incorrectly if DHCP snooping is configured
•
on that interface. PR1403528
MAC address movement might not happen in Flexible Ethernet Services mode when family inet/inet6
•
and vlan-bridge are configured on the same IFD. PR1408230
EX9251, EX9253, and EX9208: DDoS violation for LLDP, MVRP, provider MVRP and dot1x is incorrectly
•
reported as LACP DDoS violation. PR1409626
EX2300-24P, error message: dc-pfe: BRCM_NH-,brcm_nh_resolve_get_nexthop(),346:Failed to find if
•
family. PR1410717
EX4300-48MP : Chassis Status LED glow yellow instead of amber. PR1413194
•
The upgrade of the PoE firmware might fail on EX3400. PR1413802
•
EX3400 : show chassis environment repeats "OK" and "Failed" at short intervals. PR1417839
•
The EX3400 Virtual Chassis status might be unstable during the bootup of the Virtual Chassis or after
•
the Virtual Chassis port flaps. PR1418490
EX4300-48MP-18.3R1.9 //Over Temperature SNMP trap generated wrongly for LC (EX4300-48P)
•
based on the master Routing Engine (EX4300-48MP) temperature threshold value. PR1419300
EX4300: Runt counter never incremented. PR1419724
•
The pfex process might crash and generates core files when you reinsert SFP. PR1421257
•
Commit of configurations involving interface-range defined over wildcard range such as ge-*/*/* not
•
supported. PR1421446
Virtual Chassis may become unstable and FXPC core files may be generated when there are a lot of
•
configured filter entries. PR1422132
Traffic loss when one of the logical interfaces on the LAG is deactivated or deleted. PR1422920
•
Ensure phone-home works in factory-default configuration. PR1423015
•
Adding the second IRB interface to an aggregated Ethernet interface and rolling it back might cause the
•
first IRB interface to stop working. PR1423106
IPv6 multicast traffic received on one Virtual Chassis member might be dropped when egressing on
•
other Virtual Chassis member if MLD snooping is enabled. PR1423310
EX3400 : Auto negotiation status shows incomplete on ge-0/2/0 using SFP-SX. PR1423469
•
Multicast traffic might be silently dropped on ingress port with igmp-snooping enabled. PR1423556
•
MACsec connection on EX4600 platforms might not come back up after interface disconnect/reconnect.
•
PR1423597
On EX9251 optics "SFP-1GE-FE-E-T" I2C read errors are seen when an SFP-T is inserted into a disabled
•
state port. PR1423858
66
The auditd crashed when Accounting RADIUS server was not reachable. PR1424030
•
The native VLAN ID of packets might fail to be removed when leaving out. PR1424174
•
MAC overlapping between different switches. PR1425123
•
SNMP (ifHighSpeed) value is not getting displayed appear properly only for VCP interfaces, it is getting
•
displayed as zero. PR1425167
The jdhcpd might consume 100% CPU and crash if dhcp-security is configured. PR1425206
•
Interface flapping scenario might lead to ECMP next-hop installation failure on EX4300s. PR1426760
•
Virtual Chassis split after network topology changed. PR1427075
•
The fxpc/Packet Forwarding Engine might crash on EX2300 or EX3400 platforms. PR1427391
•
Rebooting or halting a Virtual Chassis member might cause 30 seconds down on RTG link. PR1427500
•
IPv6 traffic might be dropped when static /64 IPv6 routes are configured. PR1427866
•
VIP might not forward the traffic if VRRP is configured on an aggregated Ethernet interface. PR1428124
•
EX2300-24P : l2ald core files observed after removal and re-addition of multiple supplicant mode with
•
PVLAN on interface. PR1428469
Data port LEDs are off even while interfaces are up. PR1428703
•
CI-PR: Verification of ND inspection with a dynamically bound client, moved to a different VLAN on the
•
same port is failing. PR1428769
The delay in transmission of BPDUs after GRES might result in loss of traffic on EX2300/3400 Virtual
•
Chassis. PR1428935
When forward-only is set within dhcp-reply, dhcp declines are not forwarded to server. PR1429456
•
EX4300 does not drop FCS frames with CRC error on xe- interfaces. PR1429865
•
Unicast ARP requests are not replied to with the no-arp-trap option. PR1429964
•
EX4300 without soft error recovery(parity check, correction and memscan) enable. PR1430079
•
The jdhcpd_era log files constantly consume 121M of space out of 170M, resulting into file system full
•
and traffic impact. PR1431201
EX4300-48MP switch cannot learn MAC address through some access ports that are directly connected
•
to a host when auto-negotiation is used. PR1430109
Disabling DAC QSFP port may not work on MX204, MX10003, or EX9251. PR1430921
•
Incorrect model Information while polling through SNMP from Virtual-Chassis. PR1431135
•
The ERPS failover does not work as expected on an EX4300 device. PR1432397
•
Native VLAN might not take into effect when it is enabled with flexible VLAN tagging on a Layer 3
•
subinterface. PR1434646
67
The device might not be accessible after the upgrade. PR1435173
•
The mc-ae interface may get stuck in waiting state in a dual mc-ae scenario. PR1435874
•
i40e NVM upgrade support for EX9200 platform. PR1436223
•
The FPC/pfex crash may be observed due to DMA buffer leaking. PR1436642
•
The /var/db/scripts directory might be deleted after executing request system zeroize. PR1436773
•
Commit check error for VSTP on EX9200s: xSTP:Trying to configure too many interfaces for given
•
protocol. PR1438195
The DHCP Snooping table might be cleared for VLAN ID 1 after adding a new VLAN ID to it. PR1438351
•
The dot1x might not work when captive-port is also configured on the interface on backup/non-master
•
FPC. PR1439200
DHCPv6 relay binding is not up while verifying the DHCP snooping along with DHCPv6 relay. PR1439844
•
The ports of the EX device might stay in up state even if the EX46XX/QFX51XX series device is rebooted.
•
PR1441035
Clients in an isolated VLAN might not get IP addresses after completing authentication when both
•
dhcp-security and dot1x are configured. PR1442078
EX3400 fan alarm (Fan X not spinning) appears and disappears repeatedly after the fan tray is removed
•
(absent). PR1442134
DHCPv6 client might fail to get an IP address. PR1442867
•
Non-designated port is not moving to backup port role. PR1443489
•
/var/host/motd does not exist message is flooded every 5 seconds in chassisd logs. PR1444903
•
On EX4300-MP, log generated continuously: rpd[6550]: task_connect: task AGENTD I/O.128.0.0.1+9500
•
addr 128.0.0.1+9500: Connection refused. PR1445618
CI-PR: On EX3400 - dot1xd core files found @ macsec_update_intf macsec_destroy_ca. PR1445764
•
Major alarm log messages for temperature conditions for EX4600 at 56 degrees Celsius. PR1446363
•
The traffic might be dropped when a firewall filter rule uses 'then vlan' as the action in a Virtual Chassis
•
scenario. PR1446844
The PoE might not work after upgrading the PoE firmware on EX4300 platforms. PR1446915
•
The firewall filters might not be created with error logs after reboot. PR1447012
•
Phone home on EX3400 fails because sysctl cannot read the device serial number. PR1447291
•
Added CLI configuration on-disk-failure on EX3400. PR1447853
•
Unicast ARP requests are not replied with the no-arp-trap option. PR1448071
•
On EX3400, IPv6 routes received through BGP do not show the correct age time. PR1449305
•
Incoming Layer3-encapsulated packets are dropped on Layer 3VPN MPLS PE-CE interface. PR1451032
•
68
Routing Protocols
Host-destined packets with filter log action might not reach the Routing Engine if log/syslog is enabled.
•
PR1379718
Sometimes, IGMP snooping may not work. PR1420921
•
The multicast traffic might be dropped when proxy mode is used for igmp-snooping. PR1425621
•
The error message RPD_DYN_CFG_GET_PROF_NAME_FAILED: Get profile name for session XXX
•
failed: -7, may be seen in syslog after restarting routing daemon. PR1439514
The bandwidth value of the DDoS-protection might cause the packets loss after the device reboot.
•
PR1440847
IPv6 connectivity between MC-LAG peers might fail when multiple IRB interfaces are present. PR1443507
•
Loopback address exported into other VRF instance might not work on EX Series, QFX Series, or ACX
•
Series platforms. PR1449410
MPLS LDP may still use stale MAC of the neighbor even the LDP neighbor's MAC changes. PR1451217
•
Subscriber Access Management
EX4300 /var showing full /var/log/dfcd_enc file grows in size PR1425000
•
User Interface and Configuration
EX4600 and QFX5100 were unable to commit baseline configuration after zeroization. PR1426341
•
Virtual Chassis
Current MAC address might change when deleting one of the multiple Layer 3 interfaces. PR1449206
•
VPNs
MVPN using PIM dense mode does not prune the OIF when PIM prune is received. PR1425876
•
69
SEE ALSO
What's New | 37
What's Changed | 47
Known Limitations | 52
Open Issues | 53
Documentation Updates | 69
Migration, Upgrade, and Downgrade Instructions | 70
Documentation Updates
There are no errata or changes in Junos OS Release 19.3R3 documentation for the EX Series switches.
SEE ALSO
What's New | 37
What's Changed | 47
Known Limitations | 52
Open Issues | 53
Resolved Issues | 56
Migration, Upgrade, and Downgrade Instructions | 70
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
Upgrade and Downgrade Support Policy for Junos OS Releases | 70
This section contains the upgrade and downgrade support policy for Junos OS for the EX Series. Upgrading
or downgrading Junos OS can take several hours, depending on the size and configuration of the network.
For information about software installation and upgrade, see the Installation and Upgrade Guide.
70
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not
provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the
next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently
installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from
Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead
or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before
or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release
to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://support.juniper.net/support/eol/software/junos/.
SEE ALSO
What's New | 37
What's Changed | 47
Known Limitations | 52
Open Issues | 53
Resolved Issues | 56
Documentation Updates | 69
Junos OS Release Notes for Junos Fusion Enterprise
IN THIS SECTION
What’s New | 72
What’s Changed | 73
71
Known Limitations | 73
Open Issues | 74
Resolved Issues | 75
Documentation Updates | 76
Migration, Upgrade, and Downgrade Instructions | 76
These release notes accompany Junos OS Release 19.3R3 for Junos Fusion Enterprise. Junos Fusion
Enterprise is a Junos Fusion that uses EX9200 switches in the aggregation device role. These release notes
describe new and changed features, limitations, and known problems in the hardware and software.
NOTE: For a complete list of all hardware and software requirements for a Junos Fusion
Enterprise, including which Juniper Networks devices can function as satellite devices, see
Understanding Junos Fusion Enterprise Software and Hardware Requirements .
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/product/en_US/junos-os.
What’s New
IN THIS SECTION
What's New in Release 19.3R3 | 72
What's New in Release 19.3R2 | 72
What's New in Release 19.3R1 | 72
Learn about new features introduced in the Junos OS main and maintenance releases for Junos fusion for
enterprise.
NOTE: For more information about the Junos Fusion Enterprise features, see the Junos Fusion
Enterprise User Guide.
72
What's New in Release 19.3R3
There are no new features or enhancements to existing features for Junos fusion for enterprise in Junos
OS Release 19.3R3.
What's New in Release 19.3R2
There are no new features or enhancements to existing features for Junos fusion for enterprise in Junos
OS Release 19.3R2.
What's New in Release 19.3R1
There are no new features or enhancements to existing features for Junos fusion for enterprise in Junos
OS Release 19.3R1.
SEE ALSO
What’s Changed | 73
Known Limitations | 73
Known Issues | 74
Resolved Issues | 75
Documentation Updates | 76
Migration, Upgrade, and Downgrade Instructions | 76
What’s Changed
There are no changes in behavior of Junos OS features and changes in the syntax of Junos OS statements
and commands in Junos OS Release 19.3R3 for Junos fusion for enterprise.
SEE ALSO
What’s New | 72
Known Limitations | 73
73
Known Issues | 74
Resolved Issues | 75
Documentation Updates | 76
Migration, Upgrade, and Downgrade Instructions | 76
Known Limitations
There are no known behaviors, system maximums, and limitations in hardware and software in Junos OS
Release 19.3R3 for Junos fusion for enterprise.
For the most complete and latest information about known Junos OS problems, use the Juniper Networks
online Junos Problem Report Search application.
SEE ALSO
What’s New | 72
What’s Changed | 73
Known Issues | 74
Resolved Issues | 75
Documentation Updates | 76
Migration, Upgrade, and Downgrade Instructions | 76
Open Issues
IN THIS SECTION
Junos Fusion for Enterprise | 74
Learn about open issues in this release for Junos fusion for enterprise. For the most complete and latest
information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search
application.
Junos Fusion for Enterprise
On EX4300 when 10GbE fiber port is using 1-gigabit Ethernet SFP optics, autonegotiation is enabled
•
by default. To bring up the satellite device, BCM recommends to disable the autonegotiation for
PHY84756 ports. PR1420343
74
In a Junos fusion for enterprise environment with EX2300-48P or EX2300-48T acting as satellite devices,
•
the loop-detect feature does not work for ports 0–23, because the loop-detect filter is not properly
applied. PR1426757
In a Junos fusion for enterprise environment, when traffic originates from a peer device connected to
•
the aggregation device and the ICL is a LAG, there might be a reachability issue if the cascade port is
disabled and traffic has to flow through the ICL LAG to reach the satellite device. As a workaround, use
a single interface as the ICL instead of a LAG. PR1447873
Traffic drop seen from the satellite device to the aggregation device on L3 unicast OSPF routes.
•
PR1450373
SEE ALSO
What’s New | 72
What’s Changed | 73
Known Limitations | 73
Resolved Issues | 75
Documentation Updates | 76
Migration, Upgrade, and Downgrade Instructions | 76
Resolved Issues
IN THIS SECTION
Resolved Issues: 19.3R3 | 75
Resolved Issues: 19.3R2 | 75
Resolved Issues: 19.3R1 | 75
Learn which issues were resolved in Junos OS main and maintenance releases for Junos fusion for enterprise.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
75
Resolved Issues: 19.3R3
The sdpd process generates a core file at vfpc_all_eports_deletion_complete
•
vfpc_dampen_fpc_timer_expiry. PR1454335
Loop detection might not work on extended ports in Junos fusion scenarios. PR1460209
•
The temperature sensor alarm is seen on EX4300 in a Junos fusion scenario. PR1466324
•
Resolved Issues: 19.3R2
There are no resolved issues in Release 19.3R2.
Resolved Issues: 19.3R1
Traffic might be dropped in a Junos fusion for enterprise scenario with dual aggregation devices.
•
PR1417139
The 1G SFP in 10G upstream port on EX3400 and EX4300 satellite devices might not come up.
•
PR1420343
The loop-detect feature does not work in Junos fusion enterprise. PR1426757
•
SEE ALSO
What’s New | 72
What’s Changed | 73
Known Limitations | 73
Known Issues | 74
Documentation Updates | 76
Migration, Upgrade, and Downgrade Instructions | 76
Documentation Updates
There are no errata or changes in Junos OS Release 19.3R3 for documentation for Junos fusion for
enterprise.
SEE ALSO
76
What’s New | 72
What’s Changed | 73
Known Limitations | 73
Known Issues | 74
Resolved Issues | 75
Migration, Upgrade, and Downgrade Instructions | 76
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
Basic Procedure for Upgrading Junos OS on an Aggregation Device | 77
Upgrading an Aggregation Device with Redundant Routing Engines | 78
Preparing the Switch for Satellite Device Conversion | 79
Converting a Satellite Device to a Standalone Switch | 80
Upgrade and Downgrade Support Policy for Junos OS Releases | 80
Downgrading from Junos OS | 81
This section contains the procedure to upgrade or downgrade Junos OS and satellite software for a Junos
Fusion Enterprise. Upgrading or downgrading Junos OS and satellite software might take several hours,
depending on the size and configuration of the Junos Fusion Enterprise topology.
Basic Procedure for Upgrading Junos OS on an Aggregation Device
When upgrading or downgrading Junos OS for an aggregation device, always use the junos-install package.
Use other packages (such as the jbundle package) only when so instructed by a Juniper Networks support
representative. For information about the contents of the junos-install package and details of the installation
process, see the Installation and Upgrade Guide.
NOTE: Before upgrading, back up the file system and the currently active Junos OS configuration
so that you can recover to a known, stable environment in case the upgrade is unsuccessful.
Issue the following command:
user@host> request system snapshot
77
The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration
information from the previous software installation is retained, but the contents of log files might
be erased. Stored files on the routing platform, such as configuration templates and shell scripts
(the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored
files, copy them to another system before upgrading or downgrading the routing platform. See
the Junos OS Administration Library.
To download and install Junos OS:
1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:
https://www.juniper.net/support/downloads/
2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address)
and password supplied by Juniper Networks representatives.
3. Select By Technology > Junos Platform > Junos Fusion to find the software that you want to download.
4. Select the release number (the number of the software version that you want to download) from the
Version drop-down list on the right of the page.
5. Select the Software tab.
6. Select the software package for the release.
7. Review and accept the End User License Agreement.
8. Download the software to a local host.
9. Copy the software to the routing platform or to your internal software distribution site.
10. Install the new junos-install package on the aggregation device.
NOTE: We recommend that you upgrade all software packages out of band using the console
because in-band connections are lost during the upgrade process.
Customers in the United States and Canada, use the following commands:
user@host> request system software add validate reboot source/package.tgz
All other customers, use the following commands, where n is the spin number.
78
user@host> request system software add validate reboot source/package-limited.tgz
Replace source with one of the following values:
/pathname—For a software package that is installed from a local directory on the router.
•
For software packages that are downloaded and installed from a remote location:
•
ftp://hostname/pathname
•
http://hostname/pathname
•
scp://hostname/pathname (available only for Canada and U.S. version)
•
The validate option validates the software package against the current configuration as a prerequisite
to adding the software package to ensure that the router reboots successfully. This is the default
behavior when the software package being added is a different release.
Adding the reboot command reboots the router after the upgrade is validated and installed. When the
reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.
Rebooting occurs only if the upgrade is successful.
Upgrading an Aggregation Device with Redundant Routing Engines
If the aggregation device has two Routing Engines, perform a Junos OS installation on each Routing Engine
separately to minimize disrupting network operations as follows:
1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the
configuration change to both Routing Engines.
2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running
software version on the master Routing Engine.
3. After making sure that the new software version is running correctly on the backup Routing Engine,
switch over to the backup Routing Engine to activate the new software.
4. Install the new software on the original master Routing Engine that is now active as the backup Routing
Engine.
For the detailed procedure, see the Installation and Upgrade Guide.
Preparing the Switch for Satellite Device Conversion
There are multiple methods to upgrade or downgrade satellite software in your Junos Fusion Enterprise.
See Configuring or Expanding a Junos Fusion Enterprise.
For satellite device hardware and software requirements, see Understanding Junos Fusion Enterprise
Software and Hardware Requirements.
79
Use the following command to install Junos OS on a switch before converting it into a satellite device:
user@host> request system software add validate reboot source/package-name
NOTE: The following conditions must be met before a Junos switch that is running Junos OS
Release 14.1X53-D43 can be converted to a satellite device when the action is initiated from
the aggregation device:
The switch running Junos OS can be converted only to SNOS 3.1 and later.
•
Either the switch must be set to factory-default configuration by using the request system
•
zeroize command, or the following command must be included in the configuration: set chassis
auto-satellite-conversion.
When the interim installation has completed and the switch is running a version of Junos OS that is
compatible with satellite device conversion, perform the following steps:
1. Log in to the device using the console port.
2. Clear the device:
[edit]
user@satellite-device# request system zeroize
NOTE: The device reboots to complete the procedure for resetting the device.
If you are not logged in to the device using the console port connection, your connection to the device
is lost after you enter the request system zeroize command.
If you lose connection to the device, log in using the console port.
3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces
from Virtual Chassis ports (VCPs) into network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number
For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into
network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 0
80
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 1
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 2
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 3
This step is required for the 40-Gbps QSFP+ interfaces that will be used as uplink interfaces in a Junos
Fusion topology. Built-in 40-Gbps QSFP+ interfaces on EX4300 switches are configured into VCPs by
default, and the default settings are restored after the device is reset.
After this initial preparation, you can use one of three methods to convert your switches into satellite
devices—autoconversion, manual conversion, or preconfiguration. See Configuring or Expanding a Junos
Fusion Enterprise for detailed configuration steps for each method.
Converting a Satellite Device to a Standalone Switch
If you need to convert a satellite device to a standalone device, you must install a new Junos OS software
package on the satellite device and remove it from the Junos Fusion topology. For more information, see
Converting a Satellite Device to a Standalone Device.
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not
provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the
next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently
installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from
Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead
or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before
or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release
to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html
Downgrading from Junos OS
Junos Fusion Enterprise is first supported in Junos OS Release 16.1, although you can downgrade a
standalone EX9200 switch to earlier Junos OS releases.
81
NOTE: You cannot downgrade more than three releases.
For more information, see the Installation and Upgrade Guide.
To downgrade a Junos Fusion Enterprise from Junos OS Release 19.2R1, follow the procedure for upgrading,
but replace the 19.2 junos-install package with one that corresponds to the appropriate release.
SEE ALSO
What’s New | 72
What’s Changed | 73
Known Limitations | 73
Known Issues | 74
Resolved Issues | 75
Documentation Updates | 76
Junos OS Release Notes for Junos Fusion Provider Edge
IN THIS SECTION
What's New | 82
What's Changed | 83
Known Limitations | 84
Open Issues | 85
Resolved Issues | 86
Documentation Updates | 87
Migration, Upgrade, and Downgrade Instructions | 87
82
These release notes accompany Junos OS Release 19.3R3 for the Junos Fusion Provider Edge. They
describe new and changed features, limitations, and known and resolved problems in the hardware and
software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/product/en_US/junos-os.
What's New
IN THIS SECTION
What's New in Release 19.3R3 | 83
What's New in Release 19.3R2 | 83
What's New in Release 19.3R1 | 83
Learn about new features introduced in the Junos OS main and maintenance releases for Junos Fusion
Provider Edge.
What's New in Release 19.3R3
There are no new features or enhancements to existing features for Junos Fusion Provider Edge in Junos
OS Release 19.3R3.
What's New in Release 19.3R2
There are no new features or enhancements to existing features for Junos Fusion Provider Edge in Junos
OS Release 19.3R2.
What's New in Release 19.3R1
There are no new features or enhancements to existing features for Junos Fusion Provider Edge in Junos
OS Release 19.3R1.
83
SEE ALSO
What's Changed | 83
Known Limitations | 84
Open Issues | 85
Resolved Issues | 86
Documentation Updates | 87
Migration, Upgrade, and Downgrade Instructions | 87
What's Changed
There are no changes in the behavior of Junos OS features or in the syntax of Junos OS statements and
commands in Junos OS Release 19.3R3 for Junos fusion for provider edge.
SEE ALSO
What's New | 82
Known Limitations | 84
Open Issues | 85
Resolved Issues | 86
Documentation Updates | 87
Migration, Upgrade, and Downgrade Instructions | 87
Known Limitations
IN THIS SECTION
Junos Fusion Provider Edge | 84
Learn about known limitations in this release for Junos Fusion Provider Edge.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
84
Junos Fusion Provider Edge
To configure TACACS+ authentication in the JUNOS device, you must define a local user using an
•
authorization template. The TACACS+ server is configured with the local user so that the user can inherit
the privileges after the user is authenticated. In the Fusion setup, if the defined local user used by
TACACS+ contains a capital letter, the TACACS+ users might not be able to get access the satellite
devices from the aggregate device. PR1431897
SEE ALSO
What's New | 82
What's Changed | 83
Open Issues | 85
Resolved Issues | 86
Documentation Updates | 87
Migration, Upgrade, and Downgrade Instructions | 87
Open Issues
IN THIS SECTION
Junos Fusion Provider Edge | 85
This section lists the Open Issues in hardware and software in Junos OS Release 19.3R3 for Junos fusion
for provider edge.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
Junos Fusion Provider Edge
85
The IGMP membership is not getting learnt by the AD fully even when the IGMP queries are been sent
•
out. PR1419265
The traffic drops from SD to AD. The loss is intermediate and not seen regularly. This occurs because
•
few packets that are transmitted from the egress of AD1 is short of FCS of data. It is observed that the
normal data packets are of size 128 bytes while the corrupted data packet is of size 122 byte. PR1450373
SEE ALSO
What's New | 82
What's Changed | 83
Known Limitations | 84
Resolved Issues | 86
Documentation Updates | 87
Migration, Upgrade, and Downgrade Instructions | 87
Resolved Issues
IN THIS SECTION
Resolved Issues: 19.3R3 | 86
Resolved Issues: 19.3R2 | 86
Resolved Issues: 19.3R1 | 86
Learn which issues were resolved in Junos OS main and maintenance releases for Junos Fusion Provider
Edge.
For the most complete and latest information about known Junos OS defects, use the Juniper Networks
online Junos Problem Report Search application.
86
Resolved Issues: 19.3R3
Junos Fusion Provider Edge
The statistics of extended ports on a satellite device cluster might show incorrect values from the
•
aggregation device. PR1490101
Resolved Issues: 19.3R2
There are no fixed issues in Junos OS 19.3R2 for Junos fusion for provider edge.
Resolved Issues: 19.3R1
Junos Fusion for Provider Edge
Auto-negotiation is not disabled in hardware after setting no-auto-negotiation option in the CLI.
•
PR1411852
Junos fusion: Incorrect power values for extended optical ports. PR1412781
•
The sdpd process may continuously crash if there are more than 12 cascade ports configured to a satellite
•
device. PR1437387
The aggregated Ethernet interface might flap whenever a new logical interface is added to it. PR1441869
•
Deprecate Junos fusion support on QFX10000. PR1448245
•
SEE ALSO
What's New | 82
What's Changed | 83
Known Limitations | 84
Open Issues | 85
Documentation Updates | 87
Migration, Upgrade, and Downgrade Instructions | 87
Documentation Updates
There are no errata or changes in Junos OS Release 19.3R2 documentation for Junos fusion for provider
edge.
87
SEE ALSO
What's New | 82
What's Changed | 83
Known Limitations | 84
Open Issues | 85
Resolved Issues | 86
Migration, Upgrade, and Downgrade Instructions | 87
Migration, Upgrade, and Downgrade Instructions
IN THIS SECTION
Basic Procedure for Upgrading an Aggregation Device | 88
Upgrading an Aggregation Device with Redundant Routing Engines | 90
Preparing the Switch for Satellite Device Conversion | 91
Converting a Satellite Device to a Standalone Device | 92
Upgrading an Aggregation Device | 95
Upgrade and Downgrade Support Policy for Junos OS Releases | 95
Downgrading from Junos OS Release 19.3 | 95
This section contains the procedure to upgrade Junos OS, and the upgrade and downgrade policies for
Junos OS for Junos fusion for provider edge. Upgrading or downgrading Junos OS might take several
hours, depending on the size and configuration of the network.
Basic Procedure for Upgrading an Aggregation Device
When upgrading or downgrading Junos OS, always use the jinstall package. Use other packages (such as
the jbundle package) only when so instructed by a Juniper Networks support representative. For information
about the contents of the jinstall package and details of the installation process, see the Installation and
Upgrade Guide.
88
NOTE: Before upgrading, back up the file system and the currently active Junos OS configuration
so that you can recover to a known, stable environment in case the upgrade is unsuccessful.
Issue the following command:
user@host> request system snapshot
The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration
information from the previous software installation is retained, but the contents of log files might
be erased. Stored files on the routing platform, such as configuration templates and shell scripts
(the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored
files, copy them to another system before upgrading or downgrading the routing platform. See
the Installation and Upgrade Guide.
The download and installation process for Junos OS Release 19.3R3 is different from that for earlier Junos
OS releases.
1. Using a Web browser, navigate to the Download Software URL on the Juniper Networks webpage:
https://www.juniper.net/support/downloads/
2. Log in to the Juniper Networks authentication system by using the username (generally your e-mail
address) and password supplied by Juniper Networks representatives.
3. Select By Technology > Junos Platform > Junos Fusion to find the software that you want to download.
4. Select the release number (the number of the software version that you want to download) from the
Version drop-down list to the right of the page.
5. Select the Software tab.
6. Select the software package for the release.
7. Review and accept the End User License Agreement.
8. Download the software to a local host.
9. Copy the software to the routing platform or to your internal software distribution site.
10. Install the new jinstall package on the aggregation device.
89
NOTE: We recommend that you upgrade all software packages out-of-band using the console,
because in-band connections are lost during the upgrade process.
Customers in the United States and Canada, use the following commands.
For 64-bit software:
•
NOTE: We recommend that you use 64-bit Junos OS software when implementing Junos
Fusion Provider Edge.
user@host> request system software add validate reboot
source/jinstall64-19.3R3.SPIN-domestic-signed.tgz
For 32-bit software:
•
user@host> request system software add validate reboot
source/jinstall-19.3R3.SPIN-domestic-signed.tgz
All other customers, use the following commands.
For 64-bit software:
•
NOTE: We recommend that you use 64-bit Junos OS software when implementing Junos
Fusion Provider Edge.
user@host> request system software add validate reboot
source/jinstall64-19.3R3.SPIN-export-signed.tgz
For 32-bit software:
•
user@host> request system software add validate reboot
source/jinstall-19.3R3.SPIN-export-signed.tgz
Replace source with one of the following values:
/pathname—For a software package that is installed from a local directory on the router.
•
For software packages that are downloaded and installed from a remote location:
•
90
ftp://hostname/pathname
•
http://hostname/pathname
•
scp://hostname/pathname (available only for the Canada and U.S. version)
•
The validate option validates the software package against the current configuration as a prerequisite
for adding the software package to ensure that the router reboots successfully. This is the default
behavior when the software package being added is for a different release.
Adding the reboot command reboots the router after the upgrade is validated and installed. When the
reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.
Rebooting occurs only if the upgrade is successful.
NOTE: After you install a Junos OS Release 19.3R3 jinstall package, you cannot return to the
previously installed software by issuing the request system software rollback command. Instead,
you must issue the request system software add validate command and specify the jinstall
package that corresponds to the previously installed software.
Upgrading an Aggregation Device with Redundant Routing Engines
If the aggregation device has two Routing Engines, perform a Junos OS installation on each Routing Engine
separately as follows to minimize disrupting network operations:
1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the
configuration change to both Routing Engines.
2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running
software version on the master Routing Engine.
3. After making sure that the new software version is running correctly on the backup Routing Engine,
switch over to the backup Routing Engine to activate the new software.
4. Install the new software on the original master Routing Engine that is now active as the backup Routing
Engine.
For the detailed procedure, see the Installation and Upgrade Guide.
Preparing the Switch for Satellite Device Conversion
Satellite devices in a Junos fusion topology use a satellite software package that is different from the
standard Junos OS software package. Before you can install the satellite software package on a satellite
device, you first need to upgrade the target satellite device to an interim Junos OS software version that
can be converted to satellite software. For satellite device hardware and software requirements, see
Understanding Junos Fusion Software and Hardware Requirements
91
NOTE: The following conditions must be met before a standalone switch that is running Junos
OS Release 14.1X53-D43 can be converted to a satellite device when the action is initiated from
the aggregation device:
The switch can be converted to only SNOS 3.1 and later.
•
Either the switch must be set to factory-default configuration by using the request system
•
zeroize command, or the following command must be included in the configuration: set chassis
auto-satellite-conversion.
Customers with EX4300 switches, use the following command:
user@host> request system software add validate reboot
source/jinstall-ex-4300-14.1X53-D43.3-domestic-signed.tgz
Customers with QFX5100 switches, use the following command:
user@host> request system software add reboot
source/jinstall-qfx-5-14.1X53-D43.3-domestic-signed.tgz
When the interim installation has completed and the switch is running a version of Junos OS on one line
that is compatible with satellite device conversion, perform the following steps:
1. Log in to the device by using the console port.
2. Clear the device:
[edit]
user@satellite-device# request system zeroize
NOTE: The device reboots to complete the procedure for resetting the device.
If you are not logged in to the device by using the console port connection, your connection to the
device is lost after you enter the request system zeroize command.
If you lose your connection to the device, log in using the console port.
92
3. (EX4300 switches only) After the reboot is complete, convert the built-in 40-Gbps QSFP+ interfaces
from Virtual Chassis ports (VCPs) into network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port port-number
For example, to convert all four built-in 40-Gbps QSFP+ interfaces on an EX4300-24P switch into
network ports:
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 0
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 1
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 2
user@satellite-device> request virtual-chassis vc-port delete pic-slot 1 port 3
This step is required for the 40-Gbps QSFP+ interfaces that will be used as uplink interfaces in a Junos
Fusion topology. Built-in 40-Gbps QSFP+ interfaces on EX4300 switches are configured into VCPs by
default, and the default settings are restored after the device is reset.
After this initial preparation, you can use one of three methods to convert your switches into satellite
devices—autoconversion, manual conversion, and preconfiguration. See Configuring Junos Fusion Provider
Edge for detailed configuration steps for each method.
Converting a Satellite Device to a Standalone Device
If you need to convert a satellite device to a standalone device, you must install a new Junos OS software
package on the satellite device and remove the satellite device from the Junos Fusion topology.
NOTE: If the satellite device is a QFX5100 switch, you need to install a PXE version of Junos
OS. The PXE version of Junos OS is software that includes pxe in the Junos OS package name
when it is downloaded from the Software Center—for example, the PXE image for Junos OS
Release 14.1X53-D43 is named install-media-pxe-qfx-5-14.1X53-D43.3-signed.tgz . If the
satellite device is an EX4300 switch, you install a standard jinstall-ex-4300 version of Junos OS.
The following steps explain how to download software, remove the satellite device from Junos fusion, and
install the Junos OS software image on the satellite device so that the device can operate as a standalone
device.
1. Using a Web browser, navigate to the Junos OS software download URL on the Juniper Networks
webpage:
https://www.juniper.net/support/downloads
2. Log in to the Juniper Networks authentication system by using the username (generally your e-mail
address) and password supplied by Juniper Networks representatives.
93
3. Select By Technology > Junos Platform > Junos Fusion from the drop-down list and select the switch
platform series and model for your satellite device.
4. Select the Junos OS Release 14.1X53-D30 software image for your platform.
5. Review and accept the End User License Agreement.
6. Download the software to a local host.
7. Copy the software to the routing platform or to your internal software distribution site.
8. Remove the satellite device from the automatic satellite conversion configuration.
If automatic satellite conversion is enabled for the satellite device’s member number, remove the
member number from the automatic satellite conversion configuration. The satellite device’s member
number is the same as the FPC slot ID.
[edit]
user@aggregation-device# delete chassis satellite-management auto-satellite-conversion
satellite member-number
For example, to remove member number 101 from Junos Fusion:
[edit]
user@aggregation-device# delete chassis satellite-management auto-satellite-conversion
satellite 101
You can check the automatic satellite conversion configuration by entering the show command at the
[edit chassis satellite-management auto-satellite-conversion] hierarchy level.
9. Commit the configuration.
To commit the configuration to both Routing Engines:
[edit]
user@aggregation-device# commit synchronize
Otherwise, commit the configuration to a single Routing Engine:
[edit]
user@aggregation-device# commit
94
10. Install the Junos OS software on the satellite device to convert the device to a standalone device.
[edit]
user@aggregation-device> request chassis satellite install URL-to-software-package fpc-slot
member-number
For example, to install a PXE software package stored in the /var/tmp directory on the aggregation
device onto a QFX5100 switch acting as the satellite device using FPC slot 101:
[edit]
user@aggregation-device> request chassis satellite install
/var/tmp/install-media-pxe-qfx-5-14.1X53-D43.3-signed.tgz fpc-slot 101
For example, to install a software package stored in the var/tmp directory on the aggregation device
onto an EX4300 switch acting as the satellite device using FPC slot 101:
[edit]
user@aggregation-device> request chassis satellite install
/var/tmp/jinstall-ex-4300-14.1X53-D30.3-domestic-signed.tgz fpc-slot 101
The satellite device stops participating in the Junos Fusion topology after the software installation
starts. The software upgrade starts after this command is entered.
11. Wait for the reboot that accompanies the software installation to complete.
12. When you are prompted to log back into your device, uncable the device from the Junos Fusion topology.
See Removing a Transceiver from a QFX Series Device or Remove a Transceiver, as needed. Your device
has been removed from Junos Fusion.
NOTE: The device uses a factory-default configuration after the Junos OS installation is
complete.
Upgrading an Aggregation Device
When you upgrade an aggregation device to Junos OS Release 19.3R3, you must also upgrade your satellite
device to Satellite Device Software version 3.1R1.
95
Upgrade and Downgrade Support Policy for Junos OS Releases
Support for upgrades and downgrades that span more than three Junos OS releases at a time is not
provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases
provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the
next EEOL release even though EEOL releases generally occur in increments beyond three releases.
You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently
installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.1,
17.2, and 17.3 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from
Junos OS Release 17.1 to Release 17.3.
You cannot upgrade directly from a non-EEOL release to a release that is more than three releases ahead
or behind. To upgrade or downgrade from a non-EEOL release to a release more than three releases before
or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release
to your target release.
For more information about EEOL releases and to review a list of EEOL releases, see
https://www.juniper.net/support/eol/junos.html.
Downgrading from Junos OS Release 19.3
To downgrade from Release 19.3 to another supported release, follow the procedure for upgrading, but
replace the 19.3 jinstall package with one that corresponds to the appropriate release.
NOTE: You cannot downgrade more than three releases.
For more information, see the Installation and Upgrade Guide.
SEE ALSO
What's New | 82
What's Changed | 83
Known Limitations | 84
Open Issues | 85
Resolved Issues | 86
Documentation Updates | 87
96
Junos OS Release Notes for MX Series 5G Universal Routing Platform
IN THIS SECTION
What's New | 97
What's Changed | 135
Known Limitations | 146
Open Issues | 151
Resolved Issues | 167
Documentation Updates | 214
Migration, Upgrade, and Downgrade Instructions | 215
These release notes accompany Junos OS Release 19.3R3 for the MX Series. They describe new and
changed features, limitations, and known and resolved problems in the hardware and software.
You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located
at https://www.juniper.net/documentation/product/en_US/junos-os.
What's New
IN THIS SECTION
What’s New in Release 19.3R3 | 97
What’s New in Release 19.3R2 | 97
What’s New in Release 19.3R1 | 116
97
Learn about new features introduced in the main and maintenance releases for MX Series routers.
What’s New in Release 19.3R3
There are no new and changed features for Junos OS 19.3R3 Release.
What’s New in Release 19.3R2
Hardware
NOTE: The MX2K-MPC11E line card is supported in Junos OS 19.3R2 and later 19.3 releases
and in Junos OS 20.1R1 and later Junos OS releases. It is not supported in any Junos OS 19.4
releases.
MX2K-MPC11E (MX2010 and MX2020 routers)—Junos OS Release 19.3R2 introduces the
•
MX2K-MPC11E Modular Port Concentrator (MPC). The MX2K-MPC11E is a fixed-configuration MPC
which delivers bandwidth up to 4-Tbps per MPC slot for MX2020 and MX2010 routers. Optimized for
speeds of 100-Gigabit Ethernet and higher, the MPC11E provides 400-Gigabit Ethernet-ready ports
with multi-rate QSFP-DD interfaces for seamless 100-Gigabit Ethernet to 400-Gigabit Ethernet upgrades.
The MX2K-MPC11E supports native MACsec and IPsec encryption that can originate and terminate
thousands of IPsec sessions with no impact on performance.
The MX2K-MPC11E port panel has 40 rate-selectable (multi-rate) QSFP ports. You can use any port as
a 100-Gigabit Ethernet interface, 40-Gigabit Ethernet interface, or 10-Gigabit Ethernet interface (using
breakout cables). The 40 QSFP-DD optical transceiver ports are grouped into eight sets of five ports. A
port group compose a logical PIC in the software. You can configure different data rates for each port
group as long as the total throughput for the port group does not exceed 500 Gbps.
NOTE: The MX2K-MPC11E line card is also supported in Junos OS 20.1R1 and later Junos
OS releases. It is not supported in any Junos OS 19.4 releases.
MX-SPC3 Services Card (MX240, MX480, and MX960)—Starting with Junos OS Release 19.3R2, the
•
MX-SPC3 Services Card is available on MX240, MX480, and MX960 routers. The MX-SPC3 card provides
additional processing power to run Next Gen Services. The MX-SPC3 contains two Services Processing
Units (SPUs) with 128 GB of memory per SPU. Line cards such as DPCs, MICs, and MPCs intelligently
distribute all traffic traversing the router to the SPUs to have services processing applied to it.
Next Gen Services provide the best of both routing and security features on MX Series routers MX240,
MX480, and MX960. All Next Gen Services are provided by the MX-SPC3 services card Next Gen
Services provide capabilities for manipulating traffic before it’s delivered to its destination. Next Gen
Services features run on the MX Series, and are based on a different software architecture than legacy
MX Series services. You can run Next Gen Services on MX240, MX480 and MX960 routers. Some Next
Gen Services features use different Junos CLI statements than the equivalent legacy service.
98
NOTE: The only services card that supports Next Gen Services is the MX-SPC3. Next Gen
Services use their own software architecture, which is not compatible with legacy services.
Table 1 on page 99 summarizes the Next Gen Services supported in this release.
Table 1: Next Gen Services Summary
Next Gen Services Supported by MX-SPC3 Services Card
6rd SoftwiresCarrier Grade NAT
Deterministic NAT
Dynamic Address-Only Source NAT
Global System Logging
IPv4 Connectivity Across IPv6-Only Network Using 464XLAT
Network Address Port Translation
Port Forwarding
99
Stateful Firewall Services
Intrusion Detection Services
Traffic Load Balancing
DNS Request Filtering
Static Source NAT
Stateful NAT64
Static Destination NAT
Stateless Source Network Prefix Translation for IPv6
Twice NAPT
Twice Static NAT
Class of Service
Aggregated Multiservices Interfaces
NAT, Stateful Firewall, and IDS FlowsInter-chassis High Availability
Table 1: Next Gen Services Summary (continued)
Next Gen Services Supported by MX-SPC3 Services Card
See Protocols and Applications Supported by MX-SPC3 Services Card for information about the protocols and
applications that this SPC3 supports.
The MX-SPC3 services card is compatible end-to-end with the MX Series Switch Fabrics, Routing Engines
and MS-MPC line cards. See Table 2 on page 100:
Table 2: MX-SPC3 Services Card Compatibility with MX Series Switch Fabrics, Routing Engines and MPC
Line Cards
MPC Line CardsRoute EngineSwitch Fabric
100
SCBE
SCBE2
RE-S-1800X4-16G-UPG-BB
RE-S-1800X4-32G-UB
RE-S-1800X4-16G-UPG-BB
RE-S-1800X4-32G-UB
RE-S-X6-64G-UB
MPC2E-3D
MPC2-3D-NG
MPC3E and MPC3E-3D-NG
MPC4E-3D
MPC-3D-16XGE
MPC2E-3D
MPC2-3D-NG
MPC3E and MPC3E-3D-NG
MPC4E-3D
MPC5E and MPC5EQ
MPC7E, MPC7EQ, and
MPC-3D-16XGE
MPC-3D-16XGE
Refer to our TechLibrary for all MX router documentation. For Next Gen Services, refer to the following
documentation: See
Next Gen Services Interfaces Overview for Routing Devices
•
Next Gen Services Interfaces User Guide for Routing Devices
•
Broadband Subscriber Services Feature Guide
•
Monitoring, Sampling, and Collection Services Interfaces Feature Guide
•
MX240 Universal Routing Platform Hardware Guide
•
Loading...